Social Networks

Silicon Valley 'Divided Society and Made Everyone Raging Mad', Argues Newsweek (newsweek.com) 207

"Anyone who is pissed off can now automatically find other people that are similarly pissed off," argues author Jamie Bartlett, in a new essay shared by Slashdot reader schwit1 which calls the internet "a bottomless well of available grievance." Here's an excerpt from Newsweek: Silicon Valley's utopians genuinely but mistakenly believe that more information and connection makes us more analytical and informed. But when faced with quinzigabytes of data, the human tendency is to simplify things. Information overload forces us to rely on simple algorithms to make sense of the overwhelming noise. This is why, just like the advertising industry that increasingly drives it, the internet is fundamentally an emotional medium that plays to our base instinct to reduce problems and take sides, whether like or don't like, my guy/not my guy, or simply good versus evil. It is no longer enough to disagree with someone, they must also be evil or stupid...

Nothing holds a tribe together like a dangerous enemy. That is the essence of identity politics gone bad: a universe of unbridgeable opinion between opposing tribes, whose differences are always highlighted, exaggerated, retweeted and shared. In the end, this leads us to ever more distinct and fragmented identities, all of us armed with solid data, righteous anger, a gutful of anger and a digital network of likeminded people. This is not total connectivity; it is total division.

Advertising

Could Cryptocurrency Mining Kill Online Advertising? (linkedin.com) 130

"Could it turn out users actually prefer to trade a little CPU time to website owners in favor of them not showing ads?" writes phonewebcam, a long-time Slashdot reader. Slashdot covered the downside [of in-browser cryptocurrency mining] recently, with even [Portuguese professional sportsballer] Cristiano Ronaldo's official site falling victim, but that may not be the full story. This could be an ideal win-win situation, except for one huge downside -- the current gang of online advertisers.
By "current gang of online advertisers," he means Google, according to a longer essay at LinkedIn: Naturally, the world's largest ad broker, which runs the world most popular browser (desktop and mobile) is keen to see how this plays out, and is also uniquely placed to be able to heavily influence it, too... As it happens, Chrome users can already do something about it via extensions, for example AntiMiner... If cryptocurrencies have a future - and that's a big if (look at China's Bitcoin ban) - it could well turn out that their role just took an unexpected turn.
Botnet

2 Million IoT Devices Enslaved By Fast-Growing BotNet (bleepingcomputer.com) 68

An anonymous reader writes: Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper, researchers estimate its current size at nearly two million infected devices. According to researchers, the botnet is mainly made up of IP-based security cameras, routers, network-attached storage (NAS) devices, network video recorders (NVRs), and digital video recorders (DVRs), primarily from vendors such as Netgear, D-Link, Linksys, GoAhead, JAWS, Vacron, AVTECH, MicroTik, TP-Link, and Synology.

The botnet reuses some Mirai source code, but it's unique in its own right. Unlike Mirai, which relied on scanning for devices with weak or default passwords, this botnet was put together using exploits for unpatched vulnerabilities. The botnet's author is still struggling to control his botnet, as researchers spotted over two million infected devices sitting in the botnet's C&C servers' queue, waiting to be processed. As of now, the botnet has not been used in live DDoS attacks, but the capability is in there.

Today is the one-year anniversary of the Dyn DDoS attack, the article points out, adding that "This week both the FBI and Europol warned about the dangers of leaving Internet of Things devices exposed online."
Media

Body Camera Giant Wants Police To Collect Your Videos Too (fastcompany.com) 60

tedlistens shares a report from Fast Company: Axon, the police supplier formerly known as Taser and now a leading maker of police body cameras, has also charged into police software with a service that allows police to manage and eventually analyze increasingly large caches of video, like a Dropbox for cops. Now it wants to add the public's video to the mix. An online tool called Citizen, set to launch later this year, will allow police to solicit the public for photos or video in the aftermath of suspected crimes and ingest them into Axon's online data platform. Todd Basche, Axon's executive vice president for worldwide products, said the tool was designed after the company conducted surveys of police customers and the public and found that potentially valuable evidence was not being collected. "They all pointed us to the need to collect evidence that's out there in the community."

[But] systems like Citizen still raise new privacy and policy questions, and could test the limits of already brittle police-community relations. Would Citizen, for instance, also be useful for gathering civilian evidence of incidents of police misconduct or brutality? [And how would ingesting citizen video into online police databases, like Axon's Evidence.com, allow police to mine it later for suspicious activity, in a sort of dragnet fashion?] "It all depends," says one observer, "on how agencies use the tool."

Twitter

Twitter Plans To End Revenge Porn Next Week, Hate Speech In Two (arstechnica.com) 279

An anonymous reader quotes a report from Ars Technica: In the beginning of 2017, Twitter said it would take on harassment and hate speech. CEO Jack Dorsey said the company would embrace a "completely new approach to abuse on Twitter" with open dialogue along the way. For months, though, the company has offered few details about what it would do, or when. That changed late yesterday, when Twitter posted a timeline with specific promises on actions it will take. The changes begin next week. On October 27, Twitter will expand what types of "non-consensual nudity" (aka "revenge porn") that it takes action against. The company will already act when a victim complains, but Twitter will soon act even in cases where the victims may not be aware images were taken, instances like upskirt photos and hidden webcams. "Anyone we identify as the original poster of non-consensual nudity will be suspended immediately," the October entry reads. On November 3, Twitter will ban hate imagery in profile headers and avatars, and the service will start suspending accounts "for organizations that use violence to advance their cause." The same day it will institute a policy of stopping "Unwanted Sexual Advances," although the company says it has already been taking enforcement actions on this front. Later in November, Twitter will ban "hateful display names."
Microsoft

Microsoft's Market Value Hits a Dot-Com Era Milestone: $600 Billion (wsj.com) 96

An anonymous reader shares a report: Microsoft's value is returning to tech-bubble peaks. The software giant closed with a market value of $600 billion Thursday for the first time since January 2000, according to the Journal's Market Data Group. Shares rose 0.4 percent to $77.91, setting a fresh all-time high. For the year, Microsoft shares are up 25% and on track for their best year since 2013, as the firm continues its rebirth as a force in cloud-computing. The firm is the third-largest S&P 500 company in market value, trailing Apple (about $800 billion) and Google's parent company, Alphabet, (about $690 billion). In July, fellow technology and internet stalwarts Facebook and Amazon.com joined the trio as the only U.S.-listed companies valued at more than in the $500 billion. The last time Microsoft was over $600 billion back in 2000, it didn't stay there for long. The tech bubble would peak in March of that year, and the Nasdaq Composite Index wouldn't climb back to the level it reach that year until 2015.
Facebook

Facebook Security Chief Says Its Corporate Network Is Run 'Like a College Campus' (zdnet.com) 83

An anonymous reader quotes a report from ZDNet: Facebook's security chief has told employees that the social media giant needs to improve its internal security practices to be more akin to a defense contractor, according to a leaked recording obtained by ZDNet. Alex Stamos made the comments to employees at a late-July internal meeting where he argued that the company had not done enough to respond to the growing threats that the company faces, citing both technical challenges and cultural issues at the company. "The threats that we are facing have increased significantly and the quality of the adversaries that we are facing," he said. "Both technically and from a cultural perspective I don't feel like we have caught up with our responsibility. The way that I explain to [management] is that we have the threat profile of a Northrop Grumman or a Raytheon or another defense contractor, but we run our corporate network, for example, like a college campus, almost," he said.
Advertising

Senators Announce New Bill That Would Regulate Online Political Ads (theverge.com) 218

An anonymous reader quotes a report from The Verge: As tech companies face continued scrutiny over Russian activity on their ad platforms, Senators today announced legislation meant to regulate political ads on the internet. The new bill, called the Honest Ads Act, would require companies like Facebook and Google to keep copies of political ads and make them publicly available. Under the act, the companies would also be required to release information on who those ads were targeted to, as well as information on the buyer and the rates charged for the ads. The new rules would bring disclosure rules more in line with how political ads are regulated in mediums like print and TV, and apply to any platform with more than 50 million monthly viewers. The companies would be required to keep and release data on anyone spending more than $500 on political ads in a year. It's unclear how well the bill will fare. Companies like Facebook have been successfully fighting regulations for years. But this latest attempt has some bipartisan support: the act, sponsored by Sen. Amy Klobuchar (D-MN) and Sen. Mark Warner (D-VA) is also co-sponsored by Sen. John McCain (R-AZ). "Americans deserve to know who's paying for the online ads," Klobuchar said at a press conference announcing the legislation.
Verizon

Verizon Loses 18,000 Pay TV Subscribers, Signals Delay For Live TV Streaming Service (hollywoodreporter.com) 42

Verizon announced on Thursday that its FiOS video service lost 18,000 net pay TV subscribers in the third quarter, compared with the addition of 36,000 subscribers in the year-ago period and 15,000 subscriber drop in the second quarter. Hollywood Reporter reports: The company said the drop in the latest quarter was "reflecting the ongoing shift from traditional linear video to over-the-top offerings." Verizon, led by chairman and CEO Lowell McAdam, ended the third quarter with a total of 4.6 million subscribers to its FiOS video service, which competes with cable and satellite TV companies. Asked about a planned over-the-top (OTT) TV service from Verizon, Ellis said that the company continues to feel that "there's an opportunity for us to play," but signaling a delay, he emphasized that the company "doesn't want to launch a me-too product." He didn't provide any guidance on when the OTT service would launch, saying that was still "TBD" (to be determined), or what content it could offer beyond saying it was likely to be built "around live programming." Verizon also reported Thursday that it added 66,000 net new FiOS broadband connections in the third quarter to end it with 5.8 million.
The Almighty Buck

Amazon Spends $350K On Seattle Mayor's Race (jeffreifman.com) 62

reifman writes: Until this summer, Amazon had never contributed more than $15,000 to a city political campaign in Seattle, but this year's different. The company is a lead funder in the Seattle Chamber of Commerce's PAC which dropped $525,000 Monday on Jenny Durkan's PAC, the centrist business candidate. Her opponent Cary Moon is an advocate for affordable housing, which complicates Amazon's growth, and city-owned community broadband. Comcast and Century Link joined Amazon contributing $25,000 and $82,500 respectively to the Chamber's PAC. Amazon's $350,000 contribution represents .00014 of its CY 2016 net profit.
Chrome

Google Engineers Explore Ways To Stop In-Browser Cryptocurrency Miners in Chrome (bleepingcomputer.com) 185

An anonymous reader writes: Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. Discussions on the topic of in-browser miners have been going on the Chromium project's bug tracker since mid-September when Coinhive, the first such service, launched. "Here's my current thinking," Ojan Vafai, a Chrome engineering working on the Chromium project, wrote in one of the recent bug reports. "If a site is using more than XX% CPU for more than YY seconds, then we put the page into 'battery saver mode' where we aggressively throttle tasks and show a toast [notification popup] allowing the user to opt-out of battery saver mode. When a battery saver mode tab is backgrounded, we stop running tasks entirely. I think we'll want measurement to figure out what values to use for XX and YY, but we can start with really egregious things like 100% and 60 seconds. I'm effectively suggesting we add a permission here, but it would have unusual triggering conditions [...]. It only triggers when the page is doing a likely bad thing."

An earlier suggestion had Google create a blacklist and block the mining code at the browser level. That suggestion was shut down as being too impractical and something better left to extensions.

EU

EU: No Encryption Backdoors But, Let's Help Each Other Crack That Crypto (theregister.co.uk) 81

The European Commission has proposed that member states help each other break into encrypted devices by sharing expertise around the bloc. From a report: In an attempt to tackle the rise of citizens using encryption and its effects on solving crimes, the commission decided to sidestep the well-worn, and well-ridiculed, path of demanding decryption backdoors in the stuff we all use. Instead, the plans set out in its antiterrorism measures on Wednesday take a more collegiate approach -- by offering member states more support when they actually get their hands on an encrypted device. "The commission's position is very clear -- we are not in favour of so-called backdoors, the utilisation of systemic vulnerabilities, because it weakens the overall security of our cyberspace, which we rely upon," security commissioner Julian King told a press briefing. "We're trying to move beyond a sometimes sterile debate between backdoors or no backdoors, and address some of the concrete law enforcement challenges. For instance, when [a member state] gets a device, how do they get information that might be encrypted on the device." [...] Share the wealth. "Some member states are more equipped technically to do that [extract information from a seized device] than others," King said. "We want to make sure no member state is at a disadvantage, by sharing the tech expertise among the member states and reinforcing the support that Europol can offer."
The Internet

Mozilla To Document Cross-Browser Web Dev Standards with Google, Microsoft, Samsung, and W3C (venturebeat.com) 44

Mozilla has announced deeper partnerships with Microsoft, Google, Samsung, and web standards body W3C to create cross-browser documentation on MDN Web Docs, a web development documentation portal created by Mozilla. From a report: MDN Web Docs first came to fruition in 2005, and it has since been known under various names, including the Mozilla Developer Network and Mozilla Developer Center. Today, MDN Web Docs serves as a community and library of sorts covering all things related to web technologies and standards, including JavaScript, HTML, CSS, open web app development, Firefox add-on development, and more. The web constitutes multiple players from across the technology spectrum and, of course, multiple browsers, including Microsoft's Edge, Google's Chrome, Mozilla's Firefox, and the Samsung Internet Browser. To avoid fragmentation and ensure end-users have a (fairly) consistent browsing experience, it helps if all the players involved adhere to a similar set of standards.
Security

The Internet Is Ripe With In-Browser Miners and It's Getting Worse Each Day (bleepingcomputer.com) 357

Catalin Cimpanu, reporting for BleepingComputer: Ever since mid-September, when Coinhive launched and the whole cryptojacking frenzy started, the Internet has gone crazy with in-browser cryptocurrency miners, and new sites that offer similar services are popping up on a weekly basis. While one might argue that mining Monero in a site's background is an acceptable alternative to viewing intrusive ads, almost none of these services that have recently appeared provide a way to let users know what's happening, let alone a way to stop mining behavior. In other words, most are behaving like malware, intruding on users' computers and using resources without permission. [...] Bleeping Computer spotted two new services named MineMyTraffic and JSEcoin, while security researcher Troy Mursch also spotted Coin Have and PPoi, a Coinhive clone for Chinese users. On top of this, just last night, Microsoft spotted two new services called CoinBlind and CoinNebula, both offering similar in-browser mining services, with CoinNebula configured in such a way that users couldn't report abuse. Furthermore, none of these two services even have a homepage, revealing their true intentions to be deployed in questionable scenarios.
The Internet

Russian Troll Factory Paid US Activists To Fund Protests During Election (theguardian.com) 652

bestweasel writes: The Guardian reports on another story about Russian meddling, but interestingly, this one comes from a respected Russian news source, the RBC. From the report: "Russian trolls posing as Americans made payments to genuine activists in the U.S. to help fund protest movements on socially divisive issues. On Tuesday, the newspaper RBC published a major investigation into the work of a so-called Russian 'troll factory' since 2015, including during the period of the U.S. election campaign, disclosures that are likely to put further spotlight on alleged Russian meddling in the election. RBC said it had identified 118 accounts or groups in Facebook, Instagram and Twitter that were linked to the troll factory, all of which had been blocked in August and September this year as part of the U.S. investigation into Russian electoral meddling. Perhaps the most alarming element of the article was the claim that employees of the troll factory had contacted about 100 real U.S.-based activists to help with the organization of protests and events. RBC claimed the activists were contacted by Facebook group administrators hiding their Russian origin and were offered financial help to pay for transport or printing costs. About $80,000 was spent during a two-year period, according to the report."
Piracy

Netflix, Amazon, Movie Studios Sue Over TickBox Streaming Device (arstechnica.com) 133

Movies studios, Netflix, and Amazon have teamed up to file a lawsuit against a streaming media player called TickBox TV. The device in question runs Kodi on top of Android 6.0, and searches the internet for streams that it can make available to users without actually hosting any of the content itself. An anonymous reader quotes a report from Ars Technica: The complaint (PDF), filed Friday, says the TickBox devices are nothing more than "tool[s] for mass infringement," which operate by grabbing pirated video streams from the Internet. The lawsuit was filed by Amazon and Netflix Studios, along with six big movie studios that make up the Motion Picture Association of America: Universal, Columbia, Disney, Paramount, 20th Century Fox, and Warner Bros.

"What TickBox actually sells is nothing less than illegal access to Plaintiffs' copyrighted content," write the plaintiffs' lawyers. "TickBox TV uses software to link TickBox's customers to infringing content on the Internet. When those customers use TickBox TV as Defendant intends and instructs, they have nearly instantaneous access to multiple sources that stream Plaintiffs' Copyrighted Works without authorization." The device's marketing materials let users know the box is meant to replace paid-for content, with "a wink and a nod," by predicting that prospective customers who currently pay for Amazon Video, Netflix, or Hulu will find that "you no longer need those subscriptions." The lawsuit shows that Amazon and Netflix, two Internet companies that are relatively new to the entertainment business, are more than willing to join together with movie studios to go after businesses that grab their content.

Google

Toronto To Be Home To Google Parent's Biggest Smart City Project Yet (techcrunch.com) 54

Sidewalk Labs, the smart city subsidiary of Alphabet (the parent company of Google) with the stated goal of "reimagining cities from the Internet up," now has a very big sandbox in which to conduct its high-tech experiments. From a report: That's obviously an ambitious project, but some of the groundwork is already being laid: Alphabet's Google will be the flagship tenant for the new neighbourhood, anchoring the easter waterfront, to be called "Quayside," and Sidewalk Labs has committed $50 million to kick off pilot testing and planning in partnership with the City of Toronto. Sidewalk Labs won the contract through its response to a Request for Proposals issues by Waterfront Toronto, and organization created by the Canadian federal government, the Ontario provincial government and the City of Toronto together to foster development of Toronto's lakefront areas in ways that address urban sprawl while respecting the realities of climate change and taking into account the ability of the city's residents to get around efficiently. The area involved in the RFP that Sidewalk Labs will work with the government coalition to develop spans around 800 acres (though 12 acres are specified for the initial project), and is one of the largest underdeveloped urban areas in any North American city, making it a good target for Sidewalk's ambitious vision, which involves building smart cities holistically from the very start. Ultimately, the partners hope to turn the area into a "place for tens of thousands of people to live, work, learn and play -- and to create and advance new ideas that improve city life," according to a release from Sidewalk.
Open Source

Companies Overlook Risks in Open Source Software, Survey Finds (betanews.com) 132

An anonymous reader shares a report: Open source code helps software suppliers to be nimble and build products faster, but a new report reveals hidden software supply chain risks of open source that all software suppliers and IoT manufacturers should know about. The recent Equifax breach for example exploited a vulnerability in a widely used open source web framework, Apache Struts, and the study by software monetization specialist Flexera points out that as much as 50 percent of code in commercial and IoT software products is open source. "We can't lose sight that open source is indeed a clear win. Ready-to-go code gets products out the door faster, which is important given the lightning pace of the software space," says Jeff Luszcz, vice president of product management at Flexera. "However, most software engineers don't track open source use, and most software executives don't realize there's a gap and a security/compliance risk." Flexera surveyed 400 software suppliers, Internet of Things manufacturers and in-house development teams. It finds only 37 percent of respondents to the survey have an open source acquisition or usage policy, while 63 percent say either their companies either don't have a policy, or they don't know if one exists. Worryingly, of the 63 percent who say their companies don't have an open source acquisition or usage policy, 43 percent say they contribute to open source projects. There is an issue over who takes charge of open source software too. No one within their company is responsible for open source compliance, or they don't know who is, according to 39 percent of respondents.
Google

'Google Just Made Gmail the Most Secure Email Provider on the Planet' (vice.com) 197

Google announced on Tuesday that it would offer stronger online security for "high risk" users who may be frequent targets of online attacks. The company said anyone with a personal Google account can enroll in the new "advanced protection," while noting that it will require users to "trade off a bit of convenience" for extra security. Motherboard reports: The main advantage in terms of security is the need for a key or token to log in as the second factor, instead of a code sent via SMS or via app. This is much better because there's no way for hackers to steal or phish this key from afar (there have been isolated incidents of hackers using social engineering to gain access to someone's cell phone number by getting the provider to issue a new SIM card, for instance). Thanks to these new features, Gmail is now the most secure email provider available on the internet if you are worried about hackers breaking into your private correspondence. "This is a major step in the right direction in offering the same kind of protection available to high-profile figures to everyday people," Kenneth White, a Washington D.C. based security consultant to federal agencies, told Motherboard. "They have really thought this through, and while it may not make sense for everyone, for those that need it, it's a much needed option."

Slashdot Top Deals