Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×
Security

Despite Reports of Hacking, Baby Monitors Remain Woefully Insecure 43

itwbennett writes: Researchers from security firm Rapid7 have found serious vulnerabilities in nine video baby monitors from various manufacturers. Among them: Hidden and hard-coded credentials providing local and remote access over services like SSH or Telnet; unencrypted video streams sent to the user's mobile phone; unencrypted Web and mobile application functions and unprotected API keys and credentials; and other vulnerabilities that could allow attackers to abuse the devices, according to a white paper released Tuesday. Rapid7 reported the issues it found to the affected manufacturers and to US-CERT back in July, but many vulnerabilities remain unpatched.
Technology

Second Gen Moto 360 Men's and Women's, Fitness-Oriented Moto 360 Sport Unveiled 28

MojoKid writes: Motorola's first generation Moto 360 smartwatch was one of the first Android Wear smartwatches to hit the market, and because of its round display, became the immediate flag bearer for the Android Wear platform. As new competition has entered the fray — including entries from Apple with the Apple Watch and Samsung with the Gear S2 — Motorola is announcing a second generation smartwatch that solves most of the complaints of the previous model. Motorola has ditched the archaic Texas Instruments OMAP 3 processor in the original Moto 360. The new second generation Moto 360 brings a more credible 1.2GHz, quad-core Qualcomm Snapdragon 400 processor and Adreno 305 graphics to the table. You'll also find 512MB of RAM and 4GB of storage. And if you didn't like the largish dimensions of the previous Moto 360, you'll be glad to know that Motorola is offering two sizes this time around. There's a 46mm diameter case that comes with a 360x330 display and a smaller 42mm diameter case that houses a 360x325 display. Motorola has also introduced a dedicated women's model of the Moto 360 which features a 42mm diameter case and accepts smaller 16mm bands. As for battery life, Motorola says that the men's and women's 42mm models comes with a 300 mAh battery which is good for up to 1.5 days of mixed use, while the 46mm watch comes with a larger 400 mAh battery which is good for up to 2 days on charge.
Google

Google Changes Logo 120

An anonymous reader writes: Yesterday, Google announced a logo change that many on Slashdot have probably already encountered. The logo, according to the technology supergiant, was updated to reflect the fact that people "interact with Google products across many different platforms, apps and devices—sometimes all in a single day." This differentiates from the past when people only used a desktop PC to access Google's services.
Networking

New FCC Rules Could Ban WiFi Router Firmware Modification 221

An anonymous reader writes: Hackaday reports that the FCC is introducing new rules which ban firmware modifications for the radio systems in WiFi routers and other wireless devices operating in the 5 GHz range. The vast majority of routers are manufactured as System on Chip devices, with the radio module and CPU integrated in a single package. The new rules have the potential to effectively ban the installation of proven Open Source firmware on any WiFi router.

ThinkPenguin, the EFF, FSF, Software Freedom Law Center, Software Freedom Conservancy, OpenWRT, LibreCMC, Qualcomm, and others have created the SaveWiFi campaign, providing instructions on how to submit a formal complaint to the FCC regarding this proposed rule. The comment period is closing on September 8, 2015. Leave a comment for the FCC.
Transportation

Self-Driving Golf Carts May Pave the Way For Autonomous Cars 59

itwbennett writes: Researchers from MIT and Singaporean universities are experimenting with self-driving golf carts that use less (and relatively cheap) gear than self-driving vehicles while relying on computation-efficient algorithms. In addition to a webcam, each cart is equipped with four single-beam LIDAR (light detection and ranging) sensors from German maker Sick that have a field of view of about 270 degrees. Two of the sensors were mounted in the cart's front and used for determining its position and obstacle detection. The other two were cheaper, shorter-range sensors and were mounted on the back corners of the cart to scan for obstacles behind and on either side of it. The cost of the sensors was still high (on the order of $30,000) but that's less than solutions used in more sophisticated robotic vehicles. (Google has used $80,000 Velodyne LIDARs on its earlier self-driving cars.) A YouTube video shows the carts traveling the winding paths of a public garden in Singapore at a leisurely 24 kilometers per hour — slow enough for the computers to process all the obstacles (mainly pedestrians and animals). The researchers envision the self-driving vehicles being used in a shared transportation system, as rental bicycles are used in many cities.
Math

Machine Learning Could Solve Economists' Math Problem 141

An anonymous reader writes: Noah Smith argues that the field of economics frequently uses math in an unhealthy way. He says many economists don't use math as a tool to describe reality, but rather as an abstract foundation for whatever theory they've come up with. A possible solution to this, he says, is machine learning: "In other words, econ is now a rogue branch of applied math. Developed without access to good data, it evolved different scientific values and conventions. But this is changing fast, as information technology and the computer revolution have furnished economists with mountains of data. As a result, empirical analysis is coming to dominate econ. ... [Two economists pushing this change] stated that machine learning techniques emphasized causality less than traditional economic statistical techniques, or what's usually known as econometrics. In other words, machine learning is more about forecasting than about understanding the effects of policy. That would make the techniques less interesting to many economists, who are usually more concerned about giving policy recommendations than in making forecasts."
Security

Shifu Banking Trojan Has an Antivirus Feature To Keep Other Malware At Bay 58

An anonymous reader writes: Shifu is a banking trojan that's currently attacking 14 Japanese banks. Once it has infected a victim's machine, it will install a special module that keeps other banking-related trojans at bay. If this module sees suspicious, malware-looking content (unsigned executables) from unsecure HTTP connections, it tries to stop them. If it fails, it renames them to "infected.exx" and sends them to its C&C server. If the file is designed to autorun, Shifu will spoof an operating system "Out of memory" message.
Transportation

How Autonomous Cars' Safety Features Clash With Normal Driving 403

An anonymous reader writes: Google's autonomous cars have a very good safety record so far — the accidents they've been involved in weren't the software's fault. But that doesn't mean the cars are blending seamlessly into traffic. A NY Times article explains how doing the safest thing sometimes means doing something entirely unexpected to real, human drivers — which itself can lead to dangerous situations. "One Google car, in a test in 2009, couldn't get through a four-way stop because its sensors kept waiting for other (human) drivers to stop completely and let it go. The human drivers kept inching forward, looking for the advantage — paralyzing Google's robot." There are also situations in which the software's behavior may be so incomprehensible to human passengers that they end up turning it off. "In one maneuver, it swerved sharply in a residential neighborhood to avoid a car that was poorly parked, so much so that the Google sensors couldn't tell if it might pull into traffic."
Encryption

Browser Makers To End RC4 Support In Early 2016 40

msm1267 writes: Google, Microsoft and Mozilla today announced they've settled on an early 2016 timeframe to permanently deprecate the shaky RC4 encryption algorithm in their respective browsers. Mozilla said Firefox's shut-off date will coincide with the release of Firefox 44 on Jan. 26. Google and Microsoft said that Chrome and Internet Explorer 11 (and Microsoft Edge) respectively will also do so in the January-February timeframe. Attacks against RC4 are growing increasingly practical, rendering the algorithm more untrustworthy by the day.
Communications

Ashley Madison Source Code Shows Evidence They Created Bots To Message Men 298

An anonymous reader writes: Gizmodo's Annalee Newitz looked through the source code contained in the recent Ashley Madison data dump and found evidence that the company created tens of thousands of bot accounts designed to spur their male users into action by sending them messages. "The code tells the story of a company trying to weave the illusion that women on the site were plentiful and eager." The evidence suggests bots sent over 20 million messages on the website, and chatted with people over 11 million times. The vast majority of fake accounts — 70,529 to 43 — pretended to be female, and the users targeted were almost entirely men. Comments left in the code indicate some of the issues Ashley Madison's engineers had to solve: "randomizing start time so engagers don't all pop up at the same time" and "for every single state that has guest males, we want to have a chat engager." The AI was unsophisticated, though one type of bot would try to convince men to pay and then pass them to a real person.
Intel

Intel Launches Onslaught of Skylake CPUs For Laptops, Hybrids and Compute Stick 52

MojoKid writes: Intel is following up on its Skylake launch bonanza by opening the floodgates on at least two dozen SKUs mostly covering the mobile sector. The company is divvying up the range into four distinct series. There's the Y-Series, which is dedicated to 2-in-1 convertibles, tablets, and Intel's new Compute Stick venture. Then there's the U-Series, which is aimed at thin and light notebooks and "portable" all-in-one machines. The H-Series is built for gaming notebooks and mobile workstations, while the S-Series is designated for desktops, all-in-one machines, and mini PCs. Also, the Y-Series that was previously known as simply the Core M, (the chip found in products like the 12-inch Apple MacBook and Asus Transformer Book Chi T300) is now expanding into a whole family of processors. There will be Core m3, Core m5, and Core m7 processors, similar to Intel's Core i3, Core i5, and Core i7 CPU models in other desktop and notebook chips.
Encryption

Turkey Arrests Journalists For Using Encryption 139

An anonymous reader sends news that three employees of Vice News were arrested in Turkey because one of them used an encryption system on his personal computer. That particular type of encryption has been used by the terrorist organization known as the Islamic State, so the men were charged with "engaging in terrorist activity." The head of a local lawyers association said, "I find it ridiculous that they were taken into custody. I don't believe there is any accuracy to what they are charged for. To me, it seems like an attempt by the government to get international journalists away from the area of conflict." The Turkish government denied these claims: "This is an unpleasant incident, but the judiciary is moving forward with the investigation independently and, contrary to claims, the government has no role in the proceedings."
Chrome

Chrome 45 Launches, Automatically Pauses Less Important Flash Content, Like Ads 79

An anonymous reader writes: Google today launched Chrome 45 for Windows, Mac, Linux, and Android with some expected changes and new developer tools. First and foremost, Chrome now automatically pauses less important Flash content (rolling out gradually, so be patient). This has been a longtime coming from both Google and Adobe, with the goal to make Flash content more power-efficient in Chrome: In March, a setting was introduced to play less Flash content on the page, but it wasn't turned on by default, and in June, the option was enabled in the browser's beta channel. Now it's being turned on for everyone.
Businesses

Comcast To Charge $30 For Unlimited Data Over 300GB Cap 224

For some time, Comcast has been testing 300 GB monthly data caps in certain markets. An anonymous reader notes a policy change unveiled today that gives customers in those markets the ability to switch back to unlimited data for $30 extra. Previously (and currently, for customers who don't pay the extra $30), Comcast would charge $10 per 50GB above the cap. "Comcast's intent on this front has been clear for some time. Comcast lobbyist and VP David Cohen last year strongly suggested that usage caps would be arriving for all Comcast customers sooner or later. The idea of charging users a premium to avoid arbitrary usage restrictions has been a pipe dream of incumbent ISP executives for a decade." The new policy goes into effect on October 1.
Firefox

Video Mozilla Project Working on Immersive Displays (Video) 41

Yes, it's 3-D, and works with the Firefox browser. But that's not all. The MozVR virtual reality system is not just for Firefox, and it can incorporate infrared and other sensors to give a more complete picture than can be derived from visible light alone. In theory, the user's (client) computer needs no special hardware beyond a decent GPU and an Oculus Rift headset. Everything else lives on a server.

Is this the future of consumer displays? Even if not, the development is fun to watch, which you can start doing at mozvr.com -- and if you're serious about learning about this project you may want to read our interview transcript in addition to watching the video, because the transcript contains additional information.
Windows

Microsoft's Telemetry Additions To Windows 7 and 8 Raise Privacy Concerns 211

WheezyJoe writes: ghacks and Ars Technica are providing more detail about Windows 10's telemetry and "privacy invasion" features being backported to Windows 7 and 8. The articles list and explain some of the involved updates by number (e.g., KB3068708, KB3022345, KB3075249, and KB3080149). The Ars article says the Windows firewall can block the traffic just fine, and the service sending the telemetry can be disabled. "Additionally, most or all of the traffic appears to be contingent on participating in the CEIP in the first place. If the CEIP is disabled, it appears that little or no traffic gets sent. This may not always have been the case, however; the notes that accompany the 3080149 update say that the amount of network activity when not part of CEIP has been reduced." The ghacks article explains other ways block the unwanted traffic and uninstall the updates.
Media

Mozilla, Microsoft, Amazon, Google, and Others Form 'Alliance For Open Media' 90

BrianFagioli tips news that Mozilla, Microsoft, Google, Cisco, Intel, Amazon, and Netflix are teaming up to create the Alliance for Open Media, "an open-source project that will develop next-generation media formats, codecs and technologies in the public interest." Several of these companies have been working on this problem alone: Mozilla started Daala, Google has VP9 and VP10, and Cisco just recently announced Thor. Amazon and Netflix, of course, are major suppliers of online video streaming, so they have a vested interested in royalty-free codecs. They're inviting others to join them — the more technology and patents they get on their side, the less likely they'll run into the issues that Microsoft's VC-1 and Google's VP8 struggled with. "The Alliance will operate under W3C patent rules and release code under an Apache 2.0 license. This means all Alliance participants are waiving royalties both for the codec implementation and for any patents on the codec itself."
Security

Bugs In Belkin Routers Allow DNS Spoofing, Credential Theft 47

Trailrunner7 writes: The CERT/CC is warning users that some Belkin home routers contain a number of vulnerabilities that could allow an attacker to spoof DNS responses, intercept credentials sent in cleartext, access the web management interface, and take other actions on vulnerable routers. The vulnerabilities affect the Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2 with firmware version 2.10.17, and potentially earlier versions of the firmware, as well. The vulnerabilities have not been patched by Belkin, the advisory from the CERT/CC says there aren't any practical workarounds for them. "DNS queries originating from the Belkin N600, such as those to resolve the names of firmware update and NTP servers, use predictable TXIDs that start at 0x0002 and increase incrementally. An attacker with the ability to spoof DNS responses can cause the router to contact incorrect or malicious hosts under the attacker's control," the advisory says.
Networking

Ask Slashdot: Can Any Wireless Tech Challenge Fiber To the Home? 174

New submitter danielmorrison writes: In Holland, MI (birthplace of Slashdot) we're working toward fiber to the home. A handful of people have asked why not go wireless instead? I know my reasons (speed, privacy, and we have an existing fiber loop) but are any wireless technologies good enough that cities should consider them? If so, what technologies and what cities have had success stories?
Stats

Windows 10 Grabs 5.21% Market Share, Passing Windows Vista and Windows 8 237

An anonymous reader writes: The effects of a free upgrade to Windows 10 are starting to trickle in. Available for just over a month, Windows 10 has now captured more than 5 percent market share, according to the latest figures from Net Applications. In just four weeks, Windows 10 has already been installed on over 75 million PCs. Microsoft is aiming to have 1 billion devices running Windows 10 "in two to three years," though that includes not just PCs, but smartphones, consoles, and other devices as well.