YouTube will return anti-terrorist playlists when users search for hateful content on the site using certain keywords pertaining to terrorism. Tubefilter.com reports: The new feature, dubbed The Redirect Method, is part of a four-prong strategy announced by Google last month to quash extremist ideologies across its platforms. The Redirect Method was developed by Jigsaw -- an Alphabet subsidiary whose mission is to counter extremism, censorship, and cyber attacks -- alongside another tech company called Moonshot CVE (which stands for "Countering Violent Extremism"). Jigsaw and Moonshot CVE developed the tech after studying, over several years, how terrorist factions like ISIS leverage technology to spread their messaging and recruit new followers. In coming weeks, YouTube says it intends to incorporate The Redirect Method into a wider set of search queries in languages beyond English, use machine learning to dynamically update search terms, work with partner NGOs to develop new anti-extremist content, and roll out the Method to Europe.

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission has denied a request to extend the deadline for filing public comments on its plan to overturn net neutrality rules, and the FCC is refusing to release the text of more than 40,000 net neutrality complaints that it has received since June 2015. The National Hispanic Media Coalition (NHMC) filed a Freedom of Information Act (FoIA) request in May of this year for tens of thousands of net neutrality complaints that Internet users filed against their ISPs. The NHMC argues that the details of these complaints are crucial for analyzing FCC Chairman Ajit Pai's proposal to overturn net neutrality rules. The coalition also asked the FCC to extend the initial comment deadline until 60 days after the commission fully complies with the FoIA request. A deadline extension would have given people more time to file public comments on the plan to eliminate net neutrality rules. Instead, the FCC yesterday denied the motion for an extension and said that it will only provide the text for a fraction of the complaints, because providing them all would be too burdensome.

One of the most widely used technologies in mobile computing is getting an important upgrade that could accelerate the development of the smart home and industrial internet. From a report: The Bluetooth Special Interest Group, the Kirkland, Wash.-based group that enforces compatibility among the billions of devices that use the short-range Bluetooth wireless technology, plans to announce Tuesday that the standard now supports mesh networking. Mesh networks connect a variety of access points and devices across a distributed network, rather than the one-to-one connection that currently exists between your smartphone and that headset that makes you look ridiculous. This approach dramatically improves the range and reliability of a wireless network, since information can be relayed across several different devices rather than having to stretch between two far-apart devices. And if part of the network goes offline, mesh technology has the capability to route around that outage and still carry out its original mission. Wi-Fi networks have also been getting in on this mesh networking act, which has an additional bonus: mesh networks are much easier to set up than traditional wireless networks.

An anonymous reader quotes a report from The Verge: Comcast filed comments in support of the FCC's plan to kill the 2015 net neutrality rules today. And while pretty much everything in them is expected -- Comcast thinks the rules are burdensome and hurt investment, yet it says it generally supports the principles of net neutrality -- there's one telling new quirk that stands out in its phrasing: Comcast now says it's in support of a ban on "anticompetitive paid prioritization," which is really a way of saying paid prioritization should be allowed. "The commission also should bear in mind that a more flexible approach to prioritization may be warranted and may be beneficial to the public," Comcast says in its filing. The key qualification is "anticompetitive," which is a term that could be interpreted in a lot of different ways depending on who's defining it.

Comcast doesn't just see paid fast lanes being useful for medicine, however. It also thinks they might be fair to sell to automakers for use in autonomous vehicles. "Likewise, for autonomous vehicles that may require instantaneous data transmission, black letter prohibitions on paid prioritization may actually stifle innovation instead of encouraging it," the filing says. This makes Comcast's position pretty confusing. Comcast says it opposes prioritizing one website over another. It even suggests the commission adopt a "strong presumption against" agreements that benefit an ISP's own content over competitors' work, but it's not clear how benefiting one car company or telemedicine company over another is any different.

An anonymous reader quotes a report from Ars Technica: Cox, the third largest U.S. cable company, last week started charging overage fees to customers in four more states. Internet provider CenturyLink, on the other hand, recently ended an experiment with data caps and is giving bill credits to customers in the state of Washington who were charged overage fees during the yearlong trial. Cox, which operates in 18 states with about six million residential and business customers, last week brought overage fees to Arizona, Louisiana, Nevada, and Oklahoma. Cox was already enforcing data caps and overage fees in Arkansas, Connecticut, Florida, Georgia, Idaho, Iowa, Kansas, Nebraska, and Ohio. California, Rhode Island, and Virginia technically have monthly caps but no enforcement of overage fees, according to Cox's list of data caps by location. Massachusetts and North Carolina seem to be exempt from the Cox data caps altogether. Similar to Comcast, Cox lets capped customers use 1TB of data a month and charges $10 for each additional block of 50GB. Cox will introduce a pricier "unlimited" plan later this year, Multichannel News reported. If Cox continues to match Comcast's pricing, the unlimited data plan would cost an additional $50 a month above what customers normally pay. A year ago, CenturyLink started a data-cap trial in Yakima, Washington, imposing a 300GB-per-month cap and overage fees of $10 for each additional 50GB. But instead of expanding the overage fees to more cities, CenturyLink ended the "usage-based billing program."

Chipmaker Broadcom on Monday won approval from the U.S. Federal Trade Commission to purchase San Jose-based Brocade Communications Systems for $5.9 billion. From a report: To land U.S. approval, Broadcom had to promise federal regulators not to use information from the acquisition to hurt Cisco Systems. At issue with U.S. regulators was possible impacts on Cisco, since Cisco buys chips from Broadcom, but competes with Brocade. On the flip side, regulators worried Broadcom might use its position as supplier and competitor to raise the prices on fiber channel switches, a niche networking segment that's owned completely by Brocade and Cisco. To assuage those concerns, Broadcom agreed to set up an operations "firewall" internally, so that competitive information that might hurt Cisco won't be shared internally. It also agreed to submit to regulatory oversight for five years after the deal is completed.

schwit1 shares an article from ZDNet: A new analysis of documents leaked by whistleblower Edward Snowden details a highly classified technique that allows the National Security Agency to "deliberately divert" U.S. internet traffic, normally safeguarded by constitutional protections, overseas in order to conduct unrestrained data collection on Americans. According to the new analysis, the NSA has clandestine means of "diverting portions of the river of internet traffic that travels on global communications cables," which allows it to bypass protections put into place by Congress to prevent domestic surveillance on Americans.

The new findings follow a 2014 paper by researchers Axel Arnbak and Sharon Goldberg, published on sister-site CBS News, which theorized that the NSA, whose job it is to produce intelligence from overseas targets, was using a "traffic shaping" technique to route US internet data overseas so that it could be incidentally collected under the authority of a largely unknown executive order... The research cites several ways the NSA is actively exploiting methods to shape and reroute internet traffic -- many of which are well-known in security and networking circles -- such as hacking into routers or using the simpler, less legally demanding option of forcing major network providers or telecoms firms into cooperating and diverting traffic to a convenient location.

An anonymous reader writes: Friday technology investor Dave McClure tweeted a link to a statement from the new CEO of the start-up incubator he co-founded which announces his demotion after engaging in "inappropriate interactions with women in the tech community." The new CEO of 500 Startups says "I sincerely apologize for the choices he made and the pain and stress they've caused people. But apologies aren't enough without meaningful actions and change. Because of this, we made the decision a few months ago to change the leadership structure at 500." Meanwhile, McClure will attend counseling "to work on changing his perspectives and preventing his previous unacceptable behavior... As much as we want to be part of the solution, we clearly have also been part of the problem."

The same day more than two dozen female entrepreneurs told the New York Times about incidents of sexual harassment in the start-up industry, "often providing corroborating messages and emails." Several women told the Times they were warned that saying anything might lead to ostracism. Chris Sacca -- whose firm invested in Twitter, Uber, Instagram, Twilio, and Kickstarter -- told the Times he was grateful for the courage of the female entrepreneur who told the Times how he'd propositioned her, and Sacca also wrote in a post on Medium, "I've learned that it's often the less obvious, yet pervasive and questionable, everyday behaviors of men in our industry that collectively make it inhospitable for women... It's the unrelenting, day-to-day culture of dismissiveness that creates a continually bleak environment for women and other underrepresented groups." The article also notes that Justin Caldbeck -- accused by six different founders of making unwanted advances -- worked at three different VC firms over the last seven years. The Times also cites a 2014 admission by investor Pavel Curda that he sent two women text messages asking for sex after a networking event, adding "The new accounts underscore how sexual harassment in the tech start-up ecosystem goes beyond one firm and is pervasive and ingrained."

GeoGreg writes: On August 21, 2017, the contiguous United States will experience its first total solar eclipse since 1979. According to GreatAmericanEclipse.com's Michael Zeiler, approximately 200 million people live within one day's drive of the eclipse. Zeiler projects that between 1.85 to 7.4 million people will attempt to visit the path of totality. As the eclipse approaches, articles are appearing predicting the possibility of automobile traffic jamming rural roads. There is also concern about the ability of rural cellular networks to handle such a large influx. AT&T is bringing in Cell On Wheel (COW) systems to rural locations in Kentucky, Idaho, and Oregon, while Verizon is building a temporary tower in Jackson Hole, Wyoming. The disruption could be frustrating to those trying to get to the eclipse or share their photos via social networking. If cellular networks can't handle the data, apps like Waze won't be much help in avoiding the traffic. If communication is essential near the eclipse path, Astronomy Magazine recommends renting a satellite phone.

citadrianne shares a report from The Outline: President Donald Trump's proposed budget seeks to slash $54 billion from social services including programs like Medicaid and Meals on Wheels. As these resources dry up, crowdfunding websites will further entrench themselves as extra-governmental welfare providers in order to fill the gap. For a lucky few, these sites are a lifeline. For most people, they are worthless. Crowdfunding's fatal flaw is that not every campaign ends up getting the money it needs. A recent study published in the journal Social Science & Medicine found that more than 90 percent of GoFundMe campaigns never meet their goal. For every crowdfunding success story, there are hundreds of failures. "As many happy stories as there are in charitable crowdfunding, there are a lot of really worthy causes when you browse these platforms that nobody has given a cent to," Rob Gleasure, professor at the business school of the National University of Ireland, Cork told The Outline. "People haven't come across them." Feller and Gleasure's report highlighted how fickle crowdfunding can be. Of all the Razoo campaigns started in 2013, they found, more than a third didn't receive any funding at all. According to their report, donors are more likely to give to campaigns that feature lots of pictures and accompanying text.

An anonymous reader quotes a report from Gizmodo: In a unanimous decision today, the Supreme Court struck down a North Carolina law that prevents sex offenders from posting on social media where children might be present, saying it "impermissibly restricts lawful speech." In doing so, the Supreme Court asserted what we all know to be true: Posting is essential to the survival of the republic. The court ruled that to "foreclose access to social media altogether is to prevent the user from engaging in the legitimate exercise of First Amendment rights." The court correctly noted that "one of the most important places to exchange views is cyberspace." The North Carolina law was ruled to be overly broad, barring "access to what for many are the principal sources for knowing current events, checking ads for employment, speaking and listening in the modern public square, and otherwise exploring the vast realms of human thought and knowledge."

chicksdaddy writes from a report via The Security Ledger: After seeding the globe with hackable DVRs and webcams, Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to "enhance the security of its Internet of Things (IoT) devices and solutions." Dahua, based in Hangzhou, China said it will with Mountain View based Synopsys to "enhance the security of its Internet of Things (IoT) devices and solutions." In a joint statement, the companies said Dahua will be adopting secure "software development life cycle (SDLC) and supply chain" practices using Synopsys technologies in an effort to reduce the number of "vulnerabilities that can jeopardize our products," according to a statement attributed to Fu Liquan, Dahua's Chairman, The Security Ledger reports. Dahua's cameras and digital video recorders (DVRs) figured prominently in the Mirai botnet, which launched massive denial of service attacks against websites in Europe and the U.S., including the French web hosting firm OVH, security news site Krebsonsecurity.com and the New Hampshire based managed DNS provider Dyn. Cybercriminals behind the botnet apparently exploited an overflow vulnerability in the web interface for cameras and DVRs to gain access to the underlying Linux operating system and install the Mirai software, according to research by the firm Level3. In March, Dahua was called out for another, serious vulnerability in eleven models of video recorders and IP cameras. Namely: a back door account that gave remote attackers full control of vulnerable devices without the need to authenticate to the device. The flaw was first disclosed on the Full Disclosure mailing list and described as "like a damn Hollywood hack, click on one button and you are in."

According to Leichtman Research estimates from the first quarter of 2017, there are more Netflix subscribers in the U.S. (50.85 million) than there are customers for major cable TV networks (48.61 million). While it doesn't mean Netflix is bigger than TV because it doesn't account for the 33.19 million satellite viewers, it represents a huge milestone for a streaming service that had half as many users just 5 years ago. Engadget reports: The shift in power comes in part through Netflix's ever-greater reliance on originals. There's enough high-quality material that it can compete with more established networks. However, it's also getting a boost from the decline of conventional TV. Those traditional sources lost 760,000 subscribers in the first quarter of the year versus 120,000 a year earlier. Leichtman believes a combination of cord cutters and reduced marketing toward cost-conscious viewers is to blame. Cable giants might not be in dire straits, but they're clearly focusing on their most lucrative customers as others jump ship for the internet.

A software engineer in North Carolina has created a new plugin that lets website administrators monitor when someone accesses their site from an IP address associated with the federal government. It was created in part to protest a measure signed by President Trump in April that allows internet service providers to sell sensitive information about your online habits without needing your consent. Motherboard reports: A new tool created by Matt Feld, the founder of several nonprofits including Speak Together, could help the public get a sense of what elected officials are up to online. Feld, a software engineer working in North Carolina, created Speak Together to share "technical projects that could be used to reduce the opaqueness between government and people," he told Motherboard over the phone. "It was born out of just me trying to get involved and finding the process to be confusing." The tool lets website administrators track whether members of Congress, the Senate, White House staff, or Federal Communications Commission (FCC) staff are looking at their site. If you use Feld's plug-in, you'll be able to see whether someone inside government is reading your blog. You won't be able to tell if President Trump viewed a web page, but you will be able to see that it was someone using an IP address associated with the White House. The tool works similarly to existing projects like CongressEdits, an automated Twitter account that tweets whenever a Wikipedia page is edited from IP addresses associated with Congress.

darthcamaro writes: Back in April, when Docker announced its LinuxKit effort, the primary focus appeared to just be [tools for] building a container-optimized Linux distribution. As it turns out, security is also a core focus -- with LinuxKit now incubating multiple efforts to help boost Linux kernel security. Among those efforts is the Wireguard next generation VPN that could one day replace IPsec. "Wireguard is a new VPN for Linux using the cryptography that is behind some of the really good secure messaging apps like Signal," said Nathan McCauley, Director of Security at Docker Inc.
According to the article, Docker also has several full-time employees looking at ways to reduce the risk of memory corruption in the kernel, and is also developing a new Linux Security Module with more flexible access control policies for processes.

Mar Masson Maack reports via The Next Web: At its inception, the internet was a beautifully idealistic and equal place. But the world sucks and we've continuously made it more and more centralized, taking power away from users and handing it over to big companies. And the worst thing is that we can't fix it -- we can only make it slightly less awful. That was pretty much the core of Pirate Bay's co-founder, Peter Sunde's talk at tech festival Brain Bar Budapest. TNW sat down with the pessimistic activist and controversial figure to discuss how screwed we actually are when it comes to decentralizing the internet.

In Sunde's opinion, people focus too much on what might happen, instead of what is happening. He often gets questions about how a digitally bleak future could look like, but the truth is that we're living it: "Everything has gone wrong. That's the thing, it's not about what will happen in the future it's about what's going on right now. We've centralized all of our data to a guy called Mark Zuckerberg, who's basically the biggest dictator in the world as he wasn't elected by anyone. Trump is basically in control over this data that Zuckerberg has, so I think we're already there. Everything that could go wrong has gone wrong and I don't think there's a way for us to stop it." One of the most important things to realize is that the problem isn't a technological one. "The internet was made to be decentralized," says Sunde, "but we keep centralizing everything on top of the internet."

New submitter mirandakatz writes: Airbnb has just unveiled its Open Homes Platform, a home-sharing site for hosts motivated by goodwill instead of profits -- and for guests motivated by need rather than wanderlust. Specifically, Airbnb is going to begin by connecting refugees with hosts in Canada, France, Greece, and the United States. Ultimately, refugees will be just one group that the site aims to help: Site visitors can also nominate other groups of people for temporary placements, and the platform will expand to include them eventually. At Backchannel, Jessi Hempel dives into the home-sharing platform's latest effort, and places it in the context of the company's broader business strategy.

An anonymous reader writes: Researchers from the Ben-Gurion University of the Negev in Israel have developed malware that when installed on a router or a switch can take control over the device's LEDs and use them to transmit data in a binary format to a nearby attacker, who can capture it using simple video recording equipment. The attack is similar to the LED-it-GO attack developed by the same team, which uses a hard drive's blinking LED to steal data from air-gapped computers. Because routers and switches have many more LEDs than a hard drive, this attack scenario is much more efficient, as it can transmit data at about the same speed, but multiplied by the number of ports/LEDs. Researchers say they were able to steal data by 1000 bits/ per LED, making this the most efficient attack known to date. The attack worked best when coupled with optical sensors, which are capable of sampling LED signals at high rates, enabling data reception at a higher bandwidth than other typical video recording equipment. A video of the attack is available here.

dryriver writes: Major news organizations from CNN, BBC, ABC to TIME magazine, the New York Times and the Economist publish a tremendous amount of information, especially now that almost everybody runs a 24/7 updated website alongside their TV channel, magazine or newspaper. Question: How do news organizations actually keep track of what must be 1000s of pieces of incoming information that are processed into news stories every day? If they are using software to manage all this info -- which makes a lot of sense -- is it off-the-shelf software that anybody can buy, or do major news organizations typically commission IT/software contractors to build them a custom "Information Management System" or similar? If there is good off-the-shelf software for managing a lot of information, who makes it and what is it called?

AmiMoJo quotes the Register: The Internet Engineering Task Force has taken another small step in protecting everybody's privacy... As the draft proposal explains, the RFCs that define NTP have what amounts to a convenience feature: packets going from client to server have the same set of fields as packets sent from servers to clients... "Populating these fields with accurate information is harmful to privacy of clients because it allows a passive observer to fingerprint clients and track them as they move across networks".

The header fields in question are Stratum, Root Delay, Root Dispersion, Reference ID, Reference Timestamp, Origin Timestamp, and Receive Timestamp. The Origin Timestamp and Receive Timestamp offer a handy example or a "particularly severe information leak". Under NTP's spec (RFC 5905), clients copy the server's most recent timestamp into their next request to a server – and that's a boon to a snoop-level watcher.
The proposal "proposes backward-compatible updates to the Network Time Protocol to strip unnecessary identifying information from client requests and to improve resilience against blind spoofing of unauthenticated server responses." Specifically, client developers should set those fields to zero.