An anonymous reader quotes a report from Digital Journal: Reddit has announced it has begun trialling a radical new profile page design that's reminiscent of Facebook and Twitter. It will evolve the discussion board site towards being a social network by enabling users to post directly to their new profile page. At present, posts on Reddit have to be directed into a specific sub-Reddit community. You can't simply write a post and have it appear across the network which can make it difficult to get your voice heard. Unless you've got some reputation in a relevant sub-Reddit, your posts may end up going unnoticed. That could soon change. Last night, Reddit announced it's working on a drastic revision of its user profile page experience. The site has commenced testing of an early version of the design. According to a report from Reuters, just three "high-profile" users currently have access to the feature. When the new pages are eventually opened up to all, they'll showcase the user's profile picture and description. Below the header, posts from the user will be publicly displayed. The user will be able to add new posts to their page, without submitting to a sub-Reddit. Users will be able to follow each other to stay informed of new posts, effectively creating a social network atmosphere above the discussion boards.

A year after Google released the Android N Developer Preview, the company has made available the developer preview of the next major version of Android, "Android O." You will not want to put it on your primary Android smartphone as the preview is likely to have rough edges. Google says as much. "it's early days, there are more features coming, and there's still plenty of stabilization and performance work ahead of us. But it's booting :)."

The company is using the developer preview to give beta testers a sneak peek into some new features, such as "notification channels," which will offer users the ability to group notifications. There is also Picture in Picture, which will enable you to have a video appear in a small window on top of homescreen or any application. Google is also adding "multi-display support" and improved "keyboard navigation." Your guess is as good as mine as to what these features will actually do. There's also better "background limits" which will supposedly help save battery, and wider Wi-Fi support to include things like Neighborhood Aware Networking (NAN).

No word on what "O" in Android O stands for.

An anonymous reader quotes a report from Ars Technica: Some Kansas City residents who have been waiting years for Google Fiber to install service at their homes recently received e-mails canceling their installations, with no word on whether they'll ever get Internet service from the company. KSHB 41 Action News in Kansas City, Missouri, "spoke to several people, living in different parts of the metro, all who have recently received cancellation e-mails," the station reported last week. "The e-mails do not provide a specific reason for the cancellations. Instead they say the company was 'unable to build our network to connect your home or business at this time.'" While Google Fiber refuses to say how many installations have been canceled, KSHB said, "there is speculation the number of cancellations in the metro is as high as 2,700." "The company says it has slowed down in some areas to experiment with new techniques," such as wireless technology, the report also said. Google Fiber is still hooking up fiber for some new customers in parts of the Kansas City area. One resident who had his installation canceled is Larry Meurer, who was seeing multiple Google Fiber trucks in his neighborhood nearly two years ago, in the spring of 2015. "I'm left wondering what's going on," he told KSHB after getting the cancellation e-mail. Meurer lives in Olathe, Kansas, one of the largest cities in the Kansas City metro area. Residents only five houses away and around the corner have Google Fiber service, the report said. But Meurer said he and several neighbors who never got service were "terminated."

Zack Whittaker, writing for ZDNet: Cisco is warning that the software used in hundreds of its products are vulnerable to a "critical"-rated security flaw, which can be easily and remotely exploited with a simple command. The vulnerability can allow an attacker to remotely gain access and take over an affected device. More than 300 switches are affected by the vulnerability, Cisco said in an advisory. According to the advisory, the bug is found in the cluster management protocol code in Cisco's IOS and IOS XE software, which the company installs on the routers and switches it sells. An attacker can exploit the vulnerability by sending a malformed protocol-specific Telnet command while establishing a connection to the affected device, because of a flaw in how the protocol fails to properly process some commands. Cisco said that there are "no workarounds" to address the vulnerability, but it said that disabling Telnet would "eliminate" some risks.

An anonymous reader writes: "An Oregon sportswear company is suing its former IT administrator, alleging he left backdoor accounts on their network and used them more than 700 times to search for information for the benefit of its new employer," reports BleepingComputer. Court papers reveal the IT admin left to be the CTO at one of the sportswear company's IT suppliers after working for 14 years at his previous employer. For more than two years, he's [allegedly] been using an account he created before he left to access his former colleagues' emails and gather information about the IT services they might need in the future. The IT admin was fired from his CTO job after his new employer found out what he was doing.
One backdoor, which enabled both VPN and VDI connections to the company's network, granted access to a "jmanming" account for a non-existent employee named Jeff Manning...

Recently-leaked CIA documents prove that encryption works, according to the Associated Press. But how should sys-admins implement site-wide file encryption? Very-long-time Slashdot reader Pig Hogger writes: If you decide to implement server-level encryption across all your servers, how do you manage the necessary keys/passwords/passphrases to insure that you have both maximum uptime (you can access your data if you need to reboot your servers), yet that the keys cannot be compromised... What are established practices to address this issue?
Keep in mind that you can't change your password once the server's been seized, bringing up the issue of how many people know that password. Or is there a better solution? Share you suggestions and experiences in the comments. How would you implement site-wide file encryption?

Club Penguin, a decade-old tween-focused social network by Disney is shutting down. From a report on The Outline: Club Penguin, which launched in 2005, will shutter on March 29, ending an 11-year run that at its peak drew 200 million users to the site. While the traffic has reportedly been in decline over the past few years -- the OG Club Penguin kids have mostly aged out (most of the site's user are 8-13), and there's growing competition from other social networking games, like the new LEGO Life -- fans both young and old are reacting to the news with emotions that run the Kubler-Ross gamut. Some have been reduced to shell-like human embodiments of the Loudly Crying Face emoji. James Charles, the beauty-obsessed 17-year-old Instagram star who was recently announced as the first male face of CoverGirl, tweeted, "my entire childhood is going down the drain wow I'm gonna cry RIP greendude50." Others are lashing out, attempting speedruns or willfully disobeying chat rules in the hopes of getting booted in an act of you-can't-fire-me-I-quit defiance. And of course, plenty are soaking up the last days, taking part in the community-wide "Waddle On" celebration that's essentially a G-rated version of an end-of-days rager.

davegravy writes: I work at a small but quickly growing acoustic consulting engineering firm, consisting of a mix of mechanical, electrical, civil, and other engineering backgrounds. When I joined almost 10 years ago I was in good company with peers who were very computer literate -- able to develop their own complex excel macros, be their own IT tech support, diagnose issues communicating with or operating instrumentation, and generally dive into any technology-related problem to help themselves. In 2017, these skills and tendencies are more essential than they were 10 years ago; our instruments run on modern OS's and are network/internet-capable, the heavy data processing and analysis we need to do is python-based (SciPy, NumPy) and runs on AWS EC2 instances, and some projects require engineers to interface various data-acquisition hardware and software together in unique ways. The younger generation, while bright in their respective engineering disciplines, seems to rely on senior staff to a concerning degree when it comes to tech challenges, and we're stuck in a situation where we've provided procedures to get results but inevitably the procedures don't cover the vast array of scenarios faced day-to-day. Being a small company we don't have dedicated IT specialists. I believe I gathered my skills and knowledge through insatiable curiosity of all things technology as a child, self-teaching things like Pascal, building and experimenting with my own home LAN, and assembling computers from discrete components. Technology was a fringe thing back then, which I think drew me in. I doubt I'd be nearly as curious about it growing up today given its ubiquity, so I sort of understand why interest might be less common in today's youth.

How do we instill a desire to learn the fundamentals of networking, computing, and coding, so that the younger generation can be self-sufficient and confident working with the modern technology and tools they need to perform -- and be innovative in -- their jobs? I believe that the most effective learning occurs when there's a clearly useful purpose or application, so I'm hesitant to build a training program that consists solely of throwing some online courses at staff. That said, online courses may be a good place to get some background that can be built upon, however most that I've come across are intended for people pursuing careers in computer science, web development, software engineering, etc. Are there any good resources that approach these topics from a more general purpose angle?

An anonymous reader quotes a report from The Guardian: Facebook and Instagram have banned developers from using their data for surveillance with a new privacy policy that civil rights activists have long sought to curb spying by law enforcement. Following revelations last year that police departments had gained special access to the social networks to track protesters, Facebook, which owns Instagram, announced on Monday that it had updated its rules to state that developers could not "use data obtained from us to provide tools that are used for surveillance." The American Civil Liberties Union obtained government records last year revealing that Facebook, Instagram and Twitter had provided users' data to a software company that aids police surveillance programs and had helped law enforcement monitor Black Lives Matter demonstrations. The ACLU found that the social networking sites had given "special access" to Geofeedia, a controversial startup that has partnered with law enforcement to track streams of user content. "Our goal is to make our policy explicit," Facebook said in its announcement on Monday. "Over the past several months we have taken enforcement action against developers who created and marketed tools meant for surveillance, in violation of our existing policies; we want to be sure everyone understands the underlying policy and how to comply."

Artem Tashkinov writes: The XKCD comics has posted a wonderful and exceptionally relevant post in regard to the today's situation with various instant messaging solutions. E-mail has served us well in the past, however, it's not suitable for any real-time communications involving video and audio. XMPP was a nice idea, however, it has largely failed except for a low number of geeks who stick to it. Nowadays, some people install up to seven instant messengers to be able to keep up with various circles of people. How do you see this situation being resolved?

People desperately need a universal solution which is secure, decentralized, fault tolerant, not attached to your phone number, protects your privacy, supports video and audio chats and sending of files, works behind NATs and other firewalls and has the ability to send offline messages. I believe we need a modern version of SMTP. [How would you solve the instant messaging problem?]

"If the tech industry is drawing one lesson from the latest WikiLeaks disclosures, it's that data-scrambling encryption works," writes the Associated Press, "and the industry should use more of it." An anonymous reader quotes their report: Documents purportedly outlining a massive CIA surveillance program suggest that CIA agents must go to great lengths to circumvent encryption they can't break. In many cases, physical presence is required to carry off these targeted attacks. "We are in a world where if the U.S. government wants to get your data, they can't hope to break the encryption," said Nicholas Weaver, who teaches networking and security at the University of California, Berkeley. "They have to resort to targeted attacks, and that is costly, risky and the kind of thing you do only on targets you care about. Seeing the CIA have to do stuff like this should reassure civil libertarians that the situation is better now than it was four years ago"... Cindy Cohn, executive director for Electronic Frontier Foundation, a group focused on online privacy, likened the CIA's approach to "fishing with a line and pole rather than fishing with a driftnet."
The article points out that there are still some exploits that bypass encryption, according to the recently-released CIA documents. "Although Apple, Google and Microsoft say they have fixed many of the vulnerabilities alluded to in the CIA documents, it's not known how many holes remain open."

An anonymous reader quotes a report from TmoNews: T-Mobile's new deprioritization threshold is 30GB of usage in a single billing cycle. While T-Mo didn't make an official announcement about the change, you can see in this cached page that the network management policy says 28GB: "Based on network statistics for the most recent quarter, customers who use more than 28GB of data during a billing cycle will have their data usage prioritized below other customers' data usage for the remainder of the billing cycle in times and at locations where there are competing customer demands for network resources." Navigating to the webpage today now says 30GB. What this change means is that if you use more than 30GB of data in one billing cycle, your data usage will be prioritized below others for the remainder of that billing cycle. The only time that you're likely to see the effects of that, though, is when you're at a location on the network that is congested, during which time you may see slower speeds. Once you move to a different location or the congestion goes down, your speeds will likely go back up. And once the new billing cycle rolls around, your usage will be reset.

AT&T says it has fixed a nationwide outage that prevented its wireless customers from making 911 emergency calls. "Service has been restored for wireless customers affected by an issue connecting to 911. We apologize to those affected," the company officials said in a statement. The outage was serious enough to gain the attention of the Federal Communications Commission. The FCC chairman, Ajit Pai, said via Twitter that they are investigating what went wrong. NBC News reports: The company didn't say how widespread the outage was, but as reports poured in from across the country, Karima Holmes, director of unified communications for the Washington, D.C., government, said her office had been "advised there is a nationwide outage for AT&T." At 10:20 p.m. ET, about 10 minutes before AT&T gave the all-clear, DownDetector, a site that monitors internet traffic for real-time information on wireless and broadband carriers, indicated that outage reports for AT&T were clustered most prominently around New York City, Philadelphia, Washington, D.C., Chicago, Miami, Dallas, Houston, San Francisco, Los Angeles and Seattle. But emergency authorities across the country confirmed 911 outages and publicized direct police, fire and ambulance dispatch telephone numbers that AT&T customers should call in emergencies.

meshrepublic shares a report: As per the latest announcement, Google AMP is rolling out for 1 billion people in Asia Pacific. Baidu and Sogou, which account for around 90% of the search market in China, made the announcement on the opening day of the first AMP developer conference which is taking place in New York. Also, Yahoo Japan will connect to AMP pages from their Search results. This will bring all the benefits of AMP to their 58m daily users in Japan. With the addition of these search giant's, means, a billion more people will be using Google Accelerated Mobile Pages. Per Google research, 70 percent of conventional mobile pages take seven to 10 seconds for visual page content to load. By comparison, AMP pages' load in less than one second, on average.

An anonymous reader quotes a report from BleepingComputer: The number of Dark web services has gone down significantly following the Freedom Hosting II hack that took place at the start of February, and only consists of around 4,400 services, according to a recently published OnionScan report. Previous research published in April 2016 by threat intelligence firm Deep Light had the total number of Dark Web services at around 30,000. Comparing the two numbers, the report shows a decrease of over 85% in the overall size of Dark Web in the last year alone. According to the recent OnionScan statistics, the Dark Web is laughably small, with around 4,000 HTTP websites, 250 TLS (HTTPS) endpoints, 100 SMTP services, and only 10 FTP nodes.

In response to a U.S. Justice Department order that requires colleges and universities make website content accessible for citizens with disabilities and impairments, the University of California, Berkeley, will cut off public access to tens of thousands of video lectures and podcasts. Officials said making the videos and audio more accessible would have proven too costly in comparison to removing them. Inside Higher Ed reports: Today, the content is available to the public on YouTube, iTunes U and the university's webcast.berkeley site. On March 15, the university will begin removing the more than 20,000 audio and video files from those platforms -- a process that will take three to five months -- and require users sign in with University of California credentials to view or listen to them. The university will continue to offer massive open online courses on edX and said it plans to create new public content that is accessible to listeners or viewers with disabilities. The Justice Department, following an investigation in August, determined that the university was violating the Americans With Disabilities Act of 1990. The department reached that conclusion after receiving complaints from two employees of Gallaudet University, saying Berkeley's free online educational content was inaccessible to blind and deaf people because of a lack of captions, screen reader compatibility and other issues. Cathy Koshland, vice chancellor for undergraduate education, made the announcement in a March 1 statement: "This move will also partially address recent findings by the Department of Justice, which suggests that the YouTube and iTunes U content meet higher accessibility standards as a condition of remaining publicly available. Finally, moving our content behind authentication allows us to better protect instructor intellectual property from 'pirates' who have reused content for personal profit without consent."

"A backdoor has been found in devices made by a Chinese tech firm specializing in VoIP products," reports TechRadar. An anonymous reader quotes their article: Security outfit Trustwave made the discovery of a hidden backdoor in DblTek's devices which was apparently put there to allow the manufacturer access to said hardware -- but of course, it's also open to being exploited by other malicious parties. The backdoor is in the Telnet admin interface of DblTek-branded devices, and potentially allows an attacker to remotely open a shell with root privileges on the target device.

What's perhaps even more worrying is that when Trustwave contacted DblTek regarding the backdoor last autumn -- multiple times -- patched firmware was eventually released at the end of December. However, rather than removing the flaw, the vendor simply made it more difficult to access and exploit. And further correspondence with the Chinese company has apparently fallen on deaf ears.
The firmware with the hole "is present on almost every GSM-to-VoIP device which DblTek makes," and Trustwave "found hundreds of these devices on the net, and many other brands which use the same firmware, so are equally open to exploit."

ZDNet's Networking blog calls Firefox "the default web browser for most Linux distributions" and "easily the most popular Linux web browser" (with 51.7% of the vote in a recent survey by LinuxQuestions, followed by Chrome with 15.67%). But is it the fastest? An anonymous reader writes: ZDNet's Networking blog just ran speed tests on seven modern browsers -- Firefox, Chrome, Chromium, Opera (which is also built on Chromium), GNOME Web (formerly Epiphany), and Vivaldi (an open-source fork of the old Opera code for power-users). They subjected each browser to the JavaScript test suites JetStream, Kraken, and Octane, as well as reaction speed-testing by Speedometer and scenarios from WebXPRT, adding one final test for compliance with the HTML5 standard.

The results? Firefox emerged "far above" the other browsers for the everyday tasks measured by WebXPRT, but ranked near the bottom in all of the other tests. "Taken all-in-all, I think Linux users should look to Chrome for their web browser use," concludes ZDNet's contributing editor. "When it's not the fastest, it's close to being the speediest. Firefox, more often than not, really isn't that fast. Of the rest, Opera does reasonably well. Then, Chromium and Vivaldi are still worth looking at. Gnome Web, however, especially with its dreadful HTML 5 compatibility, doesn't merit much attention."
The article also reports some formerly popular Linux browsers are no longer being maintained, linking to a KDE forum discussion that concludes that Konqueror and Rekonq "are both more or less dead."

A new video published by Bloomberg shows Uber CEO Travis Kalanick arguing with an Uber driver over fares. It all started when one of Kalanick's "companions" appears to say that she's heard that Uber is having a hard year. Bloomberg reports: That pleasant conversation between Kalanick and his friends in the back of an Uber Black? It devolved into a heated argument over Uber's fares between the CEO and his driver, Fawzi Kamel, who then turned over a dashboard recording of the conversation to Bloomberg. Kamel, 37, has been driving for Uber since 2011 and wants to draw attention to the plight of Uber drivers. The video shows off Kalanick's pugnacious personality and short temper, which may cause some investors to question whether he has the disposition to lead a $69 billion company with a footprint that spans the globe. Uber declined to comment on the video. Here's part of the conversation:
Travis Kalanick: "So we are reducing the number of black cars in the next few months."
Fawzi Kamel: "It's good."
Kalanick: "You probably saw some email."
Kamel: "I saw the email [says] it starts in May. But you're raising the standards and dropping the prices."
Kalanick: "We're not dropping the prices on black."
Kamel: "But in general."
Kalanick: "In general but we have competitors. Otherwise we'd be out of business."
Kamel: "Competitors? You had the business model in your hands you could have the prices you want but you choose to buy everybody a ride."

You can read the transcript of the conversation here via Recode.

UPDATE 2/28/17: Uber CEO Travis Kalanick has issued "a profound apology."

"New York subscribers have had to overpay month after month for services that Spectrum deliberately didn't provide," reports Backchannel -- noting these practices are significant because together Comcast and Charter (formerly Time Warner Cable) account for half of America's 92 million high-speed internet connections. An anonymous reader quotes Backchannel: Based on the company's own documents and statements, it appears that just about everything it has been saying since 2012 to New York State residents about their internet access and data services is untrue...because of business decisions the company deliberately made in order to keep its capital expenditures as low as possible... Its marketing department kept sending out advertising claims to the public that didn't match the reality of what consumers were experiencing or square with what company engineers were telling Spectrum executives. That gives the AG's office its legal hook: Spectrum's actions in knowingly saying one thing but doing another amount to fraudulent, unfair, and deceptive behavior under New York law...

The branding people went nuts, using adjectives like Turbo, Extreme, and Ultimate for the company's highest-speed 200 or 300 Mbps download offerings. But no one, or very few people, could actually experience those speeds...because, according to the complaint, the company deliberately required that internet data connections be shared among a gazillion people in each neighborhood... [T]he lawsuit won't by itself make much of a difference. But maybe the public nature of the attorney-general's assault -- charging Spectrum for illegal misconduct -- will lead to a call for alternatives. Maybe it will generate momentum for better, faster, wholesale fiber networks controlled by cities and localities themselves. If that happened, retail competition would bloom. We'd get honest, straightforward, inexpensive service, rather than the horrendously expensive cable bundles we're stuck with today.
The article says Spectrum charged 800,000 New Yorkers $10 a month for outdated cable boxes that "weren't even capable of transmitting and receiving wifi at the speeds the company advertised customers would be getting," then promised the FCC in 2013 that they'd replace them, and then didn't. "With no competition, it had no reason to upgrade its services. Indeed, the company's incentives went exactly in the other direction."