An anonymous reader quotes a report from MIT Technology Review: Bitcoin isn't the only cryptocurrency on a hot streak -- plenty of alternative currencies have enjoyed rallies alongside the Epic Bitcoin Bull Run of 2017. One of the most intriguing examples is also among the most obscure in the cryptocurrency world. Called IOTA, it has jumped in total value from just over $4 billion to more than $10 billion in a little over two weeks. But that isn't what makes it interesting. What makes it interesting is that it isn't based on a blockchain at all; it's something else entirely. The rally began in late November, after the IOTA Foundation, the German nonprofit behind the novel cryptocurrency, announced that it was teaming up with several major technology firms to develop a "decentralized data marketplace."

Though IOTA tokens can be used like any other cryptocurrency, the protocol was designed specifically for use on connected devices, says cofounder David Sonstebo. Organizations collect huge amounts of data from these gadgets, from weather tracking systems to sensors that monitor the performance of industrial machinery (a.k.a. the Internet of things). But nearly all of that information is wasted, sitting in siloed databases and not making money for its owners, says Sonstebo. IOTA's system can address this in two ways, he says. First, it can assure the integrity of this data by securing it in a tamper-proof decentralized ledger. Second, it enables fee-less transactions between the owners of the data and anyone who wants to buy it -- and there are plenty of companies that want to get their hands on data. The report goes on to note that instead of using a blockchain, "IOTA uses a 'tangle,' which is based on a mathematical concept called a directed acyclic graph." The team decided to research this new alternative after deciding that blockchains are too costly. "Part of Sonstebo's issue with Bitcoin and other blockchain systems is that they rely on a distributed network of 'miners' to verify transactions," reports MIT Technology Review. "When a user issues a transaction [with IOTA], that individual also validates two randomly selected previous transactions, each of which refer to two other previous transactions, and so on. As new transactions mount, a 'tangled web of confirmation' grows, says Sonstebo."

A newly released letter from the Department of Justice has formally acknowledged that federal prosecutors have an open criminal investigation into Uber. Ars Technica reports: Late last month, as part of the proceedings in the high-profile and ongoing Waymo v. Uber trade secrets lawsuit, U.S. District Judge William Alsup said that on November 22 he had received a letter from San Francisco-based federal prosecutors. It is very unusual for a judge in a civil case to be apprised of a pending criminal investigation involving one of the litigants. In a separate November 28 letter sent to Judge Alsup, Acting U.S. Attorney Alex Tse asked that the first letter not be made public. The judge unsealed both letters on Wednesday. The first letter was signed by two prosecutors, Matthew Parrella and Amie Rooney. Those attorneys are assigned to the Computer Hacking and Intellectual Property (CHIP) Unit at the United States Attorney's Office in San Jose. [T]he letter could mean Uber and/or its current or former employees may be under investigation for possible crimes under the Computer Fraud and Abuse Act, a longstanding anti-hacking law.

An anonymous reader quotes a report from The Verge: Lawmakers and public officials are responding to the FCC's decision to gut net neutrality with promises of action. In the hours following the FCC hearing, officials from around the country announced lawsuits and bills intended to counter the FCC's decision. In New York, Attorney General Eric Schneiderman said that he's leading a multi-state lawsuit to challenge the FCC's vote, though he didn't give further details on the suit or who would be joining him. Calling today's decision an "illegal rollback," he described it as giving "Big Telecom an early Christmas present."

Washington state Attorney General Bob Ferguson also announced he would sue alongside Schneiderman and other attorneys general across the country, saying that he held "a strong legal argument" and that it was likely the government had failed to follow the law with this vote. Other officials from Santa Clara, California, including county supervisor Joe Simitian, are also suing the FCC to block the decision. "We believe the depth of your ideas should outweigh the depths of your pockets," Simitian said at a press conference.

State Sen. Scott Wiener (D-CA) announced plans to introduce a bill to adopt net neutrality as a requirement in his state. He wrote in a Medium post, "If the FCC won't stand up for a free and open internet, California will."

Rep. Mike Coffman (R-CO) tweeted that he will be submitting net neutrality legislation, saying that this was a decision better left to Congress. Coffman was the first Republican to ask the FCC to delay the vote, citing "unanticipated negative consequences" on Tuesday. Furthermore, Sen. Bernie Sanders (D-VT) and Sen. Brian Schatz (D-HI) are supporting Sen. Ed Markey's (D-MA) plan to introduce a Congressional Review Act resolution to undo the FCC vote. Even Rep. Marsha Blackburn (R-TN), who had previously announced on Twitter her support for Ajit Pai and the FCC, tweeted a video, saying, "We will codify the need for no blocking, no throttling, and making certain that we preserve that free and open internet." We're likely to see many others express their disappointment with the FCC's decision over the next few hours and days.

wiredmikey writes: A new piece of malware designed to target industrial control systems (ICS) has been used in an attack aimed at a critical infrastructure organization, FireEye said on Thursday. The malware, which has been dubbed "Triton," is designed to target Schneider Electric's Triconex Safety Instrumented System (SIS) controllers, which are used to monitor the state of a process and restore it to a safe state or safely shut it down if parameters indicate a potentially hazardous situation. The investigation found that the attackers shut down operations after causing the SIS controllers to initiate a safe shutdown, but they may have done it inadvertently while trying to determine how they could cause physical damage.

An anonymous reader quotes a report from EFF: EFF is fighting another attempt by a giant corporation to take advantage of our poorly drafted federal computer crime statute for commercial advantage -- without any regard for the impact on the rest of us. This time the culprit is LinkedIn. The social networking giant wants violations of its corporate policy against using automated scripts to access public information on its website to count as felony "hacking" under the Computer Fraud and Abuse Act, a 1986 federal law meant to criminalize breaking into private computer systems to access non-public information.

EFF, together with our friends DuckDuckGo and the Internet Archive, have urged the Ninth Circuit Court of Appeals to reject LinkedIn's request to transform the CFAA from a law meant to target "hacking" into a tool for enforcing its computer use policies. Using automated scripts to access publicly available data is not "hacking," and neither is violating a website's terms of use. LinkedIn would have the court believe that all "bots" are bad, but they're actually a common and necessary part of the Internet. "Good bots" were responsible for 23 percent of Web traffic in 2016. Using them to access publicly available information on the open Internet should not be punishable by years in federal prison. LinkedIn's position would undermine open access to information online, a hallmark of today's Internet, and threaten socially valuable bots that journalists, researchers, and Internet users around the world rely on every day -- all in the name of preserving LinkedIn's advantage over a competing service. The Ninth Circuit should make sure that doesn't happen.

An anonymous reader shares a report: It's been a bad week for two of the world's biggest vendors of enterprise hardware and software -- Fortinet and Palo Alto Networks. The worst of the bunch is a credentials leak affecting Fortinet's FortiClient, an antivirus product provided by Fortinet for both home and enterprise-level clients. Researchers from SEC Consult said in an advisory released this week that they've discovered a security issue that allows attackers to extract credentials for this VPN client. The second major security issue disclosed this week affects firewall products manufactured by Palo Alto Networks and running PAN-OS, the company's in-house operating system. Security researcher Philip Pettersson discovered that by combining three vulnerabilities together, he could run code on a Palo Alto firewall from a remote location with root privileges.

Margaret Harding McGill, reporting for Politico: The Federal Communications Commission's own chief technology officer expressed concern Wednesday about Republican Chairman Ajit Pai's plan to repeal the net neutrality rules, saying it could lead to practices that are "not in the public interest." In an internal email to all of the FCC commissioner offices, CTO Eric Burger, who was appointed by Pai in October, said the No. 1 issue with the repeal is concern that internet service providers will block or throttle specific websites, according to FCC sources who viewed the message. "Unfortunately, I realize we do not address that at all," Burger said in the email. "If the ISP is transparent about blocking legal content, there is nothing the [Federal Trade Commission] can do about it unless the FTC determines it was done for anti-competitive reasons. Allowing such blocking is not in the public interest."