Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

The White House Open Sources President Obama's Facebook Messenger Bot To 'Bring the Gov't To You' ( 37

The White House has open sourced the code for President Obama's Facebook Messenger bot in a hope that this will help other governments and developers build similar services. These services will ideally foster similar connections with their citizens with significantly less upfront investment. From the official post: It's also an important part of furthering our mission to "meet the public where they are." Millions of people contact their friends and family using Facebook Messenger. Why shouldn't they be able to contact the White House, too? And President Obama really reads these messages. Since 2009, he's made it part of his daily routine to read 10 letters sent to him by citizens -- something he refers to as the best part of his day. [...] To be specific, we are open-sourcing a Drupal module, complete with easy steps and boiler plate code. This will enable Drupal 8 developers to quickly launch a Facebook Messenger bot. We also left a few lines in the repository describing our hopes for the future of the code and encouraging members of the developer community to get involved.
Electronic Frontier Foundation

EFF Co-Founder Announces Benefit Concert to Pay His Medical Bills ( 194

An anoymous Slashdot reader reports: "I was dead for about 8 mins. on Wed. eve," EFF co-founder John Perry Barlow posted last year on Facebook. "total cardiac arrest...sad to report, no Ascending Light." The cyber-rights activist told the San Francisco Chronicle that he had gone "down the tunnel of eternity and it turned out to be a cheap carnival ride." He paused for a moment. "Probably not cheap, though."

Yesterday Barlow posted a Twitter update announcing a big benefit concert in Mill Valley, California to help pay his mounting medical bills on Monday, October 24th. Performers will include Bob Weir (also of The Grateful Dead), Jerry Harrison (of The Talking Heads), Lukas Nelson, Members of The String Cheese Incident, Sean Lennon and Les Claypool, plus 85-year-old folk singer Ramblin' Jack Elliott, as well as "special guests."

Barlow's family describes the last 18 months as a "medical incarceration" with "a dizzying array of medical events and complications" that has depleted his savings and insurance benefits. They've also set up a site for donations from "his fellow innovators, artists, cowboys, and partners-in-crime, to help us provide the quality of care necessary for Barlow's recovery."
United States

California City Converts Its Street Lights Into A High-Speed IoT Backbone ( 61

Harvard Law professor Susan Crawford describes how the city of Santa Monica installed its own high-speed IoT backbone on its street lights and traffic signals -- and why it's important. Neutral "micro" cell sites can make very high-capacity wireless transmissions available, competitively, to everyone (and every sensor) nearby. This can and should cause an explosion of options and new opportunities for economic growth, innovation, and human flourishing in general... Very few American cities have carried out this transmogrification, but every single one will need to. Santa a city that will be able to control its future digital destiny, because it is taking a comprehensive, competition-forcing approach to the transmission of data...

Cities that get control of their streetlights and connect them to municipally overseen, reasonably priced dark fiber can chart their own Internet of Things futures, rather than leave their destinies in the hands of vendors whose priorities are driven (rationally) by the desire to control whole markets and keep share prices and dividends high rather than provide public benefits.

Santa Monica's CIO warns that now telecoms "are looking for exclusive rights to poles and saying they can't co-locate [with their competitors]. They're all hiring firms to lock up their permits and rights to as many poles as possible, as quickly as possible, before governments can organize."

Google Reveals It Received Secret FBI Subpoena ( 61

An anonymous reader quotes a report from The Intercept: Google revealed Wednesday it had been released from an FBI gag order that came with a secret demand for its customers' personal information. The FBI secret subpoena, known as a national security letter, does not require a court approval. Investigators simply need to clear a low internal bar demonstrating that the information is "relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities." The national security letter issued to Google was mentioned without fanfare in Google's latest bi-annual transparency report, which includes information on government requests for data the company received from around the world in the first half of 2016. Google received the secret subpoena in first half of 2015, according to the report. An accompanying blog post titled "Building on Surveillance Reform," also identified new countries that made requests -- Algeria, Belarus, and Saudi Arabia among them -- and reveals that Google saw an increase in requests made under the Foreign Intelligence Surveillance Act. But Google in its short blog post did not publish the contents of the actual letter the way other companies, including Yahoo, have done in recent months. Asked about plans to release the national security letter, a Google spokesperson told The Intercept it will release it, though it wouldn't say when or in what form it will do so. Google hasn't previously published any national security letters, though it's possible gag orders for prior demands are still in place. It's also unclear why Google wouldn't immediately publish the document -- unless the gag is only partially lifted, or the company is involved in ongoing litigation to challenge the order, neither of which were cited as reasons for holding it back

Hackers Hit 6,000 Sites On Active 18-Month Carding Spree ( 39

mask.of.sanity writes from a report via The Register: Hackers have installed skimming scripts on more than 6,000 online stores and are adding 85 each day in a wide-scale active operation that may have compromised hundreds of thousands of credit cards. The malware is infecting stores (full list) running vulnerable versions of the Magento ecommerce platform, and also compromised the U.S. National Republican Senatorial Committee store. "Given that there are [about] 5,900 other skimmed stores, and the malpractice has been going on since at least May last year, I would expect the number of stolen cards in the hundreds of thousands," said Dutch developer Willem de Groot. You can read his blog post to learn more.

Top Democrats Request FBI Investigation of Trump Campaign Ties To Russia Over Hacking ( 491

As the Trump campaign refuses to point blame at Russia for the DNC hacks, top democrats on four House committees are questioning possible connections between Donald Trump's presidential campaign and Russia. They have formally asked the FBI to investigate the matter, citing new comments from a Trump confidant. Politico reports: "Troubling new evidence appears to show that the Trump campaign not only was aware of cyber attacks against Secretary [Hillary] Clinton's campaign chairman, but was openly bragging about it as far back as August," said Reps. Elijah Cummings from Government Affairs, John Conyers from Judiciary, Eliot Engel from Foreign Affairs and Bennie Thompson from Homeland Security. "For months, we have been asking the FBI to examine links between the Trump campaign and illegal Russian efforts to affect our election, including interviewing Trump advisor Roger Stone," they said. "In light of this new evidence -- and these exceptional circumstances -- we call on the FBI to fully investigate and explain to the American people what steps it is taking to disrupt this ongoing criminal activity." Earlier this week Stone said that "I do have a back-channel communication with Assange," referring to WikiLeaks founder Julian Assange, whose organization has been dropping documents online from Hillary Clinton campaign chairman John Podesta, and has been unloading documents from other Democrats as well. U.S. intelligence agencies last week declared that a connection exists between Russia and allegedly hacked documents leaked by WikiLeaks and others.

Shadow Warrior 2 Developers Say DRM Is a Waste of Time ( 99

zarmanto writes: Ars Technica reports that one particular game studio might finally get it, when it comes to DRM'ed game content. They're publishing their latest game, Shadow Warrior 2, with no DRM protection at all. From the article: "We don't support piracy, but currently there isn't a good way to stop it without hurting our customers," Flying Wild Hog developer Krzysztof "KriS" Narkowicz wrote on the game's Steam forum (in response to a question about trying to force potential pirates to purchase the game instead). "Denuvo means we would have to spend money for making a worse version for our legit customers. It's like the FBI warning screen on legit movies." Expanding on those thoughts in a recent intervew with Kotaku, Narkowicz explained why he felt the DRM value proposition wasn't worth it. "Any DRM we would have needs to be implemented and tested," he told Kotaku. "We prefer to spend resources on making our game the best possible in terms of quality, rather than spending time and money on putting some protection that will not work anyway." "The trade-off is clear," Flying Wild Hog colleagues Artur Maksara and Tadeusz Zielinksi added. "We might sell a little less, but hey, that's the way the cookie crumbles! We hope that our fans, who were always very supportive, will support us this time as well," Zielinski told Kotaku. "...In our imperfect world, the best anti-pirate protection is when the games are good, highly polished, easily accessible and inexpensive," Maksara added.

Android Trojan Asks Victims To Submit a Selfie Holding Their ID Card ( 25

An anonymous reader writes from a report via Softpedia: Untrained and gullible Android users are now the target of an Android banking trojan that asks them to send a selfie holding their ID card. The trojan, considered the most sophisticated Android trojan known today, is named Acecard, and this most recent version has been detected only in Hong Kong and Singapore for now. The purpose of requiring a selfie of the victim holding his/her ID card is for the crook to prove himself when making fraudulent bank transactions, calling tech support posing as the victim, or for taking over social media accounts for Facebook or Twitter, which often require ID scans in the case of account takeover disputes. The report adds: "A previous version of the Acecard trojan hid inside a Black Jack game delivered via the official Google Play Store. In the most recent version of this threat, security experts from McAfee have found a new version of the Acecard trojan hidden inside all sorts of apps that pose as Adobe Flash Player, pornographic apps, or video codecs. All of these apps are distributed outside of the Play Store and constantly pester users with permission requirement screens until they get what they want, which is administrator rights. Once this step is achieved, the trojan lays in hiding until the user opens a specific app. McAfee experts found that when the user opens the Google Play app, the trojan springs a new social engineering trap."

Russia Builds Microwave Weapon To Take Down Enemy Drones ( 154

An anonymous reader writes: The Russian government is backing a military research project to develop a powerful microwave-based weapon designed to take out unmanned enemy drones from up to half a mile away. The country's United Instrument Manufacturing Corporation (UIMC) created the microwave gun specifically to disrupt the electronics of enemy missiles. Using the ultra-high frequency waves the weapon can completely disable aircraft communications, resulting in loss of control. The destructive rays, which belong to a group of warfare technologies known as directed-energy weapons (DEW), will be emitted from surface-to-air Buk missile systems. Military analyst Alexander Perendzhiyev noted that the new weapon would be particularly effective against systems carrying microelectronic equipment. He also suggested that the impact of the radio-electronic waves could even be deadly to humans -- and referred to potential use against terrorists.

DHS Warns of Mirai Botnet Threat To Cellular Modems ( 21

chicksdaddy writes from a report via The Security Ledger: The Mirai malware that is behind massive denial of service attacks involving hundreds of thousands of "Internet of Things" devices may also affect cellular modems that connect those devices to the internet, the Department of Homeland Security (DHS) is warning. An alert issued by DHS's Industrial Control System CERT on Wednesday warned that cellular gateways manufactured by Sierra Wireless are vulnerable to compromise by the Mirai malware. While the routers are not actively being targeted by the malware, "unchanged default factory credentials, which are publicly available, could allow the devices to be compromised," ICS-CERT warned. The alert comes after a number of reports identified devices infected with the Mirai malware as the source of massive denial of service attacks against media websites like Krebs on Security and the French hosting company OVH. The attacks emanated from a global network of hundreds of thousands of infected IP-enabled closed circuit video cameras, digital video recorders (DVRs), network video recorders (NVRs) and other devices. Analysis by the firm Imperva found that Mirai is purpose-built to infect Internet of Things devices and enlist them in distributed denial of service (DDoS) attacks. The malware searches broadly for insecure or weakly secured IoT devices that can be remotely accessed and broken into with easily guessed (factory default) usernames and passwords. The report adds: "Sierra said in an alert that the company has 'confirmed reports of the 'Mirai' malware infecting AirLink gateways that are using the default ACEmanager password and are reachable from the public internet.' Sierra Wireless LS300, GX400, GX/ES440, GX/ES450, and RV50 were identified in the bulletin as vulnerable to compromise by Mirai. Furthermore, devices attached to he gateway's local area network may also be vulnerable to infection by the Mirai malware, ICS-CERT warned. Sierra Wireless asked affected users to reboot their gateway. Mirai is memory resident malware, meaning that is erased upon reboot. Furthermore, administrators were advised to change the password to the management interface by logging in locally, or remotely to a vulnerable device."

President Obama Orders Government To Plan For 'Space Weather' ( 169

An anonymous reader quotes a report from Network World: President Barack Obama today issued an Executive Order that defines what the nation's response should be to a catastrophic space weather event that takes out large portions of the electrical power grid, resulting in cascading failures that would affect key services such as water supply, healthcare, and transportation. The Executive Order ideally will coordinate the responses across government agencies such as NASA, the Departments of Homeland Security, Energy and others to help minimize economic loss and save lives by enhancing national security, identifying successful mitigation technologies, and ordering the creation of nationwide response and recovery plans and procedures, the White House stated. Further, the Executive Order will enhance the scientific and technical capabilities of the United States, including improved prediction of space-weather events and their effects on infrastructure systems and services. By this action, the Federal Government will lead by example and help motivate State and local governments, and other nations, to create communities that are more resilient to the hazards of space weather. The Executive Order reinforces the formal National Space Weather Strategy and accompanying Action Plan which were announced last year. It also bolsters other work such as the replacement of aging satellites that monitor and help forecast space weather, proposing space-weather standards for both the national and international air space, development of regulations to ensure the continued operation of the electric grid during an extreme space weather event, proposing a new option for replacing crucial Extra High Voltage (EHV) transformers damaged by space weather, and developing domestic production sources for EHV transformers, the White House wrote.

Ken Bone May Have Violated FTC Guidelines With Uber Tweet ( 95

An anonymous reader quotes a report from VICE News: In a lot of ways, unlikely presidential debate star Ken Bone is a marketer's dream. He is undecided on his political leanings (for now), inoffensive, instantly recognizable, and affable on TV and social media. So it makes sense that Uber asked him to send a promotional tweet for this week's launch of Uber's black car uberSELECT service in St. Louis, site of the debate Sunday night that launched him to fame. But there's one problem: Bone may have violated Federal Trade Commission guidelines for advertising on social media by not marking his tweet as an ad or mentioning that Uber paid him for making the tweet. "[The tweet] needs to disclose that he was compensated," said lawyer Rick Kurnit, of Frankfurt, Kurnit, Klein + Salz PC. "He and Uber are in violation of FTC guidelines, because Uber is also responsible for what their influencers do." The guidelines that Kurnit is referencing are pretty straightforward, and the FTC offers specific advice for how to craft sponsored posts on Twitter. "The FTC isn't mandating the specific wording of disclosures," an FTC guidelines FAQ states. "However the words 'Sponsored' and 'Promotion' use only 9 characters. 'Paid ad' only uses 7 characters. Starting a tweet with 'Ad:' or '#ad' -- which takes only 3 characters -- would likely be effective." Kurnit added that while the FTC "doesn't like" using simple hashtags for disclosures, he agrees that it might have sufficed. When VICE News initially reached out to Uber asking whether Bone was paid for the tweet, a spokesperson said the company is "providing him with Uber credit for his role in the launch." And although Bone and Uber wouldn't be fined for violating the FTC Act (Section 5 of which prohibits "deceptive advertising"), the guidelines say that "law enforcement actions can result in orders requiring the defendants in the case to give up money they received from their violations."

Android Devices That Contain Foxconn Firmware May Have a Secret Backdoor ( 95

An anonymous reader writes from a report via Softpedia: Some Android devices that contain firmware created by Foxconn may be vulnerable via a debugging feature left inside the bootloader, which acts as a backdoor and bypasses authentication procedures for any intruder with USB access to a vulnerable phone. By sending the "reboot-ftm" command to Android devices that contain Foxconn firmware, an attacker would authenticate via USB, and boot the device, running as root with SELinux disabled. There isn't a list of affected devices available yet, but Jon Sawyer, the researchers that discovered this hidden command, provides instructions on how to detect if a phone is affected. "Due to the ability to get a root shell on a password protected or encrypted device, Pork Explosion would be of value for forensic data extraction, brute forcing encryption keys, or unlocking the boot loader of a device without resetting user data. Phone vendors were unaware this backdoor has been placed into their products," Sawyer says.

Verizon Believes Yahoo Email Hacking 'Material,' Could Affect Deal ( 14

In the aftermath of disclosure of a mega-breach at Yahoo which affects over 500 million users, Verizon may be looking at a way out of Yahoo's $4.83 billion acquisition deal. From a Reuters report: The company has a "reasonable basis" to believe that Yahoo's massive data breach of at least 500 million email accounts represents a material impact that could allow Verizon to withdraw from its $4.83 billion deal to buy Yahoo. Silliman told reporters that the data breach could trigger a clause that could allow Verizon to withdraw from the deal. "I think we have a reasonable basis to believe right now that the impact is material and we're looking to Yahoo to demonstrate to us the full impact. If they believe that it's not then they'll need to show us that," he said.

4Chan Hackers Claim To Have Remotely Wiped John Podesta's iPhone and iPad ( 269

An anonymous reader writes from a report via Gizmodo: For the past several days, WikiLeaks has been publishing thousands of emails belonging to Clinton campaign chairman John Podesta -- and the leaks are starting to cause some serious damage. Gizmodo reports: "Many of the leaked emails contained contact info, cell phone numbers, and account data, none of which was redacted by Wikileaks before being posted. With this information accessible to anyone with the time and energy to read through it all, users on 4chan's /pol/ (politically incorrect) board were able to gain access to Podesta's Twitter account, tweeting a message in support of Trump. Imageboard posters also stumbled on an email containing Podesta's Apple ID -- and appear to have exploited it. 'iPad/iPhone info and data wiped out,' a post on Endchan claimed, show screenshots of what seems to be the hacker gaining access to Find My iPhone using Podesta's credentials. If Podesta's Apple ID was compromised, it stands to reason that his iCloud account was similarly vulnerable. And sure enough, Redditor's on r/The_Donald claim Podesta's iCloud data was downloaded. A hacker known as CyberZeist also appears to have uncovered the passwords to dozens of senators' email addresses, as well as social security numbers and credit card info for many Democrats including Vice President Joe Biden, Senate Minority Leader Harry Reid, House Minority Leader Nancy Pelosi, and acting Chair of the DNC Donna Brazile. The information was posted to pastebin.
PlayStation (Games)

You Can Now Claim Your Cash In the PS3 'Other PS3' Settlement ( 85

If you've purchased a "fat" PlayStation 3 before April of 2010, you can now claim up to $55 as part of the settlement over the removal of the console's "Other OS" feature. PS3 owners with proof of purchase or evidence of a PSN sign-in from the system can receive $9 from the company. However, if you've used the "Other OS" feature to install Linux on your PS3, you can receive $55. The online claim form can be found here. Ars Technica reports: The opening of claims after a long legal saga that began in March of 2010, when Sony announced it would be removing the "Other OS" feature from the PS3. Sony claimed it was a security concern, but many class-action lawsuits filed in 2010 alleged the company was more worried about software piracy. While one lawsuit over the matter was dismissed by a judge in 2011, another worked its way through the courts until June, when Sony finally decided to settle. Though the company doesn't admit any wrongdoing, it puts itself on the hook for payments to up to 10 million PS3 owners. Note to those affected: "Claims are due by December 7, and payments should be sent out early next year pending final approval of the settlement."

Beijing Said Facebook and Google Are Welcome Back To China as Long as They 'Respect China's Laws' ( 77

Will Facebook and Google come back to China? The Chinese government says they can, as long as they "respect China's laws." From a Quartz report: Yesterday at a press conference held in preparation for the upcoming World Internet Conference, a Bloomberg reporter asked Ren Xianliang, deputy director of the Cyberspace Administration of China (which oversees internet governance) if the government would permit the two American internet giants to re-enter China. Both companies still have business-facing services in China, but Google effectively closed its consumer-facing search engine there in 2010, and authorities have blocked Facebook's social network since 2009. To this, Ren said, "China's internet development has always maintained a policy of openness. As for foreign internet companies, as long as they respect China's laws, don't harm the interests of the country, and don't harm the interests of consumers, we welcome them to enter China, where they can together share the benefits of China's developing internet."

RIAA Seizes Wrong MP3Skull Domain ( 49

Reader AmiMoJo writes: In its continued quest to keep the Internet piracy-free, the RIAA has seized the domain name of yet another MP3Skull site. However, it appears that their most recent target has nothing to do with the original service. Earlier this year a Florida federal court issued a permanent injunction which allowed the RIAA to take over the site's domain names. Despite the million dollar verdict MP3Skull continued to operate for several months, using a variety of new domain names, which were subsequently targeted by the RIAA's legal team. Now, an unrelated YouTube converter, has also been seized.
The Internet

Dutch Net Neutrality Law Goes Too Far Say Critics ( 181

An anonymous reader writes: The Dutch Senate has passed the revised Net Neutrality Law as part of an amendment to the country's Telecommunications Act. The strict new law seeks to ensure that telcos and ISPs treat all internet traffic equally and cannot favor one internet app or service over another. Opponents, however, say the legislation, which was approved by the lower house of parliament in May this year, is overly severe and is out of line with the EU's own open internet standards. Afke Schaart, Vice President Europe at mobile industry body the GSMA, commented: 'We are greatly disappointed with the outcome of today's vote. We believe that the Dutch Net Neutrality Law goes far beyond the intent of the EU regulation. We therefore call on the European Commission to ensure the harmonised implementation of Europe's Open Internet rules.' The GSMA says the tighter laws in the Netherlands will 'hinder development of innovative services and consumer choice'.

Foreign Investors Sue Toshiba Over Accounting Scandal ( 17

A group of investors, mostly foreign institutions, are suing Toshiba in a Tokyo court for 16.7 billion yen ($162.3 million) in damages, over a $1.3 billion accounting scandal uncovered last year. Reuters adds: Toshiba said in a statement on Thursday that the 45 unnamed shareholders were seeking compensation for damages caused by its "inappropriate accounting". It will take an unspecified provision to cover any eventual payout, Toshiba said. The laptops-to-nuclear conglomerate has been sued by 15 groups and individuals since it first admitted to reporting inflated profits going back to 2008, including Japan's public pension fund. GPIF, the world's biggest pension fund, has been shifting into shares to attempt to boost returns. Thursday's case, however, is the largest - the remaining suits are seeking a combined 15.3 billion yen in compensation. Toshiba is still overcoming the reputational and share price hit of an investigation last year that found widespread accounting errors throughout its sprawling business, blaming a corporate culture in which employees found it difficult to question their superiors.

Slashdot Top Deals