Leap Towards a Career in Ethical Hacking with 60+ Hours of Prep Toward CISM, CISA, & More Certification Exams at 95% off ×

Comcast Users Must Now Pay $50 Per Month Extra To Avoid Caps (dslreports.com) 146

Karl Bode, reporting for DSLReports: In a letter being sent to Comcast customers in usage capped markets, the company says that with the recent announcement of usage caps being bumped to 1 terabyte, the company is also capping the amount of additional charges capped users can incur -- to $200 in a single month. As it stands, customers that cross the 1 terabyte limit face overage fees of $10 per each additional 50 GB consumed. But under the revised plans, customers have to pay $50 (up from $30 to $35) extra per month to avoid usage caps entirely. "Because you are an unlimited data customer, we will maintain your current rate of $35 until the end of 2016," the letter reads. Comcast's recent decision to bump their caps to 1 terabyte weren't driven by altruism. With the FCC preventing Charter from imposing caps for seven years as a merger condition, the agency has signaled that it may start getting more serious about cracking down on usage caps in the broadband market.

Tor To Use Distributed RNG To Generate Truly Random Numbers (softpedia.com) 108

An anonymous reader quotes a report from Softpedia: Tor developers have been working on the next iteration of the Tor network and its underbelly, the Onion routing protocol, in order to create a stronger, harder-to-crack anonymous communications system. To advance the project, the developer team schedules brainstorming and planning meetings at regular intervals. The most recent of these meetings took place last week, in Montreal, Canada. In this session, the team tested the next generation of the Tor network working on top of a revamped Onion protocol that uses a new algorithm for generating random numbers, never before seen on the Internet. The Tor Project says it created something it calls "a distributed RNG" (random number generator) that uses two or more computers to create random numbers and then blends their outputs together into a new random number. The end result is something that's almost impossible to crack without knowing which computers from a network contributed to the final random number, and which entropy each one used. Last week, two University of Texas academics have made a breakthrough in random number generation. The work is theoretical, but could lead to a number of advances in cryptography, scientific polling, and the study of various complex environments such as the climate.

FCC Formalizes Massive Fines For Selling, Using Cell-Phone Jammers (networkworld.com) 99

An anonymous reader quotes a report from Network World: Two years ago the FCC announced its intention to fine a Chinese electronics maker $34.9 million and a Florida man $48,000 for respectively selling and using illegal cell-phone jammers. Today the agency has issued press releases telling us that those fines have finally been made official, without either of the offending parties having bothered to mount a formal defense of their actions. From the press release announcing the fine against CTS. Technology: "[...] The company's website falsely claimed that some jammers had been approved by the FCC, and advertised that the company could ship signal jammers to consumers in the United States." The company did not respond to the FCC's allegations, although the agency does report that changes were made to its website that appear to be aimed at complying with U.S. law. Next up is Florida man, Jason R. Humphreys, who is alleged to have used a jammer on his commute: "Mr. Humphreys' illegal operation of the jammer continued for up to two years, caused interference to cellular service along Interstate 4, and disrupted police communications." Last Fall, a Chicagoan was arrested for using a cell-phone jammer to make his subway commute more tolerable.

No, Apple Won't Become a Wireless Carrier (fortune.com) 33

Don Reisinger, reporting for Fortune: Apple won't be competing with its carrier partners anytime soon. Speaking at Startup Fest Europe in Amsterdam during an interview on Tuesday, Apple CEO Tim Cook squashed rumors that his company is planning to eventually get into the cellular market to compete with the likes of AT&T and Verizon. "Our expertise doesn't extend to the network," Cook said. "We've worked with AT&T in the U.S., O2 in the U.K., as well as T-Mobile and Orange, and we expanded as we learned more. But generally, the things Apple likes to do, are things we can do globally. We don't have the network skill. We'll do some things along the way with e-SIMs along the way, but in general, I like the things carriers do."

China's Huawei Sues Samsung Claiming Mobile Patent Infringement (reuters.com) 44

An anonymous reader writes: Huawei said on Wednesday it has filed lawsuits against Samsung claiming infringement of smartphone patents, in the first such case by the Chinese firm against the world's biggest mobile maker. Huawei has filed lawsuits in the United States and China seeking compensation for what it said was unlicensed use of fourth-generation (4G) cellular communications technology, operating systems and user interface software in Samsung phones. The lawsuit marks a reversal of roles in China where firms have often been on the receiving end of patent infringement disputes. In smartphones, makers have grown rapidly in recent years but different intellectual property laws outside of China have slowed overseas expansion. "We hope Samsung will ... stop infringing our patents and get the necessary license from Huawei, and work together with Huawei to jointly drive the industry forward," Ding Jianxing, president of Huawei's Intellectual Property Rights Department, said.

Student Exposes Bad Police Encryption, Gets Suspended Sentence (podcrto.si) 172

An anonymous reader shares a story about Dejan Ornig, a security analyst in Slovenia who warned the Slovenian police department about vulnerabilities in their supposedly secure communication system TETRA in 2013. (Here's Google's English translation of the article, and the Slovenian original.) He discovered that the system, which was supposed to provide encrypted communication, was incorrectly configured. As a result lots of communication could be intercepted with a $25 piece of equipment and some software. To make matters worse, the system is not used just by the police, but also by the military, military police, IRS, Department of Corrections and a few other governmental institutions which rely on secure communications.

After waiting for more than two years for a reaction, from police or Ministry of Interior and getting in touch with security researchers at the prestigious institute Jozef Stefan, he eventually decided to go public with his story... The police and Ministry of interior then launched an internal investigation, which then confirmed Ornig's findings and revealed internal communications problems between the departments... Ornig has been subject to a house search by the police, during which his computers and equipment that he used to listen in on the system were seized. Police also found a "counterfeit police badge" during the investigation. All along Ornig was offering his help with securing the system.

On May 11th Ornig received a prison sentence of 15 months suspended for duration of three years, provided that he doesn't repeat any of the offenses for which he was found guilty (illegal access of the communications system). He can appeal this judgment.

United States

Civil Liberties Expert Argues Snowden Was Wrong (usnews.com) 208

An anonymous reader writes that in 2014, Geoffrey Stone was given access to America's national security apparatus as a member of the President's Review Group on Intelligence and Communications Technologies. Last week Stone, a staunch civil liberties supporter, moderated a live discussion with Edward Snowden from Russia, and this week he actually praised the NSA in a follow-up interview: "The more I worked with the NSA, the more respect I had for them as far as staying within the bounds of what they were authorized to do. And they were careful and had a high degree of integrity... I came to the view that [the programs] were well intentioned, that they were designed in fact to collect information for the purpose of ferreting out potential terrorist plots both in the U.S. and around the world and that was their design and purpose...

"I don't doubt that Snowden was courageous and did what he did for what he thought were good reasons. But I think he was unduly arrogant, didn't understand the limitations of his own knowledge and basically decided to usurp the authority of a democracy."

Meanwhile, a new documentary about Julian Assange opened at the Cannes film festival this week, revisiting how Wikileaks warned Apple that iTunes could be used as a backdoor for spies to infiltrate computers and phones.
The Internet

Netflix Launches Fast.com To Show How Fast Your Internet Connection Really Is (venturebeat.com) 172

Paul Sawers, writing for VentureBeat (condensed): Netflix really wants to show you how fast (or slow) your Internet connection is, and to do so it has launched a new website at Fast.com that conveys the real-time speed of your connection to the Web. It's designed to give people "greater insight and control of their Internet service." Netflix said it was for: Providing a website featuring non-downloadable software for testing and analyzing the speed of a user's Internet connection, as well as downloadable computer software for testing and analyzing the speed of a user's Internet connection.Compared to Speedtest.net, Fast.com doesn't offer any details on how fast is your upload speeds, what's the ping time, and any detail on location and ISP. However, it's seemingly faster, and automatically detects your download speeds when you visit the website.

It's Trivially Easy To Identify You Based On Records of Your Calls and Texts (dailydot.com) 37

Reader erier2003 shares an article on Daily Dot: Contrary to the claims of America's top spies, the details of your phone calls and text messages -- including when they took place and whom they involved -- are no less revealing than the actual contents of those communications. In a study published online Monday in the journal Proceedings of the National Academy of Sciences, Stanford University researchers demonstrated how they used publicly available sources -- like Google searches and the paid background-check service Intelius -- to identify "the overwhelming majority" of their 823 volunteers based only on their anonymized call and SMS metadata. The results cast doubt on claims by senior intelligence officials that telephone and Internet "metadata" -- information about communications, but not the content of those communications -- should be subjected to a lower privacy threshold because it is less sensitive. Contrary to those claims, the researchers wrote, "telephone metadata is densely interconnected, susceptible to reidentification, and enables highly sensitive inferences."IEEE has more details.

Linksys WRT Routers Won't Block Open Source Firmware, Despite FCC Rules (arstechnica.com) 113

The FCC requires all manufacturers to prevent users from having any direct ability to change RF parameters (frequency limits, output power, country codes, etc). The easiest way for a router manufacturer to comply with FCC's guideline is to block the open source router firmware -- which is what TP-Link has been doing. But thankfully, at least one router manufacturer doesn't think blocking the firmware is the right way to go about it. Ars Technica reports: Linksys has been collaborating with chipmaker Marvell and the makers of OpenWrt to make sure its latest WRT routers can comply with the new rules without blocking open source firmware, company officials told Ars. Linksys' effort stands in contrast with TP-Link, which said it would entirely prevent loading of open source firmware on its routers to satisfy the new Federal Communications Commission requirements. "They're named WRT... it's almost our responsibility to the open source community," Linksys router product manager Vince La Duca told Ars. Cybersecurity experts have urged the router manufacturers to not block open source firmware.

Oregon ISP Now Forcing Cordcutters to Sign up For TV to Avoid Caps (dslreports.com) 175

An anonymous reader writes: Oregon ISP BendBroadband has revised its usage-based broadband policies to favor customers that subscribe to TV services as well. According to a blog post by the company, Bend is deploying a number of new speed upgrades, including new Ultra 50, Ultra 100 and Ultra 300 Mbps speed tiers. The company is telling users on its Bronze and Silver Internet plans that they should be eligible for a free upgrade later this month. But another post adds a different wrinkle: Bend says it's removing its current usage caps if you bundle TV and phone service. These caps have historically ranged from 150 to 500 GB. "Customers who subscribe to Bronze or above internet (including Silver, Gold and Platinum) and Essentials or above TV (including Preferred, Preferred Plus and The Works) are no longer limited on data usage and will no longer pay overage fees," says the company.The report cites similar practices by other ISPs, suggesting that it's quickly becoming an industry standard.

Huawei Prepares For Robot Overlords and Communication With the Dead (bloomberg.com) 114

An anonymous reader shares a report on Bloomberg: Chinese technology giant Huawei is preparing for a world where people live forever, dead relatives linger on in computers and robots try to kill humans. Kevin Ho, president of its handset product line said his company used science fiction movies like "The Matrix" to envision future trends and new business ideas. "Hunger, poverty, disease or even death may not be a problem by 2035, or 25 years from now," he said. "In the future you may be able to purchase computing capacity to serve as a surrogate, to pass the baton from the physical world to the digital world." He described a future where children could use apps like WeChat (Editor's note: WeChat is a popular instant messaging app in China and other Asian markets) to interact with dead grandparents, thanks to the ability to download human consciousness into computers.For those unaware, Huawei is a major Chinese conglomerate. The company, known for its network equipment, last year got some spotlight for its Nexus 6P smartphone.

FTC Orders Apple, Google, Microsoft, BlackBerry, Samsung To Divulge Mobile Security Practices (networkworld.com) 74

coondoggie quotes a report from Networkworld: The Federal Trade Commission today said it issued a 10-page letter to eight leading players in the mobile communications arena requiring them to tell the agency how they issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices. Apple, BlackBerry, Google, HTC America, LG Electronics, Microsoft, Motorola Mobility, and Samsung must provide the following: The factors that they consider in deciding whether to patch a vulnerability on a particular mobile device, detailed data on the specific mobile devices they have offered for sale to consumers since August 2013, the vulnerabilities that have affected those devices, and whether and when the company patched such vulnerabilities.

4Mbps Still The Standard For One Govt Broadband Grant Program (arstechnica.com) 107

An anonymous reader cites an Ars Technica report: Four U.S. senators say that the Internet speed standard for a government grant program shouldn't be stuck at 4Mbps. The Community Connect program run by the US Department of Agriculture (USDA) funds broadband deployment in rural communities, but it uses a speed standard of just 4Mbps downstream and 1Mbps upstream. Even that speed is an increase over the 3Mbps (download and upload combined) standard the program used until just a few weeks ago. US Senators Angus King (I-Maine), Shelley Moore Capito (R-W.Va.), Jeanne Shaheen (D-N.H.), and Kirsten Gillibrand (D-N.Y.) say that the USDA didn't raise the standard high enough. In a letter last week to USDA Secretary Tom Vilsack, the senators questioned the decision to set the grant program's speed threshold below the 10Mbps/1Mbps standard used by a separate USDA loan program. "Earlier this month, USDA upped broadband speed requirements for the Broadband Access Loan Program to 10Mbps, while Community Connect was only upped to 4Mbps," the senators noted. "In order to maintain the programs' relevance in an age of rapidly increasing demand for bandwidth, we strongly urge you to consider updating their broadband speed definitions, particularly the Community Connect Program's Minimum Broadband Service benchmark."
The Courts

Are US Courts 'Going Dark'? (justsecurity.org) 163

An anonymous reader writes: Judge Stephen Wm. Smith argues that questions about the government's "golden age of surveillance" miss an equally significant trend: that the U.S. Courts are "going dark". In a new editorial, he writes that "Before the digital age, executed search warrants were routinely placed on the court docket available for public inspection," but after the Electronic Communications Privacy Act of 1986, more than 30,000 secret court surveillance orders were given just in 2006. He predicts that today's figure is more than double, "And those figures do not include surveillance orders obtained by state and local authorities, who handle more than 15 times the number of felony investigations that the feds do. Based on that ratio, the annual rate of secret surveillance orders by federal and state courts combined could easily exceed half a million."

Judge Smith also cites an increase in cases -- even civil cases -- that are completely sealed, but also an increase in "private arbitration" and other ways of resolving disputes which are shielded from the public eye. "Employers, Internet service providers, and consumer lenders have led a mass exodus from the court system. By the click of a mouse or tick of a box, the American public is constantly inveigled to divert the enforcement of its legal rights to venues closed off from public scrutiny. Justice is becoming privatized, like so many other formerly public goods turned over to invisible hands -- electricity, water, education, prisons, highways, the military."

The judge's conclusion? "Over the last 40 years, secrecy in all aspects of the judicial process has risen to literally unprecedented levels. "

SpaceX Successfully Lands Its Rocket On A Floating Drone Ship Again (theverge.com) 150

Early Friday morning, SpaceX successfully landed its Falcon 9 rocket on a drone ship at sea for the second time. The company has recovered the post-launch vehicle a total of three times, two of which involved the rocket landing on a floating drone ship in the Atlantic Ocean. Before the launch, the landing was deemed unlikely as the rocket would be "subject to extreme velocities and re-entry heating" in its attempt to launch a Japanese communications satellite into a geostationary transfer orbit high above Earth. Elon Musk tweeted: "Rocket reentry is a lot faster and hotter than last time, so odds of making it are maybe even, but we should learn a lot either way." As a result of the successful mission, Musk followed up with, "May need to increase size of rocket storage hangar." The first successful launch was in December, when the rocket landed at a ground-based spaceport in Cape Canaveral, Florida. The second landing occurred in April on a floating drone ship in the Atlantic Ocean.

WhatsApp Blocked in Brazil for 72 Hours Over Data Dispute (techcrunch.com) 52

An anonymous reader cites an article on TechCrunch: WhatsApp, Facebook's messaging service that recently rolled out end-to-end encryption to its users, will be blocked in Brazil for 72 hours, starting this afternoon. A Brazilian judge ordered telecom providers in the country to block WhatsApp today in a dispute over access to encrypted data. Judge Marcel Montalvao has ordered WhatsApp to turn over chat records related to a drug investigation, but WhatsApp has argued that it cannot access the chats in an unencrypted form and therefore cannot provide the required records to the court. [...] This isn't Montalvao's first clash with WhatsApp, which boasts more than 100 million Brazilian users. The judge ordered the arrest of Facebook's vice president for Latin America, Diego Dzodan, in March. Facebook has said that WhatsApp operates with relative independence and that Dzodan has no control over WhatsApp data.American lawyer and journalist Glenn Greenwald said: "WhatsApp shut down again in Brazil as of 1 pm ET today: used by 100m people, 91% of those online: all from 1 judge."

Wireless Carriers To Adopt New Real-Time Text Protocol By December 2017 (engadget.com) 28

An anonymous reader quotes a report from Engadget: The FCC is ready to adopt a proposal that'll bring a new protocol to wireless networks to help people with disabilities communicate. It's called real-time text (RTT) and will be a replacement for the aging teletypewriter devices that let users transmit text conversations over traditional phone lines. According to the FCC's statement, RTT will "allow Americans who are deaf, hard of hearing, speech disabled or deaf-blind to use the same wireless communications devices as their friends, relatives and colleagues, and more seamlessly integrate into tomorrow's communications networks." The big differentiator for RTT over current, commonly-used text-based messaging systems is that RTT messages are sent immediately as they're typed. The RTT technology will let text users communicate with people on voice-based phones and vice versa; it can also work easily in your standard smartphone, eliminating the need for specialized equipment. The proposal calls for RTT to roll out over wireless networks run by "larger carriers" by December of 2017.

GCHQ Has Disclosed Over 20 Vulnerabilities This Year (vice.com) 29

Joseph Cox, reporting for Motherboard: Earlier this week, it emerged that a section of Government Communications Headquarters (GCHQ), the UK's signal intelligence agency, had disclosed a serious vulnerability in Firefox to Mozilla. Now, GCHQ has said it helped fix nearly two dozen individual vulnerabilities in the past few months, including in highly popular pieces of software like iOS. "So far in 2016 GCHQ/CESG has disclosed more than 20 vulnerabilities across a number of software products," a GCHQ spokesperson told Motherboard in an email. CESG, or the National Technical Authority for Information Assurance, is the information security wing of GCHQ. Those issues include a kernel vulnerability in OS X El Captain v10.11.4, the latest version, that would allow arbitrary code execution, and two in iOS 9.3, one of which would have done largely the same thing, and the other could have let an application launch a denial of service attack.

House Passes Email Privacy Act, Requiring Warrants For Obtaining Emails (techcrunch.com) 61

An anonymous reader quotes a report from TechCrunch: The U.S. House of Representatives has passed H.R. 699, the Email Privacy Act, sending it on to the Senate and from there, hopefully anyhow, to the President. The yeas were swift and unanimous. The bill, which was introduced in the House early last year and quickly found bipartisan support, updates the 1986 Electronic Communications Privacy Act, closing a loophole that allowed emails and other communications to be obtained without a warrant. It's actually a good law, even if it is arriving a couple of decades late. "Under current law, there are more protections for a letter in a filing cabinet than an email on a server," said Congresswoman Suzan Delbene during the debate period. An earlier version of the bill also required that authorities disclose that warrant to the person it affected within 10 days, or 3 if the warrant related to a government entity. That clause was taken out in committee -- something trade groups and some of the Representatives objected to as an unpleasant compromise.

Slashdot Top Deals