The Internet

House Panel Wants Google, Facebook, AT&T CEOs To Testify On Internet Rules (reuters.com) 34

The chairman of the U.S. House Energy and Commerce Committee on Tuesday asked the chief executives of Alphabet, Facebook, Amazon.com, AT&T, Verizon Communications and other companies to testify at a Sept. 7 hearing on the future of net neutrality rules. From a report: The U.S. Federal Communications Commission is considering tossing out 2015 Obama administration net neutrality rules that reclassified internet service like a public utility. The rules bar providers from blocking, slowing or offering paid prioritization of websites. Many internet providers want Congress to step in and write permanent rules. Other chief executives asked to testify include the heads of Comcast, Netflix and Charter. Some companies including Facebook said they were reviewing the letter but none immediately said if they will testify.
Businesses

Disastrous 'Pokemon Go' Event Leads To Mass Refunds (techcrunch.com) 194

thegarbz writes: A Pokemon Go Fest hosted in Chicago and attended by between 15-20,000 people has ended in disaster. The event was plagued by logistical issues resulting in 3+ hour long delays getting into Chicago's Grant Park... Those people who were lucky enough to get into the paid event were greeted with a completely overloaded cell network unable to cope with the number of people trying to get online at the same time. The occasional person who was able to connect experienced a never ending string of game-breaking bugs when attempting to catch the rare Pokemon created specifically for this event.
Gaming company Niantic finally just gave a rare Pokemon Go character to everyone who attended -- though one attendee still called it a "horrible, terrible day." The Kansas City Star reported some people had paid as much as $400 for their tickets -- which had sold out within minutes -- and that some attendees had even started lining up for the event at 6 a.m.
Communications

Ask Slashdot: Someone Else Is Using My Email Address 563

periklisv writes: I daily receive emails from adult dating sites, loan services, government agencies, online retailers etc, all of them either asking me to verify my account, or, even worse, having signed me up to their service (especially dating sites), which makes me really uncomfortable, my being a married man with children... I was one of the early lucky people that registered a gmail address using my lastname@gmail.com. This has proven pretty convenient over the years, as it's simple and short, which makes it easy to communicate over the phone, write down on applications etc. However, over the past six months, some dude in Australia (I live in the EU) who happens to have the same last name as myself is using it to sign up to all sorts of services...

I tried to locate the person on Facebook, Twitter etc and contacted a few that seemed to match, but I never got a response. So the question is, how do you cope with such a case, especially nowadays that sites seem to ignore the email verification for signups?

Leave your best answers in the comments. What would you do if someone else started giving out your email address?
Encryption

Let's Encrypt Criticized Over Speedy HTTPS Certifications (threatpost.com) 203

100 million HTTPS certificates were issued in the last year by Let's Encrypt -- a free certificate authority founded by Mozilla, Cisco and the Electronic Frontier Foundation -- and they're now issuing more than 100,000 HTTPS certificates every day. Should they be performing more vetting? msm1267 shared this article from Kaspersky Lab's ThreatPost blog: [S]ome critics are sounding alarm bells and warning that Let's Encrypt might be guilty of going too far, too fast, and delivering too much of a good thing without the right checks and balances in place. The primary concern has been that while the growth of SSL/TLS encryption is a positive trend, it also offers criminals an easy way to facilitate website spoofing, server impersonation, man-in-the-middle attacks, and a way to sneak malware through company firewalls... Critics do not contend Let's Encrypt is responsible for these types of abuses. Rather, because it is the 800-pound gorilla when it comes to issuing basic domain validation certificates, critics believe Let's Encrypt could do a better job vetting applicants to weed out bad actors... "I think there should be some type of vetting process. That would make it more difficult for malicious actors to get them," said Justin Jett, director of audit and compliance at Plixer, a network traffic analytics firm...

Josh Aas, executive director of the Internet Security Research Group, the organization that oversees Let's Encrypt, points out that its role is not to police the internet, rather its mission is to make communications secure. He added that, unlike commercial certificate authorities, it keeps a searchable public database of every single domain it issues. "When people get surprised at the number of PayPal phishing sites and get worked up about it, the reason they know about it is because we allow anyone to search our records," he said. Many other certificate authorities keep their databases of issued certificates private, citing competitive reasons and that customers don't want to broadcast the names of their servers... The reason people treat us like a punching bag is that we are big and we are transparent. "

The criticism intensified after Let's Encrypt announced they'd soon offer wildcard certificates for subdomains. But the article also cites security researcher Scott Helme, who "argued if encryption is to be available to all then that includes the small percent of bad actors. 'I don't think it's for Signal, or Let's Encrypt, to decide who should have access to encryption."
Government

Sean Spicer Resigns as White House Press Secretary After Objecting To Scaramucci Hire (cnbc.com) 542

CNBC reports: White House press secretary Sean Spicer abruptly resigned Friday after opposing President Donald Trump's appointment of Anthony Scaramucci as communications director. The president asked Spicer to stay in his role, but Spicer said appointing Scaramucci was a major mistake, The New York Times, citing a person with direct knowledge of the conversation. NBC News confirmed the resignation with two people familiar with the matter. Spicer tweeted later that he will continue to serve through August. White House chief of staff Reince Priebus was said to have advocated naming Spicer as press secretary. The two worked at the Republican National Committee before joining the administration. Following Spicer's resignation, Priebus said he supports Scaramucci "100 percent," according to news reports.
Encryption

Apple Flies Top Privacy Executives Into Australia To Lobby Against Proposed Encryption Laws (patentlyapple.com) 65

An anonymous reader quotes a report from Patently Apple: Last week Patently Apple posted a report titled "Australia proposed new Laws Compelling Companies like Facebook & Apple to Provide Access to Encrypted Messages." Days later, Australia's Prime Minister spoke about the encryption problem with the Australian press as noted in the video in our report. Now we're learning that Apple has flown in top executives to lobby Turnbull government on encryption laws. It sounds like a showdown is on the horizon. This is the second time this month that Apple has flown executives into Australia to lobby the government according to a Sydney publication. Apple executives met with Attorney-General George Brandis and senior staff in Prime Minister Malcolm Turnbull's office on Tuesday to discuss the company's concerns about the legal changes, which could see tech companies compelled to provide access to locked phones and third party messaging applications. Apple has argued in the meetings that as a starting point it does not want the updated laws to block tech companies from using encryption on their devices, nor for companies to have to provide decryption keys to allow access to secure communications. The company has argued that if it is compelled to provide a software "back door" into its phones to help law enforcement agencies catch criminals and terrorists, this would reduce the security for all users. It also says it has provided significant assistance to police agencies engaged in investigations, when asked. UPDATE 07/20/17: Headline has been updated to clarify that Apple is lobbying against the proposed encryption laws in Australia.
Crime

Authorities Take Down Hansa Dark Web Market, Confirm AlphaBay Takedown (bleepingcomputer.com) 40

An anonymous reader writes via Bleeping Computer: Today, in coordinated press releases, the U.S. Department of Justice (DOJ) and Europol announced the takedown of two Dark Web marketplaces -- AlphaBay and Hansa Market. First to fall was the Hansa Market after Dutch officers seized control over their servers located inside one of the country's hosting providers. Dutch Police seized Hansa servers on June 20, but the site was allowed to operate for one more month as officers gathered more evidence about its clientele. The Hansa honeypot received an influx of new users as the FBI shut down AlphaBay on July 5, a day after it took control over servers on July 4. Europol and the FBI say they collected mountains of evidence such as "usernames and passwords of thousands of buyers and sellers of illicit commodities" and "delivery addresses for a large number of orders." FBI Active Director McCabe said AlphaBay was ten times larger than Silk Road, with over 350,000 listings. In opposition, Silk Road, which authorities seized in November 2013, listed a meager 14,000 listings for illicit goods and services at the time authorities took down the service.
Government

FCC Says It Has No Documentation of Cyberattack That It Claims Happened (thehill.com) 54

An anonymous reader quotes a report from The Hill: The Federal Communications Commission (FCC) declined to reveal analysis proving that it was the victim of a cyberattack in May. The agency claimed at the time that its Electronic Comment Filing System (ECFS) did not actually crash because of a large amount of traffic on the site prompted by John Oliver telling viewers to file comments in favor of net neutrality on his HBO show, Last Week Tonight. Instead, the FCC said that the ECFS went down as a result of a DDoS attack. In its response to Gizmodo's FOIA request, the FCC said that the attack "did not result in written documentation." "Based on a review of the logs, we have already provided a detailed description of what happened. We stand by our career IT staff's analysis of the evidence in our possession," an FCC spokesperson said when asked for comment on the matter.
Mars

SpaceX Pulls the Plug On Its Red Dragon Plans (arstechnica.com) 160

SpaceX has largely confirmed the rumors that the company is no longer planning to send an uncrewed version of its Dragon spacecraft to Mars in 2020, or later. Ars Technica reports: The company had planned to use the propulsive landing capabilities on the Dragon 2 spacecraft -- originally developed for the commercial crew variant to land on Earth -- for Mars landings in 2018 or 2020. Previously, it had signed an agreement with NASA to use some of its expertise for such a mission and access its deep-space communications network. On Tuesday, however, during a House science subcommittee hearing concerning future NASA planetary science missions, Florida Representative Bill Posey asked what the agency was doing to support privately developed planetary science programs. Jim Green, who directs NASA's planetary science division, mentioned several plans about the Moon and asteroids, but he conspicuously did not mention Red Dragon. After this hearing, SpaceX spokesman John Taylor didn't return a response to questions from Ars about the future of Red Dragon. Then, during a speech Wednesday at the International Space Station Research and Development Conference, Musk confirmed that the company is no longer working to land Dragon propulsively for commercial crew.

"Yeah, that was a tough decision," Musk acknowledged Wednesday with a sigh. "The reason we decided not to pursue that heavily is that it would have taken a tremendous amount of effort to qualify that for safety for crew transport," Musk explained Wednesday. "There was a time when I thought the Dragon approach to landing on Mars, where you've got a base heat shield and side mounted thrusters, would be the right way to land on Mars. But now I'm pretty confident that is not the right way." Musk added that his company has come up with a "far better" approach to landing on Mars that will be incorporated into the next iteration of the company's proposed Mars transportation hardware.

AI

Dadbot: How a Son Made a Chatbot of His Dying Dad (www.cbc.ca) 114

theodp writes: In A Son's Race to Give His Dying Father Artificial Immortality (Warning: may be paywalled; alternate source), James Vlahos recounts his efforts to turn the story of his father's life -- as told by his 80-year-old Dad in his final months after being diagnosed with stage IV lung cancer -- into what Vlahos calls "a Dadbot -- a chatbot that emulates not a children's toy but the very real man who is my father." Given the limits of tech at the time (2016) and his own inexperience as a programmer, Vlahos recognized that the bot would never be more than a shadow of his real dad, but hoped to get the bot to communicate in his father's distinctive manner and convey at least some sense of his personality. Of the first time he demoed the bot for his parents, Vlahos writes: "Emboldened, I bring up something that has preoccupied me for months. 'This is a leading question, but answer it honestly,' I say, fumbling for words. 'Does it give you any comfort, or perhaps none -- the idea that whenever it is that you shed this mortal coil, that there is something that can help tell your stories and knows your history?' My dad looks off. When he answers, he sounds wearier than he did moments before. 'I know all of this shit,' he says, dismissing the compendium of facts stored in the Dadbot with a little wave. But he does take comfort in knowing that the Dadbot will share them with others. 'My family, particularly. And the grandkids, who won't know any of this stuff.' He's got seven of them, including my sons, Jonah and Zeke, all of whom call him Papou, the Greek term for grandfather. 'So this is great,' my dad says. 'I very much appreciate it.'"
AI

Researchers Have Figured Out How To Fake News Video With AI (qz.com) 87

An anonymous reader quotes a report from Quartz: A team of computer scientists at the University of Washington have used artificial intelligence to render visually convincing videos of Barack Obama saying things he's said before, but in a totally new context. In a paper published this month, the researchers explained their methodology: Using a neural network trained on 17 hours of footage of the former U.S. president's weekly addresses, they were able to generate mouth shapes from arbitrary audio clips of Obama's voice. The shapes were then textured to photorealistic quality and overlaid onto Obama's face in a different "target" video. Finally, the researchers retimed the target video to move Obama's body naturally to the rhythm of the new audio track. In their paper, the researchers pointed to several practical applications of being able to generate high quality video from audio, including helping hearing-impaired people lip-read audio during a phone call or creating realistic digital characters in the film and gaming industries. But the more disturbing consequence of such a technology is its potential to proliferate video-based fake news. Though the researchers used only real audio for the study, they were able to skip and reorder Obama's sentences seamlessly and even use audio from an Obama impersonator to achieve near-perfect results. The rapid advancement of voice-synthesis software also provides easy, off-the-shelf solutions for compelling, falsified audio. You can view the demo here: "Synthesizing Obama: Learning Lib Sync from Audio"
Bitcoin

Ethereum Co-Founder Says Cryptocurrencies Are 'a Ticking Time Bomb' (bloomberg.com) 64

randomErr writes from a report via Business Insider (alternate source): Ethereum, the rival to bitcoin, has been on a tear. Its founders said the latest trend in the cryptocurrency space may not be as good for the cryptocurrency as some might think. Ethereum is up 1,700% over the last year, and that spike has occurred in tandem with the growth of the hottest new trend in fundraising: initial coin offerings. Approximately $1.2 billion has been raised by the new cryptocurrency-based capital raising method this year, according to Autonomous Next, a financial technology analytics service. It is a trend that has sparked excitement across Wall Street. But the cofounder of the company behind the cryptocurrency, Charles Hoskinson, told Bloomberg that initial coin offerings may not benefit Ethereum. "People say ICOs are great for ethereum because, look at the price, but it's a ticking time-bomb," said Hoskinson. "There's an over-tokenization of things as companies are issuing tokens when the same tasks can be achieved with existing blockchains. People are blinded by fast and easy money."
Communications

Telecom Lobbyists Downplayed 'Theoretical' Security Flaws in Mobile Data Backbone (vice.com) 33

An anonymous reader shares a report: According to a confidential document obtained by Motherboard, wireless communications lobby group CTIA took issue with an in-depth report by the Department of Homeland Security on mobile device security, including flaws with the SS7 network. In a white paper sent to members of Congress and the Department of Homeland Security, CTIA, a telecom lobbying group that represents Verizon, AT&T, and other wireless carriers, argued that "Congress and the Administration should reject the [DHS] Report's call for greater regulation" while downplaying "theoretical" security vulnerabilities in a mobile data network that hackers may be able to use to monitor phones across the globe, according to the confidential document obtained by Motherboard. However, experts strongly disagree about the threat these vulnerabilities pose, saying the flaws should be taken seriously before criminals exploit them. SS7, a network and protocol often used to route messages when a user is roaming outside their provider's coverage, is exploited by criminals and surveillance companies to track targets, intercept phone calls or sweep up text messages. In some cases, criminals have used SS7 attacks to obtain bank account two-factor authentication tokens, and last year, California Rep. Ted Lieu said that, for hackers, "the applications for this vulnerability are seemingly limitless."
Businesses

Why is Comcast Using Self-driving Cars To Justify Abolishing Net Neutrality? (theverge.com) 225

Earlier this week, Comcast filed its comments in favor of the FCC's plan to eliminate the 2015 net neutrality rules. While much of the document was devoted to arguments we've heard before -- Comcast believes the current rules are anti-competitive and hurt investment, but generally supports the principles of net neutrality -- one statement stood out. The Verge adds: Buried in the 161-page document was this quirky assertion (emphasis ours): "At the same time, the Commission also should bear in mind that a more flexible approach to prioritization may be warranted and may be beneficial to the public... And paid prioritization may have other compelling applications in telemedicine. Likewise, for autonomous vehicles that may require instantaneous data transmission, black letter prohibitions on paid prioritization may actually stifle innovation instead of encouraging it. In other words, Comcast is arguing for paid prioritization and internet fast lanes to enable self-driving cars to communicate better with other vehicles and their surrounding environment, thus making them a safer and more efficient mode of transportation. The only problem is that autonomous and connected cars don't use wireless broadband to communicate. When cars talk with each other, they do it by exchanging data wirelessly over an unlicensed spectrum called the Dedicated Short Range Communications (DSRC) band, using technology similar to Wi-Fi. The FCC has set aside spectrum in the 5.9GHz band specifically for this purpose, and it is only meant to be used for vehicle-to-everything (V2X) applications. That includes vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), and vehicle-to-pedestrian (V2P) -- so cars talking to other cars, to traffic signals, to the phone in your pocket... you name it. Soon enough, all cars sold in the US will be required to include V2V technology for safety purposes, if the Department of Transportationâ(TM)s new rule goes into effect.
Communications

FCC Refuses To Release Text of More Than 40,000 Net Neutrality Complaints (arstechnica.com) 64

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission has denied a request to extend the deadline for filing public comments on its plan to overturn net neutrality rules, and the FCC is refusing to release the text of more than 40,000 net neutrality complaints that it has received since June 2015. The National Hispanic Media Coalition (NHMC) filed a Freedom of Information Act (FoIA) request in May of this year for tens of thousands of net neutrality complaints that Internet users filed against their ISPs. The NHMC argues that the details of these complaints are crucial for analyzing FCC Chairman Ajit Pai's proposal to overturn net neutrality rules. The coalition also asked the FCC to extend the initial comment deadline until 60 days after the commission fully complies with the FoIA request. A deadline extension would have given people more time to file public comments on the plan to eliminate net neutrality rules. Instead, the FCC yesterday denied the motion for an extension and said that it will only provide the text for a fraction of the complaints, because providing them all would be too burdensome.
Network

Mesh Networking Comes To Bluetooth, Which Could Set Off a New Wave of Smart Buildings (geekwire.com) 70

One of the most widely used technologies in mobile computing is getting an important upgrade that could accelerate the development of the smart home and industrial internet. From a report: The Bluetooth Special Interest Group, the Kirkland, Wash.-based group that enforces compatibility among the billions of devices that use the short-range Bluetooth wireless technology, plans to announce Tuesday that the standard now supports mesh networking. Mesh networks connect a variety of access points and devices across a distributed network, rather than the one-to-one connection that currently exists between your smartphone and that headset that makes you look ridiculous. This approach dramatically improves the range and reliability of a wireless network, since information can be relayed across several different devices rather than having to stretch between two far-apart devices. And if part of the network goes offline, mesh technology has the capability to route around that outage and still carry out its original mission. Wi-Fi networks have also been getting in on this mesh networking act, which has an additional bonus: mesh networks are much easier to set up than traditional wireless networks.
China

China's Censors Can Now Erase Images Mid-Transmission (wsj.com) 90

Eva Dou, reporting for WSJ: China's already formidable internet censors have demonstrated a new strength -- the ability to delete images in one-on-one chats as they are being transmitted, making them disappear before receivers see them. The ability is part of a broader technology push by Beijing's censors to step up surveillance and get ahead of activists and others communicating online in China (Editor's note: the link could be paywalled; alternative source). Displays of this new image-filtering capability kicked into high gear last week as Chinese dissident Liu Xiaobo lay dying from liver cancer and politically minded Chinese tried to pay tribute to him, according to activists and a new research report. Wu Yangwei, a friend of the long-jailed Nobel Peace Prize laureate, said he used popular messaging app WeChat to send friends a photo of a haggard Mr. Liu embracing his wife. Mr. Wu believed the transmissions were successful, but he said his friends never saw them. "Sometimes you can get around censors by rotating the photo," said Mr. Wu, a writer better known by his pen name, Ye Du. "But that doesn't always work." There were disruptions on Tuesday to another popular messaging app, Facebook's WhatsApp, with many China-based users saying they were unable to send photos and videos without the use of software that circumvents Chinese internet controls. Text messages appeared to be largely unaffected.
Google

Google Fiber Is Losing Its Second CEO in Less Than a Year (businessinsider.com) 71

An anonymous reader shares a report: Google Fiber, the high-speed internet service operated by Alphabet, has lost its second CEO in less than a year. Gregory McCray is stepping down from the CEO job of Access, the Alphabet subsidiary that houses the Fiber unit, Google confirmed to Business Insider on Monday. The change is the latest shake-up at Access, which announced in October that it would stop rolling out its 1 gigabit per second wired broadband networks to new cities and focus on newer, wireless options, such as the Webpass wireless service it acquired last year. The Access group also had layoffs towards the end of 2016 and shifted hundreds of other employees to different units within Google earlier this year. Alphabet CEO Larry Page said in an emailed statement to Business Insider on Monday that the company is "committed to the success of Google Fiber" and was looking for new leader for the business.
Microsoft

US Appeals Court Upholds Nondisclosure Rules For Surveillance Orders (reuters.com) 53

An anonymous reader shares a report: A U.S. federal appeals court on Monday upheld nondisclosure rules that allow the FBI to secretly issue surveillance orders for customer data to communications firms, a ruling that dealt a blow to privacy advocates. A unanimous three-judge panel on the 9th U.S. Circuit Court of Appeals in San Francisco sided with a lower court ruling in finding that rules permitting the FBI to send national security letters under gag orders are appropriate and do not violate the First Amendment of the U.S. Constitution's free speech protections. Content distribution firm CloudFlare and phone network operator CREDO Mobile had sued the government in order to notify customers of five national security letters received between 2011 and 2013.
Communications

Amazon May Unveil Its Own Messaging App (engadget.com) 87

The messaging app field is as hot as ever with Apple, Facebook and Google (among others) slugging it out... and Amazon appears to want in on the action. From a report: AFTVnews claims to have customer survey info revealing that Amazon is working on Anytime, a messaging app for Android, iOS and the desktop that promises a few twists on the usual formula. It has mainstays like message encryption, video, voice and (of course) stickers, but it reportedly has a few hooks that would make it easy to sign up and participate in group chats. You would only need a name to reach out to someone, for one thing -- no WhatsApp-style dependence on phone numbers here. You only have to use Twitter-style @ mentions to bring people into conversations or share photos, and you can color-code chats to identify the most important ones. Naturally, there are app-like functions (such as group music listening and food ordering) and promises of chatting with businesses for shopping or customer service.

Slashdot Top Deals