Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Botnet

A 'Turkish Hacker' Is Giving Out Prizes For DDoS Attacks (csoonline.com) 23

Security firm Forcepoint has discovered a DDoS competition which requires participants install a DDoS software which contains a backdoor. An anonymous reader quotes CSO: A hacker in Turkey has been trying to encourage distributed denial-of-attacks by making it into a game, featuring points and prizes for attempting to shut down political websites... Users that participate will be given a tool known as Balyoz, the Turkish word for Sledgehammer, that can be used to launch DDoS attacks against a select number of websites... The attack tool involved is designed to only harass 24 political sites related to the Kurds, the German Christian Democratic Party -- which is led by Angela Merkel -- and the Armenian Genocide, and others... Forcepoint noticed that the DDoS attack tool given to the participants also contains a backdoor that will secretly install a Trojan on the computer.
Windows

New Bug In Windows 10 Anniversary Update Brings Wi-Fi Disconnects (infoworld.com) 112

Some Windows 10 PCs are now experiencing sudden drops in their Wi-Fi connections, with the Network Diagnostics tool reporting "Wi-Fi doesn't have a valid IP configuration." An anonymous reader quotes InfoWorld's Woody Leonhard: I've heard from many people who blame the Wi-Fi disconnect on Friday's KB 3201845, the patch (which still isn't documented on the Win10 update history site) that brings version 1607 up to build 14393.479. It's unlikely that the new patch brought on the bug because the large influx of complaints started on December 7 -- two days before the patch...

Speculation at this point says the disconnect results when a machine performs a fast startup, setting the machine's IP address to 169.x.x.x. It's an old problem, but somehow it's come back in spades in the past two days. I have no idea what triggered the sudden outbreak, as there were no Win10 1607 patches issued on December 6, 7 or 8.

Microsoft acknowledged the problem Thursday, recommending customers try restarting their PCs (or performing a clean start). Woody writes that it looks like Microsoft's latest Windows 10 patch "didn't cause the bug. But the patch didn't fix it, either."
Wireless Networking

AirPods Delay Attributed To Apple Ensuring Both Earpieces Receive Audio At Same Time (macrumors.com) 168

An anonymous reader quotes a report from Mac Rumors: AirPods were originally slated to launch in October, but the wireless earphones were later delayed. Apple said it needed "a little more time" before they are ready for customers, and it has yet to provide an official update since. While the exact reason for the delay remains unclear, a person familiar with the development of AirPods told The Wall Street Journal that Apple's troubles appear to be related to its "efforts to chart a new path for wireless headphones," in addition to resolving what happens when users lose one of the earpieces or the battery dies. The Wall Street Journal reports: "A person familiar with the development of the AirPod said the trouble appears to stem from Apple's effort to chart a new path for wireless headphones. In most other wireless headphones, only one earpiece receives a signal from the phone via wireless Bluetooth technology; it then transmits the signal to the other earpiece. Apple has said AirPod earpieces each receive independent signals from an iPhone, Mac or other Apple device. But Apple must ensure that both earpieces receive audio at the same time to avoid distortion, the person familiar with their development said. That person said Apple also must resolve what happens when a user loses one of the earpieces or the battery dies."
Transportation

Transportation Department Proposes Allowing In-Flight Phone Calls (go.com) 102

Yesterday, France's Le Monde newspaper issued a report, citing documents from NSA whistleblower Edward Snowden, that says American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft. Assuming the report is accurate, national security agencies may soon have their hands full if a new proposal by the Department of Transportation becomes official, which would allow each airline to decide whether its passengers will be permitted to make in-flight phone calls using the aircraft's onboard Wi-Fi system. ABC News reports: The Department of Transportation's proposal leaves it up to airlines whether to allow the calls. But carriers would be required to inform passengers at the time they purchase a ticket if the calls are allowed. That would give passengers the opportunity to make other travel arrangements if they don't want to risk the possibility of sitting near passengers making phone calls. The Federal Communications Commission prohibits using mobile phones to make calls during flights, but not Wi-Fi calls. There is a minimum 60-day comment period and the proposal leaves the door open to an outright ban. The Wall Street Journal first reported on the proposal.
Microsoft

Microsoft Officially Closes Its $26.2B Acquisition of LinkedIn (techcrunch.com) 53

After getting its final European Commission approvals earlier this week, Microsoft and LinkedIn today announced that Microsoft's $26.2 billion acquisition of LinkedIn, the social networking site, has officially closed. From a report on TechCrunch: The news comes six months after news first broke of the deal. In an internal memo, LinkedIn CEO Jeff Weiner went through the areas where the two companies would be working together, and how they will in other ways remain independent. LinkedIn today has over 400 million registered users, making it the largest social networking site focused on the working world. People use the service both to make work connections with other people in their fields, but also to look for jobs and hire people. As we reported earlier this week, the fact that LinkedIn essentially has a dominant position in this area meant that Microsoft had to make concessions to the EC about how it would work to allow other social networking sites to integrate on its platforms.
NES (Games)

Doyodo RetroEngine Sigma Is a Linux-Powered Classic Video Game Emulation Console (betanews.com) 91

BrianFagioli quotes a report from BetaNews: The Nintendo NES Classic is quite an amazing console. True, it is not as powerful as modern game systems like Xbox One and PlayStation 4, but it comes pre-loaded with many classic NES titles. Unfortunately, its strength is also its weakness -- those pre-loaded titles are the only games you can play. You cannot load other games, so you are stuck with what you got. As an alternative, some folks use software emulation and ROMs on their computers to play countless video game titles. Of course, there are moral concerns here, as you are often downloading the games illegally -- unless you own the physical copy, that is. Even then, it is a gray area. Today, a company called Doyodo launched a new Linux-powered emulation console on Indiegogo. The device not only plays NES games, but Atari, Game Boy, PlayStation 1, Genesis, and more. You play using USB controllers. In addition, it can serve as a media player (with Kodi) or a full-fledged Linux desktop. Some other features include 4K video playback, Wi-Fi networking built in, and a compact and portable design. There's even a deluxe version that ships with Bluetooth, an extra controller and 32GB of storage; the basic configuration includes just one controller and 16GB of storage. You can view the Indiegogo page here.
HP

HP Shutting Down Default FTP, Telnet Access To Network Printers (pcworld.com) 83

Security experts consider the aging FTP and Telnet protocols unsafe, and HP has decided to clamp down on access to networked printers through the remote-access tools. From a report on PCWorld: Some of HP's new business printers will, by default, be closed to remote access via protocols like FTP and Telnet. However, customers can activate remote printing access through those protocols if needed. "HP has started the process of closing older, less-maintained interfaces including ports, protocols and cipher suites" identified by the U.S. National Institute of Standards and Technology as less than secure, the company said in a statement. In addition, HP also announced firmware updates to existing business printers with improved password and encryption settings, so hackers can't easily break into the devices.
United States

Sysadmin Gets Two Years In Prison For Sabotaging ISP (bleepingcomputer.com) 133

After being let go over a series of "personal issues" with his employer, things got worse for 26-year-old network administrator Dariusz J. Prugar, who will now have to spend two years in prison for hacking the ISP where he'd worked. An anonymous reader writes: Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote... "Seeking to hide his tracks, Prugar used an automated script that deleted various logs," reports Bleeping Computer. "As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers."

When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.

Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.
Twitter

Reuters Built An Algorithm That Can Identify Real News On Twitter (popsci.com) 121

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.
Censorship

China Is Censoring People's Chats Without Them Even Knowing About It (qz.com) 76

An anonymous reader quotes a report from Quartz: A new study from The Citizen Lab, a research group at the University of Toronto, reveals that censorship on WeChat occurs primarily in group chats rather than one-on-one chats between two people, and often in such a way where the sender of a text isn't even aware a piece of text has been scrubbed. The discoveries illuminates how China's government attempts to keep its citizens blind to the scope of its censorship regime. The researchers set out find the extent to which certain keywords got scrubbed from conversations between two or more users in WeChat. To do this, in June 2016 the team posed as a Chinese WeChat user and sent out 26,821 keywords containing terms that had been censored on other apps, including Tom-Skype (a made-for-China version of Skype) and YY (a live broadcast app). A corresponding Canadian user in the two-way chat would then report back to say whether or not the message had been received. The report states that out of the entire sample, only one term -- Falun Gong -- had been scrubbed. When they ran an identical test in August, even that text mysteriously passed without censorship. Yet when they tested group chats, they found multiple cases in which certain keywords triggered a removal. Specifically, while sensitive terms used in isolation were unlikely to trigger censorship (say "June 4th," a reference to the Tiananmen Square protests, brutally put down on June 4, 1989), it took effect when they were used in a full sentence or with other keywords. The researchers also discovered that when WeChat censored a message, the sender received no notice informing him that his text had not reached the intended recipient. The study also notes that "WeChat only censors content for users who bind their account to a mainland Chinese phone number when they first register to use the app." The censorship is still applied even if Chinese residents move to different countries or change phone numbers.
Communications

Reddit To Crack Down On Abuse By Punishing Hundreds of 'Toxic Users' (reuters.com) 233

An anonymous reader quotes a report from Reuters: Social media website Reddit, known for its commitment to free speech, will crack down on online harassment by banning or suspending users who target others, starting with those who have directed abuse at Chief Executive Steve Huffman. Huffman said in an interview with Reuters that Reddit's content policy prohibits harassment, but that it had not been adequately enforced. "Personal message harassment is the most cut and dry," he said. "Right now we are in an interesting position where my inbox is full of them, it's easy to start with me." As well as combing through Huffman's inbox, Reddit will monitor user reports, add greater filtering capacity, and take a more proactive role in policing its platform rather than relying on community moderators. Reddit said it had identified hundreds of the "most toxic users" and will warn, ban or suspend them. It also plans to increase staff on its "trust and safety" team. On Reddit, a channel supporting the U.S. Republican party's presidential candidate Donald Trump, called r/The_Donald, featured racist and misogynistic comments, fake news and conspiracy theories about his Democratic challenger Hillary Clinton, along with more mainstream expressions of support for Trump. Many of those supporting Trump were very active, voting up the r/The_Donald conversations so that they became prominent across Reddit, which is the 7th-most-visited U.S. internet site, according to web data firm Alexa. Last week, Reddit banned Pizzagate, a community devoted to a conspiracy theory, with no evidence to back it up, that links Clinton to a pedophile ring at a Washington, D.C. pizza parlor, after it posted personal information in violation of Reddit policy. Huffman then used his administrative privileges to redirect abuse he was receiving on a thread on r/The_Donald to the community's moderators -- making it look as if it was intended for them. Huffman said it was a prank, and that many Reddit users, including some Trump supporters, told him they thought it was funny, but it inflamed the situation.
EU

EU's Law Enforcement Agency Closes 4,500 Websites Peddling Fake Brands (phys.org) 72

An anonymous reader quotes a report from Phys.Org: In a massive crackdown, police and law enforcement agencies across Europe have seized more than 4,500 website domains trading in counterfeit goods, often via social networks, officials said on Monday. The operation came as Europol, Europe's police agency, unveiled its newest campaign dubbed "Don't F***(AKE) Up" to stop scam websites selling fake brand names online. In the crackdown, agencies from 27 countries mostly in Europe but including from the U.S. and Canada, joined forces to shut down over 4,500 websites. They were selling everything from "luxury goods, sportswear, spare parts, electronics, pharmaceuticals, toiletries and other fake products," Europol said in a statement, without saying how long the crackdown took. An annual operation run in collaboration with the U.S. Immigration and Customs Enforcement and Homeland Security, there was "a significant increase in the number of seized domain names compared to last year," said Europol director Rob Wainwright. As part of the crackdown, Dutch anti-fraud police arrested 12 people across The Netherlands over the past two weeks as they searched homes and warehouses. Most of the raids were prompted by online sales of counterfeit goods on social networking sites such as Facebook and Instagram. More than 3,500 items of clothing and fake luxury goods were seized in Holland, including shoes, bags and perfumes purporting to be such brands as Nike, Adidas, and Kenzo, with a market value of tens of thousands euros. Publishing a guide on how to spot fake websites and social media scams, Europol warned consumers had to be on their guard.
Botnet

You Can Now Rent A Mirai Botnet Of 400,000 Bots (bleepingcomputer.com) 62

An anonymous reader writes: Two hackers are renting access to a massive Mirai botnet, which they claim has more than 400,000 infected bots, ready to carry out DDoS attacks at anyone's behest. The hackers have quite a reputation on the hacking underground and have previously been linked to the GovRAT malware, which was used to steal data from several US companies. Renting around 50,000 bots costs between $3,000-$4,000 for 2 weeks, meaning renting the whole thing costs between $20,000-$30,000.

After the Mirai source code leaked, there are countless smaller Mirai botnets around, but this one is [believed to be the one] accounting for more than half of all infected IoT devices...that supposedly shut down Internet access in Liberia. The original Mirai botnet was limited to only 200,000 bots because there were only 200,000 IoT devices connected online that had their Telnet ports open. The botnet that's up for rent now has received improvements and can also spread to IoT devices via SSH, hence the 400,000 bots total.

Interestingly, the article claims the botnet's creators had access \to the Mirai source code "long before it went public."
Social Networks

Facebook's Latest Experiment: Helping You Find Free Wi-Fi Hotspots (macworld.com) 32

Users of the social network's iOS app report seeing a new feature in the More section that lets them find nearby public Wi-Fi access points. From a MacWorld story: The feature does not appear to be widely available at the moment, which means this is probably something Facebook is only testing. The social network tests numerous features all the time but this one is particularly notable. Helping users find public Wi-Fi could enable more people to use Facebook Live. If your cellular connection isn't strong, a nearby Wi-Fi location can be a big help -- unless, of course, your Facebook Live broadcast is dependent on your specific location. There could be other uses for finding Wi-Fi beyond live video broadcasts. If you're desperate to upload a photo or recorded video, then locating the closest public Wi-Fi point helps. On top of that it's just one more reason to open the Facebook app, which Facebook obviously wants to encourage as much as possible. Check where the nearest Wi-Fi hotspot is, see that unread notifications indicator at the top of the screen, and before you know it you're engrossed in the news feed.
The Internet

Microsoft Partners With D-Link To Deliver Speedier Wi-Fi in Rural Regions (zdnet.com) 41

Microsoft has partnered with networking equipment manufacturer D-Link to deliver speedier Wi-Fi to rural communities around the world. From a report on ZDNet:Dubbed "Super Wi-Fi", the wireless infrastructure is set to be based on the 802.11af protocol, and will take advantage of unused bandwidth in the lower-frequency white spaces between television channel frequencies where signals travel further than at higher frequencies. A pilot of the first phase is commencing in an unnamed American state, with trials also slated to run in three other countries. "D-Link sees ourselves at the very heart of this kind of technical innovation and development. We also acknowledge that we have a role to play in helping all countries and future generations better connect," said Sydney-based D-Link managing director for ANZ Graeme Reardon. "Our goal is to use all of our 30 years' experience and expertise and our global footprint to help deliver Super Wi-Fi as a technological platform for growth to the world's underdeveloped regions."
Networking

Ask Slashdot: Could A 'Smart Firewall' Protect IoT Devices? 230

To protect our home networks from IoT cracking, Ceaus wants to see a smart firewall: It's a small box (the size of a Raspberry Pi) with two ethernet ports you put in front of your ISP router. This firewall is capable of detecting your IoT devices and blocking their access to the internet, only and exclusively allowing traffic for the associated mobile app (if there is one). All other outgoing IoT traffic is blocked... Once you've plugged in your new IoT toaster, you press the "Scan" button on the firewall and it does the rest for you.
This would also block "snooping" from outside your home network, and of course, keep your devices off botnets. The original submission asks "Does such a firewall exist? Is this a possible Kickstarter project?" So leave your best answers in the comments. Could a smart firewall protect IoT devices?
Communications

When a City Has Gigabit Internet, Prices For Slower Speed Tiers Drop: Study (arstechnica.com) 42

A new industry-funded research study, titled "Broadband competition helps to lower prices and faster download speeds for U.S. residential consumers," analyzed DSL, cable, and fiber broadband plans from the 100 largest designated market areas in the U.S. and found that when a city has gigabit internet speeds, the price of plans with slower speeds drop. Therefore, customers who don't purchase gigabit internet plans will still benefit from their availability. Ars Technica highlights the key findings of the study in their report: -The presence of gigabit service in a market is associated with a $27 decrease in the average monthly price of broadband plans with speeds of 100Mbps or greater but less than 1Gbps. That's a 25 percent price reduction.
-Markets with gigabit Internet also see smaller price decreases for plans as slow as 25Mbps. The presence of gigabit Internet has no significant effect on prices of plans with speeds below 25Mbps. This isn't that surprising since the slowest plans are already the cheapest and aren't suitable substitutes for gigabit speeds.
-Gigabit prices decline when at least two providers offer gigabit service. "If a DMA moves from having one to two providers of gigabit Internet, we estimate that the standard monthly price for gigabit Internet will decline by approximately $57 to $62, which is equal to a reduction in price of between 34 and 37 percent," the study said. Going from one to three gigabit competitors would reduce prices by an estimated $98.11 to $106.50 per month.
-Competition at any speed reduces prices. "An increase of one competitor is associated with approximately a $1.50 decline in the monthly standard broadband price for Internet plans with speeds ranging from 50Mbps to less than 1Gbps," the study said. For plans with download speeds of less than 25Mbps, the decrease in average monthly price is $0.42 for each competitor.
-Availability of fast speeds increases the likelihood that other ISPs will introduce their own higher-speed plans to match competitors. "In particular, we find that each additional competitor offering broadband in a higher speed category will increase the probability that other broadband providers in the market will offer broadband at those higher speeds by 4 to 17 percent on an annual basis," the study said.
-Average monthly prices for each speed category are as follows: $52.60 for speeds less than 25Mbps; $74.05 for plans from 25Mbps to 99Mbps; $108.52 for plans of least 100Mbps but less than 1Gbps; and $165.63 for speeds of at least 1Gbps.

Social Networks

LinkedIn-Russia: US Says Concerned Over Decision to Block Professional Networking Site (ndtv.com) 95

The US government said on Friday it was deeply concerned over Russia's decision to block public access to networking site LinkedIn, saying it created a precedent that could be used to justify blocking other sites operating in Russia. From a report: LinkedIn, which has its headquarters in the United States, is the first major social network to be blocked under a new law that requires firms holding Russian citizens' data to store it on servers on Russian soil. Internet services analysts say other tech firms, including Facebook and Twitter, could also find access blocked unless they move data onto Russian-based servers. Maria Olson, spokeswoman at the US Embassy in Moscow, said Washington urged the Russian authorities to restore access immediately to LinkedIn, and said the restrictions harmed competition and the Russian people. "The United States is deeply concerned by Russia's decision to block access to the website LinkedIn," Olson said in a statement sent to Reuters. "This decision is the first of its kind and sets a troubling precedent that could be used to justify shutting down any website that contains Russian user data."
Chrome

New Chrome Extension Automatically Negotiates With Comcast For Rate Discounts (fiercecable.com) 62

A technology company called Trim aims to take away the stress and displeasure associated with talking to Comcast service representatives. They have created a bot via a Google Chrome extension that negotiates with Comcast reps over the internet, seeking discounts for various services offered by the cable giant. FierceCable reports: Trim is marketing the tool in this somewhat hilarious YouTube video, which shows the subscriber, "Brian Roberts," typing his Comcast customer information (name, phone number, email, etc.) into the application. The bot takes it from there, initiating chat with a Comcast "analyst" named "Sukhwinder."

"Hi. I'm trying to lower my bill," the bot says. "I don't want to upgrade anything or change my plan at all. I just want to get the best possible rate for my area. Can you help?" As the video shows, users can engage in one of four classic video games as the chat slowly runs its course. (The Trim developers in the video choose Pong.) The bot has two settings: "autopilot," which lets you sit back and watch it negotiate for you; and manual, which lets you step in.

Microsoft

LinkedIn Blocked By Russian Government (pcworld.com) 68

LinkedIn's network just got a little smaller: Russia's communications regulator ordered ISPs to block access to the business networking company on Thursday. From a report on PCWorld: Roskomnadzor made the order after a Moscow appeal court last week upheld an earlier ruling that LinkedIn breached Russian privacy laws. Tagansky district court ruled against LinkedIn on Aug. 4, following a complaint from the Russian federal service for the supervision of communications, information technology and mass media that its activities breached a law requiring businesses handling Russians' personal data to process that data in Russia. Roskomnadzor said it filed suit after LinkedIn failed to respond to two requests for information about its plans for relocating the data to Russia. LinkedIn isn't the only U.S. company that has been targeted under the legislation.

Slashdot Top Deals