YouTube Is Full of Easy-To-Find Neo-Nazi Propaganda ( 378

An anonymous reader quotes an exclusive report from Motherboard: Through a software-aided investigation, Motherboard has found that while YouTube has managed to clamp down on Islamic extremists uploading propaganda, the video giant is still awash with videos supporting violent and established neo-Nazi organizations, even when, in some cases, users have reported the offending videos. Clips of neo-Nazi propaganda operations, hate-filled speeches, and extremists pushing for direct action have remained on the site for weeks, months, or years at a time. Arguably, many if not all of these videos may fall under YouTube's own policy on hate speech, which "refers to content that promotes violence against or has the primary purpose of inciting hatred against individuals or groups based on certain attributes," including race or ethnic origin, religion, and sexual orientation, according to the policy.

Motherboard built a tool to monitor YouTube and make a record of when the platform removed certain videos, and limited the clips to propaganda for established neo-Nazi and far-right terrorist organizations like Atomwaffen, rather than people in the so-called "alt-right." Most of the videos were discovered through simple YouTube searches of relevant organizations' names, or sometimes through the "recommended videos" sidebar after Motherboard had built up a browsing history of neo-Nazi material. For the sake of comparison, over a week-long period Motherboard also tracked pro-ISIS videos uploaded by the group's supporters and then distributed through a network of Telegram channels. Typically, YouTube removed these Islamic extremism videos in a matter of hours, including those that did not contain images of violence, but were instead speeches or other not directly violent content. But YouTube is playing catch up with neo-Nazi material. YouTube removed only two videos that Motherboard was monitoring: two identical clips of a speech from UK terrorist organization National Action.

The Internet

FCC's Ajit Pai is Surrounded By a 'Set of People With a Very Traditional Mindset', Says Sir Tim Berners-Lee ( 114

Next Monday the web celebrates its 29th birthday. Ahead of it, Sir Tim Berners-Lee spoke with BBC on a wide-range of topics. An excerpt: In Barcelona last week at the Mobile World Congress I heard FCC boss Ajit Pai mount a robust defence of the move, pointing out that the internet had grown and thrived perfectly well in the years before 2015, when the net neutrality provision came in. "He said the same thing to me," Sir Tim tells us, revealing that he had recently been to lunch with Mr Pai. He had told the FCC boss that advances in computer processing power had made it easier for internet service providers to discriminate against certain web users for commercial or political reasons, perhaps slowing down traffic to one political party's website or making it harder for a rival company to process payments. But he failed to change Ajit Pai's mind. "He's surrounded by a set of people with a very traditional mindset, which has been driven by the PR machine of the telco industry, who believe it is their duty in Washington to oppose any regulation, whatever it is." Sir Tim, however, is refusing to concede defeat in this battle. "We stopped SOPA and PIPA," he says, referring to two US anti-piracy measures which campaigners opposed on the grounds they impinged on internet freedoms.

China's Alibaba is Investing Huge Sums in AI Research and Resources -- and It Is Building Tools To Challenge Google and Amazon ( 30

Alibaba is already using AI and machine learning to optimize its supply chain, personalize recommendations, and build products like Tmall Genie, a home device similar to the Amazon Echo. China's two other tech supergiants, Tencent and Baidu, are likewise pouring money into AI research. The government plans to build an AI industry worth around $150 billion by 2030 and has called on the country's researchers to dominate the field by then. But Alibaba's ambition is to be the leader in providing cloud-based AI. From a report: Like cloud storage (think Dropbox) or cloud computing (Amazon Web Services), cloud AI will make powerful resources cheaply and readily available to anyone with a computer and an internet connection, enabling new kinds of businesses to grow. The real race in AI between China and the US, then, will be one between the two countries' big cloud companies, which will vie to be the provider of choice for companies and cities that want to make use of AI. And if Alibaba is anything to go by, China's tech giants are ready to compete with Google, Amazon, IBM, and Microsoft to serve up AI on tap. Which company dominates this industry will have a huge say in how AI evolves and how it is used.

[...] There have been other glimpses of Alibaba's progress in AI lately. Last month a research team at the company released an AI program capable of reading a piece of text, and answering simple questions about that text, more accurately than anything ever built before. The text was in English, not Chinese, because the program was trained on the Stanford Question Answering Dataset (SQuAD), a benchmark used to test computerized question-and-answer systems. [...] One advantage China's tech companies have over their Western counterparts is the government's commitment to AI. Smart cities that use the kind of technology found in Shanghai's metro kiosks are likely to be in the country's future. One of Alibaba's cloud AI tools is a suite called City Brain, designed for tasks like managing traffic data and analyzing footage from city video cameras.


In a Remarkable Turn of Events, Hackers -- Not Users -- Lost Money in Attempted Cryptocurrency Exchange Heist ( 56

The hackers who attempted to hack Binance, one of the largest cryptocurrency exchanges on the Internet, have ended up losing money in a remarkable turn of events. It all began on Thursday, when thousands of user accounts started selling their Bitcoin and buying an altcoin named Viacoin (VIA). The incident, BleepingComputer reports, looked like a hack, and users reacted accordingly. But this wasn't a hack, or at least not your ordinary hack. The report adds: According to an incident report published by the Binance team, in preparation for yesterday's attack, the hackers ran a two-month phishing scheme to collect Binance user account credentials. Hackers used a homograph attack by registering a domain identical to, but spelled with Latin-lookalike Unicode characters. More particularly, hackers registered the [redacted].com domain -- notice the tiny dots under the "i" and "a" characters.

Phishing attacks started in early January, but the Binance team says it detected evidence that operations ramped up around February 22, when the campaign reached its peak. Binance tracked down this phishing campaign because the phishing pages would immediately redirect phished users to the real Binance login page. This left a forensic trail in referral logs that Binance developers detected. After getting access to several accounts, instead of using the login credentials to empty out wallets, hackers created "trading API keys" for each account. With the API keys in hand, hackers sprung their main attack yesterday. Crooks used the API keys to automate transactions that sold Bitcoin held in compromised Binance accounts and automatically bought Viacoin from 31 other Binance accounts that hackers created beforehand, and where they deposited Viacoin, ready to be bought. But hackers didn't know one thing -- Binance's secret weapon -- an internal risk management system that detected the abnormal amount of Bitcoin-Viacoin sale orders within the span of two minutes and blocked all transactions on the platform. Hackers tried to cash out the 31 Binance accounts, but by that point, Binance had blocked all withdrawals.


Downloads of Popular Apps Were Silently Swapped For Spyware in Turkey: Citizen Lab ( 29

Matthew Braga, reporting for CBC: Since last fall, Turkish internet users attempting to download one of a handful of popular apps may have been the unwitting targets of a wide-reaching computer surveillance campaign. And in Egypt, users across the country have, seemingly at random, had their browsing activity mysteriously redirected to online money-making schemes. Internet filtering equipment sold by technology company Sandvine -- founded in Waterloo, Ont. -- is believed to have played a significant part in both.

That's according to new research from the University of Toronto's Citizen Lab, which has examined misuse of similar equipment from other companies in the past. The researchers say it's likely that Sandvine devices are not only being used to block the websites of news, political and human rights organizations, but are also surreptitiously redirecting users toward spyware and unwanted ads. Using network-filtering devices to sneak spyware onto targets' computers "has long been the stuff of legends" according to the report -- a practice previously documented in leaked NSA documents and spyware company brochures, the researchers say, but never before publicly observed.
Citizen Lab notes that targeted users in Turkey and Syria who attempted to download Windows applications from official vendor websites including Avast Antivirus, CCleaner, Opera, and 7-Zip were silently redirected to malicious versions by way of injected HTTP redirects. It adds: This redirection was possible because official websites for these programs, even though they might have supported HTTPS, directed users to non-HTTPS downloads by default. Additionally, targeted users in Turkey and Syria who downloaded a wide range of applications from CBS Interactive's (a platform featured by CNET to download software) were instead redirected to versions containing spyware. does not appear to support HTTPS despite purporting to offer "secure download" links.
United States

Researchers Provide Likely Explanation For the 'Sonic Weapon' Used At the US Embassy In Cuba ( 112

An anonymous reader quotes a report from IEEE Spectrum: Last August, reports emerged that U.S. and Canadian diplomats in Cuba had suffered a host of mysterious ailments. Speculation soon arose that a high-frequency sonic weapon was to blame. Acoustics experts, however, were quick to point out the unlikeliness of such an attack. Among other things, ultrasonic frequencies -- from 20 to 200 kilohertz -- don't propagate well in air and don't cause the ear pain, headache, dizziness, and other symptoms reported in Cuba. Also, some victims recalled hearing high-pitched sounds, whereas ultrasound is inaudible to humans. The mystery deepened in October, when the Associated Press (AP) released a 6-second audio clip, reportedly a recording of what U.S. embassy staff heard. The chirping tones, centered around 7 kHz, were indeed audible, but they didn't suggest any kind of weapon. Looking at a spectral plot of the clip on YouTube, Kevin Fu, a computer scientist at the University of Michigan, noted some unusual ripples. He thought he might know what they meant.

Fu's lab specializes in analyzing the cybersecurity of devices connected to the Internet of Things, such as sensors, pacemakers, RFIDs, and autonomous vehicles. To Fu, the ripples in the spectral readout suggested some kind of interference. He discussed the AP clip with his frequent collaborator, Wenyuan Xu, a professor at Zhejiang University, in Hangzhou, China, and her Ph.D. student Chen Yan. Yan and Xu started with a fast Fourier transform of the AP audio, which revealed the signal's exact frequencies and amplitudes. Then, through a series of simulations, Yan showed that an effect known as intermodulation distortion could have produced the AP sound. Intermodulation distortion occurs when two signals having different frequencies combine to produce synthetic signals at the difference, sum, or multiples of the original frequencies. Having reverse engineered the AP audio, Fu, Xu, and Yan then considered what combination of things might have caused the sound at the U.S. embassy in Cuba. "If ultrasound is to blame, then a likely cause was two ultrasonic signals that accidentally interfered with each other, creating an audible side effect," Fu says. "Maybe there was also an ultrasonic jammer in the room and an ultrasonic transmitter," he suggests. "Each device might have been placed there by a different party, completely unaware of the other."


Fake News Spreads Faster Than True News On Twitter -- Thanks To People, Not Bots ( 94

A new study shows that people are the prime culprits when it comes to the propagation of misinformation through social networks. Tweets containing falsehoods reach 1,500 people on Twitter six times faster than truthful tweets, the research reveals. Science Magazine reports: The lead author -- Soroush Vosoughi, a data scientist at the Massachusetts Institute of Technology in Cambridge -- and his colleagues collected 12 years of data from Twitter, starting from the social media platform's inception in 2006. Then they pulled out tweets related to news that had been investigated by six independent fact-checking organizations -- websites like PolitiFact, Snopes, and They ended up with a data set of 126,000 news items that were shared 4.5 million times by 3 million people, which they then used to compare the spread of news that had been verified as true with the spread of stories shown to be false. They found that whereas the truth rarely reached more than 1000 Twitter users, the most pernicious false news stories routinely reached well over 10,000 people. False news propagated faster and wider for all forms of news -- but the problem was particularly evident for political news, the team reports today in Science. At first the researchers thought that bots might be responsible, so they used sophisticated bot-detection technology to remove social media shares generated by bots. But the results didn't change: False news still spread at roughly the same rate and to the same number of people. By default, that meant that human beings were responsible for the virality of false news.

Trump Promises Copyright Crackdown As DoJ Takes Aim At Streaming Pirates ( 107

An anonymous reader quotes a report from TorrentFreak: Yesterday, a panel discussion on the challenges associated with piracy from streaming media boxes took place on Capitol Hill. Hosted by the Information Technology and Innovation Foundation (ITIF), "Unboxing the Piracy Threat of Streaming Media Boxes" (video) went ahead with some big name speakers in attendance, not least Neil Fried, Senior Vice President, Federal Advocacy and Regulatory Affairs at the MPAA. ITIF and various industry groups tweeted many interesting comments throughout the event. Kevin Madigan from Center for the Protection of Intellectual Property told the panel that torrent-based content "is becoming obsolete" in an on-demand digital environment that's switching to streaming-based piracy. "There's a criminal enterprise going on here that's stealing content and making a profit," Fried told those in attendance. "The piracy activity out there is bad, it's hurting a lot of economic activity & creators aren't being compensated for their work," he added.

And then, of course, we come to President Trump. Not usually that vocal on matters of intellectual property and piracy, yesterday -- perhaps coincidentally, perhaps not -- he suddenly delivered one of his "something is coming" tweets. "The U.S. is acting swiftly on Intellectual Property theft," Trump tweeted. "We cannot allow this to happen as it has for many years!" Given Trump's tendency to focus on problems overseas causing issues for companies back home, a comment by Kevin Madigan during the panel yesterday immediately comes to mind. "To combat piracy abroad, USTR needs to work with the creative industries to improve enforcement and target the source of pirated material," Madigan said.


Comcast's Protected Browsing Is Blocking PayPal, Steam and TorrentFreak, Customers Say ( 82

Comcast's Xfinity internet customers have been reporting multiple websites, including PayPal, Steam, and TorrentFreak have been getting blocked by the ISP's "protected browsing" setting. From a report: The "protected browsing" setting is designed to "reduce the risk of accessing known sources of malware, spyware, and phishing for all devices connected to your home network." This, in general, isn't a bad thing. It's similar to Google Chrome's security settings that warn you when you have an insecure connection. But it's odd that Xfinity's security setting would be blocking perfectly harmless sites like PayPal. Multiple consumers have been reporting on Comcast's forums and elsewhere that they've been blocked while trying to access sites that many people use every day. After posting about it on the forums, one user who said they couldn't access PayPal said the problem with that particular site had been fixed. Further reading: Comcast's Protected Browsing Blocks TorrentFreak as "Suspicious" Site (TorrentFreak).

Can the Most Contentious Piece of the Web Form the Basis of a New Standard? Inside Google's Plan To Make the Whole Web as Fast as AMP ( 59

Dieter Bohn, writing for The Verge: In a blog post today, Google is announcing that it's formally embarking on a project to convince the group in charge of web standards to adopt technology inspired by its Accelerated Mobile Pages (AMP) framework. In theory, it would mean that virtually any webpage could gain the same benefits as AMP: near-instantaneous loading, distribution on multiple platforms, and (critically) more prominent placement on Google properties. This is important, a little tricky to understand, and critical to how the web and Google interact in the future. In many ways, Google's success or failure in this endeavor will play a major role in shaping how the web works on your phone.

[...] By creating AMP, Google blithely walked right into the center of a thicket comprised of developers concerned about the future of the web. Publishers are worried about ceding too much control of their distribution to gigantic tech companies, and all of the above are worried that Google is not so much a steward of the web but rather its nefarious puppet master. The whole situation is slightly frustrating to David Besbris, VP of search engineering at Google. Earlier this week, I went to Mountain View to talk with Besbris and Malte Ubl, engineering lead for AMP. "This is honestly a fairly altruistic project from our perspective," says Besbris. "It wasn't like we invented AMP because we wanted to control everything, like people assume," he says. Instead, he argues, go back and look at how dire the state of the mobile web was a few years ago, before AMP's inception.


Amazon Launches a Low-Cost Version of Prime For Medicaid Recipients ( 88

An anonymous reader quotes a report from TechCrunch: Amazon announced this morning it will offer a low-cost version of its Prime membership program to qualifying recipients of Medicaid. The program will bring the cost of Prime down from the usual $12.99 per month to about half that, at $5.99 per month, while still offering the full range of Prime perks, including free, two-day shipping on millions of products, Prime Video, Prime Music, Prime Photos, Prime Reading, Prime Now, Audible Channels, and more. The new program is an expansion on Amazon's discounted Prime service for customers on government assistance, launched in June 2017. For the same price of $5.99 per month, Amazon offers Prime memberships to any U.S. customer with a valid EBT card -- the card that's used to disburse funds for assistance programs like Temporary Assistance for Needy Families (TANF), Supplemental Nutrition Assistance Program (SNAP), and Women, Infants, and Children Nutrition Program (WIC). Now that same benefit is arriving for recipients of Medicaid, the public assistance program providing medical coverage to low-income Americans. To qualify for the discount, customers must have a valid EBT or Medicaid card, the retailer says.

Snap Is Laying Off Around 100 Engineers 64

An anonymous reader quotes a report from CNBC: Snap is laying off about 100 engineers -- nearly 10 percent of the team -- CNBC has learned. The company has seen smaller rounds of layoffs in recent months in its marketing, recruiting and content divisions. These layoffs would be Snap's largest yet and the first to hit the company's engineers. The company last month rolled out the redesign of its pioneering photo messaging app. The redesign separated publisher content from content posted by friends and connections. Snap reported roughly 3,000 employees as of the December quarter and said in its first annual filing that it expected "headcount growth to continue for the foreseeable future."

Leaked Files Show How the NSA Tracks Other Countries' Hackers ( 66

An analysis of leaked tools believed to have been developed by the U.S. National Security Agency (NSA) gives us a glimpse into the methods used by the organization to detect the presence of other state-sponsored actors on hacked devices, and it could also help the cybersecurity community discover previously unknown threats. The Intercept: When the mysterious entity known as the "Shadow Brokers" released a tranche of stolen NSA hacking tools to the internet a year ago, most experts who studied the material honed in on the most potent tools, so-called zero-day exploits that could be used to install malware and take over machines. But a group of Hungarian security researchers spotted something else in the data, a collection of scripts and scanning tools the National Security Agency uses to detect other nation-state hackers on the machines it infects. It turns out those scripts and tools are just as interesting as the exploits. They show that in 2013 -- the year the NSA tools were believed to have been stolen by the Shadow Brokers -- the agency was tracking at least 45 different nation-state operations, known in the security community as Advanced Persistent Threats, or APTs. Some of these appear to be operations known by the broader security community -- but some may be threat actors and operations currently unknown to researchers.

The scripts and scanning tools dumped by Shadow Brokers and studied by the Hungarians were created by an NSA team known as Territorial Dispute, or TeDi. Intelligence sources told The Intercept the NSA established the team after hackers, believed to be from China, stole designs for the military's Joint Strike Fighter plane, along with other sensitive data, from U.S. defense contractors in 2007; the team was supposed to detect and counter sophisticated nation-state attackers more quickly, when they first began to emerge online. "As opposed to the U.S. only finding out in five years that everything was stolen, their goal was to try to figure out when it was being stolen in real time," one intelligence source told The Intercept. But their mission evolved to also provide situational awareness for NSA hackers to help them know when other nation-state actors are in machines they're trying to hack.


Chrome 65 Arrives With Material Design Extensions Page, New Developer Features ( 34

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 65 for Windows, Mac, Linux, and Android. Additions in this release include Material Design changes and new developer features. You can update to the latest version now using the browser's built-in silent updater or download it directly from Chrome 65 comes with a few visual changes. The most obvious is related to Google's Material Design mantra. The extensions page has been completely revamped to follow it. Next up, Chrome 65 replaces the Email Page Location link in Chrome for Mac's File menu with a Share submenu. As you might expect, Mac users can use this submenu to share the URL of a current tab via installed macOS Share Extensions. Speaking of Macs, Chrome 65 is also the last release for OS X 10.9 users. Chrome 66 will require OS X 10.10 or later. Moving on to developer features, Chrome 65 includes the CSS Paint API, which allows developers to programmatically generate an image, and the Server Timing API, which allows web servers to provide performance timing information via HTTP headers.

Sri Lanka Blocks Facebook, Instagram To Prevent Spread of Hate Speech ( 123

Sri Lanka has blocked social media websites Facebook, Instagram and WhatsApp to avoid the spread of hate speech in the country, local media reported on Wednesday. From the report: Even though there is no official confirmation from the authorities, the Cabinet Spokesman Minister Rajitha Senaratne on Wednesday said the government has decided to block access to certain social media. Telecom Regulatory Commission (TRC) has started to monitor all social media platforms to curb hate speech related to communal riots escalated in Kandy district. Telecommunication service providers (ISPs) have also restricted internet access in Kandy district on the instructions of the TRC.

Google Is Selling Off Zagat ( 33

An anonymous reader quotes a report from TechCrunch: Seven years after picking up Zagat for $151 million, Google is selling off the perennial restaurant recommendation service. The New York Times is reporting this morning that the technology giant is selling off the company to The Infatuation, a review site founded nine years back by former music execs. The company had been rumored to be courting a buyer since early this year. As Reuters noted at the time, Zagat has increasingly become less of a focus for Google, as the company began growing its database of restaurant recommendations organically. Zagat, meanwhile, has lost much of the shine it had when Google purchased it nearly a decade ago. The Infatuation, which uses an in-house team of reviewers to write up restaurants in major cities like New York, San Francisco, Los Angeles and London, is picking up the service for an undisclosed amount. The site clearly believes there's value left in the Zagat brand, even as the business of online reviews has changed significantly in the seven years sinceGoogle picked it up.

The Slow Death of the Internet Cookie ( 97

Sara Fischer, writing for Axios: Over 60% of marketers believe they will no longer need to rely on tracking cookies, a 20-year-old desktop-based technology, for the majority of their digital marketing within the next two years, according to data from Viant Technology, an advertising cloud. Why it matters: Advertising and web-based services that were cookie-dependent are slowly being phased out of our mobile-first world, where more personalized data targeting is done without using cookies. Marketers are moving away from using cookies to track user data on the web to target ads now that people are moving away from desktop. 90% of marketers say they see improved performance from people-based marketing, compared with cookie-based campaigns.
The Internet

WordPress Now Powers 30% of Websites ( 64

WordPress now powers 30 percent of the web, according to data from web technology survey firm W3Techs. From a report: This represents a 5 percentage point increase in nearly two and a half years, after WordPress hit the 25 percent mark in November 2015. It's worth noting here that this figure relates to the entire Web, regardless of whether a website uses a content management system (CMS) or not. If we're looking at market share, WordPress actually claims 60.2 percent, up from 58.7 percent in November 2015. By comparison, its nearest CMS rival, Joomla, has seen its usage jump from 2.8 percent to 3.1 percent, while Drupal is up from 2.1 percent to 2.2 percent.

Rhode Island Bill Would Impose Fee For Accessing Online Porn ( 503

If a recently introduced bill passes the General Assembly this session, Rhode Island residents will have to pay a $20 fee to access sexually explicit content online. The bill, introduced by Sen. Frank Ciccone (D-Providence) and Sen. Hanna Gallo (D-Cranston), would require internet providers to digitally block "sexual content and patently offensive material." Consumers could then deactivate that block for a fee of $20. The Providence Journal reports: Each quarter the internet providers would give the money made from the deactivation fees to the state's general treasurer, who would forward the money to the attorney general to fund the operations of the Council on Human Trafficking, according to the bill's language. If online distributors of sexual content do not comply with the filter, the attorney general or a consumer could file a civil suit of up to $500 for each piece of content reported, but not blocked, according to the bill.

Six Tech Companies Filing Net Neutrality Lawsuit ( 31

An anonymous reader quotes a report from The Hill: Six technology companies, including Kickstarter, Foursquare and Etsy, have launched a lawsuit against the Federal Communications Commission (FCC) in an effort to preserve net neutrality rules. The companies, which also include Shutterstock, Expa and Automattic, on Monday filed their petition with the U.S. Court of Appeals for the District of Columbia Circuit. The companies join Vimeo and Mozilla, as well as several state attorneys general who have also filed lawsuits against the FCC in support of the net neutrality rules. Like the other lawsuits, their new case hinges on the Administrative Procedure Act, which they argue prevents the FCC from "arbitrary and capricious" redactions to already existing policy. "Already, over 30,000 Etsy sellers participated in the FCC's public comment process, and tens of thousands more reached out to Congress in support of net neutrality. Now we're bringing their stories and experiences to the courts," said Althea Erickson, head of advocacy and impact at Etsy.

Slashdot Top Deals