Censorship

50,000 Users Test New Anti-Censorship Tool TapDance (www.cbc.ca) 159

The CBC reports: What if circumventing censorship didn't rely on some app or service provider that would eventually get blocked but was built into the very core of the internet itself? What if the routers and servers that underpin the internet -- infrastructure so important that it would be impractical to block -- could also double as one big anti-censorship tool...? After six years in development, three research groups have joined forces to conduct real-world tests.
An anonymous reader writes: Earlier this week, Professor Eric Wustrow, from the University of Colorado at Boulder, presented An ISP-Scale Deployment of TapDance at the USENIX Workshop on Free and Open Communications on the Internet. TapDance is an anti-censorship, circumvention application based on "refraction networking" (formerly known as "decoy routing") that has been the subject of academic research for several years. Now, with integration with Psiphon, 50,000 users, a deployment that spans two ISPs, and an open source release, it seems to have graduated to the real world.
"In the long run, we absolutely do want to see refraction networking deployed at as many ISPs that are as deep in the network as possible," one of the paper's authors told the CBC. "We would love to be so deeply embedded in the core of the network that to block this tool of free communication would be cost-prohibitive for censors."
Google

Google Explains Why It Banned the App For Gab, a Right-Wing Twitter Rival (arstechnica.com) 518

AmiMoJo shares a report from Ars Technica: When right-wing trolls and outright racists get kicked off of Twitter, they often move to Gab, a right-wing Twitter competitor. Gab was founded by Andrew Torba, who says it's devoted to unfettered free expression online. The site also hosts controversial right-wing figures like Milo Yiannopoulos, Andrew 'weev' Auernheimer and Andrew Anglin, editor of the neo-Nazi site Daily Stormer. On Thursday, Gab said that Google had banned its Android app from the Google Play Store for violating Google's ban on hate speech. The app's main competitor, Twitter, hosts accounts like the American Nazi Party, the Ku Klux Klan, and the virulently anti-gay Westboro Baptist Church, yet the Twitter app is still available on the Google Play store. Apple has long had more restrictive app store policies, and it originally rejected the Gab app for allowing pornographic content to be posted on the service -- despite the fact that hardcore pornography is readily available on Twitter. In an email to Ars, Google explained its decision to remove Gab from the Play Store: "In order to be on the Play Store, social networking apps need to demonstrate a sufficient level of moderation, including for content that encourages violence and advocates hate against groups of people. This is a long-standing rule and clearly stated in our developer policies. Developers always have the opportunity to appeal a suspension and may have their apps reinstated if they've addressed the policy violations and are compliant with our Developer Program Policies."
Microsoft

The Docx Games: Three Days At the Microsoft Office World Championship (theverge.com) 57

An anonymous reader shares a report: On a Sunday night two weeks back, in the Rose Court Garden of the Disneyland Hotel in Anaheim, California, 150 antsy competitors between the ages of 13 and 22 milled around eating miniature whoopie pies by the light of the Moon, sizing up their global rivals in the efficient use of Excel, PowerPoint, and Word. It was as if the Olympics opening ceremony was replaced by a networking event: teens were decked out in national T-shirts, while others handed out business cards specially made for the event. At one table off by the bar, two chaperones nudged their folding chairs closer together and taught each other how to say hello ("Yassas," "Ciao") in their respective mother tongues. In the distance, through the palms, the tiki torches of Trader Sam's, the hotel's poolside lounge, were flickering into the black sky. This marked the first night of the 16th Microsoft Office Specialist (MOS) World Championship, in which teens and young 20-somethings compete for the title of World Champion in their chosen professional application. It's an event put on annually by Certiport, a Utah-based subsidiary of standardized testing giant Pearson VUE. It's also a marketing stunt, pure and simple, devised to promote Certiport's line of Microsoft Office certifications. This allows the certified to confirm the line on their resume that claims "proficiency in MS Office" is backed up by some solid knowledge of deep formatting and presentation design.
Communications

BrickerBot Dev Claims Cyber-Attack That Affected Over 60,000 Indian Modems (bleepingcomputer.com) 32

An anonymous reader quotes a report from Bleeping Computer: "The author of the BrickerBot malware has claimed a cyber-attack that affected several Indian states and has caused over 60,000 modems and routers to lose Internet connectivity," reports Bleeping Computer. "The incident affected modems and routers belonging to Bharat Sanchar Nigam Limited (BSNL) and Mahanagar Telephone Nigam Limited (MTNL), two Indian state-owned telecommunications service providers." The BrickerBot malware infected modems that used default passwords and modems that the two ISPs left exposed via the TR069 management interface to connections from anywhere on the Internet. BrickerBot is a malware strain that affects Linux-based IoT and networking devices. Unlike other malware that hoards devices into botnets for DDoS attacks and other purposes, BrickerBot "bricks" the equipment by rewriting its flash storage with random data. In most cases this bricking effect can be reversed, but in some cases this is permanent. BSNL and MTNL had worked to fix problems but efforts were delayed after a BSNL workforce strike. The BrickerBot author also raised the alarm about similar exposed devices on the network of Pakistan Telecommunication Company Limited (PTCL). In April, the BrickerBot author claimed he bricked over 2 million devices.
Open Source

FreeBSD 11.1 Released (freebsd.org) 219

Billly Gates writes: Linux is not the only free open-source operating system. FreeBSD, which is based off of the historical BSD Unix in which TCP/IP was developed on from the University of California at Berkeley, has been updated. It does not include systemd nor PulseAudio and is popular in many web server installations and networking devices. FreeBSD 11.1 is out with improvements in UEFI and Amazon cloud support in addition to updated userland programs. EFI improvements including a new utility efivar(8) to manage UEFI variables, EFI boot from TFTP or NFS, as well as Microsoft Hyper-V UEFI and Secure Boot for generation 2 virtual machines for both Windows Server and Windows 10 Professional hosts. FreeBSD 11.1 also has extended support Amazon Cloud features. A new networking stack for Amazon has been added with the ena(4) driver, which adds support for Amazon EC2 platform. This also adds support for using Amazon EC2 NFS shares and support for the Amazon Elastic Filesystem for NFS. For application updates, FreeBSD 11.1 Clang, LLVM, LLD, LLDB, and libc++ to version 4.0.0. ZFS has been updated too with a new zfsbootcfg with minor performance improvements. Downloads are here which include Sparc, PowerPC, and even custom SD card images for Raspberry Pi, Beagle-bone and other devices.
Network

Ask Slashdot: Best Option For a Touring Band With Mobile Data? 203

New submitter SEMLogistics writes: I'm working with a well-known rock band, that is not based in the U.S., and has an upcoming U.S. tour this fall. The issue they always run into, however, is when renting a tour bus and traveling with 12 to 14 people, they consistently blow through data allowances set by the bus company. This leads to tremendously expensive overages, and greatly throttled data. "When chartering a Nightliner tour bus, travel companies only typically allow for 10GB data a month. With 12 people, downloading music and streaming movies, we can easily exceed 12GB a day! This leads to thousands of dollars every month in overages!"

Slashdot, help! Are there any good mobile hotspot options with unlimited data, and monthly contracts (I haven't found any), or other alternatives than to simply be held a data-hostage?
Wireless Networking

Ask Slashdot: How Can You Avoid Routers With Locked Firmware? 320

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?

The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?
The Military

The US Army Wants Distributed Bot Swarms And An 'Internet of Battlefield Things' (defenseone.com) 90

turkeydance shares a new report about the U.S. Army Research Lab: In the coming months, the Lab will fund new programs related to highly (but not fully) autonomous drones and robots that can withstand adversary electronic warfare operations... A second program called the Internet of Battlefield Things seeks to put to military use "the research that's going on in the commercial space" on distributed sensors and Internet-connected devices... One thrust will be equipping drones and other autonomous systems with bigger brains and better networking so that they can function even when an enemy jams their ability to radio back to a human controller for direction... "When you don't have bandwidth, when you're under cyber attack, when you're being jammed. That's the problem we're trying to address."
The lab's director also says they want "as much processing as possible on the node" so it can continue functioning in "contested environments."
Youtube

YouTube Will Now Redirect Searches For Extremist Videos To Anti-Terrorist Playlists (tubefilter.com) 136

YouTube will return anti-terrorist playlists when users search for hateful content on the site using certain keywords pertaining to terrorism. Tubefilter.com reports: The new feature, dubbed The Redirect Method, is part of a four-prong strategy announced by Google last month to quash extremist ideologies across its platforms. The Redirect Method was developed by Jigsaw -- an Alphabet subsidiary whose mission is to counter extremism, censorship, and cyber attacks -- alongside another tech company called Moonshot CVE (which stands for "Countering Violent Extremism"). Jigsaw and Moonshot CVE developed the tech after studying, over several years, how terrorist factions like ISIS leverage technology to spread their messaging and recruit new followers. In coming weeks, YouTube says it intends to incorporate The Redirect Method into a wider set of search queries in languages beyond English, use machine learning to dynamically update search terms, work with partner NGOs to develop new anti-extremist content, and roll out the Method to Europe.
Communications

FCC Refuses To Release Text of More Than 40,000 Net Neutrality Complaints (arstechnica.com) 64

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission has denied a request to extend the deadline for filing public comments on its plan to overturn net neutrality rules, and the FCC is refusing to release the text of more than 40,000 net neutrality complaints that it has received since June 2015. The National Hispanic Media Coalition (NHMC) filed a Freedom of Information Act (FoIA) request in May of this year for tens of thousands of net neutrality complaints that Internet users filed against their ISPs. The NHMC argues that the details of these complaints are crucial for analyzing FCC Chairman Ajit Pai's proposal to overturn net neutrality rules. The coalition also asked the FCC to extend the initial comment deadline until 60 days after the commission fully complies with the FoIA request. A deadline extension would have given people more time to file public comments on the plan to eliminate net neutrality rules. Instead, the FCC yesterday denied the motion for an extension and said that it will only provide the text for a fraction of the complaints, because providing them all would be too burdensome.
Network

Mesh Networking Comes To Bluetooth, Which Could Set Off a New Wave of Smart Buildings (geekwire.com) 70

One of the most widely used technologies in mobile computing is getting an important upgrade that could accelerate the development of the smart home and industrial internet. From a report: The Bluetooth Special Interest Group, the Kirkland, Wash.-based group that enforces compatibility among the billions of devices that use the short-range Bluetooth wireless technology, plans to announce Tuesday that the standard now supports mesh networking. Mesh networks connect a variety of access points and devices across a distributed network, rather than the one-to-one connection that currently exists between your smartphone and that headset that makes you look ridiculous. This approach dramatically improves the range and reliability of a wireless network, since information can be relayed across several different devices rather than having to stretch between two far-apart devices. And if part of the network goes offline, mesh technology has the capability to route around that outage and still carry out its original mission. Wi-Fi networks have also been getting in on this mesh networking act, which has an additional bonus: mesh networks are much easier to set up than traditional wireless networks.
The Internet

Comcast Says Should Be Able To Create Internet Fast Lanes For Self-Driving Cars (theverge.com) 121

An anonymous reader quotes a report from The Verge: Comcast filed comments in support of the FCC's plan to kill the 2015 net neutrality rules today. And while pretty much everything in them is expected -- Comcast thinks the rules are burdensome and hurt investment, yet it says it generally supports the principles of net neutrality -- there's one telling new quirk that stands out in its phrasing: Comcast now says it's in support of a ban on "anticompetitive paid prioritization," which is really a way of saying paid prioritization should be allowed. "The commission also should bear in mind that a more flexible approach to prioritization may be warranted and may be beneficial to the public," Comcast says in its filing. The key qualification is "anticompetitive," which is a term that could be interpreted in a lot of different ways depending on who's defining it.

Comcast doesn't just see paid fast lanes being useful for medicine, however. It also thinks they might be fair to sell to automakers for use in autonomous vehicles. "Likewise, for autonomous vehicles that may require instantaneous data transmission, black letter prohibitions on paid prioritization may actually stifle innovation instead of encouraging it," the filing says. This makes Comcast's position pretty confusing. Comcast says it opposes prioritizing one website over another. It even suggests the commission adopt a "strong presumption against" agreements that benefit an ISP's own content over competitors' work, but it's not clear how benefiting one car company or telemedicine company over another is any different.

The Internet

Cox Expands Home Internet Data Caps, While CenturyLink Abandons Them (arstechnica.com) 73

An anonymous reader quotes a report from Ars Technica: Cox, the third largest U.S. cable company, last week started charging overage fees to customers in four more states. Internet provider CenturyLink, on the other hand, recently ended an experiment with data caps and is giving bill credits to customers in the state of Washington who were charged overage fees during the yearlong trial. Cox, which operates in 18 states with about six million residential and business customers, last week brought overage fees to Arizona, Louisiana, Nevada, and Oklahoma. Cox was already enforcing data caps and overage fees in Arkansas, Connecticut, Florida, Georgia, Idaho, Iowa, Kansas, Nebraska, and Ohio. California, Rhode Island, and Virginia technically have monthly caps but no enforcement of overage fees, according to Cox's list of data caps by location. Massachusetts and North Carolina seem to be exempt from the Cox data caps altogether. Similar to Comcast, Cox lets capped customers use 1TB of data a month and charges $10 for each additional block of 50GB. Cox will introduce a pricier "unlimited" plan later this year, Multichannel News reported. If Cox continues to match Comcast's pricing, the unlimited data plan would cost an additional $50 a month above what customers normally pay. A year ago, CenturyLink started a data-cap trial in Yakima, Washington, imposing a 300GB-per-month cap and overage fees of $10 for each additional 50GB. But instead of expanding the overage fees to more cities, CenturyLink ended the "usage-based billing program."
Businesses

Broadcom Gets Green Light From Feds To Buy San Jose's Brocade For $5.9 billion (bizjournals.com) 27

Chipmaker Broadcom on Monday won approval from the U.S. Federal Trade Commission to purchase San Jose-based Brocade Communications Systems for $5.9 billion. From a report: To land U.S. approval, Broadcom had to promise federal regulators not to use information from the acquisition to hurt Cisco Systems. At issue with U.S. regulators was possible impacts on Cisco, since Cisco buys chips from Broadcom, but competes with Brocade. On the flip side, regulators worried Broadcom might use its position as supplier and competitor to raise the prices on fiber channel switches, a niche networking segment that's owned completely by Brocade and Cisco. To assuage those concerns, Broadcom agreed to set up an operations "firewall" internally, so that competitive information that might hurt Cisco won't be shared internally. It also agreed to submit to regulatory oversight for five years after the deal is completed.
The Internet

NSA 'Traffic Shaping' Can Divert US Internet Traffic For Easier Monitoring (zdnet.com) 78

schwit1 shares an article from ZDNet: A new analysis of documents leaked by whistleblower Edward Snowden details a highly classified technique that allows the National Security Agency to "deliberately divert" U.S. internet traffic, normally safeguarded by constitutional protections, overseas in order to conduct unrestrained data collection on Americans. According to the new analysis, the NSA has clandestine means of "diverting portions of the river of internet traffic that travels on global communications cables," which allows it to bypass protections put into place by Congress to prevent domestic surveillance on Americans.

The new findings follow a 2014 paper by researchers Axel Arnbak and Sharon Goldberg, published on sister-site CBS News, which theorized that the NSA, whose job it is to produce intelligence from overseas targets, was using a "traffic shaping" technique to route US internet data overseas so that it could be incidentally collected under the authority of a largely unknown executive order... The research cites several ways the NSA is actively exploiting methods to shape and reroute internet traffic -- many of which are well-known in security and networking circles -- such as hacking into routers or using the simpler, less legally demanding option of forcing major network providers or telecoms firms into cooperating and diverting traffic to a convenient location.

Businesses

24 Women Allege Sexual Harassment By Investors, and Another VC Gets Demoted (nytimes.com) 184

An anonymous reader writes: Friday technology investor Dave McClure tweeted a link to a statement from the new CEO of the start-up incubator he co-founded which announces his demotion after engaging in "inappropriate interactions with women in the tech community." The new CEO of 500 Startups says "I sincerely apologize for the choices he made and the pain and stress they've caused people. But apologies aren't enough without meaningful actions and change. Because of this, we made the decision a few months ago to change the leadership structure at 500." Meanwhile, McClure will attend counseling "to work on changing his perspectives and preventing his previous unacceptable behavior... As much as we want to be part of the solution, we clearly have also been part of the problem."

The same day more than two dozen female entrepreneurs told the New York Times about incidents of sexual harassment in the start-up industry, "often providing corroborating messages and emails." Several women told the Times they were warned that saying anything might lead to ostracism. Chris Sacca -- whose firm invested in Twitter, Uber, Instagram, Twilio, and Kickstarter -- told the Times he was grateful for the courage of the female entrepreneur who told the Times how he'd propositioned her, and Sacca also wrote in a post on Medium, "I've learned that it's often the less obvious, yet pervasive and questionable, everyday behaviors of men in our industry that collectively make it inhospitable for women... It's the unrelenting, day-to-day culture of dismissiveness that creates a continually bleak environment for women and other underrepresented groups." The article also notes that Justin Caldbeck -- accused by six different founders of making unwanted advances -- worked at three different VC firms over the last seven years. The Times also cites a 2014 admission by investor Pavel Curda that he sent two women text messages asking for sex after a networking event, adding "The new accounts underscore how sexual harassment in the tech start-up ecosystem goes beyond one firm and is pervasive and ingrained."

Communications

August Solar Eclipse Could Disrupt Roads and Cellular Networks 95

GeoGreg writes: On August 21, 2017, the contiguous United States will experience its first total solar eclipse since 1979. According to GreatAmericanEclipse.com's Michael Zeiler, approximately 200 million people live within one day's drive of the eclipse. Zeiler projects that between 1.85 to 7.4 million people will attempt to visit the path of totality. As the eclipse approaches, articles are appearing predicting the possibility of automobile traffic jamming rural roads. There is also concern about the ability of rural cellular networks to handle such a large influx. AT&T is bringing in Cell On Wheel (COW) systems to rural locations in Kentucky, Idaho, and Oregon, while Verizon is building a temporary tower in Jackson Hole, Wyoming. The disruption could be frustrating to those trying to get to the eclipse or share their photos via social networking. If cellular networks can't handle the data, apps like Waze won't be much help in avoiding the traffic. If communication is essential near the eclipse path, Astronomy Magazine recommends renting a satellite phone.
The Almighty Buck

The People GoFundMe Leaves Behind (theoutline.com) 242

citadrianne shares a report from The Outline: President Donald Trump's proposed budget seeks to slash $54 billion from social services including programs like Medicaid and Meals on Wheels. As these resources dry up, crowdfunding websites will further entrench themselves as extra-governmental welfare providers in order to fill the gap. For a lucky few, these sites are a lifeline. For most people, they are worthless. Crowdfunding's fatal flaw is that not every campaign ends up getting the money it needs. A recent study published in the journal Social Science & Medicine found that more than 90 percent of GoFundMe campaigns never meet their goal. For every crowdfunding success story, there are hundreds of failures. "As many happy stories as there are in charitable crowdfunding, there are a lot of really worthy causes when you browse these platforms that nobody has given a cent to," Rob Gleasure, professor at the business school of the National University of Ireland, Cork told The Outline. "People haven't come across them." Feller and Gleasure's report highlighted how fickle crowdfunding can be. Of all the Razoo campaigns started in 2013, they found, more than a third didn't receive any funding at all. According to their report, donors are more likely to give to campaigns that feature lots of pictures and accompanying text.
Social Networks

Supreme Court Rules Sex Offenders Can't Be Barred From Social Media (gizmodo.com) 114

An anonymous reader quotes a report from Gizmodo: In a unanimous decision today, the Supreme Court struck down a North Carolina law that prevents sex offenders from posting on social media where children might be present, saying it "impermissibly restricts lawful speech." In doing so, the Supreme Court asserted what we all know to be true: Posting is essential to the survival of the republic. The court ruled that to "foreclose access to social media altogether is to prevent the user from engaging in the legitimate exercise of First Amendment rights." The court correctly noted that "one of the most important places to exchange views is cyberspace." The North Carolina law was ruled to be overly broad, barring "access to what for many are the principal sources for knowing current events, checking ads for employment, speaking and listening in the modern public square, and otherwise exploring the vast realms of human thought and knowledge."
Security

Firm Responsible For Mirai-Infected Webcams Hires Software Firm To Make Its Products More Secure (securityledger.com) 18

chicksdaddy writes from a report via The Security Ledger: After seeding the globe with hackable DVRs and webcams, Zhejiang Dahua Technology Co., Ltd. of Hangzhou, China will be working with the U.S. firm Synopsys to "enhance the security of its Internet of Things (IoT) devices and solutions." Dahua, based in Hangzhou, China said it will with Mountain View based Synopsys to "enhance the security of its Internet of Things (IoT) devices and solutions." In a joint statement, the companies said Dahua will be adopting secure "software development life cycle (SDLC) and supply chain" practices using Synopsys technologies in an effort to reduce the number of "vulnerabilities that can jeopardize our products," according to a statement attributed to Fu Liquan, Dahua's Chairman, The Security Ledger reports. Dahua's cameras and digital video recorders (DVRs) figured prominently in the Mirai botnet, which launched massive denial of service attacks against websites in Europe and the U.S., including the French web hosting firm OVH, security news site Krebsonsecurity.com and the New Hampshire based managed DNS provider Dyn. Cybercriminals behind the botnet apparently exploited an overflow vulnerability in the web interface for cameras and DVRs to gain access to the underlying Linux operating system and install the Mirai software, according to research by the firm Level3. In March, Dahua was called out for another, serious vulnerability in eleven models of video recorders and IP cameras. Namely: a back door account that gave remote attackers full control of vulnerable devices without the need to authenticate to the device. The flaw was first disclosed on the Full Disclosure mailing list and described as "like a damn Hollywood hack, click on one button and you are in."

Slashdot Top Deals