An anonymous reader writes: Terrorist organization ISIS has been in the news a lot lately for their hostile activities in Iraq and Syria. They've also been very active online, posting propaganda and photos on various social networking sites to try to recruit more members. Frequently, they'll have pictures of themselves in nondescript locations — but even carefully selected images give clues to a real location. Citizen journalists at Bellingcat analyzed a group of these photos, comparing buildings and bridges in the background to images from Google Earth. With very little to go on, they were able to pinpoint the location of a terrorist training camp.
Catch up on stories from the past week (and beyond) at the Slashdot story archive
An anonymous reader notes coverage of research from the University of Michigan into the ease with which attackers can hack traffic lights. From the article: As is typical in large urban areas, the traffic lights in the subject city are networked in a tree-type topology, allowing them to pass information to and receive instruction from a central management point. The network is IP-based, with all the nodes (intersections and management computers) on a single subnet. In order to save on installation costs and increase flexibility, the traffic light system uses wireless radios rather than dedicated physical networking links for its communication infrastructure—and that’s the hole the research team exploited. ... The 5.8GHz network has no password and uses no encryption; with a proper radio in hand, joining is trivial. ... The research team quickly discovered that the debug port was open on the live controllers and could directly "read and write arbitrary memory locations, kill tasks, and even reboot the device (PDF)." Debug access to the system also let the researchers look at how the controller communicates to its attached devices—the traffic lights and intersection cameras. They quickly discovered that the control system’s communication was totally non-obfuscated and easy to understand—and easy to subvert.
An anonymous reader writes: It seems the latest trend sweeping the online world is the idea that email is on its way out. Kids are eschewing email for any of the hundreds of different instant messaging services, and startups are targeting email as a system they can "disrupt." Alexis C. Madrigal argues that attempts to move past email are shortsighted and faddish, as none of the alternatives give as much power to the user. "Email is actually a tremendous, decentralized, open platform on which new, innovative things can and have been built. In that way, email represents a different model from the closed ecosystems we see proliferating across our computers and devices. Email is a refugee from the open, interoperable, less-controlled 'web we lost.' It's an exciting landscape of freedom amidst the walled gardens of social networking and messaging services." Madrigal does believe that email will gradually lose some of its current uses as new technologies spring up and mature, but the core functionality is here to stay.
New submitter Nocturrne writes: The FOSS project Lantern is having great success in unblocking the internet for many users in oppressive regimes, like China and Iran. Much like Tor and BitTorrent, Lantern is using peer-to-peer networking to overcome firewalls, but with the additional security of a trusted network of friends. "If you download Lantern in an uncensored region, you can connect with someone in a censored region, who can then access whatever content they want through you. What makes the system so unique is that it operates on the basis of trust. ... Through a process called consistent routing, the amount of information any single Lantern user can learn about other users is limited to a small subset, making infiltration significantly more difficult." The network of peers is growing, but we need more friends in uncensored countries to join us.
itwbennett writes: Telecom equipment vendor Adtran has developed a technology that will make it easier for operators to roll out broadband speeds close to 500Mbps over copper lines. Adtran's FDV (Frequency Division Vectoring), enhances the capabilities of two technologies — VDSL2 with vectoring and G.fast — by enabling them to better coexist over a single subscriber line, the company said. VDSL2 with vectoring, which improves speeds by reducing noise and can deliver up to 150Mbps, is currently being rolled out by operators, while G.fast, which is capable of 500Mbps, is still under development, with the first deployments coming in mid-2015. FDV will make it easier for operators to roll out G.fast once it's ready and expand where it can be used, according to Adtran. Meanwhile, Ars Technica has an article about how Verizon is letting its copper network rot in order to passively encourage customers to switch to fiber.
alphadogg (971356) writes Cisco Systems will cut as many as 6,000 jobs over the next 12 months, saying it needs to shift resources to growing businesses such as cloud, software and security. The move will be a reorganization rather than a net reduction, the company said. It needs to cut jobs because the product categories where it sees the strongest growth, such as security, require special skills, so it needs to make room for workers in those areas, it said. 'If we don't have the courage to change, if we don't lead the change, we will be left behind,' Chairman and CEO John Chambers said on a conference call.
New submitter User0x45 writes: Here's a nicely transparent announcement: "T-mobile has identified customers who are heavy data users and are engaged in peer-to-peer file sharing, and tethering outside of T-Mobile’s Terms and Conditions (T&C). This results in a negative data network experience for T-Mobile customers. Beginning August 17, T-Mobile will begin to address customers who are conducting activities outside of T-Mobile’s T&Cs." Obviously, it's not a good announcement for people with unlimited plans, but at least it's clear. T-mobile also pulled the backwards anti-net neutrality thing by happily announcing 'Free Streaming' from select music providers... which is, in effect, making non-select usage fee-based.
New submitter pla writes: Due to a new set of routes published yesterday, the internet has effectively undergone a schism. All routers with a TCAM allocation of 512k (or less), in particular Cisco Catalyst 6500 and 7600's, have started randomly forgetting portions of the internet. 'Cisco also warned its customers in May that this BGP problem was coming and that, in particular, a number of routers and networking products would be affected. There are workarounds, and, of course the equipment could have been replaced. But, in all too many cases this was not done. ... Unfortunately, we can expect more hiccups on the Internet as ISPs continue to deal with the BGP problem." Is it time to switch to all IPv6 yet?
First time accepted submitter jarmund (2752233) writes "I first got a WRT54GL in 2007. Now, 7 years later, it's still churning along, despite only having one of its antennae left after an encounter with a toddler. As it is simply not up to date to today's standards (802.11N for example), what is a worthy successor? I enjoyed the freedom to choose the firmware myself (I've run Tomato on it since 2008), in addition to its robustness. A replacement will be considered second-rate unless it catered for the same freedom as its predecessor." Is there a canonical best household router nowadays?
An anonymous reader writes with news that bogus BGP announcements can be used to hijack work done by cryptocurrency mining pools. Quoting El Reg: Researchers at Dell's SecureWorks Counter Threat Unit (CTU) have identified an exploit that can be used to steal cryptocurrency from mining pools — and they claim that at least one unknown miscreant has already used the technique to pilfer tens of thousands of dollars in digital cash. The heist was achieved by using bogus Border Gateway Protocol (BGP) broadcasts to hijack networks belonging to multiple large hosting companies, including Amazon, Digital Ocean, and OVH, among others. After sending the fake BGP updates miners unknowingly contributed work to the attackers' pools.
OpenSignal, by means of mobile apps for iOS and Android, has been amassing data on Wi-Fi and cell-network signal strength. They released yesterday a few of their findings on the speed of Wi-Fi available at U.S. chain hotels (download speeds, specifically). Though it shouldn't be surprising that (as their data shows) more expensive hotels generally have faster speeds, I know it hasn't always matched my own experience. (Hotel chains also vary, even within brands, in whether the in-room Wi-Fi is free, cheap, or exorbitant.) If the in-room connection is flaky or expensive, though, from the same report it seems you'll do better by popping into a Google-networked Starbucks location than one fed by AT&T, and McDonalds beats Panera Bread by quite a bit.
An anonymous reader writes Facebook posted a career application which, in their own words is 'seeking a Linux Kernel Software Engineer to join our Kernel team, with a primary focus on the networking subsystem. Our goal over the next few years is for the Linux kernel network stack to rival or exceed that of FreeBSD.' Two interesting bullet points listing "responsibilities": Improve IPv6 support in the kernel, and eliminate perf and stability issues. FB is one of the worlds largest IPv6 deployments; Investigate and participate in emerging protocols (MPTCP, QUIC, etc) discussions,implementation, experimentation, tooling, etc.
An anonymous reader writes About a week ago, the Federal Communications Commission (FCC) asked for Verizon's justification on its policy of throttling users who pay for unlimited data usage. "I know of no past Commission statement that would treat 'as reasonable network management' a decision to slow traffic to a user who has paid, after all, for 'unlimited' service," the FCC wrote. In its response, Verizon has indicated that its throttling policy is meant to provide users with an incentive to limit their data usage. The company explained that "a small percentage of the customers on these [unlimited] plans use disproportionately large amounts of data, and, unlike subscribers on usage-based plans, they have no incentive not to do so during times of unusually high demand....our practice is a measured and fair step to ensure that this small group of customers do not disadvantage all others."
Back in the dawn of prehistory, only universities, government agencies, and a few big corporations could get on the Internet. The rest of us either had computers connected to nothing (except maybe an electric outlet), Compuserve, Prodigy, AOL or another service or possibly to an online bulletin board service (BBS). And then, one day in 1989, Barry Shein hooked a server and some modems to an Internet node he managed for a corporate/academic wholesale Internet provider -- and started selling dialup accounts for $20 per month to individuals, small companies, and just about anyone else who came along. Barry called his ISP The World, which is still out there with a retro home page ("Page last modified April 27, 2006"), still selling shell accounts. We may run a second interview with Barry next week, so please stay tuned. (Alternate Video Link)
Milo_Mindbender writes I'm trying to find a bulletproof near zero maintenance video conferencing client for shared use in an Alzheimers living facility. It's used so the patients can regularly see their relatives who are often out of town. Most everything I've tried on PC or Mac requires tweeks/updates from time to time to keep it working, not good in a place where there are no computer savvy people. It looks like most of the low cost dedicated boxes have died out too. The ideal setup will be turnkey with little-to-no maintenance and if possible support auto-answering calls from approved users. It needs to be compatible with video conferencing apps the relatives can easily get on phone/tablet/pc such as Skype, Facetime, Hangouts...etc. Any suggestions?
msm1267 (2804139) writes If multipath TCP is the next big thing to bring resilience and efficiency to networking, then there are some serious security issues to address before it goes mainstream. An expert at next week's Black Hat conference is expected to explain how the TCP extension leaves network security gear blind to traffic moving over multiple network streams. Today's IDS and IPS, for example, cannot correlate and re-assemble traffic as it's split over multiple paths. While such attacks are not entirely practical today, as multipath TCP becomes a fixture on popular networking gear and mobile devices, the risks will escalate. "[Multipath TCP] solves big problems we have today in an elegant fashion," said Catherine Pearce, security consultant and one of the presenters, along with Patrick Thomas. "You don't have to replace hardware or software; it handles all that stuff behind the scenes. But security tools are naïve [to MPTCP], and make assumptions that are no longer valid that were valid in the past."
jones_supa (887896) writes "Nokia's future as a company focused on providing network solutions, rather than mobile phones, looks to be bright. The company made big profits in the second quarter of 2014 after selling its mobile devices unit — the cornerstone of Nokia's rise in the 1990s — to Microsoft. Meanwhile Nokia has been buying up other businesses such as the Chicago-based SAC Wireless. Now Nokia is acquiring part of Panasonic's network business in an effort to boost its presence in Japan. The deal announced Thursday will give the Finnish firm control of roughly one third of Japan's mobile network market."
angry tapir writes The Internet domain name for a country doesn't belong to that country — nor to anyone, according to ICANN. Plaintiffs who successfully sued Iran, Syria and North Korea as sponsors of terrorism want to seize the three countries' ccTLDs (country code top-level domains) as part of financial judgments against them. The Internet Corporation for Assigned Names and Numbers, which oversees the Internet, says they can't do that because ccTLDs aren't even property.
rtoz writes with this excerpt from an IDG story about the creation of an Android fork made just for Google's modular cell-phone project : A special edition of Android had to be created for the unique customizable design of Project Ara, said George Grey, CEO of Linaro. ... Android can already plug and play SD cards. But Grey said additional OS functionality is needed for storage, cameras and other modules that are typically inside smartphones, but can now be externally added to Project Ara. A lot of work is also being done on UniPro transport drivers, which connect modules and components in Project Ara. UniPro protocol drivers in Android will function much like the USB protocol, where modules will be recognized based on different driver "classes," such as those for networking, sensor, imaging, input and others. Some attachable parts may not be recognized by Android. For those parts, separate drivers need to be developed by module makers through emulators. "That will be need to be done in a secure system so the device can't do damage to the system," Grey said. Project Ara is a very disruptive concept, and it turns around conventional thinking on how to build phones, Grey said.