Businesses

FCC Announces Plan To Repeal Net Neutrality (nytimes.com) 7

FCC on Tuesday said it plans to dismantle landmark regulations that ensure equal access to the internet, clearing the way for companies to charge more and block access to some websites. From a report on the New York Times: The proposal, put forward by the F.C.C. chairman, Ajit Pai, is a sweeping repeal of rules put in place by the Obama administration that prohibited high-speed internet service providers from blocking or slowing down the delivery of websites, or charging extra fees for the best quality of streaming and other internet services for their subscribers. The clear winners from the move would be telecom giants like AT&T and Comcast that have lobbied for years against regulations of broadband and will now have more control over the online experiences of American consumers. The losers could be internet sites that will have to answer to telecom firms to get their content in front of consumers. And consumers may see their bills increase for the best quality of internet service. Editor's note: the aforementioned link could be paywalled; alternative source.

This is what the internet looks like when there is no net neutrality. Earlier today, news outlet Motherboard suggested we should build our own internet if we want to safeguard the essence of open internet.
Communications

To Save Net Neutrality, We Must Build Our Own Internet (vice.com) 106

In light of reports that FCC plans to announce a full repeal of net neutrality protections later this week, Jason Koebler, editor-in-chief of Motherboard, suggests that it is time we cut our reliance on big telecom monopolies. He writes: Net neutrality as a principle of the federal government will soon be dead, but the protections are wildly popular among the American people and are integral to the internet as we know it. Rather than putting such a core tenet of the internet in the hands of politicians, whose whims and interests change with their donors, net neutrality must be protected by a populist revolution in the ownership of internet infrastructure and networks. In short, we must end our reliance on big telecom monopolies and build decentralized, affordable, locally owned internet infrastructure. The great news is this is currently possible in most parts of the United States. There has never been a better time to start your own internet service provider, leverage the publicly available fiber backbone, or build political support for new, local-government owned networks. For the last several months, Motherboard has been chronicling the myriad ways communities passed over by big telecom have built their own internet networks or have partnered with small ISPs who have committed to protecting net neutrality to bring affordable high speed internet to towns and cities across the country.
Censorship

Skype Vanishes From App Stores in China (nytimes.com) 25

Skype, Microsoft's Internet phone call and messaging service, has been unavailable for download from a number of app stores in China, including Apple's, for almost a month (Editor's note: the link could be paywalled; alternative source), The New York Times reported on Tuesday. From the report: "We have been notified by the Ministry of Public Security that a number of voice over internet protocol apps do not comply with local law. Therefore these apps have been removed from the app store in China," an Apple spokeswoman said Tuesday in an emailed statement responding to questions about Skype's disappearance from the app store. "These apps remain available in all other markets where they do business." The removal led to a volley of complaints from Chinese users on internet message boards who were no longer able to pay for Skype's services through Apple. The users said that the disruption began in late October. Skype, which is owned by Microsoft, still functions in China, and its fate in the country is not yet clear. But its removal from the app stores is the most recent example of a decades-long push by China's government to control and monitor the flow of information online.
Privacy

Over 400 of the World's Most Popular Websites Record Your Every Keystroke (vice.com) 225

An anonymous reader quotes a report from Motherboard: The idea of websites tracking users isn't new, but research from Princeton University released last week indicates that online tracking is far more invasive than most users understand. In the first installment of a series titled "No Boundaries," three researchers from Princeton's Center for Information Technology Policy (CITP) explain how third-party scripts that run on many of the world's most popular websites track your every keystroke and then send that information to a third-party server. Some highly-trafficked sites run software that records every time you click and every word you type. If you go to a website, begin to fill out a form, and then abandon it, every letter you entered in is still recorded, according to the researchers' findings. If you accidentally paste something into a form that was copied to your clipboard, it's also recorded. These scripts, or bits of code that websites run, are called "session replay" scripts. Session replay scripts are used by companies to gain insight into how their customers are using their sites and to identify confusing webpages. But the scripts don't just aggregate general statistics, they record and are capable of playing back individual browsing sessions. The scripts don't run on every page, but are often placed on pages where users input sensitive information, like passwords and medical conditions. Most troubling is that the information session replay scripts collect can't "reasonably be expected to be kept anonymous," according to the researchers.
Bitcoin

An Ethereum Startup Just Vanished After People Invested $374K (vice.com) 178

An anonymous reader quotes a report from Motherboard: A startup on the Ethereum platform vanished from the internet on Sunday after raising $374,000 USD from investors in an Initial Coin Offering (ICO) fundraiser. Confido is a startup that pitched itself as a blockchain-based app for making payments and tracking shipments. It sold digital tokens to investors over the Ethereum blockchain in an ICO that ran from November 6 to 8. During the token sale, Confido sold people bespoke digital tokens that represent their investment in exchange for ether, Ethereum's digital currency. But on Sunday, the company unceremoniously deleted its Twitter account and took down its website. A company representative posted a brief comment to the company's now-private subforum on Reddit, citing legal problems that prevent the Confido team from continuing their work. The same message was also posted to Medium but quickly deleted.

"Right now, we are in a tight spot, as we are having legal trouble caused by a contract we signed," the message stated (a cached version of the Medium post is viewable). "It is likely that we will be able to find a solution to rectify the situation. However, we cannot assure you with 100% certainty that we will get through this." The message was apparently written by Confido's founder, one Joost van Doorn, who seems to have no internet presence besides a now-removed LinkedIn profile. Even the Confido representative on Reddit doesn't seem to know what's going on, though, posting hours after the initial message, "Look I have absolutely no idea what has happened here. The removal of all of our social media platforms and website has come as a complete surprise to me." Confido tokens had a market cap of $10 million last week, before the company disappeared, but now the tokens are worthless. And investors are crying foul.

Firefox

Another Tor Browser Feature Makes It Into Firefox: First-Party Isolation (bleepingcomputer.com) 89

An anonymous reader writes: Unbeknown to most users, Mozilla added a privacy-enhancing feature to the Firefox browser over the summer that can help users block online advertisers from tracking them across the Internet. The feature is named First-Party Isolation (FPI) and was silently added to the Firefox browser in August, with the release of Firefox 55. FPI works by separating cookies on a per-domain basis.

This is important because most online advertisers drop a cookie on the user's computer for each site the user visits and the advertisers loads an ad. With FPI enabled, the ad tracker won't be able to see all the cookies it dropped on that user's PC, but only the cookie created for the domain the user is currently viewing. This will force the ad tracker to create a new user profile for each site the user visits and the advertiser won't be able to aggregate these cookies and the user's browsing history into one big fat profile. This feature was first implemented in the Tor Browser, a privacy-focused fork of the Firefox browser managed by the Tor Project, where it is known as Cross-Origin Identifier Unlinkability. FPI was added to Firefox as part of the Tor Uplift project, an initiative to bolster the Firefox codebase with some of the Tor Browser's unique privacy-focused features. The feature is not enabled by default. Information on how to enable it is in the linked article.

Music

Stock Music Artists Aren't Always Happy About How Their Music Is Used (wired.com) 144

mirandakatz writes: If you're a stock music composer, you sign over the rights to whatever music you put up on a variety of hosting sites. That can get complicated -- especially when your music winds up being used to soundtrack hate speech. At Backchannel, Pippa Biddle dives into the knotty world of stock music, writing that stock music is 'a quick way for a talented musician to make a small buck. But there's a hidden cost: You lose control over where your work ends up. In hundreds, if not thousands, of cases, a tune becomes the backing track to hate speech or violent videos. Often such use violates the license the buyer agrees to when purchasing the track. But nobody reads the licenses -- and, more importantly, no one enforces them.'
The Media

Net Neutrality is Essentially Unassailable, Argues Billionaire Barry Diller (broadcastingcable.com) 78

An anonymous reader quotes Yahoo Finance: The billionaire media mogul behind such popular sites as Expedia, Match.com and HomeAdvisor has a one-word forecast for traditional media conglomerates concerned about being replaced by tech giants: serfdom. "They, like everyone else, are kind of going to be serfs on the land of the large tech companies," IAC chairman Barry Diller said... That's because Google and Facebook not only have such massive user bases but also dominate online advertising. "Google and Facebook are consolidating," Diller said. "They are the only mass advertising mediums we have..." He expects Facebook, Google and maybe Amazon to face government regulation, simply because of their immense size. "At a certain point in size, you must," he said. "It's inevitable."

He did, however, outline one positive for Big Tech getting so gargantuan. Big Telecom no longer has the economic leverage to roll back today's net-neutrality norms, in which internet providers don't try to charge sites extra for access to their subscribers. "I think it's hard to overturn practically," he said. "It is the accepted system."

Even if the U.S. government takes moves to fight net neutrality, Diller told CNBC that "I think it is over... It is [the] practice of the world... You're still going to be able to push a button and publish to the world, without anybody in between asking you for tribute. I think that is now just the way things are done. I don't think it can be violated no matter what laws are back."
Security

'Lazy' Hackers Exploit Microsoft RDP To Install Ransomware (sophos.com) 72

An anonymous reader writes: An investigation by Sophos has uncovered a new, lazy but effective ransomware attack where hackers brute force passwords on computers with [Microsoft's] Remote Desktop Protocol enabled, use off-the-shelf privilege escalation exploits to make themselves admins, turn off security software and then manually run fusty old versions of ransomware.
They even delete the recovery files created by Windows Live backup -- and make sure they can also scramble the database. "Because they've used their sysadmin powers to rig the system to be as insecure as they can, they can often use older versions of ransomware, perhaps even variants that other crooks have given up on and that are now floating around the internet 'for free'."

Most of the attacks hit small-to-medium companies with 30 or fewer employees, since "with small scale comes a dependence on external IT suppliers or 'jack-of-all-trades' IT generalists trying to manage cybersecurity along with many other responsibilities. In one case a victim was attacked repeatedly, because of a weak password used by a third-party application that demanded 24-hour administrator access for its support staff."
Medicine

Study of 500,000 Teens Suggests Association Between Excessive Screen Time and Depression (vice.com) 127

An anonymous reader quotes a report from Motherboard: Depression and suicide rates in teenagers have jumped in the last decade -- doubling between 2007 and 2015 for girls -- and the trend suspiciously coincides with when smartphones became their constant companions. A recent study places their screen time around nine hours per day. Another study, published on Tuesday, suggests that suicide and depression could be connected to the rise of smartphones, and increased screen time. Around 58 percent more girls reported depression symptoms in 2015 than in 2009, and suicide rates rose 65 percent. Smack in the middle of that window of time, smartphones gained market saturation.

In Twenge's new study, published in the journal Clinical Psychological Science, the researchers looked at two samples: a nationally representative survey by ongoing study "Monitoring the Future" out of the University of Michigan, which is administered annually to 8th, 10th, and 12th graders, and the Centers for Disease Control's Youth Risk Behavior Surveillance System, a sample of high school students administered by the CDC every other year. (Both surveys began in 1991.) Altogether, over 500,000 young people were included. The study authors examined trends in how teens used social media, the internet, electronic devices (including gaming systems and tablets), and smartphones, as well as how much time they spent doing non-screen activities like homework, playing sports, or socializing. Comparing these to publicly available data on mental health and suicide for these ages between 2010 and 2017 showed "a clear pattern linking screen activities with higher levels of depressive symptoms/suicide-related outcomes and non-screen activities with lower levels," the researchers wrote in the study. All activities involving screens were associated with higher levels of depression or suicide and suicidal thinking, and activities done away from a screen were not.

Verizon

Verizon: No 4G-Level Data Caps For 5G Home Service (pcmag.com) 56

Verizon recently announced that its upcoming 5G home internet service will not have the kinds of data limits you expect from current wireless services. It will reportedly be able to handle the average data load of a FiOS customer, and it won't be throttled down to 4G gigabyte caps. PC Magazine reports: Verizon has been trying out its new 5G home internet service for months. In a tour of its New Jersey lab, we got a closer look at the 5G antenna setup we saw at Mobile World Congress in February. It's a silver device the size of a paperback book, which connects to a Wi-Fi router with a display. You're supposed to put in a window facing Verizon's 5G service tower. In the test lab, engineer David Binczewski (below) showed us how the company is still working through the challenges of high-frequency, short-distance, millimeter-wave 5G -- most notably, how to penetrate various materials. In a chamber designed to test new 5G devices, he held up a piece of wood between a 5G emitter and a receiver, and we watched the signal fuzz out a bit on a nearby equipment screen. During a roundtable, VP of network support Mike Haberman, some other Verizon folks, and the assembled journalists agreed that an average data cap in the vicinity of 180GB/month would satisfy the average consumer. That's far more than Verizon's current 4G traffic management limit, where folks who use more than 22GB get sent to the back of the line if a tower is congested.
The Military

Massive US Military Social Media Spying Archive Left Wide Open In AWS S3 Buckets (theregister.co.uk) 84

An anonymous reader quotes a report from The Register: Three misconfigured AWS S3 buckets have been discovered wide open on the public internet containing "dozens of terabytes" of social media posts and similar pages -- all scraped from around the world by the U.S. military to identify and profile persons of interest. The archives were found by veteran security breach hunter UpGuard's Chris Vickery during a routine scan of open Amazon-hosted data silos, and these ones weren't exactly hidden. The buckets were named centcom-backup, centcom-archive, and pacom-archive. CENTCOM is the common abbreviation for the U.S. Central Command, which controls army operations in the Middle East, North Africa and Central Asia. PACOM is the name for U.S. Pacific Command, covering the rest of southern Asia, China and Australasia.

"For the research I downloaded 400GB of samples but there were many terabytes of data up there," he said. "It's mainly compressed text files that can expand out by a factor of ten so there's dozens and dozens of terabytes out there and that's a conservative estimate." Just one of the buckets contained 1.8 billion social media posts automatically fetched over the past eight years up to today. It mainly contains postings made in central Asia, however Vickery noted that some of the material is taken from comments made by American citizens. The databases also reveal some interesting clues as to what this information is being used for. Documents make reference to the fact that the archive was collected as part of the U.S. government's Outpost program, which is a social media monitoring and influencing campaign designed to target overseas youths and steer them away from terrorism.

Businesses

Tim Berners-Lee on the Future of the Web: 'The System is Failing' (theguardian.com) 164

Olivia Solon, writing for The Guardian: The inventor of the world wide web always maintained his creation was a reflection of humanity -- the good, the bad and the ugly. But Berners-Lee's vision for an "open platform that allows anyone to share information, access opportunities and collaborate across geographical boundaries" has been challenged by increasingly powerful digital gatekeepers whose algorithms can be weaponised by master manipulators. "I'm still an optimist, but an optimist standing at the top of the hill with a nasty storm blowing in my face, hanging on to a fence," said the British computer scientist. "We have to grit our teeth and hang on to the fence and not take it for granted that the web will lead us to wonderful things," he said. The spread of misinformation and propaganda online has exploded partly because of the way the advertising systems of large digital platforms such as Google or Facebook have been designed to hold people's attention. "People are being distorted by very finely trained AIs that figure out how to distract them," said Berners-Lee. In some cases, these platforms offer users who create content a cut of advertising revenue. The financial incentive drove Macedonian teenagers with "no political skin in the game" to generate political clickbait fake news that was distributed on Facebook and funded by revenue from Google's automated advertising engine AdSense. "The system is failing. The way ad revenue works with clickbait is not fulfilling the goal of helping humanity promote truth and democracy. So I am concerned," said Berners-Lee, who in March called for the regulation of online political advertising to prevent it from being used in "unethical ways."
Privacy

Germany Bans Children's Smartwatches (bbc.com) 44

A German regulator has banned the sale of smartwatches aimed at children, describing them as spying devices. From a report: It had previously banned an internet-connected doll called, My Friend Cayla, for similar reasons. Telecoms regulator the Federal Network Agency urged parents who had such watches to destroy them. One expert said the decision could be a "game-changer" for internet-connected devices. "Poorly secured smart devices often allow for privacy invasion. That is really concerning when it comes to kids' GPS tracking watches - the very watches that are supposed to help keep them safe," said Ken Munro, a security expert at Pen Test Partners.
Google

Google Will Stop Letting Sites Use AMP Format To Bait and Switch Readers (theverge.com) 57

"Google today announced a forthcoming update to its Accelerated Mobile Pages, or AMP, web format that aims to discourage website owners from misusing the service," reports The Verge. "The company says that, starting in February 2018, AMP pages must contain content nearly identical to that of the standard page they're replicating." From the report: Currently, because AMP pages load faster and more clutter-free versions of a website, they naturally contain both fewer ads and less links to other portions of a site. That's led some site owners to publish two versions of a webpage: a standard page and an AMP-specific one that acts a teaser of sorts that directs users to the original. That original page, or canonical page in Google parlance, is by nature a slower loading page containing more ads and with a potentially lower bounce rate, which is the percentage of viewers who only view one page before leaving. Now, Google is cracking down on that behavior. "AMP was introduced to dramatically improve the performance of the web and deliver a fast, consistent content consumption experience," writes Ashish Mehta, an AMP product manager. "In keeping with this goal, we'll be enforcing the requirement of close parity between AMP and canonical page, for pages that wish to be shown in Google Search as AMPs."
The Internet

Detroit's Marginalized Communities Are Building Their Own Internet (vice.com) 124

An anonymous reader writes: Motherboard has a report that discusses how some of Detroit's communities are building their own internet to help close the gap between the roughly 60 percent of Detroiters who have internet and 40 percent who don't. From the report: "[Diana Nucera, director of the Detroit Community Technology Project] is part of a growing cohort of Detroiters who have started a grassroots movement to close that gap, by building the internet themselves. It's a coalition of community members and multiple Detroit nonprofits. They're starting with three underserved neighborhoods, installing high speed internet that beams shared gigabit connections from an antenna on top of the tallest building on the street, and into the homes of people who have long gone without. They call it the Equitable Internet Initiative. The issue isn't only cost, though it is prohibitive for many Detroiters, but also infrastructure. Because of Detroit's economic woes, many Big Telecom companies haven't thought it worthwhile to invest in expanding their network to these communities. The city is filled with dark fiber optic cable that's not connected to any homes or businesses -- relics from more optimistic days.

Residents who can't afford internet, are on some kind of federal or city subsidy like food stamps, and students are prioritized for the Initiative, Nucera told me. The whole effort started last summer with enlisting digital stewards, locals from each neighborhood who were interested in working for the nonprofit coalition, doing everything from spreading the word, to teaching digital literacy, to installing routers and pulling fiber. Many of these stewards started out with little or no tech expertise, but after a 20-week-long training period, they've become experts able to install, troubleshoot, and maintain a network from end to end. They're also aiming to spread digital literacy, so people can truly own the network themselves."

Social Networks

Report Claims That 18 Nation's Elections Were Impacted By Social Engineering Last Year (bbc.com) 235

sqorbit writes: Independent watchdog group Freedom House released a report that claims that 18 nation's elections were "hacked." Of the 65 countries that Freedom House monitors, 30 appear to be using social media in order to affect elections by attempting to control online discussions. The report covers fake news posts, paid online opinion writers and trolling tactics. Other items in the report speak to online censorship and VPN blocking that blocks information within countries to interfere with elections. The report says net freedom could be aided by: large-scale programs that showed people how to spot fake news; putting tight controls on political adverts; and making social media giants do more to remove bots and tune algorithms to be more objective.
Twitter

Jack Dorsey Responds To Serial Killer Who Found His Victims Through Suicidal Twitter Posts (nhk.or.jp) 73

AmiMoJo shares a report from NHK WORLD: Twitter's CEO is reacting to a grisly case in Japan where a suspected serial killer allegedly found his victims through their suicidal posts on the social media platform. In an interview with NHK, Jack Dorsey said it is unrealistic and impossible to remove suicidal tweets. But he said he hoped Twitter could become a tool for prevention. Last month, the dismembered bodies of 9 people were found in 27-year-old Takahiro Shiraishi's apartment near Tokyo. Police say he admitted to the killings. They believe he preyed on people who posted about wanting to kill themselves on Twitter. Recently, Twitter updated its rules regarding posts about self-harm: "You may not promote or encourage suicide or self-harm. When we receive reports that a person is threatening suicide or self-harm, we may take a number of steps to assist them, such as reaching out to that person and providing resources such as contact information for our mental health partners."
EU

New EU Consumer Protection Law Contains a Vague Website Blocking Clause (bleepingcomputer.com) 45

An anonymous reader quotes a report from Bleeping Computer: The European Union (EU) has voted on Tuesday, November 14, to pass the new Consumer Protection Cooperation regulation, a new EU-wide applicable law that gives extra power to national consumer protection agencies, but which also contains a vaguely worded clause that also grants them the power to block and take down websites without judicial oversight. The new law "establishes overreaching Internet blocking measures that are neither proportionate nor suitable for the goal of protecting consumers and come without mandatory judicial oversight," Member of the European Parliament Julia Reda said in a speech in the European Parliament Plenary during a last ditch effort to amend the law. "According to the new rules, national consumer protection authorities can order any unspecified third party to block access to websites without requiring judicial authorization," Reda added later in the day on her blog. This new law is an EU regulation and not a directive, meaning its obligatory for all EU states, which do not have to individually adopt it.
Firefox

Firefox Will Block Navigational Data URIs as Part of an Anti-Phishing Feature (bleepingcomputer.com) 65

Catalin Cimpanu, writing for BleepingComputer: Mozilla will soon block the loading of data URIs in the Firefox navigation bar as part of a crackdown on phishing sites that abuse this protocol. The data: URI scheme (RFC 2397) was deployed in 1998 when developers were looking for ways to embed files in other files. What they came up with was the data: URI scheme that allows a developer to load a file represented as an ASCII-encoded octet stream inside another document. Since then, the URI scheme has become very popular with website developers as it allows them to embed text-based (CSS or JS) files or image (PNG, JPEG) files inside HTML documents instead of loading each resource via a separate HTTP request. This practice became hugely popular because search engines started ranking websites based on their page loading speed and the more HTTP requests a website made, the slower it loaded, and the more it affected a site's SERP position.

Slashdot Top Deals