Communications

NRA Gives Ajit Pai 'Courage Award' and Gun For 'Saving the Internet' (arstechnica.com) 10

The National Rifle Association (NRA) today gave its Charlton Heston Courage Under Fire Award to Ajit Pai, chairman of the Federal Communications Commission. "Pai was about to speak at the Conservative Political Action Conference (CPAC) in Maryland when the award presentation seemed to catch him by surprise," reports Ars Technica. "The award is a handmade long gun that could not be brought on stage, so it will be housed in the NRA museum until Pai can receive it." From the report: "Ajit Pai, as you probably already know, saved the Internet," American Conservative Union (ACU) Executive Director Dan Schneider told the audience. The ACU is the host of CPAC; Schneider made a few more remarks praising Pai before handing the award presentation over to NRA board member Carolyn Meadows. Pai "fought to preserve your free speech rights" as a member of the FCC's Republican minority during the Obama administration, Schneider said. Pai "fought and won against all odds, but the Obama administration had some curveballs and they implemented these regulations to take over the Internet." "As soon as President Trump came into office, President Trump asked Ajit Pai to liberate the Internet and give it back to you," Schneider added. "Ajit Pai is the most courageous, heroic person that I know."

The signature achievement that helped Pai win the NRA courage award came in December when the FCC voted to eliminate net neutrality rules. The rules, which are technically still on the books for a while longer, prohibited Internet service providers from blocking and throttling lawful Internet traffic and from charging online services for prioritization. Schneider did not explain how eliminating net neutrality rules preserved anyone's "free speech rights."
Right Wing Watch posted a video of the ceremony.
Star Wars Prequels

How a Fight Over Star Wars Download Codes Could Reshape Copyright Law (arstechnica.com) 38

An anonymous reader quotes a report from Ars Technica: A federal judge in California has rejected Disney's effort to stop Redbox from reselling download codes of popular Disney titles like Frozen, Beauty and the Beast, and the latest Star Wars movies. Judge Dean Pregerson's Tuesday ruling invoked the little-used doctrine of copyright misuse, which holds that a copyright holder loses the right to enforce a copyright if the copyright is being abused. Pregerson faulted Disney for tying digital download codes to physical ownership of discs, a practice that he argued ran afoul of copyright's first sale doctrine, which guarantees customers the right to resell used DVDs.

If the ruling were upheld on appeal, it would have sweeping implications. It could potentially force Hollywood studios to stop bundling digital download codes with physical DVDs and force video game companies to rethink their own practices. But James Grimmelmann, a copyright scholar at Cornell Law School, is skeptical that the ruling will survive an inevitable appeal from Disney. "I don't see this one sticking," Grimmelmann told Ars. Copyright misuse has such sweeping legal implications that an appeals court will be reluctant to apply it to a common movie industry practice.

Bug

'Critical' T-Mobile Bug Allowed Hackers To Hijack Users' Accounts (vice.com) 14

An anonymous reader quotes a report from Motherboard: The vulnerability was found and reported by a security researcher on December 19 of last year, but it hasn't been revealed until now. Within a day, T-Mobile classified it as "critical," patched the bug, and gave the researcher a $5,000 reward. That's good news, but it's unclear how long the site was vulnerable and whether any malicious hackers found and exploited the bug before it was fixed. The newly disclosed bug allowed hackers to log into T-Mobile's account website as any customer. "It's literally like logging into your account and then stepping away from the keyboard and letting the attacker sit down," Scott Helme, a security researcher who reviewed the bug report, told Motherboard in an online chat. Shortly after we published this story, a T-Mobile spokesperson sent us a statement: "This bug was confidentially reported through our Bug Bounty program in December and fixed within a matter of hours," the emailed statement read. "We found no evidence of customer information being compromised."
Facebook

Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency (wired.com) 46

Louise Matsakis, writing for Wired: The internet is full of Facebook users frustrated with how the company handles malware threats. For nearly four years, people have complained about Facebook's anti-malware scan on forums, Twitter, Reddit, and on personal blogs. The problems appear to have gotten worse recently. While the service used to be optional, Facebook now requires it if it flags your device for malware. And according to screenshots reviewed by WIRED from people recently prompted to run the scan, Facebook also no longer allows every user to select what type of device they're on. The malware scans likely only impact a relatively small population of Facebook's billions of users, some of whose computers may genuinely be infected. But even a fraction of Facebook's users still potentially means millions of impacted people.

The mandatory scan has caused widespread confusion and frustration; WIRED spoke to people who had been locked out of their accounts by the scan, or simply baffled by it, on four different continents. The mandatory malware scan has downsides beyond losing account access. Facebook users also frequently report that the feature is poorly designed, and inconsistently implemented. In some cases, if a different user logs onto Facebook from the same device, they sometimes won't be greeted with the malware message. Similarly, if the "infected" user simply switches browsers, the message also appears to occasionally go away.

Security

More Than 40% of Global Log-in Attempts Are Malicious (infosecurity-magazine.com) 57

More than 40% of global log-in attempts are malicious thanks to bot-driven credential stuffing attacks, according to the latest report from Akamai. From a report: The cloud delivery provider's latest State of the Internet/Security report for Q4 2017 comprised analysis from over 7.3 trillion bot requests per month. It claimed that such requests account for over 30% of all web traffic across its platform per day, excluding video streaming. However, malicious activity has seen a sharp increase, as cyber-criminals look to switch botnets from DDoS attacks to using stolen credentials to try to access online accounts. Of the 17 billion login requests Akamai tracked in November and December, over two-fifths (43%) were used for credential abuse. The figure rose to a staggering 82% for the hospitality industry.
Privacy

Samsung Rescues Data-Saving Privacy App Opera Max and Relaunches it as Samsung Max (venturebeat.com) 14

Samsung has rescued Opera Software's Opera Max data-saving, privacy-protecting Android app from oblivion and relaunched it today as Samsung Max. From a report: Norwegian tech company Opera, which first became known for its desktop browser when it launched in 1995, has offered mobile browser apps across various platforms for years. But in 2014, it launched the standalone Opera Max app for Android, designed to get its users more bang from their data plan, along with some VPN-like features. The app compresses data such as photos, music, and videos while promising "no noticeable loss of quality." Opera Max can also block background processes to conserve battery and data. The app was given a number of new features over the past few years, but last August the company revealed it was pulling the plug on Opera Max once and for all.
Bitcoin

The Los Angeles Times Website Is Unintentionally Serving a Cryptocurrency Mining Script (itwire.com) 51

troublemaker_23 shares a report from iTWire: The Los Angeles Times website is serving a cryptocurrency mining script which appears to have been placed there by malicious attackers, according to a well-known security expert. British infosec researcher Kevin Beaumont, who has warned that Amazon AWS servers could be held to ransom due to lax security, tweeted that the newspaper's site was serving a script created by Coinhive. The Coinhive script mines for the monero cryptocurrency. The S3 bucket used by the LA Times is apparently world-writable and an ethical hacker appears to have left a warning in the repository, warning of possible misuse and asking the owner to secure the bucket.
Communications

23 Attorneys General Refile Challenge To FCC Net Neutrality Repeal (engadget.com) 40

An anonymous reader quotes a report from Reuters: A coalition of 22 state attorneys general and the District of Columbia on Thursday refiled legal challenges intended to block the Trump administration's repeal of landmark rules designed to ensure a free and open internet from taking effect. The Federal Communications Commission officially published its order overturning the net neutrality rules in the Federal Register on Thursday, a procedural step that allows for the filing of legal challenges. The states, along with web browser developer Mozilla and video-sharing website Vimeo, had filed petitions preserving their right to sue in January, but agreed to withdraw them last Friday and wait for the FCC's publication. The attorneys general argue that the FCC cannot make "arbitrary and capricious" changes to existing policies and that it misinterpreted and disregarded "critical record evidence on industry practices and harm to consumers and businesses." The White House Office of Management and Budget still must sign off on some aspects of the FCC reversal before it takes legal effect. That could take months.
Communications

Net Neutrality Rules Die on April 23 (theverge.com) 234

The Federal Communications Commission's net neutrality rules will be no more in two months, as the agency takes the final step in removing the regulation from its rule book. From a report: The date -- April 23 -- was revealed today after the Federal Communication Commission's order revoking net neutrality was published in the Federal Register. You can read the full order here. The publication means that a new fight around net neutrality is about to begin. States and other parties will be able to sue over the rules -- some have already gotten started -- and a battle in Congress will kick off over a vote to reverse the order entirely. While that fight likely won't get far in Congress since Republicans by and large oppose net neutrality and control both chambers, there will likely be a long and heated legal battle around the corner for the FCC's new policy. The FCC's new rules are really a lack of rules. Its "Restoring Internet Freedom" order entirely revokes the strong net neutrality regulations put in place back in 2015 and replaces them with basically nothing. Internet providers can now block, throttle, and prioritize content if they want to. The only real rule here is that they have to disclose if they're doing any of this.
Space

SpaceX Successfully Launches Falcon 9 Carrying Starlink Demo Satellites (techcrunch.com) 51

SpaceX has successfully launched a Falcon 9 from SLC-4 at Vandenberg Air Force Base today, its first launch since its successful Falcon Heavy test earlier this month. The launch took off early Wednesday morning, after being rescheduled a couple of times from an initial target of this past weekend. From a report: The launch was primarily designed to bring the PAZ satellite to orbit (which was deployed as planned into a low Earth, sun-synchronous polar orbit), a satellite for a Spanish customer that's designed to provide geocommunications and radar imaging for both government and private commercial customers. This launch had a secondary purpose, however, and one that might ultimately be more important to SpaceX's long-term goals. SpaceX packed two demonstration micro satellites for its planned internet broadband service (which Elon Musk confided via tweet it will call 'Starlink'). These will perform tests required before it's certified to operate the service, which it hopes to use to generate revenue by signing up subscribers to its internet service, which will hopefully be globe-spanning once complete.
Network

Game Industry Pushes Back Against Efforts To Restore Gameplay Servers (arstechnica.com) 225

Kyle Orland reports via Ars Technica: A group of video game preservationists wants the legal right to replicate "abandoned" servers in order to re-enable defunct online multiplayer gameplay for study. The game industry says those efforts would hurt their business, allow the theft of their copyrighted content, and essentially let researchers "blur the line between preservation and play." Both sides are arguing their case to the U.S. Copyright Office right now, submitting lengthy comments on the subject as part of the Copyright Register's triennial review of exemptions to the Digital Millennium Copyright Act (DMCA). Analyzing the arguments on both sides shows how passionate both industry and academia are about the issue, and how mistrust and misunderstanding seem to have infected the debate.
Social Networks

Snapchat Responds To Change.Org Petition Complaining About the App's Redesign (techcrunch.com) 36

An anonymous reader quotes a report from TechCrunch: Snapchat has posted an official response to users who signed a petition on Change.org asking the company to reverse its controversial update, which people say makes the app more difficult to use. In the response, Snapchat promises to make a few more changes to the Friends and Discover section in order to address user complaints. These changes were announced yesterday, along with GIF stickers from Giphy. The backlash against Snapchat has been growing in the months since the company rolled out a major revamp, which aimed to make the social app more accessible to a mainstream audience. Snapchat users have left the app bad reviews, complained on social media, turned to rival Instagram, and they signed a Change.org petition entitled, "Remove the new Snapchat update."

Last night, Snapchat posted an official response to the petition, reiterating its stance but also promising a few tweaks that may help to address users' concerns. Specifically, the company said that "beginning soon on iOS and with Android in the coming weeks" it will introduce tabs in the Friends section and in Discover, which it says will make it easier for users to find the Stories they want. This update will let users sort things like Stories, Group Chats, and Subscriptions. Whether these tabs will placate users who just want the old Snapchat back remains to be seen.

Government

FCC To Officially Rescind Net Neutrality Rules On Thursday (reuters.com) 121

An anonymous reader quotes a report from Reuters: The U.S. Federal Communications Commission is expected to publish on Thursday its December order overturning the landmark Obama-era net neutrality rules, two sources briefed on the matter said Tuesday. The formal publication in the Federal Register, a government website, means state attorneys general and advocacy groups will be able to sue in a bid to block the order from taking effect. The Republican-led FCC in December voted 3-2 to overturn rules barring service providers from blocking, slowing access to or charging more for certain content. The White House Office of Management and Budget still must sign off on some aspects of the FCC reversal before it takes legal effect. Congressional aides say the publication will trigger a 60-legislative-day deadline for Congress to vote on whether to overturn the decision. U.S. Senate Democrats said in January they had the backing of 50 members of the 100-person chamber for repeal, leaving them just one vote short of a majority. The December FCC order will be made public on Wednesday and formally published on Thursday, the sources said.
Movies

Flixster Video Shuts Down 33

After being purchased by Fandango in 2016, Flixster Video is officially shutting down. The site has been sending users regular emails over the past several months about the shutdown, reports Android Police. Now, the site is no longer operational, and only points people to its mobile app, which can still be used for getting movie reviews and tickets. The Verge reports: Flixster first announced it was closing in 2016, after being acquired by Fandango along with subsidiary Rotten Tomatoes. That year, Fandango also bought video streaming service M-Go, later rebranding it under FandangoNow. Flixster Video, which let people access their UltraViolet movie collection, was not a part of that deal. The shutdown began with the service telling customers it would no longer be able to redeem digital codes on the site for video playback. Over the past few months, emails have been sent out encouraging people to migrate their Flixster accounts to Vudu and Movies Anywhere in order to make sure nothing was lost. The company says it's not too late for users to do so.
Communications

Researchers Develop Online Game That Teaches Players How To Spread Misinformation 145

An anonymous reader quotes a report from The Guardian: Cambridge researchers have built an online game, simply titled Bad News, in which players compete to become "a disinformation and fake news tycoon." By shedding light on the shady practices, they hope the game will "vaccinate" the public, and make people immune to the spread of untruths. Players of the fake news game must amass virtual Twitter followers by distorting the truth, planting falsehoods, dividing the united, and deflecting attention when rumbled. All the while, they must maintain credibility in the eyes of their audience. The game distills the art of undermining the truth into six key strategies. Once a player has demonstrated a knack for each, they are rewarded with a badge. In one round, players can opt to impersonate the president of the United States and fire off a tweet from a fake account. It declares war on North Korea complete with a #KimJongDone hashtag. At every step, players are asked if they are happy with their actions or feel, perhaps, the twinge of shame, an emotion that leads to the swift reminder that "if you want to become a master of disinformation, you've got to lose the goody two-shoes attitude." The work is due to be published in the Journal of Risk Research.
Bitcoin

Venezuela Launches Oil-Backed Cryptocurrency (bbc.co.uk) 175

Venezuela has launched a cryptocurrency backed by oil in an attempt to bypass tough economic sanctions imposed by the U.S. government. "The 'Petro' is intended to bolster the country's crumbling economy, which has been suffering from hyperinflation and devaluation for years," reports the BBC. "Venezuela claims it is the world's first sovereign cryptocurrency." From the report: Critics say the move is a desperate attempt by Caracas to raise cash at a time when Venezuela lacks the ability to repay its $150 billion of foreign debt. Opposition leaders said the sale constitutes an illegal issuing of debt, while the US Treasury Department warned it may violate sanctions imposed last year. The government says the currency aims to circumvent US sanctions on the economy. President Nicolas Maduro has said each tokens will be backed by a barrel of Venezuelan crude. The Latin American country has the world's largest proven oil reserves. A total of 100 million Petros will be sold, with an initial value set at $60, based on the price of a barrel of Venezuelan crude in mid-January. The official website published a guide to setting up a virtual wallet in which to hold the cryptocurrency, but did not provide a link for actually doing so on Tuesday.
AI

Slashdot Asks: Which Smart Speaker Do You Prefer? 233

Every tech company wants to produce a smart speaker these days. Earlier this month, Apple finally launched the HomePod, a smart speaker that uses Siri to answer basic questions and play music via Apple Music. In December, Google released their premium Google Home Max speaker that uses the Google Assistant and Google's wealth of knowledge to play music, answer questions, set reminders, and so on. It may be the most advanced smart speaker on the market as it has the hardware capable of playing high fidelity audio, and a digital assistant that can perform over one million actions. There is, however, no denying the appeal of the Amazon Echo, which is powered by the Alexa digital assistant. Since it first made its debut in late 2014, it has had more time to develop its skill set. Amazon says Alexa controls "tens of millions of devices," including Windows 10 PCs.

A new report from The Guardian, citing the industry site MusicAlly, says that Spotify is working on a line of "category defining" hardware products "akin to Pebble Watch, Amazon Echo, and Snap Spectacles." The streaming music company has posted an ad for a senior product manager to "define the product requirements for internet connected hardware [and] the software that powers it." With Spotify looking to launch a smart speaker in the not-too-distant-future, the decision to purchase a smart speaker has become all the more difficult. Do you own a smart speaker? If so, which device do you own and why? Do you see a clear winner, or can they all satisfy your basic needs?
Security

Hackers Hijacked Tesla's Amazon Cloud Account To Mine Cryptocurrency 29

An unidentified hacker or hackers broke into a Tesla-owned Amazon cloud account and used it to "mine" cryptocurrency, security researchers said. The breach also exposed proprietary data for the electric carmaker. From a report: The researchers, who worked for RedLock, a 3-year-old cybersecurity startup, said they discovered the intrusion last month while trying to determine which organization left credentials for an Amazon Web Services (AWS) account open to the public Internet. The owner of the account turned out to be Tesla, they said. "We weren't the first to get to it," Varun Badhwar, CEO and cofounder of RedLock, told Fortune on a call. "Clearly, someone else had launched instances that were already mining cryptocurrency in this particular Tesla environment." The incident is the latest in a string of so-called cryptojacking attacks, which involve thieves hijacking unsuspecting victims' computers to generate virtual currencies like Bitcoin. The schemes have seen a resurgence in popularity as cryptocurrency prices have soared over the past year. In a statement, Tesla said, "We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it. The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way."
Chrome

Chrome 64 Now Trims Messy Links When You Share Them (theverge.com) 87

Google's latest consumer version of Chrome, version number 64, just started cleaning up messy referral links for you. From a report: Now, when you go to share an item, you'll no longer see a long tracking string after a link, just the primary link itself. This feature now happens automatically when sharing links in Chrome, either by the Share menu or by copying the link and pasting it elsewhere. Even though it slices off the extra bit of the URL, this doesn't affect referral information. If you choose, you can copy and paste directly from the URL bar to grab the link in entirety.
Government

Vietnam's Internet is in Trouble (wapo.st) 121

The World Post: Vietnamese authorities have harped of late on the urgency of fighting cybersecurity threats and "bad and dangerous content." Yet the fight against either "fake news" or misinformation in Vietnam must not be used as a smoke screen for stifling dissenting opinions and curtailing freedom of speech [The link may be paywalled]. Doing so would only further stoke domestic cynicism in a country where the sudden expansion of space for free and open discussion has created a kind of high-pressure catharsis online. Other countries, including democratic states, are also scrambling to rein in toxic information online. But while Germany, for example, specifically targets hate speech and other extremist messaging that directly affects the masses, Vietnamese leaders are more fixated on content deemed detrimental to their own reputation and the survival of the regime.

The ruling Communist Party of Vietnam has repeatedly urged Facebook and Google to block "toxic" information that it said slandered and defamed Vietnamese leaders. Google sort of conformed by removing more than such 5,000 clips; Facebook also flagged about 160 anti-government accounts at the behest of the government.

Slashdot Top Deals