AT&T

Mobile Phone Companies Appear To Be Selling Your Location To Almost Anyone (techcrunch.com) 75

An anonymous reader quotes a report from TechCrunch: You may remember that last year, Verizon (which owns Oath, which owns TechCrunch) was punished by the FCC for injecting information into its subscribers' traffic that allowed them to be tracked without their consent. That practice appears to be alive and well despite being disallowed in a ruling last March: companies appear to be able to request your number, location, and other details from your mobile provider quite easily. The possibility was discovered by Philip Neustrom, co-founder of Shotwell Labs, who documented it in a blog post earlier this week. He found a pair of websites which, if visited from a mobile data connection, report back in no time with numerous details: full name, billing zip code, current location (as inferred from cell tower data), and more. (Others found the same thing with slightly different results depending on carrier, but the demo sites were taken down before I could try it myself.)
Television

Netflix Adds 5.3 Million Subs In Q3, Beating Forecasts (variety.com) 49

Netflix shows no signs of slowing down. The company announced its third quarter results, adding more subscribers in both the U.S. and abroad than expected. Variety reports: The company gained 850,000 streaming subs in the U.S. and 4.45 million overseas in the period. Analysts had estimated Netflix to add 784,000 net subscribers in the U.S. and 3.62 million internationally for Q3. "We added a Q3-record 5.3 million memberships globally (up 49% year-over-year) as we continued to benefit from strong appetite for our original series and films, as well as the adoption of internet entertainment across the world," the company said in announcing the results, noting that it had under-forecast both U.S. and international subscriber growth. Netflix also indicated that its content spending may be even higher next year than previously projected. The company had said it was targeting programming expenditures of $7 billion in 2018; on Monday, Netflix said it will spend between $7 billion and $8 billion on content (on a profit-and-loss basis) next year. For 2017, original content will represent more than 25% of total programming spending, and that "will continue to grow," Netflix said.
Patents

Apple To Appeal Five-Year-Long Patent Battle After $439.7 Million Loss (theverge.com) 52

Appel has been ordered to pay $439.7 million to the patent-holding firm VirnetX for infringing on four patented technologies that were apparently used in FaceTime and other iOS apps. According to The Verge, Apple plans to appeal the ruling -- continuing this long-running patent battle, which began back in 2012. From the report: VirnetX first filed suit against Apple in 2010, winning $368 million just two years later. It then sued again in 2012, which is the suit that's being ruled on today. Apple initially lost the suit, then filed for a mistrial. It won a new trial, lost that trial, was ordered to pay around $300 million, then lost some more and is now having that amount upped even further. That's because a judge found Apple guilty of willful infringement, bumping its payment amount from $1.20 per infringing Apple device to $1.80 per device. Those include certain iPhones, iPads, and Macs. VirnetX says the ruling is "very reasonable." Apple didn't issue a statement other than to say that it plans to appeal. While $440 million isn't a lot of money for Apple, there's principle at stake here: VirnetX is a patent troll that makes its money from licensing patents and suing other parties. The company's SEC filing states, "Our portfolio of intellectual property is the foundation of our business model."
Businesses

eBay Launches Authentication Service To Combat Counterfeit High-End Goods (venturebeat.com) 65

Ecommerce giant eBay has launched a previously announced service designed to combat the scourge of fake goods on the platform. From a report: eBay has proven popular with fake goods' sellers for some time, with fashion accessories and jewelry featuring highly on counterfeiters' agenda. The company announced eBay Authenticate way back in January with a broad focus on giving "high-end" goods an official stamp of approval prior to sale. Ultimately designed to encourage buyers to part with cash on expensive items, it uses a network of professional authenticators who take physical receipt of a seller's products, validates them, and then photographs, lists, and ships the goods to the successful buyer. For today's launch of eBay Authenticate, the service is only available for luxury handbags from 12 brands, including Chanel, Gucci, Louis Vuitton, Prada, and Valentino, though the program will be expanded to cover other luxury goods and brands from next year. "With tens-of-thousands of high-end handbags currently available, eBay is primed to boost customer confidence in selling and shopping for an amazing selection of designer merchandise," noted Laura Chambers, vice president of consumer selling at eBay. "We also believe our sellers will love this service, as it provides them with a white-glove service when selling luxury handbags."
Windows

Munich Plans New Vote on Dumping Linux For Windows 10 (techrepublic.com) 393

An anonymous reader quotes TechRepublic: The city of Munich has suggested it will cost too much to carry on using Linux alongside Windows, despite having spent millions of euros switching PCs to open-source software... "Today, with a Linux client-centric environment, we are often confronted with major difficulties and additional costs when it comes to acquiring and operating professional application software," the city council told the German Federation of Taxpayers. Running Linux will ultimately prove unsustainable, suggests the council, due to the need to also keep a minority of Windows machines to run line-of-business software incompatible with Linux. "In the long term, this situation means that the operation of the non-uniform client landscape can no longer be made cost-efficient"... Since completing the multi-year move to LiMux, a custom-version of the Linux-based OS Ubuntu, the city always kept a smaller number of Windows machines to run incompatible software. As of last year it had about 4,163 Windows-based PCs, compared to about 20,000 Linux-based PCs.

The assessment is at odds with a wide-ranging review of the city's IT systems by Accenture last year, which found that most of the problems stem not from the use of open-source software, but from inefficiencies in how Munich co-ordinates the efforts of IT teams scattered throughout different departments. Dr. Florian Roth, leader of the Green Party at Munich City Council, said the review had also not recommended a wholesale shift to Windows. "The Accenture report suggested to run both systems because the complete 'rollback' to Windows and MS Office would mean a waste of experience, technology, work and money," he said... The city's administration is investigating how long it would take and how much it would cost to build a Windows 10 client for use by the city's employees. Once this work is complete, the council will vote again in November on whether this Windows client should replace LiMux across the authority from 2021.

A taxpayer's federation post urged "Penguin, adieu!" -- while also admitting that returning to Windows "will devour further tax money in the millions," according to TechRepublic.

"The federation's post also makes no mention of the licensing and other savings achieved by switching to LiMux, estimated to stand at about €10m."
The Almighty Buck

In a Cashless World, You'd Better Pray the Power Never Goes Out (mises.org) 434

schwit1 quotes the Mises Institue: When Hurricane Maria knocked out power in Puerto Rico, residents there realized they were going to need physical cash — and a lot of it. Bloomberg reported that the Fed was forced to fly a planeload of cash to the Island to help avert disaster. "William Dudley, the New York Fed president, put the word out within minutes, and ultimately a jet loaded with an undisclosed amount of cash landed on the stricken island. [Business executives in Puerto Rico] described corporate clients' urgent requests for hundreds of thousands in cash to meet payrolls, and the challenge of finding enough armored cars to satisfy endless demand at ATMs... As early as the day after the storm, the Fed began working to get money onto the island."

For a time, unless one had a hoard of cash stored up in ones home, it was impossible to get cash at all. 85 percent of Puerto Rico is still without power... Bloomberg continues: "When some generator-powered ATMs finally opened, lines stretched hours long, with people camping out in beach chairs and holding umbrellas against the sun." In an earlier article from September 25, Bloomberg noted how, without cash, necessities were simply unavailable:

"Cash only," said Abraham Lebron, the store manager standing guard at Supermax, a supermarket in San Juan's Plaza de las Armas. He was in a well-policed area, but admitted feeling like a sitting duck with so many bills on hand. "The system is down, so we can't process the cards. It's tough, but one finds a way to make it work."


Bitcoin

Ransomware Sales On the Dark Web Spike 2,502% In 2017 (carbonblack.com) 23

Slashdot reader rmurph04 writes: Ransomware is a $6.2 million industry, based on sales generated from a network of more than 6,300 Dark Web marketplaces that sell over 45,000 products, according to a report released Wednesday by cybersecurity firm Carbon Black.
While the authors of the software are earning six-figure incomes, ransom payments totalled $1 billion in 2016, according to FBI estimates -- up from just $24 million in 2015. Carbon Black, which was founded by former U.S. government "offensive security hackers," argues that ransomware's growth has been aided by "the emergence of Bitcoin for ransom payment, and the anonymity network, Tor, to mask illicit activities.. Bitcoin allows money to be transferred in a way that makes it nearly impossible for law enforcement to 'follow the money.'"
Open Source

How Open Source Software Helps The Federal Reserve Bank of New York (hpe.com) 24

Long-time Slashdot reader Esther Schindler quotes Hewlett Packard Enterprise: When you handle trillions of dollars a year in transactions and manage the largest known vault of gold in the world, security and efficiency are top priorities. Open source reusable software components are key to the New York Fed's successful operation, explains Colin Wynd, vice president and head of the bank's Common Service Organization... The nearly 2,000 developers across the Federal Reserve System used to have a disparate set of developer tools. Now, they benefit from a standard toolset and architecture, which also places limits on which applications the bank will consider using. "We don't want a third-party application that isn't compatible with our common architecture," said Wynd.

One less obvious advantage to open source adoption is in career satisfaction and advancement. It gives developers opportunities to work on more interesting applications, said Wynd. Developers can now take on projects or switch jobs more easily across Federal Reserve banks because the New York Fed uses a lot of common open source components and a standard tool set, meaning retraining is minimal if needed at all."

Providing training in-house also creates a more consistent use of best practices. "Our biggest headache is to prove to groups that an application is secure, because we have to defend against nation state attacks."
Communications

Russia Reportedly Used Pokemon Go In an Effort To Inflame Racial Tensions (theverge.com) 209

An anonymous reader quotes a report from The Verge: Russia's far-ranging campaign to promote dissension in the United States reportedly included an effort to weaponize Pokemon Go. CNN reported that in July 2016, a Tumblr page linked to Russia's now-notorious Internet Research Agency promoted a contest encouraging people sympathetic to the Black Lives Matter movement to play the game near famous sites of police brutality. Players were told to change their characters' names to the victims of those incidents -- an apparent effort to inflame racial tensions. The Tumblr page was linked to Do Not Shoot Us, a multi-platform campaign designed to mimic aspects of Black Lives Matter. (As CNN notes, the name plays on "hands up, don't shoot," one of the movement's slogans.) Do Not Shoot Us included a website, donotshoot.us, along with related pages on Facebook, Instagram, Twitter, and YouTube. The Facebook page was one of 470 pages that were removed after the company determined that it was linked to Russian groups attempting to interfere in US politics.
Google

Google Slashes Prices of Its USB-C Headphone Dongle Following Minor Outrage (mashable.com) 196

At its hardware event last week, Google unveiled its two new flagship smartphones: the Pixel 2 and Pixel 2 XL. While these devices feature high-end specifications and the latest version of Android, they both lack headphone jacks, upsetting many consumers who still rely heavily on wired headphones. To add insult to injury, Google announced a USB-C adapter for a whopping price of $20 -- that's $11 more than Apple's Lightning to 3.5mm adapter. This resulted in some minor outrage and caused Google to rethink its decision(s). As reported by 9to5Google, Google decided to slash the price of the dongle by over 50%. It is now priced at a more reasonable $9.
Bitcoin

Over 500 Million PCs Are Secretly Mining Cryptocurrency, Researchers Reveal (newsweek.com) 78

Ad blocking firm AdGuard has found that over 500 million people are inadvertently mining cryptocurrencies through their computers after visiting websites that are running background mining software. The company found 220 popular websites with an aggregated audience of half a billion people use so-called crypto-mining scripts when a user opens their main page. Newsweek reports: The mining tool works by hijacking a computer's central processing unit (CPU), commonly referred to as "the brains" of a computer. Using part of a computer's CPU to mine bitcoin effects the machine's overall performance and will slow it down by using up processing power. The researchers found that bitcoin browser mining is mostly found on websites "with a shady reputation" due to the trouble such sites have with earning revenue through advertising. However, in the future it could become a legitimate and ethical way of making money if the website requests the permission of the visitor first.

"220 sites may not seem like a lot," the researchers wrote in a blogpost detailing their discovery. "But CoinHive was launched less than one month ago on September 14. The growth has been extremely rapid: from nearly zero to .22 percent of Alexa's top 100,000 websites. "This analysis well illustrates the whole web, so it's safe to say that one of every forty websites currently mines cryptocurrency (namely Monero) in the browsers their users employ."

Businesses

Samsung Electronics CEO Resigns Over 'Unprecedented Crisis' (bbc.com) 16

According to BBC, Samsung Electronics chief executive Kwon Oh-hyun has resigned, saying the company is in an "unprecedented crisis." It's the latest management upheaval at the firm after the heir of the entire Samsung Group was imprisoned for corruption in August. From the report: Mr Kwon is one of three co-chief executives of Samsung Electronics. His resignation comes on the same day the firm forecast record quarterly profits, citing higher memory chip prices. Mr Kwon said he had been thinking about his departure "for quite some time" and could "no longer put it off." "As we are confronted with unprecedented crisis inside out, I believe that time has now come for the company [to] start anew, with a new spirit and young leadership to better respond to challenges arising from the rapidly changing IT industry," he said in a statement. He will remain on the board of Samsung Electronics until March 2018.
Government

IRS Suspends $7 Million Contract With Equifax After Malware Discovered (cbsnews.com) 50

After malware was discovered on Equifax's website again, the IRS decided late Thursday that it would temporarily suspend the agency's $7.1 million data security contract with the company. CBS News reports: In September, Equifax revealed that it had exposed 143 million consumer files -- containing names, addresses, Social Security numbers and even bank account information -- to hackers in an unprecedented security lapse. The number of consumer potentially affect by the data breach was later raised to 145.5 million. The company's former CEO blamed a single careless employee for the entire snafu. But even as he was getting grilled in Congress earlier this month, the IRS was awarding the company with a no-bid contract to provide "fraud prevention and taxpayer identification services." "Following new information available today, the IRS temporarily suspended its short-term contract with Equifax for identity proofing services," the agency said in a statement. "During this suspension, the IRS will continue its review of Equifax systems and security." The agency does not believe that any data the IRS has shared with Equifax to date has been compromised, but the suspension was taken as "a precautionary step."
Google

Google is Essentially Building an Anti-Amazon Alliance, and Target is the Latest To Join (recode.net) 94

Google and the country's biggest brick-and-mortar retailers have one main problem in common: Amazon. Now both sides are acting like they are serious about working together to do something about it. From a report: On Thursday, Target and Google announced that they are expanding what was a years-old delivery partnership from a small experiment in a handful of cities to the entire continental U.S. The expansion will allow Target to become a retail partner in Google's voice-shopping initiative, which lets owners of the Google Home "smart" speaker order items through voice commands like owners of the Echo can do from Amazon. The announcement comes seven weeks after Walmart inked a similar deal with Google to offer hundreds of thousands of products through the service. Other big-box retailers like Home Depot are also on board. Voice commerce was the core of these recent announcements, and it may someday become popular for types of shopping like reordering household staples. But that's not what is most interesting here to me. Instead, it's the promise that Target is also beginning to work with Google "to create innovative digital experiences using ... other cutting-edge technologies to elevate Target's strength in style areas such as home, apparel and beauty."
Bitcoin

This Is the Week Wall Street Went Nuts Over Cryptocurrencies (bloomberg.com) 179

Wall Street banks that weren't already on the bitcoin bandwagon appear to be piling on, or least eyeing seats, after the cryptocurrency surged to all-time highs this week on the way to $6,000. From a report: Analysts are working to keep up with demand from clients for information. UBS and Citigroup published extensive explainers on blockchain technology, while senior executives at JPMorgan Chase warmed to the cryptocurrency during the bank's third-quarter earnings call. The digital currency has risen more than fivefold after trading at less than $1,000 as recently as December, breaking the $5,000 mark this week and already targeting the next thousand-dollar level. Throughout its rise, the cryptocurrency shrugged off tighter regulations, feuding factions and warnings from the likes of JPMorgan's Jamie Dimon of fraud and an eventual price collapse.
Businesses

Someone Is Trying to Knock the Dark Web Drug Trade Offline (thedailybeast.com) 62

Joseph Cox, reporting for the Daily Beast: The dark web -- a pack of websites that hides their physical location with special software -- is always a precarious place, with the FBI shutting down massive criminal networks, or competing sites hacking one another. Now, someone is trying to take the four largest drug marketplaces offline, seemingly by flooding them with a torrent of traffic. These sites offer a mail-order service for pretty much any drug a customer could imagine, from LSD to varieties of heroin. As of at least Friday morning, several marketplaces were inaccessible or could only be visited from backup website addresses, and at the time of publication are still facing problems. It's not totally clear who is behind the outages, but the downtime has disrupted the dark-web community somewhat. "We are facing a DDoS attack atm [at the moment] and I guess many other markets as well," a Reddit moderator for the site dubbed Wall Street, one of the affected marketplaces, told The Daily Beast.
Twitter

Twitter Is Crawling With Bots and Lacks Incentive To Expel Them (bloomberg.com) 94

An anonymous reader shares a report: On Wednesday, the exterior of Twitter's San Francisco headquarters bore an eerie message: "Ban Russian Bots." Someone -- the company doesn't know who -- projected the demand onto the side of its building. Bots, or automated software programs, can be programmed to periodically send out messages on the internet. Now Twitter is scrambling to explain how bots controlled by Russian meddlers may have been used to impact the 2016 president election. Twitter was designed to be friendly to bots. They can help advertisers quickly spread their messages and respond to customer service complaints. Research from the University of Southern California and Indiana University shows that 9 to 15 percent of active Twitter accounts are bots. Many innocuously tweet headlines, the weather or Netflix releases. After the election, there was little discussion inside the company about whether the platform may have been misused, according to people familiar with the matter who asked not to be identified because it is private. But the ubiquity and usefulness of bots did come up. At one point, there were talks about whether Twitter should put a marking on bot accounts, so that users would know they were automated, one of the people said. Yet most of the conversation after the election focused on whether Trump's tweets violated Twitter's policies, the person said.
Google

Alphabet's Waymo Demanded $1 Billion In Settlement Talks With Uber (reuters.com) 11

An anonymous reader quotes a report from Reuters: Alphabet's Waymo sought at least $1 billion in damages and a public apology from Uber as conditions for settling its high-profile trade secret lawsuit against the ride-services company, sources familiar with the proposal told Reuters. The Waymo self-driving car unit also asked that an independent monitor be appointed to ensure Uber does not use Waymo technology in the future, the sources said. Uber rejected those terms as non-starters, said the sources, who were not authorized to publicly discuss settlement talks. The precise dollar amount requested by Waymo and the exact time the offer was made could not be learned.

Waymo's tough negotiating stance, which has not been previously reported, reflects the company's confidence in its legal position after months of pretrial victories in a case which may help to determine who emerges in the forefront of the fast-growing field of self-driving cars. The aggressive settlement demands also suggest that Waymo is not in a hurry to resolve the lawsuit, in part because of its value as a distraction for Uber leadership, said Elizabeth Rowe, a trade secret expert at the University of Florida Levin College of Law.

Businesses

Hyatt Hotels Discovers Card Data Breach At 41 Properties Across 11 Countries (krebsonsecurity.com) 20

Hyatt Hotels has suffered a second card data breach in two years. In the first breach, hackers had gained access to credit card systems at 250 properties in 50 different countries. This time, the breach appears to have impacted 41 properties across 11 countries. Krebs on Security reports: Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017. "Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities," the company said in a statement. "Hyatt's layers of defense and other cybersecurity measures helped to identify and resolve the issue. While this incident affects a small percentage of total payment cards used at the affected hotels during the at-risk dates." The hotel chain said the incident affected payment card information -- cardholder name, card number, expiration date and internal verification code -- from cards manually entered or swiped at the front desk of certain Hyatt-managed locations. It added there is no indication that any other information was involved.
Google

Google Announces $1 Billion Job Training and Education Program (axios.com) 47

Google CEO Sundar Pichai was in Pittsburgh Wednesday to announce a new five-year, $1 billion program to help close the global education gap. From a report: Part of the program was a new "Grow with Google" program to work with U.S. cities as well as a $10 million grant to Goodwill that will see Google employees working with the nonprofit to train people in digital skills. Why it matters: Google, along with Apple, Microsoft and other big tech companies, have all launched significant efforts in recent months to demonstrate their commitment to education and U.S. jobs.

Slashdot Top Deals