Bitcoin

Here's Why People Don't Buy Things With Bitcoin (vice.com) 119

An anonymous reader shares a report: One reason for this, if you live in Toronto like me (or anywhere else for that matter), is that there's basically nowhere to spend digital coins in the real world. Coinmap, a service that maps bitcoin-accepting locations all over the world, shows a few places that accept bitcoin in Toronto, but it's clearly out of date -- I called several businesses listed on the site and they had no idea what bitcoin even is. A bigger problem is perfectly illustrated in a Reddit post from Wednesday morning complaining that a bitcoin transaction worth just $9 still hasn't gone through the network after two days of waiting. Two. Days. The likely reason is that the fee attached to the transaction in order to incentivize faster confirmation -- 50 cents, which is about as much of a premium as I'd pay for a $9 transaction -- simply wasn't enough. "Should I have paid $3 on a $9 transfer to get it processed?" the person wrote.
Privacy

Wading Through AccuWeather's Response (daringfireball.net) 53

On Tuesday, ZDNet reported that popular weather app AccuWeather was sending location-identifying information to a monetization firm, even when a person had disabled location data from the app. In a response, AccuWeather said today "if a user opts out of location tracking on AccuWeather, no GPS coordinates are collected or passed without further opt-in permission from the user." But it is misleading people. John Gruber of DaringFireball writes: The accusation has nothing to do with "GPS coordinates." The accusation is that their iOS app is collecting Wi-Fi router names and MAC addresses and sending them to servers that belong to Reveal Mobile, which in turn can easily be used to locate the user. Claiming this is about GPS coordinates is like if they were caught stealing debit cards and they issued a denial that they never stole anyone's cash. The accusation comes from Will Strafech, a respected security researcher who discovered the "actual information" by observing network traffic. He saw the AccuWeather iOS app sending his router's name and MAC address to Reveal Mobile. This isn't speculation. They were caught red-handed. GPS information is more precise, and if you grant the AccuWeather app permission to access your location (under the guise of showing you local weather wherever you are, as well as localized weather alerts), that more precise data is passed along to Reveal Mobile as well. But Wi-Fi router information can be used to locate you within a few meters using publicly available databases. Seriously, go ahead and try it yourself: plug your Wi-Fi router's BSSID MAC address into this website, and there's good chance it'll pinpoint your location on the map. "Other data, such as Wi-Fi network information that is not user information, was for a short period available on the Reveal SDK, but was unused by AccuWeather," the company writes. In what way is the name and MAC address of your router not "user information"? And saying the information was "unused by AccuWeather" is again sleight of hand. The accusation is not that AccuWeather itself was using the location of the Wi-Fi router, but that Reveal Mobile was. Here are Reveal Mobile's own words about how they use location data.
Google

Google Unveils a New, Cheaper Networking Option For Cloud Customers: the Public Internet (geekwire.com) 14

Google Cloud Platform customers will have a new option when selecting the type of network used to deliver their traffic to their users: they can keep using Google's network, or they can save some money with the new option of using public transit networks. An anonymous reader shares a report: Google has long argued that one of the best reasons to use its public cloud service is the strength of its fiber network, developed and enhanced for more than a decade to support the global data centers powering its search engine. But there are some applications that don't require that level of performance, and so Google is now offering a cheaper networking service -- costing between 24 percent to 33 percent less -- that uses the transit networks that deliver the bulk of traffic to internet service providers, said Prajakta Joshi, product manager for cloud networking at Google. The new "Standard Tier" should offer performance comparable to what customers would experience through "other cloud providers," Joshi said, although both Amazon Web Services and Microsoft Azure operate fiber networks outside of the public internet.
Sony

Sony Blocks Yet Another Game From Cross-Console Play With Xbox One (arstechnica.com) 143

"Back in June, Sony told Eurogamer that the company did not have 'a profound philosophical stance' against letting PS4 users play games with those on other platforms," reports Ars Technica. "That said, the company's continued refusal to allow for cross-console play between PS4 and Xbox One players has become an absolute and unmistakable trend in recent months." The latest game to be denied by Sony for cross-console play is Ark: Survival Evolved, which comes out of a two-year early access period next week on Windows, Mac, PS4, and Xbox One. From the report: In a Twitter response posted over the weekend, Ark lead designer and programmer Jeremy Stieglitz said that cross-platform play between PS4 and Xbox One is "working internally, but currently Sony won't allow it." This isn't a huge surprise, considering that the developers of Rocket League, Minecraft, and Gwent have made similar statements in recent months. Since Microsoft very publicly opened Xbox Live to easy cross-platform play back in March, Sony has said that it's "happy to have a conversation" about the issue, but it has failed to follow through by allowing any linkage between the two competing consoles (cross-platform play between the PS4 and PC has been available in certain games since the PS4's launch, though).

The question continues to be why, exactly, Sony seems so reluctant to allow any games to work between its own PlayStation Network and Microsoft's Xbox Live. Speaking with Eurogamer in June, Sony's Jim Ryan suggested that, in the case of Minecraft, Sony was wary to expose that game's young players to "external influences we have no ability to manage or look after." Ryan also told Eurogamer that cross-platform decisions were "a commercial discussion between ourselves and other stakeholders." That suggests there may be some financial issues between the parties involved that are preventing cross-console play from moving forward. Perhaps Sony wants someone else to pay for the work required to get its network talking to Microsoft's? The bottom line, though, might be that Sony just doesn't want to partially give away its sizable advantage in console sales by letting Microsoft hook into that vast network of players.

IBM

IBM To Trace Food Contamination With Blockchain (cnbc.com) 47

Thelasko shares a report from CNBC: IBM has been joined by a group of global food giants including the likes of Nestle, Unilever and Walmart in an effort to reduce food contamination by using blockchain. The corporation announced Tuesday that it would enable global food businesses to use its blockchain network to trace the source of contaminated produce. IBM said that the problem of consumer health suffering at the hands of toxic food could be solved using its distributed ledger technology, which maintains a digital record of transactions rather than a physical one. It would enable food suppliers to source information about the origin, condition and movement of food, and to trace contaminated produce in mere seconds.
Verizon

Verizon To Start Throttling All Smartphone Videos To 480p or 720p (arstechnica.com) 188

Verizon Wireless will start throttling video streams to resolutions as low as 480p on smartphones this week. Most data plans will get 720p video on smartphones, but customers won't have any option to completely un-throttle video. From a report: 1080p will be the highest resolution provided on tablets, effectively ruling out 4K video on Verizon's mobile network. Anything identified as a video will not be given more than 10Mbps worth of bandwidth. This limit will affect mobile hotspot usage as well. Verizon started selling unlimited smartphone data plans in February of this year, and the carrier said at the time that it would deliver video to customers at the same resolution used by streaming video companies. "We deliver whatever the content provider gives us. We don't manipulate the data," Verizon told Ars in February. That changes beginning on Wednesday, both for existing customers and new ones. The changes were detailed today in an announcement of new unlimited data plans. Starting August 23, Verizon's cheapest single-line unlimited smartphone data plan will cost $75 a month, which is $5 less than it cost before. The plan will include only "DVD-quality streaming" of 480p on phones and 720p on tablets.The new Verizon cell phone plans can be compare side by side here, along with all of Verizon's existing plans.
Bitcoin

Third Party Trackers On Web Shops Can Identify Users Behind Bitcoin Transactions (helpnetsecurity.com) 62

An anonymous reader quotes a report from Help Net Security: More and more shopping websites accept cryptocurrencies as a method of payment, but users should be aware that these transactions can be used to deanonymize them -- even if they are using blockchain anonymity techniques such as CoinJoin. Independent researcher Dillon Reisman and Steven Goldfeder, Harry Kalodner and Arvind Narayanan from Princeton University have demonstrated that third-party online tracking provides enough information to identify a transaction on the blockchain, link it to the user's cookie and, ultimately, to the user's real identity. "Based on tracking cookies, the transaction can be linked to the user's activities across the web. And based on well-known Bitcoin address clustering techniques, it can be linked to their other Bitcoin transactions," they noted. "We show that a small amount of additional information, namely that two (or more) transactions were made by the same entity, is sufficient to undo the effect of mixing. While such auxiliary information is available to many potential entities -- merchants, other counterparties such as websites that accept donations, intermediaries such as payment processors, and potentially network eavesdroppers -- web trackers are in the ideal position to carry out this attack," they pointed out.
XBox (Games)

Microsoft Outlines the Upgrade Procedures For Xbox One X (arstechnica.com) 48

An anonymous reader quotes a report from Ars Technica: The easiest way to get all your games to the new system, as outlined by Microsoft Vice President Mike Ybarra, will be to just put them on an external USB hard drive and then plug that drive into the new console. "All your games are ready to play" immediately after this external hard drive move, he said, and user-specific settings can also be copied via external hard drive in the same way. If you don't have an external drive handy, "we're going to let you copy games and apps off your home network instead of having to manually move them or redownload them off the Internet," Ybarra said. It's unclear right now if Microsoft will mirror the PS4 Pro and allow this kind of system-to-system transfer using an Ethernet cable plugged directly into both consoles. For those who want to see as many pixels as possible as quickly as possible when they get their Xbox One X, Ybarra says you'll be able to download 4K updates for supported games before the Xbox One X is even available, then use those updates immediately after the system transfer. Microsoft also released a list of 118 current and upcoming games that will be optimized for the Xbox One X via updates, a big increase from the few dozens announced back at E3.
Censorship

50,000 Users Test New Anti-Censorship Tool TapDance (www.cbc.ca) 195

The CBC reports: What if circumventing censorship didn't rely on some app or service provider that would eventually get blocked but was built into the very core of the internet itself? What if the routers and servers that underpin the internet -- infrastructure so important that it would be impractical to block -- could also double as one big anti-censorship tool...? After six years in development, three research groups have joined forces to conduct real-world tests.
An anonymous reader writes: Earlier this week, Professor Eric Wustrow, from the University of Colorado at Boulder, presented An ISP-Scale Deployment of TapDance at the USENIX Workshop on Free and Open Communications on the Internet. TapDance is an anti-censorship, circumvention application based on "refraction networking" (formerly known as "decoy routing") that has been the subject of academic research for several years. Now, with integration with Psiphon, 50,000 users, a deployment that spans two ISPs, and an open source release, it seems to have graduated to the real world.
"In the long run, we absolutely do want to see refraction networking deployed at as many ISPs that are as deep in the network as possible," one of the paper's authors told the CBC. "We would love to be so deeply embedded in the core of the network that to block this tool of free communication would be cost-prohibitive for censors."
Android

postmarketOS Pursues A Linux-Based, LTS OS For Android Phones (liliputing.com) 109

An anonymous reader quotes Liliputing: Buy an iPhone and you might get 4-5 years of official software updates. Android phones typically get 1-3 years of updates... if they get any updates at all. But there are ways to breathe new life into some older Android phones. If you can unlock the bootloader, you may be able to install a custom ROM like LineageOS and get unofficial software updates for a few more years. The folks behind postmarketOS want to go even further: they're developing a Linux-based alternative to Android with the goal of providing up to 10 years of support for old smartphones...

Right now postmarketOS is a touch-friendly operating system based on Alpine Linux that runs on a handful of devices including the Samsung Galaxy Nexus, Google Nexus 4, 5, and 7 (2012), and several other Samsung, HTC, LG, Motorola, and Sony smartphones. There are also ports for some non-Android phones such as the Nokia N900 and work-in-progress builds for the BlackBerry Bolt Touch 9900 and Jolla Phone. Note that when I say the operating system runs on those devices, I basically mean it boots. Some phones only have network access via a USB cable, for instance. None of the devices can actually be used to make phone calls. But here's the cool thing: the developers are hoping to create a single kernel that works with all supported devices, which means that postmarketOS would work a lot like a desktop operating system, allowing you to install the same OS on any smartphone with the proper hardware.

One postmarketOS developer complains that Android's architecture "is based on forking (one might as well say copy-pasting) the entire code-base for each and every device and Android version. And then working on that independent, basically instantly incompatible version. Especially adding device-specific drivers plays an important role... Here is the solution: Bend an existing Linux distribution to run on smartphones. Apply all necessary changes as small patches and upstream them, where it makes sense."
Encryption

Google Warns Webmasters About Insecure HTTP Web Forms (searchengineland.com) 94

In April Chrome began marking HTTP pages as "not secure" in its address bar if the pages had password or credit card fields. They're about to take the next step. An anonymous reader quotes SearchEngineLand: Last night, Google sent email notifications via Google Search Console to site owners that have forms on web pages over HTTP... Google said, "Beginning in October 2017, Chrome will show the 'Not secure' warning in two additional situations: when users enter data on an HTTP page, and on all HTTP pages visited in Incognito mode."
Google warned in April that "Our plan to label HTTP sites as non-secure is taking place in gradual steps, based on increasingly broad criteria. Since the change in Chrome 56, there has been a 23% reduction in the fraction of navigations to HTTP pages with password or credit card forms on desktop, and we're ready to take the next steps..."

"Any type of data that users type into websites should not be accessible to others on the network, so starting in version 62 Chrome will show the 'Not secure' warning when users type data into HTTP sites."
Electronic Frontier Foundation

EFF Honors Chelsea Manning, an IFEX Leader, And TechDirt's Editor (eff.org) 108

An anonymous reader quotes the Electronic Frontier Foundation: Whistleblower and activist Chelsea Manning, Techdirt editor and open internet advocate Mike Masnick, and IFEX executive director and global freedom of expression defender Annie Game are the distinguished winners of the 2017 Pioneer Awards, which recognize leaders who are extending freedom and innovation on the electronic frontier. This year's honorees -- a whistleblower, an editor, and an international freedom of expression activist -- all have worked tirelessly to protect the public's right to know.

The award ceremony will be held the evening of September 14 at Delancey Street's Town Hall Room in San Francisco. The keynote speaker is Emmy-nominated comedy writer Ashley Nicole Black, a correspondent on Full Frontal with Samantha Bee who uses her unique comedic style to take on government surveillance, encryption, and freedom of information.

The EFF describes Chelsea Manning as "a network security expert, whistleblower, and former U.S. Army intelligence analyst whose disclosure of classified Iraq war documents exposed human rights abuses and corruption the government kept hidden from the public." Their annoncement also notes that Annie Game has led the IFEX network of 115+ journalism and civil liberties groups around the world for over 10 years, and that Mike Masnick coined the term "The Streisand Effect" -- and is currently being sued by that man who claims he invented email.
Transportation

Unpatchable 'Flaw' Affects Most of Today's Modern Cars (bleepingcomputer.com) 225

Catalin Cimpanu, writing for BleepingComputer: A flaw buried deep in the hearts of all modern cars allows an attacker with local or even remote access to a vehicle to shut down various components, including safety systems such as airbags, brakes, parking sensors, and others. The vulnerability affects the CAN (Controller Area Network) protocol that's deployed in modern cars and used to manage communications between a vehicle's internal components. The flaw was discovered by a collaborative effort of Politecnico di Milano, Linklayer Labs, and Trend Micro's Forward-looking Threat Research (FTR) team. Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable.
Bitcoin

Bitcoin Is Forking. Again. (vice.com) 120

Merely weeks after it was announced that Bitcoin was splitting into two separate entities, the initial version of bitcoin and it's new "bitcoin cash," the network is adding a third version, according to a report. From the article: On Wednesday, a group of bitcoiners scheduled yet another split for the network in November, which would create a third version of bitcoin. So, what makes this version different from the others? Right now, the bitcoin network can sometimes take a long time to process transactions due to so many people using it. This is because the "blocks" of transaction data that get added to bitcoin's public ledger, the blockchain, are getting full. In the weeks preceding the fork, bitcoin coalesced around a solution called "segregated witness," which will change how data is stored in blocks to free up some space when it kicks in later in August. But the size of the blocks themselves will stay at one megabyte on the original bitcoin blockchain. Still, some bitcoiners maintained that the only way to speed bitcoin up for the foreseeable future was to increase the size of blocks themselves. So, a group of bitcoin companies and developers got together and launched a fork called bitcoin cash, which does not include segregated witness. It bumped the size of blocks up to a maximum of eight megabytes. That fork was widely anticipated to be a failure before it happened, but at the time of writing, bitcoin cash is trading above $300 USD per coin, which is comparable to cryptocurrencies like ethereum. Sounds like everyone got what they wanted, right? Oh, no. There's a third group of bitcoin developers, companies, and users who advocate for a "best of both worlds approach." This group includes Bitmain, the largest bitcoin infrastructure company in the world, and legendary bitcoin developer Jeff Garzik. They got together back in May and signed what is known as the "New York Agreement," which bound them to implement a two megabyte block size increase alongside segregated witness via a hard fork within six months of the time of signing. They call the fork Segwit2x. Now, that's exactly what's happening. According to an announcement posted to the Segwit2x GitHub repository, a bitcoin block between one and two megabytes will be created at block 494,784.
Android

Essential Phone Will Ship Next Week, Shortly After Breaking $1 Billion Valuation (9to5google.com) 87

New submitter cloud.pt writes: Andy Rubin's Essential Phone will be released next week according to 9to5Google, just shy from its initial June mark. The company has been speculated to be worth around $1.2 billion, after giant Foxconn filed yesterday for a 0.25% acquisition at around $3 million -- clearing unicorn status as it hasn't shipped a single unit at the time. According to Engadget, future and existing pre-orders will have a chance to switch to the Pure White version of the slab, despite initial shipments being scheduled to be of the Black Moon variety. Essential's storefront orders will get the device unlocked, while the only parties offering the device will initially be Sprint. Rumor has it Amazon plans to sell the device as it invested in the company through its Alexa fund. No matter the contract attached, it will come with the full range of network capabilities unlocked.
Communications

Neo-Nazi Site The Daily Stormer Moves To Dark Web After Shutdown (vice.com) 337

After being shutdown by Google and GoDaddy, prominent neo-Nazi website The Daily Stormer has moved their site to the dark web. "The new site is now only available through the Tor network, which allows users to set up their own domains," reports VICE News. "The original site, Dailystormer.com, is now fully offline." From the report: The homepage, as of Tuesday morning, contained articles that make light of the car ramming attack that claimed the life of 32-year-old Heather Heyer; admonish the "Jew media;" liberally employ various racial epithets; and, in a less offensive post, provided an update on which characters are available on Pokemon Go. In a statement, the site's founder promised to bring his site back online. "The Daily Stormer will be live in internet prison with drug dealers, terrorists and perverts, which is where we've been exiled to, for all time," Andrew Anglin said in a statement sent to VICE News. "We should have a real domain online within 24 hours. If it gets shut down again, people will know we are on the black web."
The Internet

Cloudflare is the One Tech Company Still Sticking By Neo-Nazi Websites (qz.com) 549

An anonymous reader shares a report: One company is sticking by The Daily Stormer and other far-right websites: the cloud security and performance service Cloudflare. Cloudflare acts as a shield between websites and the outside world, protecting them from hackers and preserving the anonymity of the sites' owners. But Cloudflare is not a hosting service: It does not store website content on its servers. And that fact, as far as the company is concerned, exempts it from judgment over who its clients are -- even if those clients are literally Nazis. In a statement Cloudflare sent to Quartz and other publications yesterday, the company refused to explicitly say it will continue to do business with sites like The Daily Stormer, but pointed out that the content would exist regardless of what Cloudflare does or doesn't do. "Cloudflare is aware of the concerns that have been raised over some sites that have used our network. We find the content on some of these sites repugnant. While our policy is to not comment on any user specifically, we are cooperating with law enforcement in any investigation. Cloudflare is not the host of any website. Cloudflare is a network that provides performance and security services to more than 10% of all Internet requests. Cloudflare terminating any user would not remove their content from the Internet, it would simply make a site slower and more vulnerable to attack."
UPDATE: The Daily Stormer now says Cloudflare has decided to drop their site after all.
The Courts

Judge Says LinkedIn Cannot Block Startup From Public Profile Data (reuters.com) 166

A U.S. federal judge on Monday ruled that LinkedIn cannot prevent a startup from accessing public profile data, in a test of how much control a social media site can wield over information its users have deemed to be public. Reuters reports: U.S. District Judge Edward Chen in San Francisco granted a preliminary injunction request brought by hiQ Labs, and ordered LinkedIn to remove within 24 hours any technology preventing hiQ from accessing public profiles. The dispute between the two tech companies has been going on since May, when LinkedIn issued a letter to hiQ Labs instructing the startup to stop scraping data from its service. HiQ Labs responded by filing a suit against LinkedIn in June, alleging that the Microsoft-owned social network was in violation of antitrust laws. HiQ Labs uses the LinkedIn data to build algorithms capable of predicting employee behaviors, such as when they might quit. "To the extent LinkedIn has already put in place technology to prevent hiQ from accessing these public profiles, it is ordered to remove any such barriers," Chen's order reads. Meanwhile, LinkedIn said in a statement: "We're disappointed in the court's ruling. This case is not over. We will continue to fight to protect our members' ability to control the information they make available on LinkedIn."
AI

Elon Musk + AI + Microsoft = Awesome Dota 2 Player (theverge.com) 106

An anonymous reader quotes the Verge: Tonight during Valve's yearly Dota 2 tournament, a surprise segment introduced what could be the best new player in the world -- a bot from Elon Musk-backed startup OpenAI. Engineers from the nonprofit say the bot learned enough to beat Dota 2 pros in just two weeks of real-time learning, though in that training period they say it amassed "lifetimes" of experience, likely using a neural network judging by the company's prior efforts. Musk is hailing the achievement as the first time artificial intelligence has been able to beat pros in competitive e-sports... Elon Musk founded OpenAI as a nonprofit venture to prevent AI from destroying the world -- something Musk has been beating the drum about for years.
"Nobody likes being regulated," Musk wrote on Twitter Friday, "but everything (cars, planes, food, drugs, etc) that's a danger to the public is regulated. AI should be too."

Musk also thanked Microsoft on Twitter "for use of their Azure cloud computing platform. This required massive processing power."
Communications

iOS 10 Quietly Deprecated A Crucial API For VoIP and Communication Apps (apple.com) 122

neutrino38 warns that iOS 10 includes a significant change "overlooked by the general public": It deprecates an API that is crucial for VoIP and other instant messaging applications that enable keeping one socket active despite the fact that the application would run in the background. As a replacement, developers need to use PushKit: when an incoming call is to be forwarded to an iOS VoIP client, the VoIP infrastructure needs to:

- withold the call
- contact Apple push infrastructure using a proprietary protocol to wake up the client app remotely
- wait for the application to reconnect to the infrastructure and release the call when it is ready

This "I know better than you" approach is meant to further optimize battery life on iOS devices by avoiding the use of resources by apps running in background. It has also the positive effect of forcing developers to switch to a push model and remove all periodic pollings that ultimately use mobile data and clog the Internet. However, the decision to use an Apple infrastructure has many consequences for VoIP providers:

- the reliability of serving incoming calls is directly bound to Apple service
- Apple may revoke the PushKit certificate. It thus has life and death decision power over third-party communication infrastructures
- organizations wanting to setup IPBX and use iOS client have no option but to open access for the push services of Apple in their firewall
- It is not possible to have iOS VoIP or communication clients in network disconnected from the Internet - Pure standard SIP clients are now broken on iOS

The original submission argues that Apple is creating "the perfect walled garden," adding that "Ironically, the only VoIP 'app' that is not affected is the (future?) VoLTE client that will be added to iOS one day."

Slashdot Top Deals