Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Communications

Verizon Switches On LTE Advanced In 461 Cities -- Is Your Phone Compatible? (betanews.com) 19

An anonymous reader writes: Today, the carrier announces that its LTE is getting much faster. In 461 cities across the USA, it switches on the speedier 'LTE Advanced' (LTE-A). Best of all, many existing devices are compatible.
The company said in a blog post:"Verizon LTE Advanced uses software that combines multiple channels to speed mobile data over the network more quickly than ever before. The result is 50 percent faster peak speeds in cities nationwide for Verizon customers using one of the 39 LTE Advanced-capable phones and tablets already on Verizon's network -- including top-selling Samsung Galaxy S6 and S7 smartphones, Moto Droids and Apple iPhones. As new devices from Apple, Samsung, LG and other manufacturers are introduced, they will be LTE Advanced-capable right out of the box."
Graphics

Players Seek 'No Man's Sky' Refunds, Sony's Content Director Calls Them Thieves (tweaktown.com) 447

thegarbz writes: As was covered previously on Slashdot the very hyped up game No Man's Sky was released to a lot of negative reviews about game-crashing bugs and poor interface choices. Now that players have had more time to play the game it has become clear that many of the features hyped by developers are not present in the game, and users quickly started describing the game as "boring".

Now, likely due to misleading advertising, Steam has begun allowing refunds for No Man's Sky regardless of playtime, and there are reports of players getting refunds on the Play Station Network as well despite Sony's strict no refund policy.
Besides Sony, Amazon is also issuing refunds, according to game sites. In response, Sony's former Strategic Content Director, Shahid Kamal Ahmad, wrote on Twitter, "If you're getting a refund after playing a game for 50 hours you're a thief." He later added "Here's the good news: Most players are not thieves. Most players are decent, honest people without whose support there could be no industry."

In a follow-up he acknowledged it was fair to consider a few hours lost to game-breaking crashes, adding "Each case should be considered on its own merits and perhaps I shouldn't be so unequivocal."
Communications

Cybercriminals Select Insiders To Attack Telecom Providers (helpnetsecurity.com) 24

An anonymous reader quotes a report from Help Net Security: Cybercriminals are using insiders to gain access to telecommunications networks and subscriber data, according to Kaspersky Lab. In addition, these criminals are also recruiting disillusioned employees through underground channels and blackmailing staff using compromising information gathered from open sources...

According to Kaspersky Lab researchers, if an attack on a cellular service provider is planned, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify the employees who can enable network mapping and man-in-the-middle attacks.

Facebook

Facebook Says Humans Won't Write Its Trending Topic Descriptions Anymore (recode.net) 76

Following a former Facebook journalist's report that the company's workers routinely suppressed news stories of interest to conservative readers from the social network's Trending Topics section, the company has been in damage control mode. First, the company announced it would tweak its Trending Topics section and revamp how editors find trending stories. Specifically, they will train the human editors who work on Facebook's trending section and abandon several automated tools it used to find and categorize trending news in the past. Most recently, Facebook added political scenarios to its orientation training following the concerns. Now, it appears that Facebook will "end its practice of writing editorial descriptions for topics, replacing them with snippets of text pulled from news stories." Kurt Wagner, writing for Recode: It's been more than three months since Gizmodo first published a story claiming Facebook's human editors were suppressing conservative news content on the site's Trending Topics section. Facebook vehemently denied the report, but has been dealing with the story's aftermath ever since. On Friday, Facebook announced another small but notable change to Trending Topics: Human editors will no longer write the short story descriptions that accompany a trending topic on the site. Instead, Facebook is going to use algorithms to "pull excerpts directly from stories." It is not, however, cutting out humans entirely. In fact, Facebook employees will still select which stories ultimately make it into the trending section. An algorithm will surface popular stories, but Facebook editors will weed out the inappropriate or fake ones. "There are still people involved in this process to ensure that the topics that appear in Trending remain high-quality," the company's blog reads.
Encryption

PSA: PlayStation Network Gets Two-Step Verification (arstechnica.com) 42

Consider this a public service announcement: Sony has (finally) added two-factor authentication to PlayStation Network accounts. If you're a PlayStation user and are reading this right now, you really should go set it up so that someone doesn't try to take over your account and steal your password. Ars Technica details how you can set up the new security features: "Turn on your PS4 and go to Settings -> PlayStation Network Account Management -> Account Information -> Security -> 2-Step Verification. You can also set it up through the web by logging into your PSN account on the web and going through the Security tab under the Account header. From there, on-screen instructions will walk you through the process of using a text message to confirm your mobile device as a secondary layer of security for your PSN account. Two-factor support is not available when logging on to older PlayStation systems, so Sony recommends you generate a 'device setup password' to help protect the PS3, Vita, or PSP." Two-factor authentication comes five years after hackers breached PSN's security and stole 77 million accounts.
Communications

FCC Proposes 5G Cybersecurity Requirements, Asks For Industry Advice (fedscoop.com) 29

Presto Vivace quotes a report from FedScoop: "Cybersecurity issues must be addressed during the design phase for the entire 5G ecosystem, including devices. This will place a premium on collaboration among all stakeholders," said FCC chairman Tom Wheeler during a National Press Club event on June 20. "We continue to prefer an approach that emphasizes that industry develop cybersecurity standards just as we have done in wired networks." The FCC published a request Wednesday for comment on a new set of proposed 5G rules to the Federal Register focused on adding specific "performance requirements" for developers of example internet-connected devices. If a company hopes to secure a license to access higher-frequency 5G spectrum in the future then they will need to adhere to these specific requirements -- in other words, compliance is non-negotiable. Notably, these FCC "performance requirements" now include the submission of a network security plan. The report adds: "A quick review of the FCC's proposed 5G cybersecurity plan shows a six category split, organized by a companies' security approach, coordination efforts, standards and best practices, participation with standards bodies, other security approaches and plans with information sharing organizations. Security plans must be submitted to the commission at least six months before a 5G-ready product enters the market, according to the notice."
Wireless Networking

Italy Quake Rescuers Ask Locals To Unlock Their Wi-Fi (bbc.com) 140

Rescue teams searching for earthquake survivors in central Italy have asked locals to unlock their Wifi passwords. The Italian Red Cross says residents' home networks can assist with communications during the search for survivors, reports BBC. From the report: On Wednesday a 6.2 magnitude earthquake struck central Italy and killed more than 240 people. More than 4,300 rescuers are looking for survivors believed to still be trapped in the rubble. On Twitter, the Italian Red Cross posted a step-by-step guide which explains how local residents can switch off their Wifi network encryption. Similar requests have been made by the National Geological Association and Lazio Region. A security expert has warned that removing encryption from a home Wifi network carries its own risks, but added that those concerns are trivial in the context of the rescue operation.
The Internet

MIT Scientists Develop New Wi-Fi That's 330% Faster (msn.com) 85

An anonymous reader quotes a report from MSN: Scientists at MIT claim to have created a new wireless technology that can triple Wi-Fi data speeds while also doubling the range of the signal. Dubbed MegaMIMO 2.0, the system will shortly enter commercialization and could ease the strain on our increasingly crowded wireless networks. Multiple-input-multiple-output technology, or MIMO, helps networked devices perform better by combining multiple transmitters and receivers that work simultaneously, allowing then to send and receive more than one data signal at the same time. MIT's MegaMIMO 2.0 works by allowing several routers to work in harmony, transmitting data over the same piece of spectrum. MIT claimed that during tests, MegaMIMO 2.0 was able to increase data transfer speed of four laptops connected to the same Wi-Fi network by 330 percent. Paper co-author Rahul said the technology could also be applied to mobile phone networks to solve similar congestion issues. "In today's wireless world, you can't solve spectrum crunch by throwing more transmitters at the problem, because they will all still be interfering with one another," Ezzeldin Hamed, lead author on a paper on the topic, told MIT News. "The answer is to have all those access points work with each other simultaneously to efficiently use the available spectrum."
The Internet

Singapore To Cut Off Public Servants From the Internet (theguardian.com) 59

Singapore is planning to cut off web access for public servants as a defence against potential cyber attack, Reuters reports. The local government's move has already been criticized by many, who say that it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation". From an article on The Guardian: Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say. Ben Desjardins, director of security solutions at network security firm Radware, called it "one of the more extreme measures I can recall by a large public organisation to combat cyber security risks." Stephen Dane, a Hong Kong-based managing director at networking company Cisco Systems, said it was "a most unusual situation" and Ramki Thurimella, chair of the computer science department at the University of Denver, called it both "unprecedented" and "a little excessive".
Android

Opera Brings Its Free VPN Service To Android (techcrunch.com) 26

Frederic Lardinois, writing for TechCrunch: Earlier this year, Opera launched its free and unlimited VPN service for iOS; today it is bringing the same functionality to Android. Like the iOS version, the Android app is based on Opera's acquisition of SurfEasy in 2015 and allows you to surf safely when you are on a public network. While Opera's marketing mostly focuses on safety, Opera VPN also allows you to appear as if you are in the U.S., Canada, Germany, Singapore and The Netherlands, so it's also a way to route around certain geo-restrictions without having to opt for a paid service. In addition to its VPN features, the service also allows you to block ad trackers. Somewhat ironically, though, the app itself will show you some pretty unintrusive ads. "The Opera VPN app for Android sets itself apart from other VPNs by offering a completely free service; without a data limit, no log-in required, advanced Wi-Fi protection features and no need for a subscription," says Chris Houston, the president of Opera's SurfEasy VPN division, in today's announcement.
AT&T

AT&T Says LTE Can Still Offer Speeds Up To 1 Gbps (dslreports.com) 50

An anonymous reader writes from a report via DSL Reports: ATT CTO Andre Fuetsch said at a telecom conference last week that the company's existing LTE network should be able to reach speeds of 1 Gbps before the standard ultimately gets overshadowed by faster 5G tech. The new 5G technology isn't expected to arrive until 2020 at the earliest, so LTE has a lot of time left as the predominant wireless connectivity. "There's a lot of focus on 5G -- but don't discount LTE," Fuetsch said. "LTE is still here. And LTE will be around for a long time. And LTE has also enormous potential in that, you'll be capable of supporting 1 gigabit speeds as well." 5G will help move past 1 Gbps speeds, while also providing significantly lower latency. "You'll see us sharing more about the trial activity we're doing," said Fuetsch. "Everything that's being [tested] right now is not standard, it's all sort of proprietary. But this is an important process to go through because this is how you learn and how it helps define standards."
IT

Activists Call For General Strike On the Tor Network (vice.com) 127

Reader derekmead writes: Some Tor users are very unhappy with the way the project has been run in recent months, and are calling for a blackout on September 1st. They are asking users to not use Tor, for developers to stop working on Tor, and for those who run parts of the network's infrastructure to shut it down. The disgruntled users feel that Tor can no longer be fully trusted after a brief hiring of an ex-CIA official and the internal sexual misconduct investigation against activist Jacob Appelbaum.
Government

Group Wants To Shut Down Tor For a Day On September 1 (softpedia.com) 228

An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here.
"The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."
Security

Software Exploits Aren't Needed To Hack Most Organizations (darkreading.com) 57

The five most common ways of hacking an organization all involve stolen credentials, "based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks," writes an anonymous Slashdot reader. In fact, 66% of the researchers' successful attacks involved cracking a weak domain user password. From an article on Dark Reading: Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation...

"If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?" says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks -- tactics that may not stop attackers from stealing credentials, but "building in the defenses so it's really not a big deal if they do"... [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization's entire computing environment, exfiltrating all documents along the way.

Similar results were reported in Verizon's 2016 Data Breach Investigations Report.
Twitter

Twitter Announces New Blocking and Filtering Features (wired.co.uk) 118

Twitter just began rolling out "new ways to control your experience," promising the two new features "will give you more control over what you see and who you interact with on Twitter." An anonymous Slashdot reader quotes a report from Wired UK: First up, notification settings will allow those using Twitter on the web or on desktop to limit the notifications they receive for @ mentions, RTs, and other interactions to just be from people they follow. The feature can be turned on through the notifications tab. Twitter is also expanding its quality filter -- also accessible through notifications. "When turned on, the filter can improve the quality of Tweets you see by using a variety of signals, such as account origin and behavior," the company's product manager Emil Leong said in a blog post.

In December 2015, the company changed its rules to explicitly ban "hateful conduct" for the first time, while back in February last year, Twitter's then-CEO Dick Costolo admitted the network needed to improve how it handled trolls and abuse. In a leaked memo he said: "I'm frankly ashamed of how poorly we've dealt with this issue during my tenure as CEO. It's absurd. There's no excuse for it. I take full responsibility for not being more aggressive on this front. It's nobody else's fault but mine, and it's embarrassing."

Meanwhile, the Twitter account of Wikipedia co-founder Jimmy Wales was hacked on Saturday.
Encryption

How SSL/TLS Encryption Hides Malware (cso.com.au) 87

Around 65% of the internet's one zettabyte of global traffic uses SSL/TLS encryption -- but Slashdot reader River Tam shares an article recalling last August when 910 million web browsers were potentially exposed to malware hidden in a Yahoo ad that was hidden from firewalls by SSL/TLS encryption: When victims don't have the right protection measures in place, attackers can cipher command and control communications and malicious code to evade intrusion prevention systems and anti-malware inspection systems. In effect, the SSL/TLS encryption serves as a tunnel to hide malware as it can pass through firewalls and into organizations' networks undetected if the right safeguards aren't in place. As SSL/TLS usage grows, the appeal of this threat vector for hackers too increases.

Companies can stop SSL/TLS attacks, however most don't have their existing security features properly enabled to do so. Legacy network security solutions typically don't have the features needed to inspect SSL/TLS-encrypted traffic. The ones that do, often suffer from such extreme performance issues when inspecting traffic, that most companies with legacy solutions abandon SSL/TLS inspection.

Crime

Want To Hunt Bank Robbers? There's an App For That, Says The FBI (networkworld.com) 68

Long-time Slashdot reader coondoggie quotes an article from Network World: The FBI today said it released a new application making it easier for the public -- as well as financial institutions, law enforcement agencies, and others -- to view photos and information about bank robberies in different geographic areas of the country.
The FBI's new "Bank Robbers" application runs on both Android and iOS, according to the article, "and lets users sort bank robberies by the date they occurred, the category they fall under (i.e., armed serial bank robber), the FBI field office working the case, or the state where the robbery occurred." The app ties into BankRobbers.fbi.gov, which overlays FBI information about bank robberies onto Google Maps.

The app's users "can also select push notifications to be informed when a bank robbery has taken place near their location," according to the FBI's site, which adds innocently that "If the location services on your device are enabled, you can view a map that shows the relevant bank robberies that took place in your geographic area..."
Network

Comcast Rolls Out $70-Per-Month Gigabit Internet Service In Chicago (pcmag.com) 93

An anonymous reader writes from a report via PC Magazine: Comcast is now offering Chicagoans gigabit internet speeds. PC Magazine reports: "Launched on Wednesday, the program uses DOCSIS 3.1 technology to deliver speeds up to 1Gbps over existing network infrastructure. DOCSIS 3.1 runs through standard cable connections already in place at your home or office. So Xfinity and Comcast Business Internet customers can simply sign up for a plan and plug in a new modem; no fiber installation required. The service, according to Comcast, allows you to download a 5GB HD movie in 40 seconds, a 60MB TV episode in four seconds, a 150MB music album in two seconds, or a 15GB video game in two minutes. Initial users have the choice of a promotional contract price of $70 per month for 36 months, or $139.95 per month (plus tax and fees) with no contract."
Botnet

'Smart' Electrical Socket Leaks Your Email Address, Can Launch DDoS Attacks (softpedia.com) 82

An anonymous reader writes from a report via Softpedia: There is an insecure IoT smart electrical socket on the market that leaks your Wi-Fi password, your email credentials (if configured), and is also poorly coded, allowing attackers to hijack the device via a simple command injection in the password field. Researchers say that because of the nature of the flaws, attackers can overwrite its firmware and add the device to a botnet, possibly using it for DDoS attacks, among other things. Bitdefender didn't reveal the device's manufacturer but said the vendor is working on a fix, which will be released in late Q3 2016. Problems with the device include a lack of encryption for device communications and the lack of any basic input sanitization for the password field. "Up until now most IoT vulnerabilities could be exploited only in the proximity of the smart home they were serving, however, this flaw allows hackers to control devices over the internet and bypass the limitations of the network address translation," says Alexandru Balan, Chief Security Researcher at Bitdefender. "This is a serious vulnerability, we could see botnets made up of these power outlets."
Facebook

Facebook Teams Up With Unity To Create a Gaming Platform To Rival Steam (betanews.com) 103

Facebook is now shifting its attention back to capturing the gaming market. The company said Thursday that it's working with game engine Unity to build a dedicated, downloadable desktop gaming platform. The social juggernaut added that it is also broadening the Facebook.com experience for gamers. BetaNews reports: Facebook is starting to take gaming far more seriously. Not content with funneling the likes of Candy Crush through its servers, the social network is now joining forces with the company behind the Unity game engine to create its own desktop gaming platform. The aim is to tap into not only the millions of gamers that are already on Facebook, but also to gather more from the PC-gaming community. It's a new venture that very clearly treads on the toes of Steam, and is likely to cause ripples in the gaming world. The scope of the work between Facebook and Unity Technologies is quite wide. It will bring together Unity's 2D, 3D, VR and AR development platform with Facebook's own game development tools. While Facebook is currently associated with very casual gaming, hooking up with an established serious player in the field means we're likely to see the social network appealing more to hardcore gamers.

Slashdot Top Deals