Bitcoin

The Los Angeles Times Website Is Unintentionally Serving a Cryptocurrency Mining Script (itwire.com) 32

troublemaker_23 shares a report from iTWire: The Los Angeles Times website is serving a cryptocurrency mining script which appears to have been placed there by malicious attackers, according to a well-known security expert. British infosec researcher Kevin Beaumont, who has warned that Amazon AWS servers could be held to ransom due to lax security, tweeted that the newspaper's site was serving a script created by Coinhive. The Coinhive script mines for the monero cryptocurrency. The S3 bucket used by the LA Times is apparently world-writable and an ethical hacker appears to have left a warning in the repository, warning of possible misuse and asking the owner to secure the bucket.
Communications

23 Attorneys General Refile Challenge To FCC Net Neutrality Repeal (engadget.com) 30

An anonymous reader quotes a report from Reuters: A coalition of 22 state attorneys general and the District of Columbia on Thursday refiled legal challenges intended to block the Trump administration's repeal of landmark rules designed to ensure a free and open internet from taking effect. The Federal Communications Commission officially published its order overturning the net neutrality rules in the Federal Register on Thursday, a procedural step that allows for the filing of legal challenges. The states, along with web browser developer Mozilla and video-sharing website Vimeo, had filed petitions preserving their right to sue in January, but agreed to withdraw them last Friday and wait for the FCC's publication. The attorneys general argue that the FCC cannot make "arbitrary and capricious" changes to existing policies and that it misinterpreted and disregarded "critical record evidence on industry practices and harm to consumers and businesses." The White House Office of Management and Budget still must sign off on some aspects of the FCC reversal before it takes legal effect. That could take months.
Government

President Trump: 'We Have To Do Something' About Violent Video Games, Movies (arstechnica.com) 563

An anonymous reader quotes a report from Ars Technica: In a White House meeting held with lawmakers on the theme of school safety, President Donald Trump offered both a direct and vague call to action against violence in media by calling out video games and movies. "We have to do something about what [kids are] seeing and how they're seeing it," Trump said during the meeting. "And also video games. I'm hearing more and more people say the level of violence on video games is shaping more and more people's thoughts." Trump followed this statement by referencing "movies [that] come out that are so violent with the killing and everything else." He made a suggestion for keeping children from watching violent films: "Maybe they have to put a rating system for that." The MPAA's ratings board began adding specific disclaimers about sexual, drug, and violent content in all rated films in the year 2000, which can be found in small text in every MPAA rating box.
Twitter

Twitter Updates Developer Rules in the Wake of Bot Crackdown (mashable.com) 65

Twitter is getting serious about its bot problem. From a report: Hours after a massive bot purge that prompted the #TwitterLockOut hashtag to trend, the company is announcing new rules for developers meant to prevent bots from using third-party apps to spread spam. According to the new rules, developers that use Twitter's API will no longer be able to let users: Simultaneously post identical or substantially similar content to multiple accounts. Simultaneously perform actions such as Likes, Retweets, or follows from multiple accounts Use of any form of automation (including scheduling) to post identical or substantially similar content, or to perform actions such as Likes or Retweets, across many accounts that have authorized your app (whether or not you created or directly control those accounts) is not permitted.
Sci-Fi

Amazon Is Developing a TV Series Based On Iain M. Banks' Sci-Fi Novel 'Consider Phlebas' (hollywoodreporter.com) 97

leathered writes: Jeff Bezos today announced that Amazon Studios has picked up the rights to adapt the late Iain M. Bank's acclaimed Culture novels to the small screen, beginning with the first in the series, Consider Phlebas. This comes after nearly three decades of attempts to bring Banks' utopian, post-scarcity society to film or television. A huge fan of the Culture series is Elon Musk, whose SpaceX drone ships are named after Culture space vessels. Here's how Amazon describes Consider Phlebas: "a kinetic, action-packed adventure on a huge canvas. The book draws upon the extraordinary world and mythology Banks created in the Culture, in which a highly advanced and progressive society ends up at war with the Idirans, a deeply religious, warlike race intent on dominating the entire galaxy. The story centers on Horza, a rogue agent tasked by the Idirans with the impossible mission of recovering a missing Culture 'Mind,' an artificial intelligence many thousands of times smarter than any human -- something that could hold the key to wiping out the Culture altogether. What unfolds, with Banks' trademark irreverent humor, ultimately asks the poignant question of how we can use technology to preserve our humanity, not surrender it."
Communications

Researchers Develop Online Game That Teaches Players How To Spread Misinformation 144

An anonymous reader quotes a report from The Guardian: Cambridge researchers have built an online game, simply titled Bad News, in which players compete to become "a disinformation and fake news tycoon." By shedding light on the shady practices, they hope the game will "vaccinate" the public, and make people immune to the spread of untruths. Players of the fake news game must amass virtual Twitter followers by distorting the truth, planting falsehoods, dividing the united, and deflecting attention when rumbled. All the while, they must maintain credibility in the eyes of their audience. The game distills the art of undermining the truth into six key strategies. Once a player has demonstrated a knack for each, they are rewarded with a badge. In one round, players can opt to impersonate the president of the United States and fire off a tweet from a fake account. It declares war on North Korea complete with a #KimJongDone hashtag. At every step, players are asked if they are happy with their actions or feel, perhaps, the twinge of shame, an emotion that leads to the swift reminder that "if you want to become a master of disinformation, you've got to lose the goody two-shoes attitude." The work is due to be published in the Journal of Risk Research.
The Almighty Buck

Jeff Bezos Shares Video of 10,000-Year Clock Project (cnet.com) 269

An anonymous reader quotes a report from CNET: Amazon CEO Jeff Bezos shared a video on Tuesday of his latest project: a giant clock designed to keep time for 10,000 years. Buried deep in a west Texas mountain, the project is in partnership with San Francisco-based group The Long Now Foundation, which grew out of an idea for a 10,000 year clock that co-founder Danny Hillis proposed back in the '90s. Now, the 500-foot tall mechanical wonder is finally undergoing installation. Bezos is fronting the cash for the $42 million project, saying on the project's website that the clock is "designed to be a symbol, an icon for long-term thinking." The clock is powered by a large weight hanging on a gear, built out of materials durable enough to keep time for 10 millennia. Bezos isn't the only noteworthy name on the clock project. Musician Brian Eno and writers Kevin Kelly and Stewart Brand are also involved in the clock's construction. The team has spent the last few years creating parts for the clock and drilling through the mountain to store the pieces. You can read Bezos's account of that and view photos of the progress here.
Facebook

Why Decentralization Matters (medium.com) 93

Chris Dixon has an essay about the long-term promise of blockchain-based networks to upend web-based businesses such as Facebook and Twitter. He writes: When they hit the top of the S-curve, their relationships with network participants change from positive-sum to zero-sum. The easiest way to continue growing lies in extracting data from users and competing with complements over audiences and profits. Historical examples of this are Microsoft vs Netscape, Google vs Yelp, Facebook vs Zynga, and Twitter vs its 3rd-party clients. Operating systems like iOS and Android have behaved better, although still take a healthy 30% tax, reject apps for seemingly arbitrary reasons, and subsume the functionality of 3rd-party apps at will. For 3rd parties, this transition from cooperation to competition feels like a bait-and-switch. Over time, the best entrepreneurs, developers, and investors have become wary of building on top of centralized platforms. We now have decades of evidence that doing so will end in disappointment. In addition, users give up privacy, control of their data, and become vulnerable to security breaches. These problems with centralized platforms will likely become even more pronounced in the future.
Nintendo

Enthusiasts have Turned the Nintendo Switch into a Functional Linux Tablet (theverge.com) 96

An anonymous reader shares a report: A couple of weeks ago, the fail0verflow hacking collective showed a still image on Twitter of a Nintendo Switch booting Linux. They're one of a small handful of hacker teams who are teasing exploits of the Nvidia Tegra hardware inside the Switch. But now fail0verflow has video of a full-on Linux distro running on the hacked Switch, complete with touchscreen support, a fully operational web browser, and even a GPU-powered demo application. On Twitter, fail0verflow claims the bug they're exploiting to sidestep the Switch's security can't be patched on currently released hardware, and doesn't require a modchip. But as for now there aren't any details on how to do this yourself at home.
IOS

Apple Updates All of Its Operating Systems To Fix App-crashing Bug (engadget.com) 70

It took a few days, but Apple already has a fix out for a bug that caused crashes on each of its platforms. From a report: The company pushed new versions of iOS, macOS and watchOS to fix the issue, which was caused when someone pasted in or received a single Indian-language character in select communications apps -- most notably in iMessages, Safari and the app store. Using a specific character in the Telugu language native to India was enough to crash a variety of chat apps, including iMessage, WhatsApp, Twitter, Facebook Messenger, Gmail and Outlook, though Telegram and Skype were seemingly immune.
Desktops (Apple)

Twitter Kills Its Mac App (betanews.com) 52

BrianFagioli writes: Twitter has announced that it is killing its Mac app. Without warning, the company pulled the app from the Mac App Store and issued the following tweet. "We're focusing our efforts on a great Twitter experience that's consistent across platforms. So, starting today the Twitter for Mac app will no longer be available for download, and in 30 days will no longer be supported.
Twitter

NBC Publishes 200,000 Tweets Tied To Russian Trolls 269

An anonymous reader quotes a report from NBC News: NBC News is publishing its database of more than 200,000 tweets that Twitter has tied to "malicious activity" from Russia-linked accounts during the 2016 U.S. presidential election. These accounts, working in concert as part of large networks, pushed hundreds of thousands of inflammatory tweets, from fictitious tales of Democrats practicing witchcraft to hardline posts from users masquerading as Black Lives Matter activists. Investigators have traced the accounts to a Kremlin-linked propaganda outfit founded in 2013 known as the Internet Research Association (IRA). The organization has been assessed by the U.S. Intelligence Community to be part of a Russian state-run effort to influence the outcome of the 2016 U.S. presidential race. And they're not done. At the request of NBC News, three sources familiar with Twitter's data systems cross-referenced the partial list of names released by Congress to create a partial database of tweets that could be recovered. You can download the streamlined spreadsheet (29 mb) with just usernames, tweet and timestamps, view the full data for ten influential accounts via Google Sheets, download tweets.csv (50 mb) and users.csv with full underlying data, and/or explore a graph database in Neo4j, whose software powered the Panama Papers and Paradise Papers investigations.

NBC News' partners at Neo4j have put together a "get started" guide to help you explore the database of Russian tweets. "To recreate a link to an individual tweet found in the spreadsheet, replace 'user_key' in https://twitter.com/user_key/status/tweet_id with the screenname from the 'user_key' field and 'tweet_id' with the number in the 'tweet_id' field," reports NBC News. "Following the links will lead to a suspended page on Twitter. But some copies of the tweets as they originally appeared, including images, can be found by entering the links on webcaches like the Internet Archive's Wayback Machine and archive.is."
Social Networks

US Charges Russian Social Media Trolls Over Election Tampering (cnet.com) 502

The US Justice Department has filed charges against 13 Russian nationals and three Russian groups for interfering with the 2016 presidential election. From a report: In an indictment [PDF] released on Friday, the Justice Department called out the Internet Research Agency, a notorious group behind the Russian propaganda effort across social media. Employees for the agency created troll accounts and used bots to prop up arguments and sow political chaos during the 2016 presidential campaign. Facebook, Twitter and Google have struggled to deal with fake news, trolling campaigns and bots on their platforms, facing the scorn of Capitol Hill over their mishandlings. The indictment lists 13 Russian nationals tied to the effort.
Twitter

Federal Judge Says Embedding a Tweet Can Be Copyright Infringement (eff.org) 149

An anonymous reader quotes a report from the Electronic Frontier Foundation: Rejecting years of settled precedent, a federal court in New York has ruled [PDF] that you could infringe copyright simply by embedding a tweet in a web page. Even worse, the logic of the ruling applies to all in-line linking, not just embedding tweets. If adopted by other courts, this legally and technically misguided decision would threaten millions of ordinary Internet users with infringement liability.

This case began when Justin Goldman accused online publications, including Breitbart, Time, Yahoo, Vox Media, and the Boston Globe, of copyright infringement for publishing articles that linked to a photo of NFL star Tom Brady. Goldman took the photo, someone else tweeted it, and the news organizations embedded a link to the tweet in their coverage (the photo was newsworthy because it showed Brady in the Hamptons while the Celtics were trying to recruit Kevin Durant). Goldman said those stories infringe his copyright.
"[W]hen defendants caused the embedded Tweets to appear on their websites, their actions violated plaintiff's exclusive display right; the fact that the image was hosted on a server owned and operated by an unrelated third party (Twitter) does not shield them from this result," Judge Katherine Forrest said.
Media

FCC Chairman Ajit Pai Is Under Investigation Over $3.9 Billion Media Deal 145

According to a report in The New York Times (Warning: source may be paywalled), Ajit Pai and the FCC approved a set of rules in 2017 to allow television broadcasters to increase the number of stations they own. Weeks after the rules were approved, Sinclair Broadcasting announced a $3.9 billion deal to buy Tribune Media. PC Gamer reports: The deal was made possible by the new set of rules, which subsequently raised some eyebrows. Notably, the FCC's inspector general is reportedly investigating if Pai and his aides abused their position by pushing for the rule changes that would make the deal possible, and timing them to benefit Sinclair. The extent of the investigation is not clear, nor is how long it will take. However, it does bring up the question of whether Pai had coordinated with Sinclair, and it could force him to publicly address the topic, which he hasn't really done up to this point.

Legislators first pushed for an investigation into this matter last November. At the time, a spokesman for the FCC representing Pai called the allegations "baseless" and alluded to it being a partisan play by those who oppose the chairman. "For many years, Chairman Pai has called on the FCC to update its media ownership regulations," the FCC spokesman said. "The chairman is sticking to his long-held views, and given the strong case for modernizing these rules, it's not surprising that those who disagree with him would prefer to do whatever they can to distract from the merits of his proposals."
Twitter

Pro-Gun Russian Bots Flood Twitter After Parkland Shooting (wired.com) 703

An anonymous reader quotes a report from Wired: In the wake of Wednesday's Parkland, Florida school shooting, which resulted in 17 deaths, troll and bot-tracking sites reported an immediate uptick in related tweets from political propaganda bots and Russia-linked Twitter accounts. Hamilton 68, a website created by Alliance for Securing Democracy, tracks Twitter activity from accounts it has identified as linked to Russian influence campaigns. On RoBhat Labs' Botcheck.me, a website created by two Berkeley students to track 1500 political propaganda bots, all of the top two-word phrases used in the last 24 hours -- excluding President Trump's name -- are related to the tragedy: School shooting, gun control, high school, Florida school. The top hashtags from the last 24 hours include Parkland, guncontrol, and guncontrolnow.

While RoBhat Labs tracks general political bots, Hamilton 68 focuses specifically on those linked to the Russian government. According to the group's data, the top link shared by Russia-linked accounts in the last 48 hours is a 2014 Politifact article that looks critically at a statistic cited by pro-gun control group Everytown for Gun Safety. Twitter accounts tracked by the group have used the old link to try to debunk today's stats about the frequency of school shootings. Another top link shared by the network covers the "deranged" Instagram account of the shooter, showing images of him holding guns and knives, wearing army hats, and a screenshot of a Google search of the phrase "Allahu Akbar." Characterizing shooters as deranged lone wolves with potential terrorist connections is a popular strategy of pro-gun groups because of the implication that new gun laws could not have prevented their actions. Meanwhile, some accounts with large bot followings are already spreading misinformation about the shooter's ties to far-left group Antifa, even though the Associated Press reported that he was a member of a local white nationalist group. The Twitter account Education4Libs, which RoBhat Labs shows is one among the top accounts tweeted at by bots, is among the prominent disseminators of that idea.

Businesses

Coinbase is Erratically Overcharging Some Users and Emptying Their Bank Accounts 143

A growing number of Coinbase customers are complaining that the cryptocurrency exchange withdrew unauthorized money out of their accounts. From a report: In some cases, this drained their linked bank accounts below zero, resulting in overdraft charges. In a typical anecdote posted on Reddit, one user said they purchased Bitcoin, Ether, and Litecoin for a total of $300 on February 9th. A few days later, the transactions repeated five times for a total of $1,500, even though the user had not made any more purchases. That was enough to clear out this user's bank account, they said, resulting in fees. [...] Coinbase representatives have been responding to similar complaints on Reddit for about two weeks, but the volume of complaints seems to have spiked over the last 24 hours. Similar complaints have popped up on forums and Twitter.
Facebook

Facebook Is Spamming Users Via Their 2FA Phone Numbers (mashable.com) 119

According to Mashable, Facebook account holder Gabriel Lewis tweeted that Facebook texted "spam" to the phone number he submitted for the purposes of 2-factor authentication. Lewis insists that he did not have mobile notifications turned on, and when he replied "stop" and "DO NOT TEXT ME," he says those messages showed up on his Facebook wall. From the report: Lewis explained his version of the story to Mashable via Twitter direct message. "[Recently] I decided to sign up for 2FA on all of my accounts including FaceBook, shortly afterwards they started sending me notifications from the same phone number. I never signed up for it and I don't even have the FB app on my phone." Lewis further explained that he can go "for months" without signing into Facebook, which suggests the possibility that Mark Zuckerberg's creation was feeling a little neglected and trying to get him back. According to Lewis, he signed up for 2FA on Dec. 17 and the alleged spamming began on Jan. 5. Importantly, Lewis isn't the only person who claims this happened to him. One Facebook user says he accidentally told "friends and family to go [to] hell" when he "replied to the spam."
IOS

Apple's Software 'Problem' and 'Fixing' It (learningbyshipping.com) 99

According to media reports, Apple is planning to postpone some new features for iOS and macOS this year to focus on improving reliability, stability and performance of the existing versions. Steven Sinofsky, a former President of the Windows Division, shared his insights into the significance of this development: Several important points are conflated in the broad discussion about Apple and software: Quality, pace of change, features "versus" quality, and innovation. Scanning the landscape, it is important to recognize that in total the work Apple has been doing across hardware, software, services, and even AI/ML, in total -- is breathtaking and unprecedented in scope, scale, and quality. Few companies have done so much for so long with such a high level of consistency. This all goes back to the bet on the NeXT code base and move to Intel for Mac OS plus the iPod, which began the journey to where we are today.

[...] What is lost in all of this recent discussion is the nuance between features, schedule, and quality. It is like having a discussion with a financial advisor over income, risk, and growth. You don't just show up and say you want all three and get a "sure." On the other hand, this is precisely what Apple did so reliably over 20 years. But behind the scenes there is a constant discussion over balancing these three legs of the tripod. You have to have all of them but you "can't" but you have to. This is why they get paid big $.

[...] A massive project like an OS (+h/w +cloud) is like a large investment portfolio and some things will work (in market) and others won't, some things are designed to return right away, some are safe bets, some are long term investments. And some mistakes... Customers don't care about any of that and that's ok. They just look for what they care about. Each evaluates through their own lens. Apple's brilliance is in focusing mostly on two audiences -- Send-users and developers -- tending to de-emphasize the whole "techie" crowd, even IT. When you look at a feature like FaceID and trace it backwards all the way to keychain -- see how much long term thought can go into a feature and how much good work can go unnoticed (or even "fail") for years before surfacing as a big advantage. That's a long term POV AND focus. This approach is rather unique compared to other tech companies that tend to develop new things almost independent of everything else. So new things show up and look bolted on the side of what already exists. (Sure Apple can do that to, but not usually). All the while while things are being built the team is just a dev team and trying to come up with a reliable schedule and fix bug. This is just software development.

Space

SpaceX's Falcon Heavy Center Booster Lacked Ignition Fluid To Light Engines and Land On Platform (latimes.com) 171

An anonymous reader quotes a report from Los Angeles Times: The center core booster of SpaceX's Falcon Heavy didn't land on a floating sea platform as intended during last week's first test flight because it ran out of ignition fluid, company Chief Executive Elon Musk said Monday. Musk took to Twitter on Monday morning to give a few more updates on the Falcon Heavy's first flight. After liftoff, the rocket's two side boosters touched down simultaneously on land, eliciting cheers and applause from the crowd of SpaceX employees gathered in the company's Hawthorne headquarters, as seen on the launch livestream. Those two boosters, which were used in previous launches of SpaceX's workhorse Falcon 9 rocket, will not be reused again, Musk said in a post-launch news conference last week. But the center core booster ended up hitting the Atlantic Ocean at 300 mph and about 328 feet from the floating platform where it was supposed to land. Musk said Monday that there wasn't enough ignition fluid to light the outer two engines of the booster "after several three engine relights."

Slashdot Top Deals