Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Facebook

Facebook Says Humans Won't Write Its Trending Topic Descriptions Anymore (recode.net) 52

Following a former Facebook journalist's report that the company's workers routinely suppressed news stories of interest to conservative readers from the social network's Trending Topics section, the company has been in damage control mode. First, the company announced it would tweak its Trending Topics section and revamp how editors find trending stories. Specifically, they will train the human editors who work on Facebook's trending section and abandon several automated tools it used to find and categorize trending news in the past. Most recently, Facebook added political scenarios to its orientation training following the concerns. Now, it appears that Facebook will "end its practice of writing editorial descriptions for topics, replacing them with snippets of text pulled from news stories." Kurt Wagner, writing for Recode: It's been more than three months since Gizmodo first published a story claiming Facebook's human editors were suppressing conservative news content on the site's Trending Topics section. Facebook vehemently denied the report, but has been dealing with the story's aftermath ever since. On Friday, Facebook announced another small but notable change to Trending Topics: Human editors will no longer write the short story descriptions that accompany a trending topic on the site. Instead, Facebook is going to use algorithms to "pull excerpts directly from stories." It is not, however, cutting out humans entirely. In fact, Facebook employees will still select which stories ultimately make it into the trending section. An algorithm will surface popular stories, but Facebook editors will weed out the inappropriate or fake ones. "There are still people involved in this process to ensure that the topics that appear in Trending remain high-quality," the company's blog reads.
Encryption

PSA: PlayStation Network Gets Two-Step Verification (arstechnica.com) 41

Consider this a public service announcement: Sony has (finally) added two-factor authentication to PlayStation Network accounts. If you're a PlayStation user and are reading this right now, you really should go set it up so that someone doesn't try to take over your account and steal your password. Ars Technica details how you can set up the new security features: "Turn on your PS4 and go to Settings -> PlayStation Network Account Management -> Account Information -> Security -> 2-Step Verification. You can also set it up through the web by logging into your PSN account on the web and going through the Security tab under the Account header. From there, on-screen instructions will walk you through the process of using a text message to confirm your mobile device as a secondary layer of security for your PSN account. Two-factor support is not available when logging on to older PlayStation systems, so Sony recommends you generate a 'device setup password' to help protect the PS3, Vita, or PSP." Two-factor authentication comes five years after hackers breached PSN's security and stole 77 million accounts.
Communications

FCC Proposes 5G Cybersecurity Requirements, Asks For Industry Advice (fedscoop.com) 29

Presto Vivace quotes a report from FedScoop: "Cybersecurity issues must be addressed during the design phase for the entire 5G ecosystem, including devices. This will place a premium on collaboration among all stakeholders," said FCC chairman Tom Wheeler during a National Press Club event on June 20. "We continue to prefer an approach that emphasizes that industry develop cybersecurity standards just as we have done in wired networks." The FCC published a request Wednesday for comment on a new set of proposed 5G rules to the Federal Register focused on adding specific "performance requirements" for developers of example internet-connected devices. If a company hopes to secure a license to access higher-frequency 5G spectrum in the future then they will need to adhere to these specific requirements -- in other words, compliance is non-negotiable. Notably, these FCC "performance requirements" now include the submission of a network security plan. The report adds: "A quick review of the FCC's proposed 5G cybersecurity plan shows a six category split, organized by a companies' security approach, coordination efforts, standards and best practices, participation with standards bodies, other security approaches and plans with information sharing organizations. Security plans must be submitted to the commission at least six months before a 5G-ready product enters the market, according to the notice."
Wireless Networking

Italy Quake Rescuers Ask Locals To Unlock Their Wi-Fi (bbc.com) 139

Rescue teams searching for earthquake survivors in central Italy have asked locals to unlock their Wifi passwords. The Italian Red Cross says residents' home networks can assist with communications during the search for survivors, reports BBC. From the report: On Wednesday a 6.2 magnitude earthquake struck central Italy and killed more than 240 people. More than 4,300 rescuers are looking for survivors believed to still be trapped in the rubble. On Twitter, the Italian Red Cross posted a step-by-step guide which explains how local residents can switch off their Wifi network encryption. Similar requests have been made by the National Geological Association and Lazio Region. A security expert has warned that removing encryption from a home Wifi network carries its own risks, but added that those concerns are trivial in the context of the rescue operation.
The Internet

MIT Scientists Develop New Wi-Fi That's 330% Faster (msn.com) 83

An anonymous reader quotes a report from MSN: Scientists at MIT claim to have created a new wireless technology that can triple Wi-Fi data speeds while also doubling the range of the signal. Dubbed MegaMIMO 2.0, the system will shortly enter commercialization and could ease the strain on our increasingly crowded wireless networks. Multiple-input-multiple-output technology, or MIMO, helps networked devices perform better by combining multiple transmitters and receivers that work simultaneously, allowing then to send and receive more than one data signal at the same time. MIT's MegaMIMO 2.0 works by allowing several routers to work in harmony, transmitting data over the same piece of spectrum. MIT claimed that during tests, MegaMIMO 2.0 was able to increase data transfer speed of four laptops connected to the same Wi-Fi network by 330 percent. Paper co-author Rahul said the technology could also be applied to mobile phone networks to solve similar congestion issues. "In today's wireless world, you can't solve spectrum crunch by throwing more transmitters at the problem, because they will all still be interfering with one another," Ezzeldin Hamed, lead author on a paper on the topic, told MIT News. "The answer is to have all those access points work with each other simultaneously to efficiently use the available spectrum."
The Internet

Singapore To Cut Off Public Servants From the Internet (theguardian.com) 58

Singapore is planning to cut off web access for public servants as a defence against potential cyber attack, Reuters reports. The local government's move has already been criticized by many, who say that it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation". From an article on The Guardian: Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say. Ben Desjardins, director of security solutions at network security firm Radware, called it "one of the more extreme measures I can recall by a large public organisation to combat cyber security risks." Stephen Dane, a Hong Kong-based managing director at networking company Cisco Systems, said it was "a most unusual situation" and Ramki Thurimella, chair of the computer science department at the University of Denver, called it both "unprecedented" and "a little excessive".
Android

Opera Brings Its Free VPN Service To Android (techcrunch.com) 26

Frederic Lardinois, writing for TechCrunch: Earlier this year, Opera launched its free and unlimited VPN service for iOS; today it is bringing the same functionality to Android. Like the iOS version, the Android app is based on Opera's acquisition of SurfEasy in 2015 and allows you to surf safely when you are on a public network. While Opera's marketing mostly focuses on safety, Opera VPN also allows you to appear as if you are in the U.S., Canada, Germany, Singapore and The Netherlands, so it's also a way to route around certain geo-restrictions without having to opt for a paid service. In addition to its VPN features, the service also allows you to block ad trackers. Somewhat ironically, though, the app itself will show you some pretty unintrusive ads. "The Opera VPN app for Android sets itself apart from other VPNs by offering a completely free service; without a data limit, no log-in required, advanced Wi-Fi protection features and no need for a subscription," says Chris Houston, the president of Opera's SurfEasy VPN division, in today's announcement.
AT&T

AT&T Says LTE Can Still Offer Speeds Up To 1 Gbps (dslreports.com) 50

An anonymous reader writes from a report via DSL Reports: ATT CTO Andre Fuetsch said at a telecom conference last week that the company's existing LTE network should be able to reach speeds of 1 Gbps before the standard ultimately gets overshadowed by faster 5G tech. The new 5G technology isn't expected to arrive until 2020 at the earliest, so LTE has a lot of time left as the predominant wireless connectivity. "There's a lot of focus on 5G -- but don't discount LTE," Fuetsch said. "LTE is still here. And LTE will be around for a long time. And LTE has also enormous potential in that, you'll be capable of supporting 1 gigabit speeds as well." 5G will help move past 1 Gbps speeds, while also providing significantly lower latency. "You'll see us sharing more about the trial activity we're doing," said Fuetsch. "Everything that's being [tested] right now is not standard, it's all sort of proprietary. But this is an important process to go through because this is how you learn and how it helps define standards."
IT

Activists Call For General Strike On the Tor Network (vice.com) 127

Reader derekmead writes: Some Tor users are very unhappy with the way the project has been run in recent months, and are calling for a blackout on September 1st. They are asking users to not use Tor, for developers to stop working on Tor, and for those who run parts of the network's infrastructure to shut it down. The disgruntled users feel that Tor can no longer be fully trusted after a brief hiring of an ex-CIA official and the internal sexual misconduct investigation against activist Jacob Appelbaum.
Government

Group Wants To Shut Down Tor For a Day On September 1 (softpedia.com) 228

An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here.
"The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."
Security

Software Exploits Aren't Needed To Hack Most Organizations (darkreading.com) 57

The five most common ways of hacking an organization all involve stolen credentials, "based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks," writes an anonymous Slashdot reader. In fact, 66% of the researchers' successful attacks involved cracking a weak domain user password. From an article on Dark Reading: Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation...

"If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?" says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks -- tactics that may not stop attackers from stealing credentials, but "building in the defenses so it's really not a big deal if they do"... [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization's entire computing environment, exfiltrating all documents along the way.

Similar results were reported in Verizon's 2016 Data Breach Investigations Report.
Twitter

Twitter Announces New Blocking and Filtering Features (wired.co.uk) 117

Twitter just began rolling out "new ways to control your experience," promising the two new features "will give you more control over what you see and who you interact with on Twitter." An anonymous Slashdot reader quotes a report from Wired UK: First up, notification settings will allow those using Twitter on the web or on desktop to limit the notifications they receive for @ mentions, RTs, and other interactions to just be from people they follow. The feature can be turned on through the notifications tab. Twitter is also expanding its quality filter -- also accessible through notifications. "When turned on, the filter can improve the quality of Tweets you see by using a variety of signals, such as account origin and behavior," the company's product manager Emil Leong said in a blog post.

In December 2015, the company changed its rules to explicitly ban "hateful conduct" for the first time, while back in February last year, Twitter's then-CEO Dick Costolo admitted the network needed to improve how it handled trolls and abuse. In a leaked memo he said: "I'm frankly ashamed of how poorly we've dealt with this issue during my tenure as CEO. It's absurd. There's no excuse for it. I take full responsibility for not being more aggressive on this front. It's nobody else's fault but mine, and it's embarrassing."

Meanwhile, the Twitter account of Wikipedia co-founder Jimmy Wales was hacked on Saturday.
Encryption

How SSL/TLS Encryption Hides Malware (cso.com.au) 87

Around 65% of the internet's one zettabyte of global traffic uses SSL/TLS encryption -- but Slashdot reader River Tam shares an article recalling last August when 910 million web browsers were potentially exposed to malware hidden in a Yahoo ad that was hidden from firewalls by SSL/TLS encryption: When victims don't have the right protection measures in place, attackers can cipher command and control communications and malicious code to evade intrusion prevention systems and anti-malware inspection systems. In effect, the SSL/TLS encryption serves as a tunnel to hide malware as it can pass through firewalls and into organizations' networks undetected if the right safeguards aren't in place. As SSL/TLS usage grows, the appeal of this threat vector for hackers too increases.

Companies can stop SSL/TLS attacks, however most don't have their existing security features properly enabled to do so. Legacy network security solutions typically don't have the features needed to inspect SSL/TLS-encrypted traffic. The ones that do, often suffer from such extreme performance issues when inspecting traffic, that most companies with legacy solutions abandon SSL/TLS inspection.

Crime

Want To Hunt Bank Robbers? There's an App For That, Says The FBI (networkworld.com) 67

Long-time Slashdot reader coondoggie quotes an article from Network World: The FBI today said it released a new application making it easier for the public -- as well as financial institutions, law enforcement agencies, and others -- to view photos and information about bank robberies in different geographic areas of the country.
The FBI's new "Bank Robbers" application runs on both Android and iOS, according to the article, "and lets users sort bank robberies by the date they occurred, the category they fall under (i.e., armed serial bank robber), the FBI field office working the case, or the state where the robbery occurred." The app ties into BankRobbers.fbi.gov, which overlays FBI information about bank robberies onto Google Maps.

The app's users "can also select push notifications to be informed when a bank robbery has taken place near their location," according to the FBI's site, which adds innocently that "If the location services on your device are enabled, you can view a map that shows the relevant bank robberies that took place in your geographic area..."
Network

Comcast Rolls Out $70-Per-Month Gigabit Internet Service In Chicago (pcmag.com) 93

An anonymous reader writes from a report via PC Magazine: Comcast is now offering Chicagoans gigabit internet speeds. PC Magazine reports: "Launched on Wednesday, the program uses DOCSIS 3.1 technology to deliver speeds up to 1Gbps over existing network infrastructure. DOCSIS 3.1 runs through standard cable connections already in place at your home or office. So Xfinity and Comcast Business Internet customers can simply sign up for a plan and plug in a new modem; no fiber installation required. The service, according to Comcast, allows you to download a 5GB HD movie in 40 seconds, a 60MB TV episode in four seconds, a 150MB music album in two seconds, or a 15GB video game in two minutes. Initial users have the choice of a promotional contract price of $70 per month for 36 months, or $139.95 per month (plus tax and fees) with no contract."
Botnet

'Smart' Electrical Socket Leaks Your Email Address, Can Launch DDoS Attacks (softpedia.com) 82

An anonymous reader writes from a report via Softpedia: There is an insecure IoT smart electrical socket on the market that leaks your Wi-Fi password, your email credentials (if configured), and is also poorly coded, allowing attackers to hijack the device via a simple command injection in the password field. Researchers say that because of the nature of the flaws, attackers can overwrite its firmware and add the device to a botnet, possibly using it for DDoS attacks, among other things. Bitdefender didn't reveal the device's manufacturer but said the vendor is working on a fix, which will be released in late Q3 2016. Problems with the device include a lack of encryption for device communications and the lack of any basic input sanitization for the password field. "Up until now most IoT vulnerabilities could be exploited only in the proximity of the smart home they were serving, however, this flaw allows hackers to control devices over the internet and bypass the limitations of the network address translation," says Alexandru Balan, Chief Security Researcher at Bitdefender. "This is a serious vulnerability, we could see botnets made up of these power outlets."
Facebook

Facebook Teams Up With Unity To Create a Gaming Platform To Rival Steam (betanews.com) 103

Facebook is now shifting its attention back to capturing the gaming market. The company said Thursday that it's working with game engine Unity to build a dedicated, downloadable desktop gaming platform. The social juggernaut added that it is also broadening the Facebook.com experience for gamers. BetaNews reports: Facebook is starting to take gaming far more seriously. Not content with funneling the likes of Candy Crush through its servers, the social network is now joining forces with the company behind the Unity game engine to create its own desktop gaming platform. The aim is to tap into not only the millions of gamers that are already on Facebook, but also to gather more from the PC-gaming community. It's a new venture that very clearly treads on the toes of Steam, and is likely to cause ripples in the gaming world. The scope of the work between Facebook and Unity Technologies is quite wide. It will bring together Unity's 2D, 3D, VR and AR development platform with Facebook's own game development tools. While Facebook is currently associated with very casual gaming, hooking up with an established serious player in the field means we're likely to see the social network appealing more to hardcore gamers.
Businesses

WSJ: Facebook's Point System Fails To Close Diversity Gap 414

theodp writes: Gizmodo and others are picking up on a Wall Street Journal story (Warning: may be paywalled) which reported that Facebook's failure to move the needle on diversity is all the more surprising because the social network awarded Facebook recruiters double points for a "diversity hire" -- a female, Black, or Hispanic engineer -- compared to the hire of a White or Asian male. Facebook declined to comment on whether this points-based system is still in effect. The WSJ also notes that Intel has paid its employees double referral bonuses for women, minorities, and veterans. The reward schemes evoke memories of gender-based (and later race-based) incentives offered for K-12 coding and STEM programs run by tech-backed Code.org (to which Facebook just pledged $15 million) and Google, which offered lower funding or no funding at all to teachers if participation by female students was deemed unacceptable to the sponsoring organizations. Facebook's efforts also seem consistent with the tech-backed Every Student Succeeds Act, which calls for increasing CS and STEM access to address a tech-declared national crisis, but only "for students through grade 12 who are members of groups underrepresented in such subject fields, such as female students, minority students, English learners, children with disabilities, and economically disadvantaged students." Hey, sometimes "every" doesn't mean "every!"
Intel

Intel's New Silicon Photonics Module For Data Centers Beams Info at 100Gbps Across 2km (zdnet.com) 31

An anonymous reader writes:Intel has announced it's launching silicon photonics, a product 16 years in the making, to enhance the use of optics for data center traffic management. It has a tremendous advantage over other silicon solutions, Intel executive vice president Diane Bryant said at the Intel Developer Forum in San Francisco. Intel is "the first to light up silicon," she said, integrating the laser light-emitting material onto silicon. It uses silicon lithography to align the laser with precision, she said, creating a cost advantage because it's automatically aligned. It has a performance advantage because of the precision of lithography. The module Intel is introducing delivers 100 gigabits per second. With network traffic in the data center doubling every 12 months, electrons running over copper cable just won't cut it, Bryant said. However, the cost of fiber optics is growing, positioning silicon photonics as the next solution.The company adds that the silicon photonics module can deliver the data across two kilometers.
Intel

Nvidia Calls Out Intel For Cheating In Xeon Phi vs GPU Benchmarks (arstechnica.com) 58

An anonymous reader writes: Nvidia has called out Intel for juicing its chip performance in specific benchmarks -- accusing Intel of publishing some incorrect "facts" about the performance of its long-overdue Knights Landing Xeon Phi cards. Nvidia's primary beef is with the following Intel slide, which was presented at a high performance computing conference (ISC 2016). Nvidia disputes Intel's claims that Xeon Phi provides "2.3x faster training" for neural networks and that it has "38 percent better scaling" across nodes. It looks like Intel opted for the classic using-an-old-version-of-some-benchmarking-software manoeuvre. Intel claimed that a Xeon Phi system is 2.3 times faster at training a neural network than a comparable Maxwell GPU system; Nvidia says that if Intel used an up-to-date version of the benchmark (Caffe AlexNet), the Maxwell system is actually 30 percent faster. And of course, Maxwell is Nvidia's last-gen part; the company says a comparable Pascal-based system would be 90 percent faster. On the 38-percent-better-scaling point, Nvidia says that Intel compared 32 of its new Xeon Phi servers against four-year-old Nvidia Kepler K20 servers being used in ORNL's Titan supercomputer. Nvidia states that modern GPUs, paired with a newer interconnect, scale "almost linearly up to 128 GPUs."

Slashdot Top Deals