Advertising

Advertising Companies Accused of Deliberately Slowing Page-load Times For Profit 206 206

An anonymous reader writes: An industry insider has told Business Insider of his conviction that ad-serving companies deliberately prolong the 'auctioning' process for ad spots when a web-page loads. They do this to maximize revenue by allowing automated 'late-comers' to participate beyond the 100ms limit placed on the decision-making process. The unnamed source, a principal engineer at a global news company (whose identity and credentials were confirmed by Business Insider), concluded with the comment: "My entire team of devs and testers mostly used Adblock when developing sites, just because it was so painful otherwise." Publishers use 'daisy-chaining' to solicit bids from the most profitable placement providers down to the 'B-list' placements, and the longer the process is run, the more likely that the web-page will be shown with profitable advertising in place.
Chrome

Chrome Extension Thwarts User Profiling Based On Typing Behavior 60 60

An anonymous reader writes: Per Thorsheim, the founder of PasswordsCon, created and trained a biometric profile of his keystroke dynamics using the Tor browser at a demo site. He then switched over to Google Chrome and not using the Tor network, and the demo site correctly identified him when logging in and completing a demo financial transaction. Infosec consultant Paul Moore came up with a working solution to thwart this type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM. A Firefox version of the plugin is in the works.
Businesses

LinkedIn (Temporarily) Backs Down After Uproar At Contact Export Removal 42 42

Mark Wilson writes: LinkedIn caused a storm a couple of days ago when it removed the option to instantly download contacts. Many users of the professional social network were more than a little irked to discover that while contact exporting was still available, a wait of up to three days had been put in place. Unsurprisingly, users revolted, having been particularly upset by the fact the change was implemented with no warning or announcement. But the company has managed to turn things around by quickly backtracking on its decision after listening to a stream of complaints on Twitter.
ch

Swiss Researchers Describe a Faster, More Secure Tor 59 59

An anonymous reader writes: Researchers from the Swiss Federal Institute of Technology and University College London published a paper this week describing a faster and more secure version of Tor called HORNET. On one hand, the new onion routing network can purportedly achieve speeds of up to 93 gigabits per second and "be scaled to support large numbers of users with minimal overhead". On the other hand, researchers cannot claim to be immune to "confirmation attacks" known to be implemented on Tor, but they point out that, given how HORNET works, perpetrators of such attacks would have to control significantly more ISPs across multiple geopolitical boundaries and probably sacrifice the secrecy of their operations in order to successfully deploy such attacks on HORNET.
AT&T

FCC Approves AT&T's DirecTV Purchase 100 100

An anonymous reader writes: The U.S. Federal Communications Commission has granted approval to AT&T to purchase DirecTV for $48.5 billion. AT&T will become the largest provider of cable or satellite TV in the U.S., with 26.4 million subscribers. "Adding TV customers gives AT&T more power to negotiate with big media companies over prices for those channels. The deal also combines a nationwide satellite TV service, the country's largest, with the No. 2 nationwide wireless network as time spent on mobile devices increases." The FCC did put conditions on the deal: AT&T must make fiber internet service available to 12.5 million people, offer cheaper internet plans to low-income customers, and not mess with the internet traffic of online video competitors.
Security

Remote Control of a Car, With No Phone Or Network Connection Required 158 158

Albanach writes: Following on from this week's Wired report showing the remote control of a Jeep using a cell phone, security researchers claim to have achieved a similar result using just the car radio. Using off the shelf components to create a fake radio station, the researchers sent signals using the DAB digital radio standard used in Europe and the Asia Pacific region. After taking control of the car's entertainment system it was possible to gain control of vital car systems such as the brakes. In the wild, such an exploit could allow widespread simultaneous deployment of a hack affecting huge numbers of vehicles.
Google

Google Staffers Share Salary Info With Each Other; Management Freaks 428 428

Nerval's Lobster writes: Imagine a couple of employees at your company create a spreadsheet that lists their salaries. They place the spreadsheet on an internal network, where other employees soon add their own financial information. Within a day, the project has caught on like wildfire, with people not only listing their salaries but also their bonuses and other compensation-related info. While that might sound a little far-fetched, that's exactly the scenario that recently played out at Google, according to an employee, Erica Baker, who detailed the whole incident on Twitter. While management frowned upon employees sharing salary data, she wrote, "the world didn't end everything didn't go up in flames because salaries got shared." For years, employees and employers have debated the merits (and drawbacks) of revealing salaries. While most workplaces keep employee pay a tightly guarded secret, others have begun fiddling with varying degrees of transparency, taking inspiration from studies that have shown a higher degree of salary-related openness translates into happier workers. (Other studies (PDF) haven't suggested the same effect.) Baker claims the spreadsheet compelled more Google employees to ask and receive "equitable pay based on data in the sheet."
Open Source

Video Meet OpenDaylight Project Executive Director Neela Jacques (Video) 14 14

The OpenDaylight Project works on Software Defined Networking. Their website says, "Software Defined Networking (SDN) separates the control plane from the data plane within the network, allowing the intelligence and state of the network to be managed centrally while abstracting the complexity of the underlying physical network." Another quote: it's the "largest software-defined networking Open Source project to date." The project started in 2013. It now has an impressive group of corporate networking heavyweights as sponsors and about 460 developers working on it. Their latest release, Lithium, came out earlier this month, and development efforts are accelerating, not slowing down, because as cloud use becomes more prevalent, so does SDN, which is an obvious "hand-in-glove" fit for virtualized computing.

Today's interview is with OpenDaylight Project Executive Director Nicolas "Neela" Jacques, who has held this position since the project was not much more than a gleam in (parent) Linux Foundation's eye. This is one of the more important Linux Foundation collaborative software projects, even if it's not as well known to the public as some of the foundation's other efforts, including -- of course -- GNU/Linux itself.
Facebook

New Facebook Video Controls Let You Limit Viewing By Gender and Age 90 90

Mark Wilson writes: Videos on Facebook are big business. As well as drugged up post-dentist footage, there is also huge advertising potential. Now Facebook has announced a new set of options for video publishers — including the ability to limit who is able to see videos based on their age and gender. A social network might not be the first place you would think of to try to keep something private, but a new 'secret video' option makes it possible to restrict access to those people who have a direct link. Other new options include the ability to prevent embedding on other sites, but it is the audience restriction settings that are particularly interesting. For a long time Facebook has been about reaching out to as many people as possible in one hit — particularly in the case of pages, which are likely to be used for the promotion of businesses and services. But now the social giant provides tools to limit one's audience. It's fairly easy to understand the reasons for implementing age restrictions on video (although there is obviously scope for abuse), but the reasons for gender-based restrictions are less clear.
Google

Google+ Photos To Shut Down August 1 152 152

An anonymous reader writes: Now that Google Photos exists separately from Google+, the company is shutting down the Google+ version of Photos starting on August 1. The Android version will be the first to go, followed shortly thereafter by the iOS and web versions. Fortune calls the old Photos app "a relic of the times when the search giant thought its social network Google Plus could become a huge hit."
Transportation

U. Michigan Opens a Test City For Driverless Cars 76 76

An anonymous reader writes: The University of Michigan has opened Mcity, the world's first controlled environment specifically designed to test the potential of connected and automated vehicle technologies that will lead the way to mass-market driverless cars. Mcity is a 32-acre simulated urban and suburban environment that includes a network of roads with intersections, traffic signs and signals, streetlights, building facades, sidewalks and construction obstacles. The types of technologies that will be tested at the facility include connected technologies – vehicles talking to other vehicles or to the infrastructure, commonly known as V2V or V2I – and various levels of automation all the way up to fully autonomous, or driverless vehicles.
Transportation

Remote Exploit On a Production Chrysler To Be Presented At BlackHat 173 173

Matt_Bennett writes: A scary remote exploit is going to be published that enables someone connected to the the same wireless (mobile data) network to take over many [automobile] systems, including braking. This is an exploit in Chrysler's Uconnect system. Charlie Miller and Chris Valasek also demonstrated exploits in 2013 that could be done via a direct connection to the system, but this is vastly expanded in scope. The pair convinced Wired writer Andy Greenberg to drive around near St. Louis while they picked apart the car's systems from 10 miles away, killing the radio controls before moving on to things like the transmission.
The Internet

Internet Dating Scams Target Older American Women 176 176

HughPickens.com writes: The NYT reports: "Janet N. Cook, a church secretary in Virginia, had been a widow for a decade when she joined an Internet dating site and was quickly overcome by a rush of emails, phone calls and plans for a face-to-face visit. "I'm not stupid, but I was totally naïve," says Cook, now 76, who was swept off her feet by a man who called himself Kelvin Wells and described himself as a middle-aged German businessman looking for someone "confident" and "outspoken" to travel with him to places like Italy, his "dream destination." But very soon he began describing various troubles, including being hospitalized in Ghana, where he had gone on business, and asked Cook to bail him out. In all, she sent him nearly $300,000, as he apparently followed a well-honed script that online criminals use to bilk members of dating sites out of tens of millions of dollars a year."

According to the Times internet scammers are targeting women in their 50s and 60s, often retired and living alone, who say that the email and phone wooing forms a bond that may not be physical but that is intense and enveloping. Between July 1 and Dec. 31, 2014, nearly 6,000 people registered complaints of such confidence fraud with losses of $82.3 million, according to the federal Internet Crime Complaint Center. Older people are ideal targets because they often have accumulated savings over a lifetime, own their homes and are susceptible to being deceived by someone intent on fraud. The digital version of the romance con is now sufficiently widespread that AARP's Fraud Watch Network has urged online dating sites to institute more safeguards to protect against such fraud. The AARP network recommends that dating site members use Google's "search by image" to see if the suitor's picture appears on other sites with different names. If an email from "a potential suitor seems suspicious, cut and paste it into Google and see if the words pop up on any romance scam sites," the network advised. The website romancescams.org lists red flags to look for to identify such predators, who urgently appeal to victims for money to cover financial setbacks like unexpected fines, money lost to robbery or unpaid wages. Most victims say they are embarrassed to admit what happened, and they fear that revealing it will bring derision from their family and friends, who will question their judgment and even their ability to handle their own financial affairs."It makes me sound so stupid, but he would be calling me in the evening and at night. It felt so real. We had plans to go to the Bahamas and to Bermuda together," says Louise Brown. "When I found out it was a scam, I felt so betrayed. I kept it secret from my family for two years, but it's an awful thing to carry around. But later I sent him a message and said I forgave him."
Businesses

Netflix Hoping For Free Network Access From ISPs 85 85

sabri writes: Netflix soared on Wall Street today after their earnings announcement. They also stated that they hope to get more free network access arrangements (aka "free peering"). Fortune reports: "Netflix hopes the Charter peering pledge could serve not only its own interests, but establish an industry-wide practice for internet TV. Hastings said he hopes free peering will spare the emerging industry from the sort of battles that continue to plague the cable TV industry industry, in which stations go dark whenever distributor and content owner haggle over a 'retransmission' price."
Privacy

Anonymizing Wi-Fi Device Project Unexpectedly Halted 138 138

An anonymous reader notes that a project to develop an anonymizing Wi-Fi device has been canceled under mysterious circumstances. The device, called Proxyham, was unveiled a couple weeks ago by Rhino Security Labs. They said it would use low-frequency radio channels to connect a computer to public Wi-Fi hotspots up to 2.5 miles away, thus obscuring a user's actual location. But a few days ago the company announced it would be halting development and canceling a talk about it at Def Con, which would have been followed with a release of schematics and source code. They apologized, but appear to be unable to say anything further.

"In fact, all [the speaker] can say is that the talk is canceled, the ProxyHam source code and documentation will never be made public, and the ProxyHam units developed for Las Vegas have been destroyed. The banner at the top of the Rhino Security website promoting ProxyHam has gone away too. It's almost as if someone were trying to pretend the tool never existed." The CSO article speculates that a government agency killed the project and issued a gag order about it. A post at Hackaday calls this idea absurd and discusses the hardware needed to build a Proxyham. They say using it would be "a violation of the Computer Fraud & Abuse Act, and using encryption over radio violates FCC regulations. That’s illegal, it will get you a few federal charges — but so will blowing up a mailbox with some firecrackers." They add, "What you’re seeing is just the annual network security circus and it’s nothing but a show."
Networking

Ask Slashdot: VPN Solution To Connect Mixed-Environment Households? 173 173

New submitter RavenLrD20k writes: I am a programmer by trade with a significant amount of training as a Network Administrator (AAS in Computer Networking). I have no problem with how to build three or four separate networks in each location and make them route over the internet. My weakness is in trying to setup a VPN for a secured two-way connection between location A and location B, both mixed OS environments, with the requirement that all of the internet traffic on B gets routed through A first. I've already looked at some boxed solutions, such as LogMeIn Hamachi, but there hasn't been much in the way of mixed environment support. This is a complicated one, so keep reading for more on what RavenLrD20k is trying to accomplish.
United Kingdom

Man Arrested After Charging iPhone On London Overground Train 674 674

An anonymous reader writes: 45-year-old Robin Lee was arrested after he used a socket on a London Overground train to charge up his iPhone. He was handcuffed and arrested for "abstracting electricity". Robin was then charged with "unacceptable behaviour" after "becoming aggressive" when objecting to his first arrest. The Guardian reports: "Speaking to the Evening Standard, Lee said he had been confronted by a police community support officer on the overground train from Hackney Wick to Camden Road on 10 July. The Overground is part of Transport For London’s wider network that also includes London Underground and the buses. 'She said I’m abstracting electricity. She kept saying it’s a crime. We were just coming into the station and there happened to be about four police officers on the platform. She called to them and said: ‘This guy’s been abstracting electricity, he needs to be arrested’.”
Programming

ELIoT, Distributed Programming For the Internet of Things 91 91

descubes writes: ELIoT (Extensible Language for the Internet of Things) is a new programming language designed to facilitate distributed programming. A code sample with less than 20 lines of code looks like a single program, but really runs on three different computers to collect temperature measurements and report when they differ. ELIoT transforms a simple sensor API into a rich, remotely-programmable API, giving your application the opportunity to optimize energy usage and minimize network traffic.

Using fewer resources than Bash, and capable of serving hundreds of clients easily on a Raspberry Pi, ELIoT transparently sends program fragments around, but also the data they need to function, e.g. variable values or function definitions. This is possible because, like in Lisp, programs are data. ELIoT has no keywords, and program constructs such as loops or if-then-else are defined in the library rather than in the language. This makes the language very flexible and extensible, so that you can adapt it to the needs of your application.

The project is still very young (published last week), and is looking for talented developers interested in distributed programming, programming languages or language design.
Patents

Google Applies For Patents That Touch On Fundamental AI Concepts 101 101

mikejuk writes: Google may have been wowing the web with its trippy images from neural networks but meanwhile it has just revealed that it has applied for at least six patents on fundamental neural network and AI [concepts]. This isn't good for academic research or for the development of AI by companies. The patents are on very specific things invented by Geoffrey Hinton's team like using drop out during training, or modifying data to provide additional training cases, but also include very general ideas such as classification itself. If Google was granted a patent on classification it would cover just about every method used for pattern recognition! You might make the charitable assumption that Google has just patented the ideas so that it can protect them — i.e. to stop other more evil companies from patenting them and extracting fees from open source implementations of machine learning libraries. Google has just started an AI arms race, and you can expect others to follow.