Facebook Says It is Sorry For Suggesting Child Sex Videos in Search (cnet.com) 47

Facebook issued an apology on Friday after offensive terms appeared in the social network's search predictions late Thursday. From a report: When users typed "videos of" into the search bar, Facebook prompted them to search phrases including "videos of sexuals," "videos of girl sucking dick under water" and, perhaps most disturbingly, "video of little girl giving oral." Shocked users reported the problem on Twitter, posting screenshots of the search terms, which also included multiple suggestions relating to the school shooting in Florida last month. The social network appeared to have fixed the problem by Friday morning.
United States

Chinese Hackers Hit US Firms Linked To South China Sea Dispute (bloomberg.com) 52

Chinese hackers have launched a wave of attacks on mainly U.S. engineering and defense companies linked to the disputed South China Sea, the cybersecurity firm FireEye Inc. said. From a report: The suspected Chinese cyber-espionage group dubbed TEMP.Periscope appeared to be seeking information that would benefit the Chinese government, said FireEye, a U.S.-based provider network protection systems. The hackers have focused on U.S. maritime entities that were either linked to -- or have clients operating in -- the South China Sea, said Fred Plan, senior analyst at FireEye in Los Angeles.

"They are going after data that can be used strategically, so it is line with state espionage," said Plan, whose firm has tracked the group since 2013. "A private entity probably wouldn't benefit from the sort of data that is being stolen." The TEMP.Periscope hackers were seeking information in areas like radar range or how precisely a system in development could detect activity at sea, Plan said. The surge in attacks picked up pace last month and was ongoing.

The Internet

Bali Plans To Switch Off Internet Services For 24 Hours For New Year 'Quiet Reflection' (theguardian.com) 149

Internet service providers in Bali will be switching off mobile services this weekend for 24 hours to mark the Indonesian island's annual day of silence. "Nyepi, or New Year according to the ancient Balinese calendar, is a sacred day of reflection on the Hindu-majority island," reports The Guardian. "Even the international airport shuts down." From the report: This year authorities have called on telecommunications companies to unplug -- a request Bali says firms have promised to honor. "It was agreed that internet on mobile phones will be cut. All operators have agreed," Nyoman Sujaya, from the Bali communications ministry, told tirto.id. The plan, based on an appeal put forward by Balinese civil and religious groups, was announced following a meeting at the ministry in Jakarta. This is the first time internet services will be shut down in Bali for Nyepi, after the same request was denied last year. However, wifi connection will still be available at hotels and for strategic services such as security, aviation, hospitals and disaster agencies. Phone and SMS services will be operational, but the Indonesian Internet Service Provider Association is reviewing whether wifi at private residences will be temporarily cut.

Verizon Will Fix Broadband Networks, Landlines To Resolve Investigation (vice.com) 71

Joel Hruska reports via ExtremeTech: Verizon has reached an agreement with the Communications Workers of America and the New York State Public Service Commission to begin repairing infrastructure and restoring service across New York State. The agreement requires Verizon to extend broadband service to tens of thousands of New York State households and to begin repairing facilities it has previously neglected. As in Pennsylvania, Verizon has been neglecting its fixed wired infrastructure in its bid to first sabotage copper service, then force customers to adopt alternative solutions. It's also been mired in an ongoing lawsuit with the state of New York over its breach of a 2008 contract requiring it to provide fiber service within New York City.

This new agreement appears to settle these issues, provided it's followed. Under its terms, Verizon will extend fiber to 10,000 to 12,000 households not currently served by it in Long Island and Verizon's "Upstate Reporting Region" (these are Verizon-specific regions, not geographical areas, so "Long Island" may mean more than just the island). It will begin immediately replacing copper lines in certain specific NYC buildings with high failure rates and transitioning them to fiber optic cable, repairing operations within 50 upstate wireless centers with high failure rates, allow plant technicians to report plant failures and maintenance needs more accurately, and begin inspecting and replacing the batteries that provide critical connectivity in the event of a power outage when said batteries are deployed for specific customers (hospitals, police stations, and other emergency facilities). It will also begin removing so-called "double poles." A double pole is when an old telephone pole is stapled (metaphorically speaking) to a newer one. Some examples of a double pole from PA are shown below; Verizon has been hauled into court to force it to do its job in more than one state.


Bitcoin's Highly Anticipated 'Lightning Network' Goes Live (thehill.com) 128

Lightning Labs on Thursday announced the beta release of its highly-anticipated Lightning Network Daemon (LND), a developer-friendly software client used to access Bitcoin's Lightning Network, anonymous readers wrote, citing media reports. From a report: Bitcoin supporters believe that the network has the potential to help the cryptocurrency achieve mass adoption. Bitcoin has struggled in recent months with slow and high-fee transactions, which make it harder for bitcoin to achieve mainstream popularity. Lightning Labs, the company behind the network, also announced on Thursday that it has received investments from major financial technology players, including Square chief executive and Twitter co-founder Jack Dorsey and PayPal chief operating officer David Sacks.

Facebook Quietly Hid Webpages Bragging of Ability to Influence Elections (theintercept.com) 81

Sam Biddle, reporting for The Intercept: When Mark Zuckerberg was asked if Facebook had influenced the outcome of the 2016 presidential election, the founder and CEO dismissed the notion that the site even had such power as "crazy." It was a disingenuous remark. Facebook's website had an entire section devoted to touting the "success stories" of political campaigns that used the social network to influence electoral outcomes. That page, however, is now gone, even as the 2018 congressional primaries get underway.

In the wake of a public reckoning with Facebook's unparalleled ability to distribute information and global anxiety over election meddling, bragging about the company's ability to run highly effective influence campaigns probably doesn't look so great. Facebook's "success stories" page is a monument to the company's dominance of online advertising, providing examples from almost every imaginable industry of how use of the social network gave certain players an advantage. "Case studies like these inspire and motivate us," the page crows.


Larry Page's Flying Taxis, Now Exiting Stealth Mode (nytimes.com) 100

Google co-founder and Alphabet CEO Larry Page's autonomous flying taxi company Kitty Hawk on Tuesday unveiled its "fully electric, self-piloting flying taxi" called Cora. Since October, Cora has been seen moving through the skies over the South Island of New Zealand. It looks like a cross between a small plane and a drone, with a series of small rotor blades along each wing that allow it to take off like a helicopter and then fly like a plane. The New York Times reports: Now that project is about to go public: On Tuesday, Mr. Page's company and the prime minister of New Zealand, Jacinda Ardern, will announce they have reached an agreement to test Kitty Hawk's autonomous planes as part of an official certification process. The hope is that it will lead to a commercial network of flying taxis in New Zealand in as soon as three years. The move is a big step forward in the commercialization of this technology, which even the most optimistic prognosticators had recently bet would take another decade to achieve. The decision to embrace the commercial use of flying taxis offers New Zealand an opportunity to leapfrog many developed countries in this area, and perhaps give it a head start over Silicon Valley, where much of the most innovative work has been taking place.

US Navy Under Fire In Mass Software Piracy Lawsuit (torrentfreak.com) 121

An anonymous reader quotes a report from TorrentFreak: In 2011 and 2012, the U.S. Navy began using BS Contact Geo, a 3D virtual reality application developed by German company Bitmanagement. The Navy reportedly agreed to purchase licenses for use on 38 computers, but things began to escalate. While Bitmanagement was hopeful that it could sell additional licenses to the Navy, the software vendor soon discovered the U.S. Government had already installed it on 100,000 computers without extra compensation. In a Federal Claims Court complaint filed by Bitmanagement two years ago, that figure later increased to hundreds of thousands of computers. Because of the alleged infringement, Bitmanagement demanded damages totaling hundreds of millions of dollars. In the months that followed both parties conducted discovery and a few days ago the software company filed a motion for partial summary judgment, asking the court to rule that the U.S. Government is liable for copyright infringement. According to the software company, it's clear that the U.S. Government crossed a line. In its defense, the U.S. Government had argued that it bought concurrent-use licenses, which permitted the software to be installed across the Navy network. However, Bitmanagement argues that it is impossible as the reseller that sold the software was only authorized to sell PC licenses. In addition, the software company points out that the word "concurrent" doesn't appear in the contracts, nor was there any mention of mass installations. The full motion brings up a wide range of other arguments as well which, according to Bitmanagement, make it clear that the U.S. Government is liable for copyright infringement.

Tesla Raises Prices At Its Supercharger Stations 166

Tesla is increasing the cost of the paid Supercharger access, but a spokesperson for the company says that it "will never be a profit center." Electrek reports: When introducing the program, Tesla said that it aimed to still make the cost of Supercharging cheaper than gasoline and that it doesn't aim to make its Supercharger network a profit center. Instead, they want to use the money to keep growing the network which now consists of over 1,180 stations and close to 9,000 Superchargers. But this week, the rates were updated across the U.S. Some states saw massive increases of as much as 100 percent -- though most regions saw their rates increase by 20 to 40 percent. For example, Oregon saw an increase of $0.12 to $0.24 per kWh, while California, Tesla's biggest market in the U.S., got an increase from $0.20 to $0.26 kWh and New York's rate went from $0.19 to $0.24 per kWh. A spokesperson for Tesla said in a statement: "We occasionally adjust rates to reflect current local electricity and usage. The overriding principle is that Supercharging will always remain significantly cheaper than gasoline, as we only aim to recover a portion of our costs while setting up a fair system for everyone. This will never be a profit center for Tesla."

Elon Musk Changes 'Boring Company' Vision To Reward Cyclists and Pedestrians (techcrunch.com) 152

"Remember Elon Musk's plan to dig a massive web of traffic-beating tunnels underneath Los Angeles...?" asks CNN. "Now, that plan appears to be getting a huge makeover." An anonymous reader quotes TechCrunch: While it will still focus on digging tunnels to provide a network of underground tubes suitable for use by high-speed Hyperloop pods, the plan now is to use that Hyperloop to transport pedestrians and cyclists first, and then only later to work on moving cars around underground to bypass traffic. Musk shared the update via Twitter, noting that the idea would be to load customers onto cars roughly the size that a single parking space takes up currently, [thousands of which] would be dotted around an urban environment close to any destinations where someone might travel. The single-car station model would be designed to replace the current subway-style model, Musk said, where only a few small stations are very spread out... This is a big departure from the original vision, and it seems like one that might have evolved after Musk and his collaborators on the project spoke to urban planners and transit authorities.
"If someone can't afford a car, they should go first," Musk posted on Twitter, sharing a new conceptual video where an elevator lowers one of these pedestrian- and cyclist-focussed shuttle pods underground.

TechCrunch says this new vision "would be appealing both to urban officials looking to decrease congestion on downtown roads and discourage personal vehicle use, and to anyone hoping to increase access to affordable transit options."

FCC Accuses Stealthy Startup of Launching Rogue Satellites 128

Back in January, the FCC pulled permission from Silicon Valley startup Swarm Technologies to launch four satellites into space after what it says was an "apparent unauthorized launch." IEEE Spectrum reports that the unauthorized launch consisted of four experimental satellites that the FCC had decided were too small to be noticed in space -- and hence pose an unacceptable risk of collision -- but which the company may have launched anyway, using a rocket based in India. The federal regulator has since issued a letter to Swarm revoking its authorization for a follow-up mission to launch four new, larger versions of its "SpaceBee" satellites. From the report: Swarm was founded in 2016 by one engineer who developed a spacecraft concept for Google and another who sold his previous company to Apple. The SpaceBees were built as technology demonstrators for a new space-based Internet of Things communications network. Swarm believes its network could enable satellite communications for orders of magnitude less cost than existing options. It envisages the worldwide tracking of ships and cars, new agricultural technologies, and low cost connectivity for humanitarian efforts anywhere in the world. The four SpaceBees would be the first practical demonstration of Swarm's prototype hardware and cutting-edge algorithms, swapping data with ground stations for up to eight years.
The FCC told the startup that the agency would assess "the impact of the applicant's apparent unauthorized launch and operation of four satellites... on its qualifications to be a Commission licensee." If Swarm cannot convince the FCC otherwise, the startup could lose permission to build its revolutionary network before the wider world even knows the company exists. An unauthorized launch would also call into question the ability of secondary satellite "ride-share" companies and foreign launch providers to comply with U.S. space regulations.

YouTube Is Full of Easy-To-Find Neo-Nazi Propaganda (vice.com) 373

An anonymous reader quotes an exclusive report from Motherboard: Through a software-aided investigation, Motherboard has found that while YouTube has managed to clamp down on Islamic extremists uploading propaganda, the video giant is still awash with videos supporting violent and established neo-Nazi organizations, even when, in some cases, users have reported the offending videos. Clips of neo-Nazi propaganda operations, hate-filled speeches, and extremists pushing for direct action have remained on the site for weeks, months, or years at a time. Arguably, many if not all of these videos may fall under YouTube's own policy on hate speech, which "refers to content that promotes violence against or has the primary purpose of inciting hatred against individuals or groups based on certain attributes," including race or ethnic origin, religion, and sexual orientation, according to the policy.

Motherboard built a tool to monitor YouTube and make a record of when the platform removed certain videos, and limited the clips to propaganda for established neo-Nazi and far-right terrorist organizations like Atomwaffen, rather than people in the so-called "alt-right." Most of the videos were discovered through simple YouTube searches of relevant organizations' names, or sometimes through the "recommended videos" sidebar after Motherboard had built up a browsing history of neo-Nazi material. For the sake of comparison, over a week-long period Motherboard also tracked pro-ISIS videos uploaded by the group's supporters and then distributed through a network of Telegram channels. Typically, YouTube removed these Islamic extremism videos in a matter of hours, including those that did not contain images of violence, but were instead speeches or other not directly violent content. But YouTube is playing catch up with neo-Nazi material. YouTube removed only two videos that Motherboard was monitoring: two identical clips of a speech from UK terrorist organization National Action.


Downloads of Popular Apps Were Silently Swapped For Spyware in Turkey: Citizen Lab (www.cbc.ca) 29

Matthew Braga, reporting for CBC: Since last fall, Turkish internet users attempting to download one of a handful of popular apps may have been the unwitting targets of a wide-reaching computer surveillance campaign. And in Egypt, users across the country have, seemingly at random, had their browsing activity mysteriously redirected to online money-making schemes. Internet filtering equipment sold by technology company Sandvine -- founded in Waterloo, Ont. -- is believed to have played a significant part in both.

That's according to new research from the University of Toronto's Citizen Lab, which has examined misuse of similar equipment from other companies in the past. The researchers say it's likely that Sandvine devices are not only being used to block the websites of news, political and human rights organizations, but are also surreptitiously redirecting users toward spyware and unwanted ads. Using network-filtering devices to sneak spyware onto targets' computers "has long been the stuff of legends" according to the report -- a practice previously documented in leaked NSA documents and spyware company brochures, the researchers say, but never before publicly observed.
Citizen Lab notes that targeted users in Turkey and Syria who attempted to download Windows applications from official vendor websites including Avast Antivirus, CCleaner, Opera, and 7-Zip were silently redirected to malicious versions by way of injected HTTP redirects. It adds: This redirection was possible because official websites for these programs, even though they might have supported HTTPS, directed users to non-HTTPS downloads by default. Additionally, targeted users in Turkey and Syria who downloaded a wide range of applications from CBS Interactive's Download.com (a platform featured by CNET to download software) were instead redirected to versions containing spyware. Download.com does not appear to support HTTPS despite purporting to offer "secure download" links.

Comcast's Protected Browsing Is Blocking PayPal, Steam and TorrentFreak, Customers Say (vice.com) 82

Comcast's Xfinity internet customers have been reporting multiple websites, including PayPal, Steam, and TorrentFreak have been getting blocked by the ISP's "protected browsing" setting. From a report: The "protected browsing" setting is designed to "reduce the risk of accessing known sources of malware, spyware, and phishing for all devices connected to your home network." This, in general, isn't a bad thing. It's similar to Google Chrome's security settings that warn you when you have an insecure connection. But it's odd that Xfinity's security setting would be blocking perfectly harmless sites like PayPal. Multiple consumers have been reporting on Comcast's forums and elsewhere that they've been blocked while trying to access sites that many people use every day. After posting about it on the forums, one user who said they couldn't access PayPal said the problem with that particular site had been fixed. Further reading: Comcast's Protected Browsing Blocks TorrentFreak as "Suspicious" Site (TorrentFreak).

Businesses Under Pressure To 'Consumerize' Logins (betanews.com) 47

Almost two-thirds (64 percent) of IT leaders say their security teams are considering implementing consumer-grade access to cloud services for employees. From a report: According to the 2018 Identity and Access Management Index from digital security company Gemalto 54 percent of respondents believe that the authentication methods they implement in their businesses are not as good compared to those found on popular sites including Amazon and Facebook. Authentication methods applied in the consumer world can be applied to secure access to enterprise resources 70 percent of IT professionals believe. But despite this, 92 percent of IT leaders express concern about employees reusing personal credentials for work. This comes as 61 percent admit they are still not implementing two-factor authentication to allow access to their network, potentially leaving themselves vulnerable to cyber criminals.

McAfee Acquires VPN Provider TunnelBear (venturebeat.com) 56

McAfee announced that it has acquired Canada-based virtual private network (VPN) company TunnelBear. From a report: Founded in 2011, Toronto-based TunnelBear has gained a solid reputation for its fun, cross-platform VPN app that uses quirky bear-burrowing animations to bring online privacy to the masses. The company claims around 20 million people have used its service across mobile and desktop, while a few months back it branched out into password management with the launch of the standalone RememBear app. [...] That TunnelBear has sold to a major brand such as McAfee won't be greeted warmly by many of the product's existing users. However, with significantly more resources now at its disposal, TunnelBear should be in a good position to absorb any losses that result from the transfer of ownership.

Time To Bring Back the Software User Conference (zdnet.com) 43

Holger Mueller, writing for ZDNet (condensed for space): Every tech company has a user conference these days. And is it just me, or are they all starting to feel the exact same? Same announcements, same message, same speakers, same venue. Rinse, repeat. On top of this sameness, irrelevant gimmicks and lack of substance threaten to drag the tech user conference into obsolescence. But all is not lost. Here are a few areas in which tech conferences are going astray, and a few ideas about how to fix them.

It's about the product. Users attend conferences to learn more about a vendor's software. So product needs to get a lot of air time. Yes, services matter too-but it's the product that people have taken time out of their busy schedules to learn about.
Have a motivational speaker who matters.
Demo software. Many attendees are expert users. Vendors need to demonstrate they, too, are experts with their own product. The best way to do this is to demo the product.
Subject expertise beats celebrity. Yes, user conferences are about inspiration, but a celebrity, soap opera star, or a talk show host is not something an enterprise software user can relate to their work and is definitely not why they spend 3-4 days and a few thousand dollars/euros to attend a conference.
Limit the philanthropy. It's great for vendors to give back to a purpose outside of the software. But it should not be 50 percent of a keynote.
Users want to network. Vendors should give users a chance to network. Not just informally, but in a planned way.
Party hard but responsibly.


Researchers Bypassed Windows Password Locks With Cortana Voice Commands (vice.com) 90

Two independent Israeli researchers found a way for an attacker to bypass the lock protection on Windows machines and install malware by using voice commands directed at Cortana, the multi-language, voice-commanded virtual assistant that comes embedded in Windows 10 desktop and mobile operating systems. From a report: Tal Be'ery and Amichai Shulman found that the always-listening Cortana agent responds to some voice commands even when computers are asleep and locked, allowing someone with physical access to plug a USB with a network adapter into the computer, then verbally instruct Cortana to launch the computer's browser and go to a web address that does not use https -- that is, a web address that does not encrypt traffic between a user's machine and the website. The attacker's malicious network adapter then intercepts the web session to send the computer to a malicious site instead, where malware downloads to the machine, all while the computer owner believes his or her machine is protected.

Uber Self-Driving Trucks Are Now Moving Cargo For Uber Freight Customers (techcrunch.com) 52

Uber's autonomous trucks are now being put to work via Uber Freight, Uber's commercial cargo shipping on-demand app. "The first runs are being done in Arizona, with regular hauls operating with both human drivers and autonomous trucks working in tandem," reports TechCrunch. From the report: How it works is that Uber will load up the freight on a conventional, human driven truck who collects the load from the shipper and then does a short haul run to a transfer hub. The short haul truck then loads its cargo onto a long-haul freight transport, which is autonomous for the purposes of these trips. That self-driving test truck handles the highway driving for the longer portion of the trip, handing it off once again to a human-driven trip for the short haul cap to the overall journey. Uber Freight handles the load sourcing, just as it dos for connecting shippers with regular human truckers. Uber's Advanced Technology Group is simply deploying its self-driving trucks on the Uber Freight platform, in the same way that the autonomous team within Uber is using the Uber ride-hailing network to test and deploy its self-driving ride share vehicles. Uber has released a video depicting this journey.

Silicon Valley Is Over, Says Silicon Valley (nytimes.com) 304

An anonymous reader shares a New York Times report: In recent months, a growing number of tech leaders have been flirting with the idea of leaving Silicon Valley. Some cite the exorbitant cost of living in San Francisco and its suburbs, where even a million-dollar salary can feel middle class. Others complain about local criticism of the tech industry and a left-wing echo chamber that stifles opposing views. And yet others feel that better innovation is happening elsewhere. "I'm a little over San Francisco," said Patrick McKenna, the founder of High Ridge Venture Partners who was also on the bus tour. "It's so expensive, it's so congested, and frankly, you also see opportunities in other places." Mr. McKenna, who owns a house in Miami in addition to his home in San Francisco, told me that his travels outside the Bay Area had opened his eyes to a world beyond the tech bubble. "Every single person in San Francisco is talking about the same things, whether it's 'I hate Trump' or 'I'm going to do blockchain and Bitcoin,'" he said. "It's the worst part of the social network."

[...] Complaints about Silicon Valley insularity are as old as the Valley itself. Jim Clark, the co-founder of Netscape, famously decamped for Florida during the first dot-com era, complaining about high taxes and expensive real estate. Steve Case, the founder of AOL, has pledged to invest mostly in start-ups outside the Bay Area, saying that "we've probably hit peak Silicon Valley." But even among those who enjoy living in the Bay Area, and can afford to do so comfortably, there's a feeling that success has gone to the tech industry's head. "Some of the engineers in the Valley have the biggest egos known to humankind," Mr. Khanna, the Silicon Valley congressman, said during a round-table discussion with officials in Youngstown.

Slashdot Top Deals