Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

BHU's 'Tiger Will Power' Wi-Fi Router May Be The Most Insecure Router Ever Made (softpedia.com) 62

An anonymous reader writes from a report via Softpedia: A Wi-Fi router manufactured and sold only in China can easily run for the title of "most insecure router ever made." The BHU router, whose name translates to "Tiger Will Power," has a long list of security problems that include: four authentication bypass flaws (one of which is just hilarious); a built-in backdoor root account that gets created on every boot-up sequence; the fact that it opens the SSH port for external connections after every boot (somebody has to use that root backdoor account right?); a built-in proxy server that re-routes all traffic; an ad injection system that adds adverts to all the sites you visit; and a backup JS file embedded in the router firmware if the ad script fails to load from its server. For techies, there's a long technical write-up, which gets funnier and scarier at the same time as you read through it. "An attacker authenticating on the router can use a hardcoded session ID (SID) value of 700000000000000 to gain admin privileges," reports Softpedia. "If he misspells the SID and drops a zero, that's no problem. The BHU router will accept any value and still grant the user admin rights."
AT&T

AT&T Says LTE Can Still Offer Speeds Up To 1 Gbps (dslreports.com) 50

An anonymous reader writes from a report via DSL Reports: ATT CTO Andre Fuetsch said at a telecom conference last week that the company's existing LTE network should be able to reach speeds of 1 Gbps before the standard ultimately gets overshadowed by faster 5G tech. The new 5G technology isn't expected to arrive until 2020 at the earliest, so LTE has a lot of time left as the predominant wireless connectivity. "There's a lot of focus on 5G -- but don't discount LTE," Fuetsch said. "LTE is still here. And LTE will be around for a long time. And LTE has also enormous potential in that, you'll be capable of supporting 1 gigabit speeds as well." 5G will help move past 1 Gbps speeds, while also providing significantly lower latency. "You'll see us sharing more about the trial activity we're doing," said Fuetsch. "Everything that's being [tested] right now is not standard, it's all sort of proprietary. But this is an important process to go through because this is how you learn and how it helps define standards."
Android

Google Begins Rolling Out Android 7.0 Nougat (venturebeat.com) 164

An anonymous reader writes: Google today started rolling out Android 7.0 Nougat to existing Nexus devices via an over-the-air software update. This is a gradual rollout: The Nexus 6, Nexus 5X, Nexus 6P, Nexus 9, Nexus Player, Pixel C, and General Mobile 4G (Android One) will all be updated, but " it may take several weeks" before everyone gets the latest and greatest, a Google spokesperson told VentureBeat.The Nexus 5 (2013), which packs in a Snapdragon 800 SoC coupled with 2GB of RAM and 5-inch full-HD display, won't be receiving Android Nougat update -- despite having all the hardware capabilities required for a phone to receive Google's latest OS update. The truth of the matter is if Google wanted to update the Nexus 5 with the latest Android software, it could have. It just chose not to. It's very likely that same will be the case for the Nexus 6, a phone that has 3GB of RAM, and Snapdragon 805 SoC, next year when the company releases Android O update.
Android

Apple, Samsung Capture All Of Industry's Smartphone Profits (zdnet.com) 161

Continuing to operate on razor thin margins, smartphone manufacturers other than Samsung and Apple are bleeding money. Apple accounted for 75 percent of the smartphone's profits in the second quarter this year, down from 90 percent a year ago, according to Canaccord Genuity. Samsung, which has reported strong sales thanks to its Galaxy S7 series of smartphones, accounted for more than 30 percent of the industry, the research added. ZDNet reports: While this tale could revolve around Apple vs. Samsung the larger question is this: Why would any company want to make smartphones? Let's get real. All the profits go to Apple (high end) or Samsung (high end and scale). The rest of the players in the market don't make money and get disrupted by whatever vendor is flavor of the month? Remember that Xiaomi was supposed to be the next big thing in China and elsewhere, but is now being disrupted by Oppo and Vivo. A quarter from now Oppo and Vivo will be thumped by some smartphone manufacturer we haven't heard of yet.
Crime

Want To Hunt Bank Robbers? There's an App For That, Says The FBI (networkworld.com) 68

Long-time Slashdot reader coondoggie quotes an article from Network World: The FBI today said it released a new application making it easier for the public -- as well as financial institutions, law enforcement agencies, and others -- to view photos and information about bank robberies in different geographic areas of the country.
The FBI's new "Bank Robbers" application runs on both Android and iOS, according to the article, "and lets users sort bank robberies by the date they occurred, the category they fall under (i.e., armed serial bank robber), the FBI field office working the case, or the state where the robbery occurred." The app ties into BankRobbers.fbi.gov, which overlays FBI information about bank robberies onto Google Maps.

The app's users "can also select push notifications to be informed when a bank robbery has taken place near their location," according to the FBI's site, which adds innocently that "If the location services on your device are enabled, you can view a map that shows the relevant bank robberies that took place in your geographic area..."
Cellphones

IPv6 Achieves 50% Reach On Major US Carriers (worldipv6launch.org) 148

Long-time Slashdot reader dyork brings new from The Internet Society: IPv6 deployment hit a milestone this month related to the four major US providers (Verizon Wireless, T-Mobile USA, Sprint, AT&T): "IPv6 is the dominant protocol for traffic from those mobile networks to major IPv6-capable content providers."
A graph on their "World IPv6 Launch" site shows those carriers are now delivering close to 55% of their traffic over IPv6 to major IPv6-capable content providers -- up from just 37.59% in December. "This is really remarkable progress in the four years since World IPv6 Launch in 2012, and the growth of IPv6 deployment in 2016 is showing no signs of abating." In fact, the NTIA is now requesting feedback from organizations that have already implemented IPv6, noting that while we've used up all the 4.3 billion IPv4 addresses, IPv6 offers 340 undecillion IP addresses -- that is, 340 followed by 36 digits.
Network

Comcast Rolls Out $70-Per-Month Gigabit Internet Service In Chicago (pcmag.com) 93

An anonymous reader writes from a report via PC Magazine: Comcast is now offering Chicagoans gigabit internet speeds. PC Magazine reports: "Launched on Wednesday, the program uses DOCSIS 3.1 technology to deliver speeds up to 1Gbps over existing network infrastructure. DOCSIS 3.1 runs through standard cable connections already in place at your home or office. So Xfinity and Comcast Business Internet customers can simply sign up for a plan and plug in a new modem; no fiber installation required. The service, according to Comcast, allows you to download a 5GB HD movie in 40 seconds, a 60MB TV episode in four seconds, a 150MB music album in two seconds, or a 15GB video game in two minutes. Initial users have the choice of a promotional contract price of $70 per month for 36 months, or $139.95 per month (plus tax and fees) with no contract."
Botnet

'Smart' Electrical Socket Leaks Your Email Address, Can Launch DDoS Attacks (softpedia.com) 82

An anonymous reader writes from a report via Softpedia: There is an insecure IoT smart electrical socket on the market that leaks your Wi-Fi password, your email credentials (if configured), and is also poorly coded, allowing attackers to hijack the device via a simple command injection in the password field. Researchers say that because of the nature of the flaws, attackers can overwrite its firmware and add the device to a botnet, possibly using it for DDoS attacks, among other things. Bitdefender didn't reveal the device's manufacturer but said the vendor is working on a fix, which will be released in late Q3 2016. Problems with the device include a lack of encryption for device communications and the lack of any basic input sanitization for the password field. "Up until now most IoT vulnerabilities could be exploited only in the proximity of the smart home they were serving, however, this flaw allows hackers to control devices over the internet and bypass the limitations of the network address translation," says Alexandru Balan, Chief Security Researcher at Bitdefender. "This is a serious vulnerability, we could see botnets made up of these power outlets."
Android

iOS and Android Combined For Record 99% of Smartphone Sales Last Quarter (macrumors.com) 190

An anonymous reader writes: The research firm Gartner has crunched some numbers and found that Android and iOS accounted for a record 99.1% worldwide market share in the second calendar quarter of 2016, which is compared to 96.8% in the year-ago period. What some may view as even more shocking is that Android accounted for 86.2% of the market share in the second quarter, up from 82.2% a year ago. Meanwhile, iOS lost some ground as it dropped to 12.9% market share from 14.6% in the year-ago period. It's no surprise that Windows and BlackBerry have been losing market share. They dropped to 0.6% and 0.1% market share worldwide respectively. Just six years ago, BlackBerry and Symbian operating systems were industry leaders. Now, they're industry losers. Which third-party operating system has what it takes to take on the establishment?
Android

Companies Can't Legally Void the Warranty For Jailbreaking Or Rooting Your Phone (vice.com) 128

Reader Jason Koebler writes: Manufacturers that threaten to void the warranties of consumers who jailbreak or root their phones are violating federal law.
Under the Magnuson-Moss Warranty Act of 1975, manufacturers cannot legally void your hardware warranty simply because you altered the software of an electronic device. In order to void the warranty without violating federal law, the manufacturer must prove that the modifications you made directly led to a hardware malfunction.
"They have to show that the jailbreak caused the failure. If yes, they can void your claim (not your whole warranty—just the things which flowed from your mod)," Steve Lehto, a lemon law attorney in Michigan, wrote in an email. "If not, then they can't."

AT&T

AT&T Is Boosting Data Plans, Dropping Overage Fees (reuters.com) 71

An anonymous reader quotes a report from Reuters: ATT Inc, the No. 2 U.S wireless provider, said on Wednesday that it would roll out a new data plan that does away with overage fees and reduces data speeds for wireless customers who surpass their data allowance. Beginning Sunday, customers can choose the new Mobile Share Advantage plan and pay for extra data, if needed, or work with slower data speeds instead of paying for overages, the company said in a statement. Its current plan includes a $5 data overage charge per 300 megabytes on its 300-megabyte plan and $15 per 1 gigabyte on other plans. ATT has also revised prices and data bucket sizes. For instance, its larger 25-gigabyte plan now costs $190 per month for four smartphone lines. It previously cost $235. All the new plans include an access charge of $10 to $40 per month for each device, ATT said. The new plans will continue to have features such as unlimited text and talk and rollover data. Plans above 10 gigabytes also include unlimited talk and text to Mexico and Canada and no roaming charges in Mexico. Last month, Verizon introduced a new "Safety Mode" for its data plans that similarly throttles customers who exceed their monthly allotment to avoid overages. While Verizon charges customers on lower tier plans for the feature, ATT notes that it does not apply any extra charges.
Google

Malware That Fakes Bank Login Screens Found In Google Ads (fastcompany.com) 120

tedlistens quotes a report from Fast Company: For years, security firms have warned of keystroke logging malware that surreptitiously steals usernames and passwords on desktop and laptop computers. In the past year, a similar threat has begun to emerge on mobile devices: So-called overlay malware that impersonates login pages from popular apps and websites as users launch the apps, enticing them to enter their credentials to banking, social networking, and other services, which are then sent on to attackers. Such malware has even found its way onto Google's AdSense network, according to a report on Monday from Kaspersky Lab. The weapon would automatically download when users visited certain Russian news sites, without requiring users to click on the malicious advertisements. It then prompts users for administrative rights, which makes it harder for antivirus software or the user to remove it, and proceeds to steal credentials through fake login screens, and by intercepting, deleting, and sending text messages. The Kaspersky researchers call it "a gratuitous act of violence against Android users." "By simply viewing their favorite news sites over their morning coffee users can end up downloading last-browser-update.apk, a banking Trojan detected by Kaspersky Lab solutions as Trojan-Banker.AndroidOS.Svpeng.q," according to the company. "There you are, minding your own business, reading the news and BOOM! -- no additional clicks or following links required." The good news is that the issue has since been resolved, according to a Google spokeswoman. Fast Company provides more details about these types of attacks and how to stay safe in its report.
Intel

Intel Unveils Project Alloy 'Merged Reality' Wireless Headset (hothardware.com) 43

MojoKid writes: Intel CEO Bryan Krzanich took to the stage at the Moscone Center in San Francisco today to kick off this year's Intel Developers Forum. Kyrzanich unveiled a number of new projects and products including a product code-named "Project Alloy." The device is an un-tethered, merged reality Head Mounted Device (HMD) that combines compute, graphics, multiple RealSense modules, various sensors, and batteries into a self-contained headset that offers a full six degrees of freedom. Unlike the Oculus Rift and HTC Vive, Project Alloy does not need to be wired to a PC or other device and it does not require externally mounted sensors to define a virtual space. Instead, it uses RealSense cameras to map the actual physical world you're in while wearing the HMD. The RealSense cameras also allow the device to bring real-world objects into the virtual world, or vice versa. The cameras and sensors used in Project Alloy offer full depth sensing, so obstacles can be mapped, and people and objects within camera range -- like your hand, for example -- can be brought into the virtual world and accurately tracked. During a live, on-stage demo performed by Intel's Craig Raymond, Craig's hand was tracked and all five digits, complete with accurate bones and joint locations, were brought into the the VR/AR experience. Project Alloy will be supported by Microsoft's Windows Holographics Shell framework.
Cellphones

FCC Complaint: Baltimore Police Breaking Law With Use of Stingray Phone Trackers (baltimoresun.com) 108

An anonymous reader writes from a report via Baltimore Sun: Civil rights groups have complained to the FCC over the Baltimore Police Department's use of stingray phone tracking devices. They claim that "the way police use it interferes with emergency calls and is racially discriminatory." Baltimore Sun reports: "The complaint argues that the police department doesn't have a proper license to use the devices and is in violation of federal law. It calls on regulators at the Federal Communications Commission to step in and formally remind law enforcement agencies of the rules. 'The public is relying on the Commission to carry out its statutory obligation to do so, to fulfill its public commitment to do so, and to put an end to widespread network interference caused by rampant unlicensed transmissions made by BPD and other departments around the country,' the groups say in the complaint. Police in Baltimore acknowledged in court last year that they had used the devices thousands of times to investigate crimes ranging from violent attacks to the theft of cellphones. Investigators had been concealing the technology from judges and defense lawyers and after the revelations Maryland's second highest court ruled that police should get a warrant before using a Stingray. The groups argue that surveillance using the devices also undermines people's free speech rights and describe the use of Stingrays as an electronic form of the intrusive police practices described in the scathing Justice Department report on the police department's pattern of civil rights violations."
Cellphones

Former CEO of Angry Birds-Maker Rovio Hired To Revive Nokia's Phone Business (techcrunch.com) 88

An anonymous reader writes: Nokia really started to go downhill after it agreed to sell itself to Microsoft at the end of 2013, going all in with Windows Mobile. When that faltered, "Microsoft folded Nokia into its mobile business, maintaining the Finnish company's brand on feature phones, while offering up smartphones under the newly integrated Microsoft Lumia line," reports TechCrunch. In May of this year, Microsoft sold its feature phone business to Foxconn for $350 million. At around the same time, Nokia essentially licensed its brand to Finnish company HMD global Oy to create phones under the Nokia name, "which would be manufactured and distributed by Foxconn." Now, TechCrunch is reporting that Nokia has hired Pikka Rantala, the once CEO of Angry Birds creator Rovio, who stepped down in 2015 after a rough year with the mobile gaming company. He will be joining the company as Chief Marketing Officer.

Slashdot Top Deals