Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Microsoft

Vladimir Putin Is Replacing Microsoft Programs With Domestic Software (bloomberg.com) 172

An anonymous reader quotes a report from Bloomberg: Moscow city will replace Microsoft Corp. programs with domestic software on thousands of computers in answer to President Vladimir Putin's call for Russia's authorities to reduce dependence on foreign technology amid tensions with the U.S. and Europe. The city will initially replace Microsoft's Exchange Server and Outlook on 6,000 computers with an e-mail system installed by state-run carrier Rostelecom PJSC, Artem Yermolaev, head of information technology for Moscow, told reporters Tuesday. Moscow may expand deployment of the new software, developed by Russia's New Cloud Technologies, to as many as 600,000 computers and servers, and may also consider replacing Windows and Office, Yermolaev said. Putin is urging state entities and local companies to go domestic amid concerns over security and reliability after U.S. firms shut down paid services in Crimea following Russia's 2014 annexation. The plan poses a challenge to the likes of Microsoft, SAP SE and Oracle Corp. in the country's $3 billion software market. Adding to pressure, Putin's internet czar German Klimenko wants to raise taxes on U.S. technology companies to help Russian competitors such as Yandex NV and Mail.ru Group Ltd.
Democrats

FBI Investigating Possible Hack of Democratic Party Staffer Cell Phones (cnn.com) 99

In what may be part of the original Democratic National Committee hack, the FBI is currently investigating a possible hack involving the cell phones of a small number of Democratic Party staffers. CNN reports: The development comes on the same day Homeland Security Secretary Jeh Johnson told lawmakers that 18 states have asked for help in warding off cyberattacks on their electronic voting systems. Law enforcement officials have reached out to the staffers individually about "imaging" their phones to search for evidence of hacking, such as malware. Investigators are still probing whether this attempted hack is part of the original breach of Democratic National Committee emails -- which is widely thought to be the work of the Russian government -- or a new hacking attempt. "Our struggle with the Russian hackers that we announced in June is ongoing -- as we knew it would be -- and we are choosing not to provide general updates unless personal data or other sensitive information has been accessed or stolen," interim DNC Chairwoman Donna Brazile told CNN. Cybersecurity was a major theme at the debate last night between Republican nominee Donald Trump and Democratic nominee Hillary Clinton. While Clinton blamed the Russians for the "election-related cyberintrusions," Trump said "It could be Russia, but it could also be China. It could also be lots of other people. It could also be somebody sitting on their bed that weighs 400 pounds." We will update this story as it develops.
Communications

Anti-Defamation League Declares Pepe the Frog a Hate Symbol (time.com) 316

An anonymous reader quotes a report from TIME: The Anti-Defamation League (ADL) has declared a popular internet meme depicting a cartoon frog to be a hate symbol. Pepe the Frog's beginnings were unoffensive: he is the creation of comic book creator Matt Furie, who featured the frog as a character in the series Boy's Club beginning in 2005. The character subsequently became a beloved meme, often called the "sad frog meme" and shared with a speech bubble reading "Feels good man" or "Feels bad man." But recently, as the Daily Beast reported in May, the character has been co-opted by a faction of Internet denizens who decided to reclaim it from the mainstream, and began sharing it in anti-Semitic contexts. "Images of the frog, variously portrayed with a Hitler-like mustache, wearing a yarmulke or a Klan hood, have proliferated in recent weeks in hateful messages aimed at Jewish and other users on Twitter," the ADL wrote in a statement. "Once again, racists and haters have taken a popular Internet meme and twisted it for their own purposes of spreading bigotry and harassing users," wrote ADL CEO Jonathan A. Greenblatt.
The Almighty Buck

Revealed: How One Amazon Kindle Scam Made Millions of Dollars (zdnet.com) 38

An anonymous Slashdot reader shares an excerpt with us from a report via ZDNet that summarizes a catfishing scheme designed to deceive Amazon users into buy low-quality ebooks: Emma Moore is just one of hundreds of pseudonyms employed in a sophisticated "catfishing" scheme run by Valeriy Shershnyov, whose Vancouver-based business hoodwinks Amazon customers into buying low-quality ebooks, which have been boosted on the online marketplace by an unscrupulous system of bots, scripts, and virtual servers. Catfishing isn't new -- it's been well documented. Some scammers buy fake reviews, while others will try other ways to game the system. Until now, nobody has been able to look inside at how one of these scams work -- especially one that's been so prolific, generating millions of dollars in royalties by cashing in on unwitting buyers who are tricked into thinking these ebooks have some substance. Shershnyov was able to stay in Amazon's shadows for two years by using his scam server conservatively so as to not raise any red flags. What eventually gave him away weren't customer complaints or even getting caught. It was good old-fashioned carelessness. He forgot to put a password on his server.
Government

FCC Official Asks Agency To Investigate Ban On Journalists' Wi-Fi Personal Hotspots At Debate (arstechnica.com) 150

Yesterday, it was reported that journalists attending the presidential debate at Hofstra University were banned from using personal hotspots and were told they had to pay $200 to access the event's Wi-Fi. The journalists were reportedly offered the option to either turn off their personal hotspots or leave the debate. Cyrus Farivar via Ars Technica is now reporting that "one of the members of the Federal Communications Commission, Jessica Rosenworcel, has asked the agency to investigate the Monday evening ban." Ars Technica reports: Earlier, Commissioner Jessica Rosenworcel tweeted, saying that something was "not right" with what Hofstra did. She cited an August 2015 order from the FCC, forcing a company called SmartCity to no longer engage in Wi-Fi blocking and to pay $750,000. Ars has since updated their report with a statement from Karla Schuster, a spokeswoman for Hofstra University: The Commission on Presidential Debates sets the criteria for services and requires that a completely separate network from the University's network be built to support the media and journalists. This is necessary due to the volume of Wi-Fi activity and the need to avoid interference. The Rate Card fee of $200 for Wi-Fi access is to help defray the costs and the charge for the service does not cover the cost of the buildout. For Wi-Fi to perform optimally the system must be tuned with each access point and antenna. When other Wi-Fi access points are placed within the environment the result is poorer service for all. To avoid unauthorized access points that could interfere, anyone who has a device that emits RF frequency must register the device. Whenever a RF-emitting device was located, the technician notified the individual to visit the RF desk located in the Hall. The CPD RF engineer would determine if the device could broadcast without interference.
AI

Google's New Translation Software Powered By Brainlike Artificial Intelligence (sciencemag.org) 82

sciencehabit quotes a report from Science Magazine: Today, Google rolled out a new translation system that uses massive amounts of data and increased processing power to build more accurate translations. The new system, a deep learning model known as neural machine translation, effectively trains itself -- and reduces translation errors by up to 87%. When compared with Google's previous system, the neural machine translation system scores well with human reviewers. It was 58% more accurate at translating English into Chinese, and 87% more accurate at translating English into Spanish. As a result, the company is planning to slowly replace the system underlying all of its translation work -- one language at a time. The report adds: "The new method, reported today on the preprint server arXiv, uses a total of 16 processors to first transform words into a value known as a vector. What is a vector? 'We don't know exactly,' [Quoc Le, a Google research scientist in Mountain View, California, says.] But it represents how related one word is to every other word in the vast dictionary of training materials (2.5 billion sentence pairs for English and French; 500 million for English and Chinese). For example, 'dog' is more closely related to 'cat' than 'car,' and the name 'Barack Obama' is more closely related to 'Hillary Clinton' than the name for the country 'Vietnam.' The system uses vectors from the input language to come up with a list of possible translations that are ranked based on their probability of occurrence. Other features include a system of cross-checks that further increases accuracy and a special set of computations that speeds up processing time."
Piracy

YouTube-MP3 Ripping Site Sued By IFPI, RIAA and BPI (torrentfreak.com) 287

An anonymous reader quotes a report from TorrentFreak: Two weeks ago, the International Federation of the Phonographic Industry published research which claimed that half of 16 to 24-year-olds use stream-ripping tools to copy music from sites like YouTube. The industry group said that the problem of stream-ripping has become so serious that in volume terms it had overtaken downloading from 'pirate' sites. Given today's breaking news, the timing of the report was no coincidence. Earlier today in a California District Court, a huge coalition of recording labels sued the world's largest YouTube ripping site. UMG Recordings, Capitol Records, Warner Bros, Sony Music, Arista Records, Atlantic Records and several others claim that YouTube-MP3 (YTMP3), owner Philip Matesanz, and Does 1-10 have infringed their rights. The labels allege that YouTube-MP3 is one of the most popular sites in the entire world and as a result its owner, German-based company PMD Technologies UG, is profiting handsomely from their intellectual property. YouTube-MP3 is being sued for direct, contributory, vicarious and inducement of copyright infringement, plus circumvention of technological measures. Among other things, the labels are also demanding a preliminary and permanent injunction forbidding the Defendants from further infringing their rights. They also want YouTube-MP3's domain name to be surrendered. "YTMP3 rapidly and seamlessly removes the audio tracks contained in videos streamed from YouTube that YTMP3's users access, converts those audio tracks to an MP3 format, copies and stores them on YTMP3's servers, and then distributes copies of the MP3 audio files from its servers to its users in the United States, enabling its users to download those MP3 files to their computers, tablets, or smartphones," the complaint reads. "Defendants are depriving Plaintiffs and their recording artists of the fruits of their labor, Defendants are profiting from the operation of the YTMP3 website. Through the promise of illicit delivery of free music, Defendants have attracted millions of users to the YTMP3 website, which in turn generates advertising revenues for Defendants," the labels add.
Republicans

Trump Takes On 'Crooked Hillary' With Snapchat Geofilter (arstechnica.com) 130

In an effort to appeal to more young voters, U.S. Republican presidential nominee Donald Trump has unveiled a "geofilter" ad campaign for Snapchat that slaps on the banner phrase "Donald J. Trump vs. Crooked Hillary" to a user's photo and video Snaps. Ars Technica reports: "The ad rolled out to American Snapchat users today, just ahead of the 2016 presidential election's first major debate between Trump and Hillary Clinton (the debate starts tonight at 9pm EDT). The ad joins the usual geofilter available to Snapchat users, which usually list the name of a city or a nearby event as determined by GPS and time information. The campaign differs from the deluge of text, photo, and video ads that politicans have relied on in recent years, as it doesn't publish or display to the public without a personal photo or video attached. While other political campaigns have paid for geofilter ad campaigns on Snapchat in the past, including Clinton and Bernie Sanders, those have been timed and targeted for smaller-scale events like political conventions and primary voting periods. In a statement to CNN, the Clinton campaign said that Trump was "throwing his money into a fire pit," and it pointed out the ad's potential for backfiring, since "given Trump's deep unpopularity with young voters, [the ad's phrasing] will be used mainly at [his] own expense."
Security

Windows 10 Will Soon Run Edge In a Virtual Machine To Keep You Safe (arstechnica.com) 157

An anonymous reader quotes a report from Ars Technica: Microsoft has announced that the next major update to Windows 10 will run its Edge browser in a lightweight virtual machine. Running the update in a virtual machine will make exploiting the browser and attacking the operating system or compromising user data more challenging. Called Windows Defender Application Guard for Microsoft Edge, the new capability builds on the virtual machine-based security that was first introduced last summer in Windows 10. Windows 10's Virtualization Based Security (VBS) uses small virtual machines and the Hyper-V hypervisor to isolate certain critical data and processes from the rest of the system. The most important of these is Credential Guard, which stores network credentials and password hashes in an isolated virtual machine. This isolation prevents the popular MimiKatz tool from harvesting those password hashes. In turn, it also prevents a hacker from breaking into one machine and then using stolen credentials to spread to other machines on the same network. Credential Guard's virtual machine is very small and lightweight, running only a relatively simple process to manage credentials. Application Guard will go much further by running large parts of the Edge browser within a virtual machine. This virtual machine won't, however, need a full operating system running inside it -- just a minimal set of Windows features required to run the browser. Because Application Guard is running in a virtual machine it will have a much higher barrier between it and the host platform. It can't see other processes, it can't access local storage, it can't access any other installed applications, and, critically, it can't attack the kernel of the host system. In its first iteration, Application Guard will only be available for Edge. Microsoft won't provide an API or let other applications use it. As with other VBS features, Application Guard will also only be available to users of Windows 10 Enterprise, with administrative control through group policies. Administrators will be able to mark some sites as trusted, and those sites won't use the virtual machine. Admins also be able to control whether untrusted sites can use the clipboard or print.
Government

ISP To FCC: Using The Internet Is Like Eating Oreos (consumerist.com) 224

New submitter Rick Schumann shares with us a report highlighting an analogy presented by an ISP that relates Double Stuf Oreos to the internet. Specifically, that Double Stuf Oreos cost more than regular Oreos, and therefore you should pay more for internet: The Consumerist reports: "Ars Technica first spotted the crumbly filing, from small (and much-loathed) provider Mediacom. Mediacom's comment is in response to the same proceeding that Netflix commented on earlier this month. However, while Netflix actually addressed data and the ways in which their customers use it, Mediacom went for the more metaphor-driven approach. The letter literally starts out under the header, 'You Have to Pay Extra For Double-Stuffed,' and posits that you, the consumer, are out for a walk with $2 in your pocket when you suddenly develop a ferocious craving for Oreo cookies." Of course their analogy is highly questionable, since transmitting data over a network doesn't actually consume anything, now does it? You eat the cookie, the cookie is gone, but you transmit data over a network, the network is still there and can transmit data endlessly. Mediacom's assertion that the Internet is like a cookie you eat, is like saying copying a file on your computer somehow diminishes or degrades the original file, which of course is ridiculous.
Virtualization

Boot Linux (or OpenBSD Or Oberon Or FreeDOS) In Your Browser (copy.sh) 92

Long-time Slashdot reader DeQueue writes: Back in 2011 Fabrice Bellard, the initiator of the QEMU emulator, wrote a PC emulator in JavaScript that let you boot Linux in your browser. But he didn't stop there.

On his website he now has images that let you boot Oberon, Arch Linux, FreeDOS, OpenBSD, Solar OS and more recent versions of Linux such as 2.6 or 3.18 (the 3.18 image includes internet access). You can also boot to a CD image, or a floppy image, or a hard drive disk image on your local machine. And, if you don't need yet another operating system on your computer, you can even boot to Bootchess and play chess

Botnet

Ask Slashdot: Is My IoT Device Part of a Botnet? 277

As our DVRs, cameras, and routers join the Internet of Things, long-time Slashdot reader galgon wonders if he's already been compromised: There has been a number of stories of IoT devices becoming part of botnets and being used in distributed denial of service attacks. If these devices are seemingly working correctly to the user, how would they ever know the device was compromised? Is there anything the average user can do to detect when they have a misbehaving device on their network?
I'm curious how many Slashdot readers are even using IoT devices -- so leave your best answers in the comments. How would you know if your IoT device is part of a botnet?
The Internet

What Vint Cerf Would Do Differently (computerworld.com) 124

An anonymous Slashdot reader quotes ComputerWorld: Vint Cerf is considered a father of the internet, but that doesn't mean there aren't things he would do differently if given a fresh chance to create it all over again. "If I could have justified it, putting in a 128-bit address space would have been nice so we wouldn't have to go through this painful, 20-year process of going from IPv4 to IPv6," Cerf told an audience of journalists Thursday... For security, public key cryptography is another thing Cerf would like to have added, had it been feasible.

Trouble is, neither idea is likely to have made it into the final result at the time. "I doubt I could have gotten away with either one," said Cerf, who won a Turing Award in 2004 and is now vice president and chief internet evangelist at Google. "So today we have to retrofit... If I could go back and put in public key crypto, I probably would try."

Vint Cerf answered questions from Slashdot users back in 2011.
Censorship

Krebs Is Back Online Thanks To Google's Project Shield (krebsonsecurity.com) 145

"After the massive 600gbps DDOS attack on KrebsOnSecurity.com that forced Akamai to withdraw their (pro-bono) DDOS protection, krebsonsecurity.com is now back online, hosted by Google," reports Slashdot reader Gumbercules!!.

"I am happy to report that the site is back up -- this time under Project Shield, a free program run by Google to help protect journalists from online censorship," Brian Krebs wrote today, adding "The economics of mitigating large-scale DDoS attacks do not bode well for protecting the individual user, to say nothing of independent journalists...anyone with an axe to grind and the willingness to learn a bit about the technology can become an instant, self-appointed global censor." [T]he Internet can't route around censorship when the censorship is all-pervasive and armed with, for all practical purposes, near-infinite reach and capacity. I call this rather unwelcome and hostile development the "The Democratization of Censorship...." [E]vents of the past week have convinced me that one of the fastest-growing censorship threats on the Internet today comes not from nation-states, but from super-empowered individuals who have been quietly building extremely potent cyber weapons with transnational reach...

Akamai and its sister company Prolexic have stood by me through countless attacks over the past four years. It just so happened that this last siege was nearly twice the size of the next-largest attack they had ever seen before. Once it became evident that the assault was beginning to cause problems for the company's paying customers, they explained that the choice to let my site go was a business decision, pure and simple... In an interview with The Boston Globe, Akamai executives said the attack -- if sustained -- likely would have cost the company millions of dollars.

One site told Krebs that Akamai-style protection would cost him $150,000 a year. "Ask yourself how many independent journalists could possibly afford that kind of protection money?" He suspects the attack was a botnet of enslaved IoT devices -- mainly cameras, DVRs, and routers -- but says the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks... the biggest offenders will continue to fly under the radar of public attention unless and until more pressure is applied by hardware and software makers, as well as ISPs that are doing the right thing... What appears to be missing is any sense of urgency to address the DDoS threat on a coordinated, global scale."
Government

California Launches Mandatory Data Collection For Police Use-of-Force (seattletimes.com) 114

An anonymous Slashdot reader quotes the AP: All 800 police departments in California must begin using a new online tool launched Thursday to report and help track every time officers use force that causes serious injuries... The tool, named URSUS for the bear on California's flag, includes fields for the race of those injured and the officers involved, how their interaction began and why force was deemed necessary.

"It's sort of like TurboTax for use-of-force incidents," said Justin Erlich, a special assistant attorney general overseeing the data collection and analysis. Departments must report the data under a new state law passed last November. Though some departments already tracked such data on their own, many did not... "As a country, we must engage in an honest, transparent, and data-driven conversation about police use of force," California Attorney General Kamala Harris said in a news release.

It's an open source tool developed by Bayes Impact, and California plans to share the code with other interested law enforcement agencies across the country. Only three other states currently require their police departments to track data about use-of-force incidents, "but their systems aren't digital, and in Colorado's case, only capture shootings."
Space

Cisco Blamed A Router Bug On 'Cosmic Radiation' (networkworld.com) 142

Network World's news editor contacted Slashdot with this report: A Cisco bug report addressing "partial data traffic loss" on the company's ASR 9000 Series routers contended that a "possible trigger is cosmic radiation causing SEU [single-event upset] soft errors." Not everyone is buying: "It IS possible for bits to be flipped in memory by stray background radiation. However it's mostly impossible to detect the reason as to WHERE or WHEN this happens," writes a Redditor identifying himself as a former [technical assistance center] engineer...
"While we can't speak to this particular case," Cisco wrote in a follow-up, "Cisco has conducted extensive research, dating back to 2001, on the effects cosmic radiation can have on our service provider networking hardware, system architectures and software designs. Despite being rare, as electronics operate at faster speeds and the density of silicon chips increases, it becomes more likely that a stray bit of energy could cause problems that affect the performance of a router or switch."

Friday a commenter claiming to be Xander Thuijs, Cisco's principal engineer on the ASR 9000 router, posted below the article, "apologies for the detail provided and the 'concept' of cosmic radiation. This is not the type of explanation I would like to see presented to the respected users of our products. We have made some updates to the DDTS [defect-tracking report] in question with a more substantial data and explanation. The issue is something that we can likely address with an FPD update on the 2x100 or 1x100G Typhoon-based linecard."
Botnet

Spam Hits Its Highest Level Since 2010 (networkworld.com) 45

Long-time Slashdot reader coondoggie quotes Network World: Spam is back in a big way -- levels that have not been seen since 2010 in fact. That's according to a blog post from Cisco Talos that stated the main culprit of the increase is largely the handiwork of the Necurs botnet... "Many of the host IPs sending Necurs' spam have been infected for more than two years.

"To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions... This greatly complicates the job of security personnel who respond to spam attacks, because while they may believe the offending host was subsequently found and cleaned up, the reality is that the miscreants behind Necurs are just biding their time, and suddenly the spam starts all over again."

Before this year, the SpamCop Block List was under 200,000 IP addresses, but surged to over 450,000 addresses by the end of August. Interestingly, Proofpoint reported that between June and July, Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's.
United States

U.S. Funds Challenges To North Korea's 'Information Shield' (freekorea.us) 86

The U.S. State Department is pursuing "a detailed plan for making unrestricted, unmonitored, and inexpensive electronic mass communications available to the people of North Korea." Slashdot reader Greg Jones reports: Plenty of government-designed "information" flows out of North Korea. At One Free Korea Joshua Stanton reports that the U.S. State Department just announced a new grant program for information technology solutions to punch through the wall that prevents the free flow of information into North Korea.
"Those of us who wrote and negotiated the [North Korea Sanctions and Policy Enhancement Act] were equally concerned with direct engagement of the North Korean people..." Stanton writes on his blog, reporting that there's now grants available to fund multiple projects. "If you have the technical knowledge to make this a reality, or know a place online where people with those talents congregate, please share and repost this solicitation and help spread the word."
Communications

The Verge's Deputy Editor Chris Ziegler Was Secretly Working For Apple For Two Months (gizmodo.com) 78

An anonymous reader quotes a report from Gizmodo: Late this afternoon, Nilay Patel, the editor-in-chief of The Verge, published a post detailing the circumstances around the departure of Chris Ziegler, a founding member of the site. As it turns out, according to Patel, Ziegler had been pulling double duty as an employee of both The Verge and Apple. "The circumstances of Chris' departure from The Verge raised ethical issues which are worth disclosing in the interests of transparency and respect for our audience," Patel wrote. "We're confident that there wasn't any material impact on our journalism from these issues, but they are still serious enough to merit disclosure." According to Patel, Ziegler, whose most recent post was published in July, began working for Apple in July but didn't disclose his new job; The Verge apparently didn't discover he'd been working there until early September. Patel noted that Ziegler continued to work for The Verge in July, but "was not in contact with us through most of August and into September." What's not clear is how The Verge leadership went six weeks without hearing from their deputy editor or taking serious action (like filing a missing person's report) to try to find him. Patel says they "made every effort to contact him and to offer him help if needed." Patel noted the obvious conflict of interest, and added that Ziegler was fired the same day they verified his employment at Apple. "Chris did not attempt to steer any coverage towards or away from Apple, and any particular decisions he helped make had the same outcomes they would have had absent his involvement," Patel wrote. However, it's still unclear how exactly the team at Vox Media, The Verge's parent company, ascertained there was no editorial consequences from the dual-employment. You can read Patel's full statement here. Vox Media's Fay Sliger followed up with a statement to Gizmodo: "Chris is no longer an employee of The Verge or Vox Media. Chris accepted a position with Apple, stopped communicating with The Verge's leadership, and his employment at The Verge was terminated. Vox Media's editorial director Lockhart Steele conducted an internal review of this conflict of interest, and after a thorough investigation, it was determined that there was no impact on editorial decisions or journalism produced at The Verge or elsewhere in Vox Media. We've shared details about this situation with The Verge's audience and will continue to be transparent should any new information come to light."
Yahoo!

Yahoo Sued For Gross Negligence Over Huge Hacking (reuters.com) 56

Yahoo apparently took two years to investigate and tell people that its service had been breached, and that over 500 million users were affected. Amid the announcement, a user is suing Yahoo, accusing the company of gross negligence. From a Reuters report: The lawsuit was filed in the federal court in San Jose, California, one day after Yahoo disclosed the hacking, unprecedented in size, by what it believed was a "state-sponsored actor." Ronald Schwartz, a New York resident, sued on behalf of all Yahoo users in the United States whose personal information was compromised. The lawsuit seeks class-action status and unspecified damages. A Yahoo spokeswoman said the Sunnyvale, California-based company does not discuss pending litigation. The attack could complicate Chief Executive Marissa Mayer's effort to shore up the website's flagging fortunes, two months after she agreed to a $4.8 billion sale of Yahoo's Internet business to Verizon Communications. Yahoo on Thursday said user information including names, email addresses, phone numbers, birth dates and encrypted passwords had been compromised in late 2014.

Slashdot Top Deals