Businesses

How Hotmail Changed Microsoft (and Email) Forever (arstechnica.com) 84

An anonymous reader quotes a report from Ars Technica: Twenty years ago this week, on December 29, 1997, Bill Gates bought Microsoft a $450 million late Christmas present: a Sunnyvale-based outfit called Hotmail. With the buy -- the largest all-cash Internet startup purchase of its day -- Microsoft plunged into the nascent world of Web-based email. Originally launched in 1996 by Jack Smith and Sabeer Bhatia as "HoTMaiL" (referencing HTML, the language of the World Wide Web), Hotmail was initially folded into Microsoft's MSN online service. Mistakes were made. Many dollars were spent. Branding was changed. Spam became legion. Many, many horrendous email signatures were spawned. But over the years that followed, Hotmail would set the course for all the Web-based email offerings that followed, launching the era of mass-consumer free email services. Along the way, Hotmail drove changes in Windows itself (particularly in what would become Windows Server) that would lay the groundwork for the operating system to make its push into the data center. And the email service would be Microsoft's first step toward what is now the Azure cloud.

Former Microsoft executive Marco DeMello, now CEO of mobile security firm PSafe Technology, was handed the job of managing the integration of Hotmail as the lead program manager for MSN -- Microsoft's own answer to America Online. In an interview with Ars, DeMello -- who would go on to be director of Windows security and product manager for Exchange before leaving Microsoft in 2006 -- recounted how, right after he was hired in October of 1996 to manage MSN, he was summoned to Redmond for a meeting with Bill Gates. "He gave me and my team the mission of basically finding or creating a system for free Web-based email for the whole world that Microsoft would offer," DeMello said.

AI

Researchers Fooled a Google AI Into Thinking a Rifle Was a Helicopter (wired.com) 160

An anonymous reader shares a Wired report: Algorithms, unlike humans, are susceptible to a specific type of problem called an "adversarial example." These are specially designed optical illusions that fool computers into doing things like mistake a picture of a panda for one of a gibbon. They can be images, sounds, or paragraphs of text. Think of them as hallucinations for algorithms. While a panda-gibbon mix-up may seem low stakes, an adversarial example could thwart the AI system that controls a self-driving car, for instance, causing it to mistake a stop sign for a speed limit one. They've already been used to beat other kinds of algorithms, like spam filters. Those adversarial examples are also much easier to create than was previously understood, according to research released Wednesday from MIT's Computer Science and Artificial Intelligence Laboratory. And not just under controlled conditions; the team reliably fooled Google's Cloud Vision API, a machine learning algorithm used in the real world today. For example, in November another team at MIT (with many of the same researchers) published a study demonstrating how Google's InceptionV3 image classifier could be duped into thinking that a 3-D-printed turtle was a rifle. In fact, researchers could manipulate the AI into thinking the turtle was any object they wanted.
Facebook

Facebook To Demote Posts That Ask For 'Likes' Or Shares (recode.net) 85

Facebook is cracking down on a new type of clickbait: Posts that ask people to "Like" or share or comment to goose engagement numbers, what Facebook is calling "engagement bait." Their solution? Demote the posts considered to be "engagement bait." Recode reports: Facebook has decided it doesn't like publishers gaming the system this way, and claims users don't like it either."People have told us that they dislike spammy posts on Facebook that goad them into interacting with likes, shares, comments, and other actions," the company wrote on its blog. So starting Monday, posts that Facebook considers to be engagement bait will be pushed down in News Feed. Beginning in a few weeks, publishers and Pages that continue to utilize this tactic will see their reach diminished for all of their posts.
Microsoft

Microsoft Disables Word DDE Feature To Prevent Further Malware Attacks (bleepingcomputer.com) 103

An anonymous reader writes: As part of the December 2017 Patch Tuesday, Microsoft has shipped an Office update that disables the DDE feature in Word applications, after several malware campaigns have abused this feature to install malware. DDE stands for Dynamic Data Exchange, and this is an Office feature that allows an Office application to load data from other Office applications. For example, a Word file can update a table by pulling data from an Excel file every time the Word file is opened. DDE is an old feature, which Microsoft has superseded via the newer Object Linking and Embedding (OLE) toolkit, but DDE is still supported by Office applications.

The December Patch Tuesday disables DDE only in Word, but not Excel or Outlook. The reason is that several cybercrime and spam groups have jumped on this technique, which is much more effective at running malicious code when compared to macros or OLE objects, as it requires minimal interaction with a UI popup that many users do not associate with malware. For Outlook and Excel, Microsoft has published instructions on how users can disable DDE on their own, if they don't want this feature enabled.

Google

Google Reveals the Most-Trending Searches of 2017 (google.com) 49

"Google's annual list of the most popular searches is here, offering a peek into what people are really thinking about," writes CNN. An anonymous reader quotes their report: This year, you wanted to know more about one of the most powerful storms on record, the devastating Hurricane Irma. But you were also curious about [hip hop artist] Cardi B. and Unicorn Frappuccinos... Like 2017 itself, this year's top searches skew a little darker than usual, but are punctuated with some whimsy and positive moments. The top trending searches in the U.S. were Irma, Matt Lauer, Tom Petty, the Super Bowl and the Las Vegas shooting.

To determine the most popular trending searches, Google looked at its trillions of queries, filtered out spam and repeats, and identified searches that had the highest uptick in traffic compared with the previous year. It breaks them into categories like news, memes, and recipes (beef stroganoff was a hit).

Surprisingly there were more searches for 'iPhone 8" than for 'iPhone X," though those were the top two most-searched consumer technology products. (Followed by Nintendo Switch, Samsung Galaxy S8, and Xbox One X.) Other top searches this year included "What is net neutrality?" as well as questions about what bitcoin is, how to buy it, and the latest bitcoin prices. And one of the 10 most-searched phrases of the year was "fidget spinner."

Google uploaded an inspiring video to YouTube stating "This year more than ever we asked how." To dramatic music, the examples it gives include "How to calm a dog during a storm," "How to help Puerto Rico," "How to make a protest sign" -- and "How to move forward."
IT

Tech Support Scammers Invade Spotify Forums To Rank in Search Engines (bleepingcomputer.com) 33

Tech support scammers have been aggressively posting on Spotify forums to inject their phone numbers in a bid to vastly improve their odds of showing up on Google and Bing search results, a new report claims. And that bet seems to be working. From the report: They do this by submitting a constant stream of spam posts to the Spotify forums, whose pages tend to rank well in Google. While this behavior causes the Spotify forums to become harder to use for those who have valid questions, the bigger problem is that it allows tech support scammers to rank extremely well and trick unknowing callers into purchasing unnecessary services and software. BleepingComputer was alerted to this problem by security researcher Cody Johnston who started to see an alarming amount of tech support scam phone numbers being listed in Google search results through indexed Spotify forum posts. The tech support scams being posted to Spotify include Tinder, Linksys, AOL, Turbotax, Coinbase, Amazon, Apple, Microsoft, Norton, McAfee and more.
Advertising

Google Flagged Its Own Chromebook Ad As Spam On YouTube (theverge.com) 35

AmiMoJo quotes The Verge: It's no secret that YouTube's algorithm for automatically flagging videos can be troublesome -- recent issues have seen content creators getting their videos demonetized for seemingly no reason -- but Google's latest faux pas might hit the company a little closer to home. Google posted an ad for its new Chromebook Pixel that is getting flagged as spam... It's particularly telling about whatever is happening with YouTube's algorithm that even official Google content is getting removed "for violating YouTube's policy on spam, deceptive practices, and scams."
Communications

More Than a Million Pro-Repeal Net Neutrality Comments Were Likely Faked (hackernoon.com) 177

Jeff Kao from Hacker Noon used natural language processing techniques to analyze net neutrality comments submitted to the FCC from April-October 2017 and found that at least 1.3 million pro-repeal net neutrality comments were faked. From the report: NY Attorney General Schneiderman estimated that hundreds of thousands of Americans' identities were stolen and used in spam campaigns that support repealing net neutrality. My research found at least 1.3 million fake pro-repeal comments, with suspicions about many more. In fact, the sum of fake pro-repeal comments in the proceeding may number in the millions. In this post, I will point out one particularly egregious spambot submission, make the case that there are likely many more pro-repeal spambots yet to be confirmed, and estimate the public position on net neutrality in the "organic" public submissions. [The key findings include:]

1. One pro-repeal spam campaign used mail-merge to disguise 1.3 million comments as unique grassroots submissions.
2. There were likely multiple other campaigns aimed at injecting what may total several million pro-repeal comments into the system.
3. It's highly likely that more than 99% of the truly unique comments were in favor of keeping net neutrality.

Network

FCC Ignored Your Net Neutrality Comment, Unless You Made a 'Serious' Legal Argument (theverge.com) 279

An anonymous reader quotes a report from The Verge: The FCC received a record-breaking 22 million comments chiming in on the net neutrality debate, but from the sound of it, it's ignoring the vast majority of them. In a call with reporters yesterday discussing its plan to end net neutrality, a senior FCC official said that 7.5 million of those comments were the exact same letter, which was submitted using 45,000 fake email addresses. But even ignoring the potential spam, the commission said it didn't really care about the public's opinion on net neutrality unless it was phrased in unique legal terms. The vast majority of the 22 million comments were form letters, the official said, and unless those letters introduced new facts into the record or made serious legal arguments, they didn't have much bearing on the decision. The commission didn't care about comments that were only stating opinion. The FCC has been clear all year that it's focused on "quality" over "quantity" when it comes to comments on net neutrality. In fairness to the commission, this isn't an open vote. It's a deliberative process that weighs a lot of different factors to create policy that balances the interests of many stakeholders. But it still feels brazen hearing the commission staff repeatedly discount Americans' preference for consumer protections, simply because they aren't phrased in legal terms.
Spam

Spam Is Back (theoutline.com) 154

Jon Christian, writing for The Outline: For a while, spam -- unsolicited bulk messages sent for commercial or fraudulent purposes -- seemed to be fading away. The 2003 CAN-SPAM Act mandated unsubscribe links in email marketing campaigns and criminalized attempts to hide the sender's identity, while sophisticated filters on what were then cutting-edge email providers like Gmail buried unwanted messages in out-of-sight spam folders. In 2004, Microsoft co-founder Bill Gates told a crowd at the World Economic Forum that "two years from now, spam will be solved." In 2011, cybersecurity reporter Brian Krebs noted that increasingly tech savvy law enforcement efforts were shutting down major spam operators -- including SpamIt.com, alleged to be a major hub in a Russian digital criminal organization that was responsible for an estimated fifth of the world's spam. These efforts meant that the proportion of all emails that are spam has slowly fallen to a low of about 50 percent in recent years, according to Symantec research.

But it's 2017, and spam has clawed itself back from the grave. It shows up on social media and dating sites as bots hoping to lure you into downloading malware or clicking an affiliate link. It creeps onto your phone as text messages and robocalls that ring you five times a day about luxury cruises and fictitious tax bills. Networks associated with the buzzy new cryptocurrency system Ethereum have been plagued with spam. Facebook recently fought a six-month battle against a spam operation that was administering fake accounts in Bangladesh, Indonesia, Saudi Arabia, and other countries. Last year, a Chicago resident sued the Trump campaign for allegedly sending unsolicited text message spam; this past November, ZDNet reported that voters were being inundated with political text messages they never signed up for. Apps can be horrid spam vectors, too. Repeated mass data breaches that include contact information, such as the Yahoo breach in which 3 billion user accounts were exposed, surely haven't helped. Meanwhile, you, me, and everyone we know is being plagued by robocalls.

Communications

Phone Companies Get New Tools To Block Spam Calls (cnbc.com) 129

An anonymous reader shares a report: Phone companies will have greater authority to block questionable calls from reaching customers as regulators adopted new rules to combat automated messages known as robocalls. Rules adopted Thursday by the Federal Communications Commission represent the latest tools against "robocalls," which pester consumers, sometimes multiple times each day, and often push scams. Phone companies can already block some calls that trick consumers by showing up on Caller ID with fake numbers. The new rules make clear that they can block additional calls that are likely scams, such as numbers that start with a 911 area code, or one that isn't currently assigned to anyone.
Spam

Security Firm Creates Chatbot To Respond To Scam Emails On Your Behalf (theverge.com) 70

An anonymous reader shares a report: Chatbots. They're usually a waste of your time, so why not have them waste someone else's instead? Better yet: why not have them waste an email scammer's time. That's the premise behind Re:scam , an email chatbot operated by New Zealand cybersecurity firm Netsafe. Next time you get a dodgy email in your inbox, says Netsafe, forward it on to me@rescam.org, and a proxy email address will start replying to the scammer for you, doing its very utmost to waste their time.
Social Networks

9.6% of Facebook's Users 'May Be Fakes' (nytimes.com) 96

An anonymous reader quotes the New York Times: Facebook estimates that about 200 million of its more than 2.07 billion users may be fakes... [Non-paywalled article here.] Colin Stretch, the general counsel of Facebook, told the Senate Intelligence Committee the company was doubling its review staff to 20,000 and using artificial intelligence to find more "bad actors"... Sean Edgett, Twitter's general counsel, testified before Congress that about 5 percent of its 330 million users are "false accounts or spam," which would add up to more than 16 million fakes.

Independent experts say the real numbers are far higher. On Twitter, little more than an email address is needed to start tweeting. Facebook's requirement that users be their authentic selves means the company asks for a smattering of information to sign up -- name, birthday, gender and email address. But few checks exist to verify if that information is true when a user signs up.

Botnet

Malware Developer Who Used Spam Botnet To Pay For College Gets No Prison Time (bleepingcomputer.com) 57

An anonymous reader writes: The operator of a 77,000-strong spam botnet was sentenced to two years probation and no prison time after admitting his crime and completely reforming his life. The former botnet operator is now working for a cybersecurity company, and admitted his actions as soon as the FBI knocked on his door back in 2013. The botnet operator, a 29-year-old from Santa Clara, California, says he was tricked by fellow co-schemers who told him they were not doing anything wrong by infecting computers with malware because they were not accessing private information such as banking or financial records. Furthermore, the botnet operator escaped prison time because he used all the money he earned in getting a college degree at Cal Poly instead of using it on a lavish lifestyle or drugs. This case is similar to the one that MalwareTech (aka Marcus Hutchins) now faces in the U.S. for his role in developing the Kronos trojan, but also after turning his life around and working as a cybersecurity researcher for years.
Bug

Google Explains Tuesday's Drive, Docs Bug That Marked Some Files As Violating Terms of Service (9to5google.com) 97

On Tuesday, Google's cloud-based word processing software was randomly flagging files for supposedly "violating" Google's Terms of Service, resulting in some users not being able to access or share their files. Google today explained the issue and addressed concerns that arose. 9to5Google reports: Several users on Tuesday morning reported no longer being able to open certain files they were working on in Docs, while others were locked out mid-edit. "On Tuesday, October 31, we mistakenly blocked access to some of our users' files, including Google Docs," Google said in a blog post. "This was due to a short-lived bug that incorrectly flagged some files as violating our terms of service (TOS)." Afterwards, Google provided a comment to Gizmodo noting that a code push made earlier that morning was at fault and that full access had been restored to users hours after the bug first arose. Today's clarification goes on to explain how that error on Tuesday caused Drive to "misinterpret" responses from the antivirus system designed to protect against malware, phishing, and spam. As a result, Docs "erroneously mark[ed] some files as TOS violations, thus causing access denials for users of those files."
Social Networks

TechCrunch Argues Social Media News Feeds 'Need to Die' (techcrunch.com) 154

"Feeds need to die because they distort our views and disconnect us from other human beings around us," argues TechCrunch's Romain Dillet: At first, I thought I was missing out on some Very Important Content. I felt disconnected. I fought against my own FOMO. But now, I don't feel anything. What's going on on Instagram? I don't care. Facebook is now the worst internet forum you can find. Twitter is filled with horrible, abusive people. Instagram has become a tiny Facebook now that it has discouraged all the weird, funny accounts from posting with its broken algorithm. LinkedIn's feed is pure spam.

And here's what I realized after forgetting about all those "social" networks. First, they're tricking you and pushing the right buttons to make you check your feed just one more time. They all use thirsty notifications, promote contrarian posts that get a lot of engagement and play with your emotions. Posting has been gamified and you want to check one more time if you got more likes on your last Instagram photo. Everything is now a story so that you pay more attention to your phone and you get bored less quickly -- moving pictures with sound tend to attract your eyes... [F]inally, I realized that I was missing out by constantly checking all my feeds. By putting my phone on 'Do Not Disturb' for days, I discovered new places, started conversations and noticed tiny little things that made me smile.

He concludes that technology has improved the way we learn, communicate, and share information, "But it has gone too far...

"Forget about your phone for a minute, look around and talk with people next to you."
Businesses

Dodging Russian Spies, Customers Are Ripping Out Kaspersky (thedailybeast.com) 366

From a report: Multiple U.S. security consultants and other industry sources tell The Daily Beast customers are dropping their use of Kaspersky software all together, particularly in the financial sector, likely concerned that Russian spies can rummage through their files. Some security companies are being told to only provide U.S. products. And former Kaspersky employees describe the firm as reeling, with department closures and anticipation that researchers will jump ship soon. "We are under great pressure to only use American products no matter the technical or performance consequences," said a source in a cybersecurity firm which uses Kaspersky's anti-virus engine in its own services. The Daily Beast granted anonymity to some of the industry sources to discuss internal deliberations, as well as the former Kaspersky employees to talk candidly about recent events.
Businesses

Amazon's Next Big Bet is Letting You Communicate Without a Smartphone, Says Alexa's Chief Scientist (cnbc.com) 144

An anonymous reader shares a report: The next big function to take off on Amazon's Echo devices will be voice or video calling -- which is a way Alexa can reduce the need to have your smartphone on your at all times, said Rohit Prasad, VP and Head Scientist at Alexa Machine Learning. "If you have not played with calling and the video calls on Echo Show, you should try it because that is revolutionizing how you can communicate," Prasad said in an exclusive interview with CNBC at an Alexa Accelerator event in Seattle Tuesday night. (The event is dedicating to developing new voice-powered technologies.) "When you can drop in on people who have given you access -- so I can drop in and call my mom in her kitchen without her picking any device -- it's just awesome." (Amazon added the ability to call mobile numbers and landlines for free onto Echo devices a few weeks ago.) Amazon doesn't have a smartphone that lets customers bring a digital assistant everywhere -- like Apple's Siri and Google's Assistant -- and communicating through Alexa devices is one way of reducing the need for a personal handset, Prasad said "I can easily drop in and talk to my kids," Prasad says. "They don't have a smartphone so that's my easiest way to talk to them. It's yet another area where Alexa is taking the friction away."
Twitter

Twitter Suspends 300,000 Accounts Tied To Terrorism In 2017 (bloomberg.com) 69

According to a new transparency report, Twitter said it suspended nearly 300,000 accounts globally linked to terrorism in the first half of the year. The company is improving automation tools used to help block accounts that promote terrorism and violence. Bloomberg reports: Of [the nearly 300,000 accounts that were suspended], roughly 95 percent were identified by the company's spam-fighting automation tools. Meanwhile, the social network said government data requests continued to increase, and that it provided authorities with data on roughly 3,900 accounts from January to June. Twitter said about 75 percent of the blocked accounts this year were spotted before a single tweet was sent, and that 935,897 accounts had been suspended since August 2015, with two-thirds of those coming in the past year. American authorities made 2,111 requests from Twitter from January to June, the most of the 83 countries tracked by the company. Twitter supplied information on users in 77 percent of the inquiries. Japan made 1,384 requests and the U.K. issued 606 requests. Turkish authorities continued a trend of aggressively policing Twitter, making 554 requests for account data and issuing court orders to remove 715 pieces of content. Other governments made only 38 total content-removal requests.
Iphone

How One Writer Is Battling Tech-Induced Attention Disorder (wired.com) 195

New submitter mirandakatz writes: Katie Hafner has spent the last 23 days in rehab. Not for alcoholism or gambling, but for a self-inflicted case of episodic partial attention thanks to her iPhone. On Backchannel, Hafner writes about the detrimental effect the constant stream of pings has had on her, and how her life has come to resemble a computer screen. "I sense a constant agitation when I'm doing something," she says, "as if there is something else out there, beckoning -- demanding -- my attention. And nothing needs to be deferred." "I blame electronics for my affliction," writes Hafner, who says the devices in her life "teem with squirrels." "If I pick up my iPhone to send a text, damned if I don't get knocked off task within a couple of seconds by an alert about Trump's latest tweet. And my guess is that if you have allowed your mind to be as tyrannized by the demands of your devices as I have, you too suffer to some degree from this condition."

Hafner goes on to describe her symptoms of "episodic partial attention" and provide potential fixes for it: "There are the obvious fixes. Address the electronics first: Silence the phone as well as all alerts on your computer, and you automatically banish two squirrels. But how do you shut down the micro-distractions that dangle everywhere in your physical world, their bushy gray tails twitching seductively? My therapy, of my own devising, consists of serial mono-tasking with a big dose of mindful intent, or intentional mindfulness -- which is really just good, old-fashioned paying attention. At first, I took the tiniest of steps. I celebrated the buttoning of a blouse without stopping to apply the hand cream I spotted on the dresser as if I had gotten into Harvard. Each task I took on -- however mundane -- I had to first announce, quietly, to myself. I made myself vow that I would work on that task and only that task until it was finished. Like a stroke patient relearning how to move an arm, I told myself not that I was making the entire bed (too overwhelming), but that I had a series of steps to perform: first the top sheet, then the blankets, then the comforter, then the pillows. Emptying the dishwasher became my Waterloo. Putting dishes away takes time, and it's tedious. Perhaps the greatest challenge lies in the fact that the job requires repeated kitchen crossings. There are squirrels everywhere, none more treacherous than the siren song that is my iPhone."

Slashdot Top Deals