Security

Old Crypto Vulnerability Hits Major Tech Firms (securityweek.com) 30

wiredmikey writes: A team of researchers has revived an old crypto vulnerability and determined that it affects the products of several major vendors and a significant number of the world's top websites. The attack/exploit method against a Transport Layer Security (TLS) vulnerability now has a name, a logo and a website. It has been dubbed ROBOT (Return Of Bleichenbacher's Oracle Threat) and, as the name suggests, it's related to an attack method discovered by Daniel Bleichenbacher back in 1998. ROBOT allows an attacker to obtain the RSA key necessary to decrypt TLS traffic under certain conditions. While proof-of-concept (PoC) code will only be made available after affected organizations have had a chance to patch their systems, the researchers have published some additional details. Researchers have made available an online tool that can be used to test public HTTPS servers. An analysis showed that at least 27 of the top 100 Alexa websites, including Facebook and PayPal, were affected.
Facebook

Russia-Linked Accounts Were Active on Facebook Ahead of Brexit (ft.com) 210

The Russia-linked troll farm that used Facebook to target Americans during last year's election was also active in the UK ahead of the Brexit vote (Editor's note: the link may be paywalled; alternative source), the social media company has admitted. From a report: In a letter to the Electoral Commission, Facebook said accounts associated with the Internet Research Agency spent $0.97 for three ads in the days before the EU referendum. These ads appeared on approximately 200 news feeds in the UK before the country voted to leave the EU last year. For months the social media company has sidestepped questions from MPs and journalists about Russian interference through its platform in the UK. The concerns were fuelled by revelations this summer that Facebook had been weaponised by Russian entities before the election of US President Donald Trump. France and Germany have said their elections were also targeted. "We strongly support the Commission's efforts to regulate and enforce political campaign finance rules in the United Kingdom, and we take the Commission's request very seriously," Facebook said in the letter.
Businesses

Net Neutrality Protests Move Online, Yet Big Tech Is Quiet (nytimes.com) 67

The New York Times: Protests to preserve net neutrality, or rules that ensure equal access to the internet, migrated online on Tuesday, with numerous online companies posting calls on their sites for action to stop a vote later this week. Reddit, Etsy and Kickstarter were among the sites warning that the proposal at the Federal Communications Commission to roll back so-called net neutrality rules would fundamentally change the way the internet is experienced. Kickstarter, the crowdfunding site, cleared its entire home screen for a sparse white screen reading "Defend Net Neutrality" in large letters. Reddit, the popular online message board, pushed in multiple ways on its site for keeping the rules, including a pop-up box on its home screen. But the online protests also highlighted how the biggest tech companies, such as Facebook and Google, have taken a back seat in the debate about protecting net neutrality (Editor's note: the link may be paywalled; syndicated source), rules that prohibit internet service providers like AT&T and Comcast from blocking or slowing sites or for charging people or companies for faster speeds of particular sites. For the most part, the large tech companies did not engage in the protest on Tuesday. In the past, the companies have played a leading role in supporting the rules.
Businesses

No Matter What Happens With Net Neutrality, an Open Internet Isn't Going Anywhere, Says Former FCC Chairman (recode.net) 167

Michael K. Powell, a former chairman of the Federal Communications Commission, writing for Recode: With an ounce of reflection, one knows that none of this will come to pass, and the imagined doom will join the failed catastrophic predictions of Y2K and massive snow storms that fizzle to mere dustings -- all too common in Washington, D.C. Sadly, rational debate, like Elvis, has left the building. The vibrant and open internet that Americans cherish isn't going anywhere. In the days, weeks and years following this vote, Americans will be merrily shopping online for the holidays, posting pictures on Instagram, vigorously voicing political views on Facebook and asking Alexa the score of the game. Startups and small business will continue to hatch and flourish, and students will be online, studiously taking courses. Time will prove that the FCC did not destroy the internet, and our digital lives will go on just as they have for years. This confidence rests on the fact that ISPs highly value the open internet and the principles of net neutrality, much more than some animated activists would have you think. Why? For one, because it's a better way of making money than a closed internet.
The Almighty Buck

The Silicon Valley Paradox: One In Four People Are At Risk of Hunger (theguardian.com) 339

Zorro shares a report from The Guardian: One in four people in Silicon Valley are at risk of hunger, researchers at the Second Harvest food bank have found. Using hundreds of community interviews and data modeling, a new study suggests that 26.8% of the population -- almost 720,000 people -- qualify as "food insecure" based on risk factors such as missing meals, relying on food banks or food stamps, borrowing money for food, or neglecting bills and rent in order to buy groceries. Nearly a quarter are families with children. "We call it the Silicon Valley paradox," says Steve Brennan, the food bank's marketing director. "As the economy gets better we seem to be serving more people." Since the recession, Second Harvest has seen demand spike by 46%. The bank is at the center of the Silicon Valley boom -- both literally and figuratively. It sits just half a mile from Cisco's headquarters and counts Facebook's Sheryl Sandberg among its major donors. But the need it serves is exacerbated by this industry's wealth; as high-paying tech firms move in, the cost of living rises for everyone else.

The scale of the problem becomes apparent on a visit to Second Harvest, the only food bank serving Silicon Valley and one of the largest in the country. In any given month it provides meals for 257,000 people -- 66m pounds of food last year. Because poverty is often shrouded in shame, their clients' situations can come as a surprise. "Often we think of somebody visibly hungry, the traditional homeless person," Brennan said. "But this study is putting light on the non-traditional homeless: people living in their car or a garage, working people who have to choose between rent and food, people without access to a kitchen."

Facebook

We've Toned Down the 'Destroying Society' Shtick, Facebook Insists (theregister.co.uk) 102

Facebook has taken the unusual step of responding to comments by former VP Chamath Palihapitiya that the social media giant was "destroying how society works." Palihapitiya said that executives ignored cautionary instincts when creating Facebook, and he now regretted the consequences. In a statement, Facebook said: Chamath has not been at Facebook for over 6 years. When Chamath was at Facebook we were focused on building new social media experiences and growing Facebook around the world. Facebook was a very different company back then, and as we have grown, we have realized how our responsibilities have grown too. We take our role very seriously and we are working hard to improve. We've done a lot of work and research with outside experts and academics to understand the effects of our service on well-being, and we're using it to inform our product development. We are also making significant investments more in people, technology and processes, and -- as Mark Zuckerberg said on the last earnings call -- we are willing to reduce our profitability to make sure the right investments are made.
Privacy

How Email Open Tracking Quietly Took Over the Web (wired.com) 115

Brian Merchant, writing for Wired: There are some 269 billion emails sent and received daily. That's roughly 35 emails for every person on the planet, every day. Over 40 percent of those emails are tracked, according to a study published last June by OMC, an "email intelligence" company that also builds anti-tracking tools. The tech is pretty simple. Tracking clients embed a line of code in the body of an email -- usually in a 1x1 pixel image, so tiny it's invisible, but also in elements like hyperlinks and custom fonts. When a recipient opens the email, the tracking client recognizes that pixel has been downloaded, as well as where and on what device. Newsletter services, marketers, and advertisers have used the technique for years, to collect data about their open rates; major tech companies like Facebook and Twitter followed suit in their ongoing quest to profile and predict our behavior online. But lately, a surprising -- and growing -- number of tracked emails are being sent not from corporations, but acquaintances. "We have been in touch with users that were tracked by their spouses, business partners, competitors," says Florian Seroussi, the founder of OMC. "It's the wild, wild west out there." According to OMC's data, a full 19 percent of all "conversational" email is now tracked. That's one in five of the emails you get from your friends. And you probably never noticed.
Facebook

Former Facebook Exec Says Social Media is Ripping Apart Society (theverge.com) 404

An anonymous reader shares a report on The Verge: Another former Facebook executive has spoken out about the harm the social network is doing to civil society around the world. Chamath Palihapitiya, who joined Facebook in 2007 and became its vice president for user growth, said he feels "tremendous guilt" about the company he helped make. "I think we have created tools that are ripping apart the social fabric of how society works," he told an audience at Stanford Graduate School of Business, before recommending people take a âoehard breakâ from social media. Palihapitiya's criticisms were aimed not only at Facebook, but the wider online ecosystem. "The short-term, dopamine-driven feedback loops we've created are destroying how society works," he said, referring to online interactions driven by "hearts, likes, thumbs-up." "No civil discourse, no cooperation; misinformation, mistruth. And it's not an American problem -- this is not about Russians ads. This is a global problem." Also read: Sean Parker Unloads on Facebook 'Exploiting' Human Psychology
IOS

Top iOS Apps of 2017: Bitmoji Beats Snapchat, YouTube, and Facebook Messenger (cnn.com) 27

An anonymous reader quotes CNN: Apple has unveiled its list of most downloaded iOS apps of the year, and topping the list is free custom emoji app Bitmoji... Bitmoji soared to the top of the list, thanks to an integration with Snapchat. (Snapchat's parent company acquired Bitmoji last year for an unknown amount)... Users must download the Bitmoji app to use it with Snapchat.

Fittingly, the main Snapchat app took second place, despite a tough year on Wall Street that was attributed to slow user growth. Snapchat was the most downloaded app of 2016. Google's YouTube took the number three spot this year, while Facebook's Messenger and Instagram placed fourth and fifth, respectively.

The Internet

EU Urges Internet Companies To Do More To Remove Extremist Content (reuters.com) 79

Internet groups such as Facebook, Google's YouTube and Twitter need to do more to stem the proliferation of extremist content on their platforms, the European Commission said after a meeting on Wednesday. From a report: Social media companies have significantly boosted their resources to take down violent and extremist content as soon as possible in response to growing political pressure from European governments, particularly those hit by militant attacks in recent years. But Julian King, EU security commissioner, said that while a lot of progress had been made, additional efforts were needed. "We are not there yet. We are two years down the road of this journey: to reach our final destination we now need to speed up our work," King said in his closing speech at the third meeting of the EU Internet Forum, which brings together the Commission, EU member states, law enforcement and technology companies. The EU has said it will come forward with legislation next year if it is not satisfied with progress made by tech companies in removing extremist content, while a German online hate speech law comes into effect on Jan. 1.
Facebook

Facebook and YouTube Are Full of Pirated Video Streams of Live NFL Games (cnbc.com) 231

Pirated video streams of televised National Football League games are widespread on Facebook and on Google's YouTube service, CNBC has found. From a report: Using technology from these internet giants, thousands of football fans were able to watch long segments of many contests free of charge during the league's Week 13 schedule of games last Thursday and Sunday. Dozens of these video streams, pirated from CBS and NBC broadcasts, featured ads from well-known national brands interspersed with game action. This online activity comes as the league struggles with declining ratings that have been blamed variously on player protests during the national anthem and revelations about former players suffering from a brain disease caused by concussions. Yet this illegal distribution of NFL content may also be crimping the league's viewer numbers.
Businesses

Facebook Tops List of Best Places To Work -- Again (cnet.com) 102

From a report: If you work at Facebook, count yourself pretty lucky. And not just for the free meals, on-site health care or new-parent benefits. But those things probably factor into the social-networking giant being named the best place to work in 2018 by jobs site Glassdoor. And it's probably been a good experience for a while, seeing how this is the third year in a row Facebook has been atop Glassdoor's list of 100 best places to work. If you don't work at Facebook, there might still be hope for you. Glassdoor said there were 40 newcomers on this year's list, including video game maker Blizzard Entertainment (at No. 28 on the list) and wireless carrier T-Mobile (No. 79). There are also three veterans that have made the list every year since it was introduced 10 years ago, including management-consulting firm Bain & Company (No. 2), search giant Google (No. 5) and Apple (No. 84).
The Almighty Buck

'We Could Fund a Universal Basic Income With the Data We Give Away To Facebook and Google' (thenextweb.com) 583

Tristan Greene reports via The Next Web: A universal basic income (UBI), wherein government provides a monthly stipend so citizens can afford a home and basic necessities, is something experts believe would directly address the issue of unemployment and poverty, and possibly even eliminate hundreds of other welfare programs. It may also be the only real solution to the impending automation bonanza. According to AI expert Steve Fuller, the problem is, giving people money when they lose jobs won't fix the issue, it's a temporary solution and we need permanent ones. Sounds fair, and he even has some ideas on how to accomplish this end: "We could hold Google and Facebook and all those big multinationals accountable; we could make sure that people, like those who are currently 'voluntarily' contributing their data to pump up companies' profits, are given something that is adequate to support their livelihoods in exchange."

It's an interesting idea, but difficult to imagine it's implementation. If the government isn't assigning a specific stipend value, we'll have to be compensated individually by companies. One way to do this, is by emulating the old coal mining company scrip scams of early last century. Employees working for companies would be paid in currency only redeemable at the company store. This basically created a system where a company could tax its own workers for profit. Google, for example, could use a system like that and say "opt-in for $10 worth of Google Play music for free," if they wanted to. Which doesn't help pay the bills when machines replace you at work, but at least you'll be able to voice search for your favorite songs. Another idea is to charge companies an automation tax, but again there's concerns as to how this would be implemented. A solution that combines government oversight with a tax on AI companies -- a UBI funded by the dividends of our data -- may be the best option. To be blunt: we should make Google, Microsoft, Facebook and other such AI companies pay for it with a simple data tax.

Facebook

Health Secretary Hits Out at Facebook's New App, Says 'Stay Away From My Kids' (theguardian.com) 113

Jeremy Hunt has publicly attacked Facebook for releasing a version of its Messenger app aimed at children, and called on the social media company to "stay away from my kids." From a report: The health secretary accused the company of "targeting younger children" after Facebook announced on Monday that it was conducting trials of an app called Messenger Kids in the US, which is designed to be used by pre-teens. He said the company was failing to act responsibly despite having assured the government that it would not target its service at children, who can only use the main social media website if they are over 13.
Businesses

NYTimes Editorial Board: The FCC Wants To Let Telecoms Cash In on the Internet (nytimes.com) 268

The New York Times' Editorial Board writes: The chairman of the Federal Communications Commission wants to let Comcast, Verizon and other broadband companies turn the internet into a latter-day version of cable TV, in which they decide what customers can watch and how much they pay for that content. That's essentially what would happen under the proposal by the chairman, Ajit Pai, to abandon the commission's network neutrality rules, which prevent telecom companies from interfering with how their customers use the internet. Net neutrality prevents those companies from having companies like Amazon pay a fee to get their content delivered more quickly than their rivals', and from having the firms throttle other services and websites, even blocking customer access to, say, Netflix or an online newspaper. Under Mr. Pai's proposal, telecom companies would effectively be allowed to sell you a basic internet plan that might include only limited access to Google and email. For Facebook and Twitter you might need a slightly more expensive deluxe plan. The premium plan might include access to Netflix and Amazon. Oh, and by the way, media businesses eager to gain more users could pay broadband companies to be included in their enhanced basic or deluxe plans. Further reading: Associated Press fact check: Net-neutrality claims leave out key context; The death of the Internet.
Bitcoin

The Winklevoss Twins Are Now Bitcoin Billionaires (theverge.com) 155

The twin brothers who gained notoriety for suing Mark Zuckerberg over the claim that they started Facebook have done remarkably well in the wake of Bitcoin's record gains. From a report: Cameron and Tyler Winklevoss won $65 million from the Facebook lawsuit, and invested $11 million of their payout into Bitcoin in 2013, amassing one of the largest portfolios of Bitcoin in the world -- 1 percent of the entire currency's dollar value equivalent, said the twins at the time. Their slice of the Bitcoin pie is now worth over $1 billion after Bitcoin surged past $10,000 last week to now trade at $11,100, according to CoinDesk. The cryptocurrency has surged over 10,000 percent since the Winklevoss' investment, when one coin traded at around $120.
Facebook

Facebook Launches New Messenger App for Young Kids -- What Could Possibly Go Wrong? (gizmodo.com) 62

More than one billion people use Facebook's Messenger app to communicate every month. Now the social juggernaut is going after the younger audience. On Monday, it announced Messenger Kids, a standalone mobile app designed for children age 13 and under. From a report: The app, Messenger Kids, is a messaging service that gives parents authority over who their kids can chat with. Once a parent adds someone to their child's contact list through the main Facebook app, kids can video chat as well as send photos, videos, and texts, or pick something from "a library of kid-appropriate and specially chosen GIFs, frames, stickers, masks, and drawing tools," according to Facebook's announcement post. [...] A Facebook spokesperson said in an email to Gizmodo, "We've built automated systems that can detect things like nudity, violence, and child exploitative imagery to help limit that content from being shared on Messenger Kids. We also have blocking and reporting mechanisms, and have a dedicated team of human reviewers that review all content that is reported."
Earth

Silicon Valley Billionaires Award $22 Million in 'Breakthrough Prizes' (theguardian.com) 23

An anonymous reader quote The Guardian: The most glitzy event on the scientific calendar took place on Sunday night when the Breakthrough Foundation gave away $22 million in prizes to dozens of physicists, biologists and mathematicians at a ceremony in Silicon Valley. The winners this year include five researchers who won $3 million each for their work on cell biology, plant science and neurodegenerative diseases, two mathematicians, and a team of 27 physicists who mapped the primordial light that warmed the universe moments after the big bang 13.8 billion years ago. Now in their sixth year, the Breakthrough prizes are backed by Yuri Milner, a Silicon Valley tech investor, Mark Zuckerberg of Facebook and his wife Priscilla Chan, Anne Wojcicki from the DNA testing company 23andMe, and Google's Sergey Brin. Launched by Milner in 2012, the awards aim to make rock stars of scientists and raise their profile in the public consciousness. The annual ceremony at Nasa's Ames Research Center in California provides a rare opportunity for some of the world's leading minds to rub shoulders with celebrities, who this year included Morgan Freeman as host, fellow actors Kerry Washington and Mila Kunis, and Miss USA 2017 Kara McCullough...

Life sciences prizewinner, Joanne Chory at the Salk Institute in San Diego, was honoured for three decades of painstaking research into the genetic programs that flip into action when plants find themselves plunged into shade. Her work revealed that plants can sense when a nearby competitor is about to steal their light, sparking a growth spurt in response. The plants detect threatening neighbours by sensing a surge in the particular wavelengths of red light that are given off by vegetation. Chory now has ambitious plans to breed plants that can suck vast quantities of carbon dioxide out of the atmosphere in a bid to combat climate change. She believes that crops could be selected to absorb 20 times more of the greenhouse gas than they do today, and convert it into suberin, a waxy material found in roots and bark that breaks down incredibly slowly in soil. "If we can do this on 5% of the landmass people are growing crops on, we can take out 50% of global human emissions," she said.

The Mercury News published a list of all the winners, pointing out they were chosen from more than 11,000 entries (from 178 countries). And Wired notes that the top prize winners get $2 million more than Nobel prize winners.
Education

Should Teachers Get $100 For Steering Kids To Google's 'Hour of Code' Lesson? 89

Tomorrow's "Hour of Code" kick-off event features Melinda Gates, Facebook COO Sheryl Sandberg, YouTube CEO Susan Wojcicki, and "multiple state governors," reports theodp -- who has some concerns. With Microsoft boasting that nearly 70 million of its Minecraft Hour of Code sessions have been launched, and tech companies pushing coding and their products into classrooms, it's probably no surprise that the 2017 Hour of Code -- organized by tech-bankrolled Code.org -- seems to have presented a too-hard-to-resist branding opportunity for Google, Microsoft, Apple and Amazon.

And, in what might evoke memories of Dollars for Doctors, some teachers will even be rewarded for steering their kids to Google's Hour of Code lesson. "Thanks to our friends at Google," explains crowdfunding website DonorsChoose.org, "4th-8th grade public school teachers who engage their students in a 'Create your own Google logo' Hour of Code activity can earn a $100 DonorsChoose.org gift code -- and have the opportunity to receive one of five other grand prizes (including $5,000 in DonorsChoose.org credits for your school!)."
Red Hat Software

Understanding the New Red Hat-IBM-Google-Facebook GPL Enforcement Announcement (perens.com) 96

Bruce Perens co-founded the Open Source Initiative with Eric Raymond -- and he's also Slashdot reader #3872. Bruce Perens writes: Red Hat, IBM, Google, and Facebook announced that they would give infringers of their GPL software up to a 30-day hold-off period during which an accused infringer could cure a GPL violation after one was brought to their attention by the copyright holder, and a 60 day "statute of limitations" on an already-cured infringement when the copyright holder has never notified the infringer of the violation. In both cases, there would be no penalty: no damages, no fees, probably no lawsuit; for the infringer who promptly cures their infringement.
Perens sees the move as "obviously inspired" by the kernel team's earlier announcement, and believes it's directed against one man who made 50 copyright infringement claims involving the Linux kernel "with intent to collect income rather than simply obtain compliance with the GPL license."

Unfortunately, "as far as I can tell, it's Patrick McHardy's legal right to bring such claims regarding the copyrights which he owns, even if it doesn't fit Community Principles which nobody is actually compelled to follow."

Slashdot Top Deals