Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
The Military

ISIS Is Dropping Bombs With Drones In Iraq (popsci.com) 174

In addition to rifles, mortars, artillery and suicidal car bombs, ISIS has recently added commercial drones, converted into tiny bombs, into the mix of weapons it uses to fight in Iraq. In October, The New York Times reported that the Islamic State was using small consumer drones rigged with explosives to fight Kurdish forces in Iraq. Two Kurdish soldiers died dismantling a booby-trapped ISIS drone. Several months later and it appears the use of drones on the battlefield is becoming more prevalent. Popular Science reports: Previously, we've seen ISIS scratch-build drones, and as Iraqi Security Forces retook parts of Mosul, they discovered a vast infrastructure of workshops (complete with quality control) for building standardized munitions, weapons, and explosives. These drone bombers recently captured by Iraqi forces and shared with American advisors appear to be commercial, off-the-shelf models, adapted to carry grenade-sized payloads. "It's not as if it is a large, armed UAV [unmanned aerial vehicle] that is dropping munitions from the wings -- but literally, a very small quadcopter that drops a small munition in a somewhat imprecise manner," [Col. Brett] Sylvia, commander of an American military advising mission in Iraq, told Military Times. "They are very short-range, targeting those front-line troops from the Iraqis." Because the drones used are commercial models, it likely means that anti-drone weapons already on hand with the American advisors are sufficient to stop them. It's worth noting that the bomb-dropping drones are just a small part of how ISIS uses the cheap, unmanned flying machines. Other applications include scouts and explosive decoys, as well as one-use weapons. ISIS is also likely not the first group to figure out how to drop grenades from small drones; it's a growing field of research and development among many violent, nonstate actors and insurgent groups. Despite the relative novelty, it's also likely not the deadliest thing insurgents can do with drones.
Government

Petition With Over 1 Million Signatures Urges President Obama To Pardon Snowden (cnet.com) 269

An anonymous reader quotes a report from CNET: More than 1 million people signed onto a petition asking President Barack Obama to pardon Edward Snowden, proponents of the pardon said Friday. The campaign began in September, when Snowden, his attorney Ben Wizner from the ACLU, and other privacy activists announced they would formally petition Obama for a pardon. Snowden leaked classified NSA documents detailing surveillance programs run by the U.S. and its allies to journalists in 2013, kicking off a heated debate on whether Americans should be willing to sacrifice internet privacy to help the government protect the country from terrorist attacks. Obama and White House representatives have said repeatedly that Snowden must face the charges against him and that he'll be afforded a fair trial. In the U.S., a pardon is "an expression of the president's forgiveness and ordinarily is granted in recognition of the applicant's acceptance of responsibility for the crime and established good conduct for a significant period of time after conviction or completion of sentence," according to the Office of the Pardon Attorney. It does not signify innocence. Also on Friday, David Kaye urged Obama to consider a pardon for Snowden. Kaye, the special rapporteur to the United Nations Human Rights Council on the freedom of expression, said U.S. law doesn't allow Snowden to argue that his disclosures were made for the benefit of the public. The jury would merely be asked to decide whether Snowden stole government secrets and distributed them -- something Snowden himself concedes he did. In response to the petition, Edward Snowden tweeted: "Whether or not this President ends the war on whistleblowers, you've sent a message to history: I feared no one would care. I was wrong."
Cellphones

Faulty Phone Battery May Have Caused Fire That Brought Down EgyptAir Flight MS80 (ibtimes.co.uk) 141

New submitter drunkdrone writes: "French authorities investigating the EgyptAir crash that killed 66 people last year believe that the plane may have been brought down by an overheating phone battery," reports International Business Times. Investigators say the fire that broke out on the Airbus A320 in May 2016 started in the spot where the co-pilot had stowed his iPad and iPhone 6S, which he placed on top of the instrument panel in the plane's cockpit. From the report: "EgyptAir flight MS804 was traveling from Paris to Cairo when it disappeared from radar on 19 May 2016. Egyptian investigators have speculated that the crash, which killed all 56 passengers, seven crew members and three security personnel on board, was caused by an act of terrorism due to traces of explosives reported to be found on some the victims. Investigators in France have disputed these claims, saying that data recorded from the aircraft around the time it disappeared points to an accidental fire on the right-hand side of the flight deck, next to the co-pilot. According to The Times, CCTV pulled from cameras at Paris' Charles de Gualle airport show that the co-pilot stored a number of personal items above the dashboard, where the first signs of trouble were detected. This included an automated alert indicating a series of malfunctions on the right-hand flight deck window, followed by smoke alerts going off in a toilet and in the avionics area below the cockpit, minutes before the plane vanished."
Facebook

Facebook No Longer Clearly Labels Edited Posts (mashable.com) 52

An anonymous reader quotes a report from Mashable: Have you ever made a cringeworthy mistake in a Facebook post? Don't lie, the answer is yes. If you have a sense of shame, Facebook at least allows you to go back and correct your gaffe by editing the post, a feature that certain other social media networks still haven't added. But evidence of your slip-up lived on with the tiny "Edited" label on the bottom of the post, signaling to your followers that you cared just enough to correct yourself on the internet. Sad. Apparently, however, that's no longer the case. It seems that Facebook has removed the on-post edited label, making it much more difficult to know when someone actually took the time to fix their mistake. In order to actually know whether or not your eyes were playing tricks on you when a friend's rant no longer has 15 spelling errors the second time you see it, you'll need to do some digging. Here's how the new editing looks, courtesy of my colleague Raymond Wong and his doubts about how cool the upcoming Nintendo Switch actually is. I noticed that he added a comment about the Switch, so I checked out the post information, via the drop-down menu. To see what happened, I have to view the edit history. When I look at his edit history, I can see all the changes that were made. In most cases, this type of editing isn't a big deal, but the move to hide post edit labels takes away one of the few features that provided any transparency for our online behavior.
Security

Security Experts Rebut The Guardian's Report That Claimed WhatsApp Has a Backdoor (gizmodo.com) 111

William Turton, writing for Gizmodo: This morning, the Guardian published a story with an alarming headline: "WhatsApp backdoor allows snooping on encrypted messages." If true, this would have massive implications for the security and privacy of WhatsApp's one-billion-plus users. Fortunately, there's no backdoor in WhatsApp, and according to Alec Muffett, an experienced security researcher who spoke to Gizmodo, the Guardian's story is a "major league fuckwittage." [...] Fredric Jacobs, who was the iOS developer at Open Whisper Systems, the collective that designed and maintains the Signal encryption protocol, and who most recently worked at Apple, said, "Nothing new. Of course, if you don't verify keys Signal/WhatsApp/... can man-in-the-middle your communications." "I characterize the threat posed by such reportage as being fear and uncertainty and doubt on an 'anti-vaccination' scale," Muffett, who previously worked on Facebook's engineering security infrastructure team, told Gizmodo. "It is not a bug, it is working as designed and someone is saying it's a 'flaw' and pretending it is earth shattering when in fact it is ignorable." The supposed "backdoor" the Guardian is describing is actually a feature working as intended, and it would require significant collaboration with Facebook to be able to snoop on and intercept someone's encrypted messages, something the company is extremely unlikely to do. "There's a feature in WhatsApp that -- when you swap phones, get a new phone, factory reset, whatever -- when you install WhatsApp freshly on the new phone and continue a conversation, the encryption keys get re-negotiated to accommodate the new phone," Muffett told Gizmodo. Other security experts and journalists have also criticized The Guardian's story.
Programming

App.net is Shutting Down (app.net) 30

Social network App.net is shutting down once and for all in March. The company said on March 14 it will be deleting all user data. The announcement comes two years after the company ceased active development on the platform. From the official blog post: Ultimately, we failed to overcome the chicken-and-egg issue between application developers and user adoption of those applications. We envisioned a pool of differentiated, fast-growing third-party applications would sustain the numbers needed to make the business work. Our initial developer adoption exceeded expectations, but that initial excitement didn't ultimately translate into a big enough pool of customers for those developers. This was a foreseeable risk, but one we felt was worth taking.
Nintendo

Nintendo Switch Will Launch On March 3rd For $299, Won't Feature Region-Locking Software (cnet.com) 156

Nintendo has released more details about its upcoming Nintendo Switch gaming console. We have learned that the console will be launching on March 3rd worldwide, and in North America the console will be available for $299.99. What's more is that it won't feature region-locking for software, meaning you can play games from any region no matter where you buy your console. CNET reports: There will also be a Nintendo Switch online service that will be a paid service. It will launch as a trial with pricing to be announced later in 2017. For fans of imports of Japanese exclusives, it was announced the new system will have no region locking -- a big break from tradition for Nintendo. The Switch itself is said to have battery life from 2.5 to 6 hours and can be charged over USB-C. Nintendo says it will have portable battery accessories also available to charge on the go. The Joy-con is the name for new controller, usable in a combined controller style or separated into two halves to let two players play together. It will also be available in a range of colors for people who want to mix things up. The Joy-con has a whole bunch of clever tricks -- motion control, IR sensor, haptic feedback -- and a series of 'versus' game ideas called "1, 2, Switch" that let you play games (like a quick draw shooting game) without needing to look at the screen, just face each other down with the Joy-con controllers. Other games announced that need you to keep the full Joy-con all to yourself include 'Arms', a robotic boxing battle game, and Splatoon 2. Plus the new Mario game, Super Mario Odyssey, which aims to deliver a 'sandbox' experience across many realms outside the Mushroom kingdom, including the real world. And this time his cap has come to life. For the more serious RPG fans, Xenoblade Chronicles 2 was also announced for the Nintendo Switch. Followed by a very small tease for Fire Emblem Warriors. All up, Nintendo says there are over 80 games in development for the Nintendo Switch. If you live in New York, "a limited quantity of pre-orders for the #NintendoSwitch will begin on 1/13 at 9AM while supplies last," Nintendo NY tweeted.
Businesses

The End of Yahoo: Marissa Mayer To Resign; Yahoo To Change Its Name To Altaba (arstechnica.com) 399

maxcelcat writes: Spotted on The Register's twitter feed: Yahoo! Submission to The SEC. Most of the board is leaving, including CEO Marissa Mayer. The company has been bought by Verizon and is changing its name to Altaba Inc. I'm old enough to remember when Yahoo was a series of directories on a University's computers, where you could browse a hierarchical list of websites by category. And here I am watching the company's demise. According to the regulatory filing, the changes will take place after the sale of its core business is completed with Verizon for roughly $4.8 billion. The Wall Street Journal notes: "Verizon officials have indicated all options remain possible, including renegotiating the terms of the deal or walking away."
Privacy

WikiLeaks Threatens To Publish Twitter Users' Personal Info (usatoday.com) 211

WikiLeaks said on Twitter earlier today that it wants to publish the private information of hundreds of thousands of verified Twitter users. The group said an online database would include such sensitive details as family relationships and finances. USA Today reports: "We are thinking of making an online database with all 'verified' twitter accounts [and] their family/job/financial/housing relationships," the WikiLeaks Task Force account tweeted Friday. The account then tweeted: "We are looking for clear discrete (father/shareholding/party membership) variables that can be put into our AI software. Other suggestions?" Wikileaks told journalist Kevin Collier on Twitter that the organization wants to "develop a metric to understand influence networks based on proximity graphs." Twitter bans the use of Twitter data for "surveillance purposes." In a statement, Twitter said: "Posting another person's private and confidential information is a violation of the Twitter rules." Twitter declined to say how many of its users have verified accounts but the Verified Twitter account which follows verified accounts currently follows 237,000. Verified accounts confirm the identity of the person tweeting by displaying a blue check mark. Twitter says it verifies an account when "it is determined to be an account of public interest." Twitter launched the feature in 2009 after celebrities complained about people impersonating them on the social media service.
The Almighty Buck

T-Mobile Eliminates Cheaper Postpaid Plans, Sells 'Unlimited Data' Only (arstechnica.com) 88

An anonymous reader quotes a report from Ars Technica: T-Mobile USA will stop selling its older and cheaper limited-data plans to postpaid customers, shifting entirely to its new "unlimited" data plans that impose bandwidth limits on video and tethering unless customers pay extra. To ease the transition, T-Mobile will offer bill credits of $10 a month to customers when they use less than 2GB per month. T-Mobile began its shift to unlimited data plans in August with the introduction of T-Mobile One, which starts at $70 a month. While there are no data caps, customers have to pay a total of $95 a month to get high-definition video and mobile hotspot speeds of greater than 512kbps. The carrier said in August that the unlimited plan would be "replacing all our rate plans," including its cheaper plans that cost $50 or $65 a month. Nonetheless, T-Mobile kept selling limited postpaid data plans to new customers for a few months, but yesterday CEO John Legere said that as of January 22, T-Mobile One will be the "only postpaid consumer plan we sell." Existing postpaid customers can keep their current plans. For new customers, T-Mobile will presumably keep selling its prepaid plans that cost $40 to $60 a month and come with 3GB to 10GB of data. T-Mobile also said yesterday that it will start including taxes and fees in its advertised rate when customers sign up for new T-Mobile One plans and enroll in automatic payments, essentially giving subscribers a discount. "The average monthly bill for a family of four will drop from $180.48 to $160, according to a company spokesman," The Wall Street Journal reported.
Democrats

Obama Administration Releases Searchable Archive of Social Media Posts (theverge.com) 110

An anonymous reader writes: President Obama's entire social media presence as POTUS is now available in a single online archive. The administration today launched The Obama White House Social Media Archive, a searchable collection of everything the president and his administration posted on Instagram, Twitter, Flickr, Facebook, Google+, and Pinterest during his two terms in office. According to ArchiveSocial, the platform on which the archive is hosted, this includes more than 100 social media profiles associated with the White House and more than 250,000 total posts. As of right now, the archive's search function isn't the smoothest. A general search like "healthcare" will yield nearly 600 tangential results, including tweets from White House staffers. The Advanced Search will allow you to narrow things down a bit, with filters for date range and social media platform.
China

Apple Removes NYTimes App in China, Shows How Far It Is Willing To Go To Please Local Authority (theguardian.com) 174

Apple has removed the New York Times app from its store in China after a government request, in an example of how far the company will go to please the authorities in its third-largest market. From a report: China operates what is thought to be the largest internet censorship regime in the world, blocking thousands of foreign websites viewed as a threat by the ruling Communist party. Google, Twitter, Facebook Youtube and Instagram are all inaccessible. Apple removed the English and Chinese-language versions of the New York Times app on 23 December, although it was not immediately clear why. "We have been informed that the app is in violation of local regulations," said Carolyn Wu, an Apple spokeswoman. "As a result the app must be taken down off the China app store. When this situation changes the app store will once again offer the New York Times app for download in China."
Businesses

Snapchat Cited False User Numbers in Order To Boost IPO, Alleges Lawsuit by Ex-worker (yahoo.com) 30

A lawsuit filed against Snap Inc. by a former employee claims the company reported false growth numbers to investors in an effort to inflate its valuation. An anonymous reader shares a report: The plaintiff, Anothony Pompliano, joined the company (then known as Snapchat) as a growth lead in September of last year from Facebook. Pompliano claims the company's "institutional pandemic" of misrepresentation of its user numbers was fueled by its pursuit of a multi-billion dollar initial public offering (IPO) -- a number of prior reports have claimed the company could go public as soon as March. Snap's visual messaging app Snapchat is known for its popularity with younger millennials (aged 25 and under). Despite remaining tight-lipped about its official statistics, leaked reports put its daily active user base at 150 million (higher than that of fellow social platform Twitter). Additionally, its daily video views count hit an impressive 10 billion in April 2016. Numbers like these have had the industry buzzing over its expected IPO, with analysts claiming the company could be valued as high as $25 billion.
Businesses

Medium Cuts Staff By One-Third, Shuts Down New York and DC Offices (arstechnica.com) 177

An anonymous reader quotes a report from Ars Technica: Medium, the San Francisco-based online publishing platform founded in 2012, has laid off 50 employees, or roughly one-third of its staff. The company will also close offices in New York and Washington, DC. Ev Williams, Medium's CEO, wrote in a lengthy post on Wednesday that the company would be changing its business model despite ending 2016 as "our best year yet." He blamed the entire concept of "ad-driven media on the Internet" as the root of the company's shortcomings. As Williams, who is also a co-founder of Twitter, wrote: "It simply doesn't serve people. In fact, it's not designed to. The vast majority of articles, videos, and other "content" we all consume on a daily basis is paid for -- directly or indirectly -- by corporations who are funding it in order to advance their goals. And it is measured, amplified, and rewarded based on its ability to do that. Period. As a result, we getwell, what we get. And it's getting worse."
Android

Asus Unveils ZenFone AR With Google's Daydream and Tango Support, Coming In Q2 (venturebeat.com) 24

Krystalo quotes a report from VentureBeat: Probably the most-leaked device at CES 2017 so far has been the Asus ZenFone AR, through no fault of the Taiwanese company. Partner Qualcomm revealed much of the details in a blog post touting the use of its Snapdragon 821 chipset, and infamous leaker Evan Blass (evleaks) added front and back press renders of the phone. The key part that was missing was a release timeframe, which we now have: Q2 2017. The ZenFone AR stands out as the first smartphone that will support both of Google's Daydream and Tango platforms, and is only the second to support the latter (Lenovo's Phab 2 Pro was the first). Daydream is a virtual reality (VR) platform built into Android 7.0 Nougat and above. Tango is an augmented reality (AR) platform that detects users' positions relative to places and objects around them without using GPS or other external signals.
Bitcoin

Over 1,800 MongoDB Databases Held For Ransom By Mysterious Attacker (bleepingcomputer.com) 115

An anonymous reader writes: "An attacker going by the name of Harak1r1 is hijacking unprotected MongoDB databases, stealing and replacing their content, and asking for a 0.2 Bitcoin ($200) ransom to return the data," reports Bleeping Computer. According to John Matherly, Shodan founder, over 1,800 MongoDB databases have had their content replaced with a table called WARNING that contains the ransom note. Spotted by security researcher Victor Gevers, these databases are MongoDB instances that feature no administrator password and are exposed to external connections from the internet. Database owners in China have been hit, while Bleeping Computer and MacKeeper have confirmed other infections, one which hit a prominent U.S. healthcare organization and blocked access to over 200,000 user records. These attacks are somewhat similar to attacks on Redis servers in 2016, when an unknown attacker had hijacked and installed the Fairware ransomware on hundreds of Linux servers running Redis DB. The two series of attacks don't appear to be related.
Encryption

Koolova Ransomware Decrypts For Free If You Read Two Articles About Ransomware (bleepingcomputer.com) 80

An anonymous reader quotes a report from BleepingComputer: We have a new in-development variant of the Koolova Ransomware that will decrypt your files for free if you educate yourself about ransomware by reading two articles. Discovered by security researcher Michael Gillespie, this in-development ransomware is not ready for prime time. In fact, I had to mess with it a bit and setup a local http server to even get it to display the ransom screen. In its functional state, Koolova will encrypt a victim's files and then display a screen similar to the Jigsaw Ransomware where the text is slowly shown on the screen. This text will tell the victim that they must read two articles before they can get a decryption key. It then tells you that if you are too lazy to read two articles before the countdown gets to zero, like Jigsaw, it will delete the encrypted files. This is not an idle threat as it actually does delete the files. The articles that Koolova wants you to read are an article from Google Security Blog called Stay safe while browsing and BleepingComputer's very own Jigsaw Ransomware Decrypted: Will delete your files until you pay the Ransom article. Once you read both articles, the Decripta i Miei File, or Decrypt My Files, button becomes available. Once you click on this button, Koolova will connect to the Command and Control server and retrieve the victim's decryption key. It will then display it in a message box labeled "Nice Jigsaw," in reference to the Jigsaw Ransomware, that displays your decryption key. A victim will then be able to take that key and enter it into the key field in order to decrypt files.
Google

Programmer Finds Way To Liberate Ransomware Affected Smart TV, Thanks To LG (theregister.co.uk) 161

Television production factory LG has saved Darren Cauthon's new year by providing hidden reset instructions to liberate his Google TV from ransomware. From a report on The Register: The company initially demanded more money than the idiot box was worth to repair the TV and relented offering instructions for resetting the telly after Cauthon took to Twitter to express his displeasure. The infection came after the programmer's wife downloaded an app to the TV promising free movies. Instead, it installed the ransomware, with a demand of US$500 to have the menace removed. Cauthon said LG offered factory reset steps which are not publicly revealed nor known to its customer support technicians. He says a family member showed him the TV over Christmas laden with ransomware purporting to be a FBI message bearing a notice that suspicious files were found and the user has been fined.
Books

Scribd Pulls Digital Comics From Its Subscription Reading Service (the-digital-reader.com) 32

Popular ebooks platform, Scribd has quietly removed digital comics from its subscription reading service. According to a report on The Digital Reader, the feature was added in February 2015, and may have been pulled as part of a cost-cutting measure. From the article: Scribd confirmed the news in a statement: "We launched comics in 2015, and while we were excited to bring new content to our readers, few actively took advantage of them. We will be focusing our efforts on enhancing the experience surrounding our other great content types including books, audiobooks, magazines, and documents. We alerted comic readers of the news via email in early December. We understand that this news is disappointing to comic readers. This was a difficult decision, and we hope that they'll explore the rest of what Scribd has to offer in the coming months." It's interesting that Scribd says that they informed subscribers, because that is not the impression I get from the complaints on Twitter. Many were surprised when they noticed, and based on the timestamps the comics were apparently pulled on or before 1 December.
Piracy

Creepy Site Claims To Reveal Torrenting Histories (iknowwhatyoudownload.com) 211

Slashdot reader dryriver writes: The highly invasive and possibly Russian owned and operated website IKnowWhatYouDownload.com immediately shows [a] bittorent download history for your IP address when you land on it. What's more, it also [claims to] show the torrenting history of any specific IP address you enter, and also of IP addresses similar to yours, so you can see what others near you -- perhaps the nice neighbours in the house next door -- have downloaded when they thought nobody was looking...

There is also a nasty little "Track Downloads" feature that lets you send a "trick URL" to somebody else. When they click on the URL -- thinking its something cool on Facebook, Twitter or the general internet -- THEY see what they URL promised, but YOU get sent their entire torrenting history, including anything embarrassing or otherwise compromising content they may have downloaded in private... The website appears to offer an API, customized download reports and more to interested parties in the hopes of generating big cash from making other people's torrenting activities public.

It's not clear whether this site is really revealing the information it claims to -- or whether it can filter out the fake IP addresses provided by many downloaders. But putting that aside, it does raise an important question. Is it technologically possible to build a site that tracks and reveals torrenting histories based on IP addresses?

Slashdot Top Deals