Security

ZDNet Writer Downplays Windows 10's Phoning-Home Habits 222

jones_supa writes: Gordon F. Kelly of Forbes whipped up a frenzy over Windows 10 when a Voat user found out in a little experiment that the operating system phones home thousands of times a day. ZDNet's Ed Bott has written a follow-up where he points out how the experiment should not be taken too dramatically. 602 connection attempts were to 192.168.1.255 using UDP port 137, which means local NetBIOS broadcasts. Another 630 were DNS requests. Next up was 1,619 dropped connection attempts to address 94.245.121.253, which is a Microsoft Teredo server. The list goes on with NTP, random HTTP requests, and various cloud hosts which probably are reached by UWP apps. He summarizes by saying that a lot of connections are not at all about telemetry. However, what kind of telemetry and data-mined information Windows specifically sends still remains largely a mystery; hopefully curious people will do analysis on the operating system and network traffic sent by it.
Japan

Scientists In Japan Build 100Gbps Wireless Network Using Terahertz Transmitter 43

Mark.JUK writes: A group of Japanese scientists working on a project managed by Hiroshima University claim to have successfully built a Terahertz (THz) transmitter, which is implemented as a silicon CMOS integrated circuit and can transmit a signal running at 10Gbps per data channel over multiple channels in the 275-305GHz band for a top speed of 100Gbps (Gigabits per second). But crucially nobody has mentioned the distance at which this speed could be achieved, particularly since the THz band isn't likely to have much of a reach. It also sits very close to the region used by lasers.
The Courts

SCO vs. IBM Battle Over Linux May Finally Be Over (networkworld.com) 200

JG0LD writes with this news from Network World: A breach-of-contract and copyright lawsuit filed nearly 13 years ago by a successor company to business Linux vendor Caldera International against IBM may be drawing to a close at last, after a U.S. District Court judge issued an order in favor of the latter company earlier this week.
Here's the decision itself (PDF). Also at The Register.
Networking

Facebook Developing Radio Wave Mesh To Connect Offline Areas (thestack.com) 44

An anonymous reader writes: As part of its wider Internet.org initiative to deliver connectivity to poor and rural communities, Facebook is actively developing a new network technology which uses millimetre wave bands to transmit data. Facebook engineer Sanjai Kohli filed two patents which outlined a 'next generation' data system, which would make use of millimetre wave technology deployed as mesh networks. Kohli's patents detailed a type of centralised, cloud-based routing system which 'dynamically adjusts route and frequency channel assignments, transmit power, modulation, coding, and symbol rate to maximize network capacity and probability of packet delivery, rather than trying to maximize the capacity of any one link.'
Graphics

First Steps Towards Network Transparency For Wayland (phoronix.com) 142

munwin99 writes: For the longest time, when bringing up Wayland a recurring question was 'what about network transparency?!' Well, Samsung's Derek Foreman has today published the set of Wayland patches for providing Wayland network transparency by pushing the Wayland protocol over TCP/IP.
Privacy

Most IT Pros Have Seen Embarrassing Information About Their Colleagues 142

An anonymous reader writes: Often working in isolation, IT teams are still considered to be supporting players in many workplaces, yet the responsibility being placed on them is huge. In the event of a cyber attack, network outage or other major issue, they will typically drop everything to fix the problem at hand. Almost all the respondents (95%) to a new AlienVault survey said that they have fixed a user or executive's personal computer issue during their work hours. In addition, over three-quarters (77%) said that they had seen and kept secret potentially embarrassing information relating to their colleagues' or executives' use of company-owned IT resources.
Social Networks

Facebook Knocks "Six Degrees of Separation" Down a Few Notches (i-programmer.info) 89

mikejuk writes: Six degrees of separation is the, already well established, idea that any individual is connected to any other via six network nodes. New research has discovered that the average between Facebook users is just three and a half: "We know that people are more connected today than ever before. Over the past five years, the global Facebook community has more than doubled in size. Today we're announcing that during that same time period, the degrees of separation between a typical pair of Facebook users has continued to decrease to 3.57 degrees, down from 3.74 degrees in 2011. This is a significant reflection of how closely connected the world has become." This may all be true and Facebook makes us better connected, but it leaves the question of the quality of the connections open. Are Facebook friends anything like real friends?
Communications

Grandma's Phone, DSL, and the Copper They Share (hackaday.com) 177

szczys writes: DSL is high-speed Internet that uses the same twisted pair of copper wire that still works with your Grandmother's wall-mounted telephone. How is that possible? The short answer is that the telephone company is cheating. But the long answer delves into the work of Claude Shannon, who figured out how much data could be reliably transferred using a given medium. His work, combined with that of Harry Nyquist and Ralph Hartley (pioneers of channel capacity and the role noise plays in these systems), brings the Internet Age to many homes on an infrastructure that has been in use for more than a hundred years.
Security

Push To Hack: Reverse Engineering an IP Camera (contextis.com) 35

New submitter tetraverse writes: For our most recent IoT adventure, we've examined an outdoor cloud security camera [the Motorola Focus 73] which like many devices of its generation a) has an associated mobile app b) is quick to setup and c) presents new security threats to your network. From the article: This blog describes in detail how we were able to exploit the camera without access to the local network, steal secrets including the home networkâ(TM)s Wi-Fi password, obtain full control of the PTZ (Pan-Tilt-Zoom) controls and redirect the video feed and movement alerts to our own server; effectively watching the watchers.
Businesses

Magic Leap Raises $794 Million To Accelerate Adoption of Secretive AR Tech (roadtovr.com) 51

An anonymous reader writes: A massive new $794 million Series C investment in secretive AR startup Magic Leap puts the company among the world's most valuable startups, now reportedly valued at $4.5 billion. The company has aggressively teased what they believe to be revolutionary augmented reality display technology, allowing a mixture of the real and virtual dimensions in a way previously not achieved. Although they've played coy to the public, offering little more than bold claims, investors like Alibaba, Google Ventures, and Qualcomm Ventures have bought into the company's vision to the tune of $1.39 billion in total raised by Magic Leap thus far. Also at Network World, which notes that their demo must be amazing.
Networking

Japanese Researchers Achieve Record 56Gbps Wireless Transmission 33

Mickeycaskill writes: Fujitsu and the Tokyo Institute of Technology have achieved a wireless transmission of 56Gbps over a 10cm distance using millimeter-wave (mmWave) frequencies located between 30-300GHz. While cellular capacity is improved in some areas through the addition of new mobile masts and small cells, the fibre networks used to link these sites to the wider network is either absent or not feasible to deploy in urban locations or on difficult terrain. This makes the wireless capacity of mobile masts even more important. To achieve the speed, researchers developed custom chips and interface technology to boost capacity of wireless signals without significant data loss.

It is claimed that by pairing the technology developed with a high-output amplifier, the same effect can be achieved outdoors and could be commercialised for mobile operators by 2020.
Security

Cisco Patches Authentication, Denial-of-Service, NTP Flaws In Many Products (csoonline.com) 33

itwbennett writes: Cisco Systems has released a new batch of security patches for flaws affecting a wide range of products, including for a critical vulnerability in its RV220W wireless network security firewalls. The RV220W vulnerability stems from insufficient input validation of HTTP requests sent to the firewall's Web-based management interface. This could allow remote unauthenticated attackers to send HTTP requests with SQL code in their headers that would bypass the authentication on the targeted devices and give attackers administrative privileges.
Communications

After More Than a Decade, MSN Chat Authentication Is Documented (goo.gl) 27

An anonymous reader writes: After MSN Chat closed in 2003, and then again in 2006, some guy has finally documented the authentication system used — over a decade later! Developer Joshua Davison writes by way of explanation: I think it's important to document the challenge we (users, scripters, hackers) faced connecting to MSN Chat, which is the only known 'proper' implementation of IRCX v8.1 at this time. MSN Chat introduced a GateKeeper SASL authentication protocol, which implemented 'GateKeeper' and 'GateKeeperPassport' (not dissimilar to the widely documented NTLM authentication protocol, which was also implemented as NTLM, and NTMLPassport) The GateKeeper Security Support Provider (GKSSP) functioned in two ways; allowing a user to login with a Microsoft Account (Previously known as Microsoft Passport, .NET Passport, Microsoft Passport Network, and Windows Live ID), and also allowed guest authentication for users without, or not willing to use a Microsoft Account. While most users didn't need or want to understand how the protocol worked, there were many of us who did, and many that just preferred to use MSN Chat outside of the browser.
United States

Air Force Firewall Now Designated a Weapons System (gazette.com) 137

An anonymous reader writes with a report from the Colorado Springs Gazette that the U.S. Air Force Space Command has declared its first cyber "weapons system" operational. The weapon, deemed fully operational this month, is basically a big firewall designed to protect the Air Force's internal 1 million-user network from hackers. It will be a hot topic at the Rocky Mountain Cyber Symposium, which is expected to draw hundreds of computer experts to The Broadmoor for a four-day confab starting Monday." More from the article about why a firewall would be called a weapon: The biggest reason for the weaponization push is financial: When it comes to budget battles, weapons, even those with a keyboard and a mouse, get cash from Congress. "Designating something as a weapons system really does help us justify our funding," Col. Pamela Wooley, who commands the Alabama-based 26th Cyberspace Operations Group, which includes the new weapon.
Bug

Sensitive Information Can Be Revealed From Tor Hidden Services On Apache (dailydot.com) 37

Patrick O'Neill writes: A common configuration mistake in Apache, the most popular Web server software in the world, can allow anyone to look behind the curtains on a hidden server to see everything from total traffic to active HTTP requests. When an hidden service reveals the HTTP requests, it's revealing every file—a Web page, picture, movie, .zip, anything at all—that's fetched by the server. Tor's developers were aware of the issue as early as last year but decided against sending out an advisory. The problem is common enough that even Tor's own developers have made the exact same mistake. Until October 2015, the machine that welcomed new users to the Tor network and checked if they were running up-to-date software allowed anyone to look at total traffic and watch all the requests.
Facebook

Facebook Expands Online Commerce Role, But Says "No Guns, Please" 190

The New York Times reports that Facebook's newly staked-out role as a site to facilitate local, person-to-person sales (ala Craigslist) has a new wrinkle: the site has announced a site-wide policy restricting firearms sales that applies to personal sales, though not to licensed dealers or gun clubs. According to the story, Although Facebook was not directly involved in gun sales, it has served as a forum for gun sales to be negotiated, without people having to undergo background checks. The social network, with 1.6 billion monthly visitors, had become one of the worldâ(TM)s largest marketplaces for guns and was increasingly evolving into an e-commerce site where it could facilitate transactions of goods. ... Facebook said it would rely on its vast network of users to report any violations of the new rules, and would remove any post that violated the policy. Beyond that, the company said it could ban users or severely limit the ways they post on Facebook, depending on the type and severity of past violations. If the company believed someoneâ(TM)s life was in danger, Facebook would work with law enforcement on the situation. The policy applies as well to private sales that occur using Facebook Messenger, though the company does not scan Messenger exchanges and must rely on user reports.
Open Source

GitHub Service Outage (github.com) 117

New submitter thebigjeff writes: Beginning at around 7:30pm EST on 1/27/2016, GitHub's core services have been offline. Most repositories and other functionality is inaccessible. The status page is calling it a "significant network disruption." More from The Register: GitHub falls offline, devs worldwide declare today a snow day.
Communications

The Telecommunications Ball Is Now In Cuba's Court 59

lpress writes: The FCC has dropped Cuba from its exclusion list (PDF), so there are now no restrictions on U.S. telecom company dealings with ETECSA, the Cuban government telecommunication monopoly, or any other Cuban organization. Last week the U.S. sent its second high-level telecommunication delegation to Cuba. The delegates were FCC Chairman Tom Wheeler and other government officials plus representatives of Cisco, Comcast, and Ericsson. Some of the news: there are at least 6 proposals for an undersea cable between Havana and Florida; Cisco has proposed a Network Academy at Cuba's leading computer science university (Chinese infrastructure dominates today); 4G mobile connectivity was discussed and Google was conspicuously absent. The time for Cuba to act is now — while President Obama is still in office.
HP

Exposed HP LaserJet Printers Offer Anonymous FTP To the Public (csoonline.com) 74

itwbennett writes: In a blog post on Monday, security researcher Chris Vickery outlined the risks associated with networked HP LaserJet printers, which have been made available to the public by the organizations hosting them. 'There are a few free, open source pieces of software that can be used to upload and interact with HP printer hard drives over port 9100. After uploading to a printer, the file can be accessed by ... any web browser... It doesn't take much creativity to realize that even highly illegal materials could be stored this way,' Vickery wrote. CSO's Steve Ragan picked up the thread: A quick search on Shodan to confirm Vickery's findings returned thousands of results.
United States

US Could Lower Carbon Emissions 78% With New National Transmission Network (smithsonianmag.com) 346

mdsolar writes with this story from Smithsonian magazine about how building a national transmission network could lead to a gigantic reduction in carbon emissions. From the story: "The United States could lower carbon emissions from electricity generation by as much as 78 percent without having to develop any new technologies or use costly batteries, a new study suggests. There's a catch, though. The country would have to build a new national transmission network so that states could share energy. 'Our idea was if we had a national 'interstate highway for electrons' we could move the power around as it was needed, and we could put the wind and solar plants in the very best places,' says study co-author Alexander MacDonald, who recently retired as director of NOAA's Earth System Research Laboratory in Boulder, Colorado."

Slashdot Top Deals