By BeauHD from Slashdot's target-acquired department
The Daily Beast reports that the FBI has seized control of a key server in the Kremlin's global botnet of 500,000 hacked routers. "The move positions the bureau to build a comprehensive list of victims of the attack, and short-circuits Moscow's ability to reinfect its targets," writes Kevin Poulsen. From the report: The FBI counter-operation goes after "VPN Filter," a piece of sophisticated malware linked to the same Russian hacking group, known as Fancy Bear, that breached the Democratic National Committee and the Hillary Clinton campaign during the 2016 election. On Wednesday security researchers at Cisco and Symantec separately provided new details on the malware, which has turned up in 54 countries including the United States.
VPN Filter uses known vulnerabilities to infect home office routers made by Linksys, MikroTik, NETGEAR, and TP-Link. Once in place, the malware reports back to a command-and-control infrastructure that can install purpose-built plug-ins, according to the researchers. One plug-in lets the hackers eavesdrop on the victim's Internet traffic to steal website credentials; another targets a protocol used in industrial control networks, such as those in the electric grid. A third lets the attacker cripple any or all of the infected devices at will.Read Replies (0)
By BeauHD from Slashdot's too-good-to-be-true department
A couple months ago, Road to VR reported that Google and LG were planning to reveal the "world's highest-resolution OLED on-glass display" for virtual-reality headsets on May 22nd. Well, that day has arrived and the two companies unveiled that very display. Android Authority reports: As expected, the 4.3-inch OLED 18MP display has a resolution of 4,800 x 3,840. The display has a pixel density of 1,443PPI and a 120Hz refresh rate. Google and LG referred to it as the "world's highest-resolution OLED on-glass display." For comparison's sake, the HTC Vive has two 3.6-inch displays with resolutions of 1,200 x 1,080. The higher-end HTC Vive Pro has two 3.5-inch displays with resolutions of 1,600 x 1,440. The Vive Pro maxes out at 615PPI, making this new LG panel about 57% better than HTC's best offering. However, there's already one display that's better than anything on offer, and that's your own vision. A person with great vision sees in an estimated resolution of 9,600 x 9,000 with a PPI density of 2,183. In other words, this new display from Google and LG is about half as good as our own eyes. Unfortunately, there are no plans to use them in any consumer products yet. Google rep Carlin Verri told 9to5Google that the companies started this project to push the industry forward.Read Replies (0)
By BeauHD from Slashdot's shrouded-in-secrecy department
An anonymous reader quotes a report from SFGate: The American Civil Liberties Union on Wednesday sued U.S. Immigration and Customs Enforcement for records about the agency's use of license plate reader technology, after ICE apparently failed to turn over records following multiple requests. In December, ICE purchased access to two databases of ALPR data, the complaint reads. One of those databases is managed by Vigilant Solutions, which has contracts with more than two dozen Bay Area law enforcement agencies. "We believe the other is managed by Thomson Reuters," ACLU laywer Vasudha Talla said. The ACLU and other privacy advocates have expressed concern about how this data will be stored and used for civil immigration enforcement. The ACLU filed two requests under the Freedom of Information Act in March seeking records from ICE, including contracts, memos, associated communications, training materials and audit logs. Since then, ICE has not provided any records, the ACLU said in the complaint, which was filed Tuesday morning in the Northern District Court for the Northern District of California.
"The excessive collection and storing of this data in databases -- which is then pooled and shared nationally -- results in a systemic monitoring that chills the exercise of constitutional rights to free speech and association, as well as essential tasks such as driving to work, picking children up from school, and grocery shopping," the complaint said. "We have essentially two concerns: one that is general to ALPR databases, and one that's specific to this situation with ICE," Talla said. "The ACLU has done a lot of work around surveillance technology and ALPR, and we're generally concerned about the aggregation of all this data about license plates paired with a time and location, stretching back for so many months and years."Read Replies (0)
By BeauHD from Slashdot's bidding-war department
Comcast is reportedly preparing an offer to buy major portions of 21st Century Fox, which would give it majority control of Hulu and other media properties. Ars Technica reports: Walt Disney Company already has a $52.4 billion all-stock deal to buy the 21st Century Fox properties. But Comcast was rumored to be lining up $60 billion in financing in order to make a hostile bid for the Fox assets, and Comcast's announcement today confirms it. Comcast "is considering, and is in advanced stages of preparing, an offer for the businesses that Fox has agreed to sell to Disney," Comcast's announcement said. Comcast is working on the offer in preparation for shareholder meetings in which the Disney/Fox deal will be considered.
The Fox properties for sale do not include assets such as the Fox News Channel, Fox Business Network, and Fox Broadcasting Company. Those properties would be spun off into a company being referred to as "New Fox," and Comcast would acquire 21st Century Fox after the spinoff. The Fox sale to either Disney or Comcast would include 21st Century Fox's film and television studios; cable entertainment networks; the Fox Sports Regional Networks; and international properties including Star in India and Fox's 39-percent ownership of Sky across Europe. The sale would also include Fox's 30-percent stake in Hulu, the popular online video streaming service. Comcast already owns 30 percent of Hulu, so a deal with Fox would give the nation's largest cable company majority control over the online video provider.Read Replies (0)
By msmash from Slashdot's security-woes department
Tefo Mohapi, reporting for iAfrikan: Barely a year after South Africa's largest data leak was revealed in 2017, the country has suffered yet another data leak as 934,000 personal records of South Africans have been leaked publicly online. The data includes, among others, national identity numbers (ID numbers), e-mail addresses, full names, as well as plain text passwords to what appears to be a traffic fines related online system. Working together with Troy Hunt, an Australian Security consultant and founder of haveibeenpwned, along with an anonymous source that has been communicating with iAfrikan and Hunt, we've managed to establish that the data was backed up or posted publicly by one of the companies responsible for traffic fines online payments in South Africa. "I have a new leak which might be worthwhile, the database leak contains 1 million records of personal information of South African citizens. Including Identity numbers, cell phone numbers, email addresses, and passwords. I am aware of the website this was leaked from," said our source upon initial contact.Read Replies (0)
By msmash from Slashdot's reality-check department
The law says American agencies must eliminate the use of Kaspersky Lab software by October. But U.S. officials say that's impossible as the security suite is embedded too deep in our infrastructure, The Daily Beast reported Wednesday. From a report: Multiple divisions of the U.S. government are confronting the reality that code written by the Moscow-based security company is embedded deep within American infrastructure, in routers, firewalls, and other hardware -- and nobody is certain how to get rid of it. "It's messy, and it's going to take way longer than a year," said one U.S. official. "Congress didn't give anyone money to replace these devices, and the budget had no wiggle-room to begin with." At issue is a provision of the National Defense Authorization Act (NDAA) enacted last December that requires the government to fully purge itself of "any hardware, software, or services developed or provided, in whole or in part," by Kaspersky Lab. The law was a dramatic expansion of an earlier DHS directive that only outlawed "Kaspersky-branded" products. Both measures came after months of saber rattling by the U.S., which has grown increasingly anxious about Kaspersky's presence in federal networks in the wake of Russia's 2016 election interference campaign.Read Replies (0)
By msmash from Slashdot's about-time department
The Metropolitan Transportation Authority (MTA) on Wednesday unveiled a sweeping plan to modernize the city's subway system over the next 10 years. From a report: The proposal, which new New York City Transit President Andy Byford called "Fast Forward," centers on overhauling the mass transit network's signaling system -- some of which dates back to the early 20th century -- 30 years sooner than current Subway Action Plan. But it won't come without a good bit of pain: sources told News 4 that Byford's plan would require entire lines to be taken out of service during overnight and weekend hours for extended periods. Byford -- who took over the task of running the city's subways and buses earlier this year -- said in an MTA meeting Wednesday that the work would be split into two five-year chunks. Over the first five years parts or all of the 4,5, 6, E, F, M, R, A, C, E and G lines would receive modern signaling systems. That would include the entirety of the Lexington Avenue line, which carries the 4, 5 and 6 trains and is the most-used mass transit line in the United States.Read Replies (0)
By BeauHD from Slashdot's remind-you-of-anyone department
An anonymous reader quotes a report from The Verge: At an AI event in London today, Microsoft CEO Satya Nadella showed off the company's Xiaoice (pronounced "SHAO-ICE") social chat bot. Microsoft has been testing Xiaoice in China, and Nadella revealed the bot has 500 million "friends" and more than 16 channels for Chinese users to interact with it through WeChat and other popular messaging services. Microsoft has turned Xiaoice, which is Chinese for "little Bing," into a friendly bot that has convinced some of its users that the bot is a friend or a human being. "Xiaoice has her own TV show, it writes poetry, and it does many interesting things," reveals Nadella. "It's a bit of a celebrity."
While most of Xiaoice's interactions have been in text conversations, Microsoft has started allowing the chat bot to call people on their phones. It's not exactly the same as Google Duplex, which uses the Assistant to make calls on your behalf, but instead it holds a phone conversation with you. "One of the things we started doing earlier this year is having full duplex conversations," explains Nadella. "So now Xiaoice can be conversing with you in WeChat and stop and call you. Then you can just talk to it using voice." (The term "full duplex" here refers to a conversation where both participants can speak at the same time; it's not a reference to Google's product, which was named after the same jargon.)Read Replies (0)