Federal Communications Commission Chairman Ajit Pai refused to brief a Congressional committee Monday about mobile carriers' ability to share their subscribers' location data with third parties. From a report: House Commerce Committee Chairman Frank Pallone, Jr. (D-N.J.) asked Pai for an "emergency briefing" to explain why the FCC "has yet to end wireless carriers' unauthorized disclosure of consumers' real-time location data," and for an update on "what actions the FCC has taken to address this issue to date." Pai's FCC could take action, despite the 2017 repeal of the commission's broadband privacy rules. Phone carriers are legally required to protect "Customer Proprietary Network Information [CPNI]," and the FCC's definition of CPNI includes location data.

[...] Pai did not agree with Pallone, it turns out. "Today, FCC Chairman Ajit Pai refused to brief Energy and Commerce Committee staff on the real-time tracking of cell phone location[s]," Pallone said in a statement yesterday. "In a phone conversation today, his staff asserted that these egregious actions are not a threat to the safety of human life or property that the FCC will address during the Trump shutdown."

Starbucks announced that it will start blocking pornography viewing on its stores' Wi-Fi starting in 2019. "A Starbucks representative told NBC News that the viewing of 'egregious content' over its stores' Wi-Fi has always violated its policy, but the company now has a way to stop it," reports NBC News. From the report: "We have identified a solution to prevent this content from being viewed within our stores and we will begin introducing it to our U.S. locations in 2019," the company representative said. The announcement was first reported by Business Insider and comes after a petition from internet-safety advocacy group Enough is Enough garnered more than 26,000 signatures. The nonprofit launched a porn-free campaign aimed at McDonald's and Starbucks in 2014, and it says that while McDonald's "responded rapidly and positively," Starbucks did not.

In a letter that [Enough is Enough CEO Donna Rice Hughes] said she received from Starbucks over the summer, the company vowed to address the issue "once we determine that our customers can access our free Wi-Fi in a way that also doesn't involuntarily block unintended content." Starbucks has not released details about how it plans to restrict the viewing of pornographic sites or illegal content over its Wi-Fi. In response, the vice president of YouPorn responded by sending a memo to staff banning Starbucks products from company offices starting Jan. 1, 2019.

Not everyone is pleased to hear that President Trump has the power to use communications systems in case of an emergency. According to CNET, three New York residents recently filed a lawsuit against President Trump and William Long, administrator of the Federal Emergency Management Agency, to halt FEMA's new Presidential Alert messaging system.

The lawsuit reads in part: "Plaintiffs are American citizens who do not wish to receive text messages, or messages of any kind, on any topic or subject, from defendant Trump. [Trump's] rise to power was facilitated by weaponized disinformation that he broadcast into the public information sphere via Twitter in addition to traditional mass media." From the report: Presidential Alerts are similar to Amber or other emergency alerts on your phone -- you hear a loud noise comes along with vibration. The messages come from the Integrated Public Alert and Warning System (IPAWS), which attempts to send the alert to every cell phone within the U.S. operating on a network run by a carrier opting into the Wireless Emergency Alert system. IPAWS is used in the event of natural disasters, acts of terrorism or other disasters or threats to public safety. The plaintiffs' main complaint is that Presidential Alerts are compulsory -- there's no way to opt-out of receiving them. They argue that under civil rights law, government cannot use cellular devices to compel listening, "trespass into and hijack" devices without a warrant or individual consent.

The plaintiffs are also concerned Trump might use the alerts to spread disinformation because IPAWS doesn't regulate the content of the messages. That means Trump may be free to define "act of terrorism" and "threat to public safety," and may broadcast "arbitrary, biased, irrational" messages to "hundreds of millions of people," the plaintiffs say in the lawsuit.

Hkibtimes tipped us off to some interesting news from TechCrunch: The Bay Area may be the center of the global technology industry, but that hasn't stopped one wealthy enclave from protecting itself from the future. The city council of Mill Valley, a small town located just a few miles north of San Francisco, voted unanimously late last week to effectively block deployments of small-cell 5G wireless towers in the city's residential areas. Through an urgency ordinance, which allows the city council to immediately enact regulations that affect the health and safety of the community, the restrictions and prohibitions will be put into force immediately for all future applications to site 5G telecommunications equipment in the city. Applications for commercial districts are permitted under the passed ordinance....

According to the city, it received 145 pieces of correspondence from citizens voicing opposition to the technology, compared to just five letters in support of it -- a ratio of 29 to 1. While that may not sound like much, the city's population is roughly 14,000, indicating that about 1% of the population had voiced an opinion on the matter. Blocks on 5G deployments are nothing new for Marin County, where other cities including San Anselmo and Ross have passed similar ordinances designed to thwart 5G expansion efforts over health concerns... The telecom industry has long vociferously denied a link between antennas and health outcomes, although California's Department of Public Health has issued warnings about potential health effects of personal cell phone antennas. Reduced radiation emissions from 5G antennas compared to 4G antennas would presumably further reduce any health effects of this technology.
The article concludes that restrictions like Mill Valley's "will make it nearly impossible to deploy 5G in a timely manner."

An anonymous reader quotes a report from Ars Technica: A fire department whose data was throttled by Verizon Wireless while it was fighting California's largest-ever wildfire has rejected Verizon's claim that the throttling was just a customer service error and "has nothing to do with net neutrality." The throttling "has everything to do with net neutrality," a Santa Clara County official said. Verizon yesterday acknowledged that it shouldn't have continued throttling Santa Clara County Fire Department's "unlimited" data service while the department was battling the Mendocino Complex Fire. Verizon said the department had chosen an unlimited data plan that gets throttled to speeds of 200kbps or 600kbps after using 25GB a month but that Verizon failed to follow its policy of "remov[ing] data speed restrictions when contacted in emergency situations." "This was a customer support mistake" and not a net neutrality issue, Verizon said. "Verizon's throttling has everything to do with net neutrality -- it shows that the ISPs will act in their economic interests, even at the expense of public safety," County Counsel James Williams said on behalf of the county and fire department. "That is exactly what the Trump Administration's repeal of net neutrality allows and encourages."

An anonymous reader writes: Sources who work for some of America's major cellphone carriers tell us how criminals are trying to recruit them to get help hacking victims. Normally, criminals approach them online, offering to pay them in Bitcoin (the equivalent of $100 for example). In exchange, the employee has to log into a company portal and process a so-called SIM swap. From the report: How criminals find the employees in the first place can vary. Some SIM hijackers I spoke to told me they approach them through shared friends in real life, others told me they just comb LinkedIn, Reddit or social media sites. AT&T and Sprint did not respond to requests for comment about whether or not it had any knowledge of insiders helping criminals. A T-Mobile spokesperson said in a statement that the company is "aware of these ongoing and ever-changing attempts to take advantage of consumers across the wireless industry and we'll keep fighting to ensure our customers' safety." A Verizon spokesperson said the company doesn't share details of internal security processes or investigations, but the company "has systems in place that work to detect employee/vendor misconduct."

The CBC reports: When the siren-like sounds from an Amber Alert rang out on cellular phones across Ontario on Monday, it sparked a bit of a backlash against Canada's new mobile emergency alert system. The Ontario Provincial Police had issued the alert for a missing eight-year-old boy in the Thunder Bay region. (The boy has since been found safe)... On social media, people startled by the alerts complained about the number of alerts they received and that they had received separate alerts in English and French... Meanwhile, others who were located far from the incident felt that receiving the alert was pointless. "I've received two Amber Alerts today for Thunder Bay, which is 15 hours away from Toronto by car," tweeted Molly Sauter. "Congrats, you have trained me to ignore Emergency Alerts...."

The CRTC ordered wireless providers to implement the system to distribute warnings of imminent safety threats such as tornadoes, floods, Amber Alerts or terrorist threats. Telecom companies had favoured an opt-out option or the ability to disable the alarm for some types of alerts. But this was rejected by the broadcasting and telecommunications regulator. Individuals concerned about receiving these alerts are left with a couple of options: they can turn off their phone -- it will not be forced on by the alert -- or mute their phone so they won't hear it.
Long-time Slashdot reader knorthern knight complains that the first two alerts-- one in English, followed by one in French -- were then followed by a third (bi-lingual) alert advising recipients to ignore the previous two alerts, since the missing child had been found.

The investigative news "I-Team" of a local TV station in Washington D.C. drove around with "a leading mobile security expert" -- and discovered dozens of StingRay devices mimicking cellphone towers to track phone and intercept calls in Maryland, Northern Virginia, and Washington, D.C. An anonymous reader quotes their report: The I-Team found them in high-profile areas like outside the Trump International Hotel on Pennsylvania Avenue and while driving across the 14th Street bridge into Crystal City... The I-Team's test phones detected 40 potential locations where the spy devices could be operating, while driving around for just a few hours. "I suppose if you spent more time you'd find even more," said D.C. Councilwoman Mary Cheh. "I have bad news for the public: Our privacy isn't what it once was..."

The good news is about half the devices the I-Team found were likely law enforcement investigating crimes or our government using the devices defensively to identify certain cellphone numbers as they approach important locations, said Aaron Turner, a leading mobile security expert... The I-Team got picked up [by StingRay devices] twice off of International Drive, right near the Chinese and Israeli embassies, then got another two hits along Massachusetts Avenue near Romania and Turkey... The phones appeared to remain connected to a fake tower the longest, right near the Russian Embassy.
StringRay devices are also being used in at least 25 states by police departments, according to the ACLU. The devices were authorized by the FCC back in 2011 for "federal, state, local public safety and law enforcement officials only" (and requiring coordination with the FBI).

But back in April the Associated Press reported that "For the first time, the U.S. government has publicly acknowledged the existence in Washington of what appear to be rogue devices that foreign spies and criminals could be using to track individual cellphones and intercept calls and messages... More sophisticated versions can eavesdrop on calls by forcing phones to step down to older, unencrypted 2G wireless technology. Some attempt to plant malware."

MindPrison writes: As ashamed as I am to admit it -- a longtime computer user since the Commodore heydays, I've been hacked twice recently and that has seriously made me rethink my options for my safety and well-being. So, I ask you dear Slashdot users, from one fellow longtime Slashdotter to another: which is the best router for optimal safety today?

An anonymous reader quotes a report from Windsor Star: A Michigan gym patron looking for a Wi-Fi connection found one named "remote detonator," prompting an evacuation and precautionary search of the facility by a bomb-sniffing dog. The Saginaw News reports nothing was found in the search Sunday at Planet Fitness in Saginaw Township, about 85 miles (140 kilometers) northwest of Detroit. Saginaw Township police Chief Donald Pussehl says the patron brought the Wi-Fi connection's name to the attention of a manager, who evacuated the building and called police. The gym was closed for about three hours as police responded. Pussehl says there's "no crime or threat," so no charges are expected. He notes people often have odd names for WiFi connections. Planet Fitness says the manager was following company procedure for when there's suspicion about a safety issue.

chicksdaddy brings this report from Security Ledger: The Security Innovation Center, with backing of powerful tech industry groups, is arguing that letting consumers fix their own devices will empower hackers. The group released a survey last week warning of possible privacy and security risks should consumers have the right to repair their own devices. It counts powerful electronics and software industry organizations like CompTIA, CTIA, TechNet and the Consumer Technology Association as members... In an interview with The Security Ledger, Josh Zecher, the Executive Director of The Security Innovation Center, acknowledged that Security Innovation Center's main purpose is to push back on efforts to pass right to repair laws in the states.

He said the group thinks such measures are dangerous, citing the "power of connected products and devices" and the fact that they are often connected to each other and to the Internet via wireless networks. Zecher said that allowing device owners or independent repair professionals to service smart home devices and connected appliances could expose consumer data to hackers or identity thieves... Asked whether Security Innovation Center was opposed to consumers having the right to repair devices they purchased and owned, Zecher said the group did oppose that right on the grounds of security, privacy and safety... "People say 'It's just my washing machine. Why can't I fix it on my own?' But we saw the Mirai botnet attack last year... Those kinds of products in the wrong hands can be used to do bad things."

schwit1 shares a report from Activist Post: Following years of resistance from citizens, the city of Seattle has decided to completely remove controversial surveillance equipment -- at a cost of $150,000. In November 2013, Seattle residents pushed back against the installation of several mesh network nodes attached to utility poles around the downtown area. The American Civil Liberties Union of Washington and privacy advocates were immediately concerned about the ability of the nodes to gather user information via the Wi-Fi connection. The Seattle Times reports on the latest developments: "Seattle's wireless mesh network, a node of controversy about police surveillance and the role of federal funding in city policing, is coming down. Megan Erb, spokeswoman for Seattle Information Technology, said the city has budgeted $150,000 for contractor Prime Electric and city employees to remove dozens of surveillance cameras and 158 'wireless access points' -- little, off-white boxes with antennae mounted on utility poles around the city."

The nodes were purchased by the Seattle Police Department via a $3.6 million grant from the Department of Homeland Security. The Seattle Police Department argued the network would be helpful for protecting the port and for first-responder communication during emergencies. As the Times notes, "the mesh network, according to the ACLU, news reports and anti-surveillance activists from Seattle Privacy Coalition, had the potential to track and log every wireless device that moved through its system: people attending protests, people getting cups of coffee, people going to a hotel in the middle of the workday." However, by November 2013, SPD spokesman Sean Whitcomb announced, "The wireless mesh network will be deactivated until city council approves a draft (privacy) policy and until there's an opportunity for vigorous public debate." The privacy policy for the network was never developed and, instead, the city has now opted to remove the devices at a cost of $150,000. The Times notes that, "crews are tearing its hardware down and repurposing the usable parts for other city agencies, including Seattle Department of Transportation traffic cameras."

The Federal Communications Commission voted Tuesday to update the country's wireless emergency alert system, aiming to ensure that local officials only sound alarms on Americans' smartphones when those citizens are truly in harm's way. From a report: The system, implemented in 2012, allows first responders around the country to dispatch short, loud, text-message-like bulletins to warn mobile users about inclement weather, abducted children or criminals at large. But public-safety leaders long have complained the alerts are inaccurate, rendering it difficult to use them in times of disaster without creating undue panic. And they fret that "over-alerting" has proven so frustrating to smartphone owners that they've simply turned off the alarms entirely -- rendering it even more difficult to communicate in times of an emergency.

The FCC recently announced a new alert program called "Blue Alert" that will notify the public of threats to law enforcement in real time. "With the creation of a dedicated Blue Alert event code in the Emergency Alert System, state and local law enforcement will have the capability to push immediate warnings out to the public via broadcast, cable, and satellite providers, as well as to consumer smartphones through the Wireless Emergency Alert system," reports Android Police. From the report: Much like both the SILVER and AMBER alert programs, and utilizing the same notification system, Blue Alerts aim to warn the general public of threats to public safety and/or imminent danger. However, the police force focused alert system provides timely information to the public when police officers may be in danger. Chairman of the FCC and recent deregulator of the internet, Ajit Pai detailed the new FCC order saying, "Similar to the Amber Alerts that many are familiar with, Blue Alerts will enable authorities to warn the public when there is actionable information related to a law enforcement officer who is missing, seriously injured or killed in the line of duty, or when there is an imminent credible threat to an officer."

The December 14 order from the FCC activates the Blue Alerts service for one calendar year to deliver the notifications over the Emergency Alert System, and for 18 months over the Wireless Emergency Alert system.

The California Department of Public Health (CDPH) issued a warning against the hazards of cellphone radiation this week. They are asking people to decrease their use of these devices and suggest keeping your distance when possible. TechCrunch reports: The warning comes after findings were offered up this week from a 2009 department document, which was published after an order from the Sacramento Superior Court. A year ago, UC Berkeley professor Joel Moskowitz initiated a lawsuit to get the department to release the findings after he started looking into whether mobile phone use increased the risk of tumors. A draft of the document was released in March, but the final release is more extensive.

According to the Federal Communication Commission's website, there is no national standard developed for safety limits. However, the agency requires cell phone manufacturers to ensure all phones comply with "objective limits for safe exposure." The CDPH recommends not keeping your phone in your pocket, not putting it up to your ear for a prolonged amount of time, keeping use low if there are two bars or less, not sleeping near it at night and to be aware that if you are in a fast-moving car, bus or train, your phone will emit more RF energy to maintain the connection.

A Turkish Airlines flight from Nairobi to Istanbul was diverted after the detection of a wi-fi network called "bomb on board" that alarmed the passengers, the airline said on Thursday. From a report: In a statement, Turkish Airlines said the flight made an emergency landing at the Khartoum airport in Sudan, but the flight was safely resumed after security inspections on all passengers and the aircraft. Individuals can create personal wi-fi networks on devices such as mobile phones and name them what they want.

An anonymous reader quotes a report from Ars Technica: Verizon Wireless is giving a reprieve to some rural customers who are scheduled to be booted off their service plans, but only in cases when customers have no other options for cellular service. Verizon recently notified 8,500 customers in 13 states that they will be disconnected on October 17 because they used roaming data on another network. But these customers weren't doing anything wrong -- they are being served by rural networks that were set up for the purpose of extending Verizon's reach into rural areas. Today, Verizon said it is extending the deadline to switch providers to December 1. The company is also letting some customers stay on the network -- although they must switch to a new service plan. "If there is no alternative provider in your area, you can switch to the S (2GB), M (4GB), 5GB single-line, or L (8GB) Verizon plan, but you must do so by December 1," Verizon said in a statement released today. These plans range from $35 to $70 a month, plus $20 "line fees" for each line. The 8,500 customers who received disconnection letters have a total of 19,000 lines. Verizon sells unlimited plans in most of the country but said only those limited options would be available to these customers. Verizon also reiterated its promise that first responders will be able to keep their Verizon service even though some public safety officials received disconnection notices. "We have become aware of a very small number of affected customers who may be using their personal phones in their roles as first responders and another small group who may not have another option for wireless service," Verizon said. "After listening to these folks, we are committed to resolving these issues in the best interest of the customers and their communities. We're committed to ensuring first responders in these areas keep their Verizon service."

Qualcomm has introduced a new Cellular Vehicle-to-Everything (C-V2X) chipset and reference design that aims to bring automakers one step closer to deploying the communications systems necessary for fully autonomous vehicles. Ford, Audi, the PSA Group and SAIC are all endorsing the new chipset. ZDNet reports: The Qualcomm 9150 C-V2X chipset, expected to be available for commercial sampling in the second half of 2018, is based on specs from the 3rd Generation Partnership Project (3GPP), a collaboration between groups of telecommunications associations. Meanwhile, Qualcomm's C-V2X reference design will feature the 9150 C-V2X chipset, an application processor running the Intelligent Transportation Systems (ITS) V2X stack, as well as a Hardware Security Module (HSM). C-V2X technology encompasses two transmission modes: direct communications and network-based communications. It's key for both safety features and for implementing autonomous driving capabilities.

For instance, its direct communications capabilities improve a vehicle's situational awareness by detecting and exchanging information using low latency transmissions. Relying on the globally harmonized 5.9 GHz ITS band, the 9150 C-V2X chipset can relay information on vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I) and vehicle-to-pedestrian (V2P) scenarios without the need for a Subscriber Identity Module (SIM), cellular subscription or network assistance. On top of that, C-V2X network-based communications (designed for 4G and emerging 5G wireless networks) supports telematics, connected infotainment and a growing number of advanced informational safety use cases.

An anonymous reader quotes a report from Ars Technica: The U.S. Senate today confirmed the nominations of Republican Brendan Carr and Democrat Jessica Rosenworcel to fill the two empty seats on the Federal Communications Commission. FCC Chairman Ajit Pai congratulated the commissioners in a statement. "As I know from working with each of them for years, they have distinguished records of public service and will be valuable assets to the FCC in the years to come," Pai said. "Their experience at the FCC makes them particularly well-suited to hit the ground running. I'm pleased that the FCC will once again be at full strength and look forward to collaborating to close the digital divide, promote innovation, protect consumers, and improve the agency's operations."

Carr served as Pai's Wireless, Public Safety and International Legal Advisor for three years. After President Trump elevated Pai to the chairmanship in January, Pai appointed Carr to become the FCC's general counsel. Rosenworcel had to leave the commission at the end of last year when the Republican-led US Senate refused to re-confirm her for a second five-year term. But Democrats pushed Trump to re-nominate Rosenworcel to fill the empty Democratic spot and he obliged. FCC commissioners are nominated by the president and confirmed by the Senate. esides Pai, Carr, and Rosenworcel, the five-member commission includes Republican Michael O'Rielly and Democrat Mignon Clyburn.

Earlier this week, Comcast filed its comments in favor of the FCC's plan to eliminate the 2015 net neutrality rules. While much of the document was devoted to arguments we've heard before -- Comcast believes the current rules are anti-competitive and hurt investment, but generally supports the principles of net neutrality -- one statement stood out. The Verge adds: Buried in the 161-page document was this quirky assertion (emphasis ours): "At the same time, the Commission also should bear in mind that a more flexible approach to prioritization may be warranted and may be beneficial to the public... And paid prioritization may have other compelling applications in telemedicine. Likewise, for autonomous vehicles that may require instantaneous data transmission, black letter prohibitions on paid prioritization may actually stifle innovation instead of encouraging it. In other words, Comcast is arguing for paid prioritization and internet fast lanes to enable self-driving cars to communicate better with other vehicles and their surrounding environment, thus making them a safer and more efficient mode of transportation. The only problem is that autonomous and connected cars don't use wireless broadband to communicate. When cars talk with each other, they do it by exchanging data wirelessly over an unlicensed spectrum called the Dedicated Short Range Communications (DSRC) band, using technology similar to Wi-Fi. The FCC has set aside spectrum in the 5.9GHz band specifically for this purpose, and it is only meant to be used for vehicle-to-everything (V2X) applications. That includes vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I), and vehicle-to-pedestrian (V2P) -- so cars talking to other cars, to traffic signals, to the phone in your pocket... you name it. Soon enough, all cars sold in the US will be required to include V2V technology for safety purposes, if the Department of Transportationâ(TM)s new rule goes into effect.