Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

'Adding a Phone Number To Your Google Account Can Make it Less Secure' ( 102

You may think that adding a backup phone number to your account will make it prone to hack, but that is not always the case. Vijay Pandurangan, EIR at Benchmark (and formerly with Eng Site Lead at Twitter) argues that your phone number is likely the weakest link for many attackers (at least when they are trying to hack your Google account). He has shared the story of his friend who had his Google account compromised. The friend in this case, let's call him Bob, had a very strong password, a completely independent recovery email, hard-to-guess security questions, and he never logged in from unknown devices. Though Bob didn't have multi-factor authentication enabled, he did add a backup phone number. On October 1, when Bob attempted to check his email, he discovered that he was logged out of his Gmail account. When he tried to login, he was told that his password was changed less than an hour ago. He tried calling Verizon, and discovered that his phone service was no longer active, and that the attacker had switched his service to an iPhone 4. "Verizon later conceded that they had transferred his account despite having neither requested nor being given the 4-digit PIN they had on record." The attacker reset Bob's password and changed the recover email, password, name on the account, and enabled two-factor authentication. He got his account back, thanks to support staff and colleagues at Google, but the story illustrates how telco are the weakest link. From the article: Using a few old Google accounts, I experimented with Google's account recovery options and discovered that if a Google account does not have a backup phone number associated with it, Google requires you to have access to the recovery email account OR know the security questions in order to take over an account. However, if a backup phone number is on the account, Google allows you to type in a code from an SMS to the device in lieu of any other information. There you have it: adding a phone number reduces the security of your account to the lowest of: your recovery email account, your security questions, your phone service, and (presumably) Google's last-ditch customer service in case all other options fail. There are myriad examples of telcos improperly turning over their users' accounts: everything from phone hacking incidents in the UK to more recent examples. Simply put, telcos can be quite bad at securing your privacy and they should not be trusted. Interestingly, it appears that if two-factor-auth via SMS is enabled, Google will not allow your password to be reset unless you can also answer a security question in addition to having access to a phone number.

AT&T Considers Buying Time Warner ( 59

In what would likely be one of the largest telecommunications takeovers in American history, Bloomberg is reporting that ATT has discussed the idea of a possible merger or other partnership with Time Warner Inc (may be paywalled; alternate source). Bloomberg reports: The talks, which at this stage are informal, have focused on building relations between the companies rather than establishing the terms of a specific transaction, the people said, asking not to be identified as the deliberations are private. Neither side has yet hired a financial adviser, the people said. Acquiring Time Warner would give ATT, one of the biggest providers of pay-TV and of wireless and home internet service in the U.S., a collection of popular programming to offer to subscribers, from HBO to NBA basketball to the Cartoon Network. ATT CEO Randall Stephenson has been looking to add more content and original programming as part of his plan to transform the Dallas-based telecommunications company into a media and entertainment giant. Time Warner Chief Executive Officer Jeff Bewkes is a willing seller if he gets an offer he thinks is fair, said one of the people. Bewkes and his board rejected an $85-a-share approach in 2014 from Rupert Murdoch's 21st Century Fox Inc., which valued Time Warner at more than $75 billion. Last year, ATT paid $48.5 billion to acquire satellite-TV provider DirecTV, its biggest deal in at least 10 years, according to data compiled by Bloomberg. ATT has been developing an internet-based version of the pay-TV service, called DirecTV now.

Facebook Bans Animated Breast Cancer Awareness Video Showing Circle-Shaped Breasts ( 92

Last month, Facebook deleted a historic Vietnam war photo of a naked girl fleeing a napalm attack, claiming it violated Facebook's restrictions on nudity. Now it appears that the company has removed a video on breast cancer awareness posted in Sweden after deeming the images offensive, the Swedish Cancer Society said on Thursday. The Guardian reports: The video, displaying animated figures of women with circle-shaped breasts, was aimed at explaining to women how to check for suspicious lumps. Sweden's Cancerfonden said it had tried in vain to contact Facebook, and had decided to appeal against the decision to remove the video. "We find it incomprehensible and strange how one can perceive medical information as offensive," Cancerfoden communications director Lena Biornstad told Agence France-Presse. "This is information that saves lives, which is important for us," she said. "This prevents us from doing so." The Guardian went on to report in a separate article that the the Swedish Cancer Society decided to make the round breasts square to evade Facebook's censorship of female anatomy. The group issued an open letter to Facebook featuring the pair of pair of breasts constructed of pink squares as opposed to pink circles. Facebook did apologize for banning the video, saying in a statement to the Guardian: "We're very sorry, our team processes millions of advertising images each week, and in some instances we incorrectly prohibit ads. This image does not violate our ad policies. We apologize for the error and have let the advertiser know we are approving their ads."

Nurses In Australia Face Punishment For Promoting Anti-Vaccination Messages Via Social Media ( 493 writes: Medical Express reports that nurses and midwives promoting anti-vaccination messages in Australia could face punishment including being slapped with a caution and having their ability to practice medicine restricted. Serious cases could be referred to an industry tribunal, where practitioners could face harsher penalties such as having their registration suspended or cancelled. The Nursing and Midwifery Board of Australia released the vaccination standards in response to what it described as a small number of nurses and midwives promoting anti-vaccination via social media. The statement also urges members of the public to report nurses or midwives promoting anti-vaccination. Promoting false, misleading or deceptive information is an offense under national law and is prosecutable by the Australian Health Practitioner Regulation Agency. "The board will consider whether the nurse or midwife has breached their professional obligations and will treat these matters seriously," the statement said. However Dr. Hannah Dahlen, a professor of midwifery at the University of Western Sydney and the spokeswoman for the Australian College of Midwives, worries the crackdown may push people with anti-vaccination views further underground. "The worry is the confirmation bias that can occur, because people might say: 'There you go, this is proof that you can't even have an alternative opinion.' It might in fact just give people more fuel for their belief systems."

Amazon CEO Jeff Bezos Thinks Space Can Be the New Internet ( 85

Speaking at the Vanity Fair New Establishment Summit in San Francisco today, Amazon CEO Jeff Bezos said space is essentially a new internet, as it is the next frontier that needs new infrastructure to support new entrepreneurs. He said the purpose of Blue Origin is to build out a similar kind of infrastructure for space that Amazon used to operate during the days of the early internet, such as the United States Postal Service and long distance phone network. The Verge reports: "Two kids in their dorm room can reinvent an industry," Bezos said, referring to the strengths of the modern internet. "Two kids in their dorm room cannot do anything interesting in space." Bezos says rocket reusability needs to be improved, and both Blue Origin and Elon Musk's SpaceX are working toward the goal of vastly reducing the cost of sending payloads to space. Bezos said there's also a number of restraints right now that prevent the kind of entrepreneurial spirit that helped create Amazon do the same for a next-generation space venture. "We need to be able to put big things in space at low cost." Bezos talked of his earliest days at Amazon more than 20 years ago, where he was driving packages himself to the post office with a 10-person team. "We were sitting on a bunch of a heavy lifting infrastructure," he said. "For example, there was already a gigantic network called United States Postal Service. The internet itself was sitting on time of the long distance phone network." This is the kind of infrastructure Bezos hopes to build out with Blue Origin. "Every time you figure out some way of providing tools and services that allow other people to deploy their creativity, you're really onto something," Bezos said. But building that infrastructure space is still the grandest dream. "I think space is about to enter a golden age."

First New US Nuclear Reactor In 20 Years Goes Live ( 297

An anonymous reader quotes a report from CNN: The Tennessee Valley Authority is celebrating an event 43 years in the making: the completion of the Watts Bar Nuclear Plant. In 1973, the TVA, one of the nation's largest public power providers, began building two reactors that combined promised to generate enough power to light up 1.3 million homes. The first reactor, delayed by design flaws, eventually went live in 1996. Now, after billions of dollars in budget overruns, the second reactor has finally started sending power to homes and businesses. Standing in front of both reactors Wednesday, TVA President Bill Johnson said Watts Bar 2, the first U.S. reactor to enter commercial operation in 20 years, would offer clean, cheap and reliable energy to residents of several southern states for at least another generation. Before Watts Bar 2, the last time an American reactor had fired up was in 1996. It was Watts Bar 1 -- and according to the Atlanta Journal-Constitution, it cost $6.8 billion, far greater than the original price tag at $370 million. In the 2000s, some American power companies, faced with growing environmental regulations, eyed nuclear power again as a top alternative to fossil fuels such as coal and oil. A handful of companies, taking advantage of federal loan guarantees from the Bush administration, revived nuclear reactor proposals in a period now known as the so-called "nuclear renaissance." Eventually, nuclear regulators started to green light new reactors, including ones in Georgia and South Carolina. In 2007, the TVA resumed construction on Watts Bar 2, according to the International Atomic Energy Agency. The TVA originally said it would take five years to complete. The TVA, which today serves seven different southern states, relies on nuclear power to light up approximately 4.5 million homes. Watts Bar 2, the company's seventh operating reactor, reaffirms its commitment to nukes for at least four more decades, Johnson said Wednesday. In the end, TVA required more than five years to build the project. The final cost, far exceeding its initial budget, stood at $4.7 billion.

iPhone 7 Plus Qualcomm LTE Modem Significantly Outperforms Intel LTE Modem, Study Finds ( 43

An anonymous reader quotes a report from Mac Rumors: With the iPhone 7 and the iPhone 7 Plus, Apple elected to use LTE modems from two different sources, Qualcomm and Intel. The A1778 and A1784 iPhone models use a GSM-only Intel XMM7360 modem while the A1660 and 1661 iPhone models use a GSM/CDMA-compatible Qualcomm MDM9645M modem. Apple's decision has already caused some disappointment among customers because the GSM-only Intel modem is not compatible with as many carrier networks as the GSM/CDMA Qualcomm modem, and now independent testing conducted by Cellular Insights suggests there are some significant performance differences between the two modems, with the Qualcomm modem outperforming the Intel modem. Using an RS TS7124 RF Shielded Box, two RS CMW500, one RS CMWC controller, and four Vivaldi antennas, Cellular Insights created a setup to simulate LTE performance at different distances from a cellular tower using two iPhone 7 Plus devices, one with an Intel modem and one with a Qualcomm modem. The goal of the test was to measure the highest achievable LTE throughput starting at a Reference Signal Received Quality of -85dBm (a strong signal) and gradually reducing the power level to simulate moving away from a cellular tower where signal is weaker. Three LTE bands were tested: Band 12, Band 4 (the most common band in North America), and Band 7. In all three tests, both the iPhone 7 Plus models offered similar performance in ideal conditions, but as power levels decreased, Cellular Insights saw "unexplainable sharp dips in performance" in the Intel modem, finding a gap "north of 30%" in favor of the Qualcomm iPhone 7 Plus. In the charts, the Qualcomm modem maintains noticeably higher throughput speeds than the Intel modem as signal strength decreases. According to Cellular Insights, in every single test, the iPhone 7 Plus with a Qualcomm modem "had a significant performance edge" over the iPhone 7 Plus with an Intel modem.

Higher-End Smartphones Make You Happier, Says JD Power Study ( 121

A new J.D. Power study published Thursday found that users who pay more for their smartphones report higher satisfaction than those who pay less for their smartphones. The study also found that among ATT and Sprint customers, Samsung phones ranked highest in overall satisfaction, while T-Mobile and Verizon customers preferred Apple iPhones. Jessica Dolcourt via CNET writes about the other conclusions made by the J.D. Power study: - Customers of ATT, Sprint, T-Mobile and Verizon (full-service carriers) report more satisfaction than customers on Boost Mobile, Cricket, MetroPCS and Virgin Mobile (co-contract carriers).
- Full-service customers pay an average of $361 for their phones compared with prepaid customers' $137 average.
-Customers who pay more for their phones report higher satisfaction.
- This is likely because high-cost phones perform better. (Editor's note: no duh)


Target Passes Walmart As Top US Corporate Installer of Solar Power ( 55

An anonymous reader quotes a report from Electrek: Target is the top corporate installer of solar power in the USA with 147MW installed on 300 stores. Walmart is close behind with 140MW, while Ikea has installed solar on 90% of its retail locations. The Solar Energy Institute of America (SEIA) report shows over 1,000MW of solar installed in almost 2,000 unique installations by the largest corporate entities in the country. Additionally these groups have more than doubled their installation volume year on year, with 2015 seeing a total of 130MW, while 2016 is projected to be closer to 280MW. Big box retail locations offer some of the best potential spaces for solar power to be installed -- on top of square, flat structures and in previously built parking lots. The average size of an installation by a company in this group is about 500kW -- 75X the size of an average residential solar installation. The RE100 organization has signed up 81 global corporations (many on the SEIA list) who have pledged 100% renewable energy. "We're incredibly proud of the progress we've made in improving building efficiencies and reducing environmental impact. Our commitment to installing solar panels on 500 stores and distribution centers by 2020 is evidence of that progress" -- said John Leisen, vice president of property management at Target. The geographic breakdown of solar installations is based upon three main drivers -- good sunlight, expensive electricity and state level renewable mandates, with Southern California having all three. The northeast USA, with its expensive electricity and aggressive clean energy push, has been on par with California (50% of total solar) for commercial installations. A report put together by the World Wildlife Fund (WWF) and the World Resources Institute (WRI) breaks down the various state level laws that support corporations going green -- and, without surprise, it becomes clear that the legal support of renewable energy is a definite driver.
PlayStation (Games)

Mark Cerny, Chief PlayStation Architect, Explains the PS4 Pro ( 70

Sony's PlayStation 4 Pro, which launches next month on November 10th, is the company's most powerful console that will be capable of outputting 4K and HDR content, including movies, TV shows and games. In an effort to find out how developers will make use of the console and whether or not the PS4 Pro will in any way undermine the audience of the current PS4, The Verge sat down with Mark Cerny, Sony's chief PlayStation architect, and asked him some questions. The Verge reports: The PS4 Pro is 2.28 times more powerful than its predecessor, but not everything will run in native 4K
Instead of using an entirely new GPU, Cerny said the PS4 Pro is using a "double-sauced one." In effect, the new console has a second, identical GPU configured next to the original, more than doubling the processing power of the Pro. While the standard PS4 produces 1.8 teraflops, the PS4 Pro achieves 4.2 teraflops. This is how the device can achieve native 4K and, in some cases, what Cerny said are results "extremely close to 4K." For select software, including games like adventure title Horizon Zero Dawn and Call of Duty: Infinite Warfare, the PS4 Pro will use a crafty technique called checkerboard rendering to achieve 2160p resolution. Checkboard rendering changes the formation of pixels to achieve higher-fidelity graphics.

Standard PS4 games will play just the same unless devs patch them
For the more than 700 or so existing PS4 games, Cerny said the goal was to ensure those titles played smoothly no matter what. That's why the Pro incorporates an identical GPU. Because the new console has "the old GPU next to a mirror version of itself," Sony can support existing games with a simple trick: "We just turn off the second GPU," he said. Developers can patch these titles to boost graphics and performance in very subtle ways. But unless you have a 4K television, the difference will not be substantial.

Sony says it doesn't want games released solely for the PS4 Pro
When asked whether Sony would ever let a game run exclusively on the PS4 Pro, Cerny was blunt. "We're putting a very high premium on not splitting the user base in that fashion," he said. That doesn't rule out the possibility that, two or even three years down the line, a game comes out that relies so heavily on the hardware improvements of the Pro that it becomes unplayable on the standard PS4. Cerny wouldn't really speak much to that scenario, saying that Sony is asking developers to take advantage of the new console without leaving older hardware behind.
You can also watch Mark Cerny chat with PlayStation Blog's Sid Shuman about the creation of the PS4 Pro here on YouTube.

KickassTorrents Lawyer: 'Torrent Sites Do Not Violate Criminal Copyright Laws' ( 74

An anonymous reader quotes a report from Ars Technica: Lawyers representing Artem Vaulin have filed their formal legal response to prosecutors' allegations of conspiracy to commit criminal copyright infringement, among other charges. Vaulin is the alleged head of KickassTorrents (KAT). KAT was the world's largest BitTorrent distribution site before it was shuttered by authorities earlier this year. Vaulin was arrested in Poland, where he now awaits extradition to the United States. "Vaulin is charged with running today's most visited illegal file-sharing website, responsible for unlawfully distributing well over $1 billion of copyrighted materials," Assistant Attorney General Leslie Caldwell said in a July 2016 statement. The defense's new 22-page court filing largely relies on the argument that there is no such thing as secondary criminal copyright infringement. While secondary copyright infringement as a matter of civil liability was upheld by the Supreme Court in MGM v. Grokster in 2005, Vaulin and his associates have been charged criminally. "The fundamental flaw in the government's untenable theory of prosecution is that there is no copyright protection for such torrent file instructions and addresses," [the brief's author, Ira Rothken,] argued in his Monday motion to dismiss the charges against Vaulin. "Therefore, given the lack of direct willful copyright infringement, torrent sites do not violate criminal copyright laws." "The extradition procedures have formally been started by the US in Poland," Rothken told Ars. "We are in a submissions or briefing period, and our Polish team is opposing extradition." Rothken also said that he has yet to be allowed to meet or speak directly with his client. For now, Rothken has been required to communicate via his Polish counterpart, Alek Kowzan. "Maybe they are afraid that Artem's extradition defense will be enhanced if American lawyers can assist in defending against the US extradition," Rothken added. No hearings before US District Judge John Z. Lee have been set.

Hotspot Vigilantes Are Trying to Beam the Internet To Julian Assange ( 226

Ecuadorian government said earlier this week that it did cut off Julian Assange's internet connection. They noted that Assange's continued interference in the U.S. election campaign was the reason why they decided to disconnect Assange from the internet. But it appears some people are going to great lengths to beam internet connectivity to Mr. Assange. This week 4chan urged people to head to the embassy to set up mobile Wi-Fi hotspots, and many are doing just that. From a Motherboard report:"We are now calling all BRITS to get their ass down to the embassy and stand around in mass, taking shifts with wifi-hotspots on hand!" reads the post. "Give Assange constant network and morale support all while streaming it live for the world to see." Are people actually going to try this? Motherboard UK visited the Ecuadorian embassy in London, where WikiLeaks founder Julian Assange has claimed political asylum since August 2012, today to find out. Admittedly, on a late October afternoon, things were rather quiet on the street outside the embassy. Nevertheless, I found my guy. "Marco" was loitering outside the embassy, turning on and off his mobile hotspot. I approached him, and while tentative at first, Marco finally started explaining how he was hoping to aid Assange.
The Military

US Army 'Will Have More Robot Soldiers Than Humans' By 2025, Says Former British Spy ( 110

John Bassett, a British spy who worked for the agency GCHQ for nearly two decades, has told Daily Express that the U.S. was considering plans to employ thousands of robots by 2025. At a meeting with police and counter-terrorism officials in London, he said: "At some point around 2025 or thereabouts the U.S. army will actually have more combat robots than it will have human soldiers. Many of those combat robots are trucks that can drive themselves, and they will get better at not falling off cliffs. But some of them are rather more exciting than trucks. So we will see in the West combat robots outnumber human soldiers." Daily Express reports: Robotic military equipment is already being used by the U.S Navy and Air Force, in the shape of drones and autonomous ships. In April robotic warfare took a major leap forward after the U.S. Navy launched its very first self-piloting ship designed to hunt enemy submarines. Drones have been a feature of U.S. operations in the Middle East to disrupt terrorist groups. However, those aircrafts are still controlled by humans operating from bases in the U.S. Mr. Bassett also said artificial intelligence and robots technology would combine to create powerful fighting machines. The cyber security expert said: "Artificial intelligence, robotics in general, those will begin to mesh together."

How Hackers Broke Into John Podesta and Colin Powell's Gmail Accounts ( 108

An anonymous reader quotes a report from Motherboard: On March 19 of this year, Hillary Clinton's campaign chairman John Podesta received an alarming email that appeared to come from Google. The email, however, didn't come from the internet giant. It was actually an attempt to hack into his personal account. In fact, the message came from a group of hackers that security researchers, as well as the U.S. government, believe are spies working for the Russian government. At the time, however, Podesta didn't know any of this, and he clicked on the malicious link contained in the email, giving hackers access to his account. The data linking a group of Russian hackers -- known as Fancy Bear, APT28, or Sofacy -- to the hack on Podesta is also yet another piece in a growing heap of evidence pointing toward the Kremlin. And it also shows a clear thread between apparently separate and independent leaks that have appeared on a website called DC Leaks, such as that of Colin Powell's emails; and the Podesta leak, which was publicized on WikiLeaks. All these hacks were done using the same tool: malicious short URLs hidden in fake Gmail messages. And those URLs, according to a security firm that's tracked them for a year, were created with Bitly account linked to a domain under the control of Fancy Bear. The phishing email that Podesta received on March 19 contained a URL, created with the popular Bitly shortening service, pointing to a longer URL that, to an untrained eye, looked like a Google link. Inside that long URL, there's a 30-character string that looks like gibberish but is actually the encoded Gmail address of John Podesta. According to Bitly's own statistics, that link, which has never been published, was clicked two times in March. That's the link that opened Podesta's account to the hackers, a source close to the investigation into the hack confirmed to Motherboard. That link is only one of almost 9,000 links Fancy Bear used to target almost 4,000 individuals from October 2015 to May 2016. Each one of these URLs contained the email and name of the actual target. The hackers created them with with two Bitly accounts in their control, but forgot to set those accounts to private, according to SecureWorks, a security firm that's been tracking Fancy Bear for the last year. Bitly allowed "third parties to see their entire campaign including all their targets -- something you'd want to keep secret," Tom Finney, a researcher at SecureWorks, told Motherboard. Thomas Rid, a professor at King's College who studied the case extensively, wrote a new piece about it in Esquire.

Television Needs To Be Reinvented, Says Apple SVP ( 194

Eddy Cue, Senior Vice President of Internet Software and Service at Apple, isn't happy with the current state of how people watch TV. He said we currently live with a "glorified VCR," the interface of our current TV is the problem and we need to reinvent it. Cue pointed out a number of other issues he has with today's TV:"It's really hard to use [a cable box or satellite TV]. Setting something to record, if you didn't watch something last night, if you didn't set it to record, it's hard to find, it may not be available. There may be some rights issues," Cue said. "It's great to be able to tell your device, 'I wanna watch the Duke basketball game, I don't care what channel it's on.' I just want to watch the Duke basketball game. Today you got to bring in the TV, go through the guide, find which sports programs or whatever -- it's just hard to do."

Slashdot Top Deals