Bitcoin

Coinbase Wants Wall Street To Resolve Its Bitcoin Trust Issues (bloomberg.com) 38

In an effort to use digital money to reinvent finance, cryptocurrency exchange Coinbase is trying to legitimize itself by convincing big money managers to trust it enough to trade on its exchange. They need to "reassure regulators that bitcoin isn't a silk road for hackers, money launderers and tax evaders," reports Bloomberg. From the report: Despite the table tennis, Coinbase shows glimmers of maturity. More than 10 million customers have used the company since it began, though it recently quit updating the tally on its website. About $57 billion of digital currency has traded on the exchange so far this year. It doubled its staff in that time and expects to do so again in 2018. Ultimately, Coinbase plans to go public. The firm said it's prevailed against security threats, helping it avoid the fate of Mt. Gox, the world's biggest bitcoin exchange before shutting its doors in 2014 after $480 million of customer funds went bye-bye. Coinbase stores 98 percent of users' digital currencies in offline safe-deposit boxes. The remaining 2 percent, which is vulnerable because it's online, is covered by insurance. The company holds more than $10 billion in digital assets. Developing ties with banks is one of the biggest challenges. Coinbase doesn't publicly disclose its banking relationships, but a person familiar with the matter said the company is partnering with Cross River Bank, Metropolitan Bank and Silvergate Bank in the U.S.
AT&T

ISPs Won't Promise To Treat All Traffic Equally After Net Neutrality (theverge.com) 153

An anonymous reader writes: The FCC voted to put an end to net neutrality, giving internet providers free rein to deliver service at their own discretion. There's really only one condition here: internet providers will have to disclose their policies regarding "network management practices, performance, and commercial terms." So if ISPs want to block websites, throttle your connection, or charge certain websites more, they'll have to admit it. We're still too far out to know exactly what disclosures all the big ISPs are going to make -- the rules (or lack thereof) don't actually go into effect for another few months -- but many internet providers have been making statements throughout the year about their stance on net neutrality, which ought to give some idea of where they'll land. We reached out to 10 big or notable ISPs to see what their stances are on three core tenets of net neutrality: no blocking, no throttling, and no paid prioritization. Not all of them answered, and the answers we did get are complicated. [The Verge reached out to Comcast, AT&T, Verizon, T-Mobile, Sprint, Charter (Spectrum), Cox, Altice USA (Optimum and SuddenLink), and Google Fi and Google Fiber.]

Many ISPs say they support some or all of these core rules, but there's a big caveat there: for six of the past seven years, there have been net neutrality rules in place at the FCC. That means all of the companies we checked with have had to abide by the no blocking, no throttling, and no paid prioritization rules. It means that they can say, and be mostly correct in saying, that they've long followed those rules. But it is, on some level, because they've had to. What actually matters is which policies ISPs say they'll keep in the future, and few are making commitments about that. In fact, all of the companies we contacted (with the exception of Google) have supported the FCC's plan to remove the current net neutrality rules. None of the ISPs we contacted will make a commitment -- or even a comment -- on paid fast lanes and prioritization. And this is really where we expect to see problems: ISPs likely won't go out and block large swaths of the web, but they may start to give subtle advantages to their own content and the content of their partners, slowly shaping who wins and loses online.
Comcast: Comcast says it currently doesn't block, throttle content, or offer paid fast lanes, but hasn't committed to not doing so in the future.
AT&T: AT&T has committed to not blocking or throttling websites in the future. However, its stance around fast lanes is unclear.
Verizon: Verizon indicates that, at least in the immediate future, it will not block legal content. As for throttling and fast lanes, the company has no stance, and even seems to be excited to use the absence of rules to its advantage.
T-Mobile: T-Mobile makes no commitments to not throttle content or offer paid fast lanes and is unclear on its commitment to not blocking sites and services. It's already involved in programs that advantage some services over others.
Sprint: Sprint makes no commitments on net neutrality, but suggests it doesn't have plans to offer a service that would block sites.
Charter (Spectrum): Charter doesn't make any guarantees, but the company indicates that it's currently committed to not blocking or throttling customers.
Cox: Cox says it won't block or throttle content, even without net neutrality. It won't make commitments on zero-rating or paid fast lanes.
Altice USA (Optimum and SuddenLink): Altice doesn't currently block or throttle and suggests it will keep those policies, though without an explicit commitment. The company doesn't comment on prioritizing one service over another.
Google Fi and Google Fiber: Google doesn't make any promises regarding throttling and paid prioritization. However, it is the only company to state that it believes paid prioritization would be harmful.
Businesses

Why Google and Amazon Are Hypocrites (om.blog) 244

Amazon earlier this month responded to Google's decision to remove YouTube from all Fire TV products and the Echo Show. Google says it's taking this extreme step because of Amazon's recent delisting of new Nest products (like Nest Secure and the E Thermostat) and the company's long-running refusal to sell Chromecast or support Google Cast in any capacity. Veteran journalist Om Malik writes: This smacks of so much hypocrisy that I don't even know where to start. The two public proponents of network neutrality and anything but neutral about each other's services on each other's platforms. They can complain about the cable companies from blocking their content and charging for fast lanes. The irony isn't lost on me even a wee bit. They are locked in a battle to collect as much data about us -- what we shop, what we see, what we do online and they do so under the guise of offering us services that are amazing and wonderful. They don't talk about what they won't do with our data, instead, they bicker and distract. So to think that these purveyors of hyper-capitalism will fight for interests of consumers is not only childish, it is foolish. We as end customers need to figure out who is speaking on our behalf when it comes to the rules of the Internet.
HP

HP Laptops Found To Have Hidden Keylogger (bbc.com) 114

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models, BBC reported on Monday citing the findings of a security researcher. From the report: Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work. HP said more than 460 models of laptop were affected by the "potential security vulnerability." It has issued a software patch for its customers to remove the keylogger. The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012. Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop. He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing. According to HP, it was originally built into the Synaptics software to help debug errors. It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.
Robotics

After Automating Order-Taking, Fast Food Chains Had to Hire More Workers (theatlantic.com) 234

An anonymous reader quotes the Atlantic: Blaine Hurst, the CEO and president of Panera, told me that because of its new [self-service] kiosks, and an app that allows online ordering, the chain is now processing more orders overall, which means it needs more total workers to fulfill customer demand. Starbucks patrons who use the chain's app return more frequently than those who don't, the company has said, and the greater efficiency that online ordering allows has boosted sales at busy stores during peak hours. Starbucks employed 8 percent more people in the U.S. in 2016 than it did in 2015, the year it launched the app...

James Bessen, an economist at Boston University School of Law, found that as the number of ATMs in America increased fivefold from 1990 to 2010, the number of bank tellers also grew. Bessen believes that ATMs drove demand for consumer banking: No longer constrained by a branch's limited hours, consumers used banking services more frequently, and people who were unbanked opened accounts to take advantage of the new technology. Although each branch employed fewer tellers, banks added more branches, so the number of tellers grew overall. And as machines took over many basic cash-handling tasks, the nature of the tellers' job changed. They were now tasked with talking to customers about products -- a certificate of deposit, an auto loan -- which in turn made them more valuable to their employers. "It's not clear that automation in the restaurant industry will lead to job losses," Bessen told me.

The Almighty Buck

Coinbase Warns During Times of High Volatility, Access Could Become 'Unavailable' (cityam.com) 90

An anonymous reader quotes City AM: A leading bitcoin exchange has warned that customers may be unable to get their money out quickly in the event of a crash in the cryptocurrency's price. Writing in a blog post last week, Coinbase's co-founder and chief executive Brian Armstrong, said despite "sizeable and ongoing" increases in the firm's technical infrastructure and engineering staff, access to Coinbase services could become "degraded or unavailable during times of significant volatility or volume. This could result in the inability to buy or sell for period of time," he said.

Armstrong added that there would be restrictions on how much customers could sell, or sell limits, to "protect client accounts and assets"... Bitcoin's market capitalisation rose above $300 billion for the first time earlier this week when its price rocketed to an all-time high of just over $17,000. Many analysts have warned that bitcoin represents an unsustainable bubble, though no one is quite sure when it will burst.

Privacy

People Keep Finding Hidden Cameras in Their Airbnbs (buzzfeed.com) 167

"Airbnb has a scary problem on their hands: People keep finding hidden cameras in their rental homes," reports the New York Post. "Another host was busted last month trying to film guests without their knowledge -- marking the second time since October that the company has had to publicly deal with this sort of incident." BuzzFeed reports: In October, an Indiana couple visiting Florida discovered a hidden camera disguised as a smoke detector in their Airbnb's master bedroom. Earlier that same year Airbnb was forced to investigate and suspend a Montreal listing after one of the renters discovered a camera in the bedroom of the property... Hidden cameras aren't just an issue for Airbnb -- it's been a hot-button topic in hospitality for years. There are hundreds of stories about hotels using unlawful surveillance. [For example, this one.]

Airbnb recommends its customers read the reviews of the host of any rental property they might be interested in, and also offers an on-platform messaging tool that allows communication between host and guests... "Cameras are never allowed in bathrooms or bedrooms; any other cameras must be properly disclosed to guests ahead of time," Airbnb spokesperson Jeff Henry told BuzzFeed News.

This time the couple discovered hidden cameras that were disguised as a motion detectors. Airbnb says they've permanently banned the offending host -- and offered his guests a refund -- adding that this type of incident was "incredibly rare."
Chrome

Chrome 63 Offers Even More Protection From Malicious Sites, Using Even More Memory (arstechnica.com) 63

An anonymous reader quotes a report from Ars Technica: To further increase its enterprise appeal, Chrome 63 -- which hit the browser's stable release channel yesterday -- includes a couple of new security enhancements aimed particularly at the corporate market. The first of these is site isolation, an even stricter version of the multiple process model that Chrome has used since its introduction. Chrome uses multiple processes for several security and stability reasons. On the stability front, the model means that even if a single tab crashes, other tabs (and the browser itself) are unaffected. On the security front, the use of multiple processes makes it much harder for malicious code from one site to steal secrets (such as passwords typed into forms) of another. [...]

Naturally, this greater use of multiple processes incurs a price; with this option enabled, Chrome's already high memory usage can go up by another 15 to 20 percent. As such, it's not enabled by default; instead, it's intended for use by enterprise users that are particularly concerned about organizational security. The other new capability is the ability for administrators to block extensions depending on the features those extensions need to use. For example, an admin can block any extension that tries to use file system access, that reads or writes the clipboard, or that accesses the webcam or microphone. Additionally, Google has started to deploy TLS 1.3, the latest version of Transport Layer Security, the protocol that enables secure communication between a browser and a Web server. In Chrome 63, this is only enabled between Chrome and Gmail; in 2018, it'll be turned on more widely.

Businesses

ISP Disclosures About Data Caps and Fees Eliminated By Net Neutrality Repeal (arstechnica.com) 281

In 2015, the Federal Communications Commission forced ISPs to be more transparent with customers about hidden fees and the consequences of exceeding data caps. Since the requirements were part of the net neutrality rules, they will be eliminated when the FCC votes to repeal the rules next week. Ars Technica reports: While FCC Chairman Ajit Pai is proposing to keep some of the commission's existing disclosure rules and to impose some new disclosure requirements, ISPs won't have to tell consumers exactly what everything will cost when they sign up for service. There have been two major versions of the FCC's transparency requirements: one created in 2010 with the first net neutrality rules, and an expanded version created in 2015. Both sets of transparency rules survived court challenges from the broadband industry. The 2010 requirement had ISPs disclose pricing, including "monthly prices, usage-based fees, and fees for early termination or additional network services." That somewhat vague requirement will survive Pai's net neutrality repeal. But Pai is proposing to eliminate the enhanced disclosure requirements that have been in place since 2015. Here are the disclosures that ISPs currently have to make -- but won't have to after the repeal:

-Price: the full monthly service charge. Any promotional rates should be clearly noted as such, specify the duration of the promotional period and the full monthly service charge the consumer will incur after the expiration of the promotional period.
-Other Fees: all additional one time and/or recurring fees and/or surcharges the consumer may incur either to initiate, maintain, or discontinue service, including the name, definition, and cost of each additional fee. These may include modem rental fees, installation fees, service charges, and early termination fees, among others.
-Data Caps and Allowances: any data caps or allowances that are a part of the plan the consumer is purchasing, as well as the consequences of exceeding the cap or allowance (e.g., additional charges, loss of service for the remainder of the billing cycle).

Pai's proposed net neutrality repeal says those requirements and others adopted in 2015 are too onerous for ISPs.

Bitcoin

Bank of America Wins Patent For Crypto Exchange System (coindesk.com) 52

New submitter psnyder shares a report from CoinDesk: [The patent] outlined a potential cryptocurrency exchange system that would convert one digital currency into another. Further, this system would be automated, establishing the exchange rate between the two currencies based on external data feeds. The patent describes a potential three-part system, where the first part would be a customer's account and the other two would be accounts owned by the business running the system. The user would store their chosen cryptocurrency through the customer account. The second account, referred to as a "float account," would act as a holding area for the cryptocurrency the customer is selling, while the third account, also a float account, would contain the equivalent amount of the cryptocurrency the customer is converting their funds to. That third account would then deposit the converted funds back into the original customer account for withdrawal. The proposed system would collect data from external information sources on cryptocurrency exchange rates, and use this data to establish its own optimal rate. The patent notes this service would be for enterprise-level customers, meaning that if the bank pursues this project, it would be offered to businesses.
Businesses

Kaspersky To Close Washington Office But Expand Non-State Sales (bloomberg.com) 65

An anonymous reader shares a report: A Russian software-maker, whose products are banned for use in federal information systems by the U.S. government, is seeking to remain in the North American market and prove its products have no hidden capabilities. Kaspersky Lab Inc. will close its Washington D.C. office that was selling to the government and will keep working with non-federal customers in the U.S. via its remaining offices in the country, vice-president Anton Shingarev said in an interview in Moscow. The company also committed in October to open its product's source code to an independent third-party review and plans to open new offices in Chicago, Los Angeles and Toronto next year. "This allows independent experts to verify that our software has no hidden functionality, that it doesn't send your files to third parties, doesn't spy on you and fully complies with the end-user agreement," Shingarev said. The U.S. banned government use of Kaspersky software in September, citing founder Eugene Kaspersky's alleged ties to Russian intelligence and the possibility its products could function as "malicious actors" to compromise federal information systems. The move caused concern about the company's products in other markets, including the U.K.
Power

Airlines Restrict 'Smart Luggage' Over Fire Hazards Posed By Batteries (npr.org) 108

An anonymous reader quotes a report from NPR: Airlines including American, Delta and Alaska have announced restrictions on so-called smart luggage because the lithium-ion batteries found in many of these suitcases pose a fire risk. "Beginning Jan. 15, customers who travel with a smart bag must be able to remove the battery in case the bag has to be checked at any point in the customer's journey. If the battery cannot be removed, the bag will not be allowed," American said in a statement on Friday. The same day, Delta and Alaska announced similar policies on their flights.

American's policy dictates that if the bag is carry-on size, passengers can take the luggage onboard, so long as the battery can be removed if needed. If passengers need to check the bag, the battery must be removed and carried onboard. But if the bag has a non-removable battery, it can't be checked or carried on. An FAA spokesman told The Washington Post that the airlines' policies are "consistent with our guidance that lithium-ion batteries should not be carried in the cargo hold."

Google

Google Is Pulling YouTube Off the Fire TV and Echo Show as Feud With Amazon Grows (theverge.com) 238

An anonymous reader shares a report: Three months ago, YouTube pulled its programming from Amazon's Echo Show device -- the first skirmish in what is apparently an ongoing war. Shortly after, Amazon stopped selling the Nest E Thermostat, Nest's Camera IQ, and the Nest Secure alarm system. Two weeks ago, Amazon got YouTube back on the Echo Show by simply directing users to the web version, a workaround that left a lot to be desired. But even that version won't be available after today. In a statement, Google said it has been trying to reach an agreement with Amazon to provide customers with access to each other's products and services. But, Google said, Amazon doesn't carry Google products like Chromecast and Google Home, doesn't make Prime Video available for Google Cast users, and last month stopped selling some of Nest's latest products. "Given this lack of reciprocity, we are no longer supporting YouTube on Echo Show and FireTV. We hope we can reach an agreement to resolve these issues soon."
Security

A Popular Virtual Keyboard App Leaks 31 Million Users' Personal Data (zdnet.com) 65

Zack Whittaker, writing for ZDNet: Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app's developer failed to secure the database's server. The server is owned by Eitan Fitusi, co-founder of AI.type, a customizable and personalizable on-screen keyboard, which boasts more than 40 million users across the world. But the server wasn't protected with a password, allowing anyone to access the company's database of user records, totaling more than 577 gigabytes of sensitive data. The database appears to only contain records on the app's Android users.
Censorship

Cloudflare's CEO Has a Plan To Never Censor Hate Speech Again (arstechnica.com) 395

"Cloudflare CEO Matthew Prince hated cutting off service to the infamous neo-Nazi site the Daily Stormer in August," reports Ars Technica. "And he's determined not to do it again. 'I'm almost a free-speech absolutist.' Prince said at an event at the New America Foundation last Wednesday. But in a subsequent interview with Ars, Prince argued that in the case of the Daily Stormer, the company didn't have much choice." From the report: Prince's response was to cut Daily Stormer off while laying the groundwork to make sure he'd never have to make a decision like that again. In a remarkable company-wide email sent shortly after the decision, Prince described his own actions as "arbitrary" and "dangerous." "I woke up this morning in a bad mood and decided to kick them off the Internet," Prince wrote in August. "It was a decision I could make because I'm the CEO of a major Internet infrastructure company." He argued that "it's important that what we did today not set a precedent." Prior to August, Cloudflare had consistently refused to police content published by its customers. Last week, Prince made a swing through DC to help ensure that the Daily Stormer decision does not, in fact, set a precedent. He met with officials from the Federal Communications Commission and with researchers at the libertarian Cato Institute and the left-of-center New America Foundation -- all in an effort to ensure that he'd have the political cover he needed to say no next time he came under pressure to take down controversial content.

The law is strongly on Cloudflare's side here. Internet infrastructure providers like Cloudflare have broad legal immunity for content created by their customers. But legal rights may not matter if Cloudflare comes under pressure from customers to take down content. And that's why Prince is working to cultivate a social consensus that infrastructure providers like Cloudflare should not be in the censorship business -- no matter how offensive its customers' content might be.

Australia

Amazon Finally Launches In Australia (mashable.com) 57

After a very soft launch on Nov. 23, Amazon has officially launched in Australia. Mashable reports: One of the biggest things to happen to Australia's retail sector, Amazon's website has switched over from a Kindle Store presence to its fully fledged Amazon.com.au, with millions of products now ready for eager Christmas shoppers across more than 20 categories. It's a huge moment for Australian retail, and one of the most anticipated launches of the year, after Amazon confirmed in April 2017 it would expand its operations in Australia. Local retailers like David Jones and Myer have been scrambling to launch their own "premium" in-store services and price matching strategies or revamped online stores ahead of Amazon's arrival.

Thousands of Australian brands have already signed up with Amazon to sell their wares locally and internationally. Small and medium-sized Australian businesses are selling on Amazon Marketplace. Amazon's allowing free delivery on eligible orders above $49 that are sold by Amazon, and the company is rolling out one-day delivery service to select areas. Plus, for the first time, Australian customers will be able to access Prime Video and Twitch Prime, launching Prime shipping benefits in Australia in mid-2018 (registration for Prime is open now for Aussies).

Piracy

Not Even Free TV Can Get People To Stop Pirating Movies and TV Shows (qz.com) 221

An anonymous reader quotes a report from Quartz: Since the internet made it easier to illegally download and stream movies and TV shows, Hollywood struggled with people pirating its works online. About $5.5 billion in revenue was lost to piracy globally last year, Digital TV Research found (pdf), and it's expected to approach $10 billion by 2022. Streaming-video services like Netflix and Hulu have made it more affordable to access a wide-range of titles from different TV networks and movie studios. But the availability of cheap content online has done little to curb piracy, according to research published in Management Science (paywall) last month. Customers who were offered free subscriptions to a video-on-demand package (SVOD) were just as likely to turn to piracy to find programming as those without the offering, researchers at Catolica Lisbon School of Business & Economics and Carnegie Mellon University found.

The researchers partnered with an unnamed internet-service provider -- in a region they chose not to disclose -- to offer customers who were already prone to piracy an on-demand package for free for 45 days. About 10,000 households participated in the study, and about half were given the free service. The on-demand service was packaged like Netflix or Hulu in layout, appearance, and scope of programming, but was delivered through a TV set-top box. It had a personalized recommendation engine that surfaced popular programming based on what those customers were already watching illegally through BitTorrent logs, which were obtained from a third-party firm. The study found that while the participants watched 4.6% more TV overall when they had the free on-demand service, they did not stop using BitTorrent to pirate movies and TV shows that were not included in the offering.

Security

PayPal Says 1.6 Million Customer Details Stolen In Breach At Canadian Subsidiary (bleepingcomputer.com) 24

New submitter Kargan shares a report from BleepingComputer: PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers. The victim of the security breach is TIO Networks, a Canadian company that runs a network of over 60,000 utility and bills payment kiosks across North America. PayPal acquired TIO Networks this past July for $238 million in cash. PayPal reportedly suspended the operations of TIO's network on November 10th. "PayPal says the intruder(s) got access to the personal information of both TIO customers and customers of TIO billers," reports BleepingComputer. "The company did not reveal what type of information the attacker accessed, but since this is a payment system, attackers most likely obtained both personally-identifiable information (PII) and financial details." The company has started notifying customers and is offering free credit monitoring memberships.
Businesses

NYTimes Editorial Board: The FCC Wants To Let Telecoms Cash In on the Internet (nytimes.com) 268

The New York Times' Editorial Board writes: The chairman of the Federal Communications Commission wants to let Comcast, Verizon and other broadband companies turn the internet into a latter-day version of cable TV, in which they decide what customers can watch and how much they pay for that content. That's essentially what would happen under the proposal by the chairman, Ajit Pai, to abandon the commission's network neutrality rules, which prevent telecom companies from interfering with how their customers use the internet. Net neutrality prevents those companies from having companies like Amazon pay a fee to get their content delivered more quickly than their rivals', and from having the firms throttle other services and websites, even blocking customer access to, say, Netflix or an online newspaper. Under Mr. Pai's proposal, telecom companies would effectively be allowed to sell you a basic internet plan that might include only limited access to Google and email. For Facebook and Twitter you might need a slightly more expensive deluxe plan. The premium plan might include access to Netflix and Amazon. Oh, and by the way, media businesses eager to gain more users could pay broadband companies to be included in their enhanced basic or deluxe plans. Further reading: Associated Press fact check: Net-neutrality claims leave out key context; The death of the Internet.
Intel

Dell Begins Offering Laptops With Intel's 'Management Engine' Disabled (liliputing.com) 140

An anonymous reader quotes Liliputing.com Linux computer vendor System76 announced this week that it will roll out a firmware update to disable Intel Management Engine on laptops sold in the past few years. Purism will also disable Intel Management Engine on computers it sells moving forward. Those two computer companies are pretty small players in the multi-billion dollar PC industry. But it turns out one of the world's largest PC companies is also offering customers the option of buying a computer with Intel Management Engine disabled.

At least three Dell computers can be configured with an "Intel vPro -- ME Inoperable, Custom Order" option, although you'll have to pay a little extra for those configurations... While Intel doesn't officially provide an option to disable its Management Engine, independent security researchers have discovered methods for doing that and we're starting to see PC makers make use of those methods.

The option appears to be available on most of Dell's Latitude laptops (from the 12- to 15-inch screens), including the 7480, 5480, and 5580 and the Latitude 14 5000 Series (as well as several "Rugged" and "Rugged Extreme" models).

Dell is charging anywhere from $20.92 to $40 to disable Intel's Management Engine.

Slashdot Top Deals