The Internet

Ajit Pai's FCC Can't Admit Broadband Competition Is a Problem (dslreports.com) 28

An anonymous reader quotes a report from DSLReports: While the FCC is fortunately backing away from a plan that would have weakened the standard definition of broadband, the agency under Ajit Pai still can't seem to acknowledge the lack of competition in the broadband sector. Or the impact this limited competition has in encouraging higher prices, net neutrality violations, privacy violations, or what's widely agreed to be some of the worst customer service of any industry in America. The Trump FCC had been widely criticized for a plan to weaken the standard definition of broadband from 25 Mbps down, 3 Mbps up, to include any wireless connection capable of 10 Mbps down, 1 Mbps up. Consumer advocates argued the move was a ham-fisted attempt to try and tilt the data to downplay the industry's obvious competitive and coverage shortcomings. They also argued that the plan made no coherent sense, given that wireless broadband is frequently capped, often not available (with carrier maps the FCC relies on falsely over-stating coverage), and significantly more expensive than traditional fixed-line service.

In a statement (pdf), FCC boss Ajit Pai stated the agency would fortunately be backing away from the measure, while acknowledging that frequently capped and expensive wireless isn't a comparable replacement for fixed-line broadband. "The draft report maintains the same benchmark speed for fixed broadband service previously adopted by the Commission: 25 Mbps download/3 Mbps upload," stated Pai. "The draft report also concludes that mobile broadband service is not a full substitute for fixed service. Instead, it notes there are differences between the two technologies, including clear variations in consumer preferences and demands." That's the good news. The bad news: the FCC under Pai's leadership continues to downplay and ignore the lack of competition in the sector, and the high prices and various bad behaviors most people are painfully familiar with.

Wireless Networking

Google Releases Fix For Chromecast Wi-Fi Crashes (zdnet.com) 32

An anonymous reader quotes a report from ZDNet: Google on Wednesday said it will release an update Jan. 18 to fix a bug in Cast software on Android phones that dramatically slows down WiFi networks. Reports have been circulating this week that the Google Home Max speaker can knock the TP-Link Archer C7 router offline. In a support page, Google explains a bug caused the Cast software that connects with Chromecast devices to send a large amount of network traffic routers can't handle. Google said the update will roll out via a Google Play services update. Until the update is released, Google advises users to try rebooting their Android phone, and check that their WiFi router is updated with the latest firmware. Google didn't list specific routers impacted by the bug, but reports have indicated routers from Linksys and Synology are seeing network crashes as well.
Operating Systems

Google's Fuchsia OS On the Pixelbook (arstechnica.com) 70

An anonymous reader quotes a report from 9to5Google: Our early look at Fuchsia OS last May provided a glimpse into a number of new interface paradigms. Several months later, we now have an updated hands-on with Google's future operating system that can span various form factors. This look at the in-development OS eight months later comes courtesy of Ars Technica who managed to get Fuchsia installed on the Pixelbook. The Made by Google Chromebook is only the third officially supported "target device" for Fuchsia development. As our last dive into the non-Linux kernel OS was through an Android APK, we did not encounter a lockscreen. The Ars hands-on shows a basic one that displays the time at center and Fuchsia logo in the top-left corner to switch between phone and desktop/tablet mode, while a FAB (of sorts) in the opposite corner lets users bring up WiFi controls, Login, and Guest.

Only Guest is fully functioning at this stage -- at least for non-Google employees. Once in this mode, we encounter an interface similar to the one we spotted last year. The big difference is how Google has filled in demo information and tweaked some elements. On phones and tablets, Fuchsia essentially has three zones. Recent apps are above, at center are controls, and below is a mixture of the Google Feed and Search. The controls swap out the always-displayed profile icon for a Fuchsia button. Tapping still surfaces Quick Settings which actually reflect current device battery levels and IP address. Impressively, Ars found a working web browser that can actually surf the internet. Google.com is the default homepage, with users able to visit other sites through that search bar. Other examples of applications, which are just static images, include a (non-working) phone dialer, video player, and Google Docs. The Google Calendar is notable for having subtle differences to any known version, including the tablet or web app.

Security

'Text Bomb' Is Latest Apple Bug (bbc.com) 58

An anonymous reader quotes a report from the BBC: A new "text bomb" affecting Apple's iPhone and Mac computers has been discovered. Abraham Masri, a software developer, tweeted about the flaw which typically causes an iPhone to crash and in some cases restart. Simply sending a message containing a link which pointed to Mr Masri's code on programming site GitHub would be enough to activate the bug -- even if the recipient did not click the link itself. Mr Masri said he "always reports bugs" before releasing them. Apple has not yet commented on the issue. On a Mac, the bug reportedly makes the Safari browser crash, and causes other slowdowns. Security expert Graham Cluley wrote on his blog that the bug does not present anything to be particularly worried about -- it's merely very annoying. After the link did the rounds on social media, Mr Masri removed the code from GitHub, therefore disabling the "attack" unless someone was to replicate the code elsewhere.
Businesses

Tim Cook Says Power Management Feature In Older iPhones Will Be Able To Be Turned Off In Future Update (macrumors.com) 152

In an interview with Rebecca Jarvis of ABC News, Apple CEO Tim Cook touched on the ongoing controversy over power management features in older iPhones. He says that a future update will allow customers to turn off the power management feature that has caused older iPhones to slow down. Mac Rumors reports: According to Cook, when the power management features were first introduced in iOS 10.2.1, Apple did explain what was going on, but following the controversy, he believes Apple should have been clearer. The company did indeed mention that the shutdown issue was caused by uneven power delivery and explained that its power management system had been tweaked, but there was no clear notice that it could cause devices to operate more slowly at times. Cook says Apple "deeply apologizes" to customers who thought the company had other motivations. Apple is introducing better battery monitoring features in a future iOS update, and Cook says Apple will also allow customers to turn off the power management feature, which is new information that the company has not previously shared. The majority of the interview was focused on the announcements that Apple made today. The company plans to contribute $350 billion in the U.S. economy over the next five years, as well as issue employees a bonus of $2,500 of restricted stock units following the introduction of the new U.S. tax law.
Security

Many Enterprise Mobile Devices Will Never Be Patched Against Meltdown, Spectre (betanews.com) 103

Mark Wilson shares a report from BetaNews: The Meltdown and Spectre bugs have been in the headlines for a couple of weeks now, but it seems the patches are not being installed on handsets. Analysis of more than 100,000 enterprise mobile devices shows that just a tiny percentage of them have been protected against the vulnerabilities -- and some simply may never be protected. Security firm Bridgeway found that just 4 percent of corporate phones and tablets in the UK have been patched against Spectre and Meltdown. Perhaps more worryingly, however, its research also found that nearly a quarter of enterprise mobile devices will never receive a patch because of their age. Organizations are advised to check for the availability of patches for their devices, and to install them as soon as possible. Older devices that will never be patched -- older than Marshmallow, for example -- should be replaced to ensure security, says Bridgeway.
Wireless Networking

Google Home and Chromecast Could Be Overloading Your Home Wi-Fi (theverge.com) 129

Google Cast products could be to blame for your wonky internet connection. According to TP-Link, "The Cast feature normally sends packets of information at regular intervals to keep a live connection with products like Google Home," reports The Verge. "However, if the device is awakened from a 'sleep' mode, it will sometimes send a burst of information at once, which can overwhelm a router. The longer a Cast device has been in 'sleep' mode, the more information it might send at once." The engineer says that could exceed over 100,000 packets, an amount that "may eventually cause some of [the] router's primary features to shut down -- including wireless connectivity."

TP-Link has reportedly fixed the issue in its C1200 router, but a broader fix from Google's end has not been found.
The Almighty Buck

OnePlus Customers Report Credit Card Fraud After Buying From the Company's Website (androidpolice.com) 62

If you purchased a OnePlus smartphone recently from the official OnePlus website, you might want to check your transactions to make sure there aren't any you don't recognize. "A poll was posted on the OnePlus forum on Thursday asking users if they had noticed fraudulent charges on their credit cards since purchasing items on the OnePlus site," reports Android Police. "More than 70 respondents confirmed that they had been affected, with the majority saying they had bought from the site within the past 2 months." From the report: A number of FAQs and answers follow, in which OnePlus confirms that only customers who made credit card payments are affected, not those who used PayPal. Apparently, card info isn't stored on the site but is instead sent directly to a "PCI-DSS-compliant payment processing partner" over an encrypted connection. [...] OnePlus goes on to say that intercepting information should be extremely difficult as the site is HTTPS encrypted, but that it is nevertheless carrying out a complete audit. In the meantime, affected customers are advised to contact their credit card companies immediately to get the payments canceled/reversed (called a chargeback). OnePlus will continue to investigate alongside its third-party service providers, and promises to update with its findings as soon as possible.

According to infosec firm Fidus, there is actually a brief window in which data could be intercepted. Between entering your card details into the form and hitting 'submit,' the details are apparently hosted on-site, which could give attackers all the time they need to steal those precious digits and head off on a spending spree. Fidus also notes that the company doesn't appear to be PCI-compliant, but that directly contradicts OnePlus' own statement. We'll have to wait until more details emerge before we pass judgment.
Here's OnePlus' official statement on the matter: "At OnePlus, we take information privacy extremely seriously. Over the weekend, members of the OnePlus community reported cases of unknown credit card transactions occurring on their credit cards post purchase from oneplus.net. We immediately began to investigate as a matter of urgency, and will keep you updated. This FAQ document will be updated to address questions raised."
Communications

The Tech Failings of Hawaii's Missile Alert 232

Over the weekend, Hawaii incorrectly warned citizens of a missile attack via their phones. According to The Washington Post, the error was a result of a staffer picking the wrong option -- missile alert instead of test missile alert -- from a drop down software menu. Hawaiian officials say they have already changed protocols to avoid a repeat of the scenario. The report goes on to add: Part of what worsened the situation Saturday was that there was no system in place at the state emergency agency for correcting the error, HEMA (Hawaii Emergency Management Agency) spokesman Richard Rapoza said. The state agency had standing permission through FEMA to use civil warning systems to send out the missile alert -- but not to send out a subsequent false alarm alert, he said. Though the Hawaii Emergency Management Agency posted a follow-up tweet at 8:20 a.m. saying there was "NO missile threat," it wouldn't be until 8:45 a.m. that a subsequent cellphone alert was sent telling people to stand down. Motherboard notes that new regulations require telecom companies to offer a testing system for local and state alert originators, but because of lobbying by Verizon and CTIA, this specific regulation does not go into effect until March 2019.

In a piece, The Atlantic argues that the 90-character messages sent by the system aren't suited to the way we use our devices.
Cellphones

Text Message Scammer Gets Five Years in Prison (reuters.com) 69

36-year-old Fraser Thompson is going to prison, according to Reuters, after receiving a five-year sentence for "defrauding" cellphone customers out of millions of dollars. An anonymous reader quotes Reuters: Prosecutors said Thompson engaged in a scheme to sign up hundreds of thousands of cellphone customers for paid text messaging services without their consent. The customers were subsequently forced to pay more than $100 million for unsolicited text messages that included trivia, horoscopes and celebrity gossip, according to the prosecutors. They said the scheme was headed by Darcy Wedd, Mobile Messenger's former chief executive, who was found guilty by a jury in December but has not yet been sentenced. "They ripped off everyday cellphone users, $10 a month, netting over $100 million in illegal profits, of which Thompson personally received over $1.5 million," Manhattan U.S. Attorney Geoffrey S. Berman said in a statement.
Thompson was ordered to forfeit $1.5 million in "fraud proceeds," according to the article, and was convicted of conspiracy, wire fraud, identity theft and money laundering.

Seven other people also pleaded guilty to participating in the scam -- and one has already been sentenced to 33 months in prison.
Cellphones

Fake 'Inbound Missile' Alert Sent To Every Cellphone in Hawaii (chicagotribune.com) 227

"Somebody sent out a false emergency alert to all cell phones in Hawaii saying, 'BALLISTIC MISSILE THREAT INBOUND TO HAWAII. SEEK IMMEDIATE SHELTER. THIS IS NOT A DRILL'," writes Slashdot reader flopwich, adding "Somebody's had better days at work." The Associated Press reports: In a conciliatory news conference later in the day, Hawaii officials apologized for the mistake and vowed to ensure it will never happen again. Hawaii Emergency Management Agency Administrator Vern Miyagi said the error happened when someone hit the wrong button. "We made a mistake," said Miyagi. For nearly 40 minutes, it seemed like the world was about to end in Hawaii, an island paradise already jittery over the threat of nuclear-tipped missiles from North Korea...

On the H-3, a major highway north of Honolulu, vehicles sat empty after drivers left them to run to a nearby tunnel after the alert showed up, the Honolulu Star-Advertiser reported. Workers at a golf club huddled in a kitchen fearing the worst... The Hawaii Emergency Management Agency tweeted there was no threat about 10 minutes after the initial alert, but that didn't reach people who aren't on the social media platform. A revised alert informing of the "false alarm" didn't reach cellphones until 38 minutes later, according to the time stamp on images people shared on social media.

Wireless Networking

FCC Undoing Rules That Make It Easier For Small ISPs To Compete With Big Telecom (vice.com) 98

An anonymous reader quotes a report from Motherboard: The Federal Communications Commission is currently considering a rule change that would alter how it doles out licenses for wireless spectrum. These changes would make it easier and more affordable for Big Telecom to scoop up licenses, while making it almost impossible for small, local wireless ISPs to compete. The Citizens Broadband Radio Service (CBRS) spectrum is the rather earnest name for a chunk of spectrum that the federal government licenses out to businesses. It covers 3550-3700 MHz, which is considered a "midband" spectrum. It can get complicated, but it helps to think of it how radio channels work: There are specific channels that can be used to broadcast, and companies buy the license to broadcast over that particular channel. The FCC will be auctioning off licenses for the CBRS, and many local wireless ISPs -- internet service providers that use wireless signal, rather than cables, to connect customers to the internet -- have been hoping to buy licenses to make it easier to reach their most remote customers.

The CBRS spectrum was designed for Navy radar, and when it was opened up for auction, the traditional model favored Big Telecom cell phone service providers. That's because the spectrum would be auctioned off in pieces that were too big for smaller companies to afford -- and covered more area than they needed to serve their customers. But in 2015, under the Obama administration, the FCC changed the rules for how the CBRS spectrum would be divvied up, allowing companies to bid on the spectrum for a much smaller area of land. Just as these changes were being finalized this past fall, Trump's FCC proposed going back to the old method. This would work out well for Big Telecom, which would want larger swaths of coverage anyway, and would have the added bonus of being able to price out smaller competitors (because the larger areas of coverage will inherently cost more.)
As for why the FCC is even considering this? You can blame T-Mobile. "According to the agency's proposal, because T-Mobile and CTIA, a trade group that represents all major cellphone providers, 'ask[ed] the Commission to reexamine several of the [...] licensing rules,'" reports Motherboard. The proposal reads: "Licensing on a census tract-basis -- which could result in over 500,000 [licenses] -- will be challenging for Administrators, the Commission, and licensees to manage, and will create unnecessary interference risks due to the large number of border areas that will need to be managed and maintained."
Crime

Apple Health Data Is Being Used As Evidence In a Rape and Murder Investigation (vice.com) 185

An anonymous reader quotes a report from Motherboard: Hussein K., an Afghan refugee in Freiburg, has been on trial since September for allegedly raping and murdering a student in Freiburg, and disposing of her body in a river. But many of the details of the trial have been hazy -- no one can agree on his real age, and most notably, there's a mysterious chunk of time missing from the geodata and surveillance video analysis of his whereabouts at the time of the crime. He refused to give authorities the passcode to his iPhone, but investigators hired a Munich company (which one is not publicly known) to gain access to his device, according to German news outlet Welt. They searched through Apple's Health app, which was added to all iPhones with the release of iOS 8 in 2014, and were able to gain more data about what he was doing that day. The app records how many steps he took and what kind of activity he was doing throughout that day. The app recorded a portion of his activity as "climbing stairs," which authorities were able to correlate with the time he would have dragged his victim down the river embankment, and then climbed back up. Freiburg police sent an investigator to the scene to replicate his movements, and sure enough, his Health app activity correlated with what was recorded on the defendant's phone.
Encryption

FBI Calls Apple 'Jerks' and 'Evil Geniuses' For Making iPhone Cracks Difficult (itwire.com) 348

troublemaker_23 shares a report from iTWire: A forensics expert from the FBI has lashed out at Apple, calling the company's security team a bunch of "jerks" and "evil geniuses" for making it more difficult to circumvent the encryption on its devices. Stephen Flatley told the International Conference on Cyber Security in New York on Wednesday that one example of the way that Apple had made it harder for him and his colleagues to break into the iPhone was by recently making the password guesses slower, with a change in hash iterations from 10,000 to 10,000,000. A report on the Motherboard website said Flatley explained that this change meant that the speed at which one could brute-force passwords went from 45 attempts a second to one every 18 seconds. "Your crack time just went from two days to two months," he was quoted as saying. "At what point is it just trying to one up things and at what point is it to thwart law enforcement? Apple is pretty good at evil genius stuff," Flatley added.
Cellphones

Future Samsung Phones Will Have a Working FM Radio Chip (androidpolice.com) 215

A few months ago, LG announced a partnership with NextRadio to unlock the FM chip in its smartphones. Now, Samsung is doing the same. Android Police reports: NextRadio made the announcement, rightly explaining that FM radio is essential in areas with low connectivity and in emergency and disaster situations where a connection might be difficult to obtain or maintain and where access to information could be a matter of life and death. With the chip unlocked, users will be able to listen to local radio on their phone using the NextRadio Android app. The press release mentions that "upcoming [Samsung] smartphone models in the U.S. and Canada" will have the FM chip unlocked, however I did find several existing Samsung devices with their FM chip enabled on NextRadio's site.
China

Apple To Transfer Chinese iCloud Operations To Chinese Firm (bbc.com) 72

Apple's iCloud services in mainland China will be operated by a Chinese company from next month, the tech giant has confirmed, though Apple will still have access to all data stored on iCloud. The company said it had made the move to comply with the country's cloud computing regulations. iCloud accounts registered outside of China are not affected. BBC reports: The Chinese cyber security rules, introduced in July last year, include a requirement for companies to store all data within China. The firm, Guizhou on the Cloud Big Data (GCBD), is owned by the Guizhou provincial government in southern China. Guizhou is where Apple opened a $1 billion data center last year to meet the regulations. iCloud data will be transferred from February 28, Apple said. Customers living in mainland China who did not want to use iCloud operated by GCBD were given the option to terminate their account. Apple said the "partnership" with GCBD would allow it to "improve the speed and reliability of our iCloud services products while also complying with newly passed regulations that cloud services be operated by Chinese companies." It added that Apple had "strong data privacy and security protections in place and no backdoors will be created into any of our systems." However, some on social media have said the step gives Beijing more opportunity to monitor its citizens and others living in the country.
Cellphones

Samsung Will Unveil the Galaxy S9 Next Month At Mobile World Congress (theverge.com) 55

Samsung will unveil its next flagship handset, the Galaxy S9, next month at Mobile World Congress (MWC). DJ Koh, the company's smartphone chief, confirmed the launch to ZDNet at CES yesterday without offering a specific date. The Verge reports: The S9 (and, presumably, an S9 Plus) will be the successors to the S8 and S8 Plus, which launched at a Samsung event in New York last March before going on sale in April. The S8 and its bigger brother were a hit with critics, who praised the phones' gorgeous design and brilliant cameras. The phones were even good enough to make consumers forget about the disaster of the Galaxy Note 7 and its exploding batteries. Not much is known about the Galaxy S9 at this point, though we're not expecting any radical departures from the S8. A handful of leaked renders suggest it will look near-identical to its predecessor, with a slight tweak moving the rear fingerprint sensor to below the camera (rather than its current, awkward position of off to one side).
Communications

FCC Plan To Lower Broadband Standards Is Met With 'Mobile Only Challenge' (arstechnica.com) 145

An anonymous reader quotes a report from Ars Technica: Broadband consumer advocates have launched a "Mobile Only Challenge" to show U.S. regulators that cellular data should not be considered an adequate replacement for home Internet service. The awareness campaign comes as the Federal Communications Commission is considering a change to the standard it uses to judge whether broadband is being deployed to all Americans in a reasonable and timely fashion. While FCC Chairman Ajit Pai hasn't released his final plan yet, the FCC may soon declare that America's broadband deployment problem is solved as long as everyone has access to either fast home Internet or cellular Internet service with download speeds of at least 10Mbps. That would be a change from current FCC policy, which says that everyone should have access to both mobile data and fast home Internet services such as fiber or cable.

"The FCC wants to lower broadband standards," organizers of the Mobile Only Challenge say on the campaign's website. "Pledge to spend one day in January 2018 accessing the Internet only on your mobile device to tell them that's not OK." The Mobile Only Challenge was organized by Public Knowledge, Next Century Cities, New America's Open Technology Institute, the Institute for Local Self-Reliance, the National Hispanic Media Coalition (NHMC), and other groups. Participants are encouraged to share their experiences using the #MobileOnly hashtag.

Businesses

Senator Wants Apple To Answer Questions on Slowing iPhones (reuters.com) 169

The chairman of a U.S. Senate committee overseeing business issues asked Apple to answer questions about its disclosure that it slowed older iPhones with flagging batteries, Reuters reported on Wednesday, citing a letter. From the report: The California-based company apologized over the issue on Dec. 28, cut battery replacement costs and said it will change its software to show users whether their phone battery is good. Senator John Thune, a Republican who chairs the Commerce, Science and Transportation Committee, said in a Jan. 9 letter to Apple Chief Executive Officer Tim Cook that "the large volume of consumer criticism leveled against the company in light of its admission suggests that there should have been better transparency."
Cellphones

'I Tried the First Phone With An In-Display Fingerprint Sensor' (theverge.com) 70

Vlad Savov from The Verge reports of his experience using the first smartphone with a fingerprint scanner built into the display: After an entire year of speculation about whether Apple or Samsung might integrate the fingerprint sensor under the display of their flagship phones, it is actually China's Vivo that has gotten there first. At CES 2018, I got to grips with the first smartphone to have this futuristic tech built in, and I was left a little bewildered by the experience. The mechanics of setting up your fingerprint on the phone and then using it to unlock the device and do things like authenticate payments are the same as with a traditional fingerprint sensor. The only difference I experienced was that the Vivo handset was slower -- both to learn the contours of my fingerprint and to unlock once I put my thumb on the on-screen fingerprint prompt -- but not so much as to be problematic. Basically, every other fingerprint sensor these days is ridiculously fast and accurate, so with this being newer tech, its slight lag feels more palpable. Vivo is using a Synaptics optical sensor called Clear ID that works by peering through the gaps between the pixels in an OLED display (LCDs wouldn't work because of their need for a backlight) and scanning your uniquely patterned epidermis. The sensor is already in mass production and should be incorporated in several flagship devices later this year.

Slashdot Top Deals