Network

Hackers Can Spoof Phone Numbers, Track Users Via 4G VoLTE Mobile Technology (bleepingcomputer.com) 38

An anonymous reader writes: "A team of researchers from French company P1 Security has detailed a long list of issues with the 4G VoLTE telephony, a protocol that has become quite popular all over the world in recent years and is currently in use in the US, Asia, and most European countries," reports Bleeping Computer. Researchers say they identified several flaws in the VoLTE protocol (a mixture of LTE and VoIP) that allow an attacker to spoof anyone's phone number and place phone calls under new identities, and extract IMSI and geo-location data from pre-call message exchanges. These issues can be exploited by both altering some VoLTE packets and actively interacting with targets, but also by passively listening to VoLTE traffic on an Android device. Some of these flaws don't even need a full call/connection to be established between the victim and the target for the data harvesting operation to take place. Additionally, another flaw allows users to make calls and use mobile data without being billed. The team's research paper, entitled "Subscribers remote geolocation and tracking using 4G VoLTE enabled Android phone" was presented last week at SSTIC (Symposium sur la Securite des Technologies de l'Information et des Communications), a security conference held each year in Rennes, France.
Facebook

Man Sentenced to Death For Blasphemous Facebook Comments In Pakistan (gizmodo.com) 469

In what is believed to be "the first time the death penalty had been awarded in a case related to social media," a 30-year-old man in Pakistan has been sentenced to death for blasphemy in comments made on Facebook. Gizmodo reports: The prosecutor told The Times of India that Taimoor Raza was arrested "after playing blasphemous and hate speech material on his phone on a bus stop in Bahawalpur, where a counter-terrorism officer arrested him and confiscated his phone." It was the material on Raza's phone that led to his arrest. The Guardian reports that the accused's brother said Raza "indulged in a sectarian debate on Facebook with a person, who we later come to know, was a [counter-terrorism department] official with the name of Muhammad Usman." Raza's defense attorney told The Guardian the initial charges were limited to "insulting remarks on sectarian grounds," which carries a maximum two-year jail sentence, but that "derogatory acts against prophet Muhammad," which carry a death sentence, were added later. According to The Times of India, Raza will be able to appeal the ruling to the Pakistani High Court and the Supreme Court. Facebook said in a statement: "We are deeply saddened and concerned by the death sentence served in Pakistan for a Facebook post. Facebook uses powerful systems to keep people's information secure and tools to keep their accounts safe, and we do not provide any government with direct access to people's data. We will continue to protect our community from unnecessary or overreaching government intervention."
Government

'COVFEFE Act' Would Make Social Media a Presidential Record (thehill.com) 322

An anonymous reader quotes a report from The Hill: Rep. Mike Quigley (D-Ill.) introduced legislation Monday to classify presidential social media posts -- including President Trump's much-discussed tweets -- as presidential records. The Communications Over Various Feeds Electronically for Engagement (COVFEFE) Act, which has the same acronym as an infamous Trump Twitter typo last month, would amend the Presidential Records Act to include "social media." Presidential records must be preserved, according to the Presidential Records Act, which would make it potentially illegal for the president to delete tweets. "President Trump's frequent, unfiltered use of his personal Twitter account as a means of official communication is unprecedented. If the President is going to take to social media to make sudden public policy proclamations, we must ensure that these statements are documented and preserved for future reference. Tweets are powerful, and the President must be held accountable for every post," said Quigley in a statement. Most people took the "covfefe" tweet to be a typo, although press secretary Sean Spicer told the media that the term was used intentionally. "The president and a small group of people know exactly what he meant," he said.
United States

Sharp To Americans: You Don't Want to Buy a Sharp-Brand TV (wsj.com) 115

Sharp has sued China's Hisense Electric, which licensed the Sharp brand for televisions sold in the U.S., accusing Hisense of putting the Sharp name on poor-quality TVs and deceptively advertising them (alternative source). From a report: The court action is the latest effort by Osaka-based Sharp to retrieve the right to use its own name when selling TVs in one of the world's largest markets. Sharp is trying to recover its position as a global maker of consumer electronics. Hisense rejected the allegations and said it was selling high-quality televisions under the Sharp name. The dispute illustrates the risks when the owner of a well-known brand name gives up control over products sold under that name.
United States

Trump-Style Tactics Finally Stopped Working For Uber (buzzfeed.com) 238

BuzzFeed Editor-in-Chief Ben Smith describes a three-year-old meeting that Uber held -- which saw several influencers including actor Ed Norton among attendees -- as the beginning of the ride-hailing company's long slow meltdown. Later today, the company is expected to announce that its CEO Travis Kalanick would be temporarily stepping away, and his closest lieutenant is all set to hand his resignation. On Sunday, the company held a board meeting, which according to several journalists, lasted for nearly seven hours. The meeting capped a difficult stretch for the ride-hailing company, which is trying to weather an investigation into its workplace culture, a lawsuit by Google parent Alphabet over the alleged theft of self-driving car trade secrets, a federal probe into its business practices, and the recent departures of top executives. Back to Ben: At the dinner (which took place three years ago), Emil Michael, the right hand of CEO Travis Kalanick, heatedly complained to me about the press. The company, he told me, could hire a team of opposition researchers to fight fire with fire and attack the media -- specifically to smear a female journalist who has criticized the company. I suggested to him that this plan wouldn't really work because the story would immediately become a story about Uber behaving like maniacs. "Nobody would know it was us," Michael responded. "But you just told me!," I replied. [...] Instead of making any meaningful changes, Uber simply pressed on for years. It found both continued growth and accumulating scandals. Many of its crises, like those remarks to me, were tinged with misogyny, whether sexual harassment of its engineers or pulling a rape victim's medical files. After one of those engineers, Susan Fowler, stepped forward with a blog post detailing systemic sexual harassment and discrimination -- a post that was followed up by a series of devastating stories by The New York Times, Recode, and others -- the company invited former Attorney General Eric Holder to lead an internal investigation. Sunday, the Wall Street Journal reported that Michael is set to resign, and Reuters reported Kalanick will take a leave of absence ahead of what's expected to be a deeply damning Holder report. (Kalanick is also coping with a family tragedy.) They will leave having built the most valuable private company in the world. But it is a company whose cultural darkness is inseparable from its place as the icon of the tech boom. Uber -- and the boom -- have been defined both by massive new conveniences and by a corporate culture that is aggressive, paranoid, and dismissive of, in particular, complaints from women; a culture of enemies lists and cavalier approaches to the law. Emil Michael told Uber employees Monday that he has left the company.
Printer

Researcher Wants To Protect Whistleblowers Against Hidden Printer Dots (bleepingcomputer.com) 218

An anonymous reader writes: "Gabor Szathmari, a security researcher for CryptoAUSTRALIA, is working on a method of improving the security of leaked documents by removing hidden dots left behind by laser printers, which are usually used to watermark documents and track down leakers," reports Bleeping Computer. "Szathmari's work was inspired by the case of a 25-year-old woman, Reality Leigh Winner, who was recently charged with leaking top-secret NSA documents to a news outlet." According to several researchers, Winner might have been caught after The Intercept had shared some of the leaked documents with the NSA. These documents had the invisible markings left behind by laser printers, which included the printer's serial number and the date and time when the document was printed. This allowed the NSA to track down Winner and arrest her even before she was able to publish the leaked documents. Now, Szatmari has submitted a pull request to the PDF Redact Tools, a project for securely redacting and stripping metadata from documents before publishing. Szathmari's pull request adds a code routine to the PDF Redact Tools project that would allow app operators to convert documents to black and white before publishing. "The black and white conversion will convert colors like the faded yellow dots to white," Szathmari said in an interview. Ironically, the project is managed by First Look Media, the parent company behind The Intercept news outlet.
Television

Younger Millennials Don't Know What Networks Are Responsible For TV Shows, Unless It's Netflix (thenextweb.com) 185

According to a new report from consulting firm Anatomy Media, millennials aren't able to identify the networks responsible for some of the most popular television shows, unless they're created by Netflix. The report indicates that most viewers age 18-26 can't match television shows from ABC, NBC, FOX, CBS, or Disney to to their respective networks. The Next Web reports: This means Jessica Jones is more likely to resonate with millennials as Netflix original programming than Empire does as a Fox network show. 65-percent of the respondents were able to identify a Netflix show correctly, compared to only 31-percent able to do so for other networks' programming. It was even worse for Amazon -- only 20-percent of the young adults could match its shows correctly. The most coveted demographic in television marketing cares twice as much about Netflix as any other provider -- and nobody cares about Amazon's original programming. A different survey conducted by Fluent Insights asked 3,100 millennials about their television viewing habits: half said they watched television exclusively on mobile or desktop platforms.
Operating Systems

Skype Retires Older Apps for Windows, Linux (techcrunch.com) 121

An anonymous reader writes: The newest version of the Skype app takes a big hat-tip from social media platforms like Snapchat and Facebook's Messenger with its newest features, adding a Stories-like feature called Highlights, a big selection of bots to add into chats and a longer plan to upgrade group conversations with more features. Now, as part of the effort to get people to use the new Skype more, the company is also doubling down on something else: Skype is trying to get users off of older versions of Skype. As part of that push, the Microsoft-owned company has sent out messages to users this week noting that it will be retiring a host of older iterations on July 1. Those who are still using them after that day will likely no longer be able to sign on. Skype app won't work on the follow OS versions: Android 4.0.2 and lower, BlackBerry OS 7.1 and lower, iOS 7 and lower, Linux (Linux users must upgrade to Skype for Linux Beta), Mac OS X 10.8 and lower, Symbian OS, Skype mobile for Verizon, Skype on 3, Skype on TV, Windows 10 task-based app, Windows Phone 8.1 and lower, and Windows RT.
Media

Ask Slashdot: What Is Your View On Sloot Compression? (youtube.com) 418

An anonymous reader writes: A Dutch electronics engineer named Jan Sloot spent 20 years of his life trying to compress broadcast quality video down to kilobytes -- not megabytes or gigabytes (the link in this story contains an 11 minute mini-documentary on Sloot). His CODEC, finalized in the late 1990s, consisted of a massive 370Mb decoder engine that likely contained some kind of clever system for procedurally generating just about any video frame or audio sample desired -- fractals or other generative approaches may have been used by Sloot. The "instruction files" that told this decoder what kind of video frames, video motion and audio samples to generate were supposedly only kilobytes in size -- kind of like small MIDI files being able to generate hugely complex orchestral scores when they instruct a DAW software what to play. Jan Sloot died of a heart attack two days before he was due to sign a technology licensing deal with a major electronics company. The Sloot Video Compression system source code went missing after his death and was never recovered, prompting some to speculate that Jan Sloot was killed because his ultra-efficient video compression and transmission scheme threatened everyone profiting from storing, distributing and transmitting large amounts of digital video data. I found out about Sloot Compression only after watching some internet videos on "invention suppression." So the question is: is it technically possible that Sloot Compression, with its huge decoder file and tiny instruction files, actually worked? According to Reddit user PinGUY, the Sloot Digital Coding System may have been the inspiration for Pied Piper, a fictional data compression algorithm from HBO's Silicon Valley. Here's some more information about the Sloot Digital Coding System for those who are interested.
Government

Former FBI Director Admitted He Was the Source Of At Least One Leak To the Press (theoutline.com) 559

Shortly after his dismissal as head of the FBI, James Comey authorized "a close friend" to leak the contents of his memos to the press in order to prompt a special counsel investigation, he said today. From a report: Former FBI Director James Comey testified that he asked a friend, a law professor at Columbia University, to leak details of his dinner with the President to The New York Times, including the claim that the President asked Comey to drop the investigation into former national security advisor Michael Flynn's contacts with Russian officials. Comey kept meticulous memos of all of his interactions with Trump, and he gave that memo to a friend to pass it along to the Times in order to spark a special investigation. "You considered this not a document of the government, but your own personal document that you could share with the media as you want to?" Senator Roy Blunt asked Comey. "Correct," Comey replied. "I understood this to be my recollection recorded of my conversation with the President. As a private citizen, I felt free to share that. I thought it very important to get it out." Edward Snowden tweeted, "It seems the [former] FBI Director agrees: sometimes the only moral decision is to break the rules."
Safari

Apple Announces Support For WebRTC in Safari 11 (webkit.org) 46

Youenn Fablet, software engineer at Apple, writes: Today we are thrilled to announce WebKit support for WebRTC, available on Safari on macOS High Sierra, iOS 11, and Safari Technology Preview 32. [...] Currently, Safari supports legacy WebRTC APIs. Web developers can check whether their websites conform to the latest specifications by toggling the STP Experimental Features menu item "Remove Legacy WebRTC API". Legacy WebRTC APIs will be disabled by default on future releases. Websites that need to accommodate older implementations of the WebRTC and Media Capture specifications can take advantage of polyfill libraries like adapter.js. Peer5, a startup that offers serverless CDN for massively-scaled video streaming, writes in a blogpost: This is HUGE news for the computing industry. Since its introduction in 2011, WebRTC has become an incredibly important part of everyone's favorite platforms and applications. It is at the core of a few services that you might have heard of, including Google Hangouts, Facebook Messenger, Snapchat and Slack. WebRTC is also supported natively by most major web browsers, including Chrome, Firefox and Opera. But there were 2 big holdouts -- Microsoft's Edge browser and Apple's Safari. This meant that people using those browsers couldn't access WebRTC-based services without installing some type of plug-in. Well, those days are over given the WWDC news and Microsoft's announcement back in January regarding WebRTC support in Edge. Developers can now create compelling browser-based applications that incorporate real-time audio and video (and maybe even a peer-to-peer component) and know that 99% of the world's Web surfers will be able to use their services without having to install any plug-ins or additional software. This newfound ubiquity for WebRTC might even make a developer question whether he has to build a native iOS or Android app to deliver his service to end-users.
Government

Edward Snowden On Trump Administration's Recent Arrest of an Alleged Journalistic Source (freedom.press) 342

Snowden writes: Winner is accused of serving as a journalistic source for a leading American news outlet about a matter of critical public importance. For this act, she has been charged with violating the Espionage Act -- a World War I era law meant for spies -- which explicitly forbids the jury from hearing why the defendant acted, and bars them from deciding whether the outcome was to the public's benefit. This often-condemned law provides no space to distinguish the extraordinary disclosure of inappropriately classified information in the public interest -- whistleblowing -- from the malicious disclosure of secrets to foreign governments by those motivated by a specific intent to harm to their countrymen. The prosecution of any journalistic source without due consideration by the jury as to the harm or benefit of the journalistic activity is a fundamental threat to the free press. As long as a law like this remains on the books in a country that values fair trials, it must be resisted. No matter one's opinions on the propriety of the charges against her, we should all agree Winner should be released on bail pending trial. Even if you take all the government allegations as true, it's clear she is neither a threat to public safety nor a flight risk. To hold a citizen incommunicado and indefinitely while awaiting trial for the alleged crime of serving as a journalistic source should outrage us all.
Government

Slashdot Asks: Is Trump's Blocking of Some Twitter Users Unconstitutional? (usatoday.com) 390

An anonymous reader shares an article: Some Twitter users say President Trump should not be able to block them on the social network. The president makes unprecedented use of Twitter, having posted more than 24,000 times on his @realDonaldTrump account to 31.7 million followers. His tweets about domestic and foreign policy -- and media coverage of him and his administration -- has transformed Twitter into a public forum with free speech protections. That's the opinion of two Twitter users, who have the backing of the Knight First Amendment Institute. They are sending a letter today to the White House asking Trump to unblock them on his @realDonaldTrump Twitter account. Both users say they were blocked recently after tweeting messages critical of the President. Holly O'Reilly (@AynRandPaulRyan), whose Twitter account identifies her as a March for Truth organizer, said she was blocked on May 23 after posting a GIF of Pope Francis looking and frowning at Trump captioned "this is pretty much how the whole world sees you." In the letter to Trump and the White House, the Knight First Amendment Institute's attorneys argue that Trump's Twitter account "operates as a 'designated public forum' for First Amendment purposes, and accordingly the viewpoint-based blocking of our clients is unconstitutional." In some other news, Press Secretary Sean Spicer said today "@realDonaldTrump's tweets are official White House statements."
Printer

How a Few Yellow Dots Burned the Intercept's NSA Leaker (arstechnica.com) 308

On Monday, news outlet The Intercept released documents on election tampering from an NSA leaker. The documents revealed that a Russian intelligence operation sent spear-phishing emails to more than 100 local election officials days before the election, which ran through a hack of a U.S. voting software supplier. Hours later, the Department of Justice charged 25-year-old government contractor Reality Leigh Winner with sharing top secret material with the media. The DoJ said it Winner had "printed and improperly removed classified intelligence reporting, which contained classified national defense information" before mailing the materials. But how could the DoJ know that it was Winner who had printed the documents, or that the documents were printed at all? ArsTechnica explains: [...] The Intercept team inadvertently exposed its source because the copy showed fold marks that indicated it had been printed -- and it included encoded watermarking that revealed exactly when it had been printed and on what printer. The watermarks in the scanned document The Intercept published yesterday -- were from a Xerox Docucolor printer. Many printers use this or similar schemes, printing faint yellow dots in a grid pattern on printed documents as a form of steganography, encoding metadata about the document into its hard-copy output. Researchers working with the Electronic Frontier Foundation have reverse-engineered the grid pattern employed by this class of printer; using the tool, Ars (and others, including security researcher Robert Graham) determined that the document passed to The Intercept was printed on May 9, 2017 at 6:20am from a printer with the serial number 535218 or 29535218. Further reading: How The Intercept Outed Reality Winner.
Mozilla

Amazon, Mozilla, Kickstarter, and Reddit Are Staging a Net Neutrality Online Protest (washingtonpost.com) 70

An anonymous reader shares a report: Some of the Internet's biggest names are banding together for a "day of action" to oppose the Federal Communications Commission (alternative source), which is working to undo regulations for Internet providers that it passed during the Obama administration. Among the participants are Etsy, Kickstarter and Mozilla, the maker of the popular Firefox Web browser. Also joining the day of protest will be Reddit, the start-up incubator Y Combinator, and Amazon. On July 12, the companies and organizations are expected to change their websites to raise awareness of the FCC effort, which is aimed at deregulating the telecom and cable industries. Mozilla, for example, will change what users see on their screens when they open a new browser window. Other participants include Demand Progress, Etsy, Vimeo, Private Internet Access, Fight for the Future, EFF, DreamHost, Creative Commons, BitTorrent, American Library Association, ACLU, GreenPeace, Open Media, and Patreon. Find more details here.
Government

DOJ Charges Federal Contractor With Leaking Classified Info To Media (thehill.com) 241

schwit1 quotes a report from The Hill: The Department of Justice charged 25-year-old government contractor Reality Leigh Winner with sharing top secret material with a media outlet, prosecutors announced in a press release Monday. Court documents filed by the government don't specify which media outlet received the materials allegedly leaked by Winner, but NBC News reported that the material went to the Intercept online news outlet. The Intercept published a top secret NSA report Monday that alleged Russian military intelligence launched a 2016 cyberattack on a voting software company. Details on the report published by The Intercept suggest that it was created on May 5, 2017 -- the same day prosecutors say the materials Winner is charged with sharing were created. A Justice Department spokesman declined to comment on whether Winner is accused of sharing the report published by the Intercept. Last month, Winner allegedly "printed and improperly removed classified intelligence reporting, which contained classified national defense information" before mailing the materials to an unnamed online news outlet a few days later, according to prosecutors.
Media

Videotapes Are Becoming Unwatchable As Archivists Work To Save Them (npr.org) 125

Most videotapes were recorded in the 1980s and '90s, when video cameras first became widely available to Americans. Most of those VHS cassettes have become unwatchable, and others are quickly dying, too. Research suggests that tapes like this aren't going to live beyond 15 to 20 years. NPR has a story about a group of archivists and preservationists who are increasingly scrambling through racks of tape decks, oscilloscopes, vector scopes and wave-form monitors to ensure a quality transfer from analog to digital. From the article: Here's how magnetic tapes work: Sounds and images are magnetized onto strips of tape, using the same principle as when you rub a piece of metal with a magnet and it retains that magnetism. But when you take the magnet away, the piece of metal slowly loses its magnetism -- and in the same way, the tape slowly loses its magnetic properties. "Once that magnetic field that's been imprinted into that tape has kind of faded too much, you won't be able to recover it back off the tape after a long period of time," says Howard Lukk, director of standards at the Society of Motion Picture and Television Engineers. Lukk estimates there are billions of tapes sitting around. There are plenty of services out there to digitize tapes -- local stores, online services, even public libraries and universities. Some services are free; some cost a lot of money. The thing is, many people don't realize their tapes are degrading. And some who do know -- even members of the XFR Collective (the aforementioned group), like Mary Kidd -- haven't even gotten around to their own tapes. Digitizing also takes a lot of troubleshooting. Each transfer the Collective does requires them to play the entire tape through while they sit there and watch it.
Media

OpenELEC 8.0.4 Kodi-Focused Linux Distro Now Available (openelec.tv) 43

BrianFagioli writes: Unfortunately, Kodi is not its own operating system, meaning it has to be run on top of an OS. Sure, you could use Windows 10, but that is overkill if you only want to run Kodi. Instead, a lightweight Linux distribution that only serves to run the media center is preferable. One of the most popular such distros is OpenELEC. It can run on traditional PC hardware, but also Raspberry Pi, and, my favorite — WeTek boxes. Today, version 8.0.4 achieves stable release. It is a fairly ho-hum update, focusing mostly on fixes and stability.

The team shares the following changes in the release.

- fix crash in WeTek DVB driver on WeTek Play (1st gen).
- enable Kernel NEON mode for RPi2 builds.
- enable some more SOC sound drivers for RPi/RPi2 builds.
- enable Regulator support on all builds.
- enable Extcon support on all builds.
- fix loading for some I2C sound modules on RPI/RPi2 builds.
- fix loading splash screen on systems with Nvidia GPUs.
- fix speed problems on Nvidia ION systems.
- fix problems loading dvbhdhomerun addons.
- fix using user created sleep scripts.
- build PNG support with SSE support for x86_64 builds.
- update to linux-4.9.30, mesa-17.0.7, alsa-lib-1.1.4.1, alsa-utils-1.1.4, kodi-17,3, mariadb-10.1.23, samba-4.6.4.

Stats

New Threat To Traditional Sports Leagues: Millennials Prefer Watching eSports (venturebeat.com) 189

Professional sports leagues "officially have a millennial problem," writes VentureBeat, citing some interesting findings from L.E.K. Consulting.
  • 40% of millennials prefer watching esports to traditional sports
  • 26% of millennial eSports enthusiasts reported a significant uptick in eSports viewing over the past year
  • 61% of esports followers said they spent less time watching TV over the past 12 months, and 45% said they had cut back on traditional sports viewing
  • Together millennials -- ages 17-34 -- and Generation Z peers -- age 16 and under -- comprise 45% of America's consumer base

"At a certain point, this comes down to a new form of media better serving an upcoming generation of consumers," concludes VentureBeat. "Esports leagues are all online. Most matches stream for free on sites like Twitch. They are available on the web or through smartphone apps. Competitive gaming is easily accessible, and it lives where Millennials are already spending their time."

Maybe that's why Major League Baseball's video streaming company recently paid $300 million for the right to stream League of Legends through 2023.


United Kingdom

After London Attack, PM Calls For Internet Regulation To Fight Terrorists (cnn.com) 535

CNN reports that "At least seven people were killed in a short but violent assault that unfolded late Saturday night in the heart of the capital, the third such attack to hit Britain this year." An anonymous reader quotes their follow-up report: Prime Minister Theresa May has called for closer regulation of the internet following a deadly terror attack in London... May said on Sunday that a new approach to tackling extremism is required, including changes that would deny terrorists and extremist sympathizers digital tools used to communicate and plan attacks. "We cannot allow this ideology the safe space it needs to breed," May said. "Yet that is precisely what the internet and the big companies that provide internet-based services provide. We need to work with allied democratic governments to reach international agreements that regulate cyberspace to prevent the spread of extremist and terrorism planning."

Slashdot Top Deals