An anonymous reader shares a Recode report: Music industry sources say the carmaker has had talks with all of the major labels about licensing a proprietary music service that would come bundled with its cars, which already come equipped with a high-tech dashboard and internet connectivity. Label sources aren't clear about the full scope of Tesla's ambitions, but believe it is interested in offering multiple tiers of service, starting with a Pandora-like web radio offering. The bigger question: Why doesn't Tesla simply integrate existing services, like Spotify or Apple Music, into all of its cars from the start -- especially since Tesla already does a deal with Spotify for Teslas sold outside the U.S.? "We believe it's important to have an exceptional in-car experience so our customers can listen to the music they want from whatever source they choose," a Tesla spokesperson said. "Our goal is to simply achieve maximum happiness for our customers."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×
An anonymous reader quotes a report from The Verge: In 2014, Tumblr was on the front lines of the battle for net neutrality. The company stood alongside Amazon, Kickstarter, Etsy, Vimeo, Reddit, and Netflix during Battle for the Net's day of action. Tumblr CEO David Karp was also part of a group of New York tech CEOs that met with then-FCC chairman Tom Wheeler in Brooklyn that summer, while the FCC was fielding public comment on new Title II rules. President Obama invited Karp to the White House to discuss various issues around public education, and in February 2015 The Wall Street Journal reported that it was the influence of Karp and a small group of liberal tech CEOs that swayed Obama toward a philosophy of internet as public utility. But three years later, as the battle for net neutrality heats up once again, Tumblr has been uncharacteristically silent. The last mention of net neutrality on Tumblr's staff blog -- which frequently posts about political issues from civil rights to climate change to gun control to student loan debt -- was in June 2016. And Tumblr is not listed as a participating tech company for Battle for the Net's next day of action, coming up in three weeks. One reason for Karp and Tumblr's silence? Last week Verizon completed its acquisition of Tumblr parent company Yahoo, kicking off the subsequent merger of Yahoo and AOL to create a new company called Oath. As one of the world's largest ISPs, Verizon is notorious for challenging the principles of net neutrality -- it sued the FCC in an effort to overturn net neutrality rules in 2011, and its general counsel Kathy Grillo published a note this April complimenting new FCC chairman Ajit Pai's plan to weaken telecommunication regulations.
eBay announced today a new Price Match Guarantee for over 50,000 items across its site -- promising that it will have the best deal online, or it will match the lowest price of a competitor. While only select items are available for this offer, "the move is a significant effort on eBay's part to ensure that it doesn't lose customers to Amazon, Walmart and other online stores as the market consolidates behind the industry's major players," reports TechCrunch. From the report: In order to qualify, the item must be one of the new, unopened items sold daily through eBay Deals, for starters. Deals are eBay's selection of "trending" inventory across all its categories -- like consumer electronics, home & garden, and fashion. The deals are also generally offered at 20 percent to 90 percent off, and are sourced from over 900 of eBay's trusted sellers. These sellers include both smaller merchants looking to grow their customer base as well as major consumer brands. At any time, eBay says there are "tens of thousands" of items offered through the Deals site, with featured deals updating at least once per day, beginning at 8 AM PT.
An anonymous reader quotes a report from The Hacker News: The National Security Agency (NSA) -- the United States intelligence agency which is known for its secrecy and working in the dark -- has finally joined GitHub and launched an official GitHub page. GitHub is an online service designed for sharing code amongst programmers and open source community, and so far, the NSA is sharing 32 different projects as part of the NSA Technology Transfer Program (TTP), while some of these are "coming soon." "The NSA Technology Transfer Program (TTP) works with agency innovators who wish to use this collaborative model for transferring their technology to the commercial marketplace," the agency wrote on the program's page. "OSS invites the cooperative development of technology, encouraging broad use and adoption. The public benefits by adopting, enhancing, adapting, or commercializing the software. The government benefits from the open source community's enhancements to the technology." Many of the projects the agency listed are years old that have been available on the Internet for some time. For example, SELinux (Security-Enhanced Linux) has been part of the Linux kernel for years.
Futurepower(R) writes: What is the best way to isolate a network from the internet and prevent intrusion of malware, while allowing carefully examined data transfer from internet-facing computers? An example of complete network isolation could be that each user would have two computers with a KVM switch and a monitor and keyboard, or two monitors and two keyboards. An internet-facing computer could run a very secure version of Linux. Any data to be transferred to that user's computer on the network would perhaps go through several Raspberry Pi computers running Linux; the computers could each use a different method of checking for malware. Windows computers on the isolated network could be updated using Autopatcher, so that there would never be a direct connection with the internet. Why not use virtualization? Virtualization does not provide enough separation; there is the possibility of vulnerabilities. Do you have any ideas about improving the example above?
An anonymous reader quotes a report from Ars Technica: A proposed law in California would require Internet service providers to obtain customers' permission before they use, share, or sell the customers' Web browsing history. The California Broadband Internet Privacy Act, a bill introduced by Assembly member Ed Chau (D-Monterey Park) on Monday, is very similar to an Obama-era privacy rule that was scheduled to take effect across the US until President Trump and the Republican-controlled Congress eliminated it. If Chau's bill becomes law, ISPs in California would have to get subscribers' opt-in consent before using browsing history and other sensitive information in order to serve personalized advertisements. Consumers would have the right to revoke their consent at any time. The opt-in requirement in Chau's bill would apply to "Web browsing history, application usage history, content of communications, and origin and destination Internet Protocol (IP) addresses of all traffic." The requirement would also apply to geolocation data, IP addresses, financial and health information, information pertaining to minors, names and billing information, Social Security numbers, demographic information, and personal details such as physical addresses, e-mail addresses, and phone numbers.
Earlier this year, hackers obtained and leaked the episodes of TV show Orange Is the New Black. In a candid interview, Larson Studios' chief engineer David Dondorf explained how the audio post-production business allowed the hacker group to gain access to the Netflix original content. Dandorf says the company hired private data security experts to find how it was breached. The investigation found that the hacker group had been searching the internet for PCs running older versions of Windows and stumbled across an old computer at Larson Studios still running Windows 7. From the report: Larson's employees just didn't know all that much about it. Having a computer running an ancient version of Windows on the network was clearly a terrible lack of oversight, as was not properly separating internal servers from the internet. "A lot of what went on was ignorance," admitted Rick Larson. "We are a small company. Did we even know what the content security departments were at our clients? Absolutely not. I couldn't have told you who to call. I can now." It's a fascinating story about how the hacker group first made contact and tried to threaten Larson Studios' president and his wife, and how they responded. Worth a read.
New submitter evolutionary writes: According to F-Secure's Chief Research Officer "IoT is unavoidable. If it uses electricity, it will become a computer. If it uses electricity, it will be online. In future, you will only buy IoT appliances, whether you like it or not, whether you know it or not." F-Secure's new product to help mitigate data leakage, "Sense", is a IoT Firewall, combining a traditional firewall with a cloud service and uses concepts including behaviour-based blocking and device reputation to figure out whether you have insecure devices.
In the August 2017 issue of Consumer Reports magazine, the nonprofit organization ranked internet service providers based off customer satisfaction. According to the report, many consumers still don't like their broadband and television provider, and don't believe they receive a decent value for the high price they pay for service. DSLReports summarizes the findings: The report [...] names Chattanooga municipal broadband provider EPB as the most-liked ISP in the nation. EPB was followed by Google Fiber, Armstrong Cable, Consolidated Cable and RCN as the top-ranked ISPs in the nation. Google Fiber "was the clear winner for internet service," notes the report, "with the only high score for value." Google Fiber also received high marks for customer support and service. But large, incumbent ISPs continue to be aggressively disliked due to high prices and poor customer service, according to the report. Despite endless annual promises that customer service is the company's priority, Comcast ranked number 27 out of the 32 providers measured. The company's survey results were weighed down by low consumer marks for value, channel selection, technical support, customer service and free video on demand offerings. The least-liked ISPs in the nation, according to the report, are: Charter (Spectrum), Cable ONE, Atlantic broadband, Frontier Communications, and Mediacom. Not coincidentally, the two largest ISPs in that list just got done with massive mergers or acquisitions that resulted in higher prices and worse service than consumers saw previously. MyRatePlan has a breakdown of ISP providers and plans by ZIP code.
An anonymous reader quotes a report from VentureBeat: Mozilla today launched a new browser for Android. In addition to Firefox, the company now also offers Firefox Focus, a browser dedicated to user privacy that by default blocks many web trackers, including analytics, social, and advertising. You can download the new app now from Google Play. Because Google isn't as strict as Apple, Android users can set Firefox Focus as their default browser. There are many use cases for wanting to browse the web without being tracked, but Mozilla offers a common example: reading articles via apps "like Facebook." On iOS, Firefox Focus is basically just a web view with tracking protection. On Android, Firefox Focus is the same, with a few additional features (which are still "under consideration" for iOS):
- Ad tracker counter -- Lists the number of ads that are blocked per site while using the app.
- Disable tracker blocker -- For sites that are not loading correctly, you can disable the tracker blocker to fix the issues.
- Notification reminder -- When Firefox Focus is running in the background, a notification will remind you so you can easily tap to erase your browsing history.
Now you can search for jobs across virtually all of the major online job boards like LinkedIn, Monster, WayUp, DirectEmployers, CareerBuilders, Facebook and others -- directly from Google's search result pages. The company will also include job listings it finds on a company's homepage. TechCrunch reports: The idea here is to give job seekers an easy way to see which jobs are available without having to go to multiple sites only to find duplicate postings and lots of irrelevant jobs. With this new feature, which is now available in English on desktop and mobile, all you have to type in is a query like "jobs near me," "writing jobs" or something along those lines and the search result page will show you the new job search widget that lets you see a broad range of jobs. From there, you can further refine your query to only include full-time positions, for example. When you click through to get more information about a specific job, you also get to see Glassdoor and Indeed ratings for a company. You can also filter jobs by industry, location, when they were posted, and employer. Once you find a query that works, you can also turn on notifications so you get an immediate alert when a new job is posted that matches your personalized query.
Earlier this month, a developer accidentally discovered the private key of a Cisco subdomain. An anonymous reader shares the post: Last weekend, in an attempt to get Sky's NOW TV video player (for Mac) to work on my machine, I noticed that one of the Cisco executables contains a private key that is associated with the public key in a trusted certificate for a cisco.com sub domain. This certificate is used in a local WebSocket server, presumably to allow secure Sky/NOW TV origins to communicate with the video player on the users' local machines. I read the Baseline Requirements document (version 1.4.5, section 22.214.171.124), but I wasn't entirely sure whether this is considered a key compromise. I asked Hanno Bock on Twitter, and he advised me to post the matter to this mailing list. The executable containing the private key is named 'CiscoVideoGuardMonitor', and is shipped as part of the NOW TV video player. In case you are interested, the installer can be found here (SHA-256: 56feeef4c3d141562900f9f0339b120d4db07ae2777cc73a31e3b830022241e6). I would recommend to run this installer in a virtual machine, because it drops files all over the place, and installs a few launch items (agents/daemons). The executable 'CiscoVideoGuardMonitor' can be found at '$HOME/Library/Cisco/VideoGuardPlayer/VideoGuardMonitor/ VideoGuardMonitor.bundle/Contents/MacOS/CiscoVideoGuardMonitor'. Certificate details: Serial number: 66170CE2EC8B7D88B4E2EB732E738FE3A67CF672, DNS names: drmlocal.cisco.com, Issued by: HydrantID SSL ICA G2. The issuer HydrantID has since communicated with the certificate holder Cisco, and the certificate has been revoked.
An anonymous reader quotes a report from TechCrunch: Time Warner and Snap Inc. have announced a new deal that will bring increased ad spending and the development of new made-for-Snapchat shows. People familiar with the deal tell TechCrunch that it is valued at about $100 million spent over the next two years. The newly created shows will span a variety of genres, including scripted drama, daily news shows, documentaries and comedy. The shows will be similar to those already released by other networks on Snapchat, and run 3-5 minutes in a vertical format. Right now there is about one new show airing per day -- this deal will push that to about three news shows per day, varying between the different genres outlined above. Snap will take 50 percent of the ad revenue generated by these shows and the content partners will keep the other half, according to the WSJ.
Microsoft is kind enough to offer Surface Laptop users the option to upgrade to Windows 10 Pro for free until later this year if they don't like Windows 10 S, which is installed by default and is only able to run apps or games that are in the Windows Store. The company is taking that generosity one step further by letting users revert back to Windows 10 S if they installed Windows 10 Pro and aren't happy with the performance and battery life. The option to revert back to the default OS wasn't available until now. MSPoweruser reports: Microsoft recently released the official recovery image for the Surface Laptop which will technically let you go back to Windows 10 S on your device but you'll be required to remove all of your files which is a bit frustrating. The recovery image wasn't available a few days after the Surface Laptop started shipping, but it is now available and you can download it to effectively reset your Surface Laptop. The recovery image is 9GB, so make sure you have a good internet connection before downloading the file. It is quite interesting how Microsoft isn't letting users go back to Windows 10 S from Windows 10 Pro without having to completely reset their devices, as the company would want more users to use its new version of Windows 10 for many reasons. Maybe this is something Microsoft will be adding in the future, but for now, we'll just have to do with the recovery image. If you own a Surface Laptop, you can find the recovery image here.
An anonymous reader quotes a report from Ars Technica: Broadband industry lobby groups want to stop individual states from investigating the speed claims made by Internet service providers, and they are citing the Federal Communications Commission's net neutrality rules in their effort to hinder the state-level actions. The industry attempt to undercut state investigations comes a few months after New York Attorney General Eric Schneiderman filed a lawsuit against Charter and its Time Warner Cable (TWC) subsidiary that claims the ISP defrauded and misled New Yorkers by promising Internet speeds the company knew it could not deliver. NCTA-The Internet & Television Association and USTelecom, lobby groups for the cable and telecom industries, last month petitioned the Federal Communications Commission for a declaratory ruling that would help ISPs defend themselves against state-level investigations. The FCC should declare that advertisements of speeds "up to" a certain level of megabits per second are consistent with federal law as long as ISPs meet their disclosure obligations under the net neutrality rules, the groups said. There should be a national standard enforced by the FCC instead of a state-by-state "patchwork of inconsistent requirements," they argue. Another cable lobby group, the American Cable Association (ACA), asked the FCC to approve the petition in a filing on Friday. An FCC ruling in favor of the petition wouldn't completely prevent states from filing lawsuits, but such a ruling would make it far more difficult for the states to protect consumers from false speed claims.
Walt Hickey, writing for Five Thirty Eight: The toy craze that has swept the nation -- cheaply manufactured fidget spinners of dubious metallic constitution -- is probably on the way out, with the high-water mark of fidget obsession appearing to be about a month behind us and the interest in the glorified ball bearings plateauing or declining. [...] Even if there's a long tail on this trend, it's very likely that peak fidget spinner is behind us. The kind of content now doing well on YouTube is either fidget-adjacent stunt videos or videos that have taken a particularly weird turn. This doesn't mean the ball-bearing business is doomed, just maybe don't go long on the spinner industrial complex or quit your job to live off a fidget-related Kickstarter idea at this point.
Dropbox, the file storage company that last year moved 90 percent of its data out of Amazon Web Services cloud and into its own data centers, is at it again. From a report on Fortune: The San Francisco company is building its own international private network to make sure users abroad can access their files -- most of which reside in those aforementioned Dropbox U.S. data centers -- faster. "What people don't realize about the internet is that it is very 'bursty' and can hit bottlenecks," Akhil Gupta, vice president of engineering at Dropbox tells Fortune. That is why the company is ripping out third-party load balancers and replacing them with its own software running on standard Linux hardware. Insulating itself from the balky internet is also the reason Dropbox is contracting to use its own dedicated fiber cable to carry that traffic. "We want to make user experience as real time as possible since 70 percent of our users are outside the U.S. and most of the data lives in North America," says Dan Williams, Dropbox's head of production engineering. Dropbox still partners with Amazon for customers in some countries, like Germany, which require user data to stay in the country of origin.
Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server, reports say. From a ZDNet article: It's believed to be the largest ever known exposure of voter information to date. The various databases containing 198 million records on American voters from all political parties were found stored on an open Amazon S3 storage server owned by a Republican data analytics firm, Deep Root Analytics. UpGuard cyber risk analyst Chris Vickery, who found the exposed server, verified the data. Through his responsible disclosure, the server was secured late last week, and prior to publication. This leak shines a spotlight on the Republicans' multi-million dollar effort to better target potential voters by utilizing big data. The move largely a response to the successes of the Barack Obama campaign in 2008, thought to have been the first data-driven campaign. Further reading: Republican Data-Mining Firm Exposed Personal Information for Virtually Every American Voter - The Intercept; The RNC Files: Inside the Largest US Voter Data Leak - Upguard; Data on 198M voters exposed by GOP contractor Data On 198M Voters Exposed By GOP Contractor - The Hill.
Long-time Slashdot reader rudy_wayne writes: J.C. Penney CEO Marvin Ellison recently said that e-commerce companies' biggest challenge is that they are all expanding their businesses and pushing for faster delivery, but UPS, Fedex and especially the United States Postal Service aren't able to keep up, at least not at same cost that exists today, because they're not increasing their delivery capacity at the same rate e-commerce is growing, He said this will cause a supply and demand issue "that's going to be apparent here pretty soon."
Slashdot reader simkel shared an article from the Courier-Journal: A group affiliated with the Koch brothers' powerful political network is leading an online campaign against Mayor Greg Fischer's $5.4 million proposal to expand Louisville's ultra-fast internet access... Critics argue that building roughly 96 miles of fiber optic cabling is an unnecessary taxpayer giveaway to internet service providers, such as Google Fiber, which recently announced plans to begin building its high-speed network in the city. "Fundamentally, we don't believe that taxpayers should be funding broadband or internet systems," said David Williams, president of the taxpayers alliance, which is part of industrialists Charles and David Koch's political donor network... The group says $5.4 million is a misuse of taxpayer funds when the city has other needs, such as infrastructure and public safety.
To shore up public support, the mayor has begun arguing that high-speed connectivity would make it cheaper to install crime-monitoring cameras in violent neighborhoods.
To shore up public support, the mayor has begun arguing that high-speed connectivity would make it cheaper to install crime-monitoring cameras in violent neighborhoods.