Communications

Grandma's Phone, DSL, and the Copper They Share (hackaday.com) 131

szczys writes: DSL is high-speed Internet that uses the same twisted pair of copper wire that still works with your Grandmother's wall-mounted telephone. How is that possible? The short answer is that the telephone company is cheating. But the long answer delves into the work of Claude Shannon, who figured out how much data could be reliably transferred using a given medium. His work, combined with that of Harry Nyquist and Ralph Hartley (pioneers of channel capacity and the role noise plays in these systems), brings the Internet Age to many homes on an infrastructure that has been in use for more than a hundred years.
Security

Push To Hack: Reverse Engineering an IP Camera (contextis.com) 35

New submitter tetraverse writes: For our most recent IoT adventure, we've examined an outdoor cloud security camera [the Motorola Focus 73] which like many devices of its generation a) has an associated mobile app b) is quick to setup and c) presents new security threats to your network. From the article: This blog describes in detail how we were able to exploit the camera without access to the local network, steal secrets including the home networkâ(TM)s Wi-Fi password, obtain full control of the PTZ (Pan-Tilt-Zoom) controls and redirect the video feed and movement alerts to our own server; effectively watching the watchers.
Businesses

Magic Leap Raises $794 Million To Accelerate Adoption of Secretive AR Tech (roadtovr.com) 49

An anonymous reader writes: A massive new $794 million Series C investment in secretive AR startup Magic Leap puts the company among the world's most valuable startups, now reportedly valued at $4.5 billion. The company has aggressively teased what they believe to be revolutionary augmented reality display technology, allowing a mixture of the real and virtual dimensions in a way previously not achieved. Although they've played coy to the public, offering little more than bold claims, investors like Alibaba, Google Ventures, and Qualcomm Ventures have bought into the company's vision to the tune of $1.39 billion in total raised by Magic Leap thus far. Also at Network World, which notes that their demo must be amazing.
Networking

Japanese Researchers Achieve Record 56Gbps Wireless Transmission 33

Mickeycaskill writes: Fujitsu and the Tokyo Institute of Technology have achieved a wireless transmission of 56Gbps over a 10cm distance using millimeter-wave (mmWave) frequencies located between 30-300GHz. While cellular capacity is improved in some areas through the addition of new mobile masts and small cells, the fibre networks used to link these sites to the wider network is either absent or not feasible to deploy in urban locations or on difficult terrain. This makes the wireless capacity of mobile masts even more important. To achieve the speed, researchers developed custom chips and interface technology to boost capacity of wireless signals without significant data loss.

It is claimed that by pairing the technology developed with a high-output amplifier, the same effect can be achieved outdoors and could be commercialised for mobile operators by 2020.
Security

Cisco Patches Authentication, Denial-of-Service, NTP Flaws In Many Products (csoonline.com) 33

itwbennett writes: Cisco Systems has released a new batch of security patches for flaws affecting a wide range of products, including for a critical vulnerability in its RV220W wireless network security firewalls. The RV220W vulnerability stems from insufficient input validation of HTTP requests sent to the firewall's Web-based management interface. This could allow remote unauthenticated attackers to send HTTP requests with SQL code in their headers that would bypass the authentication on the targeted devices and give attackers administrative privileges.
Communications

After More Than a Decade, MSN Chat Authentication Is Documented (goo.gl) 27

An anonymous reader writes: After MSN Chat closed in 2003, and then again in 2006, some guy has finally documented the authentication system used — over a decade later! Developer Joshua Davison writes by way of explanation: I think it's important to document the challenge we (users, scripters, hackers) faced connecting to MSN Chat, which is the only known 'proper' implementation of IRCX v8.1 at this time. MSN Chat introduced a GateKeeper SASL authentication protocol, which implemented 'GateKeeper' and 'GateKeeperPassport' (not dissimilar to the widely documented NTLM authentication protocol, which was also implemented as NTLM, and NTMLPassport) The GateKeeper Security Support Provider (GKSSP) functioned in two ways; allowing a user to login with a Microsoft Account (Previously known as Microsoft Passport, .NET Passport, Microsoft Passport Network, and Windows Live ID), and also allowed guest authentication for users without, or not willing to use a Microsoft Account. While most users didn't need or want to understand how the protocol worked, there were many of us who did, and many that just preferred to use MSN Chat outside of the browser.
United States

Air Force Firewall Now Designated a Weapons System (gazette.com) 137

An anonymous reader writes with a report from the Colorado Springs Gazette that the U.S. Air Force Space Command has declared its first cyber "weapons system" operational. The weapon, deemed fully operational this month, is basically a big firewall designed to protect the Air Force's internal 1 million-user network from hackers. It will be a hot topic at the Rocky Mountain Cyber Symposium, which is expected to draw hundreds of computer experts to The Broadmoor for a four-day confab starting Monday." More from the article about why a firewall would be called a weapon: The biggest reason for the weaponization push is financial: When it comes to budget battles, weapons, even those with a keyboard and a mouse, get cash from Congress. "Designating something as a weapons system really does help us justify our funding," Col. Pamela Wooley, who commands the Alabama-based 26th Cyberspace Operations Group, which includes the new weapon.
Bug

Sensitive Information Can Be Revealed From Tor Hidden Services On Apache (dailydot.com) 37

Patrick O'Neill writes: A common configuration mistake in Apache, the most popular Web server software in the world, can allow anyone to look behind the curtains on a hidden server to see everything from total traffic to active HTTP requests. When an hidden service reveals the HTTP requests, it's revealing every file—a Web page, picture, movie, .zip, anything at all—that's fetched by the server. Tor's developers were aware of the issue as early as last year but decided against sending out an advisory. The problem is common enough that even Tor's own developers have made the exact same mistake. Until October 2015, the machine that welcomed new users to the Tor network and checked if they were running up-to-date software allowed anyone to look at total traffic and watch all the requests.
Facebook

Facebook Expands Online Commerce Role, But Says "No Guns, Please" 187

The New York Times reports that Facebook's newly staked-out role as a site to facilitate local, person-to-person sales (ala Craigslist) has a new wrinkle: the site has announced a site-wide policy restricting firearms sales that applies to personal sales, though not to licensed dealers or gun clubs. According to the story, Although Facebook was not directly involved in gun sales, it has served as a forum for gun sales to be negotiated, without people having to undergo background checks. The social network, with 1.6 billion monthly visitors, had become one of the worldâ(TM)s largest marketplaces for guns and was increasingly evolving into an e-commerce site where it could facilitate transactions of goods. ... Facebook said it would rely on its vast network of users to report any violations of the new rules, and would remove any post that violated the policy. Beyond that, the company said it could ban users or severely limit the ways they post on Facebook, depending on the type and severity of past violations. If the company believed someoneâ(TM)s life was in danger, Facebook would work with law enforcement on the situation. The policy applies as well to private sales that occur using Facebook Messenger, though the company does not scan Messenger exchanges and must rely on user reports.
Open Source

GitHub Service Outage (github.com) 117

New submitter thebigjeff writes: Beginning at around 7:30pm EST on 1/27/2016, GitHub's core services have been offline. Most repositories and other functionality is inaccessible. The status page is calling it a "significant network disruption." More from The Register: GitHub falls offline, devs worldwide declare today a snow day.
Communications

The Telecommunications Ball Is Now In Cuba's Court 59

lpress writes: The FCC has dropped Cuba from its exclusion list (PDF), so there are now no restrictions on U.S. telecom company dealings with ETECSA, the Cuban government telecommunication monopoly, or any other Cuban organization. Last week the U.S. sent its second high-level telecommunication delegation to Cuba. The delegates were FCC Chairman Tom Wheeler and other government officials plus representatives of Cisco, Comcast, and Ericsson. Some of the news: there are at least 6 proposals for an undersea cable between Havana and Florida; Cisco has proposed a Network Academy at Cuba's leading computer science university (Chinese infrastructure dominates today); 4G mobile connectivity was discussed and Google was conspicuously absent. The time for Cuba to act is now — while President Obama is still in office.
HP

Exposed HP LaserJet Printers Offer Anonymous FTP To the Public (csoonline.com) 74

itwbennett writes: In a blog post on Monday, security researcher Chris Vickery outlined the risks associated with networked HP LaserJet printers, which have been made available to the public by the organizations hosting them. 'There are a few free, open source pieces of software that can be used to upload and interact with HP printer hard drives over port 9100. After uploading to a printer, the file can be accessed by ... any web browser... It doesn't take much creativity to realize that even highly illegal materials could be stored this way,' Vickery wrote. CSO's Steve Ragan picked up the thread: A quick search on Shodan to confirm Vickery's findings returned thousands of results.
United States

US Could Lower Carbon Emissions 78% With New National Transmission Network (smithsonianmag.com) 346

mdsolar writes with this story from Smithsonian magazine about how building a national transmission network could lead to a gigantic reduction in carbon emissions. From the story: "The United States could lower carbon emissions from electricity generation by as much as 78 percent without having to develop any new technologies or use costly batteries, a new study suggests. There's a catch, though. The country would have to build a new national transmission network so that states could share energy. 'Our idea was if we had a national 'interstate highway for electrons' we could move the power around as it was needed, and we could put the wind and solar plants in the very best places,' says study co-author Alexander MacDonald, who recently retired as director of NOAA's Earth System Research Laboratory in Boulder, Colorado."
The Internet

How a DIY Network Plans To Subvert Time Warner Cable's NYC Internet Monopoly (vice.com) 90

Jason Koebler writes: Toppling a telecom monopoly is the dream of many Americans, but the folks at NYC Mesh are actually doing something about it. On any given weekend, Brian Hall and his fellow organizers can be found around the city, installing directional Wi-Fi routers on rooftops. Anyone in the city who lives near another person on the network is welcome to join, and NYC Mesh volunteers will help you install a rooftop router. The network is still small, but it has partnered with two internet exchanges to install "super nodes" that have a range of several miles and are connected directly to the backbone of the internet.
Facebook

Facebook Building World's 'Most Advanced' Data Center In Irish Village (thestack.com) 60

An anonymous reader writes: Facebook has announced it is building a new data center in Clonee, Ireland, a small village close to Dublin. The facility, which CEO Mark Zuckerberg claims will be one of the "most advanced and energy efficient data centers in the world," will be the social network's second outside of the U.S., and its sixth globally. The new center will be located just a 30-minute drive from Facebook's international headquarters in the country's capital. It is expected to cost €200 million and employ around 2,000 people during the construction phase. The company hopes to open the facility in early 2018.
AI

Microsoft Releases Its Deep Learning Toolkit On GitHub (microsoft.com) 53

An anonymous reader writes: Microsoft is moving its machine learning Computational Network Toolkit (CNTK) from its own hosting site, CodePlex, to GitHub. They're also putting it under the MIT open source license. The move marks an effort to make it easier for developers to collaborate on building their own deep learning applications using the CNTK. Under the CodePlex license, access was restricted to academics only, and it was wholly targeted to that audience. Now that it's opening the project to everyone, Microsoft hopes to attract a greater number of developers, and a wider variety as well. This follows similar releases from Google and Baidu.
Privacy

DOJ and 4 States Want $24 Billion In Fines From Dish Network For Telemarketing (arstechnica.com) 117

walterbyrd writes: The DOJ as well as Ohio, Illinois, California, and North Carolina say that Dish disregarded federal laws on call etiquette. US lawyers are asking for $900 million in civil penalties, and the four states are asking for $23.5 billion in fines, according to the Denver Post. 'Laws against phoning people on do-not-call lists and using recorded messages allow penalties of up to $16,000 per violation,' the Post added.
Hardware Hacking

Sys-Admin Dispenses Passwords With a Banana (thenewstack.io) 89

An anonymous reader writes: A network administrator in Denmark is requiring users to perform a finger press on a banana to receive their Wi-Fi passwords. "The banana is mounted and in production," he posted Thursday, sharing two pictures. The banana uses a special new circuit board from Makey Makey to form a connection between the banana and a cheap Raspberry Pi computer with a screen attached, according to one technology site. They note that it could also detect finger presses on a doughnut, an apple, or even Jell-o, and offer this quote from the sys-admin about his motivations. "It's fun... It'll make people smile. It beats a static WPA password in funnyness." And most importantly, "When people leave our office, they can't access our WI-Fi because there's no banana to touch." This guy deserves some kind of award, come July 29th.
Power

At How Much Risk Is the US's Critical Infrastructure? (csoonline.com) 162

itwbennett writes: There is growing evidence that intrusions into the power grid and other critical infrastructure by hostile foreign nation states are real and happening. But there's "much less agreement over how much of a threat hackers are," writes Taylor Armerding. "On one side are those – some of them top government officials – who have warned that a cyber attack on the nation's critical infrastructure could be catastrophic,"writes Armerding. Others are crying FUD, including C. Thomas, a strategist at Tenable Network Security, who got some attention when he argued in an op-ed that the biggest threat to the U.S. power grid not a skilled hacker, but squirrels, are crying FUD. Who has it right? Agreement seems to coalesce around two points: 1) the cyber security of industrial control systems remains notoriously weak and 2) hostile hackers will improve their skills over time. So, while we haven't reached "catastrophe" yet, a properly motivated terrorist group could become a cyber threat.
Wireless Networking

Verizon Vows To Build the First 5G Network In the US (networkworld.com) 103

alphadogg writes: Verizon says it will have the first 5G network in the U.S., a promise it probably can't fulfill until 2020 but will start working at this year. Verizon Chief Financial Officer Fran Shammo made the pledge Thursday on the company's fourth-quarter financial results call. He also repeated the company's plans for so-called 5G trials this year.

Slashdot Top Deals