internet – Page 3 – Tech Today w/ Ken May

Gizmodo: Don’t Buy Anyone an Amazon Echo Speaker

Adam Clark Estes, writing for Gizmodo: Three years ago, we said the Echo was “the most innovative device Amazon’s made in years.” That’s still true. But you shouldn’t buy one. You shouldn’t buy one for your family. Your family members do not need an Amazon Echo or a Google Home or an AppleHomePod or whatever that one smart speaker that uses Cortana is called. And you don’t either. You only want one because every single gadget-slinger on the planet is marketing them to you as an all-new, life-changing device that could turn your kitchen into a futuristic voice-controlled paradise. You probably think that having an always-on microphone in your home is fine, and furthermore, tech companies only record and store snippets of your most intimate conversations. No big deal, you tell yourself. Actually, it is a big deal. The newfound privacy conundrum presented by installing a device that can literally listen to everything you’re saying represents a chilling new development in the age of internet-connected things. By buying a smart speaker, you’re effectively paying money to let a huge tech company surveil you. And I don’t mean to sound overly cynical about this, either. Amazon, Google, Apple, and others say that their devices aren’t spying on unsuspecting families. The only problem is that these gadgets are both hackable and prone to bugs. Read more of this story at Slashdot.

Visit site:
Gizmodo: Don’t Buy Anyone an Amazon Echo Speaker

Researchers Identify 44 Trackers in More Than 300 Android Apps

Catalin Cimpanu, reporting for BleepingComputer: A collaborative effort between the Yale Privacy Lab and Exodus Privacy has shed light on dozens of invasive trackers that are embedded within Android apps and record user activity, sometimes without user consent. The results of this study come to show that the practice of collecting user data via third-party tracking code has become rampant among Android app developers and is now on par with what’s happening on most of today’s popular websites. The two investigative teams found tracking scripts not only in lesser known Android applications, where one might expect app developers to use such practices to monetize their small userbases, but also inside highly popular apps — such as Uber, Twitter, Tinder, Soundcloud, or Spotify. The Yale and Exodus investigation resulted in the creation of a dedicated website that now lists all apps using tracking code and a list of trackers, used by these apps. In total, researchers said they identified 44 trackers embedded in over 300 Android apps. Read more of this story at Slashdot.

See more here:
Researchers Identify 44 Trackers in More Than 300 Android Apps

Over 400 of the World’s Most Popular Websites Record Your Every Keystroke

An anonymous reader quotes a report from Motherboard: The idea of websites tracking users isn’t new, but research from Princeton University released last week indicates that online tracking is far more invasive than most users understand. In the first installment of a series titled “No Boundaries, ” three researchers from Princeton’s Center for Information Technology Policy (CITP) explain how third-party scripts that run on many of the world’s most popular websites track your every keystroke and then send that information to a third-party server. Some highly-trafficked sites run software that records every time you click and every word you type. If you go to a website, begin to fill out a form, and then abandon it, every letter you entered in is still recorded, according to the researchers’ findings. If you accidentally paste something into a form that was copied to your clipboard, it’s also recorded. These scripts, or bits of code that websites run, are called “session replay” scripts. Session replay scripts are used by companies to gain insight into how their customers are using their sites and to identify confusing webpages. But the scripts don’t just aggregate general statistics, they record and are capable of playing back individual browsing sessions. The scripts don’t run on every page, but are often placed on pages where users input sensitive information, like passwords and medical conditions. Most troubling is that the information session replay scripts collect can’t “reasonably be expected to be kept anonymous, ” according to the researchers. Read more of this story at Slashdot.

Bitcoin Gold, the Latest Bitcoin Fork, Explained

Timothy B. Lee via Ars Technica explains Bitcoin Gold: A new cryptocurrency called Bitcoin Gold is now live on the Internet. It aims to correct what its backers see as a serious flaw in the design of the original Bitcoin. There are hundreds of cryptocurrencies on the Internet, and many of them are derived from Bitcoin in one way or another. But Bitcoin Gold — like Bitcoin Cash, another Bitcoin spinoff that was created in August — is different in two important ways. Bitcoin Gold is branding itself as a version of Bitcoin rather than merely new platforms derived from Bitcoin’s source code. It has also chosen to retain Bitcoin’s transaction history, which means that, if you owned bitcoins before the fork, you now own an equal amount of “gold” bitcoins. While Bitcoin Cash was designed to resolve Bitcoin’s capacity crunch with larger blocks, Bitcoin Gold aims to tackle another of Bitcoin’s perceived flaws: the increasing centralization of the mining industry that verifies and secures Bitcoin transactions. The original vision for Bitcoin was that anyone would be able to participate in Bitcoin mining with their personal PCs, earning a bit of extra cash as they helped to support the network. But as Bitcoin became more valuable, people discovered that Bitcoin mining could be done much more efficiently with custom-built application-specific integrated circuits (ASICs). As a result, Bitcoin mining became a specialized and highly concentrated industry. The leading companies in this new industry wield a disproportionate amount of power over the Bitcoin network. Bitcoin Gold aims to dethrone these mining companies by introducing an alternative mining algorithm that’s much less susceptible to ASIC-based optimization. In theory, that will allow ordinary Bitcoin Gold users to earn extra cash with their spare computing cycles, just as people could do in the early days of Bitcoin. Read more of this story at Slashdot.

Visit site:
Bitcoin Gold, the Latest Bitcoin Fork, Explained

Text Adventure Competition Reports A 36% Spike In Entries

There’s just four days left to vote for the winner of the 23rd Annual Interactive Fiction Competition. An anonymous reader writes: This year’s contest set a record, drawing 79 new text adventures — 36% more entries than the previous year’s 58. All of this year’s games are available online, furthering the competition’s goal of “making them freely available in order to encourage the creation, play, and discussion of interactive fiction.” (And they’re also available in a 236-megabyte .zip archive.) Each game’s developer is competing for $4, 800 in cash prizes, to be shared among everyone who finishes in the top two-thirds (including a $247 prize to the first-place winner). Authors of the top-rated games will also get to choose from a 38-prize pool (which includes another $200 cash prize donated by Asymmetric Publications, as well as a “well-loved” used Wii console). But the most important thing is there’s a bunch of fun new text adventures to play. Reviews are already appearing online, lovingly collected by the Interactive Fiction Wiki. And one game designer even livestreamed their text adventure-playing on Twitch. Read more of this story at Slashdot.

View the original here:
Text Adventure Competition Reports A 36% Spike In Entries

Intel to build discrete GPUs, hires AMD’s top graphics guy to do it

(credit: Intel) One might have thought that with Monday’s announcement that Intel is going to produce processors with embedded AMD GPUs that the two processor companies were on good terms. That’s looking a little less likely now. On Tuesday, AMD announced that Raja Koduri, its chief GPU architect, was to leave the company. Where was he going? That question was resolved on Wednesday : Intel. And what’s he going to do at Intel? He’s going to be the senior vice president of a new group—Core and Visual Computing—that will expand Intel’s graphics reach both into the low-end, with integrated graphics reaching into the Internet-of-Things space, and more excitingly, at the high end, with discrete GPUs. Koduri led AMD’s Radeon Technologies Group, responsible for both AMD’s discrete and integrated GPUs. Before that, he was director of graphics technology at Apple. Intel has dabbled with discrete GPUs before; its 740 GPU, released in 1998, was a standalone part using the then new AGP port. A second attempt to build a standalone GPU was the Larrabee project , but that never shipped as a GPU. In 2009 Larrabee was repositioned with Intel deciding to make it a massively multicore accelerator—the predecessor to the current Xeon Phi chips—rather than a graphics processor. Read 6 remaining paragraphs | Comments

See the original article here:
Intel to build discrete GPUs, hires AMD’s top graphics guy to do it

Comcast’s nationwide outage was caused by a configuration error

Yesterday, folks across the country reported that Comcast internet was down — an unusually large outage that lasted around 90 minutes. It turns out that the problem was caused by Level 3, an enterprise ISP that provides the backbone for other internet providers like Verizon, Comcast and RCN. “Our network experienced a service disruption affecting some of our customers, ” the firm said in a statement. “The disruption was caused by a configuration error.” The outage shows yet again just how vulnerable the internet is in the US. Last year around this time, a DDoS attack shut down Spotify, Twitter, the New York Times and other sites, prompting some soul-searching from ISPs and internet security experts. This time it was a case of simple human error, but the results were similar: The internet, which many individuals and businesses now depend on for their livelihoods, went down. Level 3 internet backbone currently has disruptions affecting U.S. RCN immediately rerouted to alternate backbone. RCN service normal. — RCN (@RCNconnects) November 6, 2017 The problem, according to an expert contact by Wired , was a “route leak.” ISPs use something called the Border Gateway Protocol to find networks they can route data packets through. To figure out which routes are the most efficient, so-called Autonomous Systems (ASes) track data packets that are moving through various networks. A route leak is caused when these ASes relay bad information about their IP addresses. That can cause internet providers to make bad or inefficient routing decisions, causing packets to be delayed or stopped altogether. A good example of this is an error Level 3 made back in 2015 . In that case, a telecom in Malaysia accidentally told Level 3 that it could relay internet data from anywhere around the world. Level 3 accepted the routes, even thought it shouldn’t have, causing worldwide data to be shunted through the Malaysian telecom, which had no way of handling all the traffic. Something similar could have happened yesterday if Level 3 was, say, tweaking its routing settings and made a mistake. ISPs use filters to guard against such errors, but the scale of the internet makes it difficult to catch them all. After last year’s large DDoS attack, security experts pointed out that internet infrastructure providers like Dyn and Level 3 are particularly vulnerable to attacks. Yesterday’s outage shows how vulnerable they are to human error, too. Via: Wired Source: Comcast

View the original here:
Comcast’s nationwide outage was caused by a configuration error

Australia’s national broadband network under relentless attack—by cockatoos

Enlarge / I’m in ur tower, nommin ur Internets (credit: Tim Graham/Getty Images) Australia’s National Broadband Network (NBN) , the effort to bring high-speed Internet to the masses down under, has encountered many speed bumps. The plan to bring fiber-optic broadband Internet to every Australian has been pared back in its ambitions, with a shift to a fiber backbone between “nodes” and distribution over copper wire or cable networks to the majority of users. That cost-saving move, which puts ISPs and cable providers in charge of managing customers’ access, has caused some consternation . But now the operators of the NBN have discovered another problem that affects the cost of delivering the backbone. And it’s for the birds. The BBC reports that NBN technicians have discovered cockatoos have been damaging the ends of spare fiber cables left in place on communications towers for future network expansion by chomping on them, wearing through the steel braiding that protects the fiber. Active cables haven’t been affected, so there has been no loss of service (as of yet) due to cockatoo attacks; the ends of cables carrying active traffic are protected by a plastic cages. But cables left with their ends exposed have become a favorite of the birds, who use them to help wear down their ever-growing beaks. And the cables cost AUS$10,000 (about US$7,700) to replace. NBN’s Chedryian Bresland told the BBC, “That’s Australia for you. If the spiders and snakes don’t get you, the cockies will.” Read 1 remaining paragraphs | Comments

Read this article:
Australia’s national broadband network under relentless attack—by cockatoos

Android Oreo Bug Sends Thousands of Phones Into Infinite Boot Loops

An anonymous reader writes: A bug in the new “Adaptive Icons” feature introduced in Android Oreo has sent thousands of phones into infinite boot loops, forcing some users to reset their devices to factory settings, causing users to lose data along the way. The bug was discovered by Jcbsera, the developer of the Swipe for Facebook Android app (energy-efficient Facebook wrapper app), and does not affect Android Oreo (8.0) in its default state. The bug occurs only with apps that use adaptive icons — a new feature introduced in Android Oreo that allows icons to change shape and size based on the device they’re viewed on, or the type of launcher the user is using on his Android device. For example, adaptive icons will appear in square, rounded, or circle containers depending on the theme or launcher the user is using. The style of adaptive icons is defined a local XML file. The bug first manifested itself when the developer of the Swipe for Facebook Android app accidentally renamed the foreground image of his adaptive icon with the same name as this XML file (ic_launcher_main.png and ic_launcher_main.xml). This naming scheme sends Android Oreo in an infinite loop that regularly crashes the device. At one point, Android detects something is wrong and prompts the user to reset the device to factory settings. Users don’t have to open an app, and the crashes still happen just by having an app with malformed adaptive icons artifacts on your phone. Google said it will fix the issue in Android Oreo 8.1. Read more of this story at Slashdot.

Original post:
Android Oreo Bug Sends Thousands of Phones Into Infinite Boot Loops

New VibWrite System Uses Finger Vibrations To Authenticate Users

An anonymous reader quotes a report from Bleeping Computer: Rutgers engineers have created a new authentication system called VibWrite. The system relies on placing an inexpensive vibration motor and receiver on a solid surface, such as wood, metal, plastic, glass, etc.. The motor sends vibrations to the receiver. When the user touches the surface with one of his fingers, the vibration waves are modified to create a unique signature per user and per finger. Rutgers researchers say that VibWrite is more secure when users are asked to draw a pattern or enter a code on a PIN pad drawn on the solid surface. This also generates a unique fingerprint, but far more complex than just touching the surface with one finger. During two tests, VibWrite verified users with a 95% accuracy and a 3% false positive rate. The only problem researchers encountered in the live trials was that some users had to draw the pattern or enter the PIN number several times before they passed the VibWrite authentication test. Besides improvements to the accuracy with which VibWrite can detect finger vibrations, researchers also plan to look into how VibWrite will behave in outdoor environments to account for varying temperatures, humidity, winds, wetness, dust, dirt, and other conditions. This new novel user authentication system is described in full in a research paper entitled “VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration.” Read more of this story at Slashdot.

View post:
New VibWrite System Uses Finger Vibrations To Authenticate Users