Wireless Networking

Ask Slashdot: How Can You Avoid Routers With Locked Firmware? 75

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?

The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?
United States

US Agency Revokes All State Discounts For Kaspersky Products (thebaltimorepost.com) 52

The U.S. General Services Administration has removed Kapersky Lab from its list of approved vendors for federal systems, which also eliminates the discounts it previously offered to state governments. Long-time Slashdot reader Rick Zeman writes: "The agency's statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it," reports the Washington Post. Kaspersky, of course, denies this, offering their source code up for U.S. Government review... "Three current and former defense contractors told The Post that they knew of no specific warnings circulated about Kaspersky in recent years, but it has become an unwritten rule at the Pentagon not to include Kaspersky as a potential vendor on new projects."
"The lack of information from the GSA underscores a disconnect between local officials and the federal government about cybersecurity," the Post reports, adding that "the GSA's move on July 11 has left state and local governments to speculate about the risks of sticking with the company or abandoning taxpayer-funded contracts, sometimes at great cost."

The Post also quotes a cybersecurity expert at a prominent think tank -- the Center for Strategic and International Studies -- who believes that "it's difficult, if not impossible" for a company like Kaspersky to be headquartered in Moscow "if you don't cooperate with the government and the intelligence services."
Businesses

Amazon Report Predicts Pet Translation Devices By 2027 (cbslocal.com) 89

An anonymous reader writes: Devices that can talk to our pet dogs and cats could be less than 10 years away, according to a report Amazon commissioned that was co-authored by futurist William Higham. "Innovative products that succeed are based around genuine and major consumer needs," Higham wrote, noting the tremendous amounts already spent on our pets, and concluding, "Somebody is going to put this together." Amazon already sells one dubious device that converts human voices into meows using samples from 25 cats, according to the Guardian. (One reviewer who tested the device wrote that "the cat seems puzzled.") But Amazon's report also cites the work of Con Slobodchikoff, a professor emeritus in Northern Arizona University's biology department, who spent 30 years studying the behavior of prairie dogs. Slobodchikoff discovered prairie dogs have different words for colors and for species of predators, and is now already raising money to develop a translation device for pets.
Although Slobodchikoff concedes that "With cats I'm not sure what they'd have to say. A lot of times it might just be 'you idiot, just feed me and leave me alone.'"
EU

Company Gets 45,000 Bad Facebook Reviews After Teenaged Hacker's Unjust Arrest (bleepingcomputer.com) 169

An anonymous reader quotes BleepingComputer: Over 45,000 users have left one-star reviews on a company's Facebook page after the business reported a security researcher to police and had him arrested in the middle of the night instead of fixing a reported bug. The arrest took place this week in Hungary after an 18-year-old found a flaw in the online ticket-selling system of Budapesti Közlekedési Központ, Budapest's public transportation authority. The young man discovered that he could access BKK's website, press F12 to enter the browser's developer tools mode, and modify the page's source code to alter a ticket's price. Because there was no client or server-side validation put in place, the BKK system accepted the operation and issued a ticket at a smaller price...

The teenager -- who didn't want his name revealed -- reported the issue to BKK, but the organization chose to contact the police and file a complaint, accusing the young man of hacking their systems... BKK management made a fatal mistake when they brazenly boasted in a press conference about catching the hacker and declaring their systems "secure." Since then, other security flaws in BKK's system have surfaced on Twitter. As details of the case emerged, public outrage grew against BKK and its manager Kálmán Dabóczi, especially after it was revealed that BKK was paying around $1 million per year for maintenance of its IT systems, hacked in such a ludicrously simple manner.

NASA

How NASA Glimpsed The Mysterious Object 'New Horizons' Will Reach In 2019 (popsci.com) 37

necro81 writes: After its successful flyby of Pluto in July 2015, the New Horizons probe received a mission extension to fly past a Kuiper Belt object -- named 2014 MU69 -- in January 2019. However, we know few details about the object -- its size, shape, albedo, whether it has any companions -- which are crucial for planning the flyby. Based on observations from Hubble, the New Horizons team knew that the object would pass in front of a star -- an occultation -- on July 17th, which could provide some of this data. But the occultation would last for less than a second, would only be visible in Patagonia, and the star itself is quite dim.

NASA set up 24 telescopes near one community to capture the event, and received lots of cooperation from locals: turning off streetlights, shutting down a nearby highway, and setting up trucks as windbreaks. At least five of those telescopes captured the occultation. This was the latest in a series of observations ahead of the flyby.

"We had to go up to farmers' doors and say 'Hi, we're here from NASA, we're wondering if we can set up telescopes in your back pasture?'" one astronomer told Popular Science. "More often than not people were like 'that sounds awesome, sure, we'll help out!'"
Iphone

Apple Sued By State Farm Over Alleged iPhone Fire (cnet.com) 97

An anonymous reader quotes CNET: Insurer State Farm and one of its customers, Wisconsin resident Xai Thao, allege that one of Apple's older iPhones had a defective battery that led to a fire last year. A lawsuit filed on Thursday by both State Farm and Thao claims that her iPhone 4S "failed" and "started a fire at Thao's home." The lawsuit further claims that "preliminary investigations show evidence of a significant and localized heating event in the battery area of the iPhone." It also declares that there were "remnants of internal shorting, indicating that an internal failure of the iPhone's battery caused the fire"... The State Farm lawsuit says that Thao's iPhone was "in a defective and unreasonably dangerous condition" when she bought it in 2014. The suit is claiming in excess of $75,000 in damages.
Debian

Debian 'Stretch' Updated With 9.1 Release (debian.org) 30

An anonymous reader quotes Debian.org: The Debian project is pleased to announce the first update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems... Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media... Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.
United Kingdom

UK To Require Drone Registration And Safety Exams (bloomberg.com) 76

An anonymous reader quotes Bloomberg: Drones will have to be registered and their users required to pass safety tests under new rules to be announced by the U.K.'s Department for Transport... Registration will be mandated for owners of drones 250 grams (8.8 ounces) or larger after research found that drones as small as 400 grams (14 ounces) could damage the windscreens of helicopters. Other security measures like "geo-fencing" -- GPS-based technology programmed into drones to prevent them from flying into sensitive areas such as prisons and airports -- are also under consideration, according to a statement from the department.
The BBC points out that "There is no time frame or firm plans as to how the new rules will be enforced and the Department of Transport admitted that 'the nuts and bolts still have to be ironed out.'"

"The UK government says 22 incidents involving commercial airliners and drones were investigated between January and April of this year," adds TechRadar, "with police unable to trace the owners of the drones -- one of the reasons for the new legislation."
Star Wars Prequels

Predatory Journals Hit By "Star Wars" Sting (discovermagazine.com) 95

intellitech quotes an article from Discover's Neuroskeptic blog: A number of so-called scientific journals have accepted a Star Wars-themed spoof paper...an absurd mess of factual errors, plagiarism and movie quotes. I know because I wrote it... I created a spoof manuscript about "midi-chlorians" -- the fictional entities which live inside cells and give Jedi their powers in Star Wars...and submitted it to nine journals under the names of Dr. Lucas McGeorge and Dr. Annette Kin... The American Journal of Medical and Biological Research accepted the paper, but asked for a $360 fee, which I didn't pay. Amazingly, three other journals not only accepted but actually published the spoof.
At one point the paper simply transcribes dialogue from Star Wars: Episode III - Revenge of the Sith. ("Did you ever hear of the tragedy of Darth Plagueis the Wise? I thought not. It is not a story the Jedi would tell you....") And the author also cut-and-pasted big chunks of the Wikipedia page for mitochondrion (after globally replacing mitochondr* with midichlor*), then admitted in the paper's "Methodology" section that "The majority of the text in the current paper was Rogeted from Wikipedia" -- with a direct link back to that Wikipedia page. One sentence even mentions "JARJAR syndrome."

Three more journals did reject the paper -- but at least one more unquestioningly asked the author to revise and resubmit it. The author calls it "a reminder that at some 'peer reviewed' journals, there really is no meaningful peer review at all" -- adding that one journal has even invited Dr. Lucas McGeorge to join their editorial board.
Businesses

Disastrous 'Pokemon Go' Event Leads To Mass Refunds (techcrunch.com) 153

thegarbz writes: A Pokemon Go Fest hosted in Chicago and attended by between 15-20,000 people has ended in disaster. The event was plagued by logistical issues resulting in 3+ hour long delays getting into Chicago's Grant Park... Those people who were lucky enough to get into the paid event were greeted with a completely overloaded cell network unable to cope with the number of people trying to get online at the same time. The occasional person who was able to connect experienced a never ending string of game-breaking bugs when attempting to catch the rare Pokemon created specifically for this event.
Gaming company Niantic finally just gave a rare Pokemon Go character to everyone who attended -- though one attendee still called it a "horrible, terrible day." The Kansas City Star reported some people had paid as much as $400 for their tickets -- which had sold out within minutes -- and that some attendees had even started lining up for the event at 6 a.m.
Education

College Students Are Flocking To Computer Science Majors (ieeeusa.org) 251

Slashdot reader dcblogs writes: Enrollments in Computer Science are on a hockey stick trajectory and show no signs of slowing down. Stanford University declared computer science enrollments, for instance, went from 87 in the 2007-08 academic year to 353 in the recently completed year. It's similar at other schools. Boston University, for instance, had 110 declared undergraduate computer science majors in 2009. This fall it will have more than 550. Professor Mehran Sahami, who is the associate chair for education in the CS department at Stanford, believes the enrollment trend will continue. "As the numbers bear out, the interest in computer science has grown tremendously and shows no signs of crashing." But after the 2000 dot-com bust computer science enrollments fell dramatically and students soured on the degree. Could something like it happen again?
Mark Crovella, the chair of Boston University's CS department, notes that "the overall interest in computer science at B.U. is currently at about twice the level it was at the peak of the dot.com year." But the article points out that salaries for new grads are still rising, "which suggests that demand is real." And Jay Ritter, a professor of finance at the University of Florida's Warrington College of Business Administration, adds "I'm more worried about the job outlook for people without these skills."
Science

Quantum Particles In Motion Can Still Travel Backwards (phys.org) 55

Quantum particles have a unique ability to travel in the opposite direction from their momentum. Or, as slew (Slashdot reader #2,918) puts it, "When pushed, quantum particles can fight back." slew writes: Who knew quantum particles were passive aggressive? It's subtle, but researchers "have shown that 'backflow' can always occur, even if a force is acting on the quantum particle while it travels. The backflow effect is the result of wave-particle duality and the probabilistic nature of quantum mechanics..."

Dr Daniela Cadamuro, Researcher at the Technical University of Munich, said "The backflow effect in quantum mechanics has been known for quite a while, but it has always been discussed in regards to 'free' quantum particles, i.e., no external forces are acting on the particle."

The Military

The US Army Wants Distributed Bot Swarms And An 'Internet of Battlefield Things' (defenseone.com) 77

turkeydance shares a new report about the U.S. Army Research Lab: In the coming months, the Lab will fund new programs related to highly (but not fully) autonomous drones and robots that can withstand adversary electronic warfare operations... A second program called the Internet of Battlefield Things seeks to put to military use "the research that's going on in the commercial space" on distributed sensors and Internet-connected devices... One thrust will be equipping drones and other autonomous systems with bigger brains and better networking so that they can function even when an enemy jams their ability to radio back to a human controller for direction... "When you don't have bandwidth, when you're under cyber attack, when you're being jammed. That's the problem we're trying to address."
The lab's director also says they want "as much processing as possible on the node" so it can continue functioning in "contested environments."
Music

SoundCloud Halts Volunteer Archiving Project (vice.com) 48

Slashdot reader nielo tipped us off to more SoundCloud news. Motherboard reports: Last week, a group of volunteer digital preservationists known as The Archive Team announced they would be attempting to independently archive a 123.6 million track, 900-terabyte swath of SoundCloud, the popular streaming music and audio service that recently announced mass layoffs and office closures, sparking fears of an imminent closure. But just as the volunteer archive of SoundCloud was due to be getting started, it's been abruptly called off at the behest of the company... I reached out to SoundCloud for more information, and a spokesperson responded with the following written statement: "SoundCloud is dedicated to protecting the rights and content of the creators who share their work on SoundCloud. We requested the Archive Team halt their efforts as any action to take content from SoundCloud violates our Terms of Use and infringes on our users' rights... SoundCloud is not going away -- not in 50 days, not in 80 days or anytime in the foreseeable future..." But that hasn't stopped some individuals on Reddit's r/datahoarder subreddit from attempting to gather their own personal archives of as much of SoundCloud as they want and can afford to host.
Microsoft

Microsoft Launches A Counterattack Against Russia's 'Fancy Bear' Hackers (thedailybeast.com) 88

Kevin Poulsen writes on the Daily Beast: It turns out Microsoft has something even more formidable than Moscow's malware: Lawyers. Last year attorneys for the software maker quietly sued the hacker group known as Fancy Bear in a federal court outside Washington DC, accusing it of computer intrusion, cybersquatting, and infringing on Microsoft's trademarks... Since August, Microsoft has used the lawsuit to wrest control of 70 different command-and-control points from Fancy Bear... Rather than getting physical custody of the servers, which Fancy Bear rents from data centers around the world, Microsoft has been taking over the Internet domain names that route to them. These are addresses like "livemicrosoft[.]net" or "rsshotmail[.]com" that Fancy Bear registers under aliases for about $10 each. Once under Microsoft's control, the domains get redirected from Russia's servers to the company's, cutting off the hackers from their victims, and giving Microsoft a omniscient view of that servers' network of automated spies. "In other words," Microsoft outside counsel Sten Jenson explained in a court filing last year, "any time an infected computer attempts to contact a command-and-control server through one of the domains, it will instead be connected to a Microsoft-controlled, secure server."

Slashdot Top Deals