Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Government

FBI Says Foreign Hackers Breached State Election Systems (theguardian.com) 147

The FBI has uncovered evidence that foreign hackers breached two state election databases in recent weeks, and it has warned election officials across the country to some measures to step up the security of their computer systems. The Guardian reports: The FBI warning did not identify the two states targeted by cyber intruders, but Yahoo News said sources familiar with the document said it referred to Arizona and Illinois, whose voter registration systems were penetrated. Citing a state election board official, Yahoo News said the Illinois voter registration system was shut down for 10 days in late July after hackers downloaded personal data on up to 200,000 voters. The Arizona attack was more limited and involved introducing malicious software into the voter registration system, Yahoo News quoted a state official as saying. No data was removed in that attack, the official said. US intelligence officials have become increasingly worried that hackers sponsored by Russia or other countries may attempt to disrupt the November presidential election.
Medicine

The Big Short: Security Flaws Fuel Bet Against St. Jude (securityledger.com) 79

chicksdaddy writes: "Call it The Big Short -- or maybe just the medical device industry's 'Shot Heard Round The World': a report from Muddy Waters Research recommends that its readers bet against (or 'short') St. Jude Medical after learning of serious security vulnerabilities in a range of the company's implantable cardiac devices," The Security Ledger reports. "The Muddy Waters report on St. Jude's set off a steep sell off in St. Jude Medical's stock, which finished the day down 5%, helping to push down medical stocks overall. The report cites the 'strong possibility that close to half of STJ's revenue is about to disappear for approximately two years' as a result of 'product safety' issues stemming from remotely exploitable vulnerabilities in STJ's pacemakers, implantable cardioverter defibrillator (ICD), and cardiac resynchronization therapy (CRT) devices. The vulnerabilities are linked to St. Jude's Merlin at home remote patient management platform, said Muddy Waters. The firm cited research by MedSec Holdings Ltd., a cybersecurity research firm that identified the vulnerabilities in St. Jude's ecosystem. Muddy Waters said that the affected products should be recalled until the vulnerabilities are fixed. In an e-mail statement to Security Ledger, St. Jude's Chief Technology Officer, Phil Ebeling, called the allegations 'absolutely untrue.' 'There are several layers of security measures in place. We conduct security assessments on an ongoing basis and work with external experts specifically on Merlin at home and on all our devices,' Ebeling said."

More controversial: MedSec CEO Justine Bone acknowledged in an interview with Bloomberg that her company did not first reach out to St. Jude to provide them with information on the security holes before working with Muddy Waters. Information security experts who have worked with the medical device industry to improve security expressed confusion and dismay. "If safety was the goal then I think (MedSec's) execution was poor," said Joshua Corman of The Atlantic Institute and I Am The Cavalry. "And if profit was the goal it may come at the cost of safety. It seems like a high stakes game that people may live to regret."

Music

Samsung Reminds Us That You Can't Make People Use an App They Don't Want (recode.net) 70

Samsung has announced that it will be discontinuing Milk Music on September 22. The announcement comes a year after the South Korean technology conglomerate shuttered Milk Video, another service that didn't receive the traction Samsung was hoping. Peter Kafka, writing for Recode: It's true that you can't get media/apps/services to customers without access to a platform. But control of the platform doesn't mean customers are going to use your media/apps/services: They've got plenty of choices and they'll choose the ones they want. Ask Verizon and Comcast, which both launched video apps on their networks last year and have nothing to show for it. (You've heard of Verizon's Go90 only because Verizon keeps talking about it when people ask why it spent $10 billion on AOL and Yahoo; you have completely forgotten about Comcast's Watchable.) Soon you'll be able to ask AT&T, which is launching its own video app this fall, which will also feature lots of content people either don't want or can get elsewhere.
Encryption

How SSL/TLS Encryption Hides Malware (cso.com.au) 87

Around 65% of the internet's one zettabyte of global traffic uses SSL/TLS encryption -- but Slashdot reader River Tam shares an article recalling last August when 910 million web browsers were potentially exposed to malware hidden in a Yahoo ad that was hidden from firewalls by SSL/TLS encryption: When victims don't have the right protection measures in place, attackers can cipher command and control communications and malicious code to evade intrusion prevention systems and anti-malware inspection systems. In effect, the SSL/TLS encryption serves as a tunnel to hide malware as it can pass through firewalls and into organizations' networks undetected if the right safeguards aren't in place. As SSL/TLS usage grows, the appeal of this threat vector for hackers too increases.

Companies can stop SSL/TLS attacks, however most don't have their existing security features properly enabled to do so. Legacy network security solutions typically don't have the features needed to inspect SSL/TLS-encrypted traffic. The ones that do, often suffer from such extreme performance issues when inspecting traffic, that most companies with legacy solutions abandon SSL/TLS inspection.

Businesses

One Year in Jail For Abusive Silicon Valley CEO (theguardian.com) 287

He grew up in San Jose, and at the age of 25 sold his second online advertising company to Yahoo for $300 million just nine years ago. Friday Gurbaksh Chahal was sentenced to one year in jail for violating his probation on 47 felony charges from 2013, according to an article in The Guardian submitted by an anonymous Slashdot reader: Police officials said that a 30-minute security camera video they obtained showed the entrepreneur hitting and kicking his then girlfriend 117 times and attempting to suffocate her inside his $7 million San Francisco penthouse. Chahal's lawyers, however, claimed that police had illegally seized the video, and a judge ruled that the footage was inadmissible despite prosecutors' argument that officers didn't have time to secure a warrant out of fear that the tech executive would erase the footage.

Without the video, most of the charges were dropped, and Chahal, 34, pleaded guilty to two misdemeanor battery charges of domestic violence... In Silicon Valley, critics have argued that Chahal's case and the lack of serious consequences he faced highlight the way in which privileged and wealthy businessmen can get away with serious misconduct.. On September 17, 2014, prosecutors say he attacked another woman in his home, leading to another arrest.

Friday Chahal was released on bail while his lawyer appeals the one-year jail sentence for violating his probation.
Businesses

Tech Giants Sign Pledge With World Wildlife Fund To Prevent Wildlife Trading (mashable.com) 27

Kerry Flynn, writing for Mashable: Looking to buy an elephant tusk on eBay? Might not be so easy. The e-commerce giant, along with Etsy, Gumtree, Microsoft, Pinterest, Tencent and Yahoo, have signed on to a new commitment to prevent the sale of illegal wildlife products on their services. The initiative is in collaboration with the World Wildlife Fund, the International Fund for Animal Welfare and TRAFFIC, and was announced Friday to coincide with World Elephant Day. Under the new policy, companies are seeking to prohibit the sale of wild live animals and animal body parts that are sourced illegally, species that are threatened by extinction and other protected animals. That includes rhino horns, pangolin parts and turtle meat. It's the first time that conservation organizations have partnered with multiple tech companies. Prior, the WWF, for example, has worked with other organizations individually.Recently, the Indian government had accused several tech companies including Amazon of "selling" rare animals and their parts.
Television

Hulu Ends Free Streaming Service, Moves Free Stuff To Yahoo View (hollywoodreporter.com) 111

Hulu has inked a deal with Yahoo to provide free, ad-supported episodes of a range of TV shows. But Hulu also said Monday it will end free streaming service on its own platform as it is moving that to an all-subscription model. As part of its expanded distribution deal with Yahoo, which is launching Yahoo View, a new ad-supported TV streaming site with five most recent episodes of shows from ABC, NBC, and Fox among other networks. From an article on The Hollywood Reporter:Most of Hulu's free content has been fairly limited, restricted to what's known as the "rolling five," or the five most recent episodes of a current show -- content that typically becomes available eight days after it airs and is usually also available for free on broadcast networks' websites. For example, recent episodes of shows like America's Got Talent, South Park and Brooklyn Nine-Nine are currently available for free, while Hulu's slate of originals and high-profile exclusives remain behind the paywall. [...] Yahoo is launching the TV site a half-year after shuttering Yahoo Screen, the video service that offered up ad-supported episodes of original TV shows like Community, live streaming concerts and other clips. With View, however, Yahoo is focusing specifically on providing a destination for television to its audience, many of whom are still driven to Yahoo products via its highly trafficked homepage.
Privacy

GhostMail Closes in September, Leaves Users Searching For Secure Email Alternatives (zdnet.com) 158

On September 1, "GhostMail will no longer provide secure email services unless you are an enterprise client," reports ZDNet. "According to the company, it is 'simply not worth the risk.'" GhostMail provided a free and anonymous "military encrypted" e-mail service based in Switzerland, and collected "as little metadata" as possible. But this week on its home page, GhostMail told its users "Since we started our project, the world has changed for the worse and we do not want to take the risk of supplying our extremely secure service to the wrong people... In general, we believe strongly in the right to privacy, but we have taken a strategic decision to only supply our platform and services to the enterprise segment."

GhostMail is referring their users to other free services like Protonmail as an alternative, but an anonymous Slashdot reader asks: What options does an average person have for non-NSA-spied-on email? I am sure there are still some Ghostmail competitors out there but I'm wondering if it's better to coax friends and family to use encryption within their given client (Gmail, Yahoo, Outlook, whatever...) And are there any options for hosting a "private" email service: inviting friends and family to use it and have it kind of hosted locally. Ghostmail-in-a-box or some such?
The Internet

The World's First Web Site Celebrates 25 Years Online (info.cern.ch) 136

An anonymous reader quotes a report from CNN: Twenty-five years ago, the first public website went live. It was a helpful guide to this new thing called the World Wide Web. The minimalist design featured black text with blue links on a white background. It's still online today if you'd like to click around and check out the frequently asked questions or geek out over the technical protocols.
Its original URL was info.cern.ch, where CERN is now also offering a line-mode browser simulator and more information about the birth of the web. CNN is also hosting screenshots of nine web "pioneers", including the Darwin Awards site, the original Yahoo, and the San Francisco FogCam, which claims to be the oldest webcam still in operation.

What are some of the first web sites that you remember reading? (Any greybeards remember when the Internet Movie Database was just a Usenet newsgroup where readers collaborated on a giant home-made list of movie credits?)
AI

Yahoo's New Anti-Abuse AI Outperforms Previous AI (wired.co.uk) 119

16.4% of the comments on Yahoo News are "abusive," according to human screeners. Now Yahoo has devised an abuse-detecting algorithm "that can accurately identify whether online comments contain hate speech or not," reports Wired UK: In 90 per cent of test cases Yahoo's algorithm was able to correctly identify that a comment was abusive... The company used a combination of machine learning and crowdsourced abuse detection to create an algorithm that trawled the comment sections of Yahoo News and Finance to sniff out abuse. As part of its project, Yahoo will be releasing the first publicly available curated database of online hate speech.
The machine-learning algorithm was "trained on a million Yahoo article comments," according to the article, and Slashdot reader AmiMoJo writes "The system could help AIs avoid being tricked into making abusive comments themselves, as Microsoft's Tay twitter bot did earlier this year."
Data Storage

8TB Drives Are Highly Reliable, Says Backblaze (yahoo.com) 209

An anonymous reader writes from a report via Yahoo News: Cloud backup and storage provider Backblaze has published its hard drive stats for Q2 2016. Yahoo News reports: "The report is based on data drives, not boot drives, that are deployed across the company's data centers in quantities of 45 or more. According to the report, the company saw an annualized failure rate of 19.81 percent with the Seagate ST4000DX000 4TB drive in a quantity of 197 units working 18,428 days. The next in line was the WD WD40EFRX 4TB drive in a quantity of 46 units working 4,186 days. This model had an annualized failure rate of 8.72 percent for that quarter. The company's report also notes that it finally introduced 8TB hard drives into its fold: first with a mere 45 8TB HGST units and then over 2,700 units from Seagate crammed into the company's Blackblaze Vaults, which include 20 Storage Pods containing 45 drives each. The company moved to 8TB drives to optimize storage density. According to a chart provided in the report, the 8TB drives are highly reliable. The HGST HDS5C8080ALE600 worked for 22,858 days and only saw two failures, generating an annualized failure rate of 3.20 percent. The Seagate ST8000DM002 worked for 44,000 days and only saw four failures, generating an annual failure rate of 3.30 percent." For comparison, Backblaze's reliability report for Q1 2016 can be found here.

UPDATE 8/2/16: Corrected Seagate Model "DT8000DM002" to "ST8000DM002."
Security

Hacker Selling Data For 200 Million Yahoo Users On The Dark Web (softpedia.com) 65

An anonymous reader writes from a report via Softpedia: A listing was published today on TheRealDeal Dark Web marketplace claiming to be offering data on over 200 million Yahoo users, sold by the same hacker that was behind the LinkedIn, Tumblr, MySpace, and VK data dumps. In statements to Softpedia, Yahoo said it was investigating the breach, but based on the seller's reputation, it is very likely the data is authentic. The data is up for sale for 3 Bitcoin (approximately ~$1,800), and based on the sample the hacker provided, the data dump includes details such as usernames, MD5-hashed passwords, and dates of birth for all users. For some records, there is also a backup email address, country of origin, and ZIP code for U.S. users. The hacker, called Peace, has also told Softpedia that he previously made $50,000 from the LinkedIn breach alone, and over $65,000 in total from all breaches.
United Kingdom

British Newspaper Fooled By Online Harry Potter/Pokemon Go Hoax (snopes.com) 36

An anonymous Slashdot reader writes: "The creators behind Pokemon Go are developing a new Harry Potter version of the app, according to reports," claimed The Metro -- citing as their source the web site "Hello Giggles". But that site's source -- as well as the source for an inaccurate article in Yahoo! Style -- was the infamous JTXH, a parody news sites created three months ago, whose other false scoops have included "NASA to make announcement involving 'religious' implications" and "Denny's waitress assaulted by Muslims for serving bacon during Ramadan".
From Snopes.com: There is no real radio or television outlet with the call letters JTXH; that identifier is purely the province of a fake news web site masquerading as a legitimate news outlet. JTXH News has previously published fabricated clickbait stories such as "Bernie campaign caught distributing LSD to youth" and "Chick-Fil-A is considering banning anyone who 'can't figure out their gender.'"
The Internet

Tumblr To Introduce Ads Across All Blogs 44

Reader evelynlewis445 writes: Tumblr this week quietly announced plans to roll out a new advertising program across its site which will see it implementing ads across users' blogs. The company did not provide specific details on how the program will operate, but it appears to be an expansion of its earlier Creators program, which connects brands with Tumblr users directly, instead of having advertisers work with third-party influencer networks.The ads will begin appearing on the platform starting today. Tumblr remains one of the most popular blogging platforms, attracting over 550 million monthly users to its blogs. Tumblr creators will have an opportunity to share in the revenue from ads on their blogs. The company says that bloggers will have the ability to opt out of the program should they wish not to participate.
Medicine

ALS Ice Bucket Challenge Funding Leads To New Genetic Findings (yahoo.com) 33

An anonymous reader writes: Researchers are crediting the ALS Ice Bucket Challenge, a fundraiser for amyotrophic lateral sclerosis that went viral in 2014, for funding a new study that has possibly identified a common gene that contributes to the nervous system disease. Yahoo reports via Good Morning America: "In a study published in The Nature Genetics Journal, researchers from various institutions, including the University of Massachusetts Medical School and the University Medical Center Utrecht, identified the gene NEK1 as a common gene that could have an impact on who develops the disease. Variants of the gene appear to lead to increased risk of developing ALS, according to preliminary findings. Researchers in 11 countries studied 1,000 families in which a family member developed ALS and conducted a genome-wide search for any signs that a gene could be leading to increased ALS risk. After identifying the NEK1 gene, they also analyzed 13,000 individuals who had developed ALS despite no family history and found they had variants in that same gene, again linking that gene with increased ALS risk. Starting in the summer of 2014, the ALS Ice Bucket Challenge led to 17 million videos made and $220 million raised, according to the ALS Association -- $115 million of which went to the association."
China

China Releases Test Footage of Ballistic Missile Defense System (mirror.co.uk) 68

An anonymous reader quotes a report from Mirror.co.uk: China has released footage of its first interception test of a mid-air ballistic missile, destroying a target miles above Earth. Footage of the experiment, which took place in 2010, has never been made public until now. According to Chinese news agency CCTV, Xu Chunguang, an expert working at a military base in northwest China, said: "All of our research is meant to solve problems that may crop up in future actual combats." It reportedly took researchers another three years to develop the core technologies to improve the system. A second successful test was reportedly conducted in January 2013. China's decision to finally release the footage could be seen as a warning shot to the U.S., which was critical of China for not notifying the Pentagon of the tests at the time. In May, China announced it would send submarines armed with nuclear missiles into the Atlantic Ocean, arguing it had little choice if America continued to advance its weapons systems. China has recently denounced South Korea's decision to deploy a U.S. Terminal High Altitude Area Defense (THAAD) anti-missile system to counter threats from North Korea, saying that it harmed the foundation of their mutual trust.
Yahoo!

Once Valued at $125B, Yahoo's Web Assets To Be Sold To Verizon For $4.83B, Companies Confirm 206

The reports were spot on. Verizon Communications on Monday announced that it plans to purchase Yahoo's Web assets for a sum of $4.83 billion in cash. The multi-billion dollars deal will get Verizon Yahoo's core internet business and some real estate. The announcement also marks a remarkable fall for the Silicon Valley web pioneer, which once had a market capitalization of more than $125 billion. For Verizon, the deal adds another piece to the mammoth digital media and advertising empire it owns. The deal is expected to close early 2017. CNBC reports: The transaction is seen boosting Verizon's AOL internet business, which the company acquired last year for $4.4 billion, by giving it access to Yahoo's advertising technology tools, as well as other assets such as search, mail, messenger and real estate. It also marks the end of Yahoo as an operating company, leaving it only as the owner of a 35.5 percent stake in Yahoo Japan, as well as its 15 percent interest in Chinese e-commerce company Alibaba. In December, Yahoo scrapped plans to spin off its Alibaba stake after investors worried about whether that transaction could have been carried out on a tax-free basis. It instead decided to explore a sale of its core assets, spurred on by activist hedge fund Starboard Value. Forbes has called it one of the "saddest $5B deals in tech history."Yahoo CEO Marissa Mayer, who was expected to leave -- or get fired -- said she intends to stay. "For me personally, I'm planning to stay," Mayer said in a note on Yahoo's Tumblr page. "I love Yahoo, and I believe in all of you. It's important to me to see Yahoo into its next chapter."
United Kingdom

Yahoo Ordered to Show How It Recovered 'Deleted' Emails (pcmag.com) 80

An anonymous reader quotes a report from PC Magazine: Just what kind of email retentions powers does Yahoo have? According to a policy guide from the company, Yahoo cannot recover emails that have been deleted from a user's account -- simple as that. If the email is in a user's account, it's fair game, and Yahoo can even give law enforcement the IP address of whatever computer is being used to send said email.

Or, at least, that's what Yahoo has said. A magistrate judge from the Northern District of California has ordered Yahoo to produce documents, as well as a witness for deposition, related to the company's ability to recover seemingly deleted emails in a UK drug case... a UK defendant was convicted -- and is currently serving an extra 20-year prison sentence -- as part of a conspiracy to import drugs into the United Kingdom. He's currently appealing the conviction, in part because the means by which Yahoo recovered the emails in question allegedly violate British law.

The drug smugglers apparently communicated by creating a draft of an email, which was then available to others who logged into that same account.
Yahoo!

Verizon Nears Deal to Acquire Yahoo (bloomberg.com) 70

Verizon Communications is nearing a deal to buy Yahoo, Bloomberg reports, citing people familiar with the matter. While nothing is official yet, the publication claims that Verizon is discussing a price close to $5 billion for Yahoo's core Internet business. The report adds that Yahoo's patents are not part of the discussion, and it's unclear whether the two companies are considering Yahoo's real estate. "The companies may be ready to announce the deal in the coming days, the people said," the report adds. Interestingly, CNBC, citing its own sources, is independently reporting the same thing.
The Almighty Buck

Marissa Mayer Says Yahoo Continues To Make Solid Progress, Earnings Report Says Otherwise (fool.com) 130

tomhath quotes a report from Fool: Yahoo! CEO Marissa Mayer tried to emphasize the progress that the company has made. "We continue to make solid progress against our 2016 plan," Mayer said, and "in addition to our efforts to improve the operating business, our board has made great progress on strategic alternatives." The CEO argued that the results met or exceeded the company's own guidance. Yahoo! was able to post a revenue increase by changing the ways that it presents revenue related to its search agreement with Microsoft, and without that change, adjusted revenue of $1.055 billion was down 15% from the year-ago quarter. That was even worse than the 13% drop investors were expecting, and adjusted EBITDA fell by more than a third. That resulted in adjusted net earnings of $0.09 per share, missing the consensus forecast by a penny but also glossing over a $440 million net loss on a GAAP basis. The company took a $395 million goodwill impairment charge and an $87 million intangibles impairment charge related to its Tumblr unit, determining that the fair value of the division is less than the amount indicated on Yahoo!'s balance sheet. It was also revealed that Yahoo is writing down the value of its Tumblr acquisition by $482 million, citing lower projections for the social network's future performance, according to a report from CNNMoney. Last quarter, the company took a $230 million write-down on its Tumblr acquisition. Since Yahoo acquired Tumblr for $1.1 billion in 2013, Yahoo has written down more than half of its value.

Slashdot Top Deals