An anonymous reader shares a report: Less than 24 hours before a historic US presidential election day, Nick Clegg, Facebook's vice president of global affairs and communications and the former United Kingdom deputy prime minister, tried to rally employees at the embattled social networking corporation. Noting that the world would be watching the results, Clegg published a post on an internal message board about the work Facebook employees had done to prepare for the vote. Many things had changed since 2016, he said, alluding to an election in which Russian state actors used Facebook to sow discord, while the company and CEO Mark Zuckerberg stood by oblivious. "We have transformed the way we approach elections since the U.S. presidential election four years ago," Clegg wrote in the note titled "READY FOR ELECTION DAY." "Thanks to the efforts of far, far too many of you to mention by name, Facebook is a very different company today." It is indeed. Roiled by months of internal scandals and high-profile failures, the social network giant heads into Election Day with employee morale cratering and internal political discussion muzzled on internal message boards.

While Clegg took an optimistic tone in his post, Facebook released results of an internal survey on Monday that revealed a stark decline in employee confidence over the past six months. Its semi-annual "Pulse Survey," taken by more than 49,000 employees over two weeks in October, showed workers felt strained by office shutdowns and were continuing to lose faith that the company was improving the world. Only 51% of respondents said they believed that Facebook was having a positive impact on the world, down 23 percentage points from the company's last survey in May and down 5.5 percentage points from the same period last year. In response to a question about the company's leadership, only 56% of employees had a favorable response, compared to 76% in May and more than 60% last year. (A Facebook employee acknowledged in the announcement that the uptick in May's Pulse results were "likely driven by our response to COVID-19," which was widely praised.)

Alphabet's Loon, the company focused on creating new networking capabilities using stratosphere-based infrastructure, has set a new world record for a continuous stratospheric flight. One of Loon's ultra high-altitude balloons flew for 312 days straight, beating the existing record of 223 days by a considerable margin, and nearly racking up a full year of sustained time aloft. From a report: The balloon in question took off from Puerto Rico in May 2019, and then made its way to Peru, where it took part in a service test for three months. It then headed south over the Pacific Ocean, and finally ended up in Baja, Mexico for a landing in March this year. Loon's CTO Sal Candido said in a blog post that the record-setting flight is the result of the company's continued work on advancing its technology and pushing both hardware and software forward in new and innovative ways. Part of that means learning as much as possible from balloons that break records like this one, and Candido points out that Loon has a unique advantage over more traditional high-altitude balloons designed for weather observation because it recovers just about all of them, and can study the best performers in extreme detail. That allows it to replicate and improve on what's going right when balloons are staying aloft for long periods.

"TCP/IP doesn't work at interplanetary distances," 77-year-old Vinton Cerf tells Quanta magazine. "So we designed a set of protocols that do." Specifically, bundle protocols: a disruption/delay-tolerant networking (DTN) protocol with nodes that can also store information: A data packet traveling from Earth to Jupiter might, for example, go through a relay on Mars, Cerf explained. However, when the packet arrives at the relay, some 40 million miles into the 400-million-mile journey, Mars may not be oriented properly to send the packet on to Jupiter. "Why throw the information away, instead of hanging on to it until Jupiter shows up?" Cerf said. This store-and-forward feature allows bundles to navigate toward their destinations one hop at a time, despite large disruptions and delays...

So, a couple decades after conceiving of bundle protocols, is the interplanetary internet up and running?

We don't have to build the whole thing and then hope somebody uses it. We sought to get standards in place, as we have for the internet; offer those standards freely; and then achieve interoperability so that the various spacefaring nations could help each other. We're taking the next obvious step for multi-mission infrastructure: designing the capability for an interplanetary backbone network. You build what's needed for the next mission. As spacecraft get built and deployed, they carry the standard protocols that become part of the interplanetary backbone. Then, when they finish their primary scientific mission, they get repurposed as nodes in the backbone network. We accrete an interplanetary backbone over time.

In 2004, the Mars rovers were supposed to transmit data back to Earth directly through the deep space network — three big 70-meter antennas in Australia, Spain and California. However, the channel's available data rate was 28 kilobits per second, which isn't much. When they turned the radios on, they overheated. They had to back off, which meant less data would come back. That made the scientists grumpy. One of the JPL engineers used prototype software — this is so cool! — to reprogram the rovers and orbiters from hundreds of millions of miles away. We built a small store-and-forward interplanetary internet with essentially three nodes: the rovers on the surface of Mars, the orbiters and the deep space network on Earth. That's been running ever since.

We've been refining the design of those protocols, implementing and testing them. The latest protocols are running back-and-forth relays between Earth and the International Space Station... We did another test at the ISS where the astronauts were controlling a little robot vehicle in Germany.

ttyler writes: As MacRumors reports, Apple's new HomePod Mini supports Thread networking technology. "Thread is a low-power IP-based networking technology for connecting Internet of Things (IoT) devices, offering a secure, mesh-based system that makes it easy to build an ecosystem of devices," reports MacRumors. "While Thread is essentially agnostic to the application layers that run on top of it, it can support multiple layers and may play a role in Project Connected Home over IP, the alliance of Apple, Amazon, Google, and other companies that is seeking to make it simpler to build devices compatible with multiple ecosystems such as Siri, Alexa, and Google Assistant." In a footprint on the specs page, Apple says that HomePod mini's Thread support is limited to HomeKit devices, "so the technology can't yet be leveraged cross-platform and it remains to be seen how Apple will embrace Thread going forward," adds MacRumors.

"Most users don't seem to realize the severity of the risks they're subjecting themselves to while using hotel Wi-Fi networks," writes Windows Report, noting that America's FBI "issued a Public Service Announcement concerning the risks of using hotel Wi-Fi networks while teleworking." Apparently, more and more U.S. hotels started advertising room reservations during the daytime for those who seek a distraction-free environment. This comes as a blessing for teleworkers who can't seem to focus on their work environment while at home. On the other hand...there are a few quite serious risks you may expose yourself to while using Wi-Fi networks in hotels:

- Traffic monitoring: Your network activity could be exposed to a malicious third-party

- Evil Twin attacks: Cloning the hotel network, misleading clients to connect to the fake one instead

- Man-In-The-Middle attacks: Intercepting and stealing sensitive information from one's device

- Compromising work" Facilitating cybercriminals to steal work credentials or other similar resources

- Digital identity theft

- Ransomware
Among other things, the FBI points out: Guests generally have minimal visibility into both the physical location of wireless access points within the hotel and the age of networking equipment. Old, outdated equipment is significantly more likely to possess vulnerabilities that criminal actors can exploit. Even if a hotel is using modern equipment, the guest has no way of knowing how frequently the hotel is updating the firmware of that equipment or whether the hotel has changed the equipment's default passwords. The hotel guest must take each of these factors into consideration when choosing whether to telework on a hotel network.
Or, as Slashdot reader SmartAboutThings puts it, "Using hotel Wi-Fi, in general, is not safe at all, and if you have no other choice, then you might as well give VPN services a try."

Or, just don't use the hotel's wifi (using your cellphone as a mobile hotspot instead).

Comcast has achieved a 10Gbps "technical milestone" that can deliver gigabit-plus download and upload speeds over existing cable wires, not fiber. ZDNet reports: Comcast has achieved a 10Gbps technical milestone by delivering 1.25Gbps upload and download speeds over a live production network using Network Function Virtualization (NFV) combined with the latest Data Over Cable Service Interface Specification (DOCSIS) hardware. This is being done with DOCSIS 4. With this cutting-edge cable internet technology, you can expect to see up to 10Gbps speeds downstream and up to 6Gbps upstream capacity over a hybrid fiber-coaxial (HFC) network. In its first real-world test, to a home in Jacksonville, Fla., technicians achieved its Gigabit plus speed using upon Comcast's Distributed Access Architecture (DAA). This is an edge-based computing model. This architecture has a suite of software-powered networking technologies, including digital fiber optics, "Remote PHY" digital nodes, and a cloud-based, virtualized cable modem termination system platform (vCMTS). The result? Comcast's team consistently measured speeds of 1.25Gbps upload and 1.2Gbps download over the connection.

According to a study by Dr. Raul Katz of Telecom Advisory Services, 10Gbps internet will generate at least $330 billion in total economic output and create more than 676,000 new jobs over the next seven years. It will do by enabling not just 8K video streams for everyone living in your home, but by enabling 5G access points, virtual reality applications, and telehealth. It's not just hardware that's making this possible. Comcast is a major open-source developer and user. As Comcast notes, "The trial was made possible not by a single technological innovation, but rather by a series of interrelated technologies that Comcast continues to test and deploy in its network, all powered by a DAA ecosystem. These include our increasingly virtualized, cloud-based network model." Comcast is working on the "10G" initiative along with NCTA, CableLabs, and SCTE, and other telecom and cable operators from around the world. In addition, Comcast and Charter Communications have worked closely to align on their approaches to 10Gbps and are driving technology standards and architectures to benefit everyone.

IBM announced this morning that the company would be spinning off some of its lower-margin lines of business into a new company and focusing on higher-margin cloud services. Ars Technica reports: During an investor call, CEO Arvind Krishna acknowledged that the move was a "significant shift" in how IBM will work, but he positioned it as the latest in a decades-long series of strategic divestments. "We divested networking back in the '90s, we divested PCs back in the 2000s, we divested semiconductors about five years ago because all of them didn't necessarily play into the integrated value proposition," he said. Krishna became CEO in April 2020, replacing former CEO Ginni Rometty (who is now IBM's executive chairman), but the spin-off is the capstone of a multi-year effort to apply some kind of focus to the company's sprawling business model.

The new spin-off doesn't have a formal name yet and is referred to as "NewCo" in IBM's marketing and investor relations material. Under the spin-off plan, the press release claims IBM "will focus on its open hybrid cloud platform, which represents a $1 trillion market opportunity," while NewCo "will immediately be the world's leading managed infrastructure services provider." (This is because NewCo will start life owning the entirety of IBM Global Technology Services' existing managed infrastructure clients, which means about 4,600 accounts, including about 75 percent of the Fortune 100.)
See also: Cringely Predicts IBM 'Disappears Into Red Hat'

The House Judiciary Committee says Amazon, Apple, Facebook and Google are monopolies -- but its new plan to rein in their power won't change anything overnight. Instead, Democratic lawmakers propose to rewrite American antitrust law in order to restructure the U.S.'s most successful and powerful industry over time. From a report: The report is a long pass down the field of the tech industry's unfolding conflicts. It could be game-changing -- but it also might never get completed. The report, which runs more than 450 pages, proposes broad updates to antitrust law, including: limiting companies' ability to compete unfairly against third parties on their own platforms by either requiring online marketplaces to be independently run businesses or establishing rules for how such marketplaces can be organized; blocking online platforms from giving themselves preferential treatment or playing favorites with other content providers; requiring social networks to be interoperable so that people can communicate across platforms and carry their data over from one platform to another; directing antitrust enforcers to assume that an acquisition by a dominant tech firm is anticompetitive unless proven otherwise; and allowing news publishers to team up to negotiate against tech platforms looking to carry their content.

Committee investigators spent 16 months reviewing mountains of emails, memos and other evidence to reach these conclusions about the companies:
Amazon: The internet retail giant achieved its dominant position in part through acquiring competitors; has a monopoly over and mistreats third-party sellers; and has created a conflict of interest through its double role as an operator of its marketplace and also a seller there.
Apple: The report says Apple exerts monopoly power over software distribution to more than half the mobile devices in the U.S. It accuses the company of exploiting rivals by levying commissions and fees and copying apps, and says Apple gives preference to its own apps and services.
Facebook: The social media network has monopoly power in the social networking space, the report finds, and takes a "copy, acquire, kill" approach to would-be rivals such as WhatsApp and Instagram, both of which it bought in the early 2010s.
Google: The search engine has a monopoly in the general online search and search advertising markets, according to the report, maintaining its position through anticompetitive tactics such as undermining vertical search providers and acquiring rivals.

"To put it simply, companies that once were scrappy, underdog startups that challenged the status quo have become the kinds of monopolies we last saw in the era of oil barons and railroad tycoons," write the authors of the report. The other side: The companies all deny that they hold monopoly positions or that their practices and acquisitions violate antitrust law, and argue that the tech industry remains healthily competitive.

Amazon's Eero mesh networking company is introducing Eero for Service Providers. "This is an all-new hardware and software offering designed to help internet service providers (ISPs) meet customers' increasing demands for exceptional home Wi-Fi," writes Steven J. Vaughan-Nichols via ZDNet. "This is not just a bundling of a selection of Eero Wi-Fi mesh routers with your existing internet service. It also includes remote network management for your ISP and security and privacy management tools for you." From the report: The bundle starts, of course, with the routers. Besides offering Eero's existing whole-home mesh Wi-Fi systems to customers, ISPs will also get access to the all-new Eero 6 series. These come with Wi-Fi 6. This new Wi-Fi technology supports faster speeds and more simultaneously connected devices. Eero claims that this is its fastest Wi-Fi network yet. There are two models: Eero Pro 6 and Eero 6. These new devices also come with a built-in Zigbee smart home hub. This IEEE 802.15.4 personal-area network standard Internet of Things (IoT) hub lets you manage compatible IoT devices on your networks. This way you don't need a separate Zigbee hub.

For ISPs, Eero Insight builds on Eero's existing Remote Network Management software. This combines monitoring user history to predict and address customer problems before they change from annoyances to real problems. It also includes network monitoring tools such as a network topology viewer, historical speed tests and bandwidth usage, RF diagnostics, alerts, audit logs, outage detection, fleet analysis, and network health. For users, all this should mean a more reliable internet connection and that's always good news.

Cisco has been hit with a massive $1.9 billion patent-infringement bill for copying cybersecurity tech from Centripetal Networks and pushing the company out of lucrative government contracts. The Register reports: The network switch maker infringed four patents, a Virginia court decided on Monday, but since the infringement was "willful and egregious," the judge multiplied the $756 million owed by 2.5 to a total fine of $1,889,521,362.50. With interest, Cisco faces a hefty $1,903,239,287.50 bill "payable in a lump sum due on the judgment date," the court said. The four patents are: US 9,203,806, 9,560,176, 9,686,193, and 9,917,856.

That's not all: the court also imposed [PDF] a royalty of ten per cent of some of Cisco's products for the next three years, and five per cent for three years after that. That royalty must be at least $168 million and no more than $300 million for the first three years, and between $84 million and $150 million for the next three, the judge said. Even though the sums are massive, they are far from ruinous, and represent about three months of profit for Cisco. The networking giant also has a massive cash pile of roughly $30 billion that the total bill will barely eat into.

As for the tech itself, Centripetal Networks, based in Virginia, developed a network protection system that was in part funded by the US government. The patented parts of it deal with speed and scalability issues, and allowed for live updates and automated workflows. It outlined the technology to Cisco after the company had signed a non-disclosure agreement. But then Cisco simply stole the functionality and incorporated it into its own products in 2017. Centripetal sued [PDF] the following year. "The fact that Cisco released products with Centripetal's functionality within a year of these meetings goes beyond mere coincidence," said District Judge Henry Morgan in his judgment. He noted that Cisco had "continually gathered information from Centripetal as if it intended to buy the technology from Centripetal," but then "appropriated the information gained in these meetings to learn about Centripetal's patented functionality and embedded it into its own products."

"Universities have been conscripted as the arbiters of opportunity, as the dispensers of the credentials, as the sorting machine," warns a Harvard political philosopher, in a new interview in the Chronicle of Higher Education titled "The Insufferable Hubris of the Well-Credentialed."

The meritocratic hubris of elites is the conviction by those who land on top that their success is their own doing, that they have risen through a fair competition, that they therefore deserve the material benefits that the market showers upon their talents. Meritocratic hubris is the tendency of the successful to inhale too deeply of their success, to forget the luck and good fortune that helped them on their way. It goes along with the tendency to look down on those less fortunate, and less credentialed, than themselves. That gives rise to the sense of humiliation and resentment of those who are left out...

Our credentialing function is beginning to crowd out our educational function. Students win admission to these places by converting their teenage years — or their parents converting their teenage years — into a stress-strewn gauntlet of meritocratic striving. That inculcates intense pressure for achievement. So even the winners in the meritocratic competition are wounded by it, because they become so accustomed to accumulating achievements and credentials, so accustomed to jumping through hoops and pleasing their parents and teachers and coaches and admissions committees, that the habit of hoop-jumping becomes difficult to break. By the time they arrive in college, many find it difficult to step back and reflect on what's worth caring about, on what they truly would love to study and learn. The habit of gathering credentials and of networking and of anticipating the next gateway in the ladder to success begins to interfere with the true reason for being in institutions of higher education, which is exploring and reflecting and questioning and seeking after one's passions.

What might we do about it? I make a proposal in the book that may get me in a lot of trouble in my neighborhood. Part of the problem is that having survived this high-pressured meritocratic gauntlet, it's almost impossible for the students who win admission not to believe that they achieved their admission as a result of their own strenuous efforts. One can hardly blame them. So I think we should gently invite students to challenge this idea. I propose that colleges and universities that have far more applicants than they have places should consider what I call a "lottery of the qualified." Over 40,000 students apply to Stanford and to Harvard for about 2,000 places. The admissions officers tell us that the majority are well-qualified. Among those, fill the first-year class through a lottery. My hunch is that the quality of discussion in our classes would in no way be impaired.

The main reason for doing this is to emphasize to students and their parents the role of luck in admission, and more broadly in success. It's not introducing luck where it doesn't already exist. To the contrary, there's an enormous amount of luck in the present system. The lottery would highlight what is already the case.

Roger Cochetti directed internet public policy for IBM from 1994 through 2000 and later served as Senior Vice-President & Chief Policy Officer for VeriSign and Group Policy Director for CompTIA. This week he warned about signs "that the once open, global internet is slowly being replaced by 200, nationally-controlled, separate internets." And, while these separate American, Chinese, Russian, Australian, European, British, and other "internets" may decide to have some things in common with each other, the laws of political gravity will slowly pull them further apart as interest groups in each country lobby for their own concerns within their own country. Moreover, we will probably see the emergence of a global alternate internet before long...

As background, it's important to recognize that — by almost any measure — the global internet is controlled by businesses and non-profits subject to the jurisdiction of the United States government. Within a roughly 1,000-mile strip of land stretching from San Diego to Seattle lie most major internet businesses and network control or standards bodies (and those that aren't there likely lie elsewhere in the United States). So — as the governments of China, Russia and Iran never tire of explaining — while Americans constitute around 310 million out of the world's 4.3 billion internet users (around 8%), the U.S. government exercises influence or control over more than 70% of the internet's controls and services... China's ability to control the internet experience within its bordersx` between roughly 2005 and 2018 taught many other countries that doing so, even if costly, is possible. This lesson was not lost on Russia, Iran, Australia, Turkey, Saudi Arabia, the EU and many other countries, which began developing legal (and sometimes technical) means to control internet content within their borders. This legal/technical nationalization over the past decade was significantly boosted by the realization that it was actually not very difficult for a government to substantially shut down the internet within a territory...

The first major step in the introduction of a new, China-centric internet may have taken place last year when China introduced to the UN's International Telecommunications Union a proposal for a new type of protocol that would connect networks in a way comparable to, but different from, the way that the internet protocols have done. This was quickly dubbed China's New IP, and it has been the subject of major controversy as the nations and companies decide how to react. Whether a new Chinese-centric internet is based on a new series of protocols or is simply based on a new set of internet domain names and numbers, it seems likely that this alternate internet will give national governments quite a bit more control over what happens within their territories than does the global, open internet. This feature will attract quite a few national governments to join in — not least Russia, Iran and perhaps Turkey and India.

The combined market power of those participating countries would make it difficult for any global internet business to avoid such a new medium. The likely result being two, parallel global computer inter-networking systems... which is pretty much what Google CEO Eric Schmidt predicted.

Grindr, one of the world's largest dating and social networking apps for gay, bi, trans, and queer people, has fixed a security vulnerability that allowed anyone to hijack and take control of any user's account using only their email address. TechCrunch reports: Wassime Bouimadaghene, a French security researcher, found the vulnerability and reported the issue to Grindr. When he didn't hear back, Bouimadaghene shared details of the vulnerability with security expert Troy Hunt to help. The vulnerability was fixed a short time later. Bouimadaghene found the vulnerability in how the app handles account password resets.

To reset a password, Grindr sends the user an email with a clickable link containing an account password reset token. Once clicked, the user can change their password and is allowed back into their account. But Bouimadaghene found that Grindr's password reset page was leaking password reset tokens to the browser. That meant anyone could trigger the password reset who had knowledge of a user's registered email address, and collect the password reset token from the browser if they knew where to look.

The clickable link that Grindr generates for a password reset is formatted the same way, meaning a malicious user could easily craft their own clickable password reset link -- the same link that was sent to the user's inbox -- using the leaked password reset token from the browser. With that crafted link, the malicious user can reset the account owner's password and gain access to their account and the personal data stored within, including account photos, messages, sexual orientation and HIV status and last test date.

The Cybersecurity and Infrastructure Security Agency (CISA) has published a security advisory today warning of a wave of attacks carried out by hacking groups affiliated with China's Ministry of State Security (MSS). From a report: CISA says that over the past year, Chinese hackers have scanned US government networks for the presence of popular networking devices and then used exploits for recently disclosed vulnerabilities to gain a foothold on sensitive networks. The list of targeted devices includes F5 Big-IP load balancers, Citrix and Pulse Secure VPN appliances, and Microsoft Exchange email servers. For each of these devices, major vulnerabilities have been publicly disclosed over the past 12 months, such as CVE-2020-5902, CVE-2019-19781, CVE-2019-11510, and CVE-2020-0688, respectively. According to a table summarizing Chinese activity targeting these devices published by CISA today, some attacks have been successful and enabled Chinese hackers to gain a foothold on federal networks.

schwit1 shares a report from TechRadar: Huawei has announced a series of layoffs in the UK as the company is forced to alter its corporate strategy in the face of further bans and restrictions. The Chinese giant is set to pull sales all of its Enterprise hardware lines, including all servers, storage and networking switches from the UK. The news means severe job cuts across Huawei's Enterprise hardware divisions in the UK as the company faces yet more challenges, despite pledges to remain in the country. The Register [which broke the story] said it had initially been told of Huawei's move by several channel partners, and that 20 of the 50 roles in the Enterprise team would be affected. The European arm of the Enterprise division is not thought to be affected by the news. "Our Enterprise Business is to focus its operations in the UK to deliver fewer products in a better way. Unfortunately this means a number of roles are no longer required, however, we hope to reposition colleagues who are affected elsewhere within the businesses," a Huawei spokesperson told The Register in a statement.

"Ultimately, the business has done a review and decided to focus on a number of product lines," the spokesperson added, noting that Huawei will, "continue to provide full service and maintenance to existing customers for the life-cycle of our products."

Facebook is getting back to its roots as a college-focused social network. The company announced today the launch of a new social networking platform, Facebook Campus, which offers college students a private place to connect with classmates, join groups, discover upcoming campus events, get updates from their school's administration and chat with other students from their dorm, clubs or any other campus group. From a report: The new platform requires a school email address (@.edu) to join and will live within a dedicated section of the Facebook app. It will be accessible from a tab at the bottom of the screen or from the "More" menu alongside sections like Watch, Dating, Gaming, News, Marketplace and others. "We wanted to create a product where it was easy for classmates to meet each other, foster new relationships and also easily start conversations," explains Facebook Campus Product Manager Charmaine Hung. "And we really think that Campus is more relevant than ever right now. With COVID-19, we see that many students aren't returning to campus in the fall. Now, classes are being held online and students are trying to react to this new normal of what it's like to connect to clubs and organizations that you care about, when you're not together," she added.

"A few years ago, a hacker managed to exploit vulnerabilities in Tesla's servers to gain access and control over the automaker's entire fleet," remembers Electrek (in a story shared by long-time Slashdot reader AmiMoJo).

Tesla enthusiast Jason Hughes had already received a $5,000 bug bounty for reporting a vulnerability, but "knowing that their network wasn't the most secure, to say the least, he decided to go hunting for more bug bounties." After some poking around, he managed to find a bunch of small vulnerabilities. The hacker told Electrek, "I realized a few of these things could be chained together, the official term is a bug chain, to gain more access to other things on their network. Eventually, I managed to access a sort of repository of server images on their network, one of which was 'Mothership'." Mothership is the name of Tesla's home server used to communicate with its customer fleet.

Any kind of remote commands or diagnostic information from the car to Tesla goes through "Mothership." After downloading and dissecting the data found in the repository, Hughes started using his car's VPN connection to poke at Mothership. He eventually landed on a developer network connection. That's when he found a bug in Mothership itself that enabled him to authenticate as if it was coming from any car in Tesla's fleet.

All he needed was a vehicle's VIN number, and he had access to all of those through Tesla's "tesladex" database thanks to his complete control of Mothership, and he could get information about any car in the fleet and even send commands to those cars.
Last week Hughes released an annotated version of the bug report he'd submitted to Tesla. "Hughes couldn't really send Tesla cars driving around everywhere..." reports Electrek, "but he could 'Summon' them..." Telsa gave him a special $50,000 bug report reward — several times higher than their usual maximum — and "used the information provided by Hughes to secure its network."

Electrek calls it "a good example of the importance of whitehat hackers."

Today, Lenovo has released a ThinkPad with Red Hat's community Linux, Fedora. ZDNet reports: First in this new Linux-friendly lineup is the X1 Carbon Gen 8. It will be followed by forthcoming versions of the ThinkPad P1 Gen2 and ThinkPad P53. While ThinkPads are usually meant for business users, Lenovo will be happy to sell the Fedora-powered X1 Carbon to home users as well. The new X1 Carbon runs Fedora Workstation 32. This cutting-edge Linux distribution uses the Linux Kernel 5.6. It includes WireGuard virtual private network (VPN) support and USB4 support. This Fedora version uses the new GNOME 3.36 for its default desktop.

The system itself comes standard with a 10th Generation Intel Core 1.6Ghz i5-10210U CPU, with up to 4.20 GHz with Turbo Boost. This processor boasts 4 Cores, 8 Threads, and a 6 MB cache. It also comes with 8MBs of LPDDR3 RAM. Unfortunately, its memory is soldered in. While that reduces the manufacturing costs, Linux users tend to like to optimize their hardware and this restricts their ability to add RAM. You can upgrade it to 16MBs, of course, when you buy it for an additional $149. For storage, the X1 defaults to a 256GB SSD. You can push it up to a 1TB SSD. That upgrade will cost you $536.

The X1 Carbon Gen 8 has a 14.0" Full High Definition (FHD) (1920 x 1080) screen. For practical purposes, this is as high-a-resolution as you want on a laptop. I've used laptops with Ultra High Definition (UHD), aka 4K, with 3840x2160 resolution, and I've found the text to be painfully small. This display is powered by an integrated Intel HD Graphics chipset. For networking, the X1 uses an Intel Wi-Fi 6 AX201 802.11AX with vPro (2 x 2) & Bluetooth 5.0 chipset. I've used other laptops with this wireless networking hardware and it tends to work extremely well. The entire default package has a base price of $2,145. For now, it's available for $1,287. If you want to order one, be ready for a wait. You can expect to wait three weeks before Lenovo ships it to you.

An anonymous reader quotes a report from ZDNet: A South Carolina man was sentenced this week to two years in federal prison for taking government-owned networking equipment and selling it on eBay. The man, Terry Shawn Petrill, 48, of Myrtle Beach, worked as the IT Security Director for Horry County in South Carolina, the Department of Justice said in a press release on Tuesday. According to court documents, "beginning on June 11, 2015, through August 23, 2018, Petrill ordered forty-one Cisco 3850 switches that were to be installed on the Horry County network."

US authorities said that through the years, when the switches would arrive, Petrill would take custody of the devices and tell fellow IT staffers that he would handle the installation alone. However, investigators said that "Petrill did not install the switches on the network and instead sold them to third parties and kept the proceeds for himself." FBI agents who investigated the case said they tracked nine of the 41 missing Cisco switches to ads on eBay, while the location of the rest remains unknown. Nonetheless, this was enough to file charges against Petrill, which authorities arrested and indicted in November 2019. Besides prison time, Petrill was also ordered to pay restitution in the amount of $345,265.57 to the Horry County Government.

An anonymous reader shares a report: In a worst-case scenario, Apple's annual iPhone shipments could decline by 25-30% if it is forced to remove WeChat from its App Stores around the world, according to a new research note from analyst Ming-Chi Kuo viewed by MacRumors. The removal could occur due to a recent executive order aiming to ban U.S. transactions with WeChat and its parent company Tencent. Kuo lays out optimistic and pessimistic scenarios depending on whether Apple is only required to remove WeChat from the App Store in the United States or if the ban would apply to the App Store in all countries. WeChat is extremely popular with Chinese mobile device users, essentially operating as its own platform on top of iOS and Android for many users, and Kuo argues that a worldwide ban on WeChat in the App Store would be devastating due to the size of the Chinese market.

"Because WeChat has become a daily necessity in China, integrating functions such as messaging, payment, e-commerce, social networking, news reading, and productivity, if this is the case, we believe that Apple's hardware product shipments in the Chinese market will decline significantly. We estimate that the annual iPhone shipments will be revised down by 25-30%, and the annual shipments of other Apple hardware devices, including AirPods, iPad, Apple Watch and Mac, will be revised down by 15-25%," he wrote in a note. Under his optimistic scenario in which WeChat is only removed from the U.S. App Store, Kuo predicts iPhone shipments would be impacted by 3-6% with other Apple products being affected by less than 3%.