An anonymous reader writes: America's Federal Trade Commission has announced a $25,000 prize for whoever creates the best tool for securing consumers' IoT devices. The so-called "IoT Home Inspector Challenge" asks participants to create something that will work on current, already-on-the-market IoT devices, with extra points also awarded for scalability ad easy of use.

"Contestants have the option of adding features, such as those that would address hard-coded, factory default, or easy-to-guess passwords," according to the official site, but "The tool would, at a minimum, help protect consumers from security vulnerabilities caused by out-of-date software." The winning submission can't be just a policy (or legal) solution, and will be judged by a panel which includes two computer science professors and a vulnerability researcher from Carnegie Mellon University's CERT Coordination Center.
Computerworld points out that "This isn't the first time the FTC has offered cash for software tools. In 2015, it awarded $10,500 to developers of an app that could block robocalls."

Norway is set to become the first country to switch off its FM radio network next week, as it takes the unpopular leap to digital technology. Reuters reports: Critics say the government is rushing the move and many people may miss warnings on emergencies that have until now been broadcast via the radio. Of particular concern are the 2 million cars on Norway's roads that are not equipped with Digital Audio Broadcasting (DAB) receivers, they say. Sixty-six percent of Norwegians oppose switching off FM, with just 17 percent in favor and the rest undecided, according to an opinion poll published by the daily Dagbladet last month. Nevertheless, parliament gave the final go-ahead for the move last month, swayed by the fact that digital networks can carry more radio channels. By the end of the year, all national FM broadcasts will be closed in favor of DAB, which backers say carries less hiss and clearer sound throughout the large nation of 5 million people cut by fjords and mountains. Torvmark said cars were the "biggest challenge" - a good digital adapter for an FM car radio costs 1,500 Norwegian crowns ($174.70), he said. For the same cost, digital radio in Norway allows eight times more radio stations than FM. The current system of parallel FM and digital networks, each of which cost about 250 million crowns ($29 million), saps investments in programs.

Reader coondoggie writes: The Federal Trade Commission has filed a complaint against network equipment vendor D-Link saying inadequate security in the company's wireless routers and Internet cameras left consumers open to hackers and privacy violations. The FTC, in a complaint filed in the Northern District of California charged that "D-Link failed to take reasonable steps to secure its routers and Internet Protocol (IP) cameras, potentially compromising sensitive consumer information, including live video and audio feeds from D-Link IP cameras." For its part, D-Link Systems said it "is aware of the complaint filed by the FTC." According to the FTC's complaint, D-Link promoted the security of its routers on the company's website, which included materials headlined "Easy to secure" and "Advance network security." But despite the claims made by D-Link, the FTC alleged, the company failed to take steps to address well-known and easily preventable security flaws such as "hard-coded" login credentials integrated into D-Link camera software -- such as the username âoeguestâ and the password âoeguestâ -- that could allow unauthorized access to the cameras' live feed, etc.

An anonymous reader quotes a report from Science Daily: A team of international scientists have found a way to make memory chips perform computing tasks, which is traditionally done by computer processors like those made by Intel and Qualcomm. This means data could now be processed in the same spot where it is stored, leading to much faster and thinner mobile devices and computers. This new computing circuit was developed by Nanyang Technological University, Singapore (NTU Singapore) in collaboration with Germany's RWTH Aachen University and Forschungszentrum Juelich, one of the largest interdisciplinary research centers in Europe. It is built using state-of-the-art memory chips known as Redox-based resistive switching random access memory (ReRAM). Developed by global chipmakers such as SanDisk and Panasonic, this type of chip is one of the fastest memory modules that will soon be available commercially. However, instead of storing information, NTU Assistant Professor Anupam Chattopadhyay in collaboration with Professor Rainer Waser from RWTH Aachen University and Dr Vikas Rana from Forschungszentrum Juelich showed how ReRAM can also be used to process data. This discovery was published recently in Scientific Reports. By making the memory chip perform computing tasks, space can be saved by eliminating the processor, leading to thinner, smaller and lighter electronics. The discovery could also lead to new design possibilities for consumer electronics and wearable technology.

From an Engadget report: Mesh networking has become trendy for folks looking to fill every nook and cranny of their homes with Wi-Fi. So it should be no surprise that the makers of the most iconic router ever is unveiling its own system. The Linksys tri-band Velop setup is a modular system that the company says is made to expand as your needs do. Each Velop Tri-Band 2x2 802.11ac Wave 2 MU-MIMO node pulls quadruple duty as a router, range extender, access point and bridge. According to Linksys, each Velop is capable of a combined speed of 2,200 Mbps. It's like having a bunch of little routers in your home all working together to make sure you can stream The OA regardless of which room you're in.Linksys' Velop will set you back by at least $200 for an individual modular, with the pack of two and three priced at $350 and $500, respectively. This makes it costlier than Google's Wi-Fi router, which starts at $129.

An anonymous reader quotes a report from TechCrunch: We've known about Amazon's drone delivery ambitions since 2013. But patent filings from Amazon, circulated today by CB Insights' Zoe Leavitt, reveal more details about how the e-commerce titan could make drone deliveries work at scale, namely through "airborne fulfillment centers." Yes, that's a warehouse in a zeppelin. The airborne fulfillment centers, or AFCs, would be stocked with a certain amount of inventory and positioned near a location where Amazon predicts demand for certain items will soon spike. Drones, including temperature-controlled models ideally suited for food delivery, could be stocked at the AFCs and sent down to make a precise, safe scheduled or on-demand delivery. An example cited in the filing was around a sporting event. If there's a big championship game down below, Amazon AFC's above could be loaded with snacks and souvenirs sports fans crave. The AFCs could be flown close to a stadium to deliver audio or outdoor display advertising near the main event, as well, the filing suggested. The patent reflects a complex network of systems to facilitate delivery by air. Besides the airborne fulfillment centers and affiliated drones, the company has envisioned larger shuttles that could carry people, supplies and drones to the AFCs or back to the ground. Using a larger shuttle to bring drones up to the AFC would allow Amazon to reserve their drones' power for making deliveries only. Of course, all these elements would be connected to inventory management systems, and other software and remote computing resources managed by people in the air or on the ground. The filing also reveals that the shuttles and drones, as they fly deliveries around, could function in a mesh network, relaying data to each other about weather, wind speed and routing, for example, or beaming e-book content down to readers on the ground. Amazon also recently patented a system to defend its drones against hackers, jammers and bows and arrows.

Bufferbloat is that "undesirable latency that comes from a router or other network equipment buffering too much data," according to the site for an ongoing project trying to address it. Now long-time Slashdot reader mtaht writes:Inside the lede-project, two core new bufferbloat-fighting techniques are poised to enter the linux mainline kernel and thousands of routers -- the first being a fq-codel'd and airtime fair scheduler for wifi, and the second, the new "cake" qdisc, which outperforms fq_codel across the board for shaping inbound and outbound connections.
His submission ends with a question for Slashdot readers. "It's been nearly six years since the start of the bufferbloat project. Have you or has your ISP fixed your bufferbloat yet?"

An anonymous reader quotes a report from Motherboard: According to research published Thursday in Science, physicists at Princeton University have designed a device that allows a single electron to pass its quantum information to a photon in what could be a big breakthrough for silicon-based quantum computers. The device designed by the Princeton researchers is the result of five years of research and works by trapping an electron and a photon within a device built by HRL laboratories, which is owned by Boeing and General Motors. It is a semi-conductor chip made from layers of silicon and silicon-germanium, materials that are inexpensive and already widely deployed in consumer electronics. Across the top of this wafer of silicon layers were laid a number of nanowires, each smaller than the width of a human hair, which were used to deliver energy to the chip. This energy allowed the researchers to trap an electron in between the silicon layers of the chip in microstructures known as quantum dots. The researchers settled on photons as the medium of exchange between electrons since they are less sensitive to disruption from their environment and could potentially be used to carry quantum information between quantum chips, rather than within the circuits on a single quantum chip. The ability to scale up this device would mean that photons could be used to pass quantum information from electron to electron in order to form the circuits for a quantum computer. "We now have the ability to actually transmit the quantum state to a photon," said Xiao Mi, a graduate student in Princeton's Department of Physics. "This has never been done before in a semiconductor device because the quantum state was lost before it could transfer its information."

schwit1 quotes a report from The New York Times: Social isolation is a growing epidemic (Warning: may be paywalled; alternate source) -- one that's increasingly recognized as having dire physical, mental and emotional consequences. Since the 1980s, the percentage of American adults who say they're lonely has doubled from 20 percent to 40 percent. About one-third of Americans older than 65 now live alone, and half of those over 85 do. People in poorer health -- especially those with mood disorders like anxiety and depression -- are more likely to feel lonely. Those without a college education are the least likely to have someone they can talk to about important personal matters. A wave of new research suggests social separation is bad for us. Individuals with less social connection have disrupted sleep patterns, altered immune systems, more inflammation and higher levels of stress hormones. One recent study found that isolation increases the risk of heart disease by 29 percent and stroke by 32 percent. Another analysis that pooled data from 70 studies and 3.4 million people found that socially isolated individuals had a 30 percent higher risk of dying in the next seven years, and that this effect was largest in middle age. Loneliness can accelerate cognitive decline in older adults, and isolated individuals are twice as likely to die prematurely as those with more robust social interactions. These effects start early: Socially isolated children have significantly poorer health 20 years later, even after controlling for other factors. All told, loneliness is as important a risk factor for early death as obesity and smoking.

An anonymous reader quotes a report from Kotaku: For months, YouTubers have complained that their view counts are down. New data from the third-party stat tracker SocialBlade confirms what YouTubers fear: viewership is lower across the board. SocialBlade crunched some numbers for Kotaku and determined that, since the first half of the year, YouTube views are now 5-7% lower. Between July and September, that decrease was 10%. It's pretty significant. Why YouTube views have gone down is unclear, but some good theories are floating around. SocialBlade Community Manager Danny Fratella pointed to two potential causes: view audits and altered video-promoting algorithms. During view audits, YouTubers don't actually lose views. YouTube is removing botted or invalid playbacks from the view count. This happens all at once in a sort of purge -- something YouTube has explained publicly. But now that YouTubers have tools like SocialBlade to more rigorously moderate their data, they may be noticing these purges more, Fratella suggested. He added that SocialBlade doesn't see view counts purged as often as subscriber counts -- the main complaint going around YouTube communities. Although YouTubers have widely complained that fans are now randomly unsubscribed from their channels, YouTube and SocialBlade both told me that they've noticed nothing out of the ordinary in subscription data. YouTube's video-promoting algorithm may also play a role in an apparent decreased viewership. What videos the platform draws more eyes to reflects their philosophy on what videos should go viral.

Wikipedia has revealed its most edited articles of 2016. Believe it or not, the two most edited articles of the year were for Deaths in 2016, which was edited 18,230 times, and Donald Trump, with 8,933 edits as of December 21. NPR reports: Some are completely unsurprising -- like the articles about Brexit, the Panama Papers, the Orlando nightclub shooting, and other recent and controversial news topics. The popularity of editing others is somewhat more mysterious: like the article for RuPaul's Drag Race, and one for a fictional character named Beverley Gray -- the subject of a series of 26 mystery stories written between 1934 and 1955. The article on Vincent Van Gogh was also edited thousands of times in 2016, as editors reportedly sought to clarify misunderstandings about the artist in hopes of achieving "featured" status for the page. The most edited article by far was for Deaths in 2016, which was edited 18,230 times. David Bowie, Janet Reno, Gwen Ifill, Leonard Cohen, Fidel Castro, Muhammad Ali, John Glenn and Prince are among the notable people who died this year. Donald Trump's entry was second, with 8,933 edits as of Dec. 21. If history is any indication, there's a good chance the president-elect's Wikipedia page will come under even more scrutiny: The Wikimedia Foundation revealed earlier this year that George W Bush's article has the most edits of any article in English in the history of the site, with 45,862 revisions at last count.

Developers of the popular Signal secure messaging app have started to use Google's domain as a front to hide traffic to their service and to sidestep blocking attempts. Bypassing online censorship in countries where internet access is controlled by the government can be very hard for users. It typically requires the use of virtual private networking (VPN) services or complex solutions like Tor, which can be banned too. From a report on PCWorld: Open Whisper Systems, the company that develops Signal -- a free, open-source app -- faced this problem recently when access to its service started being censored in Egypt and the United Arab Emirates. Some users reported that VPNs, Apple's FaceTime and other voice-over-IP apps were also being blocked. The solution from Signal's developers was to implement a censorship circumvention technique known as domain fronting that was described in a 2015 paper by researchers from University of California, Berkeley, the Brave New Software project and Psiphon. The technique involves sending requests to a "front domain" and using the HTTP Host header to trigger a redirect to a different domain. If done over HTTPS, such redirection would be invisible to someone monitoring the traffic, because the HTTP Host header is sent after the HTTPS connection is negotiated and is therefore part of the encrypted traffic.

Mark Zuckerberg is still trying to explain what his company does. The Facebook CEO said in August that the social-networking giant had no ambitions of being a content provider, insisting that Facebook is "a tech company, not a media company." On Wednesday, he appeared to retreat a bit on that statement, painting a slightly different portrait of his company during a Live video chat with Facebook COO Sheryl Sandberg. From a report on CNET: "Facebook is a new kind of platform," Zuckerberg said during the video chat. "It's not a traditional technology company. It's not a traditional media company. You know, we build technology and we feel responsible for how it's used. We don't write the news that people read on the platform, but at the same time we also know that we do a lot more than just distribute the news, and we're an important part of the public discourse." His comments come amid increased criticism that Facebook's news feed algorithms -- the software that picks the first posts you see -- sometimes fan the flames of "fake news" and allow misinformation to thrive. Numerous allegations have been made that fake news shared on Facebook helped Trump win -- a suggestion Zuckerberg initially called "a pretty crazy idea."

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.

New submitter jbwiebe quotes a report from CBC.ca: The Canadian Radio-television and Telecommunications Commission (CRTC) has declared broadband internet a basic telecommunications service. In a ruling handed down today, the national regulator ordered the country's internet providers to begin working toward boosting internet service and speeds in rural and isolated areas. With today's ruling, CRTC has set new targets for internet service providers to offer customers in all parts of the country download speeds of at least 50 megabits per second (Mbps) and upload speeds of at least 10 Mbps, and to also offer the option of unlimited data. The CRTC estimates two million Canadian households, or roughly 18 per cent, don't have access to those speeds or data. The CRTC's goal is to reduce that to 10 per cent by 2021. To achieve that, the CRTC will require providers pay into a fund that's set to grow to $750 million over five years. The companies will be able to dip into that fund to help pay for the infrastructure needed to extend high-speed service to areas where it is not currently available. The fund is similar to one that subsidized the expansion of local landline telephone service in years past. Providers used to pay 0.53 per cent of their revenues, excluding broadband, into that fund. Now they'll pay the same rate on all revenues, including broadband.

Gandalf_the_Beardy quotes a report from The Register: The Register reports on the story of Jim Giercyk, an amateur radio enthusiast who had his copy of the popular Ham Radio Deluxe (HRD) software revoked after posting a negative review. Other radio hams have followed up with us regarding claims that this was not an isolated incident and others may have had their license keys blacklisted for being publicly critical of the company. And just to be clear: by blackballing keys, installed copies of the software stop working. Giercyk, a professional musician in South Carolina, U.S., says that after his dealings with HRD Software (which has since reinstated his software key) and the statement made by the developer's co-owner Dr Michael Carper, he takes issue with claims made by the company. Giercyk, aka N2SUB, told us on Tuesday: "The issue is not the refusal of service, the issue is that HRD disabled my software, and then offered to enable it in exchange for the removal of an online review of their product. It's extortion, not refusal of service." Giercyk also said that since he went public about his blacklisting last week, he has received messages from other users who have stories of their software keys being revoked by HRD without their knowledge for speaking up about having a bad support experience. A number of other readers pointed out a collection of bad reviews posted on hobbyist site eHam by customers who had their license keys blacklisted. HRD told us some of those users could have written their assessments after requesting a refund and deactivating their software, thus their licenses will appear revoked. Meanwhile, Reddit threads and follow-up discussions to Giercyk's catalyst forum post reveal similar stories of keys being revoked after critical comments about Ham Radio Deluxe have appeared online. Other sources allege some amateur radio forums have in the past deleted posts critical of HRD.

An anonymous reader quotes a report from Daily Dot: The more social media you use, the higher the likelihood that you'll be anxious or depressed. At least according to the University of Pittsburgh Center for Research on Media, Technology and Health. In a study published online this month with more than 1,700 millennial adults, it found people who report using seven to 11 social media platforms had more than three times the risk of depression or anxiety than millennials who use zero to two platforms. The participants were asked about the most popular social media platforms in 2014, the year the study was conducted, which included Facebook, YouTube, Twitter, Google Plus, Instagram, Snapchat, Reddit, Tumblr, Pinterest, Vine, and LinkedIn. Those who used more than seven platforms showed higher levels of depressive symptoms, even when researchers controlled for factors like race, gender, relationship status, household income, education, and total time spent on social media. Brian A. Primack, lead author of the study, notes that the correlation is not certain. He told PsyPost: "It may be that people who suffer from symptoms of depression or anxiety, or both, tend to subsequently use a broader range of social media outlets. For example, they may be searching out multiple avenues for a setting that feels comfortable and accepting. However, it could also be that trying to maintain a presence on multiple platforms may actually lead to depression and anxiety. More research will be needed to tease that apart."

BlackBerry's Unix-like OS, QNX, is already in millions of cars. But today they're expanding their facility in Ottawa "to focus on developing advanced driver assistance and autonomous vehicle technology," according to Reuters. And one analyst says "If they can prove that they have the whole package and the security, they could absolutely dominate the market." After a detour where QNX's industrial-focused software was used to reinvent the now-discarded BlackBerry phone operating system, BlackBerry is focused on how its embedded software interacts with the explosion of sensors, cameras and other components required for a car to drive itself... "What QNX is doing is providing the infrastructure that allows you to build higher-level algorithms and to also acquire data from the sensors in a reliable manner," said Sebastian Fischmeister, a University of Waterloo associate professor who has worked with QNX since 2009.
Instead of focussing on AI, BlackBerry wants "a niche role as a trusty sidekick," Reuters reports, adding that besides a recent deal with Ford, BlackBerry is also holding advanced discussions with "more than one or two" major automakers, according to the head of the company.

Core evangelist Thibaut Rouffineau writes about the results of Ubuntu's survey of 2000 consumers about their Internet of Things devices: This survey revealed that, worryingly, only 31% of consumers that own connected devices perform updates as soon as they become available. A further 40% of consumers have never consciously performed updates on their devices... Of those polled, nearly two thirds felt that it was not their responsibility to keep firmware updated. 22% believed it was the job of software developers, while 18% consider it to be the responsibility of device manufacturers.

Canonical has taken the view for some time now that better automatic mechanisms to fix vulnerabilities remotely are needed as an essential step on the way to a secure IoT. We need to remove the burden of performing software updates from the user and we need to actively ban the dreaded 'default password', as Canonical has done with Ubuntu Core 16... It's clear to us that too many of the solutions to IoT security proposed today involve either mitigating security issues after-the-fact, or living in a world where IoT security problems are the accepted norm. This should not and cannot be the case.
They'll be publishing their complete findings in a new paper in January.

An anonymous reader writes: The non-profit association that sponsors Linus Torvalds' work on Linux also offers self-paced online training and certification programs. And now through December 22, they're available at a 50% discount. "Make learning Linux and other open source technologies your New Year's Resolution this holiday season," reads a special page at LinuxFoundation.org. There's training in Linux security, networking, and system administration, as well as software-defined networking and OpenStack administration. (Plus a course called "Fundamentals Of Professional Open Source Management," and two certification programs that can make you a Linux Foundation-certified engineer or system administrator.)
And if you order right now, they'll also give you a free mug with a penguin on it.