The Department of Homeland Security's CERT issued a warning last week that users should "strongly consider" not using some models of NetGear routers, and the list expanded this week to include 11 different models. Netgear's now updated their web page, announcing eight "beta" fixes, along with three more "production" fixes. chicksdaddy writes: The company said the new [beta] firmware has not been fully tested and "might not work for all users." The company offered it as a "temporary solution" to address the security hole. "Netgear is working on a production firmware version that fixes this command injection vulnerability and will release it as quickly as possible," the company said in a post to its online knowledgebase early Tuesday.

The move follows publication of a warning from experts at Carnegie Mellon on December 9 detailing a serious "arbitrary command injection" vulnerability in the latest version of firmware used by a number of Netgear wireless routers. The security hole could allow a remote attacker to take control of the router by convincing a user to visit a malicious web site... The vulnerability was discovered by an individual...who says he contacted Netgear about the flaw four months ago, and went public with information on it after the company failed to address the issue on its own.

An anonymous reader quotes a report from ABC News: German officials are stepping up their criticism of Facebook, saying the social network is doing too little to stop hate speech and could face stiff fines unless it deletes illegal content faster. In an interview published Friday, Justice Minister Heiko Maas said his ministry was checking whether it would be possible to make social networking sites legally liable for illegal posts. Germany has seen a sharp increase in vitriolic posts on social media in recent years amid a heated public debate over the influx of more than a million migrants since the start of 2015. The country has laws against speech deemed to be racist, defamatory or inciting violence -- a response to Germany's Nazi legacy. But authorities have struggled with the deluge of often anonymous postings on foreign-owned websites. Thomas Oppermann, a senior lawmaker in Maas' Social Democratic Party, told German weekly Der Spiegel that dominant social media sites like Facebook could be required to delete illegal posts within 24 hours or face fines up to 500,000 euros ($522,000). Facebook also could be compelled to distribute corrections that reach the same number of people as the original post, Oppermann suggested, something traditional media companies in Germany are already required to do.

New submitter rkagerer writes: Dropbox unleashed a tidal wave of user backlash yesterday when it announced plans to eradicate its Public folder feature in 2017. Criticism from users whose links will break surfaced on Reddit, HackerNews and its own forums. Overnight, customers up-voted a feature request to reverse the decision, skyrocketing it to a "Top 10" position on the company's tracker. joemck explains: "There are countless users who have been using the public folder to post images and files in blogs and forums. These aren't just worthless jokes and memes that nobody will miss if you flip the switch and break all of them. These are often valuable resources that users have created and entrusted to you to retain and keep online." One user even created a comic strip for the occasion, with another concerned the URL he registered with the Coast Guard containing potentially lifesaving information will go dark. Although the feature was deprecated in 2012, it remained in place for existing users. The company provides an alternative sharing method, but some users claim it's not as convenient and doesn't provide direct links. According to the announcement, free accounts have until March 15 to update their links, while the lights will go out for paid accounts on September 1. UPDATE 12/17/16: Slashdot reader rkagerer notes, "Dropbox quietly killed the feature request after this story hit the front page, but the original content can still be found interleaved in the forum discussion."

An anonymous reader quotes a report from Ars Technica: Barely two weeks after ATT launched DirecTV Now, the online streaming service's customers have already been hit by multiple outages, unexpected blackouts of live local sports games, and missing channels. There was an outage of about three hours last night and a two-hour outage Friday night, TVPredictions reported today. "DirecTV Now's customers said they couldn't log onto the streaming service, or they were suddenly met with a blank screen if already watching," the report said. The "Error Message 30" article tells customers that they may be suffering from "an intermittent or weak Internet connection," but in this case the problem was on DirecTV's end. "Tuesday evening we experienced an issue that prevented some customers from streaming on DirecTV Now," ATT told Ars today. "The issue has since been resolved and we're seeing normal streaming levels at this time. We thank our customers for their patience." Even when DirecTV Now works, availability of live sports games hasn't lived up to what the company promised. There appear to be technical problems affecting local games, but licensing restrictions may be limiting availability as well. This past Sunday, some DirecTV Now subscribers in cities such as San Francisco, Tampa Bay, and Atlanta could not watch NFL games on local Fox channels due to a technical problem, TVPredictions reported in another article.

Microsoft has quietly fixed a software update it released last week, which effectively prevented Windows 10 users from connecting to the Internet or joining a local network. From a report on ArsTechnica: It's unclear exactly which automatic update caused the problem or exactly when it was released -- current (unconfirmed) signs point to KB3201845 released on December 9 -- but whatever it was appeared to break DHCP (Dynamic Host Configuration Protocol), preventing Windows 10 from automatically acquiring an IP address from the network. There's also little detail on how many people were affected or why, but multiple cases have been confirmed across Europe by many ISPs. A Microsoft spokesperson has meanwhile confirmed that "some customers" had been experiencing "difficulties" getting online, but that's about it for public statements at present. However, a moderator on the company's forums has said the fix was included in a patch released on Tuesday called KB3206632.

"By convincing a user to visit a specially crafted web site, a remote attacker may execute arbitrary commands with root privileges on affected routers," warns a new vulnerability notice from Carnegie Mellon University's CERT. Slashdot reader chicksdaddy quotes Security Ledger's story about certain models of Netgear's routers: Firmware version 1.0.7.2_1.1.93 (and possibly earlier) for the R7000 and version 1.0.1.6_1.0.4 (and possibly earlier) for the R6400 are known to contain the arbitrary command injection vulnerability. CERT cited "community reports" that indicate the R8000, firmware version 1.0.3.4_1.1.2, is also vulnerable... The flaw was found in new firmware that runs the Netgear R7000 and R6400 routers. Other models and firmware versions may also be affected, including the R8000 router, CMU CERT warned.

With no work around to the flaw, CERT recommended that Netgear customers disable their wifi router until a software patch from the company that addressed the hole was available... A search of the public internet using the Shodan search engine finds around 8,000 R6450 and R7000 devices that can be reached directly from the Internet and that would be vulnerable to takeover attacks. The vast majority of those are located in the United States.
Proof-of-concept exploit code was released by a Twitter user who, according to the article, said "he informed Netgear of the flaw more than four months ago, but did not hear back from the company since then."

Security firm Forcepoint has discovered a DDoS competition which requires participants install a DDoS software which contains a backdoor. An anonymous reader quotes CSO: A hacker in Turkey has been trying to encourage distributed denial-of-attacks by making it into a game, featuring points and prizes for attempting to shut down political websites... Users that participate will be given a tool known as Balyoz, the Turkish word for Sledgehammer, that can be used to launch DDoS attacks against a select number of websites... The attack tool involved is designed to only harass 24 political sites related to the Kurds, the German Christian Democratic Party -- which is led by Angela Merkel -- and the Armenian Genocide, and others... Forcepoint noticed that the DDoS attack tool given to the participants also contains a backdoor that will secretly install a Trojan on the computer.

Some Windows 10 PCs are now experiencing sudden drops in their Wi-Fi connections, with the Network Diagnostics tool reporting "Wi-Fi doesn't have a valid IP configuration." An anonymous reader quotes InfoWorld's Woody Leonhard: I've heard from many people who blame the Wi-Fi disconnect on Friday's KB 3201845, the patch (which still isn't documented on the Win10 update history site) that brings version 1607 up to build 14393.479. It's unlikely that the new patch brought on the bug because the large influx of complaints started on December 7 -- two days before the patch...

Speculation at this point says the disconnect results when a machine performs a fast startup, setting the machine's IP address to 169.x.x.x. It's an old problem, but somehow it's come back in spades in the past two days. I have no idea what triggered the sudden outbreak, as there were no Win10 1607 patches issued on December 6, 7 or 8.
Microsoft acknowledged the problem Thursday, recommending customers try restarting their PCs (or performing a clean start). Woody writes that it looks like Microsoft's latest Windows 10 patch "didn't cause the bug. But the patch didn't fix it, either."

An anonymous reader quotes a report from Mac Rumors: AirPods were originally slated to launch in October, but the wireless earphones were later delayed. Apple said it needed "a little more time" before they are ready for customers, and it has yet to provide an official update since. While the exact reason for the delay remains unclear, a person familiar with the development of AirPods told The Wall Street Journal that Apple's troubles appear to be related to its "efforts to chart a new path for wireless headphones," in addition to resolving what happens when users lose one of the earpieces or the battery dies. The Wall Street Journal reports: "A person familiar with the development of the AirPod said the trouble appears to stem from Apple's effort to chart a new path for wireless headphones. In most other wireless headphones, only one earpiece receives a signal from the phone via wireless Bluetooth technology; it then transmits the signal to the other earpiece. Apple has said AirPod earpieces each receive independent signals from an iPhone, Mac or other Apple device. But Apple must ensure that both earpieces receive audio at the same time to avoid distortion, the person familiar with their development said. That person said Apple also must resolve what happens when a user loses one of the earpieces or the battery dies."

Yesterday, France's Le Monde newspaper issued a report, citing documents from NSA whistleblower Edward Snowden, that says American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft. Assuming the report is accurate, national security agencies may soon have their hands full if a new proposal by the Department of Transportation becomes official, which would allow each airline to decide whether its passengers will be permitted to make in-flight phone calls using the aircraft's onboard Wi-Fi system. ABC News reports: The Department of Transportation's proposal leaves it up to airlines whether to allow the calls. But carriers would be required to inform passengers at the time they purchase a ticket if the calls are allowed. That would give passengers the opportunity to make other travel arrangements if they don't want to risk the possibility of sitting near passengers making phone calls. The Federal Communications Commission prohibits using mobile phones to make calls during flights, but not Wi-Fi calls. There is a minimum 60-day comment period and the proposal leaves the door open to an outright ban. The Wall Street Journal first reported on the proposal.

After getting its final European Commission approvals earlier this week, Microsoft and LinkedIn today announced that Microsoft's $26.2 billion acquisition of LinkedIn, the social networking site, has officially closed. From a report on TechCrunch: The news comes six months after news first broke of the deal. In an internal memo, LinkedIn CEO Jeff Weiner went through the areas where the two companies would be working together, and how they will in other ways remain independent. LinkedIn today has over 400 million registered users, making it the largest social networking site focused on the working world. People use the service both to make work connections with other people in their fields, but also to look for jobs and hire people. As we reported earlier this week, the fact that LinkedIn essentially has a dominant position in this area meant that Microsoft had to make concessions to the EC about how it would work to allow other social networking sites to integrate on its platforms.

BrianFagioli quotes a report from BetaNews: The Nintendo NES Classic is quite an amazing console. True, it is not as powerful as modern game systems like Xbox One and PlayStation 4, but it comes pre-loaded with many classic NES titles. Unfortunately, its strength is also its weakness -- those pre-loaded titles are the only games you can play. You cannot load other games, so you are stuck with what you got. As an alternative, some folks use software emulation and ROMs on their computers to play countless video game titles. Of course, there are moral concerns here, as you are often downloading the games illegally -- unless you own the physical copy, that is. Even then, it is a gray area. Today, a company called Doyodo launched a new Linux-powered emulation console on Indiegogo. The device not only plays NES games, but Atari, Game Boy, PlayStation 1, Genesis, and more. You play using USB controllers. In addition, it can serve as a media player (with Kodi) or a full-fledged Linux desktop. Some other features include 4K video playback, Wi-Fi networking built in, and a compact and portable design. There's even a deluxe version that ships with Bluetooth, an extra controller and 32GB of storage; the basic configuration includes just one controller and 16GB of storage. You can view the Indiegogo page here.

Security experts consider the aging FTP and Telnet protocols unsafe, and HP has decided to clamp down on access to networked printers through the remote-access tools. From a report on PCWorld: Some of HP's new business printers will, by default, be closed to remote access via protocols like FTP and Telnet. However, customers can activate remote printing access through those protocols if needed. "HP has started the process of closing older, less-maintained interfaces including ports, protocols and cipher suites" identified by the U.S. National Institute of Standards and Technology as less than secure, the company said in a statement. In addition, HP also announced firmware updates to existing business printers with improved password and encryption settings, so hackers can't easily break into the devices.

After being let go over a series of "personal issues" with his employer, things got worse for 26-year-old network administrator Dariusz J. Prugar, who will now have to spend two years in prison for hacking the ISP where he'd worked. An anonymous reader writes: Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote... "Seeking to hide his tracks, Prugar used an automated script that deleted various logs," reports Bleeping Computer. "As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers."

When the former ISP couldn't fix the issue, they asked Prugar to help. "During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left." This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network.
Six years later, Prugar was found guilty after a one-week jury trial, and was ordered by the judge to pay $26,000 in restitution to the ISP (which went out of business in October of 2015). Prugar's two-year prison sentence begins December 27.

Reuters has built an algorithm called News Tracer that flags and verifies breaking news on Twitter. The algorithm weeds through all 500 million tweets that are posted on a daily basis to "sort real news from spam, nonsense, ads, and noise," writes Corinne Iozzio via Popular Science: In development since 2014, reports the Columbia Journalism Review, News Tracer's work starts by identifying clusters of tweets that are topically similar. Politics goes with politics; sports with sports; and so on. The system then uses language-processing to produce a coherent summary of each cluster. What differentiates News Tracer from other popular monitoring tools, is that it was built to think like a reporter. That virtual mindset takes 40 factors into account, according to Harvard's NiemanLab. It uses information like the location and status of the original poster (e.g. is she verified?) and how the news is spreading to establish a "credibility" rating for the news item in question. The system also does a kind of cross-check against sources that reporters have identified as reliable, and uses that initial network to identify other potentially reliable sources. News Tracer can also tell the difference between a trending hashtag and real news. The mix of data points News Tracer takes into account means it works best with actual, physical events -- crashes, protests, bombings -- as opposed to the he-said-she-said that can dominate news cycles.

An anonymous reader quotes a report from Quartz: A new study from The Citizen Lab, a research group at the University of Toronto, reveals that censorship on WeChat occurs primarily in group chats rather than one-on-one chats between two people, and often in such a way where the sender of a text isn't even aware a piece of text has been scrubbed. The discoveries illuminates how China's government attempts to keep its citizens blind to the scope of its censorship regime. The researchers set out find the extent to which certain keywords got scrubbed from conversations between two or more users in WeChat. To do this, in June 2016 the team posed as a Chinese WeChat user and sent out 26,821 keywords containing terms that had been censored on other apps, including Tom-Skype (a made-for-China version of Skype) and YY (a live broadcast app). A corresponding Canadian user in the two-way chat would then report back to say whether or not the message had been received. The report states that out of the entire sample, only one term -- Falun Gong -- had been scrubbed. When they ran an identical test in August, even that text mysteriously passed without censorship. Yet when they tested group chats, they found multiple cases in which certain keywords triggered a removal. Specifically, while sensitive terms used in isolation were unlikely to trigger censorship (say "June 4th," a reference to the Tiananmen Square protests, brutally put down on June 4, 1989), it took effect when they were used in a full sentence or with other keywords. The researchers also discovered that when WeChat censored a message, the sender received no notice informing him that his text had not reached the intended recipient. The study also notes that "WeChat only censors content for users who bind their account to a mainland Chinese phone number when they first register to use the app." The censorship is still applied even if Chinese residents move to different countries or change phone numbers.

An anonymous reader quotes a report from Reuters: Social media website Reddit, known for its commitment to free speech, will crack down on online harassment by banning or suspending users who target others, starting with those who have directed abuse at Chief Executive Steve Huffman. Huffman said in an interview with Reuters that Reddit's content policy prohibits harassment, but that it had not been adequately enforced. "Personal message harassment is the most cut and dry," he said. "Right now we are in an interesting position where my inbox is full of them, it's easy to start with me." As well as combing through Huffman's inbox, Reddit will monitor user reports, add greater filtering capacity, and take a more proactive role in policing its platform rather than relying on community moderators. Reddit said it had identified hundreds of the "most toxic users" and will warn, ban or suspend them. It also plans to increase staff on its "trust and safety" team. On Reddit, a channel supporting the U.S. Republican party's presidential candidate Donald Trump, called r/The_Donald, featured racist and misogynistic comments, fake news and conspiracy theories about his Democratic challenger Hillary Clinton, along with more mainstream expressions of support for Trump. Many of those supporting Trump were very active, voting up the r/The_Donald conversations so that they became prominent across Reddit, which is the 7th-most-visited U.S. internet site, according to web data firm Alexa. Last week, Reddit banned Pizzagate, a community devoted to a conspiracy theory, with no evidence to back it up, that links Clinton to a pedophile ring at a Washington, D.C. pizza parlor, after it posted personal information in violation of Reddit policy. Huffman then used his administrative privileges to redirect abuse he was receiving on a thread on r/The_Donald to the community's moderators -- making it look as if it was intended for them. Huffman said it was a prank, and that many Reddit users, including some Trump supporters, told him they thought it was funny, but it inflamed the situation.

An anonymous reader quotes a report from Phys.Org: In a massive crackdown, police and law enforcement agencies across Europe have seized more than 4,500 website domains trading in counterfeit goods, often via social networks, officials said on Monday. The operation came as Europol, Europe's police agency, unveiled its newest campaign dubbed "Don't F***(AKE) Up" to stop scam websites selling fake brand names online. In the crackdown, agencies from 27 countries mostly in Europe but including from the U.S. and Canada, joined forces to shut down over 4,500 websites. They were selling everything from "luxury goods, sportswear, spare parts, electronics, pharmaceuticals, toiletries and other fake products," Europol said in a statement, without saying how long the crackdown took. An annual operation run in collaboration with the U.S. Immigration and Customs Enforcement and Homeland Security, there was "a significant increase in the number of seized domain names compared to last year," said Europol director Rob Wainwright. As part of the crackdown, Dutch anti-fraud police arrested 12 people across The Netherlands over the past two weeks as they searched homes and warehouses. Most of the raids were prompted by online sales of counterfeit goods on social networking sites such as Facebook and Instagram. More than 3,500 items of clothing and fake luxury goods were seized in Holland, including shoes, bags and perfumes purporting to be such brands as Nike, Adidas, and Kenzo, with a market value of tens of thousands euros. Publishing a guide on how to spot fake websites and social media scams, Europol warned consumers had to be on their guard.

An anonymous reader writes: Two hackers are renting access to a massive Mirai botnet, which they claim has more than 400,000 infected bots, ready to carry out DDoS attacks at anyone's behest. The hackers have quite a reputation on the hacking underground and have previously been linked to the GovRAT malware, which was used to steal data from several US companies. Renting around 50,000 bots costs between $3,000-$4,000 for 2 weeks, meaning renting the whole thing costs between $20,000-$30,000.

After the Mirai source code leaked, there are countless smaller Mirai botnets around, but this one is [believed to be the one] accounting for more than half of all infected IoT devices...that supposedly shut down Internet access in Liberia. The original Mirai botnet was limited to only 200,000 bots because there were only 200,000 IoT devices connected online that had their Telnet ports open. The botnet that's up for rent now has received improvements and can also spread to IoT devices via SSH, hence the 400,000 bots total.
Interestingly, the article claims the botnet's creators had access \to the Mirai source code "long before it went public."

Users of the social network's iOS app report seeing a new feature in the More section that lets them find nearby public Wi-Fi access points. From a MacWorld story: The feature does not appear to be widely available at the moment, which means this is probably something Facebook is only testing. The social network tests numerous features all the time but this one is particularly notable. Helping users find public Wi-Fi could enable more people to use Facebook Live. If your cellular connection isn't strong, a nearby Wi-Fi location can be a big help -- unless, of course, your Facebook Live broadcast is dependent on your specific location. There could be other uses for finding Wi-Fi beyond live video broadcasts. If you're desperate to upload a photo or recorded video, then locating the closest public Wi-Fi point helps. On top of that it's just one more reason to open the Facebook app, which Facebook obviously wants to encourage as much as possible. Check where the nearest Wi-Fi hotspot is, see that unread notifications indicator at the top of the screen, and before you know it you're engrossed in the news feed.