Comcast's Protected Browsing Is Blocking PayPal, Steam and TorrentFreak, Customers Say ( 82

Comcast's Xfinity internet customers have been reporting multiple websites, including PayPal, Steam, and TorrentFreak have been getting blocked by the ISP's "protected browsing" setting. From a report: The "protected browsing" setting is designed to "reduce the risk of accessing known sources of malware, spyware, and phishing for all devices connected to your home network." This, in general, isn't a bad thing. It's similar to Google Chrome's security settings that warn you when you have an insecure connection. But it's odd that Xfinity's security setting would be blocking perfectly harmless sites like PayPal. Multiple consumers have been reporting on Comcast's forums and elsewhere that they've been blocked while trying to access sites that many people use every day. After posting about it on the forums, one user who said they couldn't access PayPal said the problem with that particular site had been fixed. Further reading: Comcast's Protected Browsing Blocks TorrentFreak as "Suspicious" Site (TorrentFreak).

Can the Most Contentious Piece of the Web Form the Basis of a New Standard? Inside Google's Plan To Make the Whole Web as Fast as AMP ( 59

Dieter Bohn, writing for The Verge: In a blog post today, Google is announcing that it's formally embarking on a project to convince the group in charge of web standards to adopt technology inspired by its Accelerated Mobile Pages (AMP) framework. In theory, it would mean that virtually any webpage could gain the same benefits as AMP: near-instantaneous loading, distribution on multiple platforms, and (critically) more prominent placement on Google properties. This is important, a little tricky to understand, and critical to how the web and Google interact in the future. In many ways, Google's success or failure in this endeavor will play a major role in shaping how the web works on your phone.

[...] By creating AMP, Google blithely walked right into the center of a thicket comprised of developers concerned about the future of the web. Publishers are worried about ceding too much control of their distribution to gigantic tech companies, and all of the above are worried that Google is not so much a steward of the web but rather its nefarious puppet master. The whole situation is slightly frustrating to David Besbris, VP of search engineering at Google. Earlier this week, I went to Mountain View to talk with Besbris and Malte Ubl, engineering lead for AMP. "This is honestly a fairly altruistic project from our perspective," says Besbris. "It wasn't like we invented AMP because we wanted to control everything, like people assume," he says. Instead, he argues, go back and look at how dire the state of the mobile web was a few years ago, before AMP's inception.


Amazon Launches a Low-Cost Version of Prime For Medicaid Recipients ( 88

An anonymous reader quotes a report from TechCrunch: Amazon announced this morning it will offer a low-cost version of its Prime membership program to qualifying recipients of Medicaid. The program will bring the cost of Prime down from the usual $12.99 per month to about half that, at $5.99 per month, while still offering the full range of Prime perks, including free, two-day shipping on millions of products, Prime Video, Prime Music, Prime Photos, Prime Reading, Prime Now, Audible Channels, and more. The new program is an expansion on Amazon's discounted Prime service for customers on government assistance, launched in June 2017. For the same price of $5.99 per month, Amazon offers Prime memberships to any U.S. customer with a valid EBT card -- the card that's used to disburse funds for assistance programs like Temporary Assistance for Needy Families (TANF), Supplemental Nutrition Assistance Program (SNAP), and Women, Infants, and Children Nutrition Program (WIC). Now that same benefit is arriving for recipients of Medicaid, the public assistance program providing medical coverage to low-income Americans. To qualify for the discount, customers must have a valid EBT or Medicaid card, the retailer says.

Snap Is Laying Off Around 100 Engineers 64

An anonymous reader quotes a report from CNBC: Snap is laying off about 100 engineers -- nearly 10 percent of the team -- CNBC has learned. The company has seen smaller rounds of layoffs in recent months in its marketing, recruiting and content divisions. These layoffs would be Snap's largest yet and the first to hit the company's engineers. The company last month rolled out the redesign of its pioneering photo messaging app. The redesign separated publisher content from content posted by friends and connections. Snap reported roughly 3,000 employees as of the December quarter and said in its first annual filing that it expected "headcount growth to continue for the foreseeable future."

Leaked Files Show How the NSA Tracks Other Countries' Hackers ( 66

An analysis of leaked tools believed to have been developed by the U.S. National Security Agency (NSA) gives us a glimpse into the methods used by the organization to detect the presence of other state-sponsored actors on hacked devices, and it could also help the cybersecurity community discover previously unknown threats. The Intercept: When the mysterious entity known as the "Shadow Brokers" released a tranche of stolen NSA hacking tools to the internet a year ago, most experts who studied the material honed in on the most potent tools, so-called zero-day exploits that could be used to install malware and take over machines. But a group of Hungarian security researchers spotted something else in the data, a collection of scripts and scanning tools the National Security Agency uses to detect other nation-state hackers on the machines it infects. It turns out those scripts and tools are just as interesting as the exploits. They show that in 2013 -- the year the NSA tools were believed to have been stolen by the Shadow Brokers -- the agency was tracking at least 45 different nation-state operations, known in the security community as Advanced Persistent Threats, or APTs. Some of these appear to be operations known by the broader security community -- but some may be threat actors and operations currently unknown to researchers.

The scripts and scanning tools dumped by Shadow Brokers and studied by the Hungarians were created by an NSA team known as Territorial Dispute, or TeDi. Intelligence sources told The Intercept the NSA established the team after hackers, believed to be from China, stole designs for the military's Joint Strike Fighter plane, along with other sensitive data, from U.S. defense contractors in 2007; the team was supposed to detect and counter sophisticated nation-state attackers more quickly, when they first began to emerge online. "As opposed to the U.S. only finding out in five years that everything was stolen, their goal was to try to figure out when it was being stolen in real time," one intelligence source told The Intercept. But their mission evolved to also provide situational awareness for NSA hackers to help them know when other nation-state actors are in machines they're trying to hack.


Chrome 65 Arrives With Material Design Extensions Page, New Developer Features ( 34

An anonymous reader quotes a report from VentureBeat: Google today launched Chrome 65 for Windows, Mac, Linux, and Android. Additions in this release include Material Design changes and new developer features. You can update to the latest version now using the browser's built-in silent updater or download it directly from Chrome 65 comes with a few visual changes. The most obvious is related to Google's Material Design mantra. The extensions page has been completely revamped to follow it. Next up, Chrome 65 replaces the Email Page Location link in Chrome for Mac's File menu with a Share submenu. As you might expect, Mac users can use this submenu to share the URL of a current tab via installed macOS Share Extensions. Speaking of Macs, Chrome 65 is also the last release for OS X 10.9 users. Chrome 66 will require OS X 10.10 or later. Moving on to developer features, Chrome 65 includes the CSS Paint API, which allows developers to programmatically generate an image, and the Server Timing API, which allows web servers to provide performance timing information via HTTP headers.

Sri Lanka Blocks Facebook, Instagram To Prevent Spread of Hate Speech ( 123

Sri Lanka has blocked social media websites Facebook, Instagram and WhatsApp to avoid the spread of hate speech in the country, local media reported on Wednesday. From the report: Even though there is no official confirmation from the authorities, the Cabinet Spokesman Minister Rajitha Senaratne on Wednesday said the government has decided to block access to certain social media. Telecom Regulatory Commission (TRC) has started to monitor all social media platforms to curb hate speech related to communal riots escalated in Kandy district. Telecommunication service providers (ISPs) have also restricted internet access in Kandy district on the instructions of the TRC.

Google Is Selling Off Zagat ( 33

An anonymous reader quotes a report from TechCrunch: Seven years after picking up Zagat for $151 million, Google is selling off the perennial restaurant recommendation service. The New York Times is reporting this morning that the technology giant is selling off the company to The Infatuation, a review site founded nine years back by former music execs. The company had been rumored to be courting a buyer since early this year. As Reuters noted at the time, Zagat has increasingly become less of a focus for Google, as the company began growing its database of restaurant recommendations organically. Zagat, meanwhile, has lost much of the shine it had when Google purchased it nearly a decade ago. The Infatuation, which uses an in-house team of reviewers to write up restaurants in major cities like New York, San Francisco, Los Angeles and London, is picking up the service for an undisclosed amount. The site clearly believes there's value left in the Zagat brand, even as the business of online reviews has changed significantly in the seven years sinceGoogle picked it up.

The Slow Death of the Internet Cookie ( 97

Sara Fischer, writing for Axios: Over 60% of marketers believe they will no longer need to rely on tracking cookies, a 20-year-old desktop-based technology, for the majority of their digital marketing within the next two years, according to data from Viant Technology, an advertising cloud. Why it matters: Advertising and web-based services that were cookie-dependent are slowly being phased out of our mobile-first world, where more personalized data targeting is done without using cookies. Marketers are moving away from using cookies to track user data on the web to target ads now that people are moving away from desktop. 90% of marketers say they see improved performance from people-based marketing, compared with cookie-based campaigns.
The Internet

WordPress Now Powers 30% of Websites ( 64

WordPress now powers 30 percent of the web, according to data from web technology survey firm W3Techs. From a report: This represents a 5 percentage point increase in nearly two and a half years, after WordPress hit the 25 percent mark in November 2015. It's worth noting here that this figure relates to the entire Web, regardless of whether a website uses a content management system (CMS) or not. If we're looking at market share, WordPress actually claims 60.2 percent, up from 58.7 percent in November 2015. By comparison, its nearest CMS rival, Joomla, has seen its usage jump from 2.8 percent to 3.1 percent, while Drupal is up from 2.1 percent to 2.2 percent.

Rhode Island Bill Would Impose Fee For Accessing Online Porn ( 503

If a recently introduced bill passes the General Assembly this session, Rhode Island residents will have to pay a $20 fee to access sexually explicit content online. The bill, introduced by Sen. Frank Ciccone (D-Providence) and Sen. Hanna Gallo (D-Cranston), would require internet providers to digitally block "sexual content and patently offensive material." Consumers could then deactivate that block for a fee of $20. The Providence Journal reports: Each quarter the internet providers would give the money made from the deactivation fees to the state's general treasurer, who would forward the money to the attorney general to fund the operations of the Council on Human Trafficking, according to the bill's language. If online distributors of sexual content do not comply with the filter, the attorney general or a consumer could file a civil suit of up to $500 for each piece of content reported, but not blocked, according to the bill.

Six Tech Companies Filing Net Neutrality Lawsuit ( 31

An anonymous reader quotes a report from The Hill: Six technology companies, including Kickstarter, Foursquare and Etsy, have launched a lawsuit against the Federal Communications Commission (FCC) in an effort to preserve net neutrality rules. The companies, which also include Shutterstock, Expa and Automattic, on Monday filed their petition with the U.S. Court of Appeals for the District of Columbia Circuit. The companies join Vimeo and Mozilla, as well as several state attorneys general who have also filed lawsuits against the FCC in support of the net neutrality rules. Like the other lawsuits, their new case hinges on the Administrative Procedure Act, which they argue prevents the FCC from "arbitrary and capricious" redactions to already existing policy. "Already, over 30,000 Etsy sellers participated in the FCC's public comment process, and tens of thousands more reached out to Congress in support of net neutrality. Now we're bringing their stories and experiences to the courts," said Althea Erickson, head of advocacy and impact at Etsy.

Do Neural Nets Dream of Electric Sheep? ( 201

An anonymous reader shares a post: If you've been on the internet today, you've probably interacted with a neural network. They're a type of machine learning algorithm that's used for everything from language translation to finance modeling. One of their specialties is image recognition. Several companies -- including Google, Microsoft, IBM, and Facebook -- have their own algorithms for labeling photos. But image recognition algorithms can make really bizarre mistakes. Microsoft Azure's computer vision API added the above caption and tags. But there are no sheep in the image. None. I zoomed all the way in and inspected every speck. It also tagged sheep in this image. I happen to know there were sheep nearby. But none actually present. Here's one more example. In fact, the neural network hallucinated sheep every time it saw a landscape of this type. What's going on here?

Are neural networks just hyper-vigilant, finding sheep everywhere? No, as it turns out. They only see sheep where they expect to see them. They can find sheep easily in fields and mountainsides, but as soon as sheep start showing up in weird places, it becomes obvious how much the algorithms rely on guessing and probabilities. Bring sheep indoors, and they're labeled as cats. Pick up a sheep (or a goat) in your arms, and they're labeled as dogs.

The Internet

Google Fiber Is a Faint Echo of the Disruption We Were Promised ( 173

An anonymous reader quotes a report from Motherboard: Some eight years on and Google Fiber's ambitions are just a pale echo of the disruptive potential originally proclaimed by the company. While Google Fiber did make some impressive early headway in cities like Austin, the company ran into numerous deployment headaches. Fearing competition, incumbent ISPs like AT&T and Comcast began a concerted effort to block the company's access to essential utility poles, even going so far as to file lawsuits against cities like Nashville that tried to expedite the process. Even in launched markets, customer uptake wasn't quite what executives were expecting. Estimates peg Google Fiber TV subscribers at fewer than 100,000, thanks in large part to the cord cutting mindset embraced by early adopters. Broadband subscriber tallies (estimated as at least 500,000) were notably better, but still off from early company projections. Even without anti-competitive roadblocks, progress was slow. Digging up city streets and burying fiber was already a time-consuming and expensive process. And while Google has tried to accelerate these deployments via something called "microtrenching" (machines that bury fiber an inch below roadways), broadband deployment remains a rough business. It's a business made all the rougher by state and local regulators and lawmakers who've been in the pockets of entrenched providers like Comcast for the better part of a generation.

Thieves Steal 600 Powerful Bitcoin-Mining Computers In Iceland ( 88

The Associated Press reports of a Bitcoin heist in Iceland where thieves stole some 600 computers used to "mine" bitcoin and other virtual currencies. "Some 11 people were arrested, including a security guard, in what Icelandic media have dubbed the 'Big Bitcoin Heist,'" reports the Associated Press. From the report: The powerful computers, which have not yet been found, are worth almost $2 million. But if the stolen equipment is used for its original purpose -- to create new bitcoins -- the thieves could turn a massive profit in an untraceable currency without ever selling the items. Three of four burglaries took place in December and a fourth took place in January, but authorities did not make the news public earlier in hopes of tracking down the thieves. Police tracking the stolen computers are monitoring electric consumption across the country in hopes the thieves will show their hand, according to an industry source who spoke on condition of anonymity because he is not allowed to speak to the media. Unusually high energy usage might reveal the whereabouts of the illegal bitcoin mine. Authorities this week called on local internet providers, electricians and storage space units to report any unusual requests for power.

GitHub Survived the Biggest DDoS Attack Ever Recorded ( 144

A 1.35 terabit-per-second DDoS attack hit GitHub all at once last Wednesday. "It was the most powerful distributed denial of service attack recorded to date -- and it used an increasingly popular DDoS method, no botnet required," reports Wired. From the report: GitHub briefly struggled with intermittent outages as a digital system assessed the situation. Within 10 minutes it had automatically called for help from its DDoS mitigation service, Akamai Prolexic. Prolexic took over as an intermediary, routing all the traffic coming into and out of GitHub, and sent the data through its scrubbing centers to weed out and block malicious packets. After eight minutes, attackers relented and the assault dropped off. "We modeled our capacity based on fives times the biggest attack that the internet has ever seen," Josh Shaul, vice president of web security at Akamai told WIRED hours after the GitHub attack ended. "So I would have been certain that we could handle 1.3 Tbps, but at the same time we never had a terabit and a half come in all at once. It's one thing to have the confidence. It's another thing to see it actually play out how you'd hope."

Akamai defended against the attack in a number of ways. In addition to Prolexic's general DDoS defense infrastructure, the firm had also recently implemented specific mitigations for a type of DDoS attack stemming from so-called memcached servers. These database caching systems work to speed networks and websites, but they aren't meant to be exposed on the public internet; anyone can query them, and they'll likewise respond to anyone. About 100,000 memcached servers, mostly owned by businesses and other institutions, currently sit exposed online with no authentication protection, meaning an attacker can access them, and send them a special command packet that the server will respond to with a much larger reply.


Google's Slack Competitor 'Hangouts Chat' Comes Out of Beta ( 52

Frederic Lardinois reports via TechCrunch: Hangouts Chat, Google's take on modern workplace communication, is now generally available and is becoming a core part of G Suite. Hangouts Chat was first announced at Google Cloud Next 2017, together with Hangouts Meet. While Meet went right into public availability, though, Chat went into an invite-only preview. Now, Google is rolling Chat out to all G Suite users over the course of the next seven days (so if you don't see it yet, don't despair). For all intents and purposes, Hangouts Chat is Google's take on Slack, Microsoft Teams and similar projects. Since Google first announced this project, Atlassian also joined the fray with the launch of Stride. Like its competitors, Chat is available on iOS, Android and the web.

Chat currently supports 28 languages and each room can have up to 8,000 members. What's maybe just as important, though, is that Google has already built an ecosystem of partners that are integrating with Chat by offering their own bots. They include the likes of Xero, RingCentral, UberConference, Salesforce, Zenefits,, Jira, Trello, Wrike and Kayak. There's even a Giphy bot. Developers can also build their own bots and integrate their own services with Chat.


YouTube Hiring For Some Positions Excluded White and Asian Men, Lawsuit Says ( 448

Kirsten Grind and Douglas MacMillan report via The Wall Street Journal (Warning: source may be paywalled; alternative source): YouTube last year stopped hiring white and Asian males for technical positions because they didn't help the world's largest video site achieve its goals for improving diversity, according to a civil lawsuit filed by a former employee. The lawsuit, filed by Arne Wilberg, a white male who worked at Google for nine years, including four years as a recruiter at YouTube, alleges the division of Alphabet's Google set quotas for hiring minorities. Last spring, YouTube recruiters were allegedly instructed to cancel interviews with applicants who weren't female, black or Hispanic, and to "purge entirely" the applications of people who didn't fit those categories, the lawsuit claims.

A Google spokeswoman said the company will vigorously defend itself in the lawsuit. "We have a clear policy to hire candidates based on their merit, not their identity," she said in a statement. "At the same time, we unapologetically try to find a diverse pool of qualified candidates for open roles, as this helps us hire the best people, improve our culture, and build better products." People familiar with YouTube's and Google's hiring practices in interviews corroborated some of the lawsuit's allegations, including the hiring freeze of white and Asian technical employees, and YouTube's use of quotas.


Australia Considers Making It Illegal For ISPs To Advertise Inflated Speeds ( 70

The Australian government is currently considering a bill that would make it illegal for internet service providers to exaggerate speeds, or else face a fine of up to $1 million. "One constituent says he's being charged for a 25 megabit per second download speed and a five megabit per second upload and he's actually getting less than one tenth of that," said Andrew Wilkie, the Member of Parliament who introduced the bill. "In other words, people are getting worse than dial-up speed when they've been promised a whizz-bang, super-fast connection." Motherboard reports: Internet speeds can vary based on how many people are on the network and even the hardware you use, but while we can't expect ISPs to deliver maximum speed 100 percent of the time, previous probes into their performance have shown many ISPs in the U.S. aren't delivering even the minimum advertised speeds a majority of the time for the average user. Under the proposed Australian law, ISPs are simply required to be more transparent about what consumers can expect with a specific plan. Rather than advertising only the maximum speeds, they would have to include typical speeds for the average user, indicate busy periods, and clearly list any other factors that might impact service. The bill was only introduced this week, so it's yet to be seen if it will gain traction.

Amazon's Jeff Bezos Called Out On Counterfeit Products Problem ( 169

An anonymous reader quotes a report from CNET: Here's the scenario. A small company designs and creates a product and puts it up on Amazon. Things go well. People really like it. They post hundreds of positive reviews. Sales build -- and keep building. Everything is going great. And then, boom, things go south in a hurry. Another company has created a counterfeit version of the product and is selling it under the same name only it's selling it for less, stealing all the sales. That's exactly what happened to Portland-based Elevation Lab, its founder Casey Hopkins said, accusing Amazon of being "complicit with counterfeiting" in a blog post.

The Anchor, Elevation's popular under-desk headphone mount, has been getting flooded with counterfeits, Hopkins said, noting the situation certainly isn't unique to his company. "The current counterfeit seller, Suiningdonghanjiaju Co Ltd (yeah they sound legit), has been on there for the past 5 days and taken all the sales," Hopkins wrote. Adding further insult to injury, he said Elevation has paid Amazon a "boatload of money" to advertise the product that it has "built, invested in, and shipped." Amazon has now purged the Suiningdonghanjiaju listing, which is noted in our cart as "no longer available from the selected seller." It instead defaults to Elevation's own stock. Hopkins told CNET that counterfeiters have been purged at least five times in recent weeks only to return a week later under a different seller name "to hijack the listing." He said it takes Amazon 5 days to remove the seller.
"If you have a registered brand in the Brand Registry and don't sell the product wholesale, there could be one box to check for that," Hopkins wrote. "And anyone else would have to get approval or high vetting to sell the product, especially if they are sending large quantities to FBA [Fulfillment by Amazon]. I imagine there are some algorithmic solutions that could catch most of it too. And it wouldn't hurt to increase the size of the Brand Registry team so they can do their work faster." Hopkins took a final poke at Amazon CEO Jeff Bezos, saying: "If you're reading this, come on, this is Day 2 activity."

Slashdot Top Deals