ESR On Why the FCC Shouldn't Lock Down Device Firmware ( 134

An anonymous reader writes: We've discussed some proposed FCC rules that could restrict modification of wireless routers in such a way that open source firmware would become banned. Eric S. Raymond has published the comment he sent to the FCC about this. He argues, "The present state of router and wireless-access-point firmware is nothing short of a disaster with grave national-security implications. ... The effect of locking down router and WiFi firmware as these rules contemplate would be to lock irreparably in place the bugs and security vulnerabilities we now have. To those like myself who know or can guess the true extent of those vulnerabilities, this is a terrifying possibility. I believe there is only one way to avoid a debacle: mandated device upgradeability and mandated open-source licensing for device firmware so that the security and reliability problems can be swarmed over by all the volunteer hands we can recruit. This is an approach proven to work by the Internet ubiquity and high reliability of the Linux operating system."

Worries Mount Over Upcoming LTE-U Deployments Hurting Wi-Fi 170

alphadogg writes: LTE-U is a technology developed by Qualcomm that lets a service provider broadcast and receive signals over unlicensed spectrum, which is usable by anybody – specifically, in this case, the spectrum used by Wi-Fi networks in both businesses and homes. By opening up this new spectrum, major U.S. wireless carriers hope to ease the load on the licensed frequencies they control and help their services keep up with demand. Unsurprisingly, several outside experiments that pitted standard LTE technology or 'simulated LTE-U' technology, in the case of one in-depth Google study, against Wi-Fi transmitters on the same frequencies found that LTE drastically reduced the throughput on the Wi-Fi connection.

iOS 9 'Wi-Fi Assist' Could Lead To Huge Wireless Bills 182

Dave Knott writes: One of the new features introduced in iOS9 is "Wi-Fi Assist." This enables your phone to automatically switch from Wi-Fi to a cellular connection when the Wi-Fi signal is poor. That's helpful if you're in the middle of watching a video or some other task on the internet that you don't want interrupted by spotty Wi-Fi service. Unfortunately, Wi-Fi Assist is enabled by default, which means that users may exceed their data cap without knowing it because their phone is silently switching their data connection from Wi-Fi to cellular.

Europe Agrees To Agree With Everyone Except US What 5G Should Be 164

itwbennett writes: Following agreements signed by the EU with South Korea in June 2014 and with Japan in May 2015, the EU and China "have agreed to agree by the end of the year on a working definition for 5G," reports Peter Sayer. "About the only point of agreement so far is that 5G is what we'll all be building or buying after 4G, so any consensus between the EU and China could be significant," says Sayer.

Video Power Over Data

Steve Papa—data pioneer and Founder of Parallel Wireless and Endeca, talks about data driven business processes and results. Those with power over data have power over markets.
The Internet

US Rank Drops To 55th In 4G LTE Speeds 70

alphadogg writes: The U.S. has fallen to No. 55 in LTE performance as speeds rise rapidly in countries that have leapfrogged some early adopters of the popular cellular system. The average download speed on U.S. 4G networks inched up to 10Mbps (bits per second) in the June-August quarter, according to research company OpenSignal. That was an improvement from 9Mbps in the previous quarter, but the country's global ranking fell from 43rd as users in other countries enjoyed much larger gains.
The Military

Researchers Fly 50 Autonomous Planes Simultaneously 39

New submitter MagicRuB writes: Researchers at the Naval Postgraduate School in Monterey, CA recently flew fifty small autonomous planes together in what they claim is a "record-breaking drone swarm". These aircraft were built from lightweight foam wings with hobby-grade components, and were equipped with an autopilot running firmware based on the open-source Ardupilot project as well as a companion computer running custom autonomy software built on top of ROS and an 802.11n wireless device to communicate with other planes and ground stations. The researchers are using this swarm as a platform for advancing drone technology, and hope to see results implemented in agriculture, search and rescue, and defense applications.

Book Review: Abusing the Internet of Things 26

New submitter sh0wstOpper writes: The topic of the Internet of Things (IoT) is gaining a lot of attention because we are seeing increasing amounts of "things", such as cars, door locks, baby monitors, etc, that are connected and accessible from the Internet. This increases the chances of someone being able to "attack" these devices remotely. The premise of Abusing the Internet of Things is that the distinction between our "online spaces" and our "physical spaces" will become harder to define since the connected objects supporting the IoT ecosystems will have access to both. Keep reading for the rest of sh0wstOpper's review.

D-Link Accidentally Publishes Private Code Signing Keys 67

New submitter bartvbl writes: As part of the GPL license, D-Link makes its firmware source code available for many of its devices. When looking through the files I accidentally stumbled upon 4 different private keys used for code signing. Only one — the one belonging to D-Link itself — was still valid at the time. I have successfully used this key to sign an executable as D-Link. A Dutch news site published the full story (translated to english with Google Translate).

Google Partnering With Indian Railways To Provide Wi-Fi Hotspots 26

An anonymous reader writes: Google and Indian Railways have partnered together for 'Project Nilgiri' which aims to set up more than 400 Wi-fi hotspots. IBTimes reports: "Internet access will be free for passengers after the system verifies a user's mobile number with a one-time password sent by text message. However, only the first 30 minutes of usage will be on high-speed Internet, Telecom Talk reported. The telecom industry news site has also posted a screen grab — that shows the service is being provided by Google — of the portal into which passengers have to enter the one-time access code."
Wireless Networking

25 Years Ago, a Meeting Spawned Wi-Fi 75

alphadogg writes: It was retail remodeling that spurred NCR, a venerable cash-register company, to find out how it could use newly opened frequencies to link registers and mainframes without wires. Its customers wanted to stop drilling new holes in their marble floors for cabling every time they changed a store layout. In 1985, the U.S. Federal Communications Commission voted to leave large blocks of spectrum unlicensed and let vendors build any kind of network they wanted as long as they didn't keep anyone else from using the frequencies. NCR jumped at the chance to develop a wireless LAN, something that didn't exist at the time, according to Vic Hayes, a former engineer at the company who's been called the Father of Wi-Fi.
Wireless Networking

Seeing 2.4 GHz Radio Waves 43

szczys writes: There was this art piece that circled the internet a few weeks ago which used a tablet to visualize WiFi and other signals and it was complete fake. It was cool, and it approximated where radio waves emanated from, but it wasn't actually measuring them for display. Greg Charvat has built his career on Radar and other RF design. Seeing that demo he realized he could show you what actual microwaves look like. He used a radar that he built himself from coffee cans. By altering the circuit just a bit he is able to move the receiver around the room and illuminate different LEDs based on the signal traits. A long exposure photograph captures this and lets you see the radio waves. It's like a charcoal rubbing but for electromagnetic waves.

Proposed MAC Sniffing Dongle Intended To Help Recover Stolen Electronics 120

An anonymous reader writes to say that an Iowa City police officer is developing a new concept to help police find more stolen property. The Gazette has a short report that officer David Schwindt, inspired by a forensics class, is working on L8NT, a specialized wireless dongle to help police officers locate stolen electronics (any of them with wireless capabilities and a MAC address, at least) by scanning for MAC addresses associated with stolen goods. The idea is to have police scan as they drive for these MAC entries, and match them against a database. The article notes a few shortcomings in this concept, but does not point out an even bigger one: MAC addresses are usually mutable, anyhow, in a way that's not as obvious as an obscured serial number, and thieves could refine their business model by automating the change.

Backdoor Discovered Into Seagate NAS Drives 121

Mark Wilson writes: If you have not recently updated the firmware for your Seagate wireless NAS drives, now is the time to do so. Researchers at Tangible Security have discovered a series of vulnerabilities in a number of devices produced by Seagate that could allow unauthorized access to files and settings. An undocumented Telnet feature could be used to gain control of the device by using the username 'root' and the hardcoded default password. There are also other vulnerabilities that allow for unauthorized browsing and downloading of files, as well as permitting malicious files to be uploaded. Tangible Security says that Seagate Wireless Plus Mobile Storage, Seagate Wireless Mobile Storage, and LaCie FUEL drives are affected, but there may also be others. The security issues are confirmed to exist with firmware versions to

Microsoft Killing Off Nokia's Windows Phone Apps 77

jfruh writes: As Nokia's smartphone division becomes more fully absorbed into Microsoft, the company is cleaning house and ending some apps and services that Nokia had developed specifically for Windows Phone. Lumia Storyteller, Lumia Beamer, Photobeamer, and Lumia Refocus are photo and video apps that integrate with online services, and those services will be shutting down on October 30. Microsoft says its to better commit resources to work on the mobile version of Windows 10, which is coming soon, but not all the features of the canceled services will appear in the new OS.
The Internet

Connecting the Unwired World With Balloons, Satellites, Lasers & Drones 15

1sockchuck writes: New projects are seeking to connect the unwired world using balloons, drones, lasers and satellites to deliver wireless Internet. There are dueling low-earth orbit satellite initiatives backed by billionaires Elon Musk (SpaceX) and Richard Branson (OneWeb), while Google's Project Loon is using balloons (which sometimes crash) and Facebook is building a solar-powered UAV (Project Aquila). “The Connectivity Lab team is very focused on the technical challenges of reaching those people who are typically in the more rural, unconnected parts of the world,” Jay Parikh, vice president of engineering at Facebook says. “I think that we need to get them access. My hope is that we are able to deliver a very rich experience to them, including videos, photos and—some day—virtual reality and all of that stuff. But it’s a multi-, multi-, multi-year challenge, and I don’t see any end in sight right now.”

Despite Reports of Hacking, Baby Monitors Remain Woefully Insecure 109

itwbennett writes: Researchers from security firm Rapid7 have found serious vulnerabilities in nine video baby monitors from various manufacturers. Among them: Hidden and hard-coded credentials providing local and remote access over services like SSH or Telnet; unencrypted video streams sent to the user's mobile phone; unencrypted Web and mobile application functions and unprotected API keys and credentials; and other vulnerabilities that could allow attackers to abuse the devices, according to a white paper released Tuesday. Rapid7 reported the issues it found to the affected manufacturers and to US-CERT back in July, but many vulnerabilities remain unpatched.

New FCC Rules Could Ban WiFi Router Firmware Modification 242

An anonymous reader writes: Hackaday reports that the FCC is introducing new rules which ban firmware modifications for the radio systems in WiFi routers and other wireless devices operating in the 5 GHz range. The vast majority of routers are manufactured as System on Chip devices, with the radio module and CPU integrated in a single package. The new rules have the potential to effectively ban the installation of proven Open Source firmware on any WiFi router.

ThinkPenguin, the EFF, FSF, Software Freedom Law Center, Software Freedom Conservancy, OpenWRT, LibreCMC, Qualcomm, and others have created the SaveWiFi campaign, providing instructions on how to submit a formal complaint to the FCC regarding this proposed rule. The comment period is closing on September 8, 2015. Leave a comment for the FCC.

Bugs In Belkin Routers Allow DNS Spoofing, Credential Theft 48

Trailrunner7 writes: The CERT/CC is warning users that some Belkin home routers contain a number of vulnerabilities that could allow an attacker to spoof DNS responses, intercept credentials sent in cleartext, access the web management interface, and take other actions on vulnerable routers. The vulnerabilities affect the Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2 with firmware version 2.10.17, and potentially earlier versions of the firmware, as well. The vulnerabilities have not been patched by Belkin, the advisory from the CERT/CC says there aren't any practical workarounds for them. "DNS queries originating from the Belkin N600, such as those to resolve the names of firmware update and NTP servers, use predictable TXIDs that start at 0x0002 and increase incrementally. An attacker with the ability to spoof DNS responses can cause the router to contact incorrect or malicious hosts under the attacker's control," the advisory says.

Ask Slashdot: Can Any Wireless Tech Challenge Fiber To the Home? 190

New submitter danielmorrison writes: In Holland, MI (birthplace of Slashdot) we're working toward fiber to the home. A handful of people have asked why not go wireless instead? I know my reasons (speed, privacy, and we have an existing fiber loop) but are any wireless technologies good enough that cities should consider them? If so, what technologies and what cities have had success stories?