AT&T

AT&T and Comcast Finalize Court Victory Over Nashville and Google Fiber (arstechnica.com) 122

"AT&T and Comcast have solidified a court victory over the metro government in Nashville, Tennessee, nullifying a rule that was meant to help Google Fiber compete against the incumbent broadband providers," reports Ars Technica. From the report: The case involved Nashville's "One Touch Make Ready" ordinance that was supposed to give Google Fiber and other new ISPs faster access to utility poles. The ordinance let a single company make all of the necessary wire adjustments on utility poles itself instead of having to wait for incumbent providers like AT&T and Comcast to send work crews to move their own wires. But AT&T and Comcast sued the metro government to eliminate the rule and won a preliminary victory in November when a U.S. District Court judge in Tennessee nullified the rule as it applies to poles owned by AT&T and other private parties.

The next step for AT&T and Comcast was overturning the rule as it applies to poles owned by the municipal Nashville Electric Service (NES), which owns around 80 percent of the Nashville poles. AT&T and Comcast achieved that on Friday with a new ruling from U.S. District Court Judge Aleta Trauger. Nashville's One Touch Make Ready ordinance "is ultra vires and void or voidable as to utility poles owned by Nashville Electric Service because adoption of the Ordinance exceeded Metro Nashville's authority and violated the Metro Charter," the ruling said. Nashville is "permanently enjoined from applying the Ordinance to utility poles owned by Nashville Electric Service." The Nashville government isn't planning to appeal the decision, a spokesperson for Nashville Mayor Megan Barry told Ars today.

Google

'The Web is Not Google, and Should Not be Just Google': Developers Express Concerns About AMP (ampletter.org) 99

A group of prominent developers published an open-letter on Tuesday, outlining their deep concerns about Accelerated Mobile Pages, a project by Google that aims to improve user experience of the Web. Google services already dominate the Web, and the scale at which AMP is growing, it could further reinforce Google's dominance of the Web, developers wrote. The letter acknowledges that web pages could be slow at times, but the solutions out there to address them -- AMP, Facebook's Instant Articles, Apple News -- are creating problems of their own, developers say. From the letter: Search engines are in a powerful position to wield influence to solve this problem. However, Google has chosen to create a premium position at the top of their search results (for articles) and a "lightning" icon (for all types of content), which are only accessible to publishers that use a Google-controlled technology, served by Google from their infrastructure, on a Google URL, and placed within a Google controlled user experience. The AMP format is not in itself, a problem, but two aspects of its implementation reinforce the position of Google as a de facto standard platform for content, as Google seeks to drive uptake of AMP with content creators: Content that "opts in" to AMP and the associated hosting within Google's domain is granted preferential search promotion, including (for news articles) a position above all other results. When a user navigates from Google to a piece of content Google has recommended, they are, unwittingly, remaining within Google's ecosystem.

If Google's objective with AMP is indeed to improve user experience on the Web, then we suggest some simple changes that would do that while still allowing the Web to remain dynamic, competitive and consumer-oriented: Instead of granting premium placement in search results only to AMP, provide the same perks to all pages that meet an objective, neutral performance criterion such as Speed Index. Publishers can then use any technical solution of their choice. Do not display third-party content within a Google page unless it is clear to the user that they are looking at a Google product. It is perfectly acceptable for Google to launch a "news reader," but it is not acceptable to display a page that carries only third party branding on what is actually a Google URL, nor to require that third party to use Google's hosting in order to appear in search results. We don't want to stop Google's development of AMP, and these changes do not require that.

Google

Google Rebrands All Its Payment Solutions As 'Google Pay' (arstechnica.com) 69

An anonymous reader quotes a report from Ars Technica: Google just announced that it is merging all of its various payment programs into a single brand, called "Google Pay." Google Pay will be a one-stop shop for all your Google Payment needs: NFC smartphone payments, P2P transfers, and Web payments. Google's payment solution site has already clicked over to the new branding, and we'd guess a rebrand of the Android Pay app won't be far behind. The branding should start popping up on store credit card machines, too. So "Google Pay" is the new brand for every kind of payment Google offers -- all without the platform-specific branding problems of Android Pay. Google says this is "just the first step for Google Pay" and it "can't wait to share more."
Google

James Damore Sues Google For Allegedly Discriminating Against Conservative White Men (theverge.com) 1171

An anonymous reader shares a report: The author of the controversial memo that upended Google in August is suing the company, alleging that white, male conservatives are systematically discriminated against by Google. James Damore was fired as an engineer after a manifesto questioning the benefits of diversity programs was widely passed around the company. In a new lawsuit, he and another fired engineer claim that "employees who expressed views deviating from the majority view at Google on political subjects raised in the workplace and relevant to Google's employment policies and its business, such as 'diversity' hiring policies, 'bias sensitivity,' or 'social justice,' were/are singled out, mistreated, and systematically punished and terminated from Google, in violation of their legal rights."
AI

What's On Center Stage at the CES Tech Show? Your Voice (apnews.com) 46

An anonymous reader shares a report: Some of the most popular gadgets over the holiday season were smart speakers with digital assistants from Amazon and Google. Apple is coming out with its own speaker this year; Microsoft and Samsung have partnered on another. As the annual CES gadget show kicks off in Las Vegas this week, manufacturers are expected to unveil even more voice-controlled devices -- speakers and beyond -- as Amazon and Google make their digital assistants available on a wider array of products. If these prove popular, you'll soon be able to order around much more of your house, including kitchen appliances, washing machines and other devices.
Google

OpenBSD's De Raadt Pans 'Incredibly Bad' Disclsoure of Intel CPU Bug (itwire.com) 366

troublemaker_23 quotes ITWire: Disclosure of the Meltdown and Spectre vulnerabilities, which affect mainly Intel CPUs, was handled "in an incredibly bad way" by both Intel and Google, the leader of the OpenBSD project Theo de Raadt claims. "Only Tier-1 companies received advance information, and that is not responsible disclosure -- it is selective disclosure," De Raadt told iTWire in response to queries. "Everyone below Tier-1 has just gotten screwed."
In the interview de Raadt also faults intel for moving too fast in an attempt to beat their competition. "There are papers about the risky side-effects of speculative loads -- people knew... Intel engineers attended the same conferences as other company engineers, and read the same papers about performance enhancing strategies -- so it is hard to believe they ignored the risky aspects. I bet they were instructed to ignore the risk."

He points out this will make it more difficult to develop kernel software, since "Suddenly the trickiest parts of a kernel need to do backflips to cope with problems deep in the micro-architecture." And he also complains that Intel "has been exceedingly clever to mix Meltdown (speculative loads) with a separate issue (Spectre). This is pulling the wool over the public's eyes..."

"It is a scandal, and I want repaired processors for free."
Networking

Can Mesh Networks Save a Dying Web? (thenextweb.com) 201

From an anonymous reader: "The web is dying, but mesh networks could save it," writes open source hacker Andre Staltz. He warns that Facebook, Google, and Amazon plan to "grow beyond browsers, creating new virtual contexts where data is created and shared," and predicts the next wave of walled gardens will be a "social internet" bypassing the web altogether. "The Web may die like most other technologies do, simply by becoming less attractive than newer technologies."

He wants to build a mobile mesh web that works with or without internet access to reach the four billion people currently offline, adding that all the tools we need are already in our hands: smartphones, peer-to-peer protocols, and mesh networks. His vision? "Novel peer-to-peer protocols such as IPFS and Dat help replace HTTP and make the web a content-centered cyberspace... Browsers can be made to work like that, and although it's a small tweak to how the web works, it has massive effects on social structures in cyberspace... Now that we have experience with some of the intricacies of the social web, we can reinvent it to put people first without intermediate companies... We can actually beat the tech giants at this game by simply giving local and regional connectivity to people in developing countries. With mobile apps that are built mesh-first, the smartphones would make up self-organizing self-healing mobile ad-hoc networks... In internet-less regions, there is potential for scaling quickly, and through that, we can spawn a new industry around peer-to-peer wireless mesh networks."

He cites mega-projects "to rescue the web from the internet", which include progress on peer-to-peer and mesh networking protocols, followed by adoption on smartphones (and then a new wave of apps) -- plus a migration of existing web content to the new protocols, "to fix the overutilization of the wirenet and the underutilization of airnets, bringing balance to the wire-versus-air dichotomy, providing choice in how data should travel in each case...But it can only happen if the web takes a courageous step towards its next level."

Google

Google Sold 6.75 Million 'Google Home' Devices In the Last 80 Days (techcrunch.com) 96

An anonymous reader quotes TechCrunch: Google today announced that it sold "tens of millions of Google devices for the home" over the course of the last year and that it sold "more than one Google Home device every second since Google Home Mini started shipping in October," with roughly 6.75 million seconds since October 19 (the day the Home Mini officially went on sale)... The launch of the Google Home Mini, which you could easily buy for $29 (and occasionally for $19 with store credit) gave the company a low-price competitor to Amazon's Echo Dots, and even though it's doubtful that Google made a lot of money of these sales, the move clearly paid off.
The Verge adds: Google is thought to be losing money on every unit of the Home Mini; Reuters reported on one analysis that pegged the device's parts alone at $26, not including the cost of developing the entire thing, supporting it, advertising it, shipping it, and so on. Of course, Google is in this for the long game -- the Assistant is an attempt to make sure Google remains the way people get information, and Google has plenty of options to make money through ads or the data it collects in the future...

Amazon is also believed to be losing money on the Echo Dot, which was similarly cut to $29 during the holiday season. Amazon never gives out specific sales figures, but it did say that "tens of millions" of its own Alexa-enabled devices were sold over the holidays, with the Echo Dot being one of the top sellers... These super cheap prices are getting people to buy smart speakers and commit to an ecosystem. These companies are clearly happy to spend a few dollars gaining customers in the short term so that they have an enormous audience available to them down the road.

AI

Researchers Create 'Psychedelic' Stickers That Confuse AI Image Recognition (techcrunch.com) 112

"Researchers at Google were able to create little stickers with 'psychedelic'-looking patterns on them that could trick computer AI image-classifying algorithms into mis-classifying images of objects that it would normally be able to recognize," writes amxcoder: The patterned stickers work by tricking the image recognition algorithm into focusing on, and studying, the little pattern on the small sticker -- and ignoring the rest of the image, including the actual object in the picture... The images on the stickers were created by the researchers using knowledge of features and shapes, patterns, and colors that the image recognition algorithms look for and focus on.

These stickers were created so that the algorithm finds them 'more interesting' than the rest of the image and will focus most of it's attention on analyzing the pattern, while giving the rest of the image content a lower importance, thus ignoring it or confusing it.

The technique "works in the real world, and can be disguised as an innocuous sticker," note the researchers -- describing them as "targeted adversarial image patches."
Transportation

Google Loses Up to 250 Bikes a Week (siliconbeat.com) 208

What's happening to Google's 1,100 Gbikes? The Mercury News reports: Last summer, it emerged that some of the company's bikes -- intended to help Googlers move quickly and in environmentally friendly fashion around the company's sprawling campus and surrounding areas -- were sleeping with the fishes in Stevens Creek. And now, a new report has revealed that 100 to 250 Google bikes go missing every week, on average. "The disappearances often aren't the work of ordinary thieves, however. Many residents of Mountain View, a city of 80,000 that has effectively become Google's company town, see the employee perk as a community service," the Wall Street Journal reported.

And for the company, here's one Google bike use case that's got to burn a little: 68-year-old Sharon Veach told the newspaper that she sometimes uses one of the bicycles as part of her commute: to the offices of Google's arch foe, Oracle... Mountain View Mayor Ken Rosenberg even admitted to helping himself to a Google bike to go to a movie after a meeting at the company's campus, according to the WSJ.

One Silicon Valley resident reportedly told a neighbor that "I've got a whole garage full of them," while Veach describes the bikes as "a reward for having to deal with the buses" that carry Google employees. Google has already hired 30 contractors to prowl the city in five vans looking for lost or stolen bikes -- only a third of which have GPS trackers -- and they eventually recover about two-thirds of the missing bikes.

They've discovered them as far away as Mexico, Alaska, and the Burning Man festival in Nevada.
Operating Systems

Eben Upton Explains Why Raspberry Pi Isn't Vulnerable To Spectre Or Meltdown (raspberrypi.org) 116

Raspberry Pi founder and CEO Eben Upton says the Raspberry Pi isn't susceptible to the "Spectre" or "Meltdown" vulnerabilities because of the particular ARM cores they use. "Spectre allows an attacker to bypass software checks to read data from arbitrary locations in the current address space; Meltdown allows an attacker to read data from arbitrary locations in the operating system kernel's address space (which should normally be inaccessible to user programs)," Upton writes. He goes on to provide a "primer on some concepts in modern processor design" and "illustrate these concepts using simple programs in Python syntax..."

In conclusion: "Modern processors go to great lengths to preserve the abstraction that they are in-order scalar machines that access memory directly, while in fact using a host of techniques including caching, instruction reordering, and speculation to deliver much higher performance than a simple processor could hope to achieve," writes Upton. "Meltdown and Spectre are examples of what happens when we reason about security in the context of that abstraction, and then encounter minor discrepancies between the abstraction and reality. The lack of speculation in the ARM1176, Cortex-A7, and Cortex-A53 cores used in Raspberry Pi render us immune to attacks of the sort."
Businesses

Leading Lobbying Group for Amazon, Facebook, Google and Other Tech Giants is Joining the Legal Battle To Restore Net Neutrality (recode.net) 77

A leading lobbying group for Amazon, Facebook, Google, Netflix, Twitter and other tech giants said Friday that it would be joining the coming legal crusade to restore the U.S. government's net neutrality rules. From a report: The Washington, D.C.-based Internet Association specifically plans to join a lawsuit as an intervening party, aiding the challenge to FCC Chairman Ajit Pai's vote in December to repeal regulations that required internet providers like AT&T and Comcast to treat all web traffic equally, its leader confirmed to Recode. Technically, the Internet Association isn't filing its own lawsuit. That task will fall to companies like Etsy, public advocates like Free Press and state attorneys general, all of which plan to contend they are most directly harmed by Pai's decision, as Recode first reported this week. As an intervener, though, the Internet Association still will play a crucial role, filing legal arguments in the coming case. And in formally participating, tech giants will have the right to appeal a judge's decision later if Silicon Valley comes out on the losing end. "The final version of Chairman Pai's rule, as expected, dismantles popular net neutrality protections for consumers," said the group's chief, Michael Beckerman, in a statement. "This rule defies the will of a bipartisan majority of Americans and fails to preserve a free and open internet."
Google

White Noise Video on YouTube Hit By Five Copyright Claims (bbc.com) 219

Chris Baraniuk, reporting for BBC: A musician who made a 10-hour long video of continuous white noise -- indistinct electronic hissing -- has said five copyright infringement claims have been made against him. Sebastian Tomczak, who is based in Australia, said he made the video in 2015 and uploaded it to YouTube. The claimants accusing him of infringement include publishers of white noise intended for sleep therapy. "I will be disputing these claims," he told the BBC. In this case, those accusing Mr Tomczak are not demanding the video's removal, but instead the reward of any revenue made from advertising associated with it. Without the claims, Mr Tomczak would receive such revenue himself. "I am intrigued and perplexed that YouTube's automated content ID system will pattern-match white noise with multiple claims," he said.
Google

Google Says CPU Patches Cause 'Negligible Impact On Performance' With New 'Retpoline' Technique (theverge.com) 120

In a post on Google's Online Security Blog, two engineers described a novel chip-level patch that has been deployed across the company's entire infrastructure, resulting in only minor declines in performance in most cases. "The company has also posted details of the new technique, called Retpoline, in the hopes that other companies will be able to follow the same technique," reports The Verge. "If the claims hold, it would mean Intel and others have avoided the catastrophic slowdowns that many had predicted." From the report: "There has been speculation that the deployment of KPTI causes significant performance slowdowns," the post reads, referring to the company's "Kernel Page Table Isolation" technique. "Performance can vary, as the impact of the KPTI mitigations depends on the rate of system calls made by an application. On most of our workloads, including our cloud infrastructure, we see negligible impact on performance." "Of course, Google recommends thorough testing in your environment before deployment," the post continues. "We cannot guarantee any particular performance or operational impact."

Notably, the new technique only applies to one of the three variants involved in the new attacks. However, it's the variant that is arguably the most difficult to address. The other two vulnerabilities -- "bounds check bypass" and "rogue data cache load" -- would be addressed at the program and operating system level, respectively, and are unlikely to result in the same system-wide slowdowns.

Intel

How a Researcher Hacked His Own Computer and Found One of the Worst CPU Bugs Ever Found (reuters.com) 138

Reuters tells the story of how Daniel Gruss, a 31-year-old information security researcher and post-doctoral fellow at Austria's Graz Technical University, hacked his own computer and exposed a flaw in most of the Intel chips made in the past two decades. Prior to his discovery, Gruss and his colleagues Moritz Lipp and Michael Schwarz had thought such an attack on the processor's "kernel" memory, which is meant to be inaccessible to users, was only theoretically possible. From the report: "When I saw my private website addresses from Firefox being dumped by the tool I wrote, I was really shocked," Gruss told Reuters in an email interview, describing how he had unlocked personal data that should be secured. Gruss, Lipp and Schwarz, working from their homes on a weekend in early December, messaged each other furiously to verify the result. "We sat for hours in disbelief until we eliminated any possibility that this result was wrong," said Gruss, whose mind kept racing even after powering down his computer, so he barely caught a wink of sleep.

Gruss and his colleagues had just confirmed the existence of what he regards as "one of the worst CPU bugs ever found." The flaw, now named Meltdown, was revealed on Wednesday and affects most processors manufactured by Intel since 1995. Separately, a second defect called Spectre has been found that also exposes core memory in most computers and mobile devices running on chips made by Intel, Advanced Micro Devices (AMD) and ARM Holdings, a unit of Japan's Softbank.

Google

Google Blocks Pirate Search Results Prophylactically (torrentfreak.com) 38

Google is accepting "prophylactic" takedown requests to keep pirated content out of its search results, an anonymous reader writes, citing a TorrentFreak report. From the article: Over the past year, we've noticed on a few occasions that Google is processing takedown notices for non-indexed links. While we assumed that this was an 'error' on the sender's part, it appears to be a new policy. "Google has critically expanded notice and takedown in another important way: We accept notices for URLs that are not even in our index in the first place. That way, we can collect information even about pages and domains we have not yet crawled," Caleb Donaldson, copyright counsel at Google writes. In other words, Google blocks URLs before they appear in the search results, as some sort of piracy vaccine. "We process these URLs as we do the others. Once one of these not-in-index URLs is approved for takedown, we prophylactically block it from appearing in our Search results, and we take all the additional deterrent measures listed above." Some submitters are heavily relying on the new feature, Google found. In some cases, the majority of the submitted URLs in a notice are not indexed yet.
Chrome

Opinion: Chrome is Turning Into the New Internet Explorer 6 (theverge.com) 294

Tom Warren, writing for The Verge: Chrome now has the type of dominance that Internet Explorer once did, and we're starting to see Google's own apps diverge from supporting web standards much in the same way Microsoft did a decade and a half ago. Whether you blame Google or the often slow moving World Wide Web Consortium (W3C), the results have been particularly evident throughout 2017. Google has been at the center of a lot of "works best with Chrome" messages we're starting to see appear on the web. Google Meet, Allo, YouTube TV, Google Earth, and YouTube Studio Beta all block Windows 10's default browser, Microsoft Edge, from accessing them and they all point users to download Chrome instead. Some also block Firefox with messages to download Chrome. Hangouts, Inbox, and AdWords 3 were all in the same boat when they first debuted.

It's led to one developer at Microsoft to describe Google's behavior as a strategic pattern. "When the largest web company in the world blocks out competitors, it smells less like an accident and more like strategy," said a Microsoft developer in a now-deleted tweet. Google also controls the most popular site in the world, and it regularly uses it to push Chrome. If you visit Google.com in a non-Chrome browser you're prompted up to three times if you'd like to download Chrome. Google has also even extended that prompt to take over the entire page at times to really push Chrome in certain regions. Microsoft has been using similar tactics to convince Windows 10 users to stick with Edge. The troubling part for anyone who's invested in an open web is that Google is starting to ignore a principle it championed by making its own services Chrome-only -- even if it's only initially.

Google

Google Says Almost All CPUs Since 1995 Vulnerable To 'Meltdown' And 'Spectre' Flaws (bleepingcomputer.com) 268

Catalin Cimpanu, reporting for BleepingComputer: Google has just published details on two vulnerabilities named Meltdown and Spectre that in the company's assessment affect "every processor [released] since 1995." Google says the two bugs can be exploited to "to steal data which is currently processed on the computer," which includes "your passwords stored in a password manager or browser, your personal photos, emails, instant messages and even business-critical documents." Furthermore, Google says that tests on virtual machines used in cloud computing environments extracted data from other customers using the same server. The bugs were discovered by Jann Horn, a security researcher with Google Project Zero, Google's elite security team. These are the same bugs that have been reported earlier this week as affecting Intel CPUs. Google was planning to release details about Meltdown and Spectre next week but decided to publish the reports today "because of existing public reports and growing speculation in the press and security research community about the issue, which raises the risk of exploitation."
AI

AI System Sorts News Articles By Whether Or Not They Contain Actual Information (vice.com) 80

In a new paper published in the Journal of Artificial Intelligence Research, computer scientists from Google and the University of Pennsylvania describe a new machine learning approach to classifying written journalism according to a formalized idea of "content density." "With an average accuracy of around 80 percent, their system was able to accurately classify news stories across a wide range of domains, spanning from international relations and business to sports and science journalism, when evaluated against a ground truth dataset of already correctly classified news articles," reports Motherboard. From the report: At a high level this works like most any other machine learning system. Start with a big batch of data -- news articles, in this case -- and then give each item an annotation saying whether or not that item falls within a particular category. In particular, the study focused on article leads, the first paragraph or two in a story traditionally intended to summarize its contents and engage the reader. Articles were drawn from an existing New York Times linguistic dataset consisting of original articles combined with metadata and short informative summaries written by researchers.
Google

Google's Project Zero Team Discovered Critical CPU Flaw Last Year (techcrunch.com) 124

An anonymous reader quotes a report from TechCrunch: In a blog post published minutes ago, Google's Security team announced what they have done to protect Google Cloud customers against the chip vulnerability announced earlier today. They also indicated their Project Zero team discovered this vulnerability last year (although they weren't specific with the timing). The company stated that it informed the chip makers of the issue, which is caused by a process known as "speculative execution." This is an advanced technique that enables the chip to essentially guess what instructions might logically be coming next to speed up execution. Unfortunately, that capability is vulnerable to malicious actors who could access critical information stored in memory, including encryption keys and passwords. According to Google, this affects all chip makers, including those from AMD, ARM and Intel (although AMD has denied they are vulnerable). In a blog post, Intel denied the vulnerability was confined to their chips, as had been reported by some outlets. The Google Security team wrote that they began taking steps to protect Google services from the flaw as soon as they learned about it.

Slashdot Top Deals