Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Movies

FBI Is Probing Sundance Cyberattack That Forced Box Office To Close (hollywoodreporter.com) 23

Over the weekend, the Sundance Film Festival was hacked. "Sundance Film Festival has been subject to a cyberattack, causing network outages that have shut down our box office," said a spokesperson for the festival. "No further information about the attack is available at this time, but our team is working hard to get our system back up and running as soon as possible. All screenings will still take place as planned." According to The Hollywood Reporter, the FBI is now investigating the hack and is working with Sundance officials to identify the culprit. From their report: Although the festival was able to get its ticketing systems back online within an hour of the Saturday breach, multiple other denial-of-service (DDoS) attacks on Sundance's IT infrastructure followed. A DDoS attack works by flooding the bandwidth or resources of a targeted server. A Sundance Film Festival rep offers the following statement: "The FBI is reviewing the case. At this point, we do not have any reason to believe the cyberattack was targeted towards a specific film. No artist or customer information was compromised." At the time of the hack, the festival offered little in the way of explanation of what happened, but hinted that filmmakers at the annual celebration of independent cinema may have been the target. One producer of a Sundance documentary critical of the Russian government believes his film could have played a role in the attack. "There's been speculation that our film may have sparked retribution," Icarus consulting producer Doug Blush tells THR. "It does not paint a flattering picture of [president Vladimir] Putin." Icarus, which made its world premiere at the festival the day before the hack, centers on a Russian doctor who oversaw and then spoke out about Russia's widespread state-sponsored sports doping. The Bryan Fogel-helmed film, which is being pitched to distributors, has played throughout the weekend in Park City at screenings for both press-and-industry and the public. Icarus isn't the only Sundance film that could antagonize the Russian government and Putin. Evgeny Afineevsky's Cries From Syria -- one of several docs tackling the war-torn nation -- also takes a critical look at Putin and Russia's military intervention in Syria. Cries From Syria made its world premiere at Sundance on Sunday, the day after the initial box-office cyberattack.
Bug

Army Bug Bounty Researcher Compromises US Defense Department's Internal Network (threatpost.com) 41

Thursday the U.S. Army shared some surprising results from its first bug bounty program -- a three-week trial in which they invite 371 security researchers "trained in figuring out how to break into computer networks they're not supposed to." An anonymous reader quotes Threatpost: The Army said it received more than 400 bug reports, 118 of which were unique and actionable. Participants who found and reported unique bugs that were fixed were paid upwards of $100,000... The Army also shared high-level details on one issue that was uncovered through the bounty by a researcher who discovered that two vulnerabilities on the goarmy.com website could be chained together to access, without authentication, an internal Department of Defense website.

"They got there through an open proxy, meaning the routing wasn't shut down the way it should have been, and the researcher, without even knowing it, was able to get to this internal network, because there was a vulnerability with the proxy, and with the actual system," said a post published on HackerOne, which managed the two bounty programs on its platform. "On its own, neither vulnerability is particularly interesting, but when you pair them together, it's actually very serious."

Open Source

Free Software Foundation Shakes Up Its List of Priority Projects (networkworld.com) 92

alphadogg quotes Network World: The Free Software Foundation Tuesday announced a major rethinking of the software projects that it supports, putting top priority on a free mobile operating system, accessibility, and driver development, among other areas. The foundation has maintained the High Priority Projects list since 2005, when it contained just four free software projects. [That rose to 12 projects by 2008, though the changelog shows at least seven projects have since been removed.] Today's version mostly identifies priority areas, along with a few specific projects in key areas.
The new list shows the FSF will continue financially supporting Replicant, their free version of Android, and they're also still supporting projects to create a free software replacement for Skype with real-time voice and video capabilities. But they're now also prioritizing various projects to replace Siri, Google Now, Alexa, and Cortana with a free-software personal assistant, which they view as "crucial to preserving users' control over their technology and data while still giving them the benefits such software has for many."

And other priorities now include internationalization, accessibility, decentralization and self-hosting, and encouraging governments to adopt free software.
AT&T

Second Time In 9 Months: AT&T Raises Phone Activation Fee $5, Now Charges $25 (arstechnica.com) 70

For the second time in 9 months, ATT is raising its activation and upgrade fee. In April 2016, the fee for non-contract customers was raised from $15 to $20. Today, it has been raised another $5, from $20 to $25, according to PhoneScoop. Ars Technica reports: As the mobile carrier switched from contracts to device payment plans, ATT initially did not charge an activation and upgrade fee for customers who brought their own phone or bought one from ATT on an installment plan. But in July 2015, ATT started charging a $15 activation fee to customers who don't sign two-year contracts. (ATT also raised the activation/upgrade fee for contract customers from $40 to $45 in July 2015.) The $25 fee is charged for new activations or upgrades when customers purchase devices on installment agreements, ATT says. Customers who bring their own phone to the network are charged the $25 fee when they activate a new line of service, but not when they upgrade phones on an existing line. "We are making a minor adjustment to our activation and upgrade fees. The change is effective today," ATT told Ars. ATT also still charges the $45 activation and upgrade fee on two-year contracts, but those contracts are "available only on select devices."
China

Viral Chinese Selfie App Meitu, Valued at Over $5 Billion, Phones Home With Personal Data (theregister.co.uk) 81

The Meitu selfie horrorshow app going viral through Western audiences is a privacy nightmare, researchers say. The app, which has been featured on several popular outlets including the NYTimes, USA Today, and NYMag, harvests information about the devices on which it runs, includes invasive advertising tracking features and is just badly coded. From a report: But worst of all, the free app appears to be phoning some to share personal data with its makers. Meitu, a Chinese production, includes in its code up to three checks to determine if an iPhone handset is jailbroken, according to respected forensics man Jonathan Zdziarski, a function to grab mobile provider information, and various analytics capabilities. Zdziarski says the app also appears to build a unique device profile based in part on a handset's MAC address. "Meitu is a throw-together of multiple analytics and marketing/ad tracking packages, with something cute to get people to use it," Zdziarski says. Unique phone IMEI numbers are shipped to dozens of Chinese servers, malware researcher FourOctets found. The app, which was valued at over $5 billion last year due its popularity, seeks access to device and app history; accurate location; phone status; USB, photos, and files storage read and write; camera; Wifi connections; device ID & call information; full network access, run at startup, and prevent device from sleeping on Android phones.
Movies

Star Trek Discovery Gets Delayed Again As Spock's Father Is Cast (hollywoodreporter.com) 164

An anonymous reader quotes a report from Hollywood Reporter: CBS All Access' Star Trek: Discovery has been delayed again as the series continues casting. The revival for the streaming platform has cast James Frain as Spock's father, producer CBS Television Studios announced Wednesday, as sources confirm that the show's planned May debut has been pushed. "Production on Star Trek: Discovery begins next week. We love the cast, the scripts and are excited about the world the producers have created," reps for CBS All Access said in a statement. "This is an ambitious project; we will be flexible on a launch date if it's best for the show. We've said from the beginning it's more important to do this right than to do it fast. There is also added flexibility presenting on CBS All Access, which isn't beholden to seasonal premieres or launch windows." Frain will play Sarek, the famed father of Spock who was first introduced in the original Star Trek and who has made several appearances throughout the franchise's many incarnations over the past five decades. The CBS All Access show features the franchise's Enterprise, now known as the U.S.S. Discovery. The drama will introduce new characters seeking new worlds and civilizations while exploring the dramatic contemporary themes that have been a signature of the franchise since its inception in 1966. Star Trek: Discovery was originally scheduled to debut in January and was pushed back to May, with The Good Wife spinoff The Good Fight now set to be the first scripted offering on CBS All Access, the network's VOD platform. This marks the second delay for the series, which saw former showrunner Bryan Fuller step down to focus on his Starz drama American Gods.
Space

Galileo Satellites Are Experiencing Multiple Clock Failures (bbc.com) 194

elgatozorbas writes: According to a BBC article, the onboard atomic clocks that drive the satellite-navigation signals on Europe's Galileo network have been failing at an alarming rate. From the report: "Across the 18 satellites now in orbit, nine clocks have stopped operating. Three are traditional rubidium devices; six are the more precise hydrogen maser instruments that were designed to give Galileo superior performance to the American GPS network. Each Galileo satellite carries two rubidium and two hydrogen maser clocks. The multiple installation enables a satellite to keep working after an initial failure. All 18 spacecraft currently in space continue to operate, but one of them is now down to just two clocks. Most of the maser failures (5) have occurred on the satellites that were originally sent into orbit to validate the system, whereas all three rubidium stoppages are on the spacecraft that were subsequently launched to fill out the network. Esa staff at its technical centre, ESTEC, in the Netherlands are trying to isolate the cause the of failures - with the assistance of the clock (Spectratime of Switzerland) and satellite manufacturers (Airbus and Thales Alenia Space; OHB and SSTL). It is understood engineers have managed to restart another hydrogen clock that had stopped. It appears the rubidium failures 'all seem to have a consistent signature, linked to probable short circuits, and possibly a particular test procedure performed on the ground.'"
The Internet

Netflix Calls Out HBO For Not Letting Subscribers Binge On New Shows (arstechnica.com) 57

An anonymous reader quotes a report from Ars Technica: Netflix has gleefully poked a stick at its competitors in the video streaming market, after revealing it had added more than seven million subscribers to its service in the last three months of 2016. HBO also got a special mention. In a letter to shareholders, the company's boss Reed Hastings teased the TV drama maker by noting that, if the BBC was willing to stream shows before they air on television, then maybe HBO -- which has rigidly stuck to its strategy of eking out episodes to viewers -- should do the same. He said: "[...] the BBC has become the first major linear network to announce plans to go binge-first with new seasons, favoring internet over linear viewers. We presume HBO is not far behind the BBC. In short, it's becoming an Internet TV world, which presents both challenges and opportunities for Netflix as we strive to earn screen time." But it's worth noting that HBO currently has an exclusive deal with Sky in the UK, Ireland, Germany, Austria, and Italy, allowing the broadcaster to have first-run rights on the likes of Game of Thrones and Westworld until 2020 -- so any such change isn't likely to happen in the near-term. Late last year, it struck a deal with Netflix rival Amazon, allowing Prime members in the US to sign up for a monthly HBO subscription. "We have a very successful partnership with this great company that continues to evolve," said HBO exec Sofia Chang in December. The company's HBO Now streaming service shows no sign of shifting strategy, either, with programs airing simultaneously on traditional TV and online.
Security

ProtonMail Adds Tor Onion Site To Fight Risk Of State Censorship (techcrunch.com) 26

ProtonMail now has a home on the dark web. The encrypted email provider announced Thursday it will allow its users to access the site through the Tor anonymity service. From a report: Swiss-based PGP end-to-end encrypted email provider, ProtonMail, now has an onion address, allowing users to access its service via a direct connection to the Tor anonymizing network -- in what it describes as an active measure aimed at defending against state-sponsored censorship. The startup, which has amassed more than two million users for its e2e encrypted email service so far, launching out of beta just over a year ago, says it's worried about an increased risk of state-level blocking of pro-privacy tools -- pointing to recent moves such as encryption messaging app Signal being blocked in Egypt, and the UK passing expansive surveillance legislation that mandates tracking of web activity and can also require companies to eschew e2e encryption and backdoor products. The service also saw a bump in sign ups after the election of Donald Trump as US president, last fall -- with web users apparently seeking a non-US based secure email provider in light of the incoming commander-in-chief's expansive digital surveillance powers.
Windows

Microsoft Adds Intel's Clear Linux Open-Source OS To Azure Market (networkworld.com) 24

JG0LD quotes a report from Network World: Microsoft announced today that it has added support for the Intel-backed Clear Linux distribution in instances for its Azure public cloud platform. It's the latest in a lengthy string of Linux distributions to become available on the company's Azure cloud. BrianFagioli adds from BetaNews: In other words, users of the company's cloud platform can set up a virtual machine using this distribution in addition to existing Linux-based operating systems. "Today, we're excited to announce the availability of Clear Linux OS for Intel Architecture in Azure Marketplace. Clear Linux OS is a free, open-source Linux distribution built from the ground up for cloud and data center environments and tuned to maximize the performance and value of Intel architecture. Microsoft Azure is the first public cloud provider to offer Clear Linux, and we're really excited about what it means for Linux users in the cloud and the community at large," says Jose Miguel Parrella, Open Source Product Manager, Microsoft.
AT&T

AT&T Shuts Down 2G Network, Ends Cellular Connectivity For Original iPhone (macrumors.com) 128

ATT yesterday announced that its 2G wireless network was officially shut down on January 1, 2017. Since the network is no longer active, it means that, as the Verge points out, the original first-generation iPhone (also known as the iPhone 2G) will no longer receive cellular service from ATT's network. If you still happen to use an iPhone 2G, it may be time to upgrade or list it on eBay. Mac Rumors reports: Few people appear to have been using the original iPhone as there were no complaints from iPhone owners two weeks ago when the network was shuttered, but going forward, customers who keep the device as part of a collection will only be able to use it on WiFi. Originally released in June of 2007 and discontinued in 2008, the first iPhone was made obsolete by Apple back in 2013, and it has not received software updates since the 2009 release of iPhone OS 3, later renamed iOS 3. According to ATT, shutting down its 2G network frees up valuable spectrum for future network technologies, including 5G. ATT says the spectrum will be repurposed for LTE.
Movies

Netflix is 'Killing' DVD Sales, Research Finds (torrentfreak.com) 312

Netflix has become the go-to destination for many movie and TV fans. The service is bringing in billions for copyright holders, but it also has a downside. New research shows that the availability of content on Netflix can severely hurt physical disc sales, which traditionally have been the industry's largest revenue source. From a report: A new study published by researchers from Hong Kong universities provides some empirical evidence on this issue. Through a natural experiment, they looked at the interplay between Netflix availability and DVD sales in the United States. The experiment took place when the Epix entertainment network, which distributes movies and TV-shows from major studios including Paramount and Lionsgate, left Netflix for Hulu in 2015. Since Hulu has a much smaller market share, these videos no longer reached a large part of the audience. At least not by default. The researchers used difference to examine the effect on DVD sales, while controlling for various other variables. The results, published in a paper this week, show that DVD sales increased significantly after the content was taken off Netflix, almost by a quarter. "Our difference-in-difference analyses show that the decline in the streaming availability of Epix's content leads to a 24.7% increase in their DVD sales in the three months after the event," the paper reads.
Facebook

Facebook To Stop Paying Publishers To Make Live Videos (recode.net) 32

Last year, publishers worldwide began making live videos on Facebook. The social juggernaut had cut deals with them, offering lofty amounts and promising big future moving forward. Turns out, Facebook's experimental project is over. Recode reports: Facebook spent more than $50 million last year paying publishers and celebrities to create live video on the social network. Now numerous publishers tell Recode that Facebook is de-emphasizing live video when it talks to them. And none of the publishers we've spoken with expect Facebook to renew the paid livestreaming deals it signed last spring to get live video off the ground. Instead, Facebook is pushing publishers to create longer, premium video content as part of a larger effort led by Facebook exec Ricky Van Veen. The hope is to get more high-quality video onto the platform and into your News Feed -- the kind of stuff, presumably, you might find on Netflix.
Ubuntu

Windows 10 Upgrade Bug Disabled Cntrl-C In Bash (infoworld.com) 277

An anonymous reader quotes InfoWorld: A massive set of changes to the Windows Subsystem for Linux (WSL) was rolled into Windows Insider build 15002... If this is any hint, Microsoft's goal is nothing short of making it a credible alternative to other Linux distributions... Some of the fixes also implement functionality that wasn't available before to Linux apps in WSL, such as support for kernel memory overcommit and previously omitted network stack options. Other changes enhance integration between WSL and the rest of Windows...

[O]ne major issue in build 15002 is that Ctrl-C in a Bash session no longer works. Microsoft provided an uncommon level of detail for how this bug crept in, saying it had to do with synchronization between the Windows and Bash development teams. The next Insider build should have a fix. But for people doing serious work with Linux command-line apps, not having Ctrl-C is a little like driving a car when only the front brakes work.

Security

Hamas 'Honey Trap' Dupes Israeli Soldiers (securityweek.com) 109

wiredmikey quotes Security Week: The smartphones of dozens of Israeli soldiers were hacked by Hamas militants pretending to be attractive young women online, an Israeli military official said Wednesday. Using fake profiles on Facebook with alluring photos, Hamas members contacted the soldiers via groups on the social network, luring them into long chats, the official told journalists on condition of anonymity.

Dozens of the predominantly lower-ranked soldiers were convinced enough by the honey trap to download fake applications which enabled Hamas to take control of their phones, according to the official.

Businesses

Head of Sony Entertainment, Michael Lynton, To Step Down (deadline.com) 9

Sony Entertainment CEO Michael Lynton has told his employees that he is stepping down from the company. He will however be staying with the company for six months to help in the transition. Lynton's note to the staff reads: Dear Colleagues,

Today I will be announcing my resignation from Sony to focus on my position as Chairman of the Board of Snap Inc. This was not an easy decision for me, and one that I arrived at after long and careful consideration. Sony Corp will be issuing an internal note from Kaz to all Sony global employees as well as a press release describing the details and timing of my transition, which I have included below.

As some of you are already aware, I have been involved with Snapchat since its early days. Given Snapchat's growth -- and my growing role and responsibilities in it -- I recently determined that the time was right to make a change.

I leave Sony with great pride in all we have accomplished together -- from our greatest victories to overcoming our biggest challenges. Together we: Produced terrific films such as American Hustle, Captain Phillips, The Social Network, Spider-man, Skyfall and Spectre; and hit TV shows like Breaking Bad, The Blacklist, The Goldbergs, The Crown and Kevin Can Wait; Grew our worldwide networks business to 178 countries, including India with our ownership of the IPL cricket rights the Ten Sports Network; Completed the Lot's most significant capital improvement projects in decades including the Jack and Harry Cohn buildings, Calley Park and the beautiful new 8-story Akio Morita building, which brought Sony Music and Sony/ATV Music Publishing employees onto the Lot for the first time; Completed the $750 million acquisition of the Michael Jackson Estate's stake in Sony/ATV, making us 100% owners; And triumphed over the most devastating and disruptive cyber-attack in corporate history, keeping studio operations running and not missing a single day of production.

Republicans

Trump's Cyber Security Advisor Rudy Giuliani Runs Ancient, Utterly Hackable Website (theregister.co.uk) 280

mask.of.sanity writes from a report via The Register: U.S. president-elect Donald Trump's freshly minted cyber tsar Rudy Giuliani runs a website so insecure that its content management system is five years out of date, unpatched and is utterly hackable. Giulianisecurity.com, the website for Giuliani's eponymous infosec consultancy firm, runs Joomla! version 3.0, released in 2012, and since found to carry 15 separate vulnerabilities. More bugs and poor secure controls abound. The Register report adds: "Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open -- from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD. 'You can probably break into Giuliani's server,' said Robert Graham of Errata Security. 'I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses. 'But that doesn't matter. There's nothing on Giuliani's server worth hacking.'"
The Internet

Virginia 'Broadband Deployment Act' Would Kill Municipal Broadband Deployment (arstechnica.com) 200

Virginia lawmakers are considering a bill called the "Virginia Broadband Deployment Act," but instead of resulting in more broadband deployment, the legislation would make it more difficult for municipalities to offer Internet service. From a report: The Virginia House of Delegates legislation proposed this week by Republican lawmaker Kathy Byron would prohibit municipal broadband deployments except in very limited circumstances. Among other things, a locality wouldn't be allowed to offer Internet service if an existing network already provides 10Mbps download and 1Mbps upload speeds to 90 percent of potential customers. That speed threshold is low enough that it can be met by old DSL lines in areas that haven't received more modern cable and fiber networks. Even if that condition is met, a city or town would have to jump through a few hoops before offering service. The municipality would have to pay for a "comprehensive broadband assessment," and then issue a request for proposals giving for-profit ISPs six months to submit a plan for broadband deployment. After receiving proposals from private ISPs, the local government would have to determine whether providing grants or subsidies to a private ISP would be more cost-effective than building a municipal broadband network.
Businesses

eBay To Combat Counterfeiters With Professional Authenticators That Inspect High-End Goods 64

To many, eBay serves as a convenient conduit for shifting unwanted goods and buying items at a fraction of their MSRP. But the online shopping emporium has long been a popular platform for fake products, with luxury goods such as fashion accessories and jewelry high on eBay counterfeiters' agenda. eBay is attempting to fix that. From a report: To counter this, eBay has revealed plans to introduce a new authentication program later this year, with a broad focus on "high-end" goods and launching initially as a trial with fashion items such as handbags. Dubbed eBay Authenticate, the new service will be powered by a "network of professional authenticators," and is ultimately designed to encourage buyers to part with cash on expensive items, safe in the knowledge that the merchandise is legitimate.
Programming

App.net is Shutting Down (app.net) 30

Social network App.net is shutting down once and for all in March. The company said on March 14 it will be deleting all user data. The announcement comes two years after the company ceased active development on the platform. From the official blog post: Ultimately, we failed to overcome the chicken-and-egg issue between application developers and user adoption of those applications. We envisioned a pool of differentiated, fast-growing third-party applications would sustain the numbers needed to make the business work. Our initial developer adoption exceeded expectations, but that initial excitement didn't ultimately translate into a big enough pool of customers for those developers. This was a foreseeable risk, but one we felt was worth taking.

Slashdot Top Deals