Slashdot Mirror

"The Linux Foundation is launching a new platform designed to sustain open-source communities," reports SD Times: CommunityBridge was announced at this week's Open Source Leadership Summit. The Linux Foundation plans to launch a number of tools to the open-source community throughout the next two years.

The platform is currently being released with Community Bridge Funding to help developers raise and spend funding; CommunityBridge Security for potential vulnerabilities and fixes; and CommunityBridge People for networking and making connections with mentors and mentees.
"In making the announcement, Jim Zemlin, executive director of the Linux Foundation, said on stage at the conference that the Linux Foundation would match funding for any organization that donated funds to CommunityBridge projects," reports FierceTelecom.

"Following up on those announcements, Microsoft-owned GitHub said it would donate $100,000 to CommunityBridge and invited maintainers of CommunityBridge projects to take part in GitHub's maintainer program."

dustman81 writes: AT&T Uverse modems were found to have several serious vulnerabilities, including a superuser account with hardcoded username/password exposed to the internet via SSH, a HTTP server with little authentication which allows command injection, and an internet exposed service which exposes internal clients to external attacks. Information security consulting and software development firm Nomotion reports the findings in their blog: "It was found that the latest firmware update (9.2.2h0d83) for the NVG589 and NVG599 modems enabled SSH and contained hardcoded credentials which can be used to gain access to the modem's 'cshell' client over SSH. The cshell is a limited menu driven shell which is capable of viewing/changing the WiFi SSID/password, modifying the network setup, re-flashing the firmware from a file served by any tftp server on the internet, and even controlling what appears to be a kernel module whose sole purpose seems to be to inject advertisements into the user's unencrypted web traffic. Although no clear evidence was found suggesting that this module is actually being used currently, it is present, and vulnerable. Aside from the most dangerous items listed above, the cshell application is also capable of many other privileged actions. The username for this access is remotessh and the password is 5SaP9I26." The report continues to detail the other vulnerabilities: Default credentials 'caserver' https server NVG599; Command injection 'caserver' https server NVG599; Information disclosure/hardcoded credentials; and Firewall bypass no authentication.

Further reading: FierceTelecom; The Register

An anonymous reader quotes a report from Fierce Telecom: During a press event yesterday, White House spokesman Sean Spicer said that next up on President Trump's telecom agenda is to roll back the FCC's 2015 Open Internet net neutrality rules. However, according to some reports, that might not happen as quickly as Congress' recent move to rescind rules that prevented internet service providers from selling users' data. As noted by the New York Times, Spicer said that President Trump had "pledged to reverse this overreach" created by net neutrality. He said the FCC's net neutrality rules, passed in 2015, are an example of "bureaucrats in Washington" placing unfair restrictions on internet service providers, essentially "picking winners and losers" in the telecom market. In comments aimed at the wider telecom market, Spicer said Trump will "continue to fight Washington red tape that stifles American innovation, job creation and economic growth." However, as the NYT reports, the process to repeal net neutrality likely won't follow the same procedure as Congress' recent vote to remove broadband privacy rules -- since those rules were only a year old, Congress was able to use the Congressional Review Act to move forward with its action. The FCC's net neutrality rules, however, are more than two years old and so can't be reviewed by that same act. Thus, it may fall on newly installed FCC Chairman Ajit Pai to rescind the FCC's Open Internet rules, which he voted against when he was a commissioner at the agency under former chief Tom Wheeler.

AT&T is killing off the 'U-Verse' brand after its $69 billion acquisition of DirecTV. AT&T's broadband and phone services will now be called AT&T Internet and AT&T Phone. The company says the move will bring "simplicity" across the swaths of services it offers. FierceTelecom adds: This transition should not be of any great surprise as the same trend has been taking place with U-verse TV. AT&T has been driving new TV customers to its DirecTV satellite service, a process that could enable the telco to use the additional bandwidth to increase broadband speeds. While AT&T is still supporting current U-verse IPTV customers, the telco has not indicated how long they will continue to offer that service. Additionally, AT&T may also phase out the DirecTV name at some point, but industry insiders said that won't occur until it launches its streaming video service under DirecTV. AT&T has already been moving away from the U-Verse name by directing new TV customers to the company's DirecTV satellite TV service. The company will likely then use the freed bandwidth from that transition to improve overall broadband speeds. Existing U-Verse TV customers are being supported for now, but it's unclear how long that will last.The Hollywood Reporter states that the move is also necessary because AT&T plans to launch three streaming video services next quarter.

An anonymous reader writes "It's no secret that AT&T has been planning to move to a software-defined network for quite a while. Now, they've decided to open-source the whole thing." From Fierce Telecom: AT&T today announced it will release its Enhanced Control, Orchestration, Management and Policy (ECOMP) platform to the wider telecom industry as an open source offering managed by the Linux Foundation. The goal, the company said, is to make ECOMP the telecom industry's standard automation platform for managing virtual network functions and other software-centric network capabilities.
AT&T delivered 8.5 million lines of code to the Linux Foundation on Wednesday, saying "We want to build a community -- where people contribute to the code base and advance the platform..." AT&T said Wednesday they've already received interest from other major telecoms, and "we want this to help align the global industry." While their ultimate goal is to virtualize 75% of their own network by 2020, at least one analyst sees a larger trend where the whole telecom industry collectively bypasses equipment vendors and begins "taking network innovation into its own hands."

An anonymous reader writes: Frontier's CEO Dan McCarthy has said at an investors conference that the company has no plans to institute data caps that squeeze overage fees from data-hungry customers, yet. "The nice part of technology and what has happened is that transport costs continue to decline," he explained. "We have not really started or have any intent about initiatives on usage based pricing," said McCarthy. "We want to make sure our products meet the needs of customers for what they want to do and it does not inhibit them or force them to make decisions on how they want to use the product." He did note that data caps could someday come into play: "There may be a time when usage-based pricing is the right solution for the market, but I really don't see that as a path the market is taking at this point in time." The gist of what McCarthy is saying as noted via Ars Technica is that data caps are a business decision, not a network necessity.

ourlovecanlastforeve writes: A few days ago Sprint announced their intent to stop throttling certain customers' bandwidth in the wake of the FCC fining ATT $100,000,000 for doing the same. Sprint has now begun circulating an internal memo to their front-line reps that the 12-month warranty on non-branded accessories, a featured selling point, will be eliminated. Additional rumors are emerging that Sprint may increase prices on unlimited data plans and stop offering wireline long distance service.

NewYorkCountryLawyer writes "The US President-elect, Barack Obama, has selected Julius Genachowski to lead the Federal Communications Commission. This appears to bode well for a forward-looking (or at least clued) Internet policy, since Genachowski is credited with running Obama's internet-based election campaign, and, according to 'Fierce Telecom,' 'has an impressive record working with technology and communications companies: He was Chief of Business Operations at InterActiveCorp; he's co-founder of Rock Creek Ventures, which currently backs 11 internet-based start-ups, and he's also served on the boards of numerous technology and new media companies, including The Motley Fool, Web.com, Truveo, and Rapt'."