Slashdot Mirror

At a media event on Thursday, Apple CEO Tim Cook said that the Touch ID on the new MacBook Pros will make it incredibly easy for people to do online money transactions. After the event, speaking to reporters Cook made a bold statement about how he sees Apple Pay. CNET reports: "We're going to kill cash," he said. "Nobody likes to carry around cash." He makes most of his purchases with Apple Pay (which is not surprising).Cook's comment comes days after Australia's top banks refused to support Apple Pay, saying that the company has been 'intransigent, closed and controlling'.

Even though the Apple TV news was considered "boring" by many livestream viewers waiting to catch a glimpse of the new MacBook Pros, there were several big announcements worth mentioning. For starters, Apple announced a new app called "TV" that will "allow you to track your favorite shows and movies across the video apps across the Apple TV platform." What this app essentially does is showcase the content from video providers into a single view, making it easier for Apple TV owners to find content to watch. Apple TV owners will no longer need to search through a bunch of different apps to find the content they like. TechCrunch reports: When launched, the app will display a "Watch Now" section, where you can track the shows and movies you're currently watching. Here, you'll see things like how many minutes you have left on the movie or which season and episode you're on in a series, for example. It will also alert you to new episodes from your favorite shows. From here, you can go into "Up Next" and "Recommended" sections, in order to find new things to watch from across favorite shows, movies, as well as iTunes purchases and rentals. In the "Recommended" section, content is organized into different groups, like trending shows and movies. And similar to iTunes, the TV app features curated "Collections," which are thematic groupings of content, like political shows or thrillers, for instance. Other sections in the TV app, "Library" and "Store," will point you to your prior iTunes purchases, including rentals, or let you browse for more movies and shows to buy. You can also use Siri with the new app, and the assistant is smart enough to know which app to launch to watch the program you ask about. For instance, if you want to watch the game, you just ask to watch the game -- you don't need to know which app is streaming it. You can also say things like "which games are on right now?" or "watch CBS News," without having to navigate to the app directly. This feature, called Siri Live Tune-In, is available today. In addition, while the app is primarily meant to address the challenges of watching across apps on Apple TV, the new TV app will also arrive on iPhone and iPad this December, the company says. Along with the new TV guide app, Apple is rolling out support for Single Sign-On, which was announced at WWDC 2016 as a tvOS feature. This lets you enter your username and password for your pay TV subscription only once, instead of in each video streaming app that requires authentication.

Even though the Apple TV news was considered "boring" by many livestream viewers waiting to catch a glimpse of the new MacBook Pros, there were several big announcements worth mentioning. For starters, Apple announced a new app called "TV" that will "allow you to track your favorite shows and movies across the video apps across the Apple TV platform." What this app essentially does is showcase the content from video providers into a single view, making it easier for Apple TV owners to find content to watch. Apple TV owners will no longer need to search through a bunch of different apps to find the content they like. TechCrunch reports: When launched, the app will display a "Watch Now" section, where you can track the shows and movies you're currently watching. Here, you'll see things like how many minutes you have left on the movie or which season and episode you're on in a series, for example. It will also alert you to new episodes from your favorite shows. From here, you can go into "Up Next" and "Recommended" sections, in order to find new things to watch from across favorite shows, movies, as well as iTunes purchases and rentals. In the "Recommended" section, content is organized into different groups, like trending shows and movies. And similar to iTunes, the TV app features curated "Collections," which are thematic groupings of content, like political shows or thrillers, for instance. Other sections in the TV app, "Library" and "Store," will point you to your prior iTunes purchases, including rentals, or let you browse for more movies and shows to buy. You can also use Siri with the new app, and the assistant is smart enough to know which app to launch to watch the program you ask about. For instance, if you want to watch the game, you just ask to watch the game -- you don't need to know which app is streaming it. You can also say things like "which games are on right now?" or "watch CBS News," without having to navigate to the app directly. This feature, called Siri Live Tune-In, is available today. In addition, while the app is primarily meant to address the challenges of watching across apps on Apple TV, the new TV app will also arrive on iPhone and iPad this December, the company says. Along with the new TV guide app, Apple is rolling out support for Single Sign-On, which was announced at WWDC 2016 as a tvOS feature. This lets you enter your username and password for your pay TV subscription only once, instead of in each video streaming app that requires authentication.

Alongside the two new MacBook Pros, Apple also unveiled a refresh for its popular MacBook Air lineup. The company is calling this: the MacBook Pro, same branding as the other two MacBook Pros. It's a lower-end version of the new MacBook Pros, with no "Touch Bar" (or the Touch ID) and is powered by a slightly slower processor. Starting at $1,499, this MacBook Pro model is slightly cheaper too, though. From an ArsTechnica report:Apple said it will continue selling the existing 13" MacBook Air, but the company made a point of comparing that model to this new lower-end Pro, putting it somewhere between the Air and the other Pros in the lineup. The new 13" MacBook Pro starts at $1,499 and will begin shipping today. The new higher-end Pros will start at $1,799 for the 13" model and $2,399 for the 15" model while shipping in two to three weeks. If you don't select any hardware upgrades, the low-end 13" Pro has a sixth-generation Intel Core i5 processor with dual cores clocked at 2.0GHz, Intel Iris Graphics 540, 8GB memory, and 256GB SSD. It is available in space grey and silver, and it can cost up to $2,599 if you select the highest CPU, memory, and storage upgrades. Those available upgrades include a 2.4GHz Core i7 processor, 16GB of memory, and 512GB or 1TB of SSD storage. The new 13" laptop has a 2560x1600 Retina display, two Thunderbolt 3/USB-C ports, and a headphone jack. It has the same Force Touch trackpad and redesigned keyboard as the higher-end models despite not integrating the Touch Bar and Touch ID.

Twitter's plan to refocus on its core business consists of laying off 9 percent of its staff, and also killing off Vine. The company announced today that it will shut down Vine's video app in the coming months. From a Recode report: Vine has been struggling for some time, so Thursday's move is surprising but not unbelievable. The app was never a revenue driver for the company, and it was no longer growing. Many of its top executives left over the spring and early summer. What's interesting is that Twitter is shutting the app down instead of trying to sell it off. Or perhaps it did try and simply couldn't find a buyer (like a buyer for itself). Either way, Vine will soon shut down. The company says that users will be able to download their Vine videos before that happens, but there has been no specific timetable announced. Vine general manager Hannah Davis, who just joined the company this spring, will stay on to oversee the transition, according to a spokesperson.

An anonymous reader quotes a report from Washington Post: A hotel executive said a recently-passed New York law cracking down on Airbnb hosts will enable the company to raise prices for New York City hotel rooms, according to the transcript of the executive's words on a call with shareholders last week. The law, signed by New York's Governor Andrew Cuomo on Friday, slaps anyone who lists their apartment on a short-term rental site with a fine up to $7,500. It "should be a big boost in the arm for the business," Mike Barnello, chief executive of the hotel chain LaSalle Hotel Properties, said of the law last Thursday, "certainly in terms of the pricing." Barnello's comment adds fuel the argument, made repeatedly by Airbnb and its proponents, that a law that was passed in the name of affordable housing also allows established hotels to raises prices for consumers. It was included in a memo written by Airbnb's head of global policy, Chris Lehane, to the Internet Association, a tech trade group, reviewed by the Washington Post. LaSalle, a Bethesda, MD-based chain, owns hotels around the country, including New York City. The memo is the latest volley in a bitter fight that has pit the hotel industry, unions, and affordable housing advocates against Airbnb and its supporters. At the heart of the fight is a debate over the societal value of the Airbnb platform and its role in the economy of cities throughout the world. The question is whether Airbnb has been a net benefit, by enabling middle class city-dwellers to make extra money by renting out their homes, or whether it has had the unintended consequence of exacerbating affordable housing crises in expensive cities such as New York and Los Angeles.

An anonymous reader quotes a report from Ars Technica: Apple's new wireless, $180 AirPods have less than a week to meet their original shipping target of "late October," and now the company has confirmed that such a launch is officially off the table. A Wednesday statement, given to Ars Technica just one day ahead of the company's latest Mac-related press event, confirmed Apple's decision to delay the wireless headphones' launch. In the statement, Apple tells Ars that the company "needs a little more time before AirPods are ready for our customers." "The early response to AirPods has been incredible," the Apple statement reads. "We don't believe in shipping a product before it's ready." Apple declined to offer any estimate or release window information about when to expect the AirPods' official launch.

An anonymous reader quotes a report from Ars Technica: Apple's new wireless, $180 AirPods have less than a week to meet their original shipping target of "late October," and now the company has confirmed that such a launch is officially off the table. A Wednesday statement, given to Ars Technica just one day ahead of the company's latest Mac-related press event, confirmed Apple's decision to delay the wireless headphones' launch. In the statement, Apple tells Ars that the company "needs a little more time before AirPods are ready for our customers." "The early response to AirPods has been incredible," the Apple statement reads. "We don't believe in shipping a product before it's ready." Apple declined to offer any estimate or release window information about when to expect the AirPods' official launch.

An anonymous reader quotes a report from Motherboard: Some have put forth a perhaps desperate -- and certainly illegal -- solution to stop massive internet outages, like the one on Friday, from happening: Have white-hat vigilante hackers take over the insecure Internet of Things that the Mirai malware targets and take them away from the criminals. Several hackers and security researchers agree that taking over the zombies in the Mirai botnet would be relatively easy. After all, if the "bad guys" Mirai can do it, a "good guys" Mirai -- perhaps even controlled by the FBI -- could do the same. The biggest technical hurdle to this plan, as F-Secure chief research officer Mikko Hypponen put it, is that once it infects a device, Mirai "closes the barn door behind it." Mirai spreads by scanning the internet for devices that have the old-fashioned remote access telnet protocol enabled and have easy to guess passwords such as "123456" or "passwords." Then, once it infects them, it disables telnet access, theoretically stopping others from doing the same. The good news is that the code that controls this function actually doesn't at times work very well, according to Darren Martyn, a security researcher who has been analyzing the malware and who said he's seen some infected devices that still have telnet enabled and thus can be hacked again. Also, Mirai disappears once an infected device is rebooted, which likely happens often as owners of infected cameras and DVRs try to fix their devices that suddenly have their bandwidth saturated. The bad news is that the Mirai spreads so fast that a rebooted, clean, device gets re-infected in five minutes, according to the estimates of researchers who've been tracking the botnets. So a vigilante hacker has a small window before the bad guys come back. The other problem is what a do-gooder hacker could do once they took over the botnet. The options are: brick the devices, making them completely unusable; change the default passwords, locking out even their legitimate owners; or try to fix their firmware to make them more resistant to future hack attempts, and also still perfectly functioning. The real challenge of this whole scenario, however, is that despite being for good, this is still illegal. "No one has any real motivation to do so. Anyone with the desire to do so, is probably afraid of the potential jail time. Anyone not afraid of the potential jail time...can think of better uses for the devices," Martyn told Motherboard, referring to criminals who can monetize the Mirai botnet.

An anonymous reader quotes a report from Ars Technica: Comcast yesterday sued the Nashville metro government and mayor to stop a new ordinance designed to give Google Fiber faster access to utility poles. Comcast's complaint in U.S. District Court in Nashville (full text) is similar to one already filed by AT&T last month. Both ISPs are trying to invalidate a One Touch Make Ready ordinance that lets new ISPs make all of the necessary wire adjustments on utility poles themselves instead of having to wait for incumbent providers like AT&T and Comcast to send work crews to move their own wires. The ordinance was passed largely to benefit Google Fiber, which is offering service in Nashville but says that it hasn't been able to deploy faster because it is waiting to get access to thousands of poles. Nearly all the Nashville utility poles are owned either by the municipal Nashville Electric Service or AT&T. Because Comcast has wires on many of the poles, it has some control over how quickly Google Fiber can expand its network. When Google Fiber wants to attach wires to a new pole, it needs to wait for ISPs like Comcast to move their wires to make room for Google Fiber's. The Nashville One Touch Make Ready ordinance "permits third parties to move, alter, or rearrange components of Comcast's communications network attached to utility poles without Comcast's consent, authorization, or oversight, and with far less notice than is required by federal law and by an existing Comcast contract with Metro Nashville," Comcast's complaint said. Comcast asked the court to declare the ordinance invalid and permanently enjoin Nashville from enforcing it. The pre-existing Make Ready process "seek[s] to ensure that all providers can share available pole space cooperatively and safely, without interfering with or damaging any provider's equipment or services," Comcast said. The new procedures mandated by Nashville "are so intrusive that, tellingly, Metro Nashville has wholly exempted its own utility pole attachments from the Ordinance's coverage." Even though Google Fiber announced yesterday that it will pause operations and cut 9% of its staff, the ISP said it would continue operations in Nashville.

An anonymous reader quotes a report from Ars Technica: Comcast yesterday sued the Nashville metro government and mayor to stop a new ordinance designed to give Google Fiber faster access to utility poles. Comcast's complaint in U.S. District Court in Nashville (full text) is similar to one already filed by AT&T last month. Both ISPs are trying to invalidate a One Touch Make Ready ordinance that lets new ISPs make all of the necessary wire adjustments on utility poles themselves instead of having to wait for incumbent providers like AT&T and Comcast to send work crews to move their own wires. The ordinance was passed largely to benefit Google Fiber, which is offering service in Nashville but says that it hasn't been able to deploy faster because it is waiting to get access to thousands of poles. Nearly all the Nashville utility poles are owned either by the municipal Nashville Electric Service or AT&T. Because Comcast has wires on many of the poles, it has some control over how quickly Google Fiber can expand its network. When Google Fiber wants to attach wires to a new pole, it needs to wait for ISPs like Comcast to move their wires to make room for Google Fiber's. The Nashville One Touch Make Ready ordinance "permits third parties to move, alter, or rearrange components of Comcast's communications network attached to utility poles without Comcast's consent, authorization, or oversight, and with far less notice than is required by federal law and by an existing Comcast contract with Metro Nashville," Comcast's complaint said. Comcast asked the court to declare the ordinance invalid and permanently enjoin Nashville from enforcing it. The pre-existing Make Ready process "seek[s] to ensure that all providers can share available pole space cooperatively and safely, without interfering with or damaging any provider's equipment or services," Comcast said. The new procedures mandated by Nashville "are so intrusive that, tellingly, Metro Nashville has wholly exempted its own utility pole attachments from the Ordinance's coverage." Even though Google Fiber announced yesterday that it will pause operations and cut 9% of its staff, the ISP said it would continue operations in Nashville.

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.

An anonymous reader quotes a report from Reuters: Obama administration officials briefed key congressional staffers last week about a secret court order to Yahoo that prompted it to search all users' incoming emails for a still undisclosed digital signature, but they remain reluctant to discuss the unusual case with a broader audience. Executive branch officials spoke to staff for members of the Senate and House of Representatives committees overseeing intelligence operations and the judiciary, according to people briefed on the events, which followed Reuters' disclosure of the massive search. But attempts by other members of Congress and civil society groups to learn more about the Yahoo order are unlikely to meet with success anytime soon, because its details remain a sensitive national security matter, U.S. officials told Reuters. Release of any declassified version of the order is unlikely in the foreseeable future, the officials said. The decision to keep details of the order secret comes amid mounting pressure on the U.S. government to be more transparent about its data-collection activities ahead of a congressional deadline next year to reauthorize some foreign intelligence authorities. On Tuesday, more than 30 advocacy groups will send a letter to Director of National Intelligence James Clapper asking for declassification of the Yahoo order that led to the search of emails last year in pursuit of data matching a specific digital symbol. The groups say that Title I of the Foreign Intelligence Surveillance Act, under which sources said the order was issued, requires a finding that the target of such a wiretap is probably an agent of a foreign power and that the facility to be tapped is probably going to be used for a transmission. An entire service, such as Yahoo, has never publicly been considered to be a "facility" in such a case: instead, the word usually refers to a phone number or an email account.

Krystalo quotes a report from VentureBeat: It's been more than a year since our last browser benchmark battle, and the competition remains fierce. Google Chrome, Mozilla Firefox, and Microsoft Edge have all gained a variety of new features and improvements over the past year. It's time to see if any of them have managed to pull ahead of the pack. It appears that Edge has made the biggest gains since last year. That said, browser performance is improving at a very rapid pace, and it shouldn't be your only consideration when picking your preferred app for consuming Internet content. You can click on individual tests below to see the details:

SunSpider: Edge wins!
Octane: Edge wins!
Kraken: Chrome wins!
JetStream: Edge wins!
Oort Online: Firefox wins!
Peacekeeper: Firefox wins!
WebXPRT: Edge wins!
HTML5Test: Chrome wins!

You can also read all about the setup used for the benchmark tests here. VentureBeat used a custom desktop PC, featuring an Intel Core i5 4440 processor (6M Cache, 3.10 GHz), 8GB of DDR3 1600MHz RAM, a 500GB SATA hard drive (7200 RPM), an Nvidia GeForce GTX 460 graphics card, and a 24-inch widescreen LED monitor (1920 x 1080).

A federal just has approved the largest auto-scandal settlement in U.S. history, a $14.7 billion settlement concerning Volkswagen Group's diesel car emissions scandal. USA Today reports: U.S. District Court Judge Charles Breyer in San Francisco approved the sweeping agreement between consumers, the government, California regulators and the German automaker in a written ruling a week after signaling he was likely to sign off. He said the agreement is "fair, reasonable and adequate." The settlement comes about a year after Volkswagen admitted that it rigged 11 million vehicles worldwide with software designed to dodge emissions standards. The company is still facing criminal investigations by the U.S. Justice Department and German prosecutors. The U.S. probe could lead to additional financial penalties and criminal indictments. About 475,000 Volkswagen owners in the U.S. can choose between a buyback or a free fix and compensation, if a repair becomes available. VW will begin administering the settlement immediately, having already devoted several hundred employees to handling the process. Buybacks range in value from $12,475 to $44,176, including restitution payments, and varying based on milage. People who opt for a fix approved by the Environmental Protection Agency will receive payouts ranging from $5,100 to $9,852, depending on the book value of their car. Volkswagen will also pay $2.7 billion for environmental mitigation and another $2 billion for clean-emissions infrastructure.

An anonymous reader quotes a report from Motherboard: Cellebrite, an Israeli company that specializes in digital forensics, has dominated the market in helping law enforcement access mobile phones. But one apparent reseller of the company's products is publicly distributing copies of Cellebrite firmware and software for anyone to download. Although Cellebrite keeps it most sensitive capabilities in-house, the leak may still give researchers, or competitors, a chance to figure out how Cellebrite breaks into and analyzes phones by reverse-engineering the files. The apparent reseller distributing the files is McSira Professional Solutions, which, according to its website, "is pleased to serve police, military and security agencies in the E.U. And [sic] in other parts of the world." McSira is hosting software for various versions of Cellebrite's Universal Forensic Extraction Device (UFED), hardware that investigators can use to bypass the security mechanisms of phones, and then extract data from them. McSira allows anyone to download firmware for the UFED Touch, and a PC version called UFED 4PC. It is also hosting pieces of Cellebrite forensic software, such as the UFED Cloud Analyzer. This allows investigators to further scrutinize seized data. McSira is likely offering downloads so customers can update their hardware to the latest version with as little fuss as possible. But it may be possible for researchers to take those files, reverse-engineer them, and gain insight into how Cellebrite's tools work. That may include what sort of exploits Cellebrite uses to bypass the security mechanisms of mobile phones, and weaknesses in the implementation of consumer phones that could be fixed, according to one researcher who has started to examine the files, but was not authorised by his employer to speak to the press about this issue.

Curious minds on the internet have uncovered an image file on their Mac, which was added by Apple in the latest macOS update. The image reveals a new laptop that fully fits the description of rumored MacBook Pro, which Apple is expected to launch on October 27. The laptop in the picture has what seems like a "contextual" OLED display (some are calling it Magic Toolbar display) on the top. What's interesting from that picture is that there's no physical Escape key or Power key to be found anywhere.

Editor's note: We usually tend to avoid covering leaks and rumors, but several readers pitched the story to us, and media outlets are also covering it now, which adds some credibility to the matter.

AT&T has been secretly spying on its own customers, the Daily Beast reports. The revelation comes days after the top carrier announced plans to purchase Time Warner. The report claims that AT&T ran a program called Project Hemisphere through which it analyzed cellular data from the company's call records to determine where a given individual is located and with whom they are speaking. The New York Times reported about the program's existence in 2013, but it was described as a "partnership" between A&T and the government for fighting narcotics trafficking. But today's report, which cites several classifed documents, claims that AT&T used Hemisphere for a range of other functions -- and always without a warrant. From the report:Hemisphere is a secretive program run by AT&T that searches trillions of call records and analyzes cellular data to determine where a target is located, with whom he speaks, and potentially why. [...] Hemisphere isn't a "partnership" but rather a product AT&T developed, marketed, and sold at a cost of millions of dollars per year to taxpayers. No warrant is required to make use of the company's massive trove of data, according to AT&T documents, only a promise from law enforcement to not disclose Hemisphere if an investigation using it becomes public. These new revelations come as the company seeks to acquire Time Warner in the face of vocal opposition saying the deal would be bad for consumers. While telecommunications companies are legally obligated to hand over records, AT&T appears to have gone much further to make the enterprise profitable, according to ACLU technology policy analyst Christopher Soghoian. "Companies have to give this data to law enforcement upon request, if they have it. AT&T doesn't have to data-mine its database to help police come up with new numbers to investigate," Soghoian said. AT&T has a unique power to extract information from its metadata because it retains so much of it. The company owns more than three-quarters of U.S. landline switches, and the second largest share of the nation's wireless infrastructure and cellphone towers, behind Verizon. AT&T retains its cell tower data going back to July 2008, longer than other providers. Verizon holds records for a year and Sprint for 18 months, according to a 2011 retention schedule obtained by The Daily Beast.

MojoKid writes: As we quickly approach the November 8th elections, email leaks from the Clinton camp continue to loom over the presidential candidate. The latest data dump from WikiLeaks shines a light on emails between Hillary Clinton's campaign manager, John Podesta and Facebook Chief Operating Officer, Sheryl Sandberg. In one email exchange, dated June 6th, 2015, Sandberg expresses her desire for Clinton to become president, writing to Podesta, "And I still want HRC to win badly. I am still here to help as I can." While that was a private exchange, Sandberg also made her zest for seeing Clinton as the 45th President of the United States publicly known in a Facebook post on July 28th of this year. None of that is too shocking when you think about it. Sandberg has every right to endorse whichever candidate she wants for president. However, a later exchange between Sandberg and Podesta showed that Mark Zuckerberg was looking to get in on the action a bit, and perhaps curry favor with Podesta and the Clinton camp in shaping public policy. Donald Trump has long claimed that Clinton is too cozy with big businesses, and one cannot dismiss the fact that Facebook has a global user base of 1.7 billion users. When you toss in the fact that Facebook came under fire earlier this year for allegedly suppressing conservative news outlets in the Trending News bar, questions begin to arise about Facebook's impartiality in the political race. The report also notes that Sandberg is at the top of the list when it comes to picks for Treasury Secretary, if Clinton wins the election. In an interview with Politico, David Segal, executive director for Demand Progress, said "[Sandberg] is a proxy for this growing problem that is the hegemony of five to ten major Silicon Valley platforms." Lina Khan, a fellow with the Open Markets Program at the New American think tank adds: "If a senior Cabinet member is from Facebook, at worst it could directly interfere [in antitrust actions]. But even in the best of cases there's a real worry that it will have a chilling effect on good-faith antitrust efforts to scrutinize potential anti-competitive implications of dominant tech platforms."

An anonymous reader writes from a report via Softpedia: Researchers have discovered a method to use the Rowhammer RAM attack for rooting Android devices. For their research paper, called Drammer: Deterministic Rowhammer Attacks on Mobile Platforms, researchers tested and found multiple smartphone models to be vulnerable to their attack. The list includes LG Nexus (4, 5, 5X), LG G4, Motorola Moto G (2013 and 2014), One Plus One, HTC Desire 510, Lenovo K3 Note, Xiaomi Mi 4i, and Samsung Galaxy (S4, S5, and S6) devices. Researchers estimate that millions of Android users might be vulnerable. The research team says the Drammer attack has far more wide-reaching implications than just Android, being able to exploit any device running on ARM chips. In the past, researchers have tested the Rowhammer attack against DDR3 and DDR4 memory cards, weaponized it via JavaScript, took over PCs via Microsoft Edge, and hijacked Linux virtual machines. There's an app to test if your phone is vulnerable to this attack. "Rowhammer is an unintended side effect in dynamic random-access memory (DRAM) that causes memory cells to leak their charges and interact electrically between themselves, possibly altering the contents of nearby memory rows that were not addressed in the original memory access," according to Wikipedia. "This circumvention of the isolation between DRAM memory cells results from the high cell density in modern DRAM, and can be triggered by specially crafted memory access patterns that rapidly activate the same memory rows numerous times."

An anonymous reader writes from a report via Softpedia: Researchers have discovered a method to use the Rowhammer RAM attack for rooting Android devices. For their research paper, called Drammer: Deterministic Rowhammer Attacks on Mobile Platforms, researchers tested and found multiple smartphone models to be vulnerable to their attack. The list includes LG Nexus (4, 5, 5X), LG G4, Motorola Moto G (2013 and 2014), One Plus One, HTC Desire 510, Lenovo K3 Note, Xiaomi Mi 4i, and Samsung Galaxy (S4, S5, and S6) devices. Researchers estimate that millions of Android users might be vulnerable. The research team says the Drammer attack has far more wide-reaching implications than just Android, being able to exploit any device running on ARM chips. In the past, researchers have tested the Rowhammer attack against DDR3 and DDR4 memory cards, weaponized it via JavaScript, took over PCs via Microsoft Edge, and hijacked Linux virtual machines. There's an app to test if your phone is vulnerable to this attack. "Rowhammer is an unintended side effect in dynamic random-access memory (DRAM) that causes memory cells to leak their charges and interact electrically between themselves, possibly altering the contents of nearby memory rows that were not addressed in the original memory access," according to Wikipedia. "This circumvention of the isolation between DRAM memory cells results from the high cell density in modern DRAM, and can be triggered by specially crafted memory access patterns that rapidly activate the same memory rows numerous times."

Last year, Consumer Reports withdrew its recommendation for the Tesla Model S after investigating its reliability. Today, the nonprofit organization released its 2016 Car Reliability Survey and found that, while the Tesla Model S has become more reliable, the Tesla Model X has proved to be unreliable overall. CNNMoney reports: CEO Elon Musk admitted that he wished he hadn't put so much new, complex technology on [the Model X] all at once when he unveiled the model last year. Apparently, he was right to worry. The Model X's complicated "falcon wing" doors have been a big trouble spot, said Jake Fisher, head of Consumer Reports' car testing unit. Even the front doors, which have electric motors that let them open on their own, have been a headache for customers, he added. As a result, Tesla ranks among the "Less Reliable" brands on Consumer Reports' list. The SUV's dependability is rated as "Much worse than average." Still, overall owner satisfaction with the vehicle is rated as "Excellent." For a long time, "dependability problems" have tended to be relatively trivial, said Fisher, as the industry has perfected the major mechanical aspects of the cars. In recent years, the problems have stemmed from the more high-tech additions to the newest cars, like the computer screens that work with phone, navigation and entertainment features, said Fisher. But now, with tougher fuel economy rules pushing more complex transmission technologies, dependability issues are once again starting to involve fundamental mechanical components. New eight- and nine-speed transmissions as well as dual-clutch and continuously variable transmissions have been suffering problems at a higher-than-average rate, Fisher said. It's been years since new car buyers would have to worry about things that could actually render their vehicle undrivable. But those concerns are coming back, Fisher said. As for the Model S, Consumer Reports says "Tesla's Model S has improved to average reliability, which now makes the electric car one of our recommended models."

Last year, Consumer Reports withdrew its recommendation for the Tesla Model S after investigating its reliability. Today, the nonprofit organization released its 2016 Car Reliability Survey and found that, while the Tesla Model S has become more reliable, the Tesla Model X has proved to be unreliable overall. CNNMoney reports: CEO Elon Musk admitted that he wished he hadn't put so much new, complex technology on [the Model X] all at once when he unveiled the model last year. Apparently, he was right to worry. The Model X's complicated "falcon wing" doors have been a big trouble spot, said Jake Fisher, head of Consumer Reports' car testing unit. Even the front doors, which have electric motors that let them open on their own, have been a headache for customers, he added. As a result, Tesla ranks among the "Less Reliable" brands on Consumer Reports' list. The SUV's dependability is rated as "Much worse than average." Still, overall owner satisfaction with the vehicle is rated as "Excellent." For a long time, "dependability problems" have tended to be relatively trivial, said Fisher, as the industry has perfected the major mechanical aspects of the cars. In recent years, the problems have stemmed from the more high-tech additions to the newest cars, like the computer screens that work with phone, navigation and entertainment features, said Fisher. But now, with tougher fuel economy rules pushing more complex transmission technologies, dependability issues are once again starting to involve fundamental mechanical components. New eight- and nine-speed transmissions as well as dual-clutch and continuously variable transmissions have been suffering problems at a higher-than-average rate, Fisher said. It's been years since new car buyers would have to worry about things that could actually render their vehicle undrivable. But those concerns are coming back, Fisher said. As for the Model S, Consumer Reports says "Tesla's Model S has improved to average reliability, which now makes the electric car one of our recommended models."

Last year, Consumer Reports withdrew its recommendation for the Tesla Model S after investigating its reliability. Today, the nonprofit organization released its 2016 Car Reliability Survey and found that, while the Tesla Model S has become more reliable, the Tesla Model X has proved to be unreliable overall. CNNMoney reports: CEO Elon Musk admitted that he wished he hadn't put so much new, complex technology on [the Model X] all at once when he unveiled the model last year. Apparently, he was right to worry. The Model X's complicated "falcon wing" doors have been a big trouble spot, said Jake Fisher, head of Consumer Reports' car testing unit. Even the front doors, which have electric motors that let them open on their own, have been a headache for customers, he added. As a result, Tesla ranks among the "Less Reliable" brands on Consumer Reports' list. The SUV's dependability is rated as "Much worse than average." Still, overall owner satisfaction with the vehicle is rated as "Excellent." For a long time, "dependability problems" have tended to be relatively trivial, said Fisher, as the industry has perfected the major mechanical aspects of the cars. In recent years, the problems have stemmed from the more high-tech additions to the newest cars, like the computer screens that work with phone, navigation and entertainment features, said Fisher. But now, with tougher fuel economy rules pushing more complex transmission technologies, dependability issues are once again starting to involve fundamental mechanical components. New eight- and nine-speed transmissions as well as dual-clutch and continuously variable transmissions have been suffering problems at a higher-than-average rate, Fisher said. It's been years since new car buyers would have to worry about things that could actually render their vehicle undrivable. But those concerns are coming back, Fisher said. As for the Model S, Consumer Reports says "Tesla's Model S has improved to average reliability, which now makes the electric car one of our recommended models."

An anonymous reader quotes a report from Bloomberg: Twitter Inc. is planning widespread job cuts, to be announced as soon as this week, according to people familiar with the matter. The company may cut about 8 percent of the workforce, or about 300 people, the same percentage it did last year when co-founder Jack Dorsey took over as chief executive officer, the people said. Planning for the cuts is still fluid and the number could change, they added. An announcement about the job reductions may come before Twitter releases third-quarter earnings on Thursday, one of the people said. Twitter, which loses money, is trying to control spending as sales growth slows. The company recently hired bankers to explore a sale, but the companies that had expressed interest in bidding -- Salesforce.com Inc., The Walt Disney Co. and Alphabet Inc. -- later backed out from the process. Twitter's losses and 40 percent fall in its share price the past 12 months have made it more difficult for the company to pay its engineers with stock. That has made it harder for Twitter to compete for talent with giant rivals like Alphabet Inc.'s Google and Facebook Inc. Reducing employee numbers would relieve some of this pressure.

According to a study by IHS Markit this month, in the last two years Netflix's spending on original content rose from $2.38 billion to $4.91 billion. The company has invested big in original programming -- and it looks to be paying off. The folks over at AllFlicks have found that Netflix's subscriber base prefers Netflix's original content to that of its syndicated content. AllFlicks reports: Netflix user ratings show that Netflix's subscriber base prefers Netflix's original content to its syndicated content. Netflix originals sport an average rating of 3.85 stars out of five; all other content averages 3.47 stars. That means that user ratings for Netflix originals are 11% higher, on average, than user ratings for syndicated content. Netflix does best in the documentaries category, where users rate non-original content, on average, at 3.54. Netflix's documentaries average 4.07 stars, a pretty impressive showing. Netflix's TV shows do the worst, but still edge their other TV show content by 5.7%. It's possible that the frequent reviewers among Netflix's user base differ from the user base as a whole, but there's not a lot of reason to doubt the raw data here. The Netflix originals and non-originals were both reviewed on the same service and using the same rating system, yet originals consistently outperformed the rest of the content.

prisoninmate writes: The Linux 4.7 kernel branch officially reached end of life, and it has already been marked as EOL on the kernel.org website, which means that the Linux kernel 4.7.10 maintenance update is the last one that will be released for this branch. It also means that you need to either update your system to the Linux 4.7.10 kernel release or move to a more recent kernel branch, such as Linux 4.8. In related news, Linux kernel 4.8.4 is now the latest stable and most advanced kernel version, which is already available for users of the Solus and Arch Linux operating systems, and it's coming soon to other GNU/Linux distributions powered by a kernel from the Linux 4.8 series. Users are urged to update their systems as soon as possible.

An anonymous reader writes; "These tablets always malfunction," complained one NFL offensive lineman in January, foreshadowing a growing backlash to Microsoft's $400 million deal with the NFL to use Surface tablets. Friday the coach of the San Francisco 49ers and their controversial quarterback Colin Kaepernick both complained they've also experienced problems, with Kaepernick saying the screen freezes "every once in a while and they have to reboot it."

Friday Microsoft called their tablet "the center of the debate on the role of technology in the NFL," saying they deeply respect NFL teams "and the IT pro's who work tirelessly behind the scenes to help them succeed." It included quotes from NFL quarterbacks -- for example, "Every second counts and having Microsoft Surface technology on sidelines allows players and coaches to analyze what our opponents are trying to do in almost real time." But Yahoo Finance wrote that "The quotes read like they were written by the Microsoft public relations team," arguing that Microsoft's NFL deal "has been a disaster... The tablets failed to work during a crucial AFC Championship game last January -- again for the New England Patriots... sports media interpreted that the malfunction benefited the Broncos on the field, giving the team an unfair advantage -- the very last thing Microsoft's tablets, meant to aid coaches in their play calling, should be doing."
The NFL issued a statement calling Microsoft "an integral, strategic partner of the NFL," adding "Within our complex environment, many factors can affect the performance of a particular technology either related to or outside of our partner's solutions."

"Wondering which IoT device types are part of the Mirai botnet causing trouble today? Brian Krebs has the list," tweeted Trend Micro's Eric Skinner Friday, sharing an early October link which identifies Panasonic, Samsung and Xerox printers, and lesser known makers of routers and cameras. An anonymous reader quotes Fortune: Part of the responsibility should also lie with lawmakers and regulators, who have failed to create a safety system to account for the Internet-of-Things era we are now living in. Finally, it's time for consumers to acknowledge they have a role in the attack too. By failing to secure the internet-connected devices, they are endangering not just themselves but the rest of the Internet as well.
If you're worried, Motherboard is pointing people to an online scanning tool from BullGuard (a U.K. anti-virus firm) which checks whether devices on your home network are listed in the Shodan search engine for unsecured IoT devices. But earlier this month, Brian Krebs pointed out the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks..."

From Hollister, California -- population 40,000 -- comes a good update from the Mercury News on Larry Page's efforts to fund a flying car: Even from a few hundred yards away, the aircraft made a noise strikingly different from the roar of a typical plane. "It sounded like an electric motor running, just a high-pitched whine," said Steve Eggleston, assistant manager at an airplane-parts company with offices bordering the Hollister Municipal Airport tarmac. But it wasn't only the sound that caught the attention of Eggleston and his co-workers at DK Turbines. It was what the aircraft was doing. "What the heck's that?" saleswoman Brittany Rodriguez thought to herself. It's just hovering."

That, apparently, was a flying car, or perhaps a prototype of another sort of aircraft under development by a mysterious startup called Zee.Aero...one of two reportedly funded by Google co-founder Larry Page to develop revolutionary forms of transportation... A Zee.Aero spokeswoman said the firm is "currently not discussing (its) plans publicly." However, a Zee.Aero patent issued in 2013 describes in some detail an aircraft capable of the hovering seen by people working at the airport. And the drawings showcase a vision of the future in which flying cars park in lots just like their terrestrial, less-evolved cousins.
Page has invested $100 million in Zee.Aero, which appears to have hired more than 100 aerospace engineers. But the article reports that apparently, in the small town where it's headquartered, "the first rule about Zee.Aero is you don't talk about Zee.Aero."

Long-time Slashdot reader Tablizer quotes Space Flight Now: Views from NASA's Mars Reconnaissance Orbiter released Friday show the crash site where Europe's experimental Schiaparelli lander fell to the red planet's surface from a height of several miles, leaving a distinct dark patch on the Martian landscape...The image from MRO's context camera shows two new features attributed to the Schiaparelli spacecraft, including a large dark scar spanning an estimated 50 feet (15 meters) by 130 feet (40 meters). Schiaparelli's ground team believes it is from the high-speed impact of the lander's main body... A little more than a half-mile (1 kilometer) to the south, a bright spot appears in the image, likely the 39-foot-diameter (12-meter) supersonic parachute and part of Schiaparelli's heat shield, which released from the lander just before ESA lost contact."

"It is said that eternal vigilance is the price of liberty...We must continue to work together to make the internet a more resilient place to work, play and communicate," wrote Dyn's Chief Strategy Officer in a Saturday blog post. An anonymous reader reports: Dyn CSO Kyle York says they're still investigating Friday's attack, "conducting a thorough root cause and forensic analysis" while "carefully monitoring" for any additional attacks. In a section titled "What We Know," he describes "a sophisticated attack across multiple attack vectors and internet locations...one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack." But he warns that "we are unlikely to share all details of the attack and our mitigation efforts to preserve future defenses."

He posted a timeline of the attacks (7:00 EST and 12:00 EST), adding "While there was a third attack attempted, we were able to successfully mitigate it without customer impact... We practice and prepare for scenarios like this on a regular basis, and we run constantly evolving playbooks and work with mitigation partners to address scenarios like these." He predicts Friday's attack will be seen as "historic," and acknowledges his staff's efforts to fight the attack as well as the support received from "the technology community, from the operations teams of the world's top internet companies, to law enforcement and the standards community, to our competition and vendors... On behalf of Dyn, I'd like to extend our sincere thanks and appreciation to the entire internet infrastructure community for their ongoing show of support."
Online businesses may have lost up to $110 million in sales and revenue, according to the CEO of Dynatrace, who tells CNN more than half of the 150 websites they monitor were affected.

Her video went viral, viewed more than 14 million times, and triggering concerns online when she was threatened with prison. But a North Dakota judge "refused to authorize riot charges against award-winning journalist Amy Goodman for her reporting on an attack against Native American-led anti-pipeline protesters." An anonymous Slashdot reader quotes NBC News: Goodman described the victory as a "great vindication of the First Amendment," although McLean County State's Attorney Ladd Erickson told The New York Times that additional charges were possible. "I believe they want to keep the investigation open and see if there is any evidence in the unedited and unpublished videos that we could better detail in an affidavit for the judge," Erickson told the newspaper.
The native Americans "were attempting to block the destruction of sacred sites, including ancestral burial grounds," according to a new article co-authored by Goodman about her experiences, which argues that "Attempts to criminalize nonviolent land and water defenders, humiliate them and arrest journalists should not pave the way for this pipeline."

"Linux distributions and silly names go together like peanut butter and jelly," notes BetaNews. BrianFagioli writes: One of the most well-known Linux distributions to use funny names is Ubuntu. It famously uses the convention of an adjective and a lesser-known animal, each starting with the same letter... For example, Ubuntu 16.10 uses the letter "Y" -- "Yakkety Yak". The next version of the operating system will use the letter "Z" [and] Canonical has chosen "Zesty Zapus"... It is apparently a type of jumping mouse...

"As we come to the end of the alphabet, I want to thank everyone who makes this fun. Your passion and focus and intellect, and occasionally your sharp differences, all make it a privilege to be part of this body incorporate. Right now, Ubuntu is moving even faster to the centre of the cloud and edge operations. From AWS to the zaniest new devices, Ubuntu helps people get things done faster, cleaner, and more efficiently, thanks to you...", says Mark Shuttleworth, CEO, Canonical... "we are a tiny band in a market of giants, but our focus on delivering free software freely together with enterprise support, services and solutions appears to be opening doors, and minds, everywhere. So, in honour of the valiantly tiny leaping long-tailed over the obstacles of life, our next release which will be Ubuntu 17.04, is hereby code named the Zesty Zapus".
My favorite was Xenial Xerus.

"The Dark Web is rife with speculation that North Korea is responsible for the Dyn hack" says John McAfee, according to a new article on CSO: McAfee said they certainly have the capability and if it's true...then forensic analysis will point to either Russia, China, or some group within the U.S. [And] who hacked the Democratic National Committee? McAfee -- in an email exchange and follow up phone call -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share... "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President....

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians. Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter..."
Bruce Schneier writes that "we don't know anything much of anything" about yesterday's massive DDOS attacks. "If I had to guess, though, I don't think it's China. I think it's more likely related to the DDoS attacks against Brian Krebs than the probing attacks against the Internet infrastructure..." Earlier this month Krebs had warned that source code had been released for the massive DDOS attacks he endured in September, "virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."

"The Dark Web is rife with speculation that North Korea is responsible for the Dyn hack" says John McAfee, according to a new article on CSO: McAfee said they certainly have the capability and if it's true...then forensic analysis will point to either Russia, China, or some group within the U.S. [And] who hacked the Democratic National Committee? McAfee -- in an email exchange and follow up phone call -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share... "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President....

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians. Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter..."
Bruce Schneier writes that "we don't know anything much of anything" about yesterday's massive DDOS attacks. "If I had to guess, though, I don't think it's China. I think it's more likely related to the DDoS attacks against Brian Krebs than the probing attacks against the Internet infrastructure..." Earlier this month Krebs had warned that source code had been released for the massive DDOS attacks he endured in September, "virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."

"The Dark Web is rife with speculation that North Korea is responsible for the Dyn hack" says John McAfee, according to a new article on CSO: McAfee said they certainly have the capability and if it's true...then forensic analysis will point to either Russia, China, or some group within the U.S. [And] who hacked the Democratic National Committee? McAfee -- in an email exchange and follow up phone call -- said sources within the Dark Web suggest it was Iran, and he absolutely agrees. While Russian hackers get more media attention nowadays, Iranian hackers have had their share... "The Iranians view Trump as a destabilizing force within America," said McAfee. "They would like nothing more than to have Trump as President....

"If all evidence points to the Russians, then, with 100% certainty, it is not the Russians. Anyone who is capable of carrying out a hack of such sophistication is also capable, with far less effort than that involved in the hack, of hiding their tracks or making it appear that the hack came from some other quarter..."
Bruce Schneier writes that "we don't know anything much of anything" about yesterday's massive DDOS attacks. "If I had to guess, though, I don't think it's China. I think it's more likely related to the DDoS attacks against Brian Krebs than the probing attacks against the Internet infrastructure..." Earlier this month Krebs had warned that source code had been released for the massive DDOS attacks he endured in September, "virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices."

Earlier this week, Tesla signed a non-binding agreement to buy solar cells from a new Panasonic factory in Buffalo, New York -- but it's part of a much bigger maneuver. An anonymous Slashdot reader writes: "If all goes to plan, Tesla will be supplying customers with the solar panels that generate electricity that could then be used to charge the battery in their Tesla car or the battery in the Tesla Powerwall home energy storage system," reports the Christian Science Monitor. The Wall Street Journal reports that Musk's SolarCity "will sell, finance and install the panels."

But the Buffalo News suggests the deal is really "aimed squarely at skeptical shareholders" who may be leary of a proposed merger between Tesla and SolarCity," which one analyst calculates will require nearly $6 billion in extra capital. Panasonic could help shoulder the costs of the Buffalo factory, while also putting a more experienced manufacturer in charge of producing high-efficiency solar modules.
The Stack reports some shareholders have actually filed a lawsuit against the merger.

Eight months after being rescued at sea near Cuba and then arrested, Anonymous hacker Martin Gottesfeld now faces prosecution as well as death by hunger. Newsweek reports: A member of Anonymous has been indicted on hacking charges while on the third week of a prison hunger strike protesting perceived institutionalized torture and political prosecutions. Martin Gottesfeld, 32, was charged this week in relation to the hacking of Boston Children's Hospital in 2014 following the alleged mistreatment of one of its patients. Gottesfeld has previously admitted to targeting the hospital, though says he did it in defense of "an innocent, learning-disabled, 15-year-old girl"...

Since beginning his hunger strike on October 3, Gottesfeld tells Newsweek from prison he has lost 16.5 pounds. He says he will continue his hunger strike until two demands are met: a promise from the presidential candidates that children are not mistreated in the way he claims Pelletier was; and an end to the "political" style of prosecution waged by Carmen Ortiz, the U.S. attorney for Massachusetts.
The indictment claims that the hospital spent more than $300,000 to "mitigate" the damage from the 2014 attack.

Eight months after being rescued at sea near Cuba and then arrested, Anonymous hacker Martin Gottesfeld now faces prosecution as well as death by hunger. Newsweek reports: A member of Anonymous has been indicted on hacking charges while on the third week of a prison hunger strike protesting perceived institutionalized torture and political prosecutions. Martin Gottesfeld, 32, was charged this week in relation to the hacking of Boston Children's Hospital in 2014 following the alleged mistreatment of one of its patients. Gottesfeld has previously admitted to targeting the hospital, though says he did it in defense of "an innocent, learning-disabled, 15-year-old girl"...

Since beginning his hunger strike on October 3, Gottesfeld tells Newsweek from prison he has lost 16.5 pounds. He says he will continue his hunger strike until two demands are met: a promise from the presidential candidates that children are not mistreated in the way he claims Pelletier was; and an end to the "political" style of prosecution waged by Carmen Ortiz, the U.S. attorney for Massachusetts.
The indictment claims that the hospital spent more than $300,000 to "mitigate" the damage from the 2014 attack.

Fudge Factor 3000 writes: Google has quietly changed its privacy policy to allow it to associate web tracking, which is supposed to remain anonymous, with personally identifiable user data. This completely reneges its promise to keep a wall between ad tracking and personally identifiable user data, further eroding one's anonymity on the internet. Google's priorities are clear. All they care about is monetizing user information to rake in the big dollars from ad revenue. Think twice before you purchase the premium priced Google Pixel. Google is getting added value from you as its product without giving you part of the revenue it is generating through tracking through lower prices. The crossed-out section in its privacy policy, which discusses the separation of information as mentioned above, has been followed with this statement: "Depending on your account settings, your activity on other sites and apps may be associated with your personal information in order to improve Google's services and the ads delivered by Google." ProPublica reports: "The change is enabled by default for new Google accounts. Existing users were prompted to opt-in to the change this summer. The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on your name and other information Google knows about you. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct. The move is a sea change for Google and a further blow to the online ad industry's longstanding contention that web tracking is mostly anonymous. In recent years, Facebook, offline data brokers and others have increasingly sought to combine their troves of web tracking data with people's real names. But until this summer, Google held the line." You can choose to opt in or out of the personalized ads here.

MojoKid writes: The Internet took a turn for the worst this morning, when large parts of the DNS network were brought down by a massive distributed denial of service attack (DDoS) targeting DNS provider Dyn. If you couldn't access Amazon, Twitter, and a host of other large sites and online services earlier today, this was why. Now, if a couple of additional tweets are to be believed, it appears supporters of WikiLeaks are responsible for this large scale DDoS attack on Dynamic Network Services Inc's Dyn DNS service. WikiLeaks is alleging that a group of its supporters launched today's DDoS attack in retaliation for the Obama administration using its influence to push the Ecuadorian government to limit Assange's internet access. Another earlier tweet reassures supporters that Mr. Assange is still alive, which -- along with a photo of heavily armed police posted this morning -- implies that he may have been (or may still be) in danger, and directly asks said supporters to stop the attack. WikiLeaks published this tweet a little after 5PM: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point." It was followed by: "The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate."

MojoKid writes: The Internet took a turn for the worst this morning, when large parts of the DNS network were brought down by a massive distributed denial of service attack (DDoS) targeting DNS provider Dyn. If you couldn't access Amazon, Twitter, and a host of other large sites and online services earlier today, this was why. Now, if a couple of additional tweets are to be believed, it appears supporters of WikiLeaks are responsible for this large scale DDoS attack on Dynamic Network Services Inc's Dyn DNS service. WikiLeaks is alleging that a group of its supporters launched today's DDoS attack in retaliation for the Obama administration using its influence to push the Ecuadorian government to limit Assange's internet access. Another earlier tweet reassures supporters that Mr. Assange is still alive, which -- along with a photo of heavily armed police posted this morning -- implies that he may have been (or may still be) in danger, and directly asks said supporters to stop the attack. WikiLeaks published this tweet a little after 5PM: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point." It was followed by: "The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate."

A second wave of attacks has hit dynamic domain name service provider Dyn, affecting a larger number of providers. As researchers and government officials race to figure out what is causing the outages, new details are emerging. Dan Drew, chief security officer at Level 3 Communications, says the attack is at least in part being mounted from a "botnet" of Internet-of-Things (IoT) devices. "We're seeing attacks coming from a number of different locations," Drew said. "An Internet of Things botnet called Mirai that we identified is also involved in the attack." Ars Technica reports: The botnet, made up of devices like home WiFi routers and internet protocol video cameras, is sending massive numbers of requests to Dyn's DNS service. Those requests look legitimate, so it's difficult for Dyn's systems to screen them out from normal domain name lookup requests. Earlier this month, the code for the Mirai botnet was released publicly. It may have been used in the massive DDoS attack against security reporter Brian Krebs. Mirai and another IoT botnet called Bashlight exploit a common vulnerability in BusyBox, a pared-down version of the Linux operating system used in embedded devices. Mirai and Bashlight have recently been responsible for attacks of massive scale, including the attacks on Krebs, which at one point reached a traffic volume of 620 gigabits per second. Matthew Prince, co-founder and CEO of the content delivery and DDoS protection service provider CloudFlare, said that the attack being used against Dyn is an increasingly common one. The attacks append random strings of text to the front of domain names, making them appear like new, legitimate requests for the addresses of systems with a domain. Caching the results to speed up responses is impossible. Prince told Ars: "They're tough attacks to stop because they often get channeled through recursive providers. They're not cacheable because of the random prefix. We started seeing random prefix attacks like these three years ago, and they remain a very common attack. If IoT devices are being used, that would explain the size and scale [and how the attack] would affect: someone the size of Dyn."

An anonymous reader quotes a report from ABC News: The NSA contractor accused of stealing a gargantuan amount of sensitive and classified data from the U.S. government was studying Russian before he was arrested and would be a "prime target" for foreign spies should he be released on bail, prosecutors argued ahead of a court hearing for Harold Martin, III, today. The government said it is "readily apparent to every foreign counterintelligence professional and nongovernmental actor that the Defendant has access to highly classified information, whether in his head, in still-hidden physical locations, or stored in cyberspace -- and he has demonstrated absolutely no interest in protecting it. This makes the Defendant a prime target, and his release would seriously endanger the safety of the country and potentially even the Defendant himself." Prosecutors noted that Martin purportedly communicated online "with others in languages other than English, including in Russian" and that he had downloaded information on the Russian language just a couple months before he was arrested in August. Martin's attorneys, however, said in their own court filing Thursday that there is still no evidence he "intended to betray his country" and argued that he was not a flight risk. All the talk of foreign spies and potential getaway plans, the defense said, were "fantastical scenarios." Martin's defense team said in part: "The government concocts fantastical scenarios in which Mr. Martin -- who, by the government's own admission, does not possess a valid passport -- would attempt to flee the country. Mr. Martin's wife is here in Maryland. His home is here in Maryland. He hash served this country honorably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. There is no evidence he intended to betray his country. The government simply does not meet its burden of showing that no conditions of release would reasonably assure Mr. Martin's future appearance in court. For these reasons, and additional reasons to be discussed at the detention hearing, Mr. Martin should be released on conditions pending trial."

UPDATE 10/21/16: Slashdot reader chromaexursion writes: "Harold Martin was denied bail. The judge agreed the the prosecution in his decision."

Earlier today, Dyn, an internet infrastructure company, was hit by several DDoS attacks, which interestingly affected several popular websites including The New York Times, Reddit, Spotify, and Twitter that were directly or indirectly using Dyn's services. The attack is mostly visible across the US eastern seaboard with rest of the world noticing a few things broken here and there. Dyn says it's currently investigating a second round of DDoS attacks, though the severity of the outage is understandably less now. In the meantime, the Homeland Security said that it is aware of the attack and is investigating "all potential causes." Much of who is behind these attacks is unknown for now, and it is unlikely that we will know all the details until at least a few days. The attacks however have revealed how unprepared many websites are when their primary DNS provider goes down. ZDNet adds: The elephant in the room is that this probably shouldn't have happened. At very least there's a lot to learn already about the frailty of the internet DNS system, and the lack of failsafes and backups for websites and tech companies that rely on outsourced DNS service providers. "It's also a reminder of one risk of relying on multi-tenant service providers, be they DNS, or a variety of many other managed cloud service providers," said Steve Grobman, chief technology officer at Intel Security. Grobman warned that because this attack worked, it can be exploited again. "Given how much of our connected world must increasingly rely upon such cloud service providers, we should expect more such disruptions," he said. "We must place a premium of service providers that can present backup, failover, and enhance security capabilities allowing them to sustain and deflect such attacks." And that's key, because even though Dyn is under attack, it's the sites and services that rely on its infrastructure who should rethink their own "in case of emergency" failsafes. It may only be the east coast affected but lost traffic means lost revenue. Carl Levine, senior technical evangelist for NS1, another major managed DNS provider, said that the size and scale of recent attacks "has far exceeded what the industry thought was the upper end of the spectrum." "Large companies need to constantly upgrade their flood defenses. Some approaches that worked just a few years ago are now basically useless," said Kevin Curran, senior member with IEEE.We also recommend reading security reporter Brian Krebs's take on this.

Several popular websites and services are down right now for many users. The affected sites include Twitter, SoundCloud, Spotify, and PayPal among others. The cause appears to be a sweeping outage of DNS provider Dyn -- which in turn is under DDoS attack, according to an official blog post. From a TechCrunch report:Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users accessing these sites might have more or less success depending on where they're located, as some European and Asian users seem not to be encountering these issues. Last month, Bruce Schneier warned that someone was learning how to take down the internet. Update: 10/21 14:41 GMT by M : Dyn says that it has resolved the issue and sites should function normally. Update: 10/21 17:04 GMT by M : Department of Homeland Security says it is aware of the first DDoS attack on Dyn today and "investigating all potential causes." Dyn says it is still under DDoS attack. News outlet The Next Web says it is also facing issues. Any website that uses Dyn's service -- directly or indirectly -- is facing the issue. Motherboard has more details. Update: 10/21 17:57 GMT by M : It seems even PlayStation Network is also hit. EA Sports Games said it is aware of the issues in live-play. Dyn says it is facing a second round of DDoS attacks.

Update: 10/21 18:45 GMT by M : U.S. government probing whether east coast internet attack was a 'criminal act' - official.

Editor's note: the story is being updated as we learn more. The front page was updated to move this story up. Are you also facing issues? Share your experience in the comments section below.

In what would likely be one of the largest telecommunications takeovers in American history, Bloomberg is reporting that ATT has discussed the idea of a possible merger or other partnership with Time Warner Inc (may be paywalled; alternate source). Bloomberg reports: The talks, which at this stage are informal, have focused on building relations between the companies rather than establishing the terms of a specific transaction, the people said, asking not to be identified as the deliberations are private. Neither side has yet hired a financial adviser, the people said. Acquiring Time Warner would give ATT, one of the biggest providers of pay-TV and of wireless and home internet service in the U.S., a collection of popular programming to offer to subscribers, from HBO to NBA basketball to the Cartoon Network. ATT CEO Randall Stephenson has been looking to add more content and original programming as part of his plan to transform the Dallas-based telecommunications company into a media and entertainment giant. Time Warner Chief Executive Officer Jeff Bewkes is a willing seller if he gets an offer he thinks is fair, said one of the people. Bewkes and his board rejected an $85-a-share approach in 2014 from Rupert Murdoch's 21st Century Fox Inc., which valued Time Warner at more than $75 billion. Last year, ATT paid $48.5 billion to acquire satellite-TV provider DirecTV, its biggest deal in at least 10 years, according to data compiled by Bloomberg. ATT has been developing an internet-based version of the pay-TV service, called DirecTV now.