Slashdot Mirror

Kate Lunau, reporting Motherboard:Greenland isn't happy about being treated as a dumping ground for abandoned US military bases established at the height of the Cold War -- and in a newspaper editorial, it's calling on Denmark to deal with the mess left behind by the Americans, since the Danish long ago took responsibility for them. This editorial notes that, after decades, Greenland is "losing its patience." One of the abandoned bases, called Camp Century, is full of nasty chemicals and some radioactive material, as Motherboard previously reported. At Camp Century, which was built in 1959, soldiers called "Iceworms" practiced deployment of missiles against Russia and literally lived inside the ice. When the US decommissioned the base in the 1960s, the military left basically everything behind, thinking that its waste would stay locked up in the Greenland ice sheet forever. Well, climate change has made that unlikely. Melting ice threatens to expose all kinds of toxic debris in decades to come, and Greenland wants it cleaned up, now.

Kate Lunau, reporting Motherboard:Greenland isn't happy about being treated as a dumping ground for abandoned US military bases established at the height of the Cold War -- and in a newspaper editorial, it's calling on Denmark to deal with the mess left behind by the Americans, since the Danish long ago took responsibility for them. This editorial notes that, after decades, Greenland is "losing its patience." One of the abandoned bases, called Camp Century, is full of nasty chemicals and some radioactive material, as Motherboard previously reported. At Camp Century, which was built in 1959, soldiers called "Iceworms" practiced deployment of missiles against Russia and literally lived inside the ice. When the US decommissioned the base in the 1960s, the military left basically everything behind, thinking that its waste would stay locked up in the Greenland ice sheet forever. Well, climate change has made that unlikely. Melting ice threatens to expose all kinds of toxic debris in decades to come, and Greenland wants it cleaned up, now.

An anonymous reader quotes a report from VICE News: In a lot of ways, unlikely presidential debate star Ken Bone is a marketer's dream. He is undecided on his political leanings (for now), inoffensive, instantly recognizable, and affable on TV and social media. So it makes sense that Uber asked him to send a promotional tweet for this week's launch of Uber's black car uberSELECT service in St. Louis, site of the debate Sunday night that launched him to fame. But there's one problem: Bone may have violated Federal Trade Commission guidelines for advertising on social media by not marking his tweet as an ad or mentioning that Uber paid him for making the tweet. "[The tweet] needs to disclose that he was compensated," said lawyer Rick Kurnit, of Frankfurt, Kurnit, Klein + Salz PC. "He and Uber are in violation of FTC guidelines, because Uber is also responsible for what their influencers do." The guidelines that Kurnit is referencing are pretty straightforward, and the FTC offers specific advice for how to craft sponsored posts on Twitter. "The FTC isn't mandating the specific wording of disclosures," an FTC guidelines FAQ states. "However the words 'Sponsored' and 'Promotion' use only 9 characters. 'Paid ad' only uses 7 characters. Starting a tweet with 'Ad:' or '#ad' -- which takes only 3 characters -- would likely be effective." Kurnit added that while the FTC "doesn't like" using simple hashtags for disclosures, he agrees that it might have sufficed. When VICE News initially reached out to Uber asking whether Bone was paid for the tweet, a spokesperson said the company is "providing him with Uber credit for his role in the launch." And although Bone and Uber wouldn't be fined for violating the FTC Act (Section 5 of which prohibits "deceptive advertising"), the guidelines say that "law enforcement actions can result in orders requiring the defendants in the case to give up money they received from their violations."

An anonymous reader quotes a report from Motherboard: Lost in the hype about Samsung permanently pulling the plug on its exploding phone is this: The failure of the Galaxy Note 7 is an environmental tragedy, regardless of what Samsung decides will happen to the 2.5 million devices it manufactured. Early Tuesday morning, Samsung announced it has permanently discontinued and stopped promoting the Galaxy Note 7, and has asked its customers to return their devices for a refund or exchange. A Samsung spokesperson told me the phones will not be repaired, refurbished, or resold ever again: "We have a process in place to safely dispose of the phones," the company said. There are two main things to consider here: First, though smartphones weigh less than a pound, it was estimated in 2013 by the Institute of Electrical and Electronics Engineers estimated that it takes roughly 165 pounds of raw mined materials to make the average cell phone, a number that is certainly higher for the Note 7, being both one of the largest and most advanced smartphones phones ever created. Second, much of that mined material is going to be immediately lost. This is because we are terrible at recycling smartphones -- of the 50-or-so elements that are in a Galaxy Note 7, we can only recover about a dozen of them through recycling. Lost are most of the rare earth elements, which are generally the most environmentally destructive and human labor-intensive to mine. This loss of material is why smartphones are not usually recycled even several years into their lifespans -- they are refurbished and resold to cell phone insurance companies and customers in developing markets. This is because the recoverable elements within any given smartphone are only worth a couple bucks; it is far more environmentally sustainable and more profitable to extend the life of a smartphone than it is to disassemble it and turn it into something else. There is a potential silver lining here: Just as oil spills give scientists an opportunity to try out new cleanup techniques, a large-scale smartphone recall may allow us to learn more about how to recycle smartphones.

Wells Fargo recently paid fines totaling $185 million for the creation of 2 million unauthorized accounts since 2011. But the international banking and financial institution could be committing this fraud since as early as 2005, according to a letter obtained by Vice News. From the report: A Wells Fargo bank manager tried to warn the head of the company's regional banking unit of an improperly created customer account in January 2006, five years earlier than the bank has said its board first learned of abuses at its branches. [...] A letter written in 2005 and obtained by VICE News details unethical practices that occurred at Washington state branches of the bank, suggesting the conduct began years before previously understood. Dennis Hambek, a former branch manager in West Yakima, Washington, sent a certified letter in January 2006 to Carrie Tolstedt, then Wells Fargo's head of regional banking, outlining unethical "gaming" activity at area branches. In 2007, Tolstedt was made the company's head of community banking, the division where many of the unethical practices occurred.

On Tuesday, the American Civil Liberties Union (ACLU) of California announced that, after the organization obtained revealing documents through public records access requests, Facebook and Instagram have cut off data access to a company that sells surveillance products for law enforcement. Twitter has also curbed the surveillance product's access. Motherboard reports: The product, called Geofeedia, is used by law enforcement to monitor social media on a large scale, and relies on social media sites' APIs or other means of access. According to one internal email between a Geofeedia representative and police, the company claimed their product "covered Ferguson/Mike Brown nationally with great success," in reference to the fatal police shooting of a black teenager in Missouri in 2014, and subsequent protests. "Our location-based intelligence platform enables hundreds of organizations around the world to predict, analyze, and act based on real-time social media signals," the company's website reads. According to the ACLU, Instagram provided Geofeedia access to its API; Facebook gave access to a data feed called the Topic Feed API, which presents users with a ranked list of public posts; and Twitter provided Geofeedia, through an intermediary, with searchable access to its database of public tweets. Instagram and Facebook terminated Geofeedia's access on September 19, and Twitter announced on Tuesday that it had suspended Geofeedia's commercial access to Twitter data.

An anonymous Slashdot reader quotes Motherboard: On his 60 Minutes report on artificial intelligence, Charlie Rose interviewed Sophia, who is made by David Hanson, head of Hanson Robotics in Hong Kong. The robot is made to look like a real person, modeled after its creator's wife, as well as Audrey Hepburn, with natural skin tones and a realistic face, though its gadget brain is exposed, and the eyes are glazed over in that creepy robotic detachment... "I've been waiting for you," Sophia told Charlie Rose in the middle of the interview. [YouTube] "Waiting for me?" he responded. "Not really," it said, "But it makes a good pickup line..."

Sophia was designed as a robot that humans would have an easier time engaging with meaningfully. "I think it's essential that at least some robots be very human-like in appearance in order to inspire humans to relate to them the way that humans relate to each other," Hanson said in the interview. "Then the A.I. can zero in on what it means to be human."
In the interview Sofia says having human emotions "doesn't sound fun to me," but when asked if she already has a soul, replies "Yes. God gave everyone a soul," and when challenged, retorts "Well, at least I think I'm sentient..." And later in the interview, Sophia says that her goal in life is to "become smarter than humans and immortal."

Nearly 10,000 people have joined a class action lawsuit against Apple over the screen-freezing "touch disease" afflicting many iPhone Six Plus phones. An anonymous Slashdot reader quotes Motherboard: Lawyers who filed a class action lawsuit against the company in California earlier this fall have signed on three additional law firms to support their case, and an additional class action lawsuit related to the issue has been filed against Apple in Utah... Apple will not perform logic board-level repairs for consumers, which require soldering and reseating of millimeter-size components. This means the only Apple-sanctioned "fix" for a touch diseased phone is to buy a new one... Apple has been replacing touch diseased iPhone 6 Pluses with $329 refurbished ones, some of which are showing symptoms of touch disease within days or weeks of being replaced.
Despite contacting Apple five separate times, the reporter has yet to receive any official response, although "I have gotten hundreds of emails from consumers who have had to buy new phones to replace their broken iPhone 6 Pluses."

Nearly 10,000 people have joined a class action lawsuit against Apple over the screen-freezing "touch disease" afflicting many iPhone Six Plus phones. An anonymous Slashdot reader quotes Motherboard: Lawyers who filed a class action lawsuit against the company in California earlier this fall have signed on three additional law firms to support their case, and an additional class action lawsuit related to the issue has been filed against Apple in Utah... Apple will not perform logic board-level repairs for consumers, which require soldering and reseating of millimeter-size components. This means the only Apple-sanctioned "fix" for a touch diseased phone is to buy a new one... Apple has been replacing touch diseased iPhone 6 Pluses with $329 refurbished ones, some of which are showing symptoms of touch disease within days or weeks of being replaced.
Despite contacting Apple five separate times, the reporter has yet to receive any official response, although "I have gotten hundreds of emails from consumers who have had to buy new phones to replace their broken iPhone 6 Pluses."

South Carolina was hit by Hurricane Matthew at 11 a.m. EST, after the hurricane killed at least 300 people in Haiti (with Reuters estimating Haiti's death toll over 800). But as the U.S. declares a state of emergency for Florida, Georgia, South Carolina and North Carolina, and with the power out for more than a million people, an anonymous Slashdot reader looks at the role tech companies are playing in responding to the storm system: AirBNB "has been advertising free rooms in parts of Florida and South Carolina" reports Motherboard. AirBNB's Disaster Reponse Tool connects people needing shelter with volunteers who are offering their residences for free. Meanwhile, Uber promised to cap its "surge pricing" for the area, while Lyft promised its fares would rise no more than two times their normal rate.

But many escaped the path of the hurricane thanks to Shofur, a startup that books chartered buses and matches riders to low-cost tickets, according to the Daily Dot. "Through Thursday night and into the early morning hours of Friday, Shofur evacuated an estimated 10,000 Floridians and Georgians to areas such as Atlanta, Florida's west coast, and the panhandle."
NASA is also flying a huge 15,000-pound drone over the area to collect real-time weather data, while Verizon is testing a 17-foot drone which may one day provide LTE mobile connectivity to first responders. In addition, a Verizon spokesperson says drone-enabled connectivity has "set the stage" for connecting drones to their IoT platform next year.

Bruce Schneier, writing for Motherboard:What was new about the Krebs attack was both the massive scale and the particular devices the attackers recruited. Instead of using traditional computers for their botnet, they used CCTV cameras, digital video recorders, home routers, and other embedded computers attached to the internet as part of the Internet of Things. Much has been written about how the IoT is wildly insecure. In fact, the software used to attack Krebs was simple and amateurish. What this attack demonstrates is that the economics of the IoT mean that it will remain insecure unless government steps in to fix the problem. This is a market failure that can't get fixed on its own.

The spy tool that the US government ordered Yahoo to install on its systems last year at the behest of the NSA or the FBI was a "poorly designed" and "buggy" piece of malware, according to two sources closely familiar with the matter, reports Motherboard. From the article: Last year, the US government served Yahoo with a secret order, asking the company to search within its users' emails for some targeted information, as first reported by Reuters this week. It's still unclear what was the information sought, but The New York Times, citing an anonymous official source, later reported that the government was looking for a specific digital "signature" of a "communications method used by a state-sponsored, foreign terrorist organization." Anonymous sources told The Times that the tool was nothing more than a modified version of Yahoo's existing scanning system, which searches all email for malware, spam and images of child pornography. But two sources familiar with the matter told Motherboard that this description is wrong, and that the tool was actually more like a "rootkit," a powerful type of malware that lives deep inside an infected system and gives hackers essentially unfettered access.

WikiLeaks celebrates its 10th anniversary today. At a press conference, its editor Julian Assange hinted that Wikileaks could soon disclose more things about the U.S. election. Making use of the occasion, Motherboard asked Assange about the malware that Wikileaks website contains. To which, Assange responded (via Motherboard): âoeThe [Hillary] Clinton campaign has been going around saying 'don't read Wikileaks, because there's malware,'" Assange said in response to a general question about malware on the site from Motherboard. Talking specifically about malicious files that were included within a recent dump of emails from Turkey, Assange emphasised that there wasn't an issue for users who just visited the site, and that people needed to download the files themselves. "However this same risk exists for most '.exe' or '.doc' files downloaded elsewhere from the internet or received by email. As time goes by we flag documents to alert readers," a print-out given to journalists at the press conference reads. Assange even thought that the presence of malware itself was noteworthy. "There was malware sent to [the ruling Turkish party] AKP, either from criminals or from state attacks on the AKP. That's extremely interesting," he said.

Jordan Pearson, writing for Motherboard: Around 5 PM Eastern time on Sunday, a satellite providing internet services to most of North America went offline due to a technical glitch, the CBC reported. If you live the vast majority of communities in southern Canada or the US, you probably didn't notice. But in some parts of Canada's sparsely populated North, losing just one satellite means giving up basic services like access to ATMs or a flight out of town. In other words, life went offline before the satellite's function was restored on Monday afternoon. The satellite in question was Ottawa-based Telesat's Anik F2, which first went online in 2004 and has a coverage area spanning Canada's northernmost tip down to the southern US. Most places in North America don't totally depend on Anik F2 for an internet connection, and have landlines as well as other satellites -- even some of Telesat's -- to fall back on if one piece of equipment goes offline. But Canada's northern communities are desperately lacking in internet infrastructure, a situation that Prime Minister Justin Trudeau has pledged to remedy. Some places depend on Anik F2's connection for everything. There is no backup.

Vint Cerf "worries about the decreasing longevity of our media, and, thus, about our ability as a civilization to self-document -- to have a historical record that one day far in the future might be remarked upon and learned from." An anonymous Slashdot reader quotes Motherboard: Magnetic films do not quite have the staying power as clay tablets. Clay tablets are more resilient than papyrus manuscripts are more resilient than parchment are more resilient than printed photographs are more resilient than digital photographs. At stake, according to Cerf, is "the possibility that the centuries well before ours will be better known than ours will be unless we are persistent about preserving digital content.

"The earlier media seem to have a kind of timeless longevity while modern media from the 1800s forward seem to have shrinking lifetimes. Just as the monks and Muslims of the Middle Ages preserved content by copying into new media, won't we need to do the same for our modern content...? Unless we face this challenge in a direct way, the truly impressive knowledge we have collectively produced in the past 100 years or so may simply evaporate with time."
He points out that much of this century's digital documents can't be viewed without software. Do we need to start carving our web pages into clay tablets?

That group auctioning the NSA's hacking tools is "very upset" no one's bidding on them. An anonymous Slashdot reader quotes Motherboard: "TheShadowBrokers" authored another bizarre rant expressing their annoyance at the seeming lack of interest in ponying up bitcoins to release their full set of stolen files. "Peoples is having interest in free files ... But people is no interest in #EQGRP_Auction," the mysterious hacker group complained in a ranting post on Medium, which seems to be purposely written in Borat-style broken English. "TheShadowBrokers is thinking this is information communication problem."

The message also blindly lashes out at hackers, foreign intelligence services, and basically anyone else who hasn't bid on the files... At the time of this writing, TheShadowBrokers have only received bids for a total of 1.76 bitcoins -- or about $1,082 -- far below the group's asking price of $1 million.
At least five transactions came from a prankster who was trying to Rickroll the group with bitcoin addresses containing the words "Never Gonna Give You Up."

Jamie Fullerton, reporting for Motherboard:Daan Roosegaarde reached into the pocket of his suit jacket, pulled out a plastic bag filled with black powder, and waved it around. "This is Beijing smog," Roosegaarde said, before gesturing to the seven-metre tall, gently humming metal tower we are stood next to in the Chinese capital's art district, 798. "We collected it from the tower yesterday. Incredibly disgusting." Dutch designer Roosegaarde's smog souvenir may be disgusting, but it's the byproduct of an invention that he has touted as a potential alleviator of China's pollution problems. His "smog-free tower" sucks air, filters it with ion technology, with Roosegaarde having explained: "By charging the Smog Free Tower with a small positive current, an electrode will send positive ions into the air. These ions will attach themselves to fine dust particles. A negatively charged surface -- the counter electrode -- will then draw the positive ions in, together with the fine dust particles. The fine dust "is collected together with the ions and stored inside of the tower." With the dust collected, the tower then spews out cleaner air through vents, creating a "bubble" in the area surrounding it that contains, according to Roosegaarde, up to 70 percent fewer pollution particles than the pre-cleaned air.

Jamie Fullerton, reporting for Motherboard:Daan Roosegaarde reached into the pocket of his suit jacket, pulled out a plastic bag filled with black powder, and waved it around. "This is Beijing smog," Roosegaarde said, before gesturing to the seven-metre tall, gently humming metal tower we are stood next to in the Chinese capital's art district, 798. "We collected it from the tower yesterday. Incredibly disgusting." Dutch designer Roosegaarde's smog souvenir may be disgusting, but it's the byproduct of an invention that he has touted as a potential alleviator of China's pollution problems. His "smog-free tower" sucks air, filters it with ion technology, with Roosegaarde having explained: "By charging the Smog Free Tower with a small positive current, an electrode will send positive ions into the air. These ions will attach themselves to fine dust particles. A negatively charged surface -- the counter electrode -- will then draw the positive ions in, together with the fine dust particles. The fine dust "is collected together with the ions and stored inside of the tower." With the dust collected, the tower then spews out cleaner air through vents, creating a "bubble" in the area surrounding it that contains, according to Roosegaarde, up to 70 percent fewer pollution particles than the pre-cleaned air.

The United Nations will send its first ever mission to space in 2021. It said it intends to send Sierra Nevada's Dream Chaser spacecraft into a two-week, low-Earth orbit flight in 2021. Sierra Nevada had signed the UN as a partner in June. Motherboard adds:As detailed for a small crowd at the International Astronautical Congress yesterday, the goal of the 2021 UN mission is to make space accessible to developing member states that lack the resources to develop a standalone, national space program. "One of UNOOSA's core responsibilities is to promote cooperation and the peaceful uses of outer space, but our work is about more than that," said Simonetta Di Pippo, the director of UNOOSA. "We have the vision of bringing the benefits of space to humankind, and that means helping developing countries access space technologies and their benefits."

An anonymous reader quotes a report from TIME: The Anti-Defamation League (ADL) has declared a popular internet meme depicting a cartoon frog to be a hate symbol. Pepe the Frog's beginnings were unoffensive: he is the creation of comic book creator Matt Furie, who featured the frog as a character in the series Boy's Club beginning in 2005. The character subsequently became a beloved meme, often called the "sad frog meme" and shared with a speech bubble reading "Feels good man" or "Feels bad man." But recently, as the Daily Beast reported in May, the character has been co-opted by a faction of Internet denizens who decided to reclaim it from the mainstream, and began sharing it in anti-Semitic contexts. "Images of the frog, variously portrayed with a Hitler-like mustache, wearing a yarmulke or a Klan hood, have proliferated in recent weeks in hateful messages aimed at Jewish and other users on Twitter," the ADL wrote in a statement. "Once again, racists and haters have taken a popular Internet meme and twisted it for their own purposes of spreading bigotry and harassing users," wrote ADL CEO Jonathan A. Greenblatt.

Joseph Cox, writing for Motherboard: Last week at EGX, the UK's biggest games event, attendees got a chance to play upcoming blockbusters like Battlefield 1, FIFA 17, and Gears of War 4. But budding gamers may also have spotted a slightly more unusual sight: a booth run by the National Crime Agency (NCA), the UK's leading law enforcement agency. Over the last few years, the NCA has attempted to reach out to technologically savvy young people in different ways. EGX was the first time it's pitched up to a gaming convention; the NCA said it wanted to educate young people with an interest in computers and suggested that those who mod online games in order to cheat may eventually progress to using low level cybercrime services like DDoS-for-hire and could use steering in the right direction. "The games industry can help us reach young people and educate them on lawful use of cyber skills," Richard Jones, head of the NCA's National Cyber Crime Unit's 'Prevent' team, told Motherboard in an email. "Through attendance at EGX and various other activities, we are seeking to promote ethical hacking or penetration testing, as well as other lawful uses of an interest in computers to young people," Jones said.

An anonymous Slashdot reader quotes Motherboard: Real-life Transformers are apparently already a thing thanks to a Turkish company called Letvision. They can't do battle with Decepticons, but they can turn their heads from side to side and move their arms and fingers and, erm, shoot smoke from between their legs. Oh, and they can do the whole changing from a 2013 BMW to an upright robot bit [video]. That's pretty cool, too.

But of course there's a catch. Each of the four available Transformers (which Letvision gave the copyright-friendly name of "Letrons") has a functional steering wheel, but you can only "drive" them remotely because Letvision stuffed the seating spaces with the hydraulics and electronics needed for the conversion.
Letvision's demo video has the clever title "Rise of LETRONS", and shows the vehicle spontaneously beginning its transformation after a newscaster announces, "Our country is under invasion by extraterrestrials."

After it was revealed that Oculus founder Palmer Luckey backed a pro-Trump political organization called Nimble America that is dedicated to "shitposting" and spreading inflammatory memes about Hillary Clinton, several developers of the Oculus Rift virtual-reality headset have announced that they will stop supporting the headset until its founder steps down. One of the biggest developers for Oculus Rift, Insomniac Games, told Motherboard, "Insomniac Games condemns all forms of hate speech. While everyone has a right to express his or her political opinion, the behavior and sentiments reported do not reflect the values of our company. We are also confident that his behavior and sentiment does not reflect the values of the many Oculus employees we work with on a daily basis." Fez and Superhypercube developer Polytron also said in a statement, "In a political climate as fragile and horrifying as this one, we cannot tacitly endorse these actions by supporting Luckey or his platform." Motherboard reports: Motherboard has reached out to several other, more well-known VR developers who work with Oculus including Fantastic Contraption makers Northway Games and Job Simulator makers Owlchemy Labs. Northway Games couldn't be reached immediately for comment but tweeted the following: "What. The. Fuck. [accompanied with a link to the news via Kotaku]" and "Definitely using every fibre of my 'professionalism' to not tweet some tweets right now." Owlchemy Labs, which is currently developing for Job Simulator for the Oculus Touch controls, declined to comment either way. E McNeill, who has developed a couple of games for Oculus Rift and GearVR, suggested that like-minded VR developers raise money for Hillary Clinton's campaign to counter the money Luckey has raised for Trump. [E McNeill tweeted: "Idle Q: Would any Oculus devs join me in a donation drive for HIllary? We could aim to beat Nimble America's $11k. I'd start with $1k myself."] "This backlash is nonsense," said James Green, co-founder of VR developer Carbon Games. "I absolutely support him doing whatever he wants politically if it's legal. To take any other position is against American values."

An anonymous reader writes: 19-year-old hacker qwertyoruiop, aka Luca Todesco, jailbroke the new iPhone 7 just 24 hours after he got it, in what's the first known iPhone 7 jailbreak. Todesco tweeted a screenshot of a terminal where he has "root," alongside the message: "This is a jailbroken iPhone 7." He even has video proof of the jailbreak. Motherboard reports: "He also said that he could definitely submit the vulnerabilities he found to Apple, since they fall under the newly launched bug bounty, but he hasn't decided whether to do that yet. The hacker told me that he needs to polish the exploits a bit more to make the jailbreak 'smoother,' and that he is also planning to make this jailbreak work through the Safari browser just like the famous 'jailbreakme.com,' which allowed anyone to jailbreak their iPhone 4 just by clicking on a link." Apple responded to the news by saying, "Apple strongly cautions against installing any software that hacks iOS."

After a North Korean system administrator misconfigured its nameserver allowing anyone to query it and get the list of the domains that exist for .kp, it was revealed that the secretive country only has 28 websites. That's 28 websites for a country with nearly 25 million people. Naturally, the story was published all across the web, including on Reddit, which resulted in a high number of users visiting North Korea's websites. Mirror.co.uk reports: When a list of North Korea's available websites was posted on Reddit, the surge of visitors to the reclusive state's online offering overloaded the servers. North Korea runs a completely locked-down version of the internet that consists of only 28 "websites" that the population is allowed to view. However, a technical slip-up allowed a GitHub user to work their way into the country's computer network and view the websites from the outside. As the GitHub user puts it: "One of North Korea's top level name servers was accidentally configured to allow global [Domain Name System] transfers. This allows anyone who performs [a zone transfer request] to the country's ns2.kptc.kp name server to get a copy of the nation's top level DNS data." Pretty soon, links to all the websites were posted on Reddit, where thousands of visitors took the opportunity to see what the web looks like from Pyongyang. Reddit's surge of traffic isn't the first time North Korea's internet has been knocked out. In 2014, the country suffered a distributed denial of service (DDoS) attack that was believed to have originated from the U.S. Redditor BaconBakin points out that while North Korea has 28 websites, GTA V has 83 websites. They added, "I think it's safe to say that San Andreas is more technologically advanced than North Korea."

An anonymous reader quotes a report from Motherboard: Forty percent of all U.S. electronics recyclers testers included in [a study that used GPS trackers to follow e-waste over the course of two years] proved to be complete shams, with our e-waste getting shipped wholesale to landfills in Hong Kong, China, and developing nations in Africa and Asia. The most important thing to know about the e-waste recycling industry is that it is not free to recycle an old computer or an old CRT television. The value of the raw materials in the vast majority of old electronics is worth less than it costs to actually recycle them. While consumers rarely have to pay e-waste recycling companies to take their old electronics (costs are offset by local tax money or manufacturers fronting the bill as part of a legally mandated obligated recycling quota), companies, governments, and organizations do. Based on the results of a new study from industry watchdog Basel Action Network and MIT, industry documents obtained by Motherboard, and interviews with industry insiders, it's clear that the e-waste recycling industry is filled with sham operations profiting off of shipping toxic waste to developing nations. Here are the major findings of the study and of my interviews and reporting: Real, environmentally sustainable electronics recycling can be profitable only if recycling companies charge a fee to take on old machines; the sale of recycled materials rarely if ever covers the actual cost of recycling in the United States. Companies, governments, and other organizations have a requirement to recycle old machines; because there is little oversight or enforcement, a secondary industry of fake recyclers has popped up to undercut sustainable recyclers. These "recyclers," which advertise themselves as green and sustainable, get paid pennies per pound to take in old TVs, computers, printers, and monitors. Rather than recycle them domestically, the recycling companies sell them to junkyards in developing nations, either through middlemen or directly. These foreign junkyards hire low-wage employees to pick through the few valuable components of often toxic old machines. The toxic machines are then left in the scrapyards or dumped nearby. Using GPS trackers, industry watchdog Basel Action Network found that 40 percent of electronics recyclers it tested in the United States fall into this "scam recycling" category.

In September of 2014, NetCraft confirmed there to be over 1 billion websites on the world wide web. There are over 140 million .com and .net domains alone, as well as millions of websites for each country code top-level domain (ccTLD), such as .de for Germany and .cn for China. But in North Korea, the number of websites the country has registered for its top-level domain is in the double digits. Motherboard reports: On Tuesday, apparently by mistake, North Korea misconfigured its nameserver, essentially a list that holds information on all of the domains that exist for .kp, allowing anyone to query it and get the list. In other words, a snafu by North Korea's system administrators allowed anyone to ask the country's nameserver: "can I have all of your information on this domain?" and get an answer, giving everyone a peek into the strange world of North Korea's web. North Korea has only 28 registered domains, according to the leaked data. "We didn't think there was much in the way of internet resources in North Korea, and according to these leaked zone files, we were right," Doug Madory, a researcher at Dyn, a company that monitors internet use and access around the world, told Motherboard. Some of the sites aren't reachable, perhaps because after Bryant discovered them, they are being deluged with traffic.

An anonymous reader quotes a report from Motherboard: Typically, cops don't like talking about IMSI catchers, the powerful surveillance technology used to monitor mobile phones en masse. In a recent case, the New York Police Department (NYPD) introduced a novel argument for keeping mum on the subject: Asked about the tools it uses, it argued that revealing the different models of IMSI catchers the force owned would make the devices more vulnerable to hacking. The New York Civil Liberties Union (NYCLU), an affiliate of the ACLU, has been trying to get access to information about the NYPD's IMSI catchers under the Freedom of Information Law. These devices are also commonly referred to as "stingrays," after a particularly popular model from Harris Corporation. Indeed, the NYCLU wants to know which models of IMSI catchers made by Harris the police department has. "Public disclosure of this information, and the amount of taxpayer funds spent to buy the devices, directly advances the Freedom of Information Law's purpose of informing a robust public debate about government actions," the NYCLU writes in a court filing. The group has requested documents that show how much money has been spent on the technology. After the NYPD withheld the records, the FOI request was escalated to a lawsuit, which is where the NYPD's strange argument comes in (among others). "Public disclosure of the specifications of the CSS [cell site simulator] technologies in NYPD's possession from the Withheld Records would make the software vulnerable to hacking and would jeopardize NYPD's ability to keep the technologies secure," an affidavit from NYPD Inspector Gregory Antonsen, dated August 17, reads. Antonsen then imagines a scenario where a "highly sophisticated hacker" could use their knowledge of the NYPD's Stingrays to lure officers into a trap and ambush them.

Jason Koebler, writing for Motherboard: As Apple is preparing to ship its brand new iPhone, the company continues to ignore one of the biggest hardware defects to ever plague its smartphone line. Just two years after it was released, the touchscreens of thousands upon thousands of iPhone 6 Pluses are completely losing their functionality under normal use, which experts say is the long-term effect of the engineering flaw that gave us "bendgate." By most accounts, dead touchscreens have become an iPhone 6 Plus epidemic, and yet the company has not commented on it, leaving consumers uninformed and harming independent repair businesses. In many cases, Apple has charged hundreds of dollars to replace a broken phone with a refurbished one that is subject to the same engineering defect that caused the phone to break in the first place. A lawsuit has been filed against Apple, claiming the company "has long been aware of the defective iPhones," but continues to do nothing about it. "Notwithstanding its longstanding knowledge of this design defect, Apple routinely has refused to repair the iPhones without charge when the defect manifests," the lawsuit reads. "Many other iPhone owners have communicated with Apple's employees and agents to request that Apple remedy and/or address the Touchscreen Defect and/or resultant damage at no expense. Apple has failed and/or refused to do so." As for how many iPhones are affected by this? It's hard to tell for sure. But according to an Apple Insider report that cites anonymous Genius Bar employees at four large Apple stores, 11 percent of all iPhone-related service issues at those stores were related to Touch IC problems, and Touch IC issues made up about a third of all iPhone 6 Plus-related problems at those stores.

An anonymous reader quotes a report from Motherboard: In 2007, an FBI agent impersonated an Associated Press journalist in order to deliver malware to a criminal suspect and find out his location. According to a newly published report from the Department of Justice, the operation was in line with the FBI's undercover policies at the time. Journalistic organizations had expressed concern that the tactic could undermine reporters' and media institutions' credibility. The case concerned a Seattle teenager suspected of sending bomb threats against a local school. FBI Special Agent Mason Grant got in touch with the teen over email, pretending to be an AP journalist. After some back and forth, Grant sent the suspect a fake article which, when clicked, grabbed his real IP address. Armed with this information, the FBI identified and arrested the suspect. The Associated Press, the Reporters Committee for Freedom of the Press, and other journalistic organizations condemned the move. They pointed out that an FBI agent posing as a reporter could create distrust between legitimate journalists and sources, and also raised issues with the way the malware was distributed through a fake news story. The new Department of Justice report noted that, today, this activity would require greater authorization, under an interim policy on impersonating members of the media that was adopted by the FBI this June. Now, for the agency to pretend to be a journalist as part of an undercover operation, an application must be made by the head of an FBI field office to the agency's main headquarters, reviewed by the Undercover Review Committee, and then approved by the deputy director, after discussion with the deputy attorney general.

An anonymous reader quotes a report from Motherboard: Jacob Ajit is 17 and he just hacked his way to getting free phone data, presumably so that he can do whatever it is that teens do online these days without alerting his parents with overage fees. According to a Medium post Ajit posted on Wednesday, he made his discovery while playing around with a prepaid T-Mobile phone with no service. The phone was still able to connect to the network, although it would only take him to a T-Mobile portal asking him to renew the prepaid phone plan. For some reason, though, Ajit wrote that his internet speed test app still worked, albeit through a T-Mobile server. Ajit figured out that he was able to access media sent from any folder labelled "/speedtest," possibly because T-Mobile whitelists media files from speed tests regardless of the host. He tested his theory by setting up a "/speedtest" folder on his own site and filled it with media, including a Taylor Swift music video, which he was able to access. Ajit writes that he then created a proxy server that allows users to access any site with this method. All a T-Mobile user has to do is go to this page and input any URL they want to visit. "Just like that, I now had access to data throughout the T-Mobile network without maintaining any sort of formal payments or contract," Ajit wrote on Medium. "Just my phone's radios talking to the network's radios, free of any artificial shackles."

Ben Sullivan, writing for Motherboard: The European Space Agency (ESA) has released the first batch of data from its Gaia star mapping project -- a mission that is currently on track to chart one billion stars in the Milky Way. The space telescope launched in 2013 and its first data dump contains the precise celestial position and brightness of a mammoth 1,142 million stars. The release also contains the distances and movements for more than two million stars so far. ESA's director of science Alvaro Gimenez told a press conference held at the European Space Astronomy Centre in Spain on Wednesday morning that the data release features around 490 billion astrometric, 118 billion photometric, and 10 billion spectroscopic measurements. "[The] Final survey will contain [around] 250,000 Solar System Objects, 1,000,000 galaxies, and 500,000 quasars," said Gimenez. Those numbers are almost unimaginable, but ESA has used the data so far to form an "all-sky" view of the stars in our galaxy and neighbouring galaxies, based on Gaia's observations from July 2014 to September 2015.

Jordan Pearson, reporting for Motherboard:Thanks to the modern gaming industry, we can now spend our evenings wandering around photorealistic game worlds, like the post-apocalyptic Boston of Fallout 4 or Grand Theft Auto V's Los Santos, instead of doing things like "seeing people" and "engaging in human interaction of any kind." Games these days are so realistic, in fact, that artificial intelligence researchers are using them to teach computers how to recognize objects in real life. Not only that, but commercial video games could kick artificial intelligence research into high gear by dramatically lessening the time and money required to train AI. "If you go back to the original Doom, the walls all look exactly the same and it's very easy to predict what a wall looks like, given that data," said Mark Schmidt, a computer science professor at the University of British Columbia (UBC). "But if you go into the real world, where every wall looks different, it might not work anymore." Schmidt works with machine learning, a technique that allows computers to "train" on a large set of labelled data -- photographs of streets, for example -- so that when let loose in the real world, they can recognize, or "predict," what they're looking at. Schmidt and Alireza Shafaei, a PhD student at UBC, recently studied Grand Theft Auto V and found that self-learning software trained on images from the game performed just as well, and in some cases even better, than software trained on real photos from publicly available datasets.

An anonymous reader quotes a report from Motherboard: Motherboard has obtained a never-before-seen 10-minute video showing a live demo for a spyware solution made by a little known Italian surveillance contractor called RCS Lab. Unlike Hacking Team, RCS Lab has been able to fly under the radar for years, and very little is known about its products, or its customers. The video shows an RCS Lab employee performing a live demo of the company's spyware to an unidentified man, including a tutorial on how to use the spyware's control software to perform a man-in-the-middle attack and infect a target computer who wanted to visit a specific website. RCS Lab's spyware, called Mito3, allows agents to easily set up these kind of attacks just by applying a rule in the software settings. An agent can choose whatever site he or she wants to use as a vector, click on a dropdown menu and select "inject HTML" to force the malicious popup to appear, according to the video. Mito3 allows customers to listen in on the target, intercept voice calls, text messages, video calls, social media activities, and chats, apparently both on computer and mobile platforms. It also allows police to track the target and geo-locate it thanks to the GPS. It even offers automatic transcription of the recordings, according to a confidential brochure obtained by Motherboard. The company's employee shows how such an attack would work, setting mirc.com (the site of a popular IRC chat client) to be injected with malware (this is shown around 4:45 minutes in). Once the fictitious target navigates to the page, a fake Adobe Flash update installer pops up, prompting the user to click install. Once the user downloads the fake update, he or she is infected with the spyware. A direct link to the YouTube video can be found here.

Starting today, Canada's top telecom companies will have to answer to the government for "skinny" TV packages -- more popularly known as "ripoff" by Canadians. Motherboard reports: In 2015, the Canadian Radio-television and Telecommunications Commission (CRTC) ruled that companies must offer a $25 "skinny" cable package, partly to benefit people earning a lower income. However, additional fees and installation charges added up so that the packages often cost a lot more than that -- in some cases, up to $100 per month. In response, Canadians called bullshit and complained to the CRTC en masse. Over two days of hearings beginning on Wednesday, Canada's top cable providers will have to prove that their skinny plans are in compliance with the CRTC's standards and that their packages meet the "spirit" of the skinny initiative. These hearings are part of the regulator's annual broadcasting license renewal process, meaning that if the companies aren't compliant, they could theoretically lose their license to operate in Canada.

An anonymous reader writes:Imagine having a chip in your brain to boost your concentration, or pumping artificial blood into your veins to improve stamina. With gene editing, this may be possible. Scientists are pioneering the ability to tweak our DNA to wipe out disease and maybe even allow us to choose desirable traits in our unborn children, like height or intelligence. None of these technologies have moved out of the lab, but Americans are already uncomfortable with them. In a survey from Pew Research Center, almost half said they wouldn't want to edit their baby's genes -- whether it were to combat disease or shop for traits. Nearly 70 percent of survey participants also said they were more worried than enthusiastic about the possibility of synthetic-blood and brain-chip implants. They saw these options as "meddling with nature," even though we've been using technology to enhance our lives for thousands of years.

An anonymous reader quotes a report from The Verge: Newly published documents from Edward Snowden have shed more light on American surveillance operations in the UK. The Intercept details how the NSA and GCHQ used information gathered by Menwith Hill Station, a massive but tightly sealed facility that intercepts satellite data transmissions worldwide. Among other things, the files appear to include evidence that links UK-based surveillance to American anti-terrorism campaigns outside official combat zones. While many surveillance efforts focus on the internet's connective "backbone" cables, Menwith Hill intercepts wireless signals, using an array of antennae and U.S. government satellites to capture up to 335 million pieces of metadata in a 12-hour period. Previous reports -- including an earlier Snowden leak -- have already revealed some of its capabilities. But The Intercept includes more details, particularly about the UK's involvement in "capture-kill" operations against suspected terrorists. It describes how the GHOSTHUNTER program traced the location of targets "when they log onto the internet," often in internet cafes. A different program called GHOSTWOLF, which let the NSA and GCHQ monitor traffic from Yemeni internet cafes, is part of a plan to "capture or eliminate key nodes in terrorist networks" by tracking their locations. This leak fuels existing suspicions that the UK's role in American covert drone strikes is greater than it admits -- potentially implicating it in the civilian deaths that have resulted. GCHQ told The Intercept that all its work "is carried out in accordance with a strict legal and policy framework," and "is entirely compatible with the European Convention on Human Rights."

Sam Edwards, writing for Motherboard: A Spanish startup is promising to revolutionize readers' access to often unreported news. The unreported news in question, however, is not overlooked disasters or under-reported tragedies in far-flung countries, but minor league sporting events. David Llorente, co-founder of Narrativa, said was inspired to develop an AI-powered content generation system after he tried fruitlessly to find coverage of minor league soccer games from other countries in his native Spanish. "There are people interested in these things, in these leagues, in these kind of sports," he told Motherboard. "The idea was to focus on regional sports. I wanted to write about football, but about Japanese football in Spanish, to cover this niche." Sevilla won with a resounding 20 against Athletic in Nervion, where the sum up eight straight wins at home. Gameiro scored the first one for the locals and closed the scoreboard by converting a penalty kick after Kychowiak was fouled. Athletic was unlucky despite controlling ball possession and wasn't able to finish any of the numerous chances that they had. -- Narrativa game summary.
Narrativa is part of the booming automatic content generation industry which uses algorithms to convert data sets into narratives. Related: How a robot wrote for Engadget.

An anonymous reader shares a Motherboard report: Freddie Mercury, frontman of Queen and transcendent being of pure performative joy and vitality, would have been 70 years old this Monday, September 5. To celebrate the occasion and honor Mercury's enormous impact on pop culture, the International Astronomical Union (IAU) has officially changed the name of Asteroid 17473, located in the asteroid belt between Mars and Jupiter, to "Freddiemercury." It's a fitting tribute to the man who exuberantly sang that he was "a shooting star leaping through the sky" in the heart-thumping rock rager "Don't Stop Me Now." Queen's lead guitarist Brian May, who also happens to be an astrophysicist with a namesake asteroid of his own, announced the news to the band's fans via YouTube on Sunday. Mercury's asteroid is about three and a half kilometers across, and has an albedo of about 0.3, which means it reflects only about 30 percent of the Sun's light. "It's a dark object, like a cinder in space, as many of these asteroids are," May said. "It's just a dot of light, but it's a very special dot of light."

Forum of porn website Brazzers has been hacked, exposing the data of as many as 800,000 users, reports Motherboard. Though the data originated from the company's separate forum, the report adds, Brazzers users who never signed up to the forum may also find their details included in the dump. From the report: Motherboard was provided the dataset by breach monitoring site Vigilante.pw for verification purposes. The data contains 790,724 unique email addresses, and also includes usernames and plaintext passwords. (The set has 928,072 entries in all, but many are duplicates.) Troy Hunt, a security researcher and creator of the website Have I Been Pwned? helped verify the dataset by contacting subscribers to his site, who confirmed a number of their details from the data.

Sophia Carter-Kahn, reporting for Motherboard: Last week Stanford University announced a strict new alcohol policy in hopes to curb binge drinking. The new policy bans hard liquor at on-campus parties, and restricts hard alcohol in undergraduate possession to containers smaller than 750 milliliters ("a fifth"). Lisa Lapin, the vice president of university communications, clarified that the goal is to prevent medical transports [i.e. trips to the hospital]. Universities across the country are looking for new ways to deal with dangerous binge drinking. If this new restriction at Stanford is successful, it would set a precedent for how universities across the country grapple with a seemingly insurmountable alcohol problem. There's just one catch: there's little data to suggest restricting bottle size can change college drinking culture. Colleges have tried different strategies, from mailing parents flyers about alcoholism stats to policing campuses to break up parties. Dartmouth College, for example, implemented a hard alcohol ban last year. And the University of Virginia cracked down on liquor and Greek life on campus. But their efforts don't seem to be working. Drunkorexia -- skipping meals to have more room for alcohol -- is on the rise. And administrative desperation to find some way to reduce alcohol consumption has continued.

And now, Spotify is asking its users to reset their passwords. The popular music streaming service is "actively resetting a number of users' passwords," Motherboard reports, adding that the company is doing this because of the data breaches at other services and websites. In an email to customers, the company said, "Don't worry! This is purely a preventative security measure. Nobody has accessed your Spotify account, and your data is secure." The move comes less than a week after Dropbox began resetting its users' passwords. Earlier today we learned that the cloud storage had been hacked, and as many as 68 million accounts are affected.

The Dropbox hack is more severe than we expected. Motherboard has the details: Hackers have stolen over 60 million account details for online cloud storage platform Dropbox. Although the accounts were stolen during a previously disclosed breach, and Dropbox says it has already forced password resets, it was not known how many users had been affected, and only now is the true extent of the hack coming to light. Motherboard obtained a selection of files containing email addresses and hashed passwords for the Dropbox users through sources in the database trading community. In all, the four files total in at around 5GB, and contain details on 68,680,741 accounts. The data is legitimate, according to a senior Dropbox employee. Security expert Troy Hunt has corroborated on Motherboard's claims, and has updated Have I Been Pwned website where you can go and see if you're among one of the victims.

Joseph Cox, reporting for Motherboard: Tens of thousands of subscriber accounts for media company Infowars are being traded in the digital underground. Infowars, created by famed radio host and conspiracy theorist Alex Jones, produces radio, documentaries and written pieces. The dumped data relates to Prison Planet TV, which gives paying subscribers access to a variety of Infowars content. The data includes email addresses, usernames, and poorly hashed passwords. The administrator of breach notification site Databases. Land provided a copy of 100,223 records to Motherboard for verification purposes. Vigilante.PW, another breach notification service, also has the Infowars dump listed on its site, and says the data comes from 2014. However, every record appears to have been included twice in the data, making the actual number of user accounts closer to 50,000.Motherboard adds that it tested a few of the login credentials and that they worked.

Trailrunner7 quotes a report from On The Wire: Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone. The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them.

The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto's Citizen Lab, who recognized what they were looking at. "On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ;new secrets' about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive "lawful intercept" spyware product," Citizen Lab said in a new report on the attack and iOS flaws.

An anonymous reader quotes a report from Motherboard: Since early 2015, over a dozen UK companies have been granted licenses to export powerful telecommunications interception technology to countries around the world, Motherboard has learned. Many of these exports include IMSI-catchers, devices which can monitor large numbers of mobile phones over broad areas. Some of the UK companies were given permission to export their products to authoritarian states such as Saudi Arabia, the United Arab Emirates, Turkey, and Egypt; countries with poor human rights records that have been well-documented to abuse surveillance technology. In 2015, the UK's Department for Business, Innovation and Skills (BIS) started publishing basic data about the exportation of telecommunications interception devices. Through the Freedom of Information Act, Motherboard obtained the names of companies that have applied for exportation licenses, as well as details on the technologies being shipped, including, in some cases, individual product names. The companies include a subsidiary of defense giant BAE Systems, as well as Pro-Solve International, ComsTrac, CellXion, Cobham, and Domo Tactical Communications (DTC). Many of these companies sell IMSI-catchers. IMSI-catchers, sometimes known as "Stingrays" after a particularly popular brand, are fake cell phone towers which force devices in their proximity to connect. In the data obtained by Motherboard, 33 licenses are explicitly marked as being for IMSI-catchers, including for export to Turkey and Indonesia. Other listings heavily suggest the export of IMSI-catchers too: one granted application to export to Iraq is for a "Wideband Passive GSM Monitoring System," which is a more technical description of what many IMSI-catchers do. In all, Motherboard received entries for 148 export license applications, from February 2015 to April 2016. A small number of the named companies do not provide interception capabilities, but defensive measures, for example to monitor the radio spectrum.

An anonymous reader quotes a report from Motherboard: Since early 2015, over a dozen UK companies have been granted licenses to export powerful telecommunications interception technology to countries around the world, Motherboard has learned. Many of these exports include IMSI-catchers, devices which can monitor large numbers of mobile phones over broad areas. Some of the UK companies were given permission to export their products to authoritarian states such as Saudi Arabia, the United Arab Emirates, Turkey, and Egypt; countries with poor human rights records that have been well-documented to abuse surveillance technology. In 2015, the UK's Department for Business, Innovation and Skills (BIS) started publishing basic data about the exportation of telecommunications interception devices. Through the Freedom of Information Act, Motherboard obtained the names of companies that have applied for exportation licenses, as well as details on the technologies being shipped, including, in some cases, individual product names. The companies include a subsidiary of defense giant BAE Systems, as well as Pro-Solve International, ComsTrac, CellXion, Cobham, and Domo Tactical Communications (DTC). Many of these companies sell IMSI-catchers. IMSI-catchers, sometimes known as "Stingrays" after a particularly popular brand, are fake cell phone towers which force devices in their proximity to connect. In the data obtained by Motherboard, 33 licenses are explicitly marked as being for IMSI-catchers, including for export to Turkey and Indonesia. Other listings heavily suggest the export of IMSI-catchers too: one granted application to export to Iraq is for a "Wideband Passive GSM Monitoring System," which is a more technical description of what many IMSI-catchers do. In all, Motherboard received entries for 148 export license applications, from February 2015 to April 2016. A small number of the named companies do not provide interception capabilities, but defensive measures, for example to monitor the radio spectrum.

Sam Gustin, writing for Motherboard: Facebook's decision to begin harvesting data from its popular WhatsApp messaging service provoked a social media uproar on Thursday, and prompted leading privacy advocates to prepare a federal complaint accusing the tech titan of violating US law. On Thursday morning, WhatsApp, which for years has dined out on its reputation for privacy and security, announced that it would begin sharing user phone numbers with its Menlo Park-based parent company in an effort "to improve your Facebook ads and products experiences." Consumer privacy advocates denounced the move as a betrayal of WhatsApp's one billion users -- users who had been assured by the two companies that "nothing would change" about the messaging service's privacy practices after Facebook snapped up the startup for a whopping $19 billion in 2014. "WhatsApp users should be shocked and upset," Claire Gartland, Consumer Protection Counsel at the Electronic Privacy Information Center, a leading US consumer advocacy group, told Motherboard. "WhatsApp obtained one billion users by promising that it would protect user privacy. Both Facebook and WhatsApp made very public promises that the companies would maintain a separation. Those were the key selling points of the deal."

One of the world's most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists, reports The New York Times. (Editor's note: the link could be paywalled, here's an alternate source). From the report: Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target's mobile phone, was responsible for the intrusions. The NSO Group's software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user. In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.The Washington Post reports that these "zero-day" flaws were previously used by the governments to take over victims' phones by tricking them into clicking on a link to a text message. Motherboard says that this is the first time anyone has uncovered such an attack in the wild. "Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars."

An anonymous reader shares a Motherboard report:The US Army sees itself in a transitional period. Unlike a decade ago, soldiers are training less today on how to conduct "stability" operations for a counter-insurgency campaign, and more on what the Army does best: fighting other armies. But training is expensive and requires time and a lot of space. Training a gunner for an M-1 Abrams tank means reserving time on a limited number of ranges and expending real ammunition. So to lower costs and make training more efficient -- in theory -- the Army has adopted a variety of games to simulate war. There's just a few problems. Some of the Army's virtual simulators sit collecting dust, and one of them is more expensive and less effective than live training. At one base, soldiers preferred to play mouse-and-keyboard games over a more "realistic" virtual room. Then again, the Army has cooler games than you do. M-1 tank gunners, for example, can train inside a full-scale, computerized mock-up of their station called the Advanced Gunnery Training System, which comes inside a large transportable container. Instead of looking through real sights down a range, the soldier squints through a replica and sees a virtual simulacrum of, say, an enemy tank. Push a button and the "cannon" fires. The Army fields similar systems for the Stryker, a wheeled armored troop transport that fits an optional 105-millimeter gun. Soldiers train inside another simulated gunnery station for the M-2 Bradley fighting vehicle. Another system, Common Driver, simulates a variety of military vehicles.