After a bomb exploded in Manhattan, leaving 29 injured, people leaving the scene discovered Uber had doubled their fares. An anonymous Slashdot reader quotes The Sun: Traumatized families caught up in the New York bomb blast have accused Uber of cashing in on the tragedy by charging almost double to take them home. Furious passengers have taken to social media to slam the taxi firm in the wake of the blast... Uber reportedly charged between 1.4 and 3 times the standard fare with one city worker saying he had to pay twice as much as usual. Mortgage broker Nick Lalli said: "Just trying to get home from the city and Uber f****** doubled the surge price."
"Demand is off the charts!" the app informed its users, adding "Fares have increased to get more Ubers on the road." Uber soon tweeted that they'd deactivated their surge pricing algorithm for the affected area in Chelsea, "but passengers in other areas of Manhattan said they were still being charged higher than normal fares." One of the affected passengers was Michael Cohen, who is Donald Trump's lawyer, who tweeted that Uber was "taking total advantage of chaos and surcharging passengers 1.4 to 1.8 times." And another Uber user tweeted "I'm disgusted. People are trying to get home safe. Shame on you #DeleteApp."

Samsung is now telling owners of their Galaxy Note 7 to "power down your device and return to using your previous phone. We will voluntarily replace your Galaxy Note7 device with a new one, beginning on September 19th... We acknowledge the inconvenience this may cause in the market but this is to ensure that Samsung continues to deliver the highest quality products to our customers." The BBC reports: Samsung has urged owners of its Galaxy Note 7 phones to stop using or exchange the devices as they risk exploding. A statement by Samsung, the world's biggest mobile phone maker, said "our customers' safety is an absolute priority..." Earlier on Saturday, aviation authorities in the United Arab Emirates banned use of the devices on the Emirates and Etihad airlines.
Three Australian airlines have already banned use of the phone, and by last week 35 incidents had been reported to Samsung, which believes that the exploding batteries affect 24 phones out of every million (or one phone out of every 41,666).

Long-time Slashdot reader randomErr writes: In a big blow to Qualcomm, Apple plans to incorporate Intel baseband chips into at least some models of the new iPhone 7. The selection of Intel chip means that in newer iPhones Apple will no longer support CDMA technology popularized by Qualcomm. The Wall Street Journal states that many industry analysts believe Intel could be supplying as many as half of of baseband chips for Apple's handsets.
This was the last key iPhone component that didn't have two sources, and the Journal estimates that Intel's revenues could now increase by up to $700 million before the end of 2016.

Slashdot reader chicksdaddy quotes an article from Security Ledger: The Federal Trade Commission is warning consumers to beware of new 'connected car' features that allow rental car customers to connect their mobile phone or other devices to in-vehicle infotainment systems. "If you connect a mobile device, the car may also keep your mobile phone number, call and message logs, or even contacts and text messages," the FTC said in an advisory released on Tuesday. "Unless you delete that data before you return the car, other people may view it, including future renters and rental car employees or even hackers."

The Commission is advising renters to avoid syncing their mobile phones to their rental car, or to power devices via a USB port, where settings on your device may allow automatic syncing of data. Consumers who do connect their device should scrutinize any requests for permissions.
Security researchers have also discovered another car-related vulnerability. The software connecting smartphones to in-vehicle "infotainment" systems could also make cars vulnerable to remote attacks.

An anonymous reader quotes a report from Help Net Security: Cybercriminals are using insiders to gain access to telecommunications networks and subscriber data, according to Kaspersky Lab. In addition, these criminals are also recruiting disillusioned employees through underground channels and blackmailing staff using compromising information gathered from open sources...

According to Kaspersky Lab researchers, if an attack on a cellular service provider is planned, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify the employees who can enable network mapping and man-in-the-middle attacks.

An anonymous Slashdot reader writes: Security expert Anthony Zboralski posted on HERT a social engineering attack for Tinder that lets you perform a man-in-the-middle attack against unsuspecting users. Zboralski says, "Not only we can eavesdrop on the conversation of two strangers, we can also change their reality." The attack can easily be extended to SMS, Whatsapp, iMessage and voice.
"At some point people exchange phone numbers and the Tinder convo stops. That's not a problem..." Zboralski explains, suggesting more ways to continue the man-in-the-middle exploits..

His article drew a response from Tinder, arguing they "employ several manual and automated mechanisms" to deter fake and duplicate profiles. But while they're looking for ways to improve, "ultimately, it is unrealistic for any company to positively validate the real-world identity of millions of users while maintaining the commonly expected level of usability."

Long-time Slashdot reader dyork brings new from The Internet Society: IPv6 deployment hit a milestone this month related to the four major US providers (Verizon Wireless, T-Mobile USA, Sprint, AT&T): "IPv6 is the dominant protocol for traffic from those mobile networks to major IPv6-capable content providers."
A graph on their "World IPv6 Launch" site shows those carriers are now delivering close to 55% of their traffic over IPv6 to major IPv6-capable content providers -- up from just 37.59% in December. "This is really remarkable progress in the four years since World IPv6 Launch in 2012, and the growth of IPv6 deployment in 2016 is showing no signs of abating." In fact, the NTIA is now requesting feedback from organizations that have already implemented IPv6, noting that while we've used up all the 4.3 billion IPv4 addresses, IPv6 offers 340 undecillion IP addresses -- that is, 340 followed by 36 digits.

An anonymous reader writes from a report via Baltimore Sun: Civil rights groups have complained to the FCC over the Baltimore Police Department's use of stingray phone tracking devices. They claim that "the way police use it interferes with emergency calls and is racially discriminatory." Baltimore Sun reports: "The complaint argues that the police department doesn't have a proper license to use the devices and is in violation of federal law. It calls on regulators at the Federal Communications Commission to step in and formally remind law enforcement agencies of the rules. 'The public is relying on the Commission to carry out its statutory obligation to do so, to fulfill its public commitment to do so, and to put an end to widespread network interference caused by rampant unlicensed transmissions made by BPD and other departments around the country,' the groups say in the complaint. Police in Baltimore acknowledged in court last year that they had used the devices thousands of times to investigate crimes ranging from violent attacks to the theft of cellphones. Investigators had been concealing the technology from judges and defense lawyers and after the revelations Maryland's second highest court ruled that police should get a warrant before using a Stingray. The groups argue that surveillance using the devices also undermines people's free speech rights and describe the use of Stingrays as an electronic form of the intrusive police practices described in the scathing Justice Department report on the police department's pattern of civil rights violations."

Slashdot reader Nicola Hahn writes: While reporters clamor about the hacking of the Democratic National Committee, NSA whistleblower James Bamford offers an important reminder: American intelligence has been actively breaching email servers in foreign countries like Mexico and Germany for years. According to Bamford documents leaked by former NSA specialist Ed Snowden show that the agency is intent on "tracking virtually everyone connected to the Internet." This includes American citizens. So it might not be surprising that another NSA whistleblower, William Binney, has suggested that certain elements within the American intelligence community may actually be responsible for the DNC hack.

This raises an interesting question: facing down an intelligence service that is in a class by itself, what can the average person do? One researcher responds to this question using an approach that borrows a [strategy] from the movie THX 1138: "The T-H-X account is six percent over budget. The case is to be terminated."
To avoid surveillance, the article suggests "get off the grid entirely... Find alternate channels of communication, places where the coveted home-field advantage doesn't exist... this is about making surveillance expensive." The article also suggests "old school" technologies, for example a quick wireless ad-hoc network in a crowded food court. Any thoughts?

The Edmonton Police Service has admitted to Motherboard that it owns a Stingray and that it used the [surveillance] device in the past during investigations. After Vancouver cops admitted to using the phone tracker to investigate an abduction in 2007, Motherboard called up other local police stations in Canada to ask if they had also previously used one. As you can imagine, the other stations kept mum. In the US, Stingrays are a regular part of government and law enforcement agencies' surveillance arsenal. But Vancouver's and Edmonton's police services are the first law enforcement offices in Canada to confirm that they've used the device. Motherboard adds: According an emailed statement from police spokesperson Anna Batchelor, Edmonton's cops have "used the device in the past during investigations," but would not release any additional details in order to "to protect [Edmonton Police Service] operations." Until now, the only law enforcement in the country known to use the devices was the Royal Canadian Mounted Police, the country's analogue to the US Federal Bureau of Investigation. These suitcase-sized surveillance tools have been used in the past by the Vancouver and Toronto police, but the Vancouver police have said they borrowed the Stingray from the RCMP, and in Toronto an RCMP technician was on hand, at least in that incident. The Edmonton police's comment to Motherboard is the first time a local police department in Canada has publicly admitted to owning a Stingray device.

Slashdot reader DERoss writes: Effective 1 August, the U.S. Social Security Administration (SSA) requires users who want to access their SSA accounts to use two-factor authentication. This involves receiving a "security" code via a cell phone text message. This creates two problems. First of all, many seniors who depend on the Social Security benefits to pay their living costs do not have cell phones [or] are not knowledgeable about texting.

More important, cell phone texting is NOT secure. Text messages can be hacked, intercepted, and spoofed. Seniors' accounts might easily be less secure now than they were before 1 August... This is not because of any law passed by Congress. This is a regulatory decision made by top administrators at SSA.
In addition, Krebs on Security reports that the new system "does not appear to provide any additional proof that the person creating an account at ssa.gov is who they say they are" and "does little to prevent identity thieves from fraudulently creating online accounts to siphon benefits from Americans who haven't yet created accounts for themselves." Users are only more secure after they create an account on the social security site -- and Krebs also notes that ironically, the National Institute for Standards and Technology already appears to be deprecating the use of SMS-based two-factor authentication.

An anonymous Slashdot reader quotes a report from ABC News: A new Illinois law limits how police can use devices that cast a wide net in gathering cellphone data... [Stingray] gathers phone-usage data on targets of criminal investigations, but it also gathers data on other cellphones -- hundreds or even thousands of them -- in the area. The new law requires police to delete the phone information of anyone who wasn't an investigation target within 24 hours. It also prohibits police from accessing data for use in an investigation not authorized by a judge.

A dozen other states have adopted such regulations, and Congress is considering legislation that would strengthen federal guidelines already in place... Privacy advocates worry that without limits on how much data can be gathered or how long it can be stored, law enforcement could use the technology to build databases that track the behavior and movement of people who are not part of criminal investigations.
Earlier this month a U.S. judge threw out evidence gathered with Stingray for the first time, saying that without a search warrant, "the government may not turn a citizen's cell phone into a tracking device." The ACLU has identified 66 agencies in 24 states using Stingray technology, "but because many agencies continue to shroud their purchase and use of stingrays in secrecy, this map dramatically underrepresents the actual use of stingrays by law enforcement agencies nationwide."

This week saw the release of the Moto Z Droid and Force Droid, new Android smartphones from Motorola and Lenovo with snap-on modules. Slashdot reader MojoKid writes that the Z Force Droid "is sheathed behind Moto ShatterShield technology making it virtually indestructible." Motorola guarantees it not to crack or shatter if dropped... However, what's truly standout are Moto Mods, which are snap-on back-packs of sorts that add new features, like the JBL Speaker, Moto Insta-Projector and Incipio OffGrid Power Pack (2220 mAh) mods... Even the fairly complex projector mod fires up in seconds and works really well.
But the Verge has called it "a good phone headed down the wrong path," adding "this company is competing in the global smartphone market, not a high school science fair, and its success will depend on presenting better value than the competition, not cleverer design. Without the benefit of the value-projecting fairy dust of brands like Apple and Beats, Lenovo will have an uphill climb trying to justify its Moto Mods pricing with functionality and looks, and our review has shown that none of the company's extras are essential."

An anonymous reader writes from a report via The Verge: Corning has unveiled their new Gorilla Glass 5, which should make its way to high-end smartphones and other electronic devices later this year and into 2017. Gorilla Glass 5 is designed to improve drop performance from devices that are dropped onto rough surfaces from waist heigh to shoulder height. Corning says it can survive up to 80 percent of the time when dropped from 1.6 meters. For comparison, Gorilla Glass 4, which was released in the fall of 2014, was marketed as being twice as tough as the previous version and twice as likely to survive drops onto uneven surfaces from about a meter high. Some things to note include the fact that in Corning's tests, the 80 percent survival rate was with pieces of glass that were 0.6mm thick -- Corning now makes glass as thin as 0.4mm. Depending on how thin manufacturers want the glass in their devices, the durability results may vary. Also, most of demos consisted of dropping the glass face down, rather than on its side or corner. Corning's vice president and general manger John Bayne said if the glass is dropped in such a way, it's going to depend on the overall design of the phone, not just the glass. Gorilla Glass 5 is currently in production, though the company says we'll hear more about it "in the next few months." There's no word as to whether or not the glass will be ready in time for the wave of devices expected this fall.

An anonymous reader write: To address the problem of motorists killed by police officers, Shervin Pishevar, the Iranian-born VC who backed Uber, is suggesting an app that allows police officers to communicate with motorists during traffic stops without either party leaving their vehicles. USA Today reports that Pishevar "says he has slept very little in the past 48 hours as he seeks input from law enforcement, software engineers and designers, lawmakers and from community members," and he's now working with former New York City police commissioner. Engadget has criticized Pishevar's proposal, writing "Dear Silicon Valley, not everything can be solved with apps."

At midnight on Friday, Uber also shut down their service for one minute "to create a moment of reflection for the Uber Community,", and also added a peace sign to their app, encouraging its users to "take a moment to think about what we can do to help," and changed the countdown for the arrival of a car into the amount of time left "to reflect on gun violence".

The Independent newspaper reports that the warrantless NSA surveillance programs revealed by Edward Snowden are facing a constitutional challenge in court for the first time: Lawyers for Mohamed Mohamud have argued that surveillance evidence used to convict the Somali-American man, found guilty of plotting to bomb a Christmas tree-lighting ceremony, was gathered in a manner that was unconstitutional. The lawyers laid out their arguments on Wednesday before a panel of judges of the 9th US Circuit Court of Appeals in Portland, close to the plaza where Mohamud tried detonating a fake bomb that was part of an undercover operation...

Stephen Sady, Mohamud's lawyer, urged the court to grant his client a new trial on the grounds that the evidence used against Mohamud should never have been permitted in the courtroom. Mr Sady told the judges that using surveillance information on foreigners, which does not require a warrant, to spy on any Americans they communicate with was "an incredible diminution of the privacy rights of all Americans⦠That is a step that should never be taken."
Last year saw a record number of wiretaps authorized by state and federal judges -- 4,148, more than twice as many as the 1,773 that took place in 2005 -- and not a single request was rejected. (More than 95% were for cellphones, and 81% for narcotics investigations.) But The Independent notes that U.S. law enforcement officials have admitted they also "incidentally" collect information about Americans without a warrant, and then sometimes later use that information in criminal investigations. In Mohamud's case, which dates back to 2010, "There's no doubt he tried to explode a car bomb in America," writes Slashdot reader Bruce66423, arguing that this case "elegantly demonstrates the issue of how far legal rights should overwhelm common sense."

An anonymous reader writes: The Samsung Galaxy S7 Active is apparently not-so-active. It should be the more durable version of the Galaxy S7 family but apparently it's not. Because of this, Consumer reports is not going to mark it as "Recommended" even though it performed very well in all the other tests it ran. [Jerry Beilinson writes from Consumer Reports:] "Consumer Reports technicians placed a Galaxy S7 Active in a water tank pressurized to 2.12 pounds-per-square-inch, the equivalent of just under five feet of water, and set a timer for 30 minutes. When we removed the phone, the screen was obscured by green lines, and tiny bubbles were visible in the lenses of the front- and rear-facing cameras. The touchscreen wasn't responsive. Following our standard procedure when a sample fails an immersion test, we submitted a second Galaxy S7 Active to the same test. That phone failed as well. After we removed it from the tank, the screen cycled on and off every few seconds, and moisture could be seen in the front and back camera lenses. We also noticed water in the slot holding the SIM card. For a couple of days following the test, the screens of both phones would light up when the phones were plugged in, though the displays could not be read. The phones never returned to functionality." Samsung has said "The Samsung Galaxy S7 active device is one of the most rugged phones to date and is highly resistant to scratches and IP68 certified. There may be an off-chance that a defective device is not as watertight as it should be." Although, given the fact that Consumer Reports tested multiple devices, Samsung could have a widespread issue on their hands. They company said it is investigating the issue.

An anonymous reader writes from a report via The Hill: Late Tuesday night, the Federal Communications Commission ruled that the entire federal government is exempt from consumer protection laws that limit unwanted robocalls. They ruled that the Telephone Consumer Protection Act of 1991 doesn't apply to the federal government, while the law does bar businesses from making numerous autodialed or prerecorded calls to a person's cellphone. The FCC did also make contractors working on behalf of the government exempt from the law as well. Earlier this year, a Supreme Court case found that the law does not apply to the government because of sovereign immunity. However, the FCC ruled that the government falls outside the law's definition of a "person." "Indeed, had Congress wanted to subject the federal government to the TCPA, it easily could have done so by defining 'person' to include the federal government," according to the ruling. Therefore, contractors hired by members of Congress can robocall individuals to participate in town halls, government researchers can place autodialed calls to the cellphones of survey respondents, and contractors can make similar calls to offer information about social security. The ruling does not apply to lawmakers who are using the calls for political campaigns.

An anonymous reader writes: Apple has patented a system that prohibits smartphone users from taking photos and videos at concerts, movie theaters and other events where people tend to ignore such restrictions. The patent has been award to Apple today and was first spotted by Patently Apple. QZ reports: "It outlines a system which would allow venues to use an infrared emitter to remotely disable the camera function on smartphones. According to the patent, infrared beams could be picked up by the camera, and interpreted by the smartphone as a command to block the user from taking any photos or videos of whatever they're seeing. The patent also outlines ways that infrared blasters could actually improve someone's experience at a venue. For example, the beams could be used to send information to museum-goers by pointing a smartphone camera at a blaster placed next to a piece of art." The report also mentions that the patent could in theory be used to help police limit smartphone filming of acts of brutality, or help a government shut off filming in certain locations. Last week, SlashGear reported that Alicia Keys is the latest musician to ban cellphones at her events.

An anonymous reader cites an Engadget report:Over the years we've seen Plex's media software run across a number of different devices, from PCs to game consoles to NAS and cellphones. Now, it's teamed up with Western Digital for what it says is the first portable Plex Media Server. The hardware is handled by the My Passport Wireless Pro, a battery-powered portable hard drive that can run standalone for 10 hours, charge mobile devices, and back up data via SD or USB 3.0. The all-in-one box can even create a WiFi network to sync with mobile devices or stream media to any device running Plex. The 2TB version is ready to take your stuff on the go for $230, and upgrading to 3TB only costs an extra $20.