Valve has confirmed to The Verge that it will stop making its Steam Controller. Currently, the gamepads are on sale for just $5 -- 90 percent off its original price -- but once these controllers are gone, Valve doesn't plan to make any more. From the report: [W]hile I can't recommend it wholeheartedly like I did when Valve discontinued its amazing Steam Link wireless HDMI cable-in-a-box, I will say that $13 is a pretty excellent price if you ever plug your PC into your television, or sling your PC games wirelessly to the Steam Link app on your phone and need an accurate solution. That's because the controller, originally introduced in 2013 as part of Valve's failed Steam Machines initiative, is one of the most fully customizable gamepads ever made, and perhaps the only one to offer mouse-like pinpoint precision. That's because it uses a pair of trackpads, complete with tiny solenoid actuators for haptic feedback, so you can emulate a mouse or trackball. Plus, there are paddles around back for crouching, jumping, strafing, you name it without needing to take your thumbs off those trackpads.

But that's just the beginning. Thanks to Valve's robust configuration software, the Steam Controller has developed something of a cult following with thousands of gamers uploading their custom configurations for their entire game libraries on Steam. It's not uncommon to fire up a game and find dozens of fancy profiles that place the game's functions at your fingertips plus add entirely new control modes. One common modifier is to hold down a button to switch the entire gamepad into a gyroscopic aiming mode, not only readying your character's weapon, but slowing down your aiming sensitivity while allowing you to physically shift the controller a small amount to line up a shot using its built-in gyroscope. [...] I doubt I'm actually going to convince you to buy a Steam Controller if you've never been sold on the idea before. (Plus, paying $8 for shipping seems a bit much.) But I'm keeping mine around as a piece of gaming history, and I'm a little tempted to buy a second just in case I ever lose its USB dongle.

peterthegreat321 shares this story from Medium's new tech site, OneZero about Second Sight's experimental brain implant that offers a kind of artificial vision: From the outside, the Orion looks like a pair of sunglasses with a small camera and video processing unit attached to it. Implanted in the brain, however, is a postage stamp-sized chip containing 60 electrodes that sits on the visual cortex, the part of the brain that processes visual information. When the device is switched on, the camera captures a person's surroundings, and the wireless video processing unit converts those images into electrical pulses using an algorithm. Those pulses are transmitted to the electrodes on the brain, which interprets them as visual clues... [T]he Orion, which shares much of its technology with the Argus II, bypasses the eye and optic nerve completely. "With the current system we're testing, you don't even need to have eyes for the device to work," says Dr. Nader Pouratian, the neurosurgeon at Ronald Reagan UCLA Medical Center who implanted Jason Esterhuizen's device. As the primary investigator of the trial at UCLA, he has outfitted four patients with the device. The other two study participants received the implant from Dr. Daniel Yoshor at Baylor College of Medicine in Houston, Texas...

Esterhuizen and the other participants have regained a limited amount of vision after being completely blind for years or decades. While they don't see color, shapes, or clear edges and can't yet read text, they are able to distinguish light from dark, they can recognize moving objects, and they have some degree of depth perception. People and objects appear as dots of light corresponding to where they're located, and as they get closer, more dots appear. "It's like learning a new language," Esterhuizen says. "You learn how to interpret what's going on...."

Electrodes in the brain also cause scar tissue to form over time, making them stop working, so it isn't clear how long these implants will last. Jessy Dorn, vice president of clinical and scientific affairs at Second Sight, says the electrodes used in the Orion device should work for at least five years. That means patients will probably eventually lose what little vision they acquire with the devices. Another major limitation of the Orion is that it's only useful for those who were born sighted and later lost their vision. In people who are born blind, the parts of the brain that are responsible for sight are not fully developed, and visual information cannot be effectively transmitted to the brain. A device that could help all people with blindness is still a long way off... Esterhuizen though is hopeful about the future of assistive technologies for the blind and visually impaired. "It's just baby steps for now," he says. "But eventually I think this technology will change the lives of millions of people."

An anonymous reader quotes a report from Ars Technica: The Department of Defense has weighed in against a proposal before the Federal Communications Commission to open the 1 to 2 Gigahertz frequency range -- the L band -- for use in 5G cellular networks. The reason: segments of that range of radio spectrum are already used by Global Positioning System signals and other military systems. In a letter to FCC Chairman Ajit Pai, Secretary of Defense Mark Esper pressed for the rejection of the proposal by Ligado Networks (formerly known as Lightspeed), saying, "There are too many unknowns and the risks are far too great to federal operations to allow Ligado's proposed system to proceed... This could have a significant negative impact on military operations, both in peacetime and war."

The FCC has already largely brushed aside similar opposition from NASA, the US Navy, and the National Oceanographic and Atmospheric Administration, among others, over another spectrum block in the 24GHz range -- which is used by weather satellites for remote monitoring of water vapor. But comments are still being collected on the Ligado plan for sharing the 1675 to 1680MHz block of the L Band. Pai has been supportive of the plan because that range is adjacent to the existing 1670 to 1675MHz block already in use for wireless services. GPS signals use several blocks of the L band, including a primary channel centered on 1575.42MHz. GPS uses L band signals because of their ability to penetrate cloud cover, rain, and vegetation. The L band is also used by the DOD for a number of other purposes, including tactical air navigation, landing assistance telemetry, Identify Friend or Foe (IFF) signals, and missile range and aircraft telemetry -- though the DOD has already had to move some of these applications further up the spectrum range to make room for previous "commercial reallocation."

T-Mobile says it has suffered a data breach affecting some prepaid customers. No financial data, social security numbers, or passwords were accessed, but information associated with users' prepaid wireless accounts was obtained, including names, billing addresses, phone numbers, account numbers, rate plans, and features that users have added to their accounts. TmoNews reports: T-Mobile is in the process of notifying all customers that've been affected by this data breach. If you got a notification, you should update the PIN on your T-Mobile account. T-Mo does say that it's possible that some affected customers may not be notified because their contact info isn't up-to-date, so if that's the case with you, you can contact T-Mobile support for more info by dialing 611 from your T-Mo phone or 1-800-TMOBILE from any phone. There's no word yet on exactly how many customers were affected by this security issue, but some Reddit users have chimed in to say that they've been alerted to the breach by T-Mobile. "We take the security of your information very seriously and have a number of safeguards in place to protect your personal information from unauthorized access," T-Mobile says. "We truly regret that this incident occurred and apologize for any inconvenience this has caused you."

Chairman Ajit Pai is pressing for a public auction of wireless frequencies in the C-band spectrum (the 4GHz to 8GHz range often used by satellite companies) for the sake of 5G service. Engadget reports: This would help the FCC clear up "significant" frequency space in a quick fashion, generate money for the government and "ensure continued delivery" of existing services, Pai argued. He hoped to auction off a 280MHz slice while leaving the upper 200MHz available. An FCC official told the Wall Street Journal that the regulator hoped to bring the C-band auction up for a vote in 2020 and start the auction by the end of that year.

Satellite companies, however, might not be so happy. Industry giants like Intelsat and SES haven't been averse to selling their spectrum, but they've wanted a private auction to share the money they make and have claimed the FCC isn't allowed to take in-use spectrum without paying them. A public auction flies in the face of that. The C-Band Alliance, a group representing the satellite firms, has hinted at "protracted litigation" if the FCC pushes forward. Carriers are also of mixed opinions. AT&T, which owns DirecTV, has called C-band an "opportunity" but also wanted compensation and a "reasonable transition plan" to avoid disruptions. Verizon (Engadget's parent company and Pai's former employer) likewise wanted "appropriate incentives and protections" to ensure a quick process.

It's not yet prime time for 5G networks, which still face logistical and technical hurdles, but they're increasingly coming online in major cities worldwide. Which is why it's especially worrying that new 5G vulnerabilities are being discovered almost by the dozen. From a report: At the Association for Computing Machinery's Conference on Computer and Communications Security in London today researchers are presenting new findings that the 5G specification still has vulnerabilities. And with 5G increasingly becoming a reality, time is running out to catch these flaws. The researchers from Purdue University and the University of Iowa are detailing 11 new design issues in 5G protocols that could expose your location, downgrade your service to old mobile data networks, run up your wireless bills, or even track when you make calls, text, or browse the web. They also found five additional 5G vulnerabilities that carried over from 3G and 4G. They identified all of those flaws with a new custom tool called 5GReasoner.

One purported benefit of 5G is that it protects phone identifiers, like your device's "international mobile subscriber identity," to help prevent tracking or targeted attacks. But downgrade attacks like the ones the researchers found can bump your device down to 4G, or put it into limited service mode, then force it to send its IMSI number unencrypted. Increasingly, networks use an alternative ID called a Temporary Mobile Subscriber Identity that refreshes periodically to stymie tracking. But the researchers also found flaws that could allow them to override TMSI resets, or correlate a device's old and new TMSI, to track devices. Mounting those attacks takes only software-defined radios that cost a few hundred dollars. The 5GReasoner tool also found issues with the part of the 5G standard that governs things like initial device registration, deregistration, and paging, which notifies your phone about incoming calls and texts. Depending on how a carrier implements the standard, attackers could mount "replay" attacks to run up a target's mobile bill by repeatedly sending the same message or command. It's an instance of vague wording in the 5G standard that could cause carriers to implement it weakly.

AT&T is adding $10 to the monthly bills of customers with certain grandfathered mobile-data plans and not letting them switch back to their older packages. AT&T is pitching the change as a "bonus" because it's also adding 15GB to the customers' monthly data allotments. Ars Technica reports: "Enjoy more data," AT&T says in a support document. "Starting with your October 2019 bill, you'll get an additional 15GB of data on your Mobile Share plan. This bonus data comes with a $10 price increase." Paying an extra $10 for another 15GB isn't a bad deal as far as U.S. wireless prices go, but that's only true if you actually need the extra data. The plans getting the data-and-price increases already had between 20GB and 60GB of data per month at prices that ranged from $100 to $225. Now those plans have 35GB to 75GB and cost $110 to $235. (The data allotments can be shared among multiple people on the same family plan.)

These Mobile Share Value plans were introduced in December 2013 and are apparently no longer offered to new customers. This is at least the second time this year that AT&T has added $10 and extra data to customer bills; a previous increase took effect between March and May and mostly affected a different set of Mobile Share Value plans, according to another AT&T support document. AT&T confirmed that there's no way to opt out of the new $10 increase, The Verge reported yesterday.

The T-Mobile and Sprint merger hasn't been officially completed yet, but that hasn't stopped the "Un-carrier" from talking about what it will do with its newfound resources. T-Mobile announced today that it plans to launch the company's cheapest phone plan ever and roll out its 5G network starting December 6th. Gizmodo reports: Starting at just $15 a month, the new T-Mobile Connect plan offers unlimited talk and text plus 2GB of 4G or 5G data. Now admittedly, 2GB of data per month isn't all that much, but considering the T-Mobile's current least expensive plans start at $30 a month (and that's including a discount for having four lines), T-Mobile Connect could provide some much-needed savings for low-income families -- at least temporarily while it gathers all the goodwill it can muster in the merger process. Additionally, T-Mobile also teased two other new programs with its Connecting Heroes Initiative, which promises to give unlimited talk, text and 5G access to every first responder in the U.S. for the next 10 years. This includes public and non-profit fire, police, and EMS personnel. Then there's T-Mobile's Project 10 Million, which promises to handout 10 million hotspots to students across the country that will provide up to 100GB of free mobile data per year. With Project 10 Million, T-Mobile is hoping to give children and students greater access to broadband internet in order to make completing homework just a bit easier.

Also, next month T-Mobile says it will turn on its nationwide 5G network on December 6th, which promises to bring 5G coverage to over 200 million Americans in more than 5,000 cities. That said, this 5G network won't have the combined resources of both T-Mobile and Sprint until sometime in 2020 when T-Mobile can integrate its mmWave and sub-6GHz spectrum with Sprint's mid-brand spectrum. Looking even further ahead, T-Mobile claims its new 5G network will offer 14 times more capacity than it could on its own, and that the combined T-Mobile/Sprint network will cover 85 percent of the rural U.S. within three years, and 90 percent coverage after six years.

An anonymous reader quotes a report from TechCrunch: Security researchers have discovered a vulnerability in Ring doorbells that exposed the passwords for the Wi-Fi networks to which they were connected. Bitdefender said the Amazon-owned doorbell was sending owners' Wi-Fi passwords in cleartext as the doorbell joins the local network, allowing nearby hackers to intercept the Wi-Fi password and gain access to the network to launch larger attacks or conduct surveillance.

"When first configuring the device, the smartphone app must send the wireless network credentials. This takes place in an unsecure manner, through an unprotected access point," said Bitdefender. "Once this network is up, the app connects to it automatically, queries the device, then sends the credentials to the local network." But all of this is carried out over an unencrypted connection, exposing the Wi-Fi password that is sent over the air. Amazon fixed the vulnerability in all Ring devices in September, but the vulnerability was only disclosed today.

Saritha Rai, writing for Bloomberg: A payments platform created by India's largest retail banks surpassed a billion transactions in October, a milestone that affirms the tremendous growth of services offered by U.S. giants from Walmart to Amazon.com and Google. Indian digital payments took off when the government pushed demonetization in 2016, invalidating most of the country's high-value currency notes in a move to curb corruption and push Indians away from cash. The Unified Payments Interface or UPI has now surpassed a 100 million users three-and-a-half years after its launch, thanks to booming smartphone use and wireless data rates among the lowest in the world. Amazon and Google now vie with local startup Paytm, Walmart-PhonePe and a host of other players in a digital payments market forecast to quintuple to $1 trillion by 2023. "UPI has had the fastest acceptance rate not just among payment platforms but digital platforms of any kind," said Dilip Asbe, chief executive officer of the National Payments Corporation of India, which groups the lenders that developed the system. "We aim to expand the UPI base to 500 million users in the next three years."

UPI sports an open architecture allowing digital wallet apps, payment banks and startups to link freely to its platform. That's a contrast to the closed systems of China's dominant services, WeChat and Alipay. It simplifies transactions between apps and banks linked through a biometric ID system called Aadhaar. Regulated by the central bank, it allows the instant transfer of funds between bank accounts through a mobile device using a simple virtual handle, without sharing bank or personal details. UPI's creators now want to take the platform beyond the country's borders and allow payments in places like Singapore or the Middle East with a dense population of Indian expatriates.

Google's Pixel smartphones have always been defined by iPhone-beating cameras, backed by the know-how of its software coders. With the release of the Pixel 4, however, the company has lost its lead -- through a combination of Apple's iPhone 11 camera improvements and its own lack of progress. From a report: Alphabet's Google is selling the Pixel 4 through all four major U.S. wireless carriers for the first time. And it's priced like a premium device: the 5.7-inch Pixel 4 starts at $799 and the 6.3-inch Pixel 4 XL costs $899. That's at least $100 more than the iPhone 11 but without software like iMessage that many Apple users consider a social imperative in the U.S.

With the iPhone 11 and 11 Pro, Apple closed the photography gap with better low-light image quality. Its camera software also makes those photos easier to take by automatically enabling night mode when required. Apple remains way ahead of any other phone maker when it comes to video quality. Deprived of its signature advantage, the Pixel 4 struggles to stand out in a crowded smartphone market. The design -- including materials, proportions and screen bezels -- is utilitarian. When compared with more polished handsets from Apple and Samsung, the Pixel 4 is unremarkable. With a single-digit slice of the smartphone market, Google also lacks the user loyalty and inertia to keep selling without a killer feature.

Apple today announced that it is releasing new AirPods Pro earbuds on October 30. Priced at $249, the premium version of its true wireless earbuds includes noise-cancellation feature to block out external sound. From a report: The new Pro model is available for pre-order starting today and will hit the shelves Wednesday, Oct. 30 - but, some hopeful buyers are finding they're already sold out online. The buds have ear tips that could fit deeper inside ears. The larger charging case also has a bigger, longer-lasting battery. Apple says the AirPods Pro can last "up to 5 hours" on a single charge and "over 24 hours" with the case. AirPods Pro cost $249 compared to $159 AirPods and $199 AirPods (with wireless charging case). Pre-orders start today at Apple.com. They deliver on Oct. 30 and will be available in Apple Stores the same day. Apple was widely expected to hold another event where it would have supposedly unveiled the refreshed AirPods and a 16-inch MacBook Pro, but the announcement today was made through a press release. The company has not clarified in that press release what kind of battery improvement the AirPods Pro offer. As it has been documented several times, AirPods' in-built battery becomes useless after a year of use, keeping the accessory on for just a few minutes at best. So unless Apple has somehow made a breakthrough here, it is likely the new AirPods, too, will die after a year of usage. Which means you're effectively paying Apple more than $20 a month for using their wireless earpieces.

A California man is suing AT&T after he says one of its employees allowed a hacker to access his cell phone number that resulted in his data being compromised and more than $1.8 million in cryptocurrency stolen from his accounts. ABC News reports: Seth Shapiro says that an AT&T employee allowed a hacker to swap his phone number from his phone to a separate device, which resulted in "the compromise of highly sensitive personal and financial information and the theft of more than $1.8 million," according to court documents. The process of so-called "SIM swapping" allows hackers a way to gain access to all the information tied to a phone number potentially giving them access to every email, photo, app and more on the phone.

The complaint filed on Oct. 17 claims that while third parties had control over his AT&T wireless number, "they used that control to access and reset the passwords for Mr. Shapiro's accounts on cryptocurrency exchange platforms, including KuCoin, Bittrex, Wax, Coinbase, Huobi, Crytopia, LiveCoin, HitBTC, Coss.io, Liqui, and Bitfinex." The digital currency "was accessed by the hackers utilizing their control over Mr. Shapiro's AT&T wireless number," the court documents added. The lawsuit alleges that hackers were able to access "accounts on various cryptocurrency exchange platforms, including the accounts he controlled on behalf of his business venture. The hackers then transferred Mr. Shapiro's currency from Mr. Shapiro's accounts into accounts that they controlled." "In all, they stole more than $1.8 million from Mr. Shapiro in the two consecutive SIM swap attacks on May 16, 2018," the complaint added. AT&T told ABC News in a statement that they dispute the Shapiro's allegations and shared information on how customers can help keep themselves safe from SIM swaps.

"We dispute these allegations and look forward to presenting our case in court," the statement said. "Customers can learn how to help protect themselves from this scam by going here -- https://about.att.com/sites/cyberaware/ni/blog/sim_swap."

Ever wondered what would manifest if you mixed 1990s nostalgia with a clever name and some futuristic hacking tech? The answer is the Pwnagotchi: a DIY, open source gadget for hacking Wi-Fi that gets smarter the more networks it gets exposed to using machine learning. From a report: It also has an adorable interface that reflects different "moods" depending on what it's doing, and echoes the Tamagotchi digital pets of the 90s. The idea is for its user to take it around the city and "feed" it with Wi-Fi handshakes, the process that allows phones or laptops to communicate with other wireless devices like a router or a smart TV. In theory, these handshakes can then be cracked to reveal the Wi-Fi network's password, which would be useful if the Pwnagotchi user wanted to hack into the Wi-Fi network at a later time. Hackers, of course, love it. The software for the Pwnagotchi was publicly released on September 19. Barely a month later, and with little promotion other than on Twitter, there's already an enthusiastic community of hundreds of security researchers and hackers all over the world who are playing with it, modding it, writing plugins to improve it, and helping each other out on a Slack channel.

IEEE Spectrum describes how the U.S. Defense Advanced Research Projects Agency (DARPA) partnered with Pivot Technology Services to help them relocate their massive radio-frequency emulation testbed, called "Colosseum." The testbed was built for the agency's Spectrum Collaboration Challenge (SC2) -- a three-year competition to demonstrate the validity of using AI to work together in order to use wireless spectrum more efficiently than operating on pre-allocated bands. Slashdot reader Wave723 shares an excerpt from the report: Colosseum was originally built and housed at Johns Hopkins University Applied Physics Laboratory. That changed at the beginning of October, when the testbed was dismantled and later trucked to Los Angeles for the competition's finale, scheduled to begin at 3:30pm PDT today at MWC Los Angeles. [...] There may have been some molehills during the checks, but moving Colosseum definitely qualifies as a mountain. The testbed uses 3 Peta-Ops per second of computing power and 52 terabytes per second of data to emulate 65,000 channel operations between 256 wireless devices. It can draw up to 92 kilowatts of power and requires 200 gallons of water per minute to cycle through its cooling system to keep it from overheating.

Colosseum is housed within a space twice of the size of a cargo container -- in fact, its housing is literally built from two converted cargo containers put side by side. The halves arrived at the Los Angeles Convention Center during the set-up for MWC Los Angeles, and were hauled into the building and onto the convention floor by two 18-wheelers. We're going to move right past the crazy fact that DARPA and its hired logistics companies drove two semi-trucks into the Los Angeles Convention Center, because it gets better. To actually lower Colosseum's halves onto the ground, the next step involved something that both Tilghman and Gabel referred to as a "forklift ballet." As it turned out, the convention center didn't have a forklift strong enough to lift either half, so everyone improvised and used four smaller forklifts simultaneously by carefully arranging them around each half of Colosseum. It worked, but Gabel, in showing me a video of the forklift ballet, pointed out a moment where one of the forklift's rear wheels lifted off the ground as the machine and its operator grappled with Colosseum's weight...

SpaceX president Gwynne Shotwell said the goal is to complete six to eight Starlink launches to get sufficient coverage to start offering the service to consumers in 2020. SpaceNews reports: SpaceX is confident it can start offering broadband service in the United States via its Starlink constellation in mid-2020, the company's president and chief operating officer Gwynne Shotwell said Oct. 22. Getting there will require the company to launch six to eight batches of satellites, Shotwell told reporters during a media roundtable. SpaceX also has to finish the design and engineering of the user terminals, which is not a minor challenge, Shotwell acknowledged.

SpaceX CEO Elon Musk has a Starlink terminal at his house and he used it to send a tweet early on Oct. 22. "Sending this tweet through space via Starlink satellite," he tweeted to his 29 million followers. "Whoa, it worked!!" Shotwell said SpaceX will need to complete six to eight Starlink launches -- including the one that already took place in May -- to ensure continuous service in upper and lower latitude bands. "We need 24 launches to get global coverage," she said. "Every launch after that gives you more capacity." SpaceX wants to offer the service to the U.S. government but is now focused on how it will serve the consumer market. Many of the details of how the service will be rolled out remain to be worked out, she said. When possible it will be offered directly to consumers following Musk's Tesla model for selling cars. In many countries the company will be required to partner with local telecom firms to offer the service. Last week, the company requested the International Telecommunication Union to approve spectrum for 30,000 Starlink satellites that would be in addition to the 12,000 already approved by the U.S. FCC.

An anonymous reader quotes a report from TechSpot: 5G wireless technology is the next big thing in the mobile industry, and ISPs are pushing it quite heavily. Unfortunately for Verizon, the company's efforts to promote its implementation of 5G have not been perfect lately. The ISP announced that its 5G network would be available in three NBA arenas (with seven more planned to receive it) in the coming months -- however, even in that relatively small area, the 5G coverage is not strong enough to support the entire arena. According to Ars Technica, the network will only cover "certain seating areas." NFL stadiums are in a similar boat -- Verizon is bringing 5G to those arenas, too, but only select seats will have access. Of course, the average football stadium is considerably bigger than most basketball stadiums, so that's a bit more understandable. Verizon's 5G coverage will first extend to three NBA arenas -- Chase Center in San Francisco, Phoenix's Talking Stick Resort Arena, and the Pepsi Center In Denver -- and then to seven more by the end of the 2019-2020 basketball season.

In the latest swirl of T-Mobile-Sprint merger drama, Colorado is exiting a lawsuit challenging the deal after Dish Network agreed to house its new wireless headquarters in the state. The Verge reports: The Colorado Attorney General's Office announced its decision on Monday after Dish promised that the state would be one of the first in the nation to receive 5G services and become the home of its new wireless headquarters, creating thousands of jobs. The DOJ approved the T-Mobile-Sprint merger back in July after it was able to piece together a new wireless competitor by allocating some of Sprint's spectrum to Dish. The Federal Communications Commission formally voted to approve the merger late last week. Dish is positioned to become the third largest wireless competitor after negotiations with the Justice Department to approve the merger.

Dish won't be building out a new headquarters, however. The company already houses its call center employees at the "Riverfront" facility in Littleton, Colorado and any new wireless HQ employees will work in that building (which looks eerily like a Cabela's location) as well. Colorado was formerly part of a multistate lawsuit spearheaded by the New York State Attorney General's office aimed at blocking the merger. Colorado is now the second state to drop out of the suit along with Mississippi. A trial date is set for December 9th. In a press release, Dish said that it "expects to employ 2,000 full-time employees" at the Colorado headquarters over the next three years. "The agreements we are announcing today address those concerns by guaranteeing jobs in Colorado, a statewide buildout of a fast 5G network that will especially benefit rural communities, and low-cost mobile plans," Chief Deputy Attorney General Natalie Hanlon Leh said in a statement to The Colorado Sun. "Our announcement today ensures Coloradans will benefit from Dish's success as a nationwide wireless competitor."

Long-time Slashdot reader Kekke shared this article from Ars Technica: A potentially serious vulnerability in Linux may make it possible for nearby devices to use Wi-Fi signals to crash or fully compromise vulnerable machines, a security researcher said.

The flaw is located in the RTLWIFI driver, which is used to support Realtek Wi-Fi chips in Linux devices. The vulnerability triggers a buffer overflow in the Linux kernel when a machine with a Realtek Wi-Fi chip is within radio range of a malicious device. At a minimum, exploits would cause an operating-system crash and could possibly allow a hacker to gain complete control of the computer. The flaw dates back to version 3.10.1 of the Linux kernel released in 2013...

The vulnerability is tracked as CVE-2019-17666. Linux developers proposed a fix on Wednesday that will likely be incorporated into the OS kernel in the coming days or weeks. Only after that will the fix make its way into various Linux distributions.

Nico Waisman, who is a principal security engineer at Github [and discovered the bug] said he has not yet devised a proof-of-concept attack that exploits the vulnerability in a way that can execute malicious code on a vulnerable machine. "I'm still working on exploitation, and it will definitely... take some time (of course, it might not be possible)," he wrote in a direct message. "On paper, [this] is an overflow that should be exploitable. Worst-case scenario, [this] is a denial of service; best scenario, you get a shell."
The article notes that the flaw "can't be triggered if Wi-Fi is turned off or if the device uses a Wi-Fi chip from a different manufacturer."

hcs_$reboot writes: Everyone in California will now receive earthquake alerts on their phones seconds before the ground begins to shake, giving residents up to 20 seconds of warning before shaking begins. Developed by seismologists at the University of California, Berkeley, the MyShake application (residents will need to download the app to receive the alerts in areas without cell phone coverage) is designed to alert the public when a magnitude 4.5 earthquake or greater has been detected and has been shown to be faster than other alert delivery methods. The wireless emergency alerts will be sent in the event of a more significant quake, magnitude 5.0 or greater. The system does not predict earthquakes. Rather, it uses numerous seismic stations to detect the start of an earthquake and light-speed communications to send the data to computers that instantly calculate location, magnitude, intensity of shaking and create alerts to be distributed to areas that will be affected. When the MyShake app was released back in 2016 it already detected over 200 earthquakes in more than ten countries.

A paper describing the early results gives a general idea of the app's success: "On a typical day about 8,000 phones provide acceleration waveform data to the MyShake archive. The on-phone app can detect and trigger on P waves and is capable of recording magnitude 2.5 and larger events. The largest number of waveforms from a single earthquake to date comes from the M5.2 Borrego Springs earthquake in Southern California, for which MyShake collected 103 useful three-component waveforms. The network continues to grow with new downloads from the Google Play store everyday and expands rapidly when public interest in earthquakes peaks such as during an earthquake sequence."