Attackers have been exploiting vulnerabilities in MikroTik routers to forward network traffic to a handful of IP addresses under their control. "The bug is in Winbox management component and allows a remote attacker to bypass authentication and read arbitrary files," reports Bleeping Computer. "Exploit code is freely available from at least three sources from at least three sources." From the report: 360Netlab announced in a blog post today that more than 7,500 MikroTik routers across the world are currently delivering their TZSP (TaZmen Sniffer Protocol) traffic to nine external IP addresses. According to the researchers, the attacker modified the device's packet sniffing settings to forward the data to their locations. "37.1.207.114 is the top player among all the attackers. A significant number of devices have their traffic going to this destination," Qihoo experts inform.

The analysis shows that the attacker is particularly interested in ports 20, 21, 25, 110, and 144, which are for FTP-data, FTP, SMTP, POP3, and IMAP traffic. An unusual interest is in traffic from SNMP (Simple Network Management Protocol) ports 161 and 162, which researchers cannot explain at the moment. The largest number of compromised devices, 1,628, is in Russia, followed by Iran (637), Brazil (615), India (594) and Ukraine (544). The researchers say that security outfits in the affected countries can contact them at netlab[at]360.cn for a full list of IPs.

The largest U.S. telecom companies are slowing internet traffic to and from popular apps like YouTube and Netflix, according to new research from Northeastern University and the University of Massachusetts, Amherst. Bloomberg: The researchers used a smartphone app called Wehe, downloaded by about 100,000 consumers, to monitor which mobile services are being throttled when and by whom, in what likely is the single largest running study of its kind. Among U.S. wireless carriers, YouTube is the No. 1 target of throttling, where data speeds are slowed, according to the data. Netflix's video streaming service, Amazon.com's Prime Video and the NBC Sports app have been degraded in similar ways, according to David Choffnes, one of the study's authors who developed the Wehe app. From January through early May, the app detected "differentiation" by Verizon Communications Inc. more than 11,100 times, according to the study. This is when a type of traffic on a network is treated differently than other types of traffic. Most of this activity is throttling. AT&T Inc. did this 8,398 times and it was spotted almost 3,900 times on the network of T-Mobile US and 339 times on Sprint's network, the study found.

Blackouts are common in the Lebanese capital, forcing energy consumers to pay whoever can get them power. Wired looked at how the residents of Beirut keep their lights on -- and their gadgets charged -- in the face of the rolling blackouts. From the report: Electrical power here does not come without concerted exertion or personal sacrifice. Gas-powered generators and their operators fill the void created by a strained electric grid. Most people in Lebanon, in turn, are often stuck with two bills, and sometimes get creative to keep their personal devices -- laptops, cell phones, tablets, smart watches -- from going dead. Meanwhile, as citizens scramble to keep their inanimate objects alive, the local authorities are complicit in this patchwork arrangement, taking payments from the gray-market generator operators and perpetuating a nation's struggle to stay wired.

Lebanon has been a glimmering country ever since the 15-year civil war began in 1975, and the reverberations from that conflict persist. These days there is only one city, Zahle, with electricity 24/7. Computer banks in schools and large air conditioners pumping out chills strain the grid, and daily state-mandated power cuts run from at least three hours to 12 hours or more. Families endure power outages mid-cooking, mid-washing, mid-Netflix binging. Residents rely on mobile phone apps to track the time of day the power will be cut, as it shifts between three-hour windows in the morning and afternoon, rotating throughout the week.

Once called the Paris of the Middle East, sometimes the region's Sin City, Beirut's supplementary power needs are effectively under the control of what is known here as the generator mafia: a loose conglomerate of generator owners and landlords who supply a great deal of the country's power. This group is indirectly responsible for the Wi-Fi, which makes possible any number of WhatsApp conversations -- an indispensable lifeline for the country's refugees, foreign aid workers, and journalists and locals alike.

Apple has officially sent out invitations to its latest media event, 'Gather round,' which will be held on September 12, 2018 -- a year to the day after the iPhone 8 and iPhone X were officially revealed. From a report: Following recent tradition, the event will start at 10:00 a.m. Pacific, and will be held in the Steve Jobs Theater at Apple's headquarters in Cupertino, California. The invite's theme is a pun on the circular shape of the Apple Park building, depicted with a golden tone. In addition to featuring finished versions of iOS 12 and watchOS 5, the event is expected to include the launch of three new iPhones -- possibly named the iPhone Xs (5.8-inch/6.5-inch) and iPhone Xc, reportedly including new gold-toned options -- as well as the new Apple Watch Series 4 with larger screens. A small software update to the Apple TV, tvOS 12, is also likely to arrive at the September event, as are Apple's long-awaited AirPower wireless charging pad and a wireless charging case for AirPods earphones.

Will Townsend, a senior analyst at Moor Insights & Strategy research firm, writes: As it relates to networking, the Linux Foundation is currently focused on a number of projects that are bringing top networking vendors, operators, service providers, and users together. Among the top initiatives are the Open Network Automation Platform (ONAP) and Data Plane Development Kit (DPDK). In this article, I would like to dive into both of these initiatives and share my perspective on how each is transforming the nature of networking [Editor's note: the website may have auto-playing videos; an alternative link was not available].

It makes sense that ONAP's releases are named after global cities, considering the platform's growing global footprint. ONAP is aimed at bringing real-time automation and orchestration to both physical and virtualized network functions. The first release in the fall of 2017, named Amsterdam, delivered a unified architecture for providing closed-loop networking automation. The underlying framework ensured a level of modularity to facilitate future functionality as well as standards harmonization and critical upstream partner collaboration. Initial use cases centered on Voice Over LTE (VoLTE) services as well as Virtualized Consumer Premise Equipment (vCPE). Both are extremely cost disruptive from a deployment and management perspective and deliver enhanced service provider agility. What I find extremely compelling is that Amsterdam was only an eight-month development cycle from start to release. That's an amazing feat even in the fast-paced technology industry.

[...] DPDK was an effort initially led by Intel at its inception nearly eight years ago, but became a part of the Linux Foundation back in 2017. At a high level, the technology accelerates packet processing workloads running on a variety of CPU architectures. DPDK is aimed at improving overall network performance, delivering enhanced encryption for improved security and optimizing lower latency applications that require lightning-fast response time. The transformative power of 5G networks lies in their potential to deliver low latency for applications such as augmented/virtual reality and self-driving cars -- DPDK will further extend that performance for next-generation wireless wide area networks. I had the opportunity recently to speak to project chair Jim St. Leger after the fifth DPDK release, and I was impressed with the depth and breadth of the open source project. Over 25 companies and 160 technologists are involved in advancing the effort. With the proliferation of data, cord cutting at home, and growing consumption of video over wired and wireless networks, high-quality compression techniques will dramatically improve performance and reliability. DPDK appears to be poised to contribute significantly to that effort.

The idea of an inexpensive tag capable of transforming any object into a smart device is not necessarily new. But most cheap smart tags that lack batteries or complicated electronics can only perform simple functions, such as passively storing and sharing identifying information about an object. A new technology promises to change that. From a report: By comparison, new LiveTag technology allows for interactive controls or keypads that can stick onto objects, walls, or even clothing, and let people remotely operate music players or receive hydration reminders based on the amount of liquid remaining in a water bottle. "These tags can sense the status of everyday objects and humans, and also sense human interactions with plain everyday objects," says Xinyu Zhang, assistant professor in electrical and computer engineering at the University of California, San Diego.

Zhang and his colleagues at the University of Wisconsin -- Madison developed the LiveTag technology after brainstorming about ways to easily incorporate ordinary objects into the Internet of Things without adding costly hardware and batteries. Their LiveTag designs and early prototypes are detailed in a paper [PDF] posted on the University of Wisconsin website. The basic LiveTag technology seems deceptively simple: copper foil printed onto lightweight paper-like materials without any batteries or discrete electronic components. The key is in the geometric copper foil patterns that are designed to absorb Wi-Fi signals of specific frequencies, even as the overall tag generally reflects 2.4/5 GHz signals from nearby Wi-Fi device transmitters.

An anonymous reader quotes a report from TechCrunch: Australia has blocked Huawei and ZTE from providing equipment for its 5G network, which is set to launch commercially next year. In a tweet, Huawei stated that the Australian government told the company that both it and ZTE are banned from supplying 5G technology to the country, despite Huawei's assurances that it does not pose a threat to national security. Earlier today, the Australian government issued new security guidelines for 5G carriers. Although it did not mention Huawei, ZTE or China specifically, it did strongly hint at them by stating "the Government considers that the involvement of vendors who are likely to be subject to extrajudicial directions from foreign government that conflict with Australian law, may risk failure by the carrier to adequately protect a 5G network from unauthorized access or interference." In its new security guidelines, the Australian government stated that differences in the way 5G operates compared to previous network generations introduces new risks to national security. In particular, it noted the diminishing distinctions between the core network, where more sensitive functions like access control and data routing occur, and the edge, or radios that connect customer equipment, like laptops and mobile phones, to the core. Huawei Australia said in a statement: "We have been informed by the Govt that Huawei & ZTE have been banned from providing 5G technology to Australia. This is a extremely disappointing result for consumers. Huawei is a world leader in 5G. Has safely & securely delivered wireless technology in Aust for close to 15 yrs."

An anonymous reader quotes a report from Ars Technica: A fire department whose data was throttled by Verizon Wireless while it was fighting California's largest-ever wildfire has rejected Verizon's claim that the throttling was just a customer service error and "has nothing to do with net neutrality." The throttling "has everything to do with net neutrality," a Santa Clara County official said. Verizon yesterday acknowledged that it shouldn't have continued throttling Santa Clara County Fire Department's "unlimited" data service while the department was battling the Mendocino Complex Fire. Verizon said the department had chosen an unlimited data plan that gets throttled to speeds of 200kbps or 600kbps after using 25GB a month but that Verizon failed to follow its policy of "remov[ing] data speed restrictions when contacted in emergency situations." "This was a customer support mistake" and not a net neutrality issue, Verizon said. "Verizon's throttling has everything to do with net neutrality -- it shows that the ISPs will act in their economic interests, even at the expense of public safety," County Counsel James Williams said on behalf of the county and fire department. "That is exactly what the Trump Administration's repeal of net neutrality allows and encourages."

A way for submerged submarines to communicate with planes has been developed by researchers at MIT. From a report: At present, it is difficult for planes to pick up underwater sonar signals because they reflect off the water's surface and rarely break through. The researchers found an extremely high-frequency radar could detect tiny ripples in water, created by an ordinary underwater speaker. This could let lost flight recorders and submarines communicate with planes. Submarines communicate using sonar waves, which travel well underwater but struggle to break through the surface. Planes communicate using radio signals that do not travel well in water. At present, submarines can surface to send messages - but this risks revealing their location. Sometimes, buoys are used to receive sonar signals and translate them into radio signals. "Trying to cross the air-water boundary with wireless signals has been an obstacle," said Fadel Adib, from the MIT Media Lab. The system developed at MIT uses an underwater speaker to aim sonar signals directly at the water's surface, creating tiny ripples only a few micrometres in height. These ripples can be detected by high-frequency radar above the water and decoded back into messages.

Verizon Wireless's throttling of a fire department that uses its data services has been submitted as evidence in a lawsuit that seeks to reinstate federal net neutrality rules. From a report: "County Fire has experienced throttling by its ISP, Verizon," Santa Clara County Fire Chief Anthony Bowden wrote in a declaration. "This throttling has had a significant impact on our ability to provide emergency services. Verizon imposed these limitations despite being informed that throttling was actively impeding County Fire's ability to provide crisis-response and essential emergency services." Bowden's declaration was submitted in an addendum to a brief filed by 22 state attorneys general, the District of Columbia, Santa Clara County, Santa Clara County Central Fire Protection District, and the California Public Utilities Commission. The government agencies are seeking to overturn the recent repeal of net neutrality rules in a lawsuit they filed against the Federal Communications Commission in the US Court of Appeals for the District of Columbia Circuit.

"The Internet has become an essential tool in providing fire and emergency response, particularly for events like large fires which require the rapid deployment and organization of thousands of personnel and hundreds of fire engines, aircraft, and bulldozers," Bowden wrote. Santa Clara Fire paid Verizon for "unlimited" data but suffered from heavy throttling until the department paid Verizon more, according to Bowden's declaration and emails between the fire department and Verizon that were submitted as evidence.

An anonymous reader quotes the BBC: Ordinary wi-fi could be used to detect weapons and explosives in public places, according to a study led by the Rutgers University in New Jersey. Wireless signals can penetrate bags to measure the dimensions of metal objects or estimate the volume of liquids, researchers claim. Initial tests appeared to show that the system was at least 95% accurate.

It could provide a low-cost alternative to airport-style security, researchers said. The system works by analysing what happens when wireless signals penetrate and bounce off objects and materials.

An anonymous reader quotes a report from Bloomberg: Amazon is developing a new device that records live TV, working around cable providers and encroaching on TiVo's market, according to a person familiar with the plans. The device, dubbed "Frank" inside Amazon, is a new type of digital video recorder for the streaming era. It would include physical storage and connect to Amazon's existing Fire TV boxes, the living room hub for the company's online video efforts. The Frank DVR has the same wireless technology that Amazon's Echo speakers use to connect to Fire TV boxes. Users will be able to record live TV and stream the video to a smartphone so it can be watched later. That functionality is similar to offerings from TiVo and Dish's Slingbox. Amazon hasn't made a final decision on rolling out the streaming feature, the person said, noting that the plans could either be canceled or delayed.

AmiMoJo shares a report from Boing Boing: Josh Mitchell's Defcon presentation analyzes the security of five popular brands of police bodycams (Vievu, Patrol Eyes, Fire Cam, Digital Ally, and CeeSc) and reveals that they are universally terrible. All the devices use predictable network addresses that can be used to remotely sense and identify the cameras when they switch on. None of the devices use code-signing. Some of the devices can form ad-hoc Wi-Fi networks to bridge in other devices, but they don't authenticate these sign-ons, so you can just connect with a laptop and start raiding the network for accessible filesystems and gank or alter videos, or just drop malware on them.

An anonymous reader quotes a report from Gizmodo: The researchers, which include engineers from Rutgers University-New Brunswick, Indiana University-Purdue University Indianapolis (IUPUI), and Binghamton University, published a study this month detailing a method in which common wifi can be used to easily and efficiently identify weapons, bombs, and explosive chemicals in public spaces that don't typically have affordable screening options. The researchers' system uses channel state information (CSI) from run-of-the-mill wifi. It can first identify whether there are dangerous objects in baggage without having to physically rifle through it. It then determines what the material is and what the risk level is. The researchers tested the detection system using 15 different objects across three categories -- metal, liquid, and non-dangerous -- as well as with six bags and boxes across three categories -- backpack or handbag, cardboard box, and a thick plastic bag.

The findings were pretty impressive. According to the researchers, their system is 99 percent accurate when it comes to identifying dangerous and non-dangerous objects. It is 97 percent accurate when determining whether the dangerous object is metal or liquid, the study says. When it comes to detecting suspicious objects in various bags, the system was over 95 percent accurate. The researchers state in the paper that their detection system only needs a wifi device with two to three antennas, and can run on existing networks.

In a statement Tuesday, Verizon announced deals making Apple and Google its first video providers for a 5G wireless service its planning to launch in four cities later this year. From the report: The home broadband service will debut in Los Angeles, Houston and Sacramento, California, as well as the newly announced fourth city of Indianapolis, Verizon said Tuesday in a statement. With the introduction, Verizon will provide 5G customers either a free Apple TV box or free subscription to Google's YouTube TV app for live television service, according to people familiar with the plan. After shelving its own online TV effort, New York-based Verizon decided to partner with the two technology giants for video content, a first step toward eventually competing nationally against internet and pay TV providers such as AT&T and Comcast Using fifth-generation wireless technology, Verizon plans to beam online services to home receivers, delivering speeds that match or exceed landline connections.

Jon Brodkin reports via Ars Technica: The FCC decision, originally slated to take effect later this year, would have made it difficult or impossible for Tribal residents to obtain a $25-per-month Lifeline subsidy that reduces the cost of Internet or phone service for poor people. But on Friday, a court stayed the FCC decision pending appeal, saying that Tribal organizations and small wireless carriers are likely to win their case against the commission. "Petitioners have demonstrated a likelihood of success on the merits of their arguments that the facilities-based and rural areas limitations contained in the Order are arbitrary and capricious," said the stay order issued by the U.S. Court of Appeals for the District of Columbia Circuit. "In particular, petitioners contend that the Federal Communications Commission failed to account for a lack of alternative service providers for many tribal customers."

The tribes and small carriers that sued the FCC "have shown a substantial risk that tribal populations will suffer widespread loss of vital telecommunications services absent a stay," the court said. The FCC hasn't proven that its plan won't result in "mass disconnection," the court also said. The court ruling was welcomed by the Crow Creek Sioux Tribe and Oceti Sakowin Tribal Utility Authority, which are among the groups suing the FCC. Several small carriers and the non-profit National Lifeline Association are also plaintiffs in the lawsuit.

An anonymous reader quotes a report from Bloomberg: Qualcomm, the smartphone chipmaker fighting regulatory actions and lawsuits threatening its most profitable business, has reached a settlement with Taiwan's antitrust regulators that reverses most of a $773 million fine. As part of an agreement announced Friday by the Fair Trade Commission, the company will invest $700 million over the next five years and boost research activities in Taiwan, home to a clutch of important suppliers to global names such as Apple. In return, Qualcomm can stop paying fines and retains the right to charge manufacturers royalties on its technology. The commission said Friday it will keep NT$2.73 billion ($89 million) in fines that Qualcomm's already paid but waive the rest.

In an October decision, Taiwan's antitrust agency said Qualcomm had monopoly market status over key mobile phone standards and was violating local laws by not providing products to clients who didn't agree with its conditions. Besides the fine, the Fair Trade Commission told Qualcomm at the time to remove previously signed deals that forced competitors to provide price, customer names, shipment, model name and other sensitive information. Qualcomm appealed the decision. The company agreed to ensure fair negotiations with local licensees, and will support research and commercial projects in Taiwan, including collaborating on the development of fifth-generation wireless, Qualcomm said in a separate statement Friday.

The social network's initiatives to connect people to the internet, including Internet.org and new data analytics tools, are now part of Facebook Connectivity. From a report: A half decade after launching Internet.org, seen by many as the coming-out party for Facebook's connectivity programs, the company said it's shaking up its efforts to bring internet access to the 4 billion people who still don't have it. On Friday, Facebook rounded up all its disparate broadband and infrastructure projects and housed them under a new umbrella organization called Facebook Connectivity. "There's no silver bullet for connecting the world," Yael Maguire, vice president of engineering for Facebook Connectivity, said in an interview Thursday. "There isn't going to be a magic technology or business plan or single regulatory policy change that's going to change this. We really believe that it is a wide and diverse set of efforts that's required to do this."

The Connectivity group houses projects including Terragraph, which aims to connect high-density urban areas; OpenCellular, an open-source platform working on rural connectivity; and the Telecom Infra Project, a joint initiative with the wireless industry for creating faster networks. Facebook said the umbrella will also include Internet.org, which drew controversy with its Free Basics product that offered a pared-down version of the internet in emerging markets. While Internet.org has been synonymous with Facebook's connectivity efforts for the past five years, the new Connectivity brand may signal the company trying to distance itself from the backlashes surrounding Internet.org.

Owen Williams, writing for Motherboard: Thursday, at a flashy event in New York, Samsung unveiled yet another phone: the Galaxy Note 9. Like you'd expect, it's rectangular, it has a screen, and it has a few cameras. While unveiling what it hopes will be the next hit, it unknowingly confirmed something we've all been wondering: the smartphone industry is out of ideas. Phones are officially boring: the only topic that's up for debate with the Galaxy Note 9 is the lack of the iconic notch found on the iPhone X, and that it has a headphone jack. The notch has been cloned by almost every phone maker out there, and the headphone jack is a commodity that's unfortunately dying. However, the fact that we're comparing phones with or without a chunk out of the screen or a hole for your headphones demonstrates just how stuck the industry is.

It's clear that there's nothing really to see here. Yeah, the Note is a big phone, and it has a larger battery too. It's in different colors, it's faster than last year, and it has wireless charging. Everything you see here is from a laundry list of features that other smartphone manufacturers also have, and the lack of differentiation becomes clearer every year. It's the pinnacle of technology, and it's a snooze-fest. This isn't exclusively a Samsung problem: Every manufacturer from Apple to Xiaomi faces the same predicament. The iPhone's release cycle that Apple trained the world to be accustomed to, with splashy yearly releases and million-dollar keynotes, is clearly coming to an end as consumers use their existing phones for longer every year.

Alongside the Galaxy Note 9 and Galaxy Home Speaker, Samsung took the wraps off its new Galaxy Watch wearable at its Unpacked event in New York City. VentureBeat reports: Beyond coming in rose gold, silver, and midnight black colors, it can be had in two sizes -- the prior Gear S3 size is now called "46mm" and will start at $349.99, while a smaller-sized model is called "42mm" and will start at $329.99. Both will be available starting August 24, solely in the specific size and color configurations shown below. Samsung is also using improved glass: Gear S3 watches used Corning's Gorilla Glass SR+ and were IP68 rated for 10-foot, 30-minute water and dust resistance. The Galaxy Watch upgrades to Corning Gorilla DX+ glass and promises to keep the AMOLED screen underneath fully water-safe; it's rated for 5 ATM (165-foot/50-meter) submersion with IP68 and MIL-STD-810G certifications.

A disappointment in the new model is a reduction in its payment capabilities. The Gear S3 included both NFC and swipe-style magnetic secure transaction (MST) support to enable a wide array of Samsung Pay wireless purchases, but the Galaxy Watch drops MST support and only works with NFC. Not surprisingly, however, it does support Bluetooth 4.2 and 802.11b/g/n Wi-Fi. While continuing the use of a Tizen operating system from the Gear S3, Galaxy Watch packs a more powerful dual-core Exynos 9110 processor running at 1.15GHz. As was the case with the Gear S3 Frontier, the Galaxy Watch is available in Bluetooth-only and LTE versions, now promising LTE support across over 30 carriers in more than 15 countries. On stage, Samsung promised that the Galaxy Watch can be used for "several" days between charges; a subsequent press release said that it's actually "up to 80+ hours with typical usage" on the 46mm model, which has a 472mAh battery, versus "45+ hours" from the 270mAh battery of the 42mm model. Each model promises at least twice the longevity "with low usage."