News & Updates

(credit: Google Fiber)

The Nashville Metro Council last night gave its final approval to an ordinance designed to help Google Fiber accelerate deployment of high-speed Internet in the Tennessee city, despite AT&T and Comcast lobbying against the measure. Google Fiber’s path isn’t clear, however, as AT&T said weeks ago that it would likely sue Nashville if it passes the ordinance. AT&T has already sued Louisville, Kentucky over a similar ordinance designed to help Google Fiber.

The Nashville Council vote approved a “One Touch Make Ready” ordinance that gives Google Fiber or other ISPs quicker access to utility poles. The ordinance lets a single company make all of the necessary wire adjustments on utility poles itself, instead of having to wait for incumbent providers like AT&T and Comcast to send work crews to move their own wires.

One Council member who opposed the ordinance asked AT&T and Comcast to put forth an alternative plan, but the council stuck with the original One Touch Make Ready proposal.

Read 5 remaining paragraphs | Comments


In past few months, Microsoft opened the source code of a lot of its projects, convincing people that the company loves Linux.

But a new report shows that Microsoft is not really a big supporter of Linux.

Microsoft has banned Linux on some Windows 10 powered Signature Edition PCs, which provides the cleanest Windows experience on the market.
<!– adsense –>
Signature Edition PCs are


(credit: Melinda Sue Gordon for Netflix)

While Netflix gained popularity by streaming licensed content, the company has been switching gears. According to a Variety report, Netflix aims to make 50 percent of its content original programming over the next few years; the other half will continue to be licensed TV shows and movies.

At the start of 2016, the company announced it would launch 600 hours of original programming, a bump from the 450 hours it released in 2015. Over the next couple of years, Netflix plans to release a mix of content owned and produced by the company itself, in addition to co-productions and acquisitions. According to Netflix CFO David Wells, the company is currently “one-third to halfway” to reaching its 50 percent goal.

In many cases, Netflix original programming has surpassed the popularity of its licensed content. Shows like House of Cards and Master of None have received numerous awards, and the new show Stranger Things has become a breakout hit in the past few months and has already been renewed for a second season. But Netflix acknowledges that not all of its original programs have been major hits, and the company is fine with that as it knows that not every new program will pick up major followings. “We don’t necessarily have to have home runs,” Wells is quoted in Variety. “We can also live with singles, doubles, and triples especially commensurate with their cost.”

Read 1 remaining paragraphs | Comments


Artist’s concept of Tiangong-1 space station with a Shenzhou spacecraft docking. (credit: CNSA)

China says its first space station, launched in 2011, will return to Earth sometime during the second half of 2017. Chinese space officials cannot say exactly when, or where the Tiangong-1 laboratory will return to Earth, however.

The small space station, named “Heavenly Palace,” is presently at an orbit of about 370km, Chinese officials said. But it can no longer sustain such a high orbit and will gradually begin falling back to Earth. China’s official news service, Xinhua, further reported:

“Based on our calculation and analysis, most parts of the space lab will burn up during falling,” she said, adding that it was unlikely to affect aviation activities or cause damage to the ground.

China has always highly valued the management of space debris, conducting research and tests on space debris mitigation and cleaning, Wu said.

Now, China will continue to monitor Tiangong-1 and strengthen early warning for possible collision with objects. If necessary, China will release a forecast of its falling and report it internationally, said Wu.

The 8.5-ton, 10.4-meter-long facility served as an initial test bed for life-support systems in orbit and served as a precursor for China’s plans to launch a larger space station in the 2020s. A second “Heavenly Palace,” Tiangong-2, was launched earlier this month for further studies. It, too, will eventually return to Earth in an uncontrolled manner.

Read on Ars Technica | Comments



Samsung has unveiled its next generation M.2 PCIe SSDs, the 960 PRO and 960 Evo. Like the 950 Pro, which was released last year, the 960 Pro and 960 Evo are PCIe 3.0 x4 drives that use the latest NVMe protocol for data transfer.

As you’d expect, both are faster: the 960 Pro offers a blistering peak read speed of 3.5GB/s and a peak write speed of 2.1GB/s, while the Evo offers 3.2GB/s and 1.9GB/s respectively. The 950 topped out at a mere 2.5GB/s and 1.5GB/s.

The 960 Pro and the 960 Evo are due for release in October. The Pro starts at $329 for 512GB of storage, rising up to a cool $1,299 for a 2TB version. The Evo is a little lighter on the wallet, starting at $129 for a 250GB version, rising to $479 for a 1TB version. UK pricing is yet to be confirmed, but a 512GB 950 Pro currently retails for around £300.

Read 7 remaining paragraphs | Comments


The Shadowserver Foundation has conducted a scan of the Internet for CISCO devices running IOS software affected by the CVE-2016-6415 vulnerability.

Recently experts from CISCO discovered a vulnerability, tracked as CVE-2016-6415, in IOS system,while investigating the Equation Group‘s exploits leaked by the Shadow Broker hacker group. In particular, experts from CISCO were evaluating the impact of the BENIGNCERTAIN exploit. The experts also discovered another zero-day exploit dubbed EXTRABACON that could be used to hack CISCO ASA software.

The CVE-2016-6415 resides in the IKEv1 packet processing code. A remote, unauthenticated attacker could exploit it retrieve memory contents.

“The vulnerability is due to insufficient condition checks in the part of the code that handles IKEv1 security negotiation requests. An attacker could exploit this vulnerability by sending a crafted IKEv1 packet to an affected device configured to accept IKEv1 security negotiation requests,” reads the security advisory published by Cisco.

The flaw affects Cisco IOS XR versions 4.3.x, 5.0.x, 5.1.x and 5.2.x – versions 5.3.0 and later are not impacted. All IOS XE releases and various versions of IOS are affected.

Which is the real impact of the CVE-2016-6415 vulnerability?

The Shadowserver Foundation tried to provide further information to estimate the impact of the vulnerability in the wild, it has conducted an Internet scan for the Internet Security Association and Key Management Protocol (ISAKMP), which is a part of IKE.

“This scan is looking for devices that contain a vulnerability in their IKEv1 packet processing code that could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. More information on this issue can be found on Cisco’s site at:” reads the page related to the Vulnerable ISAKMP Scanning Project.

“The goal of this project is to identify the vulnerable systems and report them back to the network owners for remediation. Information on these vulnerable devices has been incorporated into our reports and is being reported on a daily basis.”

With the support of CISCO experts, the organization queried all computers with routable IPv4 addresses that are exposed on the Internet without firewall protection. They used a specifically crafted 64 byte ISAKMP packet collecting the response from the scanned appliance.

“We normally tune our scans as tightly as possible to limit the impact on the end users as well as trying to be nice to the general network traffic.  In this case we are not as tuned as we would like to be since we are having to do a full IKE negotiation making our packets almost 2600 bytes in size, at least in the first sets of tests.  With a huge amount of assistance from Cisco we were able to reduce the packet size down to 64 bytes. ”  reads the page on the “ISAKMP Scanning and Potential Vulnerabilities.”


The scan results are disconcerting, the experts discovered more than 840,000 unique IP addresses related to appliances vulnerable to the CVE-2016-6415 exploit.

Below the Top 20 countries with vulnerable ISAKMP

Country Total
United States 255,606
Russian Federation 42,281
United Kingdom 42,138
Canada 41,115
Germany 35,132
Japan 33,092
Mexico 26,970
France 26,818
Australia 22,827
China 22,767
Italy 21,308
Netherlands 17,812
Poland 14,630
Spain 11,811
Turkey 10,355
Brazil 9,298
Czech Republic 8,943
Ukraine 8,514
India 8,282
Korea, Republic of 8,058

The highest percentage of vulnerable devices were in the United States (255,000), six times more than Russia (42,000), United Kingdom (42,000) and Canada (41,000). The experts also analyzed the autonomous system numbers (ASNs),discovering a predominance of Comcast and AT&T’s network IPs.

Below the top 20 ASNs With Vulnerable ISAKMP

ASN AS Name Country Total
AS7922 COMCAST-7922 US 35,429
AS7018 ATT-INTERNET4 US 23,660
AS8151 Uninet MX 21,014
AS3215 AS3215 FR 16,427
AS3320 DTAG DE 13,991
AS4713 OCN JP 11,460
AS3269 ASN IT 10,265
AS5089 NTL GB 9,389
AS4134 CHINANET CN 9,203
AS701 UUNET US 8,766
AS22773 ASN-CXA-ALL-CCI-2277 US 8,722
AS1221 ASN AU 8,194
AS2856 BT-UK GB 7,265
AS9121 TTNET TR 7,159
AS10796 SCRR-10796 US 6,733

According to Shadowserver, there is no evidence that the products of vendors other than Cisco are affected by the vulnerability, but the organization noted that it is not a conclusive test.

Cisco has released an online tool that allows its customers to determine if their products are affected by the CVE-2016-6415 flaw.

medianet_width=’300′; medianet_height= ‘250’; medianet_crid=’762221962′;

Pierluigi Paganini

(Security Affairs –  The Equation Group ATP, CVE-2016-6415)

The post Over 840,000 Cisco systems affected by the Equation Group’s flaw CVE-2016-6415 appeared first on Security Affairs.

Source: Security affairs

Are you good at hiding your feelings?

No issues, your Wi-Fi router may soon be able to tell how you feel, even if you have a good poker face.

A team of researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have developed a device that can measure human inner emotional states using wireless signals.

Dubbed EQ-Radio, the new device measures heartbeat, and


You can be forgiven for not being familiar with Huawei (pronounced “wah-way”). Other than the Nexus 6P, the Chinese company hasn’t had much presence in the US. Despite mostly not dealing with the United States, Huawei is the largest telecommunications equipment manufacturer in the world and the third-largest smartphone OEM behind Samsung and Apple.

At the beginning of this year, though, Huawei finally started bringing phones to the US. Today we’re looking at the value entry from Huawei’s sub-brand, “Honor,” called the “Honor 8.” The Honor 8 occupies Ars’ favorite $400 price point (£370 in the UK), which hits the (hopefully) perfect balance of high-end specs without all the often-gimmicky bells and whistles of $700 to $800 phones.

SPECS AT A GLANCE: Huawei Honor 8
SCREEN 1920×1080 5.2″ (423ppi) LCD
OS Android 6.0 with EMUI 4.1
CPU Eight-core HiSilicon Kirin 950 (four 2.3GHz Cortex A72 cores and four 1.8 GHz Cortex A53s cores)
GPU Mali-T880 MP4
STORAGE 32GB plus a Micro SD slot
NETWORKING 802.11b/g/n/ac, Bluetooth 4.2, GPS, NFC

GSM: 850/900/1800/1900MHz

LTE FDD: B1/B2/B3/B4/B5/B7/B8/B12/B17/B20

PORTS USB 2.0 Type-C, 3.5mm headphone jack
CAMERA Dual 12MP rear camera, 8MP front camera
SIZE 145.5 x 71 x 7.45 mm (5.73 x 2.8 x 0.29 in)
WEIGHT 153 g (5.4 oz)
OTHER PERKS NFC, 9V/2A quick charging, fingerprint sensor, notification LED, IR blaster

Design and build quality

The Honor 8 can best be described as the Huawei P9‘s cheaper cousin. Huawei’s more expensive phones, like the P9, get metal bodies, while the cheaper devices like the Honor 8 get glass backs with a metal frame. The Honor is basically built like a Samsung flagship, but for around half the price.

Read 21 remaining paragraphs | Comments