An anonymous reader quotes a report from ZDNet: Now, thanks to Comcast and Broadcom, we're seeing the first tests of full-duplex (FDX) DOCSIS 4 system-on-chip (SoC) devices. Comcast's tests, done between Philadelphia and Denver, show that FDX can work with DOCSIS 4. FDX enables cable internet providers to run a high-speed internet connection both upstream and downstream simultaneously. In other words, while you won't see symmetric speeds, you will someday see 10 Gbps downstream and 6 Gbps upstream over Comcast's hybrid-fiber coaxial (HFC) network. Comcast has been working towards this for years. The company has been working to bring DOCSIS 4 FDX to market pretty much since CableLabs' set the specification in 2017.

There is another way to deliver DOCSIS 4 speeds: Extended Spectrum DOCSIS (ESD). This is easier to deploy since it "only" raises to 1.8Gbps while keeping downstream and upstream traffic separate as has been the case with previous DOCSIS versions. Comcast, though, is investing heavily in chasing the top price of 10Gbps. It's possible that a single chipset could support both FDX and ESD, but we're still years away from that silicon being forged. [...] In the tests, which use experimental Broadcom SoCs, in a simulated network environment, they hit speeds of over 4Gbps both up and downstream simultaneously. This was done using DOCSIS 4's echo cancellation and overlapping spectrum techniques. The businesses expect future optimization to push the throughput even faster. We still don't know when these speeds will arrive in our small offices/home offices (SOHO). CableLabs doesn't even expect to test hardware for DOCSIS 4 certification until 2022. Nor, has Comcast announced any kind of deployment roadmap.

An anonymous reader quotes a report from Reuters: The Federal Aviation Administration (FAA) said that final rules announced in December took effect on Wednesday allowing for small drones to fly over people and at night, a significant step toward their eventual use for widespread commercial deliveries. The effective date was delayed about a month during the change in administration. The FAA said its long-awaited rules for the drones, also known as unmanned aerial vehicles, will address security concerns by requiring remote identification technology in most cases to enable their identification from the ground. Previously, small drone operations over people were limited to operations over people who were directly participating in the operation, located under a covered structure, or inside a stationary vehicle -- unless operators had obtained a waiver from the FAA.

Drone manufacturers have 18 months to begin producing drones with Remote ID, and operators will have an additional year to provide Remote ID. The new rules eliminate requirements that drones be connected to the internet to transmit location data but do require that they broadcast remote ID messages via radio frequency broadcast. One change, since the rules were first proposed in 2019, requires that small drones not have any exposed rotating parts that would lacerate human skin.

chicksdaddy shares a report from The Security Ledger: Websites for customers of agricultural equipment maker John Deere contained vulnerabilities that could have allowed a remote attacker to harvest sensitive information on the company's customers including their names, physical addresses and information on the Deere equipment they own and operate, The Security Ledger reported. The researcher known as "Sick Codes" published two advisories on Thursday warning about the flaws in the myjohndeere.com website and the John Deere Operations Center website and mobile applications. In a conversation with Security Ledger, the researcher said that a he was able to use VINs (vehicle identification numbers) taken from a farm equipment auction site to identify the name and physical address of the owner. Furthermore, a flaw in the myjohndeere.com website could allow an unauthenticated user to carry out automated attacks against the site, possibly revealing all the user accounts for that site.

Sick Codes disclosed both flaws to John Deere and also to the U.S. Government's Cybersecurity and Infrastructure Security Agency (CISA), which monitors food and agriculture as a critical infrastructure sector. The information obtained from the John Deere websites, including customer names and addresses, could put the company afoul of data security laws like California's CCPA or the Personal Information Protection Act in Deere's home state of Illinois. However, the national security consequences of the company's leaky website could be far greater. Details on what model combines and other equipment is in use on what farm could be of very high value to an attacker, including nation-states interested in disrupting U.S. agricultural production at key junctures, such as during planting or harvest time.

The consolidated nature of U.S. farming means that an attacker with knowledge of specific, Internet connected machinery in use by a small number of large-scale farming operations in the midwestern United States could launch targeted attacks on that equipment that could disrupt the entire U.S. food supply chain, researchers warn. The Agriculture sector and firms that supply it, like Deere, lag other industries in cyber security preparedness and resilience. A 2019 report (PDF) released by Department of Homeland Security concluded that the "adoption of advanced precision agriculture technology and farm information management systems in the crop and livestock sectors is introducing new vulnerabilities" (and that) "potential threats to precision agriculture were often not fully understood or were not being treated seriously enough by the front-line agriculture producers."

An anonymous reader quotes a report from Gizmodo: Today, with the expansion of its Galaxy Upcycling at Home service (which is still in beta), users in the U.S., U.K., and South Korea will get access to an experimental feature in the SmartThings app designed to give an old Galaxy handset new life as a useful smart home accessory. By using the app to reconfigure the device's battery usage and optimization, Samsung says even older devices will still be able to deliver good longevity, while the phone's usual assortment of wireless connectivity features makes it easy to pair the phone with other devices in your home.

In the SmartThings app, Samsung provides a range of functions that an old smartphone can perform, including serving as a light sensor that can automatically turn on your smart lights or even your TV when it gets dark. Alternatively, you can also convert an old Galaxy phone into a sound sensor, with the phone using AI to detect common household noises like a barking dog, crying baby, or a knock on the door. In this way, you can also repurpose an old Samsung phone as a baby monitor of sorts [...]. And of course, even without much fiddling, upcycled Samsung phones can also be used as universal remotes, providing an easy way to control your streaming video box, play music on your smart speakers, control your lights, and more.

Artem S. Tashkinov writes: Over the past ten years, Firefox market share has decreased substantially and the web browser has lost its appeal and coolness. Seeing that, someone at Mozilla probably decided that the best way to entice people back is by changing its UI, thus Firefox has already seen quite a huge number of changes despite other major web browsers staying relatively the same in terms of their visuals; i.e. Google Chrome and Apple Safari look almost the same as they did a decade ago. The most substantial redesign, which is being prepared for the next release, called Proton, promises to drive most power users away because it's broken on a number of levels and makes using the browser a very unpleasant experience.

So, what has changed:
- The compact density option for the address bar is now gone, and not only that, the title bar is now a lot taller than before. Overall, vertically, the title bar and address bar now take almost a dozen pixels more than previous Firefox releases, which steals very precious vertical space.
- The floating tabs. The active tab is now totally disconnected from the active web page and it looks out of place.
- The inactive tabs now completely lack a delimiter between them; and in the case of websites lacking a favicon, all inactive tabs look like one, which makes understanding what's open and what to click very difficult and time consuming.
- Mozilla has removed icons from menus, which makes navigating them slower and more difficult. Human beings can easily recognize and memorize icons, and now instead you have to read 20 menu items and try to understand what you actually need to click. Just to illustrate it, check how Firefox 88 looks and what is up and coming.

It surely looks like whatever UX studies Mozilla has done were either not run properly, or the data being collected was not properly understood. Mozilla has disabled feedback for Firefox, they've made it abundantly clear that you cannot leave comments in their Bugzilla, and considering they want to deprecate userChrome.css, it makes it impossible to restore the semblance of a good web browser experience. The Slashdot crowd loves free and open-source web browsers, so the question is, how can we make the company stop maiming and destroying their most important product?

In a follow-up to a story previously reported, Slashdot reader Turkinolith shares a report from Teslarati: In the latest trials and tribulations of a SpaceX Starlink competitor that went bankrupt after spending $3 billion to launch just 74 small internet satellites, it appears that OneWeb knowingly misled both media and US regulators over a claimed 'near-miss' with a Starlink satellite. Back on April 9th, OneWeb went public with claims that SpaceX had mishandled its response to a routine satellite collision avoidance warning from the US military, which monitors the location of satellites and space debris. According to OneWeb government affairs chief Chris McLaughlin, SpaceX disabled an automated system designed to detect and automatically command Starlink satellite collision avoidance maneuvers to let OneWeb move its satellite instead. McLaughlin also stated that "Coordination is the issue -- it is not sufficient to say 'I've got an automated system.'" He also recently criticized the maneuverability of Starlink satellites, claiming that "Starlink's engineers said they couldn't do anything to avoid a collision and switched off the collision avoidance system so OneWeb could maneuver around the Starlink satellite without interference." As it turns out, OneWeb's "near-miss" appears to have been a farce and the company scrambled to promise to retract those statements in an April 20th meeting with the FCC and SpaceX.

In an apparent attempt to capitalize on vague fears of "space debris" and satellite collisions, OneWeb -- or perhaps just McLaughlin -- took it upon itself to consciously misconstrue a routine, professional process of collision-avoidance coordination between OneWeb and SpaceX. McLaughlin ran a gauntlet of media outlets to drag SpaceX through the mud and criticize both the company's technology and response, ultimately claiming that SpaceX's Starlink satellite was incapable of maneuvering out of the way. Instead, according to a precise, evidenced timeline of events presented by SpaceX to the FCC, the coordination was routine, uneventful, and entirely successful. OneWeb itself explicitly asked SpaceX to disable its autonomous collision avoidance software and allow the company to maneuver its own satellite out of the way after SpaceX made it clear that the Starlink spacecraft could also manage the task. The event was neither "urgent" or a "close call," as OneWeb and media outlets later claimed. SpaceX says it has been coordinating similar avoidance maneuvers with OneWeb since March 2020.

Most damningly, SpaceX says that immediately after OneWeb disseminated misleading quotes about the event to the media, "OneWeb met with [FCC] staff and Commissioners [to demand that] unilateral conditions [be] placed on SpaceX's operations." Those conditions could have actually made coordination harder, "demonstrating more of a concern with limiting [OneWeb's] competitors than with a genuine concern for space safety." Crucially, despite lobbying to restrict its competitors, "OneWeb [has] argued forcefully that [it] should be exempt from Commission rules for orbital debris mitigation due to their status as non-U.S. operators." In simple terms, OneWeb is trying to exploit the FCC to suppress its competition while letting it roam free of the exact same regulations.

The owner of the Daily Mail newspaper and MailOnline website is suing Google over allegations the search engine manipulates search results. The BBC reports: Associated Newspapers accuses Google of having too much control over online advertising and of downgrading links to its stories, favoring other outlets. It alleges Google "punishes" publishers in its rankings if they don't sell enough advertising space in its marketplace. Google called the claims "meritless."

Associated Newspapers' concerns stem from its assessment that its coverage of the Royal Family in 2021 has been downplayed in search results. For example, it claims that British users searching for broadcaster Piers Morgan's comments on the Duchess of Sussex following an interview with Oprah Winfrey were more likely to see articles about Morgan produced by smaller, regional outlets. That is despite the Daily Mail writing multiple stories a day about his comments around that time and employing him as a columnist. In response, a Google spokesperson said: "The Daily Mail's claims are completely inaccurate. The use of our ad tech tools has no bearing on how a publisher's website ranks in Google search. More generally, we compete in a crowded and competitive ad tech space where publishers have and exercise multiple options. The Daily Mail itself authorizes dozens of ad tech companies to sell and manage their ad space, including Amazon, Verizon and more. We will defend ourselves against these meritless claims."

The law enforcement arm of the U.S. Postal Service has been quietly running a program that tracks and collects Americans' social media posts, including those about planned protests, according to a document obtained by Yahoo News. From the report: The details of the surveillance effort, known as iCOP, or Internet Covert Operations Program, have not previously been made public. The work involves having analysts trawl through social media sites to look for what the document describes as "inflammatory" postings and then sharing that information across government agencies. "Analysts with the United States Postal Inspection Service (USPIS) Internet Covert Operations Program (iCOP) monitored significant activity regarding planned protests occurring internationally and domestically on March 20, 2021," says the March 16 government bulletin, marked as "law enforcement sensitive" and distributed through the Department of Homeland Security's fusion centers. "Locations and times have been identified for these protests, which are being distributed online across multiple social media platforms, to include right-wing leaning Parler and Telegram accounts."

wiredmikey shares a report from SecurityWeek: Google late Tuesday shipped another urgent security patch for its dominant Chrome browser and warned that attackers are exploiting one of the zero-days in active attacks. This is the fourth in-the-wild Chrome zero-day discovered so far in 2021 and the continued absence of IOC data or any meaningful information about the attacks continue to raise eyebrows among security experts.

The newest Chrome update -- 90.0.4430.85 -- is available for Windows, Mac and Linux users and is being rolled out via the browser's automatic update mechanism. The vulnerability being exploited is identified as CVE-2021-21224 and simply described as a "type confusion" in the V8 Chrome rendering engine. Google credited the Jose Martinez (tr0y4) from VerSprite Inc. for reporting the vulnerability. "Google is aware of reports that exploits for CVE-2021-21224 exist in the wild," the company said, with no additional details.

According to the United Kingdom's Security Service, known as MI5, hostile states are creating fake LinkedIn profiles to trick users into spilling secrets. The BBC reports: At least 10,000 UK nationals have been approached by fake profiles linked to hostile states, on the professional social network LinkedIn, over the past five years, according to MI5. "Malicious profiles" are being used on "an industrial scale," the security agency's chief, Ken McCallum, said. A campaign has been launched to educate government workers about the threat. The effort -- Think Before You Link -- warns foreign spies are targeting those with access to sensitive information. One concern is the victims' colleagues, in turn, become more willing to accept follow-up requests - because it looks as if they share a mutual acquaintance.

MI5 did not specifically name LinkedIn but BBC News has learned the Microsoft-owned service is indeed the platform involved. The 10,000-plus figure includes staff in virtually every government departments as well as key industries, who might be offered speaking or business and travel opportunities that could lead to attempts to recruit them to provide confidential information. And it is thought a large number of those approached engaged initially with the profiles that contacted them online.

Reddit unveiled its take on a Clubhouse-like social audio product on Monday, called Reddit Talk. The Verge reports: The company is billing Monday's announcement as a "sneak preview," since the feature isn't widely available yet. Moderators that want to try the feature out in their subreddit can add themselves to a waitlist for access. Based on Reddit's description and images shared by the company, Reddit Talk appears to look a lot like Clubhouse, Twitter Spaces, and other social audio products. Talks will "live" within subreddits, according to Reddit.

During the initial tests, only subreddit moderators will be able to initiate a Talk, and Talk hosts will have the ability to invite, mute, and remove speakers. While only mods can kick off Talks in the beginning, anyone on iOS and Android can listen to one. Moderation has been an issue for Clubhouse, so it's notable that Reddit is starting small and giving access only to moderators first. At some point in the future, mods will be able to bring on trusted community members as co-hosts. The company says it is "testing ways" for hosts to customize how Talks look with emojis and different background colors, and users will be able to change their avatar, too. Earlier today, Facebook also announced that the company is working on a Clubhouse clone.

An anonymous reader quotes a report from 9to5Google: The latest addition coming to Microsoft Edge is "performance mode." Rolling out first to the Canary channel, "performance mode" in Microsoft Edge is designed to improve how the browser uses the resources available to it. In practice, Microsoft says the new mode will improve speed and responsiveness overall while "optimizing" the use of battery, CPU, and RAM. Apparently, the mode may adjust based on your browsing habits too. "Performance mode helps you optimize speed, responsiveness, memory, CPU and battery usage," says Microsoft. "Performance improvements might vary depending on your individual specifications and browser habits."

One specific change Microsoft notes is that the "Sleeping Tabs" feature in Edge will be locked to five minutes when performance mode is turned on. "Sleeping Tabs" essentially freezes a tab that's left open in the background, saving resources when it's not actively being used. Performance Mode is rolling out now in version 91.0.856.0, available in the Canary channel. The toggle is available in the "System" section of the settings menu.

AmiMoJo writes: WordPress announced over the weekend that they plan on treating Google's new FLoC tracking technology as a security concern and hence block it by default on WordPress sites. For some time, browsers have begun to increasingly block third-party browser cookies used by advertisers for interest-based advertising. In response, Google introduced a new ad tracking technology called Federated Learning of Cohorts, or FLoC, that uses a web browser to anonymously place users into interest or behavioral buckets based on how they browse the web. After Google began testing FLoC this month in Google Chrome, there has been a consensus among privacy advocates that Google's FLoC implementation just replaces one privacy risk with another one.

"WordPress powers approximately 41% of the web -- and this community can help combat racism, sexism, anti-LGBTQ+ discrimination and discrimination against those with mental illness with four lines of code," says WordPress. WordPress states that this code is planned for WordPress 5.8, scheduled for release in July 2021. As FLoC is expected to roll out sooner, WordPress is considering back-porting this code to earlier versions to "amplify the impact" on current versions of the blogging platform. Further reading: Nobody is Flying To Join Google's FLoC.

Microsoft's Xbox Cloud Gaming service, previously known as xCloud, will begin rolling out in beta to iPhones, iPads and PCs this week. The service will be invite-only to start, Microsoft said in a blog post on Monday. From a report: Xbox Cloud Gaming was on track to launch for iPhones and iPads earlier, but Apple updated its App Store rules in September that impacted services like Xbox Gaming and Google Stadia. Apple's move forced the companies to use web browsers to redesign their services so that they could circumvent the App Store rules. Under the rules, Microsoft, Google and other companies with similar services would have had to offer each game as an individual download instead of offering a complete library the way Netflix does for movies.

Xbox Cloud Gaming is sort of like Netflix for games. People who subscribe to Microsoft's $14.99/month Xbox Game Pass Ultimate plan can access more than 100 titles. The cloud gaming aspect lets you stream the games without having to download them, provided you have a fast enough internet connection. The streaming option is already available for Android phones.

"Jensen Huang, the CEO of Nvidia, the nation's most valuable semiconductor company, with a stock price of $645 a share and a market cap of $400 billion, is out to create the metaverse," writes Time magazine.

Huang defines it as "a virtual world that is a digital twin of ours." Huang credits author Neal Stephenson's Snow Crash, filled with collectives of shared 3-D spaces and virtually enhanced physical spaces that are extensions of the Internet, for conjuring the metaverse. This is already playing out with the massively popular online games like Fortnite and Minecraft, where users create richly imagined virtual worlds. Now the concept is being put to work by Nvidia and others.

Partnering with Nvidia, BMW is using a virtual digital twin of a factory in Regensburg, Germany, to virtually plan new workflows before deploying the changes in real time in their physical factory. The metaverse, says Huang, "is where we will create the future" and transform how the world's biggest industries operate...

Not to make any value judgments about the importance of video games, but do you find it ironic that a company that has its roots in entertainment is now providing vitally important computing power for drug discovery, basic research and reinventing manufacturing?

No, not at all. It's actually the opposite. We always started as a computing company. It just turned out that our first killer app was video games...

How important is the advent and the adaptation of digital twins for manufacturing, business and society at large?

In the future, the digital world or the virtual world will be thousands of times bigger than the physical world. There will be a new New York City. There'll be a new Shanghai. Every single factory and every single building will have a digital twin that will simulate and track the physical version of it. Always. By doing so, engineers and software programmers could simulate new software that will ultimately run in the physical version of the car, the physical version of the robot, the physical version of the airport, the physical version of the building. All of the software that's going to be running in these physical things will be simulated in the digital twin first, and then it will be downloaded into the physical version. And as a result, the product keeps getting better at an exponential rate.

The second thing is, you're going to be able to go in and out of the two worlds through wormholes. We'll go into the virtual world using virtual reality, and the objects in the virtual world, in the digital world, will come into the physical world, using augmented reality. So what's going to happen is pieces of the digital world will be temporarily, or even semipermanently, augmenting our physical world. It's ultimately about the fusion of the virtual world and the physical world.
See also this possibly related story, "Nvidia's newest AI model can transform single images into realistic 3D models."

Long-time Slashdot reader schwit1 shared this analysis from Just Security: Huawei's plans for 6G and beyond make U.S. concerns over 5G look paltry: Huawei is proposing a fundamental internet redesign, which it calls "New IP," designed to build "intrinsic security" into the web. Intrinsic security means that individuals must register to use the internet, and authorities can shut off an individual user's internet access at any time. In short, Huawei is looking to integrate China's "social credit," surveillance, and censorship regimes into the internet's architecture...

To avoid scrutiny of New IP's shortcomings, Huawei has circumvented international standards bodies where experts might challenge the technical shortcomings of the proposal. Instead, Huawei has worked through the United Nations' International Telecommunications Union (ITU), where Beijing holds more political sway...

Huawei dominance on New IP and 6G would not only create a less free, less interoperable internet, it would pave the way for authoritarian governments to gain expanded say over future changes to the internet for years to come.

FTP (file transfer protocol) celebrated its 50th anniversary this week. Long-time Slashdot reader sandbagger shares an article commemorating a half-century of FTP: Over the years, the FTP protocol got refined with 16 different revisions(*1) adding support with TCP/IP, a secure extension also known as FTPS which is leveraging the same tech as HTTPS and more recent addition like IPv6 support.

Fifty years after its inception, FTP is still going very strong with millions of FTP server still being exposed on the internet which is fairly amazing considering the bad press it gets...

Governor Andrew Cuomo signed a bill on Friday requiring all Internet service providers in New York to offer affordable high-speed access for low-income families. From a report: The providers can charge those families no more than $15 a month, Cuomo said during a briefing Friday at the Northland Workforce Training Center in Buffalo. He was joined by Eric Schmidt, former chief executive officer of Alphabet, who chairs a 15-member state commission focusing on using technology to help the state reopen better than it was before the virus. Cuomo also said an emergency fund from Schmidt Futures and the Ford Foundation will provide free Internet access to 50,000 students statewide through the 2021-22 school year.

The bill passed by the state legislature caps a basic broadband plan at $15 a month and a higher-speed one at $20. Currently, a basic high-speed plan costs on average more than $50 a month, according to a statement from Assembly member Amy Paulin. Schmidt, who praised the embattled governor for his "extraordinary" leadership during the pandemic, said universal broadband access is the first and most important priority of the commission. Members were concerned about the "hundreds of thousands of people who apparently had no Internet access at all," Schmidt said, an impediment to learning and tele-medicine.

The Internet of Secure Things Alliance, an IoT security certification body (a.k.a. ioXt), has launched a new security certification for mobile apps and VPNs. From a report: The new ioXt compliance program includes a 'mobile application profile' -- a set of security-related criteria against which apps can be certified. The profile or mobile app assessment includes additional requirements for virtual private network (VPN) applications. Google and Amazon had a hand in shaping the criteria, along with number of certified labs such as NCC Group and Dekra, and mobile app security testing vendors such as NowSecure. Google's VPN within the Google One service is one of the first to be certified against the criteria. Mobile app makers can get their apps certified against a set of security and privacy requirements. The ioXt Alliance has a broad cross-section of members from the tech industry, with its board comprising execs from Amazon, Comcast, Facebook, Google, Legrand, Resideo, Schneider Electric, T-Mobile, the Zigbee Alliance, and the Z-Wave Alliance. About 20 industry figures helped write the requirements for the mobile app profile, including Amit Agrawal, a principal security architect at Amazon, and Brooke Davis from the Strategic Partnerships team at Google Play. Both are vice-chairs of the mobile app profile group.

An anonymous reader quotes a report from Ars Technica: Charter Communications employees who have been on strike since 2017 are building an Internet service provider in New York City called "People's Choice." "People's Choice Communications is an employee-owned social enterprise launched by members of IBEW Local #3 to bridge the digital divide and help our neighbors get connected to the Internet during the COVID-19 pandemic," the ISP's website says. "We are the workers who built a large part of New York City's Internet infrastructure in the first place. We built out [Charter] Spectrum's cable system, until in 2017, the company pushed us out on strike by taking away our healthcare, retirement, and other benefits. It's now the longest strike in US history."

So far, People's Choice says it has completed rooftop antenna installations at two schools in the Bronx and installed "hardline connections to wireless access points connecting 121 units" at housing for survivors of domestic violence who have disabilities. A Gizmodo article said the system is equipped to offer minimum speeds of 25Mbps downstream and 3Mbps upstream, meeting a broadband standard that has been used by the Federal Communications Commission since 2015. "We have a big portion of most of the Bronx covered with our antenna," IBEW Local #3 steward Troy Walcott told Gizmodo. "Now we have to go building by building to let people know we're out there and start turning them on." "A few dozen Spectrum strikers have been actively involved in the installations, but Walcott expects that at least one hundred workers are waiting in the wings for the project to scale up," the Gizmodo article said. "We work in affordable housing, supportive housing, co-op housing, NYCHA [NYC Housing Authority], homeless shelters, and regular old apartment complexes," the webpage notes. You can fill out this form if you're interested in bringing broadband to your building.

"After we build out a network in your building, it transfers to cooperative ownership, so profits are returned to users," the People's Choice website says. "We are able to provide high-speed service in most cases for $10-$20/month. No more cable company ripping you off, and as an owner, you have a vote in policies like data privacy."