U.S. Pumps $400 million to fund next-gen wireless research

The U.S. National Science Foundation will spend more than US$400 million over the next seven years to fund next-generation wireless research in an effort to bring super-fast mobile service to the country.

U.S. officials hope the investments, announced Friday, will speed up the county’s move to next-generation 5G mobile service, potentially offering speeds of 10Gbps, and allow for a rapid expansion of the internet of things. 

The next-generation mobile services will enable self-driving cars, an “always on” IoT, smart cities, new virtual reality offerings, and video to aid police, firefighters, and emergency medical responders, said John Holdren assistant to President Barack Obama for science and technology.

MORE ON NETWORK WORLD: 7 reasons to deploy Wi-Fi security in Enterprise mode

“Time and again, history has shown us that when we make sustained federal investments in fundamental academic research and in public-private partnerships … we as a nation reap the benefits,” Holdren said at an NSF event in Washinton, D.C., Friday.

The NSF funding, part of a new White House Advanced Wireless Research Initiative, includes $50 million as part of a partnership with more than 20 mobile companies and trade groups to roll out advanced wireless testing sites in four U.S. cities. The testing will include deployment of small cells to boost signals of high-band, millimeter wave spectrum.

Friday’s announcement piggybacks on a Federal Communications Commission vote Thursday to open up nearly 11 gigahertz of high-band spectrum to 5G and IoT services.

The NSF expects to spend $350 million over the next seven years on fundamental research and testing of next-generation wireless technologies, the agency said.

The FCC and other agencies want to focus on making spectrum available so that wireless companies can experiment with the best ways to deliver new services, said FCC Chairman Tom Wheeler. Some countries have pushed to set 5G standards before moving forward, but not the U.S., he said.

To read more and the original story follow this link to Network World. 

90 Percent of All SSL VPN Use Insecure or Outdated Encryption

Information security firm High-Tech Bridge has conducted a study of SSL VPNs (Virtual Private Networks) and discovered that nine out of ten such servers don’t provide the security they should be offering, mainly because they are using insecure or outdated encryption.

An SSL VPN is different from a classic IPSec VPN because it can be used inside a standard Web browser without needing to install specific software on the client-side.

SSL VPNs are installed on servers, and clients connect to the VPN via their browsers alone. This connection between the user’s browser and the VPN server is encrypted with the SSL or TLS protocol.

Three-quarters of all SSL VPNs use untrusted certificates

Researchers from High-Tech Bridge say they analyzed 10,436 randomly selected SSL VPN servers and they found that most of them are extremely insecure.

They claim that 77% of all SSL VPNs use SSLv3 or SSLv2 to encrypt traffic. Both of these two versions of the SSL protocol are considered insecure today. These protocols are so insecure that international and national security standards, such as the PCI DSS and NIST SP 800-52 guidelines, have even gone as far as to prohibit their usage.

Regardless of their SSL version, 76% of all SSL VPN servers also used untrusted SSL certificates. These are SSL certificates that the server has not confirmed, and that attackers can mimic and thus launch MitM (Man-in-the-Middle) attacks on unsuspecting users.

High-Tech Bridge experts say that most of these untrusted certificates are because many SSL VPNs come with default pre-installed certificates that are rarely updated.

Some VPNs still use MD5 to sign certificates

Additionally, researchers also note that 74% of certificates are signed with SHA-1 signatures, and 5% with MD5 hashes, both considered outdated.

41% of all SSL VPNs also used insecure 1024 key lengths for their RSA certificates, even if, for the past years, any RSA key length below 2048 was considered to be highly insecure.

Even worse, one in ten SSL VPNs is still vulnerable to the two-year-old Heartbleed vulnerability, despite patches being available.

Out of all the tested SSL VPNs, researchers say that only 3% followed PCI DSS requirements. None managed to comply with NIST (National Institute of Standards and Technology) guidelines.

High-Tech Bridge is also providing a free tool that can tell users if their SSL VPN or HTTPS website is actually doing a good job of protecting them.

For the original story follow this link to Softpedia for more information.

More Americans using smartphones for getting directions, streaming TV

Just as the internet has changed the way people communicate, work and learn, mobile technology has changed when, where and how consumers access information and entertainment. And smartphone use that goes beyond routine calls and text messages does not appear to be slowing, according to a Pew Research Center survey of U.S. adults conducted in July 2015.

The percentage of smartphone owners who say they have ever used their phone to watch movies or TV through a paid subscription service like Netflix or Hulu Plus has doubled in recent years – increasing from 15% in 2012 to 33% in 2015.

Among the smartphone activities measured, getting location-based information is the most universal task. Nine-in-ten smartphone owners use their phone to get directions, recommendations or other information related to their location, up from 74% in 2013.

The share of smartphone users who report using their device to listen to online radio or a music service, such as Pandora or Spotify, or participate in video calls or chats has also increased by double digits in recent years. (2015 was the first year in which we surveyed about using a mobile device to buy a product online or get sports scores and analysis.)

Younger adults are especially likely to reach for their phone for something other than calling and texting. Getting location-based information is the one activity measured that is common across all age groups, however.

Listening to music and shopping on the go are especially popular among smartphone owners ages 18 to 29: 87% have listened to an online radio or music service on their phone, compared with 41% of those 50 and over, and 73% have shopped online through their mobile device, versus 44% of older users.

Activities that are less prevalent but not uncommon among smartphone owners include video calling or chatting; getting sports scores or analysis; and watching movies or TV through a paid subscription service. Again, younger adults are especially likely to use their mobile device for all of these activities. For example, 52% of 18- to 29-year-old smartphone owners have ever used their phone to watch movies or TV shows through a paid subscription service, compared with 36% of 30- to 49-year-olds and only 13% of those 50 and older.

These differences speak to a broader pattern of younger Americans’ adoption of and engagement with technology. Younger adults are more likely than older adults to own a smartphone, to be constantly online and to rely on their smartphone for internet access.

To see more and the original story follow this link to Pew Research.

Americans are wary about IoT privacy

Americans are in an “it depends” state when it comes to disclosing personal information over internet-connected devices, according to a new Pew Research Center study. The study proposed different scenarios to which 461 Americans expressed whether they believed being monitored by a device was acceptable, not acceptable, or depended on the situation. Pew Research Center found that some scenarios were acceptable to the majority of Americans, but the answers often came with caveats. For example, most consumers find a security camera in the office acceptable, but with restrictions; one person said, “It depends on whether I would be watched and filmed every minute of the day during everything I do.”

Here are the responses to the IoT-related scenarios the study presented:

• Office surveillance cameras: More than half (54%) of Americans believe that it’s acceptable for a surveillance camera in the workplace, making it the most acceptable of the six proposed scenarios. Another 21% answered “it depends,” while 24% said it would not be acceptable.

• Sharing health information with your doctor: 52% of Americans believe it’s acceptable for their doctor to utilize a website to manage patient records and schedule appointments, 20% answered “it depends,” and 26% thought it was not acceptable. This correlates with iTriage survey, which indicated that 76% of consumers feel comfortable transferring wearable health data to their practitioner. 

• Usage-based auto insurance: 37% of respondents answered it was acceptable for auto insurance companies to collect information via a UBI dongle, such as Progressive’s Snapshot, and offer discounts for safe driving. 45% said it was not acceptable, while 16% said “it depends.”

• Smart thermostat: 27% of respondents said it was acceptable for a smart thermostat in the house to track where the occupant is and share that data. More than half of respondents (55%) said it was not acceptable, and 17% answered “it depends.”

Through focus groups and open-ended answers, Pew narrowed down the top reasons consumers believe sharing information is unacceptable: Through focus groups and open-ended answers, Pew narrowed down the top reasons consumers believe sharing information is unacceptable:

1) The threat of scammers and hackers;
2) Being repeatedly marketed from companies collecting data;
3) They do not want to share their location;
4) They think it’s “creepy”;
5) The companies collecting the data have ulterior motives to use it.

Data privacy will continue to be a big trend as the Internet of Things market matures. Device makers should be transparent about the data being collected and what it’s used for. Further, they should ensure the devices and their associated data storage bases are secure.

To read more of this article and the original story follow this link to Business Insider.

WIFI Alliance Introduces 802.11ah

For the last decade or so, wireless networking has been entirely about short range, high speed communications. The type of networking needed by an Internet of things is fundamentally incompatible with WiFi, and the reason for this is due to the frequencies used by WiFi networking gear. 2.4 and 5 GHz are very fast, but cannot penetrate through walls as easily as lower frequencies.

This week the WiFi alliance introduced IEEE 802.11ah into the WiFi spec. It’s called WiFi HaLow (pronounced like angel’s headwear), and unlike other versions of 802.11, WiFi HaLow uses low frequencies for low bandwidth but a much larger range.

WiFi HaLow uses the 900 MHz ISM band to communicate, divided into 26 channels. The bandwidth is low – a mere 100 kbps, but the range is huge: one kilometer, or about four times the approximate range of 802.11n.

This is not the only WiFi spec aimed at the Internet of Things. In 2014, the WiFi alliance introduced 802.11af, a networking protocol operating in unused TV whitespace spectrum between 54 and 790 MHz. 802.11af has a similar range as 802.11ah – about one kilometer – but products and chips utilizing 802.11af have been rare and hard to find.

For more information and the original story follow this link hackaday.com

Power beamed to camera via ambient wi-fi signals

The power beaming system used modified wi-fi routers and hubs

Wi-fi signals have been used to beam power to a surveillance camera.

The battery-free camera was modified so it could scavenge power from ambient wi-fi signals, store it and then use it to take photos.

The experiment was one of several by US researchers looking at ways to use wi-fi as a power source.

The team behind the project believes its techniques will be useful for powering the many devices expected to form the “internet of things”.

Adding noise

The system, known as power-over-wi-fi, has been developed by PhD student Vamsi Talla and colleagues at the Sensor Systems Lab at the University of Washington in Seattle.

The team realised that the energy contained in ambient wi-fi signals that are now ubiquitous often came close to the operating voltages required by a variety of low power devices.

Unfortunately, because wi-fi signals are broadcast in bursts across different frequencies the required amount of energy was only available too intermittently to be useful.

To fix this, the research team modified standard wi-fi hotspots and routers to broadcast noise when a channel was not being used to send data. This meant the power of the wi-fi signals stayed constant and, though low, was high enough to power some components.

Adding the noise did little to slow data rates across hotspots, said the team.

The team used the power beaming system to run a temperature sensor and a small surveillance camera that both sat several metres away from a wi-fi hotspot.

The low-power camera gathered energy from wi-fi and stored it in a capacitor that prompted the camera to take a picture when it was charged. By leaching off the ambient radio signals, the camera gathered enough energy every 35 minutes to take a snap.

In a paper detailing their work, Mr. Talla and colleagues said it had the potential to help power the small, low-power sensors and actuators that are expected to become common in homes and workplaces as part of the internet of things.

“The ability to deliver power wirelessly to a wide range of autonomous devices and sensors is hugely significant,” said a story about the research in MIT’s Technology Review. ” Powi-fi could be the enabling technology that finally brings the internet of things to life.”

Please follow this link to BBC News for the original story.

Sophisticated malware has been spying on computers since 2008 (updated)

Highly sophisticated malware isn’t limited to relatively high-profile sabotage code like Stuxnet — sometimes, it’s designed to fly well under the radar. Symantec has discovered Regin, a very complex trojan that has been spying on everyone from governments to individuals since at least 2008. The malware is highly modular, letting its users customize their attacks depending on whether they need to remote control a system, get screenshots or watch network traffic. More importantly, it’s uncannily good at covering its tracks. Regin is encrypted in multiple stages, making it hard to know what’s happening unless you capture every stage; it even has tools to fight forensics, and it can use alternative encryption in a pinch. Researchers at Symantec suspect that the trojan is a government-created surveillance tool, since it likely took “months, if not years” to create.

If it is meant for spying, though, it’s not clear just who wrote the malware or why. Unlike Dragonfly and other instances of professionally-made malware, Regin’s origin hasn’t been narrowed down to a particular country or region. About half of the infections have taken place in Russia and Saudi Arabia, but you can also find victims across India, Iran and multiple European nations. Also, it’s definitely not limited to telecoms or other high-value targets — 48 percent of known victims are people and small businesses. While Regin could easily be part of an online espionage campaign, it’s hard to rule anything out at this point.

Update: Kaspersky Labs did some extra sleuthing and found that Regin can attack cellular’ networks GSM base stations, mapping their infrastructure. Also, sources tell The Intercept that Belgian carrier Belgacom found the trojan on its internal networks. That’s potentially worrisome — while there’s no hard evidence of a connection so far, it suggests that Britain’s GCHQ may have used Regin to infiltrate Belgacom and spy on its users.

For more information and the original story follow the source link below.

Source: Engadget

Wi-Fi group attracts cable companies Charter, Liberty Global as new members

The importance of Wi-Fi to cable operators, mobile carriers and telcos is evidenced by the list of 14 companies joining the Wireless Broadband Alliance (WBA), whose mission includes enabling Wi-Fi interoperability and roaming. The group said the new members “have joined its efforts to unite the ecosystem and progress the development of carrier Wi-Fi throughout the world.”

The list includes U.S. cable MSO Charter Communications, international cable company Liberty Global, Saudi Arabian mobile operator Mobily, Australian telco Telstra and Canadian telco Telus. Alcatel-Lucent (NYSE: ALU), Broadcom and Gemalto are also among vendors on the list of new WBA members.

The new members are joining WBA “at a pivotal time when Next Generation Hotspot (NGH) networks are now a commercial reality and operators are reaping the benefits of an improved carrier-grade of Wi-Fi,” the group said. Cable operators, in particular, have aggressively jumped on the Wi-Fi bandwagon as they seek to extend their customer touch points beyond homes and businesses and offer a less expensive wireless data alternative to costly cellular data service.

“These new additions join at a critical time when the benefits of Wi-Fi have been fully recognized and solutions such as NGH, carrier Wi-Fi and community Wi-Fi have finally broken in to the commercial world. Our new members play a crucial role in ensuring that consumers connecting to a Wi-Fi network will be exposed to the best user experience possible, regardless of time or location,” said Shrikant Shenwai, WBA CEO.

In February, the WBA rolled out its definition of carrier Wi-Fi, identifying the requirements that a carrier Wi-Fi network needs to provide a consistent user experience, have fully integrated end-to-end network capabilities and offer advanced network management. The alliance also collaborated with the Small Cell Forum on a white paper regarding next-generation hotspot-based integrated small cell Wi-Fi. The two groups are expected to maintain an ongoing collaboration with that will produce more research.

Existing WBA members include early advocates of Wi-Fi and offloading from cellular to Wi-Fi, including AT&T (NYSE: T), Boingo Wireless, BT, Cisco Systems, Comcast, Intel, iPass, KT, NTT DoCoMo, Orange and Time Warner Cable. The WBA has more than 100 members from various parts of the Wi-Fi ecosystem. Its operator members collectively serve more than 1 billion subscribers and operate more than 10 million hotspots globally.

The fifth Wi-Fi Global Congress and 25th WBA Roundtable Conference will be held Oct. 6-10 in San Francisco.

For more information and the full press release follow the source link below. 

Source: Fierce Wireless

Charter Users In St. Louis Get Sudden Speed Boost

A magical and wonderful thing has happened to some customers who have Charter Internet service After restarting their cable modems for some reason or another, they found that their home internet connections had received a speed boost. It was a big one, boosting real-life speeds from about 30 mbps to 100 mbps.

Reports of the speed boost cropped up on DSLReports on a thread about a planned speed boost elsewhere. St. Louis residents shared their good fortune with the world.

Confusingly, Charter does offer a 100 mbps service tier to customers. As Legit Reviews points out, these speedsters received a speed boost from 100 to 120 mbps, but is that enough to continue paying for the upgrade?

If you’re a Charter customer in that area, try power cycling your modem to find out whether you get the update, too. You may find a pleasant surprise.

The question is: why? Sure, St. Louis is in the same state as Google Fiber rollout site Kansas City, but it’s a long drive and a heck of a commute.

Source: Consumerist

Rugged, wildly modular tablet runs Android and Linux

CrossfirePro running Android

Entegra announced a rugged, modular tablet that’s configurable for a wide range of environments and applications, and supports both Android 4.2 and Linux.

Entegra’s CrossfirePro is unlike any tablet you’ve encountered: it’s the consummate chameleon of rugged slates, boasting a modularity that starts with its snap-in Qseven computer-on-module processing core and extends to nearly every aspect of its I/O and software. Though it ships standard with a 1.86GHz quad-core Intel Bay Trail M-series N2930 processor, the COM-based core supports alternatives ranging from faster or slower Intel and AMD x86 CPUs, to ARM-based SoCs. It also accepts I/O add-ons such as barcode scanners, magnetic strip readers, fingerprint scanners, smart card and NFC readers, and a variety of custom modules, says the company.

CrossfirePro with a rear-mounted cardswipe/keypad module

Entegra also offers three docks for the CrossfirePro, which support its use in office, point-of-sale, and vehicular environments. These would presumably be accompanied by snap-in or add-on modules, operating systems, and application software suitable to each market.

CrossfirePro Desk Dock

CrossfirePro Vehicle Dock

CrossfirePro Point-of-sale Dock

The photos below show how the Qseven COM and mSATA storage devices snap into compartments in the rear of the tablet.

CrossfirePro’s configurable Qseven COM and mSATA storage device

To support such an extensive array of modularity, Entegra designed a unique mainboard that’s controlled by a PIC microcontroller. The PIC chip serves as a “traffic cop” to initialize and manage the options it discovers upon power-up, as illustrated in the diagram below.

CrossfirePro’s PIC µC discovers modules and configures the tablet accordingly on power-up

For a full list of the specs follow the source link below.

Source: LinuxGizmos.com