The FCC's voluntary broadband labels might not be quite so voluntary in the future. The FCC has proposed rules requiring point-of-sale labels that clearly illustrate what you'll get when you sign up with an internet service provider. As before, the labels would include not only prices and speeds, but also data caps, "network management" policies like throttling and other details you'd likely appreciate.

Officials also want to know if the nutrition-style 2016 labels are enough to help customers make informed buying decisions. The Commission is likewise considering new guidance on where ISPs would display these labels.

The proposal comes in response to the Infrastructure Investment and Jobs Act that President Biden signed into law in November. The law required broadband providers to make "consumer-friendly" labels, tasking the FCC with devising new rules within a year of the Act's passage.

The labels would theoretically spur competition by making it easier for customers to compare internet services and choose the one that offers the best value. However, they might only be of limited use. Americans are frequently stuck with broadband duopolies, and in some cases monopolies. While that's improving with the rise of wireless home internet and higher-quality satellite service, many customers won't have meaningful choices for a long time.

The White House wants the government to adopt a security model called Zero Trust within the next two years. The Office of Management and Budget (OMB) released a finalized federal strategy that lays out the initial details of the shift.

It told agencies to each designate a strategy implementation lead within 30 days. Agencies were given 60 days to submit an implementation plan to the OMB and Cybersecurity and Infrastructure Security Agency (CISA). 

"This memorandum sets forth a federal Zero Trust architecture (ZTA) strategy, requiring agencies to meet specific cybersecurity standards and objectives by the end of fiscal year (FY) 2024 in order to reinforce the government’s defenses against increasingly sophisticated and persistent threat campaigns," OMB acting director Shalanda D. Young wrote in the memo. "Those campaigns target federal technology infrastructure, threatening public safety and privacy, damaging the American economy and weakening trust in government."

The Zero Trust approach is based on the notion that local devices and connections can't be completely trusted. Users need to be authorized, authenticated and continuously validated. Organizations usually have control over Zero Trust setups, and users and devices are often only granted access to essential data, apps and services.

Google offers a Zero Trust solution called BeyondCorp. Last week, a company called Sikur revealed a smartphone it designed using Zero Trust principles.

The release of the strategy follows an executive order President Joe Biden signed last year with the aim of improving the country's cybersecurity, as well as a draft strategy that the OMB published in September.

The finalized strategy lays out a vision for the government in which staff have "enterprise-managed accounts, allowing them to access everything they need to do their job while remaining reliably protected from even targeted, sophisticated phishing attacks." The devices would be continuously monitored and each agency's system would be isolated, with reliable encryption for internal network traffic and sending data to other agencies.

Under this approach, enterprise applications would be tested internally and externally before staff could access them over the cloud. The OMB also said federal security teams and data teams would work together "to develop data categories and security rules to automatically detect and ultimately block unauthorized access to sensitive information."

The strategy directs agencies to harness strong, phishing-resistant multi-factor authentication, perhaps using physical methods like Personal Identity Verification cards. The OMB also told agencies to have a full inventory of devices that are authorized and used for official business and to make sure they meet CISA standards.

The White House cited the Log4j vulnerability that recently emerged as the latest proof that "adversaries will continue to find new opportunities to get their foot in the door."

"This strategy is a major step in our efforts to build a defensible and coherent approach to our federal cyber defenses,” national cyber director Christopher Inglis said in a statement. “We are not waiting to respond to the next cyber breach. Rather, this administration is continuing to reduce the risk to our nation by taking proactive steps towards a more resilient society."

Software glitches in Meta's free internet service are leading to unwanted charges for users, according to documents obtained by whistleblower Francis Haugen and shared with The Wall Street Journal. Paid features, like videos, have been appearing in the service's free mode, even though clips are either supposed to stay hidden or warn users of data charges. When users tap the content, they face carrier bills that can be especially difficult to pay for the service's target audience of users in developing countries.

The slip-up appears to have been lucrative for carriers. Meta estimated carriers were charging free users about $7.8 million per month as of last summer. The issue was particularly serious in Pakistan, where users have reportedly been charged a total $1.9 million per month.

A Meta spokesperson said it had received reports about the problem and had "continued work" on fixing the software flaws. New versions of the free mode explicitly label it as "text only" rather than implying it will never cost any money. The representative said the document estimating $7.8 million per month in charges wasn't based on carrier billing information, and that the overcharges were closer to $3 million per month.

Meta, like Google, has a strong interest in pushing free internet access. Most of its recent growth comes from developing countries where many people are hopping online for the first time. While the free service doesn't limit users to only visiting Facebook and other services it owns, it increases the chances internet newcomers will sign up and spur Meta's growth.

There are other concerns about Meta's free offerings beyond surprise billing. The company has been criticized for making it too easy to pay for data through in-app systems (instead of direct purchases from carriers) and after-the-fact "loans" in some countries. It has also been accused of pushing users of its Discover product towards content on its own services, while not doing enough to make external content easily accessible. While the company has claimed it will treat all internet traffic —whether to its own products or elsewhere — equally, the leaked document itself states that Discover “is not functioning consistent with our commitments.” 

Following the activation of its C-band 5G network last week, AT&T is now upgrading its fiber-based broadband service with two new plans that top out at 2Gbps and 5Gbps, respectively. The company says its new multi-gig fiber broadband will be available in more than 70 metro areas including Dallas, LA and Atlanta. Currently, AT&T’s fiber broadband covers around 15 million customers across 90 markets, with the ISP looking to expand its network to reach more than 30 million customers by 2025.

While AT&T’s new 5 GIG plan is almost certainly overkill for a typical household (even with a bunch of people making Zoom calls at the same time), the ongoing pandemic and shift towards working and schooling from home continues to put a strain on families with more limited internet.

The new 2 GIG plan is set to start at $110 per month plus tax (or $225 a month for a business fiber), while the faster 5 GIG plan will cost $180 per month (or $395 a month for businesses). Notably, AT&T describes both plans as offering “symmetrical” speeds, which means customers should see equally fast download and upload speeds. That last part is important for anyone who has to move large files around, especially when a lot of older internet plans often featuring upload speeds that are significantly lower than download speeds.

In addition to its new multi-gig fiber plans, AT&T is updating its fiber internet plans with more straightforward pricing. AT&T says this means new customers won’t get hit with any equipment fees, data caps or annual contracts, with initial pricing locked in for at least 12 months. So your bill should just be the price of the service plus tax, with AT&T throwing in perks such as its ActiveArmor internet security, speedy Wi-Fi 6 routers, and a free HBO Max subscription for customers with top-tier plans (either the gigabit, 2 GIG or 5 GIG plans).

So, while AT&T’s new fiber plans aren’t cheap, they should supply ample bandwidth for data-hungry people like content creators and stream video enthusiasts. To find out if you live in an area covered by AT&T’s new multi-gig plans, you can check availability on AT&T’s fiber landing page here.

Opera has launched its Web3 "Crypto Browser" into beta with features like a built-in crypto wallet, easy access to cryptocurrency/NFT exchanges, support for decentralized apps (dApps) and more. The aim is to "simplify the Web3 user experience that is often bewildering for mainstream users," Opera EVP Jorgen Arnensen said in statement. 

A key feature is the built-in non-custodial wallet that will support blockchains including Ethereum, Bitcoin, Celo and Nervos from the get-go. It also announced partnerships with Polygon and others. The idea is to let you access your crypto without the need for any extensions, with the option of using third-party wallets as well. You can purchase cryptocurrencies via a fiat to crypto on-ramp, swap crypto directly in-wallet, send and receive it and check your wallet balance. It even has a secure clipboard that ensures other apps can't data when you copy/paste.

The other primary function is support for Web3, aka blockchain-based decentralized internet, aka the buzzy new thing among crypto enthusiasts (and skeptics). On top of providing extra security via blockchain encryption, it allows users to access things like GameFi "where you can earn as you play your way through all sorts of metaverses," Opera notes. It also offers a "Crypto Corner" with the latest blockchain news that also "lets you grow your Web3 skills," according to Opera. 

Opera's rival Mozilla recently announced it would accept cryptocurrency donations, but was hit by a backlash from users including co-founder Jamie Zawinski over the environmental impact of blockchain. Perhaps anticipating a similar reaction, Opera said it was working toward implementing the more energy-efficient Etherium Layer 2 standard "as quickly as possible."

Other companies like Ubisoft jumping on the blockchain train with NFTs and other offerings have been hit by similar criticism. However, Opera at least gives its users a choice with multiple browser options, as it also offers its regular Opera browser and one that's dedicated to gamers. The Crypto Browser is now available for Android, Windows and Mac, with an iOS version coming soon. 

Amazon has explained the Web Services outage that knocked parts of the internet offline for several hours on December 7th — and promised more clarity if this happens in the future. As CNBCreports, Amazon revealed an automated capacity scaling feature led to "unexpected behavior" from internal network clients. Devices connecting that internal network to AWS were swamped, stalling communications.

The nature of the failure prevented teams from pinpointing and fixing the problem, Amazon added. They had to use logs to find out what happened, and internal tools were also affected. The rescuers were "extremely deliberate" in restoring service to avoid breaking still-functional workloads, and had to contend with a "latent issue" that prevented networking clients from backing off and giving systems a chance to recover.

The AWS division has temporarily disabled the scaling that led to the problem, and won't switch it back on until there are solutions in place. A fix for the latent glitch is coming within two weeks, Amazon said. There's also an extra network configuration to shield devices in the event of a repeat failure.

You might have an easier time understanding crises the next time around. A new version of AWS' service status dashboard is due in early 2022 to provide a clearer view of any outages, and a multi-region support system will help Amazon get in touch with customers that much sooner. These won't bring AWS back any faster during an incident, but they may eliminate some of the mystery when services go dark — important when victims include everything from Disney+ to Roomba vacuums.

On Tuesday, Google disclosed it recently disrupted a massive network of computers infected by Glupteba. The company estimates the malware has infected approximately one million Windows PCs globally, which would make it one of the largest known botnets to date.

A botnet is a network of computers or internet-connected devices all infected by malware that is under the control of a single party. In this case, Google traced Glupteba to at least two individuals based out of Russia. The company is suing them in hopes it will “set a precedent, create legal and liability risks for the botnet operators, and help deter future activity.”

At times, the company says it saw the network grow by about 1,000 devices per day. The malware that adds a computer to the Glupteba botnet is usually found hidden on sketchy websites that offer free software. According to Google, Glupteba’s operators used the malware to steal personal data, mine cryptocurrencies and funnel other internet traffic through the infected machines.

Per The Washington Post, the hackers also used some of Google’s own services to distribute the malware. The company suspended more than 1,000 accounts that had been used to spread Glupteba.

“We don’t just plug security holes, we work to eliminate entire classes of threats for consumers and businesses whose work depends on the Internet,” the company said. “We have teams of analysts and security experts who are dedicated to identifying and stopping issues like DDoS, phishing campaigns, zero-day vulnerabilities, and hacking against Google, our products, and our users.”

Google coordinated with internet infrastructure providers to disrupt the botnet, but warns it has so far only succeeded in stopping it temporarily. Glupteba uses blockchain technology as a failsafe against a complete shutdown. When it doesn’t hear from its owners, the software is programmed to automatically use data encoded on the Bitcoin blockchain for instructions on how to reconnect.

“Unfortunately, Glupteba’s use of blockchain technology as a resiliency mechanism is notable here and is becoming a more common practice among cyber crime organizations,” Google said. “The decentralized nature of blockchain allows the botnet to recover more quickly from disruptions, making them that much harder to shutdown.” The company says it’s working with its partners to make the internet more resilient to such attacks.

Meta/Facebook is today updating the world on how its efforts to remove fake and adversarial networks from its platform are going. The social network has released a new report saying that it has successfully closed down a number of networks for Coordinated Inauthentic Behavior (CIB). But in addition to networks of fake profiles all working in tandem, the company has also shed some light on how it deals with additional threats. This includes Brigading — the use of negative comments and counter-posting to drown out an individual’s posts — and Mass Reporting, where Facebook’s own anti-harassment tools are used as a weapon. This is another step beyond the broader tactics the company announced back in September, where it pledged to combat broader social harms that took place on its platform.

With Brigading, the company took down what it describes as a “network of accounts that originated in Italy and France” which targeted medical professionals, journalists and public officials. Facebook says that it tracked the activity back to a European anti-vaccine conspiracy movement called “V_V,” adding that its members used a large volume of fake accounts to “mass comment on posts” from individuals and news agencies “to intimidate them and suppress their views.”In addition, those accounts posted doctored images, superimposing the swastika onto the faces of prominent doctors and accusing them of supporting nazism.

In Vietnam, Facebook took down a network that was being used to target activists and users critical of the local government. The network would submit “hundreds — in some cases thousands — of complaints against their targets through our abuse reporting flows.” Attackers also created duplicate accounts of the users they intended to silence and then reported the real account as an impersonator from the fake account. Facebook added that some of these fake accounts were automatically detected and disabled by the company’s automatic moderation tools.

As for the more old-fashioned methods of Coordinated Inauthentic Behavior, the company took down networks in Palestine, Poland, Belarus and China. The first was reportedly tied to Hamas, while the second two were crafted to exacerbate tensions during the humanitarian crisis on the border there. In a call with reporters, Facebook said that the Polish network had very good operational security and, so far, it has not been able to tie it to a real-world organization. The Belarusian network, on the other hand, had much poorer operational security, and so the company has tied the activity to the Belarusian KGB.

The final network, out of China, has prompted Facebook to publish a deep dive into the activity given the depth of what took place. In its report, the company says that a group created a fake profile of a Swiss biologist called Wilson Edwards who posted material critical of the US and WHO. 48 hours later, and his comments were picked up by Chinese state media, and engaged with by high-level officials. But there was no evidence that Wilson Edwards existed, which prompted the platform to close the account.

Researchers found that Edwards’ was “the work of a multi-pronged, largely unsuccessful influence operation,” involving “employees of Chinese state infrastructure companies across four continents.” Facebook wanted to make it clear that Edwards’ comments were not engaged with organically, and it was only when the posts were reported by state media did things suddenly rise in prominence.

One thing that Facebook did identify is the use of guides which were used to train potential network members. The V_V network, for instance, published videos through its Telegram channels that suggested that users replace letters in key words so that it wouldn’t be picked up by automatic filtering. The people behind the Chinese network, too, would sometimes inadvertently post notes from their leaders, written in Indonesian and Chinese, offering tips on how best to amplify this content.

In addition, Facebook has announced that it has launched a tool, through CrowdTangle, to enable OSINT (Open Source Intelligence) researchers to study disinformation networks. This includes storing any content taken down by the company, allowing a small list of approved third parties the chance to analyze it. Access has, so far, been limited to teams from the Digital Forensic Research Lab at the Atlantic Council, Stanford Internet Observatory, Australian Strategic Policy Institute, Graphika and Cardiff University.

Facebook believes that offering greater detail and transparency around how it finds these networks will enable researchers in the OSINT community to better track them in future.

A Google Cloud network issue has taken down a handful of prominent websites today, including Spotify, Snapchat, Etsy and Discord. Google says the issue is partially resolved as of 1:17PM ET, but a full fix is still incoming. Affected websites will display 404 error messages and there is no workaround on the customer side.

Users began reporting issues with some sites Tuesday just before 1PM ET, and Google Cloud confirmed the networking problem at 1:10PM ET. 

"We apologize to all who are affected by the disruption," the company wrote.

The FBI appears to have been used as a pawn in a fight between hackers and security researchers. According to Bleeping Computer, the FBI has confirmed intruders compromised its email servers early today (November 13th) to send fake messages claiming recipients had fallen prone to data breaches. The emails tried to pin the non-existent attacks on Vinny Troia, the leader of dark web security firms NightLion and Shadowbyte.

The non-profit intelligence organization Spamhaus quickly shed light on the bogus messages. The attackers used legitimate FBI systems to conduct the attack, using email addresses scraped from a database for the American Registry for Internet Numbers (ARIN), among other sources. Over 100,000 addresses received the fake emails in at least two waves.

The FBI described the hack as an "ongoing situation" and didn't initially have more details to share. It asked email recipients to report messages like these to the bureau's Internet Crime Complaint Center or the Cybersecurity and Infrastructure Security Agency. Troia told Bleeping Computer he believed the perpetrators might be linked to "Pompomourin," a persona that has attacked the researcher in the past.

Feuds between hackers and the security community aren't new. In March, attackers exploiting Microsoft Exchange servers tried to implicate security journalist Brian Krebs using a rogue domain. However, it's rare that they use real domains from a government agency like the FBI as part of their campaign. While that may be more effective than usual (the FBI was swamped with calls from anxious IT administrators), it might also prompt a particularly swift response — law enforcement won't take kindly to being a victim.