Category Archives: News

Shared items and notes from my feeds and browsing. Subscribe as feed.

Planting tiny spy chips in hardware can cost as little as $200

Source: Ars Technica

Article note: The ongoing game of there being no evidence for that high profile Bloomberg implant article, but it being obviously not-that-hard for such a thing to happen makes for interesting theorizing and reading. I expect we'll eventually find an example in the wild, but probably not where they claimed.
Planting tiny spy chips in hardware can cost as little as $200

Enlarge (credit: Carl Drougge)

More than a year has passed since Bloomberg Businessweek grabbed the lapels of the cybersecurity world with a bombshell claim: that Supermicro motherboards in servers used by major tech firms, including Apple and Amazon, had been stealthily implanted with a chip the size of a rice grain that allowed Chinese hackers to spy deep into those networks. Apple, Amazon, and Supermicro all vehemently denied the report. The National Security Agency dismissed it as a false alarm. The Defcon hacker conference awarded it two Pwnie Awards, for "most overhyped bug" and "most epic fail." And no follow-up reporting has yet affirmed its central premise.

But even as the facts of that story remain unconfirmed, the security community has warned that the possibility of the supply chain attacks it describes is all too real. The NSA, after all, has been doing something like it for years, according to the leaks of whistle-blower Edward Snowden. Now researchers have gone further, showing just how easily and cheaply a tiny, tough-to-detect spy chip could be planted in a company's hardware supply chain. And one of them has demonstrated that it doesn't even require a state-sponsored spy agency to pull it off—just a motivated hardware hacker with the right access and as little as $200 worth of equipment.

Read 14 remaining paragraphs | Comments

Posted in News | Leave a comment

A Code Glitch May Have Caused Errors in More Than a Hundred Published Studies

Source: Hacker News

Article note: Given the incentive structure, this seems... entirely normal.
Comments
Posted in News | Leave a comment

uBlock Origin Update Rejected from the Chrome Web Store

Source: Hacker News

Article note: aaand this is why I already bailed back to Firefox.
Comments
Posted in News | Leave a comment

What to Do When You Get Sherlocked by Apple

Source: Hacker News

Article note: Apple's habit of integrating reference implementations of good 3rd party features is kind of a good thing for users. Their habit of courting then erasing the places they steal the features from is bad for everyone. Also, as one HN commenter points out, until recently that kind of thing would have been cheap Shareware or FOSS hacked up by someone and maintained by a few weeks of community time, rather than a subscription rent seeking operation.
Comments
Posted in News | Leave a comment

there is no such thing as punching up or punching down

Source: the ANOVA

Article note: This. Claiming "Punching up/down" is such an act of decontextualized, reductionist self justification it isn't a claim we should ever credit. Asshole-for-cause is sometimes fine and necessary, but if you're gonna do it, own it.

A much beloved opinion of the woke set is the idea that punching up is good, and punching down is bad. This is the new rule for comedy, and like all rules of contemporary liberalism, it is treated as though it is universally straightforward and easy to follow. This is, of course, nonsense.

Take my own context, a college campus. If a student mocks their instructor, are they punching up or punching down? The easy answer is yes; the instructor is in the position of authority. But in fact this is, in many institutional contexts, entirely wrong. Most American college classes are taught by adjuncts or grad students. Neither has institutional power. Neither has job security. Neither works for more than poverty wages. In the liberal arts colleges that are the epicenter of wokeness in particular you will find that in fact the average undergrad has vastly more power than the average adjunct. It’s not even close. One group, after all, is seen by the institution as the customer.

Which is not to say that I would call an adjunct making fun of a student as “punching up.” In truth there is no simplistic way to perfectly map the complex and shifting power dynamics between student and teacher, and this is true in far more scenarios too. If the man who was preemptively fired from SNL was in the position of superior power compared to his critics, how did he come to be fired? Doesn’t the fact that his critics got what they wanted, and he did not, suggest in fact that he was the one who lacked power? I don’t know. I do know that power is an immensely multivariate and complicated thing, and mapping it onto a binary is a habit of the incurious and the privileged.

“Punching up” and “punching down,” like so many other things in our political culture, is just a radical oversimplification to suit the priors of the chattering class, another attempt to make the complexity of life palatable for oversize children.

Posted in News | Leave a comment

Why Enterprise Software Sucks

Source: Hacker News

Article note: Mmyep. When the customer (payer) isn't the user, things get designed to appeal to the customer, and the users usually get shafted.
Comments
Posted in News | Leave a comment

The PDP-7 Where Unix Began

Source: Hacker News

Article note: Neat! Tracked down exactly which machine had to be the first Unix box.
Comments
Posted in News | Leave a comment

The cloud vs humanity: Adobe terminates every software license in Venezuela, keeps Venezuelans’ money

Source: Boing Boing

Article note: Distrust software-as-a-service. Reason 2,573.

If you live in Venezuela and rely on Adobe products to do your job -- whether that's publishing a newspaper, running an NGO, or doing design work, Adobe has a very special message for you: GO FUCK YOURSELF.

Today, citing US sanctions, Adobe terminated every software license in the country of Venezuela. And because Adobe has "pivoted to the cloud," switching its software to "software as a service," that means that all the software that some of the most desperate, hard-hit people in the world paid good money for are out in the cold.

They're not issuing refunds, either.

It's just part of Adobe's repudiation of capitalism and the idea of private property -- just because you paid for your Adobe products, you don't actually own them.

You’ve charged me, when will I get my refund?

We are unable to issue refunds. Executive order 13884, orders the cessation of all activity with the entities including no sales, service, support, refunds, credits, etc. What about the free services I use? Am I still able to access them?

Adobe will no longer provide access to software and services, including free ones, or enable you to make any new purchases. We apologize for the inconvenience. When will I lose access to my Adobe accounts and content?

You have until October 28, 2019 to download any content that you have stored in your Adobe account. After this date your account will be deactivated.

Adobe compliance with U.S. Executive Order | Venezuela [Adobe] Read the rest

Posted in News | Leave a comment

Highlight negative results to improve science

Source: Hacker News

Article note: Yesss. Encourage publishing negative results instead of hyping them as "positive" so the literature actually means something.
Comments
Posted in News | Leave a comment

Why Schools Should End Active Shooter Drills Immediately

Source: Published articles

I've been on the "active shooter drills are state-sponsored terroism" bandwagon for a while. They're using a miniscule threat as a pretense, and training childern to be scared.

Posted in News | Leave a comment