Category Archives: News

Shared items and notes from my feeds and browsing. Subscribe as feed.

Julian Assange’s lawyers say Trump offered pardon in exchange for concealing source of DNC leaks

Posted on 2020-02-19 by pappp

Source: The Verge - All Posts

Protestors At Court Supporting Julian AssangePhoto by Leon Neal/Getty Images

Julian Assange’s legal team is preparing to testify that the WikiLeaks founder was offered a pardon by President Trump in exchange for covering up the source of the DNC leaks, as first reported by The Daily Beast.

According to Edward Fitzgerald, who is representing Assange in his ongoing extradition hearing in the UK, Assange’s representatives received messages from then-Rep. Dana Rohrabacher (R-CA), effectively offering a pardon from Trump in exchange for false statements relating to the source of the DNC leaks.

Fitzgerald did not have first-hand knowledge of the exchange, but he said future testimony from another legal representative would show “Mr. Rohrabacher going to see Mr Assange and saying, on instructions from the president, he...

Continue reading…

Posted in News | Leave a comment

The Scientific Paper Is Outdated

Posted on 2020-02-16 by pappp

Source: The Chronicle of Higher Education | News

Article note: Software is not the only form of tool-building, but I'm in absolute agreement with the idea broadened-out to "Scientists' incentive structure should be adjusted to reward them for spending more time building tools and less time fluffing results"

For the sake of research, their careers, and their mental health, scientists should spend more time developing software.    

Posted in News | Leave a comment

What made the 1960s CDC6600 supercomputer fast?

Posted on 2020-02-15 by pappp

Source: Hacker News

Article note: That is super cool. I'd read it was discrete component RTL, but not that it was made entirely from wired logic and inverters made of glorious purpose-made, gold-doped NPN BJTs
Comments
Posted in News | Leave a comment

Researchers find a way to 3D print whole objects in seconds

Posted on 2020-02-13 by pappp

Source: Engadget

Article note: Hm, neat. You're obviously restricted to transparent resins of very specific sensitivity with the technique, but if you aren't worried about material properties it's excellent. The obvious question from the Engagdget popsci blurb that the actual Nature article answers is that their coherent image is being formed by collimating several lasers into a big fiber to get the right area and density, then pointing that at a DLP mirror array to aim the rays - which is fairly similar tech to existing DLP printers, just with an extra axis and tomographic projection to use it.
When you think of 3D printing, you probably imagine a structure being created layer by layer, from the bottom up. Now, researchers from Switzerland's EPFL say they have developed a completely new way of creating 3D objects, with unprecedented resolut...
Posted in News | Leave a comment

For decades, US and Germany owned Swiss crypto company used by 120 countries

Posted on 2020-02-11 by pappp

Source: Ars Technica

Article note: Confirming the commercial options were backdoored by western governments really does explain why those in power freaked out so much when software/open source crypto became a widespread thing in the 90s. Also extra credence (as though it could get any clearer) to the ongoing fears about nation-states backdooring communications infrastructure.
Boris Hagelin's mechanical crypto gear, like the CX-52 first introduced in 1952, gave US intelligence fits. So they cut deals with Hagelin and eventually bought the company.

Enlarge / Boris Hagelin's mechanical crypto gear, like the CX-52 first introduced in 1952, gave US intelligence fits. So they cut deals with Hagelin and eventually bought the company. (credit: Rama , Wikimedia Commons, Cc-by-sa-2.0-fr)

Crypto AG, a Swiss cryptographic communications gear company that got its big break building code-making gear for the US Army in World War II, has been a provider of encryption systems for more than 120 countries. And according to a report by The Washington Post and German broadcaster ZDF, the company was owned outright for decades by the Central Intelligence Agency and Germany's intelligence agency, the BND—allowing the CIA, the National Security Agency, and German intelligence to read the most sensitive communications of practically everyone but the Soviets and Chinese.

That unprecedented level of access allowed the US to monitor Iranian communications during the Iranian hostage crisis, Argentine communications during the Falklands War (shared with British intelligence), the communications of Egyptian President Anwar Sadat during negotiations of an Egypt-Israel peace deal at Camp David, and communications from Libya that confirmed the Qaddafi regime's involvement in a 1986 West Berlin disco bombing. During the Iran-Iraq War in the 1980s, Iranian communications were "80-90 percent readable," according to documents viewed by the Post and ZDF.

While German intelligence cashed out of the company in the 1990s, the CIA's ownership persisted until 2016, even though the intelligence value of the company diminished with the widespread availability of other digital cryptography tools—and a series of missteps, including what a CIA history described as a "storm of publicity" after the arrest of a Crypto AG salesman in Iran in 1992. But the history also informs the US government's concerns over the potential threat that comes from other countries' ownership of parts of communications infrastructure, including concerns over China's Huawei.

Read 4 remaining paragraphs | Comments

Posted in News | Leave a comment

New Ransomware Targets Industrial Control Systems

Posted on 2020-02-07 by pappp

Source: Schneier on Security

Article note: Your regularly scheduled reminder about not plugging critical systems into the Internet. As the footnote indicates, this is going to complicate the "Technology term or Pokémon" game, because now Ekans is both.

EKANS is a new ransomware that targets industrial control systems:

But EKANS also uses another trick to ratchet up the pain: It's designed to terminate 64 different software processes on victim computers, including many that are specific to industrial control systems. That allows it to then encrypt the data that those control system programs interact with. While crude compared to other malware purpose-built for industrial sabotage, that targeting can nonetheless break the software used to monitor infrastructure, like an oil firm's pipelines or a factory's robots. That could have potentially dangerous consequences, like preventing staff from remotely monitoring or controlling the equipment's operation.

EKANS is actually the second ransomware to hit industrial control systems. According to Dragos, another ransomware strain known as Megacortex that first appeared last spring included all of the same industrial control system process-killing features, and may in fact be a predecessor to EKANS developed by the same hackers. But because Megacortex also terminated hundreds of other processes, its industrial-control-system targeted features went largely overlooked.

Speculation is that this is criminal in origin, and not the work of a government.

It's also the first malware that is named after a Pokémon character.

Posted in News | Leave a comment

AirPods Are a Tragedy

Posted on 2020-02-07 by pappp

Source: Sarah Vessels' Tumblr

Article note: Speaking of Bluetooth headphones being a shitshow...
AirPods Are a Tragedy:

“Future Relics is a column about the objects that our society is currently making, and how they may explain our lives to future generations.” via Pocket

Posted in News | Leave a comment

Critical Bluetooth Vulnerability in Android

Posted on 2020-02-07 by pappp

Source: Hacker News

Article note: Lovely, a use-after-free vuln that can be used to pwn Android devices via Bluetooth. So, along with the ambient tracking, additional battery drain, additional non-servicible battery to keep charged until it wears out, and general shittyness of Bluetooth audio, another reason why the removal of headphone jacks from devices for the "wireless future" is dumb. I've got a couple pairs of Bluetooth headphones that I'll use around the house or office, so I can pace while connected to a computer or [appliance Blutetooth tx dongle replacing a pre-bluetooth rf model on my] TV, but that's about the only use-case I've found where wired isn't better in every way. Also, as usual, the way the fondleslab software ecosystem has coalesced is super dumb so droves of devices are now permanently vulnerable. This shit should have been standardized over a HAL/discovery mechanism/bootloader as soon as they started being user-exposed general purpose computers, even the abortion that is the PC ACPI and UEFI stack is better than ARM SoC's interfaces.
Comments
Posted in News | Leave a comment

Deprecated kernel extensions and system extension alternatives

Posted on 2020-02-06 by pappp

Source: OSNews

Article note: For most software, preventing kernel space tampering is almost certainly the right decision, but this seems like a problem for virtualization on OS X hosts (_is_ there even an apple-blessed solution?), and also performant device drivers.

Just another heads up that kernel extensions on macOS will soon stop working. This has been known for a while, but you might not even know you’re using kernel extensions in the first place.

System extensions on macOS Catalina (10.15) allow software like network extensions and endpoint security solutions to extend the functionality of macOS without requiring kernel-level access. At WWDC19, we announced the deprecation of kernel extensions as part of our ongoing effort to modernize the platform, improve security and reliability, and enable more user-friendly distribution methods. Kernel programming interfaces (KPIs) will be deprecated as alternatives become available, and future OS releases will no longer load kernel extensions that use deprecated KPIs by default.

If you use macOS, run kextstat | grep -v com.apple to see how many third party kernel extensions you have running. Things like VirtualBox, controller support for Steam, DropBox, Little Snitch, and more all come with kernel extensions, so there’s definitely chances you might be running some without even realising it.

Posted in News | Leave a comment

A Possible Strategy for Fending Off Surprise Medical Bills

Posted on 2020-02-06 by pappp

Source: NYT > Health

Article note: The idea that modern medical billing has _anything_ to do with "informed consent" is a real stretch. The article proposal of scratching the "pay whatever the hospital decides to charge" parts of contracts and replacing with "pay a maximum of 2x the federally negotiated Medicare rate" before signing forms is an interesting strategy.

Writing in payment limits when signing hospital forms might provide some leverage over disputes that arise from surprise medical bills, some proponents suggest.

Posted in News | Leave a comment