Slashdot Mirror

Chinese researchers have discovered a way to rapidly decrypt satellite phone communications -- within a fraction of a second in some cases. From a report on ZDNet: The paper, published this week, expands on previous research by German academics in 2012 by rapidly speeding up the attack and showing that the encryption used in popular Inmarsat satellite phones can be cracked in "real time." Satellite phones are used by those in desolate environments, including high altitudes and at sea, where traditional cell service isn't available. Modern satellite phones encrypt voice traffic to prevent eavesdropping. It's that modern GMR-2 algorithm that was the focus of the research, given that it's used in most satellite phones today. The researchers tried "to reverse the encryption procedure to deduce the encryption-key from the output keystream directly," rather than using the German researchers' method of recovering an encryption key using a known-plaintext attack. Using their proposed inversion attack thousands of time on a 3.3GHz satellite stream, the researchers were able to reduce the search space for the 64-bit encryption key, effectively making the decryption key easier to find. The end result was that encrypted data could be cracked in a fraction of a second.

FriendlyARM, the maker of compact NanoPi developer boards, has released the NanoPi Neo Plus2 for $25. From a report: This board is an update to the recently released NanoPi Neo 2, a $15 cookie-sized developer board measuring 40mm x 40mm (1.6in) with a 64-bit Allwinner H5 processor, 512MB RAM, and one USB port. The NanoPi Neo Plus2 is slightly larger at 52mm x 40mm (2in x 1.6in) and has two USB ports. It has the same H5 quad-core A53 ARM Cortex processor, but comes with 1GB RAM and 8GB eMMC storage. The NeoPlus2's storage in addition to Gigabit Ethernet puts it ahead of the Raspberry Pi 3 on paper, and at $25 undercuts the better-known board by $10.

schwit1 shares an article from ZDNet: A new analysis of documents leaked by whistleblower Edward Snowden details a highly classified technique that allows the National Security Agency to "deliberately divert" U.S. internet traffic, normally safeguarded by constitutional protections, overseas in order to conduct unrestrained data collection on Americans. According to the new analysis, the NSA has clandestine means of "diverting portions of the river of internet traffic that travels on global communications cables," which allows it to bypass protections put into place by Congress to prevent domestic surveillance on Americans.

The new findings follow a 2014 paper by researchers Axel Arnbak and Sharon Goldberg, published on sister-site CBS News, which theorized that the NSA, whose job it is to produce intelligence from overseas targets, was using a "traffic shaping" technique to route US internet data overseas so that it could be incidentally collected under the authority of a largely unknown executive order... The research cites several ways the NSA is actively exploiting methods to shape and reroute internet traffic -- many of which are well-known in security and networking circles -- such as hacking into routers or using the simpler, less legally demanding option of forcing major network providers or telecoms firms into cooperating and diverting traffic to a convenient location.

US authorities intercepted and recorded millions of phone calls last year under a single wiretap order, authorized as part of a narcotics investigation, ZDNet's Zack Whittaker reports. From the article: The wiretap order authorized an unknown government agency to carry out real-time intercepts of 3.29 million cell phone conversations over a two-month period at some point during 2016, after the order was applied for in late 2015. The order was signed to help authorities track 26 individuals suspected of involvement with illegal drug and narcotic-related activities in Pennsylvania. The wiretap cost the authorities $335,000 to conduct and led to a dozen arrests. But the authorities noted that the surveillance effort led to no incriminating intercepts, and none of the handful of those arrested have been brought to trial or convicted.

Mary Zo Foley, reporting for ZDNet: Microsoft partner Accenture, a global consulting company, is on track to become "the largest consumer of Windows 10," say the two companies. By 2018, Accenture will have migrated all of its 400,000 employees to Windows 10 in a move that will have taken two years. (Accenture has 400,000 employees?! Microsoft has about 114,000.) Currently, Accenture has migrated somewhere between 250,000 and close to 300,000 users to Windows 10, according to information shared on June 28. In a video accompanying the latest statistics on the Microsoft Windows blog site, it appears that Accenture also currently has 450,000 Office 365 mailboxes, 16,000 SharePoint sites and 99,500 smartphones and tablets enrolled in mobile-device management (which I take to be Microsoft's Enterprise Mobility + Security suite products).

"Guido Vranken recently published 4 security vulnerabilities in OpenVPN on his personal blog," writes long-time Slashdot reader randomErr -- one of which was a critical remote execution bug. Though patches have been now released, there's a lesson to be learned about the importance of fuzzing -- bug testing with large amounts of random data -- Guido Vranken writes: Most of these issues were found through fuzzing. I hate admitting it, but...the arcane art of reviewing code manually, acquired through grueling practice, are dwarfed by the fuzzer in one fell swoop; the mortal's mind can only retain and comprehend so much information at a time, and for programs that perform long cycles of complex, deeply nested operations it is simply not feasible to expect a human to perform an encompassing and reliable verification.
ZDNet adds that "OpenVPN's audits, carried out over the past two years, missed these major flaws. While a handful of other bugs are found, perhaps OpenVPN should consider adding fuzzing to their internal security analysis in the future."

Guido adds on his blog, "This was a labor of love. Nobody paid me to do this. If you appreciate this effort, please donate BTC..."

Earlier this month, Microsoft said "no Windows 10 customers were known to be compromised by the recent WannaCry (WannaCrypt) global cyberattack," adding that "no known ransomware works against Windows 10 S." News outlet ZDNet asked a security researcher to see how good Microsoft's claims were. Turns out, not much. From the report: We asked Matthew Hickey, a security researcher and co-founder of cybersecurity firm Hacker House, a simple enough question: Will ransomware install on this operating system? It took him a little over three hours to bust the operating system's various layers of security, but he got there. "I'm honestly surprised it was this easy," he said in a call after his attack. "When I looked at the branding and the marketing for the new operating system, I thought they had further enhanced it. I would've wanted more restrictions on trying to run privileged processes instead of it being such a short process."

AMD has unveiled the first generation of Epyc, its new range of server processors built around its Zen architecture. Processors will range from the Epyc 7251 -- an eight-core, 16-thread chip running at 2.1 to 2.9GHz in a 120W power envelope -- up to the Epyc 7601: a 32-core, 64-thread monster running at 2.2 to 3.2GHz, with a 180W design power. From a report: These chips are built on the same fundamental architecture as the company's Ryzen CPU cores, and they're aimed at the incredibly powerful data center market. AMD's 32-core / 64-thread Epyc CPUs combine four eight-core dies, each connected to the other via the company's Infinity Fabric. According to AMD, this approach is significantly cheaper than trying to pack 32 cores into a single monolithic die -- that approach would leave the company potentially throwing away huge amounts of silicon during its production ramp. The Infinity Fabric is deliberately over-provisioned to minimize any problems with non-NUMA aware software, according to Anandtech. Each 32-core Epyc CPU will support eight memory channels and two DIMMs per channel, for a total maximum memory capacity of 2TB per socket, or 4TB of RAM in a two-socket system. Each CPU will also offer 128 lanes of PCI Express 3.0 support -- enough to connect up to six GPUs at x16 each with room left over for I/O support. That's in a one-socket system, mind you. In a two-socket system, the total number of available PCI Express 3.0 lanes is unchanged, at 128 (64 PCIe 3.0 lanes are used to handle CPU -- CPU communication). Anandtech has a longer writeup with more details on the CPUs power efficiency and TDP scaling. Further reading: ZDNet, press release.

Political data gathered on more than 198 million US citizens was exposed this month after a marketing firm contracted by the Republican National Committee stored internal documents on a publicly accessible Amazon server, reports say. From a ZDNet article: It's believed to be the largest ever known exposure of voter information to date. The various databases containing 198 million records on American voters from all political parties were found stored on an open Amazon S3 storage server owned by a Republican data analytics firm, Deep Root Analytics. UpGuard cyber risk analyst Chris Vickery, who found the exposed server, verified the data. Through his responsible disclosure, the server was secured late last week, and prior to publication. This leak shines a spotlight on the Republicans' multi-million dollar effort to better target potential voters by utilizing big data. The move largely a response to the successes of the Barack Obama campaign in 2008, thought to have been the first data-driven campaign. Further reading: Republican Data-Mining Firm Exposed Personal Information for Virtually Every American Voter - The Intercept; The RNC Files: Inside the Largest US Voter Data Leak - Upguard; Data on 198M voters exposed by GOP contractor Data On 198M Voters Exposed By GOP Contractor - The Hill.

Zack Whittaker reports via ZDNet: A U.S. company refused to comply with a top-secret order that compelled it to facilitate government surveillance, according to newly declassified documents. According to the document, the unnamed company's refusal to participate in the surveillance program was tied to an apparent expansion of the foreign surveillance law, details of which were redacted by the government prior to its release, as it likely remains classified. It's thought to be only the second instance of an American company refusing to comply with a government surveillance order. The first was Yahoo in 2008. It was threatened with hefty daily fines if it didn't hand over customer data to the National Security Agency. The law is widely known in national security circles as forming the legal basis authorizing the so-called PRISM surveillance program, which reportedly taps data from nine tech titans including Apple, Facebook, Google, Microsoft, and others. It also permits "upstream" collection from the internet fiber backbones of the internet. Any guesses as to which company it may be? The company was not named in the 2014-dated document, but it's thought to be an internet provider or a tech company.

Ed Bott, reporting for ZDNet: Citing an "elevated risk for destructive cyberattacks," Microsoft today released an assortment of security updates designed to block attacks similar to those responsible for the devastating WannaCry/WannaCrypt ransomware outbreak last month. Today's critical security updates are in addition to the normal Patch Tuesday releases, Microsoft said. They'll be delivered automatically through Windows Update to devices running supported versions, including Windows 10, Windows 8.1, Windows 7, and post-2008 Windows Server releases. But in an unprecedented move, Microsoft announced that it was also making the patches available simultaneously for manual download and installation on unsupported versions, including Windows XP and Windows Server 2003. The new updates can be found in the Microsoft Download Center or, alternatively, in the Update Catalog.

Microsoft will close its file storage and sharing service Docs.com Dec. 15, it said today. As a result of its $26 billion acquisition of LinkedIn, Microsoft also got SlideShare, a more popular place for sharing presentations infographics and other materials with an audience of 70 million. SlideShare represents a better platform for storing and publishing Microsoft documents, the company said. From a report: Microsoft is advising users to migrate and/or delete content they shared on Docs.com as soon as possible. As of today, June 9, creating new Docs.com accounts is no longer supported. Those with existing accounts can still view, edit, publish, download, and delete their existing content. As of August 1, publishing and editing content on Docs.com will no longer be supported.

Zack Whittaker reports via ZDNet: European authorities are seeking new powers to allow police and intelligence agencies to directly obtain user data stored on the continent by U.S. tech companies. The move comes in the wake of an uptick in terrorist attacks, including several attacks in Britain and France, among others across the bloc. Tech companies have been asked to do more to help law enforcement, while police have long argued the process for gathering data overseas is slow and cumbersome. The bloc's justice commissioner, Vera Jourova, presented several plans to a meeting of justice ministers in Luxembourg on Thursday to speed up access for EU police forces to obtain evidence -- including one proposal to allow police to obtain data "directly" from the cloud servers of U.S. tech companies in urgent cases. "Commissioner Jourova presented at the Justice Council three legislative options to improve access to e-evidence," said Christian Wiga, an EU spokesperson, in an email. "Based on the discussion between justice ministers, the Commission will now prepare a legislative proposal," he added. Discussions are thought to have included what kind of data could be made available, ranging from geolocation data to the contents of private messages. Such powers would only be used in "emergency" situations, said Jourova, adding that safeguards would require police to ensure that each request is "necessary" and "proportionate." Further reading: Reuters

Zack Whittaker, writing for ZDNet: US Director of National Intelligence Dan Coats has refused to say how many Americans have been caught up in the government's surveillance programs, reversing a confirmation pledge he made earlier this year. Coats said at a hearing before the Senate Intelligence Committee on the reauthorization of a key foreign surveillance law that it is "infeasible" to provide an estimate of how many Americans' communications have been collected by the National Security Agency. It's a key question that has been raised by senior lawmakers on several occasions of both the Obama and Trump administrations.

An anonymous reader quotes BleepingComputer: Malicious ads displayed in Google search results for Target -- the US retailer -- redirected users to a tech support scam. The malvertising campaign was spotted on Friday by a US user who posted his observations to a StackExchange thread. The rogue ad appeared when users searched for the term "target," right at the top of all search results, [and] used a feature of the Google Ads service that allows ad publishers to display a URL but redirect users to another link. For example, in the rogue ad, the displayed link was "target.com," but users were redirected to "tech-supportcenter.us." Surprisingly, this got past Google's ad quality control service... The page users landed on was mimicking the style of Microsoft's real website, but was urging users to call a phone number to remove a non-existent "HARDDISK_ROOTKIT_TROJAN_HUACK.EXE" file.
The article points out the same thing happen in February when Google's top search result for Amazon was a spoof site with another tech support scam.

An anonymous reader quotes ZDNet on the alleged denial of service attack which blocked comments supporting net neutrality. In a ZDNet interview, FCC chief information officer David Bray said that the agency would not release the logs, in part because the logs contain private information, such as IP addresses. In unprinted remarks, he said that the logs amounted to about 1 gigabyte per hour during the alleged attack... The log files showed that non-human [and cloud-based] bots submitted a flood of comments using the FCC's API. The bot that submitted these comments sparked the massive uptick in internet traffic on the FCC by using the public API as a vehicle...

Bray's comments further corroborate a ZDNet report (and others) that showed unknown anti-net neutrality spammers were behind the posting of hundreds of thousands of the same messages to the FCC's website using people's names and addresses without their consent -- a so-called "astroturfing" technique -- in an apparent attempt to influence the results of a public solicitation for feedback on net neutrality. Speaking to reporters last week, FCC chairman Ajit Pai hinted that the agency would likely honor those astroturfed comments, nonetheless.

A popular font sharing site DaFont.com has been hacked, resulting in usernames, email addresses, and hashed passwords of 699,464 user accounts being stolen. ZDNet reports: The passwords were scrambled with the deprecated MD5 algorithm, which nowadays is easy to crack. As such, the hacker unscrambled over 98 percent of the passwords into plain text. The site's main database also contains the site's forum data, including private messages, among other site information. At the time of writing, there were over half-a-million posts on the site's forums. The hacker told ZDNet that he carried out his attack after he saw that others had also purportedly stolen the site's database. "I heard the database was getting traded around so I decided to dump it myself -- like I always do," the hacker told me. Asked about his motivations, he said it was "mainly just for the challenge [and] training my pentest skills." He told me that he exploited a union-based SQL injection vulnerability in the site's software, a flaw he said was "easy to find." The hacker provided the database to ZDNet for verification.

An anonymous reader quotes ZDNet: With this week's monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft's browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January's stable release of Chrome 56, and Firefox's February cut-off... Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3... Once Tuesday's updates are installed, Microsoft's browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site's certificate.

An anonymous reader writes: The company that once held a mock funeral for the iPhone -- complete with dedicated "iPhone trashcans" -- now has a very different attitude about the company of Jobs. The Microsoft whose old CEO Steve Ballmer in 2007 famously predicted the iPhone had "no chance; no chance at all" of getting market share, now readily accepts and embraces a world where the iPhone and Android dominate personal computing. Microsoft talked a lot here at its Build 2017 developer conference about extending Windows experiences over to iOS and Android devices. And it's not just about fortifying Windows. Microsoft says it not only wants to connect with those foreign operating systems, but by bringing over functionality from Windows 10 (along with content) it hopes to "make those other devices better," as one Microsoft rep said in a press briefing yesterday. The developers here at Build cheered when Microsoft announced XAML Standard 1.0, which provides a single markup language to make user interfaces that work on Windows, iOS, and Android. In one demo, the company demonstrated how an enterprise sales app could be extended to an iOS device so someone could continue capturing a potential client's data on a mobile device. Windows not only sent over the client data that had already been captured, but also the business-app shell that had captured it.

HP says it has a fix for a flaw that caused a number of its PC models to keep a log of each keystroke a customer was entering. The issue, caused by problematic code in an audio driver, affected PC models from 2015 and 2016. From a report: HP has since rolled out patches to remove the keylogger, which will also delete the log file containing the keystrokes. A spokesperson for HP said in a brief statement: "HP is committed to the security and privacy of its customers and we are aware of the keylogger issue on select HP PCs. HP has no access to customer data as a result of this issue." HP vice-president Mike Nash said on a call after-hours on Thursday that a fix is available on Windows Update and HP.com for newer 2016 and later affected models, with 2015 models receiving patches Friday. He added that the keylogger-type feature was mistakenly added to the driver's production code and was never meant to be rolled out to end-user devices. Nash didn't how many models or customers were affected, but did confirm that some consumer laptops were affected. He also confirmed that a handful of consumer models that come with Conexant drivers are affected.

An anonymous reader writes: A bot is thought to be behind the posting of thousands of messages to the FCC's website, in an apparent attempt to influence the results of a public solicitation for feedback on net neutrality. A sizable portion of those comments are fake, and are repeating the same manufactured response again and again, ZDNet reports. So much so that more than 58,000 identical comments have been posted since the feedback doors were opened, now representing over one-in-ten comments on the FCC's feedback docket. The comment reads as following: "The unprecedented regulatory power the Obama Administration imposed on the internet is smothering innovation, damaging the American economy and obstructing job creation. I urge the Federal Communications Commission to end the bureaucratic regulatory overreach of the internet known as Title II and restore the bipartisan light-touch regulatory consensus that enabled the internet to flourish for more than 20 years."

ZDNet claims that all other comments follow the same pattern: the bot appears to cycle through names in an alphabetical order, leaving the person's name, and postal address and zip code. And some -- if not all -- of these comments are fake, the publication adds, claiming that it reached out to the people and many of them confirmed that they had not left any comments on the website.

An anonymous reader writes: A bot is thought to be behind the posting of thousands of messages to the FCC's website, in an apparent attempt to influence the results of a public solicitation for feedback on net neutrality. A sizable portion of those comments are fake, and are repeating the same manufactured response again and again, ZDNet reports. So much so that more than 58,000 identical comments have been posted since the feedback doors were opened, now representing over one-in-ten comments on the FCC's feedback docket. The comment reads as following: "The unprecedented regulatory power the Obama Administration imposed on the internet is smothering innovation, damaging the American economy and obstructing job creation. I urge the Federal Communications Commission to end the bureaucratic regulatory overreach of the internet known as Title II and restore the bipartisan light-touch regulatory consensus that enabled the internet to flourish for more than 20 years."

ZDNet claims that all other comments follow the same pattern: the bot appears to cycle through names in an alphabetical order, leaving the person's name, and postal address and zip code. And some -- if not all -- of these comments are fake, the publication adds, claiming that it reached out to the people and many of them confirmed that they had not left any comments on the website.

An anonymous reader writes: Canonical was doing well with Ubuntu and cloud and container-related technologies, such as Juju, LXD, and Metal-as-a-Service (MaaS). In addition, its OpenStack and Kubernetes software stacks, according to Shuttleworth, are growing by leaps and bounds on both the public and private cloud. Canonical founder Mark Shuttleworth said "in the last year, Ubuntu cloud growth had been 70 percent on the private cloud and 90 percent on the public cloud." In particular, "Ubuntu has been gaining more customers on the big five public clouds." What hadn't succeeded was Canonical's attempt to make Unity the universal interface for desktops, tablets, and smartphones. Shuttleworth was personally invested in this project, but at day's end, it wasn't getting enough adoption to make it profitable. So, Shuttleworth said with regret, Unity had to be dropped. This move also means Canonical will devote more of its time to "putting the company on the path to a IPO. We must figure out what steps we need to take moving forward." That means focusing on Canonical's most profitable lines. Specifically, "Ubuntu will never die. Ubuntu is the default platform on cloud computing. Juju, MaaS, and OpenStack are nearly unstoppable. We need to work out more of our IoT path. At the same time, we had to cut out those parts that couldn't meet an investors' needs. The immediate work is get all parts of the company profitable."

The UK government is planning to push greater surveillance powers that would force internet providers to monitor communications in near-realtime and install backdoor equipment to break encryption, according to a leaked document. From a report on ZDNet: A draft of the proposed new surveillance powers, leaked on Thursday, is part of a "targeted consultation" into the Investigatory Powers Act, brought into law last year, which critics called the "most extreme surveillance law ever passed in a democracy." Provisions in proposals show that the government is asking for powers to compel internet providers to turn over the realtime communications of a person "in an intelligible form," including encrypted content, within one working day. To that end, internet providers will be forced to introduce a backdoor point on their networks to allow intelligence agencies to read anyone's communications.

As he told the Make Me Smart podcast, Microsoft is looking for something far more transformative, like an entirely new category of smartphone that's so original and appealing that OEMs won't be able to resist tagging along. From a report: "At this point we're making sure that all of our software is available on iOS and Android and it's first class and we're looking for what's the next change in form and function," he said when asked whether Microsoft would make another phone. Nadella doesn't discuss what form these mobile devices could take, though Microsoft does have some candidates, like its HoloLens augmented reality (AR) headgear. No doubt he's keeping close tabs on Google's early progress with its Tango phone AR experiments.

Google says it will automatically upgrade the version of Chrome that some Windows users are running, in what it describes as a bet to improve stability, performance, and security. From a report on ZDNet: In a blog post on Tuesday, the search engine giant explained that Chrome users running 64-bit Windows with 4GB or more of memory will be automatically migrated to the 64-bit version of Chrome if they are running the 32-bit version.

A US online pet store has exposed the details of more than 110,400 credit cards used to make purchases through its website, researchers have found. From a report on ZDNet: In a stunning show of poor security, the Austin, TX-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text passwords. Several customers that we reached out to confirmed some of their information when it was provided by ZDNet, but did not want to be named. The database was exposed because of the company's own insecure server and use of "rsync," a common protocol used for synchronizing copies of files between two different computers, which wasn't protected with a username or password.

A Samsung representative confirmed today via Twitter that the company has blocked the ability for users to remap the Bixby hardware button on the Galaxy S8. For soon-to-be Galaxy S8 owners, the news will come as a disappointment, especially since the Bixby voice assistant in English has been delayed and will not be fully functional when units starting shipping later this week. ZDNet reports: XDA Developers first reported a Galaxy S8 firmware update blocked the ability to remap the button to perform a variety of tasks. Before, the button could even be remapped to launch Google Assistant. It's not clear if Samsung will ever support remapping the button. A representative for Samsung tweeted: "Can't say it will never happen, but we won't officially support."

Windows Phone has less than a 1 percent market share in the mobile industry, but it is not completely dead, yet. In fact, if you own a relatively new Windows Phone, it may receive a new update that will give new life to it. Microsoft has confirmed today that only a subset of Windows Phone handsets will be getting the Windows 10 Creators Update when it begins rolling out on April 25. ZDNet reports: [Here's] Microsoft's list of supported phones: Alcatel IDOL 4S; Alcatel OneTouch Fierce XL; HP Elite x3; Lenovo Softbank 503LV; MCJ Madosma Q601; Microsoft Lumia 550; Microsoft Lumia 640/640XL; Microsoft; Lumia 650; Microsoft Lumia 950/950 XL; Trinity NuAns Neo; VAIO VPB051. "Devices not on this list will not officially receive the Windows 10 Creators Update nor will they receive any future builds from our Development Branch that we release as part of the Windows Insider Program. However, Windows Insiders who have devices not on this list can still keep these devices on the Windows 10 Creators Update at their own risk knowing that it's unsupported," said Windows Insider chief Dona Sarkar in today's blog post. Microsoft attributed the short list of support phones to Insider feedback that indicated older phones might not be providing "the best possible experience" for customers. Microsoft also released a Fast Ring test build of Windows 10 Mobile for phones to Fast Ring Insiders today. That build number is 15204 and it includes a number of bug fixes. This is the first Redstone 3 build for Windows Phones. It's only available to Insider phone users of handsets that are on the list above.

Earlier this month, Microsoft locked Windows 7 and Windows 8.1 PCs running on select Intel and AMD processors from receiving future security updates. Now, a developer has found a workaround. From a report on ZDNet: The new patch, from a developer using the name 'Zeffy' on GitHub, may help people caught by Microsoft's update policy for PCs running older versions of Windows on hardware with Intel's seventh-generation Kaby Lake processors and AMD's recently released Bristol Ridge Ryzen chips. [...] Zeffy's patch promises to get around this situation, which stems from non-security updates released in March that added a function to detect the hardware's CPU generation. The developer notes that Microsoft's March 16 rollup updates for Windows 7 and Windows 8.1 contained one particularly offensive changelog entry. As reported by Ghacks at the time, the two preview updates stated: "Enabled detection of processor generation and hardware support when PC tries to scan or download updates through Windows Update."

"A trove of records containing personal and health information on close to a million people was exposed after a former developer working at a telemarketing company uploaded a backup of its database to the internet," writes ZDNet. An anonymous reader quotes their report: The data contained personal and health-related information, such as names, addresses, dates of birth, phone numbers, email addresses, Social Security numbers, health insurance information, and other data relating to the types of health problems the individuals have regarding the products they need, though many of the records were truncated or incomplete. An examination showed that the database was used to market products to thousands of customers by telemarketers at HealthNow -- no longer a registered business as of 2015. Several records we've seen included customized notes written by staff who were tasked with calling customers, such as when they are home and any other relevant information on the subject.
The database apparently lingered online for years in an AWS instance until it was discovered two weeks ago in search results from Shodan by a Twitter user calling himself Flash Gordon. Databreaches.net, which investigated the breach with ZDNet, believes this as a teachable moment. "Before you give your personal or health insurance information to telemarketers or firms that call to offer you supplies for diabetes or back pain or other conditions, think twice."

"Linux and open-source software have had to contend with intellectual property legal challenges for years," writes ZDNet. "Now, Google has started a new effort to bring peace to potential Android IP sore points: PAX... a royalty-free, community-patent cross-license." PAX is starting with nine members: Google, Samsung Electronics, LG Electronics, HTC, Foxconn Technology Group, Coolpad, BQ, HMD Global, and Allview. These companies own more than 230,000 global patents. PAX's purpose is to create a "community-driven [patent] clearinghouse, developed together with our Android partners, [that] ensures that innovation and consumer choice -- not patent threats -- will continue to be key drivers of our Android ecosystem. PAX is free to join and open to anyone."
Slashdot reader Andy Updegroved writes: The question is why? The announcement and the related website are extremely brief, and although everyone is invited to get a copy of the cross license, Google reserves the right to decide first whether your motives are pure and you can keep a secret. And so far, the only members of the "PAX Community" listed are existing Google business partners. Is Google aware of some new patent tempest brewing just over the horizon, about to burst into public view? And will any other company names and logos be added to the PAX Community Web page? We'll just have to stay tuned to find out.
Andy Updegrove tells ZDNet it does involve "formal cross-licenses between participants, and therefore enforceable rights, but not an infrastructure to do more (at least insofar as one can tell from the initial announcement)."

Done with selling its own phones, Microsoft is getting back at the smartphone business. This time, selling Samsung's Android powered flagship S8 and S8 Plus smartphone. From a report: Microsoft says it is making available for pre-order the Samsung Galaxy S8 and Galaxy S8+ Microsoft Edition. Both phones will be available for purchase beginning April 21 at brick-and-mortar US Microsoft Store locations. Details as to exactly what "Microsoft Edition" means are scarce. But based on an email I received from a Microsoft spokesperson, I believe this means these phones will need to be unboxed inside a Microsoft Store, connected to the Microsoft Store Wi-Fi and automatically populated with Microsoft apps, including Office, OneDrive, Cortana, Outlook, and more Microsoft apps.

When Microsoft made Windows 10 publicly available to all users in 2015, it said about five million people had signed up for Windows Insider program, and were using the OS every day. That number has grown to hit 10 million now, it said this week. From a report: Microsoft launched Windows Insider in October 2014 with its first public Windows 10 Technical Preview, and by that December the program counted 1.5 million members. It was a solid start, but the company now says that in just over two years numbers have grown 566 percent to 10 million fans. "We count over 10 million Windows Insiders today, many of them fans, who test and use the latest build of Windows 10 on a daily basis," wrote Yusuf Mehdi, corporate vice president of Microsoft's Windows and Devices Group. "Their feedback comes fast and furious, they have a relentless bar of what they expect, but it so inspires our team and drives our very focus on a daily basis."

Microsoft has quietly removed a feature on its document sharing site Docs.com that allowed anyone to search through millions of files for sensitive and personal information. From a report on ZDNet: Users had complained over the weekend on Twitter that anyone could use the site's search box to trawl through publicly-accessible documents and files stored on the site, which were clearly meant to remain private. Among the files reviewed by ZDNet, and seen by others who tweeted about them, included password lists, job acceptance letters, investment portfolios, divorce settlement agreements, and credit card statements -- some of which contained Social Security and driving license numbers, dates of birth, phone numbers, and email and postal addresses. The company removed the site's search feature late on Saturday, but others observed that the files were still cached in Google's search results, as well as Microsoft's own search engine, Bing.

"A zero-day attack called Double Agent can take over antivirus software on Windows machines," Network World reported Wednesday. wiredmikey writes: The attack involves the Microsoft Application Verifier, a runtime verification tool for unmanaged code that helps developers find subtle programming errors in their applications... [The exploit] allows a piece of malware executed by a privileged user to register a malicious DLL for a process associated with an antivirus or other endpoint security product, and hijack its agent.
Patches were released by Malwarebytes, AVG, and Trend Micro, the security researchers told BleepingComputer earlier this week. Kaspersky Lab told ZDNet "that measures to detect and block the malicious scenario have now been added to all its products," while Norton downplayed the exploit, saying the attack "would require physical access to the machine and admin privileges to be successful," with their spokesperson "adding that it has deployed additional detection and blocking protections in the unlikely event users are targeted."

BetaNews reports that the researchers "say that it is very easy for antivirus producers to implement a method of protection against this zero-day, but it is simply not being done. 'Microsoft has provided a new design concept for antivirus vendors called Protected Processes...specially designed for antivirus services...the protected process infrastructure only allows trusted, signed code to load and has built-in defense against code injection attacks.'"

Earlier this week, a hacker group claimed that it had access to 250 million iCloud accounts. The hackers, who called themselves part of Turkish Crime Family group, threatened to reset passwords of all the iCloud accounts and remotely wipe those iPhones. Apple could stop them, they said, if it paid them a ransom by April 7. In a statement, Apple said, "the alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services," and that it is working with law enforcement officials to identify the hackers. Now, ZDNet reports that it obtained a set of credentials from the hacker group and was able to verify some of the claims. From the article: ZDNet obtained a set of 54 credentials from the hacker group for verification. All the 54 accounts were valid, based on a check using the site's password reset function. These accounts include "icloud.com," dating back to 2011, and legacy "me.com" and "mac.com" domains from as early as 2000. The list of credentials contained just email addresses and plain-text passwords, separated by a colon, which according to Troy Hunt, data breach expert and owner of notification site Have I Been Pwned, makes it likely that the data "could be aggregated from various sources." We started working to contact each person, one by one, to confirm their password. Most of the accounts are no longer registered with iMessage and could not be immediately reached. However, 10 people in total confirmed that their passwords were accurate, and as a result have now been changed.

Intel's artificial intelligence efforts have been scattered over many different units but are now being united into a single operating group. The Artificial Intelligence Products Group will focus on the development of chips and software products tied to machine learning, algorithms, and deep learning. From a report: The company has been repositioning via acquisitions to focus on Internet of Things to autonomous vehicles. The upshot is that Intel is trying to build a data center to IoT stack powered by its processors. In a blog post, Rao outlined how the Artificial Intelligence Products Group will work across multiple units. Part of the group's remit will be to bring AI costs down and forge standards. Rao said the group will combine engineering, labs, software, and hardware from its portfolio.

Two weeks after a widespread authentication issue hit Outlook, Skype, OneDrive, Xbox and other Microsoft services, it's happening again. From a report: On March 21, users across the world began reporting via Twitter that they couldn't sign into Outlook.com, OneDrive and Skype, (and possibly more). I, myself, am unable to sign into Outlook.com, OneDrive or Skype at 2:30 pm ET today, but my Office 365 Mail account is working fine. (Knock wood.) I believe the issue started about an hour ago, or 1:30 p.m. ET or so. MSA is Microsoft's single sign-on service which authenticates users so they can log into their various Microsoft services. As happened two weeks ago, Skype Heartbeat site, has posted a message noting that users may be experiencing problems sending messages and signing in.

Zack Whittaker, writing for ZDNet: Cisco is warning that the software used in hundreds of its products are vulnerable to a "critical"-rated security flaw, which can be easily and remotely exploited with a simple command. The vulnerability can allow an attacker to remotely gain access and take over an affected device. More than 300 switches are affected by the vulnerability, Cisco said in an advisory. According to the advisory, the bug is found in the cluster management protocol code in Cisco's IOS and IOS XE software, which the company installs on the routers and switches it sells. An attacker can exploit the vulnerability by sending a malformed protocol-specific Telnet command while establishing a connection to the affected device, because of a flaw in how the protocol fails to properly process some commands. Cisco said that there are "no workarounds" to address the vulnerability, but it said that disabling Telnet would "eliminate" some risks.

An anonymous reader writes: "The spam problem would not only be significantly reduced, it'd probably almost go away," argues Paul Edmunds, the head of technology from the cybercrimes division of the U.K.'s National Crime Agency -- suggesting that more businesses should be using DMARC, an email validation system that uses both the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). "Edmunds argued, if DMARC was rolled out everywhere in order to verify if messages come from legitimate domains, it would be a major blow to spam distributors and take a big step towards protecting organizations from this type of crime..." reports ZDNet. "However, according to a recent survey by the Global Cyber Alliance, DMARC isn't widely used and only 15% of cybersecurity vendors themselves are using DMARC to prevent email spoofing.
Earlier this month America's FTC also reported that 86% of major online businesses used SPF to help ISPs authenticate their emails -- but fewer than 10% have implemented DMARC.

From a report on ZDNet: Remember that USB stick that would destroy almost anything in its path, from laptops, photo booths, kiosks, to even cars? The makers of the USB Kill stick have created a more powerful version with a higher voltage and amp output, and a three-times faster pulse rate of up to 12 times a second. And, with microUSB, USB-C, and Lightning adapters, the USB Kill claims to be able to kill iPhones, iPads, and other devices, like phones, tablets, and digital cameras. The company says it's "designed to test the surge protection circuitry of electronics to their limits." In other words, its purpose is destroying expensive kit.

Millions of records from a commercial corporate database have been leaked. ZDNet reports: The database, about 52 gigabytes in size, contains just under 33.7 million unique email addresses and other contact information from employees of thousands of companies, representing a large portion of the US corporate population. Dun & Bradstreet, a business services giant, confirmed that it owns the database, which it acquired as part of a 2015 deal to buy NetProspex for $125 million. The purchased database contains dozens of fields, some including personal information such as names, job titles and functions, work email addresses, and phone numbers. Other information includes more generic corporate and publicly sourced data, such as believed office location, the number of employees in the business unit, and other descriptions of the kind of industry the company falls into, such as advertising, legal, media and broadcasting, and telecoms.

Justice Dept. officials say that details of a hacking tool used to access a terrorist's iPhone should not be released because it may still be "useful" to federal investigators. From a report: The government is fighting a case against three news organizations, including the Associated Press, which are fighting to release details of the hacking tool that FBI agents used to unlock a passcode-protected phone used by San Bernardino shooter Syed Farook. Details of the hacking tool have remained classified, not least because the Justice Dept. believes the tool may could still be used by the FBI in similar cases. "Disclosure of this information could reasonably be expected to cause serious damage to national security as it would allow hostile entities to discover the current intelligence gathering methods used, as well as the capabilities and limitations of these methods," said David Hardy, section chief of the FBI's records management division, in a court filing released late Monday.

A developer has created the USG, "a small, portable hardware USB firewall...to prevent malicious USB sticks and devices laden with malware from infecting your computer." An anonymous reader quotes ZDNet: The problem is that most computers automatically trust every USB device that's plugged in, which means malicious code can run without warning... Cars, cash registers, and some ATMs also come with USB ports, all of which can be vulnerable to cyberattacks from a single USB stick. That's where the USG firewall comes in...a simple hardware serial link that only accepts a very few select number of safe commands, which prevents the device from executing system commands or intercepting network traffic. That means the data can flow from the USB device, but [it] effectively blocks other USB exploits.
The firmware has been open sourced, and the technical specifications have also been released online "to allow anyone to build their own from readily available development boards."

Mary Jo Foley, writing for ZDNet: There have been rumors for the past several years that Windows Server would be coming to ARM. Today, March 8, that rumor became an acknowledged reality. Microsoft officials said that the company is committed to use ARM chips in machines running its cloud services. Microsoft will use the ARM chips in a cloud server design that its officials will detail at the the US Open Compute Project Summit today, March 8. Microsoft has been working with both Qualcomm and Cavium on the version of Windows Server for ARM, according to company officials. From a report on Bloomberg: Intel chips have remained one of the sole big-name products widely in use. Microsoft's work with ARM, in progress for several years, could pave the way for a real challenge to Intel, which controls more than 99 percent of the market for server chips. [...] Any challenge to Intel's dominance in server chips is a threat to its most profitable business and main revenue driver as demand for PC processors continues to shrink. The company's Data Center Group turned $17.2 billion of sales into $7.5 billion of operating profit in 2016, and Intel has been running ads that say, "98 percent of the cloud runs on Intel."

Dell became the first major OEM to offer a laptop with Linux pre-installed in it in 2007. Ten years later, the company says it is more committed than ever to offering Linux-powered machines to users. From a report on ZDNet: The best known of these is the Dell XPS 13 developer edition, but it's not the only Linux laptop Dell offers. In a blog post, Barton George, senior principal engineer at Dell's Office of the CTO, announced "the next generation of our Ubuntu-based Precision mobile workstation line." All of these systems boast Ubuntu 16.04 long-term support (LTS), 7th generation Intel Core or Intel Xeon processors, and Thunderbolt 3, AKA 40 Gigabit per second (Gbps) USB-C, ports. As the Xeon processor option shows, these are top-of-the-line laptops for professionals. It took longer than expected for Dell to get this new set of five Ubuntu-powered Precision mobile workstations out the door. The Precision 5520 and 3520 are now available. The 3520, the entry-level workstation, starts with an Intel Core 2.5GHz i5-7300HQ Quad Core processor with Intel HD Graphics 630. From there, you can upgrade it all the way to an Intel Core Xeon 3 GHz E3-1505M v6 processor with Nvidia Quadro M62 graphics.

An anonymous reader writes: It's "like a Chromebook for Linux users on a budget," reports ZDNet. The new 2.9-pound Litebook uses Intel's Celeron N3150 processor and ships with a 14.1-inch display and a 512-gigabyte hard drive with full HD resolution (1,920 x 1,080). For $20 more they'll throw in a 32-gigabyte SSD to speed up your boot time. "Unlike Windows laptops, Litebooks are highly optimized, come without performance hogging bloatware, [are] designed to ensure your privacy, and are entirely free of malware and viruses," writes the company's web site. They also add that their new devices "are affordable, customizable, and are backwards compatible with Windows software."

ZDNet's Networking blog calls Firefox "the default web browser for most Linux distributions" and "easily the most popular Linux web browser" (with 51.7% of the vote in a recent survey by LinuxQuestions, followed by Chrome with 15.67%). But is it the fastest? An anonymous reader writes: ZDNet's Networking blog just ran speed tests on seven modern browsers -- Firefox, Chrome, Chromium, Opera (which is also built on Chromium), GNOME Web (formerly Epiphany), and Vivaldi (an open-source fork of the old Opera code for power-users). They subjected each browser to the JavaScript test suites JetStream, Kraken, and Octane, as well as reaction speed-testing by Speedometer and scenarios from WebXPRT, adding one final test for compliance with the HTML5 standard.

The results? Firefox emerged "far above" the other browsers for the everyday tasks measured by WebXPRT, but ranked near the bottom in all of the other tests. "Taken all-in-all, I think Linux users should look to Chrome for their web browser use," concludes ZDNet's contributing editor. "When it's not the fastest, it's close to being the speediest. Firefox, more often than not, really isn't that fast. Of the rest, Opera does reasonably well. Then, Chromium and Vivaldi are still worth looking at. Gnome Web, however, especially with its dreadful HTML 5 compatibility, doesn't merit much attention."
The article also reports some formerly popular Linux browsers are no longer being maintained, linking to a KDE forum discussion that concludes that Konqueror and Rekonq "are both more or less dead."

An anonymous reader shares a ZDNet report: George Brasher is a 26-year HP veteran who has worked in a variety of roles in the company's printer and PC divisions over the years and is now HP Inc's managing director for the UK and Ireland. We began by asking how the first fifteen 'post-split' months had gone. "If you go back to the genesis of the separation, what Meg [Whitman, CEO of HPE and chairwoman of HP Inc] said was that, by splitting into two businesses, we'd be able to have more focus -- and I think that's truly what's happened with HP Inc. What we wanted to get out of it was: could we be more focused on our markets; could we actually accelerate our pace of innovation and get closer to our customers? In general, I'd say the answer is a resounding 'yes'." [...] The second thing is -- and you can see examples around this room [the CWC] -- we're a technology company, and innovation is our lifeblood: if you look at PC and print, we've seen more significant high-quality introductions in the last 15 months than in any previous 15-month period." [...] "The proof is always in the pudding: I look at the Spectre x360, the Elite X3 and other devices -- and it's not just new devices, but also the quality of the new devices; being able to have a partnership with B&O and thinking about a new computing experience. On the print side, it's the same thing: in September we announced our single biggest rollout ever, with a set of 16 A3 multifunction devices starting in a couple of months and rolling out over the course of the year. I don't think that happens unless you have separation, because then you've got a management team and a board, and a group of employees, that are just laser-focused on driving against that."