COMPUTERS/INTERNET/SECURITY | WHAT REALLY HAPPENED


COMPUTERS/INTERNET/SECURITY

May 20 10:15

Windows 10 version 1903: Is it safe to install yet?

"Once burned, twice shy." That's good advice if you're working around a hot stove. It's an equally wise strategy for anyone responsible for administering Windows 10 PCs.

After the disastrous rollout of Windows 10 version 1809, you should indeed be extremely wary of touching that hot stove. Microsoft had grown cocky after a handful of relatively trouble-free feature updates to Windows 10, and had even bragged about how quickly it was able to roll out those semi-annual feature updates. That hubris caught up with them in late 2018.

May 20 09:28

Huawei confirms it has built its own operating system just in case US tensions disrupt use of Google’s Android

The Chinese company has developed a proprietary OS as tensions between the company and the US government could impact the availability of US-made operating systems used on Huawei devices, Huawei’s mobile chief Richard Yu Chengdong, said in an interview with German publication Die Welt.
Yu’s comments confirm an earlier report

by the South China Morning Post in April 2018, which revealed the existence of a years-long project to build an alternative to Google’s Android OS. Huawei started building its own operating system after a US investigation into Huawei and ZTE Corp in 2012, a person familiar with the matter said in the report.

May 20 09:25

Huawei Responds to Android Ban

It seems like both Huawei and Google aren’t exactly certain about what’s going to happen going forward. The plan forward is a big uncertainty for both the companies and Huawei being one of the biggest phone makers in the world, that’s a huge problem for the entire market.

May 20 09:14

Netizen Report: Amid WhatsApp Attacks, Advocates Launch Legal Challenge Against Israeli Malware Maker

By Netizen Report Team

The Advox Netizen Report offers an international snapshot of challenges, victories, and emerging trends in technology and human rights around the world. This report covers news and events from May 10 – 17, 2019.

On May 13, WhatsApp users in multiple countries were targeted with malicious software developed by the Israeli company NSO group and deployed by governments that had purchased the software...

May 20 09:00

Have Consumers Already Lost the Online Privacy War?

By Sam Bocetta

Technology has increasingly come to occupy a central role in our lives. Growing numbers of people, however, have expressed concerns over how much of our privacy we’ve sacrificed for the sake of convenience.

Networks are under assault from cyber attacks like never before, resulting in frequent, massive data breaches. Perhaps even more significantly, companies seem to be gathering data on customers, often without their knowledge, in an effort to more precisely target their advertising...

May 19 21:20

WHY DOES NASA NEED ACCESS TO OHIO’S FACIAL RECOGNITION SYSTEM AND DATABASE?

More than 4,500 individuals at federal and local law enforcement agencies currently have access to a facial recognition database hosted by the Ohio Attorney General’s office, including at the Federal Bureau of Investigation, Immigration and Customs Enforcement, and the National Aeronautics and Space Administration.

May 19 21:16

5G DANGER: HUNDREDS OF RESPECTED SCIENTISTS SOUND THE ALARM ABOUT HEALTH EFFECTS AS 5G NETWORKS GO UP NATIONWIDE

Even though many in the scientific community are loudly warning about the potential health effects that 5G technology could have on the general population, Verizon and AT&T are starting to put up their 5G networks in major cities all across the nation. Today, the total number of cell phones exceeds the entire population of the world, and the big cell phone companies are making a crazy amount of money providing service to all of those phones. And now that the next generation of cell phone technology has arrived, millions of cell phone users are looking forward to better connections and faster speeds than ever before. In fact, President Trump says that 5G networks will be up to 100 times faster than the current 4G networks that we are using right now…

May 19 21:07

CHICAGO AND DETROIT HAVE BOUGHT REAL-TIME FACIAL RECOGNITION SYSTEMS

Civil liberties activists trying to inspire alarm about the authoritarian potential of facial recognition technology often point to China, where some police departments use systems that can spot suspects who show their faces in public. A report from Georgetown researchers on Thursday suggests Americans should also focus their concern closer to home.

May 19 17:29

South Korea will ditch Microsoft Windows for Linux

Windows 7 support will end in January of next year, and that is a huge problem for both business and home users that are still running the aging operating system. Can't these people just upgrade to Windows 10? Well, yeah, but many just don't want to. Windows 10 has extreme telemetry that many people consider to be spying. As a result, they simply don't trust Microsoft's latest operating system. Not to mention, for businesses and organizations with many computers, the upgrade to Windows 10 could prove to be a costly affair.

And now, as a result of the upcoming death of Windows 7 support, the South Korean government has reportedly decided to ditch Microsoft Windows entirely. According to The Korea Herald, the Asian country's government will switch from Windows 7 to a Linux-based operating system.

May 19 17:27

Google 'restricts Huawei's use of Android'

New smartphones made by the company will also lose access to Google's app store and software such as Gmail, the news agency's story says.

May 19 07:58

FACEBOOK ADMITS ISRAELI SOCIAL MANIPULATION COMPANY SPENT $800,000 TO INFLUENCE AFRICAN ELECTIONS

SOURCE: ZERO HEDGE
In keeping with their spectacular reputation of violating privacy and rigging elections, Facebook has said that it removed "hundreds of accounts" from Facebook and Instagram that were used to influence elections in Africa, according to CNN. Only it wasn't Russia who was behind this latest intervention, but Israel.
Archimedes Group, an Israeli company, reportedly spent more than $800,000 in advertising (far more than the Kremlin allegedly spent on its "ad campaign" to crush Hillary Clinton and get Trump elected) and ran accounts that had nearly 3 million followers, for the purpose of targeting African elections. The group primarily targeted Nigeria, Senegal, Togo, Angola, Niger and Tunisia.

For perspective, the $800,000 reportedly spent by the group compares to the $100,000 that has been claimed by the U.S. mainstream media to have been spent for ‘Russian bots’ used to allegedly sway the 2016 US presidential election, according to RT.

Webmaster's Commentary: 

Color me completely unsurprised at this revelation.

Most the worlds's precious, and yet-to-be-exploited commodities, can be found in Africa; it is no wonder Israel sought to exploit those elections for economic gain.

May 19 07:47

POLICE ARE COPYING AND PASTING BODY PARTS IN FACE RECOGNITION SEARCHES

The NYPD is sometimes photoshopping random facial features onto suspect photos, and then searching those images using face recognition tech. Source: https://www.flawedfacedata.com/

In two reports published this week, Georgetown University Law School’s Center on Privacy and Technology joins the ACLU of Massachusetts in calling for a moratorium on the government’s use of face surveillance technology, citing alarming new findings about law enforcement’s use of the tool nationwide.

Webmaster's Commentary: 

This is full-frontal "Minority Report", gone haywire.

May 18 12:00

Scott Adams: Buttigieg, Fake News, How to Frame Immigration, Abortion, Climate

Comments at: https://twitter.com/ScottAdamsSays/status/1129748787868700673

Border psychology: Telling people we’ll be sending them back soon
A simple tweet that reduces those swarming our border
President Trump uses psychology to protect our homeland
President Trump has a highly criticized style, BUT…
Future Presidents will be compared to his energy, results
President Trump does counter-narrative things ALL the time
Enemy press and Dems push “racist” narratives about him
President’s actions and priorities counter their narratives
The essential claim for needing immigration reform
If your incentives aren’t correct, immigration is a disaster
GOOD FRAMING: Heartbeat bills, a beating heart equals life
GOOD FRAMING: immigration policies like those in…Canada, Japan
Merit based policies like our friends in Canada and Japan

May 18 09:55

AI-Generated Joe Rogan Voice is a Warning From the Future

By John Vibes

In 2017, a startup called “Lyrebird” made headlines with AI-generated replications of celebrity voices that were extremely convincing.

Tracks posted to SoundCloud featured the voices of Donald Trump, Barack Obama, and Hillary Clinton making a pitch for the Lyrebird’s new technology. In the video, a Fake President Trump voice says, “They can make us say anything now.”

While the story gathered some attention initially, it quickly disappeared from the news cycle, except for just about one place, The Joe Rogan Experience Podcast...

May 18 08:18

Thought Crimes? Facial Recognition Technology Is Invading The U.S.; San Fran Passes Historic Privacy Bill; Man Arrested In UK For Hiding Face

By Aaron Kesel

You can’t run, you can’t hide; facial recognition technology is advancing at a quickening pace, it’s becoming more widespread and accurate, and we are entering the path of no return.

A report from Georgetown researchers states that agencies in Chicago and Detroit have bought real-time facial recognition systems. Meanwhile, a privacy bill failed to pass in San Francisco. Elsewhere, in the UK an unidentified man was arrested for hiding his face from facial recognition technology and was gifted an insane disorderly behavior fine of £90...

May 17 16:20

Tesla Model 3: Autopilot engaged during fatal crash

A preliminary report into a fatal accident involving a Tesla Model 3 in the US has found Autopilot had been engaged 10 seconds before the crash.

The Tesla was travelling above the speed limit when it crashed into a truck towing a trailer in March 2019.

The roof of the car was sheared off in the accident and the driver was killed.

According to the report, the driver did not appear to have his hands on the wheel and neither he nor the Autopilot took any evasive action.

May 17 11:50

More Chaos: Baltimore City Cryptocurrency Ransomware Attack Paralyzes Real Estate Industry

Last week, we reported the Baltimore City government was paralyzed by cryptocurrency ransomware, which infected computers associated with severs tied to the city's communication network.

A new report from The Baltimore Sun shows the hack has disrupted city servers for the eighth straight day. This time, essential systems required for transacting real estate deals have gone offline, throwing the entire industry across the city into chaos, which means no homes can currently be bought or sold.

May 17 09:10

What You Need to Know About the Latest WhatsApp Vulnerability

By Eva Galperin

If you are one of WhatsApp’s billion-plus users, you may have read that on Monday the company announced that it had found a vulnerability. This vulnerability allowed an attacker to remotely upload malicious code onto a phone by sending packets of data that look like phone calls from a number not in your contacts list. These repeated calls then cause WhatsApp to crash. This is a particularly scary vulnerability because the does not require that the user pick up the phone, click a link, enter their login credentials, or interact in any way...

May 17 08:13

Hacktivist attacks dropped by 95% since 2015

Threat intelligence analysts have long said that hacktivism was dead but new data published by IBM X-Force today confirms the complete collapse of hacktivism scene, with activity levels going down by 95% since 2015.

May 16 11:02

TINY SPIES: THIS INSECT-LIKE FLYING ROBOT IS SMALLER THAN A PENNY

A team of engineers from the University of Southern California in Los Angeles built a four-winged flying robot called Bee+, which weighs just 95 grams and sports a footprint smaller than a penny.

May 16 10:50

Hackers for hire get government stamp of approval

HackerOne announced it is one step closer to achieving coveted approval for operating on federal networks.

The San Francisco-based “hacker-powered security” company said May 15 it had achieved Federal Risk and Authorization Management Program (FedRAMP) In Process status for Tailored Low impact Software-as-a-Service (Li-SaaS).

A release noted that the “In Process” status signifies the addition of HackerOne’s full suite of solutions into the FedRAMP marketplace. These solutions include bug bounty, vulnerability disclosure and compliance solutions.

The company said it expects to achieve FedRAMP Authorized status, the final stage, by 2020.

May 16 10:48

White House Rolls Out Website To Report Silicon Valley Censorship

The White House has launched a new tool for people to use if they feel they have been unfairly discriminated against over social media.

The Trump Administration is fighting for free speech online.

No matter your views, if you suspect political bias has caused you to be censored or silenced online, we want to hear about it!

Those who feel they have been wrongly banned, censored or suspended on platforms such as Facebook or Twitter can go to "wh.gov/techbias" where the following mesage will greet them:

"SOCIAL MEDIA PLATFORMS should advance FREEDOM OF SPEECH. Yet too many Americans have seen their accounts suspended, banned, or fraudulently reported for unclear “violations” of user policies.

No matter your views, if you suspect political bias caused such an action to be taken against you, share your story with President Trump."

Webmaster's Commentary: 

Sounds great, but way too little and way to late for people whose sites have already been deplatformed, and demonetized.

How is the government going to handle that, and will we see lawsuits against the companies which did this in the first place, like Google, Twitter, or Facebook?!?

I wouldn't hold my breath, because the data these companies have stored, and shared with Federal government officials, has made them the unofficial 4th arm of governmental activities: surveillance.

May 16 10:08

US Adults Spend Crushing Amount Of Cash Playing Video Games

American adults spend enormous amounts of money playing video games, mostly on smartphones, and at a rapidly increasing pace, according to Reuters.

According to annual research from the Entertainment Software Association, over 164 million US adults play video games - a figure that's 20% more than a year ago and over 85% more than in 2015.

A staggering $43.4 billion spent in 2018 was mostly on content, as opposed to hardware and accessories. Of pay-to-play games, “Call of Duty: Black Ops III”, “Red Dead Redemption II” and “NBA 2K19” took the top spots for most units sold but the list did not include free games such as “Fortnite.”

“Games are striking an important chord with American culture,” said Stanley Pierre-Louis, ESA’s acting president and chief executive officer. “That’s what makes it the leading form of entertainment today.”

May 16 09:53

FBI Tells The Governor Of Florida About Election Hacking, But Says He Can't Tell Anyone Else

I thought this was America, but whatever. Secrecy in all things government, despite the (often misheld) presumption that our public servants will be open and honest about issues that affect us.

It's no secret voting systems and databases are not secure. These are problems that date back 15 years, but have shown little improvement since. Election interference is just another tool in the nation-state hacking kit, and the US is far from immune from these attacks.

Federal agencies investigating election interference are at least speaking to officials in states affected by these efforts. But those officials are apparently not allowed to pass on this information to those affected the most: voters.

Gov. Ron DeSantis met with the FBI and the U.S. Department of Homeland Security last Friday to discuss the revelation in Robert Mueller’s report that “at least one” Florida county had its election information accessed by Russian hackers in 2016.

Webmaster's Commentary: 

Ad the proof that this actually happened?!?

Of course, absolutely no where to be found.

May 16 06:59

Outrage after Adobe says customers using an older version of Photoshop may be SUED if they continue - even though they paid for the software

Customers who have regularly paid to use Adobe's Photoshop software have been politely threatened with litigation for using older versions.

After discontinuing older versions of the popular photo editing software, Adobe emailed customers regarding its policy towards users who don't abide the company's rules.

'We have recently discontinued certain older versions of Creative Cloud applications and and a result, under the terms of our agreement, you are no longer licensed to use them,' Adobe said in the email.

'Please be aware that should you continue to use the discontinued version(s), you may be at risk of potential claims of infringement by third parties.'

May 16 06:53

Keyloggers Injected in Web Trust Seal Supply Chain Attack

Hackers compromised the script used by Best of the Web to display their trust seal on their customers' websites and to add two key logging scripts designed to sniff keystrokes from visitors.

As Sanguine Security researcher Willem de Groot found out, "The security seal as sold by @bestoftheweb contains even 2 different keystroke loggers. One was added on Apr 24th, the other last week."

After de Groot disclosed his discovery to Best of the Web, the company confirmed that their trust seal script which was hosted on Amazon’s content delivery network (CDN) was indeed hacked.

In addition, the company stated that it took immediate action to fix the issue and all customers impacted by the compromised script were being contacted.

May 16 06:50

Hackers Inject Magecart Card Skimmer in Forbes’ Subscription Site

Hackers injected the Forbes' subscription website with a Magecart script which collects payment card data customers introduce on the checkout page and exfiltrates it to a server controlled by the attackers.

As revealed by Bad Packets Report's co-founder Troy Mursch, the script collects card numbers, expiration dates, and credit card CVV/CVC verification codes, as well as customers' names, addresses, phone numbers and emails.

While the obfuscated Magecart script can still be found on the forbesmagazine.com website, the domain used by the attackers to collect the stolen payment information has been taken down using Freenom's abuse API which makes it possible to take down malicious domains immediately.

May 15 15:11

Google is about to have a lot more ads on phones

Google announced a bunch of new ad types today that’ll start showing up throughout its mobile products, including some that interrupt the core Google search and discovery experiences.

Google searches on mobile will soon include “gallery” ads that allow advertisers to display multiple images for users to swipe through. You’ll also begin to see ads in Google’s discover feed — the feed of news stories that you find built into many Android home screens, inside the Google app, and on Google’s mobile homepage — though they’ll only appear in select locations for now.

The new ad formats are meant to make ads a lot more noticeable. In a blog post, Google ad chief Prabhakar Raghavan says that, in tests, gallery ads resulted in “up to 25 percent more interactions” than traditional search ads.

May 15 14:53

Legal bombs fall on TurboTax maker Intuit for 'hiding' free service from search engines

Intuit, the biz behind America's most popular tax-filing software, was sued this week for seemingly hiding a free version of its product from search engines.

The class-action lawsuit [PDF] from TurboTax users from across the United States was lodged in San Francisco, and joins one filed [PDF] last week by the Los Angeles City Attorney on behalf of the people of California, also against Intuit.

Both lawsuits claim that Intuit's use of HTML metatags to prevent search engines from indexing the website where the free software is available led to people being "intentionally misled and deprived of the opportunity to make an informed decision about their tax-filing service." In other words, people went straight to the paid-for system not knowing there was a free alternative.

May 15 14:33

Update your computer NOW: Intel reveals 'ZombieLoad' flaw affecting its chips could put MILLIONS of devices at risk by letting hackers steal passwords and other sensitive user data

Security researchers have discovered a new set of flaws in Intel processors that could leave users exposed to cyber-attacks akin to those caused by the Meltdown and Spectre vulnerabilities.

The attack variants include Fallout, RIDL and ZombieLoad, the last of which appears to be the most critical and operates by exploiting a design flaw in Intel chips to leak sensitive user data.

Chips made by Advanced Micro Devices and ARM Holdings are not affected by this latest vulnerability.

However, it impacts 'almost every computer' with an Intel processor going back as early as 2011, according to TechCrunch.

May 15 14:31

Buffer the Intel flayer: Chipzilla, Microsoft, Linux world, etc emit fixes for yet more data-leaking processor flaws

Intel on Tuesday plans to release a set of processor microcode fixes, in conjunction with operating system and hypervisor patches from vendors like Microsoft and those distributing Linux and BSD code, to address a novel set of side-channel attacks that allow microarchitecture data sampling (MDS).

...

Intel's patch dump coincides with the expected release of research papers by computer scientists – summarized at cpu.fail and zombieloadattack.com – detailing how the vulnerabilities arise from speculative execution – a shortcut taken by modern processors to execute software instructions before they're needed that has opened new avenues of attack. The vulnerabilities appear to be limited to Intel hardware; the researchers say they were unable to replicate any of their attack primitives on Arm or AMD-designed processors.

May 15 14:30

RIP Hyper-Threading? ChromeOS axes key Intel CPU feature over data-leak flaws – Microsoft, Apple suggest snub

In conjunction with Intel's coordinated disclosure today about a family of security vulnerabilities discovered in millions of its processors, Google has turned off Hyper-Threading in Chrome OS to fully protect its users.

Meanwhile, Apple, Microsoft, IBM's Red Hat, QubesOS, and Xen advised customers that they may wish to take similar steps.

The family of flaws are dubbed microarchitecture data sampling (MDS), and Chipzilla's official advisory is here, along with the necessary microcode updates to mitigate the data-leaking vulnerabilities and list of affected products. Installing these fixes and disabling Intel's Hyper-Threading feature is a sure fire way to kill off the bugs, though there may be a performance hit as a result.

May 15 14:22

Microsoft rolls out patch for older Windows systems to stop the spread of malware like the WannaCry blackmail attack that crippled computers in 74 countries

Microsoft has issued a patch for some of its older systems to fix a vulnerability that could allow malware to spread in a similar way to the 2017 WannaCry attack.

...

The fix is one of a range of patches issued by the computing giant to repair systems it has since stopped supporting, such as Windows 7 and XP.

May 15 14:16

Radio signals used to guide planes during landing can easily be FAKED to throw them off course by hackers using tools amounting to just $600, researchers warn

With about $600 and a few tools, hackers could fake the radio signals used by commercial airplanes to navigate and land safely, according to new research.

In a paper and demonstration from researchers at Northeastern University in Boston, a software defined radio -- a non-traditional radio that uses software instead of hardware for many components -- successfully tricks a simulated plane into thinking that the aircraft is traveling off-course.

Through a process called 'spoofing' -- a term also applied to scam and robo-callers who fake their numbers -- researchers are able to deceive an aircraft's course deviation indicator into thinking the plane is off-center.

This causes it to misalign or falsely 'correct' its trajectory and land adjacent to the runway.

May 15 11:28

Twitter Bans Official AOC Account After Mistaking It For Satire

The social network had banned several popular parody accounts of the congresswoman. The company then deployed an algorithm to identify and automatically ban accounts that satirized Ocasio-Cortez or her allies in Congress. Unfortunately, the algorithm got "a little too aggressive," and banned Ocasio-Cortez herself.

The AOC parody accounts are so spot-on, that Twitter can't tell the difference.

May 15 10:24

Israel spyware firm linked to Khashoggi case used to hack WhatsApp

Software created by an Israeli spyware firm with links to the murder of Saudi journalist Jamal Khashoggi has been used to hack messaging app WhatsApp.

WhatsApp discovered earlier this month that potential attackers had been able to install malicious surveillance software on to both iPhones and Android phones by ringing targets using the app’s phone call function, the Financial Times (FT) reported yesterday. The FT added that the software “could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs”.

May 15 10:18

WhatsApp Users Targeted By Spyware -- Here's What You Need To Know

WhatsApp has patched a vulnerability that allowed attackers to inject spyware onto people’s phones. This was confirmed by both WhatsApp and a spyware technology dealer to the Financial Times, which broke the news.

Discovered at the start of May, the vulnerability would have allowed adversaries to install surveillance software on phones by calling a user via the app’s phone call function. The attack could be performed even if the person didn’t answer their phone, while the calls would often disappear from logs, according to the spyware dealer.

The malicious code was allegedly developed by Israeli company NSO Group, which aims its products at Middle Eastern and Western intelligence agencies. NSO’s flagship product is dubbed Pegasus: a program that can turn on your phone’s microphone and camera, search emails and messages and collect location data.

May 15 10:16

ZombieLoad: New critical flaw affects most Intel processors, exposes keys, browsing history & more

Researchers have found another security flaw in the Intel processor chips that power most of the world’s computers, one that can compromise users’ private data – and that can’t be fixed without a major performance drop.
The exploit, dubbed ZombieLoad, is embedded in Intel’s processor chips themselves, meaning even the best-designed software patches can only go part of the way toward plugging the hole without reducing the chips’ performance. The vulnerability may allow attackers to ‘resurrect’ critical data processed by the chip – from browser history and passwords to disk encryption keys and other system-level sensitive data.

Its reach isn’t even limited to the end-user’s computer, according to researchers Michael Schwarz, Moritz Lipp, and Daniel Gruss from Graz University of Technology and Jo Van Bulck from KU Leuven: it “can also be exploited in the cloud.”

May 15 10:12

Victory! EFF Wins National Security Letter Transparency Lawsuit

Source: Electronic Frontier Foundation

A federal district court in San Francisco has ruled strongly in favor of our Freedom of Information Act lawsuit seeking records of how and when the FBI lifts gag orders issued with National Security Letters (NSLs). These records will provide a window into the FBI’s use of a highly secretive investigative tool that has been historically misused. They will also provide insight into the effectiveness of the USA Freedom Act, the national security reform law passed by Congress in 2015.

NSLs are a form of administrative subpoena that allows the government to obtain basic information about customers of communications providers, banks and credit agencies, and a range of other companies. The defining feature of NSLs, however, is that the FBI can issue a blanket gag order with its information request, preventing recipients from saying anything about them, including the very fact that they have received an NSL.

Webmaster's Commentary: 

Congrats, EFF, well-done!!

May 15 10:08

WhatsApp fixes Israeli spyware breach

Users of the messaging service WhatsApp are being urged to immediately update to the latest version of the app.

WhatsApp, which is owned by Facebook, released the update to fix a critical vulnerability that allowed Israeli spyware to be installed on a user’s smartphone simply by ringing it up.

“The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs,” according to the Financial Times.

May 15 10:05

Intel CPUs impacted by new Zombieload side-channel attack

Academics have discovered a new class of vulnerabilities in Intel processors that can allow attackers to retrieve data being processed inside a CPU.

The leading attack in this new vulnerability class is a security flaw named Zombieload, which is another side-channel attack in the same category as Meltdown, Spectre, and Foreshadow.

May 15 09:10

ZombieLoad: New critical flaw affects most Intel processors, exposes keys, browsing history & more

Researchers have found another security flaw in the Intel processor chips that power most of the world’s computers, one that can compromise users’ private data – and that can’t be fixed without a major performance drop.

The exploit, dubbed ZombieLoad, is embedded in Intel’s processor chips themselves, meaning even the best-designed software patches can only go part of the way toward plugging the hole without reducing the chips’ performance. The vulnerability may allow attackers to ‘resurrect’ critical data processed by the chip – from browser history and passwords to disk encryption keys and other system-level sensitive data.

Its reach isn’t even limited to the end-user’s computer, according to researchers Michael Schwarz, Moritz Lipp, and Daniel Gruss from Graz University of Technology and Jo Van Bulck from KU Leuven: it “can also be exploited in the cloud.”

Webmaster's Commentary: 

Intel.... just fix the darned flaw, please!!!

This has got to be annoying to the execs here; but I think there are two words which, at this point in time, in the computer industry's existence, need to come about; those words are: product liability.

Because those creating the computers we all rely upon, have been, for far too many years, costing us business, and costing us money, sometimes, big-time.

That has to stop, and right the heck now.

May 15 08:22

WhatsApp: Malicious Spyware Has All The Markings Of “Government Sponsored Surveillance”

WhatsApp has asked users to update their systems after a malicious attack. The cyber attack is complete with all the hallmarks of a “government-sponsored surveillance” attempt.

The messaging and audio app owned by Facebook said Monday that malicious hackers were able to install spyware on Android smartphones and Apple iPhones and is asking users to make sure their security is up to date. But more alarming, is that this looks like the government wants to spy on its own people who use the WhatsApp app. “The attack has all the hallmarks of a private company reportedly that works with governments to deliver spyware that takes over the functions of mobile phone operating systems,” a WhatsApp spokesperson told MarketWatch.

Webmaster's Commentary: 

This... is more than a little scary.

May 14 16:50

'Hard-to-fix' Cisco flaw puts work email at risk

Security researchers have discovered serious vulnerabilities affecting dozens of Cisco devices.

The flaws allow hackers to deceive the part of the product hardware that checks whether software updates come from legitimate sources.

Experts believe this could put emails sent within an organisation at risk as they may use compromised routers.

Messages sent externally constitute less of a risk, however, as they tend to be encrypted.

The California-based firm said it is working on "software fixes" for all affected hardware.

May 14 11:35

The Re-Opening Of The Swedish Assange Case Should Be Welcomed

Authored by Craig Murray,

That the Swedish investigation into the rape allegation against Julian Assange is being re-opened is something that ought to be welcomed. The alternative would be for this accusation to hang unresolved over Julian’s head forever. The Swedish prosecutors now need finally, as my father used to say, either to piss or get off the pot. They need to decide whether there is sufficient evidence to charge or not.

There is no reason for delay. The Swedish police have had seven years to investigate this case and all the evidence has been gathered and all statements taken – the last being the interview of Julian Assange in the Ecuadorean Embassy in 2017. Hopefully to review the evidence and decide whether to charge will not now be a lengthy procedure. It is worth noting, contrary to much misreporting, Julian Assange has never been charged with anything in Sweden.

Webmaster's Commentary: 

IF Assange is to leave the British prison in which he is now languishing, having him be in a Swedish courtroom may be profoundly less hazardous to his health; in an American jail, there is always, it appears, to be room for political assassinations.

If you don't believe me, just think of the murder of Whitey Bulger in a Federal jail last year.

May 14 10:39

Boeing Settlement Hinges On How Long Doomed 737 Max Passengers Knew They Were Going To Die

Boeing and its insurers are likely to pay an amount of money to the families of those who died in the 737 Max crashes that is directly proportional to one grim measure: how long the victims knew they were plunging to their deaths. Additionally, as part of a legal fight to determine Boeing's financial liability after the 737 Max crashes in Ethiopia and Indonesia, passenger's families could be paid compensation based on grief, sorrow, loss of companionship and lost future paychecks.

According to an estimate from Bloomberg, the claims could total as much is $1 billion, and some legal experts believe the final amount could be even more, if evidence shows that Boeing knew about flaws in their planes prior to the tragedies taking place. This idea has already prompted investor lawsuits against the company, claiming it hid safety risks.

Webmaster's Commentary: 

Boeing used to be a company with a stellar reputation for safety; that there was knowledge on the part of the execs, that there were real, possibly fatal flaws in the design these 737s, is more than a little scary.

Whoever knew about this, and sat on it, should be looking at real jail time, and NOT, thank you very much, in a Club Fed.

May 14 10:19

Ecuador will give USA Assange's computers and documents in London

The Attorney General of the State of Ecuador has agreed to register one of the stays of the embassy of that country in London, in which the cyber-activist has resided during the last seven years, and to deliver to the US all his documents, mobile phones, computer files , computers, memory units, CDs and any other device, as indicated by an official notification to which EL PAÍS has had access.

May 14 10:08

Adobe Releases Critical Patches for Flash, Acrobat Reader, and Media Encoder

Adobe today released its monthly software updates to patch a total of 87 security vulnerabilities in its Adobe Acrobat and Reader, Flash Player and Media Encoder, most of which could lead to arbitrary code execution attacks or worse.

None of the flaws patched this month in Adobe products has been found exploited in the wild.

Out of 87 total flaws, a whopping number of vulnerabilities (i.e., 84 in total) affect Adobe Acrobat and Reader applications alone, where 42 of them are critical and rest 42 are important in severity.

May 14 10:05

Judge: Number of ‘Unprovable’ Piracy Cases is Alarmingly High

Copyright-trolling outfit Strike 3 has suffered a severe blow in a New York federal court. U.S. Magistrate Judge James Orenstein has thrown out over a dozen cases, signaling a variety of problems. Among other things, the Judge noted that the frequency of improperly accused pirates, more than one in three, is alarmingly high.

May 14 10:04

Revealed: The WhatsApp message that spread false rumour of Metro Bank 'going bankrupt' and sent worried savers rushing to empty their accounts

A false WhatsApp rumour telling Metro Bank customers to empty their accounts 'as soon as possible' was behind a panic which sent the company's shares tumbling, it has emerged.

A message which circulated on the Facebook-owned service claimed falsely that Metro Bank 'may be shut down or going bankrupt'.

It sparked fears for the future of the High Street bank and prompted some West London savers to queue up at a local branch and withdraw their money.

The bank has faced a tumultuous few months but has told customers there is 'no reason to be concerned' about the false claims.

May 14 09:11

Secretive Israeli Company Uses WhatsApp Voice Calls To Install Spyware On Phones

With so much attention focused recently on constant consumer spying and privacy violations, erroneous or otherwise, by Amazon, Facebook and now Twitter, it is easy to forget that virtually other communication apps have the same purpose, and that's what one secretive Israeli company relied on when they used a vulnerability in the popular messaging app WhatsApp (owned by Facebook) to inject commercial Israeli spyware on to phones, the company and a spyware technology dealer said. What is unique is how the app was infected: with a simple phone call.

May 13 19:54

Israeli Firm Tied to Tool That Uses WhatsApp Flaw to Spy on Activists

An Israeli firm accused of supplying tools for spying on human-rights activists and journalists now faces claims that its technology can use a security hole in WhatsApp, the messaging app used by 1.5 billion people, to break into the digital communications of iPhone and Android phone users.

Security researchers said they had found so-called spyware — designed to take advantage of the WhatsApp flaw — that bears the characteristics of technology from the company, the NSO Group.

WhatsApp engineers worked around the clock to patch the vulnerability and released a patch on Monday. They encouraged customers to update their apps as quickly as possible.

May 13 19:49

WhatsApp exploit let attackers install government-grade spyware on phones

WhatsApp just fixed a vulnerability that allowed malicious actors to remotely install spyware on affected phones, and an unknown number reportedly did so with a commercial-grade snooping package usually sold to nation-states.

The vulnerability (documented here) was discovered by the Facebook-owned WhatsApp in early May, the company confirmed to TechCrunch. It apparently leveraged a bug in the audio call feature of the app to allow the caller to allow the installation of spyware on the device being called, whether the call was answered or not.

The spyware in question that was detected as having been installed was Israel-based NSO Group’s Pegasus, which is usually (ostensibly) licensed to governments looking to infect targets of investigations and gain access to various aspects of their devices.

May 13 17:45

Kentucky Taxpayers On The Hook An Estimated $1.5B for Their “Information Highway to Nowhere”

By B.N. Frank

Activist Post reported less than a month ago about how Google has to pay $4M to Louisville, KY to remove fiber, repair damage, and repave roads after its failed project. According to a recent article from ProPublica, Kentucky residents are on the hook for a different high-speed internet fiasco...

May 13 17:07

Google's left-leaning media bias revealed: Academic study exposes how search engine massively over-promotes results from liberal news websites over right

According to data compiled by researchers from Northwestern University, the search engine promoted those sites over others repeatedly in November 2017.

Of the 6,302 articles that appeared in Google's 'top stories' page that month after a term was searched, more than 10 percent were by CNN.

The New York Times was the second most favored and accounted for 6.5 percent of articles. The Washington Post was third with 5.6 percent.

By contrast, Fox News, the most right-wing outlet in mainstream media, was the source of just three percent of the stories which appeared.

Nearly all (86 percent) of the stories came from just 20 sources and of them, 62 percent were considered to be left-leaning.

May 13 17:06

Manosphere Blog 'Chateau Heartiste' Banned by WordPress

WordPress reportedly banned the popular right-wing manosphere blog Chateau Heartiste on Friday in the latest assault on Free Speech at the hands of Big Tech.

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA