Linux fréttir

Over 100 Wi-Fi Routers Fail Major Security Test -- Protect Yourself Now

Slashdot - Thu, 2020-07-09 00:45
schwit1 shares a report from Tom's Guide: Using its own analytical software, the [Fraunhofer Institute] tested the most recently available firmware for 117 home Wi-Fi models currently sold in Europe, including routers from ASUS, D-Link, Linksys, Netgear, TP-Link, Zyxel and the small German brand AVM. The models themselves were not physically tested. A full list of the tested models and firmware is on GitHub. The institute was not able to examine the firmware of 10 more models, mostly from Linksys. The report notes (PDF) that many firmware updates are issued without fixing known flaws. So what can you do? You can make sure that the next router you buy automatically installs firmware updates. You can check to see whether your current router does so, or makes it fairly easy to install firmware updates manually. You should also make sure that the administrative password for your router has been changed from the factory default password. (Check the list of default passwords at https://www.routerpasswords.com.) You should also check its administrative interface to make sure that UPnP and remote access are disabled. And if your router was first released more than 5 years ago, consider buying a newer model unless it meets all of the above criteria. Alternatively, you could try to "flash" your older router to run more secure open-source router firmware such as OpenWrt, DD-WRT or Tomato. "The worst case regarding high severity CVEs [widely known flaws] is the Linksys WRT54GL powered by the oldest kernel found in our study," the report said, noting that this model uses the 2.4.20 kernel from 2002. "There are 579 high severity CVEs affecting this product." "That particular model last had its firmware updated in January 2016, one of the oldest firmwares in the study," adds Tom's Guide. "The Linksys WRT54GL was first released in 2005 and is still sold today, even though it handles Wi-Fi protocols only up to 802.11g. However, the WRT54G series is possibly the best-selling family of Wi-Fi routers ever..."

Read more of this story at Slashdot.

Categories: Linux fréttir

China's Great Firewall Descends On Hong Kong Internet Users

Slashdot - Thu, 2020-07-09 00:02
An anonymous reader quotes a report from The Guardian: At midnight on Tuesday, the Great Firewall of China, the vast apparatus that limits the country's internet, appeared to descend on Hong Kong. Unveiling expanded police powers as part of a contentious new national security law, the Hong Kong government enabled police to censor online speech and force internet service providers to hand over user information and shut down platforms. Many residents, already anxious since the law took effect last week, rushed to erase their digital footprint of any signs of dissent or support for the last year of protests. Charles Mok, a pro-democracy lawmaker who represents the technology sector, tweeted: "We are already behind the de facto firewall." "The law seems to be building up the Great Firewall locally in Hong Kong. Personal freedom on the internet will be eliminated," said Charles Low, the chairman of the Hong Kong chapter of the Internet Society. "If you say something wrong they can request the service provider to give your IP address or mobile number so they can grab you." Experts point out that China's Great Firewall -- which allows the government to inspect data as well as block IP addresses and domain names -- could not be immediately replicated in Hong Kong, home to several private internet service providers and internet exchanges. "It will take at least a few years to build up the wall," said Low, adding that what is more likely is a partial blackout, cutting off access to certain sites such as LIHKG or Telegram. "People are indeed kind of panicked and trying to install VPNs and have no idea what it can and cannot help," said Low, noting that volunteers have been holding workshops to teach residents how to use such tools and how to better protect themselves. "I have faith in Hong Kong people. They will not forget about the freedom we once had." "[T]he measures could go even further than in mainland China," adds The Guardian. "The law covers not only permanent residents and foreigners within Hong Kong, but anyone seen as violating the law, regardless of where they are in the world. The security law may also add to the Balkanisation of the internet, with countries having their own fenced-off versions, and major international tech companies will be under pressure not to contribute to that."

Read more of this story at Slashdot.

Categories: Linux fréttir

Civil-rights probe: Facebook has completely failed to… Zuck: Look over here! We’ve banned four groups! Go me!

TheRegister - Wed, 2020-07-08 23:46
Report slams antisocial network's 'vexing and heartbreaking decisions'

Facebook on Wednesday published an independent-ish report by civil-rights experts into how it deals with misinformation and hate speech on its platform. The dossier wasn't exactly flattering, and the antisocial network immediately tried to undercut it with an announcement about how it had banned four groups from its site.…

Categories: Linux fréttir

Nvidia Eclipses Intel As Most Valuable US Chipmaker

Slashdot - Wed, 2020-07-08 23:20
Nvidia has overtaken Intel for the first time as the most valuable U.S. chipmaker. Reuters reports: In a semiconductor industry milestone, Nvidia's shares rose 2.3% in afternoon trading on Wednesday to a record $404, putting the graphic component maker's market capitalization at $248 billion, just above the $246 billion value of Intel, once the world's leading chipmaker. Nvidia's stock has been among Wall Street's strongest performers in recent years as it expanded from its core personal computer chip business into datacenters, automobiles and artificial intelligence. Intel, which for decades has dominated in processors for PCs and servers, has struggled to diversify its business after making critical stumbles in the smartphone revolution. While Intel's stock has lost almost 3% in 2020, Nvidia's has surged 68%. Investors have been betting that the shift to working remotely because of the coronavirus pandemic will continue to fuel fast growth in Nvidia's datacenter business. [...] Despite Nvidia's meteoric stock rise, its sales remain a fraction of Intel's. Analysts on average see Nvidia's revenue rising 34% in its current fiscal year to $14.6 billion, while analysts expect Intel's 2020 revenue to increase 2.5% to $73.8 billion, according to Refinitiv.

Read more of this story at Slashdot.

Categories: Linux fréttir

Qualcomm Announces Snapdragon 865+: Breaking the 3GHz Threshold

Slashdot - Wed, 2020-07-08 22:40
Today, Qualcomm is announcing an update to its extremely successful Snapdragon 865 SoC: the new Snapdragon 865+. AnandTech reports: The new Snapdragon 865+ is a new binned variant of the [Snapdragon 865] with higher peak frequencies on the part of the "prime" CPU as well as the GPU, promising +10% performance on both aspects. Whilst in relative terms the new chipset's +10% clock improvement isn't all that earth-shattering, in absolute terms it finally allows the new Snapdragon 865+ to be the first mobile SoC to break past the 3GHz threshold, slightly exceeding that mark at a peak 3.1GHz frequency. Ever since the Cortex-A75 generation we've seen Arm make claims about their CPU microarchitectures achieving such high clock frequencies -- however in all those years actual silicon products by vendors never really managed to quite get that close in commercial mass-production designs. We've had a chat with Qualcomm's SVP and GM of mobile business Alex Katouzian, about how Qualcomm achieved this, and fundamentally it's a combination of aggressive physical design of the product as well as improving manufacturing yields during the product's lifecycle. Katouzian explained that they would have been able to achieve these frequencies on the vanilla Snapdragon 865 -- but they would have had a lower quantity of products being able to meet this mark due to manufacturing variations. Yield improvements during the lifecycle of the Snapdragon 865 means that the company is able to offer this higher frequency variant now. [...] There will be a power increase to reach the higher frequencies, however this will only be linear with the increased clock speed, meaning energy efficiency of the new SoC will maintain the same excellent levels of that of the Snapdragon 865, so battery life will not be affected. [...] Amongst other new novelties of the Snapdragon 865+ platform is the ability for vendors to bundle with the new FastConnect 6900 Wi-Fi chips from Qualcomm, the company's new Wi-Fi 6 chipsets with 6GHz band capability (Wi-Fi 6E).

Read more of this story at Slashdot.

Categories: Linux fréttir

Microsoft sues coronavirus phishing spammers to seize their domains amid web app attacks against Office 354.5

TheRegister - Wed, 2020-07-08 22:07
A very busy six months for Redmond's Digital Crimes Unit

Microsoft has taken legal action to seize web domains being used to launch coronavirus-themed phishing attacks.…

Categories: Linux fréttir

Google Open Sources Trademarks With the Open Usage Commons

Slashdot - Wed, 2020-07-08 22:02
An anonymous reader quotes a report from ZDNet: Google has announced it is launching a new organization, Open Usage Commons (OUC), to host the trademarks for three of its most important new open-source projects. These are Angular, a web application framework for mobile and desktop; Gerrit, a web-based team code-collaboration tool; and Istio, a popular open mesh platform to connect, manage, and secure microservices. While it only covers three Google projects, for now, OUC is meant to give open-source projects a neutral, independent home for their project trademarks. The organization will also assist with conformance testing, establishing mark usage guidelines, and handling trademark usage issues. The organization will not provide services that are outside the realm of usage, such as technical mentorship, community management, project events, or project marketing. "Having an entity like this does make some sense for a certain number of use cases," says Andrew "Andy" Updegrove, open-source standards and patent expert and founding partner of top-technology law firm Gesmer Updegrove. "The most obvious one is an unincorporated OSS project. An amorphous group of individuals can't own a trademark efficiently, so there's no way to protect the project name unless they agree on a singular owner. There are many cases where an individual member has owned a project mark, and that has often led to downstream problems. So simply having a neutral owner is a community good without going any farther than that." Updegrove also said noted trademarks have usually been achieved by a project "approaching a host, like The Apache Foundation or Linux Foundation and asking them to take over as host. But that usually requires taking the project under the umbrella, and subject to the rules, of that foundation." Updegrove wonders if there's "more to the story than meets the eye." He notes there is one important difference by only handing over the trademarks: "A project that is primarily important to a single vendor and primarily staffed and controlled by developers employed by that employer can continue to exercise effective control while avoiding the market suspicion that might arise if the vendor owned the mark." He suspects Google is doing this "to up the credibility of some of its projects [to the open-source community] while not taking the more extreme step of turning the project over to a foundation in connection with which a new and more independent governance structure is put in place."

Read more of this story at Slashdot.

Categories: Linux fréttir

Google Scrapped Cloud Initiative in China, 'Sensitive Markets'

Slashdot - Wed, 2020-07-08 21:25
Google abandoned plans to offer a major new cloud service in China and other politically sensitive countries due in part to concerns over geopolitical tensions and the pandemic, Blloomberg reported Wednesday, citing two employees familiar with the matter, revealing the challenges for U.S. tech giants to secure business in those markets. From a report: In May, the search giant shut down the initiative, known as "Isolated Region" and which sought to address nations' desires to control data within their borders, the employees said. The action was considered a "massive strategy shift," according to one of the employees, who said Isolated Region had involved hundreds of employees scattered around the world. Alphabet's Google is pouring money into cloud computing, part of a broader effort to find new sources of growth beyond search advertising. Google Cloud generated $8.9 billion in revenue in 2019 -- a 53% increase over the previous year -- as it has pushed into sectors such as finance and government that require special security clearance and features that shield confidential data. Rivals Microsoft and Amazon.com already offer these capabilities via their cloud units. Google's recent decision to nix the Isolated Region project was made partly because of global political divisions, which were exacerbated by the Covid-19 pandemic, according to the two employees, who requested anonymity because the project hasn't previously been made public. The initiative would have allowed Google to set up cloud services controlled by a third party, such as a locally owned company or a government agency. The result would be a business sequestered from Google's existing cloud computing services, which include data centers and computer networks. In January 2019, amid growing tensions between the U.S. and China, Google decided to pause its plans for Isolated Region in China and instead began to prioritize potential customers in Europe, the Middle East and Africa, according to the two employees.

Read more of this story at Slashdot.

Categories: Linux fréttir

Keep it Together, Microsoft: New mode for vid-chat app Teams reminds everyone why Zoom rules the roost

TheRegister - Wed, 2020-07-08 20:54
If you have to play by Redmond's strict rules, people are likely to go elsewhere

Video In an attempt to regain market share from Zoom in the pandemic-driven world of video conferencing, Microsoft today launched a “Together” mode for its Teams software.…

Categories: Linux fréttir

Robinhood Has Lured Young Traders, Sometimes With Devastating Results

Slashdot - Wed, 2020-07-08 20:45
Robinhood users buy and sell the riskiest financial products and do so more frequently than customers at other retail brokerage firms, but their inexperience can lead to staggering losses. From a report: Richard Dobatse, a Navy medic in San Diego, dabbled infrequently in stock trading. But his behavior changed in 2017 when he signed up for Robinhood, a trading app that made buying and selling stocks simple and seemingly free. Mr. Dobatse, now 32, said he had been charmed by Robinhood's one-click trading, easy access to complex investment products, and features like falling confetti and emoji-filled phone notifications that made it feel like a game. After funding his account with $15,000 in credit card advances, he began spending more time on the app. As he repeatedly lost money, Mr. Dobatse took out two $30,000 home equity loans so he could buy and sell more speculative stocks and options, hoping to pay off his debts. His account value shot above $1 million this year -- but almost all of that recently disappeared. This week, his balance was $6,956. "When he is doing his trading, he won't want to eat," said his wife, Tashika Dobatse, with whom he has three children. "He would have nightmares." Millions of young Americans have begun investing in recent years through Robinhood, which was founded in 2013 with a sales pitch of no trading fees or account minimums. The ease of trading has turned it into a cultural phenomenon and a Silicon Valley darling, with the start-up climbing to an $8.3 billion valuation. It has been one of the tech industry's biggest growth stories in the recent market turmoil. But at least part of Robinhood's success appears to have been built on a Silicon Valley playbook of behavioral nudges and push notifications, which has drawn inexperienced investors into the riskiest trading, according to an analysis of industry data and legal filings, as well as interviews with nine current and former Robinhood employees and more than a dozen customers. And the more that customers engaged in such behavior, the better it was for the company, the data shows. More than at any other retail brokerage firm, Robinhood's users trade the riskiest products and at the fastest pace, according to an analysis of new filings from nine brokerage firms by the research firm Alphacution for The New York Times.

Read more of this story at Slashdot.

Categories: Linux fréttir

Google forges Open Usage Commons to manage open-source project trademarks, lobs hot-potato Istio at it

TheRegister - Wed, 2020-07-08 20:12
Marks for Angular and Gerrit also handled by org designed to provide 'guidance' to industry

Google says it has set up an organisation to provide guidance and advice on handling and protecting trademarks belonging to open-source projects.…

Categories: Linux fréttir

Thousands of Contracts Highlight Quiet Ties Between Big Tech and US Military

Slashdot - Wed, 2020-07-08 20:05
Over the past two years, thousands of tech company employees have taken a stand: they do not want their labor and technical expertise to be used for projects with the military or law enforcement agencies. Knowledge of such contracts, however, hasn't been easy for tech workers to come by. From a report: On Wednesday, newly published research from the technology accountability nonprofit Tech Inquiry revealed that the Department of Defense and federal law enforcement agencies including Immigration and Customs Enforcement, the FBI, the Drug Enforcement Agency and the Federal Bureau of Prisons, have secured thousands of deals with Google, Amazon, Microsoft, Dell, IBM, Hewlett Packard and even Facebook that have not been previously reported. The report offers a new window into the relationship between tech companies and the U.S. government, as well as an important detail about why such contracts are often difficult to find. Tech Inquiry's research was led by Jack Poulson, a former Google research scientist who quit the company in 2018 after months of internal campaigning to get clarity about plans to deploy a censored version of its search engine in China called Project Dragonfly. Poulson has publicly opposed collaborations between American technology companies and the U.S. and foreign governments that aid in efforts to track immigrants, dissenters, and bolster military activity. Poulson analyzed more than 30 million government contracts signed or modified in the past five years. The Department of Defense and federal law enforcement agencies accounted for the largest share of those contracts, with tech companies accounting for a fraction of the total number of contracts.

Read more of this story at Slashdot.

Categories: Linux fréttir

Warning of Serious Brain Disorders in People With Mild Coronavirus Symptoms

Slashdot - Wed, 2020-07-08 19:24
Doctors may be missing signs of serious and potentially fatal brain disorders triggered by coronavirus, as they emerge in mildly affected or recovering patients, scientists have warned. From a report: Neurologists are on Wednesday publishing details of more than 40 UK Covid-19 patients whose complications ranged from brain inflammation and delirium to nerve damage and stroke. In some cases, the neurological problem was the patient's first and main symptom. The cases, published in the journal Brain, revealed a rise in a life-threatening condition called acute disseminated encephalomyelitis (Adem), as the first wave of infections swept through Britain. At UCL's Institute of Neurology, Adem cases rose from one a month before the pandemic to two or three per week in April and May. One woman, who was 59, died of the complication. A dozen patients had inflammation of the central nervous system, 10 had brain disease with delirium or psychosis, eight had strokes and a further eight had peripheral nerve problems, mostly diagnosed as Guillain-Barre syndrome, an immune reaction that attacks the nerves and causes paralysis. It is fatal in 5% of cases.

Read more of this story at Slashdot.

Categories: Linux fréttir

Oracle tempts users to run its cloud in their own data centres – for a mere '$6 million' commitment

TheRegister - Wed, 2020-07-08 19:00
Not for your titchy workloads, Reg sources say

Oracle's new on-premises cloud product has prompted concern among commentators, who've said it requires a strong financial commitment and could shift customers to higher cost deals.…

Categories: Linux fréttir

Too Little, Too Late: Facebook's Oversight Board Won't Launch Until 'Late Fall'

Slashdot - Wed, 2020-07-08 18:46
Facebook has announced that the limp "Oversight Board" intended to help make difficult content and policy decisions will not launch until "late fall," which is to say, almost certainly after the election. You know, the election everyone is worried Facebook's inability to police itself will serious affect. From a report: On Twitter, the board explained that as much as it would like to "officially begin our task of providing independent oversight of Facebook's content decisions," it regrets that it will be unable to do so for some time. "Our focus is on building a strong institution that will deliver concrete results over the long term." That sounds well enough, but for many, the entire point of creating the oversight board -- which has been in the offing since late 2018 -- was to equip Facebook for the coming presidential election, which promises to be something of a hot one.

Read more of this story at Slashdot.

Categories: Linux fréttir

Mozilla Suspends Firefox Send Service While It Addresses Malware Abuse

Slashdot - Wed, 2020-07-08 18:01
An anonymous reader writes: Mozilla has temporarily suspended the Firefox Send file-sharing service as the organization investigates reports of abuse from malware operators and while it adds a "Report abuse" button. The browser maker took down the service today after ZDNet reached out to inquire about Firefox Send's increasing prevalence in current malware operations. Since last year, several malware operations have hosted payloads on the service. This includes ransomware gangs like REvil/Sodinokibi, financial crime crews like FIN7, the Zloader and Ursnif banking trojans operations, and government surveillance groups targeting human rights defenders. Reasons include the fact that Firefox Send doesn't have an Report Abuse mechanism, all file uploads are encrypted (useful to dodge malware scanners), and the Firefox URL is whitelisted in most orgs (useful for bypassing email filters).

Read more of this story at Slashdot.

Categories: Linux fréttir

One surefire way to get the boss's attention on network security is to get hacked. But there must be a better way?

TheRegister - Wed, 2020-07-08 18:00
And there is – check out our latest survey findings

Reader survey With anyone who can work from home actually doing so during the pandemic, networking – and therefore network security – has become more business-critical than it was before.…

Categories: Linux fréttir

Criminals auction off stolen domain admin credentials for up to £95k. Your bank account details? Barely get £50

TheRegister - Wed, 2020-07-08 17:26
Dark web dwellers can pick and choose from billions - billions - of logins

Stolen domain admin login credentials can be resold by dark web criminals for up to £95,000 and a total of 15 billion purloined credentials are traded on illicit marketplaces.…

Categories: Linux fréttir

Google and Canonical Bring Flutter Apps To Linux and the Snap Store

Slashdot - Wed, 2020-07-08 17:24
An anonymous reader writes: Google is partnering with the Ubuntu Desktop team at Canonical to bring Linux support to its open source UI framework Flutter. Today's Linux alpha announcement also means Flutter developers can now deploy their apps to the Snap Store. Flutter group product manager Tim Sneath argues this is a big milestone because UI frameworks rarely become versatile and powerful enough for an operating system to depend on. He pointed to Windows being written in C++ rather than .NET, even for applets like the Calculator. Sneath also believes this shows Canonical is willing to invest in a first-class way to build apps for Linux, making Flutter on Linux an official part of Ubuntu. Additionally, enterprises can feel confident about picking Flutter -- it's more evidence of its longevity and technical excellence, Sneath said.

Read more of this story at Slashdot.

Categories: Linux fréttir

MIT and Harvard Sue DHS and ICE Over International Student Rule

Slashdot - Wed, 2020-07-08 16:47
Shag writes: Two days after US Immigration and Customs Enforcement (ICE) said international students must leave the US if their fall classes will be taught entirely online, MIT and Harvard are suing ICE and the Department of Homeland Security. "ICE is unable to offer the most basic answers about how its policy will be interpreted or implemented," said former international student L. Rafael Reif, President of MIT. Massachusetts' state Attorney General has announced that her office will also challenge the ruling in court. Of course, MIT also develops various technologies for DHS.

Read more of this story at Slashdot.

Categories: Linux fréttir

Pages

Subscribe to netserv.is aggregator - Linux fréttir