Linux fréttir

Apple’s created a face shield for health workers and resisted the temptation to call it the 'iMask'

TheRegister - Wed, 2020-04-08 07:39
20 million of them coming soon as supply chain muscles flexed

Apple has designed a face shield to help health workers stay safer when working around the novel coronavirus.…

Categories: Linux fréttir

Please, just stop downloading apps from unofficial stores: Android users hit with 'unkillable malware'

TheRegister - Wed, 2020-04-08 07:04
Picked up xHelper 'matryoshka' trojan? Best to just nuke the site from orbit

An Android malware package likened to a Russian matryoshka nesting doll has security researchers raising the alarm, since it appears it's almost impossible to get rid of.…

Categories: Linux fréttir

NASA Astronaut's Estranged Wife Charged With Lying About Space Crime Allegation

Slashdot - Wed, 2020-04-08 07:00
Last August, Slashdot reader bobstreo tipped us off to an interesting story where an astronaut accessed the bank account of her estranged spouse from the International Space Station, in what may have been the first allegation of a crime committed in space. We have now learned that the spouse has been indicted on charges of lying to federal authorities. USA Today reports: Summer Worden, 44, made false statements to NASA's Office of the Inspector General and the Federal Trade Commission, according a statement from U.S. Attorney Ryan Patrick. A federal jury in Houston returned the two-count indictment in late February, but it was unsealed Monday. Worden married Anne McClain, a decorated astronaut who was once set to be part of NASA's first all-female spacewalk, in 2014 and filed for divorce in 2018. In 2019, Worden filed a complaint with the Federal Trade Commission claiming McClain had stolen her identity while on a six-month mission aboard the International Space Station, although she saw no signs anyone had moved or used funds in the account, The New York Times reported. Worden's parents brought a separate complaint to NASA's Office of the Inspector General that described a "highly calculated and manipulative campaign" designed to win custody of the couple's child. Through her lawyer, Rusty Hardin, McClain told The Times she had accessed the account but said she did so to ensure that the family's finances were in order and that there was enough money in the account to care for their child, who was born a year before they met. She said she was never told to stop using the account and continued to use the same password she had throughout the relationship. The indictment says Worden maintained multiple accounts at USAA Federal Savings Bank and she shared access to those accounts "with a commissioned officer in the U.S. Army on detail to NASA's Johnson Space Center." She lied about when she opened the account that had allegedly been improperly accessed and when she reset her login credentials in a complaint filed with the FTC in March 19, 2019, according to the indictment. Worden also allegedly made another false statement in an interview with NASA's Office of the Inspector General in July. If Worden is convicted, she could face up to five years in prison on each count and a maximum fine of $250,000. She is expected to make an initial court appearance April 13.

Read more of this story at Slashdot.

Categories: Linux fréttir

First it was toilet paper. Then pasta. Now Broadcom suspects hoarders are behind its surprisingly good-looking Q2 sales

TheRegister - Wed, 2020-04-08 05:56
But warns things probably aren’t great long term, which HPE has just done too

Broadcom has told investors that its second quarter looks good, for reasons that may well be bad news in the longer term.…

Categories: Linux fréttir

China and Taiwan aren't great friends. Zoom sends chats through China. So Taiwan’s banned Zoom

TheRegister - Wed, 2020-04-08 04:34
Government and local business told to buy local, but slum it with Google or Microsoft if you must

A parliamentary order issued yesterday says the nation’s Department of Cyber Security (DCS) has decided that when government agencies, and some private entities, use videoconferencing: “The underlying video software to be used should not have associated security or privacy concerns, such as the Zoom video communication service.”…

Categories: Linux fréttir

Easy-To-Pick 'Smart' Locks Gush Personal Data, FTC Finds

Slashdot - Wed, 2020-04-08 03:30
An anonymous reader quotes a report from Ars Technica: A padlock -- whether it uses a combination, a key, or "smart" tech -- has exactly one job: to keep your stuff safe so other people can't get it. Tapplock, Inc., based in Canada, produces such a product. The company's locks unlock with a fingerprint or an app connected by Bluetooth to your phone. Unfortunately, the Federal Trade Commission said, the locks are full of both digital and physical vulnerabilities that leave users' stuff, and data, at risk. The FTC's complaint (PDF) against Tapplock, released Monday, basically alleges that the company misrepresented itself, because it marketed its products as secure and tested when they were neither. A product -- any product -- simply being kind of crappy doesn't necessarily fall under the FTC's purview. Saying untrue things about your product in your advertisement or privacy policy, however, will make the commission very unhappy with you indeed. The lock may be built with "7mm reinforced stainless steel shackles, strengthened by double-layered lock design with anti-shim and anti-pry technologies," as Tapplock's website promises, but according to the FTC, perhaps it should have considered anti-screwdriver technologies. As it turns out, a researcher was able to unlock the lock "within a matter of seconds" by unscrewing the back panel. Oops. The complaint also pointed to several "reasonably foreseeable" software vulnerabilities that the FTC alleges Tapplock could have avoided if the company "had implemented simple, low-cost steps." One vulnerability security researchers identified allowed a user to bypass the account authentication process entirely in order to gain full access to the account of literally any Tapplock user, including their personal information. And how could this happen? "A researcher who logged in with a valid user credential could then access another user's account without being re-directed back to the login page, thereby allowing the researcher to circumvent Respondent's authentication procedures altogether," the complaint explains. A second vulnerability allowed researchers the ability to access and unlock any lock they could get close enough to with a working Bluetooth connection. That's because Tapplock "failed to encrypt the Bluetooth communication between the lock and the app," leaving the data wide open for the researchers to discover and replicate. The third vulnerability outlined in the complaint also has to do with a failure to secure communication data. That app that allows "unlimited" connections? The primary owner can of course add and revoke authorized users from the lock. But someone whose access was revoked could still access the lock because the vulnerability allowed for sniffing out the relevant data packets. As part of the settlement, the FTC is requiring Tapplock to create a security program for its products. "That program is required to include training for employees; timely disclosure of 'covered incidents,' including both loss of personal information and also unauthorized access to systems; actual penetration testing of the network; and several other elements, including annual review," reports Ars Technica.

Read more of this story at Slashdot.

Categories: Linux fréttir

Verizon Is Cancelling Home Internet Installations During the Pandemic

Slashdot - Wed, 2020-04-08 02:03
According to The Verge, Verizon is canceling scheduled appointments for internet installation and repairs, "[leaving] Fios subscribers without wired internet at a time when they're likely relying on it for work and to see friends and family during the COVID-19 pandemic." From the report: "We are minimizing our in-home installation work to critical needs to keep our employees and customers safe and to reduce the spread of COVID-19," Verizon says in a support document. "To reduce the spread of COVID-19 and keep our employees and customers safe, we are making every attempt to perform work without going into homes or small businesses and are limiting in-home installs to medical emergencies and critical installations," Verizon tells The Verge in a statement. Self-install options are also available for "qualified service orders," the company added. However, Verizon actually changed the language in the support document sometime on Tuesday morning, according to Business Insider. Previously, the site said that "our technicians will not be able to enter your home or business to install new services or to do repair work." Here is the previous language, from a version of the page archived on Monday: "As a result of COVID-19, we are taking precautions to keep our employees and customers safe. At this time, our technicians will not be able to enter your home or business to install new services or to do repair work. Qualified orders will be provided self-install options, or you may proceed with placing an order for a technician-required installation and it will be held for future appointment priority. You will receive notification to select an installation date when we resume operations."

Read more of this story at Slashdot.

Categories: Linux fréttir

Who's essential right now? Medicos, of course. Food producers, natch. And in Singapore social media workers have made the list

TheRegister - Wed, 2020-04-08 01:57
The spicy memes must flow even under new ‘circuit breaker’ corona-crackdown

Singapore has explicitly singled out social media workers as essential contributors to the city state’s economy as it goes into a new phase of coronavirus-crimping precautions.…

Categories: Linux fréttir

Netflix Tightens Its Parental Controls for Cooped-Up Kids

Slashdot - Wed, 2020-04-08 01:25
Netflix is strengthening parental controls, offering more tools to limit what kids can watch on the world's most popular paid streaming service. From a report: Parents can now filter out titles they deem inappropriate and protect individual profiles with a PIN so kids can't use them, the company said Tuesday. These changes take effect for customers in all 190 countries where the streaming service is available.

Read more of this story at Slashdot.

Categories: Linux fréttir

Taiwan Tells Agencies Not To Use Zoom On Security Grounds

Slashdot - Wed, 2020-04-08 00:45
Taiwan's cabinet has told government agencies to stop using the Zoom conferencing app due to privacy and security woes. Reuters reports: Zoom's daily users ballooned to more than 200 million in March, as coronavirus-induced shutdowns forced employees to work from home and schools switched to the company's free app for conducting and coordinating online classes. However, the company is facing a backlash from users worried about the lack of end-to-end encryption of meeting sessions and "zoombombing," where uninvited guests crash into meetings. If government agencies must hold video conferencing, they "should not use products with security concerns, like Zoom," Taiwan's cabinet said in a statement on Tuesday. It did not elaborate on what the security concerns were. The island's education ministry later said it was banning the use of Zoom in schools. Taiwan would be the first government formally advising against use of Zoom, although some U.S. schools districts are looking at putting limits on its use after an FBI warning last month. Taiwan's cabinet said domestically-made conferencing apps were preferred, but if needed products from Google and Microsoft could also be considered.

Read more of this story at Slashdot.

Categories: Linux fréttir

It's a 'Cold War Every Day' Inside Apple's IS&T Group

Slashdot - Wed, 2020-04-08 00:02
An anonymous reader shares an excerpt from a report via BuzzFeed News: A group inside Apple called Information Systems & Technology, or IS&T, builds much of the company's internal technology tools -- from servers and data infrastructure to retail and corporate sales software -- and operates in a state of tumult. IS&T is made up largely of contractors hired by rival consulting companies, and its dysfunction has led to a rolling state of war. "It's a huge contractor org that handles a crazy amount of infrastructure for the company," one ex-employee who worked closely with IS&T told me. "That whole organization is a Game of Thrones nightmare." Interviews with multiple former IS&T employees and its internal clients paint a picture of a division in turmoil, where infighting regularly prevents the creation of useful software, and whose contract workers are treated as disposable parts. "There's a Cold War going on every single day," Archana Sabapathy, a former IS&T contractor who did two stints in the division, told me. Sabapathy's first stint at IS&T lasted more than three years, the second only a day. Inside the division, she said, contracting companies such as Wipro, Infosys, and Accenture are constantly fighting to fill roles and win projects, which are handed out largely on the basis of how cheaply they can staff up to Apple's needs. "They're just fighting for the roles," Sabapathy told me. "That's all they care about, not the work, not the deliverables, the effort they put in, or even talent. They're not looking for any of those aspects." IS&T is thus filled with vendor tribalism, where loyalty to one's contracting company trumps all. "Making a friendship is -- like you wouldn't even think about that," Sabapathy told me, speaking of cross-vendor relationships. "It's not the traditional American way of working anymore. You build relationships when you come to work because you spend most of your time here -- that's not there." "Sabapathy told [BuzzFeed's Alex Kantrowitz] Apple employees' expectations for their IS&T contractors were unrealistic given that they saw the sum total they were paying the consulting companies ($150 to $120 an hour, she said) but the contractors themselves were making much less ($40 to $55 an hour) after the companies took their cut," writes Kantrowitz. "The approach leaves Apple with lesser contractors but the same high demands, a recipe for disappointment." In closing, Kantrowitz suggests if Apple wants to become inventive again, "it will need to give its employees more time to develop new ideas." He adds: "IS&T could therefore become a division of strength at Apple one day, building tools that minimize work that supports existing products while making room for those ideas. But until Apple gives the division a hard look, its employees will be stuck spending their time reworking broken internal software, and wishing they were inventing instead."

Read more of this story at Slashdot.

Categories: Linux fréttir

White House creates 'Team Telecom' to probe whether foreign telcos should be allowed near US networks

TheRegister - Tue, 2020-04-07 23:23
Speedier license applications possible, uncertainty remains for many

The White House has issued an executive order establishing a committee to help the Federal Communications Commission review the participation of foreign companies in US telecommunication services.…

Categories: Linux fréttir

Trump Threatens To Withhold Funding For World Health Organization

Slashdot - Tue, 2020-04-07 23:20
What better way to celebrate World Health Day than by threatening to withhold funding for the World Health Organization. That's exactly what President Trump said he was considering today at Tuesday's coronavirus press briefing. The New York Times reports: "We're going to put a hold on money spent to the W.H.O.; we're going to put a very powerful hold on it and we're going to see," Mr. Trump said, accusing the organization of having not been aggressive enough in confronting the dangers from the virus. "They called it wrong. They call it wrong. They really they missed the call." Mr. Trump appeared to be particularly angry at the W.H.O. for issuing a statement saying it did not support his decision on Jan. 31 to restrict some travel from China because of the virus. At the time, the group issued a statement saying that "restricting the movement of people and goods during public health emergencies is ineffective in most situations and may divert resources from other interventions." "Don't close your borders to China, don't do this," Mr. Trump said, paraphrasing the group and accusing the organization of "not seeing" the outbreak when it started in Wuhan, China. "They didn't see it, how do you not see it? They didn't see it. They didn't report it. If they did see it, they must have seen it, but they didn't report." In fact, the W.H.O. repeatedly issued statements about the emergence of the virus in China and its movement around the world. The budget for the W.H.O. is about $5 billion and comes from member countries around the world. "In 2017, the last year for which figures were available, the United States was required to spend $111 million based on the organization's rules, but sent an additional $401 million in voluntary contributions," reports The New York Times. Trump said his government will investigate the organization and that "we will look at ending funding." It's unclear if he's planning to eliminate all funding, or only some.

Read more of this story at Slashdot.

Categories: Linux fréttir

WeWork Sues SoftBank In Intensifying Crisis Over Canceled $3 Billion Tender Offer

Slashdot - Tue, 2020-04-07 22:40
Just days after SoftBank announced that it would not consummate its $3 billion tender offer for WeWork shares that would have bought out some of the equity held by the company's co-founder Adam Neumann along with venture capital firms like Benchmark and many individual company employees, the company is now retaliating, suing SoftBank over alleged breach of contract and breach of fiduciary duty. TechCrunch reports: In a press statement this morning, the Special Committee of WeWork's board said that it "regrets the fact that SoftBank continues to put its own interests ahead of those of WeWork's minority stockholders." WeWork's Special Committee argues that SoftBank already received the benefits of the contract it signed last year, which included board control provisions. It's demanding that SoftBank either complete the transaction, or offer cash to cover damages related to its scuttling of the deal. Under the terms of the tender offer proposed in November last year, SoftBank would buy upwards of $3 billion in shares from existing shareholders with the transaction closing at the beginning of April. As part of the terms of that contract, the co-working company and SoftBank agreed to a set of performance milestones that WeWork agreed to meet in exchange for the secondary liquidity. Such terms are customary in most financial transactions. SoftBank in its statement last week said that WeWork failed to meet a number of those performance requirements, and said that it was within its rights under the tender offer contract to walk away from the deal. WeWork's financials have been rocked by the global pandemic of novel coronavirus, which has seen the company's co-working facilities mostly closed worldwide as part of public health mandates for social distancing. Given the disagreement between the parties, a lawsuit was all but inevitable.

Read more of this story at Slashdot.

Categories: Linux fréttir

Something something DANE cook: Microsoft pledges to wrap its email systems in secure anti-snooping protocol

TheRegister - Tue, 2020-04-07 22:17
Office 365 will finally get DNSSEC-based protection later this year

Microsoft will add DNSSEC and DNS-based Authentication of Named Entities (DANE) to its email systems by the end of the year, the software giant has announced. That'll be a big thumbs up for the pair of internet security technologies.…

Categories: Linux fréttir

Twitter CEO Jack Dorsey Sets Aside $1 Billion In Square Equity For Coronavirus Relief

Slashdot - Tue, 2020-04-07 22:03
An anonymous reader quotes a report from CNBC: Square and Twitter CEO Jack Dorsey said Tuesday he will set aside $1 billion in his Square equity to support relief efforts for COVID-19 and other causes once the pandemic is over. In a series of tweets, Dorsey said that after the pandemic is over, he will dedicate the money to causes like universal basic income (UBI) and girls' health and education. He said he's pulling the shares from his stake in Square instead of Twitter because he own more stock in the Square. Dorsey said he'll cash in the shares over time. "The impact this money will have should benefit both companies over the long-term because it's helping the people we want to serve," Dorsey said on Twitter. Dorsey said that he wants to see the impact of his donation during his lifetime, and that "the needs are increasingly urgent." He also said he hopes it will inspire others to "do something similar." Dorsey also tweeted a link to a public Google Doc where people can track which organizations the fund's money will go to. Dorsey isn't the only technologist to support relief efforts for COVID-19. Yesterday, Microsoft co-founder Bill Gates said his foundation will spend billions of dollars on coronavirus vaccine development. Amazon's Jeff Bezos said he's donating $100 million to U.S. food banks. And Facebook CEO Mark Zuckerberg and his wife Priscilla Chan donated $25 million toward creating treatments for coronavirus through their philanthropic organization.

Read more of this story at Slashdot.

Categories: Linux fréttir

PS5's Controller, the DualSense, Revealed

Slashdot - Tue, 2020-04-07 21:25
Sony has revealed the DualSense, PlayStation 5's new controller that will "bring a sense of touch to PS5 gameplay." IGN reports: Announced on PlayStation.Blog, the DualSense will keep "much of what gamers love about DualShock 4 intact, while also adding new functionality and refining the design." Touch was a big inspiration when designing the DualSense, and haptic feedback is one of the ways this new controller will help bring PS5 games to life. Sony mentions that this feedback will add " a variety of powerful sensations you'll feel when you play, such as the slow grittiness of driving a car through mud." Adaptive triggers have also been incorporated to the L2 and R2 buttons, which will help players "feel the tension of your actions, like when drawing a bow to shoot an arrow." The angle of the hand triggers were changed and some subtle updates were made to the grip. One thing that will be missing from the DualSense is the "Share" button that was featured on the DualShock 4. Sharing from the controller is not gone, but that previous button was replaced by the new "Create" button. Sony promises more details will be revealed on this change as we get closer to PlayStation 5's launch. DualSense will also have a built-in microphone array that will allow players to easily chat with friends, even for those who don't own a headset. As for the controller's color, it is a bit of a non-traditional design as far as PlayStation is concerned. Usually, PlayStation controllers have a single color, but the DualSense has a two-toned design to make it stand apart. Additionally, the position of the light bar, which will be returning, was moved to "give it an extra pop." Now, the light bar sits on either side of the touch pad, as opposed to the top of the controller. Here's a picture of the front of the controller:

Read more of this story at Slashdot.

Categories: Linux fréttir

WeWork sues SoftBank over 'AWOL' $3bn shares purchase – which included millions lined up for ousted CEO Neumann

TheRegister - Tue, 2020-04-07 21:07
Japanese giant defends decision, says trendy office rental biz didn't meet its terms

WeWork sued SoftBank on Tuesday after the Tokyo-based holding company nixed its plan to purchase $3bn in shares of the struggling office-leasing biz from existing shareholders.…

Categories: Linux fréttir

Samsung's Galaxy S7 line has had a good run with four years of security updates – but you'll want to trade yours in now

TheRegister - Tue, 2020-04-07 21:02
iPhone 6S killer is no longer supported

Four years after it hit shelves, Samsung is discontinuing security updates for the venerable Samsung Galaxy S7 and S7 Edge phones.…

Categories: Linux fréttir

Google Backs Apple's SMS OTP Standard Proposal

Slashdot - Tue, 2020-04-07 20:45
Google is now backing a standard proposed by Apple engineers in January to create a default format for one-time passcodes (OTP) sent via SMS to users during the two-factor authentication (2FA) process. From a report: The standard, proposed by Apple engineers working on the Safari WebKit project, has now reached the status of official Web Platform Incubator Community Group (WICG) specification draft. "We've moved 'Origin-bound one-time codes delivered via SMS' to @wicg_, where we're working on a shared spec with our collaborators at Google. Please take a look! Updated explainer, and specification," wrote Apple's Ricky Mondello. The proposal aims to fix some issues with the current state of SMS 2FA/OTP codes, all of which have different formats, unique per the websites sending the codes.

Read more of this story at Slashdot.

Categories: Linux fréttir

Pages

Subscribe to netserv.is aggregator - Linux fréttir