Linux fréttir

And other tidbits from the realm of rocketry

Roundup NASA's Gateway edged a little closer to reality last week as the agency took another look at the James Webb Space Telescope's launch date and prepared for the arrival of the solid rocket motors for the SLS.…

You've just splashed the cash on a new Surface. Haven't you suffered enough?

Lurking within the epic patch dump offloaded on Windows 10 2004 users last night came the news that Surface Pro 7 and Surface Laptop 3 owners have been waiting for: fixes for glitches.…

So that's an 'F' for University Technical Colleges then?

UK.gov's spending watchdog has found the University Technical College (UTC) scheme introduced by David Cameron's coalition government in 2010 lacks student numbers, is deep in deficit and provides a poor education.…

'This is going to be a problem; we are not on top of this'

Interview Expiring root certificates will cause devices like smart TVs and refrigerators to fail in the next few years, security researcher Scott Helme has warned.…

Security and software development company Quarkslab played around with Google's new Fuchsia operating system, which could one day replace Android on smartphones and Chrome OS on laptops. The researchers "decided to give a quick look at Fuchsia, learn about its inner design, security properties, strengths and weaknesses, and find ways to attack it." Here's what they concluded: Fuchsia's micro kernel is called Zircon. It is written in C++. [...] Contrary to every other major OS, it appears rather difficult to target the Zircon kernel directly. A successful RCE (Remote Code Execution) on the world-facing parts of the system (USB, Bluetooth, network stack, etc) will only give you control over the targeted components, but they run in independent userland processes, not in the kernel. From a component, you then need to escalate privileges to the kernel using the limited number of syscalls you can access with the handles you have. Overall, it seems easier to target other components rather than the kernel, and to focus on components that you can talk to via IPC and that you know have interesting handles. Overall, Fuchsia exhibits interesting security properties compared to other OSes such as Android. A few days of vulnerability research allowed us to conclude that the common programming bugs found in other OSes can also be found in Fuchsia. However, while these bugs can often be considered as vulnerabilities in other OSes, they turn out to be uninteresting on Fuchsia, because their impact is, for the most part, mitigated by Fuchsia's security properties. We note however that these security properties do not -- and in fact, cannot -- hold in the lowest layers of the kernel related to virtualization, exception handling and scheduling, and that any bug here remains exploitable just like on any other OS. All the bugs we found were reported to Google, and are now fixed. Again, it is not clear where Fuchsia is heading, and whether it is just a research OS as Google claims or a real OS that is vowed to be used on future products. What's clear, though, is that it has the potential to significantly increase the difficulty for attackers to compromise devices.

Read more of this story at Slashdot.

Improved metadata management and easier compliance also required

The Scottish Police Authority is on the hunt for virtual data warehouse and data lake providers as part of a £6m tender intended to help the public body derive some value from the huge volumes of data it is sat on.…

Destination 'Preinst aborted'

Bork!Bork!Bork! Come join your friends at The Register on a train journey to Bork. Or at least one to destination Aborted.…

€400m for starters, after recent ban on 'untrustworthy' suppliers that sounded a lot like it was directed at Huawei

The German government has begun a fund to support locally brewed electronics as the country tries to reduce its reliance on imported kit.…

IBM's server revenue grew rather nicely, but Lenovo's in a more-shipments-less-revenue trap

Analyst firm IDC has published its assessment of the server and storage markets for 2020’s first quarter and the numbers are nasty.…

The Federal Communications Commission and other U.S. agencies have failed to properly oversee Chinese telecom companies that operate in the United States, according to a bipartisan Senate report released today. Ars Technica reports: After a year-long investigation, the staff report by the US Senate's Permanent Subcommittee on Investigations "found that the FCC and 'Team Telecom' -- an informal group comprised of officials from the Departments of Justice, Homeland Security, and Defenseâ"have failed to monitor these three Chinese government-owned carriers," a joint announcement by the subcommittee's Republican and Democratic leaders said. The three carriers the subcommittee referred to are China Telecom Americas (CTA), China Unicom Americas (CUA), and ComNet USA. The companies "operated in the U.S. for nearly 20 Years with little to no oversight from the federal government," the senators' announcement said. "The Chinese government engages in cyber and economic espionage efforts against the United States and may use telecommunications carriers operating in the United States to further these efforts," the report said. The report comes two months after the FCC stepped up its scrutiny of telecom companies controlled by the Chinese government. The FCC issued orders to China Telecom, China Unicom, ComNet, and ComNet owner Pacific Networks, directing them "to explain why the Commission should not start the process of revoking their domestic and international section authorizations enabling them to operate in the United States." But the FCC and other agencies had previously failed to exercise proper oversight of these companies, the Senate report said. The lack of oversight described in the report occurred during both Republican and Democratic administrations. "An FCC spokesman said the commission looks forward to reviewing the Senate report," according to a Reuters article today.

Read more of this story at Slashdot.

Maybe it's time to get it gone

GnuTLS, a widely used open source library implementing Transport Layer Security, last week fixed a bug that had been hiding in the code for almost two years that made resumed TLS 1.3 sessions vulnerable to attack.…

$8bn for all things innovative and economically restorative

Malaysia has decided to splash cash on tech as part of its post-pandemic economic stimulus plan.…

Are company naming consultants paid by the word?

Logowatch Rackspace has changed its name to “Rackspace Technology”.…

An anonymous reader quotes a report from Phys.Org: Our lungs, bones, blood vessels and other major organs are made up of cells, and one way our bodies keep us healthy is by using protein messengers known as ligands that bind to receptors on the surfaces of cells to regulate our biological processes. When those messages get garbled, it can make us ill with a host of different diseases. Now a team led by Stanford bioengineer and department chair Jennifer Cochran has tweaked one ligand in slightly different ways to produce two startlingly different results. One set of alterations caused neuronal cells to regenerate, while different tweaks to the same protein inhibited lung tumor growth. The experiments her team described in the Proceedings of the National Academy of Sciences were performed on rat and human cells or in mice that model actual diseases and are still far from being tested in humans. But the results show how scientists are becoming increasingly adept at tinkering with the body's protein-based control mechanisms to help vital organs heal themselves.

Read more of this story at Slashdot.

The inner machinations of my mind are an enigma

A novel adversarial attack that can jam machine-learning systems with dodgy inputs to increase processing time and cause mischief or even physical harm has been mooted.…

Commonwealth countries are to gain free access to satellite technology that will help them monitor and protect their endangered coral reefs from threats such as climate breakdown, overfishing and pollution. The Guardian reports: Commonwealth countries hold nearly half of the world's remaining tropical coral reefs, with 47 out of the 54 member countries having a coastline. Nearly half of them are islands or groups of islands, which face particular threats from the climate crisis, and for whom coral reefs are often vital protections against storms as well as fish nurseries and tourist attractions. Nearly all the reefs are at risk of extinction in the coming decades as the climate crisis takes hold, and nearly half of the world's reefs have already been destroyed or badly damaged in the last 30 years owing to changes in the climate, overfishing, pollution and other exploitation. About 250 million people are directly dependent on coral reefs for their livelihoods. The technology will use high-resolution satellite images and data analyses to allow marine scientists, government officials and policymakers to monitor the health of coral reefs and take the action needed to protect them. Software will be provided to countries free through the Commonwealth's partnership with Vulcan Inc, a US-based group founded by Microsoft co-founder and philanthropist Paul Allen, and a new interactive coral reef map will be hosted online at the Commonwealth Innovation Hub.

Read more of this story at Slashdot.

Google is rolling out AI-powered noise cancellation in Google Meet. It's coming to the web first, with iOS and Android following later. The Verge reports: A video produced by VentureBeat shows the software in action, with G Suite's director of product management Serge Lachapelle demonstrating how it can pretty seamlessly remove the sound of crackling crisp packets, clicking pens, or glass clinking. Google's announcement said the tech will also work on dogs barking or the clicking of a keyboard. VentureBeat reports that Google has been working on the feature for around a year and a half, using thousands of its own meetings to train its AI model. YouTube clips of lots of people talking were also used by the team. However, Lachapelle was keen to emphasize that although the feature will improve over time, the company will not directly use external meetings to train it. Instead, it will use customer support channels to try to identify where the software might be going wrong. Google says the processing happens via the cloud and that the data is encrypted during transport. It's also enabled by default, but can be turned off from the audio menu in the settings.

Read more of this story at Slashdot.

Hyperscalers spar in non-compete, NDA spat

Amazon has kicked off a legal challenge to prevent a former AWS product marketing veep from taking a senior role at rival Google Cloud.…

With people around the world self-isolating at home in order to curb the spread of Covid-19, Apple has received a patent for software that would allow people to take group selfies while socially distancing from one another. CNN reports: The US Patent and Trademark Office recently granted Apple a patent for the software that would allow for "synthetic group selfies," or socially distant group selfies. The software would allow a user to invite others to participate in a group selfie that would arrange multiple people into a single image. It would remove the background image from other users' selfies and place them into the user's photo. While it appears as if Apple filed for the patent as a response to the pandemic, the tech giant originally filed for the patent in 2018 and it received it June 2. Whether Apple decides to move forward with the patented software remains to be seen, but it would be the perfect way for people to create memories with one another while still socially distancing.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: Over the past two weeks, cops have been deploying every tool at their disposal to suppress worldwide protests and riots over the deaths of George Floyd, Breonna Taylor, Tony McDade, and other Black citizens killed by police. Since the protests began, demonstrators in multiple cities have reported spotting LRADs, or Long-Range Acoustic Devices, sonic weapons that blast sound waves at crowds over large distances and can cause permanent hearing loss. In response, two audio engineers from New York City have designed and built a shield which they say can block and even partially reflect these harmful sonic blasts back at the police. The shield's designers, Dave Rife and Gabe Liberti, were inspired to build the device after marching in the protests in New York City and hearing about LRAD sightings at demonstrations across the U.S. "It's definitely been on our mind a lot how we've been seeing police instigating violence, and we've heard rumblings here and there about LRADs being spotted in NYC," said Rife, the shield's co-designer, who has previously worked in the architecture industry as an expert in acoustics. "We met on Sunday with the aim of building something that resembles a protest sign but can block a fair amount of sound energy. The idea is there could be a few of these in a car, driven to the location where someone has seen an LRAD, and then carried by hand from there." Rife and Liberti designed their shield to reflect audible sound waves that are condensed and carried via ultrasonic frequencies, and have tested it against a smaller and less powerful version of the LRAD that they built in their studio. It's made from a pine batten structure filled with recycled denim insulation, and covered by a half inch of clear acrylic on both sides, enabling the user to see ahead through a small window. According to a detailed teardown of the LRAD 300X posted by another audio technician, the LRADs produced by Genasys, the company that pioneered the devices, do not use an ultrasonic beam to project sound. However, Rife and Liberti say their design would still be effective against these hyper-directional blasts.

Read more of this story at Slashdot.