Linux fréttir

Facebook today filed a lawsuit against a Chinese company and two Chinese nationals for abusing the Facebook ad platform to run a malware scheme. From a report: The accused are ILikeAd Media International Company, a Hong Kong-based company founded in 2016, and Chen Xiao Cong and Huang Tao, the two men behind it. Facebook said today that ILikeAd used Facebook ads to lure victims into downloading and installing malware. Once installed, the malware would compromise victims' Facebook accounts and use access to these accounts to place new ads, on behalf of the infected users.

Read more of this story at Slashdot.

Documentary filmmakers lob sue ball to halt practice

The US State Department is being sued over its policy of crawling the social media accounts of people applying for entry visas.…

An anonymous reader writes: Security researchers found a new vulnerability allowing potential attackers to hijack VPN connections on affected *NIX devices and inject arbitrary data payloads into IPv4 and IPv6 TCP streams. They disclosed the security flaw tracked as CVE-2019-14899 to distros and the Linux kernel security team, as well as to others impacted such as Systemd, Google, Apple, OpenVPN, and WireGuard. The vulnerability is known to impact most Linux distributions and Unix-like operating systems including FreeBSD, OpenBSD, macOS, iOS, and Android. A currently incomplete list of vulnerable operating systems and the init systems they came with is available below, with more to be added once they are tested and found to be affected: Ubuntu 19.10 (systemd), Fedora (systemd), Debian 10.2 (systemd), Arch 2019.05 (systemd), Manjaro 18.1.1 (systemd), Devuan (sysV init), MX Linux 19 (Mepis+antiX), Void Linux (runit), Slackware 14.2 (rc.d), Deepin (rc.d), FreeBSD (rc.d), and OpenBSD (rc.d). This security flaw "allows a network adjacent attacker to determine if another user is connected to a VPN, the virtual IP address they have been assigned by the VPN server, and whether or not there is an active connection to a given website," according to William J. Tolley, Beau Kujath, and Jedidiah R. Crandall, Breakpointing Bad researchers at University of New Mexico. "Additionally, we are able to determine the exact seq and ack numbers by counting encrypted packets and/or examining their size. This allows us to inject data into the TCP stream and hijack connections," the researchers said.

Read more of this story at Slashdot.

Looking forward to seeing these in, well, anything would be nice

Qualcomm will today expand its range of Snapdragon system-on-chips for always-connected Arm-based Windows 10 tablet-laptops from one to three.…

Shannon Bond, writing for NPR: Inside a bright red building in Redwood City, just south of San Francisco, cooks plunge baskets of french fries into hot oil, make chicken sandwiches and wrap falafel in pita bread. If you've been in a restaurant kitchen, it's a familiar scene. But what's missing here are waiters and customers. Every dish is placed in a to-go box or bag. Delivery drivers line up in a waiting area ready for the name on their order to be called. Behind the counter, racks of metal shelves hold bags of food. Each bag sports a round, red sticker with the logo of DoorDash, America's biggest food delivery app. DoorDash manages this building, the drivers, the counter staff -- everything but the food, which is made by five restaurants that are renting kitchens here. Rather than having to build a physical brick-and-mortar store, we do that on their behalf. And then they move into our DoorDash kitchen and then overnight they're live on the DoorDash platform," said Fuad Hannon, DoorDash's head of new business verticals. He oversees the new kitchen venture. Not long ago, food delivery in many places was limited to pizza and Chinese takeout. But now, thanks to apps like DoorDash, Grubhub and Postmates, customers can summon their favorite dish with a tap on a smartphone screen, whether they live in a city or the far-flung suburbs. "Your customer is just like, at their living room, watching Netflix," said Min Park, an investor in DoorDash tenant Rooster & Rice, a chicken chain with six locations in the Bay Area.

Read more of this story at Slashdot.

A shared hatred of robocalls is one issue uniting the House during a divisive impeachment inquiry. From a report: House lawmakers yesterday passed a bipartisan bill aimed to crack down on the fraudulent auto-dial callers by a nearly unanimous 417-to-3 vote. The legislation, known as the TRACED Act, now moves to the Senate, where it is co-sponsored by Senate GOP Whip John Thune (R-S.D.) and is expected to pass. The bill's passage amid broad Congressional gridlock -- on the very day the House Judiciary Committee hosted a heated impeachment hearing -- underscores just how bad the robocall epidemic has become. Americans received more than 5 billion such calls last month alone, according to the robocall blocking app YouCall. Congress's move to intervene could score points with Americans across the political spectrum who are fed up with the fraudsters.

Read more of this story at Slashdot.

Highest-ranked front shooter yet for the poser in your life

The middle ground of the smartphone market is a bit of a battleground. Manufacturers of all stripes – except Apple – keep flinging devices at punters with fairly high-end specs, but price tags under the £500 mark. The latest salvo comes from embattled Chinese comms giant Huawei, which today announced the launch of its Nova 6 handset.…

A Falcon 9 rocket launched on Thursday from Florida, delivering its Dragon spacecraft into orbit. From a report: The first stage then made a safe landing on a drone ship stationed in the Atlantic Ocean. The company's webcast ended without any coverage of the second stage's six-hour coast to demonstrate a capability for an unnamed customer. This was the tenth Falcon 9 launch of 2019. Overall the rocket has now launched 76 times. Sometime in 2020, among rockets in active service, the Falcon 9 will almost certainly become the U.S. booster with the most launch experience, surpassing the Atlas V. That rocket has launched 80 times, with one more mission scheduled for later this month -- a test flight of Boeing's Starliner spacecraft.

Read more of this story at Slashdot.

What happens when you throw your lot in with crypto-coin types

Collaboration site Keybase, once touted for its encrypted meetup channels and robust developer features, is struggling to ward off an epidemic of harassment and spam brought about by its shift toward cryptocurrency.…

As governments and companies invest more in security networks, hundreds of millions more surveillance cameras will be watching the world in 2021, mostly in China, according to a new report. From a report: The report, from industry researcher IHS Market, to be released Thursday, said the number of cameras used for surveillance would climb above 1 billion by the end of 2021. That would represent an almost 30% increase from the 770 million cameras today. China would continue to account for a little over half the total. Fast-growing, populous nations such as India, Brazil and Indonesia would also help drive growth in the sector, the report said. IHS analyst Oliver Philippou said government programs to implement widespread video surveillance to monitor the public would be the biggest catalyst for the growth in China. City surveillance also was driving demand elsewhere.

Read more of this story at Slashdot.

Claims it's unconstitutional

Huawei Technologies today filed a fresh lawsuit against the US Federal Communications Commission over its decision to ban rural carriers from buying the company's mobile hardware with Universal Service Fund (USF) cash.…

Connecting rural America to broadband is a popular talking point on the campaign trail. In one Kentucky community, itâ(TM)s already a way of life. From a report: McKee, an Appalachian town of about twelve hundred tucked into the Pigeon Roost Creek valley, is the seat of Jackson County, one of the poorest counties in the country. There's a sit-down restaurant, Opal's, that serves the weekday breakfast-and-lunch crowd, one traffic light, a library, a few health clinics, eight churches, a Dairy Queen, a pair of dollar stores, and some of the fastest Internet in the United States. Subscribers to Peoples Rural Telephone Cooperative (P.R.T.C.), which covers all of Jackson County and the adjacent Owsley County, can get speeds of up to one gigabit per second, and the cooperative is planning to upgrade the system to ten gigabits. (By contrast, where I live, in the mountains above Lake Champlain, we are lucky to get three megabytes.) For nearly fifteen million Americans living in sparsely populated communities, there is no broadband Internet service at all. "The cost of infrastructure simply doesn't change," Shirley Bloomfield, the C.E.O. of the Rural Broadband Association, told me. "It's no different in a rural area than in Washington, D.C. But we've got thousands of people in a square mile to spread the cost among. You just don't in rural areas." Keith Gabbard, the C.E.O. of P.R.T.C., had the audacious idea of wiring every home and business in Jackson and Owsley Counties with high-speed fibre-optic cable. Gabbard, who is in his sixties, is deceptively easygoing, with a honeyed drawl and a geographically misplaced affection for the Pittsburgh Pirates. He grew up in McKee and attended Eastern Kentucky University, thirty-five miles down Route 421; he lives with his wife, a retired social worker, in a house next door to the one in which he grew up. "I've spent my whole life here," he said. "I'm used to people leaving for college and never coming back. The ones who didn't go to college stayed. But the best and the brightest have often left because they felt like they didn't have a choice." When Gabbard returned to his home town after college, in 1976, he took an entry-level job at the telephone cooperative. "I had this degree in business management that I thought was really cool, but I got a job answering the phones," he said. "At the time, we were all on party lines, and everybody was calling and complaining about somebody on their line and they couldn't get the phone. I was taking those complaints. And I remember thinking that, once we got everyone their own lines, we won't have any more problems. I didn't have a clue what was coming."

Read more of this story at Slashdot.

Socially isolated and faced with a persistently white polar landscape, a long-term crew of an Antarctic research station saw a portion of their brains shrink during their stay, a small study finds. From a report: "It's very exciting to see the white desert at the beginning," says physiologist Alexander Stahn, who began the research while at Charite-Universitatsmedizin Berlin. "But then it's always the same." The crew of eight scientists and researchers and a cook lived and worked at the German research station Neumayer III for 14 months. Although joined by other scientists during the summer, the crew alone endured the long darkness of the polar winter, when temperatures can plummet as low as -50 Celsius and evacuation is impossible. That social isolation and monotonous environment is the closest thing on Earth to what a space explorer on a long mission may experience, says Stahn, who is interested in researching what effect such travel would have on the brain. Animal studies have revealed that similar conditions can harm the hippocampus, a brain area crucial for memory and navigation. For example, rats are better at learning when the animals are housed with companions or in an enriched environment than when alone or in a bare cage, Stahn says. But whether this is true for a person's brain is unknown.

Read more of this story at Slashdot.

Account-draining malware masterminds charged but remain in motherland

US prosecutors have slapped a $5m bounty on the heads of two Russian nationals they claim are part of the malware gang behind the banking trojans ZeuS and Dridex.…

It was a video of a waving robot that attracted NASA to the world's most isolated city. Engineers at Woodside Petroleum Ltd. in Perth, Australia, were just "messing around" teaching a toy robot to wave when they filmed it, Chief Technology Officer Shaun Gregory told a conference recently, but NASA liked what it saw. From a report: The U.S. space agency got in touch, and the two are now studying how to use robot technology to tackle problems in remote and difficult locations. This sort of collaboration represents exactly what Australia's largest state is trying to achieve. With some of the world's biggest resource companies operating in the region, the state aims to become a hot spot for developing technology to help miners and oil explorers cut costs and boost efficiency. "Western Australia has the opportunity to cement a place as the world's epicenter of resources technology and innovation," Mike Henry, the incoming chief executive officer of mining giant BHP Group, said at the inaugural Resources Technology Showcase in Perth last week. "Whether its autonomous haulage, robotics, drones, big data or artificial intelligence, we're changing the way we work."

Read more of this story at Slashdot.

Learning points, not an instruction manual

Black Hat 2019 Faking digital evidence during a cyber attack – planting a false flag – is simple if you know how, as noted infosec veteran Jake Williams told London's Black Hat conference.…

Security researchers at Check Point say the company has uncovered evidence that Chinese hackers managed to hijack $1 million in seed money during a wire transfer between a Chinese venture capital firm and an Israeli startup -- without either side realizing anything was wrong. From a report: The VC firm and the startup, whose names Check Point hasn't released, reached out to the security firm after the funds failed to arrive. Once Check Point dug into the details, it discovered a man in the middle attack that took a lot of planning and plenty of patience. After analyzing the server logs, emails, and the computers involved in correspondence between the companies, Check Point noticed some abnormalities. Some of the emails, analysts discovered, had been modified. Others hadn't even been written by either organization. After seeing the original email thread announcing the upcoming multi-million dollar seeding fund, the hacker took action. Instead of monitoring subsequent emails by creating an auto forwarding rule (standard practice in traditional attacks), the hacker started by creating two lookalike domains.

Read more of this story at Slashdot.

Comms provider switched 118 people to its services without their consent

Imagine a telco kicking down your front door, yelling "all your bills are belong to us" then leaving. In the industry parlance, it's known as "slamming" and Ofcom has fined Onestream £35,000 for the practice.…

Chinese telecoms giant Huawei has launched a legal challenge to a decision by US regulators to classify it as a national security threat. From a report: It comes after the US Federal Communications Commission put curbs on rural mobile providers using a $8.5bn government fund to buy Huawei equipment. The firm said evidence that it was a threat to security "does not exist." The move is the latest in a series of challenges between Huawei and the US. The company has asked the US Court of Appeal to overturn the decision. Speaking at a news conference at Huawei's headquarters in Shenzhen, the company's chief legal officer, Song Liuping, said: "The US government has never presented real evidence to show that Huawei is a national security threat. That's because this evidence does not exist."

Read more of this story at Slashdot.

Another $0.51 dividend for shareholders, exec pay OK'd, but no say for employees

There was good news for investors and perhaps bad news for employees during Microsoft's annual shareholder meeting.…