news aggregator

IBM's Global Technology Services has posted a job ad calling for candidates with a "minimum 12+ years' experience in Kubernetes administration and management." From a report: Which is a little odd because the first GitHub commit for the project was made on June 7, 2014. And the feature freeze for version 1.0 was announced on May 22, 2015. Sharp-minded Reg readers will have recognised that -- absent time travel -- it is therefore not possible for anyone to have 12 years' experience with Kubernetes. The ad is sadly silent on just how IBM expects candidates will have found the time to accumulate a dozen years' experience in a six-year-old project.

Read more of this story at Slashdot.

EU antitrust folks give themselves two weeks to think about it

Google has pinky-promised not to pull user health data from Fitbit devices into its monster ad empire if the European Union approves its planned $2.1bn acquisition.…

Facing eight federal lawsuits and opposition from hundreds of universities, the Trump administration on Tuesday rescinded a rule that would have required international students to transfer or leave the country if their schools held classes entirely online because of the pandemic. From a report: The decision was announced at the start of a hearing in a federal lawsuit in Boston brought by Harvard University and the Massachusetts Institute of Technology. U.S. District Judge Allison Burroughs said federal immigration authorities agreed to pull the July 6 directive and "return to the status quo." A lawyer representing the Department of Homeland Security and U.S. Immigration and Customs Enforcement said only that the judge's characterization was correct. The announcement brings relief to thousands of foreign students who had been at risk of being deported from the country, along with hundreds of universities that were scrambling to reassess their plans for the fall in light of the policy. Under the policy, international students in the U.S. would have been forbidden from taking all their courses online this fall. New visas would not have been issued to students at schools planning to provide all classes online, which includes Harvard. Students already in the U.S. would have faced deportation if they didn't transfer schools or leave the country voluntarily.

Read more of this story at Slashdot.

Funnily enough, triggering a brain drain and denting the economy isn't such a great vote winner

The Trump administration today scrapped its new rule that would have forced up to a million foreign students to leave the United States if their universities didn’t offer at least some in-person tuition mid-pandemic.…

Since WannaCry and NotPetya struck the internet just over three years ago, the security industry has scrutinized every new Windows bug that could be used to create a similar world-shaking worm. Now one potentially "wormable" vulnerability -- meaning an attack can spread from one machine to another with no human interaction -- has appeared in Microsoft's implementation of the domain name system protocol, one of the fundamental building blocks of the internet. From a report: As part of its Patch Tuesday batch of software updates, Microsoft today released a fix for a bug discovered by Israeli security firm Check Point, which the company's researchers have named SigRed. The SigRed bug exploits Windows DNS, one of the most popular kinds of DNS software that translates domain names into IP addresses. Windows DNS runs on the DNS servers of practically every small and medium-sized organization around the world. The bug, Check Point says, has existed in that software for a remarkable 17 years. Check Point and Microsoft warn that the flaw is critical, a 10 out of 10 on the common vulnerability scoring system, an industry standard severity rating. Not only is the bug wormable, Windows DNS software often runs on the powerful servers known as domain controllers that set the rules for networks. Many of those machines are particularly sensitive; a foothold in one would allow further penetration into other devices inside an organization. On top of all of that, says Check Point's head of vulnerability research Omri Herscovici, the Windows DNS bug can in some cases be exploited with no action on the part of the target user, creating a seamless and powerful attack. "It requires no interaction. And not only that, once you're inside the domain controller that runs the Windows DNS server, expanding your control to the rest of the network is really easy," says Omri Herscovici. "It's basically game over." Check Point found the SigRed vulnerability in the part of Windows DNS that handles a certain piece of data that's part of the key exchange used in the more secure version of DNS known as DNSSEC. That one piece of data can be maliciously crafted such that Windows DNS allows a hacker to overwrite chunks of memory they're not meant to have access to, ultimately gaining full remote code execution on the target server. (Check Point says Microsoft asked the company not to publicize too many details of other elements of the technique, including how it bypasses certain security features on Windows servers.)

Read more of this story at Slashdot.

China said on Tuesday it would place sanctions on Lockheed Martin for its involvement in arms sales to Taiwan, a move that could further escalate tensions between Beijing and Washington. hackingbear writes: "China firmly opposes US arms sales to Taiwan," Foreign Ministry spokesman Zhao Lijian said at a press conference. Taiwan is a self-ruled island, but China has long vowed to unify it with the mainland. The United States is one of Taiwan's main arms suppliers. The US State Department last week approved a request by Taiwan to upgrade its Patriot Surface-to-Air missiles at an estimated cost of $620 million, according to Taiwan's state-run Central News Agency. In response, China is imposing "sanctions on the main contractor of this arms sale, Lockheed Martin," Zhao said, without going into detail. The United States should "stop selling arms to Taiwan and cut its military ties to Taiwan, so it won't do further harm to bilateral relations between China and the United States," he added.

Read more of this story at Slashdot.

10 out of 10: Great in a test score, less good when it's for the severity of a flaw

SAP customers should update their installations to close a security vulnerability that can be exploited to commandeer the software by anyone who can reach it.…

Joseph R. Biden Jr. announced on Tuesday a new plan to spend $2 trillion over four years to significantly escalate the use of clean energy in the transportation, electricity and building sectors, part of a suite of sweeping proposals designed to create economic opportunities and build infrastructure while also tackling climate change. DogDude shares a report: In a speech in Wilmington, Del., Mr. Biden built on his plans, released last week, for reviving the economy in the wake of the coronavirus crisis, with a new focus on enhancing the nation's infrastructure and emphasizing the importance of putting the United States on a path to significantly cut fossil fuel emissions. "These are the most critical investments we can make for the long-term health and vitality of both the American economy and the physical health and safety of the American people," he said, repeatedly criticizing President Trump's leadership on issues including climate and the pandemic. "When Donald Trump thinks about climate change, the only word he can muster is 'hoax.' When I think about climate change, the word I think of is 'jobs.'" The proposal is the second plank in Mr. Biden's economic recovery plan. His team sees an opportunity to take direct aim at Mr. Trump, who has struggled to deliver on his pledges to finance major improvements to American infrastructure. Republicans are sure to criticize the proposal as an attack on jobs in the energy sector -- but the plan will also test whether Mr. Biden has found a way to win over environmental activists and other progressives who have long been skeptical about the scope of his ambitions on climate. His plan outlines specific and aggressive targets, including achieving an emissions-free power sector by 2035 and upgrading four million buildings over four years to meet the highest standards for energy efficiency. The plan also calls for establishing an office of environmental and climate justice at the Department of Justice and developing a broad set of tools to address how "environmental policy decisions of the past have failed communities of color."

Read more of this story at Slashdot.

AMD finally brings a workstation-class -- in other words, security-conscious -- processor to challenge the Intel Xeon on the desktop with its Ryzen Threadripper Pro. With up to 64 cores, the pro version of AMD's multicore powerhouse Threadripper processors incorporates essentials like support for massive amounts of memory and board-level security, critical for uses which move a ton of sensitive data, ranging from aerospace visualization to Hollywood video editing and CGI rendering. The CPU debuts in Lenovo's ThinkStation P620; Lenovo has a limited exclusive on the processor. From a report: The CPU comes in four variants: 3945WX (12 cores, with the fastest single-core speeds), 3955WX (16 cores), 3975WX (32 cores) and 3995WX (64 cores). At the moment, to achieve core counts that high with the Intel Xeon, you have to use multiple CPUs. They all come with some of the perks of AMD's architecture, including support for PCI Gen4 -- in this case, up to 128 lanes. And the Pro versions add support for more types of memory, notably RDIMM and LRDIMM, over the high-end consumer-focused Threadripper, plus 8 memory channels vs. 4, which lets it support up to 2TB of memory. On the downside, while AMD supports faster internal transfers than Intel via PCI 4, it doesn't offer any high-speed external data transfer capabilities a la Thunderbolt 3. And in fact, the ThinkStation P620's fastest connections are USB 3.2 Gen 2 and 10Gb Ethernet.

Read more of this story at Slashdot.

Redmond's Azure-based system pals up with virty dinosaur

Microsoft has agreed to make Citrix a "a preferred digital workspace solution" for its Windows Virtual Desktop (WVD), part of its Microsoft 365 suite.…

The growth of partisan media masquerading as state and local reporting is a troubling trend we've seen emerge amid the financial declines of local news organizations. But what do these outlets mean for journalism in American communities? NiemanLab: Using previous research and news reports as a guide, we've mapped the locations of more than 400 partisan media outlets -- often funded and operated by government officials, political candidates, PACs, and political party operatives -- and found, somewhat unsurprisingly, that these outlets are emerging most often in swing states, raising a concern about the ability of such organizations to fill community information needs while prioritizing the electoral value of an audience. We found that while left-leaning sites prioritize statewide reporting, right-leaning sites are more focused on local reporting, suggesting different strategies for engaging with targeted audiences and indicating the potential for these sites to exacerbate polarization in local communities.

Read more of this story at Slashdot.

Brit firm inks deal with Best Buy in US as it eyes government tenders abroad

UK modular PC flinger Kano has cast its ambitions overseas as well as at home for its updated edutech-flavoured Kano Windows 10 PC, out today along with a pile of new buildable accessories.…

The infamous spyware company NSO Group scored a major win in what critics are calling a "disgraceful ruling" in an Israeli court this week. From a report: The court ruled that NSO can keep exporting its hacking and surveillance tools, arguing that the human rights organization Amnesty International, which had sued the company in an attempt to block its exports, failed to prove that an NSO customer used its technology to spy on Amnesty staff. In 2018, as Motherboard reported at the time, Amnesty claimed to have found hackers spying on one of the organization's researchers using NSO spyware. After the incident, the organization sued NSO in Israel in an attempt to block the export of its surveillance technology. A Tel Aviv District Court judge dismissed the suit alleging Amnesty did not present enough evidence, and said Israel's Defence Ministry, which is tasked with overseeing the export of surveillance technologies, has the right safeguards in place to protect human rights.

Read more of this story at Slashdot.

Finnish comms biz says it's ready to go on a million radios already, despite what outgoing CEO said previously

Nokia will allow telcos to repurpose existing 4G/LTE radios to support 5G, via an easily-deployed software update. Should we get our hopes up for near-ubiquitous fast mobile internet? Not if previous comments by the company's outgoing CEO are to be believed.…

Microsoft is adding support for custom email addressing to Office 365 email services, a feature it hopes to complete in Q3 2020. From a report: Custom email addresses are an optional feature that some email providers can support. The feature is described in the RFC 5233 internet standard. Officially known as subaddressing, this standard allows users to extend their email address using "tags" or the plus (+) character, hence its two alternative names of tagged addressing or plus addressing. For example, a user with the email address of username@domain.com can use the plus addressing feature to extend their email address to username+tag@domain.com. If the user's email address supports subaddressing, all emails sent to the username+tag@domain.com email will land in the user's username@domain.com inbox.

Read more of this story at Slashdot.

Query data in one cloud and export the results to another

Google's virtual Cloud Next event has kicked off with the introduction of BigQuery Omni, letting customers extend the tentacles of the analytics service to probe data across Google Cloud, AWS and Microsoft Azure.…

Amazon just reinvented the lowly shopping cart. The company on Tuesday unveiled the Amazon Dash Cart, which is infused with weight sensors and cameras that allow it to scan your items as you're placing them in the cart so you can skip the checkout line. From a report: The concept is kind of like a compact version of Amazon Go, a whole store that does away with the checkout experience by using hundreds of cameras on the ceiling to let customers pick up whatever items they want and walk out. "Our primary motivation for building this was to be able to save customers time," said Dilip Kumar, vice president of Amazon's physical retail and technology. "The alternative solutions are standing in the express checkout lanes or fumbling through self-checkout stations." Dash Carts will debut at Amazon's Woodland Hills, California, grocery store, when the location opens later this year. The company last November unveiled plans for the Woodland Hills store as the first location for a new supermarket chain that will be separate from its Whole Foods chain. The store will include conventional checkout lanes, too.

Read more of this story at Slashdot.

Country to be hit with £2bn cost, massive tech delay after firm 'materially compromised' by US's latest sanctions

D-day has finally arrived for Huawei in Britain: UK.gov will outlaw the purchase of Huawei gear to build 5G networks by the end of this year, and from 2027 the country's mobile networks must eradicate the Chinese vendor's kit from their 5G infrastructure.…

Britain announced on Tuesday that it would ban equipment from the Chinese technology giant Huawei from the country's high-speed wireless network, a victory for the Trump administration and a reversal of an earlier decision that underscores how technology has taken center stage in the deepening divide between Western powers and China. From a report: In January Britain said that Huawei equipment could be used in its new 5G network on a limited basis. But since then Prime Minister Boris Johnson has faced growing political pressure domestically to take a harder line against Beijing, and in May the United States imposed new restrictions to disrupt Huawei's access to important components. Britain's about-face signals a new willingness among Western countries to confront China, a determination that has grown firmer since Beijing last month adopted a sweeping new law to tighten its grip on Hong Kong, the semiautonomous city that was a British colony until 1997. On Tuesday, Robert O'Brien, President Trump's national security adviser, was in Paris for meetings about China with counterparts from Britain, France, Germany and Italy. Huawei's critics say its close ties to the Chinese government mean Beijing could use the equipment for espionage or to disrupt telecommunications -- a point the company strongly disputes. Arguing that Huawei created too much risk for such a critical, multibillion-dollar project, the government said Tuesday that it would bar the purchase of new Huawei equipment for 5G networks after December, and that existing gear already installed would need to be removed from the networks by 2027. "As facts have changed, so has our approach," Oliver Dowden, the government minister in charge of telecommunications, told the House of Commons on Tuesday afternoon. "This has not been an easy decision, but it is the right one for the U.K.'s telecoms networks, for our national security and our economy, both now and indeed in the long run." The dispute over Huawei, the world's largest maker of telecommunications equipment, represents an early front in a new tech Cold War, with ramifications for internet freedom and surveillance, as well as emerging technologies like artificial intelligence and robotics.

Read more of this story at Slashdot.

Google is in advanced talks to buy a $4 billion stake in Indian billionaire Mukesh Ambani's technology venture, Bloomberg News reported Tuesday, citing people familiar with the matter, seeking to join rival Facebook in chasing growth in a promising internet and e-commerce market. From the report: The Mountain View, California-based company has been discussing the investment in Jio Platforms, the digital arm of Ambani's Reliance Industries, the people said, asking not to be identified because the information is private. An announcement could come as soon as the next few weeks, according to the people. Jio is at the center of the Indian tycoon's ambition to transform his energy conglomerate into a homegrown technology behemoth akin to China's Alibaba Group Holding. The venture has turned into a magnet for Silicon Valley investors, attracting almost $16 billion from Facebook to KKR in the past three months. Should the talks with Google result in a deal, that would further burnish Jio's credentials in its push to upend online retail, content streaming, digital payments, education and health care in a market of more than a billion people. Google said on Monday that it plans to invest $10 billion in India over the next five to seven years.

Read more of this story at Slashdot.