news aggregator

Good thing the government didn't crank up the national alert system or anything ... Oh no, it did

South Korean telco KT, which has around 30 per cent of the nation’s mobile market, has admitted that a network outage was caused by its own blunder and not a distributed denial of service (DDoS) attack.…

An indie developer has found an interesting observation: Though only 5.8% of his game's buyers were playing on Linux, they generated over 38% of the bug reports. Not because the Linux platform was buggier, either. Only 3 of the roughly 400 bug reports submitted by Linux users were platform specific, that is, would only happen on Linux. PC Gamer reports: The developer, posting as Koderski for developer Kodera Software on Reddit, makes indie game [Delta] V: Rings of Saturn -- that's Delta V, or DV, for the non-rocket-science-literate. [...] Koderski says he's sold a little over 12,000 copies of his game, and about 700 of those were bought by Linux players. "I got 1040 bug reports in total, out of which roughly 400 are made by Linux players," says Koderski's post. "That's one report per 11.5 users on average, and one report per 1.75 Linux players. That's right, an average Linux player will get you 650% more bug reports." Koderski's numbers are a limited sample size drawn from one person's experience, but tell a compelling story. Koderski also says that very few of those bugs were specific to Linux, being clear that "This 5.8% of players found 38% of all the bugs that affected everyone." The bug reports themselves were also pretty high quality, he said, including software and OS versions, logs, and steps for replication. Multiple commenters on the post chalked this up to the kind of people who use Linux: Software professionals, IT employees, and engineers who would already be familiar with official bug reporting processes. It's a strong theory as to why this might be, though the sheer passion that the gaming on Linux community has for anyone who supports their favorite hobby may be another.

Read more of this story at Slashdot.

An anonymous reader quotes a report from ZDNet: The reign of Apple's M1 SoC at the top of the Geekbench speed benchmarks may soon be over with the impending arrival of Intel's 12th-generation Alder Lake mobile processors. Hardware site Wccftech appears to have been leaked Intel's upcoming Core i9-12900HK mobile CPU, and has now revealed the first benchmarks. The results show Intel's mobile CPU narrowly outperforming Apple's flagship 10-core M1 Max, which also integrates a 32-core GPU and 64GB of unified memory. In these latest tests, the Core i9-12900HK outperforms the M1 Max on both single-core and multi-core benchmarks. The margin is slim, but is important for Intel since Apple ditched its CPUs for its own designs in new MacBooks. Intel's Alder Lake CPU didn't beat the M1 Max by much, with respective single-core scores of 1851 and 1785. It beat the Core i9-11980HK and AMD's top mobile CPU, the Ryzen 5980HX, by a bigger margin: the latter two CPUs saw scores of 1616 and 1506, respectively. In the multi-core benchmark, the Core i9-12900HK scored 13256 versus the M1 Max's score of 12753. Again, it trounced AMD's 5980HX, which scored 8217. Wccftech's Alder Lake benchmarks were run using Windows 11, so it's possible Thread Director's hardware scheduling influenced the results.

Read more of this story at Slashdot.

Pretty ambitious – none of this Blue-Origin-led consortium can put humans in orbit yet

Blue Origin is leading a consortium hoping to put the first commercial space station into orbit. The craft is set to combine research and tourism facilities, and provide an office address in space for businesses.…

China locked down a county that has seen the most Covid-19 cases in the nation's latest delta outbreak, as an initial flareup in the northwest quickly spirals into a nationwide surge. From a report: Ejin, a county in China's Inner Mongolia region, asked its 35,700 residents to stay home from Monday and warned of civil and criminal liabilities should anyone disobey the order, state broadcaster CCTV reported, citing a local government statement. The small county bordering Mongolia is the current outbreak's hotspot, home to nearly one-third of the more than 150 infections found over the past week in the mainland. The lockdown comes a day after a warning from National Health Commission officials that the outbreak would continue to worsen after spreading to 11 provinces in about a week. China reported 38 Covid infections on Monday, half of which were found in Inner Mongolia. The capital Beijing -- which has seen a dozen new cases traced back to the northwest -- has all but banned entry by people arriving from anyplace in the country that's reported locally-transmitted Covid cases. People who have to visit Beijing from these areas must provide a negative Covid test conducted no longer than two days earlier, and undergo two weeks of unspecified health monitoring.

Read more of this story at Slashdot.

Unions face test on Staten Island after defeat in Bessemer, Alabama

On Monday, a group representing workers at Amazon's warehouses on Staten Island, New York, electronically delivered a petition with at least 2,000 signatures to America's National Labor Relations Board in an effort to demonstrate there's enough employee support to hold a vote on whether to unionize.…

Owen Jones, a British newspaper columnist and activist for the Labour Party, writes in an opinion piece for The Guardian: The aftermath of the horrific killing of Conservative MP David Amess should have been a moment for politicians and the public to unite in an effort to protect democracy. Instead, the discussion has been derailed by a push to ban anonymous social media accounts, which would stifle free speech and democratic rights. Threatening online messages to politicians and other public figures should be taken seriously. As someone who has experienced online abuse, and a physical attack at the hands of the far right, I know all too well the danger. But, in this tragic event, there seems to be no known connection between the death of Amess and anonymous online posting. While MPs are grieving, and understandably feel vulnerable, we must ask whether strengthening the online safety bill is the right approach. By shifting attention away from extremism toward online anonymity, do we hinder our democracy? There are many legitimate reasons why a citizen may not feel comfortable posting their opinion or sharing information under their own identity. Given the number of politicians who offer off-the-record quotes to journalists on a daily basis, generally for fear of their jobs or other harmful consequences, MPs will be able to empathize with this. The bill would allow Ofcom to punish social networks that fail to remove "lawful but harmful" content. Defining abuse is politically subjective -- what is seen as accountability by some could be seen as abuse by others. Mark Francois, who is campaigning for the changes, said "while people in public life must remain open to legitimate criticism, they can no longer be vilified or their families subject to the most horrendous abuse." While there is no place for verbally violent, threatening or disturbing language, what can be defined as vilification versus illegitimate criticism is harder to judge... Friendly reminder: Slashdot continues to allow users to post comments and stories anonymously as an "Anonymous Coward." This is something that's been criticized since its inception, but it's something we think is important and plan to continue for the foreseeable future.

Read more of this story at Slashdot.

US govt issues alert over JS package downloaded 8m times a week – plus more news from world of infosec

In brief The US government's Cybersecurity and Infrastructure Security Agency (CISA) has warned developers that a version of the ua-parser-js JavaScript library, available via NPM, was infected with data-stealing and cryptocurrency-mining malware.…

Today is the 20th anniversary of Windows XP, and although the operating system reached the end of support in 2014, way too many people continue to use the insecure version of Windows. BleepingComputer reports: Windows XP was released on October 25, 2001, and is considered one of the most loved versions of Windows due to its ease of use, fast performance, and stability. Today, after Microsoft has released Windows 7, 8, 10, and 11, a small but respectable number of people are still using the old operating system. This continued usage is a testament to its success but also raises concerns regarding its lack of security. [...] According to StatCounter, the percentage of Windows users using the XP version of the OS in September 2021 is 0.59%, a significant number when you consider how many Windows systems are deployed worldwide. One very notable case is that of Armenia, where Windows XP is the most popular OS, enjoying a share of 53.5% among Windows users. Mainstream support for Windows XP ended on April 14, 2009, with extended support lasting another five years. This means that anyone still running Windows XP has not received support from Microsoft for roughly 7.5 years now, including almost all security updates and fixes for vulnerabilities that may have been discovered. That's a massive amount of time in tech and more than enough to render the operating system a security nightmare with likely a large number of unpatched vulnerabilities. While Microsoft has backported fixes for some of the more serious vulnerabilities in Windows XP, such as EternalBlue and BlueKeep, there are many more vulnerabilities that threat actors could exploit. This makes connecting a Windows XP device to the Internet a risky proposition and why all security professionals recommend users upgrade to a supported version of Windows.

Read more of this story at Slashdot.

Apple so far has avoided the worst outcome in its U.S. legal battle with Epic Games, but its antitrust woes remain. The Information: In the last several months the U.S. Department of Justice has accelerated its two-year-old antitrust probe of the iPhone maker, according to two people with knowledge of the investigation, increasing the likelihood of a lawsuit. Since summer, there has been a flurry of activity on the investigation as DOJ lawyers have asked Apple and its customers and competitors questions about how the company maintains its strict control over the iPhone, the people said. That includes a new round of subpoenas sent to Apple's business partners over the summer, according to people familiar with the matter. The investigation is very likely to lead to a lawsuit, though the specifics are still in flux, one of the people said. The DOJ has also assigned more staff to the probe, that person said. In late July two insurance companies abandoned their merger following a DOJ lawsuit, and some of the lawyers on that case moved to the Apple probe, the person said. DOJ lawyers are uncovering what they believe are serious issues and the investigation remains ongoing, the person said.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Motherboard: A newly obtained document written by the FBI lays out in unusually granular detail how it and other law enforcement agencies can obtain location information of phones from telecommunication companies. Ryan Shapiro, executive director of nonprofit organization Property of the People, shared the document with Motherboard after obtaining it through a public record act request. Property of the People focuses on obtaining and publishing government records. The document, a 139 page slide presentation dated 2019, is written by the FBI's Cellular Analysis Survey Team (CAST). CAST supports the FBI as well as state, local, and tribal law enforcement investigations through the analysis of call data and tower information, the presentation adds. That can include obtaining the data from telecommunications companies in the first place; analyzing tower dumps that can show which phones were in an approximate location at a given time; providing expert witness testimony; and performing drive tests to verify the actual coverage of a cell tower. "When necessary, CAST will utilize industry standard survey gear drive test equipment to determine the true geographical coverage breadth of a cell site sector," the presentation reads. The presentation highlights the legal process required to obtain information from a telecommunications company, such as a court order or search warrant. The LinkedIn profile of one CAST member Motherboard found says they have a "special emphasis in historical cell site analysis which is typically used for locating phones (and the individuals attached to those phones) for cases such as kidnappings, homicides, missing persons, and robberies." CAST provides its own cell phone data visualization tool to law enforcement officials around the country called CASTViz for free. "CASTViz has the ability to quickly plot call detail records and tower data for lead generation and investigative purposes," the presentation reads. The document includes images of and instructions for the CASTViz software itself. The document also explains how data requests from Mobile Virtual Network Operators (MVNOs) such as Boost Mobile are handled, explains how to obtain location data from what the FBI describes as "burner phones," and how to obtain information from OnStar, General Motors' in-vehicle system. The document also provides the cost of some of this data for law enforcement to request. The presentation provides more recent figures on how long telecoms retain data for. AT&T holds onto data such as call records, cell site, and tower dumps for 7 years. T-Mobile holds similar information for 2 years, and Verizon holds it for 1 year. The slide also shows that AT&T retains "cloud storage internet/web browsing" data for 1 year. Another section that provides an overview of the different engineering and location datasets held by telecoms and potentially available to law enforcement agencies tells officials to use some AT&T data "cautiously." "AT&T does not validate results," the presentation reads. That section also mentioned that Verizon has a "new" location tool that law enforcement agencies can use. Rich Young, a Verizon spokesperson, told Motherboard in an email that "This is a tool that our security team uses in response to lawful warrants and emergency requests. For example, this tool would be used in response to cases involving armed fugitives or missing children. As a common industry practice, the tool uses network-based cell site location information. All other major providers use a similar approach."

Read more of this story at Slashdot.

Boss used org's credit card to buy stuff from Amazon, Square accounts he set up, say prosecutors

An IT manager in the US was arrested on Friday for allegedly embezzling about $370,000 from an unidentified non-profit organization.…

A knot of problems with Amazon's system for handling paid and unpaid leaves has led to devastating consequences for workers. From a report: A year ago, Tara Jones, an Amazon warehouse worker in Oklahoma, cradled her newborn, glanced over her pay stub on her phone and noticed that she had been underpaid by a significant chunk: $90 out of $540. The mistake kept repeating even after she reported the issue. Ms. Jones, who had taken accounting classes at community college, grew so exasperated that she wrote an email to Jeff Bezos, the company's founder. "I'm behind on bills, all because the pay team messed up," she wrote weeks later. "I'm crying as I write this email." Unbeknown to Ms. Jones, her message to Mr. Bezos set off an internal investigation, and a discovery: Ms. Jones was far from alone. For at least a year and a half -- including during periods of record profit -- Amazon had been shortchanging new parents, patients dealing with medical crises and other vulnerable workers on leave, according to a confidential report on the findings. Some of the pay calculations at her facility had been wrong since it opened its doors over a year before. As many as 179 of the company's other warehouses had potentially been affected, too. Amazon is still identifying and repaying workers to this day, according to Kelly Nantel, a company spokeswoman. That error is only one strand in a longstanding knot of problems with Amazon's system for handling paid and unpaid leaves, according to dozens of interviews and hundreds of pages of internal documents obtained by The New York Times. Together, the records and interviews reveal that the issues have been more widespread -- affecting the company's blue-collar and white-collar workers -- and more harmful than previously known, amounting to what several company insiders described as one of its gravest human resources problems.

Read more of this story at Slashdot.

An anonymous reader shares a report: Leaked documents from company all-hands meetings in the summer of 2020 and January and February of this year, led by the school's now former chief operating officer, Molly Graham, who resigned earlier this month, and others led by its chief business officer, Matt Wyndowe, showed that Lambda School placed only 30% of its 2020 graduates in qualifying jobs during the first half of 2020. This figure is in stark contrast to the 74% placement rate it advertised for its 2019 graduates, the latest figure the school has made publicly available. In a tweet, Graham wrote that her mission was to "get the company through a pivotal phase" and position it to "operate well without me." These documents, given to Insider by a person familiar with the meetings, alongside over a dozen interviews with former Lambda School students and instructors, suggest that Graham is leaving with that mission far from accomplished. Cofounded in 2017 by the tech entrepreneurs Austen Allred and Ben Nelson, with help from the startup accelerator Y Combinator, Lambda School offered a nontraditional path for those seeking careers in computer science. In lieu of a four-year degree, students could take a crash course in programming while paying no tuition up front; an income-share agreement allowed students to pay the school a portion of their salary after being hired in a tech job with an annual salary of at least $50,000. Blog posts advertised it as "incentive-aligned" education. With the global edtech industry worth more than $106 billion as of this year, schools have popped up across North America promising to teach students using a similar business model. Lambda School itself has raised a total of $122 million from venture capital. Lambda School enrolls thousands of students a year and has indicated it plans on growing many times over to give investors profitable returns on the investments they've made.

Read more of this story at Slashdot.

Choice is the word for Jamf's Dean Hager

Interview As Apple's devices continue to find favour with enterprise users, the fortress that is Windows appears to be under attack in the corporate world.…

Tesla's market valuation hit and then surpassed the $1 trillion mark Monday, a milestone reached by the company 11 years after it became a publicly traded company. It also puts Tesla in select company with Apple, Amazon, Facebook and Google, all of which have market caps above $1 trillion. From a report: Tesla shares hit $998.22 midday Monday. Shares are now trading above $1,004, up about 10.5% from this morning's open. This is the first time the company's share price reached $1,000 a share. Shares pushed higher Monday on several news stories related to Tesla, including that rental giant Hertz, which recently emerged from bankruptcy, had agreed to buy 100,000 EVs from the automaker.

Read more of this story at Slashdot.

Microsoft said on Monday that a Russian state-sponsored hacking group known as Nobelium had attacked more than 140 IT and cloud services providers, successfully breaching 14 companies. From a report: The Microsoft Threat Intelligence Center (MSTIC) said the attacks were part of a planned campaign that began in May this year. The attacks included spear-phishing campaigns and password-spraying operations that targeted employees of companies that manage IT and cloud infrastructure on behalf of their clients. "We believe Nobelium ultimately hopes to piggyback on any direct access that resellers may have to their customers' IT systems and more easily impersonate an organization's trusted technology partner to gain access to their downstream customers," said Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft.

Read more of this story at Slashdot.

The latest version of macOS, Monterey, is now available to download, according to Apple. The software has been available in public beta for several months, but today's release means Apple thinks the software is ready for everyday use. From a report: As is tradition, Apple announced its latest version of macOS at WWDC in June. New features include the ability to set Macs as an AirPlay target to play content from iPhones and iPads, as well as Shortcuts, Apple's iOS automation software. There have also been improvements made to FaceTime, as well as a new Quick Note feature. For a full rundown of what's on the way, check out our preview from July, as well as Apple's own feature list. Unfortunately, some of Monterey's biggest new additions, Universal Control and SharePlay, don't seem to be available at launch. Apple notes that both features will be available "later this fall." Universal Control allows files to be dragged and dropped between several different machines, as Apple's Craig Federighi demonstrated at WWDC. It also will let you control multiple Apple devices including Macs, MacBooks, and iPads, with the same mouse and keyboard. SharePlay will enable shared experiences of music, TV shows, movies, and more while connected over FaceTime. Once it's available, Apple says you can use the feature with Apple Music, Apple TV+ and unnamed "popular third-party services." It's better news when it comes to Safari's redesign, which by default now uses a more traditional interface rather than the controversial new tab design introduced at WWDC.

Read more of this story at Slashdot.

Or so says infsec outfit Emsisoft

Hurling online abuse at ransomware gangs may have contributed to a hardline policy of dumping victims' data online, according to counter-ransomware company Emsisoft.…

Time was found to flow differently between the top and bottom of a single cloud of atoms. Physicists hope that such a system will one day help them combine quantum mechanics and Einstein's theory of gravity. From a report: The infamous twin paradox sends the astronaut Alice on a blazing-fast space voyage. When she returns to reunite with her twin, Bob, she finds that he has aged much faster than she has. It's a well-known but perplexing result: Time slows if you're moving fast. Gravity does the same thing. Earth -- or any massive body -- warps space-time in a way that slows time, according to Albert Einstein's general theory of relativity. If Alice lived her life at sea level and Bob at the top of Everest, where Earth's gravitational pull is slightly weaker, he would again age faster. The difference on Earth is modest but real -- it's been measured by putting atomic clocks on mountaintops and valley floors and measuring the difference between the two. Physicists have now managed to measure this difference to the millimeter. In a paper posted earlier this month to the scientific preprint server arxiv.org, researchers from the lab of Jun Ye, a physicist at JILA in Boulder, Colorado, measured the difference in the flow of time between the top and the bottom of a millimeter-tall cloud of atoms. The work is a step toward studying physics at the intersection of general relativity and quantum mechanics, two theories that are famously incompatible. The new clock takes a fundamentally quantum system -- an atomic clock -- and intertwines it with gravity's pull. In the experiment, Ye's team used an optical lattice clock, a cloud of 100,000 strontium atoms that can get tickled by a laser. If the laser's frequency is just right, the electrons orbiting each atom will be excited to a higher, more energetic orbit. Because only a tiny range of laser frequencies motivate the electrons to move, measuring this frequency provides an extremely precise measurement of time. It's like a quantum grandfather clock, where the ticking comes from the oscillations of the laser light rather than the swing of a pendulum.

Read more of this story at Slashdot.