Category Archives: Tech News

Enlarge / This image was the profile banner of one of the accounts allegedly run by the Internet Research Agency, the organization that ran social media “influence campaigns” in Russia, Germany, Ukraine, and the US dating back to 2009.

A Russian troll

The National Security Agency says that Russian state hackers are compromising multiple VMware systems in attacks that allow the hackers to install malware, gain unauthorized access to sensitive data, and maintain a persistent hold on widely used remote work platforms.

The in-progress attacks are exploiting a security bug that remained unpatched until last Thursday, the agency reported on Monday. CVE-2020-4006, as the flaw is tracked, is a command-injection flaw, meaning it allows attackers to execute commands of their choice on the operating system running the vulnerable software. These vulnerabilities are the result of code that fails to filter unsafe user input such as HTTP headers or

Read More

Android apps with hundreds of millions of downloads are vulnerable to attacks that allow malicious apps to steal contacts, login credentials, private messages, and other sensitive information. Security firm Check Point said that the Edge Browser, the XRecorder video and screen recorder, and the PowerDirector video editor are among those affected.

The vulnerability actually resides in the Google Play Core Library, which is a collection of code made by Google. The library allows apps to streamline the update process by, for instance, receiving new versions during runtime and tailoring updates to an individual app’s specific configuration or a specific phone model the app is running on.

A core vulnerability

In August, security firm Oversecured disclosed a security bug in the Google Play Core Library that allowed one installed app to execute code in the context of any other app that relied on the vulnerable library version.

The vulnerability stemmed from

Read More

Enlarge / Former Google AI Research Scientist Timnit Gebru speaks onstage during Day 3 of TechCrunch Disrupt SF 2018 at Moscone Center on September 7, 2018 in San Francisco, California.

Kimberly White | Getty Images

Google struggled on Thursday to limit the fallout from the departure of a top artificial intelligence researcher after the Internet group blocked the publication of a paper on an important AI ethics issue.

Timnit Gebru, who had been co-head of AI ethics at Google, said on Twitter that she had been fired after the paper was rejected.

Jeff Dean, Google’s head of AI, defended the decision in an internal email to staff on Thursday, saying the paper “didn’t meet our bar for publication.” He also described Dr. Gebru’s departure as a resignation in response to Google’s refusal to concede to unspecified conditions she had set to stay at the

Read More

Enlarge / The Enigma cipher machine found in the Baltic Sea is lying on a table in front of the archaeological office of Schleswig-Holstein. After its discovery, the machine was handed over to the office by research diver Huber. Photo: Axel Heimken/dpa (Photo by Axel Heimken/picture alliance via Getty Images)

Getty Images

Divers scouring the Baltic Sea for discarded fishing nets have stumbled on the rarest of finds: an Enigma encryption machine used by the Nazis to encode secret messages during World War II.

The electromechanical device was used extensively by the Nazi military to encrypt communications, which typically were transmitted by radio in Morse Code. Three or more rotors on the device used a stream cipher to convert each letter of the alphabet to a different letter.

The Enigma had the appearance of a typewriter. An operator would use the keys to type plaintext, and the converted ciphertext would

Read More

Enlarge / A Verizon FiOS truck in Manhattan on September 15, 2017.

Verizon is struggling to fix a glitch that has been leaking customers’ addresses, phone numbers, account numbers, and other personal information through a chat system that helps prospective subscribers figure out if Fios services are available in their location.

The personal details appear when people click on a link to chat with a Verizon representative. When the chat window opens, it contains transcripts of conversations that other customers, either prospective or current, have had. The transcripts include full names, addresses, phone numbers, account numbers (in the event they already have an account), and various other information. Some of the transcripts viewed by Ars date back to June. A separate Window included customers’ addresses, although it wasn’t clear who those addresses belonged to.

“Hi—I’m looking to get the teacher discount for Fios,” one person wrote on November 29. Below

Read More

Enlarge / Ken Keiter gets ready to tear apart the SpaceX Starlink user terminal, “Dishy McFlatface.”

Engineer Ken Keiter recently came into possession of one SpaceX Starlink user terminal, the satellite dish that SpaceX nicknamed “Dishy McFlatface.” But instead of plugging it in and getting Internet access from SpaceX’s low Earth orbit (LEO) satellites, Keiter decided to take Dishy apart to see what’s inside.

The teardown process destroyed portions of the device. “I would love to actually test out the [Starlink] service and clearly I didn’t get a chance to, as this went a little bit further than I was intending,” Keiter said toward the end of the 55-minute teardown video he posted on YouTube last week.

Keiter, who lives in Portland, Oregon, was impressed by the Starlink team’s work. “It’s rare to see something of this complexity in a consumer product,” he said in reference to the device’s

Read More
48/52