Tech Today w/ Ken May

Archive for May 14th, 2017

Enlarge / Loki Patera, in the lower-center, has a central island that divides two waves of molten material. (credit: NASA/JPL/USGS ) Volcanic activity appears to be a common feature in our Solar System; we have evidence of it on three planets and two moons and hints of it elsewhere. But that doesn’t mean all volcanic activity is the same. Venus’ activity is driven by a simple version of plate tectonics. On the Moon, massive lava flows were released by large impacts, and Mars just seems to have vented heat left over from its formation. There are also hints of cryovolcanoes, which belch up ice rather than lava, on some of the bodies of the outer Solar System. But when it comes to sheer volume of activity, all of this takes a back seat to Jupiter’s moon Io. Io is partially molten due to gravitational stress from its proximity to three large moons and a massive planet. The results are active volcanoes and vast pools of molten material on the Moon’s surface. And we just got a good look inside the biggest of them. Slicing up Loki Loki Patera is the most powerful active volcano in the Solar System. It’s an enormous crater with a central island; around that island is a sea of hot material that covers more than 20,000 square kilometers. By all appearances, that hot material isn’t stable, since the entire surface seems to be reworked every few years, temporarily replaced by new hot material. Read 10 remaining paragraphs | Comments

Categories: reader

(credit: Microsoft) SEATTLE—When Microsoft first introduced the Windows Subsystem for Linux (WSL) at last year’s Build developer conference , it said that it was doing so to make developers who were familiar with the Linux command line feel comfortable on Windows . The immediate and inevitable question was “Well, what about Windows Server?” Development is one thing, but what if organizations wanted to occasionally deploy their Linux software on Windows? Although Windows Server 2016 and Windows 10 share many components, the Server operating system hasn’t thus far included WSL, consistent with the “developer only” rationale. But that’s going to change: at Build this week, Microsoft announced that WSL will be included in Server later this year. Microsoft still isn’t positioning this as a way of running Linux server in production on Windows; rather, the company says the addition will be useful for administrative tasks. With WSL, Windows can run scripts written for Linux. But we’re hard-pressed to see things stopping there; it seems inevitable that at some point, Windows will offer the ability to run Linux server software as one of its features. Read 3 remaining paragraphs | Comments

Categories: reader

Ransomware may be mostly thought of as a (sometimes costly) nuisance, but when it hinders the ability of doctors and nurses to help people with an emergency medical problems, that qualifies as armed robbery. Read more…

Categories: reader

A global cybersecurity attack involving WannaCry ransomware crippled Microsoft Windows computers across the globe today. Here are 10 facts to know. The post Biggest Global Cyber Attack Ever? 10 WannaCry Ransomware Facts appeared first on ChannelE2E .

Categories: reader

Enlarge (credit: Health Service Journal) A day after a ransomware worm infected 75,000 machines in 100 countries, Microsoft is taking the highly unusual step of issuing patches that immunize Windows XP, 8, and Server 2003, operating systems the company stopped supporting as many as three years ago. The company also rolled out a signature that allows its Windows Defender antivirus engine to provide “defese-in-depth” protection. The moves came after attackers on Friday used a recently leaked attack tool developed by the National Security Agency to virally spread ransomware known as WCry . Within hours, computer systems around the world were crippled, prompting hospitals to turn away patients and telecoms, banks and companies such as FedEx to turn off computers for the weekend. The chaos surprised many security watchers because Microsoft issued an update in March that patched the underlying vulnerability in Windows 7 and most other supported versions of Windows. (Windows 10 was never vulnerable.) Friday’s events made it clear that enough unpatched systems exist to cause significant outbreaks that could happen again in the coming days or months. In a blog post published late Friday night , Microsoft officials wrote: Read 9 remaining paragraphs | Comments

Categories: reader

Google Found Over 1,000 Bugs In 47 Open Source Projects

Posted by kenmay on May - 14 - 2017

Orome1 writes: In the last five months, Google’s OSS-Fuzz program has unearthed over 1, 000 bugs in 47 open source software projects… So far, OSS-Fuzz has found a total of 264 potential security vulnerabilities: 7 in Wireshark, 33 in LibreOffice, 8 in SQLite 3, 17 in FFmpeg — and the list goes on… Google launched the program in December and wants more open source projects to participate, so they’re offering cash rewards for including “fuzz” targets for testing in their software. “Eligible projects will receive $1, 000 for initial integration, and up to $20, 000 for ideal integration” — or twice that amount, if the proceeds are donated to a charity. Read more of this story at Slashdot.

Categories: reader

French auto giant Renault became the first major French company to report being affected by Friday’s ransomware attack that affected tens of thousands of computers in almost 100 countries across the world, reports Automotive News . An English plant of Renault’s alliance partner Nissan was also hit by the attack. Read more…

Categories: reader

Microsoft Finally Bans SHA-1 Certificates In Its Browsers

Posted by kenmay on May - 14 - 2017

An anonymous reader quotes ZDNet: With this week’s monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft’s browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January’s stable release of Chrome 56, and Firefox’s February cut-off… Apple dropped support for SHA-1 in March with macOS Sierra 10.12.4 and iOS 10.3… Once Tuesday’s updates are installed, Microsoft’s browsers will no longer load sites with SHA-1 signed certificates and will display an error warning highlighting a security problem with the site’s certificate. Read more of this story at Slashdot.

Categories: reader

Remember that “kill switch” which shut down the WannCry ransomware? An anonymous reader quotes Motherboard: Over Friday and Saturday, samples of the malware emerged without that debilitating feature, meaning that attackers may be able to resume spreading ransomware even though a security researcher cut off the original wave. “I can confirm we’ve had versions without the kill switch domain connect since yesterday, ” Costin Raiu, director of global research and analysis team at Kaspersky Lab told Motherboard on Saturday… Another researcher confirmed they have seen samples of the malware without the killswitch. Read more of this story at Slashdot.

Categories: reader

Up To 1.4M More Fake Wells Fargo Accounts Possible

Posted by kenmay on May - 14 - 2017

An anonymous reader quotes the Bay Area Newsgroup: Wells Fargo may have opened as many as 3.5 million bogus bank accounts without its customers’ permission, attorneys for customers suing the bank have alleged in a court filing, suggesting the bank may have created far more fake accounts than previously indicated. The plaintiffs’ new estimate of bogus bank accounts is about 1.4 million, or 67%, higher than the original estimate — disclosed last year as part of a settlement with regulators — that up to 2.1 million accounts were opened without customers’ permission… The attorneys covered a period from 2002 to 2017, rather than the previously scrutinized five-year stretch from 2011 to some time in 2016 in which the bank acknowledged setting up unauthorized accounts. Wells Fargo terminated 5, 300 employees for creating fake accounts, and their CEO now acknowledges that “we had an incentive program and a high-pressure sales culture within our community bank that drove behavior that many times was inappropriate and inconsistent with our values.” In a possibly-related story, Wells Fargo plans to shut 450 branches over the next two years. Read more of this story at Slashdot.

Categories: reader