Tag: article

NSA-Leaking Shadow Brokers Just Dumped Its Most Damaging Release Yet

An anonymous reader quotes a report from Ars Technica: The Shadow Brokers — the mysterious person or group that over the past eight months has leaked a gigabyte worth of the National Security Agency’s weaponized software exploits — just published its most significant release yet. Friday’s dump contains potent exploits and hacking tools that target most versions of Microsoft Windows and evidence of sophisticated hacks on the SWIFT banking system of several banks across the world. Friday’s release — which came as much of the computing world was planning a long weekend to observe the Easter holiday — contains close to 300 megabytes of materials the leakers said were stolen from the NSA. The contents (a convenient overview is here) included compiled binaries for exploits that targeted vulnerabilities in a long line of Windows operating systems, including Windows 8 and Windows 2012. It also included a framework dubbed Fuzzbunch, a tool that resembles the Metasploit hacking framework that loads the binaries into targeted networks. Independent security experts who reviewed the contents said it was without question the most damaging Shadow Brokers release to date. One of the Windows zero-days flagged by Hickey is dubbed Eternalblue. It exploits a remote code-execution bug in the latest version of Windows 2008 R2 using the server message block and NetBT protocols. Another hacking tool known as Eternalromance contains an easy-to-use interface and “slick” code. Hickey said it exploits Windows systems over TCP ports 445 and 139. The exact cause of the bug is still being identified. Friday’s release contains several tools with the word “eternal” in their name that exploit previously unknown flaws in Windows desktops and servers. Read more of this story at Slashdot.

Read this article:
NSA-Leaking Shadow Brokers Just Dumped Its Most Damaging Release Yet

Former Sysadmin Accused of Planting ‘Time Bomb’ In Company’s Database

An anonymous reader writes: Allegro MicroSystems LLC is suing a former IT employee for sabotaging its database using a “time bomb” that deleted crucial financial data in the first week of the new fiscal year. According to court documents, after resigning from his job, a former sysadmin kept one of two laptops. On January 31, Patel entered the grounds of the Allegro headquarters in Worcester, Massachusetts, just enough to be in range of the factory’s Wi-Fi network. Allegro says that Patel used the second business-use laptop to connect to the company’s network using the credentials of another employee. While connected to the factory’s network on January 31, Allegro claims Patel, who was one of the two people in charge of Oracle programming, uploaded a “time bomb” to the company’s Oracle finance module. The code was designed to execute a few months later, on April 1, 2016, the first week of the new fiscal year, and was meant to “copy certain headers or pointers to data into a separate database table and then to purge those headers from the finance module, thereby rendering the data in the module worthless.” The company says that “defendant Patel knew that his sabotage of the finance module on the first week of the new fiscal year had the maximum potential to cause Allegro to suffer damages because it would prevent Allegro from completing the prior year’s fiscal year-end accounting reconciliation and financial reports.” Read more of this story at Slashdot.

Continue reading here:
Former Sysadmin Accused of Planting ‘Time Bomb’ In Company’s Database

Ubuntu 17.04 ‘Zesty Zapus’, Featuring Unity, Now Available To Download

Brian Fagioli, writing for BetaNews: Ubuntu 17.04 “Zesty Zapus” is available for download. No, this is not an Alpha or Beta, but an official stable version of the Linux-based operating system. Unfortunately, the release is a bit tainted — it uses Unity as the official desktop environment, which Canonical has announced will be killed. Not to mention, there has been some controversy regarding some comments by Ubuntu founder Mark Shuttleworth. Just yesterday, the CEO of Canonical announced she is leaving the position. With all of the aforementioned controversy and chaos, it is understandably hard to get too excited for “Zesty Zapus, ” especially as this is not a long term support version. With that said, if you are an existing Ubuntu user that likes Unity, this is certainly a worthwhile upgrade if you are OK with the shorter support. Unity may no longer have a future, but version 7 will continue to be supported — for a while, at least. Read more of this story at Slashdot.

Excerpt from:
Ubuntu 17.04 ‘Zesty Zapus’, Featuring Unity, Now Available To Download

Microsoft Edge Beats Chrome By Over Three Hours In New Battery Usage Test

An anonymous reader writes: With the launch of the Windows 10 Creators Update and Edge 40 (EdgeHTML 15), Microsoft has released a new battery usage test that, naturally, trashes the company’s competition. This new test shows that Edge uses less power than both Chrome 57 and Firefox 52, and is bound to draw a response from its competition, especially Google, who doesn’t like it when Microsoft takes a jab at Chrome’s efficiency. The same thing happened last year, in June, when a similar test showcasing Edge’s longer battery life was met with responses from both Google and Opera. The most recent tests were performed for the launch of Windows 10 Creators Update. Two tests were carried out until a laptop’s battery gave out. For each browser, a minimum of 16 iterations were recorded per test. The first test measured normal browsing performance and the second ran a looped Vimeo fullscreen video. In the normal browsing performance test, Microsoft claims Edge used 31% less power than Chrome 57, and 44% less power than Firefox 52. In the second test, Edge played a looped Vimeo video in fullscreen for 751 minutes (12:31:08), while Chrome lasted 557 minutes (9:17:03) and Firefox for only 424 minutes (7:04:19). That’s a whopping three hours over Chrome, and five hours above Firefox. Read more of this story at Slashdot.

See the original post:
Microsoft Edge Beats Chrome By Over Three Hours In New Battery Usage Test

Boeing Expects To Save Millions In Dreamliner Costs Using 3D-Printed Titanium Parts

According to Reuters, Boeing has hired Norsk Titanium AS to print titanium parts for its 787 Dreamliner, paving the way to cost savings of $2 million to $3 million for each plane. The 3D-printed metal parts will replace pieces made with more expensive traditional manufacturing, thus making the 787 more profitable. From the report: Strong, lightweight titanium alloy is seven times more costly than aluminum, and accounts for about $17 million of the cost of a $265 million Dreamliner, industry sources say. Boeing has been trying to reduce titanium costs on the 787, which requires more of the metal than other models because of its carbon-fiber composite fuselage and wings. Titanium also is used extensively on Airbus Group SE’s rival A350 jet. Norsk worked with Boeing for more than a year to design four 787 parts and obtain Federal Aviation Administration certification for them, Chip Yates, Norsk Titanium’s vice president of marketing, said. Norsk expects the U.S. regulatory agency will approve the material properties and production process for the parts later this year, which would “open up the floodgates” and allow Norsk to print thousands of different parts for each Dreamliner, without each part requiring separate FAA approval, Yates said. Norsk said that initially it will print in Norway, but is building up a 67, 000-square-foot (6, 220-square-meter) facility in Plattsburgh in upstate New York, where it aims to have nine printers running by year-end. Read more of this story at Slashdot.

Original post:
Boeing Expects To Save Millions In Dreamliner Costs Using 3D-Printed Titanium Parts

New ‘Spray-On’ Memory Could Turn Everyday Items Into Digital Storage Devices

Researchers at Duke University have developed “spray-on” digital memory using only an aerosol jet printer and nanoparticle inks. An anonymous reader quotes Duke Today: The device, which is analogous to a 4-bit flash drive, is the first fully-printed digital memory that would be suitable for practical use in simple electronics such as environmental sensors or RFID tags. And because it is jet-printed at relatively low temperatures, it could be used to build programmable electronic devices on bendable materials like paper, plastic or fabric… The new material, made of silica-coated copper nanowires encased in a polymer matrix, encodes information not in states of charge but instead in states of resistance. By applying a small voltage, it can be switched between a state of high resistance, which stops electric current, and a state of low resistance, which allows current to flow. And, unlike silicon, the nanowires and the polymer can be dissolved in methanol, creating a liquid that can be sprayed through the nozzle of a printer. Amazingly, its write speed is three microseconds, “rivaling the speed of flash drives.” The information can be re-written many times, and the stored data can last for up to 10 years. Read more of this story at Slashdot.

See the article here:
New ‘Spray-On’ Memory Could Turn Everyday Items Into Digital Storage Devices

Google Accused of ‘Extreme’ Gender Pay Discrimination By US Labor Department

The U.S. Department of Labor is accusing Google of discriminating against its female employees and violating federal employment laws with its salaries for women. “We found systemic compensation disparities against women pretty much across the entire workforce, ” Janette Wipper, a Department of Labor regional director, testified in court in San Francisco on Friday. The Guardian reports: Google strongly denied the accusations of inequities, claiming it did not have a gender pay gap. The allegations emerged at a hearing in federal court as part of a lawsuit the DoL filed against Google in January, seeking to compel the company to provide salary data and documents to the government. Google is a federal contractor, which means it is required to allow the DoL to inspect and copy records and information about its its compliance with equal opportunity laws. Last year, the department’s office of federal contract compliance programs requested job and salary history for Google employees, along with names and contact information, as part of the compliance review. Google, however, repeatedly refused to hand over the data, which was a violation of its contractual obligations with the federal government, according to the DoL’s lawsuit. Labor officials detailed the government’s discrimination claims against Google at the Friday hearing while making the case for why the company should be forced to comply with the DoL’s requests for documents. Wipper said the department found pay disparities in a 2015 snapshot of salaries and said officials needed earlier compensation data to evaluate the root of the problem and needed to be able to confidentially interview employees. Read more of this story at Slashdot.

Read More:
Google Accused of ‘Extreme’ Gender Pay Discrimination By US Labor Department

Public Crowd-sourcing Finds New Exoplanets

brindafella writes: A participant in a TV program “Stargazing Live” on Australia’s ABC TV channel has found four planets closely orbiting a star, using an online database. Astrophysicist Dr Chris Lintott, the principal investigator of Zooniverse, reported on Thursday’s show that four “Super Earth” planets had been identified in the data. They orbit closer to their star than Mercury does to our Sun. The person responsible for the find, Andrew Grey, is a mechanic by day and amateur astronomer in his spare time, and lives in the city of Darwin, Northern Territory. The data is sourced from NASA’s Kepler Space Telescope. “Stargazing Live” host Professor Brian Cox said he could not be more excited about the discovery. “In the seven years I’ve been making Stargazing Live this is the most significant scientific discovery we’ve ever made. The results are astonishing.” Read more of this story at Slashdot.

Read the article:
Public Crowd-sourcing Finds New Exoplanets

New Destructive Malware Intentionally Bricks IoT Devices

An anonymous reader writes: “A new malware strain called BrickerBot is intentionally bricking Internet of Things (IoT) devices around the world by corrupting their flash storage capability and reconfiguring kernel parameters. The malware spreads by launching brute-force attacks on IoT (BusyBox-based) devices with open Telnet ports. After BrickerBot attacks, device owners often have to reinstall the device’s firmware, or in some cases, replace the device entirely. Attacks started on March 20, and two versions have been seen. One malware strain launches attacks from hijacked Ubiquiti devices, while the second, more advanced, is hidden behind Tor exit nodes. Several security researchers believe this is the work of an internet vigilante fed up with the amount of insecure IoT devices connected to the internet and used for DDoS attacks. “Wow. That’s pretty nasty, ” said Cybereason security researcher Amit Serper after Bleeping Computer showed him Radware’s security alert. “They’re just bricking it for the sake of bricking it. [They’re] deliberately destroying the device.” Read more of this story at Slashdot.

Taken from:
New Destructive Malware Intentionally Bricks IoT Devices

JetBlue and Boeing Are Betting Big On Electric Jet Startup ‘Zunem Aero’

A new startup called Zunum Aero is aiming to reinvent how users travel short distances, such as from San Francisco to Los Angeles. “The Kirkland, Washington-based company plans to build a fleet of hybrid electric jets to sell to major carriers for service on densely traveled regional routes like San Francisco to Los Angeles or Boston to Washington, DC, “reports The Verge. Two aviation giants, Boeing and JetBlue, are reportedly backing the startup. From the report: Lower operating costs (i.e., no fueling) will allow carriers to reduce fares by 40 to 80 percent, they predict. And by flying a smaller aircraft that would be subject to fewer TSA regulations, Zunum claims it will take less time to go through security before boarding one of its planes. Zunum aims to build several models of hybrid-electric propulsion jets. At launch, its first class of aircraft will be tiny, in the 10-15 foot range, with a 10-passenger capacity and a range of up to 700 miles on a single charge. (Think San Francisco to Portland or Atlanta to DC.) Those planes can be expected to roll off the assembly line by the early 2020s, the company’s CEO Ashish Kumar told The Verge. By the 2030s, as electric battery technology improves, Zunum hopes to build larger aircraft that can carry up to 50 passengers and travel up to 1, 000 miles on a single charge. (Think Seattle to LA or Boston to Jacksonville, Florida.) Zunum’s aircraft will feature hybrid electric motors with the capacity to accept recharging power from a variety of sources. Because airplanes are typically kept in service for up to 30 years, Kumar says its important for Zunum’s aircraft to be future proof. That means designing them to be compatible with future battery designs and range-extending generators, with an eye toward ultimately switching from hybrid propulsion to fully electric motors once the technology catches up. Read more of this story at Slashdot.

Continued here:
JetBlue and Boeing Are Betting Big On Electric Jet Startup ‘Zunem Aero’