Tag: entertainment

Intel Plans To Release Chips That Have Built-in Meltdown and Spectre Protections Later This Year

Intel plans to release chips that have built-in protections against the Spectre and Meltdown attacks later this year, company CEO Brian Krzanich said during company’s quarterly earnings call this week. From a report: The company has “assigned some of our very best minds” to work on addressing the vulnerability that’s exploited by those attacks, Krzanich said on a conference call following Intel’s quarterly earnings announcement. That will result in “silicon-based” changes to the company’s future chips, he said. “We’ve been working around clock” to address the vulnerability and attacks, Krzanich said. But, he added, “we’re acutely aware we have more to do.” Read more of this story at Slashdot.

See the original article here:
Intel Plans To Release Chips That Have Built-in Meltdown and Spectre Protections Later This Year

How a PhD Student Unlocked 1 Bitcoin Hidden In DNA

dmoberhaus writes: A 26-year-old Belgian PhD student named Sander Wuytz recently solved a 3-year-old puzzle that had locked the private key to 1 Bitcoin in a strand of synthetic DNA. Motherboard spoke with the student about how they managed to crack the puzzle, just days before it was set to expire. From the report: “As detailed by Nick Goldman, a researcher at the European Bioinformatics Institute, in his pioneering Nature paper on DNA storage, to encode information into DNA you take a text or binary file and rewrite it in base-3 (so rather than just ones and zeroes, there are zeroes, ones, and twos). This is then used to encode the data in the building blocks of life, the four nucleobases cytosine, thymine, adenine and guanine. As Wuyts explained to me, coding the data as nucleobases depended upon which nucleobase came before. So, for instance, if the previous base was adenine and the next pieces of data is a 0, it is coded as cytosine. If the next piece of data is a 1, it’s coded as guanine, and so on. After the data is encoded as synthetic DNA fragments, these fragments are used to identify and read the actual files stored in the DNA. In the case of the Bitcoin challenge, there were a total of nine files contained in the DNA fragments. The files were encrypted with a keystream, which is a random series of characters that is included with the actual plain text message to obfuscate its meaning. The keystream code had been provided by Goldman in a document explaining the competition. After running the code, Wuyts was able to combine the DNA fragments in the correct order to form one long piece of DNA. After working out some technical kinks, Wuyts was able to convert the DNA sequence into plain text, revealing the private key and unlocking the bitcoin (as well as some artefacts, including a drawing of James Joyce and the logo for the European Bioinformatics Institute). He had cracked the puzzle just five days before it was set to expire.” Read more of this story at Slashdot.

More:
How a PhD Student Unlocked 1 Bitcoin Hidden In DNA

Linux 4.15 Becomes Slowest Release Since 2011

An anonymous reader shares a report: Linus Torvalds has decided that Linux 4.15 needs a ninth release candidate, making it the first kernel release to need that much work since 2011. Torvalds flagged up the possibility of an extra release candidate last week, with the caveat that “it obviously requires this upcoming week to not come with any huge surprises” after “all the Meltdown and Spectre hoopla” made his job rather more complicated in recent weeks. Fast-forward another week and Torvalds has announced “I really really wanted to just release 4.15 today, but things haven’t calmed down enough for me to feel comfy about it.” Read more of this story at Slashdot.

Read this article:
Linux 4.15 Becomes Slowest Release Since 2011

We All Nearly Missed the Largest Underwater Volcano Eruption Ever Recorded

schwit1 quotes ScienceAlert: She was flying home from a holiday in Samoa when she saw it through the airplane window: a “peculiar large mass” floating on the ocean, hundreds of kilometres off the north coast of New Zealand. The Kiwi passenger emailed photos of the strange ocean slick to scientists, who realised what it was — a raft of floating rock spewed from an underwater volcano, produced in the largest eruption of its kind ever recorded. “We knew it was a large-scale eruption, approximately equivalent to the biggest eruption we’ve seen on land in the 20th Century, ” says volcanologist Rebecca Carey from the University of Tasmania, who’s co-led the first close-up investigation of the historic 2012 eruption. The incident, produced by a submarine volcano called the Havre Seamount, initially went unnoticed by scientists, but the floating rock platform it generated was harder to miss. Back in 2012, the raft — composed of pumice rock — covered some 400 square kilometres (154 square miles) of the south-west Pacific Ocean, but months later satellites recorded it dispersing over an area twice the size of New Zealand itself… for a sense of scale, think roughly 1.5 times larger than the 1980 eruption of Mount St. Helens — or 10 times the size of the 2010 Eyjafjallajokull eruption in Iceland. When an underwater robot first sent back detailed maps, one volcanologist remembers that “I thought the vehicle’s sonar was acting up… We saw all these bumps on the seafloor… It turned out that each bump was a giant block of pumice, some of them the size of a van.” Read more of this story at Slashdot.

More:
We All Nearly Missed the Largest Underwater Volcano Eruption Ever Recorded

Tesla Is Last In the Driverless Vehicle Race, Report Says

Navigant Research has compiled a new report on 19 companies working on automated driving systems, and surprisingly, Tesla came in last place. U.S. News & World Report: Navigant ranked the 19 major companies developing AV technology based on 10 criteria, including vision, market strategy, partnerships, production strategy, technology, product quality and staying power. According to the report, General Motors Co. and Waymo, the auto unit of Alphabet, are the top two AV investment opportunities in the market today. Tesla and Apple are the two biggest laggards in the AV race, according to Navigant’s rankings. Investors are acutely aware of Tesla’s production and distribution disadvantages compared to legacy automakers like GM, but Navigant is also highly critical of Tesla’s technology. “The autopilot system on current products has stagnated and, in many respects, regressed since it was first launched in late 2015, ” Navigant says in the report, according to Ars Technica. “More than one year after launching V2, Autopilot still lacks some of the functionality of the original, and there are many anecdotal reports from owners of unpredictable behavior.” Read more of this story at Slashdot.

Read the original:
Tesla Is Last In the Driverless Vehicle Race, Report Says

Apple Gives Employees $2,500 Bonuses After New Tax Law

Apple told employees that it’s issuing a bonus of $2, 500 of restricted stock units, following the introduction of the new U.S. tax law. “The iPhone maker will begin issuing grants to most employees worldwide in the coming months, ” reports Bloomberg. Apple also announced today that it would bring back most of its cash from overseas and spend $30 billion in the U.S. over the next five years. From the report: Apple confirmed the bonuses in response to a Bloomberg inquiry Wednesday. The Cupertino, California-based company joins a growing list of American businesses that have celebrated the introduction of corporate-friendly tax law with one-time bonuses for staff. AT&T, Comcast, JetBlue, and Wal-Mart also said they were giving bonuses. Read more of this story at Slashdot.

More:
Apple Gives Employees $2,500 Bonuses After New Tax Law

‘Very High Level of Confidence’ Russia Used Kaspersky Software For Devastating NSA Leaks

bricko shares a report from Yahoo Finance: Three months after U.S. officials asserted that Russian intelligence used popular antivirus company Kaspersky to steal U.S. classified information, there are indications that the alleged espionage is related to a public campaign of highly damaging NSA leaks by a mysterious group called the Shadow Brokers. In August 2016, the Shadow Brokers began leaking classified NSA exploit code that amounted to hacking manuals. In October 2017, U.S. officials told major U.S. newspapers that Russian intelligence leveraged software sold by Kaspersky to exfiltrate classified documents from certain computers. (Kaspersky software, like all antivirus software, requires access to everything stored on a computer so that it can scan for malicious software.) And last week the Wall Street Journal reported that U.S. investigators “now believe that those manuals [leaked by Shadow Brokers] may have been obtained using Kaspersky to scan computers on which they were stored.” Members of the computer security industry agree with that suspicion. “I think there’s a very high level of confidence that the Shadow Brokers dump was directly related to Kaspersky … and it’s very much attributable, ” David Kennedy, CEO of TrustedSec, told Yahoo Finance. “Unfortunately, we can only hear that from the intelligence side about how they got that information to see if it’s legitimate.” Read more of this story at Slashdot.

See more here:
‘Very High Level of Confidence’ Russia Used Kaspersky Software For Devastating NSA Leaks

Lenovo Discovers and Removes Backdoor In Networking Switches

An anonymous reader writes: Lenovo engineers have discovered a backdoor in the firmware of RackSwitch and BladeCenter networking switches. The company released firmware updates last week. The Chinese company said it found the backdoor after an internal security audit of firmware for products added to its portfolio following the acquisitions of other companies. Lenovo says the backdoor affects only RackSwitch and BladeCenter switches running ENOS (Enterprise Network Operating System). The backdoor was added to ENOS in 2004 when ENOS was maintained by Nortel’s Blade Server Switch Business Unit (BSSBU). Lenovo claims Nortel appears to have authorized the addition of the backdoor “at the request of a BSSBU OEM customer.” In a security advisory regarding this issue, Lenovo refers to the backdoor under the name of “HP backdoor.” The backdoor code appears to have remained in the firmware even after Nortel spun BSSBU off in 2006 as BLADE Network Technologies (BNT). The backdoor also remained in the code even after IBM acquired BNT in 2010. Lenovo bought IBM’s BNT portfolio in 2014. Read more of this story at Slashdot.

See more here:
Lenovo Discovers and Removes Backdoor In Networking Switches

AMD Is Releasing Spectre Firmware Updates To Fix CPU Vulnerabilities

An anonymous reader quotes a report from The Verge: AMD’s initial response to the Meltdown and Spectre CPU flaws made it clear “there is a near zero risk to AMD processors.” That zero risk doesn’t mean zero impact, as we’re starting to discover today. “We have defined additional steps through a combination of processor microcode updates and OS patches that we will make available to AMD customers and partners to further mitigate the threat, ” says Mark Papermaster, AMD’s chief technology officer. AMD is making firmware updates available for Ryzen and EPYC owners this week, and the company is planning to update older processors “over the coming weeks.” Like Intel, these firmware updates will be provided to PC makers, and it will be up to suppliers to ensure customers receive these. AMD isn’t saying whether there will be any performance impacts from applying these firmware updates, nor whether servers using EPYC processors will be greatly impacted or not. AMD is also revealing that its Radeon GPU architecture isn’t impacted by Meltdown or Spectre, simply because those GPUs “do not use speculative execution and thus are not susceptible to these threats.” AMD says it plans to issue further statements as it continues to develop security updates for its processors. Read more of this story at Slashdot.

Original post:
AMD Is Releasing Spectre Firmware Updates To Fix CPU Vulnerabilities

After Intel ME, Researchers Find Security Bug In AMD’s SPS Secret Chip-on-Chip

An anonymous reader writes: AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. This component, formerly known as AMD PSP (Platform Security Processor), is a chip-on-chip security system, similar to Intel’s much-hated Management Engine (ME). Just like Intel ME, the AMD Secure Processor is an integrated coprocessor that sits next to the real AMD64 x86 CPU cores and runs a separate operating system tasked with handling various security-related operations. The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME. Read more of this story at Slashdot.

Read the original:
After Intel ME, Researchers Find Security Bug In AMD’s SPS Secret Chip-on-Chip