linkedin – Page 6 – Tech Today w/ Ken May

Sensitive Personal Information of 246,000 DHS Employees Found on Home Computer

The sensitive personal information of 246, 000 Department of Homeland Security employees was found on the home computer server of a DHS employee in May, according to documents obtained by USA TODAY. From the report: Also discovered on the server was a copy of 159, 000 case files from the inspector general’s investigative case management system, which suspects in an ongoing criminal investigation intended to market and sell, according to a report sent by DHS Inspector General John Roth on Nov. 24 to key members of Congress. The information included names, Social Security numbers and dates of birth, the report said. The inspector general’s acting chief information security officer reported the breach to DHS officials on May 11, while IG agents reviewed the details. Acting DHS Secretary Elaine Duke decided on Aug. 21 to notify affected employees who were employed at the department through the end of 2014 about the breach. Read more of this story at Slashdot.

Read this article:
Sensitive Personal Information of 246,000 DHS Employees Found on Home Computer

Linux Pioneer Munich Confirms Switch To Windows 10

The German city of Munich, once seen as a open-source pioneer, has decided to return to Windows. Windows 10 will be rolled out to about 29, 000 PCs at the city council, a major shift for an authority that has been running Linux for more than a decade. From a report: Back in 2003 the council decided to to switch to a Linux-based desktop, which came to be known as LiMux, and other open-source software, despite heavy lobbying by Microsoft. But now Munich will begin rolling out a Windows 10 client from 2020, at a cost of about Euro 50m ($59.6m), with a view to Windows replacing LiMux across the council by early 2023. Politicians who supported the move at a meeting of the full council today say using Windows 10 will make it easier to source compatible applications and hardware drivers than it has been using a Linux-based OS, and will also reduce costs associated with running Windows and LiMux PCs side-by-side. Read more of this story at Slashdot.

More:
Linux Pioneer Munich Confirms Switch To Windows 10

Firefox Quantum Is ‘Better, Faster, Smarter than Chrome’, Says Wired

Wired’s senior staff writer David Pierce says Firefox Quantum “feels like a bunch of power users got together and built a browser that fixed all the little things that annoyed them about other browsers.” The new Firefox actually manages to evolve the entire browser experience, recognizing the multi-device, ultra-mobile lives we all lead and building a browser that plays along. It’s a browser built with privacy in mind, automatically stopping invisible trackers and making your history available to you and no one else. It’s better than Chrome, faster than Chrome, smarter than Chrome. It’s my new go-to browser. The speed thing is real, by the way. Mozilla did a lot of engineering work to allow its browser to take advantage of all the multi-core processing power on modern devices, and it shows… I routinely find myself with 30 or 40 tabs open while I’m researching a story, and at that point Chrome effectively drags my computer into quicksand. So far, I haven’t been able to slow Firefox Quantum down at all, no matter how many tabs I use… [But] it’s the little things, the things you do with and around the web pages themselves, that make Firefox really work. For instance: If you’re looking at a page on your phone and want to load that same page on your laptop, you just tap “Send to Device, ” pick your laptop, and it opens and loads in the background as if it had always been there. You can save pages to a reading list, or to the great read-it-later service Pocket (which Mozilla owns), both with a single tap… Mozilla has a huge library of add-ons, and if you use the Foxified extension, you can even run Chrome extensions in Firefox. Best I can tell, there’s nothing you can do in Chrome that you can’t in Firefox. And Firefox does them all faster. I’ve noticed that when you open a new tab in Chrome’s mobile version, it forces you to also see news headlines that Google picked out for you. But how about Slashdot’s readers? Chrome, Firefox — or undecided? Read more of this story at Slashdot.

Link:
Firefox Quantum Is ‘Better, Faster, Smarter than Chrome’, Says Wired

Over 400 of the World’s Most Popular Websites Record Your Every Keystroke

An anonymous reader quotes a report from Motherboard: The idea of websites tracking users isn’t new, but research from Princeton University released last week indicates that online tracking is far more invasive than most users understand. In the first installment of a series titled “No Boundaries, ” three researchers from Princeton’s Center for Information Technology Policy (CITP) explain how third-party scripts that run on many of the world’s most popular websites track your every keystroke and then send that information to a third-party server. Some highly-trafficked sites run software that records every time you click and every word you type. If you go to a website, begin to fill out a form, and then abandon it, every letter you entered in is still recorded, according to the researchers’ findings. If you accidentally paste something into a form that was copied to your clipboard, it’s also recorded. These scripts, or bits of code that websites run, are called “session replay” scripts. Session replay scripts are used by companies to gain insight into how their customers are using their sites and to identify confusing webpages. But the scripts don’t just aggregate general statistics, they record and are capable of playing back individual browsing sessions. The scripts don’t run on every page, but are often placed on pages where users input sensitive information, like passwords and medical conditions. Most troubling is that the information session replay scripts collect can’t “reasonably be expected to be kept anonymous, ” according to the researchers. Read more of this story at Slashdot.

iMac Pro Will Have An A10 Fusion Coprocessor For ‘Hey, Siri’ Support and More Secure Booting, Says Report

According to Apple firmware gurus Steven Troughton-Smith and Guilherme Rambo, the upcoming iMac Pro will feature an A10 Fusion coprocessor to enable two interesting new features. “The first is the ability for the iMac Pro to feature always-on ‘Hey, Siri’ voice command support, similar to what’s currently available on more recent iPhone devices, ” reports The Verge. “[T]he bigger implication of the A10 Fusion is for a less user-facing function, with Apple likely to use the coprocessor to enable SecureBoot on the iMac Pro.” From the report: In more practical terms, it means that Apple will be using the A10 Fusion chip to handle the initial boot process and confirm that software checks out, before passing things off to the regular x86 Intel processor in your Mac. It’s not something that will likely change how you use your computer too much, like the addition of “Hey, Siri” support will, but it’s a move toward Apple experimenting with an increased level of control over its software going forward. Read more of this story at Slashdot.

View original post here:
iMac Pro Will Have An A10 Fusion Coprocessor For ‘Hey, Siri’ Support and More Secure Booting, Says Report

Boeing 757 Testing Shows Airplanes Vulnerable To Hacking, DHS Says

schwit1 shares a report from Aviation Today: A team of government, industry and academic officials successfully demonstrated that a commercial aircraft could be remotely hacked in a non-laboratory setting last year, a DHS official said Wednesday at the 2017 CyberSat Summit in Tysons Corner, Virginia. “We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration. [Which] means I didn’t have anybody touching the airplane, I didn’t have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft.” Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft’s systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, “you can come to grips pretty quickly where we went” on the aircraft. Patching avionics subsystem on every aircraft when a vulnerability is discovered is cost prohibitive, Hickey said. The cost to change one line of code on a piece of avionics equipment is $1 million, and it takes a year to implement. For Southwest Airlines, whose fleet is based on Boeing’s 737, it would “bankrupt” them. Hickey said newer models of 737s and other aircraft, like Boeing’s 787 and the Airbus Group A350, have been designed with security in mind, but that legacy aircraft, which make up more than 90% of the commercial planes in the sky, don’t have these protections. Read more of this story at Slashdot.

Read the original:
Boeing 757 Testing Shows Airplanes Vulnerable To Hacking, DHS Says

Study Finds SpaceX Investment Saved NASA Hundreds of Millions

schwit1 shares a report from Popular Mechanics: When a SpaceX Dragon spacecraft connected with the International Space Station on May 25, 2012, it made history as the first privately-built spacecraft to reach the ISS. The Dragon was the result of a decision 6 years prior — in 2006, NASA made an “unprecedented” investment in SpaceX technology. A new financial analysis shows that the investment has paid off, and the government found one of the true bargains of the 21st century when it invested in SpaceX. A new research paper by Edgar Zapata, who works at Kennedy Space Center, looks closely at the finances of SpaceX and NASA. “There were indications that commercial space transportation would be a viable option from as far back as the 1980s, ” Zapata writes. “When the first components of the ISS were sent into orbit 1998, NASA was focused on “ambitious, large single stage-to-orbit launchers with large price tags to match.” For future commercial crew missions sending astronauts into space, Zapata estimates that it will cost $405 million for a SpaceX Dragon crew deployment of 4 and $654 million for a Boeing Starliner, which is scheduled for its first flight in 2019. That sounds like a lot, and it is, but Zapata estimates that its only 37 to 39 percent of what it would have cost the government. Read more of this story at Slashdot.

Follow this link:
Study Finds SpaceX Investment Saved NASA Hundreds of Millions

Text Adventure Competition Reports A 36% Spike In Entries

There’s just four days left to vote for the winner of the 23rd Annual Interactive Fiction Competition. An anonymous reader writes: This year’s contest set a record, drawing 79 new text adventures — 36% more entries than the previous year’s 58. All of this year’s games are available online, furthering the competition’s goal of “making them freely available in order to encourage the creation, play, and discussion of interactive fiction.” (And they’re also available in a 236-megabyte .zip archive.) Each game’s developer is competing for $4, 800 in cash prizes, to be shared among everyone who finishes in the top two-thirds (including a $247 prize to the first-place winner). Authors of the top-rated games will also get to choose from a 38-prize pool (which includes another $200 cash prize donated by Asymmetric Publications, as well as a “well-loved” used Wii console). But the most important thing is there’s a bunch of fun new text adventures to play. Reviews are already appearing online, lovingly collected by the Interactive Fiction Wiki. And one game designer even livestreamed their text adventure-playing on Twitch. Read more of this story at Slashdot.

View the original here:
Text Adventure Competition Reports A 36% Spike In Entries

Windows 10’s Version ofd AirDrop Lets You Quickly Share Files Between PCs

Microsoft is testing its “Near Share” feature of Windows 10 in the latest Insider build (17035) today, which will let Windows 10 PCs share documents or photos to PCs nearby via Bluetooth. The Verge reports: A new Near Share option will be available in the notification center, and the feature can be accessed through the main share function in Windows 10. Files will be shared wirelessly, and recipients will receive a notification when someone is trying to send a file. Microsoft’s addition comes just a day after Google unveiled its own AirDrop-like app for Android. Read more of this story at Slashdot.

View article:
Windows 10’s Version ofd AirDrop Lets You Quickly Share Files Between PCs

MINIX: Intel’s Hidden In-chip Operating System

Steven J. Vaughan-Nichols, writing for ZDNet: Matthew Garrett, the well-known Linux and security developer who works for Google, explained recently that, “Intel chipsets for some years have included a Management Engine [ME], a small microprocessor that runs independently of the main CPU and operating system. Various pieces of software run on the ME, ranging from code to handle media DRM to an implementation of a TPM. AMT [Active Management Technology] is another piece of software running on the ME.” At a presentation at Embedded Linux Conference Europe, Ronald Minnich, a Google software engineer reported that systems using Intel chips that have AMT, are running MINIX. So, what’s it doing in Intel chips? A lot. These processors are running a closed-source variation of the open-source MINIX 3. We don’t know exactly what version or how it’s been modified since we don’t have the source code. In addition, thanks to Minnich and his fellow researchers’ work, MINIX is running on three separate x86 cores on modern chips. There, it’s running: TCP/IP networking stacks (4 and 6), file systems, drivers (disk, net, USB, mouse), web servers. MINIX also has access to your passwords. It can also reimage your computer’s firmware even if it’s powered off. Let me repeat that. If your computer is “off” but still plugged in, MINIX can still potentially change your computer’s fundamental settings. And, for even more fun, it “can implement self-modifying code that can persist across power cycles.” So, if an exploit happens here, even if you unplug your server in one last desperate attempt to save it, the attack will still be there waiting for you when you plug it back in. How? MINIX can do all this because it runs at a fundamentally lower level. According to Minnich, “there are big giant holes that people can drive exploits through.” He continued, “Are you scared yet? If you’re not scared yet, maybe I didn’t explain it very well, because I sure am scared.” Also read: Andrew S. Tanenbaum’s (a professor of Computer Science at Vrije Universiteit) open letter to Intel. Read more of this story at Slashdot.

View original post here:
MINIX: Intel’s Hidden In-chip Operating System