Feed aggregator

Windows XP PCs Infected By WannaCry Can Be Decrypted Without Paying Ransom

Slashdot -

An anonymous reader quotes a report from Ars Technica: Owners of some Windows XP computers infected by the WCry ransomware may be able to decrypt their data without making the $300 to $600 payment demand, a researcher said Thursday. Adrien Guinet, a researcher with France-based Quarkslab, has released software that he said allowed him to recover the secret decryption key required to restore an infected XP computer in his lab. The software has not yet been tested to see if it works reliably on a large variety of XP computers, and even when it does work, there are limitations. The recovery technique is also of limited value because Windows XP computers weren't affected by last week's major outbreak of WCry. Still, it may be helpful to XP users hit in other campaigns. "This software has only been tested and known to work under Windows XP," he wrote in a readme note accompanying his app, which he calls Wannakey. "In order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!"

Read more of this story at Slashdot.

agoradesign: How Drupal Commerce 2.x improved my skills

Drupal Planet -

Being one of the first early adopters of Drupal Commerce 2.x by starting our first project in early 2016 (on alpha2 version) and soon after a second one, I originally planned to write a blog post soon after beta1 gets published. Unfortunately I was too busy at that time....

A Quarter of IT Pros Find Their Job Very Stressful

Slashdot -

An anonymous reader writes: A new report from Spiceworks, entitled A Portrait of IT Workers, says 41 per cent of IT pros in the UK consider themselves "accidental" -- and that they ended up in their career via a "non-traditional" route. The report, which covers areas including the career plans and education levels of IT professionals, found that a third (33 per cent) of the UK's IT job force don't have a college or a university degree. [...] When it comes to working, British IT bods work 41 hours a week, "far above" the 31 hour average across all industries. Almost all (89 per cent) see themselves as "somewhat stressed" at work, with a quarter (26 per cent) reported being extremely stressed.

Read more of this story at Slashdot.

Tesla Factory Workers Reveal Pain, Injury and Stress: 'Everything Feels Like the Future But Us'

Slashdot -

Workers at Tesla's California car factory have been passing out and requiring rides in ambulances, the Guardian newspaper reported on Thursday. The conditions at the factory suggest the lengths the company is going to in order to meet its extremely ambitious production goals, and the tension employees feel between their pride in being part of the company and the stress and exhaustion the company's goals are causing them, according to the report. From the article: Ambulances have been called more than 100 times since 2014 for workers experiencing fainting spells, dizziness, seizures, abnormal breathing and chest pains, according to incident reports obtained by the Guardian. Hundreds more were called for injuries and other medical issues. In a phone interview about the conditions at the factory, which employs about 10,000 workers, the Tesla CEO conceded his workers had been "having a hard time, working long hours, and on hard jobs," but said he cared deeply about their health and wellbeing. His company says its factory safety record has significantly improved over the last year. Musk also said that Tesla should not be compared to major US carmakers and that its market capitalization, now more than $50bn, is unwarranted. "I do believe this market cap is higher than we have any right to deserve," he said, pointing out his company produces just 1% of GM's total output. "We're a money-losing company," Musk added. "This is not some situation where, for example, we are just greedy capitalists who decided to skimp on safety in order to have more profits and dividends and that kind of thing. It's just a question of how much money we lose. And how do we survive? How do we not die and have everyone lose their jobs?" The article also sheds light on the kind of manager Musk is. In early 2016, Musk slept on the factory floor in a sleeping bag "to make it the most painful thing possible. I knew people were having a hard time, working long hours, and on hard jobs. I wanted to work harder than they did, to put even more hours in," he was quoted as saying. "Because that's what I think a manager should do."

Read more of this story at Slashdot.

[$] The trouble with SMC-R

LWN Headlines -

Among the many features merged for the 4.11 kernel was the "shared memory communications over RDMA" (SMC-R) protocol from IBM. SMC-R is a high-speed data-center communications protocol that is claimed to be much more efficient than basic TCP sockets. As it turns out, though, the merging of this code was a surprise — and an unpleasant one at that — to a relevant segment of the kernel development community. This issue and the difficulties in resolving it are an indicator of how the increasingly fast-paced kernel development community can go off track.

'WannaCry Makes an Easy Case For Linux'

Slashdot -

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.

Read more of this story at Slashdot.

Families Will Spend More Than a Third of Summer Staring At Screens

Slashdot -

Reader BrianFagioli writes: A new survey reveals that families will spend more than a third of the 2017 summer season with their eyes glued to some sort of screen. To make matters worse, parents say that while they would prefer to do more activities away from devices, outings are far too expensive. A typical weekend family getaway with all things factored in, could average $2,328. Sadly, the overuse of "screens" are negatively impacting the health and behavior of children too. "With warmer weather finally arriving in most parts of the country and the school year winding down to a close, Groupon asked 1,000 U.S. parents how much time their families plan to spend on their electronic devices this summer -- and the results were staggering. The average American family will spend an average of 35 days of their summer, which is the equivalent of more than one-third, using their electronic devices. The survey, which was conducted for Groupon's Funtacular Fun Fest, found that the average child will watch an estimated 60 movies and play 150 hours of video games over the summer months," says Groupon.

Read more of this story at Slashdot.

Cisco To Cut 1,100 More Jobs Amid a Worse-Than-Expected Business Outlook

Slashdot -

Cisco said this week that it will cut an additional 1,100 employees as part of an expanded restructuring plan. From a report: The cuts come on top of the 5,500 job cuts, or 7 percent of its workforce, announced in August 2016, the enterprise technology company said. Cisco said it plans to recognize hundreds of millions of pretax charges related to the restructuring, which will end around the first quarter of the 2018 fiscal year.

Read more of this story at Slashdot.

Facebook Now Battles Clickbait On a Post-by-Post Basis

Slashdot -

Facebook is taking further steps to decrease the reach and prevalence of clickbait headlines on its social network. Facebook says it will target clickbait on an individual post level and not just by analyzing the bulk posts of a page. It will also look at two distinct signals: whether a headline "withholds information or if it exaggerates information separately." From a report: This should "more precisely" downplay the number of misleading stories cluttering your timeline, the social network says. Moreover, it's promising a more exacting approach when it looks at individual headlines. Until now, Facebook examined clickbait titles in a holistic way: it looked for both the exaggerated language ("you have to see this!") and deliberate attempts to withhold info ("eat this every day").

Read more of this story at Slashdot.

More Than 35,000 AT&T Workers Threaten Weekend Strike

Slashdot -

More than 35,000 AT&T workers plan to go on strike on Friday if they don't reach an agreement with the company for new contracts. From a report: The Communications Workers of America union said about 17,000 workers in AT&T's traditional wireline telephone and Internet business in Nevada and California who have been working without a contract for over a year would walk off the job on Friday afternoon for a three day strike if no deal is reached. On Tuesday, the union made a similar threat for 21,000 workers in AT&T's wireless business spread across 36 states and Washington, D.C. Workers are fed up with delays in the negotiations, Dennis Trainor, vice president of CWA District 1, said. "Now, AT&T is facing the possibility of closed stores for the first time ever," Trainor said. "Our demands are clear and have been for months: fair contract or strike. It's now in AT&T's hands to stand with workers or at 3pm Eastern Time on Friday workers will be off the job and onto picket lines across the country."

Read more of this story at Slashdot.

Net Neutrality Goes Down in Flames as FCC Votes To Kill Title II Rules

Slashdot -

As we feared yesterday, the rollback of net neutrality rules officially began today. The FCC voted along party lines today to formally consider Chairman Ajit Pai's plan to scrap the legal foundation for the rules and to ask the public for comments on the future of prohibitions on blocking, throttling and paid prioritization. ArsTechnica adds: The Federal Communications Commission voted 2-1 today to start the process of eliminating net neutrality rules and the classification of home and mobile Internet service providers as common carriers under Title II of the Communications Act. The Notice of Proposed Rulemaking (NPRM) proposes eliminating the Title II classification and seeks comment on what, if anything, should replace the current net neutrality rules. But Chairman Ajit Pai is making no promises about reinstating the two-year-old net neutrality rules that forbid ISPs from blocking or throttling lawful Internet content, or prioritizing content in exchange for payment. Pai's proposal argues that throttling websites and applications might somehow help Internet users.

Read more of this story at Slashdot.

App Maker's Code Stolen in Malware Attack

Slashdot -

Mac and iOS software developer Panic has had the source code for several of its apps stolen. An anonymous reader writes: Panic founder Steven Frank said in a blog post that it happened after he downloaded an infected copy of the video encoding tool Handbrake. He said there was no sign that any customer data was accessed and that Panic's web server was not affected. Users have been warned to download Panic's apps only from its website or the Apple App Store. Panic is the creator of web editing and file transfer apps Coda and Transmit, and the video game Firewatch. On May 2, Handbrake was hacked, with the Mac version of the app on one of the site's download servers replaced by a malicious copy. In what Mr Frank called "a case of extraordinarily bad luck", he downloaded the malicious version of Handbrake and launched it "without stopping to wonder why Handbrake would need admin privileges... when it hadn't before. And that was that, my Mac was completely, entirely compromised in three seconds or less."

Read more of this story at Slashdot.

Blair Wadman: End of life of Mollom. What can you use instead?

Drupal Planet -

Acquia has announced that they will be ending the life of Mollom. As of April 2018, they will no longer support the product.

You have over a year to find a replacement. I am currently using Mollom and planning on changing mine now. Chances are, if I don't, I'll forget to change it closer to the time!

Security updates for Thursday

LWN Headlines -

Security updates have been issued by Debian (shadow), Fedora (rpcbind), Gentoo (gst-plugins-bad and tomcat), Red Hat (ansible and openshift-ansible, openstack-heat, and Red Hat OpenStack Platform director), and Ubuntu (bash, FreeType, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, and linux-lts-xenial).

Humans Accidentally Made a Space Cocoon For Ourselves Out of Radio Waves

Slashdot -

An anonymous reader shares a Motherboard article: Humans have accidentally created a protective bubble around Earth by using very low frequency (VLF) radio transmissions to contact submarines in the ocean. It sounds nuts, but according to recent research published in Space Science Reviews, underwater communication through VLF channels has an outer space dimension. This video explainer, released by NASA on Wednesday, visualizes how radio waves wafting into space interact with the particles surrounding Earth, and influence their motion. Satellites in certain high-altitude orbits, such as NASA's particle-watching Van Allen Probes, have observed these VLF ripples creating an 'impenetrable boundary,' a phrase coined by study co-author Dan Baker, director of the University of Colorado's Laboratory for Atmospheric and Space Physics. This doesn't mean impenetrable to spacecraft or asteroids, per se, but rather to potentially harmful particle showers created by turbulent space weather.

Read more of this story at Slashdot.

EU Fines Facebook $122 Million Over Misleading Information On WhatsApp Deal

Slashdot -

On Thursday, the European Union's powerful antitrust chief fined Facebook 110 million euros, or about $122 million, for giving misleading statements during the company's $19 billion acquisition of the internet messaging service WhatsApp in 2014. From a report: During the review process, the EC discussed the possibility of Facebook matching its users' accounts with WhatsApp users' accounts, to which Facebook replied that it "would be unable to establish reliable automated matching" between the two. Since then, though, the company has found a way, and it seems pretty straightforward. Unhappy with this, the EC today revealed a "proportionate and deterrent fine." How it acts as a deterrent, however, is unclear. Facebook was at risk of a fine totalling 1 percent of its turnover, which would have been closer to 200 million euros, but the figure was lower due to its compliance during the investigation. "The commission has found that, contrary to Facebook's statements in the 2014 merger review process, the technical possibility of automatically matching Facebook and WhatsApp users' identities already existed in 2014, and that Facebook staff were aware of such a possibility," the EC said.

Read more of this story at Slashdot.

US and EU Reject Expanding Laptop Ban To Flights From Europe

Slashdot -

An anonymous reader writes: US and EU officials have decided against a ban on laptops and tablets in cabin baggage on flights from Europe. But after a four-hour meeting in Brussels to discuss the threats to aviation security, officials said other measures were still being considered. US officials had previously said they were looking into extending to Europe a ban on electronics on flights from eight mostly Muslim countries. The measure was introduced over fears a bomb could be concealed in a device. The meeting was requested by EU officials after recent reports suggested US authorities had new information regarding laptop parts being turned into explosives.

Read more of this story at Slashdot.

Any Half-Decent Hacker Could Break Into Mar-a-Lago

Slashdot -

MrCreosote writes: Properties owned and run by the Trump Organization, including places where Trump spends much of his time and has hosted foreign leaders, are a network security nightmare. From a report via ProPublica (co-published with Gizmodo): "We parked a 17-foot motor boat in a lagoon about 800 feet from the back lawn of The Mar-a-Lago Club in Palm Beach and pointed a 2-foot wireless antenna that resembled a potato gun toward the club. Within a minute, we spotted three weakly encrypted Wi-Fi networks. We could have hacked them in less than five minutes, but we refrained. A few days later, we drove through the grounds of the Trump National Golf Club in Bedminster, New Jersey, with the same antenna and aimed it at the clubhouse. We identified two open Wi-Fi networks that anyone could join without a password. We resisted the temptation. We have also visited two of President Donald Trump's other family-run retreats, the Trump International Hotel in Washington, D.C., and a golf club in Sterling, Virginia. Our inspections found weak and open Wi-Fi networks, wireless printers without passwords, servers with outdated and vulnerable software, and unencrypted login pages to back-end databases containing sensitive information. The risks posed by the lax security, experts say, go well beyond simple digital snooping. Sophisticated attackers could take advantage of vulnerabilities in the Wi-Fi networks to take over devices like computers or smart phones and use them to record conversations involving anyone on the premises."

Read more of this story at Slashdot.

Promet Source: Supporting Global Accessibility Awareness Day

Drupal Planet -

Thursday, May 18 2017 marks the sixth annual Global Accessibility Awareness Day (GAAD). The purpose of GAAD is to get everyone talking, thinking and learning about digital (web, software, mobile, etc.) access/inclusion and people with different disabilities. Promet Source is proud to support GAAD as we help our clients achieve equal access for all across their digital properties.

Pages

Subscribe to Heydon Consulting aggregator