Government

Obama Authorized a Secret Cyber Operation Against Russia, Says Report (engadget.com) 4

Jessica Conditt reports via Engadget: President Barack Obama learned of Russia's attempts to hack U.S. election systems in early August 2016, and as intelligence mounted over the following months, the White House deployed secrecy protocols it hadn't used since the 2011 raid on Osama bin Laden's compound, according to a report by The Washington Post. Apparently, one of the covert programs Obama, the CIA, NSA and other intelligence groups eventually put together was a new kind of cyber operation that places remotely triggered "implants" in critical Russian networks, ready for the U.S. to deploy in the event of a pre-emptive attack. The downed Russian networks "would cause them pain and discomfort," a former U.S. official told The Post. The report says CIA director John Brennan, Obama and other officials had at least four "blunt" conversations with Russian officials about its cyber intrusions beginning August 4th. Obama confronted Vladimir Putin in person during a meeting of world leaders in China this past September, the report says, and his administration even sent Russia a warning through a secure channel originally designed to help the two countries avoid a nuclear strike. Moscow apparently responded one week later -- after the U.S. election -- denying the accusation.
Operating Systems

32TB of Windows 10 Internal Builds, Core Source Code Leak Online (theregister.co.uk) 52

According to an exclusive report via The Register, "a massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online." From the report: The data -- some 32TB of installation images and software blueprints that compress down to 8TB -- were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been exfiltrated from Microsoft's in-house systems since around March. The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code. Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels. In addition to this, hundreds of top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have been leaked along with copies of officially released versions.
Businesses

6 Female Founders Accuse VC Justin Caldbeck of Making Unwanted Advances (techcrunch.com) 88

An anonymous reader quotes a report from TechCrunch: Yesterday The Information reported on allegations made by half a dozen women working in the tech industry who say they have faced unwanted and inappropriate advances from Silicon Valley venture capitalist, Justin Caldbeck, co-founder and managing partner of Binary Capital. The women include Niniane Wang, co-creator of Google Desktop and a prior CTO of Minted; and Susan Ho and Leiti Hsu, co-founders of Journy, a travel planning and booking service. The Information also talked to three other women who said Caldbeck made inappropriate advances to them. It says these women did not want their names disclosed for fear of retaliation from the VC -- and because of wider concerns they might suffer a backlash from men in the industry who don't see inappropriate advances as a problem. Among the allegations made to The Information are that Caldbeck sent explicit text messages to women; that Caldbeck sent messages in the middle of the night suggesting meeting up; that Caldbeck suggested going to a hotel bedroom during a meeting; that Caldbeck made a proposition about having an open relationship; and that Caldbeck grabbed a woman's thigh under the table of a bar during a meeting. Several of the women reported finding Caldbeck's advances so awkward they gave up on continued dealings with him. In Caldbeck's initial statement, he "strongly" denied the allegations and claimed: "I have always enjoyed respectful relationships with female founders, business partners, and investors." However, in response to The Information's story, his tone changed significantly: "Obviously, I am deeply disturbed by these allegations. While significant context is missing from the incidents reported by The Information, I deeply regret ever causing anyone to feel uncomfortable. The fact is that I have been privileged to have worked with female entrepreneurs throughout my career and I sincerely apologize to anyone who I made uncomfortable by my actions. There's no denying this is an issue in the venture community, and I hate that my behavior has contributed to it." Caldbeck has since released a full statement to Axios, where he says he "will be taking an indefinite leave of absence from Binary Capital..."
China

Tesla Is 'In Talks' To Build a Factory In China (qz.com) 25

Tesla confirmed yesterday that it is "in talks" with the municipal government of Shanghai to manufacture its vehicles in the country. Tesla said in a statement: "Tesla is working with the Shanghai Municipal Government to explore the possibility of establishing a manufacturing facility in the region to serve the Chinese market. As we've said before, we expect to more clearly define our plans for production in China by the end of the year. Tesla is deeply committed to the Chinese market, and we continue to evaluate potential manufacturing sites around the globe to serve the local markets. While we expect most of our production to remain in the U.S., we do need to establish local factories to ensure affordability for the markets they serve." Quartz reports: The announcement follows more than a year of speculation that the electric-vehicle maker would set up shop in China, and confirms that Tesla is altering its China strategy away from merely exporting vehicles in order to reach more Chinese consumers. Earlier this year, Musk made a stealth visit to China to visit Wang Yang, one of the nation's highest-ranking officials, to discuss Tesla's plans. Tesla has been selling vehicles in China since 2014, but to date, its share of the electric vehicle market remains marginal, at just 2% as of June 2016, according to trade blog CleanTechnica. There are several reasons for this, one of which is price. Tesla currently exports its vehicles to China, and the government places an import tax of 50% on Tesla cars. The sticker price for the most simple Model S in China is $104,972, compared to $69,500 in the US.
Businesses

'Chiropractors Are Bullshit' (theoutline.com) 108

From an article on The Outline, submitted by two readers: If you're one of the approximately 80 percent of Americans who have suffered from back pain, you may have been referred to a chiropractor for medical help. In the modern-day internet landscape, you'll find chiropractic celebrities like Dr. Josh Axe (1.7 million Facebook followers), Dr. Billy DeMoss (20,000 Facebook followers), and Dr. Eric Berg (472,000 YouTube subscribers) giving advice that goes beyond managing spinal issues. Both in their offices and on social media, chiropractors have adapted to a marketplace that's demanding more than just pain management: they extol the virtues of an "alkaline diet," tell you how to manage stress with detoxing, and wax scientific about the adrenal gland. [...] Chiropractic care, I'm sorry to say, is little more than the buffoonery of a 19th-century lunatic who derived most of his medical theory from seances. It has not evolved much since its creation. Chiropractic beliefs are dangerously far removed from mainstream medicine, and the vocation's practices have been linked to strokes, herniated discs, and even death. Chiropractors can't replace your doctor, and I'm amazed that they're still even allowed to practice. [...] Though some chiropractors are now making an effort to introduce evidence-based practices into their treatment, chiropractic as a whole hasn't evolved like other areas of medicine -- with hypotheses, experimentation, and peer review. Instead, it was birthed by a strange combination of hocus pocus, guesswork, and strongly held religious beliefs.
Cellphones

Texting While Driving Now Legal In Colorado -- In Some Cases (kdvr.com) 57

Fines for texting and driving in Colorado have jumped to $300, but according to the fine print, the increased fine only applies to drivers who are texting in "a careless or imprudent manner." Therefore, drivers who are texting in any other manner are still within the law. FOX31 Denver reports: Before the new legislation, any texting while driving was illegal. Tim Lane of the Colorado District Attorney's Office confirmed the softening crackdown on all texting and driving. "The simple fact is that if you are texting while driving but not being careless, it's no longer illegal," he said. What constitutes "careless" driving is up to the discretion of each individual law enforcement officer. Cellphone use of any kind is still banned for drivers younger than 18. Teens caught with a phone in hand while driving will be slapped with a $50 fine.
Businesses

IT Services Company Wipro Forces 600 Employees To Work In Bed Bug Infested Office (11alive.com) 81

McGruber writes: Information Technology Services CorporationWipro's 600-employee call center in Chamblee, Georgia is in infected with bed bugs according to Atlanta television station 11Alive. The facilities manager admits there is a bed bug problem and it's been an issue since late May. Employees told the tv station that the bugs are all over the three floors -- and they're biting. But employees are being told they still must go to work. Kwanita Holmes sent 11Alive photos of what she said is a bed bug bite on her arm: "We're at work 8 hours a day and we're getting munched on all day," she said. Wipro said it's paying for in-home bed bug consultations and treatments for employees.
Network

WikiLeaks Doc Dump Reveals CIA Tools For Hacking Air-Gapped PCs (bleepingcomputer.com) 57

An anonymous reader writes: "WikiLeaks dumped today the manuals of several hacking utilities part of Brutal Kangaroo, a CIA malware toolkit for hacking into air-gapped (offline) networks using tainted USB thumb drives," reports Bleeping Computer. The CIA uses these tools as part of a very complex attack process, that allows CIA operatives to infect offline, air-gapped networks. The first stage of these attacks start with the infection of a "primary host," an internet-connected computer at a targeted company. Malware on this primary host automatically infects all USB thumb drives inserted into the machine. If this thumb drive is connected to computers on an air-gapped network, a second malware is planted on these devices. This malware is so advanced, that it can even create a network of hacked air-gapped PCs that talk to each other and exchange commands. To infect the air-gapped computers, the CIA malware uses LNK (shortcut) files placed on the USB thumb drive. Once the user opens and views the content of the thumb drive in Windows Explorer, his air-gapped PC is infected without any other interaction.
Youtube

YouTube Claims 1.5 Billion Monthly Users (cnbc.com) 41

An anonymous reader shares a report: Google's YouTube unit says it now reaches 1.5 billion viewers every month -- and its users watch more than an hour of mobile videos per day -- as it expands its video programming to sell more digital ads. YouTube CEO Susan Wojcicki also wrote that YouTube Red, the company's foray into original videos, has launched 37 series that have generated "nearly a quarter billion views." YouTube Red has 12 new projects in the works, she said.
Space

SpaceX Successfully Launches and Lands a Used Rocket For the Second Time (theverge.com) 66

SpaceX has successfully launched and landed a recycled Falcon 9 rocket for the second time. "The rocket's first stage -- the 14-story-tall core that houses the fuel and the rocket's main engines -- touched down on one of the company's autonomous drone ships in the Atlantic Ocean shortly after taking off from a launchpad at nearby Cape Canaveral, Florida," reports The Verge. From the report: This particular rocket previously flew in January, when it was used to put 10 satellites into orbit for communications company Iridium. The rocket then landed on a drone ship in the Pacific Ocean. SpaceX retrieved the rocket and spent the next few months refurbishing it in preparation for today's launch. This afternoon, it was used to launch Bulgaria's first communications satellite for TV service provider Bulsatcom. The landing wasn't easy, though. Because the rocket had to push BulgariaSat-1 to such a high orbit, the first stage experienced more force and heat during reentry than any other Falcon 9, according to a tweet from SpaceX CEO Elon Musk. Musk even warned that there was a "good chance [the] rocket booster doesn't make it back." Shortly after the landing, though, Musk returned to Twitter to add that the rocket booster used "almost all of the emergency crush core," which helps soften the landing.
The Internet

If You Can Decentralize the Internet, Mozilla Has $2 Million For You (cnet.com) 87

Mozilla and the National Science Foundation want a new internet. And they want it to be free and accessible for everybody. From a report: They'll pay $2 million for it. On Wednesday, the two organizations issued a call to action for "big ideas that decentralize the web" as part of the "Wireless Innovation for a Networked Society" challenges. The challenges include getting the internet to communities off the grid, with proposals like a backpack with a computer and Wi-Fi router inside.
Government

Victims Aren't Reporting Ransomware Attacks, FBI Report Concludes (bleepingcomputer.com) 71

Catalin Cimpanu, writing for BleepingComputer: Despite being an expanding threat, ransomware infections are rarely reported to law enforcement agencies, according to conclusions from the 2016 Internet Crime Report (PDF), released yesterday by the FBI's Internet Crime Complaint Center (IC3). During 2016, FBI IC3 officials said they received only 2,673 complaints regarding ransomware incidents, which ranked ransomware as the 22nd most reported cyber-crime in the US, having caused just over $2.4 million in damages (ranked 25th). The numbers are ridiculously small compared to what happens in the real world, where ransomware is one of today's most prevalent cyber-threats, according to multiple reports from cyber-security companies.
Security

Under Pressure, Western Tech Firms Including Cisco and IBM Bow To Russian Demands To Share Cyber Secrets (reuters.com) 100

An anonymous reader shares a Reuters report: Western technology companies, including Cisco, IBM and SAP, are acceding to demands by Moscow for access to closely guarded product security secrets, at a time when Russia has been accused of a growing number of cyber attacks on the West, a Reuters investigation has found. Russian authorities are asking Western tech companies to allow them to review source code for security products such as firewalls, anti-virus applications and software containing encryption before permitting the products to be imported and sold in the country. The requests, which have increased since 2014, are ostensibly done to ensure foreign spy agencies have not hidden any "backdoors" that would allow them to burrow into Russian systems. But those inspections also provide the Russians an opportunity to find vulnerabilities in the products' source code -- instructions that control the basic operations of computer equipment -- current and former U.S. officials and security experts said. [...] In addition to IBM, Cisco and Germany's SAP, Hewlett Packard Enterprise Co and McAfee have also allowed Russia to conduct source code reviews of their products, according to people familiar with the companies' interactions with Moscow and Russian regulatory records.
Businesses

Gwyneth Paltrow's Goop $120 'Bio-Frequency Healing' Sticker Packs Get Shot Down by NASA (fastcompany.com) 176

From a report: Goop had claimed the costly "Body Vibes" stickers were "made with the same conductive carbon material NASA uses to line space suits so they can monitor an astronaut's vitals during wear" and because of that were able to "target imbalances" of the human body's energy frequencies when they get thrown out of whack, reports Gizmodo. The thing is, NASA confirmed to Gizmodo that they "do not have any conductive carbon material lining the spacesuits" of astronauts. Further reading: The unbearable wrongness of Gwyneth Paltrow - The Outline.
Google

Google Will Stop Reading Your Emails For Gmail Ads (bloomberg.com) 65

Google will soon stop scanning emails received by some Gmail users, a practice that has allowed it to show them targeted advertising but which stirred privacy worries. From a report: The decision didn't come from Google's ad team, but from its cloud unit, which is angling to sign up more corporate customers. Alphabet's Google Cloud sells a package of office software, called G Suite, that competes with market leader Microsoft. Paying Gmail users never received the email-scanning ads like the free version of the program, but some business customers were confused by the distinction and its privacy implications, said Diane Greene, Google's senior vice president of cloud. "What we're going to do is make it unambiguous," she said. Ads will continue to appear inside the free version of Gmail, as promoted messages. But instead of scanning a user's email, the ads will now be targeted with other personal information Google already pulls from sources such as search and YouTube.

Slashdot Top Deals