China Confirms Its Space Station Is Falling Back to Earth

In a press conference on Wednesday, Chinese officials appear to have confirmed what many observers have long suspected: that China is no longer in control of its space station.

China’s Tiangong-1 space station has been orbiting the planet for about 5 years now, but recently it was decommissioned and the Chinese astronauts returned to the surface. In a press conference last week, China announced that the space station would be falling back to earth at some point in late 2017.

Source: China Confirms Its Space Station Is Falling Back to Earth

Stop Piracy? Legal Alternatives Beat Legal Threats, Research Shows

Threatening file-sharers with high fines or even prison sentences is not the best way to stop piracy. New research published by UK researchers shows that perceived risk has no effect on people’s file-sharing habits. Instead, the entertainment industries should focus on improving the legal options, so these can compete with file-sharing.

Source: Stop Piracy? Legal Alternatives Beat Legal Threats, Research Shows – TorrentFreak

The movie industry understood this better than the music industry. The music industry decided to try to sue everyone on the planet (including, funnily enough, themselves). The movie industry solution involved releasing movies on the same day globally, going to DVD faster after movies were out of the cinema and decreasing the price of DVDs (with them going on sale fairly quickly after). Netflix etc are also part of this flexible policy.

Microsoft deletes Windows 10 nagware from Windows 7 and 8

“This update removes the Get Windows 10 app and other software related to the Windows 10 free upgrade offer that expired on July 29, 2016,” Microsoft’s article says, advising that no action other than a restart will be required to do the deed.

Source: Microsoft deletes Windows 10 nagware from Windows 7 and 8

phew! I can start just updating my windows again now, without worrying about it suddenly becoming spyware for MS.

Some Lenovo PCs can’t run Linux

Linux users are worried that some of Lenovo’s PCs, such as variants of the Yoga 710 and Yoga 900, aren’t allowing them to install their preferred operating system. They note that the systems’ solid-state drives use a RAID mode that Linux doesn’t understand. That’s unpleasant enough, but Lenovo’s initial handling of complaints didn’t help. Its staff locked support forum threads discussing the topic, and a Lenovo Product Expert on Best Buy claims that a Yoga 900’s use of a pure, Signature Edition take on Windows 10 Home meant that it was “locked per our agreement with Microsoft.” If that was true, it’d be pretty damning — it’d suggest that at least some Signature Edition systems are purposefully set up to exclude non-Windows platforms.

Source: Some Lenovo PCs can’t run Linux (update: Microsoft response)

Ouch Lenovo!

MOD orders UK-designed mini missile decoy for RAF

The UK Ministry of Defence (MOD) has placed a £2.5 million order for UK-designed and built miniature decoys which will help to protect combat jets from missiles.

BriteCloud, which is similar in size and appearance to a beverage can, can be fired from an aircraft’s flare dispenser without the need for modification to the aircraft. Once deployed, it uses powerful radar emissions to disrupt systems within radar-guided air-to-air and surface-to-air missiles.

Source: MOD orders UK-designed mini missile decoy for RAF – News stories – GOV.UK

Metadata Investigation : Inside Hacking Team | Share Lab

A thourough and scary analysis of what you can do with just metadata, applied to the hacking team leak.

A great case for mistrusting metadata storage by anyone.

ORWL – The First Open Source, Physically Secure Computer

An open source, physically secure personal computer.

Source: ORWL – The First Open Source, Physically Secure Computer | Crowd Supply

System can read closed books

MIT researchers and their colleagues are designing an imaging system that can read closed books.

In the latest issue of Nature Communications, the researchers describe a prototype of the system, which they tested on a stack of papers, each with one letter printed on it. The system was able to correctly identify the letters on the top nine sheets.

“The Metropolitan Museum in New York showed a lot of interest in this, because they want to, for example, look into some antique books that they don’t even want to touch,”
The system uses terahertz radiation, the band of electromagnetic radiation between microwaves and infrared light, which has several advantages over other types of waves that can penetrate surfaces, such as X-rays or sound waves. Terahertz radiation has been widely researched for use in security screening, because different chemicals absorb different frequencies of terahertz radiation to different degrees, yielding a distinctive frequency signature for each. By the same token, terahertz frequency profiles can distinguish between ink and blank paper, in a way that X-rays can’t.

Terahertz radiation can also be emitted in such short bursts that the distance it has traveled can be gauged from the difference between its emission time and the time at which reflected radiation returns to a sensor. That gives it much better depth resolution than ultrasound.

The system exploits the fact that trapped between the pages of a book are tiny air pockets only about 20 micrometers deep. The difference in refractive index — the degree to which they bend light — between the air and the paper means that the boundary between the two will reflect terahertz radiation back to a detector.

Source: Judging a book through its cover | MIT News

Azure is on fire, your DNS is terrified

Microsoft Azure is wobbling all around the world at the moment, especially Azure DNS.

According to a status update on Microsoft’s site, the issues began around lunchtime, although there is no mention of when they are likely to be fixed.

Customers using Azure DNS in multiple regions are experiencing difficulties connecting to their goodies at the moment due to the mysterious issues affecting Microsoft’s cloud computing and infrastructure platform.

Azure proudly advertises itself as a global network of name servers using Anycast routing to provide “outstanding performance and availability” though such is not visible at the moment.

Engineers had only managed to identify “a possible underlying cause” as of the update and “are working to determine mitigation options.”

Azure DNS, which currently is still in preview, and is supported through community forums, allows customers to host their DNS domain in Azure, so they can manage their DNS records using the same credentials, billing and support contract as their other Azure services.

Also affected are users of SQL Database, App Service/Web Apps, API Management, Service Bus and Visual Studio Team services. ®

Source: Azure is on fire, your DNS is terrified

Ubuntu Torrent Removed from Google for ‘Infringing’ Transformers Movie – OMG! Ubuntu!

Cited in a DMCA takedown request filed against Google on behalf of Paramount Pictures, and spotted by TorrentFreak (and tipped to us by reader ~nonanonymous) is an innocuous link to a 32-bit alternate install image Ubuntu 12.04.2 LTS.

The takedown request seeks to remove links to a number of torrent URLS that are alleged to infringe on Paramount movie ‘Transformers: Age of Extinction‘.

Ubuntu clearly doesn’t. All it takes is a quick glance at the URL in question to see that. It’s very much a stock iso of an old Ubuntu release.

And yet Google has complied with the request and scrubbed the link to the page in question from its search index.

Source: Ubuntu Torrent Removed from Google for ‘Infringing’ Transformers Movie – OMG! Ubuntu!

The writers of this article don’t blame Google for this, citing the amounts of DMCA takedowns Google has to cope with, but Google did manage to not take down Warner Brothers automated DMCA

Nvidia’s faster, better GeForce Experience 3.0 launches with mandatory registration

Nvidia’s GeForce Experience 3.0 is better than ever before, but you need to sign up to use it.

Source: Nvidia’s faster, better GeForce Experience 3.0 launches with mandatory registration | PCWorld

Sigh. We buy their products already, so they don’t actually need to monetise our private lives 🙁

Lightweight, wearable tech efficiently converts body heat to electricity

Researchers have developed a new design for harvesting body heat and converting it into electricity for use in wearable electronics. The experimental prototypes are lightweight, conform to the shape of the body, and can generate far more electricity than previous lightweight heat harvesting technologies

Source: Lightweight, wearable tech efficiently converts body heat to electricity — ScienceDaily

MySQL can dish out root access if allowed to write config files

By creating config files you can escalate through the mysqld_safe script using malloc_lib

Source: Bad news: MySQL can dish out root access to cunning miscreants

Vectr – Free Vector Graphics Editor

Free vector graphics editor. A simple yet powerful web and desktop cross-platform tool for everyone.

Source: Vectr – Free Online Vector Graphics Editor

You don’t have to use the online version, you can also download the offline client.

Over 6 million ClixSense users compromised by data breach

ClixSense, a site which pays users to view ads and take surveys, was the victim of a massive data breach compromising around 6.6 million user accounts.

Usually when there’s a data breach of this size, the information stolen contains usernames, passwords, and some other personal information, but due to the nature of ClixSense and the service it provided, home addresses, payment histories, and other banking details have also been compromised.

Source: Reset those passwords — again: Over 6 million ClixSense users compromised by data breach

Russian Hackers Get Into World Anti-Doping Agency Data, Find Nothing Incriminating

Perhaps feeling a little bent out of shape about how much shit their country caught for running a massive, Cold War-style doping program for Olympic athletes, a group of Russian hackers have obtained confidential documents that they claim prove American Olympians are also big fat cheaters. The only problem is that the leaked documents don’t actually contain any evidence of cheating.

Source: Russian Hackers Get Into WADA Data, Find Nothing Incriminating

Google’s become an obsessive stalker and you can’t get a restraining order

The FCC has been formally regulating behavioural advertising since the 1990s. You’d think they’d be all over Google and Facebook, then, right? Actually, no. The FCC is now run by a former Obama fund-raiser, Tom Wheeler, and it can’t do enough for Silicon Valley, whether it’s collectivising songwriters rights or disaggregating TV.

What the FCC did this year, with little fanfare, was cripple telecoms companies and wireless networks from doing what Google and Facebook do. That’s a very odd decision. If behavioural advertising is so bad consumers need an opt-out, how come you can opt out of your ISP’s profiling, but not Google’s. How could that be?

Don’t count on “digital rights” groups to help you, dear citizen, when we discover that Google is funding them. Privacy lawsuits became cosy backroom carve-ups, with privacy NGOs greedy to pocket Google’s cash. Marc Rotenberg at EPIC is one of very few exceptions: the object to the conflict of interests raised by the cy pres settlements, that saw “digital rights” groups raise a privacy class action only to settle. Money laundering might be a better description.

Source: Google’s become an obsessive stalker and you can’t get a restraining order

Oddly enough, I had Google Maps ask me to take pictures of the restaurant I was in as a notification yesterday. That kind of freaked me out, as I wasn’t running maps at the time!

Users have reported battery life issues with the latest Android build, with many pointing the finger at Google Play – Google’s app store – and its persistent, almost obsessive need to check where you are.

Amid complaints that Google Play is always switching on GPS, it appears Google has made it impossible to prevent the app store from tracking your whereabouts unless you completely kill off location tracking for all applications.

You can try to deny Google Play access to your handheld’s location by opening the Settings app and digging through Apps -> Google Play Store -> Permissions, and flipping the switch for “location.” But you’ll be told you can’t just shut out Google Play services: you have to switch off location services for all apps if you want to block the store from knowing your whereabouts. It’s all or nothing, which isn’t particularly nice.

This is because Google Play services pass on your location to installed apps via an API. The store also sends your whereabouts to Google to process. Google doesn’t want you to turn this off.

It also encourages applications to become dependent on Google’s closed-source Play services, rather than use the interfaces in the open-source Android, thus ensuring that people continue to run Google Play on their devices.

Delete Google Maps? Go ahead, says Google, we’ll still track you

NL Gov gets rid of medical confidentiality

NO, there is no opt out! The Dutch government has passed a law allowing insurance companies to access medical files with a “suspicion of fraud” (whatever that is) and only have to tell the person who’s privacy has been infringed three months later.

Medical privacy is one of the last untouchable bastions of privacy, I would have thought, but no, it’s been smashed. Fuckheads.

Source: De Tweede Kamer heeft het medisch beroepsgeheim gisteren stilletjes afgeschaft

Someone Is Learning How to Take Down the Internet – Lawfare

Over the past year or two, someone has been probing the defenses of the companies that run critical pieces of the Internet. These probes take the form of precisely calibrated attacks designed to determine exactly how well these companies can defend themselves, and what would be required to take them down. We don’t know who is doing this, but it feels like a large a large nation state. China and Russia would be my first guesses.

Recently, some of the major companies that provide the basic infrastructure that makes the Internet work have seen an increase in DDoS attacks against them. Moreover, they have seen a certain profile of attacks. These attacks are significantly larger than the ones they’re used to seeing. They last longer. They’re more sophisticated. And they look like probing. One week, the attack would start at a particular level of attack and slowly ramp up before stopping. The next week, it would start at that higher point and continue. And so on, along those lines, as if the attacker were looking for the exact point of failure.

USB Killer – ESD Tester to test and disable USB devices

When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed. Simply put: used on unprotected equipment, the USB Killer instantly and permanently disables unprotected hardware.

Source: USB Killer – ESD Tester to test and disable USB devices

DeskDock – use your android device as a second PC monitor

DeskDock allows you to share your computer’s mouse with your Android devices via a USB cable. The app enables you to control your Android device as if it was an additional monitor for your computer. Simply move your computer’s mouse cursor over the screen boundaries to use it with your Android devices.

Source: DeskDock Free – Android Apps on Google Play

It’s just like synergy but for Android

Read the damning dossier on the security stupidity that let China ransack OPM’s systems

How hackers broke into millions of US govt personnel files

Source: Read the damning dossier on the security stupidity that let China ransack OPM’s systems

Scientists’ sneaky smartphone software steals 3D printer designs

By placing the smartphone next to a printer, if you know the type of printer, you can listen to it and hear what it’s printing. Then you can reassemble 94% of the original design.

Source: Scientists’ sneaky smartphone software steals 3D printer designs

Rosetta catches dusty organics

Rosetta’s dust-analysing COSIMA (COmetary Secondary Ion Mass Analyser) instrument has made the first unambiguous detection of solid organic matter in the dust particles ejected by Comet 67P/Churyumov-Gerasimenko, in the form of complex carbon-bearing molecules.

While organics had already been detected in situ on the comet’s surface by instruments on-board Philae and from orbit by Rosetta’s ROSINA , those were both in the form of gases resulting from the sublimation of ices. By contrast, COSIMA has made its detections in solid dust.

Their presence was only ever hinted at in previous comet missions, which flew by their targets at high speed and, as a result, disrupted the particles, making characterisation challenging. But Rosetta is orbiting Comet 67P/C-G and can catch dust particles moving at low speed.

“Our analysis reveals carbon in a far more complex form than expected,” remarked Hervé Cottin, one of the authors of the paper reporting the result that is published in Nature today. “It is so complex, we can’t give it a proper formula or a name!”

Source: Rosetta catches dusty organics

UK Gov is open about how much it spied on its’ citizens

145 public authorities acquired data in 2015, and most of these requests came from the UK’s police forces and law enforcement agencies. Law enforcement officers acquired 93.7 per cent of all data requested by public authorities in 2015. Only 5.7 per cent of data was acquired by the intelligence agencies, and a mere 0.6 by public authorities such as the Financial Conduct Authority, which have the statutory ability to investigate criminal offences.

0.1 per cent of requests came from local authorities such as councils.
1,199 errors

IOCCO conducted 72 inspections in 2015, looking at approximately 15,000 randomly selected applications for communications data in detail, with a further 117,000 applications being subjected to query-based examinations; IOCCO has an internally-developed query method on the records of applications to allow the office to “identify trends, patterns and compliance issues across large volumes of applications.”
A whopping 1,199 errors were reported in 2015, a 20 per cent increase year-on-year. IOCCO reported:

The main causes for the overall rise are a larger number of incorrect identifiers being submitted by applicants on their applications or, both applications and [Single Points of Contact] acquiring data over the incorrect date or time period. Once again we highlight that a significant number of these errors relate to Internet Protocol addresses being incorrectly resolves to subscribers, which can have serious consequences.

23 of these errors were considered “serious” in 2015; nine of them caused by technical system errors and 14 were attributed to human error. The nine technical system errors resulted in “multiple consequences and a large number of erroneous disclosures (2036)” while the human errors were not dissimilar to those reported by IOCCO last year, in which a typo led to a police force raiding the wrong house.

There were 17 search warrants executed at the wrong premises in 2015, which resulted in 13 arrests, although IOCCO did not give any more details on the circumstances of those. Six of those serious consequences involved people unconnected to the investigations being “visited” by police, and on seven occasions—as happened last year—welfare checks on vulnerable people, including children, were delayed.

Joanna Cavan, the head of IOCCO who has just a few weeks left at the oversight body before joining GCHQ’s tech help desk, informed The Register that the most frequent error was caused by transposing the days and months when accommodating the American format of presenting the time.
Back in February last year IOCCO published an inquiry report [PDF] into police forces acquiring journalists’ communications data to identify and determine journalistic sources. […] IOCCO discovered it had been breached during four investigations, and in one case the commissioner, Sir Stanley Burton, determined that the conduct was serious and reckless.

Source: Brit spies and chums slurped 750k+ bits of info on you last year

Skip to toolbar