The Linkielist

Linking ideas with the world

SpaceX launches successfully but still can’t land – explody centre stage and only half a fairing caught

Launch occurred at 0630 UTC on 25 June and the side boosters of the heavy lifter were shut down and separated from the centre core approximately 2 minutes 30 seconds later. The boosters, previously used for the last Falcon Heavy launch, headed back to briefly light up Landing Zones 1 and 2 with a synchronised Read more about SpaceX launches successfully but still can’t land – explody centre stage and only half a fairing caught[…]

Telcos around the world were so severely pwned, they didn’t notice the hackers setting up VPN points

Hackers infiltrated the networks of at least ten cellular telcos around the world, and remained hidden for years, as part of a long-running tightly targeted surveillance operation, The Register has learned. This espionage campaign is still ongoing, it is claimed. Cyber-spy hunters at US security firm Cybereason told El Reg on Monday the miscreants responsible Read more about Telcos around the world were so severely pwned, they didn’t notice the hackers setting up VPN points[…]

BGP super-blunder: How Verizon today sparked a ‘cascading catastrophic failure’ that knackered Cloudflare, Amazon, etc

Verizon sent a big chunk of the internet down a black hole this morning – and caused outages at Cloudflare, Facebook, Amazon, and others – after it wrongly accepted a network misconfiguration from a small ISP in Pennsylvania, USA. For nearly three hours, web traffic that was supposed to go to some of the biggest Read more about BGP super-blunder: How Verizon today sparked a ‘cascading catastrophic failure’ that knackered Cloudflare, Amazon, etc[…]

When Myspace Was King, Employees Abused a Tool Called ‘Overlord’ to Spy on Users

During the social network’s heyday, multiple Myspace employees abused an internal company tool to spy on users, in some cases including ex-partners, Motherboard has learned. Named ‘Overlord,’ the tool allowed employees to see users’ passwords and their messages, according to multiple former employees. While the tool was originally designed to help moderate the platform and Read more about When Myspace Was King, Employees Abused a Tool Called ‘Overlord’ to Spy on Users[…]

U.S. and Iran’s Hackers Are Trading Blows

Chris Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, issued a statement on June 22 following similar warnings from private American cybersecurity firms. Krebs, whose recently renamed agency is tasked with protecting American critical infrastructure, said CISA is “aware of a recent rise in malicious cyber activity” against American Read more about U.S. and Iran’s Hackers Are Trading Blows[…]

And this is how monopolies take advantage of Open Source: Google’s plan to fork curl for no reason than to have their own version

Google is planning to reimplement parts of libcurl, a widely used open-source file transfer library, as a wrapper for Chromium’s networking API – but curl’s lead developer does not welcome the “competition”. Issue 973603 in the Chromium bug tracker describes libcrurl,”a wrapper library for the libcurl easy interface implemented via Cronet API”. Cronet is the Read more about And this is how monopolies take advantage of Open Source: Google’s plan to fork curl for no reason than to have their own version[…]

Meds prescriptions for 78,000 patients left in a database with no password

A MongoDB database was left open on the internet without a password, and by doing so, exposed the personal details and prescription information for more than 78,000 US patients. The leaky database was discovered by the security team at vpnMentor, led by Noam Rotem and Ran Locar, who shared their findings exclusively with ZDNet earlier Read more about Meds prescriptions for 78,000 patients left in a database with no password[…]

Hack of U.S. Border Surveillance Contractor Is Way Bigger Than the Government Lets On

Even as Homeland Security officials have attempted to downplay the impact of a security intrusion that reached deep into the network of a federal surveillance contractor, secret documents, handbooks, and slides concerning surveillance technology deployed along U.S. borders are being widely and openly shared online. A terabyte of torrents seeded by Distributed Denial of Secrets Read more about Hack of U.S. Border Surveillance Contractor Is Way Bigger Than the Government Lets On[…]

Millions of Dell PCs Vulnerable to Flaw in SupportAssist software

Millions of PCs made by Dell and other OEMs are vulnerable to a flaw stemming from a component in pre-installed SupportAssist software. The flaw could enable a remote attacker to completely takeover affected devices. The high-severity vulnerability (CVE-2019-12280) stems from a component in SupportAssist, a proactive monitoring software pre-installed on PCs with automatic failure detection and Read more about Millions of Dell PCs Vulnerable to Flaw in SupportAssist software[…]

Chrome is the biggest snoop of all on your computer or cell phone – so switch browser before there is no alternative any more

You open your browser to look at the Web. Do you know who is looking back at you? Over a recent week of Web surfing, I peered under the hood of Google Chrome and found it brought along a few thousand friends. Shopping, news and even government sites quietly tagged my browser to let ad Read more about Chrome is the biggest snoop of all on your computer or cell phone – so switch browser before there is no alternative any more[…]

FYI: Your Venmo transfers with those edgy emojis aren’t private by default. And someone’s put 7m of them into a public DB

Graduate student Dan Salmon has released online seven million Venmo transfers, scraped from the social payment biz in recent months, to call attention to the privacy risks of public transaction data. Venmo, for the uninitiated, is an app that allows friends to pay each other money for stuff. El Reg‘s Bay Area vultures primarily use Read more about FYI: Your Venmo transfers with those edgy emojis aren’t private by default. And someone’s put 7m of them into a public DB[…]

Siemens Gamesa Unveils World First Electrothermal Energy Storage System, stores electricity in volcanic rock

Spanish renewable energy giant and offshore wind energy leader Siemens Gamesa Renewable Energy last week inaugurated operations of its electrothermal energy storage system which can store up to 130 megawatt-hours of electricity for a week in volcanic rock. […] The heat storage facility consists of around 1,000 tonnes of volcanic rock which is used as Read more about Siemens Gamesa Unveils World First Electrothermal Energy Storage System, stores electricity in volcanic rock[…]

Google Calendar was down for hours after major outage

Google Calendar was down for users around the world for nearly three hours earlier today. Calendar users trying to access the service were met with a 404 error message through a browser from around 10AM ET until around 12:40PM ET. Google’s Calendar service dashboard now reveals that issues should be resolved for everyone within the Read more about Google Calendar was down for hours after major outage[…]

Software below the poverty line – Open Source Developers being exploited

However, I recently met other open source developers that make a living from donations, and they helped widen my perspective. At Amsterdam.js, I heard Henry Zhu speak about sustainability in the Babel project and beyond, and it was a pretty dire picture. Later, over breakfast, Henry and I had a deeper conversation on this topic. Read more about Software below the poverty line – Open Source Developers being exploited[…]

Anyone else find it weird that the bloke tasked with probing tech giants for antitrust abuses used to, um, work for the same tech giants?

The man heading up any potentially US government antitrust probes into tech giants like Apple and Google used to work for… Apple and Google. In the revolving-door world that is Washington DC, that conflict may not seem like much but one person isn’t having it: Senator Elizabeth Warren (D-MA) this week sent Makan Delrahim a Read more about Anyone else find it weird that the bloke tasked with probing tech giants for antitrust abuses used to, um, work for the same tech giants?[…]

Facing Antitrust Pressure, Google Starts Spinning Its Own Too Big to Fail Argument

In an interview this week with CNN, Google CEO Sundar Pichai attempted to turn antitrust questions around by pointing to what they say is the silver lining of size: Big beats China. In the face of an intensifying push for antitrust action, the argument has been called tech’s version of “too big to fail.” “Scale Read more about Facing Antitrust Pressure, Google Starts Spinning Its Own Too Big to Fail Argument[…]

Phantom Brigade – turn based mech game where you can see into the future

Phantom Brigade is a hybrid turn-based & real-time tactical RPG, focusing on in-depth customization and player driven stories. As the last surviving squad of mech pilots, you must capture enemy equipment and facilities to level the playing field. Outnumbered and out-gunned, lead The Brigade through a desperate campaign to retake their war-torn homeland.   Source: Read more about Phantom Brigade – turn based mech game where you can see into the future[…]

We Have Detected Signs of Our Milky Way Colliding With Another Galaxy

According to new research, Antlia 2’s current position is consistent with a collision with the Milky Way hundreds of millions of years ago that could have produced the perturbations we see today. The paper has been submitted for publication and is undergoing peer review. Antlia 2 was a bit of a surprise when it showed up Read more about We Have Detected Signs of Our Milky Way Colliding With Another Galaxy[…]

Storm in a teacup: Linux Command-Line Editors Do What they’re supposed to do, are called Vulnerable to High-Severity Bugs by ‘researcher’

A bug impacting editors Vim and Neovim could allow a trojan code to escape sandbox mitigations. A high-severity bug impacting two popular command-line text editing applications, Vim and Neovim, allow remote attackers to execute arbitrary OS commands. Security researcher Armin Razmjou warned that exploiting the bug is as easy as tricking a target into clicking Read more about Storm in a teacup: Linux Command-Line Editors Do What they’re supposed to do, are called Vulnerable to High-Severity Bugs by ‘researcher’[…]

Readability of privacy policies for big tech companies visualised

For The New York Times, Kevin Litman-Navarro plotted the length and readability of privacy policies for large companies: To see exactly how inscrutable they have become, I analyzed the length and readability of privacy policies from nearly 150 popular websites and apps. Facebook’s privacy policy, for example, takes around 18 minutes to read in its Read more about Readability of privacy policies for big tech companies visualised[…]

National MagLab creates world-record magnetic field with small, compact coil

A novel magnet half the size of a cardboard toilet tissue roll usurped the title of “world’s strongest magnetic field” from the metal titan that had held it for two decades at the Florida State University-headquartered National High Magnetic Field Laboratory. And its makers say we ain’t seen nothing yet: By packing an exceptionally high-field Read more about National MagLab creates world-record magnetic field with small, compact coil[…]

British Official Signs U.S. Extradition Order For Julian Assange Despite Hostility Between UK Home Secretary and Trump Regime

Britain’s Home Secretary Sajid Javid told BBC Radio today that he has signed the extradition order for Julian Assange, paving the way for the WikiLeaks founder to be sent to the U.S. to face charges of computer hacking and espionage. “There’s an extradition request from the U.S. that is before the courts tomorrow, but yesterday Read more about British Official Signs U.S. Extradition Order For Julian Assange Despite Hostility Between UK Home Secretary and Trump Regime[…]

HackerOne Reveals Which Security Bugs Are Making Its Army of Hackers the Most Bank

As far back as 2015, major companies like Sony and Intel have sought to crowdsource efforts to secure their systems and applications through the San Francisco startup HackerOne. Through the “bug bounty” program offered by the company, hackers once viewed as a nuisance—or worse, as criminals—can identify security vulnerabilities and get paid for their work. Read more about HackerOne Reveals Which Security Bugs Are Making Its Army of Hackers the Most Bank[…]