Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Twilight Zone, 'Time Enough At Last'

German boffins' clock drops 10 seconds in a billion-and-a-half years

Optical clocks are already so accurate that you can expect them to be out by a second every 15 billion years, but they suffer from frequent downtime. Now a group of boffins from The National Metrology Institute of Germany (PTB, which stands for Physikalisch-Technische Bundesanstalt) reckon they've got that problem licked, by …
Embarrassed/exhausted man sits in front of laptop in hipstery office. Photo by Shutterstock

Microsoft won't back down from Windows 10 nagware 'trick'

Microsoft is hurt and disappointed that people would think it was trying to “trick” them with a confusing Windows 10 upgrade dialog that scheduled an upgrade without users explicitly agreeing to do so. Redmond recently created a new Windows 10 nagware reminder that presented a dialog asking you to install the OS. But if users …
firing range - target in cross hairs

ICSA Labs wants IoT industry to seek security certification

The venerable ICSA Laboratories – these days a subsidiary of Verizon – has added Internet of Things certification to its cyber security certification. Whether it's got any chance of success is anybody's guess. While the world is trying to catch up with the idea that a security camera might need to be configured with something …

Palo Alto IDs another C&C-over-DNS attack

Palo Alto Networks researchers say the Webky group is using DNS (domain name system) requests as their command and control channel. The reason that's important is that DNS is one of those ports that's less heavily policed than (for example) Port 80. The Palo Alto post (by Josh Grunzweig, Mike Scott and Bryan Lee) says the …
stack of newspapers with a pair of ethernet cables next to them

CentOS Linux 6.8 lands

The CentOS Linux project has unleashed version 6.8 on the world. In line with the Red Hat code-base it's cut from, CentOS 6.8 gets 300 TB XFS filesystem support, and uses the Linux 2.6.32 kernel. There's a slew of security changes in the release: libreswan instead of openswan for VPN endpoint functionality; TLSv1.2 support in …

Judge torpedoes 'Tor pedo' torpedo evidence

A US District Court judge has tossed out evidence gathered by the FBI from Tor users, because the Feds wouldn't reveal how exactly it exploit their browsers to unmask them. Jay Michaud, a Vancouver school administration worker, was charged with viewing a hidden service called Playpen, which hosted child abuse material, on the …
Stethescope by Jess Watson on Flickr, CC 2.0 license

Telstra gets AU$180 million to run national cancer register

Australia's government might be in caretaker mode, but that's not stopping it from announcing a contract handing over management of cancer care records to Telstra. The carrier will get as much as AU$180 million to take over record-keeping for a national cancer screening register, which will replace smaller not-for-profit …
Crypto fingers

IETF spikes government metadata collection with DNS request crypto plan

DNS requests and responses – part of what many countries regard as “metadata” that they want collected for law enforcement – should be encrypted to protect users from surveillance. That's what's put forward in RFC 7858: that DNS requests should traverse transport layer security (TLS) links, so as to protect users' requests …
skull_648

Pastejack attack turns your clipboard into a threat

Once, you could use HTML/CSS to manipulate the clipboard, but it was not a good way to do so. Now a security bod has worked out how to do it in JavaScript and reckons it's a lot more dangerous. At first glance, it looks like purely a stunt-attack, except for this: a phishing e-mail purporting to be from tech support could …
Piggy bank, image via Shutterstock

Facebook adds new names to Telecom Infra Project

Facebook's Telecom Infra Project (TIP) has signed up a bunch of carriers and vendors. The TIP aims to spread the white-box with software-defined control plane approach used by Facebook's Open Compute Project to telco networks. When it launched back in February, TIP had members and some reference designs from Facebook, Intel …
Man shouting the news from a rolled up newspaper

Microsoft force-feeds Win10

Microsoft is on everyone's hate-list again, because closing the Windows 10 upgrade dialogue without explicitly cancelling an installation leaves the upgrade on the schedule. This Knowledge Base article explains that the only way to cancel the upgrade is to click on the “change upgrade schedule” link. “If you click on OK or on …
Azure password rejection note

Microsoft bans common passwords that appear in breach lists

With LinkedIn providing yet more fodder for attackers' rainbow tables and login bots, Microsoft has decided to start blocking too-common passwords. As a result, Azure Active Directory's 10 million or so users will no longer be able to select a password that's appeared too many times on breach lists, or commonly appears in …
NBN Logo

NBN raid fallout continues, with Conroy formalising privilege claim

The Australian Labor Party's (ALP's) senator Stephen Conroy has formalised his claim of parliamentary privilege over documents seized in last week's Australian Federal Police raid of his office and the homes of two of his staffers. Conroy has sent a letter to the Australian Federal Police (AFP), a procedural step required to …
jaws

Pointless features add to browser bloat and insecurity

It might be time for the warlocks of the Web and brewers of JavaScript to revisit their ever-burgeoning developer wish-lists and sweep away the rubbish. Researchers from the University of Illinois have looked at how users and Website designers respond to the feature-list, and their study suggests there's a whole lot of kruft …
Janus

ENISA / Europol almost argue against crypto backdoors

While the FBI, in the person of James Comey, continues its campaign to persuade the tech sector that mathematics isn't that big a thing and therefore backdoors are feasible, The European Union Agency for Network and Information Security (ENISA) and Europol have tip-toed around the issue, issuing a joint statement that both …
troll

Troll seeks toll because iPhones work

Apple, your iPhones are making phone calls so we're suing you: that's the substance of the latest round of patent-trolling attempt against Cupertino. The patent accumulator in the case is Texas-based Corydoras Technologies (its filing explains that it's a subsidiary of Japanese company Anubias Technologies). Its sueball …
Kale by Clyde Robinson, Flickr, CC2.0 license

Want a better password? Pretend you eat kale. We won't tell anyone

People have a very poor grasp of what makes one password stronger than another, according to research conducted at Carnegie Mellon University (CMU) and published by the Association of Computing Machinery. The old rule that a password should contain letters, numbers and symbols mean respondents to the CMU's CyLabs study think …
hacker

Swiss CERT publishes reveals details of defence contractor hack

Swiss defence contractor RUAG and the country's GovCERT have revealed the details of a 2014 network breach in which attackers got access to a stunning 23 GB of data. RUAG's business covers defence, aerospace (including drones), and ammunition technology, making it a very attractive target for espionage. The breach was only …
Archimedes Mirror, Giulio Parigi

Google-backed solar electricity facility sets itself on fire

A troubled heliostatic power station is set to hit the anti-renewables meme-factories, after misaligned mirrors set the tower on fire. The Google-backed, US$2.2 billion Ivanpah Solar Electric Generating System generates power by focussing sunlight on boilers at the top of three 140-metre (439-foot) towers and using the …
Google, photo by lightpoet via Shutterstock

Google releases v4 Safe Browsing API

Developers using Google's Safe Browsing API: get ready for an upgrade. The Chocolate Factory's announced v4 of the API, and is deprecating prior versions. Announced here, the update pays more attention to mobile users. As Googlers Emily Schechter and Alex Wozniak write, that means the API had to be optimised to reduce power …
How the flying snake looks in simulation

The underbelly of simulation science: replicating the results

Replicating computer-simulated science is harder than you think, as a group of aerospace researchers from George Washington University have found. In fact, without decent versioning, documentation, publication of data and rigorous evidence standards, simulations that attract headlines both in academic and general media should …
HiFire 5B launch

Hypersonic flight test hits Mach 7.5

Australia's venerable Woomera rocket range last week hosted a successful hypersonic test in which the experimental HiFiRE rocket hit Mach 7.5 and an apogee of 278 km. The data-gathering experiment wasn't testing a hypersonic motor – sorry “Sydney to London in two hours” fans – but rather carried instruments to observe the …
Slices of madeira cake

MS IDs new Word macrovirus

Microsoft's turned up a new malicious Word macro doing the rounds. In this blog post, Redmond says it got its hands on a document containing a form built from malicious VBA scripts. “The VBA modules look like legitimate SQL programs powered with a macro; no malicious code found there … However, after further investigation we …
Keystone Cops

NBN leak pits minister against AFP commissioner

The Australian Federal Police's (AFP's) raid on Australian parliamentarians and their staffers over leaked documents on delays to the National Broadband Network (NBN) leaked-documents raid had more fallout over the weekend, with the AFP criticised for allowing an nbnTM staffer to photograph documents seized in Thursday night's …
Man with head in the cloud

OpenStack's no science project, but does 'need to be glued together'

Interview A year on from when Gartner asserted that OpenStack was a “science project”, The Register talked to the National Computing Infrastructure's Andrew Howard to see where one of Australia's biggest OpenStack deployments is at. With 30 Petabytes of spinning rust in a 900 square metre data centre, participation in NECTAR, and …