Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Lost box, photo via Shutterstock

Cumulus Networks writes its name on a white box

Open networking operating system vendor Cumulus Networks is about to start selling hardware – but it's not going to start actually making the stuff. Rather, the maker of the Cumulus Linux distribution has decided to give new users an easy entry-level purchase by installing and configuring its operating system on bare-metal …
zombie_648

Linux is part of the IoT security problem, dev tells Linux conference

The Mirai botnet? Just the “tip of the iceberg” is how security bods at this week's linux.conf.au see the Internet of Things. Presenting to the Security and Privacy miniconf at linux.conf.au, embedded systems developer and consultant Christopher Biggs pointed out that Mirai's focus on building a big DDoS cannon drew attention …
OSIRIS-REx during construction. PIC: NASA

NASA fires first shot in plan to bring a chunk of asteroid down to Earth

NASA's asteroid-exploration mission OSIRIS-REx spacecraft has taken the left turn at Albuquerque on its way to a near-Earth space rock called Bennu. The agency says the burn of 354 kg of fuel (780 pounds) boosted the craft's velocity and put it on a trajectory for an Earth fly-by which will give OSIRIS-REx impart even more …
Hadoop

Insecure Hadoop installs next in 'net scum crosshairs

Rinse-and-repeat ransomware attacks on data services left unsecured by dozy sysadmins are now hitting Hadoop instances. Fidelis Cybersecurity reckons it's started observing the attacks, which seek out default installations of the big data darling, copy and then wipe Hadoop instances and then demand a ransom for return of …

Adobe's naughty Chrome telemetry code had XSS problem

Adobe's pushed out a fix for its already-controversial Chrome telemetry extension after Project Zero's Tavis Ormandy found an egregious bug. The update that shipped last week pushed the extension to Chrome users. It was presented as a convenience update that let people print Web pages to PDF, and use Reader instead of Chrome's …
A dozen ASKAP dishes are now dishing up science

Square Kilometre Array precursor shrinks 5TB of data to 22MB – every second!

Australia's precursor to the Square Kilometre Array has gone from sitting on the slipway to shedding champagne-bottle shards and sliding gracefully into action. The Australian Square Kilometre Array Pathfinder, ASKAP if you're thrifty with syllables, is doing its first science for a project called WALLABY, an all-sky hydrogen …
Fibre, image via Shutterstock

100 Gbps link to Europe lights up to delight researchers

Researchers are getting another 100 Gbps of dedicated connectivity between America and Europe, courtesy of a link on the AEConnect cable activated by Indiana University. Paid for by a National Science Foundation NEEAR (Networks for European, American and African Research) grant, the link connects the US to Ireland. The pan- …
Image by robodread http://www.shutterstock.com/gallery-529180p1.html

IPv6 vulnerable to fragmentation attacks that threaten core internet routers

A trio of 'net experts argues that a key IPv6 protocol needs fixing to get rid of a fragmentation attack vector against routers in large-scale core networks. The vector, called “atomic fragments” has long been regarded with suspicion by IPv6 security wonks. Here, for example, is a Black Hat 2012 presentation illustrating the …

SOHOpeless routers offer hard-coded credentials and command injection bugs

Yet again, home routers are the home of SOHOpelessness: Zyxel and Billion units distributed in Thailand by TrueOnline have backdoors, and the researcher who found the flaw says the vendors have ignored his attempts to notify them. Long-time router-popper Pablo Ribeiro went public with the pwnage – default admin accounts and …
axe_648

Toshiba may sell silicon biz to contain fallout of nuke plant problems

A troubled nuclear power station strategy in the USA has Toshiba considering the partial sale of its Japanese semiconductor business. Nikkei (in Japanese) names Western Digital as a potential buyer, along with several investment funds. The company hopes to get between $1.77bn and $2.65bn for a 20 per cent stake in the …

Australia's Department of Social Services pushing ahead with data-matching plans

The Centrelink “robo-debt” debacle hasn't dimmed the Australian government's enthusiasm for data-matching as a policy tool. The Department of Social Services (DSS) has confirmed to The Register that it plans to go ahead with its own big data project conceived in the February 2015 “McClure review” (full name: A New System for …

Auto emissions 'cheatware' scandal sparks war of words between Italy, Germany

The latest “cheatware” scandal to rock the auto industry has escalated to cause inter-government tension, with Germany and Italy trading snipes over Fiat Chrysler's claims about emissions. It's hardly surprising that once regulators discovered the Volkswagen cheat, they'd take a look at other car-makers to see if their …
match

Japan tries to launch satellite on rocket the size of a telegraph pole

From plants to pocket-sized radios, Japan has a long history of miniaturisation, but its first attempt to shrink a satellite-launching rocket has ended with the launcher ditching into the sea. The 2.6-tonne SS-520-4, about the size of a power pole, is a sounding rocket platform JAXA had hoped would set the record for the …
head of 50s-style robot

Docker adds continuous integration to DataKit

Here's a handy tool from Docker's GitHub repository: a continuous integration library to help manage DataKit projects. DataKit went open source in May last year. At the time, Anil Madhavapeddy explained it was part of the strategy to let users run Docker natively on Windows and Mac machines. DataKit provides the software …
Eugene Cernan and Ronald Evans

RIP Eugene Cernan: Last man on the Moon dies aged 82

Eugene Cernan, the last man to leave footprints on the Moon, has died aged 82. One of 14 astronauts chosen by NASA in 1963, Cernan's space career included two trips to the Moon (the second as commander of Apollo 17), and the second spacewalk by a United States astronaut. His two-hour spacewalk took place during the three-day …
Nerd fail photo via Shutterstock

Balancing miners borks blockchains, say boffins

The financial sector's enthusiasm for blockchain technology might be misplaced, according to a pair of Australian distributed computing experts. The problem: if everyone in a consortium trusts each other, they don't need blockchains to protect themselves; if they don't, current blockchain protocols have a flaw that allows a …
Calculator with built in GSM and microphone

Apple vs. Samsung goes back to court, again, to re-assess the value of a rounded corner

A US appeal court has opened the next round of the long-running Apple versus Samsung patent case, this time to recalculate the damages Sammy owes Cupertino. Apple won US$399 million in damages when courts agreed that various patents were infringed by Samsung, including rounded corners on the case, and the gridded home page …
Einstein@home's 13 new pulsars

Home Einsteins help turn up 13 new pulsars

The Einstein@home project has announced the discovery of 13 neutron stars in its distributed analysis of gamma ray data from the orbiting Fermi telescope. The bunch of “young” pulsars are believed to have formed between tens and hundreds of thousands of years ago, and among them are three particular curiosities: two that are …
A ginger tabby cat is walked on a leash over cobblestones. Photo by Shutterstock

You know what, maybe Tabby's star ate a planet, ponder space eggheads

Tabby's star – formally KIC 8462852 – has attracted a new and possibly-plausible explanation for its excess of twinkle: the remnants of a planet destroyed in a collision. That hypothesis comes from Brian Metzger and Nicholas Stone of Columbia University's Astrophysics Laboratory, and Ken Shen of UC Berkeley's Department of …
D-Wave chip

D-Wave goes public with open-source quantum-classical hybrid software

Want to fool around with some quantum-ish computing? D-Wave has open sourced a software tool that prepares optimisation problems to run on its hardware. You can think of the software, qbsolv, as a D-Wave-specific compiler: in the white paper it's posted along with the tool at GitHub, the company's Michael Booth, Steven …
finger pointing

It's not just your browser: Your machine can be fingerprinted easily

It just got a lot harder to evade browser fingerprinting: a bunch of boffins have worked out how to fingerprint the machine behind the browser, using only information provided by browser features. Like so many ideas, it's obvious once someone's thought of it: activities that aren't processed in the browser are treated the same …
Quick fix - worker running while carrying a wrench

ISC squishes BIND packet-of-death bugs

BIND administrators, get patching: there are three irritating flaws you need to splat. The denial-of-service vulnerabilities in question are CVE-2016-9131, CVE-2016-9147, and CVE-2016-9444. Common to all three is that they're exploitable denial-of-service bugs that predominantly affect BIND-based DNS servers running in …

Google sends Titan broadband drones to the unicorns' graveyard

Being bought by Google X increasingly looks like a kiss of death: Alphabet has shuttered the Titan project which proposed hosting solar-powered broadband on high-altitude solar-powered drones. The move was first spotted by 9to5Google, which says staff at the division will be farmed out to its Project Loon (broadband …

Wi-Fi for audiophiles: Alliance preps TimeSync certification program

At CES last week, the Wi-Fi Alliance announced a certification program for devices supporting the TimeSync feature. The aim is to provide plumbing-layer tools to help deliver high-quality audio and video across a multi-station Wi-Fi network without the final result looking like a bad lip-sych. And, naturally enough, Wi-Fi …

Docker swings door shut on privilege escalation bug

Docker has patched what it calls a “minor” container escape. CVE-2016-9962 was a bug in runc – an insecure file descriptor opening that cleared the way to local privilege escalation. In other words, the contents of one container could be exposed to another, running under the same Docker instance. From its Full Disclosure post …