Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Rat

Cisco's RAT-catchers spot sysadmin-targeted phish

File this under “it was bound to happen one day”: Cisco has spotted a targeted phishing attack based on a popular sysadmin automation tool. If someone in the “IT crowd” bunker falls for the phishing attack, Cisco's Talos Group says the payload exploits AutoIT, a scripting admin environment for Windows. Talos explains what's …
Dunce's cap graffiti by https://www.flickr.com/photos/lord-jim/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Why is the smart home insecure? Because almost nobody cares

It's easy to laugh-and-point at Samsung over its latest smart-thing disaster: after all, it should have already learned its lesson from the Smart TV debacle, right? Except, of course, that wherever you see “Smart Home”, “Internet of Things”, “cloud” and “connected” in the same press release, there's a security debacle coming. …
Car crash

Verizon wants to smartify old cars

Black, grey, and white hats associated with car hacking are flying in the air today, with Verizon announcing it's going to vastly expand their attack surface. That's not what the US network operator actually says, of course. What the company has announced is that its “project hum” has gone general-availability. Hum is …
D-Wave chip

D-Wave: 'Whether or not it's quantum, it's faster'

D-Wave is getting ready to drop a new benchmark on Arxiv, which the company says demonstrates its latest 1000-qubit processor outperforming classical machines. And it's bound to provoke the “other side” of the “is it quantum and is it faster?” debate, because the latest paper – the company has posted it here – describes “a …
still_life_with_skull_cropped_648

Password 'XXXXairocon' pops Wi-Fi routers from ASUS, ZTE and others

A bunch of home gateway vendors, presumably sourcing their firmware from the same place, can be hijacked using depressingly common hard-coded logins. As the Carnegie-Mellon CERT states, the vendors involved are ASUS and ZTE in Asia, European vendors Digicom and Observa Telecom, and carrier Philippine Long Distance Telephone ( …

The Onion Router is being cut up and making security pros cry

IBM is warning corporates to start blocking TOR services from their networks, citing rising use of the encrypted network to deliver payloads like ransomware. The advice comes in the company's latest X-Force research team report (PDF). IBM claims there were around 180,000 malicious traffic “events” in the USA between January 1 …

Motorola monsters Apple's swipe-to-unlock patent in German court

Apple has suffered yet another setback in its Bleak House lawsuits, with another German court deciding to throw out its swipe-to-unlock patent. The ruling confirms an earlier decision that the patent just didn't have the goods to stand up in Europe. As The Register reported at the time, “European law doesn't allow for the …
Godzila

Intel adds big data functions to math libraries

Intel is eyeing off the world of Big Data with the latest round of updates to its Parallel Studio Suite. In the latest update, Chipzilla has added a Data Analytics Acceleration Library (DAAL) to its venerable Math Kernel Library (MKL). As Intel explains here, DAAL's aim is to speed the operation of data analysis platforms …
Mobile Fusion 2

Your smartphone can be a 3D scanner, say boffins

Video Microsoft Research and Oxford University are showing off a chunk of software that turns smartphones into 3D scanners – running fast enough that if it's released, it'll be handy for 3D printing enthusiasts. To be published in IEEE Transactions on Visualization and Computer Graphics, the six-degrees-of-freedom (6DoF) scanning …
Dunce's cap graffiti by https://www.flickr.com/photos/lord-jim/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

AT&T accused of Wi-Fi interception, ad injection

AT&T has been accused of grabbing user traffic from its Wi-Fi hotspots for ad injection. The news comes from Stanford lawyer and computer scientist Jonathan Mayer, whose previous work includes uncovering a browser history bug in 2011, and the use of Verizon zombie cookies by third parties. In Webpolicy, Mayer writes that …

FBI probed SciFi author Ray Bradbury for plot to glum-down America

Among the many things the FBI of the 1950s and 1960s thought was corrupting America's youth and harbouring communism was, apparently, the science fiction scene. Documents recently released under freedom of information laws, show the G-men took an interest in one of the era's leading authors, Ray Bradbury. Their interest was …

Cortana Android beta goes public

Microsoft's Cortana-on-Android project, first announced in May, has now evolved to the point at which the virtual assistant has been released as a beta. The public beta, announced by Susan Hendrich, says the aim is to make Cortana “the companion to your Windows 10 PC, extending Cortana's functionality across any device you …
Sharpoint 2016 preview

Microsoft issues first SharePoint 2016 preview

Microsoft has released the first preview of SharePoint Server 2016 and outlined a buzzword-list of new features. Microsoft says its made “deep investment in HTML5” to give you “capabilities that enable device-specific targeting of content. This helps ensure that users have access to the information they need, regardless of the …
Ambulance

AshMad search outfit Trustify to El Reg: 'Trust us, we're the good guys'

Updated Online “Uber for private investigators” outfit Trustify is upset with The Register for not replicating its messaging with sufficient sycophancy. The company has, through PR company PR/serve, sent the following missive to explain why it harvested searches from the desperate and foolish visiting its site to see if they're on the …

Researcher says Australian parliaments have failed to protect privacy for 14 years

Long-time – and by now somewhat despondent – privacy advocate Roger Clarke says successive Australian governments have ignored the privacy impacts of nearly every national security measure passed by parliament since 2001. In this analysis of 72 items of legislation, Clarke finds only around 10 per cent received the normal …
Facepalm

Yammer security sub-standard says US Veterans' Affairs Dept

America's Veterans Affairs inspector general has sideswiped the department for what it says is “improper” use of Yammer, Microsoft's inside-the-firewall Twitter clone. In what looks like a mistaken enthusiasm for cool-tools, the US Department of Veterans' Affairs decided to start using Yammer, an "enterprise social network," …
NBN logo

NBN cost blows out by at least AU$10bn and FTTN isn't launched yet

Communications minister Malcolm Turnbull has presented a cost overrun greater than AU$10 billion in the National Broadband nNetwork's (NBN's) peak funding requirements as a win because the former government's plan would have been worse. “The project we inherited from the Labor party in 2013 had failed,” he said, discussing the …
linux_tux_cloud_648

Does Linux need a new file system? Ex-Google engineer thinks so

Former Googler Kent Overstreet has announced that a long-term project to craft a new Linux file system is at a point where he'd like other developers to pitch in. Since you're already asking why bother with a new file system, the answer Overstreet provides in this post to the kernel mailing list is that he wants to “match ext4 …
Flash disabled screen grab

Amazon to trash Flash, as browsers walk away

Amazon – the retail juggernaut, not the cloud juggernaut – has flicked Flash ads citing the increasing number of ways they're blocked at the browser as its reason. Driven at least in part by others' reaction to chronic insecurity in the plug-in-platform, Amazon says it will no longer accept advertisements that use Flash after …
Blackmail

Ashley Madison spam starts, as leak linked to first suicide

Part of the near-inevitable wash-up from the Ashley Madison hack has begun, with people reporting getting emails offering to save them from embarrassment, and a possible suicide in the USA. The misery caused by the hack is already in evidence in this report of a San Antonio city employee named in the Ashley Madison database …

Big Switch Networks glues together physical and virtual networks

Big Switch Networks has announced its next major revision, with a focus on unifying the physical network and the virtual network. Speaking to El Reg ahead of the release, CMO Gregg Holzrichter says the next revision is designed to bring virtual networking into line with virtualisation and containers at the server level. …
Artist's impression of Philae on Comet 67P

Chill, Philae: Shadow may protect comet lander from Sun roasting

Video If the Philae lander hitch-hiking on Comet 67P/Churyumov–Gerasimenko isn't dead, its dark hiding-place might just protect it from being destroyed by the heat as comet, lander and the Rosetta spacecraft swing around the sun. As the comet nears today's perihelion (closest approach) today (European time), the European Space …

Cisco network kit warning: Watch out for malware in the firmware

Cisco has warned users to watch out who's got admin access to kit, because it's seen malicious ROM images in the wild. The problem is that this isn't something the Borg can just issue a patch for. Admins – with appropriate credentials, naturally – need to be able to drop new ROM images on their kit as a matter of course. "The …
Earth

Samsung says micro-sats could blanket the world with Internet

Samsung has joined the likes of Google, Facebook, SpaceX and O3B with a proposal to bring the Internet to those who don't yet have it. While it's not an official Samsung policy document, the proposal is under the signature of Farooq Khan, who is president of Samsung R&D in Texas. In his paper at ArXiv, Khan proposes low-cost …
Amplify tablet

Rupert Murdoch rips up his own fondleslab foundry

Rupert Murdoch's unerring nose for a future tech market failure has struck again, with the company writing down its Amplify education business. Amplify, created out of the acquisition of Wireless Generation, and was supposed to corner the educational market. News acquired it for US$360 million in 2010, and subsequently poured …
Two people manipulate a CAD design on a Microsoft Surface Hub

Microsoft: Surface hub will ship from January 1, 2016

Microsoft has quietly announced when its Surface Hub will ship, and if you're impatient, you won't be pleased: it won't be until January 1, 2016. In July, it emerged that manufacturing problems were going to delay the planned September 1 ship date of the product. Redmond has now updated its “we're running late” blog post with …

Cisco kicks off Robbins' reign by beating the street

Cisco's new CEO Chuck Robbins has had the pleasure of reporting ahead-of-expectation results for Q4 of 2014/15. In the quarter that saw Robbins take over the big office from the seemingly-eternal John Chambers, Cisco reported year-on-year growth for the quarter of 3.9 per cent (US$12.8 billion). Full-year 2015 revenue was …
A hammer and bent screw

Cisco hands license-busting troll-hammer to THOR

Cisco is sick of the state of patent licensing for video codecs, so has decided to set a royalty-free of its own loose on the world. The Borg's problem is twofold: on the one hand, the licensing pools for H.264 fail to represent many of the participants in the industry; on the other, the successor, H.265, can be vastly more …
Padlocks by Simon Cocks Flickr CC2 license

IoT security is RUBBISH says IoT vendor collective

A vendor group whose membership includes Microsoft, Symantec, Verisign, ADT and TRUSTe reckons the Internet of Things (IoT) market is being pushed with no regard to either security or consumer privacy. In what will probably be ignored by the next startup hoping to get absorbed into Google's Alphabet's Nest business, the Online …
Uber launch party by https://www.flickr.com/photos/5chw4r7z/ CC2.0 sharelalike attribution https://creativecommons.org/licenses/by-sa/2.0/

Spooks add Uber algorithms to their research wish-list

The problem for a spook trying to keep up with technology is he or she knows there are all sorts of new sources of intelligence worth knowing, but also knows they're not allowed to know what's in those sources. And that knowledge gap is something America's Office of the Director of National Intelligence (ODNI) wants to change …
Fibre Optic by Barta IV https://www.flickr.com/photos/98640399@N08/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Gigabit Google? We're getting ready for 10 gigabits says Verizon

Verizon has upped the ante in the fibre-to-the-home business, plugging some test kit into its network to show off 10Gbps. The test was a proof-of-concept for what's called NG-PON2 – next generation passive optical network – an ITU roadmap that plots GPON (gigabit PON) upgrades with a minimum of new kit. In the test, Verizon …
Australian attorney general George Brandis by https://www.flickr.com/photos/cebitaus/ cc 2.0 attribution https://creativecommons.org/licenses/by/2.0/

Oz carriers to Attorney General Brandis: get OUT of our networks

Australia's telecommunications industry has spoken with one voice: George Brandis Attorney-General-as-Sysadmin legislation is a mess. The Attorney-General's (AG's) department has published the submissions received on the legislation (here), and among the ten industry-written submissions there's not one in support of the …
GAMA image of galaxies

Boffins: The universe is DOOMED and there's nothing to be done

Overhead, without any fuss, the stars were are going out. Don't worry, though: the heat death of the universe is still hundreds of trillions of years away. That's the conclusion of work announced by the Galaxy and Mass Assembly (GAMA) survey, which has looked at 200,000 "nearby" galaxies across 21 wavelengths between the …
AMD patent drawing

AMD patent filing hints at FPGA plans in the pipeline

With Intel in the process of buying venerable FPGA-maker (field programmable gate arrays) Altera and adding FPGA-like customisability to some Xeon silicon, the industry has been anticipating a response from AMD. And perhaps the first fruit of that response are now emerging. A report from Italy's Bits and Chips says the company …
Battery_Andy_Armstrong_CC_2_Flickr

Take THAT, Tesla: Another Oz energy utility will ship home batteries

The Tesla PowerWall announcement is having an effect in Australia, but perhaps not the one Elon Musk predicted: utilities are moving to head it off with their own solar/storage offerings. Shortly after the Tesla battery launch, NSW's AGL announced its solar customers could add electrical storage, and now Queensland's Ergon …
Optus Logo

Optus kicks off WiFi calling in Australia

Optus has become the first Australian carrier to make the jump: it's launched a WiFi calling app to let users make calls when they can't get a 3G/4G signal. The company has launched its snappily-named WiFi Talk app, which like Skype lets users have conversations and send text messages over a handy wireless LAN connection. …
Scatter plot of random numbers

Random numbers aren't, says infosec boffin

The randomness (or rather, lack thereof) of pseudo-random number generators (PRNGs) is a persistent pain for those who work at the low layers of cryptography. Security researcher Bruce Potter, whose activity in the field stretches back more than a decade, when he demonstrated war-driving using Bluetooth, says problems both in …

Boffins beat Amazon Web Services at its own storage game

Boffins from Bell Labs and Stony Brook University have put together a cloud storage system they hope can serve as a reference design for future cloud implementations. Called SEARS – Space Efficient And Reliable Storage – the research has been published at Arxiv here, and appears to rival Amazon's S3 cloud storage. The …

'Sunspots drive climate change' theory is result of ancient error

A bunch of boffins has completed the first-ever revision of the world's most important sunspot data repository, along the way challenging the theory that climate change is substantially attributable to the prevalence of sunspots. It turns out, in fact, that the pro-sunspots argument relies on a statistical artefact introduced …

Arista bullish for full year results after 47 per cent YoY growth in Q2

High-performance data centre switching upstart (and Cisco litigation target) Arista Networks has reported 47 per cent revenue growth year-on-year for the quarter ended June 30. The company's financial release says it recorded US$195.6 of revenue, and a GAAP net income of $24 million (up from $21.6 million for the corresponding …

Tesla still burning cash: each car loses $4,000

Whatever its utility, Tesla's robo-charger video did one thing for the company: it distracted attention from the company's latest financial reports. Outlets like Reuters aren't impressed, with this report noting that Elon Musk's baby “burned US$359 million in cash last quarter in a bull market for luxury vehicles”. Tesla's …

Ubiquiti stung US$46.7 million in e-mail spoofing fraud

Ubiquiti Networks has been defrauded of more than US$46 million by scammers who spoofed its communications. The heist was revealed in an SEC Form 8-K filing. Apart from the financial information, details are scant. The San Jose company says: “The incident involved employee impersonation and fraudulent requests from an outside …
Malcolm Turnbull from ITU pictures flickr feed https://www.flickr.com/photos/itupictures/

Australia: your real comms minister is George Brandis

Australia's tech sector could be forgiven for regretting the welcomes it gave Malcolm Turnbull to the communications ministry in 2013. The Attorney-General's Department, in fact, seems to exercise more effective ministerial control over the telecommunications industry than its own minister. In 2013 it was argued that Turnbull …

Redmond boost bug bounty payouts again

Microsoft's joined the growing list of vendors trying to compete with black-hat and spook vulnerability-buyers by doubling some of its reward offerings to $100,000. With Windows 10 now on user machines (and already receiving both a security patch and criticism over its Wi-Fi defaults), Redmond's used BlackHat USA 2015 to …

Investors cheer as SGI loses LESS than expected

SGI has pleased financial markets by losing significantly less for Q4 2015 than prognosticators had seen in their crystal balls. By turning a net loss of US$0.12 per share for the quarter (total of $4 million, non-GAPP, the iron-monger beat estimates of a much words $0.20 per share net loss (which would have amounted to $6.67 …
container_ship_hamburg_shutterstock_648

Net config too SLOW for clouds, says Fujitsu

When tens of seconds is too slow: Fujitsu is getting ready to launch a technology it says can create virtual networks for Linux containers in a second. Being readied for the Asia-Pacific Network Operations and Management Symposium in South Korea later this month, the technology is designed to address the mis-match between how …
ESA Rosetta history

Happy birthday! Rosetta starts second year around comet

More than a decade after its launch, the spacecraft Rosetta reached Comet 67P/Churyumov-Gerasimenko, and as it approaches perihelion with the Sun, the ESA is celebrating a year since Rosetta reached its target. As we well know, rendezvous wasn't without incident: instead of dropping neatly on the surface of 67P, the mission's …
Imperva switcher attack illustration

Imperva demos cloudy man-in-the-middle attack

Dropbox, OneDrive, Google Drive, and Box can be raided via a man-in-the-middle attack, without an attacker needing access to users' plaintext credentials, according to security bods at Imperva. Instead, in this paper [PDF] presented to BlackHat, the company's Application Defense Center says users' local sync folders serve just …
red_hat_648

Red Hat updates OpenStack suite

Red Hat has wrapped the April 30 “Kilo” release of OpenStack into its enterprise suite, which has just gone general-availability. Two years into its OpenStack effort, the company says version 7 of its platform includes improvements to deployment and management, high-availability support, security control, network flexibility …

Wordpress issues second urgent patch in two weeks

Weary Wordpress worker-bees are being asked to hit the "Update" button again. Just a couple of weeks after an XSS vulnerability forced a July 24th call to upgrade to Wordpress 4.2.3, a handy collection of vulns mean it's time to run in version 4.2.4. At least Wordpress has an easy upgrade mechanism. The new vulnerabilities …