Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Password

US standards lab says SMS is no good for authentication

America's National Institute for Standards and Technology has advised abandonment of SMS-based two-factor authentication. That's the gist of the latest draft of its Digital Authentication Guideline, here. Down in section 5.1.3.2, the document says out-of-band verification using SMS is deprecated and won't appear in future …

Google tests its own quantum computer – both qubits of it

A couple of years ago, a quantum physicist suggested to Vulture South that one of the best uses for quantum computers might be to model reality. Now, Google reckons its boffins have done just that. Science wants to model quantum systems because they lie at the heart of reality. For example, chemistry – where Google has chosen …

Microsoft to rip up P2P Skype, killing native Mac, Linux apps

In the same month Microsoft announced its alpha WebRTC-based Skype for Linux client, Redmond has put that native app and the native OS X Skype client on an end-of-life list. This is because Skype is being rebuilt to replace its peer-to-peer architecture with cloud-centric code that supports Windows, iOS, Android and web …
A view from Babbage's eye-mounted Picam

Cisco UCS gets critical patch

Cisco's just posted a patch rated critical for its Unified Communications System Performance Manager. It's an all-too-familiar issue: the Web interface has a bug that lets a remote attacker execute whatever command they want, using the HTTP GET command. UCS Performance Manager version 2.0.0 and all prior versions are affected …
Gavel

WhatsApp goes to Rio (again), but the battle is far from over

WhatsApp is back in Brazil, and the company hopes this time it's permanent. After a magistrate ordered a nationwide block on the service, the matter was taken to the country's Supreme Court. When The Register reported on the situation yesterday, that appeal was still under consideration. Readers have now alerted The Register …
Rotten apple. Pic: Shutterstock (http://www.shutterstock.com/pic-29447929/stock-photo-a-rotten-apple-on-a-white-background.html)

Wavering about Apple's latest security fix? Don't, says Talos

Here's another reason to press “install” on Apple's latest OS X and iOS security patches: a slew of image-handling vulnerabilities. Now that Apple's released the patched versions, Cisco's Talos researchers have gone public with the details of their contribution to the fixes. The most serious of the bugs is in TIFF image …
The new Pirate Bay logo

Torrent is a word, and you can't ban words, rules French court

The High Court of Paris has decided there's a limit to France's unpopular anti-copying regime: Google and Bing can't be required to block the word “torrent” from their search results just because BitTorrent is sometimes used for piracy. The case was brought by the Syndicat National de l'édition Phonographique, France's record …

EU Net Neutrality debate heats up as Tim Berners-Lee weighs in

It's hard to work up a good lump in the throat in sympathy for a bureaucrat, but staff at the Body of European Regulators for Electronic Communications (BEREC) probably need just a little: they're going to have to work through 400,000 submissions about Net Neutrality in the EU. Volker Sypli of German telco regulator BNetzA …
Burning money, photo via Shutterstock

South Korea mulls TREEELLION-Won fine for Qualcomm

South Korea's Fair Trade Commission (KFTC) has Qualcomm in its sights again, telling the Korea Times the company could be up for a trillion-won fine (nearly US$880 million) over anti-trust violations. The fine (which would set a KFTC record) concerns an ongoing dispute in South Korea over how Qualcomm levies royalties for its …
An Air-2 Genie

An anniversary to remember: The world's only air-to-air nuke was fired on 19 July, 1957

Vid The date was 19 July, the year was 1957 and America was worried that the Soviet Union could amass too many bomber squadrons to be stopped. That's why it ran its one-and-only test of one of the oddest ideas to emerge in the Cold War: a nuclear-armed air-to-air missile? The resulting armament, the AIR-2 Genie, was made by …

WordPress admin? Thinking of spending time with the family? Think again

The Dutch hacking community's Summer of Pwnage (SoP) has disclosed three vulnerabilities in WordPress plugins, including an XSS in the popular Ninja Forms. Since Ninja Forms claims more than 600,000 users, we'll start there: the now-fixed reflected XSS bug allows attackers to inject malicious JavaScript into the victim's …
Banned

WhatsApp gets another Brazilian whack as magistrate blocks it again

Update The standoff between Brazil's legal system and Facebook's WhatsApp messaging platform continues, after a Rio de Janeiro judge ordered all carriers to block the app as of next Tuesday. WhatsApp claims 100 million users in the country. While judge Daniela Barbosa has declined to publish her reasons in full, she says the order …

FibreChannel dead? Nonsense, says Brocade, here's our Gen 6 kit

Brocade's having none of this FibreChannel doomsaying, with the launch of its FibreChannel Gen 6 director family. The launch comprises the Brocade X6 Director, SX6 Extension Blade, and for monitoring, two new enhancements to its Fabric Vision. The X6 Director has 384 ports running at 32 Gbps, and supports aggregation of those …
Harvard's vitamin B2 battery

Harvard gives solar batteries performance-enhancing vitamins

Harvard University researchers reckon they can make flow batteries cheaper using an electrolyte based on vitamin B2. Flow batteries function much like lead-acid batteries, with a fluid that reacts with electrodes to store charge. However, the liquid is cycled through an external tank in the charge/discharge cycle. The …

LTE-U vs. WiFi fight gets closer to a settlement

FCC filings by Broadcom reveal the chip-maker is still feeling bullish about the controversial LTE-U (LTE-Unlicensed) push. In a world of squeezed spectrum, US carriers are keenly watching the development of LTE-U, because it would let them borrow Wi-Fi frequencies if they're not being used. That idea is controversial because …

Guilt by ASN: Compiler's bad memory bug could sting mobes, cell towers

A vulnerability in a widely used ASN.1 compiler isn't a good thing: it means a bunch of downstream systems – potentially mobile phones and cell towers – will inherit the bug. And an ASN.1 bug is what the Sadosky Foundation in Argentina has turned up, in Objective Systems' software. The research group's Lucas Molas says …
A bottle of burned naphtalene

Oz boffins cook quantum computing out of mothballs

A Sydney University researcher has burned naphthalene to create a material that can hold quantum qubit information at room temperatures. While the world has both quantum storage and quantum gates, albeit at small scales, even performing a simple Boolean AND operation on qubits is best undertaken as close as you can get to 0 …

Australia gets one-quarter of a minister for national infosec

If you were hoping tech would get some kind of boost in the Turnbull government's third ministry, prepare for disappointment. Mitch Fifield retains communications, and Fiona Nash remains minister for regional communications – which at least means the telcos don't have to spend the time and energy getting to know capturing …
Pic: Shutterstock

Tor veteran Lucky Green exits, torpedos critical 'Tonga' node and relays

Tor's annus horribilis continues, with one of its earliest contributors, Lucky Green, quitting and closing down the node and bridge authority he operates. Green's announcement is here, and in full below. He specifically declines to describe why it is “no longer appropriate” to take part in Tor, nor why he believes he has “no …
NASA CAD of Mars 2020 Rover

New Mars rover is GO for 2020 says NASA

All being well, NASA will launch the successor to Curiosity Rover in 2020. And this time the agency hopes to prepare samples for an as-yet-blue-sky manned mission that could one day return them to Earth for analysis. NASA says its Mars Rover 2020 project has passed a “significant milestone” – Key Decision Point (KDP) C – which …
linux_tux_cloud_648

Intel's SGX tiptoes towards Linux

Intel has fulfilled a promise made in April to open-source a Linux driver for its SGX technology. SGX – Software Guard Extensions – first landed in 2013, and allows programmers to lock up code and data inside containers enforced by the CPU. The idea is to create an environment to assure people "clouding" their enterprise …
Fibre, image via Shutterstock

Happy 50th birthday, optical fibres for telecoms

One of the seminal developments in modern telecommunications turns 50 years old this month: the paper that bootstrapped the world of optical fibre communications. With this publication in the July 1966 issue of Proceedings of the Institution of Electrical Engineers (now the IET), Charles Kao upended then-current research into …
Mambo Unlimited's gold bug. Pic: Steve Caplin

OpenSSH has user enumeration bug

A bug in OpenSSH allows an attacker to check whether user names are valid on a 'net-facing server - because the Blowfish algorithm runs faster than SHA256/SHA512. The bug hasn't been fixed yet, but in his post to Full Disclosure, Verint developer Eddie Harari says OpenSSH developer Darren Tucker knows about the issue and is …
MeerKAT

Africa's MeerKAT looks at the sky, surprises boffins with 1,300 galaxies

The operators of the MeerKAT radio telescope in South Africa have switched on its first 16 dishes and, pretty much immediately, spotted more than 1,200 new galaxies. If all goes to plan, by the end of next year the facility will have 64 antennae, and will eventually become part of the international Square Kilometre Array (SKA …
cloud

Boffins bash better brains into OpenFlow

One of the pitch points of open white-box networking is that it makes Ethernet switches extensible – something exploited by some packet boffins to build what they think is a better way to skin the network monitoring cat. The researchers, from Brown University, are trying to overcome the mismatch between the limitations of old- …