Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Techie wields circular saw while standing over the innards of a workstation. Photo by Shutterstock

European MPs push for right to repair rules

The European Parliament has recommended better consumer product protection, asking that durable products be durable and repairable by independent workshops. It's not a fait accompli for the right to repair: it's up to member states and the European Commission to put the recommendations into effect. At a plenary session in …
Hammer, spanner and screw

Cisco automation code needs manual patch

In Cisco's weekly security update list, there are three critical bugs affecting its Elastic Services Controller and Ultra Services Framework. Switchzilla warns its Elastic Services Controller (a network function virtualisation management environment) has static default credentials that would let a remote attacker log into the …
band_aid_648

Perl devs solve ancient Riddle: 'What's a vuln we caught from Oracle?'

The Perl 5 database interface maintainers have issued an important patch for DBD—MySQL: in some configurations it wasn't enforcing encryption. As CVE-2017-10789 explains: “The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mean that SSL is optional (even though this setting's documentation has a 'your …

Windows Insiders with SD cards turn into OneDrive outsiders

Microsoft has tried to DoS its forum servers, by changing its OneDrive consumer policy to only support cloud backups of NTFS-formatted drives without warning users first. Unsurprisingly, that's lit up the forums with complaints, because people only found out when OneDrive popped up error messages. Windows 10 insiders copped …
IT Crowd's Roy: "Have you turned it off and on again?"

Mainframe TITSUP totals Oz tax tech, again

In a speech at the National Press Club yesterday, Australian Taxation Office commissioner Chris Jordan apologised for the organisation’s repeated IT outages, while the ATO’s online portals hit the canvas again. The ATO says it addressed the five-hour TITSUP (total inability to support usual performance) by rebooting its …
THistle, the national flower of scotland, being bothered by a bee. Photo by Shutterstock

Boffins' five eyes surprise: Bees correct colour for ambient light

Camera designers will get to add a technique borrowed from nature to improve how they handle colour, courtesy of the humble honey bee. Boffins at Australia's RMIT University in Melbourne (with colleagues from Monash and Deakin Universities and the University of Melbourne) looked at how honey bees process colour information, …
New MH 370 flaperon drift modelling

MH370 researchers refine their prediction of the place nobody looked

Australian researchers who haven't given up on finding Malaysian Airlines MH 370 have told a conference in Darwin they believe they know where it is likely to be. The flight set off an international mystery when it disappeared in March 2014, presumably crashing into the Indian Ocean. The search that followed cost $180 million …

Intel axes 140 IoTers in California, Ireland

Intel is shedding nearly 140 staff from its Internet of Things business lines. The layoffs were probably inevitable, since during June, Intel discontinued three of its IoT product lines – the Joule, Edison and Galileo compute modules and boards. Those three boards were once the flagships for Chipzilla's pitch to the wearable …
Facebook emojis

Facebook's left hand is fighting for Americans' right to privacy

Facebook's lawyers are racking up the billable hours in the US, with the company winning a lawsuit about tracking and privacy, but still doing battle against the American government over protecting users from government warrants. In a privacy and wiretapping lawsuit, Northern California District Judge Edward Davila decided …
Medicare card - Shutterstock

It's an important ID, so why isn't the Medicare card chipped?

Australia's Medicare data leak certainly won't be the last such, so why are so many expressions of digital identity so badly protected? To answer this question, The Register spoke to Lockstep Technology's Stephen Wilson about yesterday's discovery that numbers are being traded on Tor sites. It's a question he's been studying …
M.E.Docs servers - image from Ukraine Cyberpolice

Watch: Armed Ukrainian cyber-cops raid MeDoc in NotPetya probe

Video There's a new wrinkle to the NotPetya story: authorities in Ukraine have seized equipment from MeDoc, the accounting software maker implicated in spreading the malware. The country's anti-cybercrime unit has seized the developer's servers after saying it had detected new activity, and was acting to “immediately stop the …
Parliament House Canberra

Minister says Oz Medicare breach was crims, not hackers

The fallout from Australia's Medicare card number leak continued yesterday afternoon, with Minister for Human Services Alan Tudge trying unsuccessfully to hose down the flames. In an afternoon press conference, Tudge seemed to suggest that “the Medicare machine”, who is using a marketplace on the Tor network to sell …
Falcon9

SpaceX halts Intelsat 35e launch twice in a row

SpaceX's current launch, carrying the geosynchronous satellite Intelsat 35e, hasn't got off the ground yet: two launches in a row have been pulled at the last minute. Elon Musk's company is trying to get its third flight up in two weeks, but it's going to have to wait for July 4. The original July 2 launch was scrubbed by the …
NIST's LEGO watt balance

Constant work makes the kilo walk the Planck

While business around the world closed out a financial quarter or a financial year ahead of June 30, US boffins were working to a different deadline: linking the kilogram to electromagnetism. Part of the world of metrology's long project to redefine the world's fundamental measurements, the aim is to define the kilogram in …
Software patch

GnuPG crypto library cracked, look for patches

Linux users need to check out their distributions to see if a nasty bug in libgcrypt20 has been patched. The software fix, which has landed in Debian and Ubuntu, addresses a side-channel attack published last week. The researchers published their work at the International Association for Cryptologic Research's e-print archive …

Happy 4th of July: Norks tests another missile

North Korea's regime remains bent on brinkmanship, with yet another missile test launched and suspicions it reach Japan's Exclusive Economic Zone. The governments of South Korea and Japan are convening emergency meetings of their respective national security councils after the test, which appears to have been a ballistic …

Medicare data leaks, but who was breached?

Medicare numbers in Australia became a lot less useful as a proof-of-identity, with the Australian Federal Police investigating how an unknown number of records ended up for sale on a Tor site. The report first surfaced via The Guardian's Australian site, with journalist Paul Farrell reporting he purchased his own record for …
Oops icon

In after-hours trade on Monday, NYSE deployed test code to production

It looks like the New York Stock Exchange took the opportunity of an abridged trading session ahead of the fourth of July to test some code relating to its API. The problem is, test seems to have gone to production with the hilarious result that a bunch of stocks are reporting the same value: $123.47 (which, as someone noted …
petya

SBU claims Russia was behind NotPetya

Ukraine's security service (SBU), which last week called on international help to trace the “NotPetya” outbreak, has upped the ante, accusing Russia of being the source of the malware. On Saturday, the SBU went public with the claim, saying the outbreak came from the same sources that launched last December's attack on the …

Android 'forensic' app pulled from Google Play after vulnerability report

If you use an app called eVestigator, billed as checking Android phones for security compromises, delete it. That's the word from someone signing their name as MaXe from InterN0T, who looked at what the Android app actually does. The application claimed to test Android handsets to see if they've been infected with malware. …
asteroid

NASA: Bring on the asteroid, so we can chuck a fridge at it

NASA has okayed one of its save-the-world-from-asteroids proposals to move to the preliminary design phase, on the way to a hoped-for launch early in the 2020s. If it goes ahead, the DART – Double Asteroid Redirection Test – will start with what the space agency describes as “a non-threatening small asteroid”. That way, …
linux_tux_cloud_648

Linux 4.12 kernel lands: 'Go forth and use it' quoth Linus Torvalds

As anticipated last week, version 4.12 of the Linux kernel landed Sunday amid a storm of … well, placidity, as it happens. Linus Torvald's release announcement is suitably low-key for something he expected to land without fuss. “Things were quite calm this week, so I really didn't have any real reason to delay the 4.12 release …
Kaspersky

Kaspersky repeats offer: America can see my source code

Eugene Kaspersky, founder of the eponymous antivirus firm, has reiterated his offer to give the US government access to his source code. The company is moving to try and head off budget legislation which, as we wrote last week, would shut Kaspersky out of American military contracts. The US Senate committee that's proposed …
open_door_648

German e-gov protocol carries ancient vulns

Germany's e-government system is open to padding oracle attacks and other vulnerabilities because of an insecure communications protocol. According to this SEC-Consult advisory, which landed on Friday, the problems are in the OSCI-Transport Library version 1.2, for which a common implementation is in Java. OSCI, the Online …
Long March

China pollutes ocean with bloody big rocket

China's latest Long March-5 Y2 the launch has gone awry for reasons not yet made public. The launch took place from a spaceport in Hainan province. The rocket was carrying an experimental satellite, and the 57-metre long booster left the launch site without incident. Youtube Video Shortly afterwards, Xinhua tersely Tweeted …

Biting the hand that feeds IT © 1998–2017