Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Handcuffs photo via Shutterstock

Ride-snare: Lyft ruse helps cops cuff suspect in tech CEO murder case

A police officer in Fayette County, Georgia, has nabbed a murder suspect by appropriating the Lyft vehicle he figured the perp hoped to use as a getaway car. Albert DeMagnus, CEO of an IT business named Computer Management Services, was stabbed to death during a June 23 home invasion. He was discovered by his wife, whereupon …
Qantas Boeing 737-838, VH-VZR

Amadeus airline booking system TITSUP and it's not ransomware

The Amadeus airline booking platform is suffering another outage, so far mostly seen in a follow-on TITSUP (Total Inability To Support Usual Performance) hitting Australian airline Qantas. The Australian carrier is telling customers its booking systems are unavailable, and says it's not the only airline worldwide to be hit. …

Microsoft brings caregiver leave home to US, plans to finish global rollout soon

Microsoft has decided that family caregivers deserve support, so it's decided to take its paid leave program global. Redmond's HR veep Kathleen Hogan explained the decision in a LinkedIn post (Do we have to? Oh, all right, here's the link), as the company began offering the program in the USA. Saying “times when life happens …
Australian money at a crime scene

Costly, under-featured MyGov is just fine, says Oz national auditor

The Australian National Audit Office (ANAO) has rubber-stamped the government's MyGov portal, in spite of cost-overruns and a lack of performance metrics. The cost blowout was impressive: from an original four-year budget of AU$29.7 million (approved by the previous government in 2012), the project actually spent nearly triple …
Quick fix - worker running while carrying a wrench

Idea to encrypt stuff on the web at rest hits the IETF's Standard Track

Amid the rise of HTTPS, there are still many spots where content shifted encrypted across the web is ultimately stored in wide-open plain text, so a Mozilla engineer wants to close one of those gaps. In an Internet Engineering Task Force RFC published this month, a proposal by Martin Thomson (also a member of the Internet …
Telegram from dictionary

Encrypted chat app Telegram warned by Russian regulator: 'comply or goodbye'

Russia's communications regulator is threatening to lower the boom on popular encrypted messaging application Telegram. It might look like yet another government attack on user-accessible encryption, but in this letter, the head of regulator Roskomnadzor Alexander Zharov says the messaging app is violating Russian legislation …
Combine harvester... Photo by shutterstock

US Copyright Office suggests 'right to repair' laws a good idea

Last week, to little fanfare, the US Copyright Office took its first baby steps towards stopping auto-makers wrapping their software in copyright rules. The decision is important because auto-makers use the Digital Millennium Copyright Act's “technical protection measures” (TPMs) provisions to restrict diagnosis and repair to …
Two eggs hugging couple arranged in carton

Cisco and McAfee decide users just can't be trusted not to click on dodgy attachments

Cisco's adding McAfee's Advanced Threat Defense to platforms supported by its Email Security Appliance platform. The alliance is designed to make integration between the two systems easy – the Advanced Threat Defence (ATD) e-mail connector is a single checkbox in the McAfee UI, plus selecting permitted hosts and the file …
Blinded me with science

Researchers blind autonomous cars by tricking LIDAR

If you've ever been dazzled by some idiot's high-beam driving towards you at night, you'd probably welcome a self-driving car – except one of the key “eyes”, LIDAR, can also be blinded, or tricked into reacting to objects that aren't there. LIDAR - Light Detection and Ranging - is an important self-driving vehicle technology: …
Image by GTS http://www.shutterstock.com/gallery-519838p1.html

Queensland Police want access to locked devices

The Australian State of Queensland wants the power to force citizens to unlock their devices during a declared terrorist emergency. The state government introduced legislation under the title “Counter-Terrorism and Other Legislation Amendment Bill 2016” earlier this month. The bill's explanatory note (PDF) complains that …
Snow White waves goodbye. Photo copyright Disney

Verizon!-owned! Yahoo! bins! AT&T! IDs! for! Tumblr! logins!

Verizon has moved to unwind an old deal between Yahoo! and AT&T that allowed users to run merged AT&T and Yahoo! email accounts for login to some Yahoo! services. Tumblr was acquired by Yahoo! in 2013 and became a familiar Purple Palace bungle: after splashing US$1.1 billion to buy the blogging platform, it January this year …
Broken record, image via Shutterstock

Tavis Ormandy to Microsoft: Have another Windows Defender vuln

Google Project Zero bug-hunter Tavis Ormandy has alerted the world to yet another way Microsoft's anti-virus tool Windows Defender could be attacked. Ormandy went public with the bug on Friday after Microsoft shipped its fix. He reported the issue to Redmond on June 9th. The bug is in the non-sandboxed x86 emulator Windows …
Tommy Lee Jones delivers implied facepalm. From No Country for Old Men  Copyright Miramax Pictures. 2007.

Microsoft recommends you ignore Microsoft-recommended update

Earlier this month, Microsoft gave the world .NET Framework 4.7 and urged users to install it for the usual reasons: more fun bits to play with and a security improvements. But two days later the company urged Exchange users not to install it ASAP, because it hadn't validated it yet. Last Friday - 10 days after the launch of …

Intel's Skylake and Kaby Lake CPUs have nasty hyper-threading bug

During April and May, Intel started updating its processor documentation with a new errata note – and over the weekend we learned why: the Skylake and Kaby Lake silicon has a hyper-threading bug. The erratum is described in detail on a Debian mailing list, and affects Skylake and Kaby Lake Intel Core processors (in desktop, …

WannaCrypt blamed for speed camera reboot frenzy in Australia

A contractor in the Australian State of Victoria has managed to infect an unknown number of speed cameras with a virus, over sneakernet. Details aren't so much sketchy as they are confused: the virus has been identified as WannaCrypt, but the government's been told it infected both Linux and Windows-based cameras; there was no …
Cisco logo falling off Cisco building

Yes, this is our third Cisco story of the day. It's about 23 bugs you need to fix, stat

We all know the only thing more fun than a WebEx conference is a recorded WebEx conference, which is why WebEx Network Recording Player exists – and if you use it, you need to patch it. Switchzilla's 23-patch Wednesday Whack-a-Mole includes fixes for multiple buffer overrun WebEx vulnerabilities. The WebEx vulns can be …

Cisco's 'encrypted traffic fingerprinting' turned into a product

Cisco has turned research published nearly a year ago into a product it hopes will protect enterprises against malware hidden in encrypted traffic. As The Register reported in July 2016, a group of Cisco researchers have been working on how to spot dangers entering networks through TLS. Since you can't see inside encrypted …

Researcher calls the fuzz on OpenVPN, uncovers crashy vulns

OpenVPN has patched a bunch of security vulnerabilities that can be exploited to crash the service or, at a pinch, potentially gain remote-code execution. You should update your installations to versions 2.4.3 or 2.3.17 as soon as you can just to be on the safe side. The four holes were found by Guido Vranken, who took a …
Judge gavel, photo via Shutterstock

Arista-cats nearly out of the bag as redesigned products okayed

Arista's long slog back to the shelves in America continues with an initial determination from the International Trade Commission okaying its product redesign. As part of the long-running legal slugfest between Arista and Cisco, the Trade Commission banned the import of Arista products it alleged infringed a Cisco patent. …

Oz senate committee says 'robo-debt' program was 'set up to fail'

Federal Government senators have rejected a Senate report that describes its “robo-debt” program as “set up to fail”. The inquiry was set up by the Labor opposition with the support of The Greens, and its report was tabled in the Senate last night. The government began to automate the process of determining overpayments last …
Black hole - spaghetti visualisation. Artist's impression.  NASA/JPL-Caltech, CC BY-SA

Melbourne Uni hoping to hoist tiny telescope to look at BIG explosions

A couple of years after it was first conceived, a Melbourne University-led infrared astronomy cubesat proposal called SkyHopper is gathering momentum. Vulture South found itself intrigued by a simple question, which we found time to put to one of the project's founders, astrophysicist Dr Katie Mack: what useful astronomy can …
Unlocked padlock

NSA had NFI about opsec: 2016 audit found laughably bad security

Second-rate opsec remained pervasive at the United States' National Security Agency, according to an August 2016 review now released under Freedom of Information laws. It's almost surprising that the agency was able to cuff Reality Winner, let alone prevent a wholesale Snowden-style leak. The Department of Defense Inspector …
A Ransom Note

South Korean hosting co. pays $1m ransom to end eight-day outage

A South Korean web hosting company is forking out just over US$1 million to ransomware scum after suffering more than eight days of nightmare. Nayana first announced the attack on June 10, saying customer video files and its database had been encrypted, and promising to work to recover the data. More than 150 servers were hit …
Bouncer icon

Juniper puts an Enforcer on the door and adds Cisco to the guest list

Juniper Networks has announced an upgrade to its Software Defined Secure Networks (SDSN) platform, and among other things it's added cross-platform capabilities. The Gin-fuelled networking company has decided that its sworn enemy and nemesis, Cisco Systems, might conceivably have kit in its customers' sites, so its policy …
Parliament House Canberra icon

Australian Dept Defence pulling kit out of China-owned Global Switch

Paranoia will set the Australian government back AU$200 million between now and 2020, with the country's defence department deciding Chinese part-ownership of data hotel Global Switch represents a security risk. Global Switch is one of many companies with a place on the Federal government's data centre panel, and has operated …

Biting the hand that feeds IT © 1998–2017