Richard Chirgwin

Contact Mail Follow Twitter RSS feed
NBN CEO Bill Morrow

NBN costs creating budget time bomb: Deloitte

Once a fan of Australia's National Broadband Network, Deloitte Access Economics is now warning it's a time bomb for the federal budget. Last week, the federal government tipped in a loan of AU$19.5 billion so nbnTM could finish its NBN rollout. Deloitte is now warning that the network doesn't cover the government's total $49 …
Siemens CCTV camera

Surprise! Another insecure web-connected CCTV cam needs fixing

Siemens has issued a security patch for CCTV cameras that cough up their admin passwords to remote attackers. The cameras are now sold by Vanderbilt Industries, which acquired the camera business unit from the German industrial giant in 2015. The security bug lies in the web server in the gadgets' firmware, and is present in …

Arista cats escape US quarantine, for now: Customs says it's OK to import networking gear

Arista says US Customs officials will wave in shipments of its latest-generation kit after deciding that the gear does not infringe Cisco's patents. Earlier this year, Cisco landed an import ban on Arista gear because it ripped off its intellectual property. Arista rejigged some of its software to avoid infringing Cisco's …
Android patch

Qualcomm now offering US$15k for security bugs

Qualcomm's been bitten by the bounty bug, signing on with HackerOne to offer up to US$15,000 for vulnerabilities in modems and processors. The bounty covers Snapdragon 400, 615, 801, 805 808, 810, 820 and 821 processors, and its X5, X7, X12 and X16 LTE modems. A vulnerability in any one of these would reach a long way into …

Going shopping for a BSOD? We've found 'em in store at M&S

Every time the BSOD flood seems to taper off, yet another bunch arrive in the Vulture South inbox, and for some reason the latest crop seems to have a retail theme. reader "Ozzard", for example, fired in the BSOD below, spotted in a Marks & Spencer, and since it's the right shape for the top spot, here it is. BSOD at Marks …
SLS cryo propulsion system in Marshall test stand

NASA trying to rein in next-generation super-heavy lifter costs

Poor NASA: it's got a president who doesn't like its climate research and wants it to pay more attention to putting humans on the Moon and Mars – but its launch vehicle for that kind of mission is costing too much. That vehicle is the Space Launch System, a rocket hoped to be capable of one day hauling loads up to 130,000kg …
television Test pattern

D-Link joins hands with Microsoft to give 'Super Wi-Fi' a push

D-Link and Redmond have put the paddles on 802.11af, charged the machine, and hit the button. The 2013 amendment to Wi-Fi is an air interface for “white space” frequencies (from 54 MHz to 698 MHz in the USA; Europe and the UK use a more realistic 490 to 790 MHz), with a maximum per-channel 35.6 Mbps (16 channels can be bonded …
Sad Android

More Androids carry phone-home firmware

Got a cheap-and-cheerful Android phone from BLU, Infinix, Doogee, Leagoo, IKU, Beeline or Xolo? It might be harbouring some badware in the firmware. The issue affects phones that use an over-the-air update mechanism from Chinese company according to BitSight researcher Dan Dahlberg and Anubis Networks' João Gouveia and Tiago …
cloud

Dropbox upgrade adds nice bits for sysadmins

Sysadmins need a "nice" user experience, and Daniel Iversen, head of solution architects for Dropbox Asia Pacific, told The Register that was in mind when the company pushed out a bunch of new admin capabilities. In other words: this is “not about a feature race”, he said, rather a more deliberate – and staged – upgrade …
Kamkar's RPi Zero-based attack

PoisonTap fools your PC into thinking the whole internet lives in an rPi

How do you get a sniff of a locked computer? Tell it you're its gateway to the entire Internet IPv4 routing space. That's the basic principle behind a demo from brainiac cracker Samy Kamkar. Plugged into a victim, his Raspberry Pi Zero-based "PoisonTap" isn't just a network sniffer, it's a backdoor-digger. MacOS users can …
Road Closed sign

Qualcomm asks for US ban on 'infringing' smartmobes

Qualcomm's trade troubles have taken a new twist, with the company launching a trade complaint to get some Chinese vendors banned from the USA. In an action filed with the US International Trade Commission (ITC), the chip company takes issue with two companies operating under smartphone maker Zhuhai Meizu's banner, along with …

Telstra's answers El Reg's Smart Home security questions

Telstra has managed to emit a response to The Register's questions about the soundness of its Smart Home service strategy, which we received at 5:10 PM yesterday. Vendors Telstra has, pleasingly, identified the vendors supplying its kit: The platform is powered by Icontrol; Cameras, smart plugs and door sensors are …
Road at night image via Shutterstock

YANG: Coming soon to a router near you

It's about time the world had one: a proposal to pull the world of router configuration into the warm embrace of the popular YANG protocol. Reading the RFCs so you don't have to, this one caught the Vulture South eye, because given the scale of networks some sysadmins have to work with, it's the start of something big. Since …

IBM offers Trump its ideas to Make America Great Again

Big Blue's big boss, Ginni Rometty, is hoping to dance on the tightrope that Big Orange has brought to the White House. Trump's unexpected election puts the technology industry in a tight spot, because many associate it with the economic conditions Trump exploited throughout his campaign. Globalisation demonised as a destroyer …

If you can chdir you can hack CA's Unified Infrastructure Manager

IT shops running CA Technologies' Unified Infrastructure Management (UMI) – formerly CA Nimsoft – need to run patches for three vulnerabilities, one remotely exploitable. CA bought Nimsoft in 2010 to get its hands on the “single pane of glass” monitoring system, covering servers, networks, storage, and databases. The most …
FACEPALM

Telstra launches Australian homes onto the Internet of S**t

Telstra's decided that Australian homes aren't insecure enough, launching its very own Internet of S**t Things offering based mostly on generic home-branded kit. The service, offered to Testra and non-Telstra broadband users, currently comes in two starter flavours: a home security offering with window sensors and camera; or …
Mars

Martian 'ice cauldrons' are prime spot to hunt LGMs, say boffins

One of the reasons it's so hard to find life on Mars is that hardly anwyhere we've spotted on the red planet combines liquid water and survivable temperatures. Now a study from the University of Texas (UT) suggests such a place may exist, because it once had enough volcanic activity to produce the right conditions. The …
Marching, image via Shutterstock

'Pavement power' - The bad idea that never seems to die

We've said it before, but because “walk on this pavement for renewable energy” remains a recurrent news story, it's worth saying again. You can't get a useful amount of energy that way: it's a gimmick. The latest iteration comes from Las Vegas, which according to the Las Vegas Review-Journal is installing street lights from …
Migrating birds in the cloud

Chinese giants give world another SDN and NFV platform

If you didn't think the world needed another Software Defined Networking (SDN) project, bad luck: you've got one anyway: it's called Open-O and hopes to put SDN and Network Function Virtualisation (NFV) in the same yoke. If that sounds familiar, it's because AT&T also wants to lead the open source world into a combination SDN/ …
shutterstock_236128771

GSMA: 5G at risk if governments don't get their acts together

The mobile industry's global lobby, the GSMA, is starting to worry about fragmentation in the 5G market – even before there is one. There are already hints at disunity in the spectrum market, with the International Telecommunications Union (ITU) yet to settle regional arguments about spectrum, while vendors and carriers run …
Junghoon Lee. Image: Darren Pauli / The Register

Pwnfest drops a nasty surprise on VMware

VMware's rushed out a patch for the serious desktop hypervisor bug turned up at the Pwnfest hacker convention. CVE-2016-7461 is a critical-rated out-of-bounds memory access vuln present in VMware Workstation and VMWare Fusion. The bug scores a critical rating because it could allow a guest to “execute code on the operating …

European Commission dangles €374m for low-power exascale research

Europe is trying to plant a flag in future chip development, slinging money towards low-power server silicon. Through its Horizon 2020 research collaboration, the European Commission pus published a solicitation for the project. There's nearly €375m on offer for the project, which looks to push more digitisation “outside the …
NASA's exploding star illustration

Boffins find Galaxy making killer radiation, rule out Samsung phone as source

It's not just radio any more: Penn State University boffins have turned up a “fast gamma ray burst” that correlates with a source of a fast radio burst (FRB). The still-mysterious FRBs have excited astro-boffins ever since 2013. In 2015, Australian astronomer Emily Petroff pulled off the first real-time observation of an FRB …
New Zealand flag

CERN boffins see strange ... oh, wait, that's just New Zealand moving 2m north

New Zealand's been hit by two nearly-simultaneous earthquakes that left two people dead, isolated some towns, cut telecommunications links – and rattled the Large Hadron Collider near Geneva. The quake might also inconvenience infosec types visiting the country for one of the Southern Hemisphere's pre-eminent conferences, …
Bring out yer dead!

Firewalls snuffed by 'BlackNurse' Ping of Death attack

Updated A code artefact in a number of popular firewalls means they can be crashed by a mere crafted ping. The low-rate “Ping of death” attack, dubbed BlackNurse, affects firewalls from Cisco, Zyxel, and possibly Palo Alto. Since we don't imagine Switchzilla has started giving away the version of IOS running in its ASA firewalls, …