Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Burning 5G against dark background

5G whizz: Ericsson just turned in first profit since 2016

Ericsson has dodged a loss for the first time in two years, after 18 months under the strict regime imposed by CEO Börje Ekholm, who took the reins at the vendor at the start of 2017. Under Ekholm, the company has shed more than 20,000 jobs (around 14,000 in direct employees) and cut more than 10 billion Swedish kronor — more …

Oz researchers, uni unite against Defence overreach

Australia’s research and university communities have united against what they see as Department of Defence overreach: the brass-hats want greater powers to control international collaboration. The battle centres around the two-yearly review of Australia’s defence controls legislation, and a June submission by the Department …

Telco IT admins on red alert as Cisco flings out patches for security holes in policy toolkit

Cisco has emitted 25 product security advisories – with four critical bugs flattened in its service provider-oriented Cisco Policy Suite. The suite’s Policy Builder toolkit can be exploited by an unauthenticated remote attacker to gain access to its policy interface, due to an authentication bug (CVE-2018-0376). The switch …
Xeon E3-1500 v5

ME! ME! ME! – Intel's management tech gets a quartet of security fixes

In case you missed it, Chipzilla has gone public with more security updates for the Intel Management Engine. The advisories, here and here, address four exploitable bugs. Positive Technologies, which discussed the bugs in detail here, identified CVE-2018-3628, a “Buffer overflow in HTTP handler” as the most serious. That's …
Cannabis leaves

PayPal's pal Venmo spaffs your pals' payments – and yours

PayPal-owned digital wallet Venmo shares way too much data via its public API, according to Berlin-based researcher Hang Do Thi Duc. If users accept the default setting on their account when they sign up, their transaction details are accessible via the service's API, making it “incredibly easy to see what people are buying, …
It's black. It's boring. It's really, really fast: Samsung's LPDDR5

Samsung touts bonkers-fast 8 Gbit DRAM for phones, AIs

Samsung has shown off the first prototype of a somewhat-bonkers DRAM chip: at 8 Gbits, it's not news in terms of scale, but the LPDDR5 silicon pushes bits out the door at 6,400 megabits per second. Since it's a prototype, we can't say the memory is “coming to an iPhone near you”; rather, the company says, delivery will be “in …
Emirates Stadium seats photo iolya via Shutterstock

The crowd roars and Ruckus joins in with 802.11ax kit

Ruckus Networks has focussed on high-density environments with its entry into the 802.11ax Wi-Fi market. Let's go over the numbers first. On the Wi-Fi side, the Ruckus R730 is the company's first 802.11ax access point, it runs twelve MU-MIMO spatial streams, supports WPA3 and Wi-Fi Enhanced Open connections, OFDMA (orthogonal …
Cutting ties

Code of conduct claims new Texas Instruments CEO after just six weeks

Former Texas Instruments CEO Rich Templeton will return to the role after a six-week break, because his replacement has been dumped for breaching the company's code of conduct. Brian Crutcher, a 22-year veteran of TI, moved into the big office on June 1st, 2018. But on July 17th the company issued a statement saying his …
Fiber optics

Google to build private trans-Atlantic cable from US to France

Google has announced its first private trans-Atlantic cable, with landings at Virginia Beach in the US and on the French Atlantic coast. Named Dunant (after Henry Dunant, founder of the Red Cross), the cable will go overland to follow a terrestrial link to the Chocolate Factory's cloud region in Belgium. At the US end, the …
Thumbs up for Spectre-Meltdown protection

'007' code helps stop Spectre exploits before they exist

Black hats haven't yet found a way to mass-exploit the Spectre vulnerability – but mitigations are already arriving. Beyond chip vendor and operating system patches, there remain reasons to seek out additional defences: there are still circumstances in which protective coverage is incomplete – and over in the world of Android …
Steve Ballmer, image from imagemaker via Shutterstock

Cisco's made DNA Center open enough to out-run Amazon

As we reported yesterday, the idea that Amazon might make its own switches into some kind of a captive gateway between on-premises data centres and the AWS cloud sent shivers through investors in traditional networking vendors – and none so much as Cisco. Another way of looking at the same announcement is that AWS is entering …
ocean_648

Submarine cables at risk from sea water, boffins warn. Wait, what?

University of Wisconsin-Madison boffins have warned submarine cable owners that their landing stations and onshore cables are at risk from rising sea levels. “So what? Submarine cables are meant to get wet!” you might say – yes, but the onshore infrastructure isn't protected against a soaking like a cable designed to exist at …
radar

GitHub to Pythonistas: Let us save you from vulnerable code

GitHub's added Python to the list of programming languages it can auto-scan for known vulnerabilities. In March, the social code-host added Ruby and Javascript libraries to the dependency graph service it announced last year. Afraid of the dark, image via Shutterstock Your code is RUBBISH, says GitHub. Good thing we're here …

Intel buys eASIC because FPGAs aren't always the answer

Intel has acquired fabless designer eASIC, a specialist in the structured ASIC (Application-Specific Integrated Circuit) business. eASIC's technology gives Chipzilla an intermediate technology between ASICs and the FPGA (Field Programmable Gate Array) segment Intel entered in late 2015 when it acquired Altera. The …
Meltdown

Juniper makes a meal of Spectre/Meltdown

Roundup Juniper Networks has issued its semi-regular bug-dump, with sixteen advisories arriving late last week. There's a Spectre/Meltdown patch in there, but you need to go looking: it's in the Junos Space management platform, along with various other items. Junos Space also received one fix for BIND, and a merry collection of 17 …
gag

Tim? Larry? We need to talk about smartphones and privacy

Oracle’s busy backgrounding about Android privacy last year appears to have helped draw US lawmakers' attention to Google and Apple. Members of the US House Energy and Commerce Committee have jumped on a report by Quartz’s Keith Collins from November 2017 as the basis of letters to Apple CEO Tim Cook and Alphabet CEO Larry …

Weirdest. Acquisition. Ever. Broadcom buys CA Technologies

CA Technologies, long a byword for making acquisitions, has been acquired by Broadcom. The US$18.9 billion cash purchase of the software company is so distant from Broadcom’s chip business that it will probably not face the same regulatory problems that derailed Broadcom's takeover offer for Qualcomm. Announcing the deal, …

Oracle wants to improve Linux load balancing and failover

Oracle reckons Linux remote direct memory access (RDMA) implementations need features like high availability and load balancing, and hopes to sling code into the kernel to do exactly that. The problem, as Oracle Linux kernel developer Sudhakar Dindukurti explained in this post, is that performance and security considerations …
danger

Arch Linux PDF reader package poisoned

Arch Linux has pulled a user-provided AUR (Arch User Repository) package, because it contained malware. If you're an Arch Linux user who downloaded a PDF viewer named "acroread" in the short time it was compromised, you'll need to delete it. While the breach isn't regarded as serious, it sparked a debate about the security of …

BGP hijacker booted off the Internet's backbone

A year-long effort to stop an accused “bad actor” who hijacked border gateway protocol (BGP) routes has borne fruit, with giant Hurricane Electric and Portugal's IPTelecom joining in cutting off an organisation called Bitcanal. Dyn detailed the process, which is nearing completion a year after German Internet exchange DE-CIX …

China-based hackers take an interest in Cambodia's elections

A US-based security researcher has accused China of interfering in Cambodia's forthcoming national election. Security vendor FireEye says it has spotted a large-scale Chinese phishing, intrusion, remote access trojan (RAT), and data exfiltration operation targeting the poll. FireEye attributed the activity to a group dubbed “ …
black robed individuals in a circle... scary! Photo by shutterstock

Huawei won a contract in Oz. Of course there's a whispering campaign

Comment Huawei has won another sizeable contract, this time in Australia, and with it come the all-too-common accusations that the company is a national security risk. The contract in question is an LTE-based 1800MHz rail radio network worth AU$136m (£76.4m) for the State of Western Australia's Public Transport Authority (PTA). Huawei …
Image: Serazetdinov http://www.shutterstock.com/fr/pic-114819721/stock-vector-illustration-of-a-strong-blast-of-brain.html

BGP borked? Blame the net's big boppers

The Internet's fundamental routing infrastructure, the Border Gateway Protocol (BGP), is so fragile that errors in one to four per cent of ISP route filters can propagate bad routes. So says Czech DDOS-defender Qrator Labs, which carried out a project to try and help the Internet community quantify how much of the threat to …

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Security researchers have warned that someone's obtained copies of code-signing certificates from two Taiwanese companies – and is using them to sign malware. Abusing code-signing certificates in this way is an attempt to present software nasties as the legitimate product of the vendor whose key signed it. Security vendor …
Playground hero

Nissan 'fesses up to fudging emissions data

Nissan, last year accused by UK consumer magazine Which? of faking emissions data, has admitted its own “dieselgate”. The Which? investigation in March 2017 claimed Nissan's X-Trail 1.6 litre engine produced “13 times as much NOx as the Euro 6 limit”. The carmaker instituted an internal review, and in September 2017 found it …

Biting the hand that feeds IT © 1998–2018