Iain Thomson

Contact Mail Follow Twitter RSS feed
tesla

Aut-doh!-pilot: Driver jams 65mph Tesla Model S under fire truck, walks away from crash

Another Tesla driver needs reminding that the flash motor's Autopilot mode doesn't mean you can ignore what's on the road. On Monday morning, a Tesla Model S slammed into a stationary firetruck at around 65mph on Interstate 405 in Culver City, California. The car was driven under the fire engine, although the driver was able …
Iain Thomson, 23 Jan 2018
voting

Electronic voting box makers try to get gear stripped from eBay and out of hackers' hands

Shmoocon Vendor intimidation, default passwords, official state seals for sale. Yes, we're talking about computer-powered election machines. The organizers of last year's DEF CON Voting Village – a corner of the annual infosec conference where peeps easily hacked into electronic ballot boxes – are preparing for a similar penetration- …
Iain Thomson, 23 Jan 2018

That's not very ice! Blizzard silently patches games hack hole, gives Googler cold shoulder

Blizzard games – played every month by half a billion netizens, apparently – could be hijacked by malicious websites visited by gamers, according to Google's Project Zero team. Googler Tavis Ormandy spotted the vulnerability in the Blizzard Update Agent, which is installed alongside all Blizzard titles. This particular …
Iain Thomson, 23 Jan 2018
shutdown

US govt shutdown lobs spanner in SpaceX's Falcon Heavy launch

SpaceX's Falcon Heavy maiden launch, pencilled in for the end of this month, is set to be delayed due to the ongoing US government shutdown. Since Friday night, all federal agencies have suspended non-essential work as congressfolk bicker over budget cuts, increases, and allocations. The Senate today inched closer to passing a …
Iain Thomson, 22 Jan 2018
Joyce

Take a former NSA head hacker, a Raspberry Pi, weird Kiwi radios and what do you get?

Shmoocon The news that Rob Joyce, former head of the NSA's elite hacking squad and now White House cybersecurity coordinator, was giving a talk at the Shmoocon infosec conference raised hopes he would offer up some juicy insights into the surveillance state or Donald Trump's cyber policies. Instead Joyce talked about his very unusual …
Iain Thomson, 22 Jan 2018
Figueroa

Smut site fingered as 'source' of a million US net neutrality comments

Shmoocon An analysis of comments submitted to the United States Federal Communications Commission's consultation on the future of the nation's net neutrality rules has shown the whole process of public comments was fatally flawed. Speaking at the Shmoocon hacking conference in Washington DC, Leah Figueroa, lead data engineer at data …
Iain Thomson, 22 Jan 2018
dodson

Hey American business, here's how to use blockch ... sorry – we've been shut down

Shmoocon The political maneuvering that has shut much of the US government this month has delayed the National Institute of Standards and Technology's planned release of guidance about the risks and rewards of blockchain technology. “We have ... a publication that’s coming out on Monday on the fundamentals of blockchain to help people …
Iain Thomson, 21 Jan 2018
grave

Unlocked: The hidden love note on the grave of America's first crypto power-couple

Shmoocon Among the 400,000 graves at the Arlington National Cemetery – a solemn US military graveyard in Virginia – lies the final resting place of cryptography pioneers William and Elizebeth Friedman. And hidden in code on their tombstone is a touching tribute from a wife to her husband. A code that's only now just been cracked, …
Iain Thomson, 20 Jan 2018
ripper3

Baywatch hero drone saves silly struggling swimmers Down Under from going down under

Video Australian politicians are claiming a world first after a drone saved two teenagers from drowning in heavy surf. At 11.30am on Thursday, passersby alerted lifeguards that two people were in trouble in the sea off Lennox Head beach in New South Wales. The lifesavers just so happened to be in the middle of a training course on …
Iain Thomson, 19 Jan 2018
caracal

Someone is touting a mobile, PC spyware platform called Dark Caracal to governments

An investigation by the Electronic Frontier Foundation and security biz Lookout has uncovered Dark Caracal, a surveillance-toolkit-for-hire that has been used to suck huge amounts of data from Android mobiles and Windows desktop PCs around the world. Dark Caracal [PDF] appears to be controlled from the Lebanon General …
Iain Thomson, 18 Jan 2018
Grzegorz Milka

Who's using 2FA? Sweet FA. Less than 10% of Gmail users enable two-factor authentication

Usenix Enigma It has been nearly seven years since Google introduced two-factor authentication for Gmail accounts, but virtually no one is using it. In a presentation at Usenix's Enigma 2018 security conference in California, Google software engineer Grzegorz Milka today revealed that, right now, less than 10 per cent of active Google …
Iain Thomson, 17 Jan 2018
tinfoil hat (shutterstock)

HTML5 may as well stand for Hey, Track Me Longtime 5. Ads can use it to fingerprint netizens

Usenix Enigma HTML5 is a boon for unscrupulous web advertising networks, which can use the markup language's features to build up detailed fingerprints of individual netizens without their knowledge or consent. In a presentation at Usenix's Enigma 2018 conference in California this week, Arvind Narayanan, an assistant professor of computer …
Iain Thomson, 17 Jan 2018
enigma albert

Shafted by bosses, disdained by punters, loved by hackers – yes, it's freelance workers

Usenix Enigma Gig economy workers – the fancy new way to describe short-term freelance serfs like Uber drivers and Deliveroo riders – are well in the sights of hackers. That's because they're surprisingly easy to phish. There's no corporate network to protect them. They usually sign up to a task-scheduling app using their personal email …
Iain Thomson, 17 Jan 2018
enigma sedova

Wanna motivate staff to be more secure? Don't bother bribing 'em

Usenix Enigma It's frustrating getting users to keep information and systems secure on a daily basis. However, don't try any smart gimmicks – particularly offering wedges of cash or other prizes for good behavior. It doesn't work. Quite the opposite, it can make things worse. Paying out a bonus to those who make few or zero security …
Iain Thomson, 17 Jan 2018
Doctor Nick Riviera

Hospital injects $60,000 into crims' coffers to cure malware infection

A US hospital paid extortionists roughly $60,000 to end a ransomware outbreak that forced staff to use pencil-and-paper records. The crooks had infected the network of Hancock Health, in Indiana, with the Samsam software nasty, which scrambled files and demanded payment to recover the documents. The criminals broke in around 9 …
Iain Thomson, 16 Jan 2018

Facebook settles landmark revenge porn case with UK teen for undisclosed sum

Facebook has settled a case with a 14-year-old girl after the social network hosted revealing pictures of her on a Facebook "shame" page. In perhaps the first case of its kind in the world, Facebook was taken to the High Court by lawyers for a Northern Irish girl, whose nude picture was repeatedly posted to the page between …

Intel puts security on the todo list, Tavis topples torrent tool, and more

Roundup The security world is still feeling the aftereffects of last week's CPU design flaw disclosures, which continued to dominate the news this week, even amid the noisy CES jamboree in Las Vegas. The Meltdown-slash-Spectre saga, broken by The Register last week, is still causing major headaches, not least for Intel. On Friday, …
Iain Thomson, 13 Jan 2018
Jaylaw

Celebgate latest: Fourth dirtbag 'fesses up to pillaging iCloud for stars' X-rated selfies

A fourth man has admitted stealing Hollywood stars' private nude photos that eventually leaked online in what became known as Celebgate. George Garofano, 26, of Northford, Connecticut, USA, pleaded guilty this week to one count of unauthorized access to a protected computer to obtain information. The FBI reckons Garofano …
Iain Thomson, 12 Jan 2018
android

'Mummy, what's felching?' Tot gets smut served by Android app

Researchers have found a batch of over 60 malware-carrying apps in Google's Play Store designed to rob mobile users or show them pornography, all with a kid-friendly theme. The malware, dubbed AdultSwine by security shop Check Point, was found in apps like "Drawing Lessons Lego Star Wars", "Fidget spinner for Minecraft" and " …
Iain Thomson, 12 Jan 2018
NICER

NASA is pretty pleased with its pulsar-sniffing intergalactic GPS tech

Pics After years of research and testing, NASA has demonstrated spacecraft positioning equipment that relies on measuring X-ray bursts. The hardware will help future spacefarers navigate the galaxy and beyond. Your car or smartphone GPS gear works out its position using signals received from a constellation of satellites orbiting …
Iain Thomson, 12 Jan 2018
DDOS

Brace yourselves for the 'terabyte (sic) of death', warns US army IT boss

The outgoing head of the Defense Information Systems Agency, which handles computer security for the US Department of Defense, has warned a massive cyber-attack is "looming" at the American military's door. Over lunch on Thursday, Army Lieutenant General Alan Lynn, who retires in a few months, told the Armed Forces …
Iain Thomson, 12 Jan 2018
wiretap

Microsoft finally injects end-to-end chat crypto into Skype – ish...

Microsoft has bunged end-to-end encrypted communications into beta versions of Skype using the open-source Signal protocol. Redmond has been a laggard in locking down Skype as a truly end-to-end encrypted comms system – end-to-end meaning only the people talking to each other can decrypt the chatter, leaving Microsoft and …
Iain Thomson, 11 Jan 2018
webcam

Ohio coder accused of infecting Macs, PCs with webcam, browser spyware for 13 years

A computer programmer has been accused of hacking, committing identity theft, and creating child pornography after allegedly developing custom malware to take control of thousands of computers. Phillip Durachinsky, 28, of North Royalton, Ohio, USA, was indicted on Wednesday on 16 separate charges relating to the alleged …
Iain Thomson, 11 Jan 2018
Photo by Andrew Cline / Shutterstock

Leaky credit report biz face massive fines if US senators get their way

New legislation introduced in the US Senate by Elizabeth Warren (D-MA) and Mark Warner (D-VA) would result in credit reporting agencies being slapped with stiff fines if they play fast and loose with data security. The Data Breach Prevention and Compensation Act [PDF] would impose a mandatory $100 fine per person affected on …
Iain Thomson, 10 Jan 2018
drone

Russia claims it repelled home-grown drone swarm in Syria

The Russian Defense Ministry has reported that its forces in Syria have been attacked by a swarm of GPS-guided drones carrying improvised explosives. The attack took place on the night of December 5, with 13 drones were picked up on radar. Ten aimed themselves at Russia’s Hmeymim air base and three more headed for a logistics …
Iain Thomson, 10 Jan 2018

Biting the hand that feeds IT © 1998–2018