Richard Chirgwin

Contact Mail Follow Twitter RSS feed
Four years of NEOWISE collection

Scratch Earth-killer asteroid off your list of existential threats

Video NASA's fourth release of data from its NEOWISE asteroid-hunter may well come as a relief, as it's again failed to spot a rock worthy of Bruce Willis' attention. The new data dump, (downloadable here), brings the mission's total to 29,246 objects. Those objects were observed in the four years since NASA mission scientists …
Axe Cutting Wood

IETF: GDPR compliance means caring about what's in your logfiles

Sysadmins: while you're busy getting ready for the GDPR-regulated world, don't forget what your servers are storing in their logfiles. That advice comes courtesy of a draft mulled by the Internet Engineering Task Force's Internet Area Working Group (IETF's INTAREA). The document, here, offered a handy checklist as a set of …
Archetypal hacker in a hoodie (is this how we all must surf pron from now on?)

Massive cyber attack targets mid-Atlantic nation 'Berylia'

NATO and assorted partners have unleashed a massive cyber-attack on the fictional country of Berylia to test their ability to defend critical infrastructure against outside attacks. The virtual country will suffer its virtual attack under NATO's Cooperative Cyber Defence Centre of Excellence's (CCDCOE) Locked Shields 2018, …
Buffering icon

Information-Centric Networking boffins celebrate successful Cypriot trial

Information-Centric Networking (ICN) over IP has taken another step towards deployment, with a trial conducted at the end of 2017 declared a success. ICN addresses content by name rather than by the IP address of the server hosting it. The technology has been in development for about a decade, re-emerging earlier in 2018. The …
Angry man on laptop. Illustration via Shutterstock

Single single-sign-on SNAFU threatens three Cisco products

Cisco has announced a suite of patches against a bug in its Security Assertion Markup Language (SAML) implementation. As is so often the case with a language slip, the bug is inherited by multiple products. In the case of CVE-2018-0229, the affected systems are: Single sign-on authentication for the AnyConnect desktop …
Illustration of a computer chip with trendy stuff around it

Brains behind seL4 secure microkernel begin RISC-V chip port

The first RISC-V port of the seL4 microkernel was last week released by the Data61 division of the Australian government's Commonwealth Scientific and Industrial Research Organisation (CSIRO). seL4 is an open-source and highly secure version of the L4 microkernel that aims to be mathematically proven to be bug free, in that it …
Bell switchboard

Ericsson's losses narrow, but its pulse is still weak

Troubled Swedish vendor Ericsson has turned in another loss, but is hopeful that it's still closing in on its planned turnaround. In its first quarter results for 2018, the company reported a sales decline of two per cent year-on-year, adjusted for currency, with Asian markets (north and south Asia, the Oceania, and India) all …
Paisley skull

Chinese web giant finds Windows zero-day, stays schtum on specifics

Chinese company Quihoo 360 says it's found a Windows zero-day in the wild, but because it's notified Microsoft, it's not telling anyone else how it works. In this Weibo post (unless you speak Mandarin you'll need a translation tool), the company announced an “APT attack” on the unspecified zero-day “on a global scale”. …
Sparkler

Cisco snuffs Spark, renames it 'WebEx Teams'

Roundup Cisco leads the networking roundup this week, with news that there's one fewer way to avoid its WebEx brand: as part of a product reorganisation, what was Cisco Spark is to become WebEx Teams. It's more than a rebrand, Cisco's Jonathan Rosenberg insisted here, because in the Olde Worlde, Sparkies could join Spark meetings, and …
The Soyuz in flight following the launch. Pic: Roscosmos

Soyuz later! Russia may exit satellite launch biz

Russia has dropped a broad hint that it might leave the space launch business to private operators. Space launches have become a relative commodity: SpaceX publishes a price list offering a Falcon 9 trip to geosynchronous transfer orbit for $62m, or $90m for Falcon Heavy. Russia's official newsagency TASS carried a report …
Amazon CEO Jeff Bezos

Jeff Bezos purple prose reveals Amazon Prime's passed 100m customers

Amazon has announced the yield from its money mine for the full year 2017: on full-year sales of US$178 billion, it generated an operating income of $4 billion and net income of $3 billion. The Bezos Bunch pulled most of its retail business in the Christmas period, since as we reported in February, Q4 2017 netted $1.9 billion …

Facebook's login-to-other-sites service lets scum slurp your stuff

Updated It's possible for miscreants to secretly extract people's personal information via Facebook's Login service – the tool that lets you sign into websites using just a Facebook ID. Readers will be familiar with Steven Englehardt, a Mozilla privacy engineer who pursues privacy research for his PhD at Princeton, whose work on …
The Black Knight, defeated

Cambridge Analytica's ex-CEO decides not to front UK Parliamentary Committee again

The recently-sidelined former CEO of Cambridge Analytica has declined the opportunity to make a second appearance in front of the UK Parliament's Digital, Culture, Media and Sport Committee. Alexander Nix was due for a second grilling on Wednesday, April 18, but the committee's chairman Damian Collins, issued a statement …

Huawei CEO sings 'Bye, bye, mister American Pai', trims US C-suite

Huawei has acknowledged the US market may be a lost cause, at least for now. The Federal Communications Commission this week took a vote that effectively prohibited Huawei and fellow Chinese vendor ZTE from the US market: US carriers that receive federal broadband funds aren't allowed to spend that money with vendors deemed a …

Hop to it, bunnies: TaskRabbit breach means new passwords

IKEA's TaskRabbit app and Website, which links buyers with people skilled with Allen key experts and other errand-runners, remain offline a day after the company announced a data breach. Ominously, the operation's announcement (currently in place of its home page) advises users that if they re-use their username or password on …
Internet of things in the cloud

Cisco casts an eye over IoT protocol landscape: Everything the light touches is ours

Cisco has pitched its intent-based networking capabilities as a way to get control over the Internet of Things. There are good reasons to try and automate the network behaviour of IoT devices: as Cisco's enterprise networking marketing vice president Prashan Shenoy told The Register's networking desk, the ratio of IT personnel …

France building encrypted messaging app for politicians

France's government has built an encrypted messaging app for government use. The move was announced last Friday on radio station France Inter by digital secretary of state Mounir Mahjoubi (here in French). Mahjoubi said the aim is to create an end-to-end encrypted app to be “internal to the state and intended to replace” non- …

Facebook admits it does track non-users, for their own good

Facebook's apology-and-explanation machine grinds on, with The Social Network™ posting detail on one of its most controversial activities – how it tracks people who don't use Facebook. The company explained that the post is a partial response to questions CEO Mark Zuckerberg was unable to answer during his senate and …
The word futile

Google, AWS IPs blocked by Russia in Telegram crackdown

Russia's telecoms regulator Roskomnadzor has started blocking IP addresses linked to secure messaging service Telegram. Russia wants Telegram banished from within its borders, supposedly on national security grounds. First on its list, therefore, according to Roem.ru* (translated), are addresses used by, er, Amazon Web …
Internet engineering task force logo

Internet Engineering Task Force leaves home, gets own bank account

If all goes according to plan, the venerable Internet Engineering Task Force (IETF) will this week tackle a fiendishly difficult problem: standing on its own administrative feet. Today, the IETF exists as an Internet Society (ISOC) activity under a structure that is more than a decade old and needs a refresh. The IETF has …
Encryption

Cisco backs test to help classical crypto outlive quantum computers

Cisco and quantum security outfit Isara reckon they've got at least as far as alpha stage in one problem of the future: securing public key certificates against quantum computers. “Quantum computers will break cryptography” is a popular mass media trope, but the big brains of crypto have been aware of the risk for some time. …
Businessman boxer

Xerox CEO accused of seeking Fujifilm tie-up against board's instructions

In January, Xerox and Fujifilm decided their best chance of surviving the printer-copier downturn was a multi-billion dollar mutual rescue package led by the Fuji Xerox joint venture. Now, a lawsuit alleges Xerox CEO Jeff Jacobson rushed into the deal against instructions from the company's board. The lawsuit was filed in a …
Down the drain - Shutterstock

Security bods liberate EITest malware slaves

One of the world's longest-lived malware networks, EITest, has gone offline. EITest was part of several infection chains, used by attackers to redirect users from legitimate sites to compromised sites that shipped exploit kits. In 2016, for example, it was part of an attack that used shampoo brand Just for Men to push the RIG …
Wray

Congressional group asks FBI boss Wray to explain Apple lawsuit

Ten members of the US Congress have asked the FBI to explain its battles with Apple, after doubts were raised over the extent to which criminals use encryption to "go dark" and evade law enforcement authorities. Criminals using encryption to evade law enforcement – "going dark" – is the foundation of the FBI's calls for a …
Spy vs Spy cosplayers

Data exfiltrators send info over PCs' power supply cables

If you want your computer to be really secure, disconnect its power cable. So says Mordechai Guri and his team of side-channel sleuths at the Ben-Gurion University of the Negev. The crew have penned a paper titled PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines that explains how attackers could …

Biting the hand that feeds IT © 1998–2018