Security

London Metropolitan Police's 18,000 Windows XP PCs Is a Disaster Waiting To Happen (mspoweruser.com) 23

According to MSPoweruser, the London Metropolitan Police are still using around 18,000 PCs powered by Windows XP, an operating system Microsoft stopped supporting in 2014. What's more is that the police force is upgrading its PCs from Windows XP to Windows 8.1, instead of Windows 10. Only 8 PCs at the police force are reportedly powered by the "most secure version of Windows right now." From the report: From the looks of things, the London Metropolitan Police will continue to upgrade their systems to Windows 8.1 at the moment. Windows 8.1 is still being supported by Microsoft, although the mainstream support for the OS is set to end on the 9 January 2018. Microsoft will offer extended support for the OS until 2023, which means Windows 8.1 is still a much more secure alternative for the Metropolitan Police than Windows XP. Windows 10 still would have been the best option in terms of security, however. Microsoft is releasing security updates for the OS every month, and the new advanced security features like Windows Defender Advanced Threat Protection makes PCs running Windows a whole lot more secure. The spokesman of the 0Conservative London Assembly said in a statement: "The Met is working towards upgrading its software, but in its current state it's like a fish swimming in a pool of sharks. It is vital the Met is given the resources to step up its upgrade timeline before we see another cyber-attack with nationwide security implications."
Books

O'Reilly No Longer Selling Individual Books, Videos Online 26

dovf writes: Just got an email from O'Reilly Media that as of today, they are no longer selling individual books or videos online -- rather, they are encouraging people to sign up for Safari. They are continuing to publish books and videos, "and you'll still be able to buy them at Amazon and other retailers." They also make it clear that we will not lose access to already-purchased content, updates to such content, etc. More details can be found in the FAQ. No mention, though, of whether the content sold at these other retailers will remain DRM-free... From the FAQ: "You can buy all of the books (ebooks and print) at shop.oreilly.com from Amazon and other digital and bricks-and-mortar retailers. We're no longer selling individual books and videos via shop.oreilly.com -- but we are definitely continuing to publish books and videos on the topics you need to know. And of course, every O'Reilly book and video (including O'Reilly conference sessions) is available instantly on Safari." The only mention of "DRM" in the FAQ is in regard to what happens to the digital content you have in your account at members.oreilly.com. According to O'Reilly, "Your DRM-free ebooks and videos are safe and sound, and you'll continue to have free lifetime access to download them anytime, anywhere."
Government

US Imposes Stricter Security Screenings At Foreign Airports, But Won't Expand Laptop Ban Yet (theverge.com) 22

An anonymous reader quotes a report from The Verge: The United States will require foreign airports to implement stricter security practices and screenings for any passengers headed to the U.S. John Kelly, the U.S. secretary of Homeland Security, announced today that the new measures were being put in place. Though he didn't go into specifics, Kelly said the new requirements would include further screenings of electronics, more thorough vetting of passengers, and measures meant to stop "insider attacks." The U.S. is also encouraging the use of more bomb-detecting dogs, "advanced checkpoint screening technology," and the addition of "preclearance" locations, which station U.S. customs officers overseas, allowing them to screen passengers before boarding instead of after they land. One thing Kelly didn't announce was an expansion of the tablet and laptop ban, which is currently in effect on flights from 10 airports in the Middle East and North Africa. If airports don't comply with the new screening rules, Kelly said, they may be subject to additional electronics bans. But for the time being, it sounds like the ban will be kept to those 10 locations. According to Reuters, airlines have 21 days to comply with the new rules for explosives screenings and four months to comply with everything else.
Businesses

Samsung Plans To Open $380 Million Home Appliance Plant In US, Creating Almost 1,000 Jobs (cnbc.com) 34

Samsung Electronics has agreed to open a $380 million home appliance manufacturing plant in Newberry County, South Carolina. The new plant is expected to generate 954 local jobs by 2020. CNBC reports: The South Korean firm said this year it was in talks to build a home appliances plant in the United States amid worries about protectionist policies under U.S. President Donald Trump put pressure on global companies to generate jobs in the country. "With this investment, Samsung is reaffirming its commitment to expanding its U.S. operations and deepening our connection to the American consumers, engineers and innovators," Samsung Electronics America President and CEO Tim Baxter said.
Security

The Petya Ransomware Is Starting To Look Like a Cyberattack in Disguise (theverge.com) 87

Further research and investigation into Petya ransomware -- which has affected computers in over 60 countries -- suggest three interesting things: 1. Ukraine was the epicentre of the attack. According to Kaspersky, 60 percent of all machines infected were located within Ukraine. 2. The attackers behind the attack have made little money -- around $10,000. Which leads to speculation that perhaps money wasn't a motive at all. 3. Petya was either "incredibly buggy, or irreversibly destructive on purpose." An anonymous reader shares a report: Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program's decryption failure in a post today, Comae's Matthieu Suiche concluded a nation state attack was the only plausible explanation. "Pretending to be a ransomware while being in fact a nation state attack," Suiche wrote, "is in our opinion a very subtle way from the attacker to control the narrative of the attack." Another prominent infosec figure put it more bluntly: "There's no fucking way this was criminals." There's already mounting evidence that Petya's focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky.
Businesses

Seattle's $15 Minimum Wage May Be Hurting Workers, Report Finds (usatoday.com) 284

As companies look for ways to cut costs, Seattle's $15 minimum wage law may be hurting hourly workers instead of helping them, according to a new report. From a USA Today article: A report (PDF) from the University of Washington (UW), found that when wages increased to $13 in 2016, some companies may have responded by cutting low-wage workers' hours. The study, which was funded in part by the city of Seattle, found that workers clocked 9 percent fewer hours on average, and earned $125 less each month after the most recent increase. "If you're a low-skilled worker with one of those jobs, $125 a month is a sizable amount of money," Mark Long, a UW public-policy professor and an author of the report told the Seattle Times. "It can be the difference between being able to pay your rent and not being able to pay your rent."
Businesses

More Than 40 ISPs Across the Country Tell Chairman Pai to Not Repeal Network Neutrality (eff.org) 53

An anonymous reader shares a report: One excuse FCC Chairman Ajit Pai regularly offers to explain his effort to gut net neutrality protections is the claim that open Internet rules have harmed ISPs, especially small ones. During a speech earlier this year, he stressed that 22 small ISPs told him that the 2015 Open Internet Order hurt their ability to invest and deploy. In reality, though, many more ISPs feel very differently. Today, more than 40 ISPs told the FCC that they have had no problem with the Open Internet Order (PDF) and that it hasn't hurt their ability to develop and expand their networks. What is more, that they want the FCC to do its job and address the problem Congress created when it repealed the broadband privacy rules in March.
Google

Google Must Delete Search Results Worldwide, Supreme Court of Canada Rules (fortune.com) 191

The Supreme Court of Canada ruled against Google on Wednesday in a closely-watched intellectual property case over whether judges can apply their own country's laws to all of the internet. From a report: In a 7-2 decision, the court agreed a British Columbia judge had the power to issue an injunction forcing Google to scrub search results about pirated products not just in Canada, but everywhere else in the world too. Those siding with Google, including civil liberties groups, had warned that allowing the injunction would harm free speech, setting a precedent to let any judge anywhere order a global ban on what appears on search engines. The Canadian Supreme Court, however, downplayed this objection and called Google's fears "theoretical." "This is not an order to remove speech that, on its face, engages freedom of expression values, it is an order to de-index websites that are in violation of several court orders. We have not, to date, accepted that freedom of expression requires the facilitation of the unlawful sale of goods," wrote Judge Rosalie Abella.
Businesses

A New Kind of Tech Job Emphasizes Skills, Not a College Degree (nytimes.com) 169

Steve Lohr, writing for the New York Times: A few years ago, Sean Bridges lived with his mother, Linda, in Wiley Ford, W.Va. Their only income was her monthly Social Security disability check. He applied for work at Walmart and Burger King, but they were not hiring. Yet while Mr. Bridges had no work history, he had certain skills. He had built and sold some stripped-down personal computers, and he had studied information technology at a community college. When Mr. Bridges heard IBM was hiring at a nearby operations center in 2013, he applied and demonstrated those skills. Now Mr. Bridges, 25, is a computer security analyst, making $45,000 a year. In a struggling Appalachian economy, that is enough to provide him with his own apartment, a car, spending money -- and career ambitions. "I got one big break," he said. "That's what I needed." Mr. Bridges represents a new but promising category in the American labor market: people working in so-called new-collar or middle-skill jobs. As the United States struggles with how to match good jobs to the two-thirds of adults who do not have a four-year college degree, his experience shows how a worker's skills can be emphasized over traditional hiring filters like college degrees, work history and personal references. [...] On Wednesday, the approach received a strong corporate endorsement from Microsoft, which announced a grant of more than $25 million to help Skillful, a program to foster skills-oriented hiring, training and education. The initiative, led by the Markle Foundation, began last year in Colorado, and Microsoft's grant will be used to expand it there and move it into other states. "We need new approaches, or we're going to leave more and more people behind in our economy," said Brad Smith, president of Microsoft.
Businesses

Toshiba Sues Western Digital For $1 Billion in Damages (bloomberg.com) 19

Toshiba has raised the stakes in an embittered legal row with its joint venture partner, suing Western Digital for a $1bn in damages and hoping Japanese courts will quash the US firm's interference in the sale of its memory chip business. From a report: The litigation, filed Wednesday in Tokyo District Court, seeks to stop Western Digital from making ownership claims over the enterprise that Toshiba is trying to sell. The Japanese company said in a statement that Western Digital's employees improperly obtained proprietary information. The relationship between Toshiba and Western Digital has gotten more acrimonious, as Toshiba moves toward a sale of the flash-memory division. Last month, Western Digital invoked an arbitration clause in their business agreement, seeking to block Toshiba's transfer of ownership of the unit to a separate legal entity in preparation for a sale. Toshiba, which has since reversed that transfer, then had its lawyers send a letter demanding that the U.S. company stop its "harassment" as Toshiba tries to sell the business.
Businesses

President Trump Attacks Amazon, Incorrectly Claiming That It Owns The Washington Post For Tax Purposes (recode.net) 356

The Washington Post, which has been critical of Donald Trump and his administration in its coverage, has become the latest victim in Trump's Twitter tirade. On Wednesday, he accused Amazon of not "paying internet taxes (which they should)," adding that the company is using The Washington Post "in a scheme to dodge" the taxes. Quick fact check: Amazon doesn't own The Washington Post, Jeff Bezos -- in his personal capacity -- does. At any rate, Trump's furious tweets come a day after The Washington Post reported that a fake issue of Time magazine with Trump on the cover was hanging in some of the president's golf clubs. The timing of this is also awkward because just last week the president met with Bezos and other top executives to discuss ways the White House can modernize government and aid the tech industry. But the two have a long history. As Recode reminds: Meanwhile, Amazon is about to embark on what could be a lengthy government antitrust review of its bid to buy Whole Foods. Already looming large over the roughly $14 billion deal are the president's own comments: He has previously attacked Bezos and claimed the Post is a tax-dodging scheme for Amazon. "He thinks I'll go after him for antitrust," Trump said at one point during his campaign. "Because he's got a huge antitrust problem, because he's controlling so much, Amazon is controlling so much of what they are doing." Months later, Trump charged: "Believe me, if I become president, oh, do they have problems, they are going to have such problems." Meanwhile, Bezos isn't one to shy about his anti-Trump views either. At one point during the election, Bezos tweeted that he'd save a seat for Trump on his Blue Origin spacecraft, with the hashtag "sendDonaldtospace."
Yahoo!

Former Yahoo CEO Marissa Mayer Defends Former Uber CEO Travis Kalanick (sfchronicle.com) 71

An anonymous reader writes: Former Uber CEO Travis Kalanick has absorbed blistering criticism for the way he handled allegations of sexual misconduct at the San Francisco riding-hailing service. But he can at least count on the support of one big name in Silicon Valley: former Yahoo CEO Marissa Mayer. Speaking at the annual Stanford Directors' College Tuesday, Mayer defended Kalanick, suggesting that he was unaware of the toxic culture brewing at Uber because of the company's rapid growth. Mayer's name has come up in reports as a possible replacement for Kalanick at Uber, though there's no indication the company has had talks with her. "Scale is incredibly tricky," Mayer said. "I count Travis as one of my friends. I think he's a phenomenal leader; Uber is ridiculously interesting. I just don't think he knew," she said. "When your company scales that quickly, it's hard." Mayer then compared Uber's situation to the early days of Google when it first brought in Eric Schmidt as CEO to help co-founders Sergey Brin and Larry Page manage the company.
Facebook

The Guardian Backtracks On WhatsApp 'Backdoor' Report (theguardian.com) 47

Five months after The Guardian published an investigative report, in which it found a "backdoor" in the Facebook-owned service, the publication is finally making amendments. The January report immediately stirred controversy among security experts, who began questioning The Guardian's piece. Weeks later, Zeynep Tufekci, a researcher and op-ed writer for the New York Times, published an open letter with over 70 major security researchers working at major universities and companies like Google condemning the story, and asking the publication to retract it.. Paul Chadwick, The Guardian's reader's editor, said "The Guardian was wrong to report last January that the popular messaging service WhatsApp had a security flaw so serious that it was a huge threat to freedom of speech." From his article: In a detailed review I found that misinterpretations, mistakes and misunderstandings happened at several stages of the reporting and editing process. Cumulatively they produced an article that overstated its case. The Guardian ought to have responded more effectively to the strong criticism the article generated from well-credentialled experts in the arcane field of developing and adapting end-to-end encryption for a large-scale messaging service. The original article -- now amended and associated with the conclusions of this review -- led to follow-up coverage, some of which sustained the wrong impression given at the outset. The most serious inaccuracy was a claim that WhatsApp had a "backdoor", an intentional, secret way for third parties to read supposedly private messages. This claim was withdrawn within eight hours of initial publication online, but withdrawn incompletely. The story retained material predicated on the existence of a backdoor, including strongly expressed concerns about threats to freedom, betrayal of trust and benefits for governments which surveil. In effect, having dialled back the cause for alarm, the Guardian failed to dial back expressions of alarm.
Security

Contractors Lose Jobs After Hacking CIA's In-House Vending Machines (techrepublic.com) 178

An anonymous reader quotes a report from TechRepublic: Today's vending machines are likely to be bolted to the floor or each other and are much more sophisticated -- possibly containing machine intelligence, and belonging to the Internet of Things (IoT). Hacking this kind of vending machine obviously requires a more refined approach. The type security professionals working for the U.S. Central Intelligence Agency (CIA) might conjure up, according to journalists Jason Leopold and David Mack, who first broke the story A Bunch Of CIA Contractors Got Fired For Stealing Snacks From Vending Machines. In their BuzzFeed post, the two writers state, "Several CIA contractors were kicked out of the Agency for stealing more than $3,000 in snacks from vending machines according to official documents... ." This October 2013 declassified Office of Inspector General (OIG) report is one of the documents referred to by Leopold and Mack. The reporters write that getting the records required initiating a Freedom Of Information Act lawsuit two years ago, adding that the redacted files were only recently released. The OIG report states Agency employees use an electronic payment system, developed by FreedomPay, to purchase food, beverages, and goods from the vending machines. The payment system relies on the Agency Internet Network to communicate between vending machines and the FreedomPay controlling server. The OIG report adds the party hacking the electronic payment system discovered that severing communications to the FreedomPay server by disconnecting the vending machine's network cable allows purchases to be made using unfunded FreedomPay cards.
Space

Blue Origin To Build Its BE-4 Rocket Engine In Alabama, Creating Hundreds of Jobs (theverge.com) 50

Blue Origin has recently announced its plans to manufacture the company's new rocket engine, the BE-4, at a state-of-the-art facility in Huntsville, Alabama. According to The Verge, the benefits for Blue Origin are both practical and political. From the report: On the surface, it's a seemingly innocuous decision meant to capitalize on Huntsville's decades-long history of rocket development. The city is home to NASA's Marshall Space Flight Center, where the Saturn V rocket was developed and where NASA's future massive deep-space rocket, the Space Launch System, will also be worked on. Plus, many private space contractors are based in Huntsville, making spaceflight a key part of the city's economy and a huge jobs creator. It's why Huntsville has been nicknamed Rocket City. But the move is most likely motivated by politics as well, given Blue Origin's plans for the BE-4. The company ultimately hopes to use seven BE-4 engines to power its future massive rocket called the New Glenn, which is supposed to launch sometime before 2020. But that's not the only rocket that the BE-4 could fly on. The United Launch Alliance -- a company responsible for launching most of the satellites for the U.S. military -- is developing a new rocket called Vulcan, and it needs new U.S.-made engines for the vehicle. Blue Origin's move to Huntsville will supposedly generate 342 jobs at the new facility, with salaries averaging $75,000, reports The Verge. Given the city's history, the company should have no problem finding aerospace experts in the area. The only problem that could arise would be if ULA doesn't select the BE-4 as the Vulcan's main engine. "ULA is also considering a second option in case the BE-4 doesn't work out: an engine being developed by longtime manufacturer Aerojet Rocketdyne called the AR-1," reports The Verge. "Aerojet is only meant to be Plan B for ULA. But it has one advantage that Blue Origin didn't have until now: it's building its engine in Huntsville, Alabama -- and that comes with some very key political protection."
Earth

World's First Floating Windfarm To Take Shape Off Coast of Scotland (theguardian.com) 114

An anonymous reader quotes a report from The Guardian: The world's first floating windfarm has taken to the seas in a sign that a technology once confined to research and development drawing boards is finally ready to unlock expanses of ocean for generating renewable power. After two turbines were floated this week, five now bob gently in the deep waters of a fjord on the western coast of Norway ready to be tugged across the North Sea to their final destination off north-east Scotland. The ~$256 million Hywind project is unusual not just because of the pioneering technology involved, which uses a 78-meter-tall underwater ballast and three mooring lines that will be attached to the seabed to keep the turbines upright. It is also notable because the developer is not a renewable energy firm but Norway's Statoil, which is looking to diversify away from carbon-based fuels.
Network

Comcast and Charter In Talks With Sprint To Offer Wireless Service (theverge.com) 40

According to The Wall Street Journal, Sprint's merger talks with T-Mobile are temporarily on hold while the carrier mulls over a number of potential deals with the United States' two biggest cable companies, Comcast and Charter. While Comcast is already using Verizon's wireless service under their own name, the company may want to use Sprint's network as well. Charter doesn't have a wireless phone offering yet, but the company's CEO indicated last year that it has every intention of launching one. The Verge reports: Such a deal would likely involve the two cable companies making an investment in Sprint, which the carrier would then use to build out its network, generally known to be the worst of the four major phone service providers. The Journal also reports that Comcast and Charter could make a bid to acquire Sprint outright, but it said the outcome was seen as less likely. Though they're usually an unlikely pairing, Comcast and Charter agreed in May to team up when making deals around wireless coverage for a full year. For the most part, both companies have been slowly losing TV subscribers year after year as customers shift over to online services. They see phone service as a new offering that could help to restore growth and lock in subscribers.
United Kingdom

Britain's Newest Warship Runs Windows XP, Raising Cyber Attack Fears (telegraph.co.uk) 291

Chrisq shares a report from The Telegraph: Fears have been raised that Britain's largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-board hardware and software "would have been good in 2004" when the carrier was designed, "but now seems rather antiquated." However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks.
United States

Lawmakers Want To Move Fast On Self-Driving Car Legislation (axios.com) 105

An anonymous reader shares a report: Members of Congress said Tuesday that they hope to move forward with a package of self-driving car legislation by the end of July. "We've got to keep moving, because again, this technology is moving away from us, you might say," said Republican Bob Latta, who is helping to lead the effort. That would move the bills out of the relevant committee -- but not out of the House entirely.

Slashdot Top Deals