Proprietary Software and Security Problems
Coronavirus cases 'lost' in test and trace blunder
More than 15,000 positive Covid cases have become “lost” in Britain’s tracking systems, resulting in long delays being passed on to Test and Trace handlers.
It means that tens of thousands of people who should have been told to self-isolate after coming into close contact with an infected case are only now being contacted – in some cases 10 days after transmission occurred.
The Government blamed “computer issues” for a blunder which saw the number of daily cases appear to double overnight, and has been accused of “shambolic” handling by Labour.
Shock and despair follow revelations that ‘world-beating’ Test and Trace system is being run on Excel
News that Britain’s ‘world-beating’ Test and Trace system is being run on Excel has been met with shock and despair today.
The weekly rate of new Covid-19 cases soared in dozens of areas of England, following the addition of nearly 16,000 cases that went unreported by because of a technical error with the spreadsheet.
John McAfee has been arrested in Spain and is facing extradition
John McAfee, who built a fortune selling cybersecurity software and has in recent years become a cryptocurrency evangelist, has been indicted on charges of tax evasion by the Department of Justice (DOJ). He has been arrested in Spain and is awaiting extradition, the DOJ said.
Kaspersky finds UEFI images that could be used for malware transport
Microsoft used one feature in the UEFI to introduce what it called secure boot in Windows 8 in 2012, in a manner that effectively prevented easy booting of other operating systems on machines which had secure boot enabled.
Secure boot was designed so that an exchange of cryptographic keys took place at boot-time; a system could verify the operating system attempting to boot was a genuine one, and not malware. There were further key exchanges along the way.
But four years later, two researchers cracked the technology when they found a so-called golden key that was protecting the feature.
Lechtik, Kuznetsov and Parshin wrote: "A sophisticated attacker can modify the firmware in order to have it deploy malicious code that will be run after the operating system is loaded. Moreover, since it is typically shipped within SPI flash storage that is soldered to the computer’s motherboard, such implanted malware will be resistant to OS reinstallation or replacement of the hard drive."
Microsoft puts lipstick on a pig to avoid scrutiny over security
In what appears to be a bid to try and pretend that it is making no big contribution to the abysmal security environment in the tech sector, Microsoft has put out one of those reports, titled Microsoft Digital Defence Report, that aims to quell criticism of its role, at the same time trying to insinuate that security is in a bad state because of every single player.
Ransomware attack on Philadelphia firm hits COVID clinical trials
Several companies, including IQVIA, the firm managing AstraZeneca's COVID vaccine trial, and Bristol Myers Squibb, which is leading a group of companies in developing a quick coronavirus test, have been affected by a ransomware attack on Windows systems at Philadelphia firm eResearchTechnology.
Four Malicious Packages In The NPM Repository With Names Similar To Popular Packages Were Phoning User Data Home
Be careful what you npm install. Four packages in the NPM repository, published by a single author, where caught sending device fingerprint information, IP and geo-location data to a public GitHub page upon installation. All of them used package names similar to popular and widely used NPM packages.
[...]
The malicious packages where published to NPM between August 17th and August the 24th. The typesquatting trick fooled more than 400 users into downloading and installing these packages before the software analysis company Sonatype detected it using their automated tools.
Linux 5.10 To Have Initial Support For UEFI Booting On RISC-V
It looks like the upcoming Linux 5.10 kernel cycle will be the first to bring initial support for UEFI booting on RISC-V hardware. Going back to the beginning of the year there has been RISC-V patches for UEFI support thanks to engineers at Western Digital. Prior kernel releases also saw UEFI clean-ups and other prep work in getting ready for RISC-V CPU architecture support to be added. Now with Linux 5.10 it looks like the first-cut support is ready to go. Also: ZFSOnLinux 0.8.5 Released With Support For Newer Kernels, Bug Fixes
Networking module and dev kit tap 2.5GbE and 802.11ax ready IPQ6000
8devices’ $79 and up “Mango” module and $219 “Mango-DVK” run OpenWrt Linux on an up to 1.8GHz, quad -A53 Qualcomm IPQ6000 or IPQ6010 SoC with 802.11ax (Wi-Fi 6). The DVK features 2.5GbE with PoE, SFP, and 2x GbE. 8devices has opened pre-orders on a surface-mountable Mango compute module that runs OpenWrt Linux on the Qualcomm IPQ6000 or IPQ6010 “Cypress” networking processors. The $79 Mango module uses the 1.2GHz IPQ6000 and the $99 Mango-I uses the 1.8GHz IPQ6010.
today's howtos
Android Leftovers
