Miscellaneous Tech News

mlnews

Google launches a new medical app—outside the United States

The dermatology AI app won approval for use in the EU but not with the FDA.
Billions of times each year, people turn to Google’s web search box for help figuring out what’s wrong with their skin. Now, Google is preparing to launch an app that uses image recognition algorithms to provide more expert and personalized help. A brief demo at the company’s developer conference last month showed the service suggesting several possible skin conditions based on uploaded photos.

mlnews

Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

Western Digital removed code that would have prevented the wiping of petabytes of data.
Last week’s mass-wiping of Western Digital My Book Live storage devices involved the exploitation of not just one vulnerability but a second critical security bug that allowed hackers to remotely perform a factory reset without a password, an investigation shows. The vulnerability is remarkable because it made it trivial to wipe what is likely petabytes of user data. More notable still was that, according to the vulnerable code itself, a Western Digital developer actively removed code that required a valid user password before allowing factory resets to proceed.

1337

@mlnews said in Miscellaneous Tech News:

Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

Western Digital removed code that would have prevented the wiping of petabytes of data.
Last week’s mass-wiping of Western Digital My Book Live storage devices involved the exploitation of not just one vulnerability but a second critical security bug that allowed hackers to remotely perform a factory reset without a password, an investigation shows. The vulnerability is remarkable because it made it trivial to wipe what is likely petabytes of user data. More notable still was that, according to the vulnerable code itself, a Western Digital developer actively removed code that required a valid user password before allowing factory resets to proceed.

That sucks. Like ransomware but without the hope...

And the same problem too - vulnerabilities don't care about your carefully planned zero trust architecture and short-lived tokens and what not.

EddieJennings

Pop_OS 21.04 has been released
https://blog.system76.com/post/655369428109869056/popos-2104-a-release-of-cosmic-proportions

scottalanmiller

https://thehackernews.com/2021/06/unpatched-virtual-machine-takeover-bug.html

scottalanmiller

https://www.theregister.com/2021/06/30/ibm_email_outage/

Absolutely no one surprised.

mlnews

Starlink’s “next-generation” user terminal will cost a lot less, Musk says

Musk expects near-global coverage in August and up to 500,000 users in one year.
SpaceX CEO Elon Musk said his company's Starlink division is trying to cut the price of its user terminal from $500 to as low as $250. Starlink has been charging $99 a month for Internet service during its beta phase, plus $500 up front for the user terminal/satellite dish, and it's losing money on the sale of each dish.

mlnews

Tim Berners-Lee sells web source code NFT for $5.4m

The original source code for the world wide web has been sold as a non-fungible token, making $5.4m (£3.9m).
NFTs are certificates of ownership for digital assets, which often do not have a physical representation. They do not necessarily include copyright control - and critics say they are get-rich-quick schemes that are bad for the environment. World-wide-web creator Sir Tim Berners-Lee sold the NFT to an unidentified buyer, through auction house Sotheby’s. The highest bid stood at $3.5m for most of the last day of the auction - but there were a flurry of bids in the closing 15 minutes.

scottalanmiller

https://www.theregister.com/2021/07/01/ibm_email_disruption_sales/

travisdh1

@scottalanmiller said in Miscellaneous Tech News:

https://www.theregister.com/2021/07/01/ibm_email_disruption_sales/

From the little I know about IBM, they are the poster child for SNAFU, just happening in the public eye for once.

mlnews

OpenZFS 2.1 is out—let’s talk about its brand-new dRAID vdevs

dRAID vdevs resilver very quickly, using spare capacity rather than spare disks.
Friday afternoon, the OpenZFS project released version 2.1.0 of our perennial favorite "it's complicated but it's worth it" filesystem. The new release is compatible with FreeBSD 12.2-RELEASE and up, and Linux kernels 3.10-5.13. This release offers several general performance improvements, as well as a few entirely new features—mostly targeting enterprise and other extremely advanced use cases.

mlnews

Microsoft’s Windows 11 blue screen of death to become black

Microsoft’s so-called blue screen of death (BSoD) will turn black in the new Windows 11 operating system, according to those with access to a preview of the software.
The screen appears when users have a problem on their computer, often prompting a restart. A black background will replace blue, matching the logon and shutdown screens in the new system, the Verge reported. The BSoD allows IT professionals to diagnose hardware and memory issues.

scottalanmiller

https://arstechnica.com/gadgets/2021/07/a-deep-dive-into-openzfs-2-1s-new-distributed-raid-topology/

hobbit666

https://www.techradar.com/amp/news/hacker-obtains-data-on-thousands-of-vpn-users

DustinB3403

@mlnews said in Miscellaneous Tech News:

Microsoft’s Windows 11 blue screen of death to become black

Microsoft’s so-called blue screen of death (BSoD) will turn black in the new Windows 11 operating system, according to those with access to a preview of the software.
The screen appears when users have a problem on their computer, often prompting a restart. A black background will replace blue, matching the logon and shutdown screens in the new system, the Verge reported. The BSoD allows IT professionals to diagnose hardware and memory issues.

Because these are the game breaking developments that are wanted with a desktop operating system...

Obsolesce

@pete-s said in Miscellaneous Tech News:

@mlnews said in Miscellaneous Tech News:

Hackers exploited 0-day, not 2018 bug, to mass-wipe My Book Live devices

Western Digital removed code that would have prevented the wiping of petabytes of data.
Last week’s mass-wiping of Western Digital My Book Live storage devices involved the exploitation of not just one vulnerability but a second critical security bug that allowed hackers to remotely perform a factory reset without a password, an investigation shows. The vulnerability is remarkable because it made it trivial to wipe what is likely petabytes of user data. More notable still was that, according to the vulnerable code itself, a Western Digital developer actively removed code that required a valid user password before allowing factory resets to proceed.

That sucks. Like ransomware but without the hope...

And the same problem too - vulnerabilities don't care about your carefully planned zero trust architecture and short-lived tokens and what not.

That's why you don't use shitty tech and practices that's insanely vulnerable ransomware, and other risks like what happened in that article.

mlnews

Microsoft issues urgent security warning: Update your PC immediately

Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system.
The security flaw, known as PrintNightmare, affects the Windows Print Spooler service. Researchers at cybersecurity company Sangfor accidentally published a how-to guide for exploiting it. The researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it -- but not before it was published elsewhere online, including developer site GitHub.

EddieJennings

@mlnews said in Miscellaneous Tech News:

Microsoft issues urgent security warning: Update your PC immediately

Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system.
The security flaw, known as PrintNightmare, affects the Windows Print Spooler service. Researchers at cybersecurity company Sangfor accidentally published a how-to guide for exploiting it. The researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it -- but not before it was published elsewhere online, including developer site GitHub.

Have we not known since the beginning of time that printing is evil?

Dashrender

@mlnews said in Miscellaneous Tech News:

Microsoft issues urgent security warning: Update your PC immediately

Microsoft is urging Windows users to immediately install an update after security researchers found a serious vulnerability in the operating system.
The security flaw, known as PrintNightmare, affects the Windows Print Spooler service. Researchers at cybersecurity company Sangfor accidentally published a how-to guide for exploiting it. The researchers tweeted in late May that they had found vulnerabilities in Print Spooler, which allows multiple users to access a printer. They published a proof-of-concept online by mistake and subsequently deleted it -- but not before it was published elsewhere online, including developer site GitHub.

Didn't this information get released last week?

dbeato

@dashrender The update came out yesterday.