United Kingdom

Britain's Newest Warship Runs Windows XP, Raising Cyber Attack Fears (telegraph.co.uk) 284

Chrisq shares a report from The Telegraph: Fears have been raised that Britain's largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-board hardware and software "would have been good in 2004" when the carrier was designed, "but now seems rather antiquated." However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks.

Microsoft Bringing EMET Back As a Built-In Part of Windows 10 (arstechnica.com) 46

An anonymous reader quotes a report from Ars Technica: The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard. Microsoft's EMET, the Enhanced Mitigation Experience Toolkit, was a useful tool for hardening Windows systems. It used a range of techniques -- some built in to Windows, some part of EMET itself -- to make exploitable security flaws harder to reliably exploit. The idea being that, even if coding bugs should occur, turning those bugs into actual security issues should be made as difficult as possible. With Windows 10, however, EMET's development was essentially cancelled. But as more mitigation capabilities have been put into Windows, the need for a system for managing and controlling them has not gone away. Some of the mitigations introduce application compatibility issues -- a few even require applications to be deliberately written with the mitigation in mind -- which means that Windows does not simply turn on every mitigation for every application. It's here that Exploit Guard comes in.

New HyperThreading Flaw Affects Intel 6th And 7th Generation Skylake and Kaby Lake-Based Processors (hothardware.com) 134

MojoKid writes: A new flaw has been discovered that impacts Intel 6th and 7th Generation Skylake and Kaby Lake-based processors that support HyperThreading. The issue affects all OS types and is detailed by Intel errata documentation and points out that under complex micro-architectural conditions, short loops of less than 64 instructions that use AH, BH, CH or DH registers, as well as their corresponding wider register (e.g. RAX, EAX or AX for AH), may cause unpredictable system behavior, including crashes and potential data loss. The OCaml toolchain community first began investigating processors with these malfunctions back in January and found reports stemming back to at least the first half of 2016.

The OCaml team was able pinpoint the issue to Skylake's HyperThreading implementation and notified Intel. While Intel reportedly did not respond directly, it has issued some microcode fixes since then. That's not the end of the story, however, as the microcode fixes need to be implemented into BIOS/UEFI updates as well and it is not clear at this time if all major vendors have included these changes in their latest revisions.


Software Developer Explains Why The Ubuntu Phone Failed (itwire.com) 135

troublemaker_23 quotes ITWire: A developer who worked with the Ubuntu Phone project has outlined the reasons for its failure, painting a picture of confusion, poor communication and lack of technical and marketing foresight. Simon Raffeiner stopped working with the project in mid-2016, about 10 months before Canonical owner Mark Shuttleworth announced that development of the phone and the tablet were being stopped.
Raffeiner says, for example, that "despite so many bugs being present, developers were not concentrating on fixing them, but rather on adding support for more devices." But he says he doesn't regret the time he spent on the project -- though now he spends his free time "traveling the world, taking photographs and creating bad card games, bad comics and bad games."

"Please note that this post does not apply to the UBPorts project, which continues to work on the phone operating system, Unity 8 and other components."
Open Source

Linus Explains What Surprises Him After 25 Years Of Linux (linux.com) 178

Linus Torvalds appeared in a new "fireside chat" with VMware Head of Open Source Dirk Hohndel. An anonymous reader writes: Linus explained what still surprises him about Linux development. "Code that I thought was stable continually gets improved. There are things we haven't touched for many years, then someone comes along and improves them or makes bug reports in something I thought no one used. We have new hardware, new features that are developed, but after 25 years, we still have old, very basic things that people care about and still improve... Our processes have not only worked for 25 years, we still have a very strong maintainer group... And as these maintainers get older and fatter, we have new people coming in."

Linus also says he's surprised by the widespread popularity of Git. "I expected it to be limited mostly to the kernel -- as it's tailored to what we do... In certain circles, Git is more well known than Linux." And he also shares advice if you want to get started as an open source developer. "I'm not sure my example is the right thing for people to follow. There are a ton of open source projects and, if you are a beginning programmer, find something you're interested in that you can follow for more than just a few weeks... If you can be part of a community and set up patches, it's not just about the coding, but about the social aspect of open source. You make connections and improve yourself as a programmer."

Linus also says that "I really like what I'm doing. I like waking up and having a job that is technically interesting and challenging without being too stressful so I can do it for long stretches; something where I feel I am making a real difference and doing something meaningful not just for me."
Operating Systems

32TB of Windows 10 Internal Builds, Core Source Code Leak Online (theregister.co.uk) 201

According to an exclusive report via The Register, "a massive trove of Microsoft's internal Windows operating system builds and chunks of its core source code have leaked online." From the report: The data -- some 32TB of installation images and software blueprints that compress down to 8TB -- were uploaded to betaarchive.com, the latest load of files provided just earlier this week. It is believed the data has been exfiltrated from Microsoft's in-house systems since around March. The leaked code is Microsoft's Shared Source Kit: according to people who have seen its contents, it includes the source to the base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi stacks, its storage drivers, and ARM-specific OneCore kernel code. Anyone who has this information can scour it for security vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating system, at some of its most trusted levels. In addition to this, hundreds of top-secret builds of Windows 10 and Windows Server 2016, none of which have been released to the public, have been leaked along with copies of officially released versions.

WikiLeaks Doc Dump Reveals CIA Tools For Hacking Air-Gapped PCs (bleepingcomputer.com) 74

An anonymous reader writes: "WikiLeaks dumped today the manuals of several hacking utilities part of Brutal Kangaroo, a CIA malware toolkit for hacking into air-gapped (offline) networks using tainted USB thumb drives," reports Bleeping Computer. The CIA uses these tools as part of a very complex attack process, that allows CIA operatives to infect offline, air-gapped networks. The first stage of these attacks start with the infection of a "primary host," an internet-connected computer at a targeted company. Malware on this primary host automatically infects all USB thumb drives inserted into the machine. If this thumb drive is connected to computers on an air-gapped network, a second malware is planted on these devices. This malware is so advanced, that it can even create a network of hacked air-gapped PCs that talk to each other and exchange commands. To infect the air-gapped computers, the CIA malware uses LNK (shortcut) files placed on the USB thumb drive. Once the user opens and views the content of the thumb drive in Windows Explorer, his air-gapped PC is infected without any other interaction.

Samsung Begins Production For Its First Internet of Things-optimised Exynos Processor (zdnet.com) 50

An anonymous reader shares a report: Samsung Electronics has launched the Exynos i T200, its first processor optimised for Internet of Things (IoT) devices, the company has announced. The South Korean tech giant said the chip has upped security and supports wireless connections, with hopes of giving it an advantage in the expanding IoT market. The Exynos i T200 applies Samsung's 28-nanometer High-K Metal Gate process and has multiple cores, with the Cortex-R4 doing the heavy lifting and an independently operating Cortex-M0+ allowing for multifunctionality. For example, if applied to a refrigerator, Cotext-R4 will run the OS and Cotex-M0+ will power LED displays on the doors.

Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics (bleepingcomputer.com) 80

From a report: During the past month, both Google and Mozilla developers have added support in their respective browsers for "headless mode," a mechanism that allows browsers to run silently in the OS background and with no visible GUI. [...] While this feature sounds very useful for developers and very uninteresting for day-to-day users, it is excellent news for malware authors, and especially for the ones dabbling with adware. In the future, adware or clickfraud bots could boot-up Chrome or Firefox in headless mode (no visible GUI), load pages, and click on ads without the user's knowledge. The adware won't need to include or download any extra tools and could use locally installed software to perform most of its malicious actions. In the past, there have been quite a few adware families that used headless browsers to perform clickfraud. Martijn Grooten, an editor at Virus Bulletin, also pointed Bleeping Computer to a report where miscreants had abused PhantomJS, a headless browser, to post forum spam. The addition of headless mode in Chrome and Firefox will most likely provide adware devs with a new method of performing surreptitious ad clicks.

The Behind-the-Scenes Changes Found In MacOS High Sierra (arstechnica.com) 205

Apple officially announced macOS High Sierra at WWDC 2017 earlier this month. While the new OS doesn't feature a ton of user-visible improvements and is ultimately shaping up to be a low-key release, it does feature several behind-the-scenes changes that could help make it the most stable macOS update in years. Andrew Cunningham from Ars Technica has "browsed the dev docs and talked with Apple to get some more details of the update's foundational changes." Here are some excerpts from three key areas of the report: APFS
Like iOS 10.3, High Sierra will convert your boot drive to APFS when you first install it -- this will be true for all Macs that run High Sierra, regardless of whether they're equipped with an SSD, a spinning HDD, or a Fusion Drive setup. In the current beta installer, you're given an option to uncheck the APFS box (checked by default) before you start the install process, though that doesn't necessarily guarantee that it will survive in the final version. It's also not clear at this point if there are edge cases -- third-party SSDs, for instance -- that won't automatically be converted. But assuming that most people stick with the defaults and that most people don't crack their Macs open, most Mac users who do the upgrade are going to get the new filesystem.

All High Sierra Macs will pick up support for HEVC, but only very recent models will support any kind of hardware acceleration. This is important because playing HEVC streams, especially at high resolutions and bitrates, is a pretty hardware-intensive operation. HEVC playback can consume most of a CPU's processor cycles, and especially on slower dual-core laptop processors, smooth playback may be impossible altogether. Dedicated HEVC encode and decode blocks in CPUs and GPUs can handle the heavy lifting more efficiently, freeing up your CPU and greatly reducing power consumption, but HEVC's newness means that dedicated hardware isn't especially prevalent yet.

Metal 2
While both macOS and iOS still nominally support open, third-party APIs like OpenGL and OpenCL, it's clear that the company sees Metal as the way forward for graphics and GPU compute on its platforms. Apple's OpenGL support in macOS and iOS hasn't changed at all in years, and there are absolutely no signs that Apple plans to support Vulkan. But the API will enable some improvements for end users, too. People with newer GPUs should expect to benefit from some performance improvements, not just in games but in macOS itself; Apple says the entire WindowServer is now using Metal, which should improve the fluidity and consistency of transitions and animations within macOS; this can be a problem on Macs when you're pushing multiple monitors or using higher Retina scaling modes on, especially if you're using integrated graphics. Metal 2 is also the go-to API for supporting VR on macOS, something Apple is pushing in a big way with its newer iMacs and its native support for external Thunderbolt 3 GPU enclosures. Apple says that every device that supports Metal should support at least some of Metal 2's new features, but the implication there is that some older GPUs won't be able to do everything the newer ones can do.


Microsoft Now Lets Surface Laptop Owners Revert Back To Windows 10 S (mspoweruser.com) 81

Microsoft is kind enough to offer Surface Laptop users the option to upgrade to Windows 10 Pro for free until later this year if they don't like Windows 10 S, which is installed by default and is only able to run apps or games that are in the Windows Store. The company is taking that generosity one step further by letting users revert back to Windows 10 S if they installed Windows 10 Pro and aren't happy with the performance and battery life. The option to revert back to the default OS wasn't available until now. MSPoweruser reports: Microsoft recently released the official recovery image for the Surface Laptop which will technically let you go back to Windows 10 S on your device but you'll be required to remove all of your files which is a bit frustrating. The recovery image wasn't available a few days after the Surface Laptop started shipping, but it is now available and you can download it to effectively reset your Surface Laptop. The recovery image is 9GB, so make sure you have a good internet connection before downloading the file. It is quite interesting how Microsoft isn't letting users go back to Windows 10 S from Windows 10 Pro without having to completely reset their devices, as the company would want more users to use its new version of Windows 10 for many reasons. Maybe this is something Microsoft will be adding in the future, but for now, we'll just have to do with the recovery image. If you own a Surface Laptop, you can find the recovery image here.

'The Unwillingness To Foresee The Future' (stratechery.com) 193

An anonymous reader shares a few excerpts from Ben Thompson's analysis: Back in 2006, when the iPhone was a mere rumor, Palm CEO Ed Colligan was asked if he was worried: "We've learned and struggled for a few years here figuring out how to make a decent phone," he said. "PC guys are not going to just figure this out. They're not going to just walk in." What if Steve Jobs' company did bring an iPod phone to market? Well, it would probably use WiFi technology and could be distributed through the Apple stores and not the carriers like Verizon or Cingular, Colligan theorized." I was reminded of this quote after Amazon announced an agreement to buy Whole Foods for $13.7 billion; after all, it was only two years ago that Whole Foods founder and CEO John Mackey predicted that groceries would be Amazon's Waterloo. And while Colligan's prediction was far worse -- Apple simply left Palm in the dust, unable to compete -- it is Mackey who has to call Amazon founder and CEO Jeff Bezos, the Napoleon of this little morality play, boss. The similarities go deeper, though: both Colligan and Mackey made the same analytical mistakes: they mis-understood their opponents' goals, strategies, and tactics.

Community Ports 'Visual Studio Code' To Chromebooks, Raspberry Pi (infoworld.com) 79

An anonymous reader quotes InfoWorld: A community build project led by developer Jay Rodgers is making Visual Studio Code, Microsoft's lightweight source code editor, available for Chromebooks, Raspberry Pi boards, and other devices based on 32-bit or 64-bit ARM processors. Supporting Linux and Chrome OS as well as the DEB (Debian) and RPM package formats, the automated builds of Visual Studio Code are intended for less-common platforms that might not otherwise receive them. Obvious beneficiaries will be IoT developers focused on ARM devices -- and the Raspberry Pi in particular -- who will find it helpful to have the editor directly on the device they're programming against... Rodgers said the lure of Visual Studio Code for him was its user-friendly interface, making it approachable for new users.

Microsoft Will Disable WannaCry Attack Vector SMBv1 Starting This Fall (bleepingcomputer.com) 73

An anonymous reader writes: Starting this fall, with the public launch of the next major Windows 10 update — codenamed Redstone 3 -- Microsoft plans to disable SMBv1 in most versions of the Windows operating systems. SMBv1 is a three-decades-old file sharing protocol that Microsoft has continued to ship "enabled by default" with all Windows OS versions.

The protocol got a lot of attention recently as it was the main infection vector for the WannaCry ransomware. Microsoft officially confirmed Tuesday that it will not ship SMBv1 with the Fall Creators Update. This change will affect only users performing clean installs, and will not be shipped as an update. This means Microsoft decision will not affect existing Windows installations, where SMBv1 might be part of a critical system.


Amazon Granted a Patent That Prevents In-Store Shoppers From Online Price Checking (theverge.com) 465

An anonymous reader quotes a report from The Verge: Amazon's long been a go-to for people to online price compare while shopping at brick-and-mortars. Now, a new patent granted to the company could prevent people from doing just that inside Amazon's own stores. The patent, titled "Physical Store Online Shopping Control," details a mechanism where a retailer can intercept network requests like URLs and search terms that happen on its in-store Wi-Fi, then act upon them in various ways. The document details in great length how a retailer like Amazon would use this information to its benefit. If, for example, the retailer sees you're trying to access a competitor's website to price check an item, it could compare the requested content to what's offered in-store and then send price comparison information or a coupon to your browser instead. Or it could suggest a complementary item, or even block content outright. Amazon's patent also lets the retailer know your physical whereabouts, saying, "the location may be triangulated utilizing information received from a multitude of wireless access points." The retailer can then use this information to try and upsell you on items in your immediate area or direct a sales representative to your location.

Green Party Leaders Don't Want Windows In Munich (techrepublic.com) 139

Reader sqorbit writes: Munich spent a lot of time (9 years) and a lot of money in shifting some 15,000 staff to a Linux-based OS. The plan now is to move to Windows 10 by 2021. Munich's Green Party is citing the WannaCry virus as a valid reason not to switch to Windows. "As with many of the biggest attacks, the computers that were mainly hit were running the Windows operating system," the Green Party said in a statement.
Desktops (Apple)

Apple Mac Computers Are Being Targeted By Ransomware, Spyware (bbc.com) 54

If you are a Mac user, you should be aware of new variants of malware that have been created specifically to target Apple computers; one is ransomware and the other is spyware. "The two programs were uncovered by the security firms Fortinet and AlienVault, which found a portal on the Tor 'dark web' network that acted as a shopfront for both," reports BBC. "In a blog post, Fortinet said the site claimed that the creators behind it were professional software engineers with 'extensive experience' of creating working code." From the report: Those wishing to use either of the programs had been urged to get in touch and provide details of how they wanted the malware to be set up. The malware's creators had said that payments made by ransomware victims would be split between themselves and their customers. Researchers at Fortinet contacted the ransomware writers pretending they were interested in using the product and, soon afterwards, were sent a sample of the malware. Analysis revealed that it used much less sophisticated encryption than the many variants seen targeting Windows machines, said the firm. However, they added, any files scrambled with the ransomware would be completely lost because it did a very poor job of handling the decryption keys needed to restore data. The free Macspy spyware, offered via the same site, can log which keys are pressed, take screenshots and tap into a machine's microphone. In its analysis, AlienVault researcher Peter Ewane said the malicious code in the spyware tried hard to evade many of the standard ways security programs spot and stop such programs.

Chess.com Has Stopped Working On 32bit iPads After the Site Hit 2^31 Game Sessions (chess.com) 271

Apple's decision to go all in on 64bit-capable devices, OS and apps has caused some trouble for Chess.com, a popular online website where people go to play chess. Users with a 32bit iPad are unable to play games on the website, according to numerous complaints posted over the weekend and on Monday. Erik, the CEO of Chess.com said in a statement, "Thanks for noticing. Obviously this is embarrassing and I'm sorry about it. As a non-developer I can't really explain how or why this happened, but I can say that we do our best and are sorry when that falls short." Hours later, he had an explanation: The reason that some iOS devices are unable to connect to live chess games is because of a limit in 32bit devices which cannot handle gameIDs above 2,147,483,647. So, literally, once we hit more than 2 billion games, older iOS devices fail to interpret that number! This was obviously an unforeseen bug that was nearly impossible to anticipate and we apologize for the frustration. We are currently working on a fix and should have it resolved within 48 hours.

Docker's LinuxKit Launches Kernel Security Efforts, Including Next-Generation VPN (eweek.com) 44

darthcamaro writes: Back in April, when Docker announced its LinuxKit effort, the primary focus appeared to just be [tools for] building a container-optimized Linux distribution. As it turns out, security is also a core focus -- with LinuxKit now incubating multiple efforts to help boost Linux kernel security. Among those efforts is the Wireguard next generation VPN that could one day replace IPsec. "Wireguard is a new VPN for Linux using the cryptography that is behind some of the really good secure messaging apps like Signal," said Nathan McCauley, Director of Security at Docker Inc.
According to the article, Docker also has several full-time employees looking at ways to reduce the risk of memory corruption in the kernel, and is also developing a new Linux Security Module with more flexible access control policies for processes.
Data Storage

Why Does Microsoft Still Offer a 32-bit OS? (backblaze.com) 367

Brian Wilson, a founder of cloud storage service BackBlaze, writes in a blog post: Moving over to a 64-bit OS allows your laptop to run BOTH the old compatible 32-bit processes and also the new 64-bit processes. In other words, there is zero downside (and there are gigantic upsides). Because there is zero downside, the first time it could, Apple shipped with 64-bit OS support. Apple did not give customers the option of "turning off all 64-bit programs." Apple first shipped 64-bit support in OS X 10.6 Snow Leopard in 2009. This was so successful that Apple shipped all future Operating Systems configured to support both 64-bit and 32-bit processes. All of them. But let's contrast the Apple approach with that of Microsoft. Microsoft offers a 64-bit OS in Windows 10 that runs all 64-bit and all 32-bit programs. This is a valid choice of an Operating System. The problem is Microsoft ALSO gives customers the option to install 32-bit Windows 10 which will not run 64-bit programs. That's crazy. Another advantage of the 64-bit version of Windows is security. There are a variety of security features such as ASLR (Address Space Layout Randomization) that work best in 64-bits. The 32-bit version is inherently less secure. By choosing 32-bit Windows 10 a customer is literally choosing a lower performance, LOWER SECURITY, Operating System that is artificially hobbled to not run all software. My problem is this: Backblaze, like any good technology vendor, wants to be easy to use and friendly. In this case, that means we need to quietly, invisibly, continue to support BOTH the 32-bit and the 64-bit versions of every Microsoft OS they release. And we'll probably need to do this for at least 5 years AFTER Microsoft officially retires the 32-bit only version of their operating system.

Slashdot Top Deals