Last week we wrote about a lawsuit against Western Digital that alleged that the firm's solid state drive didn't live up to its marketing promises. More lawsuits have been filed against the company since. ArsTechnica: On Thursday, two more lawsuits were filed against Western Digital over its SanDisk Extreme series and My Passport portable SSDs. That brings the number of class-action complaints filed against Western Digital to three in two days. In May, Ars Technica reported about customer complaints that claimed SanDisk Extreme SSDs were abruptly wiping data and becoming unmountable. Ars senior editor Lee Hutchinson also experienced this problem with two Extreme SSDs. Western Digital, which owns SanDisk, released a firmware update in late May, saying that currently shipping products weren't impacted. But the company didn't mention customer complaints of lost data, only that drives could "unexpectedly disconnect from a computer."

Further, last week The Verge claimed a replacement drive it received after the firmware update still wiped its data and became unreadable, and there are some complaints on Reddit pointing to recent problems with Extreme drives. All three cases filed against Western Digital this week seek class-action certification (Ars was told it can take years for a judge to officially state certification and that cases may proceed with class-wide resolutions possibly occurring before official certification). Ian Sloss, one of the lawyers representing Matthew Perrin and Brian Bayerl in a complaint filed yesterday, told Ars he doesn't believe class-action certification will be a major barrier in a case "where there is a common defect in the firmware that is consistent in all devices." He added that defect cases are "ripe for class treatment."

Western Digital was sued on Tuesday on behalf of a California resident who claims the solid state drive he bought from the manufacturer was defective and that the storage slinger shipped kit that didn't live up to its marketing promises. The Register reports: The complaint [PDF], filed in federal court in San Jose, California, where the storage giant is based, alleges the Western Digital SanDisk 2TB Extreme Pro SSD purchased by plaintiff Nathan Krum in May for $180 failed because of an undisclosed flaw, which also affects SanDisk Extreme Pro, Extreme Portable, Extreme Pro Portable, and WD My Passport SSD models since January 2023, it's claimed. The complaint [PDF], filed in federal court in San Jose, California, where the storage giant is based, alleges the Western Digital SanDisk 2TB Extreme Pro SSD purchased by plaintiff Nathan Krum in May for $180 failed because of an undisclosed flaw, which also affects SanDisk Extreme Pro, Extreme Portable, Extreme Pro Portable, and WD My Passport SSD models since January 2023, it's claimed.

The complaint asserts Western Digital customers "have widely reported drive failures and data loss." Krum, in his filing, believes Western Digital is aware of the problem and not doing enough about it. "The SanDisk Extreme Pro SSD hard drives, which are also sold under the WD My Passport brand, have a firmware issue that causes them to disconnect or become unreadable by computers," he claimed, adding that his drive was among those that stopped working as expected.

It is alleged the drives can break down in various ways, including randomly disconnecting from their host, which could result in information not being saved correctly or file-system corruption. In any case, people find they can no longer access their stored documents, making the SSDs worthless and useless, it is claimed. [...] Chris Cantrell, an attorney at Doyle Lowther LLP who is representing the plaintiffs, told The Register it's not yet clear how many SanDisk SSDs experienced data loss though there are more than a few people who share his client's experience. "While Western Digital appears to have attempted to fix the issue with a firmware update, it does not appear to have fixed the issue," Cantrell added. "This is what prompted us to file this lawsuit on behalf of affected SanDisk SSD purchasers. We anticipate adding additional named plaintiffs from other states over the next few weeks." The complaint alleges breach of contract, violation of consumer protection law, and misleading advertising, among other claims, and seeks damages, legal costs, and other relief.

SanDisk's silence this week has been deafening. Its portable SSDs are being lambasted as users and tech publications call for them to be pulled. From a report: The recent scrutiny of the drives follows problems from this spring when users, including an Ars Technica staff member, saw Extreme-series portable SSDs wipe data and become unmountable. A firmware update was supposed to fix things, but new complaints dispute its effectiveness. SanDisk has stayed mum on recent complaints and hasn't explained what caused the problems.

In May, Ars Technica reported on SanDisk Extreme V2 and Extreme Pro V2 SSDs wiping data before often becoming unreadable to the user's system. At least four months of complaints had piled up by then, including on SanDisk's forums and all over Reddit. Even Ars' Lee Hutchinson fell victim to the faulty drives. Two whole Extreme Pros died on him. Both times they filled about 50 percent and then showed a bunch of read and write errors. Upon disconnecting and reconnecting, the drive was unformatted and wiped, and he could not fix either drive by wiping and reformatting. When Ars reached out to SanDisk about the problem in May, it didn't answer most of our questions about why these problems happened (and, oddly, excluded certain models we saw affected when naming which models were affected).

Libreboot is a distribution of coreboot "aimed at replacing the proprietary BIOS firmware contained by most computers," according to Wikipedia. It was briefly part of the GNU project, until maintainer Leah Rowe and the GNU project agreed to part ways in 2017.

But here in 2023, the GNU project has created a fork of Libreboot named GNU Boot... The GNU Boot fork "currently does not have a website and does not have any releases of its own," points out Libreboot's Leah Rowe, adding "My intent is to help them, and they are free — encouraged — to re-use my work... " But things have gotten messy, writes Rowe: They forked Libreboot, due to disagreement with Libreboot's Binary Blob Reduction Policy. This is a pragmatic policy, enacted in November 2022, to increase the number of coreboot users by increasing the amount of hardware supported in Libreboot... I wish GNU Boot all the best success. Truly. Although I think their project is entirely misguided (for reasons explained by modern Libreboot policy), I do think there is value in it. It provides continuity for those who wish to use something resembling the old Libreboot project...

When GNU Boot first launched, as a failed hostile fork of Libreboot under the same name, I observed: their code repository was based on Libreboot from late 2022, and their website based on Libreboot in late 2021. Their same-named Libreboot site was announced during LibrePlanet 2023... [N]ow they are calling themselves GNU Boot, and it is indeed GNU, but it still has the same problem as of today: still based on very old Libreboot, and they don't even have a website. According to [the FSF's Savannah software repository], GNU Boot was created on 11 June 2023. Yet no real development, in over a month since then...

I've decided that I want to help them... I decided recently that I'd simply make a release for them, exactly to their specifications (GNU Free System Distribution Guidelines), talking favourably about FSF/GNU, and so on. I'm in a position to do it (thus scratching the itch), so why not? I did this release for them — it's designated non-GeNUine Boot 20230717, and I encourage them to re-use this in their project, to get off the ground. This completely leapfrogs their current development; it's months ahead. Months. It's 8 months ahead, since their current revision is based upon Libreboot from around ~October 2022...

The GNU Boot people actually sent me a cease and desist email, citing trademark infringement. Amazing...

I complied with their polite request and have renamed the project to non-GeNUine Boot. The release archive was re-compiled, under this new brand name and the website was re-written accordingly. Personally, I like the new name better.

Monday a researcher with Google Information Security posted about a new vulnerability he independently found in AMD's Zen 2 processors. Tom's Hardware reports: The 'Zenbleed' vulnerability spans the entire Zen 2 product stack, including AMD's EPYC data center processors and the Ryzen 3000/4000/5000 CPUs, allowing the theft of protected information from the CPU, such as encryption keys and user logins. The attack does not require physical access to the computer or server and can even be executed via JavaScript on a webpage...

AMD added the AMD-SB-7008 Bulletin several hours later. AMD has patches ready for its EPYC 7002 'Rome' processors now, but it will not patch its consumer Zen 2 Ryzen 3000, 4000, and some 5000-series chips until November and December of this year... AMD hasn't given specific details of any performance impacts but did issue the following statement to Tom's Hardware: "Any performance impact will vary depending on workload and system configuration. AMD is not aware of any known exploit of the described vulnerability outside the research environment..."

AMD describes the exploit much more simply, saying, "Under specific microarchitectural circumstances, a register in "Zen 2" CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information."
The article includes a list of the impacted processors with a schedule for the release of the updated firmware to OEMs.

The Google Information Security researcher who discovered the bug is sharing research on different CPU behaviors, and says the bug can be patched through software on multiple operating systems (e.g., "you can set the chicken bit DE_CFG[9]") — but this might result in a performance penalty.

Thanks to long-time Slashdot reader waspleg for sharing the news.

Oxide Computer Company spent four years working toward "The power of the cloud in your data center... bringing hyperscaler agility to the mainstream enterprise." And on June 30, Oxide finally shipped its very first server rack.

Long-time Slashdot reader destinyland shares this report: It's the culmination of years of work — to fulfill a long-standing dream. In December of 2019, Oxide co-founder Jess Frazelle had written a blog post remembering conversations over the year with people who'd been running their own workloads on-premises... "Hyperscalers like Facebook, Google, and Microsoft have what I like to call 'infrastructure privilege' since they long ago decided they could build their own hardware and software to fulfill their needs better than commodity vendors. We are working to bring that same infrastructure privilege to everyone else!"

Frazelle had seen a chance to make an impact with "better integration between the hardware and software stacks, better power distribution, and better density. It's even better for the environment due to the energy consumption wins."
Oxide CTO Bryan Cantrill sees real problems in the proprietary firmware that sits between hardware and system software — so Oxide's server eliminates the BIOS and UEFI altogether, and replaces the hardware-managing baseboard management controller (or BMC) with "a proper service processor." They even wrote their own custom, all-Rust operating system (named Hubris). On the Software Engineering Daily podcast, Cantrill says "These things boot like a rocket."

And it's all open source. "Everything we do is out there for people to see and understand..." Cantrill added. On the Changelog podcast Cantrill assessed its significance. "I don't necessarily view it as a revolution in its own right, so much as it is bringing the open source revolution to firmware."

Oxide's early funders include 92-year-old Pierre Lamond (who hired Andy Grove at Fairchild Semiconductor) — and customers who supported their vision. On Software Engineering Daily's podcast Cantrill points out that "If you're going to use a lot of compute, you actually don't want to rent it — you want to own it."

Researchers have warned that leaked information from a ransomware attack on hardware-maker Gigabyte two years ago may contain critical zero-day vulnerabilities that pose a significant risk to the computing world. The vulnerabilities were found in firmware made by AMI for BMCs (baseboard management controllers), which are small computers integrated into server motherboards allowing remote management of multiple computers. These vulnerabilities, which can be exploited by local or remote attackers with access to Redfish remote management interfaces, could lead to unauthorized access, remote code execution, and potential physical damage to servers. Ars Technica reports: Until the vulnerabilities are patched using an update AMI published on Thursday, they provide a means for malicious hackers -- both financially motivated or nation-state sponsored -- to gain superuser status inside some of the most sensitive cloud environments in the world. From there, the attackers could install ransomware and espionage malware that runs at some of the lowest levels inside infected machines. Successful attackers could also cause physical damage to servers or indefinite reboot loops that a victim organization can't interrupt. Eclypsium warned such events could lead to "lights out forever" scenarios.

The researchers went on to note that if they could locate the vulnerabilities and write exploits after analyzing the publicly available source code, there's nothing stopping malicious actors from doing the same. And even without access to the source code, the vulnerabilities could still be identified by decompiling BMC firmware images. There's no indication malicious parties have done so, but there's also no way to know they haven't. The researchers privately notified AMI of the vulnerabilities, and the company created firmware patches, which are available to customers through a restricted support page. AMI has also published an advisory here.

In late 2021, VanMoof claimed to be "the most funded e-bike company in the world" after raising a total of $182 million in the two years prior -- a figure that would later surpass $200 million. Now, according to multiple sources spoken to by TechCrunch, the Dutch e-bike company's strategy and momentum "appear to have steered dangerously off course." From the report: Our sources tell us that VanMoof is working on securing a bridge round that will help it stay afloat. Sources also claim that senior staff, including the CEO and a co-founder, as well as the president (who is also an investor) have left executive roles in the business. The company has refused to provide any on-the-record comment on its status until later this week. But the facts are plain: The company has, as of June 29 and by its own admission, stopped taking orders. VanMoof also filed paperwork, revealed in January, of its need to raise money to stave off bankruptcy.

Customers, annoyed with the pauses and other delays in servicing existing bikes on the road, have turned to social media like Reddit and Twitter to air their complaints and debate whether the company is going bust or not. The first recent, visible cracks in the company appeared in late June when potential customers discovered its online ordering system was no longer working. [...] The story changed again a few days later. In response to TechCrunch's questions about the ordering system, a spokesperson said that the pause was actually intentional (a feature not a bug!). Despite the summer period being the peak season for the cycling market, a VanMoof spokesperson claimed it would be pausing orders to catch up on production and delivery. The company didn't answer any of TechCrunch's multiple questions about why VanMoof was behind on orders (supply chain issues? lacking funds?), what the company's current capacity was, how many orders were outstanding, or when VanMoof hoped to begin sales again. As of the time of publication, the sales pause was going on 12 days.

Despite the pause and the other details, VanMoof had been sending out communications that imply it's business-as-usual at the e-bike company. On June 27 it announced that KwikFit NL, the car maintenance chain, would be a new service partner. The day before that it issued a firmware update and a video was posted of a panel that co-founder Taco Carlier participated in. But there have been a number of warning signs in plain sight for months that tell a different story. [...]

The company behind Flipper Zero expects $80 million in sales this year, which ZDNet estimates at around 500,000 unit sales.

In its Kickstarter days the company sold almost $5 million as preorders, remembers TechCrunch, and the company claims it sold $25 million worth of the devices last year: So what are they selling? Flipper Zero is a "portable gamified multi-tool" aimed at everyone with an interest in cybersecurity, whether as a penetration tester, curious nerd or student — or with more nefarious purposes. The tool includes a bunch of ways to manipulate the world around you, including wireless devices (think garage openers), RFID card systems, remote keyless systems, key fobs, entry to barriers, etc. Basically, you can program it to emulate a bunch of different lock systems.

The system really works, too — I'm not much of a hacker, but I've been able to open garages, activate elevators and open other locking systems that should be way beyond my hacking skill level. On the one hand, it's an interesting toy to experiment with, which highlights how insecure much of the world around us actually is. On the other hand, I'm curious if it's a great idea to have 300,000+ hacking devices out in the wild that make it easy to capture car key signals and gate openers and then use them to open said apertures.
The company points out that their firmware is open source, and can be inspected by anyone.

ZDNet calls it "incredibly user-friendly" and "a fantastic educational tool and a stepping stone to get people — young and old — into cybersecurity," with "a very active community of users that are constantly finding new things to do with it". (Even third-party operating systems are available).

"Instead of looking like some scary hacking tool, all black and bristling with antennas, it looks like a kid's toy, all plastic and brightly colored," writes ZDNet. "It reminds me of Tamagotchis..."

Thanks to Slashdot reader ZipNada for suggesting the article.

ASUS has released new firmware for several router models to address security vulnerabilities, including critical ones like CVE-2022-26376 and CVE-2018-1160, which can lead to denial-of-service attacks and code execution. The company advises customers to update their devices immediately or restrict WAN access until the devices are secured, urging them to create strong passwords and follow security measures. BleepingComputer reports: The first is a critical memory corruption weakness in the Asuswrt firmware for Asus routers that could let attackers trigger denial-of-services states or gain code execution. The other critical patch is for an almost five-year-old CVE-2018-1160 bug caused by an out-of-bounds write Netatalk weakness that can also be exploited to gain arbitrary code execution on unpatched devices.

"Please note, if you choose not to install this new firmware version, we strongly recommend disabling services accessible from the WAN side to avoid potential unwanted intrusions. These services include remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port trigger," ASUS warned in a security advisory published today. "We strongly encourage you to periodically audit both your equipment and your security procedures, as this will ensure that you will be better protected."

The list of impacted devices includes the following models: GT6, GT-AXE16000, GT-AX11000 PRO, GT-AX6000, GT-AX11000, GS-AX5400, GS-AX3000, XT9, XT8, XT8 V2, RT-AX86U PRO, RT-AX86U, RT-AX86S, RT-AX82U, RT-AX58U, RT-AX3000, TUF-AX6000, and TUF-AX5400.

Linux computer vendor System76 shared some news in a recent blog post. "We prefer to disable the Intel Management Engine wherever possible to reduce the amount of closed firmware running on System76 hardware. We've resolved a coreboot bug that allows the Intel ME (Management Engine) to once again be disabled."

Phoronix reports that the move will "benefit their latest Intel Core 13th Gen 'Raptor Lake' wares as well as prior generation devices." Intel ME is disabled for their latest Raptor lake laptops and most older platforms with some exceptions like where having a silicon issue with Tiger Lake. System76 has also added a new firmware setup menu option for enabling/disabling UEFI Secure Boot. The motivation here with making it easier to toggle Secure Boot is for allowing Windows 11 support with SB active while running System76 Open Firmware.

Linux Foundation Europe "has announced the RISC-V Software Ecosystem (RISE) Project to help facilitate more performant, commercial-ready software for the RISC-V processor architecture," reports Phoronix.

"Among the companies joining the RISE Project on their governing board are Andes, Google, Intel, Imagination Technologies, Mediatek, NVIDIA, Qualcomm, Red Hat, Rivos, Samsung, SiFive, T-Head, and Ventana."

It's top goal is "accelerate the development of open source software for RISC-V," according to the official RISE web site. The project's chair says it "brings together leaders with a shared sense of urgency to accelerate the RISC-V software ecosystem readiness in collaboration with RISC-V International." The CEO of RISC-V International, Calista Redmond, said "We are grateful to the thousands of engineers making upstream contributions and to the organizations coming together now to invest in tools and libraries in support of the RISC-V software ecosystem." RISE Project members will contribute financially and provide engineering talent to address specific software deliverables prioritized by the RISE Technical Steering Committee (TSC). RISE is dedicated to enabling a robust software ecosystem specifically for application processors that includes software development tools, virtualization support, language runtimes, Linux distribution integration, and system firmware, working upstream first with existing open source communities in accordance with open source best practices.

"The RISE Project is dedicated to enabling RISC-V in open source tools and libraries (e.g., LLVM, GCC, etc) to speed implementation and time-to-market," said Gabriele Columbro, General Manager of Linux Foundation Europe.
Google's director of engineering on Android said Google was "excited to partner with industry leaders to drive rapid maturity of the RISC-V software ecosystem in support of Android and more."

And the VP of system software at NVIDIA said "NVIDIA's accelerated computing platform — which includes GPUs, DPUs, chiplets, interconnects and software — will support the RISC-V open standard to help drive breakthroughs in data centers, and a wide range of industries, such as automotive, healthcare and robotics."

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs -- a feature ripe for abuse, researchers say. From a report: Hiding malicious programs in a computer's UEFI firmware, the deep-seated code that tells a PC how to load its operating system, has become an insidious trick in the toolkit of stealthy hackers. But when a motherboard manufacturer installs its own hidden backdoor in the firmware of millions of computers -- and doesn't even put a proper lock on that hidden back entrance -- they're practically doing hackers' work for them. Researchers at firmware-focused cybersecurity company Eclypsium revealed today that they've discovered a hidden mechanism in the firmware of motherboards sold by the Taiwanese manufacturer Gigabyte, whose components are commonly used in gaming PCs and other high-performance computers. Whenever a computer with the affected Gigabyte motherboard restarts, Eclypsium found, code within the motherboard's firmware invisibly initiates an updater program that runs on the computer and in turn downloads and executes another piece of software.

While Eclypsium says the hidden code is meant to be an innocuous tool to keep the motherboard's firmware updated, researchers found that it's implemented insecurely, potentially allowing the mechanism to be hijacked and used to install malware instead of Gigabyte's intended program. And because the updater program is triggered from the computer's firmware, outside its operating system, it's tough for users to remove or even discover. "If you have one of these machines, you have to worry about the fact that it's basically grabbing something from the internet and running it without you being involved, and hasn't done any of this securely," says John Loucaides, who leads strategy and research at Eclypsium. "The concept of going underneath the end user and taking over their machine doesn't sit well with most people."

Rest now, little Chromecast. Google has announced the decade-old Chromecast 1 is finally hitting end of life. From a report: A message on Google's Chromecast firmware support page announced the wind-down of support, saying, "Support for Chromecast (1st gen) has ended, which means these devices no longer receive software or security updates, and Google does not provide technical support for them. Users may notice a degradation in performance." The 1st-gen Chromecast launched in 2013 for $35.

The original Chromecast was wildly successful and sold 10 million units in 2014 alone. For years, the device was mentioned in Google earnings calls as the highlight of the company's hardware efforts, and it was essentially the company's first successful piece of hardware. The Chromecast made it easy to beam Internet videos to your TV at a time when that was otherwise pretty complicated.

An anonymous reader quotes a report from Ars Technica: HP printers have received a lot of flak historically and recently for invasive firmware updates that end up preventing customers from using ink with their printers. HP also encourages printer customers to sign up for HP+, a program that includes a free ink-subscription trial and irremovable firmware that allows HP to brick the ink when it sees fit. Despite this, HP markets dozens of its printers with Dynamic Security and the optional HP+ feature as being in the Electronic Product Environmental Assessment Tool (EPEAT) registry, suggesting that these printers are built with the environment in mind and, more specifically, do not block third-party ink cartridges. Considering Dynamic Security and HP+ printers do exactly that, the International Imaging Technology Council (IITC) wants the General Electronics Council (GEC), which is in charge of the EPEAT registry, to revoke at least 101 HP printer models from the EPEAT registry, which HP has "made a mockery of."

For a printer to make the EPEAT registry, it's supposed to comply with the EPEAT Imaging Equipment Category Criteria, which is based on the 1680.2-2012 IEEE Standard for Environmental Assessment of Imaging Equipment (PDF). The IITC is hung up on section 4.9.2.1, which requires that registered products do not "prevent the use of nonmanufacturer cartridges and non-manufacturer containers" and that vendors provide documentation showing that the device isn't "designed to prevent the use of a non-manufacturer cartridge or non-manufacturer container." Well, as the IITC and consumers who found their inked bricked mid-print will tell you, that sounds an awful lot like what HP does with its Dynamic Security printers.

Diving deeper, the IITC's complaint claims that "in the last 8 weeks alone, HP has released 4 killer firmware updates targeting dozens of EPEAT-registered inkjet printers." "At least one of these recent updates specifically targeted a single producer of remanufactured cartridges while not having any impact on non-remanufactured third-party cartridges using functionally identical non-HP chips," the complaint reads. The trade group also claimed at least 26 "killer firmware updates" occurred on EPEAT-registered HP laser printers since October 2020. The complaint argues that the error message that users see -- "The indicated cartridges have been blocked by the printer firmware because they contain non-HP chips. This printer is intended to work only with new or reused cartridges that have a new or reused HP chip. Replace the indicated cartridges to continue printing" -- go against EPEAT requirements, yet HP markets dozens of Dynamic Security printers with EPEAT ecolabels. "The nonprofit trade association was founded in 2000 and says it represents 'toner and inkjet cartridge remanufacturers, component suppliers, and cartridge collectors in North America,'" notes Ars. "So its members stand to lose a lot of money from tactics like Dynamic Security. The IITC already filed a complaint to the GEC about HP in 2019 for firmware blocking non-HP ink, but there didn't seem to be any noticeable results."

"The group is biased regarding this topic, but its complaint still mirrors many problems and concerns that consumers and class-action lawsuits have detailed regarding HP printers' exclusive stance on ink. You can find the full complaint here."

An anonymous reader shares a report: Amazon's No. 1 bestselling printer is the HP Deskjet 2755e. It's not hard to see why. For just $85, you get a wireless color printer, scanner, and six months of free ink. It also comes with HP Plus, one of the most dastardly schemes Big Inkjet has ever unleashed. I'm not talking about how printers quietly waste their own ink, or pretend cartridges are empty when they're not, or lock out official cartridges from other regions. Heck, I'm not even talking about "Dynamic Security," the delightful feature where new HP firmware updates secretly contain malware that blocks batches of third-party cartridges while pretending to harden your printhead against hacks. No, the genius of HP's latest scheme is that it's hiding in plain sight, daring you to unwittingly sign away your rights. Take the free ink, and HP controls your printer for life.

First introduced in 2020 at the height of the pandemic, HP Plus was built around FOMO right from the start. You get just seven days to claim your free ink, starting the moment you plug a new printer into the wall. Act now, and it'll also extend your warranty a full year, give you an "Advanced HP Smart app," and plant trees on your behalf. Because why wouldn't you want to save the forest? Here's one reason, as detailed in a new complaint by the International Imaging Technology Council (IITC) that might turn into a false advertising fight: HP Plus comes with a firmware update that utterly removes your printer's ability to accept third-party ink. You have to buy "genuine" HP ink as long as you use the printer.

According to Ars Technica, some SanDisk Extreme SSDs are wiping people's data. While SanDisk told Ars that a firmware fix is coming "soon," owners with 2TB drives are out of luck. From the report: An Ars reader tipped us (thanks!) to online discussions filled with panicked and disappointed users detailing experiences with recently purchased Extreme V2 and Extreme Pro V2 portable SSDs. Most users seemed to be using a 4TB model, but there were also complaints from owners of 2TB drives.

Until now, there has been little public response from SanDisk, which has mostly referred online users to open a support ticket with SanDisk's technical support team. Questions about refunds have been left unanswered. When Ars contacted SanDisk about the issue, a company representative said: "Western Digital is aware of reports indicating some customers have experienced an issue with 4TB SanDisk Extreme and/or Extreme Pro portable SSDs (SDSSDE61-4T00 and SDSSDE81-4T00 respectively). We have resolved the issue and will publish a firmware update to our website soon. Customers with questions or who are experiencing issues should contact our Customer Support team for assistance."

SanDisk didn't answer our questions about refunds, whether or not the firmware would address issues with the 2TB models, what caused the issue, or when exactly this firmware fix will come. Some Reddit users have suggested that SanDisk has dragged its feet on the monthlong saga, with ian__ claiming they needed to collect "data to prove to SanDisk that it actually is more than a fluke." SanDisk's brief response to Ars' questions fails to clarify what's been going on behind the scenes.

Last week the Telegraph reported that a recent firmware update to HP printers "prevents customers from using any cartridges other than those fitted with an HP chip, which are often more expensive. If the customer tries to use a non-HP ink cartridge, the printer will refuse to print."

Some HP "Officejet" printers can disable this "dynamic security" through a firmware update, PC World reported earlier this week. But HP still defends the feature, arguing it's "to protect HP's innovations and intellectual property, maintain the integrity of our printing systems, ensure the best customer printing experience, and protect customers from counterfeit and third-party ink cartridges that do not contain an original HP security chip and infringe HP's intellectual property."

Meanwhile, Engadget now reports that "a software update Hewlett-Packard released earlier this month for its OfficeJet printers is causing some of those devices to become unusable." After downloading the faulty software, the built-in touchscreen on an affected printer will display a blue screen with the error code 83C0000B. Unfortunately, there appears to be no way for someone to fix a printer broken in this way on their own, partly because factory resetting an HP OfficeJet requires interacting with the printer's touchscreen display. For the moment, HP customers report the only solution to the problem is to send a broken printer back to the company for service.
BleepingComputer says the firmware update "has been bricking HP Office Jet printers worldwide since it was released earlier this month..." "Our teams are working diligently to address the blue screen error affecting a limited number of HP OfficeJet Pro 9020e printers," HP told BleepingComputer... Since the issues surfaced, multiple threads have been started by people from the U.S., the U.K., Germany, the Netherlands, Australia, Poland, New Zealand, and France who had their printers bricked, some with more than a dozen pages of reports.

"HP has no solution at this time. Hidden service menu is not showing, and the printer is not booting anymore. Only a blue screen," one customer said.

"I talked to HP Customer Service and they told me they don't have a solution to fix this firmware issue, at the moment," another added.

An anonymous reader quotes a report from Ars Technica: Researchers on Tuesday unveiled a major discovery -- malicious firmware that can wrangle a wide range of residential and small office routers into a network that stealthily relays traffic to command-and-control servers maintained by Chinese state-sponsored hackers. A firmware implant, revealed in a write-up from Check Point Research, contains a full-featured backdoor that allows attackers to establish communications and file transfers with infected devices, remotely issue commands, and upload, download, and delete files. The implant came in the form of firmware images for TP-Link routers. The well-written C++ code, however, took pains to implement its functionality in a "firmware-agnostic" manner, meaning it would be trivial to modify it to run on other router models.

The main purpose of the malware appears to relay traffic between an infected target and the attackers' command and control servers in a way that obscures the origins and destinations of the communication. With further analysis, Check Point Research eventually discovered that the control infrastructure was operated by hackers tied to Mustang Panda, an advanced persistent threat actor that both the Avast and ESET security firms say works on behalf of the Chinese government.

The researchers discovered the implant while investigating a series of targeted attacks against European foreign affairs entities. The chief component is a backdoor with the internal name Horse Shell. The three main functions of Horse Shell are: a remote shell for executing commands on the infected device; file transfer for uploading and downloading files to and from the infected device; and the exchange of data between two devices using SOCKS5, a protocol for proxying TCP connections to an arbitrary IP address and providing a means for UDP packets to be forwarded. The SOCKS5 functionality seems to be the ultimate purpose of the implant. By creating a chain of infected devices that establish encrypted connections with only the closest two nodes (one in each direction), it's difficult for anyone who stumbles upon one of them to learn the origin or ultimate destination or the true purpose of the infection. As Check Point researchers wrote: "Learning from history, router implants are often installed on arbitrary devices with no particular interest, with the aim to create a chain of nodes between the main infections and real command and control," Check Point researchers wrote in a shorter write-up. "In other words, infecting a home router does not mean that the homeowner was specifically targeted, but rather that they are only a means to a goal."

Hewlett-Packward printers recently got a firmware update that "blocks customers from using cheaper, non-HP ink cartridges," reports the Telegraph: Customers' devices were remotely updated in line with new terms which mean their printers will not work unless they are fitted with approved ink cartridges. It prevents customers from using any cartridges other than those fitted with an HP chip, which are often more expensive. If the customer tries to use a non-HP ink cartridge, the printer will refuse to print.

HP printers used to display a warning when a "third-party" ink cartridge was inserted, but now printers will simply refuse to print altogether.

The printer company said it issued the update to reduce the risk of malware attacks, saying "third-party cartridges that use non-HP chips or circuitry can pose risks to the hardware performance, print quality, and security." It also said it used regular updates to improve its services, such as introducing alerts for some customers telling them when their ink is running low. However, according to HP's website, the company also blocks the use of rival cartridges in order to "maintain the integrity of our printing systems, and protect our intellectual property".

Outraged customers have flooded social media with complaints, saying they felt "cheated" by the update. HP ink cartridges can cost more than double the price of third-party offerings... Some customers can choose to disable HP's cartridge-blocking feature in the printer's settings, HP said, but it depends on the printer model. Others will be stuck with a printer that only works if they commit to spending more on ink cartridges approved by HP.