Submission + - Solving the Gmail "Slow Startup" Problem (vortex.com)

Lauren Weinstein writes: I’ve been fighting with slow Gmail startups — hanging a few seconds after program initialization, that can take a minute or more to release — for quite some time. After some testing with Googler Colm Buckley today, we’ve determined that the problem — in my case at least — was apparently the Hangouts chat panel enabled on the left lower side of the Gmail window ...

Submission + - Why You Shouldn't Imitate Bill Gates If You Want To Be Rich (bbc.com) 1

dryriver writes: BBC Capital has an article that debunks the idea of "simply doing what highly successful people have done to get rich", because many of those "outliers" got rich under special circumstances that are not possible to replicate. An excerpt: "Even if you could imitate everything Gates did, you would not be able to replicate his initial good fortune. For example, Gates’s upper-class background and private education enabled him to gain extra programming experience when less than 0.01% of his generation then had access to computers. His mother’s social connection with IBM’s chairman enabled him to gain a contract from the then-leading PC company that was crucial for establishing his software empire. This is important because most customers who used IBM computers were forced to learn how to use Microsoft’s software that came along with it. This created an inertia in Microsoft’s favour. The next software these customers chose was more likely to be Microsoft’s, not because their software was necessarily the best, but because most people were too busy to learn how to use anything else. Microsoft’s success and market share may differ from the rest by several orders of magnitude but the difference was really enabled by Gate’s early fortune, reinforced by a strong success-breeds-success dynamic."

Submission + - Attackers Can Use HVAC Systems to Control Malware on Air-Gapped Networks (bleepingcomputer.com)

An anonymous reader writes: Heating, ventilation, and air conditioning (HVAC) systems can be used as a means to bridge air-gapped networks with the outside world, allowing remote attackers to send commands to malware placed inside a target’s isolated network.

This type of attack scenario — codenamed HVACKer by its creators — relies on custom-built malware that is capable of interacting with a computer’s thermal sensors to read temperature variations and convert these fluctuations into zeros and ones — binary code.

HVACKer attacks are only useful for relaying commands into an air-gapped network, but not for stealing data. According to tests carried out by the research team, they were able to send data inside an air-gapped network via HVAC systems at bit rates of 40 bits per second, a more than acceptable transmission speed.

Submission + - Fathers Pass On Four Times As Many New Genetic Mutations As Mothers, Says Study (theguardian.com)

An anonymous reader writes: Children inherit four times as many new mutations from their fathers than their mothers, according to research that suggests faults in the men’s DNA are a driver for rare childhood diseases. Researchers studied 14,000 Icelanders and found that men passed on one new mutation for every eight months of age, compared with women who passed on a new mutation for every three years of age. The figures mean that a child born to 30-year-old parents would, on average, inherit 11 new mutations from the mother, but 45 from the father. Kari Stefansson, a researcher at the Icelandic genetics company, deCODE, which led the study, said that while new mutations led to variation in the human genome, which is necessary for evolution to happen, “they are also believed to be responsible for the majority of cases of rare diseases in childhood.” In the study published in Nature, the researchers analysed the DNA of 1,500 Icelanders and their parents and, for 225 people, at least one of their children. They found that new mutations from mothers increased by 0.37 per year of age, a quarter of the rate found in men. While the vast majority of new mutations are thought to be harmless, occasionally they can disrupt the workings of genes that are important for good health.

Submission + - Security Researchers Run Unsigned Code on Intel ME (blackhat.com)

An anonymous reader writes:

In a subsystem change that will be detailed in the talk of Intel ME version 11+, a vulnerability was found. It allows an attacker of the machine to run unsigned code in PCH on any motherboard via Skylake+. The main system can remain functional, so the user may not even suspect that his or her computer now has malware resistant to reinstalling of the OS and updating BIOS. Running your own code on ME gives unlimited possibilities for researchers, because it allows exploring the system in dynamics.


Submission + - Firefox For iOS Gets Tracking Protection, Firefox Focus For Android Gets Tabs

An anonymous reader writes: Mozilla today released Firefox 9.0 for iOS and updated Firefox Focus for Android. The iOS browser is getting tracking protection, improved sync, and iOS 11 compatibility. The Android privacy browser is getting tabs. You can download the former from Apple's App Store and the latter from Google Play. This is the first time Firefox has offered tracking protection on iOS, and Nick Nguyen, vice president of product at Mozilla, notes that it's finally possible "thanks to changes by Apple to enable the option for 3rd party browsers." This essentially means iPhone and iPad users with Firefox and iOS 11 will have automatic ad and content blocking in Private Browsing mode, and the option to turn it on in regular browsing. This is the same feature that's available in Firefox for Android, Windows, Mac, and Linux, as well as the same ad blocking technology used in Firefox Focus for Android and iOS.

Submission + - SEC Discloses Hack

An anonymous reader writes: The U.S. Securities and Exchange Commission, the Federal Government Agency charged with monitoring and regulating U.S. financial markets, announced that one of its main systems, EDGAR, had been hacked and information possibly used for illegal securities trading. The hack was originally discovered in late 2016, but the discovery of access to non-public information wasn't made until August of 2017, with the public disclosure coming just now, in late September. Alternate source: https://www.nytimes.com/2017/09/20/business/sec-hacking-attack.html

Submission + - Hackers Used CCleaner App to Target Western Tech Companies (bleepingcomputer.com)

An anonymous reader writes: The CCleaner hack that came to light this week might have been carried out by an infamous cyber-espionage group, believed to be operating out of China, and which targeted a list of who's who of western tech companies. According to Cisco, Avast, and Kaspersky, the attack seems to be the work of a cyber-espionage group named Axiom, or APT17.

Researchers say the malware deployed with CCleaner would deploy a second backdoor trojan whenever the computer was on a corporate domain matching a simple filter. According to data researchers retrieved from the malware's C&C server, attackers targeted companies such as Intel, VMWare, O2, Vodafone, Linksys, Epson, MSI, Akamai, DLink, Oracle (Dyn), Singtel, HTC, Samsung, Sony, Gauselmann, and even the almighty Microsoft and Google (Gmail).

Both Avast and Cisco say C&C data suggest that attackers compromised over 700,000 users with the first stage malware (that collected user info), and only 20 computers with the second stage backdoor. Attackers did not target any company from China or Russia. The first stage malware shared code with malware used in the past by Axiom/APT17, and the C&C server was configured to use a Chinese timezone.

Submission + - ARM TrustZone Hacked by Abusing Power Management 1

phantomfive writes: Many CPUs these days have DVFS (Dynamic Voltage and Frequency Scaling), which allows the CPUs clockspeed and voltage vary dynamically depending whether the CPU is idling or not.

By turning the voltage up and down with one thread, researchers were able to flip bits in another thread. By flipping bits when the second thread was verifying the TrustZone key, the researchers were granted permission.

If number 'A' is a product of two large prime numbers, you can flip a few bits in 'A' to get a number that is a product of many smaller numbers, and more easily factorable. This is what the researchers did.

Slashdot Top Deals