173481378
submission
jd writes:
Peter Higgs, the Nobel prize-winning physicist who discovered a new particle known as the Higgs boson, has died.
Higgs, 94, who was awarded the Nobel prize for physics in 2013 for his work in 1964 showing how the boson helped bind the universe together by giving particles their mass, died at home in Edinburgh on Monday.
After a series of experiments, which began in earnest in 2008, his theory was proven by physicists working at the Large Hadron Collider at Cern in Switzerland in 2012; the Nobel prize was shared with François Englert, a Belgian theoretical physicist whose work in 1964 also contributed directly to the discovery.
A member of the Royal Society and a Companion of Honour, Higgs spent the bulk of his professional life at Edinburgh University, which set up the Higgs centre for theoretical physics in his honour in 2012.
Prof Peter Mathieson, the university’s principal, said: “Peter Higgs was a remarkable individual – a truly gifted scientist whose vision and imagination have enriched our knowledge of the world that surrounds us.
“His pioneering work has motivated thousands of scientists, and his legacy will continue to inspire many more for generations to come.”
173298917
submission
jd writes:
A pet company has twice sent back dog breed results for human swab samples, prompting doubts surrounding the accuracy of dog breed tests.
On Wednesday, WBZ News reported its investigations team receiving dog breed results from the company DNA My Dog after one of its reporters sent in a swab sample – from her own cheek.
According to the results from the Toronto-based company, WBZ News reporter Christina Hager is 40% Alaskan malamute, 35% shar-pei and 25% labrador.
This, apparently, raises questions about the accuracy of dog breed identification by DNA. Actually, it kinda raises questions about claims linking human DNA to geographic places, too. (YDNA and MtDNA tracing is fine, but clearly the use of general markers leaves a lot to be desired.)
173151202
submission
jd writes:
The Register has been running a series of articles about the evolution of Unix, from humble beginnings to the transition to Plan9. There is a short discussion of why Plan9 and its successors never really took off (despite being vastly superior to microkernels), along with the ongoing development of 9Front.
From TFA:
Plan 9 was in some way a second implementation of the core concepts of Unix and C, but reconsidered for a world of networked graphical workstations. It took many of the trendy ideas of late-1980s computing, both of academic theories and of the computer industry of the time, and it reinterpreted them through the jaded eyes of two great gurus, Kenneth Thompson and Dennis Ritchie (and their students) – arguably, design geniuses who saw their previous good ideas misunderstood and misinterpreted.
In Plan 9, networking is front and center. There are good reasons why this wasn't the case with Unix – it was being designed and built at the same time as local area networking was being invented. UNIX Fourth Edition, the first version written in C, was released in 1973 – the same year as the first version of Ethernet.
Plan 9 puts networking right into the heart of the design. While Unix was later used as the most common OS for standalone workstations, Plan 9 was designed for clusters of computers, some being graphical desktops and some shared servers.
Because everything really is a file, displaying a window on another machine can be as simple as making a directory and populating it with some files. You can start programs on other computers, but display the results on yours – all without any need for X11 or any visible networking at all.
This means all the Unixy stuff about telnet and rsh and ssh and X forwarding and so on just goes away. It makes X11 look very overcomplicated, and it makes Wayland look like it was invented by Microsoft.
173043212
submission
jd writes:
It turns out that ZFS has had a bug that corrupts data for some time, but the bug has largely gone unnoticed. The issue involves ZFS send/receive operations on encrypted partitions. The article goes on to say that ZFS encryption is not considered ready for enterprise use. Given that ZFS is considered the premiere enterprise FS, that's a little bit worrying, especially as Microsoft's RelFS is catching up in capabilities.
What, however, is perhaps more interesting is that bugs, old and new, are being catalogued and addressed much more quickly now that core development is done under Linux, even though it is not mainstreamed in the kernel.
172699543
submission
jd writes:
Crystals-Kyber was chosen to be the US government's post-quantum cryptography system of choice last year, but a side-channel attack has been identified.
From TFA, NIST says that this is an implementation-specific attack (the reference implementation) and not a vulnerability in Kyber itself.
From TFA:
The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU," Elena Dubrova, Kalle Ngo, and Joel Gärtner of KTH Royal Institute of Technology said in a paper.
CRYSTALS-Kyber is one of four post-quantum algorithms selected by the U.S. National Institute of Standards and Technology (NIST) after a rigorous multi-year effort to identify a set of next-generation encryption standards that can withstand huge leaps in computing power.
One of the popular countermeasures to harden cryptographic implementations against physical attacks is masking, which randomizes the computation and detaches the side-channel information from the secret-dependent cryptographic variables.
The attack method devised by the researchers involves a neural network training method called recursive learning to help recover message bits with a high probability of success.
The researchers also developed a new message recovery method called cyclic rotation that manipulates ciphertexts to increase the leakage of message bits, thereby boosting the success rate and making it possible to extract the session key.
"Such a method allows us to train neural networks that can recover a message bit with the probability above 99% from high-order masked implementations," they added.
When reached for comment, NIST told The Hacker News that the approach does not break the algorithm itself and that the findings don't affect the standardization process of CRYSTALS-Kyber.
On the mailing list, D. J. Bernstein added this:
Ive been recently carrying out code analysis for some of the KEM implementations submitted to SUPERCOP. In the case of kyber*/ref, I noticed various "/KYBER_Q" occurrences with variable inputs. In at least one case, line 190 of crypto_kem/kyber768/ref/poly.c, this is clearly a secret input. I'd expect measurable, possibly exploitable, timing variations
172537879
submission
jd writes:
Ars Technica is reporting a newly-discovered man-in-the-middle attack against SSH. This only works if you are using "ChaCha20-Poly1305" or "CBC with Encrypt-then-MAC", so it isn't a universal flaw. The CVE numbers for this vulnerability are CVE-2023-48795, CVE-2023-46445, and CVE-2023-46446.
From TFA:
At its core, Terrapin works by altering or corrupting information transmitted in the SSH data stream during the handshake—the earliest stage of a connection, when the two parties negotiate the encryption parameters they will use to establish a secure connection. The attack targets the BPP, short for Binary Packet Protocol, which is designed to ensure that adversaries with an active position can't add or drop messages exchanged during the handshake. Terrapin relies on prefix truncation, a class of attack that removes specific messages at the very beginning of a data stream.
The Terrapin attack is a novel cryptographic attack targeting the integrity of the SSH protocol, the first-ever practical attack of its kind, and one of the very few attacks against SSH at all. The attack exploits weaknesses in the specification of SSH paired with widespread algorithms, namely ChaCha20-Poly1305 and CBC-EtM, to remove an arbitrary number of protected messages at the beginning of the secure channel, thus breaking integrity. In practice, the attack can be used to impede the negotiation of certain security-relevant protocol extensions. Moreover, Terrapin enables more advanced exploitation techniques when combined with particular implementation flaws, leading to a total loss of confidentiality and integrity in the worst case.
172458015
submission
jd writes:
The Register is reporting that Akamai security researchers have found a way to hack Active Directory and obtain the information stored within it. The researchers go on to say that Microsoft is NOT planning to fix the vulnerability.
From TFA: While the current report doesn't provide technical details or proof-of-concept exploits, Akamai has promised, in the near future, to publish code that implements these attacks called DDSpoof — short for DHCP DNS Spoof.
"We will show how unauthenticated attackers can collect necessary data from DHCP servers, identify vulnerable DNS records, overwrite them, and use that ability to compromise AD domains," Akamai security researcher Ori David said.
The DHCP attack research builds on earlier work by NETSPI's Kevin Roberton, who detailed ways to exploit flaws in DNS zones.
172410607
submission
jd writes:
Researchers have identified a large number of bugs to do with the processing of images at boot time. This allows malicious code to be installed undetectably (since the image doesn't have to pass any validation checks) by appending it to the image. None of the current secure boot mechanisms are capable of blocking the attack.
From TFA: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux. The vulnerabilities are the product of almost a year’s worth of work by Binarly, a firm that helps customers identify and secure vulnerable firmware.
The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs or independent BIOS vendors); device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs. The researchers unveiled the attack on Wednesday at the Black Hat Security Conference in London.
As its name suggests, LogoFAIL involves logos, specifically those of the hardware seller that are displayed on the device screen early in the boot process, while the UEFI is still running. Image parsers in UEFIs from all three major IBVs are riddled with roughly a dozen critical vulnerabilities that have gone unnoticed until now. By replacing the legitimate logo images with identical-looking ones that have been specially crafted to exploit these bugs, LogoFAIL makes it possible to execute malicious code at the most sensitive stage of the boot process, which is known as DXE, short for Driver Execution Environment.
“Once arbitrary code execution is achieved during the DXE phase, it’s game over for platform security,” researchers from Binarly, the security firm that discovered the vulnerabilities, wrote in a whitepaper. “From this stage, we have full control over the memory and the disk of the target device, thus including the operating system that will be started.”
From there, LogoFAIL can deliver a second-stage payload that drops an executable onto the hard drive before the main OS has even started. The following video demonstrates a proof-of-concept exploit created by the researchers. The infected device—a Gen 2 Lenovo ThinkCentre M70s running an 11th-Gen Intel Core with a UEFI released in June—runs standard firmware defenses, including Secure Boot and Intel Boot Guard.
172327697
submission
jd writes:
All versions of OpenZFS 2.2 suffer from a defect that can corrupt the data. Attempts to mitigate the bug have reduced the likelihood of it occurring, but so far nobody has been able to pinpoint what is going wrong or why.
From Phoronix: Over the US holiday weekend it became more clear that this OpenZFS data corruption bug isn't isolated to just the v2.2 release — older versions are also susceptible — and that v2.2.1 is still prone to possible data corruption.
The good news at least is that data corruption in real-world scenarios is believed to be limited but with some scripting help the corruption can be reproduced. It's also now believed that the OpenZFS 2.2 block cloning feature just makes encountering the problem more likely.
172015703
submission
jd writes:
Stef Coburn, son of Anthony Coburn, the writer of Doctor Who's first-ever episode, has withdrawn permission for the BBC to air or publish the story Unearthly Child in any format. He blames the BBC for deliberately causing his father's death (Anthony Coburn died whilst working on another BBC project) and is demanding large sums of money. He openly states that this is for "vengeance". He is also trying to sue the BBC for the use of the police box exterior in Doctor Who.
Stef Coburn, to judge from his twitter feed, is deeply xenophobic, racist, sexist, and an anti-vaxxer, which certainly isn't helping him win admirers or fans amongst the audience of Doctor Who.
The legality of Stef's position seems to be ambiguous because Anthony Coburn wrote the story as a freelancer rather than as a BBC staff writer.
163884492
submission
jd writes:
NIST has proclaimed winners in round three of its post-quantum cryptography battle of the giants.
CRYSTALS-Kyber has been chosen for standard encryption, CRYSTALS-Dilithium, Falcon, and SPHINCS+ were chosen for digital signatures. Falcon is recommended by NIST as a backup for Dilithium where shorter keys are needed, and SPHINCS+ uses a different mathematical technique than all of the other submissions, so if it is found that there's a flaw in the maths for the others, then there's something to fall back on.
There is still a final round for public key encryption algorithms. The remaining candidates are BIKE, Classic McEliece, HQC, and SIKE.
The mailing list members probably wish that they could use Slashdot's moderation system about now, as some of the discussions have been extremely heated. This was especially true for the signature system Rainbow, which is used by the ABC Mint crypto-currency, which was rejected after what was claimed to be a catastrophic flaw was reported, with allegations that it could be broken over a weekend on a laptop, followed by counter-allegations that many of the other algorithms had significant flaws in them also. (This is likely why SPHINCS+ is a backup.)
Another area that was hotly debated was CPU design flaws, particularly HertzBleed, which got the well-known crypto maestro Bernstein rather annoyed. As SIKE is a final round candidate, NIST seem to be satisfied with his explanation for why CPU design flaws should not be considered. It is to be seen how this debate progresses.
161951148
submission
jd writes:
According to the scientific journal Nature: "A fossilized tooth unearthed in a cave in northern Laos might have belonged to a young Denisovan girl that died between 164,000 and 131,000 years ago. If confirmed, it would be the first fossil evidence that Denisovans — an extinct hominin species that co-existed with Neanderthals and modern humans — lived in southeast Asia."
Whilst not strictly surprising, Denisovan genes had previously been found in Tibetan people, there had been no archaeological evidence of Denisovans outside of Siberia, the genes might have arrived later. This new find makes it likely that the Denisovans were there at the time.Link to Original Source
151850305
submission
jd writes:
For those who don't know, An0m was a fake phone sold by the Australian and US governments to criminals so they could spy on them more easily.
I have no doubt the US and Australian governments feel vindicated by the massive success of their fake secure phones, and it's not unreasonable to congratulate stopping murders, but data swapping via a third party to bypass the law isn't that much different from what the gangs were doing.
I'm glad they saw that weakening security for the innocent wasn't necessary after all, and that's something to keep reminding them, but ethics didn't feature heavily in this and, as the article notes, what's to stop a tyrant doing the same against rivals or innocent protestors? It's not like the UK hasn't sent in undercover spies as honeypots or passed laws to legally arrest "potential subversives".
144603024
submission
jd writes:
ZDNet is reporting that Xinuos is suing IBM and Red Hat (which Xinuos alleges is a subsidiary of IBM) for copying SCO source code.
It has offered no proof, but has maybe offered a reason — it's going under. But that can't be the whole of it. Not being able to pay the lawyers is not known as a winning strategy in a court case.
The slander against Red Hat looks like an attempt to destroy the image of the company.
Last time, it was a bunch of renegades led by Col. Clippy. Could Microsoft be funding this lawsuit as well? If not, who else has incentive to try to take out Red Hat as a competitor?
138757032
submission
jd writes:
As had been feared since the first cable snapped, the giant Arecibo telescope is now too badly damaged as a result of further breakages and cannot be repaired. It is to be destroyed in a controlled demolition. No news on whether it is to be replaced.
(China has a larger giant single dish telescope but is now really the only player in that field.)Link to Original Source
