By EditorDavid from Slashdot's spreading-spyware department
An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload. EternalRocks is far more complex than WannaCry's SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received. Last but not least, the worm does not have a killswitch domain, which means the worm can't be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm's owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo. Ars Technica quotes security researchers who say "there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April... These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch."Read Replies (0)
By EditorDavid from Slashdot's conservation-works department
There's some surprising news from the Energy Institute at the University of California's business school. America's households are using less electricity than they did five years ago.
So what is different? Energy-efficient lighting. Over 450 million LEDs have been installed to date in the United States, up from less than half a million in 2009, and nearly 70% of Americans have purchased at least one LED bulb. Compact fluorescent lightbulbs (CFLs) are even more common, with 70%+ of households owning some CFLs. All told, energy-efficient lighting now accounts for 80% of all U.S. lighting sales.
It is no surprise that LEDs have become so popular. LED prices have fallen 94% since 2008, and a 60-watt equivalent LED lightbulb can now be purchased for about $2. LEDs use 85% less electricity than incandescent bulbs, are much more durable, and work in a wide-range of indoor and outdoor settings.
"I would add LED TVs replacing LCD, Plasma and CRTs," writes Slashdot reader schwit1.Read Replies (0)
By EditorDavid from Slashdot's foreign-friend-requests department
An anonymous reader writes: Time magazine ran a cover story about "a dangerous new route for antidemocratic forces" -- social media. "Using these technologies, it is possible to undermine democratic government, and it's becoming easier every day," says Rand Waltzman of the Rand Corp., who ran a major Pentagon research program to understand the propaganda threats posed by social media technology." The article cites current and former FBI and CIA officials who now believe Russia's phishing emails against politicians were "just the most visible battle in an ongoing information war against global democracy." They cite, for example, a March report by U.S. counterintelligence which found "Russians had sent expertly tailored messages carrying malware to more than 10,000 Twitter users in the Defense Department."
Each message contained links tailored to the interests of the recipient, but "When clicked, the links took users to a Russian-controlled server that downloaded a program allowing Moscow's hackers to take control of the victim's phone or computer -- and Twitter account...
< article continued at Slashdot's foreign-friend-requests department
>Read Replies (0)
By EditorDavid from Slashdot's power-from-the-people department
After Thursday's net neutrality vote, two security guards pinned a reporter against a wall until FCC Commissioner Michael O'Rielly had left the room, the Los Angeles Times reports. The Writers Guild of America calls the FCC's 2-to-1 vote to initiate a repeal of net neutrality rules a "war on the open internet," according to The Guardian. But the newspaper now predicts that online activists will continue their massive campaign "as the month's long process of reviewing the rules begins." The Hill points out that Mozilla is already hiring a high-profile tech lobbyist to press for both cybersecurity and an open internet, and in a blog post earlier this week the Mozilla Foundation's executive director sees a larger movement emerging from the engagement of millions of internet users.
Today's support for net neutrality isn't the start of the Internet health movement. People have been standing up for an open web since its inception -- by advocating for browser choice, for open source practices, for mass surveillance reform. But net neutrality is an opportunity to propel this movement into the mainstream... If we make Internet health a mainstream issue, we can cement the web as a public resource. If we don't, mass surveillance, exclusion and insecurity can creep into every aspect of society. Hospitals held hostage by rogue hackers can become the status quo.
Meanwhile, The Guardian reports that it's not till the end of the FCC's review process that "a final FCC vote will decide the future of internet regulation," adding that however they vote, "court challenges are inevitable."Read Replies (0)
By EditorDavid from Slashdot's not-dead-just-resting department
The long-awaited modern OS/2 distribution from Arca Noae was released Monday. martiniturbide writes: ArcaOS 5.0 is an OEM distribution of IBM's discontinued OS/2 Warp operating system. ArcaOS offers a new set of drivers for ACPI, network, USB, video and mouse to run OS/2 in newer hardware. It also includes a new OS installer and open source software like Samba, Libc libraries, SDL, Qt, Firefox and OpenOffice... It's available in two editions, Personal ($129 with an introductory price of $99 for the first 90 days [and six months of support and maintenance updates]) and Commercial ($239 with one year of support and maintenance).
The OS/2 community has been called upon to report supported hardware, open source any OS/2 software, make public as much OS/2 documentation as possible and post the important platform links. OS2World insists that open source has helped OS/2 in the past years and it is time to look under the hood to try to clone internal components like Control Program, Presentation Manager, SOM and Workplace Shell.
By Tuesday Arca Noae was reporting "excessive traffic on the server which is impacting our ordering and delivery process," though the actual downloads of the OS were unaffected, the server load issues were soon mitigated, and they thanked OS/2 enthusiasts for a "truly overwhelming response."Read Replies (0)
By BeauHD from Slashdot's threatened-by-climate-change department
An anonymous reader quotes a report from The Guardian: It was designed as an impregnable deep-freeze to protect the world's most precious seeds from any global disaster and ensure humanity's food supply forever. But the Global Seed Vault, buried in a mountain deep inside the Arctic circle, has been breached after global warming produced extraordinary temperatures over the winter, sending meltwater gushing into the entrance tunnel. The vault is on the Norwegian island of Spitsbergen and contains almost a million packets of seeds, each a variety of an important food crop. When it was opened in 2008, the deep permafrost through which the vault was sunk was expected to provide "failsafe" protection against "the challenge of natural or man-made disasters". But soaring temperatures in the Arctic at the end of the world's hottest ever recorded year led to melting and heavy rain, when light snow should have been falling. "It was not in our plans to think that the permafrost would not be there and that it would experience extreme weather like that," said Hege Njaa Aschim, from the Norwegian government, which owns the vault. "A lot of water went into the start of the tunnel and then it froze to ice, so it was like a glacier when you went in," she told the Guardian. Fortunately, the meltwater did not reach the vault itself, the ice has been hacked out, and the precious seeds remain safe for now at the required storage temperature of -18C. But the breach has questioned the ability of the vault to survive as a lifeline for humanity if catastrophe strikes.Read Replies (0)
By BeauHD from Slashdot's heads-up department
According to a new study this week from financial services firm Cornerstone Capital Group, between 6 million and 7.5 million retail jobs are at risk of being replaced over the course of the next 10 years by some form of automation. "That represents at least 38% of the current retail work force, which consists of 16 million workers," reports CNN. "Retail could actually lose a greater proportion of jobs to automation than manufacturing has, according to the study." From the report: That doesn't mean that robots will be roving the aisles of your local department store chatting with customers. Instead, expect to see more automated checkout lines instead of cashiers. This shift alone will likely eliminate millions of jobs. "Cashiers are considered one of the most easily automatable jobs in the economy," said the report. And these job losses will hit women particularly hard, since about 73% of cashiers are women. There will also be fewer sales jobs, as more and more consumers use in-store smartphones and touchscreen computers to find what they need, said John Wilson, head of research at Cornerstone. There will still be some sales people on the floor, but just not as many of them. Rising wages are also helping to drive automation, as state and city governments hike their minimum wages. Additionally, several major retailers including Walmart, the nation's largest employer, have increased wages in order to find and retain the workers they need. The increased competition from e-commerce is also a factor, since it requires retailers to be as efficient as possible in order to compete.Read Replies (0)
By BeauHD from Slashdot's tip-jar department
An anonymous reader quotes a report from Motherboard: Uber drivers have been complaining that the gap between the fare a rider pays and what the driver receives is getting wider. After months of unsatisfying answers, Uber is providing an explanation: It's charging some passengers more because it needs the extra cash. The company detailed for the first time in an interview with Bloomberg a new pricing system that's been in testing for months in certain cities. On Friday, Uber acknowledged to drivers the discrepancy between their compensation and what riders pay. The new fare system is called "route-based pricing," and it charges customers based on what it predicts they're willing to pay. It's a break from the past, when Uber calculated fares using a combination of mileage, time and multipliers based on geographic demand. Daniel Graf, Uber's head of product, said the company applies machine-learning techniques to estimate how much groups of customers are willing to shell out for a ride. Uber calculates riders' propensity for paying a higher price for a particular route at a certain time of day. For instance, someone traveling from a wealthy neighborhood to another tony spot might be asked to pay more than another person heading to a poorer part of town, even if demand, traffic and distance are the same.Read Replies (0)
By BeauHD from Slashdot's remote-control department
New submitter lifeisshort writes: "Instead of sitting in a tower overlooking the runway, controllers will be 80 miles away, watching live footage from high-definition cameras," reports BBC. "The new system, due to be completed in 2018, will be tested for a year before becoming fully operational in 2019. The technology has been developed by Saab, the Swedish defense and security company, and will be introduced as part of a 350 million EUR development program to upgrade London City Airport. It will also include an extended terminal building, enabling it to serve two million more passengers a year by 2025.The remote digital system will provide controllers with a 360-degree view of the airfield via 14 high-definition cameras and two cameras which are able to pan, tilt and zoom. The cameras will send a live feed via fibre cables to a new operations room built at the Hampshire base of Nats, Britain's air traffic control provider." As far as reliability is concerned, "the system will use three different cables, taking different routes between the airport and the control centre, to ensure there is a back up if one of those cables fails." In spite of recent large scale hacks, what could possibly go wrong? And the next obvious step is giant Bangalore ATC outsourcing company...Read Replies (0)
By BeauHD from Slashdot's drop-in-the-bucket department
rmdingler writes: "Sweden is dropping its investigation into WikiLeaks founder Julian Assange on rape allegations, according to a prosecution statement released Friday," reports CNN. "Assange, who has always denied wrongdoing, has been holed up at the Ecuadorian Embassy in London since 2012, in an effort to avoid a Swedish arrest warrant." Despite Friday's announcement, he's unlikely to walk out of the embassy imminently. There is no apparent change in the risk of being detained in the west, particularly in the U.S., but it's definitely a win for Assange.
Joshua.Niland adds: The pressure on Julian Assange may have lifted ever so slightly with Swedish prosecutors dropping their investigation into the allegations of rape. A brief statement ahead of a press conference by the prosecutor later on Friday said: "Director of Public Prosecution, Ms Marianne Ny, has today decided to discontinue the investigation regarding suspected rape (lesser degree) by Julian Assange." This will not likely deter the United States from pursuing their own charges against him for publishing tens of thousands of military documents leaked by Army whistleblower Chelsea Manning.
After describing the development as "an important victory," Assange said, "[...] it by no means erases seven years of detention without charge under house arrest and almost five years here in this embassy without sunlight. Seven years without charge while my children grow up without me. That is not something I can forgive. It is not something I can forget."Read Replies (0)
By BeauHD from Slashdot's out-with-the-old-in-with-the-new department
Uber's general counsel Salle Yoo has warned Anthony Levandowski that if he doesn't return the files he's accused of stealing from Google's self-driving car unit and using them to develop similar technology at Uber, or open deny taking them, he could be fired. Gizmodo reports: Uber's general counsel Salle Yoo warned Levandowski in a letter sent Monday and made public last night that, if he didn't return the stolen files or openly deny taking them, he could be fired. The letter is a result of a court order issued Monday, and Levandowski has until the end of the month to comply. "We understand that this letter requires you to turn over information wherever located, including but not limited to, your personal devices, and to waive any Fifth Amendment protection you may have," Yoo wrote. "While we have respected your personal liberties, it is our view that the Court's Order requires us to make these demands of you." Despite the allegations against him, Levandowski's job at Uber has been protected so far by his reputation as a rising star in the self-driving industry and his close friendship with CEO Travis Kalanick, who called Levandowski his brother from another mother. However, Yoo's letter hints that the tide at Uber may be turning against Levandowsk -- in addition to demanding he return Waymo's documents, Yoo also asks Levandowski to return any Uber files he may have and to only use Uber-issued devices for work, where his actions will be monitored. "If you have not fully complied with our prior request to return all Uber-owned documents in your possession, custody, or control, you must immediately return all such documents to us," Yoo wrote.Read Replies (0)