IT

Developer Accidentally Deletes Three-Month of Work With Visual Studio Code (bingj.com) 518

New submitter joshtops writes: A developer accidentally three-month of his work. In a post, he described his experience, "I had just downloaded VScode as an alternative and I was just playing with the source control option, seeing how it wanted to stage -- five thousand files -- I clicked discard... AND IT DELETED ALL MY FILES, ALL OF THEM, PERMANENTLY! How the f*uk is this s*it possible, who the hell is the d******* who made the option to permanently delete all the files on a project by accident even possible? Cannot even find them in the Recycle Bin!!!! I didn't even thought that was possible on Windows!!! F*ck this f*cking editor and f*ck whoever implemented this option. I wish you the worst.'
Security

How Hackers Are Targeting the Shipping Industry (bbc.com) 42

An anonymous reader shares a report: When staff at CyberKeel investigated email activity at a medium-sized shipping firm, they made a shocking discovery. "Someone had hacked into the systems of the company and planted a small virus," explains co-founder Lars Jensen. "They would then monitor all emails to and from people in the finance department." Whenever one of the firm's fuel suppliers would send an email asking for payment, the virus simply changed the text of the message before it was read, adding a different bank account number. "Several million dollars," says Mr Jensen, were transferred to the hackers before the company cottoned on. After the NotPetya cyber-attack in June, major firms including shipping giant Maersk were badly affected. In fact, Maersk revealed this week that the incident could cost it as much as $300 million in profits. But Mr Jensen has long believed that that the shipping industry needs to protect itself better against hackers -- the fraud case dealt with by CyberKeel was just another example. The firm was launched more than three years ago after Mr Jensen teamed up with business partner Morten Schenk, a former lieutenant in the Danish military who Jensen describes as "one of those guys who could hack almost anything." They wanted to offer penetration testing -- investigative tests of security -- to shipping companies. The initial response they got, however, was far from rosy.
Security

Secret Chips in Replacement Parts Can Completely Hijack Your Phone's Security (arstechnica.com) 58

Dan Goodin, writing for ArsTechnica: People with cracked touch screens or similar smartphone maladies have a new headache to consider: the possibility the replacement parts installed by repair shops contain secret hardware that completely hijacks the security of the device. The concern arises from research that shows how replacement screens -- one put into a Huawei Nexus 6P and the other into an LG G Pad 7.0 -- can be used to surreptitiously log keyboard input and patterns, install malicious apps, and take pictures and e-mail them to the attacker. The booby-trapped screens also exploited operating system vulnerabilities that bypassed key security protections built into the phones. The malicious parts cost less than $10 and could easily be mass-produced. Most chilling of all, to most people, the booby-trapped parts could be indistinguishable from legitimate ones, a trait that could leave many service technicians unaware of the maliciousness. There would be no sign of tampering unless someone with a background in hardware disassembled the repaired phone and inspected it. The research, in a paper presented this week (PDF) at the 2017 Usenix Workshop on Offensive Technologies, highlights an often overlooked disparity in smartphone security. The software drivers included in both the iOS and Android operating systems are closely guarded by the device manufacturers, and therefore exist within a "trust boundary."
Encryption

How Security Pros Look at Encryption Backdoors (helpnetsecurity.com) 47

An anonymous reader shares a report: The majority of IT security professionals believe encryption backdoors are ineffective and potentially dangerous, with 91 percent saying cybercriminals could take advantage of government-mandated encryption backdoors. 72 percent of the respondents do not believe encryption backdoors would make their nations safer from terrorists, according to a Venafi survey of 296 IT security pros, conducted at Black Hat USA 2017. Only 19 percent believe the technology industry is doing enough to protect the public from the dangers of encryption backdoors. 81 percent feel governments should not be able to force technology companies to give them access to encrypted user data. 86 percent believe consumers don't understand issues around encryption backdoors.
Google

Google Researchers Made An Algorithm To Delete Watermarks From Photos (venturebeat.com) 60

"Researchers at Google have found a vulnerability in the way watermarks are used by stock imagery sites like Adobe Stock that makes it possible to remove the opaque stamp used to protect copyright," writes Khari Johnson via VentureBeat. "The consistent nature in which the watermarks are placed on photos can be exploited using an algorithm trained to recognize and automatically remove watermarks." From the report: Changing the position or opacity of a watermark do not impact the algorithm's ability to remove watermarks from images with copyright protection. Randomization, the researchers say, is required to keep images from being stolen. In results presented at the Computer Vision and Pattern Recognition conference last month, subtle modifications to each watermark can make it harder to remove watermarks. With these warped watermarks, attempts to get rid of watermarks with an algorithm or photo editing software leaves noticeable marks, rendering an image useless. "As often done with vulnerabilities discovered in operating systems, applications or protocols, we want to disclose this vulnerability and propose solutions in order to help the photography and stock image communities adapt and better protect its copyrighted content and creations," research scientists Tali Dekel and Michael Rubenstein wrote in a blog post today. "From our experiments much of the world's stock imagery is currently susceptible to this circumvention." You can learn more about the different types of randomization that can be done to combat watermark removal and see more example images in Google's blog post. The full report and research is available via the project's GitHub page.
IOS

iOS 11 Has a Feature To Temporarily Disable Touch ID (cultofmac.com) 130

A new feature baked into iOS 11 lets you quickly disable Touch ID, which could come in handy if you're ever in a situation where someone (a cop) might force you to unlock your device. Cult of Mac reports: To temporarily disable Touch ID, you simply press the power button quickly five times. This presents you with the "Emergency SOS" option, which you can swipe to call the emergency services. It also prevents your iPhone from being unlocked without the passcode. Until now, there were other ways to temporarily disable Touch ID, but they weren't quick and simply. You either had to restart your iPhone, let it sit idle for a few days until Touch ID was temporarily disabled by itself, or scan the wrong finger several times. The police, or any government agency, cannot force you to hand over your iPhone's passcode. However, they can force you to unlock your device with your fingerprint. That doesn't work if your fingerprint scanner has been disabled.
Government

Ukraine Hacker Cooperating With FBI In Russia Probe, Says Report (thehill.com) 201

schwit1 shares a report from The Hill: A hacker in Ukraine who goes by the online alias "Profexer" is cooperating with the FBI in its investigation of Russian interference in the U.S. presidential election, The New York Times is reporting. Profexer, whose real identity is unknown, wrote and sold malware on the dark web. The intelligence community publicly identified code he had written as a tool used in the hacking of the Democratic National Committee ahead of last year's presidential election. The hacker's activity on the web came to a halt shortly after the malware was identified. The New York Times, citing Ukrainian police, reported Wednesday that the individual turned himself into the FBI earlier this year and became a witness for the bureau in its investigation. FBI investigators are probing Russian interference efforts and whether there was coordination between associates of President Trump's campaign and Moscow. Special counsel Robert Mueller is heading the investigation.
Encryption

Hacker Claims To Have Decrypted Apple's Secure Enclave Processor Firmware (iclarified.com) 106

According to iClarified, a hacker by name of "xerub" has posted the decryption key for Apple's Secure Enclave Processor (SEP) firmware. "The security coprocessor was introduced alongside the iPhone 5s and Touch ID," reports iClarified. "It performs secure services for the rest of the SOC and prevents the main processor from getting direct access to sensitive data. It runs its own operating system (SEPOS) which includes a kernel, drivers, services, and applications." From the report: The Secure Enclave is responsible for processing fingerprint data from the Touch ID sensor, determining if there is a match against registered fingerprints, and then enabling access or purchases on behalf of the user. Communication between the processor and the Touch ID sensor takes place over a serial peripheral interface bus. The processor forwards the data to the Secure Enclave but can't read it. It's encrypted and authenticated with a session key that is negotiated using the device's shared key that is provisioned for the Touch ID sensor and the Secure Enclave. The session key exchange uses AES key wrapping with both sides providing a random key that establishes the session key and uses AES-CCM transport encryption. Today, xerub announced the decryption key "is fully grown." You can use img4lib to decrypt the firmware and xerub's SEP firmware split tool to process. Decryption of the SEP Firmware will make it easier for hackers and security researchers to comb through the SEP for vulnerabilities.
Transportation

Unpatchable 'Flaw' Affects Most of Today's Modern Cars (bleepingcomputer.com) 208

Catalin Cimpanu, writing for BleepingComputer: A flaw buried deep in the hearts of all modern cars allows an attacker with local or even remote access to a vehicle to shut down various components, including safety systems such as airbags, brakes, parking sensors, and others. The vulnerability affects the CAN (Controller Area Network) protocol that's deployed in modern cars and used to manage communications between a vehicle's internal components. The flaw was discovered by a collaborative effort of Politecnico di Milano, Linklayer Labs, and Trend Micro's Forward-looking Threat Research (FTR) team. Researchers say this flaw is not a vulnerability in the classic meaning of the word. This is because the flaw is more of a CAN standard design choice that makes it unpatchable.
China

China Cracks Down on VPN Vendors (bbc.com) 39

An anonymous reader shares a BBC report: China's latest crackdown on those attempting to skirt state censorship controls has seen it warn e-commerce platforms over the sale of illegal virtual private networks (VPNs). Five websites, including shopping giant Alibaba, have been asked to remove vendors that sell VPNs. It is the latest in a series of measures from the Chinese government to maintain strict control over content. Apple has previously been asked to remove VPN apps. China's cyber-regulator the Cyberspace Administration of China (CAC) has ordered the websites to carry out immediate "self-examination and correction." "The CAC has ordered these five sites to immediately carry out a comprehensive clean-up of harmful information, close corresponding illegal account.. and submit a rectification report by a deadline," the regulator said in a statement.
The Internet

Cloudflare Stops Supporting Neo-Nazi Site The Daily Stormer (arstechnica.com) 483

Timothy B. Lee reports via Ars Technica: All week, the infamous hate site Daily Stormer has been battling to stay online in the face of a concerted social media campaign to shut it down. The site lost its "dailystormer.com" domain on Monday after first GoDaddy and then Google Domains blacklisted it from their domain registration services. The site re-appeared online on Wednesday morning at a new domain name, dailystormer.ru. But within hours, the site had gone offline again after it was dropped by Cloudflare, an intermediary that defends customers against denial-of-service attacks. Daily Stormer's Andrew Anglin reported Cloudflare's decision to drop the site in a post on the social media site Gab. His post was first spotted by journalist Matthew Sheffield.
Security

Email Provider ProtonMail Says It Hacked Back, Then Walks Claim Back (vice.com) 30

An anonymous reader shares a report: On Wednesday, encrypted email provider ProtonMail claimed it had hacked someone who was impersonating its service in phishing emails, and the company then swiftly deleted the tweet. Early Wednesday morning, the security researcher known as x0rz tweeted out a series of screenshots allegedly showing someone sending emails that directed targets to a fake ProtonMail login screen. "You have an overdue invoice," the message read. In response, ProtonMail said it had taken action. "We also hacked the phishing site so the link is down now," ProtonMail tweeted. Depending on the context and what exactly the retaliating organization did, hacking back can be illegal. Hacking could violate the Computer Fraud and Abuse Act, or perhaps even wiretapping legislation. A recently proposed bill would attempt to legalize the practice. ProtonMail swiftly deleted its tweet, but not before x0rz could grab and subsequently tweet a screenshot. x0rz then deleted his own tweet at the request of ProtonMail.
Security

Shipping Company Maersk Says June Cyberattack Could Cost It Up To $300 Million (cnbc.com) 43

An anonymous reader shares an article: Container shipping company A.P. Moller Maersk on Tuesday said it expects that computer issues triggered by the NotPetya cyberattack will cost the company as much as $300 million in lost revenue. "In the last week of the [second] quarter we were hit by a cyber-attack, which mainly impacted Maersk Line, APM Terminals and Damco," Maersk CEO Soren Skou said in a statement. "Business volumes were negatively affected for a couple of weeks in July and as a consequence, our Q3 results will be impacted. We expect that the cyber-attack will impact results negatively by USD 200-300m." Maersk Line was able to take bookings from existing customers two days after the attack, and things gradually got back to normal over the following week, the company said. It said it did not lose third-party data as a result of the attack.
Microsoft

The Docx Games: Three Days At the Microsoft Office World Championship (theverge.com) 57

An anonymous reader shares a report: On a Sunday night two weeks back, in the Rose Court Garden of the Disneyland Hotel in Anaheim, California, 150 antsy competitors between the ages of 13 and 22 milled around eating miniature whoopie pies by the light of the Moon, sizing up their global rivals in the efficient use of Excel, PowerPoint, and Word. It was as if the Olympics opening ceremony was replaced by a networking event: teens were decked out in national T-shirts, while others handed out business cards specially made for the event. At one table off by the bar, two chaperones nudged their folding chairs closer together and taught each other how to say hello ("Yassas," "Ciao") in their respective mother tongues. In the distance, through the palms, the tiki torches of Trader Sam's, the hotel's poolside lounge, were flickering into the black sky. This marked the first night of the 16th Microsoft Office Specialist (MOS) World Championship, in which teens and young 20-somethings compete for the title of World Champion in their chosen professional application. It's an event put on annually by Certiport, a Utah-based subsidiary of standardized testing giant Pearson VUE. It's also a marketing stunt, pure and simple, devised to promote Certiport's line of Microsoft Office certifications. This allows the certified to confirm the line on their resume that claims "proficiency in MS Office" is backed up by some solid knowledge of deep formatting and presentation design.
Communications

Guam Radio Stations Accidentally Conduct Emergency Alert Amid North Korea Threat (theguardian.com) 50

the_webmaestro writes: A couple of radio stations in Guam conducted an unscheduled test of the Emergency Alert Broadcast System, sending some residents -- already on edge due to the back and forth between the North Korean regime and the tweets made by the President of the United States -- into a panic. From the Guam Homeland Security/Office of Civil Defense Facebook page: "The Offices of Guam Homeland Security and Civil Defense (GHS/OCD), in conjunction with the Mariana Regional Fusion Center (MRFC), our federal and military partners, continue to monitor the recent events surrounding North Korea and their threatening actions. Residents and visitors may have noticed at 12:25 a.m., an unscheduled test of the Emergency Alert Broadcast System (EAS) was triggered from KTWG/KSTO AM. The message read: 'A BROADCAST STATION OR CABLE SYSTEM HAS ISSUED A CIVIL DANGER WARNING FOR THE FOLLOWING COUNTIES/AREAS: Guam, Guam; AT 12:25 AM ON AUG 15, 2017 EFFECTIVE UNTIL 12:40 AM. MESSAGE FROM KTWGKSTO.' The unauthorized test was NOT connected to any emergency, threat or warning. GHS/OCD has worked with KSTO to ensure the human error will not occur again. There is no scheduled test of the EAS or All Hazards Alert Warning System sirens today."

In addition, the Guam Power Authority (GPA) reported there were two scheduled outages, for emergency interruption of power, at 2:30 p.m. and 7 p.m., August 14: "Unrelated to the EAS unauthorized test, the Guam Power Authority (GPA) reported there were two scheduled outages, for emergency interruption of power, at 2:30 p.m. and 7 p.m., August 14 for customers located in Talofofo located along along Rte.17, Chalan J. Kindo, Vicente Borja Dr., Felix Dydasco St., Henry Simpson area to bus shelter by Bishop Street and other customers in these locations."

The Internet

Cloudflare is the One Tech Company Still Sticking By Neo-Nazi Websites (qz.com) 549

An anonymous reader shares a report: One company is sticking by The Daily Stormer and other far-right websites: the cloud security and performance service Cloudflare. Cloudflare acts as a shield between websites and the outside world, protecting them from hackers and preserving the anonymity of the sites' owners. But Cloudflare is not a hosting service: It does not store website content on its servers. And that fact, as far as the company is concerned, exempts it from judgment over who its clients are -- even if those clients are literally Nazis. In a statement Cloudflare sent to Quartz and other publications yesterday, the company refused to explicitly say it will continue to do business with sites like The Daily Stormer, but pointed out that the content would exist regardless of what Cloudflare does or doesn't do. "Cloudflare is aware of the concerns that have been raised over some sites that have used our network. We find the content on some of these sites repugnant. While our policy is to not comment on any user specifically, we are cooperating with law enforcement in any investigation. Cloudflare is not the host of any website. Cloudflare is a network that provides performance and security services to more than 10% of all Internet requests. Cloudflare terminating any user would not remove their content from the Internet, it would simply make a site slower and more vulnerable to attack."
UPDATE: The Daily Stormer now says Cloudflare has decided to drop their site after all.
The Military

US Army Walks Back Decision To Ban DJI Drones Ever So Slightly (suasnews.com) 27

garymortimer shares a report from sUAS News: News has reached me that another DJI memo was passed around on Friday the 11th of August. An exception to policy with recommendations from the asymmetric warfare group that will permit the use of DJI kit once some conditions have been met. The Android Tactical Assault Kit will become the ground control station (GCS) of choice when a DJI plugin has passed OPSEC (Operational Security) scrutiny. In a separate report from Reuters, DJI said it is "tightening data security in the hopes that the U.S. Army will lift its ban on DJI drones because of 'cyber vulnerabilities.'" The company is "speeding deployment of a system that allows users to disconnect from the internet during flights, making it impossible for flight logs, photos or videos to reach DJI's computer servers," reports Reuters. While the security measure has been in the works for several months, it's being rolled out sooner than planned because of the Army's decision to discontinue the use of DJI drones.
Google

From Google To Yahoo, Tech Grapples With White Male Discontent (bloomberg.com) 574

Reader joshtops shares a Bloomberg report: Google isn't the only Silicon Valley employer being accused of hostility to white men. Yahoo and Tata Consultancy Services were already fighting discrimination lawsuits brought by white men before Google engineer James Damore ignited a firestorm -- and got himself fired -- with an internal memo criticizing the company's diversity efforts and claiming women are biologically less suited than men to be engineers. The Yahoo case began last year when two men sued, claiming they'd been unfairly fired after managers allegedly manipulated performance evaluations to favor women. They claim Marissa Mayer approved the review process and was involved in their terminations, and last month a judge ordered the former chief executive be deposed. TCS, meanwhile, is fighting three men who claim the Mumbai-based firm discriminates against non-Indians at its U.S. offices.
The Internet

I Bought a Book About the Internet From 1994 and None of the Links Worked (vice.com) 180

An anonymous reader shares a report (condensed for space and clarity): For crate-diggers of all stripes, the internet is awesome for one reason: The crate never ends. There's always something new to find online, because people keep creating new things to throw into that crate. But that crate has a hole at the bottom. Stuff is falling out just as quickly, and pieces of history that would stick around in meatspace disappear in an instant online. So as a result, there aren't a lot of websites from 1995 that made it through to the present day. Gopher sites? Odds are low. Text files? Perhaps. The endless pace of linkrot has left books about the internet in a curious limbo -- they're dead trees about the dead-tree killer, after all. [...] Recently, I bought a book -- a reference book, the kind that you can still pick up at Barnes and Noble today. The book, titled Free $tuff From the Internet (Coriolis Group Books, 1994), promises to help you find free content online. And, crucially, it focuses less on the web, which was still quite young, than on many of the alternative protocols of the era. This book links to FTP sites, telnet servers, and Gopher destinations, and I've tried many of them in an effort to figure out whether something, anything in this book works in the present day. These FTP servers were often based at universities which have a vested interest in keeping information online for a long-term period -- think the University of North Carolina, or Kansas State University. But despite this, I could not get most of these servers to load -- they were long ago murdered by the World Wide Web.
Security

Spyware Apps Found on Google Play Store (bleepingcomputer.com) 37

Researchers at the security firm Lookout have identified a family of malicious Android apps, referred to as SonicSpy. From a report: Experts say the malware author modified a version of the official Telegram app, injected the spyware code, rebranded it, and uploaded the modified app on the Play Store. In total, the crook uploaded the app three times on the Play Store under the names Soniac, Hulk Messenger, and Troy Chat. Only Soniac was active on Google's app store when researchers first spotted the spyware, as the other two apps were already taken down, most likely by the developer himself. At the time of writing, Lookout says they identified over 1,000 variations of this new spyware called SonicSpy, which they believe to be a new version of an older Android spyware named SpyNote.

Slashdot Top Deals