Further research and investigation into Petya ransomware -- which has affected computers in over 60 countries -- suggest three interesting things: 1. Ukraine was the epicentre of the attack. According to Kaspersky, 60 percent of all machines infected were located within Ukraine. 2. The attackers behind the attack have made little money -- around $10,000. Which leads to speculation that perhaps money wasn't a motive at all. 3. Petya was either "incredibly buggy, or irreversibly destructive on purpose." An anonymous reader shares a report: Because the virus has proven unusually destructive in Ukraine, a number of researchers have come to suspect more sinister motives at work. Peeling apart the program's decryption failure in a post today, Comae's Matthieu Suiche concluded a nation state attack was the only plausible explanation. "Pretending to be a ransomware while being in fact a nation state attack," Suiche wrote, "is in our opinion a very subtle way from the attacker to control the narrative of the attack." Another prominent infosec figure put it more bluntly: "There's no fucking way this was criminals." There's already mounting evidence that Petya's focus on Ukraine was deliberate. The Petya virus is very good at moving within networks, but initial attacks were limited to just a few specific infections, all of which seem to have been targeted at Ukraine. The highest-profile one was a Ukrainian accounting program called MeDoc, which sent out a suspicious software update Tuesday morning that many researchers blame for the initial Petya infections. Attackers also planted malware on the homepage of a prominent Ukraine-based news outlet, according to one researcher at Kaspersky.
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×
An anonymous reader shares a report: One excuse FCC Chairman Ajit Pai regularly offers to explain his effort to gut net neutrality protections is the claim that open Internet rules have harmed ISPs, especially small ones. During a speech earlier this year, he stressed that 22 small ISPs told him that the 2015 Open Internet Order hurt their ability to invest and deploy. In reality, though, many more ISPs feel very differently. Today, more than 40 ISPs told the FCC that they have had no problem with the Open Internet Order (PDF) and that it hasn't hurt their ability to develop and expand their networks. What is more, that they want the FCC to do its job and address the problem Congress created when it repealed the broadband privacy rules in March.
The Supreme Court of Canada ruled against Google on Wednesday in a closely-watched intellectual property case over whether judges can apply their own country's laws to all of the internet. From a report: In a 7-2 decision, the court agreed a British Columbia judge had the power to issue an injunction forcing Google to scrub search results about pirated products not just in Canada, but everywhere else in the world too. Those siding with Google, including civil liberties groups, had warned that allowing the injunction would harm free speech, setting a precedent to let any judge anywhere order a global ban on what appears on search engines. The Canadian Supreme Court, however, downplayed this objection and called Google's fears "theoretical." "This is not an order to remove speech that, on its face, engages freedom of expression values, it is an order to de-index websites that are in violation of several court orders. We have not, to date, accepted that freedom of expression requires the facilitation of the unlawful sale of goods," wrote Judge Rosalie Abella.
Steve Lohr, writing for the New York Times: A few years ago, Sean Bridges lived with his mother, Linda, in Wiley Ford, W.Va. Their only income was her monthly Social Security disability check. He applied for work at Walmart and Burger King, but they were not hiring. Yet while Mr. Bridges had no work history, he had certain skills. He had built and sold some stripped-down personal computers, and he had studied information technology at a community college. When Mr. Bridges heard IBM was hiring at a nearby operations center in 2013, he applied and demonstrated those skills. Now Mr. Bridges, 25, is a computer security analyst, making $45,000 a year. In a struggling Appalachian economy, that is enough to provide him with his own apartment, a car, spending money -- and career ambitions. "I got one big break," he said. "That's what I needed." Mr. Bridges represents a new but promising category in the American labor market: people working in so-called new-collar or middle-skill jobs. As the United States struggles with how to match good jobs to the two-thirds of adults who do not have a four-year college degree, his experience shows how a worker's skills can be emphasized over traditional hiring filters like college degrees, work history and personal references. [...] On Wednesday, the approach received a strong corporate endorsement from Microsoft, which announced a grant of more than $25 million to help Skillful, a program to foster skills-oriented hiring, training and education. The initiative, led by the Markle Foundation, began last year in Colorado, and Microsoft's grant will be used to expand it there and move it into other states. "We need new approaches, or we're going to leave more and more people behind in our economy," said Brad Smith, president of Microsoft.
An anonymous reader writes: Former Uber CEO Travis Kalanick has absorbed blistering criticism for the way he handled allegations of sexual misconduct at the San Francisco riding-hailing service. But he can at least count on the support of one big name in Silicon Valley: former Yahoo CEO Marissa Mayer. Speaking at the annual Stanford Directors' College Tuesday, Mayer defended Kalanick, suggesting that he was unaware of the toxic culture brewing at Uber because of the company's rapid growth. Mayer's name has come up in reports as a possible replacement for Kalanick at Uber, though there's no indication the company has had talks with her. "Scale is incredibly tricky," Mayer said. "I count Travis as one of my friends. I think he's a phenomenal leader; Uber is ridiculously interesting. I just don't think he knew," she said. "When your company scales that quickly, it's hard." Mayer then compared Uber's situation to the early days of Google when it first brought in Eric Schmidt as CEO to help co-founders Sergey Brin and Larry Page manage the company.
Five months after The Guardian published an investigative report, in which it found a "backdoor" in the Facebook-owned service, the publication is finally making amendments. The January report immediately stirred controversy among security experts, who began questioning The Guardian's piece. Weeks later, Zeynep Tufekci, a researcher and op-ed writer for the New York Times, published an open letter with over 70 major security researchers working at major universities and companies like Google condemning the story, and asking the publication to retract it.. Paul Chadwick, The Guardian's reader's editor, said "The Guardian was wrong to report last January that the popular messaging service WhatsApp had a security flaw so serious that it was a huge threat to freedom of speech." From his article: In a detailed review I found that misinterpretations, mistakes and misunderstandings happened at several stages of the reporting and editing process. Cumulatively they produced an article that overstated its case. The Guardian ought to have responded more effectively to the strong criticism the article generated from well-credentialled experts in the arcane field of developing and adapting end-to-end encryption for a large-scale messaging service. The original article -- now amended and associated with the conclusions of this review -- led to follow-up coverage, some of which sustained the wrong impression given at the outset. The most serious inaccuracy was a claim that WhatsApp had a "backdoor", an intentional, secret way for third parties to read supposedly private messages. This claim was withdrawn within eight hours of initial publication online, but withdrawn incompletely. The story retained material predicated on the existence of a backdoor, including strongly expressed concerns about threats to freedom, betrayal of trust and benefits for governments which surveil. In effect, having dialled back the cause for alarm, the Guardian failed to dial back expressions of alarm.
From a blog post by Microsoft: On June 27, 2017 reports of a ransomware infection began spreading across Europe. We saw the first infections in Ukraine, where more than 12,500 machines encountered the threat. We then observed infections in another 64 countries, including Belgium, Brazil, Germany, Russia, and the United States. The new ransomware has worm capabilities, which allows it to move laterally across infected networks. Based on our investigation, this new ransomware shares similar codes and is a new variant of Ransom:Win32/Petya. This new strain of ransomware, however, is more sophisticated. [...] Initial infection appears to involve a software supply-chain threat involving the Ukrainian company M.E.Doc, which develops tax accounting software, MEDoc. Although this vector was speculated at length by news media and security researchers -- including Ukraine's own Cyber Police -- there was only circumstantial evidence for this vector. Microsoft now has evidence that a few active infections of the ransomware initially started from the legitimate MEDoc updater process. A New York Times reports how rest of the world is dealing with Petya. From the article: A fuller picture of the impact will probably emerge in the coming days. But companies and government offices worldwide appeared less affected than the WannaCry attack, notably in places like China, which was hard hit in May. Reports from Asia suggested that many of the companies hit were the local arms of European and American companies struck on Tuesday. In Mumbai, India, a port terminal operated by A.P. Moller-Maersk, the Danish shipping giant, was shut after it disclosed that it had been hit by the malware. In a statement, Indian port authorities said they were taking steps to relieve congestion, such as finding places to park stranded cargo. The attack shut the terminal down on Tuesday afternoon. On the Australian island of Tasmania, computers in a Cadbury chocolate factory owned by Mondelez International, the American food company, displayed the ransomware message, according to the local news media.
Blue Origin has recently announced its plans to manufacture the company's new rocket engine, the BE-4, at a state-of-the-art facility in Huntsville, Alabama. According to The Verge, the benefits for Blue Origin are both practical and political. From the report: On the surface, it's a seemingly innocuous decision meant to capitalize on Huntsville's decades-long history of rocket development. The city is home to NASA's Marshall Space Flight Center, where the Saturn V rocket was developed and where NASA's future massive deep-space rocket, the Space Launch System, will also be worked on. Plus, many private space contractors are based in Huntsville, making spaceflight a key part of the city's economy and a huge jobs creator. It's why Huntsville has been nicknamed Rocket City. But the move is most likely motivated by politics as well, given Blue Origin's plans for the BE-4. The company ultimately hopes to use seven BE-4 engines to power its future massive rocket called the New Glenn, which is supposed to launch sometime before 2020. But that's not the only rocket that the BE-4 could fly on. The United Launch Alliance -- a company responsible for launching most of the satellites for the U.S. military -- is developing a new rocket called Vulcan, and it needs new U.S.-made engines for the vehicle. Blue Origin's move to Huntsville will supposedly generate 342 jobs at the new facility, with salaries averaging $75,000, reports The Verge. Given the city's history, the company should have no problem finding aerospace experts in the area. The only problem that could arise would be if ULA doesn't select the BE-4 as the Vulcan's main engine. "ULA is also considering a second option in case the BE-4 doesn't work out: an engine being developed by longtime manufacturer Aerojet Rocketdyne called the AR-1," reports The Verge. "Aerojet is only meant to be Plan B for ULA. But it has one advantage that Blue Origin didn't have until now: it's building its engine in Huntsville, Alabama -- and that comes with some very key political protection."
GeoGreg writes: On August 21, 2017, the contiguous United States will experience its first total solar eclipse since 1979. According to GreatAmericanEclipse.com's Michael Zeiler, approximately 200 million people live within one day's drive of the eclipse. Zeiler projects that between 1.85 to 7.4 million people will attempt to visit the path of totality. As the eclipse approaches, articles are appearing predicting the possibility of automobile traffic jamming rural roads. There is also concern about the ability of rural cellular networks to handle such a large influx. AT&T is bringing in Cell On Wheel (COW) systems to rural locations in Kentucky, Idaho, and Oregon, while Verizon is building a temporary tower in Jackson Hole, Wyoming. The disruption could be frustrating to those trying to get to the eclipse or share their photos via social networking. If cellular networks can't handle the data, apps like Waze won't be much help in avoiding the traffic. If communication is essential near the eclipse path, Astronomy Magazine recommends renting a satellite phone.
Chase Purdy reports via Quartz: The maker of vegan mayonnaise has been working on getting lab-made meat onto dinner tables everywhere. It's just that nobody knew about it. Hampton Creek -- a company that built its name on plant-based condiments and vegan-friendly cookie doughs -- today revealed that, for the last year, it has been secretly developing the technology necessary for producing lab-made meat and seafood, or as the industry likes to call it, "clean meat." Perhaps even more surprising is that Hampton Creek expects to beat its closest competitor to market by more than two years. Since it was founded in 2015, Memphis Meats has raised at least $3 million from five investors for the development of its meat products, according to Crunchbase. By contrast, Hampton Creek -- just a 20-mile drive from its Silicon Valley rival -- has raised more than $120 million since 2011. It's one of Silicon Valley's unicorns -- a company that has a valuation that exceeds $1 billion.
An anonymous reader quotes a report from The Guardian: The world's first floating windfarm has taken to the seas in a sign that a technology once confined to research and development drawing boards is finally ready to unlock expanses of ocean for generating renewable power. After two turbines were floated this week, five now bob gently in the deep waters of a fjord on the western coast of Norway ready to be tugged across the North Sea to their final destination off north-east Scotland. The ~$256 million Hywind project is unusual not just because of the pioneering technology involved, which uses a 78-meter-tall underwater ballast and three mooring lines that will be attached to the seabed to keep the turbines upright. It is also notable because the developer is not a renewable energy firm but Norway's Statoil, which is looking to diversify away from carbon-based fuels.
According to The Wall Street Journal, Sprint's merger talks with T-Mobile are temporarily on hold while the carrier mulls over a number of potential deals with the United States' two biggest cable companies, Comcast and Charter. While Comcast is already using Verizon's wireless service under their own name, the company may want to use Sprint's network as well. Charter doesn't have a wireless phone offering yet, but the company's CEO indicated last year that it has every intention of launching one. The Verge reports: Such a deal would likely involve the two cable companies making an investment in Sprint, which the carrier would then use to build out its network, generally known to be the worst of the four major phone service providers. The Journal also reports that Comcast and Charter could make a bid to acquire Sprint outright, but it said the outcome was seen as less likely. Though they're usually an unlikely pairing, Comcast and Charter agreed in May to team up when making deals around wireless coverage for a full year. For the most part, both companies have been slowly losing TV subscribers year after year as customers shift over to online services. They see phone service as a new offering that could help to restore growth and lock in subscribers.
Chrisq shares a report from The Telegraph: Fears have been raised that Britain's largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-board hardware and software "would have been good in 2004" when the carrier was designed, "but now seems rather antiquated." However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks.
An anonymous reader shares a report: Members of Congress said Tuesday that they hope to move forward with a package of self-driving car legislation by the end of July. "We've got to keep moving, because again, this technology is moving away from us, you might say," said Republican Bob Latta, who is helping to lead the effort. That would move the bills out of the relevant committee -- but not out of the House entirely.
An anonymous reader quotes a report from Bleeping Computer: Today's massive ransomware outbreak was caused by a malicious software update for M.E.Doc, a popular accounting software used by Ukrainian companies. According to several researchers, such as Cisco Talos, ESET, MalwareHunter, Kaspersky Lab, and others, an unknown attacker was able to compromise the software update mechanism for M.E.Doc's servers, and deliver a malicious update to customers. When the update reached M.E.Doc's customers, the tainted software packaged delivered the Petya ransomware -- also referenced online as NotPetya, or Petna. The Ukrainian software vendor appears to have inadvertently confirmed that something was wrong when, this morning, issued a security advisory. Hours later, as the ransomware outbreak spread all over Ukraine and other countries across the globe causing huge damages, M.E.Doc denied on Facebook its servers ever served any malware. According to security researcher MalwareHunter, this is not the first time M.E.Doc has carried a malicious software update that delivered ransomware. Back in May, the company's software update mechanism also helped spread the XData ransomware.
McGruber writes: On Friday, June 23, 2017, three men broke into the home of Albert Eugene DeMagnus, the CEO of Computer Management Services. The men stabbed DeMangus, who was pronounced dead after he had been taken to a hospital. Police officers chased two of the suspects as they fled in DeMangus' gray Lexus. The Lexus crashed and the two men ran away into the woods. Police then set up a perimeter with road checkpoints. Soon, a Lyft driver approached a checkpoint and told police she was picking up a passenger nearby. "This may be one of our suspects trying to leave the scene," Fayette County, Georgia Sheriff Barry Babb thought of the person being picked up. So Babb and three officers got into his car, which happened to be identical to the Lyft driver's. They got the location of the suspect from the Lyft driver and simply drove to the suspect, posing as his ride. "The subject walked all the way up, was about to open the door and get in our vehicle, when we exited and identified ourself," said Sheriff Babb. The suspect fled and got about 100 yards into the woods before being taken into custody. "That was something that was unique for us," Babb said, "a first time for us."
Digital currency mining is in high demand, causing GPU prices to skyrocket. Nvidia is planning to capitalize on this trend by releasing graphics cards specifically designed for cryptocurrency. From a product listing on ASUS' website: "ASUS Mining P106 is designed for coin mining with high-efficiency components -- delivering maximum hash-rate production at minimum cost. ASUS Mining P106 enhances the megahash rate by up to 36% compared cards in the same segment that are not tailored for mining. The new card is also engineered to be seriously durable, enabling 24/7 operation for uninterrupted coin production." The ASUS Mining P106 uses an Nvidia chip, according to the specifications page on the website. CNBC reports: Nvidia, AMD and ASUS have not officially announced the digital currency mining cards, according to their website press pages. It is not certain when the cards will be available for sale. Nvidia is likely making the cards designed for this use so that the surging digital currency demand doesn't affect its ability to serve the lucrative PC gaming market.
An anonymous reader quotes a report from Ars Technica: The Windows 10 Fall Creators Update will include EMET-like capabilities managed through a new feature called Windows Defender Exploit Guard. Microsoft's EMET, the Enhanced Mitigation Experience Toolkit, was a useful tool for hardening Windows systems. It used a range of techniques -- some built in to Windows, some part of EMET itself -- to make exploitable security flaws harder to reliably exploit. The idea being that, even if coding bugs should occur, turning those bugs into actual security issues should be made as difficult as possible. With Windows 10, however, EMET's development was essentially cancelled. But as more mitigation capabilities have been put into Windows, the need for a system for managing and controlling them has not gone away. Some of the mitigations introduce application compatibility issues -- a few even require applications to be deliberately written with the mitigation in mind -- which means that Windows does not simply turn on every mitigation for every application. It's here that Exploit Guard comes in.
Joseph Cox, reporting for Motherboard: On Tuesday, a new, worldwide ransomware outbreak took off, infecting targets in Ukraine, France, Spain, and elsewhere. The hackers hit everything from international law firms to media companies. The ransom note demands victims send bitcoin to a predefined address and contact the hacker via email to allegedly have their files decrypted. But the email company the hacker happened to use, Posteo, says it has decided to block the attacker's account, leaving victims with no obvious way to unlock their files. [...] The hacker tells victims to send $300 worth of bitcoin. But to determine who exactly has paid, the hacker also instructs people to email their bitcoin wallet ID, and their "personal installation key." This is a 60 character code made up of letters and digits generated by the malware, which is presumably unique to each infection of the ransomware. That process is not possible now, though. "Midway through today (CEST) we became aware that ransomware blackmailers are currently using a Posteo address as a means of contact," Posteo, the German email provider the hacker had an account with, wrote in a blog post. "Our anti-abuse team checked this immediately -- and blocked the account straight away.
An anonymous reader shares a report: In five years, the app economy will be worth $6.3 trillion, up from $1.3 trillion last year, according to a report released today by app measurement company App Annie. What explains the growth? More people are spending more time and -- crucially -- more money in apps. While on average people aren't downloading many more apps, App Annie expects global app usership to nearly double to 6.3 billion people in the next five years while the time spent in apps will more than double. And, it expects the average app spend -- including app-store purchases, advertising spend and, most importantly, commerce -- to increase from $379 per person to $1,008 in 2021. The 800-pound -- or $6 trillion -- gorilla in the room is mobile commerce.