Boeing wanted to wait three years to fix safety alert on 737 Max

Found on LA Times on Wednesday, 12 June 2019
Browse Various

The company acknowledged that it originally planned to fix a cockpit warning light in 2020 after two key U.S. lawmakers disclosed the company's timetable Friday.

Last month, acting FAA Administrator Daniel Elwell told DeFazio's and Larsen's committee that he wasn't happy Boeing waited 13 months to tell the agency about the problem.

“We will make sure that software anomalies are reported more quickly,” he said.

There are 346 reasons why faster reports would have been a great idea right from the start.

Steven Spielberg Writing Horror Series for Quibi That You Can Only Watch at Night

Found on Variety on Tuesday, 11 June 2019
Browse Various

Spielberg had an unusual request however: He wanted viewers to only be able to watch the program after midnight. Given that phones can track where it is at the moment — and keep tabs on when the sun rises and sets in its area — Katzenberg and Whitman challenged their engineers to come up with an idea for how to view the show when it’s spooky out.

The result: A clock will appear on phones, ticking down until sun sets in wherever that user is, until it’s completely gone. Then the clock starts ticking again to when the sun comes back up — and the show will disappear until the next night.

This might be a good reason for quite a few people to take a look at releases on the usual well-known websites.

More Trouble for Huawei: No More Facebook on New Phones

Found on Wired on Sunday, 09 June 2019
Browse Various

Facebook will reportedly no longer allow the Chinese telecom giant to preinstall Facebook, WhatsApp, and Instagram apps on its devices.

Facebook's decision is the latest fallout from the US government's decision last month to add Huawei to a list of companies that, due to national security concerns, must get permission to buy US-made technology, including software.

That sounds more like a unique selling point instead of trouble.

Who left a database of emails, credit cards, plain-text passwords, and more open to the web this week?

Found on The Register on Friday, 07 June 2019
Browse Various

IT gear distributor Tech Data is the latest company to expose an insecure database, jam packed with personal and sensitive information, to the public internet for anyone to rifle through.

Within that database, we're told, was a 264GB cache of information including emails, payment and credit card details, and unencrypted usernames and passwords. Pretty much everything you need to ruin someone's day (or year).

In addition to the login credentials and card information, the researchers said they were able to find private API keys and logs in the database, as well as customer profiles that included full names, job titles, phone numbers, and email and postal addresses.

CC details and plaintext passwords, really now? Haven't any of the similar "accidents" taught the big companies that such information has to be handled in a better way?

Zuckerberg classmate launches attack in front of MPs

Found on CNet News on Tuesday, 04 June 2019
Browse Various

Mr Greenspan told MPs he had developed a portal for students, to unite various campuses at Harvard, called houseSYSTEM but also referred to as The Facebook, in 2003.

Damian Collins, who chairs the committee, has frequently called on Mr Zuckerberg to come to Parliament to answer questions about how Facebook operates - but he has refused.

To the sub-committee, he described Facebook as a "black box", claiming advertisers were "in the dark" about how effective their campaigns on the platform were and how many real users they were actually reaching.

It's good to see that Facebook is steadily going downhill. People start to realize hat it is nothing but a nightmare; and younger users are not even bothering anymore with it.

Quest Diagnostics Says Up to 12 Million Patients May Have Had Personal Information Breached

Found on NBC New York on Tuesday, 04 June 2019
Browse Various

"(The) information on AMCA’s affected system included financial information (e.g., credit card numbers and bank account information), medical information and other personal information (e.g., Social Security Numbers)," Quest said in the filing.

"Quest Diagnostics takes this matter very seriously and is committed to the privacy and security of patients’ personal, medical and financial information," the company added in the filing.

As long as companies will continue to store vast amounts of this data, it will leak; and with every leak, it will get less and less interesting, until nobody cares anymore.

DigitalOcean drowned my startup! 'We lost everything, our servers, and one year of database backups' says biz boss

Found on The Register on Saturday, 01 June 2019
Browse Various

Beauvais, in a series of Twitter posts, describes sending multiple emails and Twitter direct messages to DigitalOcean and regaining access after 12 hours of downtime.

"We lost everything, our servers, and more importantly one year of database backups," Beauvais lamented. "We now have to explain to our clients, Fortune 500 companies why we can’t restore their account."

DigitalOcean has promised a public postmortem once it completes an investigation of the incident.

In the past, you made off-shore backups to a different DC, owned by a different provider. In case your company was important enough to do business with Fortune 500 companies, you had hot-standby systems ready for the worst case. That allowed you to switch in case of problems, and it kept all your business critical data accessible.
Today, you throw all these safety steps away and jus cry on Twitter when things blow up. Now let's sit back and wait for the next social media ruckus when Digital Ocean will not shut down a real malicious scipt.

Malware-ridden laptop artwork sold for $1.3m

Found on BBC News on Wednesday, 29 May 2019
Browse Various

The artwork titled The Persistence of Chaos was a joint project between artist Guo O Dong and cyber-security company Deep Instinct.

Because the sale of malware is restricted in the US, whoever purchases the laptop will receive it only once its ports and internet capabilities have been "functionally disabled", according to the auction web page.

Artwork. Really? It's already ridiculous what's called art these days, but this takes it to another level.

In Baltimore and Beyond, a Stolen N.S.A. Tool Wreaks Havoc

Found on New York Times on Monday, 27 May 2019
Browse Various

For nearly three weeks, Baltimore has struggled with a cyberattack by digital extortionists that has frozen thousands of computers, shut down email and disrupted real estate sales, water bills, health alerts and many other services.

The N.S.A. connection to the attacks on American cities has not been previously reported, in part because the agency has refused to discuss or even acknowledge the loss of its cyberweapon, dumped online in April 2017 by a still-unidentified group calling itself the Shadow Brokers.

That is a real life example for all those who think that governments should be allowed to hack systems and create their own secret tools. Or that backdoored encryption keys will never leak.

Account Hijacking Forum OGusers Hacked

Found on Krebs on Security on Monday, 20 May 2019
Browse Various

The database, a copy of which was obtained by KrebsOnSecurity, appears to hold the usernames, email addresses, hashed passwords, private messages and IP address at the time of registration for approximately 113,000 users (although many of these nicknames are likely the same people using different aliases).

Several threads on OGusers quickly were filled with responses from anxious users concerned about being exposed by the breach. Some complained they were already receiving phishing emails targeting their OGusers accounts and email addresses.

Federal and state law enforcement investigators going after SIM swappers are likely to have a field day with this database, and my guess is this leak will fuel even more arrests and charges for those involved.

Sweet karma. Now those who make money from victims are on the receiving end.