Information Security

You’ll Really Want An “Undo” Button When You Accidentally Send A Ballistic Missile Warning

Hack a Day - 9 hours 17 min ago

Hawaiians started their weekend with quite a fright, waking up Saturday morning to a ballistic missile alert that turned out to be a false alarm. In between the public anger, profuse apologies from officials, and geopolitical commentary, it might be hard to find some information for the more technical-minded. For this audience, The Atlantic has compiled a brief history of infrastructure behind emergency alerts.

As a system intended to announce life-critical information when seconds count, all information on the system is prepared ahead of time for immediate delivery. As a large hodgepodge linking together multiple government IT systems, there’s no surprise it is unwieldy to use. These two aspects collided Saturday morning: there was no prepared “Sorry, false alarm” retraction message so one had to be built from scratch using specialized equipment, uploaded across systems, and broadcast 38 minutes after the initial false alarm. In the context of government bureaucracy, that was really fast and must have required hacking through red tape behind the scenes.

However, a single person’s mistake causing such chaos and requiring that much time to correct is unacceptable. This episode has already prompted a lot of questions whose answers will hopefully improve the alert system for everyone’s benefit. At the very least, a retraction is now part of the list of prepared messages. But we’ve also attracted attention of malicious hackers to this system with obvious problems in design, in implementation, and also has access to emergency broadcast channels. The system needs to be fixed before any more chaotic false alarms – either accidental or malicious – erode its credibility.

We’ve covered both the cold-war era CONELRAD and the more recent Emergency Broadcast System. We’ve also seen Dallas’ tornado siren warning system hacked. They weren’t the first, they won’t be the last.

(Image: Test launch of an unarmed Minuteman III ICBM via US Air Force.)

New Mirai botnet species 'Okiru' hunts for ARC-based kit

The Register - 9 hours 21 min ago
Researchers: Code designed to hit Linux devices

A new variant of the notorious Mirai malware is exploiting kit with ARC processors.…

Amount of pixels needed to make VR less crap may set your PC on fire

The Register - 10 hours 15 min ago
Wow, this is incredib- BLEEUUURGHGHGH

Put on a virtual reality headset and it's hard to believe that your visual system is being stretched beyond its limit. Individual pixels are still visible and the narrow field of view makes it feel like you're wearing ski googles.…

Causes of software development woes

The Register - 10 hours 51 min ago
Reg readers point the finger at ambiguous requirements

Research "Agile development" can mean different things to different people. To some it's about easing up on traditional rigour, and even legitimising a quick-and-dirty approach to getting stuff out of the door. To others it's about implementing a different kind of rigour, in order to bust project backlogs in a more robust manner, and generally keep up with constantly changing business demands.…

Hey Europe, your apathetic IT spending is ruining it for everyone

The Register - 11 hours 22 min ago
Gartner predicts buyers ready to splash 4.5% more cash globally in 2018

Listless IT spend in Europe is dragging down the pace of global recovery, according to the latest prediction from entrail-prodders Gartner.…

Capita military recruiting system has 'glitches' admits minister

The Register - 11 hours 48 min ago
DRS still letting the armed forces down big-time

A defence minister has told Parliament that Capita’s pisspoor Defence Recruiting System (DRS) has “glitches”, following reports from The Register giving a glimpse inside the shambolic system.…

The few main reasons why Snapchat is still laggy on Android

Android - 11 hours 51 min ago

Recently with the newer updates, and after updating my Xperia XZ to Oreo, the application started to lag again, curious I went to check which API does the application even target and I was shooked when i realised that it still targets lollipop

This means that it still sticks to the screenshot model and it is still not optimised to newer android versions, with Lollipop being released over 4 years ago, this shows precisely why the application has so many errors with so many phones.

Secondly, it is the way the application uses the KeyFrame layouts in a weird way which over exerts the GPU as the drawings are done ineffiencently(you may go figure it out yourself how this occurs) and hence, this is the lag that you see when you open the application trying to get to other Views.

Lastly, it is the way that it manages the data from its servers, if you realise, it downloads all the images only when you open the application, this causes a significant lag when you open it, as the processors are used to download the images/videos from your friends.

Hence, all these 3 things combine to give an awful SnapChatting experience, which I hope they would fix with the new SnapChat application they are making form scratch for Android.

submitted by /u/CarbonoAtom
[link] [comments]

New Part Day: MEMS Loudspeakers

Hack a Day - 12 hours 17 min ago

MEMS, or Micro ElectroMechanical Systems, are the enabling technology that brings us smartphones, quadcopters, tire pressure monitors, and a million other devices we take for granted today. At its most basic level, MEMS is simply machining away silicon wafers to make not electronic parts, but electromechanical parts. The microphone in your cell phone isn’t an electret mic you would find in an old brick phone from the 80s — it’s a carefully crafted bit of silicon, packed in epoxy, and hanging off a serial bus.

Despite the incredible success of MEMS technology, there is still something in your smartphone that’s built on 19th-century technology. Loudspeakers haven’t changed ever, and the speaker in your newest iThing is still a coil of wire and some sort of cone.

Now there’s finally a MEMS loudspeaker A company called USound has developed the first loudspeaker that isn’t just a bunch of wire and a magnet. This is a speaker built from a silicon wafer that can be as small as 3 mm square, and as thin as 1 mm. Since these speakers are built on silicon, you can also add an amp right onto the package. This is quite literally a speaker on a chip, and we’d bet that there are already engineers at Samsung looking at stuffing this into a flagship phone.

ST and USound announced these extraordinarily small speakers would actually be made, but so far it’s been just that — an announcement. This changed at CES where ST demonstrated VR goggles with multiple MEMS speakers. Does this mean MEMS speakers are on their way to Mouser and Digikey? We eagerly await the product announcement and demo dev board kit.

Veeam buys AWS EC2 instance backup and recovery biz

The Register - 12 hours 20 min ago
Swallows N2WS so it can stick oar deeper in Amazon cloud

Veeam has announced the acquisition of N2WS, an IaaS startup, whose board includes Veeam co-founder and President Ratmir Timashev, for $42.5mn cash.…

Is it possible to upgrade the privileges of a running process?

Say I have a process such as vi /etc/passwd which is not writable initially because I started with out root access. Is it possible to give more privileges to the running process (rather than restart it with sudo)?

Ideally, I want to upgrade the privileges for a limited time. But I would be happy if I can restrict the privileges during the startup and then allow the full privileges.

submitted by /u/blufox
[link] [comments]

ServiceNow unleashes its 'Kingston' release

The Register - 13 hours 13 min ago
Company's journey from the heart of IT to the rest of the business continues

ServiceNow has slipped into 2018 by slipping out a new release of its platform.…

Possible to setup fake power off using Tasker?

Hi, I was wondering whether I could setup a fake power off action using tasker for anti theft reasons. It would basically work like this --> If the power button is long pressed & phone state is unlocked, the regular power menu shows up. But if the power button is long pressed & phone state is locked, a custom power menu shows up(system action blocked), made using Autotools. Pressing on power Off on the custom power menu shows a fake animation screen which says "Powering down" & then turns Off the screen. Then the power button is blocked(so that the screen can't be turned On), either for a short amount of time or is unblocked with some other trigger (like pressing the power button 4 times in a row). I tried using AutoInput to set a trigger when the power button is long pressed, but it didn't work. It seems the power button is protected unlike other physical buttons. How would one go about doing this? I have xposed installed, but would prefer a root only solution.

P.S. I know Cerberus has this feature, but I don't want to pay for a subscription just for this.

submitted by /u/downloaderfan
[link] [comments]

Airbus warns it could quit A380 production

The Register - 14 hours 20 min ago
Needs to make six to eight a year, predicts it can get back to 25 a year once airlines wake up

Airbus has reported its most prolific year to date in terms of deliveries, but also warned that it needs a new buyer of its flagship A380 if it is to continue production.…

Drone perves defeated by tinfoil houses

The Register - 15 hours 15 min ago
Boffins figure out when drones are watching, without decrypting the video stream

If a drone-creeper is snooping on you, you could catch them by grabbing the video stream – but what if it's encrypted?…