Who, Me? Welcome back once again, dear reader, to the untidy corner of The Reg we call Who Me? in which readers' confessions are filed in the dusty shadows until rediscovered. At the top of the creaking pile of submissions this week we found a reader we'll Regomize as "Jock" who leaned way back on his rocking chair to recount for us a story of his younger years – in the 1960s. Yes, this tale comes from the era of free love, psychedelia, and banking certificates printed on gigantic tractor-fed dot-matrix printers that could only use perforated paper. Jock worked in a bank, so on the spectrum of the cultural revolution he was more at the heavy stock end than Woodstock. Aged 16 and keen to impress, Jock was helping the Ledgers clerk clear her desk before the Christmas break. Said clerk had to print out hundreds of end-of-year share certificates, which were delivered as "stacks of perforated, folded computer paper." Jock's role in the procedure should have been to separate the certificates and then place each in the appropriate customer files. Unfortunately, Jock tells us, the Ledgers clerk "forgot I was new and would have no idea what she meant when she told me to 'tear up the dividend certificates'." Shag pile PC earned techies a carpeting from HR Dear Stupid, I write with news I did not check the content of the [Name] field before sending this letter Sysadmin infected bank with 'alien virus' that sucked CPUs dry Mixing an invisible laser and a fire alarm made for a disastrous demo Let us now imagine the youthful zeal and enthusiasm Jock brought to this task. "I ripped each one into about 16 pieces before placing them in the trash," he told Who, Me. Next, he "carefully and conscientiously mixed them with lots of our other branch paper waste." Such a thorough job! When he finished, he proudly informed the clerk that no-one would ever be able to put them back together. But, dear reader, it seems he was mistaken about that. Not only could someone put them back together, someone had to. Guess who? Of course it was not only Jock. Bank rules required every single certificate to be completely reassembled and taped back tog
(read more)
The WINE Project has reached version 8.0 and DXVK version 2.1 of its Vulkan-based DirectX translation layer. If you'd give Linux a go except for one or two pesky but necessary apps, it's worth a try. Just over a year ago, we covered the release of WINE 7.0 and it's been working smoothly for us ever since. Now WINE 8.0 is here, and The Reg FOSS desk's trusty Ubuntu machine upgraded itself without even asking – and it still works just fine. Like Linux itself, WINE has matured rather nicely in recent years, and the result is that things are getting boring – in the good way. You just install it, which is generally little hassle, and then it just works and keeps just working. A random Windows app – Ability Office 11, in this case – working smoothly on Ubuntu 22.04 thanks to WINE 8 As a result, there are relatively few big-bang features in the release notes. All of WINE can now be built as Windows-style "Portable Executables" rather than the native Linux format of ELF executables.
(read more)
FOSDEM The Document Foundation has released LibreOffice 7.5 with a host of improvements. Windows and Mac users can just download it, and for Linux types the new version is already up on Flathub. LibreOffice, formerly known as OpenOffice, and before that StarOffice, is the go-to FOSS office suite, but there's always room for improvement. This version is a bit prettier than before, with new, much more colorful icons for both the individual modules and their respective documents. We liked this – frankly they were verging on drab before. There's also improved dark mode support. As before, there's a choice of UIs: you can have old-style menus and toolbars, or a single context-sensitive toolbar, or a tabbed toolbar (which is to say, a ribbon), if you like that sort of thing, which can be full-size, compact, or moved to a sidebar – especially useful on widescreens. This puts LibreOffice ahead of rivals such as OnlyOffice, WPS Office, and of course Microsoft Office, all of which give you just the ribbon-type UI whether you like it or not. The new version's more colorful icons contrast clearly against the plainer ones of LibreOffice 7.4 The apps also have built-in themes for UI elements such as toolbar buttons, which is somewhat more elegant than other approaches, such as the old Ubuntu one of installing a separate distro packages to reskin the suite. While it will take a little while for stable-release distros to catch up – which apparently includes the Ubuntu Snap store – we were pleased to see version 7.5.3 on Flathub on the day of release. We added Flatpak and installed this new version on Ubuntu 22.04, which worked smoothly alongside the bundled version. The only glitch we saw was that initially all the toolbar buttons were blank, but switching the icon theme to "Sifr" resolved this – instantly, without even a restart. This version has improved support for non-English languages in several areas, including better spell-checking and suggestions, and improved font handling for non-Roman alphabets. It ships with support for 120 different languages and work is in progress for another 38 on top of that, meaning that it supports the first language of about two-thirds of the people on Earth and the second language of another two and a half billion. We suspect that's significantly more people than have access to computers. This current version supports back to Windows 7 SP1 and Apple macOS 10.14, and there is also a stable business version, now on 7.4.5. There's improved support for screen-readers, so you can now read bookmarks in documents aloud, search for spreadsheet functions by description as well as by name, check documents for accessibility and more. We also found that keyboard navigation of the menus worked perfectly, which has occasionally been a problem in the past. If you prefer fewer on-screen fripperies, not only is there a full-screen mode, but all toolbars, rulers and scrollbars can be turned off, leaving a totally uncluttered window. We chose to leave the status bar on, partly for its handy live word count. Document Foundation starts charging €8.99 for 'free' LibreOffice LibreOffice improves Microsoft compatibility with version 7.4 Open source 'Office' options keep Microsoft running faster than ever Experimental WebAssembly port of LibreOffice released Other tweaked areas include PDF generation, font embedding on macOS, new content controls. Its support for other suites' files mean that it's worth having LibreOffice installed, even if you primarily use a different office suite. LibreOffice is not only pretty good at importing MS Office documents, but it's significantly better at recovering damaged or corrupted MS Office files than Microsoft's own suite. If you prefer an MS Office-like, ribbon-style UI, it's just a couple of clicks away We generally find it more robust than Microsoft's Office 365: while a few years ago we could reliably crash Excel by pasting in a non-rectangular section of a table, LibreOffice Calc handled that without a twitch. It can also generate PDF files for you, even if the underlying OS can't do that. For instance, it can import additional file formats that some proprietary suites can't, then save them out into modern versions. If you didn't install some optional components of a proprietary suite – say, file conversion filters – and long ago lost the media so you can't do it now, LibreOffice can save your, er, breakfast food of personal choice. This article was written in the app on the day of release and it didn't miss a beat. Windows and macOS users can grab the new release from LibreOffice.org, and users of rolling-release Linux distros will almost certainly get it with the next release. If you're impatient and your distro has a bundled version, we suggest a containerized version that you can run alongside the natively packaged version. We're sure that the Snap store will have it very soon, and as mentioned earlier, Flathub already does. Bootnote A mention for anyone still using OpenOffice: it's time to move over. This is the same codebase, but modernized and cleaned up. It's smaller, faster, and more stable, and backwards-compatibility is pretty much perfect. OpenOffice still has better brand recognition, but it's now far behind and will never catch up. You can install both side-by-side, and once happy, remove the older suite safely. If you know anyone still on OpenOffice, do them a favor and help them move across. ®
(read more)
The UK government has come under further fire for dragging its feet on a national semiconductor strategy while other industrialized nations push ahead with investment in their own high-tech sectors. A committee of MPs within the House of Commons has reiterated its call for a semiconductor strategy to be published urgently in order to safeguard the local tech industry, expressing disappointment with the government's response to its earlier report on the state of the industry. The earlier report, "The semiconductor industry in the UK," was published at the end of November last year by MPs on the Business, Energy and Industrial Strategy Committee. As detailed by The Register at the time, it laid out how the UK industry has strengths in some areas but does not have a complete end-to-end supply chain and is vulnerable to any future disruption in global supplies. It contained key recommendations including better cooperation with allies to safeguard supplies and to secure inward investment. The committee today indicated it was dismayed that its recommendations had not been fully addressed, and called for a full response to its report whenever an official strategy - due months ago - is finally published. "It's a poor excuse for the government to hide behind its failure to publish a semiconductor strategy for not responding to our practical recommendations fully," said committee chair Darren Jones, who is Labour MP for Bristol North West. Countries across the globe have grasped the importance of securing semiconductor supply chains for their futures, he said, yet "while others race ahead, ploughing billions into setting up fabs or industry support, we're not even at the starting line." Further delay would be an act of national self-harm, he added. In its response to the earlier report in November, the government said it agreed fully on the importance of the semiconductor industry, and there was a need for "timely, coherent and decisive action to be taken across the market." The government claimed it was already in initial talks with "like-minded nations on the future of the global semiconductor market," including the US, Japan, an
(read more)
Microsoft will officially kill its legacy free Teams app for business, Teams Free (classic), on April 12, with all chats, files and other data lost unless you switch to a paid version. News of the premium push on Microsoft's productivity app was covered by The Reg in January, but we're told some sysadmins on the free plan are only now waking up to the fact that they'll either have to convince corporate to switch to a paid plan or manually migrate all of their company's Teams data. Microsoft has presented two paid options for moving off Teams Free (classic). The first is to shift to Microsoft
(read more)
File the decision to withdraw free access to its API under "Twitter doing dumb things" because owner Elon Musk has partially walked back on it mere days later. Last month, third-party Twitter clients suddenly stopped functioning without explanation. This caused the death of numerous projects, including the popular Twitterific app, and bot accounts ceased activity too. Twitter later pasted a bunch of new rules into its Developer Agreement as justification. Last week, the Twitter Dev account announced: "Starting February 9, we will no longer support free access to the Twitter API, both v2 and v
(read more)
Google's Chromium developers have begun work on an experimental web browser for Apple's iOS using the search giant's Blink engine. That's unexpected because the current version of Chrome for iOS uses Apple's WebKit rendering engine under the hood. Apple requires every iOS browser to use WebKit and its iOS App Store Review Guidelines state, "Apps that browse the web must use the appropriate WebKit framework and WebKit Javascript." So Google's project, a content_shell iOS port, would not be allowed on iOS if it were turned into a release-ready browser. Yet, Google, for some reason, is pursuing this. Apple's rules have been a sore point among competitors and the web development community for years. Critics have argued that Apple's browser restrictions – which turn every iOS browser into a Safari clone, more or less – make web applications less capable and less attractive. That steers developers toward writing native platform apps for iOS, over which Apple has gatekeeping and monetary powers. Over the past two years, however, Apple's platform autarchy has become more fragile as legal and regulatory challenges have proliferated. The latest questioning of Apple's authority came from the US National Telecommunications and Information Administration (NTIA), which has just issued a report calling for changes to the mobile app ecosystem to promote competition. The NTIA report echoes concerns raised by other regulators like the UK Competition and Markets Authority, and competition authorities in Australia and Japan. What's more, the European Digital Markets Act, which comes into effect next year, is expected to force Apple to allow third-party app stores and perhaps to alter its WebKit requirement. US government calls foul on Apple and Google over walled gardens for apps Chrome bug bedevils file storage in the cloud Apple sued for promising privacy, failing at it Apple preps for 'third-party iOS app stores' in Europe Google presumably is aware of the possibility of pending changes but the company insists there's nothing to see here. The creator of the bug report describing the project explained, "This experimental application will be used to measure graphics and input latencies by providing traces for analysis," adding that the content_shell application is "experimental only, not a launch bug for a shippable product."
(read more)
A New York man who developed several stalkerware apps has been ordered to pay $410,000 in civil fines to settle a court case against him, and must modify the apps to let people know they are being monitored. The NY Attorney General's Office this month announced the agreement with Patrick Hinchy, who sold the apps through more than a dozen companies in New York and Florida. AG Letitia James' office said Hinchy's stalkerware let users secretly monitor the activity of other people's devices, including text messages, location, Gmail activity, messages in WhatsApp and Skype, call logs, and social media activity. Hinchy set up at least 16 companies to promote his apps. All told buyers that the apps were legal, but the software didn't notify those whose devices were being monitored that the stalkerware was running and reporting on their activities, breaking state and federal laws, according to James. As part of the agreement [PDF], the apps must be modified to alert people when their device is being monitored by the software. In addition, Hinchy and the companies – which used names including Data, DDI Data Solutions, Highster Data Services, and PhoneSpector – also misrepresented their refund and data security policies, didn't tell buyers that the apps could harm the devices they were installed on, and published fake reviews on sham sites created by Hinchy. Stalkerware proliferates "Snooping on a partner and tracking their cell phone without their knowledge isn't just a sign of an unhealthy relationship, it is against the law," James said in a statement. "These apps and products put New Yorkers at risk of stalking and domestic abuse." The Coalition Against Stalkerware, which launched in 2019, said such software is part of a larger problem of people using software to track others. In the US, one in four victims of stalking said technology played a role in the harassment they experienced and 21 percent of victims in France said their harassers used stalkerware. Between 2017 and 2020, NortonLifeLock identified more than 1,000 apps that could enable users to stalk people and that it was detecting about 1,250 infected mobile devices a month. The US Federal Trade Commission (FTC) in 2021 banned SpyFone and its CEO from the surveillance business. "The majority of affected users do not even know this type of software exists," Kaspersky wrote in a 2020 report. "This means they cannot protect themselves, online or offline, especially as the perpetrator using stalkerware usually knows their victim personally." Remote activation Hinchy has slung stalkerware since 2011, offering software that could enable users to monitor the activity of others' iOS or Android device, according to the settlement. Once on the victim's device, the apps copy information from the device and send it to a server, where it could be viewed by the app buyer. Some of the apps enabled the buyer to remotely activate the camera or microphone on the device, allowing them to photograph or listen to the victim. Hinchy's code also works to remove evidence of its presence by hiding the app's icon, or unlocking a device. In addition, some apps didn't eve
(read more)
The reasons businesses and consumers like contactless payment transactions – high security and speed – are what make those systems bad for cybercriminals. If miscreants want to get back to stealing data and committing fraud, they need to find a way to force transactions away from tap-to-pay systems like Apple Pay and Google Pay and get people putting their credit cards back into the point-of-sale (POS) PIN devices. According to Kaspersky researchers, that's what the Brazilian operators behind the Prilex POS malware have done. Kaspersky discovered two new Prilex variants in early 2022 and found a third in November that can target NFC-enabled credit cards and block contactless transactions, forcing payers over to the less-secure PIN machines. "The goal here is to force the victim to use their physical card by inserting it into the PIN pad reader, so the malware will be able to capture the data coming from the transaction," the researchers write in a report published this week. The malware's new capabilities build on those that already make Prelix the most advanced POS threat, they add. It has a unique cryptographic scheme and can patch target software in real time, force protocol downgrades, run GHOST transactions, and run credit card fraud, including on the most sophisticated CHIP and PIN technologies. Once the buyer puts the credit card into the PIN machine, all those techniques can go into action. Prelix started off in 2014 targeting ATMs and within a couple of year brought POS systems into the mix. Yet contactless payments made stealing data from victims much more difficult and the adoption of the tool accelerated during the pandemic, when people became more wary of handling cash. The tap-to-pay system activates the card's RFID chip, which sends a unique ID number and transaction to the terminal, neither of which can be used again. There is nothing for a cybercriminal to steal. "Contactless credit cards offer a convenient and secure way to make payments without the need to physically insert or swipe the card," the researchers wrote. "But what happens if a threat can disable these payments in the EFT [electronic fund transfer] running in the computer and force you to insert the card in the PINpad reader?" Doing a deeper dive into the last of the three Prilex variants found, the researchers said the malware includes a rule-based file that determines whether to capture credit card information that also includes an option to block NFC-based transactions. Payment terminal malware steals $3.3m worth of credit card numbers – so far UK arrests five for selling 'dodgy' point of sale software GPT-4 could pop up in Bing, as Google races to build chatbot search products The wages of sin aren't that great if you're a developer choosing the dark side When Prilex detects and blocks a contactless transaction, the EFT software will have the PIN system show an error message that reads "Contactless error, insert your card." It also can filter credit cards by segment and create different rules for each segment. "For example, these rules can block NFC and capture card data only if the card is a Bla
(read more)
Qualcomm reported a 12 percent year-on-year slide in revenue for the first quarter of its fiscal 2023 amid weakening global demand in the smartphone market. The telecoms chipmaker generated $9.46 billion worth of sales for the quarter ended December 25 2022, down from $10.7 billion a year ago. Its net income was $2.23 billion, a reduction of 34 percent. Qualcomm shares were down 3 percent after an extended trading session following the results. However, it wasn't all bad - for company execs and investors - thanks to continued growth in Qualcomm's automotive and IoT business sectors, according to president and CEO Cristiano Amon. "In the current quarter, combined
(read more)
Generative AI models can memorize images from their training data, possibly allowing users to extract private copyrighted data, according to research. Tools like DALL-E, Stable Diffusion, and Midjour
(read more)
Mozilla is planning for the day when Apple will no longer require its competitors to use the WebKit browser engine in iOS. Mozilla conducted similar experiments that never went anywhere years ago but in October 2022 posted an issue in the GitHub repository housing the code for the iOS version of Firefox that includes a reference to GeckoView, a wrapper for Firefox's Gecko rendering engine. Under the current Apple App Store Guidelines, iOS browser apps must use WebKit. So a Firefox build incorporating Gecko rather than WebKit currently cannot be distributed through the iOS App Store. As we reported last week, Mozilla is not alone in anticipating an iOS App Store regime that tolerates
(read more)
Elon Musk and Tesla have been found not liable by a jury in a securities fraud trial in which the billionaire and his automaker were accused of misleading investors. The verdict came on late Friday a
(read more)
The UK government has set up a delivery body tasked with building a prototype fusion energy plant to be sited at West Burton in Nottinghamshire. Announced today by the Department for Business, Energy and Industrial Strategy (BEIS), the newly established UK Industrial Fusion Solutions Ltd (UKIFS) will have responsibility for delivering the prototype nuclear fusion facility, known as the Spherical Tokamak for Energy Production (STEP). The STEP project, which was first revealed just over a year ago, is expected to have completed construction by 2040, so don't hold your breath for the "near limitless, low-carbon energy" the program promises to deliver as part of a path to net-zero carbon dioxide emissions and driving economic growth across the UK. Nevertheless, the government is enthusiastic about the project, stating that the program is intended to pave the way for the commercialization of fusion and the potential development of a fleet of future plants around the world, which could "drive forward the UK's global leadership in this innovative sector." The site, at the West Burton power station in Nottinghamshire, was announced last October after being whittled down from an initial list of 15 prospective locations. The government is supposed to be providing £220 million ($264 million) in funding for the first phase of STEP, which will involve the UK Atomic Energy Authority (UKAEA) producing a concept design by 2024, as we reported at the time. On a visit to the site, Science Minister George Freeman urged energy companies and investors to recognize the advantages fusion energy could have for both the UK and the wider world. "Fusion energy now has the potential to transform our world for the better by harnessing the same process powering the sun to provide cheap, abundant, low-carbon energy across the world," he said in a statement. Claiming the UK as a world leader in fusion science and technology, Freeman said the program aims to turn fusion from cutting edge science into a "billion-pound clean energy industry" that could potentially create thousands of UK jobs across the UK and grow exports, as well as lead to regeneration
(read more)
Apple has reported its first decline in revenues since 2019 as sales of Macs and iPhones both slowed – the latter in the wake of a shutdown at iPhone City, Foxconn's factory in China, late last year. For the quarter ended on December 31, Apple's Q1 of its fiscal 2024, it posted revenue of $117.2 billion, down 5 percent year-over-year. Net income was $29.998 billion, a 13.4 percent drop. We are sure every reader here will shed a tear to hear that this was a disappointment to Wall Street, which expected $122 billion in sales and $31 billion in profit. The company was keen to talk up its bright spot – Services, where iTunes lives – at $20.77 billion, up 6.4 percent year-over-year. CFO Luca Maestri said the company "saw very good results in our cloud services business in payment services. Music was very strong." It's not like Apple didn't know this was coming. Maestri predicted a slowdown in the October earnings call for Q4 2022. And so it came to pass: Mac revenue took a "significant" hit in 2023's first quarter. Mac topline for the Christmas quarter was $7.7 billion, down from $10.9 billion a year earlier. ‌ When asked about Mac shipments relative to the rest of the PC industry as a whole on last night's call, CEO Tim Cook opined: "The industry
(read more)
An encrypted messaging service that has been on law enforcement's radar since a 2019 raid on an old NATO bunker has been shut down after a sweeping series of raids across Europe last week.  In a search of 79 properties in German, The Netherlands, Belgium and Poland last Friday, Authorities in those four countries arrested 48 people who were users, operators and administrators of the Exclu crypto communications service.  Exclu, which still has an operational website that appears to still accept payments of €500 ($537/£446) or €900 ($966/£804) for three and six month licenses, respectively, was used extensively by organized criminals and drug gangs, Dutch police said. Exclu made it possible to exchange messages, photos, notes and other communications with users, of which Dutch police said there were around 3,000 prior to the service's seizure, 750 of whom were Dutch speakers. Exclu claims on its website that it's end-to-end encrypted, offers remote device wiping capabilities, and other security features.  "The Exclu service has been dismantled," said the Dutch police and Public Prosecution Service. "At the moment, no one can use Exclu's services anymore."  Interpol seeks Do Kwon, man blamed for $40b crypto implosion EU, US agree on Privacy Shield enhancements Euro Parliament backs ban on cops using blanket facial-recognition surveillance Euro police forces infiltrated encrypted phone biz – and now 'criminal' EncroChat users are being rounded up Along with ending Exclu's use as a haven for criminals, Dutch law enforcement said it and counterparts in Belgium seized two drug labs, several kilos of narcotics, more than €4 million in cash, "various luxury goods and several firearms."  Dutch authorities said legitimate users of Exclu who can invoke legal privilege (e.g. lawyers, civil-law notaries, doctors or clergy) can contact police to have their data deleted, pending a look to make sure it doesn't contain any illegal information.  CB3ROB raid continues to pay dividends Much of the arrest of Exclu's leadership appears to have happened outside of Germany, but it was German authorities that the rest of Europe has to t
(read more)
Microsoft wants everyone to know that it isn't looking to invade their privacy while looking through their Windows PCs to find out-of-date versions of Office software. In its KB5021751 update last month, Microsoft included a plan to scan Windows systems to smoke out those Office versions that are no longer supported or nearing the end of support. Those include Office 2007 (which saw support end in 2017) and Office 2010 (in 2020) and the 2013 build (this coming April). The company stressed that it would run only one time and would not install anything on the user's Windows system, adding that the file for the update is scanned to ensure it's not infected by malware and is stored on highly secure servers to prevent unauthorized changes to it. The update caused some discussion among users, at least enough to convince Microsoft to make another pitch that it is respecting user privacy and won't access private data despite scanning their systems. The update collects diagnostic and performance data so that it can determine the use of various versions of Office and how to best support and service them, the software maker wrote in an expanded note this week. The update will silently run once to collect the data and no files are left on the user's systems once the scan is completed. Microsoft sweeps up after breaking .NET with December security updates Microsoft Office 365 Cloud has a secret lining Microsoft closes another door to attackers by blocking Excel XLL files from the internet Microsoft is checking everyone's bags for unsupported Office installs "This data is gathered from registry entries and APIs," it wrote. "The update does not gather licensing details, customer content, or data about non-Microsoft products. Microsoft values, protects, and defends privacy." Microsoft then gives a link to the company's privacy page for further reading. The more detailed explanation tries to address some of the shortcomings of the original update notice that we detailed, including how it will gather the information regarding the Office versions being run, any other system information being collected via the update, and if anything is left behi
(read more)
Chinese web giant Baidu, which has “AI” in its name and has made AI the focus of its hyperscale cloud, has revealed it will launch a generative AI chatbot later this year. Chinese media reported the launch and Baidu confirmed it to The Register. “The company plans to complete internal testing in March before making the chatbot available to the public,” a Baidu spokesperson wrote. The bot will be named “Wenxin Yiyan文心一言” or "ERNIE Bot" in English. The spokesperson added that the bots are based on the Enhanced Representation through Knowledge Integration (Ernie) model first proposed in 2019. We were told Ernie “expands into a series of advanced big models that can perform a wide range of tasks, including language understanding, language gen
(read more)
India’s Ministry of Electronics and Information Technology (MeitY) has commenced the process to ban and block 138 betting apps and 94 loan lending apps with Chinese links, but has drawn criticism for a lack of transparency and the inclusion of several non-Chinese platforms. The ban has reportedly been executed on behalf of the Ministry of Home Affairs (MHA) after app operators granted substantially large loans and then engaged in extortion, harassment, and other nasty measures to achieve repayment at annual interest rates up to 3,000 percent. The Indian government began investigating lending apps last year and also issued an advisory in October 2022 against betting and gambling platforms. The Reserve Bank of India attempted [PDF] to further regulate the industry in August 2022 by issuin
(read more)
Unable to get the power it needs to feed its growing datacenter footprint, Amazon plans to transition some of its Oregon datacenters over to natural gas fuel cells. First reported by local media, Amazon's initial plan would involve installing just shy of 75 megawatts of fuel cell capacity across three datacenters with the option to expand that to four additional sites in the future. Fuel cells extract electricity from a fuel like natural gas or hydrogen without the need for combustion. With hydrogen, the only byproducts of this reaction are electricity and water vapor, but with natural gas, CO2 — a potent greenhouse gas — is still produced. The ability to produce power without combustion has made hydrogen fuel cells a popular source of power in spacecraft and other advanced power-tech systems but more recently datacenters have adopted this tech as an alternative to diesel backup generators in the event of an outage. For Amazon, these natural gas fuel cells will be used as the primary energy supply, delivering 24.3 megawatts of power to each of the three datacenter sites. "We are investing in fuel cells as a way to power a small number of our operat
(read more)
UK regulators are investigating a cyberattack against financial technology firm ION, while the LockBit ransomware gang has threatened to publish the stolen data on February 4 if the software provider
(read more)
Microsoft is continuing to change how diagnostic data from Windows devices is processed and controlled to keep its place in the European market amid stringent privacy and security regulations. IT administrators enrolling devices in the Windows diagnostic data processor configuration option had been able to use a range of policies for each system, such as allowing for a commercial data pipeline and for desktop analytics processing. As part of a larger effort announced in May 2021 to enable European entities to process and store their data in Europe, the software giant is ending the use of policies to configure the processor option and instead is offering a configuration for an entire organization based on Azure Active Directory to set Microsoft's role in processing data. "We're making this change to help ensure the diagnostic data for all devices in an organization is processed in a consistent way, and in the same geographic region," the company wrote. Two years ago, Brad Smith, Microsoft's vice chair and president, said that the company would ensure European companies using its cloud services – not only Azure, but also Microsoft 365 and Dynamics 365 – could keep all their data within European Union borders. The diagnostic data change started in Windows preview builds and is now reaching latest versions of the operating systems. In 2018, after years of debate and warnings, the EU implemented the General Data Protection Regulation (GDPR), which
(read more)
Pakistan’s years-long whack-a-mole attempts to prevent its citizens seeing some content online gone up a level, after the nation’s prime minister intervened to overturn a fresh ban on Wikipedia. As The Register has recently reported, Pakistan's Telecommunications Authority (PTA) last week downgraded access to the crowdsourced encyclopedia after demanding supposedly blasphemous material be removed, and threatened a ban if it was not taken down. A ban duly followed, prompting the Wikimedia Foundation – operator of Wikipedia – to protest and point out that Pakistani authorities should re
(read more)
Human psychology may prevent people from realizing the benefits of artificial intelligence, according to a trio of boffins based in the Netherlands. But with training, we can learn to overcome our biases and trust our automated advisors. In a preprint paper titled "Knowing About Knowing: An Illusion of Human Competence Can Hinder Appropriate Reliance on AI Systems," Gaole He, Lucie Kuiper, and Ujwal Gadiraju, from Delft University of Technology, examine whether the Dunning-Kruger effect hinders people from relying on recommendations from AI systems. The Dunning-Kruger effect (DKE) date
(read more)
The hack of SolarWinds' software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done?. In a matter of days this week, at least four disparate efforts to shore up supply chain security were declared, an example of how front-of-mind such risks have become and a push from vendors and developers to reduce them. The threat is growing. Gartner expects that by 2025, 45 percent of organizations globally will have experienced a software supply chain attack, a three-fold jump from 2021. It's not a surprise, accord
(read more)
South Korea’s Financial Services Commission yesterday revealed plans to regulate crypto assets as if they are securities. An announcement from the Commission’s Capital Market Division argues that investors should expect that tokenised assets enjoy the same protection as conventional securities, because they meet the same definitions South Korea applies to other securities. The document also notes that there are many types of securities traded in South Korea without the involvement of institutions or exchanges, such as shares in private companies. The regulator therefore does not believe that defining crypto tokens as securities creates a new class of securities. Or as the machine translation of the document puts it: “The food does not change no matter what container it is ser
(read more)
On Monday, Google unveiled an AI chatbot, Bard, that will be integrated into its search engine soon in the face of rising competition from Microsoft's Bing and OpenAI's ChatGPT. Talk of Microsoft revamping its search engine Bing with a massive investment in OpenAI's upcoming large language model GPT-4 has kicked Google into building its own rival service. Large language models have rapidly improved and are better at generating text, summarizing knowledge, and answering questions. They aren't perfect, however, and can still produce toxic and false information. But folks are fascinated and drawn to the new technology and a recent report from analysts at UBS claimed ChatGPT had reached 100 million monthly users to become the fastest-growing internet app in history.  Will users sudden
(read more)
Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice. The research, conducted by Haoyu Liu (University of Edinburgh), Douglas Leith (Trinity College Dublin), and Paul Patras (University of Edinburgh), suggests that private information leakage poses a serious tracking risk to mobile phone customers in China, even when they travel abroad in countries with stronger privacy laws. In a paper titled "Android OS Privacy Under the Loupe – A Tale from the East," the trio of university boffins analyzed the Android system apps installed on the mobile handsets of three popular smartphone vendors in China: OnePlus, Xiaomi and Oppo Realme. The researchers looked
(read more)
In brief Google has hinted it will unveil AI-powered products and features in a live event next week. Online search and advertising are Google's biggest sources of income. The potential that its business could be threatened by Microsoft incorporating OpenAI's GPT-4 into the Bing search engine has raised alarm bells internally.  Google has pulled engineers from other projects to work on building a rival AI chatbot-powered search, and CEO Sundar Pichai promised to produce results soon. "I'm excited by the AI-driven leaps we're about to unveil in search and beyond," Pichai said in a statement, reported by Bloomberg.  Google's AI model – LaMDA – will be made available "in the coming weeks and months," and Pichai promised that people will soon be able to use language models "as a
(read more)
Sooner or later, everything ends up in Microsoft Excel. The 37-year-old spreadsheet has been used to run Doom and Pac-Man, stop-motion animation, a turn-based role playing game, chess, and a neural network, among other things. Excel's latest trick comes courtesy of Microsoft's own software developers: "FLAME: A small language model for spreadsheet formulas." It's detailed in a preprint paper from Microsoft researchers Harshit Joshi, Abishai Ebenezer, José Cambronero, Sumit Gulwani, Aditya Kanade, Vu Le, Ivan Radiček, and Gust Verbruggen. The paper describes an assistive AI system called FLAME. It's a small language model that can improve the creation and maintenance of Excel formulas. Large language models like OpenAI's ChatGPT are all the rage at the moment
(read more)
The UK's health service has confirmed it will require winners of the procurement for a Federated Data Platform (FDP) to migrate existing dashboards from the current platform by US spy-tech firm Palantir. Palantir, which made its name creating data analytics technologies for the CIA and US immigration agency ICE, is said to be making the competition a "must-win." The company got a foothold in the National Health Service (NHS) during the pandemic, when it was one of a number of suppliers to build a "data store" to detail information about the spread of COVID-19 and its impact on the NHS, one of the world's largest healthcare providers. It won a £23 million ($28 million) contract without competition to extend its work on the platform, built on its Foundry product. The deal, which was
(read more)
Rather than face proceedings before the US Securities and Exchange Commission, Activision Blizzard has agreed to pay $35 million to settle charges that it both failed to maintain appropriate misconduct reporting controls over so-called "frat boy culture," and also violated whistleblower protection laws. More specifically, the SEC alleged the World of Warcraft maker "lacked controls and procedures among its separate business units to collect and analyze employee complaints of workplace misconduct" between 2018 and 2021. The toxic work culture at the company was the source of frequent complaints from staffers. The Commission also said the games biz used separation agreements, which contained language compelling ex-employees to inform the management if contacted by the SEC, were violations
(read more)
Opinion The tech sector is failing at cybersecurity. Global spending on the stuff is at $190 billion a year, a quarter of the US defense budget. That hasn't stemmed an estimated $7 trillion in annual cybercriminal damages. People are fond of saying that the Wild West days of the internet are over, but on those numbers an 1875 Dodge City bank vault looks like Fort Knox. So where's the sheriff? There are plenty of posses; no end of companies both small and large selling security by the bushel. Firewalls, scanners, heuristic, intrinsic, behavioral, managed, managerial, in-cloud, on-prem, you can mix and match the buzzwords and buy into every new idea. What you can't do is make your systems safe. If you do want a safe bet in cybersecurity, it's that things aren't going to change any time soon
(read more)
A top US cyber diplomat said his Twitter account was compromised over the weekend. Nate Fick, the inaugural US ambassador at large for Cyberspace and Digital Policy, on Saturday announced the hack of his personal account (not the government agency one) with - of course - a tweet.  "Perils of the job," he added, suggesting that his sense of irony remains intact. Assuming that was an authorized tweet, of course. My account has been hacked. Perils of the job… — Nate Fick (@ncfick) February 5, 2023 The US Department of State did not immediately respond to The Register's questions about who was responsible for the attack, how they accessed Fick's account, or whether the miscreants posted any nonsense, such as the cryptocurrency endorsements that appeared on the hacked account of UK educa
(read more)
China's ambition to record government and commercial activity on a blockchain has a new engine: a 1,000-server cluster in Beijing capable of handling 240 million smart contract transactions each second. The machine is notable for two reasons. One is that this rig uses homegrown tech. The cluster is linked to ChainMaker – a made-in-China blockchain platform that's been contributed to and/or adopted by significant Chinese private and government enterprises. ChainMmaker has also claimed to have developed 96-core silicon designed to accelerate blockchain transactions. The Beijing Academy of Blockchain and Edge Computing – understood to be the designer of the facility – has previously announced it has developed petabyte-scale storage systems. With the USA leading bans on export of
(read more)
A sneaky botnet dubbed HeadCrab that uses bespoke malware to mine for Monero has infected at least 1,200 Redis servers in the last 18 months. The compromised servers span the US, UK, German, India, Malaysia, China and other countries, according to Aqua Security's Nautilus researchers, who discovered the HeadCrab malware and have now found a way to detect it. "The victims seem to have little in common, but the attacker seems to mainly target Redis servers and has a deep understanding and expertise in Redis modules and APIs as demonstrated by the malware," Asaf Eitani and Nitzan Yaakov reported. Open-source Redis database servers do not have authentication switched on by default, which is something the HeadCrab attackers use to their advantage. If administrators don't enable authenti
(read more)
The man accused of bringing down decentralized crypto exchange Mango Markets through market manipulation has made his first appearance in court in connection with the theft of millions in cryptocurrency. Avraham Eisenberg was arrested in late December in Puerto Rico in relation to charges [PDF] filed by the US Securities and Exchange Commission, which allege he made off with more than $110 million in crypto "by artificially manipulating the price of certain perpetual futures contracts." A Department of Justice grand jury indicted Eisenberg in early January, leading to this latest court hearing. According to the lawsuit, Eisenberg is alleged to have used a pair of accounts on Mango Markets to pump the price of the MNGO "governance token" used on the platform. Using a series of trade
(read more)
A free tool aims is helping organizations defend against KillNet distributed-denial-of-service (DDoS) bots and comes as the US government issued a warning that the Russian cybercrime gang is stepping
(read more)
Updated When plague winds howl across the surface of cadaver world Earth, humanity long dead by its own hand, imperial archaeologists picking through the remnants will excavate a bunker. Inside they
(read more)
When a Texas school district sold some old laptops at auction last year, it probably didn't expect to end up in a public legal fight with a local computer repair shop – but a debate over what to do with district data found on the liquidated machines has led to precisely that. The San Benito Consolidated Independent School District sold more than 3,500 devices at auction in July 2022, of which 700 were purchased by local computer repair and resale shop RDA Technologies.  RDA co-owner David Avila said he found 11 hard drives the district had failed to wipe, and which contained sensitive data on employees and students. Avila told local media that he reported the presence of the data to the district in October, saying "legally, it's their job to wipe out or destroy hard drives."  It's here things start to get complicated.  The district admitted to the exposure of the data as a result of the sale to RDA, but said Avila's company "has not agreed to our proposed solution." Avila disputed that characterization in a late January interview, saying that the district wanted him to sign a nondisclosure agreement as part of a deal to buy back the 11 computers, and an additional 503 that hadn't been inspected.  Avila says he wants the district to be open about the errors in its process – particularly as he alleges some computers sold by the district went to foreign buyers – so is not willing to sign an NDA. The district also claimed that it wasn't given the chance to inspect the machines to verify they contained the alleged data. Avila denied this too, claiming a representative from the district had visited his shop to inspect them in October. Local news media reported they had inspected a machine and verified the data was present.  The district fired back with a statement on February 2, along with a copy [PDF] of communications with RDA. Among those communications are accusations from the district's legal representatives that Avila is attempting to "extort" the district. Conveniently absent from the trove of communications is Avila's initial message to San Benito. Also missing is anything that actually incriminates Avila in
(read more)
SpaceX CEO Elon Musk said over the weekend that, despite nearly two years since a successful launch, Starship will be flying again this March – with orbital ambitions. "If remaining tests go well,
(read more)
Updated A Chinese high-altitude spy balloon, spotted drifting over America, has caused concern about national security – though the US Department of Defense says it will not be shot down by F22s at this time. "The United States Government has detected and is tracking a high altitude surveillance balloon that is over the continental United States right now," read a statement from Pentagon press secretary brigadier general Pat Ryder. Ryder said the balloon was carefully being tracked by North American Aerospace Defense Command (NORAD) and does not currently pose a physical threat. "Instances of this kind of balloon activity have been observed previously over the past several years," said Ryder, adding that the US government had taken immediate actions to protect against collection of sensitive information. Everyone wants a glimpse of the Chinese spy balloon, it's gonna be THE raging internet trend for the next few days assuming the air force doesn't shoot it down. If you're not on your lawn getting noisy shots of every speck in the sky, you're missing out. pic.twitter.com/SA630Tfgy6 — Alejandro Alvarez (@aletweetsnews) February 2, 2023 China unveils massive blockchain cluster running homebrew tech China reportedly producing quantum computers – good luck observing one Counterfeit crud crooks crossed over to e-commerce during COVID Beijing grants permit to 'flying car' that can handle 'roads and low altitude' A senior DoD official said the US government is confident the balloon belongs to China. At at least one point in time, it was above Montana – one of three states that are home to siloed nuclear weapons. Reaction to the balloon having hit the US military's radar has, predictably, generated much criticism of the Biden Administration's approach to national security and US borders. But the Pentagon has pointed out the balloon is … erm … full of hot air. "Currently we assess that this balloon has limited additive value from an intelligence collection perspective," said the senior defense official. Although the balloon is clearly for surveillance and flying over sensitive sites, the official position is it likely does
(read more)
Dell is said to be planning to cut thousands of jobs, potentially as much as 5 percent of its entire workforce, in response to the falling global demand for PCs. The Texas-based technology giant confirmed there would be layoffs this morning, although it did not specify numbers. Vice chairman and co-chief operating officer Jeff Clarke said in a post today that the company would be "aligning Regional Sales and Dell Technologies Select teams", integrating "support services into ISG and CSG", and shifting ISG engineering "teams and resources to ... priority offerings." He also confirmed: "Unfortunately, with changes like this, some members of our team will be leaving the company." He added: "There is no tougher decision, but one we had to make for our long-term health and success. Please know we'll support those impacted as they transition to their next opportunities." According to Bloomberg, the company is set to lay off about 6,650 of its workers. The newswire cited a memo sent by Clarke to staffers blaming economic conditions which "continue to erode with an uncertain future." Clarke reportedly told workers that previous cost-cutting measures employed, such as putting a hold on new hires and limiting travel, are no longer enough. The layoffs, along with departmental reorganizations, present the company with an opportunity to drive efficiency, he said. We asked Dell about the job cuts, but the company declined to confirm the number, stating: "We continuously evaluate operations to ensure the right structure is in place to provide the best value and support to partners and customers. This is part of our regular course of business." Dell is not be the first tech company to shed workers in the economic downturn. PayPal said last week that it intends to cut about 7 percent of its workforce, or around 2,000 jobs, while IBM announced last month that it intends to lose about 3,900 employees and Amazon is also set to eliminate more than 18,000 jobs. Everyone's doing it: PayPal sends 2,000 workers packing NetApp ditches 8% of staff as customers put away wallets SAP culls 3,000 jobs from CRM business and its results weren't even
(read more)
Last November, OpenAI launched ChatGPT as a free web interface and took the internet by storm. Data compiled in a study by UBS reported the chatbot had managed to reach 100 million monthly active users by January, which would make it the fastest-growing consumer app in internet history. The study cited data from Similarweb, an analytics firm monitoring web traffic, indicating that about 13 million unique users on average visited the site every day in January – double the number recorded in December. Other ragingly popular online apps TikTok and Instagram took nine months and 2.5 years respe
(read more)
Cloud giants Google and Amazon Web Services' latest financial results indicate the cloud computing adoption is finally slowing as customers press pause amid the economic downturn taking place across much of the West. Amazon Group's overall sales grew 9 percent to reach $149.2 billion in the fourth quarter, while its AWS sales increased 20 percent year-over-year to $21.4 billion. For the full year 2022, Group net sales increased 9 percent to $514.0 billion in 2022, and AWS was up 29 percent year-over-year to $80.1 billion, a marked difference from the early years of the pandemic. AWS ad
(read more)
Pakistan's Telecommunications Authority has "degraded" Wikipedia service in the country on the grounds that the crowdsourced encyclopedia was not censoring "sacrilegious" content, and warned it may block the site altogether. A tweet from the Authority (PTA) explains that it approached Wikipedia and asked the website to remove unspecified content it calls "blasphemous." The PTA said a hearing was provided, but Wikipedia did not appear. "Given the international failure on part of the platform to comply with the directions of PTA, the services of Wikipedia have been degraded for 48 hours with the direction to block/remove the reported contents. In case of non-compliance by Wikipedia the platform will be blocked within Pakistan," said a press release from the authority. PTA added that restoration of the site would only occur if Wikipedia removed the "reported unlawful contents." Which reads a lot like the PTA isn't aware that anyone can edit Wikipedia entries – so it could remove the content itself if it wanted to … and could convince other editors its edits are justified. Pakistan bans TikTok, for the fourth time Pakistan cut off Facebook, Twitter, WhatsApp, and Telegram – for just four hours 'Here are 400,000 smut sites. Block them' says Pakistani telco regulator Internet went offline in Pakistan as protestors marched for ousted prime minister Wikipedia thus joins a list of internet giants that have been censored and/or threatened by the PTA. From 2012 to 2016, YouTube was blocked in the country for failing to remove anti-Islamic films and was deemed to serve up "vulgar, indecent and immoral" content. In early 2016, 429,343 websites were deemed "smut." ISPs were reportedly expected to implement the blocks "at the domain level," causing massive levels of headache to the nation's IT professionals. TikTok has been banned at least four times. Pakistan also regularly degrades or blocks sites during protests. In 2017, Facebook, Twitter and Instagram were all blocked as clashes with law enforcement occurred in Faizabad. In April 2021, social media – Facebook, Twitter, WhatsApp, and Telegram – was cut for just four hours. And last May, the internet went offline altogether during a march protesting the ousting of prime minister Imran Khan. The Register looks forward to what happens when Pakistani authorities take
(read more)
A former employee of RAC, one of Britain's major roadside recovery service operators, has pleaded guilty to data theft after he stored traffic accident information on his personal device that was pas
(read more)
Microsoft will reportedly integrate OpenAI's upcoming large language model GPT-4 into the Bing search engine over the next few weeks, as Google scrambles to test rival AI products, fearing it could lose its dominant position in online search.  Text-generation models have evolved from being able to autocomplete text to being able to carry out more general natural language tasks. GPT-4 is expected to be more powerful than its predecessors, ChatGPT and GPT-3, with new capabilities to generate higher quality text and respond to a wider range of input queries. As the lead investor in OpenAI, Microsoft has bagged the rights to deploy OpenAI's products exclusively. Now, Microsoft reportedly wants to use GPT-4 to power web search and is set to incorporate the new system into Bing over the coming weeks, according to SemaFor. Meanwhile, Google is stepping up efforts testing large language models rivalling ChatGPT and building new AI search products in a bid to remain competitive. Executives launched a project codenamed "Atlas", and have pulled together engineers and tasked them with developing a similar system. Staff are also reportedly experimenting with a chatbot called "Apprentice Bard" to build a search desktop application based on its LaMDA language model, according to CNBC.  It's unclear how these types of models are being applied for web search. Although there is some evidence that large language models can recall and extract information from its
(read more)
Analysis The semiconductor gold rush is all but over, and we've had our fill. Or so the past month of dismal earnings might have you believe. Electronics giant Samsung saw its profits contract 69 percent during the fourth quarter, while revenues slumped 8 percent overall. South Korean memory manufacturer SK Hynix, meanwhile, followed a few days later with an equally bleak report. Both companies told a story of macroeconomic forces that were suppressing consumer spending and driving DRAM and NAND flash inventories to unprecedented levels. Put simply, where there was once a chip shortage there is now a glut. Well, of memory anyway — more on that later. Intel, AMD, and Qualcomm, whose chips depend on DRAM and NAND flash and are thus inexorably intertwined, saw declines across key markets including PCs, smartphones, servers, and game consoles. If customers aren't buying memory, it makes sense they wouldn't be buying PCs and servers to put it in. While the rapid deterioration of the semiconductor market may have come as a surprise to some, the writing has been on the wall for months.  Micron was among the first semis to succumb to market forces. After riding strong demand for months and promising tens of billions in new fabs, the company decimated its workforce, laying off 4,800 after its Q1, 2023 earnings tumbled 88 percent from the year prior on a nearly $200 million loss. But even this wasn't the first sign that the pandemic bubble had burst. More than six months prior, the industry watchers at TrendForce offered a stark outlook for the memory market, warning of growing inventories of yet unsold product. The memory vendors were headed for economic turmoil long before this week. How did this happen? The semiconductor industry has, for the past three years, been caught in a perfect storm that has fueled steady demand. In the wake of the COVID-19 outbreak, an entire remote-working economy was born over the course of a few weeks. Every tech and software company worth its salt rushed to capitalize on the shift out of the office. Security vendors rushed products tailored to home offices out the door; notebook vendors crammed higher resolution cameras and microphones into their wares; and software vendors like Teams and Zoom scrambled to keep their services online. Whether directly or indirectly, all of these dynamics fueled semiconductor demand in one capacity or another. Before long, existing inventories emptied, and with factories closed due to COVID-19 lockdowns, it seemed everything was in short supply. Within a year, the semiconductor supply chain was stretched beyond its limits, and we were in the full grip of the chip shortage. To make matters worse — for consumers anyway — the then-current generation of graphics cards proved particularly efficient at mining crypto currencies. And while Nvidia and AMD pretended to care about how difficult it was to buy a GPU, they were only too happy to collect the massive profits the cards brought in every quarter. In mid 2022, the bubble burst. It was already getting easier to find components — lead times for basic, but essential, parts were down b
(read more)
Poll As PayPal and NetApp join the latest tech multinationals shedding a portion of their staffers, the US Federal Trade Commission is proposing a local ban on non-competes. America's federal regulator has concerns about the unequal bargaining power between employers and workers, claiming that non-compete clauses limit a worker's ability to practice their trade. On the other side, the US Chamber of Commerce has threatened to sue the FTC over the proposed ban. But non-compete clauses – also in wide use across Europe, including in the UK and even Germany (which expects businesses to pay half the ex-employee's former salary in the period the non-compete applies) – are not the only contract terms that have come under the magnifying glass as workers consider their next moves. Even those not affected by the cuts are feeling the cold winds as hedge funds gain influence, claims of impending recession continue (along with the hike in interest rates), and corporate culture decides to draw a line under the pandemic WFH policies, regardless of concerns over spread. Those who are looking to move will naturally be reading the fine print of their contract quite closely. Global employment in the ICT sector hit approximately 55.3 million across the globe in 2020, and US Bureau of Labor statistics from the end of last year revealed that tech companies added 14,400 workers in November alone, with tech sector employment increasing by 207,200 in 2022. In the EU, jobs in ICT have grown 22 percent in the past five years, with tech workers estimated at 1.35 million people and demand for techies outstripping supply. So the recent job cuts, although they number in the tens of thousands over the last six months, and have been personally horrific for many readers, are not necessarily a portender of gloom for the tech sector worker, employment figures suggest. Infosys noncompete clause sparks complaint from labor rights org Amazon Game Studios to its own devs: All your codebase doesn't belong to us Google staff who work from home might see pay cut under corporate policy – reports Salesman who helped land Veritas UK's 'largest ever' deal was lawfully docked £275k in commission, says judge FTC floats rule to ban imposed non-compete agreements in US The unemployment rate for US tech workers went down to 2 percent from 2.2 percent last year, say the figures, despite Silicon Valley's axe-wielding. That said, if you have been affected by the cuts, that will be of cold comfort until you find something new. Not "MLK quote"-congratulating-yourself-on-your-bravery-in-firing-people level cold, but cold nonetheless. Alcatel owns US employee's thoughts READ MORE And for some jobseekers, those old contractual clauses – and the new ones from prospective employers – will be meaningful as they look to move on. If you don't have a lawyer on hand, the big ones to look out for are restrictive covenants, terms of dismissal, and – of course – salary and incentive structures. Having a job description spelled out also helps, as many a put-upon reader has told us. Not all contracts are well-drafted, of course, and not all clauses are enforceable under the law, especial
(read more)
France's Computer Emergency Response Team has issued a Bulletin D'Alerte regarding a campaign to infect VMware’s ESXI hypervisor with ransomware. We get a little language lesson with this one: France's CERT describes this as an attempt to "déployer un rançongiciel," while Italy's Agenzia per la Cybersicurezza Nazionale – which has also warned of the campaign – warns that a "rilascio di ransomware" is under way. Neither nation's infosec authorities offer any information about the source of the attack, but both note that it goes after CVE-2021-21974 – a 9.1/10 rated bug disclosed and patched almost two years ago in February 2021. CVE-2021-21974 affects ESXi 7.0, 6.7 and 6.5.
(read more)
The US Commerce Department is putting an official stamp on what many have saying for years: the iOS and Android app store model "is harmful to consumers and developers."  That's the conclusion of th
(read more)
Microsoft believes the gang who boasted it had stolen and leaked more than 200,000 Charlie Hebdo subscribers' personal information is none other than a Tehran-backed criminal group. On Friday, Redmond's Digital Threat Analysis Center (DTAC) attributed the cyber-heist to Iran's Neptunium, which the US Department of Justice tracks as Emennet Pasargad.   The stolen data, which included names, phone numbers and addresses, "could put the magazine's subscribers at risk of online or physical targeting by extremist organizations," said Clint Watts, general manager of DTAC. "We believe this attack is a response by the Iranian government to a cartoon contest conducted by Charlie Hebdo."
(read more)
While astronauts are often engineers or scientists, they usually aren’t geologists, which is why the European Space Agency (ESA) is investing in training to make sure its next mission crew can accu
(read more)
On Call With a whole month of 2023 already consigned to history, The Register brings you another instalment of On-Call, our weekly column in which readers share their stories of past deeds performed
(read more)
Meta Platforms has sued an Israel-based web scraping firm called Bright Data for scraping data from its Facebook and Instagram websites – even though Meta paid Bright Data to scrape data from other websites. This legal battle kicked off earlier last month when the two companies in fact sued each other. Meta two months prior had sent a cease-and-desist letter to Bright Data demanding that it stop collecting what the scraping firm characterizes as public data. Bright Data disagreed with Meta's interpretation of its data collection rights and the two then headed to court – Meta seeking to ha
(read more)
Japanese IT services giant Fujitsu last week announced a re-org, and The Register has mostly figured out what's afoot. The conglomerate's announcement stated its "existing Global Solutions Business Group will be reorganized into two separate business groups: the Global Technology Solutions Business Group and Global Business Solutions Business Group." What's the difference between a Global Technology Solutions Business Group (GTSBG) and Global Business Solutions Business Group (GBSBG)? We're glad you asked. GTSBG is – surprise – about the tech. We're told the group will "be responsi
(read more)
To compete with Intel's fire-breathing 6GHz Core i9-13900KS desktop processors, AMD isn't shipping higher clocked Ryzens, but instead is throwing a boat load of cache at the problem. On Wednesday AMD revealed pricing and availability for its second-generation X3D CPUs, announced back at CES last month. Like the company's first generation 5800-X3D launched last April, it features an additional layer of SRAM stacked atop one of its CPU dies. The approach made for a formidable gaming CPU, which put Intel in the awkward position when launching its 13th-Gen processor family last year. Even according to Intel's own cherry-picked benchmarks, the company's 13900K couldn't topple AMD's cache-stacked Ryzen in everything. As such, the 7000-series X3D refresh has been hotly anticipated by enthusiasts as AMD's real gaming CPU lineup. This time around AMD is offering X3D editions of all but its base model Ryzen 5 processors. But, since this is the same fundamental technology used in AMD's X-series Epyc parts, which are tailored toward intense analytical and computational workloads like fluid dynamics, these chips should make excellent workstation parts as long as you can make do with the limited PCIe bandwidth. Here's a quick breakdown of the chip's specs and pricing. Ryzen 7800X3D: 8 cores / 16 threads, with a base clock of 4.2GHz, a boost clock of 5GHz, a 120W TDP, and 104MB of total cache. $449 Ryzen 7900X3D: 12 cores / 24 threads, with a base clock of 4.4GHz, a boost clock of 5.6GHz, a 120W TDP, and 140MB of total cache. $599 Ryzen 7950X3D: 16 cores / 32 threads, with a base clock of 4.2GHz, a boost clock of 5.7GHz, a 120W TDP, and 144MB of total cache. $699 Similar to AMD's first generation X3D parts, the additional cache — 64MB extra to be exact — comes at the expense of a roughly 300MHz lower base and boost clocks compared to the standard non-3D SKUs. You'll also pay a roughly $50 premium over the standard X-model's launch pricing, except for the top-SKU which is launching at the same $699 MSRP. AMD follows Intel's lead with alphanumeric soup of new Ryzens Intel's 13th-gen CPUs are hot, hungry, loaded with cores AMD refreshes desktop CPUs with 5nm Ryzen 7000s that can reach 5.7GHz with 16 cores Intel offers desktop chip that can hit 6GHz if everything goes right, you can keep it cool, stars align, pigs fly The pricing could be problematic for AMD, especially during a period when the chipmaker's PC revenues are already hurting. Intel's parts are less expensive and while the House of Zen's top specced Ryzen 9 is priced to compete with the 6GHz 13900KS, Intel's regular K-SKU parts are considerably cheaper with the 13900K and 13700K boasting an MSRP of $589 and $409, respectively. AMD shipping also causes pricing pressure on existing its CPU lineup, since the company has reduced the cost of many of its 7000-series parts to compete with Intel's more aggressive pricing strategy this generation. At many retailers, AMD's parts are now selling for $100 under MSRP. Another curious detail is the processor's stated TDPs, which are about 50W lower on the Ryzen 9 variants, but 16W higher on the Ryzen 7. We su
(read more)
The Wikimedia Foundation released a statement on Friday confirming that, according to internal traffic reports, Wikipedia and Wikimedia projects are no longer accessible to users in Pakistan. The Foundation's post came two days after Pakistan's Telecommunications Authority (PTA) threatened bans if Wikipedia did not censor content it deemed "sacrilegious." The authority had issued a warning shot in the form of degraded performance of the crowdsourced encyclopaedia for 48 hours before blocking it completely. But according to the Foundation, it does not possess the power to deliver on Pakistan's demands. In its statement, the organization outlined just how Wikipedia is written: using 300,000 volunteer editors who follow guidelines and require citations and references before allowing public edits of content. "Content on Wikipedia is mined from secondary sources; it does not allow original research," said the org. "The Wikimedia Foundation does not make decisions around what content is included on Wikipedia or how that content is maintained," it added. Which is just what The Register said when we titled our first story on this incident "Hi, Pakistan? You do know anyone can edit Wikipedia, right? You don't have to ask." The Foundation's post therefore invited any individuals, organization or governments that have a problem with Wikipedia's content to share their concerns through the dedicated response channels the outfit operates. In Pakistan, the English version of Wikipedia receives over 50 million pageviews per month. Urdu language and Russian language Wikipedias are the next most popular. The Foundation described the number of editors in Pakistan who contribute historical and educational content as "sizable and engaged." "We believe that access to knowledge is a human right. A block of Wikipedia in Pakistan denies the fifth most populous nation in the world access to the largest free knowledge repository. If it continues, it will also deprive everyone access to Pakistan's history and culture," tweeted Wikimedia Foundation on Friday. Pakistan's government to agencies: Dark web is dangerous, please don't go there Indian tech minister picks a fight with Wikipedia over cricketer's dropped catch Iran blocks Whatsapp, Instagram as citizens protest death of Mahsa Amini India's Supreme Court demands government detail internet shutdown rules Internet interruption-watcher NetBlocks also confirmed the outage, noting tht Pakistan's blocks can be circumvented with a VPN. NetBlocks also noted that the move to block Wikipedia was out of character for the Pakistan government, despite its many shutdowns and bans on sites in the past. "Pakistan has frequently imposed temporary internet shutdowns during protests, however the use of filtering to pressure a major platform into compliance as in this case is relatively rare," said NetBlocks, adding that the country also does not typically issue public notices before blocking – or "filtering" – websites. The Register notes Pakistan has banned TikTok at least four times and in April 2021 Facebook, Twitter, WhatsApp, and Telegram were cut for four hours. YouT
(read more)
Microsoft's latest Windows 11 preview build has added a Spotify widget, more evidence of the software giant's increasing openness to third-party presences in its flagship OS. Widgets display dynamic content from apps and services on the tray on a user's Windows desktop. They can be manipulated in myriad ways – including pinned or unpinned, resized, and customized – and are designed to reflect the user's interests. Until recently, the bulk of the widgets for Windows 11 related to Microsoft's own apps. However, in late January the desktop OS titan announced a preview version of a widget for Meta's Messenger, an instant messaging app and platform the originally started life in 2008 at Facebook Chat. The latest philosophy is coded into the Preview Build 25284 for the Windows 11 Insider program's Dev Channel, a facility that allows developers to try features and offer feedback to Microsoft. The latest Windows 11 Insider Preview Build 25290, added widgets for Spotify, the popular music and content streaming service. Microsoft's own Phone Link, an app that connects Windows 10 to Android devices, also debuts as a W11 widget. Microsoft made third party widgets possible in November 2022 when it released the Windows App Software Development Kit (SDK) 1.2 that included tools to build widgets. Now with Messenger and Spotify widgets in play, users "should expect to see additional new widgets as more developers create and release widgets for their apps," Amanda Langowski, principal product manager for the Windows Insider Program, and Brandon LeBlanc, senior program manager at Microsoft, wrote in a blog post this week. Microsoft squashes Windows 11, Server 2022 bugs with preview patches If your Start menu or apps are freezing up on Windows, Microsoft has a suggestion Microsoft: You're not out of love with cloud, you're just 'optimizing' it for a bit Microsoft took its macros and went home, so miscreants turned to Windows LNK files Developers can access the widgets on the Microsoft Store. Putting them to work might not always be trouble free. Langowski and LeBlanc wrote that Microsoft is aware of some issues related to third party widgets. Occasionally they disappear from the widgets board but can be added back by clicking "refresh" or re-pinning them from the widgets picker. Widgets can also be unintentionally unpinned if a developer uses their Microsoft account to sign-in multiple Windows 11 devices. Microsoft is also experimenting with the Start menu, despite recent tweaks irritating testers by slipping in promos for Redmond's own cloudy services. In October 2022's Preview Build 25227 2022, some developers began seeing badging on their user profile, which notified them of particular actions that they needed to take, an initial step that ended a month later. Now Microsoft is trying another tack, this time showing two new systems. Some developers in the Windows Insider program will see a relatively simple treatment listing suggestions like backing up files, change account settings, lock, and sign out. The second treatment is more detailed, with descriptions of such tasks as backing up files and th
(read more)