Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Medicine

The Big Short: Security Flaws Fuel Bet Against St. Jude (securityledger.com) 17

chicksdaddy writes: "Call it The Big Short -- or maybe just the medical device industry's 'Shot Heard Round The World': a report from Muddy Waters Research recommends that its readers bet against (or 'short') St. Jude Medical after learning of serious security vulnerabilities in a range of the company's implantable cardiac devices," The Security Ledger reports. "The Muddy Waters report on St. Jude's set off a steep sell off in St. Jude Medical's stock, which finished the day down 5%, helping to push down medical stocks overall. The report cites the 'strong possibility that close to half of STJ's revenue is about to disappear for approximately two years' as a result of 'product safety' issues stemming from remotely exploitable vulnerabilities in STJ's pacemakers, implantable cardioverter defibrillator (ICD), and cardiac resynchronization therapy (CRT) devices. The vulnerabilities are linked to St. Jude's Merlin at home remote patient management platform, said Muddy Waters. The firm cited research by MedSec Holdings Ltd., a cybersecurity research firm that identified the vulnerabilities in St. Jude's ecosystem. Muddy Waters said that the affected products should be recalled until the vulnerabilities are fixed. In an e-mail statement to Security Ledger, St. Jude's Chief Technology Officer, Phil Ebeling, called the allegations 'absolutely untrue.' 'There are several layers of security measures in place. We conduct security assessments on an ongoing basis and work with external experts specifically on Merlin at home and on all our devices,' Ebeling said."

More controversial: MedSec CEO Justine Bone acknowledged in an interview with Bloomberg that her company did not first reach out to St. Jude to provide them with information on the security holes before working with Muddy Waters. Information security experts who have worked with the medical device industry to improve security expressed confusion and dismay. "If safety was the goal then I think (MedSec's) execution was poor," said Joshua Corman of The Atlantic Institute and I Am The Cavalry. "And if profit was the goal it may come at the cost of safety. It seems like a high stakes game that people may live to regret."

Crime

US Unveils Charges Against KickassTorrents, Names Two More Defendants (arstechnica.com) 29

A total of three men are said to be operators of file-sharing site KickassTorrents (KAT), according to U.S. prosecutors. Last month, federal authorities arrested the 30-year-old Ukrainian mastermind of KAT, Artem Vaulin, and formally charged him with one count of conspiracy to commit criminal copyright infringement, one count of conspiracy to commit money laundering, and two counts of criminal copyright infringement. Two other Ukrainians were named in the new indictment (PDF): Levgen (Eugene) Kutsenko and Oleksander (Alex) Radostin. While only Vaulin has been arrested, bench warrants have been issue for the arrest of all three men. Ars Technica reports: "Prosecutors say the three men developed and maintained the site together and used it to 'generate millions of dollars from the unlawful distribution of copyright-protected media, including movies, [...] television shows, music, video games, computer software, and electronic books.' They gave out 'Reputation' and 'User Achievement' awards to users who uploaded the most popular files, including a special award for users who had uploaded more than 1,000 torrents. The indictment presents a selection of the evidence that the government intends to use to convict the men, and it isn't just simple downloads of the copyrighted movies. The government combed through Vaulin's e-mails and traced the bitcoins that were given to him via a 'donation' button."
Patents

Apple Patenting a Way To Collect Fingerprints, Photos of Thieves (appleinsider.com) 38

An anonymous reader quotes a report from Apple Insider: As published by the U.S. Patent and Trademark Office, Apple's invention covering "Biometric capture for unauthorized user identification" details the simple but brilliant -- and legally fuzzy -- idea of using an iPhone or iPad's Touch ID module, camera and other sensors to capture and store information about a potential thief. Apple's patent is also governed by device triggers, though different constraints might be applied to unauthorized user data aggregation. For example, in one embodiment a single failed authentication triggers the immediate capture of fingerprint data and a picture of the user. In other cases, the device might be configured to evaluate the factors that ultimately trigger biometric capture based on a set of defaults defined by internal security protocols or the user. Interestingly, the patent application mentions machine learning as a potential solution for deciding when to capture biometric data and how to manage it. Other data can augment the biometric information, for example time stamps, device location, speed, air pressure, audio data and more, all collected and logged as background operations. The deemed unauthorized user's data is then either stored locally on the device or sent to a remote server for further evaluation.
Encryption

PSA: PlayStation Network Gets Two-Step Verification (arstechnica.com) 19

Consider this a public service announcement: Sony has (finally) added two-factor authentication to PlayStation Network accounts. If you're a PlayStation user and are reading this right now, you really should go set it up so that someone doesn't try to take over your account and steal your password. Ars Technica details how you can set up the new security features: "Turn on your PS4 and go to Settings -> PlayStation Network Account Management -> Account Information -> Security -> 2-Step Verification. You can also set it up through the web by logging into your PSN account on the web and going through the Security tab under the Account header. From there, on-screen instructions will walk you through the process of using a text message to confirm your mobile device as a secondary layer of security for your PSN account. Two-factor support is not available when logging on to older PlayStation systems, so Sony recommends you generate a 'device setup password' to help protect the PS3, Vita, or PSP." Two-factor authentication comes five years after hackers breached PSN's security and stole 77 million accounts.
Communications

FCC Proposes 5G Cybersecurity Requirements, Asks For Industry Advice (fedscoop.com) 21

Presto Vivace quotes a report from FedScoop: "Cybersecurity issues must be addressed during the design phase for the entire 5G ecosystem, including devices. This will place a premium on collaboration among all stakeholders," said FCC chairman Tom Wheeler during a National Press Club event on June 20. "We continue to prefer an approach that emphasizes that industry develop cybersecurity standards just as we have done in wired networks." The FCC published a request Wednesday for comment on a new set of proposed 5G rules to the Federal Register focused on adding specific "performance requirements" for developers of example internet-connected devices. If a company hopes to secure a license to access higher-frequency 5G spectrum in the future then they will need to adhere to these specific requirements -- in other words, compliance is non-negotiable. Notably, these FCC "performance requirements" now include the submission of a network security plan. The report adds: "A quick review of the FCC's proposed 5G cybersecurity plan shows a six category split, organized by a companies' security approach, coordination efforts, standards and best practices, participation with standards bodies, other security approaches and plans with information sharing organizations. Security plans must be submitted to the commission at least six months before a 5G-ready product enters the market, according to the notice."
Open Source

Princeton Researchers Announce Open Source 25-Core Processor (pcworld.com) 55

An anonymous reader writes: Researchers at Princeton announced at Hot Chips this week their 25-core Piton Processor. The processor was designed specifically to increase data center efficiency with novel architecture features enabling over 8,000 of these processors to be connected together to build a system with over 200,000 cores. Fabricated on IBM's 32nm process and with over 460 million transistors, Piton is one of the largest and most complex academic processors every built. The Princeton team has opened their design up and released all of the chip source code, tests, and infrastructure as open source in the OpenPiton project, enabling others to build scalable, manycore processors with potentially thousands of cores.
Google

Google Fiber To Cut Staff In Half After User Totals Disappoint, Says Report (dslreports.com) 94

An anonymous reader quotes a report from DSLReports: Sources claim that Google Fiber has been disappointed with the company's overall number of total subscribers since launching five years ago. A paywalled report over at The Information cites a variety of anonymous current and former Google employees, who say the estimated 200,000 or so broadband subscribers the company had managed to sign up by the end of 2014 was a fary cry from the company's original projection of somewhere closer to 5 million. Google Fiber has never revealed its total number of subscribers. A report last October pegged the company's total broadband subscribers at somewhere around 120,000, though it's unclear how many of those users had signed up for Google Fiber's symmetrical 5 Mbps tier, which was originally free after users paid a $300 installation fee. Disappointed by sluggish subscriber tallies, The Information report states that last month Alphabet CEO Larry Page ordered Google Fiber boss Craig Barratt to cut the total Google Fiber staff in half to roughly 500 people. That's a claim that's sure to only fuel continued speculation that the company is starting to get cold feet about its attempts to bring broadband competition to a broken duopoly market.
Wireless Networking

Italy Quake Rescuers Ask Locals To Unlock Their Wi-Fi (bbc.com) 80

Rescue teams searching for earthquake survivors in central Italy have asked locals to unlock their Wifi passwords. The Italian Red Cross says residents' home networks can assist with communications during the search for survivors, reports BBC. From the report: On Wednesday a 6.2 magnitude earthquake struck central Italy and killed more than 240 people. More than 4,300 rescuers are looking for survivors believed to still be trapped in the rubble. On Twitter, the Italian Red Cross posted a step-by-step guide which explains how local residents can switch off their Wifi network encryption. Similar requests have been made by the National Geological Association and Lazio Region. A security expert has warned that removing encryption from a home Wifi network carries its own risks, but added that those concerns are trivial in the context of the rescue operation.
AT&T

ISP Lobbyists Pushing Telecom Act Rewrite (dslreports.com) 65

Karl Bode, reporting for DSLReports:Telecom lobbyists are pushing hard for a rewrite of the Telecom Act, this time with a notable eye on cutting FCC funding and overall authority. AT&T donated at least $70,000 to back Republican House Speaker Paul Ryan, and clearly expects him to spearhead the rewrite and make it a priority in 2017. The push is an industry backlash to a number of consumer friendly initiatives at the FCC, including new net neutrality rules, the reclassification of ISPs under Title II, new broadband privacy rules, new cable box reform and an attempt to protect municipal broadband. AT&T's Ryan donation is the largest amount AT&T has ever donated to a single candidate, though outgoing top AT&T lobbyist Jim Cicconi has also thrown his support behind Hillary Clinton.
IOS

iPhones and iPads Fail More Often Than Android Smartphones (softpedia.com) 121

An anonymous reader writes: The main question when picking a new phone is whether to choose an Android one or an iPhone. A new study coming from Blancco Technology Group sheds some light on which devices are the most reliable, based on reliability. The study entitled State of Mobile Device Performance and Health reveals the device failure rates by operating systems, manufacturers, models and regions, as well as the most common types of performance issues. The report reveals that in Q2 2016, iOS devices had a 58% failure rate, marking the first time that Apple's devices have a lower performance rate compared to Android. It seems that the iPhone 6 had the highest failure rate of 29%, followed by iPhone 6s and iPhone 6S Plus. Android smartphones had an overall failure rate of 35%, an improvement from 44% in Q1 2016. Samsung, Lenovo and LeTV were among the manufacturers with the weakest performance and higher failure rates. Samsung scored 26% in failure rate, while Motorola just 11%. The study also reveals that iOS devices fail more frequently in North America and Asia compared to Android. Specifically, the failure rate in North America is 59%, while in Asia 52%. The failures could be influenced by the fact that the quality of smartphones shipped around the world varies.
Windows

Windows 10 Computers Crash When Amazon Kindles Are Plugged In (theguardian.com) 185

It appears that many users are facing an issue with their Windows 10 computers when they plug in an Amazon Kindle device. According to reports, post Windows 10 Anniversary Update installation, everytime a user connect their Amazon Paperwhite or Voyage, their desktop and laptop lock up and require rebooting. The Guardian reports:Pooka, a user of troubleshooting forum Ten Forums said: "I've had a Kindle paperwhite for a few years no and never had an issue with connecting it via USB. However, after the recent Windows 10 updates, my computer BSOD's [blue screen of death] and force restarts almost as soon as I plug my Kindle in." On Microsoft's forums, Rick Hale said: "On Tuesday, I upgraded to the Anniversary Edition of Windows 10. Last night, for the first time since the upgrade, I mounted my Kindle by plugging it into a USB 2 port. I immediately got the blue screen with the QR code. I rebooted and tried several different times, even using a different USB cable, but that made no difference."
Government

Malware Sold To Governments Helped Them Spy on iPhones (washingtonpost.com) 29

One of the world's most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists, reports The New York Times. (Editor's note: the link could be paywalled, here's an alternate source). From the report: Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target's mobile phone, was responsible for the intrusions. The NSO Group's software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user. In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.The Washington Post reports that these "zero-day" flaws were previously used by the governments to take over victims' phones by tricking them into clicking on a link to a text message. Motherboard says that this is the first time anyone has uncovered such an attack in the wild. "Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars."
Google

You Can Now Play Solitaire and Tic-Tac-Toe in Google's Search Results (venturebeat.com) 51

Paul Sawers, writing for VentureBeat: Google announced a couple of fun little nuggets today: you can now play Solitaire and Tic-Tac-Toe directly in Google's search results. Available through the desktop and Google mobile apps, anyone searching for the keywords "solitaire" or "tic-tac-toe" will see the usual search results, but featured prominently alongside them you'll also now see a "tap to play" option which whisks you off to play the game. Google is no stranger to hiding so-called "easter eggs" in its products, including Search -- for example, last year it had a surprise in store to mark the anniversary of Super Mario. Moreover, Google already lets you play some games within Search, including Pacman.
China

China To Crackdown On Unauthorised Radio Broadcasts (www.bgr.in) 42

An anonymous reader writes: Reportedly, in a national campaign aided by more than 30,000 airwave monitors, in over past six months, more than 500 sets of equipment for making unauthorised radio broadcasts were seized in China. The campaign, launched on February 15 by the State Council, resulted in 1,796 cases related to illegal radio stations, after 301,840 hours of monitoring from February to July, according to an online statement by the Ministry of Industry and Information Technology. The number of incidents was down by 50 per cent from April to August, the China Daily quoted the statement as saying. So-called pirate radios have appeared in most parts of China since 2015 and this "has been a channel for criminals to defraud and promote aphrodisiacs, along with counterfeit and poor-quality medicine," according to the Ministry of Public Security's Criminal Investigation Department. The operating cost of a pirate radio is low, but profit can be high. A pirate radio station that broadcasts advertisements for aphrodisiacs can pocket more than 70,000 yuan ($10,500) a month, with an overhead cost of no more than 10,000 yuan, investigators said in a post on Sina Weibo. It said most spare parts for broadcasting equipment can be bought on the internet.
Games

Driver Killed a Pedestrian in Japan While Playing Pokemon Go (fortune.com) 156

An anonymous reader writes: One woman was killed and another injured. In what police are calling Japan's first death linked to Pokemon Go, a driver playing the smartphone game hit two pedestrians on Tuesday night, officials said. The collision broke the neck of one woman, killing her, and left another woman with a broken hip, the Wall Street Journal reports. Police in Tokushima, on the western Japanese island of Shikoku, told the Wall Street Journal the women were crossing the street when the car struck them. The man driving the car did not see them because was playing Pokemon Go.

Slashdot Top Deals