Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 15 submissions in the queue.
Breaking News

Log In

Log In

Create Account  |  Retrieve Password


Site News

Join our Folding@Home team:
Main F@H site
Our team page


Funding Goal
For 6-month period:
2022-07-01 to 2022-12-31
(All amounts are estimated)
Base Goal:
$3500.00

Currently:
$438.92

12.5%

Covers transactions:
2022-07-02 10:17:28 ..
2022-10-05 12:33:58 UTC
(SPIDs: [1838..1866])
Last Update:
2022-10-05 14:04:11 UTC --fnord666

Support us: Subscribe Here
and buy SoylentNews Swag


We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.

posted by hubie on Thursday October 10, @05:09AM   Printer-friendly

NOAA has issued a rare G4 watch for a severe geomagnetic storm that is expected on October 10 and 11. G4 refers to NOAA's scale for the intensity of geomagnetic storms, which ranges from G1 to G5. Prior to the geomagnetic storm in May of this year that reached G5 intensity, the last G4 watch was issued in January of 2005.

This watch was issued for a coronal mass ejection (CME) that occurred around 03 UTC on October 9 and is expected to reach Earth around 12-15 UTC on October 10. An article from the Washington Post states that the speed of the CME, around 2.5 million miles per hour, is the fastest that a CME has been ejected toward Earth during the current solar cycle. From my very limited understanding of space weather, it seems that faster CMEs generate higher ram pressures against Earth's magnetosphere and can result in more severe geomagnetic storms. The x-ray brightness of solar flares gets a lot of attention, and this was an X-class flare (the highest level on the classification scale), this was an X1.8 flare whereas flares have been observed at least up to X28. The high speed of the CME, however, seems to be a factor in the potential for a severe geomagnetic storm.

One of the main questions that we can't answer until the CME gets to within about a million miles of Earth is the orientation of its magnetic field. If the CME's magnetic field is aligned in the same direction as Earth's, it will produce a less severe geomagnetic storm than if it's aligned in the opposite direction. An excellent resource for data about space weather and this CME is NOAA's space weather enthusiasts dashboard. There's a lot of data on that page that is useful if you're concerned about the possibility of viewing auroras or potential disruptions to the power grid, so hopefully some of the comments can explain a bit more about what it means. I don't know a whole lot about space weather, but I'll try to offer a cursory explanation of what I believe some of it means.

The solar visible light shows where sunspots are currently observed, whereas the LASCO C3 images are observed from satellites can be used to see CMEs when they occur. A CME will appear like an explosion outward from the sun's corona. The data is input into a model called WSA-ENLIL, which predicts the density and radial velocity (outward from the sun) of solar wind plasma. A higher plasma density or a faster radial velocity should result in a stronger geomagnetic storm. This is also useful for estimating when a CME will reach Earth. I believe the GOES magnetometer data is used to measure how much the Earth's magnetic field is compressed or stretched and can identify the onset of geomagnetic storms. The ACE MAG and SWEPAM data are satellite-derived measurements of the solar wind. In addition to showing the plasma speed, temperature, and density, the Bz and Phi variables show the orientation of the magnetic field in the solar wind. If Bz is positive, it's a northward-oriented magnetic field. However, a negative Bz indicates a southward-oriented magnetic field, the opposite direction of Earth's magnetic field, and this can result in more severe geomagnetic storms. Basically, a strongly negative Bz around -10 or even -20 would be more favorable for a strong geomagnetic storm. The aurora forecast is a short-term forecast (~30 minutes to an hour) of the probability of auroral activity over a location, though auroras may be visible near the horizon in areas equatorward of what the forecast shows.

There's a lot of data on NOAA's space weather dashboard that can be useful for anyone hoping to see the auroras. My understanding of space weather is very limited, so if anyone else has a better understanding of what the data means, please share the information in the comments. Although a G4 or even a G5 geomagnetic storm is possible, but there's still a lot of uncertainty until the CME gets very close to Earth.


Original Submission

posted by janrinok on Thursday August 22, @06:28PM   Printer-friendly

Arthur T Knackerbracket has processed the following story:

Microsoft's Patch Tuesday for August 2024 includes a fix for a security vulnerability in the Grub2 boot loader, which is used by many Linux operating systems. Tracked as CVE-2022-2601, this flaw, discovered in 2022, could lead to an out-of-bounds write with a potential bypass of Secure Boot protection.

The Grub2 boot loader provides compatibility with the Secure Boot technology on PCs running Linux systems. After installing the new patch, Windows applies a Secure Boot Advanced Targeting (SBAT) policy to block vulnerable Linux boot loaders that could compromise OS security.

Microsoft explained that the SBAT value would not be applied to dual-boot systems with both Windows and Linux on the boot drive, so the patch was expected not to impact these systems. However, many users with dual-boot configurations have reported that the CVE-2022-2601 update still rendered booting into a Linux OS impossible.

The issue appears to affect various Linux distributions, including popular ones such as Ubuntu, Linux Mint, Zorin OS, Puppy Linux, and others. Affected systems typically display a "Security Policy Violation" error at boot, indicating a failed check on "shim SBAT data." Boot problems have been reported on both dual-boot systems and on Windows devices running Linux from an ISO image, USB drive, or optical media.

Microsoft's bulletin noted that only older Linux distros' ISOs were expected to experience boot issues following the CVE-2022-2601 patch. However, users with systems released in 2024 also seem to be affected. The only reliable way to restore a bootable state appears to be disabling Secure Boot entirely. Alternatively, users can follow the steps to remove the SBAT policy introduced by Microsoft this past week.


Original Submission

posted by hubie on Friday July 19, @03:34PM   Printer-friendly
from the fortunately-we-don't-run-windows dept.

Breaking: CrowdStrike code update bricking Windows machines around the world

Announcement

UPDATED An update to a product from infosec vendor CrowdStrike is bricking computers running Windows.

The Register has found numerous accounts of Windows 10 PCs crashing, displaying the Blue Screen of Death, then being unable to reboot.

"We're seeing BSOD Org wide that are being caused by csagent.sys, and it's taking down critical services. I'll open a ticket, but this is a big deal," wrote one user.

Forums report that Crowdstrike has issued an advisory with a URL that includes the text "Tech-Alert-Windows-crashes-related-to-Falcon-Sensor-2024-07-19" – but it's behind a regwall that only customers can access.

An apparent screenshot of that article reads "CrowdStrike is aware of reports of crashes on Windows hosts related to the Falcon Sensor. Symptoms include hosts experiencing a bugcheck\blue screen error related to the Falcon Sensor."

CrowdStrike's engineers are working on the issue.

Falcon Sensor is an agent that CrowdStrike claims "blocks attacks on your systems while capturing and recording activity as it happens to detect threats fast."

Right now, however, the sensor appears to be the threat.

This is a developing story and The Register will update it as new info comes to hand. ®

Updated at 0730 UTC to add Brody Nisbet, CrowdStrike's chief threat hunter, has confirmed the issue and on X posted the following:

There is a faulty channel file, so not quite an update. There is a workaround... 1. Boot Windows into Safe Mode or WRE. 2. Go to C:\Windows\System32\drivers\CrowdStrike 3. Locate and delete file matching "C-00000291*.sys" 4. Boot normally.

In a later post he wrote "That workaround won't help everyone though and I've no further actionable help to provide at the minute".
More to come as the situation evolves ...

In Australia, CrowdStrike IT outage hits airports, banks, supermarkets as emergency committee meets

A major network outage has affected several Australian institutions and businesses, including multiple airports, the Commonwealth Bank, Optus, Australia Post and Woolworths.


Original Submission #1Original Submission #2

Major Global IT Outage Grounds Planes and Blocks Media Worldwide

Airports and other key infrastructure sites around the world have reported disruptions amid problems with communications:

Disruption to air traffic control systems is being reported around the world. Preliminary reports say a computer glitch may be causing the problem. Issues have arisen in the US, Spain, Germany, Australia, and elsewhere, with authorities forced to cancel takeoffs and landings due to safety concerns.

The outage was first reported about midnight CET on Thursday night/Friday.

The failure may have been caused by a software update that locks Microsoft operating systems and is reportedly not restricted to airlines. Some banks, emergency services, broadcasters, and financial institutions are also said to have been affected.

Computers using Windows 10 OS are reportedly crashing and showing "the blue screen of death" (BSOD) after an update for a security product provided by the firm CrowdStrike. The company is reportedly working on resolving the issue.

Brody Nisbet, CrowdStrike's chief threat hunter, has offered a workaround to deal with what he called a "faulty channel file" related to the Falcon Sensor cybersecurity app.

See also:

posted by janrinok on Tuesday June 25 2024, @06:36AM   Printer-friendly
https://www.theguardian.com/media/article/2024/jun/25/julian-assange-plea-deal-with-us-free-to-return-australia

Julian Assange has been released from a British prison and is expected to plead guilty to violating US espionage law, in a deal that would allow him to return home to his native Australia.

Assange, 52, agreed to plead guilty to a single criminal count of conspiring to obtain and disclose classified US national defence documents, according to filings in the US district court for the Northern Mariana Islands.

Wikileaks posted on social media a video of its founder boarding a flight at London's Stansted airport on Monday evening and Australian prime minister Anthony Albanese confirmed he had left the UK.

https://www.theguardian.com/media/article/2024/jun/25/julian-assange-may-be-on-his-way-to-freedom-but-this-is-not-a-clear-victory-for-freedom-of-the-press

The release from a UK prison of Julian Assange is a victory for him and his many supporters around the world, but not necessarily a clear win for the principle underlying his defence, the freedom of the press.

The charges Assange is anticipated to plead guilty to as part of a US deal, and for which he will be sentenced to time served, are drawn from the 1917 Espionage Act, for "conspiring to unlawfully obtain and disseminate classified information related to the national defense of the United States".

So although the WikiLeaks founder is expected to walk free from the US district court in Saipan after Wednesday's hearing, the Espionage Act will still hang over the heads of journalists reporting on national security issues, not just in the US. Assange himself is an Australian, not a US citizen.

Live: Father of Julian Assange hints at son's return to Australia after prison release - ABC News:

Nothing is certain until it happens and there's a lot we still don't know about how Julian Assange's case will proceed.

A lot of our understanding at this stage is coming from the court documents, which state that he'll appear before a judge in Saipan at 9am local time tomorrow.

An email from the Department of Justice (DOJ) to the judge in the Northern Mariana Islands states that Assange is expected to plead guilty to one count of conspiracy to obtain and disclose national defence information, and that he'll be sentenced for that offence.

American media outlets are reporting that the plea deal would need to be approved by the judge, and WikiLeaks has described the agreement as having "not yet been formally finalised."

But Assange's departure from the UK is a massive development in the case, and the court document says the DOJ expects he'll return to Australia "at the conclusion of the proceedings".

posted by janrinok on Friday May 24 2024, @07:09PM   Printer-friendly
from the if-at-first-you-dont-succeed dept.

Massive explosion rocks SpaceX Texas facility, Starship engine in flames

Elon Musk had recently announced that Starship's fourth flight test could be just days away.

[...] SpaceX has yet to provide an update on the explosion, which took place at its Boca Chica Starbase facilities in southern Texas. The footage shows SpaceX's engine test pad going up in flame.

The footage started a little after 4:12 pm local time. Roughly 14 seconds after ignition, the Raptor engine shut off. As the vapor surrounding the test tower dissipated, a fire appeared to start underneath the engine. These flames traveled upwards, causing a second explosion to engulf the entire tower.

In a tweet accompanying a clip from the footage, NASASpaceflight wrote, "The raptor testing stand at McGregor experienced an anomaly a few moments ago. The vapors from the anomaly caused a secondary explosion on the test stand."

A short video is here.


Original Submission

posted by hubie on Saturday March 30 2024, @07:23AM   Printer-friendly

xz-utils are compromised and inject malicious code

= Debian:

https://lists.debian.org/debian-security-announce/2024/msg00057.html
https://security-tracker.debian.org/tracker/CVE-2024-3094

Debian Security Advisory DSA-5649-1
[SECURITY] [DSA 5649-1] xz-utils security update

Package : xz-utils
CVE ID : CVE-2024-3094

Andres Freund discovered that the upstream source tarballs for xz-utils,
the XZ-format compression utilities, are compromised and inject
malicious code, at build time, into the resulting liblzma5 library.

Right now no Debian stable versions are known to be affected.
Compromised packages were part of the Debian testing, unstable and
experimental distributions, with versions ranging from 5.5.1alpha-0.1
(uploaded on 2024-02-01), up to and including 5.6.1-1. The package has
been reverted to use the upstream 5.4.5 code, which we have versioned
5.6.1+really5.4.5-1.

Users running Debian testing and unstable are urged to update the
xz-utils packages.

For the detailed security status of xz-utils please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/xz-utils

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org

= Red Hat:

https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users

"What distributions are affected by this malicious code?

Current investigation indicates that the packages are only present in Fedora 41 and Fedora Rawhide within the Red Hat community ecosystem.

No versions of Red Hat Enterprise Linux (RHEL) are affected.

We have reports and evidence of the injections successfully building in xz 5.6.x versions built for Debian unstable (Sid). Other distributions may also be affected. Users of other distributions should consult with their distributors for guidance."

https://www.openwall.com/lists/oss-security/2024/03/29/4

= OpenWall: (With more details at openwall link above)

"After observing a few odd symptoms around liblzma (part of the xz package) on
Debian sid installations over the last weeks (logins with ssh taking a lot of
CPU, valgrind errors) I figured out the answer:

The upstream xz repository and the xz tarballs have been backdoored.

At first I thought this was a compromise of debian's package, but it turns out
to be upstream."


Original Submission

posted by janrinok on Sunday March 24 2024, @12:58PM   Printer-friendly

https://blog.torproject.org/new-release-tor-browser-13013/

"This is an unscheduled emergency release with important security updates to Firefox for Desktop platforms. Android is unaffected."

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/#CVE-2024-29944

Mozilla Foundation Security Advisory 2024-16
Security Vulnerabilities fixed in Firefox ESR 115.9.1

Announced
March 22, 2024

https://www.mozilla.org/en-US/security/advisories/mfsa2024-16/#CVE-2024-29944

CVE-2024-29944: Privileged JavaScript Execution via Event Handlers

Impact critical

Description

An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox.

Tails 6.0 is affected. Please update Tails 6.0 to the current version when they release it.


Original Submission

posted by martyb on Tuesday September 19 2023, @10:31PM   Printer-friendly

I *just* realized that an editor on SoylentNews, janrinok (AKA JR), has very recently attained a huge milestone on our site:

8,000 stories!

I can speak from personal experience that this represents a HUGE sacrifice of time and energy. He showed me the ropes in how to post a story. (There is FAR MORE than meets the eye to be an editor!) There was also the fact that in the early years of SoylentNews, he was simultaneously taking care of his severely ill wife. (She, sadly, passes away a few short years ago.) He endured some exceedingly heart-wrenching periods doing this. I have witnessed him posting stories even though he was beyond the point of exhaustion. So much so that his doctors *demanded* that he stop *everything* and take a break for many months.

So it may not appear to be a huge milestone, please take my word for it. It is!

posted by takyon on Saturday February 04 2023, @10:48PM   Printer-friendly
from the pop! dept.

China balloon: US shoots down airship over Atlantic

The US has shot down a giant Chinese balloon that it says has been spying on key military sites across America.

The Department of Defense confirmed its fighter jets brought down the balloon over US territorial waters.

Three airports were shut and airspace was closed off the coast of North and South Carolina as the military carried out the operation on Saturday.

Footage on US TV networks showed the balloon falling to the sea after a small explosion.

An F-22 jet fighter engaged the high-altitude balloon with one missile - an AIM-9X Sidewinder - and it went down about six nautical miles off the US coast at 14:39 EST (19:39 GMT), a defence official told reporters.

US President Joe Biden had been under pressure to shoot the balloon down since defence officials first announced they were tracking it on Thursday.

Second balloon spotted over Latin America:

On Friday, the Pentagon said a second Chinese spy balloon had been spotted - this time over Latin America with reported sightings over Costa Rica and Venezuela.

See also:

US downs Chinese balloon, a flashpoint in US-China tensions
From China to Big Sky: The Balloon That Unnerved the White House
3 Navy Warships, FBI Now Hunting for Wreckage of Chinese Spy Balloon off South Carolina
Biden's 'Sputnik moment': Is China's spy balloon political warfare?

posted by janrinok on Wednesday November 16 2022, @07:58AM   Printer-friendly

The launch of Artemis 1 has been successful - the next burn (trans lunar injection - TLI) is in about 20 minutes away to take Artemis on its way to the Moon.

TLI has begun and will last about 18 minutes.

[I am having problems with video stuttering - could be my ADSL connection (fibre? Wot fibre?) or it might be the load on the streaming video itself. Reporting may be patchy. Please update in the comments if you have more current information.]

TLI has now finished and Artemis is committed to a journey to the Moon. The main propulsion unit will now be jettisoned.

Propulsion unit now jettisoned and Artemis is using the European Service Module for its journey to the Moon. There are unlikely to be any newsworthy events happening for a while now. Bon Voyage Artemis 1!

posted by takyon on Thursday October 20 2022, @01:45PM   Printer-friendly
from the it's-OK,-she-hasn't-finished-unpacking-yet dept.

UK Prime Minister Liz Truss resigns after failed budget and market turmoil

U.K. Prime Minister Liz Truss resigned Thursday following a failed tax-cutting budget that rocked financial markets and which led to a revolt within her own Conservative Party.

Truss said in a statement outside Downing Street: "We set out a vision for a low-tax, high-growth economy that would take advantage of the freedoms of Brexit."

"I recognize though, given the situation, I cannot deliver the mandate on which I was elected by the Conservative Party. I have therefore spoken to His Majesty the King to announce that I am resigning as leader of the Conservative Party."

The party is now due to complete a leadership election within the next week, faster than the usual two-month period. Graham Brady, the Conservative politician that is in charge of leadership votes and reshuffles, told reporters he was now looking at how the vote could include Conservative MPs and the wider party members.

Truss was in office for just 44 days, on 10 of which government business was paused following the death of Queen Elizabeth II.

Live updates: BBC, The Guardian, CNN, NYT.

Liz Truss resigns as prime minister after Tory revolt
Liz Truss: UK prime minister resignation speech in full
Pound rallies as Liz Truss announces resignation

Liz Truss (Wikipedia).


Original Submission

posted by janrinok on Thursday September 08 2022, @06:12PM   Printer-friendly
from the R.I.P. dept.

https://www.bbc.co.uk/news/uk-61585886

Buckingham Palace has announced that Queen Elizabeth II has died.

posted by takyon on Friday July 08 2022, @04:55AM   Printer-friendly

Shinzo Abe, Japan's former prime minister, shot and hospitalized

Japanese former prime minister Shinzo Abe was shot on Friday while campaigning in the city of Nara, a government spokesman said, with public broadcaster NHK saying he appeared to have been shot from behind by a man with a shotgun.

Chief Cabinet Secretary Hirokazu Matsuno said he did not know Abe's condition. Kyodo news agency and NHK said Abe, 67, appeared to be in a state of cardiac arrest when taken to hospital.

See also: Former Japan PM Abe Unconscious After Shooting; Man in Custody
Live Updates: Shinzo Abe Is Unconscious After Apparently Being Shot

NHK, citing the police, said a suspect, Tetsuya Yamagami, 42, had been taken into custody. He was a Nara resident, the report said. Images shared on social media showed a man being tackled after the shooting.

Boris Johnson Agrees to Resign as Prime Minister

Boris Johnson said on Thursday that he would step down as Britain's prime minister, after a wholesale rebellion of his cabinet, a wave of government resignations and a devastating loss of party support prompted by his handling of the the latest scandal that has engulfed his leadership.

Mr. Johnson said he would stay on in his post until the Conservative Party chooses a new leader, which could take several months. He said he expected the timetable for his departure and the selection of a successor to be decided on Monday by a committee of senior Conservative lawmakers.

"It is clearly now the will of the parliamentary Conservative Party that there should be a new leader," Mr. Johnson said in remarks outside Downing Street. "The process of choosing that new leader should begin now."


Original Submission

posted by janrinok on Thursday February 24 2022, @07:52AM   Printer-friendly

Live: Updating.

Reuters: Russian forces launch invasion of Ukraine with strikes on defence

MOSCOW/KYIV, Feb 24 (Reuters) - Russian forces fired missiles at several cities in Ukraine and landed troops on its coast on Thursday, officials and media said, after President Vladimir Putin authorised what he called a special military operation in the east.

Shortly after Putin spoke in a televised address on Russian state TV, explosions could be heard in the pre-dawn quiet of the Ukrainian capital of Kyiv.

Gunfire rattled near the capital's main airport, the Interfax news agency said, and sirens were heard over the city.

WSJ: The Latest News on the Russia-Ukraine Crisis: Live Updates

Russian troops and tanks pushed into Ukraine and airstrikes hit the country's capital and more than a dozen other cities early Thursday after President Vladimir Putin said he ordered a military operation to "demilitarize and de-Nazify Ukraine" and bring its leaders to trial.

Ukrainian officials said an initial wave of strikes targeted military installations, airfields and government facilities across the country. Ukraine's border service said its troops came under attack all along the country's frontiers with Russia and Belarus as well as Crimea. Heavy shelling targeted the city of Mariupol on the Azov sea. Air-raid sirens sounded in Kyiv after 7 a.m. and the city's airport came under attack. Ukraine's military said it shot down five Russian warplanes and one helicopter. Russia denied any of its aircraft were hit.

CBS: NATO officials say Russian attack on Ukraine has begun

Russia has begun attacking Ukraine, NATO officials confirmed. The late-night attack began moments after Russian President Vladimir Putin announced that he had "decided to conduct a special military operation" to protect eastern Ukraine's Donbas region. CBS News correspondents reported hearing loud blasts in the capital city, Kyiv, and in the eastern city of Kharkiv.

A Ukrainian government spokesperson said early Thursday that "cruise and ballistic missile strikes are underway at the control centers" in Kyiv.

BBC: Ukraine conflict: Russian forces invade after Putin TV declaration

Russian forces have launched a military assault on neighbouring Ukraine, crossing its borders and bombing military targets near big cities.

In a pre-dawn TV statement Russian President Vladimir Putin said Russia did not plan to occupy Ukraine and demanded that its military lay down their arms.

Moments later, attacks were reported on Ukrainian military targets.

Ukraine said that "Putin has launched a full-scale invasion of Ukraine".

Russian military vehicles were said to have breached the border in a number of places, in the north, south and east, including from Belarus.

posted by janrinok on Wednesday December 22 2021, @02:12PM   Printer-friendly
from the Assange dept.

[Editor's Note: This is how we received it. We are searching for anything else but the claim that Assange is (being) extradited is currently unsubstantiated.]

Assange is extradited to die in the US empire.
Wikileaks now puts EVERYTHING online in return.
https://file.wikileaks.org/file/?fbclid=IwAR2U_Evqah_Qy2wxNY12FMqFC5dAFUcZL5Kl4FIfQuMFMp8ssbM46oHXWMI


Original Submission