SoylentNews

martyb writes:

Computerworld has just posted a story warning that you should immediately hold off installing any of Intel's Meltdown/Spectre microcode fixes.

From Belay That Order: Intel Says you Should NOT Install its Meltdown Firmware Fixes:

The warning, which encompasses just about every Intel processor out there, from all PC manufacturers, takes effect immediately. And there's no indication when it will get fixed.

You know how you're supposed to flash the BIOS or update the UEFI on all of your Intel machines, to guard against Meltdown/Spectre? Well, belay that order, private! Intel just announced that you need to hold off on all of its new patches. No, you can't uninstall them. To use the technical term, if you ran out and applied your Intel PC's latest firmware patch, you're hosed.

In what appears to be a catastrophic curtain call to the "oops" moment that I discussed ten days ago, it now seems that the bright, new firmware versions — which Intel has had six months to patch — have a nasty habit of causing "higher system reboots."

According to executive vice president Navin Shenoy, on the Intel Newsroom site, the current advice is:

We recommend that OEMs, cloud service providers, system manufacturers, software vendors and end users stop deployment of current versions, as they may introduce higher than expected reboots and other unpredictable system behavior.

And that covers just about everybody in the sentient non-ARM universe.

While the affected products site[*] doesn't list individual chips, the breadth of the recall is breathtaking — second-, third-, fourth-, fifth-, sixth-, seventh- and eighth-generation Core processors, Xeon, Atom, and lesser Core i3, i5 and i7 processors — they're all in the bin.

takyon writes:

After 10 PM EST on Friday, The U.S. Senate rejected a deal that would fund the U.S. government for another month:

Only five Democrats voted to advance the bill — Sens. Joe Manchin (W.Va.), Joe Donnelly (Ind.), Heidi Heitkamp (N.D.) and Claire McCaskill (Mo.), who are all up for reelection this year in states carried by President Trump in 2016 election, and newly-elected Sen. Doug Jones (D-Ala.).

Republicans were also not united, as Sens. Rand Paul (Ky.), Lindsey Graham (S.C.), Mike Lee (Utah) and Jeff Flake (Ariz.) also voted against advancing the legislation. Sen. John McCain (R-Ariz.), who is battling brain cancer, was absent.

The procedural vote remained open late Friday, though it needed 60 votes to pass and was well short of that number with 48 senators voting against it.

Senate Majority Leader Mitch McConnell and Senate Minority Leader Charles Schumer continued to negotiate after the vote opened (archive), but no deal has been reached yet. As of midnight (5 minutes before this story went live), the government shutdown was in effect.

At Wikipedia: Deferred Action for Childhood Arrivals (DACA) and Children's Health Insurance Program (CHIP). Government shutdowns in the United States.

• What's the Government Shutdown 'About'?
• D.C. Stays Open This Time Around — Even If Federal Government Shuts Down
• Senate Lacks Votes to Advance GOP Spending Bill: Shutdown Update
• The CHIP Debacle Shows Democrats Need to Put the Government on Autopilot
• 'We Have to Stand Our Ground.' Activists Push Democrats to Fight for DACA Recipients in Shutdown
• Shutdown? It Could Be Forgotten in a Trumpian Flash
• Analysis: Emboldened Democrats take a risk on a shutdown

BK writes:

From the NY Daily News (and covered almost everywhere):

A Kansas man shot to death by police earlier this week was the victim of a misdirected online prank known as "swatting," according to social media chatter.

The victim, identified as Andrew Finch, was gunned down on Thursday night after cops responded to his Wichita home amid a false report that he had shot his father to death and was holding his mother, brother and sister hostage.

A responding officer fatally shot Finch, 28, when he came to the front door, Wichita deputy police chief Troy Livingston said during a press conference. Livingston declined to comment on what triggered the officer to open fire and would not say whether Finch was armed.

Police briefing (10m8s). Body camera footage (53s).

I'm speechless.

takyon: The swatting was quickly linked to a dispute between two Call of Duty players:

On Twitter, more than a dozen people who identified themselves as being in the gaming community told The Eagle that a feud between two Call of Duty players sparked one to initiate a "swatting" call. After news began to spread about what happened Thursday night, the people in the gaming community, through Twitter posts, pointed at two gamers.

"I DIDNT GET ANYONE KILLED BECAUSE I DIDNT DISCHARGE A WEAPON AND BEING A SWAT MEMBER ISNT MY PROFESSION," said one gamer, who others said made the swatting call. His account was suspended overnight.

According to posts on Twitter, two gamers were arguing when one threatened to target the other with a swatting call. The person who was the target of the swatting gave the other gamer a false address, which sent police to a nearby home instead of his own, according to Twitter posts. The person who was to be the target of the swatting sent a Tweet saying, "Someone tried to swat me and got an innocent man killed." [...] Dexerto, a online news service focused on gaming and the Call of Duty game, reported the argument began over a $1 or $2 wager over the game.

Update: 911 Call from suspect (4m58s).

Brian Krebs conversed with the apparent suspect over Twitter.

Original Submission

takyon writes:

Report: At least 6 dead after Amtrak train derails from bridge onto Interstate 5 near Olympia

Several people were killed Monday morning when an Amtrak train derailed and fell off a bridge over Interstate 5 near Mounts Road between Lakewood and Olympia. The Associated Press, citing an unnamed U.S. official, reported that at least six people were killed in the crash. Gov. Jay Inslee has called a state of emergency in response to the derailment.

Pierce County Sheriff's spokesman Ed Troyer told news media that there were fatalities on the train and that motorists had been injured, but not killed. A total of 77 people were sent to hospitals in Pierce and Thurston counties, according to CHI Franciscan Health, which operates numerous hospitals in Western Washington. Four of the injured are "level red" patients, with critical injuries. The injured are being taken to St. Joseph Medical Center in Tacoma, St. Claire Hospital in Lakewood, St. Anthony Hospital in Gig Harbor and Tacoma General Hospital and Providence St. Peter Hospital in Olympia.

There were 78 passengers and five crew members on the train when it derailed, according to Amtrak.

The train was running on a new, faster service route using a new bypass. This was the first day that the new route was used.

Also at CNN. Amtrak statement about service disruption.

Original Submission

canopic jug writes:

• F.C.C. Repeals Net Neutrality Rules
• FCC votes to repeal net neutrality rules
• "Net neutrality is the secret sauce that has made the internet awesome"
• FCC overturns net neutrality rules, but supporters pledge to continue fight

WASHINGTON — The Federal Communications Commission voted on Thursday to dismantle rules regulating the businesses that connect consumers to the internet, granting broadband companies the power to potentially reshape Americans' online experiences.

The agency scrapped the so-called net neutrality regulations that prohibited broadband providers from blocking websites or charging for higher-quality service or certain content. The federal government will also no longer regulate high-speed internet delivery as if it were a utility, like phone service.

The action reversed the agency's 2015 decision, during the Obama administration, to have stronger oversight over broadband providers as Americans have migrated to the internet for most communications. It reflected the view of the Trump administration and the new F.C.C. chairman that unregulated business will eventually yield innovation and help the economy.

It will take weeks for the repeal to go into effect, so consumers will not see any of the potential changes right away. But the political and legal fight started immediately. Numerous Democrats on Capitol Hill called for a bill that would reestablish the rules, and several Democratic state attorneys general, including Eric T. Schneiderman of New York, said they would file a suit to stop the change.

Original Submission

pkrasimirov writes:

Explosion in Baumgarten (Austria) gas transit plant, russian gas delivery halted for Austria, Slovakia, Hungary, Slovenia, and Croatia. Italy declares energy crisis. Gas price in Europe jumps ~20%. Crude oil futures rise too.

* https://www.youtube.com/watch?v=IMyiQtm56co (far away video)
* http://www.telegraph.co.uk/news/2017/12/12/least-one-killed-18-injured-explosion-austrian-gas-plant/
* https://www.express.co.uk/news/world/891284/Austria-gas-plant-blast-Europe-energy-crisis-fuel-shortages-Italy-state-emergency
* https://www.bloomberg.com/news/articles/2017-12-12/u-k-gas-surges-after-explosion-in-austria-tightens-supply

UPDATE from: http://www.bbc.com/news/world-europe-42321217

Police have cordoned off the area. Some victims suffering burns have been airlifted out by helicopter, Austrian ORF news reports.

One unconfirmed report spoke of 60 hurt.

"I heard a huge explosion and thought at first it was a plane crash," photographer Thomas Hulik, who lives in a nearby village in Slovakia, told AFP news agency. "Then I saw an immense ball of flame."

Gas Connect said the incident should have no effect on gas deliveries to Austria but those to Italy and Croatia might be reduced.

Meanwhile, Russia's Gazprom Export said it was working to redirect gas flows.

It said it was "doing everything possible to secure uninterrupted gas supplies" to customers in the region.

Spot prices rose sharply across Europe after the incident.

Original Submission

Absolutely.Geek writes:

You can log in as root on the latest version of MacOS by pressing enter on the login prompt a few times. Just type in root as the user and press enter. There you go no password required.

Not sure what else to say; is this the stupidest massive security hole ever?

From Extreme Tech:

Reproing the bug is simple (at least until Apple fixes it): Type the login "root," then move the cursor into the password field and hit enter several times. It also apparently works if you simply hit the "login" button several times rather than using the keyboard, though a few tries may be necessary.

This was also reported at Ars Technica. Beware that the behavior seems to be that if you do not already have a root account with a (preferably strong) password, this bug essentially creates a root account with an empty password. Attempting this on your own system should be followed up by ensuring that any root a count has a strong password.

There is a patch that has just been made available; again according to Ars Technica:

Yesterday we learned that Apple had made a serious security error in macOS—a bug that, under certain conditions, allowed anyone to log in as a system administrator on a Mac running High Sierra by simply typing in "root" as the username and leaving the password field blank. Apple says that vulnerability has now been fixed with a security update that became available for download this morning on the Mac App Store. Further, the update will automatically be applied to Macs running High Sierra 10.13.1 later today.

Apple's brief notes for this security update (Security Update 2017-001) explain the bug by saying, "A logic error existed in the validation of credentials," and claims the problem has been addressed "with improved credential validation."

Original Submission

takyon writes:

North Korea's latest missile launch appears to put Washington, D.C., in range (archive)

North Korea appears to have launched another intercontinental ballistic missile, the Pentagon said Tuesday, with experts calculating that Washington, D.C., is now technically within Kim Jong Un's reach.

[...] The missile launched early Wednesday local time traveled some 620 miles and reached a height of about 2,800 miles before landing off the coast of Japan, flying for a total of 54 minutes. This suggested it had been fired almost straight up — on a "lofted trajectory" similar to North Korea's two previous intercontinental ballistic missile tests. [...] If it had flown on a standard trajectory designed to maximize its reach, this missile would have a range of more than 8,100 miles, said David Wright, co-director of the global security program at the Union of Concerned Scientists. [...] The U.S. capital is 6,850 miles from Pyongyang.

Although it may be cold comfort, it is still unlikely that North Korea is capable of delivering a nuclear warhead to the U.S. mainland. Scientists do not know the weight of the payload the missile carried, but given the increase in range, it seems likely that it carried a very light mock warhead, Wright said. "If true, that means it would not be capable of carrying a nuclear warhead to this long distance, since such a warhead would be much heavier," he said in a blog post.

Original Submission

takyon writes:

[Update: The launch was delayed to the end of the 5-minute launch window because of a vessel in the safety area in the bay. Launch was successful. Second-stage separation went cleanly and the Cygnus supply ship is on course for its journey to the International Space Station. NASA TV coverage resumes for solar array deployment scheduled at 8:45 EST (13:45 UTC) --martyb]

[Update 2: Solar array deployment was successful and "the cargo craft is set to fine-tune its approach to the space station with a series of thruster firings over the next two days." - Fnord666]

Antares launch to resupply space station halted by wayward airplane

Managers aborted liftoff of a commercial Antares cargo launcher Saturday when an aircraft strayed into restricted airspace near the rocket's planned flight path east from Virginia's Eastern Shore.

The Antares rocket and a Cygnus supply ship, both owned by Orbital ATK, were ready for liftoff at 7:37 a.m. EST (1237 GMT) Saturday. The launch team loaded kerosene and liquid oxygen propellants into the first stage of the Antares booster, and a computer-controlled countdown sequencer took over for the final three minutes before liftoff.

But an unidentified aircraft ventured into the safety zone surrounding the rocket and its planned trajectory over the Atlantic Ocean. "LC, LC, we are red," a member of the launch team told Adam Lewis, Orbital ATK's launch conductor. "We have an aircraft in the hazard area." "Copy that," Lewis replied. "Abort, abort, abort. This is LC on the countdown net. Abort, abort, abort. Proceed to the abort safing checklist."

Another attempt will be made today (Sunday) at 7:14 AM EST (1214 GMT). You can watch coverage on NASA TV starting right now.

Also at Spaceflight Insider.

Original Submission

Paradise papers - leaked document trove show Trump officials, Queen Elizabeth's offshore tax dodges

c0lo writes:

While you were doing whatever you were doing last Sunday, the International Consortium of Investigative Journalists - the same that brought you the Panama papers less than two years ago revealed itself to be in the possession of a 13.4 million leaked documents on tax dodgers.

A trove of 13.4 million records exposes ties between Russia and U.S. President Donald Trump's billionaire commerce secretary, the secret dealings of the chief fundraiser for Canadian Prime Minister Justin Trudeau and the offshore interests of the queen of England and more than 120 politicians around the world.

The leaked documents, dubbed the Paradise Papers, show how deeply the offshore financial system is entangled with the overlapping worlds of political players, private wealth and corporate giants, including Apple, Nike, Uber and other global companies that avoid taxes through increasingly imaginative bookkeeping maneuvers.

One offshore web leads to Trump's commerce secretary, private equity tycoon Wilbur Ross, who has a stake in a shipping company that has received more than $68 million in revenue since 2014 from a Russian energy company co-owned by the son-in-law of Russian President Vladimir Putin.

In all, the offshore ties of more than a dozen Trump advisers, Cabinet members and major donors appear in the leaked data.

The new files come from two offshore services firms as well as from 19 corporate registries maintained by governments in jurisdictions that serve as waystations in the global shadow economy. The leaks were obtained by German newspaper Süddeutsche Zeitung and shared with the International Consortium of Investigative Journalists and a network of more than 380 journalists in 67 countries.

Federal authorities are responding to a shooting at the First Baptist Church in Sutherland Springs, Texas, a small community southeast of San Antonio.

In a press conference Sunday night, an official from the Texas Department of Public Safety described the scene: Around 11:20 am, the suspect, dressed in black, approached the church and began firing an assault rifle. He then entered the church and continued firing.

Gov. Greg Abbott confirmed that at least 26 people were killed. A Texas Department of Public Safety official said the ages of the victims ranged from 5 to 72 years old. The AP reports that the pastor's 14-year-old daughter is among the dead.

The Department of Public Safety confirmed to NPR that at least 20 others were wounded. A DPS official said in the press conference that the gunman was confronted by an armed civilian outside of the church.

The shooter, who was found dead in neighboring Guadalupe County, has been identified as Devin Kelley, 26, a former Air Force member.

DeathMonkey and an Anonymous Coward submitted an NPR story, which has been updated since being posted. The Justice Department has unsealed charges against three former aides of President Donald Trump, as part of an investigation led by special counsel Robert Mueller:

Manafort and Gates, were charged with "conspiracy against the United States," "conspiracy to launder money" and other offenses. The two were expected in court in Washington by the afternoon.

The Justice Department indictment on Manafort and Gates contains 12 counts: "conspiracy against the United States, conspiracy to launder money, unregistered agent of a foreign principal, false and misleading FARA statements, false statements, and seven counts of failure to file reports of foreign bank and financial accounts."

Papadopoulos pleaded guilty to making false statements to the FBI.

The Manafort and Gates indictment unsealed on Monday morning does not make any reference to Russia's influence campaign against the presidential election, but it does allege extensive financial ties between Manafort and Gates and powerful Ukrainians.

The Papadopoulos materials, on the other hand, detail the many contacts investigators say he had with Russian-linked operatives. He met at least two people, a man and a woman, who the FBI says were working for the Russian government and had boasted to him about the help it could offer the Trump campaign against Clinton.

Original Submission #1  Original Submission #2  Original Submission #3 

An Anonymous Coward writes:

This afternoon, Catalonia declared independence. At the same time, Spain invoked article 155, to strip Catalonia from its governing powers putting it under direct rule from the federal government. A vote for independence was raised in Catalonian parliament, with part of parliament leaving before the vote on independence started. The motion declaring independence was approved with 70 in favor, 10 against, and two abstentions of the normal 135 total.

From RT: https://www.rt.com/news/407956-catalan-parliament-votes-independence/
From Aljazeera: http://www.aljazeera.com/news/2017/10/catalan-parliament-begins-vote-independence-171027115908493.html
From BBC: http://www.bbc.com/news/world-europe-41780116

It will be interesting to see how things unfold. In my opinion, Madrid using violence to stop a referendum gave it the legality they later claim the referendum didn't have. The lack of dialogue paved the way into the only possible outcome, Catalonia declaring independence and Madrid denying it. Whatever happens next, I hope will be peaceful. As to how the EU reacts, I'm hoping they ask for an official referendum, and whatever the outcome, pledges that both Catalonia and Spain will be able to remain in the EU if they desire. That may release tensions a bit.

Original Submission

takyon writes:

Update: 2,800 documents will be released tonight, others may be released on April 26, 2018.

Update 2: Documents have been released.

Update 3: Check this live feed: JFK files: government releases classified assassination documents – live

John F. Kennedy, often better known as JFK, was the United States of America's 35th President. He was assassinated on November 22, 1963.

The deadline for the release of redacted and withheld records from the JFK Assassination Records Collection is today. Of the approximately 5 million pages in the collection, about 11% are redacted and 1% are withheld in full:

According to the [JFK Assassination Records Collection Act], all [JFK assassination-related] records previously withheld either in part or in full should be released on October 26, 2017, unless authorized for further withholding by the President of the United States. The 2017 date derives directly from the law that states:

Each assassination record shall be publicly disclosed in full, and available in the Collection no later than the date that is 25 years after the date of the enactment of this Act, unless the President certifies, as required by this Act, that –

(i) continued postponement is made necessary by an identifiable harm to military defense, intelligence operations, law enforcement or conduct of foreign relations; and

(ii) the identifiable harm is of such gravity that it outweighs the public interest in disclosure.

The Act was signed by President Bush on October 26, 1992, thus the final release date is October 26, 2017.

Some records related to grand jury information and tax return information will remain withheld, as specified in Sections 10 and 11 of the Collection Act.