Stories
Slash Boxes
Comments

SoylentNews is people

Breaking News

Log In

Log In

Create Account  |  Retrieve Password


Site News

Join our Folding@Home team:
Main F@H site
Our team page


Funding Goal
For 6-month period:
2019-01-01 to 2019-06-30
(All amounts are estimated)
Base Goal:
$2000.00

Currently:
$2000.00
100.0%
Stretch Goal:
$1000.00

Currently:
$440.25
44.0%

Covers transactions:
2019-01-01 00:00:00 ..
2019-06-18 11:49:55 UTC
(SPIDs: [1022..1121])
Last Update:
2019-06-19 10:49:57 UTC
--martyb


Support us: Subscribe Here
and buy SoylentNews Swag


We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.

posted by janrinok on Tuesday May 29 2018, @12:54PM   Printer-friendly
from the again dept.

A man has shot dead two police officers and a civilian in the eastern Belgian city of Liège.

The gunman took a female cleaner hostage at a school before being killed by police. Two other police officers were also injured.

The man's motive is not yet clear but the incident is being treated as terrorism.

Police sources quoted in local media said the man was heard shouting "Allahu Akbar" ("God is greatest" in Arabic).

Belgian broadcaster RTBF said the gunman was let out from prison on temporary release on Monday where he had been serving time on drug offenses. It said that he may have been radicalised while in jail.

The shooting unfolded late morning on Tuesday near a cafe in the city centre.

Update: 16:56 UTC

More recent reporting states:

https://edition.cnn.com/2018/05/29/europe/liege-shooting-intl/index.html

The incident occurred at around 10:30 a.m. when an assailant stabbed two policewomen from behind, before stealing their service weapons and using them on the officers, Liege Prosecutor Philippe Dulieu said at a news conference on Tuesday.

After killing the two officers, the attacker continued walking through the street and opened fire on a parked vehicle, fatally wounding the driver inside, Dulieu added.

https://news.sky.com/story/belgian-police-launch-terror-probe-after-shooting-of-police-and-bystander-11388883

The gunman also killed a 22-year-old male car passenger on the Boulevard d'Avory, before taking a female cleaner hostage at a nearby high school.

She was released when police shot dead the attacker, who has been named by local media as Belgian national Benjamin Herman.

See also, thanks to C0lo:


Original Submission

posted by takyon on Monday May 14 2018, @07:55AM   Printer-friendly
from the pretty-grotesque-problem dept.

Ars Technica is reporting that there are critical PGP and S/MIME bugs which can reveal encrypted e-mails. Their advice is to uninstall the plugins, for the time being. More information will be released tomorrow (Tuesday at 07:00 UTC, 3:00 AM EDT, midnight PDT).

Little is publicly known about the flaws at the moment. Both Schinzel and the EFF blog post said they will be disclosed late Monday night California time in a paper written by a team of European security researchers. Schinzel's Twitter messages used the hashtag #efail, a possible indication of the name the researchers have given to their exploit.

The EFF also published a warning, Attention PGP Users: New Vulnerabilities Require You To Take Action Now:

A group of European security researchers have released a warning about a set of vulnerabilities affecting users of PGP and S/MIME. EFF has been in communication with the research team, and can confirm that these vulnerabilities pose an immediate risk to those using these tools for email communication, including the potential exposure of the contents of past messages.

The full details will be published in a paper on Tuesday at 07:00 AM UTC (3:00 AM Eastern, midnight Pacific). In order to reduce the short-term risk, we and the researchers have agreed to warn the wider PGP user community in advance of its full publication.

The EFF also gives additional advice on disabling PGP in Thunderbird with Enigmail as well as other mail and mail-like clients.

takyon: The embargo is broken and the full details, including the paper (PDF), have been published.


Original Submission #1Original Submission #2

posted by takyon on Friday April 27 2018, @05:30AM   Printer-friendly
from the DMZ-dance dept.

North Korea's Kim Jong-un crosses into South Korea

Kim Jong-un has become the first North Korean leader to set foot in South Korea by crossing the military line that has divided the peninsula since the end of the Korean War in 1953. In a moment rich with symbolism and pomp, South Korean leader Moon Jae-in and Mr Kim shook hands at the border. Mr Kim said he hoped for "frank" discussion in a warm opening exchange.

Just months ago North Korean rhetoric was warlike, but now they may discuss a peace treaty and nuclear weapons. Much of what the summit will focus on has been agreed in advance, but many analysts remain deeply sceptical about the North's apparent enthusiasm for engagement.

Also at The Guardian (live) and Reuters:

During their private meeting, Kim told Moon he came to the summit to end the history of conflict and joked he was sorry for keeping Moon up with his late night missile tests, a South Korean official said.

North Korea's nuclear site collapse may be reason Kim Jong Un ceased bomb tests, scientists say

North Korea's nuclear test site has collapsed after the region sustained damage from five nuclear blast trials, Chinese scientists said Wednesday — leading many to believe it may be the reason why Kim Jong Un suddenly announced the rogue regime would freeze its nuclear and missile tests.


Original Submission #1Original Submission #2

posted by martyb on Saturday April 14 2018, @02:09AM   Printer-friendly

Submitted via IRC for chromas

President Trump announced Friday night that the U.S. and its allies had launched attacks on Syria in response to an alleged chemical weapons attack last week by President Bashar Assad's regime.

In televised remarks from the White House, Trump said the attacks were underway, and that Great Britain and France were also taking part.

The president did not provide details, but U.S. warships in the Mediterranean Sea, armed with cruise missiles, were in position to strike. British and French forces were also in place.

[...] The president said the U.S. prepared to sustain effort until the Syrian regime stops using chemical weapons.

[...] In the days leading up to the U.S. attack, Russia had warned that it would defend its troops in Syria. This has raised fears of a possible direct clash of U.S. and Russian forces.

Source: https://www.npr.org/sections/thetwo-way/2018/04/13/601794830/u-s-launches-attacks-on-syria

Also at Bloomberg and The Guardian


Original Submission

posted by chromas on Tuesday April 03 2018, @09:47PM   Printer-friendly
from the oh-FFS-another dept.

Submitted via IRC for fyngyrz

From NPR:

Police are responding to an active shooter at the headquarters of YouTube. A hospital has received "several" patients from the incident, a spokesman says.

Local TV news reports show pictures of people evacuating a building with their hands over their heads. Each person was being frisked by a police officer, apparently to make sure that they pose no threat.

Local law enforcement officials have not issued any information.

From Reuters:

Police in San Bruno warned people in a Twitter message to stay away from the address where YouTube, owned by Alphabet Inc's Google, is based.

"We are responding to an active shooter. Please stay away from Cherry Ave & Bay Hill Drive," San Bruno police said on Twitter.

Lisa Kim, a spokeswoman for Stanford Health Care, said the hospital was receiving between four to five patients from the shooting incident at the YouTube offices.


Original Submission

posted by takyon on Wednesday March 21 2018, @10:55AM   Printer-friendly
from the went-out dept.
Austin bomb suspect blows self up as SWAT team approached

The suspect in a spate of bombings that terrorized residents of Austin, Texas, died after detonating an explosive inside his vehicle as a SWAT team approached to apprehend him on the side of a highway, officials said.

Early Wednesday, authorities tracked the suspect — a 24-year-old white man — to a hotel in Round Rock, a city in the Austin metropolitan area, Austin Police Chief Brian Manley told a news conference early Wednesday.

They tracked his vehicle until it pulled over on Interstate 35 and the suspect "detonated a bomb inside the vehicle, knocking one of our SWAT officers back and one of our officers fired on the vehicle as well," Manley said.

Austin serial bombings.

Also at CNN, BBC, and Bloomberg.

Previously: Two Injured in Fourth Package Bombing Incident this Month in Austin, Texas

posted by martyb on Tuesday March 13 2018, @10:57PM   Printer-friendly
from the or-else? dept.

The UK says that a Soviet-developed Novichok nerve agent was used against Sergei Skripal, his daughter, and bystanders, and has given Russia "until midnight tonight" to explain how it came to be used:

British Foreign Secretary Boris Johnson said Tuesday that Russia has "until midnight tonight" to explain how a lethal Novichok nerve agent that was developed in Russia came to be used on U.K. soil. Johnson said Britain is preparing to take "commensurate but robust" action.

Reiterating British Prime Minister Theresa May's statement that it was "highly likely" Russia was to blame for the poisoning of former Russian spy Sergei Skripal and his daughter, Yulia, Johnson said, "the use of this nerve agent would represent the first use of nerve agents on the continent of Europe since the Second World War."

Meanwhile, police are probing the death of a Russian exile living in London:

Nikolai Glushkov, a Russian exile who was a close friend of a noted critic of President Vladimir Putin, has died from an "unexplained" cause in London, police say. The Metropolitan Police says that its counter-terrorism unit is handling the case "because of associations that the man is believed to have had."

Glushkov, 68, was a close friend of former Russian oligarch Boris Berezovsky, a prominent critic of the Kremlin who was found dead in 2013. At the time, an inquiry found he had hanged himself — but Glushkov publicly disputed the idea that his friend and former business ally would have killed himself.

As British media began reporting Glushkov's death, the police issued a statement saying, "An investigation is underway following the death of a man in his 60s in Kingston borough."

Previously: Former Russian Spy Exposed to "Unknown Substance" in Salisbury, England
Use of Nerve Agent Confirmed in Skripal Assassination Attempt


Original Submission

posted by martyb on Friday March 02 2018, @12:04AM   Printer-friendly
from the Danger-Will-Robinson!-Danger! dept.

[Ed note: After this story was submitted, it became known that there was a remote code execution (RCE) vulnerability on the Trustico web site which allowed malicious users to run arbitrary code as root on the server. Story at Ars Technica: Trustico website goes dark after someone drops critical flaw on Twitter. Link to the tweet. As of the time of this writing, the Trustico web site is unavailable. --martyb]

23,000 HTTPS certs will be axed in next 24 hours after private keys leak

Customers of HTTPS certificate reseller Trustico are reeling after being told their website security certs – as many as 23,000 – will be rendered useless within the next 24 hours.

This is allegedly due to a security blunder in which the private keys for said certificates ended up in an email sent by Trustico. Those keys are supposed to be secret, and only held by the cert owners, and certainly not to be disclosed in messages. In the wrong hands, they can be used by malicious websites to masquerade as legit operations.

Unless the affected certificates are replaced in time, visitors to websites using Trustico-sold HTTPS certs will be turned away by their browsers, due to the digital certificates being revoked.

The whole situation is a mess, and possibly the result of a turf war. Here's what we've managed to ascertain.

What is Trustico?

Trustico, based in Croydon, UK, touted SSL/TLS certificates, which are used by websites to encrypt and secure their connections. It resold certs from the Symantec brand umbrella: Symantec, GeoTrust, Thawte, and RapidSSL. This umbrella is now owned and operated by DigiCert.

If you wanted to buy, say, a RapidSSL-issued certificate, you could do so via Trustico. The HTTPS cert ultimately leads back, along a chain of trust, to DigiCert, a root certificate authority trusted by web browsers and other software. In turn, a website presenting the Trustico-sold cert is trusted, its traffic secured using encryption, and the reassuring green padlock is displayed in visitors' browsers.

Why are the certificates being revoked?

According to DigiCert's chief product officer Jeremy Rowley earlier today, Trustico told DigiCert in early February that its resold certificates had been in some way "compromised," and that the certs needed to be mass revoked as a result.

DigiCert staff, we're told, asked Trustico for more information on this security mishap. The reseller replied it had a copy of the private keys, which is usually grounds for revocation, and thus insisted that DigiCert revoke the certificates.

When pressed for evidence, Trustico on Wednesday simply emailed DigiCert 23,000 certificates' private keys as proof it held this information, it is claimed. This forced DigiCert's hand: under the rulebook of standards set by the elders of the certificate security and browser worlds, the Trustico-sold certificates had to be revoked as a precaution within 24 hours. Specifically, the ones with their private keys in the email will be canceled.


Original Submission

Today's News | May 30 | May 28  >