SoylentNews

EasyJet Says Cyberattack Exposed Data of 9 Million Customers

upstart writes in with an IRC submission:

EasyJet says cyberattack exposed data of 9 million customers:

UK budget airline EasyJet reported on Tuesday that hackers accessed the email addresses and travel details of more than 9 million customers in a "highly sophisticated" cyberattack. The hackers also accessed the credit card details of 2,208 customers.

The airline in the coming days will contact customers whose details were exposed in the breach. It has already contacted, and offered support to, those whose credit card information was accessed.

[...] As soon as the airline became aware of the attack, it took steps to respond to and manage the incident and engaged forensic experts to investigate the issue, EasyJet said. It also notified the National Cyber Security Centre and the ICO, the UK's data protection watchdog.

"We have a live investigation into the cyber attack involving easyJet," said a spokeswoman for the ICO in a statement. "People have the right to expect that organisations will handle their personal information securely and responsibly. When that doesn't happen, we will investigate and take robust action where necessary."

The ICO will be able to examine whether EasyJet should be fined under Europe's General Data Protection Regulation (GDPR), which is part of UK law.

upstart writes in with an IRC submission for carny:

SD cards hop on the PCIe 4.0 bus to hit 4GB/s with version 8.0 of storage spec:

As outlined in a whitepaper [PDF] this month, the new spec will let existing SD Express and microSD Express cards employ PCIe 4.0 and NVMe to deliver a top speed data transfer speed of [3938 MB/s].

While the new spec is backwards-compatible, the latest top speed will only come with a card reader capable of connecting to the extra row of pins present on SD Express cards that support dual PCIe lanes.

[...] The good news is that SD Express and microSD Express cards can still get to 1970 MB/s on a device with a single PCIe 4.x lane under version 8 of the specification, and SD Express can get there with a pair of 3.x lanes. Which is rather faster than many SSDs and, as SD Express can climb to 128TB on a single card, a rather tasty storage option.

Also at The Verge, PetaPixel, and Yahoo! Finance.

Original Submission

upstart writes in with an IRC submission:

NASA's human spaceflight chief just resigned, and the timing couldn't be worse:

On Tuesday, NASA announced that its chief of human spaceflight had resigned from the space agency. The timing of Doug Loverro's departure is terrible, with NASA's first launch of humans in nearly nine years due to occur in just eight days.

[...] "Associate Administrator for Human Exploration and Operations Doug Loverro has resigned from his position effective Monday, May 18," the statement said. "Loverro hit the ground running this year and has made significant progress in his time at NASA. His leadership of HEO has moved us closer to accomplishing our goal of landing the first woman and the next man on the Moon in 2024. Loverro has dedicated more than four decades of his life in service to our country, and we thank him for his service and contributions to the agency."

upstart writes in with an IRC submission:

Bluetooth Bugs Allow Impersonation Attacks on Legions of Devices:

Academic researchers have uncovered security vulnerabilities in Bluetooth Classic that allows attackers to spoof paired devices: They found that the bugs allow an attacker to insert a rogue device into an established Bluetooth pairing, masquerading as a trusted endpoint. This allows attackers to capture sensitive data from the other device.

The bugs allow Bluetooth Impersonation Attacks (BIAS) on everything from internet of things (IoT) gadgets to phones to laptops, according to researchers at the École Polytechnique Fédérale de Lausanne (EPFL) in France. The flaws are not yet patched in the specification, though some affected vendors may have implemented workarounds.

"We conducted BIAS attacks on more than 28 unique Bluetooth chips (by attacking 30 different devices)," the researchers said. "At the time of writing, we were able to test chips from Cypress, Qualcomm, Apple, Intel, Samsung and CSR. All devices that we tested were vulnerable to the BIAS attack."

martyb writes:

2 Dams Fail in Michigan, Forcing Thousands to Evacuate :

Severe flooding struck central Michigan on Wednesday after two dams were breached and days of heavy rainfall, forcing the evacuation of thousands of residents and prompting officials to warn of life-threatening danger.

The failures on Tuesday of the Edenville Dam and the Sanford Dam, about 140 miles northwest of Detroit, led the National Weather Service to issue a flash flood warning for areas near the Tittabawassee River, with downstream effects expected from Midland to Saginaw overnight. Residents in nearby towns, including Edenville, Sanford and Midland, were evacuated.

Gov. Gretchen Whitmer said at a news conference on Tuesday that downtown Midland, with a population of more than 41,000, could be under nine feet of water by Wednesday morning.

[...] The Tittabawassee River was expected to crest at 38 feet by 8 a.m. Wednesday, more than four feet higher than its record of 34 feet set in 1986. The flood stage is at 24 feet.

Dow Chemical Company, based in Midland, has activated its emergency operations center and will be adjusting operations, Rachelle Schikorra, a spokeswoman, told The Associated Press.

According to Detroit Free Press:

In 2018, the Federal Energy Regulatory Commission revoked the license of the company that operated the Edenville Dam due to non-compliance issues that included spillway capacity and the inability to pass the most severe flood reasonably possible in the area.

The Edenville Dam, which was built in 1924, was rated in unsatisfactory condition in 2018 by the state. The Sanford Dam, which was built in 1925, received a fair condition rating.

Original Submission

martyb writes:

Scientists suffer headaches when penguin poop turns into 'truly intense' laughing gas:

King penguins are big birds. The Antarctica residents eat a lot of seafood and make a lot of guano. It's all part of the circle of life, but it's created some challenges for scientists researching the birds.

University of Copenhagen professor Bo Elberling contributed to a penguin-poop study published this week in the journal Science of the Total Environment. The paper investigated the relationship between the bird guano and fluxes in soil greenhouse gases. Nitrous oxide[*], widely known as laughing gas, is one of those gases.

"Penguin guano produces significantly high levels of nitrous oxide around their colonies. The maximum emissions are about 100 times higher than in a recently fertilized Danish field," Elberling said in a University of Copenhagen release.

[...] The research team analyzed soil and feces samples collected in Antarctica. The king penguin diet is high in nitrogen. What goes in one end comes out the other. Once on the ground, soil bacteria goes to work turning the nitrogen into laughing gas.

"After nosing about in guano for several hours, one goes completely cuckoo," Elberling said. "One begins to feel ill and get a headache."

Journal Reference:
Peiyan Wang, Ludovica D'Imperio, Elisabeth M. Biersma, et al. Combined effects of glacial retreat and penguin activity on soil greenhouse gas fluxes on South Georgia, sub-Antarctica, Science of The Total Environment (DOI: 10.1016/j.scitotenv.2019.135255)

[*] Wikipedia entry on Nitrous Oxide (N₂O)

See also Researchers go cuckoo: Antarctic penguins release an extreme amount of laughing gas

Original Submission

DannyB writes:

Cell-tower attacks by idiots who claim 5G spreads COVID-19 reportedly hit US:

US warns carriers to boost security, citing reports of attacks in several states.

The Department of Homeland Security is reportedly issuing alerts to wireless telecom providers and law enforcement agencies about potential attacks on cell towers and telecommunications workers by 5G/coronavirus conspiracy theorists. The DHS warned that there have already been "arson and physical attacks against cell towers in several US states."

The preposterous claim that 5G can spread the coronavirus, either by suppressing the immune system or by directly transmitting the virus over radio waves, led to dozens of tower burnings in the UK and mainland Europe. Now, the DHS "is preparing to advise the US telecom industry on steps it can take to prevent attacks on 5G cell towers following a rash of incidents in Western Europe fueled by the false claim that the technology spreads the pathogen causing COVID-19," The Washington Post reported last week.

^<no-sarcasm>
FACT: 5G mobile networks DO NOT spread COVID-19!
_{</no-sarcasm>}

Original Submission

upstart writes in with an IRC submission:

Cryptocurrency Hardware Wallets Can Get Hacked Too:

Researchers from Ledger—a firm that makes hardware wallets itself—have demonstrated attacks against products from manufacturers Coinkite and Shapeshift that could have allowed an attacker to figure out the PIN that protects those wallets. The vulnerabilities have been fixed, and both hacks would have required physical access to the devices, which minimizes the danger to begin with. But Ledger argues that it's still worth holding hardware wallets to the highest standards, just as you would a closet safe.

[..] Shapeshift fixed a vulnerability in its KeepKey wallet with a firmware update in February. If you haven't already, connect your KeepKey wallet to the desktop app to download the update onto your device. A hardware flaw in Coinkite's Coldcard Mk2 wallet persists, but it is fixed in the company's current Coldcard model Mk3, which started shipping in October. The researchers will present their attack on the Mk2 at the French security conference SSTIC in June.

[...] In examining the KeepKey memory chip that stores a user's authentication PIN, the Donjon researchers found that they could monitor voltage output changes as the chip received PIN inputs to determine the PIN itself.

BK writes:

Alcohol-fuelled crime offenders may have to wear 'sobriety tags':

[English and Welsh] Courts will have the power to order those convicted of drink-related crimes to wear an ankle monitor for up to 120 days. It assesses whether there is any alcohol in their sweat.

[...] Keith Hunter, the police and crime commissioner (PCC) for Humberside, said: "During the trial in our area they provided rehabilitation agencies a real opportunity to work with the individual and get them to recognise and change their behaviour.

[...] The tough community sentences not only punish offenders, according to the Ministry of Justice, but also help their rehabilitation by forcing them to address the causes of their harmful behaviour.

They will not be used on people who are alcohol-dependent or have certain medical conditions. Judges have been calling for many years for tougher non-custodial sentences.

An unidentified offender, who wore one of the tags in the Humberside, Lincolnshire and North Yorkshire pilot scheme, said: "Since I had the tag removed I feel 100% in control of my drinking. I was worried to begin with that when I had the tag taken off I might go back to drinking again but the process gave me a better understanding of alcohol. I also didn't want to go back to court.

"I no longer need a drink to manage my emotions which is down to the tag and my probation officer – I'm much happier with my life now and pleased that more people can benefit from my experience of wearing the tags."

First they came for the socialists and I did not speak out...

[Editor's Note: Corrected spelling of Welch to Welsh 2-May0515UTC--JR]

Original Submission

DannyB writes:

Microsoft is bringing Linux GUI apps to Windows 10:

Linux on Windows 10 gets a big boost and GPU acceleration

Microsoft is promising to dramatically improve its Windows Subsystem for Linux (WSL) with GUI app support and GPU hardware acceleration. The software giant is adding a full Linux kernel to Windows 10 with WSL version 2 later this month, and it’s now planning to support Linux GUI apps that will run alongside regular Windows apps.

This will be enabled without Windows users having to use X11 forwarding, and it’s mainly designed for developers to run Linux integrated development environments (IDE) alongside regular Windows apps.

While it has been possible to run Linux GUI apps within Windows previously using a third-party X server, poor graphics performance has always been an issue. Microsoft is promising to solve this, too. Windows 10 will soon get added support for GPU hardware acceleration with Linux tools. This is primarily focused on development scenarios involving parallels computation or training machine learning and artificial intelligence models.

So is it the year of Linux on the Desktop?

Original Submission

takyon writes:

AMD to Support Zen 3 and Ryzen 4000 CPUs on B450 and X470 Motherboards

In a surprising twist, AMD has today announced that it intends to enable Ryzen 4000 and Zen 3 support on its older B450 and X470 Motherboards. This is going to be a 'promise now, figure out the details later' arrangement, but this should enable most (if not all) users running 400 series AMD motherboards to upgrade to the Zen 3 processors set to be unveiled later this year.

[...] AMD came under a lot of fire. The company had originally promised that it would support the AM4 platform from 2016 through 2020 (or 'through to' 2020). A lot of users had assumed that this meant any AM4 platform based motherboard would be able to accept any processor made from 2016 to 2020, including the new Zen 3 processors set to be unveiled later this year. The fact that there was a discrepancy between what the users expected and what AMD had been saying essentially became a miscommunication or a misunderstanding, but one that had a negative effect on a number of users who were expecting to upgrade the system.

Ultimately the reason for the lockout was down to the BIOS size. Each generation of processors require a portion of the BIOS space for compatibility code – normally if you can support one processor from a generation, then you can support them all. We are also in the era of graphical interface BIOSes, and as a result some of the BIOS code was reserved for fancy menus and the ability to adjust fan curves or update the BIOS in a more intuitive way. All of this takes up space, and some vendors ditched the fancy graphics in order to support more processors.

Most AMD motherboards are outfitted with 128 megabit (16 megabyte) BIOS chips. The reason why this is the case is due to a limitation on some of AMD's early AM4 processors – due to design, they can only ever address the first 16 megabytes of a BIOS chip. So even if a motherboard vendor had a larger BIOS chip, say MSI had a 32 megabyte chip, then it would actually operate like two partitioned BIOSes and it would get very complicated. There is no easy way to support every AM4 processor with a simple 16 megabyte BIOS.

Also at Guru3D and Tom's Hardware.

Previously: AMD's Zen 3 CPUs Will Not be Compatible with X470, B450, and Older Motherboards

Original Submission

DannyB writes:

Judge denies Shkreli's "delusional self-aggrandizing" plea to get out of jail

A federal judge on Saturday denied Martin Shkreli's request for a "compassionate release" from prison, which was pitched as a way to protect him from contracting the new coronavirus—and to help him work on a cure for COVID-19 so he could save the rest of the world.

Lawyers for the infamous ex-pharmaceutical executive filed an emergency motion April 22 in a bid to free him from the slammer. They argued that Shkreli is at high risk of contracting the virus in the close quarters of federal prison and could possibly become severely ill or die. They also argued that he is in a unique position to work on a cure for the devastating viral illness now sweeping the globe. Shkreli himself publicly made that claim in early April via a scientific document outlining his preliminary efforts to develop an antiviral drug.

In the emergency motion, his lawyers argued that "Current conditions of confinement threaten his health and life and prevent him from doing work that would contribute to the betterment of society worldwide."

Though Shkreli is best known for ruthlessly jacking up the price of a lifesaving generic drug, he is serving an 84-month sentence following his 2017 conviction on two counts of securities fraud and one count of conspiring to commit securities fraud. The charges were in connection with an alleged Ponzi-like scheme involving two hedge funds he previously managed and his former pharmaceutical company, Retrophin. He has served 41 months of his sentence so far.

[...] [federal prosecutors] also noted that, at the time of their court filing, there were no cases of COVID-19 in staff or inmates at the facility in which Shkreli is being held, FCI Allenwood Low.

Original Submission

upstart writes in with an IRC submission:

AG Barr seeks 'legislative solution' to make companies unlock phones:

ACLU Senior Staff Attorney Brett Max Kaufman responded to [US Attorney General] Barr's comments, saying "Every time there's a traumatic event requiring investigation into digital devices, the Justice Department loudly claims that it needs backdoors to encryption, and then quietly announces it actually found a way to access information without threatening the security and privacy of the entire world. The boy who cried wolf has nothing on the agency that cried encryption." While Barr's push for backdoors and cooperation from phone manufacturers raises concerns, Kaufman's response doesn't address that the DoJ isn't seeking the ability to unlock phones, but to do so as quickly as possible.

Apple's refusal to work with law enforcement has been an issue for years. The company wants to ensure its users feel confident in trusting Apple with their data, yet police and the FBI say that the refusals to cooperate hinder investigations and put lives at risk. It sounds like Barr wants to put a system into law that would oblige Apple to comply in future cases. How realistic this plan is -- or how much buy-in from politicians it will get -- remains to be seen, though it would force Apple to rethink how it approaches user privacy.

Original Submission

upstart writes in with an IRC submission for Bytram:

Celiac disease linked to common chemical pollutants:

According to NYU Grossman School of Medicine researchers who led the study, people with the immune disorder have severe gut reactions, including diarrhea and bloating, to foods containing gluten, a protein found in wheat, rye and barley. The only treatment is a gluten-free diet, with no bread, pasta, or cake, says lead investigator and doctoral student Abigail Gaylord, MPH.

Reporting in the journal Environmental Research online May 12, the NYU Langone team found that children and young adults with high blood levels of pesticides -- and with high levels of pesticide-related chemicals called dichlorodiphenyldichlorethylenes (DDEs) -- were twice as likely to be newly diagnosed with celiac disease as those without high levels.

The study also found that gender differences existed for celiac disease related to toxic exposures. For females, who make up the majority of celiac cases, higher-than-normal pesticide exposure meant they were at least eight times more likely to become gluten intolerant. Young females with elevated levels of nonstick chemicals, known as perflouoroalkyls, or PFAs, including products like Teflon, were five to nine times more likely to have celiac disease.

Young males, on the other hand, were twice as likely to be diagnosed with the disease if they had elevated blood levels of fire-retardant chemicals, polybrominated diphenyl ethers, or PBDEs.

Abigail Gaylord, Leonardo Trasande, Kurunthachalam Kannan, Kristen M. Thomas, Sunmi Lee, Mengling Liu, Jeremiah Levine. Persistent organic pollutant exposure and celiac disease: A pilot study. Environmental Research, 2020; 109439 DOI: 10.1016/j.envres.2020.109439

Original Submission

martyb writes:

Research takes electrons for a spin in moving toward more efficient, higher density data:

"One of the major goals of spintronics research is to control the direction of the spin of electrons in materials," explains Andrew Kent, a professor in NYU's Department of Physics and one of the paper's senior authors. "This research shows a new and fundamental mechanism for setting the electron spin direction in a conducting material."

"This advance in spintronics offers a novel way to exert torques on a magnetic layer," adds senior co-author Jonathan Sun of IBM Research and a visiting scholar at NYU. "It's a promising advance that has the potential to reduce energy and space requirements for device data storage."

The work, conducted with Junwen Xu, an NYU graduate student, and Christopher Safranski of IBM Research, is the latest example of a phenomenon central to the transmission of information: altering it from one form to another.

[...] In the Physical Review Letters research, Safranski, Sun, Xu, and Kent focused on demonstrating a novel mechanism for the control of spin direction—the direction that controls the stored bits of information.

Historically, current flow in non-magnetic heavy metals has been shown to lead to spin polarization, or a direction of its net magnetic moment, at the surface of the conductor, an effect known as the spin Hall effect. However, the direction of the spin polarization in the spin Hall effect is always parallel to the surface of the conductor. This limits its applications because it provides only one possible axis of spin polarization, limiting storage density.