China

Chinese Giant Huawei Gets Serious About PC Business, Announces Plans For Global Expansion (reuters.com) 38

Speaking of new laptops, Chinese conglomerate Huawei plans a global expansion into computers, it said on Tuesday, posing a fresh challenge to established PC players in a market that has suffered two years of falling sales volumes and pressure on margins. From a report: At a news conference in Berlin, the Shenzhen-based company introduced its first line-up of three personal computer models, including a 15.6-inch screen notebook, a 2-in-1 tablet and notebook hybrid and an ultra slim, metallic 13-inch notebook. Initially, Huawei plans to target the premium-priced consumer market, competing with Lenovo, HP and Dell, which together sell more than 50 percent of all PCs. To a lesser extent, it will also go up against Apple's high-end, but shrinking, Mac computer business. Huawei's Matebook X is a fanless notebook with splash-proof screen and combined fingerprint sign-on and power button, priced between 1,399 and 1,699 euros ($1,570-$1,900). Its Matebook E 2-in-1 hybrid will run from 999 to 1,299 euros while the Matebook D with 15.6-inch display is priced at 799 to 999 euros, it said. Huawei said it aims to offer the new PCs in 12 countries in Europe, North America, Asia, and the Middle East in early June.
Microsoft

Microsoft's New Surface Pro Features Faster Intel Kaby Lake Processor, 13.5 Hours of Battery Life (thurrott.com) 43

On the sidelines of Windows 10 China Government Edition release, Microsoft also announced a new Surface two-in-one laptop. The latest addition to company's hybrid computing line up, the "new Surface Pro" sports an improved design, and houses a newer processor from Intel. From an article: The new Surface Pro features the same 3:2 12.3-inch PixelSense display as its predecessor, providing a resolution of 2736 x 1824 (267 ppi) and 10 point multi-touch capabilities. Surface Pro is based on faster and more reliable Intel "Kaby Lake" chipsets in Core m3-7Y30 with HD Graphics 615, Core i5-7300U with HD Graphics 620, and Core i7-7660U with Iris Plus Graphics 640 variants, which should make for a better experience. As with the previous version, the Core m3 version of the new Surface Pro is fanless and thus silent. But this is new: The Core i5 versions of the new Surface Pro are also fanless and silent. And a new thermal design helps Microsoft claim that the i7 versions are quieter than ever, too. The new Surface Pro is rated at 13.5 hours of battery life (for video playback), compared to just 9 hours for Surface Pro 4. That's a 50 percent improvement. urface Pro can be had with 4, 8, or 16 GB of 1866Mhz LPDDR3 RAM. The new Surface Pro is built around the USB 3-based Surface Connect connector and features one full-sized USB 3 port and one miniDisplayPort port. Microsoft also announced a new Surface Pen (sold separately), and claims that the new pen is twice as accurate (compared to the previous version). No word on the pricing but it will be available in all major global markets in the "coming weeks." The new Surface ships with Windows 10 Pro. (Side note: Earlier Microsoft used to market the Surface Pro devices as tablets that could also serve as laptops. The company is now calling the Surface Pro laptops that are also tablets.)
Microsoft

Microsoft Announces 'Windows 10 China Government Edition', Lets Country Use Its Own Encryption (windows.com) 92

At an event in China on Tuesday, Microsoft announced yet another new version of Windows 10. Called Windows 10 China Government Edition, the new edition is meant to be used by the Chinese government and state-owned enterprises, ending a standoff over the operating system by meeting the government's requests for increased security and data control. In a blog post, Windows chief Terry Myerson writes: The Windows 10 China Government Edition is based on Windows 10 Enterprise Edition, which already includes many of the security, identity, deployment, and manageability features governments and enterprises need. The China Government Edition will use these manageability features to remove features that are not needed by Chinese government employees like OneDrive, to manage all telemetry and updates, and to enable the government to use its own encryption algorithms within its computer systems.
AI

The Working Dead: Which IT Jobs Are Bound For Extinction? (infoworld.com) 555

Slashdot reader snydeq shares an InfoWorld article identifying "The Working Dead: IT Jobs Bound For Extinction." Here's some of its predictions.
  • The president of one job leadership consultancy argues C and C++ coders will soon be as obsolete as Cobol programmers. "The entire world has gone to Java or .Net. You still find C++ coders in financial companies because their systems are built on that, but they're disappearing."
  • A data scientist at Stack Overflow "says demand for PHP, WordPress, and LAMP skills are seeing a steady decline, while newer frameworks and languages like React, Angular, and Scala are on the rise."
  • The CEO and co-founder of an anonymous virtual private network service says "The rise of Azure and the Linux takeover has put most Windows admins out of work. Many of my old colleagues have had to retrain for Linux or go into something else entirely."
  • In addition, "Thanks to the massive migration to the cloud, listings for jobs that involve maintaining IT infrastructure, like network engineer or system administrator, are trending downward, notes Terence Chiu, vice president of careers site Indeed Prime."
  • The CTO of the job site Ladders adds that Smalltalk, Flex, and Pascal "quickly went from being popular to being only useful for maintaining older systems. Engineers and programmers need to continually learn new languages, or they'll find themselves maintaining systems instead of creating new products."
  • The president of Dice.com says "Right now, Java and Python are really hot. In five years they may not be... jobs are changing all the time, and that's a real pain point for tech professionals."

But the regional dean of Northeastern University-Silicon Valley has the glummest prediction of all. "If I were to look at a crystal ball, I don't think the world's going to need as many coders after 2020. Ninety percent of coding is taking some business specs and translating them into computer logic. That's really ripe for machine learning and low-end AI."


Botnet

Attackers DDoS WannaCry Kill Switch (venturebeat.com) 72

An anonymous reader quotes VentureBeat: As of late Friday, after many of the deadlines threatening data deletion had passed, few victims had paid ransoms. According to Elliptic Enterprises, only about $94,000 worth of ransoms had been paid via Bitcoin, which works out to less than one in a thousand of the 300,000 victims who were reportedly affected by WannaCry... While not as bad as feared, ransomware (not to mention cybersecurity threats in general) isn't going away. Wired reported that the domain registered by Hutchins has been under intense denial-of-service attacks delivered by an army of IoT devices marshalled, zombie-like, by Mirai.
Security

New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two (bleepingcomputer.com) 115

An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload.

EternalRocks is far more complex than WannaCry's SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received.

Last but not least, the worm does not have a killswitch domain, which means the worm can't be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm's owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo.

Ars Technica quotes security researchers who say "there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April... These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch."
Security

Stealing Windows Credentials Using Google Chrome (helpnetsecurity.com) 53

Orome1 writes: A default setting in Google Chrome, which allows it to download files that it deems safe without prompting the user for a download location, can be exploited by attackers to mount a Windows credential theft attack using specially-crafted SCF shortcut files, DefenseCode researchers have found. What's more, for the attack to work, the victim does not even have to run the automatically downloaded file. Simply opening the download directory in Windows File Explorer will trigger the code icon file location inserted in the file to run, and it will send the victim's username, domain and NTLMv2 password hash to a remote SMB server operated by the attackers.
Windows

Almost All WannaCry Victims Were Running Windows 7 (theverge.com) 123

An anonymous reader quotes a report from The Verge: According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections. Windows 7 is still by far the most common version of Windows, running on roughly four times as many computers as Windows 10 worldwide. Since more recent versions of Windows aren't vulnerable to WannaCry, it makes sense that most of the infections would hit computers running 7. Still, the stark disparity emphasizes how small of a role Windows XP seems to have played in spreading the infection, despite early concerns about the outdated operating system. The new figures also bear on the debate over Microsoft's patching practices, which generated significant criticism in the wake of the attack. Microsoft had released a public patch for Windows 7 months before the attack, but the patch for Windows XP was only released as an emergency measure after the worst of the damage had been done. The patch was available earlier to paying Custom Support customers, but most XP users were left vulnerable, each unpatched computer a potential vector to spread the ransomware further. Still, Kaspersky's figures suggest that unpatched XP devices played a relatively small role in the spread of the ransomware.
Microsoft

Linux Distros Won't Run On Microsoft's Education-Focused Windows 10 S OS (betanews.com) 115

Reader BrianFagioli writes: I was sort of hopeful for Windows 10 S when Microsoft made a shocking announcement at Build 2017 that it is bringing Linux distributions to the Windows Store. This gave the impression that students using the S variant of the OS would be able to tinker with Linux. Unfortunately, this is not the case as Microsoft will be blocking Linux on the new OS. In other words, not all apps in the store will be available for Windows 10 S. "Windows 10 S does not run command-line applications, nor the Windows Console, Cmd / PowerShell, or Linux/Bash/WSL instances since command-line apps run outside the safe environment that protects Windows 10 S from malicious / misbehaving software," says Rich Turner, Senior Product Manager, Microsoft. Tuner further explains, "Linux distro store packages are an exotic type of app package that are published to the Windows Store by known partners. Users find and install distros , safely, quickly, and reliably via the Windows Store app. Once installed, however, distros should be treated as command-line tools that run outside the UWP sandbox and secure runtime infrastructure. They run with the capabilities granted to the local user -- in the same way as Cmd and PowerShell do. This is why Linux distros don't run on Windows 10 S: Even though they're delivered via the Windows Store, and installed as standard UWP APPX's, they run as non-UWP command-line tools and this can access more of a system than a UWP can."
Government

CIA Co-Developed 'Athena' Windows Malware With US Cyber Security Company, WikiLeaks Reveals (bleepingcomputer.com) 103

An anonymous reader writes: Today, WikiLeaks leaked documentation about a tool called Athena. According to leaked documents, which WikiLeaks previously claimed it received from hackers and CIA insiders, Athena is an implant -- a CIA technical term for "malware" -- that can target and infect any Windows system, from Windows XP to Windows 10, Microsoft's latest OS version. Documents leaked today are dated between September 2015 and February 2016, showing that the CIA had the ability to hack Windows 10 months after its launch, despite Microsoft boasting about how hard it would be to hack its new OS. [...] The documents reveal that CIA had received help from a non-government contractor in developing the malware. The company is Siege Technologies, a cyber-security company based in New Hampshire, which was acquired on November 15, 2016, by Nehemiah Security, another US company, based in Tysons, Virginia, on the outskirts of Washington and near CIA's headquarters, in a zone peppered with various military and defense contractors.
Security

French Researchers Find Last-ditch Cure To Unlock WannaCry Files (reuters.com) 36

French researchers said on Friday they had found a last-chance way for technicians to save Windows files encrypted by WannaCry, racing against a deadline as the ransomware threatens to start locking up victims' computers first infected a week ago. From a report: WannaCry, which started to sweep round the globe last Friday and has infected more than 300,000 computers in 150 nations, threatens to lock out victims who have not paid a sum of $300 to $600 within one week of infection. A loose-knit team of security researchers scattered across the globe said they had collaborated to develop a workaround to unlock the encryption key for files hit in the global attack, which several independent security researchers have confirmed. The researchers warned that their solution would only work in certain conditions, namely if computers had not been rebooted since becoming infected and if victims applied the fix before WannaCry carried out its threat to lock their files permanently. Also see: Windows XP PCs Infected By WannaCry Can Be Decrypted Without Paying Ransom.
Transportation

America's Cars Are Suddenly Getting Faster and More Efficient (bloomberg.com) 478

Kyle Stock and David Ingold, writing for Bloomberg: Sometime in the next couple of months, the Dodge Challenger SRT Demon and its 808 horsepower will show up in dealership windows like some kind of tiny, red, tire-melting factory. Yes, 808 horsepower. There's no typo. Last year, U.S. drivers on the hunt for more than 600 horsepower had 18 models to choose from, including a Cadillac sedan that looks more swanky than angry. Meanwhile, even boring commuter sedans are posting power specifications that would have been unheard of during the Ford Administration. The horses in the auto industry are running free. We crunched four decades of data from the Environmental Protection Agency's emission tests and arrived at a simple conclusion: All of the cars these days are fast and furious -- even the trucks. If a 1976 driver were to somehow get his hands on a car from 2017, he'd be at grave risk of whiplash. Since those days, horsepower in the U.S. has almost doubled, with the median model climbing from 145 to 283 stallions. Not surprisingly, the entire U.S. fleet grew more game for a drag-race: The median time it took for a vehicle to go from 0 to 60 miles per hour was halved, from almost 14 seconds to seven.
Operating Systems

ReactOS 0.4.5 Released (reactos.org) 117

An anonymous reader shares Colin Finck's forum post announcing ReactOS version 0.4.5: The ReactOS Project is pleased to release version 0.4.5 as a continuation of its three month cadence. Beyond the usual range of bug fixes and syncs with external dependencies, a fair amount of effort has gone into the graphical subsystem. Thanks to the work of Katayama Hirofumi and Mark Jansen, ReactOS now better serves requests for fonts and font metrics, leading to an improved rendering of applications and a more pleasant user experience. Your continued donations have also funded a contract for Giannis Adamopoulos to fix every last quirk in our theming components. The merits of this work can be seen in ReactOS 0.4.5, which comes with a smoother themed user interface and the future promises to bring even more improvements. In another funded effort, Hermes Belusca-Maito has got MS Office 2010 to run under ReactOS, another application from the list of most voted apps. On top of this, there have been several major fixes in the kernel and drivers that should lead to stability improvements on real hardware and on long-running machines. The general notes, tests, and changelog for the release can be found at their respective links. ISO images and prepared VMs for testing can be downloaded here.
Windows

Windows XP PCs Infected By WannaCry Can Be Decrypted Without Paying Ransom (arstechnica.com) 60

An anonymous reader quotes a report from Ars Technica: Owners of some Windows XP computers infected by the WCry ransomware may be able to decrypt their data without making the $300 to $600 payment demand, a researcher said Thursday. Adrien Guinet, a researcher with France-based Quarkslab, has released software that he said allowed him to recover the secret decryption key required to restore an infected XP computer in his lab. The software has not yet been tested to see if it works reliably on a large variety of XP computers, and even when it does work, there are limitations. The recovery technique is also of limited value because Windows XP computers weren't affected by last week's major outbreak of WCry. Still, it may be helpful to XP users hit in other campaigns. "This software has only been tested and known to work under Windows XP," he wrote in a readme note accompanying his app, which he calls Wannakey. "In order to work, your computer must not have been rebooted after being infected. Please also note that you need some luck for this to work (see below), and so it might not work in every case!"
Businesses

'WannaCry Makes an Easy Case For Linux' (techrepublic.com) 408

An anonymous reader writes: The thing is, WannaCry isn't the first of its kind. In fact, ransomware has been exploiting Windows vulnerabilities for a while. The first known ransomware attack was called "AIDS Trojan" that infected Windows machines back in 1989. This particular ransomware attack switched the autoexec.bat file. This new file counted the amount of times a machine had been booted; when the machine reached a count of 90, all of the filenames on the C drive were encrypted. Windows, of course, isn't the only platform to have been hit by ransomware. In fact, back in 2015, the LinuxEncoder ransomware was discovered. That bit of malicious code, however, only affected servers running the Magento ecommerce solution. The important question here is this: Have their been any ransomware attacks on the Linux desktop? The answer is no. With that in mind, it's pretty easy to draw the conclusion that now would be a great time to start deploying Linux on the desktop. I can already hear the tired arguments. The primary issue: software. I will counter that argument by saying this: Most software has migrated to either Software as a Service (SaaS) or the cloud. The majority of work people do is via a web browser. Chrome, Firefox, Edge, Safari; with few exceptions, SaaS doesn't care. With that in mind, why would you want your employees and staff using a vulnerable system? [...] Imagine, if you will, you have deployed Linux as a desktop OS for your company and those machines work like champs from the day you set them up to the day the hardware finally fails. Doesn't that sound like a win your company could use? If your employees work primarily with SaaS (through web browsers), then there is zero reason keeping you from making the switch to a more reliable, secure platform.
Security

Group Linked To NSA Spy Leaks Threatens Sale of New Tech Secrets (reuters.com) 105

Hacker group Shadow Brokers, which has taken credit for leaking NSA cyber spying tools -- including ones used in the WannaCry global ransomware attack -- has said it plans to sell code that can be used to hack into the world's most used computers, software and phones. From a report on Reuters: Using trademark garbled English, the Shadow Brokers group said in an online statement that, from June, it will begin releasing software to anyone willing to pay for access to some of the tech world's biggest commercial secrets. In the blog post, the group said it was setting up a "monthly data dump" and that it could offer tools to break into web browsers, network routers, phone handsets, plus newer exploits for Windows 10 and data stolen from central banks. It said it was set to sell access to previously undisclosed vulnerabilities, known as zero-days, that could be used to attack Microsoft's latest software system, Windows 10. The post did not identify other products by name. It also threatened to dump data from banks using the SWIFT international money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programs, without providing further details.
Windows

'Don't Tell People To Turn Off Windows Update, Just Don't' (troyhunt.com) 507

Security researchers Troy Hunt, writing on his blog: Often, the updates these products deliver patch some pretty nasty security flaws. If you had any version of Windows since Vista running the default Windows Update, you would have had the critical Microsoft Security Bulletin known as "MS17-010" pushed down to your PC and automatically installed. Without doing a thing, when WannaCry came along almost 2 months later, the machine was protected because the exploit it targeted had already been patched. It's because of this essential protection provided by automatic updates that those advocating for disabling the process are being labelled the IT equivalents of anti-vaxxers and whilst I don't fully agree with real world analogies like this, you can certainly see where they're coming from. As with vaccinations, patches protect the host from nasty things that the vast majority of people simply don't understand. This is how consumer software these days should be: self-updating with zero input required from the user. As soon as they're required to do something, it'll be neglected which is why Windows Update is so critical.
Android

Slashdot Asks: In the Wake Of Ransomware Attacks, Should Tech Companies Change Policies To Support Older OSs Indefinitely? 358

In the aftermath of ransomware spread over the weekend, Zeynep Tufekci, an associate professor at the School of Information and Library Science at the University of North Carolina, writes an opinion piece for The New York Times: At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, "pay extra money to us or we will withhold critical security updates" can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more. Microsoft supported Windows XP for over a decade before finally putting it to sleep. In the wake of ransomware attacks, it stepped forward to release a patch -- a move that has been lauded by columnists. That said, do you folks think it should continue to push security updates to older operating systems as well?
Government

Microsoft Blasts Spy Agencies For Leaked Exploits Used By WanaDecrypt0r (engadget.com) 323

An anonymous reader shares Engadget's report about Microsoft's response to the massive WanaDecrypt0r ransomware attack: Company president Brad Smith has posted a response to the attack that roasts the NSA, CIA and other intelligence agencies for hogging security vulnerabilities instead of disclosing them to be fixed. There's an "emerging pattern" of these stockpiles leaking out, he says, and they cause "widespread damage" when that happens. He goes so far as to liken it to a physical weapons leak -- it's as if the US military had "some of its Tomahawk missiles stolen"... Microsoft had already floated the concept of a "Digital Geneva Convention" that required governments to report security holes, but the idea has gained a new sense of urgency in light of the recent ransomware chaos... While Microsoft makes its own efforts by rushing out patches and sharing concerns with other companies, it also chastises customers who could have closed the WannaCry hole two months earlier but didn't.
BrianFagioli shared a BetaNews article arguing Microsoft "should absolutely not shoulder any of the responsibility. After all, the vulnerability that led to the disaster was patched back in March." But troublemaker_23 notes that ITwire still faults Microsoft for not planning ahead, since in February 150 million people were still using Windows XP.
Security

PCs Connected To the Internet Will Get Infected With WanaDecrypt0r In Minutes (bleepingcomputer.com) 82

An anonymous reader writes: "The Wana Decrypt0r ransomware -- also known as WCry, WannaCry, WannaCrypt, and WanaCrypt0r -- infected a honeypot server made to look like a vulnerable Windows computer six times in the span of 90 minutes, according to an experiment carried out by a French security researcher that goes online by the name of Benkow," reports BleepingComputer. "During one of those infections, Wana Decrypt0r infected the honeypot in a mere three minutes after it was reset, showing the aggressive nature of the ransomware's scanning module, which helps it spread to new victims... Three minutes is about the same amount of time IoT malware will infect a vulnerable home router left connected to the Internet without patches."

The article also highlights the fact that the group behind this threat is possibly made of inexperienced coders, who just stumbled upon a way to weaponize an NSA exploit. Their three previous WanaDecrypt0r campaigns were mundane, and one researcher called their code "utter [expletive]." This is because WanaDecrypt0r is actually made of two main modules, the ransomware itself, and the SMB worm (based on the NSA exploit). While the SMB worm is top-shelf code, the ransomware itself is quite unsophisticated, making a lot of operational errors, including using only 3 Bitcoin wallets to handle payments, instead of one per infected user, as most top-shelf ransomware does. This makes it difficult to tell which victims paid and who didn't, as anyone could claim "x" transaction is theirs, even if they didn't pay.

Slashdot Top Deals