Month: November 2017

Enlarge / All the Cores are affected by a major vulnerability in management firmware—as are Xeon servers and Atom, Celeron and Pentium devices. (credit: Intel)

Intel has issued a security alert that management firmware on a number of recent PC, server, and Internet-of-Things processor platforms is vulnerable to remote attack. Using the vulnerabilities, the most severe of which was uncovered by Mark Ermolov and Maxim Goryachy of Positive Technologies Research, remote attackers could launch commands on a host of Intel-based computers, including laptops and desktops shipped with Intel Core processors since 2015. They could gain access to privileged system information, and millions of computers could essentially be taken over as a result of the bug.

The company has posted a detection tool on its support website for Windows and Linux to help identify systems that are vulnerable. In the security alert, members of Intel's security team stated that "in response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience."

Four vulnerabilities were discovered that affect Intel Management Engine firmware versions 11.0 through 11.20. Two were found in earlier versions of ME, as well as two in Server Platform Services version 4.0 firmware and two in TXE version 3.0.

(credit: ZaldyImg)

The researcher who conducted a controversial 2016 herpes vaccine trial on the island of St. Kitts without federal safety oversight had secretly begun the trial in the US three years earlier. He began them in hotel rooms not far from his academic lab. That’s according to a new investigation by Kaiser Health News.

That researcher, the late Dr. William Halford of Southern Illinois University, administered shots to at least eight people with herpes in 2013. Without any federal or institutional approval or oversight, he administered the shots himself in rooms at a Holiday Inn Express and a Crowne Plaza Hotel within a short drive from SIU. Halford, who passed away from cancer in June of this year, was a microbiologist, not a physician.

Several people who received the vaccine have since complained to the FDA and SIU. They reported potential side effects of the vaccine including large, painful rashes and becoming infected with a strain of herpes different from their initial infection.

Enlarge / HPE CEO Meg Whitman, seen here in June 2017. (credit: Andy Cross/The Denver Post via Getty Images)

As part of its quarterly earnings report, Hewlett Packard Enterprise announced Tuesday that CEO Meg Whitman would be stepping down from her position as of February 1, 2018.

Antonio Neri, the company’s current president, will be taking over as CEO. He will be paid $1 million.

Whitman, who took over the position as CEO in 2011 after what might be called a major management meltdown, oversaw the company’s two splits. Last year, HPE spun off its IT services division, while the original Hewlett Packard split into HPE and HP Inc. back in 2015. Whitman will retain a board position at the company.

Enlarge (credit: Jaap Arriens/NurPhoto via Getty Images)

In a public statement, Uber has announced that it sustained a massive data breach in 2016: 57 million customers’ and drivers’ names, e-mail addresses, and phone numbers were compromised.

According to Bloomberg, no trip location info, credit card information, or Social Security numbers was taken.

Uber did not immediately respond to Ars’ request for comment.

Enlarge / A woman—but probably not a British water professional—uses a divining rod. (credit: VeloBusDriver)

Ten out of 12 water utilities in the United Kingdom admitted that their technicians use divining rods to find underground leaks or water pipes, according to an investigation by science blogger Sally Le Page.

Dowsing is a centuries-old technique for locating underground water. Someone searching for water holds two parallel sticks—or sometimes a single Y-shaped stick—called divining rods while walking in an area where there might be water under the surface. The branches supposedly twitch when they're over a water source.

Needless to say, there's zero scientific evidence that this technique actually works better than random chance. But Le Page got a bunch of UK water companies to admit that their technicians still employ the superstitious practice.

Enlarge / Acting US Attorney Joon H. Kim speaks during a press conference at the US Attorney's Office, Southern District of New York, on September 26, 2017. (credit: Kevin Hagen/Getty Images)

On Tuesday, federal authorities in New York indicted Behzad Mesri, an Iranian citizen, accusing him of hacking HBO earlier this year.

Seeing as Iran and the United States lack an extradition treaty, it is unlikely that Mesri will be sent to the United States to face the charges, unless he somehow decides to come to the states of his own volition.

According to prosecutors, Mesri stole unaired episodes of Game of Thrones, Curb Your Enthusiasm, and other popular shows. He then allegedly demanded a ransom of $5.5 million, payable in Bitcoin.