Covid 19 und Klimawandel: Eine Parallele
Die Sicht eines Wissenschaftsforschers. Gastbeitrag
Die Sicht eines Wissenschaftsforschers. Gastbeitrag
Month: June 2020
UPnP flaw exposes millions of network devices to attacks over the Internet
Unsafe for more than a decade, universal plug and play strikes again.
Enlarge (credit: US GAO / Flickr)
Millions of routers, printers, and other devices can be remotely commandeered by a new attack that exploits a security flaw in the Universal Plug and Play network protocol, a researcher said.
CallStranger, as the exploit has been named, is most useful for forcing large numbers of devices to participate in distributed denial of service—or DDoS—attacks that overwhelm third-party targets with junk traffic. CallStranger can also be used to exfiltrate data inside networks even when they’re protected by data loss prevention tools that are designed to prevent such attacks. The exploit also allows attackers to scan internal ports which would otherwise be invisible because they’re not exposed to the Internet.
Billions of routers and other so-called Internet-of-things devices are susceptible to CallStranger, Yunus Çadırcı, a Turkish researcher who discovered the vulnerability and the wrote the proof-of-concept attack code that exploits it, wrote over the weekend. For the exploit to actually work, however, a vulnerable device must have UPnP, as the protocol is known, exposed on the Internet. That constraint means only a fraction of vulnerable devices are actually exploitable.
Read 10 remaining paragraphs | Comments
Antibody testing suggests immune response post-COVID is very variable
And many of the tests available to the public produced variable results.
Enlarge / Melissa Cruz elevates her arm after donating COVID-19 convalescent plasma as phlebotomist Jenee Wilson shuts down a machine. (credit: Karen Ducey / Getty Images)
How much of an immune response does a SARS-CoV-2 infection produce? It's a critical question for all sorts of reasons. To begin with, long-lasting immunity, either through an infection or a vaccine, is critical for any hope of returning the world to something that resembles its pre-pandemic state. It's also essential to understanding how safe people who have recovered from infections are and how they can behave in the face of continued outbreaks and spread.
But there are also more subtle public policy issues. Since testing wasn't generally available at the time of many outbreaks, we'll need antibody tests to figure out who was actually exposed. And the accuracy of those tests—which has been called into question—can have a big influence on studies of the pandemic's progression.
A bunch of recent draft papers have looked at the sort of immune response we're seeing in patients who have cleared the virus after testing positive for it. And the results suggest that it's very variable—as is the quality of the tests that detect it. (We'll remind you that pre-publication documents carry some quality risks.)
Read 13 remaining paragraphs | Comments
Diskriminierung: KI ist nur so fair wie die Menschen, die sie programmieren
Angesichts weltweiter Proteste gegen Rassismus trennt sich etwa IBM von künstlicher Intelligenz, die Diskriminierung verfestigen kann. Das Problem liegt aber nicht in der Software, sondern in den Entwicklereams. Ein Bericht von Miriam Binner (Diskrimin…
Angesichts weltweiter Proteste gegen Rassismus trennt sich etwa IBM von künstlicher Intelligenz, die Diskriminierung verfestigen kann. Das Problem liegt aber nicht in der Software, sondern in den Entwicklereams. Ein Bericht von Miriam Binner (Diskriminierung, IBM) Elektroauto: Ingenext hackt Model 3 und bietet 37 Kilowatt mehr Leistung
Das kanadische Unternehmen Ingenext bietet ein Beschleunigungs-Upgrade für das Model 3 zum halben Preis von Tesla an. (Tesla Model 3, Technologie)
Das kanadische Unternehmen Ingenext bietet ein Beschleunigungs-Upgrade für das Model 3 zum halben Preis von Tesla an. (Tesla Model 3, Technologie) Microsoft: Windows 10 verwirrt mit Pop-up-Fenster
Seit einiger Zeit blendet Windows 10 einen Pop-up-Dialog ein. Der verwirrt, da er eigentlich nur nach einer Neuinstallation erscheint. (Windows 10, Microsoft)
Seit einiger Zeit blendet Windows 10 einen Pop-up-Dialog ein. Der verwirrt, da er eigentlich nur nach einer Neuinstallation erscheint. (Windows 10, Microsoft) "Black Lives Matter"-Proteste spülen Großbritanniens Kolonialgeschichte hoch
Demonstranten zerstörten die Statue eines Sklavenhändlers, seitdem ist ein Kulturkampf entbrannt
Demonstranten zerstörten die Statue eines Sklavenhändlers, seitdem ist ein Kulturkampf entbrannt
Routing: Zu viel Traffic verantwortlich für IBM-Cloud-Ausfall
Routing-Probleme bei einem Dienstleister sollen den massiven Ausfall der IBM-Cloud verursacht haben. Selbst die Statusseite ging offline. (IBM, Cloud Computing)
Routing-Probleme bei einem Dienstleister sollen den massiven Ausfall der IBM-Cloud verursacht haben. Selbst die Statusseite ging offline. (IBM, Cloud Computing) Semi-Serienproduktion: Tesla-Aktie steigt über 1.000 US-Dollar
Elon Musk will die Serienproduktion des Elektrolastwagens Semi aufnehmen. Die Tesla-Aktie steigt daraufhin auf über 1.000 US-Dollar. (Tesla, Technologie)
Elon Musk will die Serienproduktion des Elektrolastwagens Semi aufnehmen. Die Tesla-Aktie steigt daraufhin auf über 1.000 US-Dollar. (Tesla, Technologie) Removing “Annoying” Windows 10 Features is a DMCA Violation, Microsoft Says
Ninjutsu OS, a new software tool that heavily modifies Windows 10 with a huge number of tweaks, mods and extra tools, has been hit with a DMCA complaint by Microsoft. According to the copyright notice, the customizing, tweaking and disabling of Windows 10 features, even when that improves privacy, amounts to a violation of Microsoft’s software license.
From: TF, for the latest news on copyright battles, piracy and more.
Since Windows was first released, people have been modifying variants of the world-famous operating system to better fit their individual requirements.
Many of these tweaks can be carried out using tools provided within the software itself but the recently-released Ninjutsu OS aims to take Windows 10 modding to a whole new level.
Released on May 7, Ninjutsu OS claims to take Windows 10 and transform it into a penetration testing powerhouse, adding huge numbers of tools (around 800) aimed at security experts, a few for regular users (qBitTorrent and Tor Browser, for example) while also removing features considered unwanted or unneeded in such an environment.
“I created this project to help beginners and students in the field of information security. As you know it is very difficult for beginners to build Windows and install all the tools and install libraries for some of the programs that you need in the field of information security,” Ninjutsu creator ‘Hasan’ informs TF.
As the image below shows, Ninjutsu’s appearance is striking and is likely to appeal to the target audience.
From June 6, 2020, the project was hosted on Github but according to a DMCA complaint filed by the Business Software Alliance (BSA) on behalf of Microsoft, Ninjutsu OS violates Microsoft’s copyrights.
“BSA has determined that GitHub.com (specifically, content made available on GitHub through the link listed below) is providing access to copyrighted, nonpublic, proprietary information of our member Microsoft,” the complaint reads.
“The link leads to copyrighted material pertaining to Microsoft. Specifically, the copyrighted material in question can be found at the following link: https://github.com/ninjutsu-project/ninjutsu-project.github.io.”
While that link to the project has now been taken down by Github (Hasan insists that the page “does not contain any violation of Microsoft’s rights”), the complaint goes on to highlight several features of Ninjutsu OS that are claimed to be infringing. As advertised and specifically highlighted by BSA/Microsoft they are:
– Customize Windows 10 with powerful tweak and optimize.
– Protect your privacy by tweak and customize Windows 10.
– Disable many of the annoying features built into Windows.
– Unwanted Windows components removal.
– Remove/Disable many Windows programs and services.
According to the complaint, the above actions by Ninjutsu OS as mentioned on its Github page provide a “work around technical restrictions of the software”, something which supposedly violates Microsoft’s software license terms.
“As such, we request that you please act expeditiously to remove or disable access to the specific pages/links described above, and thereby prevent the illegal reproduction and distribution of Microsoft content, via your company’s network, pursuant to 17 U.S.C. §512(d),” the DMCA complaint adds.
At first view, some may conclude that Ninjutsu OS amounts to a heavily modified yet pirated version of Windows 10. However, a video explaining how the software works suggests that users will actually need their own license for a genuine copy of Windows 10 to get the modifications up and running properly. Ninjutsu’s creator informs TF that’s indeed the case.
There may be workarounds, of course, but BSA/Microsoft’s complaint appears to be centered around the unauthorized tweaking or wholesale removal/disabling of Windows 10 components, rather than copying its content. While there may be more going on here, at no point during the complaint does it provide details on which Microsoft content has been reproduced.
Ninjutsu’s developer informs us that the ability to tweak, disable or remove features in Windows 10 is carried out using two tools – Win10-Initial-Setup-Script and O&O ShutUp10, with the latter billing itself as a tool allowing users to “decide how Windows 10 should respect your privacy by deciding which unwanted functions should be deactivated.”
At the time of writing Ninjutsu’s Patreon page is still functional but a link to download the tool using torrents via Yandex hosting is now down and displaying a ‘Link Blocked‘ message.
From: TF, for the latest news on copyright battles, piracy and more.
You must be logged in to post a comment.