Month: May 2021

Enlarge / At least three companies have reported the dbutil_2_3.sys security problems to Dell over the past two years. (credit: Blogtrepreneur / Flickr)

Yesterday, infosec research firm SentinelLabs revealed 12-year-old flaws in Dell's firmware updater, DBUtil 2.3. The vulnerable firmware updater has been installed by default on hundreds of millions of Dell systems since 2009.

The five high-severity flaws SentinelLabs discovered and reported to Dell lurk in the dbutil_2_3.sys module, and they have been rounded up under a single CVE tracking number, CVE-2021-21551. There are two memory-corruption issues and two lack of input validation issues, all of which can lead to local privilege escalation and a code logic issue which could lead to a denial of service.

A hypothetical attacker abusing these vulnerabilities can escalate the privileges of another process or bypass security controls to write directly to system storage. This offers multiple routes to the ultimate goal of local kernel-level access—a step even higher than Administrator or "root" access—to the entire system.

Enlarge / Before you tweet, you might be asked if you meant to be so rude. (credit: Getty Images / Sam Machkovech)

Want to know exactly what Twitter's fleet of text-combing, dictionary-parsing bots defines as "mean"? Starting any day now, you'll have instant access to that data—at least, whenever a stern auto-moderator says you're not tweeting politely.

On Wednesday, members of Twitter's product-design team confirmed that a new automatic prompt will begin rolling out for all Twitter users, regardless of platform and device, that activates when a post's language crosses Twitter's threshold of "potentially harmful or offensive language." This follows a number of limited-user tests of the notices beginning in May of last year. Soon, any robo-moderated tweets will be interrupted with a notice asking, "Want to review this before tweeting?"

Earlier tests of this feature, unsurprisingly, had their share of issues. "The algorithms powering the [warning] prompts struggled to capture the nuance in many conversations and often didn't differentiate between potentially offensive language, sarcasm, and friendly banter," Twitter's announcement states. The news post clarifies that Twitter's systems now account for, among other things, how often two accounts interact with each other—meaning, I'll likely get a flag for sending curse words and insults to a celebrity I never talk to on Twitter, but I would likely be in the clear sending those same sentences via Twitter to friends or Ars colleagues.

Enlarge / Starship SN15 descending back to Texas under two of its three upgraded raptor engines. Successful landing! (credit: Trevor Mahlmann)

By now many readers are familiar with SpaceX's Starship tests. The rocket makes its way skyward and performs maneuvers that seem like impossibilities to a generation raised on rockets that simply shot things to orbit. These maneuvers are followed by an ungainly looking float towards the Earth below, which ends in a sudden lurch as the rocket struggles to a vertical orientation and tries to lose speed.

In general, this has been followed by a dramatic explosion as one aspect or another of the incredibly complex series of events required doesn't work quite right. The biggest exception was one case where that explosion waited for several minutes after its landing.

Today's launch followed the script right up to the landing, at which point everything changed. The landing went off without a hitch this time, and the hardware stayed intact—albeit on fire—well after the landing.

• 

  Entertainment Space. It's like Google TV, but for your tablet.

Google just remembered that Android tablets exist, and the company has announced "Entertainment Space," a new, tablet-exclusive interface that the company says is "a one-stop, personalized home for all your favorite movies, shows, videos, games and books."

Google's blog post is vague about the details of Entertainment Space. Is Space an app? Is it a new home screen, which would give Google a similar UI to a Fire tablet? Is it a report from The Verge that fills in some of the blanks: Entertainment Space is a new home screen page.

Just like how the Google Discover news feed lives on the left side of a home screen, or how Samsung puts "Bixby Home" over there, Entertainment Space will be the new left-most home screen for tablets, replacing Discover. So for apps widgets (and a customizable home screen), you'll have the main home screen page any others you want to add. For media, you have this big custom interface on the left.