Month: November 2022

Enlarge (credit: Getty Images)

More than two dozen Lenovo notebook models are vulnerable to malicious hacks that disable the UEFI secure boot process and then run unsigned UEFI apps or load bootloaders that permanently backdoor a device, researchers warned on Wednesday.

At the same time that researchers from security firm ESET disclosed the vulnerabilities, the notebook maker released security updates for 25 models, including ThinkPads, Yoga Slims, and IdeaPads. Vulnerabilities that undermine the UEFI secure boot can be serious because they make it possible for attackers to install malicious firmware that survives multiple operating system reinstallations.

Not common, even rare

Short for Unified Extensible Firmware Interface, UEFI is the software that bridges a computer’s device firmware with its operating system. As the first piece of code to run when virtually any modern machine is turned on, it’s the first link in the security chain. Because the UEFI resides in a flash chip on the motherboard, infections are difficult to detect and remove. Typical measures such as wiping the hard drive and reinstalling the OS have no meaningful impact because the UEFI infection will simply reinfect the computer afterward.

Enlarge (credit: Getty Images)

More than two dozen Lenovo notebook models are vulnerable to malicious hacks that disable the UEFI secure boot process and then run unsigned UEFI apps or load bootloaders that permanently backdoor a device, researchers warned on Wednesday.

At the same time that researchers from security firm ESET disclosed the vulnerabilities, the notebook maker released security updates for 25 models, including ThinkPads, Yoga Slims, and IdeaPads. Vulnerabilities that undermine the UEFI secure boot can be serious because they make it possible for attackers to install malicious firmware that survives multiple operating system reinstallations.

Not common, even rare

Short for Unified Extensible Firmware Interface, UEFI is the software that bridges a computer’s device firmware with its operating system. As the first piece of code to run when virtually any modern machine is turned on, it’s the first link in the security chain. Because the UEFI resides in a flash chip on the motherboard, infections are difficult to detect and remove. Typical measures such as wiping the hard drive and reinstalling the OS have no meaningful impact because the UEFI infection will simply reinfect the computer afterward.

Enlarge / Archaeologists excavated this engraved ivory comb at an ancient site in Israel. (credit: Dafna Gazit, Israel Antiquities Authority)

Several years ago, archaeologists unearthed a small ivory comb at Tel Lachsich in Israel, once a major Canaanite city-state in the second millennium BCE.  But it wasn't until last December that someone realized the comb had an inscription using early pictograph symbols of the first alphabet. Once deciphered, the inscription turned out to be a spell for preventing an infestation of head lice, according to a new paper published in the Jerusalem Journal of Archaeology.

“This is the first sentence ever found in the Canaanite language in Israel," said co-author Yosef Garfinkel, an archaeologist with the Hebrew University of Jerusalem. "There are Canaanites in Ugarit in Syria, but they write in a different script, not the alphabet that is used till today. The Canaanite cities are mentioned in Egyptian documents, the Amarna letters that were written in Akkadian, and in the Hebrew Bible. The comb inscription is direct evidence for the use of the alphabet in daily activities some 3,700 years ago. This is a landmark in the history of the human ability to write.”

While early writing systems emerged in Mesopotamia and Egypt over 5,000 years ago, they used symbols rather than a bona fide alphabet, which appeared significantly later, around 1800 BCE. Accordingly to the authors, little is known about this first alphabet because so few inscriptions have survived that predate the 13th century BCE—just a few letters, maybe a word or two, usually lacking context. "Thus, it is very likely that most writing was carried out on perishable materials that have decayed over time," Garfinkel et al. wrote. Since the 1930s, the Lachsich site has yielded a dozen or so inscription fragments from between the 13th and 12th centuries BCE, suggesting the city-state and surrounding region played a leading role in the alphabet's early history.

Enlarge / Archaeologists excavated this engraved ivory comb at an ancient site in Israel. (credit: Dafna Gazit, Israel Antiquities Authority)

Several years ago, archaeologists unearthed a small ivory comb at Tel Lachsich in Israel, once a major Canaanite city-state in the second millennium BCE.  But it wasn't until last December that someone realized the comb had an inscription using early pictograph symbols of the first alphabet. Once deciphered, the inscription turned out to be a spell for preventing an infestation of head lice, according to a new paper published in the Jerusalem Journal of Archaeology.

“This is the first sentence ever found in the Canaanite language in Israel," said co-author Yosef Garfinkel, an archaeologist with the Hebrew University of Jerusalem. "There are Canaanites in Ugarit in Syria, but they write in a different script, not the alphabet that is used till today. The Canaanite cities are mentioned in Egyptian documents, the Amarna letters that were written in Akkadian, and in the Hebrew Bible. The comb inscription is direct evidence for the use of the alphabet in daily activities some 3,700 years ago. This is a landmark in the history of the human ability to write.”

While early writing systems emerged in Mesopotamia and Egypt over 5,000 years ago, they used symbols rather than a bona fide alphabet, which appeared significantly later, around 1800 BCE. Accordingly to the authors, little is known about this first alphabet because so few inscriptions have survived that predate the 13th century BCE—just a few letters, maybe a word or two, usually lacking context. "Thus, it is very likely that most writing was carried out on perishable materials that have decayed over time," Garfinkel et al. wrote. Since the 1930s, the Lachsich site has yielded a dozen or so inscription fragments from between the 13th and 12th centuries BCE, suggesting the city-state and surrounding region played a leading role in the alphabet's early history.

Enlarge / Emergency department staff members work at Providence St. Joseph Hospital in Orange, California, on November 1. Orange County's health officer has declared a local health emergency in response to increases in respiratory illnesses and an onslaught of the quickly spreading RSV, a respiratory virus that is most dangerous in young children. (credit: Getty | Orange County Register)

The charge nurse who called 911 last month when her emergency department became overwhelmed with patients is speaking candidly about the chaos, fear, and unsafe conditions that continue to plague her hospital and others around the country.

Kelsay Irby, the ER charge nurse at St. Michael’s Medical Center in the greater Seattle area, penned an eye-opening essay for Nurse.org Tuesday, offering context, commentary, and more details around the infamous night of October 8.

That evening, the hospital's emergency department was "even more short-staffed than normal, operating at less than 50 percent of our ideal staffing grid," Irby said, and there were around 50 people in the waiting room. The nurses were becoming increasingly nervous that some of the people stuck waiting in the lobby had cardiac and respiratory problems, and there were also children with very high fevers. With only one nurse available to keep an eye on people waiting, they could be "unmonitored for extended periods of time."

Enlarge / Emergency department staff members work at Providence St. Joseph Hospital in Orange, California, on November 1. Orange County's health officer has declared a local health emergency in response to increases in respiratory illnesses and an onslaught of the quickly spreading RSV, a respiratory virus that is most dangerous in young children. (credit: Getty | Orange County Register)

The charge nurse who called 911 last month when her emergency department became overwhelmed with patients is speaking candidly about the chaos, fear, and unsafe conditions that continue to plague her hospital and others around the country.

Kelsay Irby, the ER charge nurse at St. Michael’s Medical Center in the greater Seattle area, penned an eye-opening essay for Nurse.org Tuesday, offering context, commentary, and more details around the infamous night of October 8.

That evening, the hospital's emergency department was "even more short-staffed than normal, operating at less than 50 percent of our ideal staffing grid," Irby said, and there were around 50 people in the waiting room. The nurses were becoming increasingly nervous that some of the people stuck waiting in the lobby had cardiac and respiratory problems, and there were also children with very high fevers. With only one nurse available to keep an eye on people waiting, they could be "unmonitored for extended periods of time."

Enlarge / Eight images we generated with the alpha version of Midjourney v4. (credit: Ars Technica)

On Saturday, AI image service Midjourney began alpha testing version 4 ("v4") of its text-to-image synthesis model, which is available for subscribers on its Discord server. The new model provides more detail than previously available, inspiring some AI artists to remark that v4 almost makes it "too easy" to get high-quality results from simple prompts.

Midjourney opened to the public in March as part of an early wave of AI image synthesis models. It quickly gained a large following due to its distinct style and for being publicly available before DALL-E and Stable Diffusion. Before long, Midjourney-crafted artwork made the news by winning art contests, providing material for potentially historic copyright registrations, and showing up on stock illustration websites (later getting banned).

Over time, Midjourney refined its model with more training, new features, and greater detail. The current default model, known as "v3," debuted in August. Now, Midjourney v4 is getting put to the test by thousands of members of the service's Discord server that create images through the Midjourney bot. Users can currently try v4 by appending "--v 4" to their prompts.