Category: Uncategorised

Enlarge (credit: WinterforceMedia)

A campaign that targeted a European energy company wielded malware that's so sneaky and advanced it almost certainly is the work of a wealthy nation, researchers said Tuesday.

The malware contains about 280 kilobytes of densely packed code that, like a ninja warrior, cleverly and stealthily evades a large number of security defenses. It looks for and avoids a long list of computer names belonging to sandboxes and honeypots. It painstakingly dismantles antiviruses one process at a time until it's finally safe to uninstall them. It takes special care when running inside organizations that use facial recognition, fingerprint scanners, and other advanced access control systems. And it locks away key parts of its code in encrypted vaults to prevent it from being discovered and analyzed.

Once the malware has gained administrative control of a computer, it uses its lofty perch to survey the connected network, report its findings to its operators, and await further instructions. From then on, attackers have a network backdoor that allows them to install other types of malware, either for more detailed espionage or potentially sabotage. Researchers from security firm SentinelOne found the malware circulating in an underground forum and say it has already infected an unnamed energy company in Europe.

(credit: Marco Paköeningrat Follow)

A federal appeals court ruled Tuesday largely in favor of a defunct social networking company—finding that the forgotten startup did not violate an anti-spam statute. However, the court affirmed that Power Ventures did violate an anti-hacking law when it tried to circumvent Facebook’s IP block several years ago as part of a promotional campaign.

A lower court had previously ruled in favor of Facebook, which brought the original case against Power Ventures and its Power.com website and issued an award of $3 million to the social network giant. Power Ventures then appealed that up to the 9th Circuit Court of Appeals. On Tuesday, the appellate court sent the case back down to the District Court for further consideration and a likely reduction of damages.

As Ars reported last year, the case, Facebook v. Power Ventures, revolves around a site known as Power.com, which had tried to be a one-stop shop for social networking—its users could post to Facebook and other sites all in one place.

BamBrogan with the alleged noose.

On Tuesday, Hyperloop One's former CTO and co-founder Brogan BamBrogan launched a broad complaint against the company and many of its executives, alleging labor violations, defamation, intentional infliction of emotional distress, assault, and breach of fiduciary duty. Among the claims, BamBrogan says that a fellow executive left a noose on his office chair after the former CTO voiced concerns about the company’s leadership to Moscow executives.

The Los Angeles-based Hyperloop One was formed two years ago to turn a white paper written by Tesla and SpaceX founder Elon Musk into a reality. Musk drew a rough outline of a rail line using magnetic tracks and pressurized tubes to send passengers and cargo 700mph, but the CEO declined to spend resources building the system and made his notes available to any enterprising group. Hyperloop One successfully tested its propulsion system in May in Nevada.

BamBrogan filed the lawsuit along with three other former employees of the company, including former Assistant General Counsel David Pendergast. In the complaint, the plaintiffs name co-founder Shervin Pishevar, his brother and the company’s former chief legal officer for Hyperloop One, Afshin Pishevar, and two other executives involved with the company.

This Imgur post of a Holocaust Museum scene within Pokémon Go, which has since been taken down by its original poster, may have been faked, but its cultural impact has already been slammed by museum representatives. (credit: Imgur)

Pokémon Go's stratospheric launch last week is the stuff of social-scientist dreams, in terms of seeing how millions of people are using a semi-social, map-based smartphone game with little precedent. The results have ranged from adorable to troubling, and while some restaurants and shops are advertising that they welcome Pokémon Go players, other locations are not. In particular, a social-media flare-up highlighted one of the more extreme examples of the app's fallout: when users descend upon a culturally sensitive landmark while wielding a camera- and GPS-powered app.

On Tuesday, representatives for Washington, DC's Holocaust Museum issued a statement to the Washington Post asking visitors to put Pokémon Go away. "Playing the game is not appropriate in the museum, which is a memorial to the victims of Nazism," communication director Andrew Hollinger told the Post.

The statement came following a rash of players who visited the museum with the app turned on, attracted by the fact that the Holocaust Museum counts as a "Pokéstop" and can therefore be seeded with the game's "beacon" items to attract a higher number of the game's collectible Pokémon characters. Since the game also includes a camera function, which projects 3D Pokemon characters into real-world scenes, one image began circulating online of a Koffing Pokémon—as in, a gaseous, poisonous smoke monster—floating inside the museum.

This all-seeing eye mocks Necropolis' players throughout their randomly generated dungeon delves. (credit: Harebrained Schemes)

On paper, the pitch for dungeon-delving video game Necropolis sounds pretty off-putting: a roguelike, permadeath-loaded spin on Dark Souls, in which friends can inadvertently kill each other when they team up in co-op. Specifically, its off-putting nature is two-fold. If you're not a hardcore gamer, that sentence is gobbledygook, but if you are a hardcore gamer, you'll look at that pitch with appropriate trepidation. You can't just slam all of those words together and get a fun, functional game... can you?

The bad news is that a single session of Necropolis won't answer those doubts. Harebrained Schemes' first foray into the roguelike genre relies on a few too many random-content-generation tropes that don't all lend themselves well to an action-RPG that revolves around giant dungeons, heavy swords, and surprise monster attacks.

The worse news comes if you let Necropolis infect your brain in a "just one more" capacity. If you give the game enough of a chance, you'll uncover just enough systems that do work to make the dedication worth the pain. But perhaps only barely.

It has been a full two-and-a-half years now since we first saw the game-playing TASBot (short for tool-assisted speedrun robot) take full control of a Super Mario World cartridge. In that time, you would think we would have gotten tired of seeing the machine mangle classic games using nothing but data sent through the controller ports on actual gaming hardware.

Then last week's Summer Games Done Quick speedrunning marathon came along, and on Saturday, TASBot showed off its newfound ability to beat Super Mario Bros. 3 in less than a second (the marathon run had some padding, so it's actually visible to the audience). Our jaws were on the floor once again. There must be some sort of trick. How in the world is this possible?

Exploiting a decades-old hardware bug

The graphical glitches here are a result of some bits of memory that SMB3 fails to initialize at the beginning of the game.

TASBot's newest bit of game-breaking magic relies on the vagaries of the NES' DPCM (differential pulse code modulation) sound channel. This one-bit data stream was used to play extremely basic audio samples in select games, including Super Mario Bros. 3.

Attorney General Loretta Lynch is grilled by GOP lawmakers during a Tuesday hearing. (credit: House Judiciary Committee feed)

Republican lawmakers grilled Attorney General Loretta Lynch on Tuesday over why she chose not to prosecute Democratic presidential candidate Hillary Clinton for sending classified data through her private e-mail server when she was secretary of state.

But the Obama appointee refused to answer, saying it would be "inappropriate" to respond to lawmakers' repeated questions.

"While I understand that this investigation has generated significant public interest, as attorney general, it would be inappropriate for me to comment further on the underlying facts of the investigation or the legal basis for the team’s recommendation,” Lynch told the House Judiciary Committee's Subcommittee on the Constitution and Civil Justice.