Miele Professional PG 8528 dishwasher insecure – Web Server Directory Traversal

Details: ======== The corresponding embeded webserver “PST10 WebServer” typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks. Proof of Concept: ================= ~$ telnet 192.168.0.1 80 Trying 192.168.0.1… Connected to 192.168.0.1. Escape Read more about Miele Professional PG 8528 dishwasher insecure – Web Server Directory Traversal[…]

An Unexpected New Lung Function Has Been Found – They Make Blood

Researchers have discovered that the lungs play a far more complex role in mammalian bodies than we thought, with new evidence revealing that they don’t just facilitate respiration – they also play a key role in blood production. In experiments involving mice, the team found that they produce more than 10 million platelets (tiny blood Read more about An Unexpected New Lung Function Has Been Found – They Make Blood[…]

Intel Claims Optane Memory Will Speed Your Computer Up for Cheap

ntel’s new Optane memory is, according to Intel, an entirely new type of computer memory. It’s based on the 3D Xpoint memory architecture Intel announced back in July 2015. It’s as fast as the DRAM memory found in every computer used today, but as stable as the NAND memory found in the SSDs central to Read more about Intel Claims Optane Memory Will Speed Your Computer Up for Cheap[…]

Costco golf ball suit shows how threatening with unfounded patent accusations causes companies to die

Indeed, Costco might just be trying to beat Acushnet at a legal game that the ball maker has mastered—court sport. Acushnet has managed to muscle out other upstarts easily, simply by filing complaints. Tiny manufacturers who can’t afford to litigate have been forced to fold based on Acushet’s accusations alone, with no proof of infringement. Read more about Costco golf ball suit shows how threatening with unfounded patent accusations causes companies to die[…]

Your internet history on sale to highest bidder: US Congress votes to shred ISP privacy rules

The US House of Representatives has just approved a “congressional disapproval” vote of privacy rules, which gives your ISP the right to sell your internet history to the highest bidder. The measure passed by 215 votes to 205. This follows the same vote in the Senate last week. Just prior to the vote, a White Read more about Your internet history on sale to highest bidder: US Congress votes to shred ISP privacy rules[…]

A 3 billion solar mass black hole rockets out of a galaxy at 8 million kilometers per hour.

A black hole with three billion times the mass of the Sun has been found hurtling out of its parent galaxy at 8 million kilometers per hour! What could give it that kind of incredible boost? Turns out, it’s something even more incredible: the two supermassive black holes that merged to form it in the first place. Read more about A 3 billion solar mass black hole rockets out of a galaxy at 8 million kilometers per hour.[…]

UK flight ban on electronic devices announced – copying Trumpist insanity

The UK government has announced a cabin baggage ban on laptops and tablets on direct flights to the UK from Turkey, Lebanon, Jordan, Egypt, Tunisia and Saudi Arabia. The ban follows a similar move in the US, where officials say bombs could be hidden in a series of devices. Downing Street said it was “necessary, Read more about UK flight ban on electronic devices announced – copying Trumpist insanity[…]

Burglars can easily make Google Nest security cameras stop recording

The first two flaws can be triggered and lead to a buffer overflow condition if the attacker sends to the camera a too-long Wi-Fi SSID parameter or a long encrypted password parameter, respectively. That’s easy to do as Bluetooth is never disabled after the initial setup of the cameras, and attackers (e.g. burglars) can usually Read more about Burglars can easily make Google Nest security cameras stop recording[…]

A new definition would add 102 planets to our solar system — including Pluto

Pluto fans are attempting to reignite a contentious astronomy debate: What is a planet? […] Is Pluto a planet? It’s not a question scientists ask in polite company. “It’s like religion and politics,” said Kirby Runyon, a planetary scientist at Johns Hopkins University. “People get worked up over it. I’ve gotten worked up over it.” Read more about A new definition would add 102 planets to our solar system — including Pluto[…]

Patents Are A Big Part Of Why We Can’t Own Nice Things: the Supreme Court Should Fix That

Today, the Supreme Court heard arguments in a case that could allow companies to keep a dead hand of control over their products, even after you buy them. The case, Impression Products v. Lexmark International, is on appeal from the Court of Appeals for the Federal Circuit, who last year affirmed its own precedent allowing Read more about Patents Are A Big Part Of Why We Can’t Own Nice Things: the Supreme Court Should Fix That[…]

Bloke, 48, accused of whaling two US tech leviathans out of $100m

According to allegations in the indictment against Rimasauskas, which was unsealed this week, he had orchestrated his scheme between 2013 and 2015, targeting “a multinational technology company and a multinational online social media company” and tricking them into wiring funds to bank accounts under his control. The bank accounts in question belonged to companies that Read more about Bloke, 48, accused of whaling two US tech leviathans out of $100m[…]

Russian mastermind of $500m bank-raiding Citadel coughs to crimes

Mark Vartanyan, who operated under the handle “Kolypto”, was arrested in Norway last year, and extradited to America in December. The 29-year-old was charged with one count of computer fraud. On Monday, he pleaded guilty [PDF] to a district court in Atlanta, US. He faces up to 10 years in the clink and a $250,000 Read more about Russian mastermind of $500m bank-raiding Citadel coughs to crimes[…]

WikiLeaks’ New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago

Earlier this month, when WikiLeaks dumped a cache of hundreds of secret documents allegedly detailing the CIA’s hacking operations, Julian Assange promised that was just “less than 1%” of what the secret-spilling had in its hands. On Thursday, WikiLeaks released a new cache of twelve documents, mostly detailing how the CIA allegedly hacked Apple computers Read more about WikiLeaks’ New Dump Shows How The CIA Allegedly Hacked Macs and iPhones Almost a Decade Ago[…]

The Senate Just Voted to Let Internet Providers Sell Your Web History

Today, the US Senate voted 50-48 to overturn broadband privacy rules that would have required internet service providers get consumer consent before selling their web browsing data to advertisers or other data companies. The rules, which passed in October of last year, govern the collection and selling of private data by ISPs like Verizon, Comcast, Read more about The Senate Just Voted to Let Internet Providers Sell Your Web History[…]

This AI stuff is all talk! Bots invent their own language to natter away behind humans’ backs

At first, the bot lingo was more like Morse code: an abstract symbol was agreed upon and then scattered among spaces to create meaning, the researchers explained in a blog post. The team tweaked the experiment so that there was a slight penalty on every utterance for every bot, and they added an incentive to Read more about This AI stuff is all talk! Bots invent their own language to natter away behind humans’ backs[…]

Metered Connections in Windows 10 Creators Update Will Not Block All Windows Update Downloads

It looks like designating a connection as metered in the Windows 10 Creators Update may not block all updates from being downloaded on your system […] Setting a connection as metered in Windows 10 has been a widely used and shared method to control the automatic download and installation of Windows Updates which of course Read more about Metered Connections in Windows 10 Creators Update Will Not Block All Windows Update Downloads[…]

W3C erects DRM as web standard

The World Wide Web Consortium has formally put forward highly controversial digital rights management as a new web standard. Dubbed Encrypted Media Extensions (EME), this anti-piracy mechanism was crafted by engineers from Google, Microsoft, and Netflix, and has been in development for some time. The DRM is supposed to thwart copyright infringement by stopping people Read more about W3C erects DRM as web standard[…]

End of fillings in sight as scientists find Alzheimer’s drug makes teeth grow back 

Fillings could be consigned to history after scientists discovered that a drug already trialled in Alzheimer’s patients can encourage tooth regrowth and repair cavities. Researchers at King’s College London found that the drug Tideglusib stimulates the stem cells contained in the pulp of teeth so that they generate new dentine – the mineralised material under Read more about End of fillings in sight as scientists find Alzheimer’s drug makes teeth grow back […]

20,000 Worldclass University Lectures Made Illegal, So We Irrevocably Mirrored Them – LBRY

Today, the University of California at Berkeley has deleted 20,000 college lectures from its YouTube channel. Berkeley removed the videos because of a lawsuit brought by two students from another university under the Americans with Disabilities Act. We copied all 20,000 and are making them permanently available for free via LBRY. This makes the videos Read more about 20,000 Worldclass University Lectures Made Illegal, So We Irrevocably Mirrored Them – LBRY[…]

Web security products introduce man in the middle insecurities

Your antivirus and network protection efforts may actually be undermining network security, a new paper and subsequent US-CERT advisory have warned. The issue comes with the use of HTTPS interception middleboxes and network monitoring products. They are extremely common and are used to check that nothing untoward is going on. However, the very method by Read more about Web security products introduce man in the middle insecurities[…]

WikiLeaks will disclose CIA vulns to companies that sign standard responsible disclosures – or maybe not so standard?

“WikiLeaks has made initial contact with us via secure@microsoft.com,” a Microsoft spokesperson told Motherboard — but then things apparently stalled. An anonymous reader quotes Fortune: Wikileaks this week contacted major tech companies including Apple and Google, and required them to assent to a set of conditions before receiving leaked information about security “zero days” and Read more about WikiLeaks will disclose CIA vulns to companies that sign standard responsible disclosures – or maybe not so standard?[…]