Security

• Microsoft unveils Android apps for Windows 11 (for US users only)

  Windows Insiders get their hands on the Windows Subsystem for Android
  Richard Speed Wed 20 Oct 2021 // 17:01 UTC 4

  Microsoft has further teased the arrival of the Windows Subsystem for Android by detailing how the platform will work via a newly published document for Windows Insiders.

  The document, spotted by inveterate Microsoft prodder "WalkingCat" makes for interesting reading for developers keen to make their applications work in the Windows Subsystem for Android (WSA).

  WSA itself comprises the Android OS based on the Android Open Source Project 1.1 and, like the Windows Subsystem for Linux, runs in a virtual machine.

  Continue reading

• Software Freedom Conservancy sues TV maker Vizio for GPL infringement

  Companies using GPL software should meet their obligations, lawsuit says
  Tim Anderson Wed 20 Oct 2021 // 16:05 UTC 11

  The Software Freedom Conservancy (SFC), a non-profit which supports and defends free software, has taken legal action against Californian TV manufacturer Vizio Inc, claiming "repeated failures to fulfill even the basic requirements of the General Public License (GPL)."

  Member projects of the SFC include the Debian Copyright Aggregation Project, BusyBox, Git, GPL Compliance Project for Linux Developers, Homebrew, Mercurial, OpenWrt, phpMyAdmin, QEMU, Samba, Selenium, Wine, and many more.

  The GPL Compliance Project is described as "comprised of copyright holders in the kernel, Linux, who have contributed to Linux under its license, the GPLv2. These copyright holders have formally asked Conservancy to engage in compliance efforts for their copyrights in the Linux kernel."

  Continue reading

• DRAM, it stacks up: SK hynix rolls out 819GB/s HBM3 tech

  Kit using the chips to appear next year at the earliest
  Chris Mellor Wed 20 Oct 2021 // 15:13 UTC

  Korean DRAM fabber SK hynix has developed an HBM3 DRAM chip operating at 819GB/sec.

  HBM3 (High Bandwidth Memory 3) is a third generation of the HBM architecture which stacks DRAM chips one above another, connects them by vertical current-carrying holes called Through Silicon Vias (TSVs) to a base interposer board, via connecting micro-bumps, upon which is fastened a processor that accesses the data in the DRAM chip faster than it would through the traditional CPU socket interface.

  Seon-yong Cha, SK hynix's senior vice president for DRAM development, said: "Since its launch of the world's first HBM DRAM, SK hynix has succeeded in developing the industry's first HBM3 after leading the HBM2E market. We will continue our efforts to solidify our leadership in the premium memory market."

  Continue reading

• UK's ARIA innovation body 'hasn't even begun to happen' says former research lead

  DARPA imitator not doing much after two years of Johnson government
  Lindsay Clark Wed 20 Oct 2021 // 14:38 UTC 11

  Updated The UK's efforts to copy US government and military innovation outfit DARPA are stalling, according to a leading figure in research and development.

  Appearing before the Science and Technology Committee, Sir John Kingman, former chair of UK Research and Innovation, told MPs this morning that ARIA – the Advanced Research and Invention Agency – was a good example of departmental research spending that could be cut, sidelined or delayed.

  "A very high-profile example would be ARIA, which has been this big plan for the Boris Johnson government, and yet here we are a few years into the Johnson government and it still hasn't even begun to happen," he told MPs.

  Continue reading

• Facebook fined £50m in UK for 'conscious' refusal to report info and 'deliberate failure to comply' during Giphy acquisition probe

  That rebrand can't come soon enough
  Jude Karabus Wed 20 Oct 2021 // 13:49 UTC 20

  Updated The UK's Competition and Markets Authority (CMA) has smacked Facebook with a £50m ($68.7m) fine for "deliberately" not giving it the full picture about its ongoing $400m acquisition of gif-slinger Giphy.

  The move – fingered by the CMA as a "major breach" – comes just weeks after the antisocial network dismissed the UK's regulator's initial findings as being based on "fundamental errors" and just hours after the US Dept of Justice and its Department of Labor announced separate agreements with the firm in which it will fork over $14.25m to settle allegations of discriminatory hiring practices.

  Facebook first announced its intention to buy the image platform, which hosts a searchable database of short looping soundless animated GIFs – many of which are sourced from reality TV and films – in May last year. Giphy also hosts MP4 looped video clips (so users can "enjoy" audio), which it also unaccountably calls gifs. Pinterest, Reddit and Salesforce's comms firm Slack have all integrated Giphy into their platforms so you can "react" to friends and colleagues. Facebook's acquisition values the company at $400m.

  Continue reading

• Not just deprecated, but deleted: Google finally strips File Transfer Protocol code from Chrome browser

  A death by a thousand cuts
  Richard Speed Wed 20 Oct 2021 // 13:07 UTC 23

  The Chromium team has finally done it – File Transfer Protocol (FTP) support is not just deprecated, but stripped from the codebase in the latest stable build of the Chrome browser, version 95.

  It has been a while coming. A lack of support for encrypted connections in Chrome's FTP implementation, coupled with a general disinterest from the majority of the browser's users, and more capable third-party alternatives being available has meant that the code has moved from deprecated to gone entirely.

  Support for fetching document resources over FTP was stripped from Chrome 72, proxy support for FTP was removed in Chrome 76, and Chrome 86 introduced a flag to turn it off completely.

  Continue reading

• Brave's homegrown search claims to protect your privacy but there's a long way to go if it's to challenge the big G

  Ad-free now but not forever
  Tim Anderson Wed 20 Oct 2021 // 12:14 UTC 27

  The Brave browser will now default to the company's own search engine, claimed to preserve privacy, while a new Web Discovery Project aims to collect search data again with privacy protection.

  The Brave web browser is based on the Google-sponsored Chromium engine but with features designed to prevent tracking, as well as an unusual reward system using its own cryptocurrency, the Basic Attention Token (BAT). Brave search will now be the default on new installs for desktop, Android, and iOS. Existing Brave users will keep their current default unless they choose to change it.

  Brave Search was released in beta in June and uses technology called Tailcat, acquired from the failed German Cliqz project, which also sought to provide a Google-free index.

  Continue reading

• NHS Digital exposes hundreds of email addresses after BCC blunder copies in entire invite list to 'Let's talk cyber' event

  It's like rai-iiiiiin on your wedding day
  Paul Kunert Wed 20 Oct 2021 // 11:28 UTC 34

  NHS Digital has scored a classic Mail All own-goal by dispatching not one, not two, not three, but four emails concerning an infosec breakfast briefing, each time copying the entirety of the invite list in on the messages.

  The first email sent yesterday morning thanked participants for "registering for NHS Digital's Full Digital Breakfast: Let's talk cyber, scheduled for Thursday 21 October 2021, 8:00-9:00am."

  Apparently Neil Bennett, CISO at NHS Digital, and Phil Huggins, National CISO at NHS X, "along with guest speakers, will have a conversation about the ongoing protection and how an increasingly digitised world means we must be super vigilant and cyber secure, where cyber hygiene is essential in protecting patients."

  Continue reading

• Hitting underground pipes and cables costs the UK £2.4bn a year. We need a data platform for that, says government

  Atkins wins £23m deal to build National Underground Asset Register
  Lindsay Clark Wed 20 Oct 2021 // 10:45 UTC 55

  The UK government has awarded management consultancy Atkins a £23m contract to help it get to grips with accidental damage to underground pipes and cables, which is costing £2.4bn a year.

  The Geospatial Commission, an independent expert committee within the Cabinet Office, has awarded the work to help it build "a secure data exchange platform providing a comprehensive, trusted and secure digital map of where buried assets are located."

  Documents attached to a competitive tender notice point out that when digging up roads or attempting any other subterranean engineering, workers suffer the considerable difficulty of finding out what other human-made structures might be down there.

  Continue reading

• Lunar rocks brought to Earth by China's Chang'e 5 show Moon's volcanoes were recently* active

  * Just a couple of billion years
  Katyanna Quach Wed 20 Oct 2021 // 09:58 UTC 10

  The Moon remained volcanically active much later than previously thought, judging from fragments of rocks dating back two billion years that were collected by China's Chang’e 5 spacecraft.

  The Middle Kingdom's space agency obtained about 1.72 kilograms (3.8 pounds) of lunar material from its probe that returned to Earth from the Moon in December. These samples gave scientists their first chance to get their hands on fresh Moon material in the 40 years since the Soviet Union's Luna 24 mission brought 170 grams (six ounces) of regolith to our home world in 1976.

  The 47 shards of basalt rocks retrieved by Chang'e 5 were estimated to be around two billion years old using radiometric dating techniques. The relatively young age means that the Moon was still volcanically active up to 900 million years later than previous estimates, according to a team of researchers led by the Chinese Academy of Sciences (CAS).

  Continue reading

• Centre for Computing History apologises to customers for 'embarrassing' breach

  Website patched following phishing scam, no financial data exposed
  Paul Kunert Wed 20 Oct 2021 // 09:15 UTC 6

  Updated The Centre for Computing History (CCH) in Cambridge, England, has apologised for an "embarrassing" breach in its online customer datafile, though thankfully no payment card information was exposed.

  The museum for computers and video games said it was notified that a unique email address used to book tickets via its website "has subsequently received a phishing email that looked like it came from HSBC."

  "Our investigation has revealed that our online customer datafile has been compromised and the email addresses contained within are now in the hands of spammers," says the letter to visitors from Jason Fitzpatrick, CEO and trustee at CCH dated 19 October.

  Continue reading