Security

• 10.8 million UK homes now have access to gigabit-capable broadband, with much of the legwork done by Virgin Media

  That's 37% of the country covered, and BT is expected to pick up the pace too
  Matthew Hughes Fri 14 May 2021 // 14:27 UTC

  A new Ofcom report shows the number of UK homes with access to gigabit-capable broadband hit 10.8 million in January, representing 37 per cent of households.

  The figures were part of Ofcom's Interim Connected Nations report [PDF] and covered September 2020 to January 2021.

  Overall, the number of gigabit-capable lines increased by 37 per cent against August's figure [PDF] of 7.9 million.

  Continue reading

• Tor users, beware: 'Scheme flooding' technique may be used to deanonymize you

  By probing for installed apps with custom URL schemes, it's possible to build a 32-bit unique fingerprint
  Thomas Claburn in San Francisco Fri 14 May 2021 // 13:32 UTC

  FingerprintJS, maker of a browser-fingerprinting library for fraud prevention, on Thursday said it has identified a more dubious fingerprinting technique capable of generating a consistent identifier across different desktop browsers, including the Tor Browser.

  That means, for example, if you browse the web using Safari, Firefox, or Chrome for some websites, and use the Tor browser to anonymously view others, there is a possibility someone could link your browser histories across all those sessions using a unique identifier, potentially deanonymize you, and track you around the web.

  Doing this is non-trivial, it can be very inaccurate or unreliable, and so this is more of a heads up than anything else.

  Continue reading

• They say the early bird gets the worm, so why does Orion have NASA's old-school logo?

  Visible from the launchpad... when it finally gets there
  Richard Speed Fri 14 May 2021 // 12:39 UTC

  NASA has slapped its worm logo on the side of the Crew Module Adaptor (CMA) for the Orion spacecraft as the first Artemis mission to the Moon inches closer.

  The logo had already been stuck on the underside of the CMA last year, but sticking it on the side will ensure it is visible once the Orion spacecraft and its European-built service module are stacked atop the Space Launch System (SLS) rocket and wheeled out to Kennedy's pad 39B.

  Continue reading

• Hospitals cancel outpatient appointments as Irish health service struck by ransomware

  Russia-based criminals pick soft target in hope of easy gains
  Gareth Corfield Fri 14 May 2021 // 11:45 UTC

  Ireland's nationalised health service has shut down its IT systems following a "human-operated" Conti ransomware attack, causing a Dublin hospital to cancel outpatient appointments.

  The country's Health Service Executive closed its systems down as a precaution, local reports from the Irish public service broadcaster RTÉ said, reporting that Dublin's Rotunda Hospital had cancelled appointments for outpatients – including many for pregnant women.

  "The maternity hospital said all outpatient visits are cancelled - unless expectant mothers are 36 weeks pregnant or later," reported RTÉ, adding: "All gynaecology clinics are also cancelled today."

  Continue reading

• Rapping otters and automated database knob-twiddling: An obvious combination in some universe or other

  OtterTune to compete with Oracle automation, but also for open source databases
  Lindsay Clark Fri 14 May 2021 // 10:45 UTC

  A university spin-out startup has announced a private beta of an automated database tuning service which its founder claims can double the performance or halve the cost of the popular AWS Relational Database Service.

  Among its marketing hype, though, is the, erm, novel approach of launching a hip-hop album of beats and screeching otters. More of that later.

  Originating from a project at Carnegie Mellon Database Group, OtterTune is based on the idea you can use machine learning to identify the optimal setting for database parameter knobs, a task well beyond most developers and something even seasoned DBAs struggle with, given the number of databases on the market that they might be required to manage.

  Continue reading

• NHS-backed org reacted to GitHub leak disclosure with legal threats and police call, complains IT pro

  Retention of now-deleted security breach evidence sparks spat
  Gareth Corfield Fri 14 May 2021 // 10:02 UTC

  +Comment IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him.

  Dyke, who has previously appeared in this organ, in March said he received letters from lawyers representing the Apperta Foundation after he told the business he had found a public repo containing the source code for an insecure online portal and its database containing usernames, hashed passwords, email addresses, and API keys.

  We're told the repository contained two branches, and dated back to 2019. It clearly shouldn't be public as it could be used to view internal purchasing, receipting, budgets, and expenditure information through the portal. The material was left visible to the public for so long that the Internet Archive mirrored a copy of it, which indicated the files were committed to GitHub by a now-deleted account that appeared to belong to a senior Apperta person.

  Continue reading

• For the marketeer that has everything – except a CPU fan

  You know it's time for an upgrade when your PC gets spanked by a sign
  Richard Speed Fri 14 May 2021 // 09:15 UTC

  Bork!Bork!Bork! The mean streets of Birmingham in England's West Midlands are our destination today, with an entry in the bork archive reminding us of the raw power of signage.

  We at the bork desk often scratch our heads at why Microsoft Windows is used to power something as simple as a digital sign. While Windows itself is not at fault in this example of borkage spotted by a Register reader, the hardware within seems a little at odds with what is a jumped-up version of what used to be done with a bit of paper and paste.

  Seen this week on Birmingham's Corporation Street (the bit with the tram tracks, just up from Poundland), we'd suggest this technological marvel cost a bit more than the average selling price of the product on sale from the shop next door. 16GB of memory, a 10th-generation Intel i7 chip and a 250GB NVMe PCIe SSD. Quite an impressive bit of kit is sat behind the screen on the street.

  Continue reading

• Your private data has been nabbed: Please update your life as soon as possible while we deflect responsibility

  Because our golf-obsessed boss has wandered off fondling his balls
  Alistair Dabbs Fri 14 May 2021 // 08:30 UTC

  Something for the Weekend, Sir? "I am writing with regard to a data security incident relating to you."

  Here we go again. Yet another bunch of jokers has allowed a third party to saunter onto its network and rummage around where it keeps sensitive customer information. It's enough to drive you to drink. (Mine's a boilermaker, thanks.)

  This has been a busy week for unwelcome messages.

  Continue reading

• Chinese AI censoring some live-streamed Alpacas – beasts with a very NSFW and political back story

  Be alert, not a-llam-ed
  Simon Sharwood, APAC Editor Fri 14 May 2021 // 07:58 UTC

  Douyin, the Chinese app known as TikTok in the rest of the world, is apparently censoring Alpacas.

  Yes, Alpacas, the llama-related beasties that produce lovely wool and can be quite cute.

  So cute that a few Chinese citizens manage to make a little cash live-streaming vision of coiffed and costumed alpacas on Douyin.

  Continue reading

• Protip: If Joe Public reports that your kit is broken, maybe check that it is actually broken

  Because now you have a bill to replace all these perfectly functional devices
  Richard Speed Fri 14 May 2021 // 07:26 UTC

  On Call Welcome back to On Call where this week we peek behind the scenes and see what happens when public-facing kit is reported as borked.

  Our reader, Regomised as "Sean", had a varied brief at a company based in Northern England. "My responsibilities," he told us, "included software development, CAD design, electronics, and 'whatever else needs doing'."

  The "else" included being called out to smooth the ruffled feathers of uppity customers.

  Continue reading

• South Korea creates $451bn semiconductor stimulus package

  Samsung and SK Hynix singled out as nation tries to become a titan
  Laura Dobberstein Fri 14 May 2021 // 06:57 UTC

  South Korea's government announced a support package worth 510 trillion won (US$451bn) to bolster in-country chip production with the hopes of becoming a global supply chain leader.

  Additionally, the Finance Ministry will raise tax deduction ratio for semiconductor R&D to forty percent, up from the current 30 points, and double deductions for facility investments to six percent.

  Over 150 Korean semiconductor companies qualify for the program, even existing giants Samsung and SK Hynix.

  Continue reading