Microsoft Is Disabling SMB1 File-Sharing Protocol in Windows 11 Home
Read more of this story at Slashdot.
Sales And Repair
1715 S. 3rd Ave. Suite #1
Yakima, WA. 98902
Mon - Fri: 8:30-5:30
Sat - Sun: Closed
Sales And Repair
1715 S. 3rd Ave. Suite #1
Yakima, WA. 98902
Mon - Fri: 8:30-5:30
Sat - Sun: Closed
Read more of this story at Slashdot.
Two of the vulnerabilities — tracked as CVE-2021-3971 and CVE-2021-3972 — reside in UEFI firmware drivers intended for use only during the manufacturing process of Lenovo consumer notebooks. Lenovo engineers inadvertently included the drivers in the production BIOS images without being properly deactivated. Hackers can exploit these buggy drivers to disable protections, including UEFI secure boot, BIOS control register bits, and protected range register, which are baked into the serial peripheral interface (SPI) and designed to prevent unauthorized changes to the firmware it runs. After discovering and analyzing the vulnerabilities, researchers from security firm ESET found a third vulnerability, CVE-2021-3970. It allows hackers to run malicious firmware when a machine is put into system management mode, a high-privilege operating mode typically used by hardware manufacturers for low-level system management. “All three of the Lenovo vulnerabilities discovered by ESET require local access, meaning that the attacker must already have control over the vulnerable machine with unfettered privileges,” notes Ars Technica’s Dan Goodin. “The bar for that kind of access is high and would likely require exploiting one or more critical other vulnerabilities elsewhere that would already put a user at considerable risk.”
Still, it’s worth looking to see if you have an affected model and, if so, patch your computer as soon as possible.
Read more of this story at Slashdot.
Volla OS also has a built-in user-customizable firewall, an App Locker feature for disabling and hiding apps, and optional support for using the Hide.me VPN for anonymous internet usage. The source code for Volla OS is also available for anyone that wants to inspect the code. The operating system also has a custom user interface including a Springboard that allows you to quickly launch frequently-used apps by pressing a red dot for a list, or by starting to type in a search box for automatic suggestions such as placing a phone call, sending a text message, or opening a web page. You can also create notes or calendar events from the Springboard or send an encrypted message with Signal. The phone is expected to ship in June at an early bird price of about $408.
Read more of this story at Slashdot.
Small modular reactors (SMRs) are seen by their proponents as a way to build nuclear power plants in factories, a method that could be cheaper and quicker than traditional designs. The technology, based on the reactors used in nuclear submarines, is seen by Rolls-Royce as a potential earner far beyond any previous business such as jet engines or diesel motors. The government under Boris Johnson put nuclear power at the centre of its energy strategy announced earlier this month, in response to climate concerns and a desire to ditch Russian gas. SMRs are expected to play an important role in an expansion of nuclear to supply a quarter of the UK’s energy needs. Lower costs would be crucial in justifying the nuclear push, given that onshore wind is seen as much cheaper and quicker to install.
Read more of this story at Slashdot.
The researchers, considered among the world’s leading experts in detecting digital attacks, announced they had taken the rare step of notifying Whitehall of the attack as it “believes that our actions can reduce harm.” However, they were not able to identify the specific individuals within No 10 and the Foreign Office who are suspected of having been hacked. “The suspected infections relating to the FCO were associated with Pegasus operators that we link to the UAE, India, Cyprus and Jordan. The suspected infection at the UK prime minister’s office was associated with a Pegasus operator we link to the UAE.”
Read more of this story at Slashdot.
According to Russian media outlets, the ban wave began on April 13 and didn’t discriminate between companies and individuals. For example, the GitHub accounts of Sberbank Technology, Sberbank AI Lab, and the Alfa Bank Laboratory had their code repositories initially disabled and are now removed from the platform…. Personal accounts suspended on GitHub have their content wiped while all repositories become immediately out of reach, and the same applies to issues and pull requests.
Habr.com [a Russian collaborative blog about IT] reports that some Russian developers contacted GitHub about the suspension and received an email titled ‘GitHub and Trade Controls’ that explained their account was disabled due to US sanctions. This email contains a link to a GitHub page explaining the company’s policies regarding sanctions and trade controls, which explains how a user can appeal their suspension. This appeal form requires the individual to certify that they do not use their GitHub account on behalf of a sanctioned entity. A developer posted to Twitter saying that he could remove the suspension after filling out the form and that it was due to his previous employer being sanctioned.
A GitHub blog post in March had promised to ensure the availability of open source services “to all, including developers in Russia.” So Bleeping Computer contacted a GitHub spokesperson, who explained this weekend that while GitHub may be required to restrict some users to comply with U.S. laws, “We examine government sanctions thoroughly to be certain that users and customers are not impacted beyond what is required by law.”
According to this, the suspended private accounts are either affiliated, collaborating, or working with/for sanctioned entities. However, even those who previously worked for a sanctioned company appear to be suspended by mistake.
This means that Russian users, in general, can suddenly find their projects wiped and accounts suspended, even if those projects have nothing to do with the sanctioned entities.
Read more of this story at Slashdot.
And for some U.S. teenagers, “banned book clubs, recent book banning attempts have been a springboard for wider discussions around censorship.”
The Banned Book Club at Firefly Bookstore [started by 8th grader Joslyn Diffenbaugh] read George Orwell’s “Animal Farm” as its first pick. While the satirical novella, which makes a pointed critique of totalitarianism, isn’t one of the books currently being challenged in the US, it was banned in the Soviet Union until its fall and was rejected for publication in the UK during its wartime alliance with the USSR. And it faced challenges in Florida in the ’80s for being “pro-communist.” That history made for some thought-provoking conversations. “It taught a lot because it had references to different forms of government that maybe some adults didn’t like their kids reading about, even though it was run by pigs,” Diffenbaugh said. “I really thought it shouldn’t have been banned for those reasons, or at all.”
Teenagers at the Common Ground Teen Center in Washington, Pennsylvania, formed a banned book club soon after a Tennessee school district voted to remove “Maus” from an eighth grade curriculum. But while the graphic novel about the Holocaust was the catalyst for the club, says director Mary Jo Podgurski, the first title they chose to read was, fittingly, “Fahrenheit 451” — the 1953 dystopian novel about government censorship that itself has been challenged over the years. “Obviously this whole idea of taking away books that they wanted to read or that they thought they should read sparked a nerve in them,” said Podgurski, an educator and counselor who oversees the Common Ground Teen Center….
Since reading “Fahrenheit 451,” the club has also discussed “Animal Farm” and “1984,” which has been challenged for its political themes and sexual content. So far, the young readers at the Common Ground Teen Center have been puzzled as to why those books were once deemed inappropriate. “I often wonder, do adults understand what kids have in their phones?” Podgurski said. “They have access to everything. Saying ‘don’t read this book’ shows that you’re not understanding teen culture. Young people have access to much information. What they need is an adult to help them process it.”
Read more of this story at Slashdot.
All models referencing the word “Honda” posted prior to March 30, 2022, were seemingly removed from Printables without warning. These included speaker brackets, key housings, hood latches, shifter bushings, washer fluid caps, roof latch handles, and my trunk lid handle — a part not offered on 10th generation Accords sold in the U.S. at all. In fact, many of the removed parts had no Honda branding but were just compatible with Honda vehicles. As it turns out, Prusa says it was issued a takedown notice from Honda and removed all 3D models that referenced the brand.
“I can confirm to you that we have received a letter from a lawyer representing Honda, informing us that we were required to remove any model which used ‘Honda’ in the listing, the model itself, or one of several trademarks/logos also associated with Honda,” a Prusa spokesperson told The Drive in an email. “This will also be related to the naming of the files it self (sic), as for Honda this would be considered as a violation of their trademark/patents.” A Prusa employee responded to a post on the company’s forums, noting that Honda sent a “huge legal document” that covered every model that the company wished to have deleted. The document reportedly included items that did not have Honda logos, but also specific items with certain shapes and dimensions — like a washer fluid reservoir cap, for example.
A response from another employee was posted suggesting other sites that host 3D models were also sent a similar takedown notice.
Read more of this story at Slashdot.
Stallman began by thanking everyone who’s contributed to free software, and encouraged others who want to help to visit gnu.org/help. “The Free Software movement is universal, and morally should not exclude anyone. Because even though there are crimes that should be punished, cutting off someone from contributing to free software punishes the world. Not that person.”
And then he began by noting some things that have gotten better in the free software movement, including big improvements in projects like GNU Emacs when displaying external packages. (And in addition, “GNU Health now has a hospital management facility, which should make it applicable to a lot more medical organizations so they can switch to free software. And [Skype alternative] GNU Jami got a big upgrade.”)
What’s getting worse? Well, the libre-booted machines that we have are getting older and scarcer. Finding a way to support something new is difficult, because Intel and AMD are both designing their hardware to subjugate people. If they were basically haters of the public, it would be hard for them to do it much worse than they’re doing.
And Macintoshes are moving towards being jails, like the iMonsters. It’s getting harder for users to install even their own programs to run them. And this of course should be illegal. It should be illegal to sell a computer that doesn’t let users install software of their own from source code. And probably shouldn’t allow the computer to stop you from installing binaries that you get from others either, even though it’s true in cases like that, you’re doing it at your own risk. But tying people down, strapping them into their chairs so that they can’t do anything that hurts themselves — makes things worse, not better. There are other systems where you can find ways to trust people, that don’t depend on being under the power of a giant company.
We’ve seen problems sometimes where supported old hardware gets de-supported because somebody doesn’t think it’s important any more — it’s so old, how could that matter? But there are reasons…why old hardware sometimes remains very important, and people who aren’t thinking about this issue might not realize that…
Stallman also had some advice for students required by their schools to use non-free software like Zoom for their remote learning. “If you have to use a non-free program, there’s one last thing… which is to say in each class session, ‘I am bitterly ashamed of the fact that I’m using Zoom for this class.’ Just that. It’s a few seconds. But say it each time…. And over time, the fact that this is really important to you will sink in.”
And then halfway through, Stallman began taking questions from the audience…
Read on for Slashdot’s report on Stallman’s remarks, or jump ahead to…
How far should copyright law go? That NPM package that deleted files in Russia Does the free software world need more videogames? Stallman’s upcoming manual for ‘GNU C’ Free Software’s role in protecting our planet’s environment
Read more of this story at Slashdot.
He now believes this ultimately fueled a viral dynamic leading to “the continual chipping-away of trust” in a democracy which “depends on widely internalized acceptance of the legitimacy of rules, norms, and institutions.”
The most recent Edelman Trust Barometer (an international measure of citizens’ trust in government, business, media, and nongovernmental organizations) showed stable and competent autocracies (China and the United Arab Emirates) at the top of the list, while contentious democracies such as the United States, the United Kingdom, Spain, and South Korea scored near the bottom (albeit above Russia)…. Mark Zuckerberg may not have wished for any of that. But by rewiring everything in a headlong rush for growth — with a naive conception of human psychology, little understanding of the intricacy of institutions, and no concern for external costs imposed on society — Facebook, Twitter, YouTube, and a few other large platforms unwittingly dissolved the mortar of trust, belief in institutions, and shared stories that had held a large and diverse secular democracy together.
In the last 10 years, the article argues, the general public — at least in America — became “uniquely stupid.” And he’s not just speaking about the political right and left, but within both factions, “as well as within universities, companies, professional associations, museums, and even families.” The article quotes former CIA analyst Martin Gurri’s comment in 2019 that the digital revolution has highly fragmented the public into hostile shards that are “mostly people yelling at each other and living in bubbles of one sort or another.”
The article concludes that by now U.S. politics has entered a phase where truth “cannot achieve widespread adherence” and thus “nothing really means anything anymore–at least not in a way that is durable and on which people widely agree.” It even contemplates the idea of “highly believable” disinformation generated by AI, possibly by geopolitical adversaries, ultimately evolving into what the research manager at the Stanford Internet Observatory has described as “an Information World War in which state actors, terrorists, and ideological extremists leverage the social infrastructure underpinning everyday life to sow discord and erode shared reality.”
But then the article also suggests possible reforms:
The Facebook whistleblower Frances Haugen advocates for simple changes to the architecture of the platforms, rather than for massive and ultimately futile efforts to police all content. For example, she has suggested modifying the “Share” function on Facebook so that after any content has been shared twice, the third person in the chain must take the time to copy and paste the content into a new post. Reforms like this…don’t stop anyone from saying anything; they just slow the spread of content that is, on average, less likely to be true.
Perhaps the biggest single change that would reduce the toxicity of existing platforms would be user verification as a precondition for gaining the algorithmic amplification that social media offers. Banks and other industries have “know your customer” rules so that they can’t do business with anonymous clients laundering money from criminal enterprises. Large social-media platforms should be required to do the same…. This one change would wipe out most of the hundreds of millions of bots and fake accounts that currently pollute the major platforms…. Research shows that antisocial behavior becomes more common online when people feel that their identity is unknown and untraceable.
In any case, the growing evidence that social media is damaging democracy is sufficient to warrant greater oversight by a regulatory body, such as the Federal Communications Commission or the Federal Trade Commission. One of the first orders of business should be compelling the platforms to share their data and their algorithms with academic researchers.
The members of Gen Z–those born in and after 1997–bear none of the blame for the mess we are in, but they are going to inherit it, and the preliminary signs are that older generations have prevented them from learning how to handle it…. Congress should update the Children’s Online Privacy Protection Act, which unwisely set the age of so-called internet adulthood (the age at which companies can collect personal information from children without parental consent) at 13 back in 1998, while making little provision for effective enforcement. The age should be raised to at least 16, and companies should be held responsible for enforcing it. More generally, to prepare the members of the next generation for post-Babel democracy, perhaps the most important thing we can do is let them out to play. Stop starving children of the experiences they most need to become good citizens: free play in mixed-age groups of children with minimal adult supervision…
The article closes with its own note of hope — and a call to action:
In recent years, Americans have started hundreds of groups and organizations dedicated to building trust and friendship across the political divide, including BridgeUSA, Braver Angels (on whose board I serve), and many others listed at BridgeAlliance.us. We cannot expect Congress and the tech companies to save us. We must change ourselves and our communities.
Read more of this story at Slashdot.