Trying Out Microsoft’s Pre-Release OS/2 2.0

Last month, the only known surviving copy of 32-bit OS/2 from Microsoft was purchased for $650. “Now, two of the internet’s experts in getting early PC operating systems running today have managed to fire it up, and you can see the results,” reports The Register. From the report: Why such interest in this nearly third-of-a-century old, unreleased OS? Because this is the way the PC industry very nearly went. This SDK came out in June 1990, just one month after Windows 3.0. If 32-bit OS/2 had launched as planned, Windows 3 would have been the last version before it was absorbed into OS/2 and disappeared. There would never have been any 32-bit versions: no Windows NT, no Windows 95; no Explorer, no Start menu or taskbars. That, in turn, might well have killed off Apple as well. No iPod, no iPhone, no fondleslabs. Twenty-first century computers would be unimaginably different. The surprise here is that we can see a glimpse of this world that never happened. The discovery of this pre-release OS shows how very nearly ready it was in 1990. IBM didn’t release its solo version until April 1992, the same month as Windows 3.1 — but now, we can see it was nearly ready two years earlier.

That’s why Michal Necasek of the OS/2 Museum called his look The Future That Never Was. He uncovered a couple of significant bugs, but more impressively, he found workarounds for both, and got both features working fine. OS/2 2 could run multiple DOS VMs at once, but in the preview, they wouldn’t open — due to use of an undocumented instruction which Intel did implement in the Pentium MMX and later processors. Secondly, the bundled network client wouldn’t install — but removing a single file got that working fine. That alone is a significant difference between Microsoft’s OS/2 2.0 and IBM’s version: Big Blue didn’t include networking until Warp Connect 3 in 1995.

His verdict: “The 6.78 build of OS/2 2.0 feels surprisingly stable and complete. The cover letter that came with the SDK stressed that Microsoft developers had been using the OS/2 pre-release for day-to-day work.” Over at Virtually Fun, Neozeed also took an actual look at Microsoft OS/2 2.0, carefully recreating that screenshot from PC Magazine in May 1990. He even managed to get some Windows 2 programs running, although this preview release did not yet have a Windows subsystem. On his Internet Archive page, he has disk images and downloadable virtual machines so that you can run this yourself under VMware or 86Box.

Read more of this story at Slashdot.

Cognition Emerges From Stealth To Launch AI Software Engineer ‘Devin’

Longtime Slashdot reader ahbond shares a report from VentureBeat: Today, Cognition, a recently formed AI startup backed by Peter Thiel’s Founders Fund and tech industry leaders including former Twitter executive Elad Gil and Doordash co-founder Tony Xu, announced a fully autonomous AI software engineer called “Devin.” While there are multiple coding assistants out there, including the famous Github Copilot, Devin is said to stand out from the crowd with its ability to handle entire development projects end-to-end, right from writing the code and fixing the bugs associated with it to final execution. This is the first offering of this kind and even capable of handling projects on Upwork, the startup has demonstrated. […]

In a blog post today on Cognition’s website, Scott Wu, the founder and CEO of Cognition and an award-winning sports coder, explained Devin can access common developer tools, including its own shell, code editor and browser, within a sandboxed compute environment to plan and execute complex engineering tasks requiring thousands of decisions. The human user simply types a natural language prompt into Devin’s chatbot style interface, and the AI software engineer takes it from there, developing a detailed, step-by-step plan to tackle the problem. It then begins the project using its developer tools, just like how a human would use them, writing its own code, fixing issues, testing and reporting on its progress in real-time, allowing the user to keep an eye on everything as it works. […]

According to demos shared by Wu, Devin is capable of handling a range of tasks in its current form. This includes common engineering projects like deploying and improving apps/websites end-to-end and finding and fixing bugs in codebases to more complex things like setting up fine-tuning for a large language model using the link to a research repository on GitHub or learning how to use unfamiliar technologies. In one case, it learned from a blog post how to run the code to produce images with concealed messages. Meanwhile, in another, it handled an Upwork project to run a computer vision model by writing and debugging the code for it. In the SWE-bench test, which challenges AI assistants with GitHub issues from real-world open-source projects, the AI software engineer was able to correctly resolve 13.86% of the cases end-to-end — without any assistance from humans. In comparison, Claude 2 could resolve just 4.80% while SWE-Llama-13b and GPT-4 could handle 3.97% and 1.74% of the issues, respectively. All these models even required assistance, where they were told which file had to be fixed. Currently, Devin is available only to a select few customers. Bloomberg journalist Ashlee Vance wrote a piece about his experience using it here.

“The Doom of Man is at hand,” captions Slashdot reader ahbond. “It will start with the low-hanging Jira tickets, and in a year or two, able to handle 99% of them. In the short term, software engineers may become like bot farmers, herding 10-1000 bots writing code, etc. Welcome to the future.”

Read more of this story at Slashdot.

Binance Executives Were Arrested In Nigeria For Allegedly Destabilizing Its Currency

Two top executives from the crypto exchange Binance have been arrested in Nigeria for allegedly destabilizing the national currency. Quartz reports: According to a Wall Street Journal report, Tigran Gambaryan, head of financial-crime compliance at Binance who previously worked at the U.S. Internal Revenue Service (IRS), and Nadeem Anjarwalla, a British-Kenyan national and Binance’s regional manager for Africa, have been held against their will for the past two weeks in the country. As per reports, Nigerian government officials invited Binance executives to discuss an ongoing dispute about the world’s largest crypto exchange allegedly driving down the value of their national currency. Gambaryan and Anjarwalla arrived in Nigeria on February 25th; after their meeting with government officials, both were taken to their hotels. Later, they were instructed to pack their belongings and move to a guesthouse run by Nigeria’s National Security Agency, as stated by their families, per reports.

The Nigerian government has accused Binance of exacerbating the country’s foreign exchange challenges through rate manipulation for profit. The authorities have also accused the crypto exchange of illegal operations and have restricted access to the company’s website. There are also reports that Nigeria sought a $10 billion penalty from Binance for processing around $26 billion in untraceable funds in the country. […] The reason why and how Nigeria’s economic crisis is linked with Binance is yet to be found out. Binance is hoping to resolve the matter soon, according to CoinDesk. The report notes that Nigeria is experiencing its worst economic crisis in recent years due to inflation and the devaluation of their currency, the naira.

Read more of this story at Slashdot.

Over 15,000 Roku Accounts Sold To Buy Streaming Subscriptions, Devices

Over 15,000 Roku customers were hacked and used to make fraudulent purchases of hardware and streaming subscriptions. According to BleepingComputer, the threat actors were “selling the stolen accounts for as little as $0.50 per account, allowing purchasers to use stored credit cards to make illegal purchases.” From the report: On Friday, Roku first disclosed the data breach, warning that 15,363 customer accounts were hacked in a credential stuffing attack. A credential stuffing attack is when threat actors collect credentials exposed in data breaches and then attempt to use them to log in to other sites, in this case, Roku.com. The company says that once an account was breached, it allowed threat actors to change the information on the account, including passwords, email addresses, and shipping addresses. This effectively locked a user out of the account, allowing the threat actors to make purchases using stored credit card information without the legitimate account holder receiving order confirmation emails.

“It appears likely that the same username/password combinations had been used as login information for such third-party services as well as certain individual Roku accounts,” reads the data breach notice. “As a result, unauthorized actors were able to obtain login information from third-party sources and then use it to access certain individual Roku accounts. “After gaining access, they then changed the Roku login information for the affected individual Roku accounts, and, in a limited number of cases, attempted to purchase streaming subscriptions.” Roku says that it secured the impacted accounts and forced a password reset upon detecting the incident. Additionally, the platform’s security team investigated for any charges due to unauthorized purchases performed by the hackers and took steps to cancel the relevant subscriptions and refund the account holders.

A researcher told BleepingComputer last week that the threat actors have been using a Roku config to perform credential stuffing attacks for months, bypassing brute force attack protections and captchas by using specific URLs and rotating through lists of proxy servers. Successfully hacked accounts are then sold on stolen account marketplaces for as little as 50 cents, as seen below where 439 accounts are being sold. The seller of these accounts provides information on how to change information on the account to make fraudulent purchases. Those who purchase the stolen accounts hijack them with their own information and use stored credit cards to purchase cameras, remotes, soundbars, light strips, and streaming boxes. After making their purchases, it is common for them to share screenshots of redacted order confirmation emails on Telegram channels associated with the stolen account marketplaces.

Read more of this story at Slashdot.

Surgeons Perform UK’s First Operation Using Apple’s Vision Pro Headset

Surgeons in the United Kingdom have performed the first operation in the country using Apple’s Vision Pro headset. TechSpot reports: During a recent operation to repair a patient’s spine at the private Cromwell Hospital in London, a scrub nurse working alongside the surgeon used the Vision Pro to help prepare, keep track of the procedure, and choose the right tools, reports the Daily Mail. This marked the first operation in the UK where the Vision Pro was used. The software running on Apple’s headset during the operation comes from US company eXeX, which has made similar programs for Microsoft’s HoloLens. It offers nurses and technicians both holographic and touch-free access to the surgical setup and the procedural guides from within the sterile field of the operating room, according to the press release. The software also tracks each stage of an operation and can measure how well the op went compared to previous procedures performed by other surgeons.

“It eliminates human error and eliminates the guesswork,” said Suvi Verho, lead scrub nurse at London Independent Hospital. “It gives you confidence in surgery.” While this marked the first time that the Vision Pro was used during a UK surgery, the first-ever time the device was used in an operating room was last month, just three days after its release, when Orlando resident and world-renowned Neurosurgeon Dr. Robert Masson wore it during several spine reconstruction surgeries. “We are in a new era of surgery, and for the first time, our surgical teams have the brilliance of visual holographic guidance and maps, improving visuospatial and temporal orientation for each surgical team and for each surgery in all specialties,” said Masson.

Read more of this story at Slashdot.

Misconfigured Cloud Servers Targeted with Linux Malware for New Cryptojacking Campaign

Researchers at Cado Security Labs received an alert about a honeypot using the Docker Engine API. “A Docker command was received…” they write, “that spawned a new container, based on Alpine Linux, and created a bind mount for the underlying honeypot server’s root directory…”
Typically, this is exploited to write out a job for the Cron scheduler to execute… In this particular campaign, the attacker exploits this exact method to write out an executable at the path /usr/bin/vurl, along with registering a Cron job to decode some base64-encoded shell commands and execute them on the fly by piping through bash.

The vurl executable consists solely of a simple shell script function, used to establish a TCP connection with the attacker’s Command and Control (C2) infrastructure via the /dev/tcp device file. The Cron jobs mentioned above then utilise the vurl executable to retrieve the first stage payload from the C2 server… To provide redundancy in the event that the vurl payload retrieval method fails, the attackers write out an additional Cron job that attempts to use Python and the urllib2 library to retrieve another payload named t.sh

“Multiple user mode rootkits are deployed to hide malicious processes,” they note. And one of the shell scripts “makes use of the shopt (shell options) built-in to prevent additional shell commands from the attacker’s session from being appended to the history file… Not only are additional commands prevented from being written to the history file, but the shopt command itself doesn’t appear in the shell history once a new session has been spawned.”

The same script also inserts “an attacker-controlled SSH key to maintain access to the compromised host,” according to the article, retrieves a miner for the Monero cryptocurrency and then “registers persistence in the form of systemd services” for both the miner and an open source Golang reverse shell utility named Platypus.

It also delivers “various utilities,” according to the blog Security Week, “including ‘masscan’ for host discovery.” Citing CADO’s researchers, they write that the shell script also “weakens the machine by disabling SELinux and other functions and by uninstalling monitoring agents.”
The Golang payloads deployed in these attacks allow attackers to search for Docker images from the Ubuntu or Alpine repositories and delete them, and identify and exploit misconfigured or vulnerable Hadoop, Confluence, Docker, and Redis instances exposed to the internet… [“For the Docker compromise, the attackers spawn a container and escape from it onto the underlying host,” the researchers writes.]

“This extensive attack demonstrates the variety in initial access techniques available to cloud and Linux malware developers,” Cado notes. “It’s clear that attackers are investing significant time into understanding the types of web-facing services deployed in cloud environments, keeping abreast of reported vulnerabilities in those services and using this knowledge to gain a foothold in target environments.”

Read more of this story at Slashdot.