|
News Feeds |
|
Slashdot
|
News for nerds, stuff that matters
|
|
-
Chinese Hackers Used Mesh of Home Routers To Disguise Attacks
An anonymous reader quotes The Record:
A Chinese cyber-espionage group known as APT31 (or Zirconium) has been seen hijacking home routers to form a proxy mesh around its server infrastructure in order to relay and disguise the origins of their attacks. In a security alert, the French National Cybersecurity Agency, also known as ANSSI (Agence Nationale de la Sécurité des Systèmes d'Information), published a list of 161 IP addresses that have been hijacked by APT31 in recent attacks against French organizations. French officials said that APT31's proxy botnet was used to perform both reconnaissance operations against their targets, but also to carry out the attacks themselves. The attacks started at the beginning of 2021 and are still ongoing...
The Record understands that APT31 used proxy meshes made of home routers as a way to scan the internet and then launch and disguise its attacks against Exchange email servers earlier this year; however, the technique was also used for other operations as well.
Read more of this story at Slashdot. 
-
Free Software Foundation Will Fund Papers on Issues Around Microsoft's 'GitHub Copilot'
GitHub's new "Copilot" tool (created by Microsoft and OpenAI) shares the autocompletion suggestions of an AI trained on code repositories. But can that violate the original coder's license? Now the Free Software Foundation (FSF) is calling for a closer look at these and many other issues...
"We already know that Copilot as it stands is unacceptable and unjust, from our perspective," they wrote in a blog post this week, arguing that Copilot "requires running software that is not free/libre (Visual Studio, or parts of Visual Studio Code), and Copilot is Service as a Software Substitute. These are settled questions as far as we are concerned."
"However, Copilot raises many other questions which require deeper examination..."
The Free Software Foundation has received numerous inquiries about our position on these questions. We can see that Copilot's use of freely licensed software has many implications for an incredibly large portion of the free software community. Developers want to know whether training a neural network on their software can really be considered fair use. Others who may be interested in using Copilot wonder if the code snippets and other elements copied from GitHub-hosted repositories could result in copyright infringement. And even if everything might be legally copacetic, activists wonder if there isn't something fundamentally unfair about a proprietary software company building a service off their work.
With all these questions, many of them with legal implications that at first glance may have not been previously tested in a court of law, there aren't many simple answers. To get the answers the community needs, and to identify the best opportunities for defending user freedom in this space, the FSF is announcing a funded call for white papers to address Copilot, copyright, machine learning, and free software.
We will read the submitted white papers, and we will publish ones that we think help elucidate the problem. We will provide a monetary reward of $500 for the papers we publish.
They add that the following questions are of particular interest:
Is Copilot's training on public repositories infringing copyright? Is it fair use? How likely is the output of Copilot to generate actionable claims of violations on GPL-licensed works? How can developers ensure that any code to which they hold the copyright is protected against violations generated by Copilot? Is there a way for developers using Copilot to comply with free software licenses like the GPL? If Copilot learns from AGPL-covered code, is Copilot infringing the AGPL? If Copilot generates code which does give rise to a violation of a free software licensed work, how can this violation be discovered by the copyright holder on the underlying work? Is a trained artificial intelligence (AI) / machine learning (ML) model resulting from machine learning a compiled version of the training data, or is it something else, like source code that users can modify by doing further training? Is the Copilot trained AI/ML model copyrighted? If so, who holds that copyright? Should ethical advocacy organizations like the FSF argue for change in copyright law relevant to these questions?Read more of this story at Slashdot. 
-
US Justice Department Says Russians Hacked Its Federal Prosecutors
In January America's federal Justice Department said there was no evidence that Russian hackers behind the massive SolarWinds breach had accessed classified systems, remembers the Associated Press. But today?
The department said 80% of Microsoft email accounts used by employees in the four U.S. attorney offices in New York were breached. All told, the Justice Department said 27 U.S. Attorney offices had at least one employee's email account compromised during the hacking campaign.
The Justice Department said in a statement that it believes the accounts were compromised from May 7 to Dec. 27, 2020. Such a timeframe is notable because the SolarWinds campaign, which infiltrated dozens of private-sector companies and think tanks as well as at least nine U.S. government agencies, was first discovered and publicized in mid-December... Jennifer Rodgers, a lecturer at Columbia Law School, said office emails frequently contained all sorts of sensitive information, including case strategy discussions and names of confidential informants, when she was a federal prosecutor in New York. "I don't remember ever having someone bring me a document instead of emailing it to me because of security concerns," she said, noting exceptions for classified materials...
The Associated Press previously reported that SolarWinds hackers had gained access to email accounts belonging to the then-acting Homeland Security Secretary Chad Wolf and members of the department's cybersecurity staff...Read more of this story at Slashdot. 
-
Nobel Winner Steven Weinberg, Who Unified Two of Physics' Fundamental Forces, Has Died
Long-time Slashdot reader Mogster quotes :
Steven Weinberg, a Nobel-prize winning physicist whose work helped link two of the four fundamental forces, has died at the age of 88, the University of Texas at Austin (UT Austin) announced Saturday (July 24).
HIs work was foundational to the Standard Model, the overarching physics theory that describes how subatomic particles behave. His seminal work was a slim, three-page paper published in 1967 in the journal Physical Review Letters and entitled "A Model of Leptons." In it, he predicted how subatomic particles known as W, Z and the famous Higgs boson should behave — years before those particles were detected experimentally, according to a statement from UT Austin.
The paper also helped unify the electromagnetic force and the weak force and predicted that so-called "neutral weak currents" governed how particles would interact, according to the statement. In 1979, Weinberg and physicists Sheldon Glashow and Abdus Salam earned the Nobel Prize in physics for this work. Throughout his life, Weinberg would continue his search for a unified theory that would unite all four forces, according to the statement.
Weinberg also wrote a book called "The First Three Minutes: A Modern View of the Origin of the Universe" — in 1977.Read more of this story at Slashdot. 
-
Tech Companies Praised for 'Pandemic Leadership', Vaccine Mandates
"America reported 122,000 new COVID-19 cases on Friday, the highest single-day spike since February," reports Business Insider. But when it comes to anti-Covid measures like vaccine mandates, America's technology companies have been "decisive trend setters," according to the New York Times' On Tech newsletter. (Alternate URL)
Last year, some high-profile tech companies were relatively early to close their corporate offices as coronavirus outbreaks started in the United States, and they continued to pay many hourly workers who couldn't do their jobs remotely. Those actions from companies including Microsoft, Salesforce, Facebook, Google, Apple and Twitter probably helped save lives in the Bay Area and perhaps beyond. Now many of the same tech companies — along with schools and universities, health care institutions and some government employers in the United States — have started to announce vaccine mandates for staff, the resumption of requirements to wear masks, delayed reopenings of offices or on-site workplace vaccinations to help slow the latest wave of infections.
America's tech companies, which deserve criticism for misusing their power, also should get credit for using their power to take decisive action in response to virus risks. Those steps helped make it palatable for other organizations to follow. And in some cases, tech companies have acted more quickly in response to health threats and communicated about them more effectively than federal or local government leaders.
Disney, the world's largest entertainment company, is also requiring all salaried and nonunion hourly employees in the U.S. to be fully vaccinated, according to the Washington Post.
Walmart, the nation's largest private employer at almost 1.6 million employees, announced all of its corporate staff members and regional managers would need to be fully vaccinated by Oct. 4. Though the mandate does not apply to store and warehouse staffers, which make up the bulk of the company's workforce, Walmart is offering a $150 bonus as incentive for those unvaccinated employees to get inoculated... While companies are pushing for vaccinations, they must contend with employees who are seeking exceptions for medical or religious reasons. Walmart said in a statement that while a "small percentage" of employees are unable to be vaccinated due to such reasons, those workers "must follow all social distancing standards, wear a mask while working, and receive weekly Covid-19 testing provided by Walmart...."
The news comes after corporate giants Google, Facebook and Uber announced their own vaccine mandates for employees this week. Companies such as Apple, Twitter, Lyft and the New York Times said they are delaying their return to the office due to the rising cases.
More examples from CNN:
BlackRock the world's largest asset manager, is currently allowing only vaccinated employees to return to the office
Morgan Stanley's New York office is banning all unvaccinated staff and clients from entering its headquarters.
Luxury department store chain Saks Fifth Avenue is requiring that all employees be vaccinated.
All new hires and current employees of the Washington Post will be required to demonstrate proof of full Covid-19 vaccinations.
As of August 2, all employees working in Lyft's offices are required to be vaccinated
If Uber employees want to come back to the office, they must be fully vaccinated
Read more of this story at Slashdot. 
|
|
|
News Feeds 
