A paper by two Belgian researchers has cast more light on the vulnerabilities discovered in the Wi-Fi Protected Access II (WPA2) implementations on most, if not all, wireless networking devices that use the protocol. Dubbed "KRACK" (Key Reinstallation AttaCK), the attack "abuses design or implementation flaws in cryptographic protocols to reinstall an already-in-use key," wrote Mathy Vanhoef and Frank Piessens of the Katholieke Universiteit Leuven (KU Leuven) in the paper, released today.
The report came after wide disclosure of the problems, as Ars reported Sunday night. The research is built upon previous explorations of weaknesses in WPA2's component protocols, and some of the attacks mentioned in the paper were previously acknowledged to be theoretically possible. However, the authors have turned these vulnerabilities into proof-of-concept code, "and found that every Wi-Fi device is vulnerable to some variant of our attacks. Notably, our attack is exceptionally devastating against Android 6.0: it forces the client into using a predictable all-zero encryption key."
While Windows and iOS devices are immune to one flavor of the attack, they are susceptible to others. And all major operating systems are vulnerable to at least one form of the KRACK attack. And in an addendum posted today, the researchers noted that things are worse than they appeared at the time the paper was written:
The weakness was found in the WPA2 security protocol used by almost every modern phone, computer and router.
The online marketplace tries to bag more luxury sales with the new program.
The Supreme Court declined Monday to review a petition asserting that the term "google" has become too generic and therefore unqualified for trademark protection.
Without comment, the justices set aside a legal challenge claiming that Google had fallen victim to "genericide" and should no longer be trademarked. A lawsuit claimed the word "google" had become synonymous with the term "search the Internet" and therefore could no longer sustain a trademark. For the moment, Google will keep its trademark—unlike the manufacturers of the teleprompter, thermos, hoover, aspirin, and videotape. They were once trademarked but lost that status after they were deemed too generic.
In a petition that the high court refused to hear, the justices were told that "There is no single word other than google that conveys the action of searching the Internet using any search engine."
Hooo boy, WDC. You've really done it now
Toshiba could partner with SK Hynix on flash foundry operations, implying the WDC joint venture could have a finite shelf life.…
After busting onto the retro console re-release scene with a high-end, $500+ NES (and a slightly cheaper follow-up), Analogue is now turning its focus to a recreation of the Super NES. The newly announced Super Nt advertises lag-free 1080p HDMI output and full compatibility with more than 2,200 Super NES and Super Famicom cartridges (and controllers) at a more mass-market-friendly price of $190.
There have been plenty of other "clone" consoles designed to let you play Super NES cartridges on more modern displays, but they all rely on software-based emulation or knock-off chips. That means they're not always compatible with every game made for the original Super NES, and such consoles can make some games susceptible to glitchy or inaccurate sound and graphics (absolutely perfect SNES emulation is a surprisingly difficult lift). The Super Nt, on the other hand, runs off an Altera Cyclone V FPGA, which directly simulates the circuitry found in the original hardware for improved compatibility and accuracy. The Analogue team says it spent "thousands of hours" engineering the FPGA to be "free of compromises" for 16-bit gameplay.
It will debut at the Tokyo Motor Show alongside a Segway-like craft for sidewalk travel.
Russia, you're off the hook
Iran has been blamed for the brute-force attack on UK Parliament earlier this year.…
The social network reportedly wants to hire employees with national security clearance.
Augmented reality is the latest Silicon Valley craze. Now the NBA is getting in on it with a basketball shooting game.
The Supreme Court on Monday agreed to decide whether law enforcement authorities, armed with a valid search warrant from a federal judge, can demand that the US tech sector hand over data that is stored on overseas servers. In this case, which is now one of the biggest privacy cases on the high court's docket, the justices will review a lower court's ruling that US warrants don't apply to data housed on foreign servers, in this instance, a Microsoft server in Ireland.
The US government appealed, contending it has the legal right, with a valid court warrant, to reach into the world's servers with the assistance of the tech sector, no matter where the data is stored.
The case has huge foreign policy ramifications as well. Federal authorities sometimes demand that the US tech sector comply with court orders that conflict with laws of countries where the data is housed.
Promises clearer user interaction and extra privacy
The latest upgrade to the popular Ethereum blockchain protocol – Byzantium –went live today, adding additional privacy and performance features.…
ROTORUA, New Zealand—If you head east from my parents' home in New Zealand, you'll travel through rolling hills for a while. Then, as you crest a rather unremarkable climb, an unexpectedly spectacular view opens up before you. Mokoia Island is small, bushy, and brooding, and it sits at the center of a wide blue lake in what appears to be a large valley.
But that's no valley. From the distant view of that crest, the only obvious clue lies in a large hill, grandiosely named Mount Ngongotaha, off to one side. It is not attached to the valley walls and stands alone, a land-locked cousin to Mokoia Island.
The view is from the collapsed wall of the caldera of the Rotorua Volcano, part of the Okataina volcanic area. Mokoia and Ngongotaha are the remnants of eruptions that are slowly re-filling the huge volume of rock that was blasted out of Okataina in the distant past. This process is called caldera-repairing. The town of Rotorua sits right inside the caldera and is surrounded by evidence of the energy stored just beneath the surface. The town abounds with hot springs, boiling mud, and, yes, the sulfurous farts of the gods.
Don't expect the overall formula to change much.
One lucky winner gets an electric bike! Another gets a treadmill! And one more scores a pair of inflatable bumper-bubble soccer balls!
2017 has been the year of Wonder Woman, at least in the realm of pop culture, and now there's a fascinating behind-the-scenes tale of the people who dreamed up the Amazonian superhero who stands for love. Professor Marston and the Wonder Women is about William Moulton Marston (Luke Evans), Elizabeth Holloway Marston (Rebecca Hall), and Olive Byrne (Bella Heathcote), three psychology researchers at Tufts University who fell in love during the liberated 1920s. Eventually they had four children (each woman bore two) and lived together for their whole adult lives. Along the way, they invented Wonder Woman together, though only William Marston (under the pen name Charles Moulton) was given credit for it.
It's one of the most unusual love stories ever to be told on film, and it illuminates a time in history that most have forgotten. Between roughly 1910 and the mid-1930s, there was a flowering of feminist and sexual liberation movements in Europe and the US, leading to birth-control clinics, women's suffrage, the infamous Kinsey Reports, and even a 1919 German film called Different from the Others, about the urgent need for gay rights. Marston, who championed women's right to vote, was deeply involved in these movements with his partners. Byrne was the daughter of feminist activist Ethel Byrne, who cofounded the organization that later became Planned Parenthood with her sister Margaret Sanger. Elizabeth Marston was one of the first women to earn a law degree in the US and had a master's degree in psychology.
Huawei Mate 10 handsets use a new type of processor to recognise objects being photographed.
Pervasive data-gathering needs urgent action – report
Mass commercial data gathering and opaque decision-making processes have a “massive potential” to damage personal autonomy and dignity, a report has said.…
A major flaw in wi-fi connections has been revealed by security researchers.
We've been extremely lucky. The LIGO and VIRGO detectors only operated simultaneously for a few weeks, but they were a remarkably busy few weeks. Today, those behind the joint collaboration announced that they've observed the merger of two neutron stars. And, because neutron stars don't swallow everything they encounter, the gravitational waves were accompanied by photons, including an extended afterglow. So dozens of telescopes, and many in space, had representatives involved in the announcement.
The number of major astrophysical issues cleared up by this collision is impressive. The collision was simultaneously detected with the Fermi space telescope, confirming that neutron star mergers produce a phenomenon known as a short gamma-ray burst. The gravitational waves were detected nearly simultaneously with the gamma ray burst, confirming that they move at the speed of light. And heavy elements like gold were detected in the debris, indicating that these mergers are a source of elements that would otherwise be difficult to produce in a supernova.
Finally, the gravitational waves from this event were detected over a period of roughly 100 seconds, which should allow a detailed analysis of their production.