BBC Click's Omar Mehtab looks at some of the best tech news stories of the week.
The firm's public stock offering is expected in the coming months and may be one of the biggest in 2019.
New technologies are helping track the provenance of food throughout the supply chain.
One of the panelists who will appear at a National Space Council meeting next Tuesday said to expect "a few fireworks" during the discussion, which will focus on NASA's efforts to return humans to the Moon. The meeting of this council that oversees US spaceflight policy will be held in Hunstville, Alabama, and led by Vice President Mike Pence.
University of Colorado Boulder astrophysicist Jack Burns, one of six speakers scheduled for the meeting, said the current timeline for NASA to send humans to the Moon lacks urgency. NASA has talked about landing its astronauts on the Moon before the end of the 2020s, and the president's budget proposal for the coming fiscal year allows for this to happen as early as 2028.
"The timeline is too slow, and that's one of the things that I'm going to be talking about next Tuesday," Burns said. If pushed, how soon could NASA put humans back on the Moon? The year 2025, Burns replied. "And I know some in the administration would like to do it even faster than that," he added. "We're going to see a few fireworks."
A call to revoke Article 50 generates the fastest ever rate of signatures on Parliament's website.
Facebook has mined a lot of data about its users over the years—relationships, political leanings, and even phone call logs. And now it appears Facebook may have inadvertently extracted another bit of critical information: users' login credentials, stored unencrypted on Facebook's servers and accessible to Facebook employees.
Brian Krebs reports that hundreds of millions of Facebook users had their credentials logged in plain text by various applications written by Facebook employees. Those credentials were searched by about 2,000 Facebook engineers and developers more than 9 million times, according to a senior Facebook employee who spoke to Krebs; the employee asked to remain anonymous because they did not have permission to speak to the press on the matter.
In a blog post today, Facebook Vice President of Engineering, Security, and Privacy Pedro Canahuati wrote that the unencrypted passwords were found during "a routine security review in January" on Facebook's internal network data storage. "This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and, as a precaution, we will be notifying everyone whose passwords we have found were stored in this way."
Kentucky Governor Matt Bevin made headlines Tuesday after revealing in a radio interview that he had purposefully exposed his nine unvaccinated children to chickenpox, drawing swift condemnation from health experts.
In case anyone needs a refresher on why you shouldn’t deprive children of safe, potentially lifesaving vaccines or purposefully expose them to serious, potentially life-threatening infections, here’s a quick rundown.Chickenpox is nothing to mess with
Though most children who get the itchy, highly contagious viral disease go on to recover after a week or so of misery, chickenpox can cause severe complications and even death in some. Complications include nasty skin infections, pneumonia, brain inflammation, hemorrhaging, blood stream infections, and dehydration.
The federal government on Thursday warned of a serious flaw in Medtronic cardio defibrillators that allows attackers to use radio communications to surreptitiously take full control of the lifesaving devices after they are implanted in a patient.
Defibrillators are small, surgically implanted devices that deliver electrical shocks to treat potentially fatal irregular heart rhythms. In recent decades, doctors have increasingly used radios to monitor and adjust the devices once they're implanted rather than using older, costlier, and more invasive means. An array of implanted cardio defibrillators made by Medtronic rely on two types of radio-based consoles for initial setup, periodic maintenance, and regular monitoring. Doctors use the company's CareLink Programmer in clinics, while patients use the MyCareLink Monitor in homes to regularly ensure the defibrillators are working properly.No encryption, no authentication, and a raft of other flaws
Researchers from security firm Clever Security discovered that the Conexus Radio Frequency Telemetry Protocol (Medtronic's proprietary means for the monitors to wirelessly connect to implanted devices) provides no encryption to secure communications. That makes it possible for attackers within radio range to eavesdrop on the communications. Even worse, the protocol has no means of authentication for legitimate devices to prove they are authorized to take control of the implanted devices. That lack of authentication, combined with a raft of other vulnerabilities, makes it possible for attackers within radio range to completely rewrite the defibrillator firmware, which is rarely seen in exploits that affect medical device vulnerabilities.