WASHINGTON—According to an alarming new report published Monday, roughly half the population of Heaven is composed of total assholes who begged for God’s forgiveness at the last moment before dying. “Our data show that 50 percent of the inhabitants of the Heavenly Kingdom were total pricks and sleazebags on Earth who waited until their very final breath to plead with God for mercy,” said report co-author Janet Ryder, adding that a survey of celestial records confirmed that one of every two residents of the eternal paradise willfully lived sinful existences and shamelessly committed immoral acts before seeking clemency in the closing seconds of their lives. “What we found particularly interesting is that those who truly committed themselves to God by leading lives of virtue and doing good works are actually outnumbered by hate-filled scoundrels, petty criminals, and murderers who humbled themselves before the Lord and turned from their wicked ways at the last possible moment to con their way into Heaven.” The report also confirmed that 28 percent of the inhabitants of Hell had only sinned once or twice but never had an opportunity to repent.
The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.
The leak of the source code was announced Friday on the English-language hacking community Hackforums. The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.
“Mr. Trump is a highly-skilled businessman who has a fiduciary responsibility to his business, his family and his employees to pay no more tax than legally required,” the statement, which was not attributed to Trump or any staffer by name, continued. “That being said, Mr. Trump has paid hundreds of millions of dollars in property taxes, sales and excise taxes, real estate taxes, city taxes, state taxes, employee taxes and federal taxes. Mr. Trump knows the tax code far better than anyone who has ever run for President and he is the only one that knows how to fix it.”
But seeing Kinnock reminded me of another bit of TV I saw today, a heartbreaking advert for Save the Children featuring a dying little baby, unable to ask for help. The advert urged you to give just £2 a month to help save her.
If 11,000 people responded with £2 a month, that would not save the little baby, but it would exactly pay the £264,000 per year salary of Neil Kinnock’s daughter-in-law Helle Thorning-Schmidt, Chief Executive of Save the Children and wife of MP Stephen Kinnock. Indeed if 20,000 people gave £2 per month, that would probably cover Mrs Stephen Kinnock’s salary, her other employment costs and the money paid to Sky for the advert. When you toss in Stephen’s salary and expenses, the Stephen Kinnock household are bringing in just shy of a cool half a million pounds a year from public service and charity work.
The salary of Ms Thorning-Schmidt is approximately twice that of her predecessor, Justin Forsyth, who was on an already unconscionable £140,000. I exposed their massive salaries at the time the Save the Children awarded a “Global Legacy” award to Tony Blair. Indeed to meet the salaries and other employment costs of just the top executives at Save the Children would take 80,000 people paying £2 a month. They would be funding executives with an average salary of over £140,000. For those in work paying the £2 a month, the average UK salary is £26,000 a year, and many retired and unemployed people scrimp to find money to give to try to help the needy.
If you made the mistake of watching Trump and Clinton, take a load of hits. And take note:
The questions are quite good and the answers were excellent. The candidates were cordial toward one another and all of them came off as smart people. Clinton, in particular, said afterwards that his goal was to give people policy specifics, and to a person in 2016 it’s astonishing how much detail he goes into on stage, throwing out numbers with ease and explaining complex things in accurate ways.
All the candidates went into great detail on the economy, which dominated questioning to the near-exclusion of social issues. (This, of course, may have been the influence of Perot, who saw everything through an economic lens and was a more genuine “run a country like a business” candidate than Romney or Trump ever could dream of.)
There were no personal attacks, or if there were they were so brief that I missed them entirely.
Despite all this, the legacy of this debate is almost entirely about stagecraft — Bush looking at his watch, Clinton wading out into the audience to connect with individual voters.
Aside from the repugnant racism, xenophobia and misogyny, the Trump phenomenon remained amusing for months because it felt like it was engineered in some fouler deity’s ironic punishment laboratory. Donald Trump flagrantly made shit up every moment he wasn’t bullying everyone around him; it’s just that his victims were a bunch of wealthy bullies who’d spent their careers haphazardly making shit up and sliming their way upward like a phalanx of slugs conquering a staircase.
Trump cut through over a dozen Republican candidates like an industrial saw shredding a box of Kleenex, and it couldn’t have happened to a more dismal gallery of frauds. After years of complaining about deficits while promoting tax cuts that reduced government revenues by trillions, after years of promoting dominionist Christianity while claiming religious discrimination, after years of claiming to be victims while blaming everything wrong in America on homosexuals and college professors and minorities and Islam, after years of saying whatever the fuck they felt like and repeating it until it sounded true, each one of these blow-dried mediocrities got fired from The Apprentice: Republican Party by someone with even more sociopathic contempt for facts, logical consistency and other human beings than they had.
Hell, it wasn’t even difficult. Just coming up with mean nicknames was enough on a stage teeming with their brand of puffed-up prevaricating nincompoopery. Donald Trump wasn’t a legendary force, and he wasn’t a ruthless killer. He was the only guy with a fork in a room full of inflatable clown punching bags – shoving them and waiting for them to rock back and forth, their fixed idiotic grins leaning into the fatal puncture.
Unfortunately, this debate and the rest of the campaign will be conducted in the closest approximation of the real world that American politics can provide. The record still sort of matters, and most of us can remember history as far back as goddamn yesterday. We remember that Donald Trump can’t keep a story straight for 24 hours.
Many more of us can remember back a few decades and realize that even the most dishonest predators elected to our nation’s highest office put in time and training to achieve a patina of “not overtly malicious” and the imperturbable expertise of the diligent halfwit.
And while we might not be great at arithmetic, most of us can remember enough of it to realize that ISIS is only a few years old, Hillary Clinton is 68, and when Donald Trump snarls, “No wonder you’ve been fighting ISIS your entire adult life,” it sounds like the most dumbfuck failed political burn in a generation.
And if that’s not enough, there’s still the colossal mismatch of pitting the least knowledgable, least experienced and least disciplined candidate in history against a woman who is in almost every respect his polar opposite.
The only hope for Trump is that, between now and the next debate, he can develop the focus and dedication to learn the policy, talking points and composure needed to win it. All it will take is his suddenly adopting the seriousness and rigor that he’s never displayed at any moment of his campaign or, really, any point in his public life.
moderator Lester Holt: “Our institutions are under cyber attack, and our secrets are being stolen. So my question is, who’s behind it? And how do we fight it?”
As far as the cyber, I agree to parts of what Secretary Clinton said. We should be better than anybody else, and perhaps we’re not. I don’t think anybody knows that it was Russia that broke into the DNC. She’s saying Russia, Russia, Russia—I don’t, maybe it was. I mean, it could be Russia, but it could also be China. It could also be lots of other people. It also could be somebody sitting on their bed that weighs 400 pounds, okay?
We came in with the Internet. We came up with the Internet. And I think Secretary Clinton and myself would agree very much, when you look at what ISIS is doing with the Internet, they’re beating us at our own game. ISIS.
So we had to get very, very tough on cyber and cyber warfare. It is a huge problem. I have a son—he’s 10 years old. He has computers. He is so good with these computers. It’s unbelievable. The security aspect of cyber is very, very tough. And maybe, it’s hardly doable. But I will say, we are not doing the job we should be doing. But that’s true throughout our whole governmental society. We have so many things that we have to do better, Lester. And certainly cyber is one of them.
“The true loser of the presidential debate? The English language,” The New York Daily News declared, calling Trump’s shorthand for cybersecurity “bizarre” and comparing him to “an out-of-touch comment that would come from your tech-illiterate grandpa.” Rolling Stone deemed his remarks on “the cyber” one of the major “WTF moments” from the debate.
Facebook has been ordered to stop collecting and storing data on WhatsApp users in Germany, marking the first regulatory challenge to a controversial data-sharing scheme that the social media company announced in August. In a statement published Tuesday, Germany’s privacy watchdog said that sharing WhatsApp user data with Facebook, the messaging app’s parent company, constitutes “an infringement of national data protection law.” The regulatory body also ordered Facebook to delete all data that has already been transferred from WhatsApp.
Internet of Things devices are starting to pose a real threat to security for the sensible part of the web, Akamai’s chief security officer Andy Ellis has told The Register.
Speaking in the aftermath of the large DDoS against security journalist Brian Krebs, Ellis elaborated a little on the makeup of the botnet which took down Krebs’ website, saying it was mostly made up of hacked Internet of Things devices.
“We’ve noticed a strong overlap between the attack … and one of the botnets that we have been working at in modelling,” Ellis told El Reg, as he named the Kaiten malware as one of the vectors involved in the Krebs attack.
Kaiten has long been known as a source of IRC-controlled DDoS attacks. While the original chiefly targeted routers, this latest version also “targets DVRs and some cameras” according to Ellis.
During the attack against Krebs, Akamai jettisoned him from their DDoS mitigation service with two hours’ notice. Krebs was a pro bono customer and the sheer volume of traffic – 620Gbps – threatened to affect services for Akamai’s paying clients. Krebs later said he didn’t blame Akamai for taking the action they did, even though Google stepped in with its Project Shield service.
With bike sales trends moving more into the online marketplace, manufacturers are having to come up with better ideas of how to ensure their products arrive safely with their customers.
For some reason, bicycles in big cardboard boxes have a tendency to get dropped, bashed or crushed by delivery companies, which has spurred Dutch manufacturer Vanmoof into action to find a solution.
What did they do? Instead of putting a picture of a bike on the box they printed a picture of a large flatscreen TV instead and saw instances of delivery damage drastically reduce.
WikiLeaks is hosting 324 confirmed instances of malware among its caches of dumped emails, a top Bulgarian anti-malware veteran says.
Random checks of reported malware hashes find the trojans are flagged as malware by Virus Total’s static analysis checks.
Much of the malware appear to be attachments emailed by black hats in a bid to compromise the various parties affected in the WikiLeaks dumps.
A feasibly simple antivirus check would have cleared a lot if not all of the attachment malware given the huge 80 to 100 percent hit rate Virus Total returned when testing files selected randomly from Dr Bontchev’s list.
Wikilieaks being careless with their dumps? Naaaah. Can’t be..
The iPhone 7 is, in Apple’s own words, “the best, most advanced iPhone ever.” It is not, however, impossible to hack.
A teenage hacker has found a way to circumvent the phone’s security and restrictions, jailbreaking a brand new iPhone 7 running iOS 10, effectively taking full control of it and allowing him to install apps not approved by Apple. The 19-year-old hacker, who’s known online as qwertyoruiop but whose real name is Luca Todesco, took advantage of a series of bugs he found and exploited—and all it took him, he said, was just 24 hours.“
They definitely made my life harder,” Todesco, who has a well-established reputation for finding bugs and jailbreaking iPhones, told Motherboard in a message. “The iPhone 7 is a step in the right direction. Obviously it’s not 100 percent secure—like nothing else is.”
When asked if Apple knows whether Todesco’s jailbreak is legit, the spokesperson simply answered: “I don’t but given his track record, I wouldn’t be surprised.”
The 2016 Ig Nobel Prizes were awarded yesterday.
Microsoft has downplayed the seriousness of an alleged Exchange auto-discovery vulnerability, saying that it sees no need to patch the reported security weakness.
Redmond contends that its existing security advice covers the issue, a point disputed by flaw-finder Marco van Beek.
Van Beek explains: “I recently discovered that most, if not all, Microsoft Exchange clients (eg, Outlook, iPhone mail app, Android mail app, Blackberry Mail App) are more than happy to provide a user’s password in plain text to any web server of the same domain as used in an email address, and it only takes only four lines of code and a local config file to make that happen.
When you set up a new MS Exchange client to access “mailserver.domain.com <http://mailserver.domian.com/>”, it first tries to talk to just “domain.com <http://domain.com/>” and, if presented with an SSL cert that has a trusted root, it is quite happy to supply the password for the user in cleartext as answer to a normal Apache authentication query (hence only needing a few lines of code to exploit it – all the required tools are already built in to any webserver).
In other words, you may have secured your internal MS Exchange server, but if the public webserver of that domain is hacked (on account of being typically less secure) you may already be leaking passwords. As a bonus, the client will frequently revisit that URL to pick up configuration changes so your hacked webserver will get plenty opportunity to grab the user’s password..
.. which may be the keys to the Kingdom as most organisations use Single Sign On. Uh oh.
There seems to be no real mitigation possible other than bolting down the associated webserver as it’s simply the way the protocol is set up.
Or just not use Microsoft at all.
Nevertheless, according to the latest Marquette poll, 44 percent of the respondents believe that at least as many illegal votes are cast as legal votes. In 2014, for example, 2.9 million votes were cast in Wisconsin’s congressional elections. You do the math. If the 44 percent of the respondents in the Marquette poll are right, then there were well over a million votes cast illegally in that election. This is, to put it mildly, so insanely detached from reality as to make you wonder whether or not alma mater’s pollsters oversampled schizophrenics and people who see the face of Jesus in their wallpaper.
Kathy Miller, who is white and chair of the Republican nominee’s campaign in Mahoning County, made the remarks during a taped interview with the Guardian’s Anywhere but Washington series of election videos.
“If you’re black and you haven’t been successful in the last 50 years, it’s your own fault. You’ve had every opportunity, it was given to you,” she said.
“You’ve had the same schools everybody else went to. You had benefits to go to college that white kids didn’t have. You had all the advantages and didn’t take advantage of it. It’s not our fault, certainly.”
Miller added: “I don’t think there was any racism until Obama got elected. We never had problems like this … Now, with the people with the guns, and shooting up neighborhoods, and not being responsible citizens, that’s a big change, and I think that’s the philosophy that Obama has perpetuated on America.”
Even if you have zero need for a charging dock for your phone, check out their video
Tesla Motors is considered one of the most cybersecurity-conscious car manufacturers in the world—among other things, it has a bug bounty program. But that doesn’t mean the software in its cars is free of security flaws.
Researchers from Chinese technology company Tencent found a series of vulnerabilities that, when combined, allowed them to remotely take over a Tesla Model S car and control its sunroof, central display, door locks and even the braking system. The attack allowed the researchers to access the car’s controller area network (CAN) bus, which lets the vehicle’s specialized computers communicate with each other.
“As far as we know, this is the first case of remote attack which compromises CAN Bus to achieve remote controls on Tesla cars,” the researchers from Tencent’s Keen Security Lab said in a blog post Monday. “We have verified the attack vector on multiple varieties of Tesla Model S. It is reasonable to assume that other Tesla models are affected.”
This week Nashville’s city council is planning the final in a series of votes to approve Google Fiber’s one touch make ready rules. But AT&T has already promised to sue the city if Nashville passes the ordinance. Meanwhile AT&T and Comcast have taken another route to try and delay Google Fiber; they’ve urged a Nashville city council member to propose an alternative city resolution that would supplant Google Fiber’s plan with a plan that doesn’t appear to actually do anything outside of stalling the Google Fiber proposal.
Under this alternative “right touch” proposal, pole attachment would see only modest changes, leading Nashville city councilman Jeremy Elrod to deride the move as little more than a last gasp effort by AT&T and Comcast to protect their duopoly fiefdom:
“Google Fiber service and other competitors will be forced to rolling out their service at a trickle, when under the One Touch ordinance it will be like opening the floodgates,” Elrod said in an emailed statement.
“This resolution coming at the last minute, to be considered the same night as third reading of the One Touch bill, just shows it’s the last gasp of Comcast and AT&T, desperately trying to hold on to their top place on the utility pole. “These two companies should not be the gatekeepers that get to decide when and where their customers get access to a competitor, but (a Memorandum of Understanding) like this one enshrines that they stay that way. Comcast and AT&T would win, and competition and consumers would lose.”
AT&T and Comcast’s competing resolution was proposed by Nashville council member Sheri Weiner, who amusingly admits to Ars Technicathat the incumbent ISPs wrote the proposal, and while she intended to edit some of it herself, that just didn’t happen:
“I told them that I would file a resolution if they had something that made sense and wasn’t as drastic as OTMR,” Weiner told Ars in an e-mail today, when we asked her what role AT&T and Comcast played in drafting the resolution. Weiner said she is insisting on some changes to the resolution, but the proposal (full text) was submitted without those changes.
When asked why she didn’t put her suggested changes in the version of the resolution published on the council website, Weiner said, “I had them [AT&T and Comcast] submit it for me as I was out of town all last week on business (my day job).” Weiner said an edited resolution will be considered by the council during its next meeting.
Yeah, whoops-a-daisy. If the AT&T and Comcast proposal passes, it will likely delay Google Fiber’s market entry by a notable margin. If it doesn’t, AT&T will simply sue the city of Nashville, insisting the city council overstepped its authority. Either way, Google Fiber gets delayed thanks to regulatory capture. And note this is all occurring while AT&T lobbyists happily mock Google Fiber for receiving “government favoritism.”
A government by the corporations, for the corporations.
The rat’s primary survival skill, as a species, is its unnerving rate of reproduction. Female rats ovulate every four days, copulate dozens of times a day and remain fertile until they die. (Like humans, they have sex for pleasure as well as for procreation.) This is how you go from two to 15,000 in a single year. When poison or traps thin out a population, they mate faster until their numbers regenerate. Conversely, if you can keep them from mating, colonies collapse in weeks and do not rebound.
The original method of teaching the rats “abstinence only” has been mildly disastrous in Texas.
If you live in, say, New York, California, Texas, or Tennessee, you probably have no idea how nasty the campaign has become. That’s because the candidates are running their most brutal television ads only in the swing states. So far, Clinton is targeting about a dozen states while Trump is aiming at about half that number. The ads pull no punches. Here are two of them as examples.
Clinton’s ad features Republicans saying that Trump is dangerous and unfit to be president. In Trump’s ad, a narrator solemnly intones that in Hillary Clinton’s America the middle class gets crushed but in Donald Trump’s America there are good jobs and high wages. And the ads are only going to get worse from here on. (V)
Three of the four media outlets that received and published large numbers of secret NSA documents provided by Edward Snowden — The Guardian, the New York Times, and The Intercept –– have called for the U.S. government to allow the NSA whistleblower to return to the U.S. with no charges. That’s the normal course for a news organization, which owes its sources duties of protection, and which — by virtue of accepting the source’s materials and then publishing them — implicitly declares the source’s information to be in the public interest.
But not the Washington Post. In the face of a growing ACLU and Amnesty-led campaign to secure a pardon for Snowden, timed to this weekend’s release of the Oliver Stone biopic “Snowden,” the Post editorial page today not only argued in opposition to a pardon, but explicitly demanded that Snowden — the paper’s own source — stand trial on espionage charges or, as a “second-best solution,” accept “a measure of criminal responsibility for his excesses and the U.S. government offers a measure of leniency.”
In doing so, the Washington Post has achieved an ignominious feat in U.S. media history: the first-ever paper to explicitly editorialize for the criminal prosecution of its own source — one on whose back the paper won and eagerly accepted a Pulitzer Prize for Public Service.
Worse than the intellectual dishonesty of this editorial is its towering cowardice. After denouncing their own paper’s PRISM revelation, the editors proclaim: “Worse — far worse — he also leaked details of basically defensible international intelligence operations.” But what they inexcusably omit is that it was not Edward Snowden, but the top editors of the Washington Post who decided to make these programs public. Again, just look at the stories for which the Post was cited when receiving a Pulitzer Prize:
The editorial page is separate from the news organization and does not speak for the latter; I seriously doubt the journalists or editors at the Post who worked on these news stories would agree with any of that editorial. But still, if the Post editorial page editors now want to denounce these revelations, and even call for the imprisonment of their paper’s own source on this ground, then they should at least have the courage to acknowledge that it was the Washington Post — not Edward Snowden — who made the editorial and institutional choice to expose those programs to the public. They might want to denounce their own paper and even possibly call for its prosecution for revealing top-secret programs they now are bizarrely claiming should never have been revealed to the public in the first place.
Investigation of an online printer ink retailer shows that HP has programmed a date in its printer firmware on which unofficial non-HP cartridges would fail. Thousands of HP printers around the world started to show error messages on the same day, the 13th of September 2016.
On that date HP printers with non-HP cartridges started to show the error message, “One or more cartridges appear to be damaged. Remove them and replace them with new cartridges“. On HP’s support forums numerous complaints were posted and Dutch online retailer 123inkt also received a large amount of complaints on that day and decided to investigate the issue.
After an investigation on their test printers they found a large scale issue with their private label brand cartridges with several HP printers. When they emailed their customers asking them if they wanted to check if their printer also had issues, they received replies from more than 1,000 customers confirming the issue.
Further investigation with many printer models showed the issue resided in the firmware of the printers and 123inkt.nl contacted HP about the issue. HP stated it wasn’t aware of the issue. Consumers who complained to HP were told the error was caused by using non-HP cartridges. A day later HP withdrew that statement and explained the issues were a side effect of an firmware update.
However, the company didn’t release a firmware update at any date near the 13th of September. The printers with issues received a firmware update in March 2016 for the last time, and that firmware was developed in 2015. Also printers with firmware released before March 2016 suffered from the issue and even worse, also printers without any internet access started to reject non-HP cartridges.
Just add HP to your permanent blacklist.