Researchers describe a GPU vulnerability that allows attackers to exfiltrate data from local memory on some devices with Apple, Qualcomm, AMD, and other chips
Patching every device affected by the LeftoverLocals vulnerability—which includes some iPhones, iPads, and Macs—may prove difficult.
The HTTP/2 Rapid Reset flaw, which was exploited to launch record-setting DDoS attacks, requires patching every web server before the problem can be eradicated
Dubbed “HTTP/2 Rapid Reset,” the flaw requires making patches available for virtually every web server around the world before the problem can be eradicated.
The HTTP/2 Rapid Reset flaw, which was exploited to launch record-setting DDoS attacks, requires patching every web server before the problem can be eradicated
Dubbed “HTTP/2 Rapid Reset,” the flaw requires making patches available for virtually every web server around the world before the problem can be eradicated.
How companies are repurposing military-grade AI, built by US defense contractors for intelligence, to identify labor organizing, internal leakers, and critics
Spycraft developed by defense contractors are now being sold to employers to identify labor organizing. Regulators must step up to protect workers' privacy.
Signal says it has added support for privacy-focused cryptocurrency MobileCoin to let users send and receive money, starting in the UK on iOS and Android
Testing your first payment — Sending your first payment Bruce Schneier / Schneier on Security : Signal Adds Cryptocurrency Support Stephen Diehl : Et tu, Signal? Liam Tung / ZDNe...
2021 is shaping up to be a challenging year for the Wikimedia Foundation, which is finalizing a code of conduct that aims to diversify its community of editors
women, people of color, and queer people—by having them speak out publicly against their abusers and risk retaliation.” https://www.wired.com/... Raju Narisetti / @raju : A challen...
The software industry makes amazing software tools for itself, while doctors, academics, and scientists are stuck using bad software
The software industry makes amazing tools for itself, while doctors and scientists are stuck with old code. Tech needs to quit hacking and start listening. Tweets: @terronk , @nxt...
How low-code database services like Airtable, a category often sneered at by professional programmers, let non-programmers create community databases
When people build a database to manage reading lists or feed their neighbors, that's coding—and culture. — It's a normal afternoon in July. Tweets: @backchnnl , @wired , and @roz...
Andrew Yang's Data Dividend Project would force social media companies to compensate users, but the plan underestimates difficulty of valuing data
Will Rinehart / Wired : Tweets: @willrinehart , @jrhuddles , @adalovelaceinst , @backchnnl , @jason_kint , and @bill_tribble Tweets: Will Rinehart / @willrinehart : This morning I...
Microsoft issues a patch for a critical “wormable” flaw affecting OSes including Windows 10 and Server; Check Point says the flaw has been in code for 17 years
Shannon Vavra / CyberScoop :
The pandemic presents the biggest language translation challenge for COVID-19 info, as Wikipedia supports 309 languages, Google Translate 109, and Bing 71
Services like Google Translate only support 100 languages, give or take. What about the thousands of other languages—spoken by people just as vulnerable to this crisis? Tweets: @a...
Researcher: PCs with Thunderbolt ports have an unpatchable flaw letting hackers with physical access circumvent data safeguards; some new PCs are not affected
The so-called Thunderspy attack takes less than five minutes to pull off with physical access to a device, and affects any PC manufactured before 2019.
A look at WikiProject Medicine, a collection of ~35,000 English Wikipedia articles checked rigorously by ~150 editors with public health and medical expertise
many with medical degrees and expertise — are closely monitoring and scrutinizing edits to articles about COVID-19. Here's how @WikiProjectMed operates to protect the facts and kee...
Amazon warned holiday shoppers that Honey, a browser extension for comparison shopping and rewards acquired by Paypal for $4B in November, was a “security risk”
The retail giant warned holiday shoppers that Honey, a popular browser extension, was a “security risk.” Honey denies the claim.