Heaps of Windows 10 internal builds, private source code leak
online
The data – some 32TB of official and non-public
installation images and software blueprints that compress down to 8TB – were
uploaded to betaarchive.com, the latest load of files provided just earlier
this week. It is believed the
confidential data in this dump was exfiltrated from Microsoft's in-house
systems around March this year.
The leaked code is Microsoft's Shared Source Kit:
according to people who have seen its contents, it includes the source to the
base Windows 10 hardware drivers plus Redmond's PnP code, its USB and Wi-Fi
stacks, its storage drivers, and ARM-specific OneCore kernel code.
Anyone who has this information can scour it for security
vulnerabilities, which could be exploited to hack Windows systems worldwide. The code runs at the heart of the operating
system, at some of its most trusted levels. It is supposed to be for Microsoft, hardware
manufacturers, and select customers' eyes only.
Selling rope to the hangman? Is Russia that valuable a market?
Under pressure, Western tech firms bow to Russian demands to
share cyber secrets
Western technology companies, including Cisco, IBM and
SAP, are acceding to demands by Moscow for access to closely guarded product
security secrets, at a time when Russia has been accused of a growing number of
cyber attacks on the West, a Reuters investigation has found.
Russian authorities are
asking Western tech companies to allow them to review source code for security
products such as firewalls, anti-virus applications and software containing
encryption before permitting the products to be imported and sold in the
country. The requests, which have
increased since 2014, are ostensibly done to ensure foreign spy agencies have
not hidden any "backdoors" that would allow them to burrow into
Russian systems.
But those inspections also
provide the Russians an opportunity to find vulnerabilities in the products'
source code - instructions that control the basic operations of computer equipment
- current and former U.S. officials and security experts said.
I’m working on a similar App for Mom and Dad, so they can
spy on their teenage drivers.
Textalyzer Device Will Allow Cops To Snoop Your Cell Phone To
See If You’ve Been Texting While Driving
According to the National Safety Council, one-quarter of
all accidents in the United States are caused by texting and driving. Approximately 330,000 people a year are
injured due to accidents involving texting and driving. In order to combat the problem, some police
departments in the US are currently testing the “Textalyzer”, a device that can
reveal whether or not a person was on their mobile device while driving.
The Textalyzer is a tablet-like device and police officers
will be able to connect the driver’s smartphone to it and download their
activity data within a few seconds. The
device records every click, tap or swipe, as well as the apps the driver was
using at the time.
The Textalyzer was developed by Cellebrite, the same company
that supposedly unlocked
the iPhone involved in the San Bernardino shooting.
… There is
currently a measure in New York waiting to be passed that would allow police
officers to suspend a suspect’s license if they
refused to hand over their mobile device. There is also similar legislation being
considered in the city of Chicago and the states of New Jersey and Tennessee. It is important to note that the Textalyzer is
still being tested and it is currently unclear how much information would be
downloaded in a routine stop and what data would be retained afterward.
What must a corporate Gmail account be worth to
Google?
Google will stop scanning your Gmail messages to sell
targeted ads
Google will stop its long-standing practice of scanning
the contents of individual Gmail users for advertising purposes, the company
announced in a blog post today. The
practice, something Google has done nearly since the launch of its email
service, allows the company to digest the contents of email messages and use
them to deliver targeted ads within Gmail itself.
Users are allowed to opt out, and Google also reserves the
practice only for personal Gmail users and not those of corporate accounts. However, the practice has made it difficult
for Google to find and retain corporate clients for its cloud services
business, according to Diane Greene, Google’s cloud division head, who spoke
with the Financial Times.
This is due to general confusion over
Google’s business tactics and an overall apprehension to trust the company with
sensitive data, the report says.
Far from Superbowl prices, but not bad for a small(?)
share of the market.
Amazon to charge advertisers $2.8 million for Thursday night
NFL ad packages
Amazon is looking to charge advertisers $2.8 million for
packages that include 30-second spots during the Thursday night National
Football League games it will stream live to its Prime customers this coming
season, two people familiar with the matter told Reuters.
… Amazon is paying $50 million to the NFL to
stream this season’s 10 Thursday night games, sources told Reuters in April.
… For each game,
Amazon can sell 10 30-second spots, one of the sources said.
Look past your customers to their customers…
Kansas farmers win $218 million payout in suit against
Syngenta
A Kansas federal jury awarded nearly $218 million on
Friday to farmers who sued Swiss agribusiness giant Syngenta over its
introduction of a genetically engineered corn seed variety.
Syngenta vowed to appeal the verdict favoring four Kansas
farmers representing roughly 7,300 growers from that state in what served as
the first test case of tens of thousands of U.S. lawsuits assailing Syngenta’s
decision to introduce its Viptera seed strain to the U.S. market before China
approved it for imports.
… Most of the
farmers suing didn’t grow Viptera, but China also rejected millions of metric
tons of their grain because elevators and shippers typically mix grain from
large numbers of suppliers, making it difficult to source corn that was free of
the trait. So they say all farmers were
hurt by the resulting price drop.
Another one for the geek toolkit.
CheerpJ converts Java apps into JavaScript for the web
Melding Java and web development, CheerpJ is being readied
as compiler technology that takes Java bytecode and turns it into JavaScript,
for execution in browsers. Based on the
LLVM/Clang compiler platform as well as Learning
Technologies’ own Cheerp C++-to-JavaScript compiler, CheerpJ takes Java
bytecode and turns it into JavaScript without
needing the Java source.