Separate remote code execution vulnerability in unupdated versions of RocketMQ, a Chinese-developed messaging/streaming server, in the case of the infection described in the article. It's possible that there are a few other RCE vulns it can make use of, but 20000 of them seems unlikely.
You consider school shootings to be be progress? (Seriously, that's a topic that should never be brought up with respect to the presence or absence of cell phones in schools. Fix your damned gun control laws, or rather the lack thereof.)
I have mixed feelings about the necessity of this.
On the one hand, I know they don't really need the cell phones, because they didn't exist when I was in school.
On the other hand, the kids who are paying attention to their cell phone rather than the teacher probably wouldn't listen to the teacher if the cell phone wasn't present, either, and some of them would be far more disruptive toward other students who are trying to listen.
On the third hand, expecting the kids to pay attention all the time even if they've already mastered the subject and are bored out of their skulls by the repetition needed for the kids below the class median to have a chance of understanding too is a problem in and of itself.
Fortunately, I am not a teacher, a student, or the parent of a student, so I have no horse in this race and am not required to make a decision on whether the bans are useful or just obnoxious.
There's also a buried reference to using a several-years-patched gpac bug to gain root access before this thing can do most of its stealth stuff.
Basically, it needs your system to already have a known, unpatched RCE bug before it can get a foothold, and if you've got one of those you have problems that go way beyond stealth crypto miners stealing electricity.
It's kind of an iffy assertion. That's maybe the number of files it scans looking for misconfigurations it can exploit, but I'd bet there's a lot of overlap in the potential contents of those files (either because of cascading configurations, or because they're looking for the same file in slightly different places to mitigate distro differences). So the number of possible exploits is likely far fewer.
There's a reason why most other groups on the emulation scene wait for a given console to be a couple of generations dead before they'll touch it. And Nintendo has always been touchy about their property (intellectual and otherwise) I'm not going to argue about who has the moral high ground here, but this result isn't unexpected.
And if the panic button is going to call the police, how is that any different from the passenger using their phone to contact police? Seems like extra steps of middlemen and confusion when the passenger could just call once they feel the need.
Think of it as a backup for the phone in the case where, say, there's an adult and a kid in the car, the kid has no phone of their own, and the adult loses consciousness with their phone locked. Or the car is being actively jostled by a group of people (say it drove into the middle of an embryonic riot), causing the passenger to drop their phone, whereupon it slides under the seat. Or the phone just runs out of charge or doesn't survive getting dropped into the passenger's triple-extra-large fast-food coffee. It won't be needed 99% of the time, but the other 1% might save someone's life, and (presuming the car already has a cell modem it in) the cost of adding the feature should be minimal.
Ultimately, the police are compounding mistakes made by Grogan, who apparently trusted his business partner so much that it took him more than four years to actually check the books and report anything stolen. Since the cars were goods for sale and not of any sentimental value to him, and he doesn't need the money or he would have kept a closer eye on the business, the moral thing for him to do would be to leave the vehicles in the hands of their new owners and go after his former business partner for the money he effectively embezzled from the sales. That might not be legally feasible, though.
The actual relevant source document appears to be this: https://crtc.gc.ca/eng/archive/2024/2024-121.htm. Judging from that, some of the money will go to funds that subsidize the production of local news programs in any medium (including radio), and there's a small amount earmarked for community radio. It's supposed to encourage the stations to create and broadcast content that's beneficial to the general public but not as profitable as what they might otherwise air in its place. If you consider that to be "helping" radio stations, then fine, I concede, but to be honest, the specific details of where the money ends up aren't the major point here, and will probably change over time.
I expect domestic radio stations pay into many of the same funds, although to be honest I've never checked. If we actually had a Canadian-owned streaming service that was willing to produce news programs or one of the other categories the government wants to encourage, they might get some money too. Including some of what's coming from the radio stations, because no one is making an attempt to keep the revenue streams coming from different sources separate . . . and really, why should they? It's extra administrative overhead to no real benefit.
Not sure where you're getting that from—this isn't about anyone helping radio stations. The idea is that the government would impose laws and taxes on large streaming services operating in Canada that are somewhat similar to those currently imposed on radio stations in Canada.
Yeah, if that's what the footage shows then she appears to be at fault here, and a liar to boot. "Assault with a weapon" may be a little too heavy to stick, but hopefully some lesser charge will.
It would be pointless with my mother, anything involving technology developed after the 1980s goes were in one ear and out the other.
I just told mine, "If someone calls claiming to be me and says that 'I' am in trouble and need money, ask them [about thing from my pre-Internet childhood], and if they get the answer wrong, hang up, because it's someone else imitating my voice." No tech understanding required.
Unfortunately, it's rare that we can control what hashing algorithm is being used to secure the passwords we enter. I merely pray that any account that also holds my credit card data or other important information isn't using MD5. Some companies still don't take cybersecurity seriously.
That would be much, much worse than what we actually have. Complex regex are positively Lovecraftian. You'd be chanting "Ia! Ia! Cthulhu ftaghn!" before you knew it.
Cracking an 8-char on an ordinary desktop or laptop PC can still take quite a while depending on the details. Unfortunately, the existence of specialized crypto-coin-mining rigs designed to spit out hashes at high speed, plus the ability to farm things out into the cloud, means that the threat we're facing is no longer the lone hacker cracking things on his own PC.
Only problem is that you wouldn't be able to visit most sites, because Mosaic only supports HTTP 1.0. You could go for Lynx, though. Just remember to disable the cookie support.
Separate remote code execution vulnerability in unupdated versions of RocketMQ, a Chinese-developed messaging/streaming server, in the case of the infection described in the article. It's possible that there are a few other RCE vulns it can make use of, but 20000 of them seems unlikely.