Polls

Is there an unsecured wireless network near you?
 
Belgian parliament halts China Uyghur 'genocide' debate after DDoS smashes ISP offline
Wednesday, 05 May 2021 10:11

HTTP/2 200 date: Wed, 05 May 2021 14:00:25 GMT content-type: text/html; charset=UTF-8 link: ; rel=preload; as=script;,/2b82b4ff3d3bc293b3b20cfd8aed55aab22b49aa/javascript/_.js>; rel=preload; as=script;,/default/ccf270ce9b042b12f10c32b64cc5289ab676dd88/scaffolding.css>; rel=preload; as=style;,/default/ccf270ce9b042b12f10c32b64cc5289ab676dd88/design.css>; rel=preload; as=style;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2>; rel=preload; as=font; crossorigin;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2>; rel=preload; as=font; crossorigin; cache-control: max-age=0 expires: Wed, 05 May 2021 14:00:25 GMT vary: Accept-Encoding x-reg-bofh: pfy02us x-clacks-overhead: GNU Terry Pratchett, Lester Haines cf-cache-status: DYNAMIC cf-request-id: 09de6d837f000062e43da90000000001 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 64aa7eb26b4062e4-SYD Belgian parliament halts China Uyghur 'genocide' debate after DDoS smashes ISP offline • The Register

Plus: Register.com, Network Solutions DNS down and Cloudflare has a wobble


Government and academic websites and IT services in Belgium were down for hours on Tuesday after their internet provider Belnet was hit by a significant distributed denial-of-service tsunami.

“The Belnet network is currently under DDoS attack, resulting in reduced connectivity for our customers. Our teams are working hard to mitigate the attacks and restore connectivity,” the ISP said on its website.

It sounded the alarm after 1000 UTC, and posted a series of updates every two hours until about 1600 UTC. The last message said the team had “successfully implemented several mitigation rules,” and the “effect of the attack seems to be diminishing.”

Important government-related .be websites are up and running, including the Belgian parliament's web presence, and the Supreme Administrative Court of Belgium. The Ministry of Economic Affairs and the Ministry of Finance, however, remain offline at the time of writing. Services such as Belgium’s coronavirus vaccine portal were knocked offline, too, according to AP.

It is estimated that some 200 Belnet customers – which are educational and scientific institutions, research labs, and government organizations in the country – were affected by the downtime. Details of the DDoS, said to be large scale, are scarce, and it’s not clear who was behind the attack nor why. Samuel Cogolati, an MP of Belgium’s environmentally focused political party Ecolo, noted that the time of the attack seemed to coincide with a parliamentary committee meeting on whether to accuse China of genocide regarding its treatment of Uyghur Muslims though there was other business on the agenda.

Cogolati was just hit with counter-sanctions by Beijing for speaking out against what he described as the persecution of Uyghurs in Xinjiang. China denies the West's allegations of mistreatment amid mounting evidence to the contrary.

In any case, the parliament's proceedings were halted after the DDoS knocked out connectivity to the outside world. A Uyghur woman was expected to tell Belgian politicians what she experienced in China's camps, according to Cogolati. The Register has asked Belnet for further information and comment. ®

In other outage news... Register.com (no relation) and its Web.com stablemate Network Solutions suffered a outage for most of Tuesday that left some people unable to access websites and other services via their domain names. In the past two hours, Register.com claimed its systems are returning to normal.

Also Cloudflare suffered some "issues with network performance" on the US East Coast, and said it has rolled out a fix and is monitoring the situation.


Shipments of Chromebooks reached 12 million globally in the first three months of 2021, according to analyst outfit Canalys, which pegged the year-on-year growth at a stratospheric 275 per cent.

The vendor with the largest total number of sales-in was HP, with 4.36 million units leaving its factories, up 633.7 per cent year-on-year. HP said Chromebook sales had quadrupled in its Q1 ended 31 January to account for $1.69bn or 16 per cent of its PC business revenues.

HP CEO Enrique Lores sounded like the company could have sold more if only those pesky component shortages hadn't been a determining factor, saying on a Q1 conference call it had "increased inventory" and was "changing...the connections that we have with certain component providers."

Continue readingTwilio's private GitHub repositories cloned by Codecov attacker, cloud comms platform confirms Used the GitHub Codecov Action? Credentials may have been pilfered

Cloud comms platform Twilio has confirmed its private GitHub repositories were cloned after it became the latest casualty of the compromised credential-stealing Codecov script.

Codecov, a cloud-based tool for assessing how much code is covered by software tests, revealed last month that a script called Bash Uploader had been altered by a criminal to export secrets stored in environmental variables to a third-party server. This script is widely used for Codecov integration, including within GitHub Actions, popular for Continuous Integration (CI) pipelines.

Twilio said: "We have Codecov tools, including the Bash Uploader component, in use in a small number of our projects and CI pipelines." The company added that these particular projects were "not in the critical path to providing updates or functionality to our communication APIs" and that it has "remediated the potential exposure by thoroughly reviewing and rotating any potentially exposed credentials."

Continue readingMicrosoft reassures Teams freebie fans: We're not going to delete all your data, honest The bug: IF Tier = Free THEN PRINT "Can we offer you an upgrade?"

Microsoft has had its very own Who, Me? moment after being forced to apologise for a bug that spammed administrators of Teams Free organisations to suggest they should upgrade to avoid imminent deletion of data.

The oopsie actually occurred in April (although a full explanation was not shared until last night) and resulted in users of the company's freebie version of Teams receiving an email warning that their trial was coming to an end. If a new subscription was not swiftly acquired then users would lose access to their data after around 30 days. Administrators would subsequently have 90 days to upgrade or face permanent deletion.

Understandably, customers were left a little baffled. After all, Teams has a Free tier and a bunch of Frequently Asked Questions includes hits such as "Is Microsoft Teams really free?" (answer: "Yes!") and "Will my account my expire?" (answer: "No, your account will not expire.")

Continue readingHow to hide a backdoor in AI software – such as a bank app depositing checks or a security cam checking faces Neural networks can be aimed to misbehave when squeezed

Boffins in China and the US have developed a technique to hide a backdoor in a machine-learning model so it only appears when the model is compressed for deployment on a mobile device.

Yulong Tian and Fengyuan Xu, from Nanjing University, and Fnu Suya and David Evans, from University of Virginia, describe their approach to ML model manipulation in a paper distributed via ArXiv, titled "Stealthy Backdoors as Compression Artifacts."

Machine-learning models are typically large files that result from computationally intensive training on vast amounts of data. One of the best known at the moment is OpenAI's natural language model GPT-3, which needs about 350GB of memory to load.

Continue readingThe Wight stuff: Marconi and the island, when working remotely on wireless comms meant something very different Planning a post-lockdown trip to the isle off England's south coast? Don't miss the interesting bits

Geek's Guide to Britain Guglielmo Marconi is famous for sending the first transatlantic wireless signal from Cornwall to Newfoundland, with his two radio stations on the Lizard peninsula covered by a previous Geek's Guide. But he worked up to this achievement on the Isle of Wight, the England-in-miniature that lies just off the south coast of Hampshire.

Marconi's Needles wireless telegraph station existed for just two and a half years, but its location on Alum Bay at the west end of the Isle of Wight is marked by a built-for-the-ages stone monument. Plaques on each of its four sides tell the story of how between December 1897 and May 1900 the Italian tech entrepreneur and his staff carried out pioneering experiments in wireless communication.

They exchanged radio messages with Bournemouth and Poole, 14 miles (22.5km) and 18 miles (29km) away respectively, then ships 40 miles (64km) away. On 3 June 1898, Lord Kelvin helped monetise the technology by sending the first paid-for radio telegram. On 15 November 1899, the contents of the Transatlantic Times, the first newspaper produced at sea, were sent from here to the American liner St Paul.

Continue readingFancy a piece of sordid tech history? Fleabayer is flogging the first production Spectrum Vega+ console for £1,500 Which is a lot of money for this crap

In the long history of crowdfunding disasters, few stories spring quite as quickly to mind as Retro Computers Limited's ZX Spectrum Vega+. The premise was simple: bring the joy of 1980s 8-bit gaming to a pocketable form factor. Around 4,500 people collectively stumped up £513,000 to bring it to life.

In reality, only a few hundred consoles were delivered. Legal action followed, both from backers who paid £100 apiece, as well as from one contractor who claimed Retro Computers failed to pay him for work performed.

In 2019, the company was wound up, with the latest Companies House filing showing claims from creditors of £1.278m. It remains a cautionary tale.

Continue readingUK's Department for Work and Pensions continues to move off Oracle Enterprise Data Warehouse in pursuit of a single version of the truth Redshift, Cloudera among preferred platforms, but after 7 years Big Red's system refuses to die

The UK's Department for Work and Pensions has confirmed it no longer runs a single data warehouse after moving analytics products off its Oracle system to a range of services for AWS, Oracle Cloud, Azure, and Google Cloud Platform.

This follows the £176.3bn-revenue department's award of a £3m contract to Methods Business and Digital Technology. The vendor has been charged with the migration of analytics products from Oracle Enterprise Data Warehouse (EDW) to the Data Services Platform, an AWS-based environment.

The contract award notice said: "A Re-engineering Discovery team will assess the current state of data in DWP warehouses and recommend an approach to migration/reengineer data to the Data Services Platform (DSP). Two Re-Engineering Delivery teams [will] design, develop end migrate required Products, redesigning manufacturing processes optimised for the new environments."

Continue readingWhat not to expect when you're expecting: Fertility apps may be selling intimate health secrets Majority aren't GDPR compliant and Google Play categorises them badly, leading to lax practices

Hundreds of millions of women turn to fertility apps to conceive or prevent pregnancy, and according to a new study those apps may leak very personal information including miscarriages, abortions, sexual history, potential infertility and pregnancy.

The study considered privacy notices and tracking practices of 30 free, popular, fertility apps available on the Google Play Store. The apps collected information such as temperature, mood, sexual activity, climax, and medical records.

The pair found that most of the apps were not GDPR compliant. Furthermore, the sheer act of installing and opening them activated an average 3.8 trackers, many without users granting permission.

Continue readingSome stayed in Croatian castles. Some hid in cars. We speak to techies who experienced lockdown in very different ways Tales from less-conventional bunkers at the height of the pandemic

Covid Logfile II Darren Ellis spent eight weeks of 2020 quarantined in hotel rooms. James McParlane spent seven months of the year in a Croatian castle. Bruce Davie and Josh Odgers spent 111 days unable to travel more than five kilometres from home or spend more than an hour a day outside.

Claire O'Dwyer moved to a tropical paradise. And Chris Moriarty started hiding his kids in his car so they could get some exercise during another deep lockdown.

And while none were alone in finding themselves in new and unusual work situations due to COVID-19, their stories are surely some of 2020's most extreme remote work experiences.

Continue readingDell, Foxconn sign up for Indian servers-and-PCs manufacturing subsidies India wanted five global players. And it got only five applications from qualifying companies

India has met its target to lure five global server, PC, and tablet computer manufacturers to its shores, but in a slightly unusual way.

A "Production Linked Incentive Scheme" announced in February 2021 set a goal of five "major global players" willing to set up shop in India in return for a shared pool of subsidies worth up to $1bn that will be paid over four years. Ten Indian operators were also sought and are eligible for the payments.

India's government yesterday revealed that four offshore companies have applied to participate in the scheme, namely Dell, ICT (Wistron), Flextronics, and Foxconn offshoot Rising Stars Hi-Tech.

Continue readingWipro rolls out 'COVID-19 vaccination camps' in India to keep staff alive during virus super-surge We speak to IT outsourcing giants as human malware grips nation

India's big tech companies have mobilized to protect their workforces as the nation experiences a terrifying second wave of COVID-19.

Wipro told The Register it has "initiated COVID vaccination camps at one of our facilities for Bangalore-based employees and are making necessary efforts to roll out vaccination camps across other major offices in India."

The IT consulting multinational's vaccine effort aligns with a call from the Confederation of Indian Industry. On Monday the Delhi-based non-governmental trade association and advocacy group said [PDF] big business should help to confront the pandemic by advising staff on how best to stay safe. They also advised industry to voluntarily "ramp up vaccination of employees and as vaccine availability improves extend vaccination drives to neighboring communities."

Continue reading

HTTP/2 200 date: Wed, 05 May 2021 14:00:25 GMT content-type: text/html; charset=UTF-8 link: ; rel=preload; as=script;,/2b82b4ff3d3bc293b3b20cfd8aed55aab22b49aa/javascript/_.js>; rel=preload; as=script;,/default/ccf270ce9b042b12f10c32b64cc5289ab676dd88/scaffolding.css>; rel=preload; as=style;,/default/ccf270ce9b042b12f10c32b64cc5289ab676dd88/design.css>; rel=preload; as=style;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-700.latin.woff2>; rel=preload; as=font; crossorigin;,/5e49edbd1875f214e0decae1e24b200066780fa8/style/fonts/arimo/arimo-400.latin.woff2>; rel=preload; as=font; crossorigin; cache-control: max-age=0 expires: Wed, 05 May 2021 14:00:25 GMT vary: Accept-Encoding x-reg-bofh: pfy02us x-clacks-overhead: GNU Terry Pratchett, Lester Haines cf-cache-status: DYNAMIC cf-request-id: 09de6d837f000062e43da90000000001 expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server: cloudflare cf-ray: 64aa7eb26b4062e4-SYD Belgian parliament halts China Uyghur 'genocide' debate after DDoS smashes ISP offline • The Register

Plus: Register.com, Network Solutions DNS down and Cloudflare has a wobble


Government and academic websites and IT services in Belgium were down for hours on Tuesday after their internet provider Belnet was hit by a significant distributed denial-of-service tsunami.

“The Belnet network is currently under DDoS attack, resulting in reduced connectivity for our customers. Our teams are working hard to mitigate the attacks and restore connectivity,” the ISP said on its website.

It sounded the alarm after 1000 UTC, and posted a series of updates every two hours until about 1600 UTC. The last message said the team had “successfully implemented several mitigation rules,” and the “effect of the attack seems to be diminishing.”

Important government-related .be websites are up and running, including the Belgian parliament's web presence, and the Supreme Administrative Court of Belgium. The Ministry of Economic Affairs and the Ministry of Finance, however, remain offline at the time of writing. Services such as Belgium’s coronavirus vaccine portal were knocked offline, too, according to AP.

It is estimated that some 200 Belnet customers – which are educational and scientific institutions, research labs, and government organizations in the country – were affected by the downtime. Details of the DDoS, said to be large scale, are scarce, and it’s not clear who was behind the attack nor why. Samuel Cogolati, an MP of Belgium’s environmentally focused political party Ecolo, noted that the time of the attack seemed to coincide with a parliamentary committee meeting on whether to accuse China of genocide regarding its treatment of Uyghur Muslims though there was other business on the agenda.

Cogolati was just hit with counter-sanctions by Beijing for speaking out against what he described as the persecution of Uyghurs in Xinjiang. China denies the West's allegations of mistreatment amid mounting evidence to the contrary.

In any case, the parliament's proceedings were halted after the DDoS knocked out connectivity to the outside world. A Uyghur woman was expected to tell Belgian politicians what she experienced in China's camps, according to Cogolati. The Register has asked Belnet for further information and comment. ®

In other outage news... Register.com (no relation) and its Web.com stablemate Network Solutions suffered a outage for most of Tuesday that left some people unable to access websites and other services via their domain names. In the past two hours, Register.com claimed its systems are returning to normal.

Also Cloudflare suffered some "issues with network performance" on the US East Coast, and said it has rolled out a fix and is monitoring the situation.


Shipments of Chromebooks reached 12 million globally in the first three months of 2021, according to analyst outfit Canalys, which pegged the year-on-year growth at a stratospheric 275 per cent.

The vendor with the largest total number of sales-in was HP, with 4.36 million units leaving its factories, up 633.7 per cent year-on-year. HP said Chromebook sales had quadrupled in its Q1 ended 31 January to account for $1.69bn or 16 per cent of its PC business revenues.

HP CEO Enrique Lores sounded like the company could have sold more if only those pesky component shortages hadn't been a determining factor, saying on a Q1 conference call it had "increased inventory" and was "changing...the connections that we have with certain component providers."

Continue readingTwilio's private GitHub repositories cloned by Codecov attacker, cloud comms platform confirms Used the GitHub Codecov Action? Credentials may have been pilfered

Cloud comms platform Twilio has confirmed its private GitHub repositories were cloned after it became the latest casualty of the compromised credential-stealing Codecov script.

Codecov, a cloud-based tool for assessing how much code is covered by software tests, revealed last month that a script called Bash Uploader had been altered by a criminal to export secrets stored in environmental variables to a third-party server. This script is widely used for Codecov integration, including within GitHub Actions, popular for Continuous Integration (CI) pipelines.

Twilio said: "We have Codecov tools, including the Bash Uploader component, in use in a small number of our projects and CI pipelines." The company added that these particular projects were "not in the critical path to providing updates or functionality to our communication APIs" and that it has "remediated the potential exposure by thoroughly reviewing and rotating any potentially exposed credentials."

Continue readingMicrosoft reassures Teams freebie fans: We're not going to delete all your data, honest The bug: IF Tier = Free THEN PRINT "Can we offer you an upgrade?"

Microsoft has had its very own Who, Me? moment after being forced to apologise for a bug that spammed administrators of Teams Free organisations to suggest they should upgrade to avoid imminent deletion of data.

The oopsie actually occurred in April (although a full explanation was not shared until last night) and resulted in users of the company's freebie version of Teams receiving an email warning that their trial was coming to an end. If a new subscription was not swiftly acquired then users would lose access to their data after around 30 days. Administrators would subsequently have 90 days to upgrade or face permanent deletion.

Understandably, customers were left a little baffled. After all, Teams has a Free tier and a bunch of Frequently Asked Questions includes hits such as "Is Microsoft Teams really free?" (answer: "Yes!") and "Will my account my expire?" (answer: "No, your account will not expire.")

Continue readingHow to hide a backdoor in AI software – such as a bank app depositing checks or a security cam checking faces Neural networks can be aimed to misbehave when squeezed

Boffins in China and the US have developed a technique to hide a backdoor in a machine-learning model so it only appears when the model is compressed for deployment on a mobile device.

Yulong Tian and Fengyuan Xu, from Nanjing University, and Fnu Suya and David Evans, from University of Virginia, describe their approach to ML model manipulation in a paper distributed via ArXiv, titled "Stealthy Backdoors as Compression Artifacts."

Machine-learning models are typically large files that result from computationally intensive training on vast amounts of data. One of the best known at the moment is OpenAI's natural language model GPT-3, which needs about 350GB of memory to load.

Continue readingThe Wight stuff: Marconi and the island, when working remotely on wireless comms meant something very different Planning a post-lockdown trip to the isle off England's south coast? Don't miss the interesting bits

Geek's Guide to Britain Guglielmo Marconi is famous for sending the first transatlantic wireless signal from Cornwall to Newfoundland, with his two radio stations on the Lizard peninsula covered by a previous Geek's Guide. But he worked up to this achievement on the Isle of Wight, the England-in-miniature that lies just off the south coast of Hampshire.

Marconi's Needles wireless telegraph station existed for just two and a half years, but its location on Alum Bay at the west end of the Isle of Wight is marked by a built-for-the-ages stone monument. Plaques on each of its four sides tell the story of how between December 1897 and May 1900 the Italian tech entrepreneur and his staff carried out pioneering experiments in wireless communication.

They exchanged radio messages with Bournemouth and Poole, 14 miles (22.5km) and 18 miles (29km) away respectively, then ships 40 miles (64km) away. On 3 June 1898, Lord Kelvin helped monetise the technology by sending the first paid-for radio telegram. On 15 November 1899, the contents of the Transatlantic Times, the first newspaper produced at sea, were sent from here to the American liner St Paul.

Continue readingFancy a piece of sordid tech history? Fleabayer is flogging the first production Spectrum Vega+ console for £1,500 Which is a lot of money for this crap

In the long history of crowdfunding disasters, few stories spring quite as quickly to mind as Retro Computers Limited's ZX Spectrum Vega+. The premise was simple: bring the joy of 1980s 8-bit gaming to a pocketable form factor. Around 4,500 people collectively stumped up £513,000 to bring it to life.

In reality, only a few hundred consoles were delivered. Legal action followed, both from backers who paid £100 apiece, as well as from one contractor who claimed Retro Computers failed to pay him for work performed.

In 2019, the company was wound up, with the latest Companies House filing showing claims from creditors of £1.278m. It remains a cautionary tale.

Continue readingUK's Department for Work and Pensions continues to move off Oracle Enterprise Data Warehouse in pursuit of a single version of the truth Redshift, Cloudera among preferred platforms, but after 7 years Big Red's system refuses to die

The UK's Department for Work and Pensions has confirmed it no longer runs a single data warehouse after moving analytics products off its Oracle system to a range of services for AWS, Oracle Cloud, Azure, and Google Cloud Platform.

This follows the £176.3bn-revenue department's award of a £3m contract to Methods Business and Digital Technology. The vendor has been charged with the migration of analytics products from Oracle Enterprise Data Warehouse (EDW) to the Data Services Platform, an AWS-based environment.

The contract award notice said: "A Re-engineering Discovery team will assess the current state of data in DWP warehouses and recommend an approach to migration/reengineer data to the Data Services Platform (DSP). Two Re-Engineering Delivery teams [will] design, develop end migrate required Products, redesigning manufacturing processes optimised for the new environments."

Continue readingWhat not to expect when you're expecting: Fertility apps may be selling intimate health secrets Majority aren't GDPR compliant and Google Play categorises them badly, leading to lax practices

Hundreds of millions of women turn to fertility apps to conceive or prevent pregnancy, and according to a new study those apps may leak very personal information including miscarriages, abortions, sexual history, potential infertility and pregnancy.

The study considered privacy notices and tracking practices of 30 free, popular, fertility apps available on the Google Play Store. The apps collected information such as temperature, mood, sexual activity, climax, and medical records.

The pair found that most of the apps were not GDPR compliant. Furthermore, the sheer act of installing and opening them activated an average 3.8 trackers, many without users granting permission.

Continue readingSome stayed in Croatian castles. Some hid in cars. We speak to techies who experienced lockdown in very different ways Tales from less-conventional bunkers at the height of the pandemic

Covid Logfile II Darren Ellis spent eight weeks of 2020 quarantined in hotel rooms. James McParlane spent seven months of the year in a Croatian castle. Bruce Davie and Josh Odgers spent 111 days unable to travel more than five kilometres from home or spend more than an hour a day outside.

Claire O'Dwyer moved to a tropical paradise. And Chris Moriarty started hiding his kids in his car so they could get some exercise during another deep lockdown.

And while none were alone in finding themselves in new and unusual work situations due to COVID-19, their stories are surely some of 2020's most extreme remote work experiences.

Continue readingDell, Foxconn sign up for Indian servers-and-PCs manufacturing subsidies India wanted five global players. And it got only five applications from qualifying companies

India has met its target to lure five global server, PC, and tablet computer manufacturers to its shores, but in a slightly unusual way.

A "Production Linked Incentive Scheme" announced in February 2021 set a goal of five "major global players" willing to set up shop in India in return for a shared pool of subsidies worth up to $1bn that will be paid over four years. Ten Indian operators were also sought and are eligible for the payments.

India's government yesterday revealed that four offshore companies have applied to participate in the scheme, namely Dell, ICT (Wistron), Flextronics, and Foxconn offshoot Rising Stars Hi-Tech.

Continue readingWipro rolls out 'COVID-19 vaccination camps' in India to keep staff alive during virus super-surge We speak to IT outsourcing giants as human malware grips nation

India's big tech companies have mobilized to protect their workforces as the nation experiences a terrifying second wave of COVID-19.

Wipro told The Register it has "initiated COVID vaccination camps at one of our facilities for Bangalore-based employees and are making necessary efforts to roll out vaccination camps across other major offices in India."

The IT consulting multinational's vaccine effort aligns with a call from the Confederation of Indian Industry. On Monday the Delhi-based non-governmental trade association and advocacy group said [PDF] big business should help to confront the pandemic by advising staff on how best to stay safe. They also advised industry to voluntarily "ramp up vaccination of employees and as vaccine availability improves extend vaccination drives to neighboring communities."

Continue reading

Source: https://bit.ly/3tfvt2U