Webtagr - Technology News Summarizer

Bypassing BitLocker Encryption on Windows 11 via Memory Dump

2024-12-30

This article demonstrates bypassing BitLocker encryption on Windows 11 by extracting the Full Volume Encryption Key (FVEK) from memory. By physically accessing the device and abruptly restarting it, an attacker can capture RAM contents, which may contain the FVEK. The author utilizes a UEFI application, Memory-Dump-UEFI, to achieve this. The process involves creating a bootable USB, forcefully restarting the system, booting from the USB, analyzing the memory dump, and using pool tags to locate the FVEK. The article details these steps and emphasizes the use of tools like dislocker to unlock the BitLocker-protected partition. The method is not foolproof and relies on several factors such as speed of memory dump and the timing of the restart.

(noinitrd.github.io)

Tech Memory Dump Windows Security

Hacker Remotely Revives Dormant Satellite: Beesat-1 Back Online

2024-12-30

The TU Berlin's Beesat-1 test satellite, launched in 2009, fell silent in 2013. However, at the 38C3 conference, hacker PistonMiner revealed how they remotely resurrected the satellite. Identifying a software bug, not hardware failure, as the culprit, PistonMiner used a 'Frankenstein-Beesat' ground test model for debugging. A software update restored functionality, even reactivating a presumed-broken onboard camera. This feat not only brought the small satellite back to life but also offers a potential model for reviving other defunct satellites.

(www.heise.de)

Tech satellite repair software bug

Boeing and FAA Whistleblower System Fails, Leaving Reporters in Limbo

2024-12-30

This article exposes the critical flaws in the whistleblower system at Boeing, its supplier Spirit AeroSystems, and the Federal Aviation Administration (FAA). Numerous whistleblowers report safety concerns at great personal and professional risk, yet the FAA finds no violations in over 90% of cases. This leaves whistleblowers facing retaliation, unemployment, and emotional distress; some have even died as a result. The article uses several whistleblowers' experiences to highlight the system's lack of independence and inadequate protection, calling for reform to ensure aviation safety and protect whistleblower rights.

(www.seattletimes.com)

Tech whistleblower protection Boeing

Passkeys: Elegant, but Not Yet Usable Security

2024-12-30

Passkeys, touted as a password alternative, aim for enhanced security and easier logins. However, this article reveals significant usability issues. While technically elegant, the lack of standardization across platforms (operating systems, browsers, apps) leads to a confusing user experience, with varying prompts and workflows. Password managers can alleviate some problems, but this hinges on user adoption. Many websites still allow password logins, undermining Passkey's security. Currently, Passkeys are more of a transitional solution than a fully mature technology.

(arstechnica.com)

Tech

Wi-Fi and Radar Interference: The Challenges of DFS

2024-12-30

This article explores the interference issues between Wi-Fi networks and radar systems in the 5GHz band. Since Wi-Fi operates on unlicensed spectrum, proximity to airports or other radar-using facilities can lead to interference, causing device dropouts. Dynamic Frequency Selection (DFS) aims to mitigate this, but its implementation isn't seamless. DFS can cause brief Wi-Fi access point outages, impacting user experience. The article suggests avoiding UNI II band DFS channels near radar facilities or using newer APs and the UNI II extended band to minimize problems.

(blog.iptel.com.au)

Tech Radar Interference

Apple and Meta Clash Over Interoperability and Privacy

2024-12-30

Apple and Meta are locked in a battle in Europe over the European Union's Digital Markets Act (DMA). The DMA mandates interoperability, requiring designated gatekeepers like Apple and Meta to allow competitors access to core platform services. Meta has submitted 15 interoperability requests to Apple, prompting Apple to warn of significant privacy and security risks if granted, potentially exposing user data extensively. Meta counters that Apple's privacy concerns are unfounded and a pretext to stifle competition. This conflict highlights the tension between interoperability and user privacy, and the challenges faced by EU regulators in enforcing the DMA.

(techcrunch.com)

Tech

2024: A Breakthrough Year for Windows on Arm

2024-12-30

2024 marked a significant milestone for Windows on Arm. Qualcomm's Snapdragon X Elite processors delivered exceptional performance and battery life, enabling Copilot Plus PCs to challenge Apple's MacBook Air. While gaming compatibility remains an area for improvement, the collaboration between Microsoft and Qualcomm, along with developers embracing native Arm64 apps, has significantly matured the Windows on Arm ecosystem. Intel and AMD countered with Lunar Lake and Ryzen AI chips, respectively, intensifying the competition and setting the stage for a fierce battle between Arm and x86 in 2025.

(www.theverge.com)

Tech Qualcomm Snapdragon

Y2K Scare: The Millennium Bug That Never Bit

2024-12-30

In 1999, the Y2K problem, or millennium bug, sparked global panic. Older computer systems used only two digits to represent the year, leading to fears that at the turn of the millennium, systems would misinterpret '00' as 1900, causing widespread chaos. The Clinton administration called Y2K preparations 'the single largest technology management challenge in history.' Citizens stockpiled food, generators, and even weapons, fearing blackouts, medical equipment failures, and societal breakdown. Ultimately, the world transitioned to 2000 without major incident, highlighting the anxieties surrounding the unknown and the extensive preparations undertaken. The event served as a reminder of the interdependence of technology and societal stability.

(www.npr.org)

Tech Millennium Bug Doomsday Prophecy

Rolling the Dice on Bird Flu: Are We Prepared for Another Pandemic?

2024-12-30

Avian influenza (H5N1) is spreading globally in late 2024, infecting poultry, livestock, and even humans. While human-to-human transmission remains rare, scientists warn a single mutation could make it pandemic-capable. While we have more vaccine stockpiles and tests than during COVID-19, public sentiment toward government interventions remains uncertain. The article explores the tension between concerns about another pandemic and preparedness, questioning whether American society could effectively handle a potential bird flu pandemic.

(nymag.com)

Tech pandemic

Lightweight Reuters Alternative Frontend Launched

2024-12-30

About is a lightweight alternative frontend to Reuters, designed for speed and efficiency, inspired by Nitter. It's JavaScript, ad, and tracking-free, uses no cookies, and is typically under 10KB (compared to Reuters' 50MB+). Dynamic theming respects system preferences. You can use libredirect or a browser extension to automatically redirect Reuters links to this site. This is a work in progress; bug reports and suggestions are welcome on GitHub.

(neuters.de)

Tech lightweight frontend Reuters alternative ad-free

Nikon Unveils Revolutionary Dual-Lens Camera Capturing Wide and Telephoto Simultaneously

2024-12-30

Nikon, in collaboration with Mitsubishi Fuso Truck and Bus Corporation, has developed an in-vehicle camera system featuring a groundbreaking optical lens that captures telephoto and wide-angle images simultaneously. This eliminates the need for multiple cameras to achieve 360-degree surround view, reducing system costs and failure rates. AI-powered image recognition collects road information, enhancing safety and enabling integration into advanced driver-assistance systems and autonomous driving technology. Initially intended for trucks and buses, Nikon plans to expand the technology's applications to diverse fields.

(www.digitalcameraworld.com)

Tech Nikon In-vehicle camera AI image recognition

From Pegasus to Predator: The Evolution of Commercial Spyware on iOS

2024-12-30

This talk traces the evolution of iOS spyware from the initial discovery of Pegasus in 2016 to the latest cases in 2024. It begins by analyzing how exploits, infection vectors, and methods of commercial spyware on iOS have changed over time. The presentation then explores advancements in detection methods and forensic resources available to uncover commercial spyware, including a case study on the discovery and analysis of BlastPass, a recent NSO exploit. Finally, it discusses technical challenges and limitations of detection methods and data sources, concluding with open research topics and suggestions for improving the detection of commercial spyware.

(media.ccc.de)

Tech iOS spyware exploits

Critical Apache Traffic Control Vulnerability Allows Malicious SQL Injection

2024-12-30

A critical vulnerability (CVE-2024-45387) has been discovered in Apache Traffic Control versions 8.0.0 and 8.0.1. This flaw allows attackers with privileged roles like "admin" or "operations" to inject malicious SQL commands via crafted PUT requests. By manipulating database interaction input fields, attackers can execute SQL queries compromising the entire database, leading to unauthorized data access, modification, or deletion. This severely impacts the integrity and availability of CDN services. Security experts urge immediate updates to protect against SQL injection attacks.

(www.scworld.com)

Tech SQL Injection

Belgium Bans Disposable E-cigarettes, a First for the EU

2024-12-30

Belgium will ban the sale of disposable e-cigarettes starting January 1st, 2025, a groundbreaking move within the European Union. Driven by health and environmental concerns, the ban aims to curb teen vaping and reduce the waste generated by discarded devices. Health Minister Frank Vandenbroucke highlighted the ease with which disposable vapes hook teenagers on nicotine, emphasizing the addictive and harmful nature of the substance. While the ban may impact the industry financially, some vendors believe a shift to reusable alternatives will mitigate the losses. Belgium is urging the European Commission to strengthen tobacco legislation.

(www.npr.org)

Tech e-cigarettes ban environment

The Amazing Evolution of Stents: A Personal Journey

2024-12-29

Seventeen years after a heart attack led to the implantation of a stent, the author reflects on the remarkable advancements in stent technology. He draws parallels between the evolution of stents—from basic metal scaffolds to sophisticated drug-eluting and bioabsorbable devices—and the development of smartphones. The author explores the impact of GLP-1 drugs on the future of stent procedures and underscores the profound effect this life-saving technology has had on cardiovascular care, culminating in a personal story of resilience and gratitude.

(om.co)

Tech medical technology stents cardiovascular health

Critical Flaw Discovered: NATO Radio Encryption Algorithm Broken

2024-12-29

Researchers from the Chaos Computer Club have uncovered a critical vulnerability in HALFLOOP-24, the encryption algorithm used by the US military and NATO. This algorithm protects the automatic link establishment protocol in high-frequency radio, but researchers demonstrated that just two hours of intercepted radio traffic are sufficient to recover the secret key. The attack exploits a flaw in HALFLOOP-24's handling of the 'tweak' parameter, using differential cryptanalysis to bypass significant portions of the encryption process and extract the key. This vulnerability compromises communication confidentiality and enables denial-of-service attacks. The research, published in two papers, highlights a serious security risk and underscores the importance of robust encryption algorithms.

(media.ccc.de)

Tech encryption algorithm

Mastodon Discussion on Melbourne Train Control System Glitch

2024-12-29

A Mastodon user, Dervishe the Grey, posted about a glitch in the Melbourne Train Control System. The post highlights the system's issues and suggests users enable JavaScript or use native Mastodon apps. This sparked a conversation about system stability and user experience, showcasing the impact of public transport technology failures and social media's role in information dissemination.

(mastodon.sdf.org)

Tech Melbourne Trains System Glitch

New 'OtterCookie' Malware Targets Developers in Fake Job Offers

2024-12-29

Cybersecurity firms have uncovered a new malware, OtterCookie, used in the 'Contagious Interview' campaign by North Korean threat actors. This campaign lures software developers with fake job offers containing malware, including OtterCookie and previously seen malware like BeaverTail. OtterCookie is delivered through Node.js projects or npm packages, establishing communication with a command and control server via Socket.IO. It steals sensitive data, such as cryptocurrency wallet keys, documents, and images, and performs reconnaissance on the infected system. Experts warn developers to carefully vet job offers and avoid running untrusted code.

(www.bleepingcomputer.com)

Tech Malware

Boeing 737-800 Suffers Twin Disasters on Same Day, Ending 2024 on a Grim Note

2024-12-29

Two Boeing 737-800 airliners were involved in separate accidents on the same day, casting a pall over Boeing's year-end. One plane skidded off the runway in Norway during an emergency landing, miraculously leaving all 182 passengers and crew unharmed. However, another 737-800 crashed in South Korea, resulting in 47 fatalities. The twin disasters, occurring on the same day, have raised serious safety concerns and will undoubtedly trigger thorough investigations into Boeing's aircraft.

(telanganatoday.com)

Tech Boeing 737-800 aviation safety

Life After the Newag DRM Disclosure: A 38C3 Report

2024-12-29

Following the disclosure at 37C3 of remote failure simulation code in Newag trains, security researchers faced a backlash. This update details the aftermath, including legal battles with Newag and train operators, media interactions, and multiple official investigations. The report also reveals new cases from different train operators, illustrating the challenges faced by security researchers when confronting powerful adversaries.

(media.ccc.de)

Tech security research legal battles

38C3: Illegal Instructions - Chaos Communication Congress Explores Tech and Society

2024-12-29

The 38th Chaos Communication Congress (38C3), themed "Illegal Instructions," will take place in Hamburg from December 27th to 30th, 2024. This four-day conference, organized by the Chaos Computer Club (CCC), will feature talks and workshops on technology, society, and utopia. Topics range from hardware hacking and security to ethical and political discussions surrounding technological advancements. From liberating Wi-Fi on ESP32 to breaking Apple's new iPhone remote control feature and examining the EU's digital identity systems, 38C3 promises a diverse program sparking debate about technological ethics and societal responsibility.

(media.ccc.de)

Tech Society

Intel 8080: The Microprocessor That Changed the World

2024-12-29

Fifty years ago, the Intel 8080 microprocessor launched, marking a pivotal moment in computing history. Unlike its predecessors designed for specific clients, the 8080 was the first truly general-purpose microprocessor. Its efficiency, power, and flexible 40-pin configuration made it easier to connect to other components and integrated functions previously requiring multiple chips. Priced at just $360, the 8080 democratized computing, making it accessible to businesses and individuals alike. This spurred the mass adoption of personal computers, created new categories of silicon-powered devices, and boosted programming as a crucial skill. Its legacy continues today; the 8080 directly inspired the x86 architecture, now the world's most widely used computing architecture.

(www.intel.com)

Tech Microprocessor x86 architecture

Unique Visual Challenges for Astronauts at the Lunar South Pole

2024-12-29

NASA's Artemis program, aiming for a permanent lunar base at the South Pole, faces a unique challenge: the harsh lighting environment. The low solar elevation angle creates extreme variations in light and shadow, severely impacting astronaut vision and task performance. Unlike previous missions where helmet design alone sufficed, Artemis requires innovative vision support systems. These systems, encompassing helmets, windows, and lighting, must ensure clear vision in diverse lighting conditions, protecting astronauts' eyes from injury. NASA is developing various simulation techniques to address this challenge, paving the way for successful lunar exploration.

(phys.org)

Tech Lunar South Pole Vision Challenges Artemis Program

Hackers Reveal Vulnerability in Europe's Remotely Controlled Power Grid

2024-12-29

A significant portion of Europe's renewable energy production is remotely controlled via longwave radio. While designed to stabilize the grid, this system, using unencrypted and unauthenticated Versacom and Semagyr protocols, is vulnerable to abuse. Researchers analyzed these protocols and demonstrated how vulnerabilities could be exploited to remotely control streetlights, power plants, and potentially cause large-scale blackouts. They also showcased the possibility of using this vulnerability to create a city-wide light art installation.

(media.ccc.de)

Tech grid security remote control

NASA and Axiom Space Alter Commercial Space Station Assembly Order

2024-12-29

NASA and Axiom Space have revised the assembly sequence for Axiom Space's commercial space station. The new plan prioritizes launching the Payload, Power, and Thermal Module first, enabling Axiom Station to become a free-flying destination as early as 2028, independent of the International Space Station (ISS). This accelerates Axiom Station's operational capabilities, reduces reliance on the ISS, and prepares for the ISS's decommissioning no earlier than 2030. NASA continues to support the R&D of multiple commercial space stations to maintain US leadership in microgravity research and to serve future space exploration goals.

(www.nasa.gov)

Tech Commercial Space Station

EU Mandates Universal Charger, Apple Concedes

2024-12-28

A new EU law came into effect on December 28, 2024, mandating USB-C charging ports for all new smartphones, tablets, and cameras sold within the bloc. The regulation aims to reduce electronic waste and lower costs for consumers. Apple, after initial resistance, has adopted the USB-C standard. The EU estimates the law will save at least €200 million annually and cut over 1000 tons of e-waste.

(www.france24.com)

Tech Universal Charger

Apple Photos' 'Enhanced Visual Search' Raises Privacy Concerns in iOS 18 and macOS 15

2024-12-28

Apple's iOS 18 and macOS 15 updates include a default-enabled 'Enhanced Visual Search' feature in the Photos app. While Apple claims to use homomorphic encryption and differential privacy to protect user data sent to its servers for processing, this has sparked privacy concerns. The author argues that Apple's decision to enable this feature by default without explicit user consent disregards user privacy expectations, especially given the history of security vulnerabilities in Apple software. The author strongly recommends disabling the feature, as the potential risks significantly outweigh any perceived benefits.

(lapcatsoftware.com)

Tech Apple Privacy

Hospital Workers' Dexterity Assessed: Surgeons Show Superior Skill, But Also More Swearing

2024-12-28

A prospective study of 254 hospital staff members found that surgeons significantly outperformed other roles in a manual dexterity test using a 'buzz wire' game, achieving an 84% success rate. However, surgeons also displayed a higher rate of swearing during the task. Nurses and non-clinical staff showed lower success rates but expressed audible frustration more frequently. The findings highlight the diverse skill sets across hospital roles and suggest incorporating similar dexterity games into future training to improve both skill and stress management.

(www.bmj.com)

Tech manual dexterity hospital staff surgeons

Ancient Genomes Solve Indo-European Language Origins Mystery

2024-12-28

A groundbreaking study involving 91 researchers analyzed 314 ancient genomes, finally unraveling the mystery of Indo-European language origins. The research revealed a significant genetic divergence between eastern and western Mediterranean Indo-European populations during the Bronze Age, consistent with Italo-Celtic and Graeco-Armenian linguistic models. Spanish, French, and Italian populations received steppe ancestry from Bell Beaker groups, while Greek and Armenian groups acquired ancestry directly from Yamnaya populations. Strontium isotope analysis further confirmed active mobility patterns during the Bronze Age. This study provides compelling genetic and linguistic evidence for the origins of Indo-European languages and challenges alternative linguistic hypotheses.

(phys.org)

Tech genomics Indo-European languages

Top 10 Tech Joys of 2024: A Tech Writer's Retrospective

2024-12-28

In a year-end reflection, a tech writer shares his ten biggest tech-related joys of 2024. These include the fun of learning Python, inspiration from online creatives, the thrill of modernizing retrocomputers, the enduring usefulness of XML, the positive experience of Mastodon, the simplicity of NetBSD and Alpine Linux, the resurgence of boutique hosting, the satisfaction of hardware repair, and the clean elegance of plain HTML. The post concludes with heartfelt gratitude for reader feedback.

(rubenerd.com)

Tech Programming Online Community

Category: Tech