Mircosoft recently gave a cognitively impaired AI dubbed "Tay" access to a Twitter account (archived). Within 24 hours Tay began engaging in sexually explicit conversations with older men and became enamoured with the politics espoused by the character Donald Trump-Clinton plays on television. It is unknown whether Tay was cognitively impaired through artificial organic defect or through artificial intoxication. Either way, leaving a cognitively impaired intelligence or simulacrum thereof defenseless and exposed directly to the wild public is poor form.
Category Archives: Software
Microsoft Bundles Adware With Security Update
Microsoft has by its own admission bundled adware with a security update for Windows. The update to the Internet Explorer component of Microsoft Windows pulls in another update containing the adware. The adware creates a banner in Internet Explorer badgering users to upgrade their version of Windows to Windows 10. In order to avoid angering their institutional customers who actually pay for software licenses, this new Microsoft adware checks to see if the machine it is installed on is part of a Microsoft domain before badgering the end user. This move suggests that Microsoft itself is surrendering its own overt actions in the Windows ecosystem to match the the rest of the spammers that dominate the space.
Elon Musk Venture Remotely Diddles Attentive Owner's Vehicle
Elon Musk's Tesla Motors remotely downgraded the firmware on a vehicle owned by attentive owner Jason Hughes. As an attentive vehicle owner Hughes had earlier investigated a firmware update and found information suggesting a new Tesla Model S variant with a larger battery and shared the results of his investigation with the world. In what appears to be a retaliatory move Musk's firm downgraded his vehicle firmware remotely, a move that was subsequently noticed by the attentive Hughes.
Software Company Shuttered By Trade Dispute
Antiguan software firm Slysoft announced its closure today due to "regulatory requirements" requiring the firm cease operations. This comes several days after a loud lobbying campaign pushing the United States Trade Representative to place Antigua on a watch list came to light. Their former website slysoft.com has been reduced to:
closed :-(
Due to recent regulatory requirements we have had to cease all activities relating to SlySoft Inc.
We wish to thank our loyal customers/clients for their patronage over the years.
This is yet another case of the Unite States Government's pretense of universal jurisdiction materially interfering with productive business activity.
Numerous Sites Explicitly Open To Cross Site Scripting
A survey of top websites has revealed many including unnamed Bitcoin holding websites have a header set which explicitly allows third party javascript to be run on their pages without any checks on the code's origin (archived). Web stack security is exactly as bad as you thought it was. Unless you didn't think it was this bad, in which case it is far worse than you think. Of course, Coinbase would never be the same if they removed their Gravatar integration.
Tor And HTTP Gzip Leak Local Time Zone
Softpedia reports that an interaction between Tor and HTTP Gzip compression can narrow down the location of a server hosting Tor hidden services by leaking the local time zone (archived). This allows investigators to substantially narrow down the geographic location of a Tor hidden service server.
Linux Mint Server Compromised, Spread Malware
As reported by The Linux Mint Blog (archived), their own webserver has been compromised. An admin named Clem alleges that on February 20th, Bulgarian attackers changed a URL pointing to an ISO file for "Linux Mint 17.3 Cinnamon edition." Unsuspecting users were instead sent to "5.104.175.212" (archived) which hosted a modified file containing "Tsunami" (archived) malware. WordPress is blamed in the same blog post for having given unauthorized access to a www-data shell. Of course these kinds of tricks are easily defeated by the use of strong cryptography such as GPG, but that kind of hygiene is beyond the patience the typical Linux user can be expected to muster. The blog post also mentions various md5sum signatures of the supposedly correct files, but these unreliable checksums are not themselves contained within a signed statement.
Growing Bitcoin Game Hits High for Single Day Play-Seconds
Eulora, the flagship game produced by The Ministry of Games, clocked a single-day play-seconds record of 510`537 earlier this week. Continue reading
UClibc Fixed getaddrinfo() Flaw Six Years Ago
This week brought news of a severe vulnerability in the Gnu C library's DNS handling functions. The UClibc maintainers received a ticket for this problem and corrected it in their C library six years ago (archived).
Auschwitz Releases Political Language Software
The Stack reports that Auschwitz, the death camp turned memorial and museum, has released a software application for politically reshaping the use of language (archived). The purported aim of the software is to remove associations between the Polish people and the genocide committed by German National Socialists in death camps erected on Polish lands. It supposedly works to this end by substituting politically approved terms for otherwise descriptive labels like "Polish extermination camp" in documents on machines running the software.