Connor Jones reports via The Register: DLang is among the newer breed of memory-safe languages being endorsed by Western security agencies over the past few years, the same type of language that cyber criminals are switching to. At least three new DLang-based malware strains have been used in attacks on worldwide organizations spanning the manufacturing, agriculture, and physical security industries, Cisco Talos revealed today. The attacks form part of what's being called "Operation Blacksmith" and are attributed to a group tracked as Andariel, believed to be a sub-division of the Lazarus Group -- North Korea's state-sponsored offensive cyber unit. [...]

The researchers noted that DLang is an uncommon choice for writing malware, but a shift towards newer languages and frameworks is one that's been accelerating over the last few years -- in malware coding as in the larger programming world. Rust, however, has often shown itself to be the preferred choice out of what is a fairly broad selection of languages deemed to be memory-safe. AlphV/BlackCat was the first ransomware group to make such a shift last year, re-writing its payload in Rust to offer its affiliates a more reliable tool. A month later, the now-shuttered Hive group did the same thing, and many others followed after that. Other groups to snub Rust include China-based Sandman which was recently observed using Lua-based malware, believed to be part of a wider shift toward Lua development from Chinese attackers.

An anonymous reader quotes a report from TechCrunch: Kentucky-based nonprofit healthcare system Norton Healthcare has confirmed that hackers accessed the personal data of millions of patients and employees during an earlier ransomware attack. Norton operates more than 40 clinics and hospitals in and around Louisville, Kentucky, and is the city's third-largest private employer. The organization has more than 20,000 employees, and more than 3,000 total providers on its medical staff, according to its website. In a filing with Maine's attorney general on Friday, Norton said that the sensitive data of approximately 2.5 million patients, as well as employees and their dependents, was accessed during its May ransomware attack.

In a letter sent to those affected, the nonprofit said that hackers had access to "certain network storage devices between May 7 and May 9," but did not access Norton Healthcare's medical record system or Norton MyChart, its electronic medical record system. But Norton admitted that following a "time-consuming" internal investigation, which the organization completed in November, Norton found that hackers accessed a "wide range of sensitive information," including names, dates of birth, Social Security numbers, health and insurance information and medical identification numbers. Norton Healthcare says that, for some individuals, the exposed data may have also included financial account numbers, driver licenses or other government ID numbers, as well as digital signatures. It's not known if any of the accessed data was encrypted.

Norton says it notified law enforcement about the attack and confirmed it did not pay any ransom payment. The organization did not name the hackers responsible for the cyberattack, but the incident was claimed by the notorious ALPHV/BlackCat ransomware gang in May, according to data breach news site DataBreaches.net, which reported that the group claimed it exfiltrated almost five terabytes of data. TechCrunch could not confirm this, as the ALPHV website was inaccessible at the time of writing.

Human trafficking to staff cyber scam call centers, once isolated to Southeast Asia, has expanded beyond the region, according to an Interpol investigation revealing new evidence of abuse in South America and the Middle East. Previous hotspots since 2021 were Cambodia, Laos and Myanmar. From a report: The latest five-month operation discovered that victims from Malaysia were being trafficked to work in Peruvian call centers and Ugandan victims were being trafficked to Dubai for the same reason, only to be diverted to Thailand and then Myanmar. Police in Telangana, India, recently registered their first case of human trafficking for the purposes of cyber fraud. An accountant was lured to southeast Asia to work for a cyber fraud operation before eventually being returned in exchange for a ransom payment.

Interpol said that in Myanmar alone, it identified trafficking victims originating from at least 22 different countries, although most come from the country's Kayin and Shan states. Operation Storm Makers II has led to hundreds of arrests and the rescue of more than 140 individuals, although the scale of the threat is much larger; many of the 360 investigations remain open and ongoing. Fake job ads luring victims with promises of high pay for light work in IT, marketing, modeling, and other roles now utilize AI translation tools to target non-Chinese speakers, expanding the victim pool, according to the report.

The New York Times reports: Office landlords, hit hard by the work-from-home revolution, are resorting to a desperate measure in the real estate world: "handing back the keys." When this happens, the landlord stops paying the mortgage on the office building or declines to refinance it. The bank or investors who made the loan then repossess the building...

Since the pandemic began, office employees showed they could get their jobs done from home, and many have been reluctant to come back. And companies realized they could save a lot of money by renting less office space, making many office towers unprofitable for their owners and turning many business districts into ghost towns. About 23% of office space in the United States was vacant or available for sublet at the end of November, according to Avison Young, a real estate services firm, compared with 16% before the pandemic.
Defaulters include "some of the biggest names in commercial real estate, like Brookfield and Blackstone," according to the article, which argues that the phenomenon "reveals both the depth of the problems in the office market and the ability of big property companies to push much of the financial pain onto others — in this case, banks and other lenders."

By defaulting on their loans, the landlords avoid making any more payments (or incurring any more interest) — while saddling the banks with their depreciating building. "Big property companies can keep doing business after they default and are even considered savvy for jettisoning distressed buildings."

"Over the years, Austin has seen a huge migration of tech companies moving to the city, from billionaire owners of Twitter (X) to the largest search engine in the world," according to a local news site in Texas.

"But many startups are now choosing to leave the capital city they once flocked to because of the rising cost of living, low funding, and lack of diversity, according to TechCrunch. " On Thursday, December 7, the cloud computing company VMWare announced it was laying off 577 employees in Austin as part of a nationwide job reduction to cut costs, according to the Austin American-Statesman. TechCrunch is reporting that startup founders, like Techstars Managing Director Amos Schwartzfarb, are announcing their decisions to leave Austin's "lackluster" startup scene... In 2022, Meta abandoned plans to move into the biggest skyscraper in Austin, and Google froze plans to move into 35 floors of a different downtown building, despite paying rent to the developer, according to the Washington Post...

In January, CEO Don Ward of Laundris, a B2B enterprise industrial software platform, announced he would be relocating his company to Tulsa because it reminded him "of where Austin was 10 years ago in terms of the tech ecosystem being built," according to Tulsa World. Last month, startup unicorn Cart, an e-commerce business, announced it was moving its headquarters back to Houston after relocating to Austin in late 2021, according to TechCrunch.

A 16-year-old high school student reverse engineered Apple's messaging protocol, leading to the launch of an interoperable Android app called "Beeper Mini".

But on Friday the Verge reported that "less than a week after its launch, the app started experiencing technical issues when users were suddenly unable to send and receive blue bubble messages." Reached for comment, Beeper CEO Eric Migicovsky did not deny that Apple has successfully blocked Beeper Mini. "If it's Apple, then I think the biggest question is... if Apple truly cares about the privacy and security of their own iPhone users, why would they stop a service that enables their own users to now send encrypted messages to Android users, rather than using unsecure SMS...? Beeper Mini is here today and works great. Why force iPhone users back to sending unencrypted SMS when they chat with friends on Android?"
Apple says they're unable to verify that end-to-end encryption is maintained when messages are sent through unauthorized channels, according to a statement quoted by TechCrunch: "At Apple, we build our products and services with industry-leading privacy and security technologies designed to give users control of their data and keep personal information safe. We took steps to protect our users by blocking techniques that exploit fake credentials in order to gain access to iMessage. These techniques posed significant risks to user security and privacy, including the potential for metadata exposure and enabling unwanted messages, spam, and phishing attacks. We will continue to make updates in the future to protect our users."
Beeper responded on X: We stand behind what we've built. Beeper Mini is keeps your messages private, and boosts security compared to unencrypted SMS. For anyone who claims otherwise, we'd be happy to give our entire source code to mutually agreed upon third party to evaluate the security of our app.
Ars Technica adds: On Saturday, Migicovsky notified Beeper Cloud (desktop) users that iMessage was working again for them, after a long night of fixes. "Work continues on Beeper Mini," Migicovsky wrote shortly after noon Eastern time.
Engadget notes: The Beeper Mini team has apparently been working around the clock to resolve the outage affecting the new "iMessage on Android" app, and says a fix is "very close." And once the fix rolls out, users' seven-day free trials will be reset so they can start over fresh.
Meanwhile, at around 9 p.m. EST, Beeper CEO Eric Migicovsky posted on X that "For 3 blissful days this week, iPhone and Android users enjoyed high quality encrypted chats. We're working hard to return to that state."

Long-time Slashdot reader jd writes: The Register is reporting that Akamai security researchers have found a way to hack Active Directory and obtain the information stored within it. The researchers go on to say that Microsoft is NOT planning to fix the vulnerability.
From the article: While the current report doesn't provide technical details or proof-of-concept exploits, Akamai has promised, in the near future, to publish code that implements these attacks called DDSpoof — short for DHCP DNS Spoof.

'We will show how unauthenticated attackers can collect necessary data from DHCP servers, identify vulnerable DNS records, overwrite them, and use that ability to compromise AD domains,' Akamai security researcher Ori David said.

The DHCP attack research builds on earlier work by NETSPI's Kevin Roberton, who detailed ways to exploit flaws in DNS zones.

Following a hack that potentially ensnared 6.9 million of its users, 23andMe has updated its terms of service to make it more difficult for you to take the DNA testing kit company to court, and you only have 30 days to opt out. From a report: In a filing with the US Securities and Exchange Commission last week, 23andMe said hackers accessed around 14,000 customer accounts earlier this year by trying login-password combinations exposed in unrelated breaches. It later said hackers had access to 6.9 million accounts due to the interconnected nature of its DNA Relatives feature.

23andMe has since updated its terms of service in a way that changes how the company resolves disputes with users. Customers were informed via email that "important updates were made to the Dispute Resolution and Arbitration section" on Nov. 30 "to include procedures that will encourage a prompt resolution of any disputes and to streamline arbitration proceedings where multiple similar claims are filed." Customers have 30 days to let the site know if they disagree with the terms. If they don't reach out via email to opt out, the company will consider their silence an agreement to the new terms.

Data breaches and ransomware attacks are getting worse. Some 2.6 billion personal records have been exposed in data breaches over the past two years and that number continues to grow, according to a new report commissioned by Apple. From a report: Apple says the escalating intrusions, combined with increases in ransomware means the tech industry needs to move toward greater use of encryption. According to the report, prepared by MIT professor emeritus Stuart E. Madnick:

1. Data breaches in the US through the first nine months of the year are already 20% higher than for all of 2022.
2. Nearly 70 percent more ransomware attacks were reported through September 2023, than in the first three quarters of 2022.
3. Americans and those in the UK topped the list of those most targeted in ransomware attacks in 2023, followed by Canada and Australia. Those four countries accounted for nearly 70% of reported ransomware attacks.
4. One in four people in the US had their health data exposed in a data breach during the first nine months of 2023.

An anonymous reader quotes a report from Ars Technica: Meta has started enabling end-to-end encryption (E2EE) by default for chats and calls on Messenger and Facebook despite protests from the FBI and other law enforcement agencies that oppose the widespread use of encryption technology. "Today I'm delighted to announce that we are rolling out default end-to-end encryption for personal messages and calls on Messenger and Facebook," Meta VP of Messenger Loredana Crisan wrote yesterday. In April, a consortium of 15 law enforcement agencies from around the world, including the FBI and ICE Homeland Security Investigations, urged Meta to cancel its plan to expand the use of end-to-end encryption. The consortium complained that terrorists, sex traffickers, child abusers, and other criminals will use encrypted messages to evade law enforcement.

Meta held firm, telling Ars in April that "we don't think people want us reading their private messages" and that the plan to make end-to-end encryption the default in Facebook Messenger would be completed before the end of 2023. Meta also plans default end-to-end encryption for Instagram messages but has previously said that may not happen this year. Meta said it is using "the Signal Protocol, and our own novel Labyrinth Protocol," and the company published two technical papers that describe its implementation (PDF). "Since 2016, Messenger has had the option for people to turn on end-to-end encryption, but we're now changing personal chats and calls across Messenger to be end-to-end encrypted by default. This has taken years to deliver because we've taken our time to get this right," Crisan wrote yesterday. Meta said it will take months to implement across its entire user base. A post written by two Meta software engineers said the company "designed a server-based solution where encrypted messages can be stored on Meta's servers while only being readable using encryption keys under the user's control."

"Product features in an E2EE setting typically need to be designed to function in a device-to-device manner, without ever relying on a third party having access to message content," they wrote. "This was a significant effort for Messenger, as much of its functionality has historically relied on server-side processing, with certain features difficult or impossible to exactly match with message content being limited to the devices."

The company says it had "to redesign the entire system so that it would work without Meta's servers seeing the message content."

An anonymous reader quotes a report from TechCrunch: A number of popular mobile password managers are inadvertently spilling user credentials due to a vulnerability in the autofill functionality of Android apps. The vulnerability, dubbed "AutoSpill," can expose users' saved credentials from mobile password managers by circumventing Android's secure autofill mechanism, according to university researchers at the IIIT Hyderabad, who discovered the vulnerability and presented their research at Black Hat Europe this week. The researchers, Ankit Gangwal, Shubham Singh and Abhijeet Srivastava, found that when an Android app loads a login page in WebView, password managers can get "disoriented" about where they should target the user's login information and instead expose their credentials to the underlying app's native fields, they said. This is because WebView, the preinstalled engine from Google, lets developers display web content in-app without launching a web browser, and an autofill request is generated.

"Let's say you are trying to log into your favorite music app on your mobile device, and you use the option of 'login via Google or Facebook.' The music app will open a Google or Facebook login page inside itself via the WebView," Gangwal explained to TechCrunch prior to their Black Hat presentation on Wednesday. "When the password manager is invoked to autofill the credentials, ideally, it should autofill only into the Google or Facebook page that has been loaded. But we found that the autofill operation could accidentally expose the credentials to the base app." Gangwal notes that the ramifications of this vulnerability, particularly in a scenario where the base app is malicious, are significant. He added: "Even without phishing, any malicious app that asks you to log in via another site, like Google or Facebook, can automatically access sensitive information."

The researchers tested the AutoSpill vulnerability using some of the most popular password managers, including 1Password, LastPass, Keeper and Enpass, on new and up-to-date Android devices. They found that most apps were vulnerable to credential leakage, even with JavaScript injection disabled. When JavaScript injection was enabled, all the password managers were susceptible to their AutoSpill vulnerability. Gangwal says he alerted Google and the affected password managers to the flaw. Gangwal tells TechCrunch that the researchers are now exploring the possibility of an attacker potentially extracting credentials from the app to WebView. The team is also investigating whether the vulnerability can be replicated on iOS.

"Researchers have identified a large number of bugs to do with the processing of images at boot time," writes longtime Slashdot reader jd. "This allows malicious code to be installed undetectably (since the image doesn't have to pass any validation checks) by appending it to the image. None of the current secure boot mechanisms are capable of blocking the attack." Ars Technica reports: LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Linux. The vulnerabilities are the product of almost a year's worth of work by Binarly, a firm that helps customers identify and secure vulnerable firmware. The vulnerabilities are the subject of a coordinated mass disclosure released Wednesday. The participating companies comprise nearly the entirety of the x64 and ARM CPU ecosystem, starting with UEFI suppliers AMI, Insyde, and Phoenix (sometimes still called IBVs or independent BIOS vendors); device manufacturers such as Lenovo, Dell, and HP; and the makers of the CPUs that go inside the devices, usually Intel, AMD or designers of ARM CPUs. The researchers unveiled the attack on Wednesday at the Black Hat Security Conference in London.

As its name suggests, LogoFAIL involves logos, specifically those of the hardware seller that are displayed on the device screen early in the boot process, while the UEFI is still running. Image parsers in UEFIs from all three major IBVs are riddled with roughly a dozen critical vulnerabilities that have gone unnoticed until now. By replacing the legitimate logo images with identical-looking ones that have been specially crafted to exploit these bugs, LogoFAIL makes it possible to execute malicious code at the most sensitive stage of the boot process, which is known as DXE, short for Driver Execution Environment. "Once arbitrary code execution is achieved during the DXE phase, it's game over for platform security," researchers from Binarly, the security firm that discovered the vulnerabilities, wrote in a whitepaper. "From this stage, we have full control over the memory and the disk of the target device, thus including the operating system that will be started." From there, LogoFAIL can deliver a second-stage payload that drops an executable onto the hard drive before the main OS has even started. The following video demonstrates a proof-of-concept exploit created by the researchers. The infected device -- a Gen 2 Lenovo ThinkCentre M70s running an 11th-Gen Intel Core with a UEFI released in June -- runs standard firmware defenses, including Secure Boot and Intel Boot Guard. LogoFAIL vulnerabilities are tracked under the following designations: CVE-2023-5058, CVE-2023-39538, CVE-2023-39539, and CVE-2023-40238. However, this list is currently incomplete.

"A non-exhaustive list of companies releasing advisories includes AMI (PDF), Insyde, Phoenix, and Lenovo," reports Ars. "People who want to know if a specific device is vulnerable should check with the manufacturer."

"The best way to prevent LogoFAIL attacks is to install the UEFI security updates that are being released as part of Wednesday's coordinated disclosure process. Those patches will be distributed by the manufacturer of the device or the motherboard running inside the device. It's also a good idea, when possible, to configure UEFIs to use multiple layers of defenses. Besides Secure Boot, this includes both Intel Boot Guard and, when available, Intel BIOS Guard. There are similar additional defenses available for devices running AMD or ARM CPUs."

A user of a legal manga app operated by one of Japan's largest publishers claims they were locked out of the service after being accused of fraudulent activity. TorrentFreak: While using Shueisha's YanJan! app, the user's smartphone began vibrating before displaying a message that their account had been suspended. It was later confirmed that taking screenshots, even inadvertently, can lead to being banned.

An anonymous reader quotes a report from Ars Technica: In an editorial for Slate published Monday, renowned security researcher Bruce Schneier warned that AI models may enable a new era of mass spying, allowing companies and governments to automate the process of analyzing and summarizing large volumes of conversation data, fundamentally lowering barriers to spying activities that currently require human labor. In the piece, Schneier notes that the existing landscape of electronic surveillance has already transformed the modern era, becoming the business model of the Internet, where our digital footprints are constantly tracked and analyzed for commercial reasons.

Spying, by contrast, can take that kind of economically inspired monitoring to a completely new level: "Spying and surveillance are different but related things," Schneier writes. "If I hired a private detective to spy on you, that detective could hide a bug in your home or car, tap your phone, and listen to what you said. At the end, I would get a report of all the conversations you had and the contents of those conversations. If I hired that same private detective to put you under surveillance, I would get a different report: where you went, whom you talked to, what you purchased, what you did." Schneier says that current spying methods, like phone tapping or physical surveillance, are labor-intensive, but the advent of AI significantly reduces this constraint. Generative AI systems are increasingly adept at summarizing lengthy conversations and sifting through massive datasets to organize and extract relevant information. This capability, he argues, will not only make spying more accessible but also more comprehensive. "This spying is not limited to conversations on our phones or computers," Schneier writes. "Just as cameras everywhere fueled mass surveillance, microphones everywhere will fuel mass spying. Siri and Alexa and 'Hey, Google' are already always listening; the conversations just aren't being saved yet." [...]

In his editorial, Schneier raises concerns about the chilling effect that mass spying could have on society, cautioning that the knowledge of being under constant surveillance may lead individuals to alter their behavior, engage in self-censorship, and conform to perceived norms, ultimately stifling free expression and personal privacy. So what can people do about it? Anyone seeking protection from this type of mass spying will likely need to look toward government regulation to keep it in check since commercial pressures often trump technological safety and ethics. [...] Schneier isn't optimistic on that front, however, closing with the line, "We could prohibit mass spying. We could pass strong data-privacy rules. But we haven't done anything to limit mass surveillance. Why would spying be any different?" It's a thought-provoking piece, and you can read the entire thing on Slate.

An anonymous reader quotes a report from Ars Technica: Windows 10's end-of-support date is October 14, 2025. That's the day that most Windows 10 PCs will receive their last security update and the date when most people should find a way to move to Windows 11 to ensure that they stay secure. As it has done for other stubbornly popular versions of Windows, though, Microsoft is offering a reprieve for those who want or need to stay on Windows 10: three additional years of security updates, provided to those who can pay for the Extended Security Updates (ESU) program.

The initial announcement, written by Windows Servicing and Delivery Principal Product Manager Jason Leznek, spends most of its time encouraging users and businesses to upgrade to Windows 11 rather than staying on 10, either by updating their current computers, upgrading to new PCs or transitioning to a Windows 365 cloud-based PC instead. But when Leznek does get to the announcement of the ESU program, the details are broadly similar to the program Microsoft offered for Windows 7 a few years ago: three additional years of monthly security updates and technical support, paid for one year at a time. The company told us that "pricing will be provided at a later date," but for the Windows 7 version of the ESU program, Microsoft upped the cost of the program each year to encourage people to upgrade to a newer Windows version before they absolutely had to; the cost was also per-seat, so what you paid was proportional to the number of PCs you needed updates for.

One difference this time is that Microsoft told us it would be offering Windows 10 ESU updates to individuals, though the company didn't offer particulars. More details should be available on Windows 10's lifecycle support page soon. Leznek reiterated that Windows 10 22H2 would be the final version of Windows 10 and that the operating system would not receive any additional features during the ESU period.

An anonymous reader quotes a report from TechCrunch: In 2015, as part of the wave of encrypting all the things on the internet, encouraged by the Edward Snowden revelations, Facebook announced that it would allow users to receive encrypted emails from the company. Even at the time, this was a feature for the paranoid users. By turning on the feature, all emails sent from Facebook -- mostly notifications of "likes" and private messages -- to the users who opted-in would be encrypted with the decades-old technology called Pretty Good Privacy, or PGP. Eight years later, Facebook is killing the feature due to low usage, according to the company. The feature was deprecated Tuesday. Facebook declined to specify exactly how many users were still using the encrypted email feature.

An anonymous reader shares a report: Beeper has been offering a unified messaging platform for a few years, allowing users to open a single app to communicate with contacts via SMS, Google Chat, Facebook Messenger, Slack, Discord, WhatsApp, and perhaps most significantly, iMessage. Up until this week though, Android users that wanted to use Beeper to send "blue bubble" messages to iMessage users had their messages routed through a Mac or iOS device. Now Beeper has launched a new app called Beeper Mini that handles everything on-device, no iPhone or Mac bridge required.

Beeper Mini is available now from the Google Play Store, and offers a 7-day free trial. After that, it costs $2 per month to keep using. [...] previously the company had to rely on a Mac-in-the-cloud? The company explains the method it's using in a blog post, but in a nutshell, Beeper says a security researcher has reverse engineered "the iMessage protocol and encryption," so that "all messages are sent and received by Beeper Mini Android app directly to Apple's servers" and "the encryption keys needed to encrypt these messages never leave your phone." That security researcher, by the way, is a high school student that goes by jjtech, who was hired by Beeper after showing the company his code. A proof-of-concept Python script is also available on Github if you'd like to run it to send messages to iMessage from a PC.

Many PlayStation Network users reported Monday that their accounts were unexpectedly permanently suspended. As of Tuesday morning, many of the people who had received the messages now say their accounts have been restored. From a report: Some of them contacted customer service while others did not, but nearly a day after the issues began, Sony hasn't commented publicly or responded to us about the wave of bans or the restorations that followed. A message to one user read: "This account is permanently suspended from PlayStation Network due to violations of the PlayStation Network Terms of Service and User Agreement."

An anonymous reader quotes a report from Wired: One of the world's most peculiar test beds stretches above Princeton, New Jersey. It's a fiber optic cable strung between three utility poles that then runs underground before feeding into an "interrogator." This device fires a laser through the cable and analyzes the light that bounces back. It can pick up tiny perturbations in that light caused by seismic activity or even loud sounds, like from a passing ambulance. It's a newfangled technique known as distributed acoustic sensing, or DAS. Because DAS can track seismicity, other scientists are increasingly using it to monitor earthquakes and volcanic activity. (A buried system is so sensitive, in fact, that it can detect people walking and driving above.) But the scientists in Princeton just stumbled upon a rather noisier use of the technology.

In the spring of 2021, Sarper Ozharar -- a physicist at NEC Laboratories, which operates the Princeton test bed -- noticed a strange signal in the DAS data. "We realized there were some weird things happening," says Ozharar. "Something that shouldn't be there. There was a distinct frequency buzzing everywhere." The team suspected the "something" wasn't a rumbling volcano -- not inNew Jersey -- but the cacophony of the giant swarm of cicadas that had just emerged from underground, a population known as Brood X. A colleague suggested reaching out to Jessica Ware, an entomologist and cicada expert at the American Museum of Natural History, to confirm it. "I had been observing the cicadas and had gone around Princeton because we were collecting them for biological samples," says Ware. "So when Sarper and the team showed that you could actually hear the volume of the cicadas, and it kind of matched their patterns, I was really excited."

Add insects to the quickly growing list of things DAS can spy on. Thanks to some specialized anatomy, cicadas are the loudest insects on the planet, but all sorts of other six-legged species make a lot of noise, like crickets and grasshoppers. With fiber optic cables, entomologists might have stumbled upon a powerful new way to cheaply and constantly listen in on species -- from afar. "Part of the challenge that we face in a time when there's insect decline is that we still need to collect data about what population sizes are, and what insects are where," says Ware. "Once we are able to familiarize ourselves with what's possible with this type of remote sensing, I think we can be really creative."

An anonymous reader quotes a report from XDA Developers: A few days ago, we spotted that the HP Smart App was being installed on people's PCs without their consent. Even worse, the app would reappear if users tried to uninstall it or clean-installed Windows. Now, the cause has finally been identified: a recent Windows 10 and 11 update is renaming everyone's printers to "HP LaserJet M101-M106" regardless of what model it actually is. As reported on Windows Latest, the latest update for Windows 10 and 11 seems to think that people's printers are an HP LaserJet model, regardless of their actual brand. It's believed that the bug appeared after HP pushed its latest metadata to Windows Update, but something went awry in the code and caused other printers to be labeled as HP LaserJet printers.

This explains why the HP Smart App has been sneaking onto people's computers without their consent. A key part of Windows Update is keeping third-party drivers and devices updated, including downloading any apps that the devices depend on. After the printer metadata incorrectly identified everyone's printers as HP LaserJet printers, Windows installed all the software needed for an HP printer to work smoothly, including the HP Smart App. Fortunately, the bug only affects the metadata for the printer. While the printer may show up with a different name on your system, you should still be able to send print jobs to it. Microsoft has since removed the fault metadata from Windows Update, so anyone performing a clean install from now on should get their original printer's name back and stop the HP Smart App from re-downloading. Further reading: HP Exec Says Quiet Part Out Loud When It Comes To Locking in Print Customers