United Kingdom

UK Battles Hacking Wave as Ransomware Gang Claims 'Biggest Ever' NHS Breach (techcrunch.com) 26

The U.K.'s largest NHS trust has confirmed it's investigating a ransomware incident as the country's public sector continues to battle a rising wave of cyberattacks. From a report: Barts Health NHS Trust, which runs five London-based hospitals and serves more than 2.5 million patients, was recently added to the dark web leak site of the ALPHV ransomware gang. The gang, also known as BlackCat, says it has stolen 70 terabytes of sensitive data in what it claims is the biggest breach of healthcare data in the United Kingdom. Samples of the allegedly stolen data, seen by TechCrunch, include employee identification documents, including passports and driver licenses, and internal emails labeled "confidential."

When asked by TechCrunch, a Barts Health spokesperson did not dispute that it was affected by a security incident that involved the exfiltration of data, nor did they dispute the legitimacy of the stolen data samples shared by ALPHV. "We are aware of claims of a ransomware attack and are urgently investigating," the spokesperson, who did not provide their name, told TechCrunch.

IT

Big-Tech Cities Are Still 'Facing a Reckoning' from Remote Work (seattletimes.com) 170

"According to the federal Bureau of Labor Statistics, nearly 73% of businesses reported that their workers rarely or never engaged in remote work in 2022 — closing in on pre-pandemic levels," writes a Seattle Times business columnist. "But this minority of the civilian workforce working remotely casts a large shadow over our economy, especially central business districts."

The column's headline argues that Seattle "is still facing the reckoning from remote work" — which may also be true in other big tech cities. Kastle Systems, which tracks back-to-the-office moves, estimated 49.8% occupancy as of late June. Kastle uses a 10-city average ranging from New York to Los Angeles but doesn't include Seattle. In the latest report, Houston led at nearly 61% occupancy. San Jose, Calif., in the heart of Silicon Valley, where remote work flourishes, was the lowest at 38%. As of May, 48% of workers in Seattle's central core have returned to the office compared with 2019, according to the Downtown Seattle Association. The most significant boost has come from Amazon, which mandated employees must work in the office at least three days a week.

So, you can be an offices-half-full or an offices-half-empty kind of person.

Still, Capital Economics, an independent research firm, estimated this past month that remote work will shave 35% from the value of the U.S. office sector. In addition, it predicted many office buildings won't return to their previous peak values until 2040 or later... As loans come due for commercial real estate properties, many cities face a reckoning. Refinancing is difficult with high interest rates. In some cases, buildings are worth less than the land they occupy. Foreclosures and defaults are rising. This is already spilling over to hurt sectors that are dependent on offices, such as architects, cleaning services, construction and others. The Wall Street Journal estimates this accounts for a "multibillion-dollar ecosystem."

As a result, many American cities are struggling to convert office buildings unlikely to see workers again into other uses, especially apartments. Rigid zoning and building codes, the footprint of the structures, and resistance from nearby homeowners to increased density all make this difficult. Seattle is facing some of the same challenges. Mayor Bruce Harrell announced a "call for ideas" to alter some of the city's office space to residential or other uses...

Several trend lines are moving in the right direction — return of workers, number of residents, visitors and hotel occupancy are all going up, and crime is going down, with violent crime and property crime down the first five months of the year compared with 2022. Downtown has seen a 13.8% decrease in violent crime and a 35.1% drop in property crime over the same period... To be sure, we're in undiscovered territory. But giving up on downtown Seattle is not an option. It accounts for the majority of the city's business taxes and majority of its workers...

Whether remote or hybrid work remains for much of the local workforce or a gradual return to the office continues, the heart of the city must be healthy.

Social Networks

As BotDefense Leaves 'Antagonistic' Reddit, Mods Fear Spam Overload (arstechnica.com) 68

"The Reddit community is still reckoning with the consequences of the platform's API price hike..." reports Ars Technica.

"The latest group to announce its departure is BotDefense." BotDefense, which helps remove rogue submission and comment bots from Reddit and which is maintained by volunteer moderators, is said to help moderate 3,650 subreddits. BotDefense's creator told Ars Technica that the team is now quitting over Reddit's "antagonistic actions" toward moderators and developers, with concerning implications for spam moderation on some large subreddits like r/space.

BotDefense started in 2019 as a volunteer project and has been run by volunteer mods, known as "dequeued" and "abrownn" on Reddit. Since then, it claims to have populated its ban list with 144,926 accounts, and it helps moderate subreddits with huge followings, like r/gaming (37.4 million members), /r/aww (34.2 million), r/music (32.4 million), r/Jokes (26.2 million), r/space (23.5 million), and /r/LifeProTips (22.2 million). Dequeued told Ars that other large subreddits BotDefense helps moderates include /r/food, /r/EarthPorn, /r/DIY, and /r/mildlyinteresting. On Wednesday, dequeued announced that BotDefense is ceasing operations. BotDefense has already stopped accepting bot account submissions and will disable future action on bots. BotDefense "will continue to review appeals and process unbans for a minimum of 90 days or until Reddit breaks the code running BotDefense," the announcement said...

Dequeued, who said they've been moderating for nearly nine years, said Reddit's "antagonistic actions" toward devs and mods are the only reason BotDefense is closing. The moderator said there were plans for future tools, like a new machine learning system for detecting "many more" bots. Before the API battle turned ugly, dequeued had no plans to stop working on BotDefense...

[S]ubreddits that have relied on BotDefense are uncertain about managing their subreddits without the tool, and the tool's impending departure are new signs of a deteriorating Reddit community.

Ironically, Reddit's largest shareholder — Advance Publications — owns Ars Technica's parent company Conde Naste.

The article notes that Reddit "didn't respond to Ars' request for comment on BotDefense closing, how Reddit fights spam bots and karma farms, or about users quitting Reddit."
Bug

Researchers Discovered a New Linux Kernel 'StackRot' Privilege Escalation Vulnerability (thehackernews.com) 36

Wednesday Greg Kroah-Hartman announced the release of the 6.4.2 kernel. "All users of the 6.4 kernel series must upgrade."

The Hacker News reports: Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target host. Dubbed StackRot (CVE-2023-3269, CVSS score: 7.8), the flaw impacts Linux versions 6.1 through 6.4. There is no evidence that the shortcoming has been exploited in the wild to date.

"As StackRot is a Linux kernel vulnerability found in the memory management subsystem, it affects almost all kernel configurations and requires minimal capabilities to trigger," Peking University security researcher Ruihan Li said. "However, it should be noted that maple nodes are freed using RCU callbacks, delaying the actual memory deallocation until after the RCU grace period. Consequently, exploiting this vulnerability is considered challenging."

Following responsible disclosure on June 15, 2023, it has been addressed in stable versions 6.1.37, 6.3.11, and 6.4.1 as of July 1, 2023, after a two-week effort led by Linus Torvalds. A proof-of-concept (PoC) exploit and additional technical specifics about the bug are expected to be made public by the end of the month.

ZDNet points out that Linux 6.4 "offers improved hardware enablement for ARM boards" and does a better job with the power demands of Steam Deck gaming devices. And "On the software side, the Linux 6.4 release includes more upstreamed Rust code. We're getting ever closer to full in-kernel Rust language support."

The Register also notes that Linux 6.4 also includes "the beginnings of support for Apple's M2 processors," along with support for hibernation of RISC-V CPUs, "a likely presage to such silicon powering laptop computers."
China

China's Workers and the Curse of (Turning) 35 (osu.edu) 61

Long-time Slashdot reader 93 Escort Wagon writes: Age discrimination is something many tech workers think about — especially once they get into their 40s and 50s. But imagine what it would be like if you thought that every job in every field shunned you at an even earlier age. In China, you apparently don't have to imagine, the New York Times reports...

"When Sean Liang turned 30, he started thinking of the Curse of 35 — the widespread belief in China that white-collar workers like him confront unavoidable job insecurity after they hit that age. In the eyes of employers, the Curse goes, they're more expensive than new graduates and not as willing to work overtime.

Liang, now 38, is a technology support professional turned personal trainer. He has been unemployed for much of the past three years, partly because of the pandemic and China's sagging economy. But he believes the main reason is his age. He's too old for many employers, including the Chinese government, which caps the hiring age for most civil servant positions at 35. If the Curse of 35 is a legend, it's one supported by some facts."

"It's not clear how the phenomenon started, and it's hard to know how much truth there is to it," the article points out. But it also notes that age discrimination "is not against the law in China," which with a weak job market forms "a double whammy for workers in their mid-30s who are making big decisions about career, marriage and children...

"In 2022, the number of marriage registrations fell 10.5% from a year earlier, to the lowest number since China began disclosing the data in 1986. The country's birthrate fell to a low point last year, and its population shrank for the first time since 1961, the end of the Great Famine."
Social Networks

Cyberpunk 2077 Players Protest Reddit By Posting Nudes (kotaku.com) 52

Open-world sci-fi RPG Cyberpunk 2077's biggest subreddit recently switched to NSFW (not safe for work,) with the explanation that the game it is focused on is a mature game filled with nudity and gore. However, Reddit allegedly demanded that mods of the subreddit quickly revert the change. From a report: The mods aren't complying and users are now posting nude images of in-game characters as part of a protest to show why the subreddit deserves to be NSFW. Since May, Reddit has been at war with its users and subreddits as the company clamps down on third-party apps and their ability to access the site's backend or API. It's not gone well for Reddit, leading to popular subreddits like r/bestof, r/sports, and r/music going dark. And as part of this ongoing backlash, some subreddits switched to NSFW. This designation is reserved mainly for porn-y subreddits and blocks ads from appearing, but also lets users freely post nudity and more adult content.

Some mods and subreddits have used this designation to punch back at Reddit and its despised CEO. Now the Cyberpunk 2077 subreddit has seemingly wandered into this mess. According to a post from July 5 by moderator Tabnam, the decision to make the Cyberpunk 2077 subreddit NSFW was made because the game is "an 18+ game" and happened now because the mods had "never thought to change it until recently." Tabnam added that this subreddit should have already been NSFW. This decision apparently didn't go over well with Reddit.

Cellphones

France Passes New Bill Allowing Police To Remotely Activate Cameras On Citizens' Phones (gizmodo.com) 132

An anonymous reader quotes a report from Gizmodo: Amidst ongoing protests in France, the country has just passed a new bill that will allow police to remotely access suspects' cameras, microphones, and GPS on cell phones and other devices. As reported by Le Monde, the bill has been criticized by the French people as a "snoopers" charter that allows police unfettered access to the location of its citizens. Moreover, police can activate cameras and microphones to take video and audio recordings of suspects. The bill will reportedly only apply to suspects in crimes that are punishable by a minimum of five years in jail and Justice Minister Eric Dupond-Moretti claimed that the new provision would only affect a few dozen cases per year. During a debate over the bill yesterday, French politicians added an amendment that orders judge approval for any surveillance conducted under the scope of the bill and limits the duration of surveillance to six months, according to Le Monde.

"For organized crime, the police can have access to the sound and image of a device. This concerns any connected device: telephone, speaker microphone, computer camera, computer system of a car... all without the knowledge of the persons concerned," French advocacy group La Quadrature du Net said in a statement on Twitter last month, machine translated by Gizmodo. "In view of the growing place of digital tools in our lives, accepting the very principle that they are transformed into police auxiliaries without our being aware of it poses a serious problem in our societies."
In 2021, France passed a bill that would expand the French police force's ability to monitor civilians using drones -- all in an effort to protect officers from increasingly violent protestors, according to French President Emmanuel Macron.
Security

Actively Exploited Vulnerability Threatens Hundreds of Solar Power Stations (arstechnica.com) 23

An anonymous reader quotes a report from Ars Technica: Hundreds of Internet-exposed devices inside solar farms remain unpatched against a critical and actively exploited vulnerability that makes it easy for remote attackers to disrupt operations or gain a foothold inside the facilities. The devices, sold by Osaka, Japan-based Contec under the brand name SolarView, help people inside solar facilities monitor the amount of power they generate, store, and distribute. Contec says that roughly 30,000 power stations have introduced the devices, which come in various packages based on the size of the operation and the type of equipment it uses.

Searches on Shodan indicate that more than 600 of them are reachable on the open Internet. As problematic as that configuration is, researchers from security firm VulnCheck said Wednesday, more than two-thirds of them have yet to install an update that patches CVE-2022-29303, the tracking designation for a vulnerability with a severity rating of 9.8 out of 10. The flaw stems from the failure to neutralize potentially malicious elements included in user-supplied input, leading to remote attacks that execute malicious commands. Security firm Palo Alto Networks said last month the flaw was under active exploit by an operator of Mirai, an open source botnet consisting of routers and other so-called Internet of Things devices. The compromise of these devices could cause facilities that use them to lose visibility into their operations, which could result in serious consequences depending on where the vulnerable devices are used.

"The fact that a number of these systems are Internet facing and that the public exploits have been available long enough to get rolled into a Mirai-variant is not a good situation," VulnCheck researcher Jacob Baines wrote. "As always, organizations should be mindful of which systems appear in their public IP space and track public exploits for systems that they rely on." Baines said that the same devices vulnerable to CVE-2022-29303 were also vulnerable to CVE-2023-23333, a newer command-injection vulnerability that also has a severity rating of 9.8. Although there are no known reports of it being actively exploited, exploit code has been publicly available since February. Incorrect descriptions for both vulnerabilities are one factor involved in the patch failures, Baines said. Both vulnerabilities indicate that SolarView versions 8.00 and 8.10 are patched against CVE-2022-29303 and CVE-2023-293333. In fact, the researcher said, only 8.10 is patched against the threats.

Encryption

Security Researchers Latest To Blast UK's Online Safety Bill As Encryption Risk (techcrunch.com) 5

An anonymous reader quotes a report from TechCrunch: Nearly 70 IT security and privacy academics have added to the clamor of alarm over the damage the U.K.'s Online Safety Bill could wreak to, er, online safety unless it's amended to ensure it does not undermine strong encryption. Writing in an open letter (PDF), 68 U.K.-affiliated security and privacy researchers have warned the draft legislation poses a stark risk to essential security technologies that are routinely used to keep digital communications safe.

"As independent information security and cryptography researchers, we build technologies that keep people safe online. It is in this capacity that we see the need to stress that the safety provided by these essential technologies is now under threat in the Online Safety Bill," the academics warn, echoing concerns already expressed by end-to-end encrypted comms services such as WhatsApp, Signal and Element -- which have said they would opt to withdraw services from the market or be blocked by U.K. authorities rather than compromise the level of security provided to their users. [...] "We understand that this is a critical time for the Online Safety Bill, as it is being discussed in the House of Lords before being returned to the Commons this summer," they write. "In brief, our concern is that surveillance technologies are deployed in the spirit of providing online safety. This act undermines privacy guarantees and, indeed, safety online."

The academics, who hold professorships and other positions at universities around the country -- including a number of Russell Group research-intensive institutions such as King's College and Imperial College in London, Oxford and Cambridge, Edinburgh, Sheffield and Manchester to name a few -- say their aim with the letter is to highlight "alarming misunderstandings and misconceptions around the Online Safety Bill and its interaction with the privacy and security technologies that our daily online interactions and communication rely on."
"There is no technological solution to the contradiction inherent in both keeping information confidential from third parties and sharing that same information with third parties," the experts warn, adding: "The history of 'no one but us' cryptographic backdoors is a history of failures, from the Clipper chip to DualEC. All technological solutions being put forward share that they give a third party access to private speech, messages and images under some criteria defined by that third party."

Last week, Apple publicly voiced its opposition to the bill. The company said in a statement: "End-to-end encryption is a critical capability that protects the privacy of journalists, human rights activists, and diplomats. It also helps everyday citizens defend themselves from surveillance, identity theft, fraud, and data breaches. The Online Safety Bill poses a serious threat to this protection, and could put UK citizens at greater risk. Apple urges the government to amend the bill to protect strong end-to-end encryption for the benefit of all."
Firefox

Firefox 115 Released (mozilla.org) 61

williamyf writes: Today, Mozilla released Firefox 115. Changes most visible to users include:

* Hardware video decoding is now enabled for Intel GPUs on Linux..

* Migrating from another browser? Now you can bring over payment methods you've saved in Chrome-based browsers to Firefox.

* The Tab Manager dropdown now features close buttons, so you can close tabs more quickly.

* The Firefox for Android address bar's new search button allows you to easily switch between search engines and search your bookmarks and browsing history.

* We've refreshed and streamlined the user interface for importing data in from other browsers.

* Users without platform support for H264 video decoding can now fallback to Cisco's OpenH264 plugin for playback.

But the most important feature is that this release is the new ESR. Why this is important? y'all ask, well:

* Many a "downstream" project depends on Firefox ESR, for example the famous email client Thunderbird, or KaiOS (a mobile OS very popular in India, SE Asia, Africa and LatAm), so, for better or worse, whatever made it to (or is lacking from) this version of the browser, those projects have to use for the next year.

* Firefox ESR is the default browser of many distros, like Debian and Kali Linux, so, whatever made it to this version will be there for next year, ditto to whatever is lacking.

* If you are on old -- unsupported OSs, like Windows 7, 8-8.1 or MacOS 10.14 (Mojave, the last MacOS with support for 32 Bit Apps), 10.13 or 10.12 you will automatically be migrated to Firefox ESR, so this will be your browser until Sept. 2024.


Security

336,000 Servers Remain Unpatched Against Critical Fortigate Vulnerability (arstechnica.com) 23

An anonymous reader quotes a report from Ars Technica: Researchers say that nearly 336,000 devices exposed to the Internet remain vulnerable to a critical vulnerability in firewalls sold by Fortinet because admins have yet to install patches the company released three weeks ago. CVE-2023-27997 is a remote code execution in Fortigate VPNs, which are included in the company's firewalls. The vulnerability, which stems from a heap overflow bug, has a severity rating of 9.8 out of 10. Fortinet released updates silently patching the flaw on June 8 and disclosed it four days later in an advisory that said it may have been exploited in targeted attacks. That same day, the US Cybersecurity and Infrastructure Security Administration added it to its catalog of known exploited vulnerabilities and gave federal agencies until Tuesday to patch it.

Despite the severity and the availability of a patch, admins have been slow to fix it, researchers said. Security firm Bishop Fox on Friday, citing data retrieved from queries of the Shodan search engine, said that of 489,337 affected devices exposed on the internet, 335,923 of them -- or 69 percent -- remained unpatched. Bishop Fox said that some of the vulnerable machines appeared to be running Fortigate software that hadn't been updated since 2015. "Wow -- looks like there's a handful of devices running 8-year-old FortiOS on the Internet," Caleb Gross, director of capability development at Bishop Fox, wrote in Friday's post. "I wouldn't touch those with a 10-foot pole."

IT

The Link Rot Spreads: GIF-hosting Site Gfycat Shutting Down Sept. 1 (arstechnica.com) 27

Gfycat, a place where users uploaded, created, and distributed GIFs of all sorts, is shutting down as of Sept. 1, according to a message on its homepage. From a report: Users of the Snap-owned service are asked to "Please save or delete your Gfycat content." "After September 1, 2023, all Gfycat content and data will be deleted from gfycat.com." Gfycat rose as a service during a period where, like Imgur, it was easier to use than any native tools provided by content sites like Facebook or Reddit.

As CEO and co-founcer Richard Rabbat told TechCrunch in 2016, after raising $10 million from investors, GIFs were "hard to make, slow to upload, and when you shared them, the quality wasn't very good." Gfycat created looped, linked Webm videos that, while compressed, retained an HD quality to them. They were easier to share than actual GIF-format files, and offered an API for other sites to tap in. "I see Gfycat as the ultimate platform for all short-form content, the way that YouTube is the platform for longer videos and Twitter is the platform for text-based news and media discussions," VC funder Ernestine Fu told TechCrunch in 2016, long before TikTok, YouTube shorts, and Elon Musk's Twitter ownership came to pass.

Security

Despite Amazon Ban, Flipper Zero's 'Multi-Tool Device for Hackers' On Track for $80M in Sales (techcrunch.com) 80

The company behind Flipper Zero expects $80 million in sales this year, which ZDNet estimates at around 500,000 unit sales.

In its Kickstarter days the company sold almost $5 million as preorders, remembers TechCrunch, and the company claims it sold $25 million worth of the devices last year: So what are they selling? Flipper Zero is a "portable gamified multi-tool" aimed at everyone with an interest in cybersecurity, whether as a penetration tester, curious nerd or student — or with more nefarious purposes. The tool includes a bunch of ways to manipulate the world around you, including wireless devices (think garage openers), RFID card systems, remote keyless systems, key fobs, entry to barriers, etc. Basically, you can program it to emulate a bunch of different lock systems.

The system really works, too — I'm not much of a hacker, but I've been able to open garages, activate elevators and open other locking systems that should be way beyond my hacking skill level. On the one hand, it's an interesting toy to experiment with, which highlights how insecure much of the world around us actually is. On the other hand, I'm curious if it's a great idea to have 300,000+ hacking devices out in the wild that make it easy to capture car key signals and gate openers and then use them to open said apertures.

The company points out that their firmware is open source, and can be inspected by anyone.

ZDNet calls it "incredibly user-friendly" and "a fantastic educational tool and a stepping stone to get people — young and old — into cybersecurity," with "a very active community of users that are constantly finding new things to do with it". (Even third-party operating systems are available).

"Instead of looking like some scary hacking tool, all black and bristling with antennas, it looks like a kid's toy, all plastic and brightly colored," writes ZDNet. "It reminds me of Tamagotchis..."

Thanks to Slashdot reader ZipNada for suggesting the article.
Education

Schools Say US Teachers' Retirement Fund Was Breached By MOVEit Hackers (techcrunch.com) 15

An anonymous reader quotes a report from TechCrunch: Two U.S. schools have confirmed that TIAA, a nonprofit organization that provides financial services for individuals in academic fields, has been caught up in the mass-hacks targeting MOVEit file transfer tools. Middlebury College in Vermont and Trinity College in Connecticut both released security notices confirming they experienced data breaches as a result of a security incident at the Teachers Insurance and Annuity Association of America, or TIAA. According to its website, TIAA serves mire than five million active and retired employees participating at more than 15,000 institutions and manages $1.3 trillion in assets in more than 50 countries.

Both of the security notices confirm that TIAA was affected by hackers' widespread exploitation of a flaw in MOVEit Transfer, an enterprise file transfer tool developed by Progress Software. The mass-hack has so far claimed more than 160 victims, according to Emsisoft threat analyst Brett Callow, including the U.S. Department of Health and Human Services (HHS) and Siemens Energy. Only 12 of these victims have confirmed the number of people affected, which already adds up to more than 16 million individuals.

While TIAA notified affected schools of its security incident, the organization has yet to publicly acknowledge the incident. In response to a Twitter user questioning the organization's silence, TIAA responded saying that its offices were closed. It's not yet known how many organizations have been impacted as a result of the cyberattack on TIAA. TIAA has not yet been listed on the dark web leak site of the Russia-linked Clop ransomware gang, which has claimed responsibility for the ongoing MOVEit cyberattacks.

Security

TSMC Says Some Of Its Data Was Swept Up in a Hack on a Hardware Supplier (arstechnica.com) 1

Chipmaker TSMC said on Friday that one of its hardware suppliers experienced a "security incident" that allowed the attackers to obtain configurations and settings for some of the servers the company uses in its corporate network. From a report: The disclosure came a day after the LockBit ransomware crime syndicate listed TSMC on its extortion site and threatened to publish the data unless it received a payment of $70 million. The hardware supplier, Kinmax Technology, confirmed that one of its test environments had been attacked by an external group, which was then able to retrieve configuration files and other parameter information. The company said it learned of the breach on Thursday and immediately shut down the compromised systems and notified the affected customer.

"Since the above information has nothing to do with the actual application of the customer, it is only the basic setting at the time of shipment," Kinmax officials wrote. "At present, no damage has been caused to the customer, and the customer has not been hacked by it." In an email, a TSMC representative wrote, "Upon review, this incident has not affected TSMC's business operations, nor did it compromise any TSMC's customer information. After the incident, TSMC has immediately terminated its data exchange with this supplier in accordance with the Company's security protocols and standard operating procedures." The statement didn't say if TSMC has been contacted by the attackers or if it plans to pay the ransom.

Piracy

French Govt Wants To Inject Domain Blocking Lists Directly Into Web Browsers (torrentfreak.com) 82

Online piracy, now being linked with malware, identity theft, and banking fraud, has prompted a coordinated concerning campaign for tougher legislation beyond copyright laws. The French government, news website TorrentFreak reports, is considering an ambitious approach: integrating state-operated domain blacklists into web browsers. This step is well-intentioned, indicating an evolving strategy in battling piracy.
IT

Atom Feed Format Was Born 20 Years Ago (rssboard.org) 5

RSS Advisory Board: This month marks the 20th anniversary of the effort that became the Atom feed format. It all began on June 16, 2003, with a blog post from Apache Software Foundation contributor Sam Ruby asking for feedback about what constitutes a well-formed blog entry. The development of RSS 2.0 had been an unplanned hopscotch from a small group at Netscape to a smaller one at UserLand Software, but Atom was a barn raising. Hundreds of software developers, web publishers and technologists gathered for a discussion in the abstract that led to a concrete effort to build a well-specified syndication format and associated publishing API that could become Internet standards. Work was done on a project wiki that grew to over 1,500 pages. Everything was up for a vote, including a plebiscite on choosing a name that ballooned into a four-month-long bikeshed discussion in which Pie, Echo, Wingnut, Feedcast, Phaistos and several dozen alternatives finally, mercifully, miraculously lost out to Atom.

The road map of the Atom wiki lists the people, companies and projects that jumped at the chance to create a new format for feeds. XML specification co-author Tim Bray wrote: "The time to write it all down and standardize it is not when you're first struggling to invent the technology. We now have aggregators and publishing systems and search engines and you-name-it, and I think the community collectively understands pretty well what you need, what you don't need, and what a good syntax looks like. So, now's the time."

Security

High School in Illinois Changes Every Student's Password To 'Ch@ngeme!' (techcrunch.com) 77

After a cybersecurity audit mistakenly reset everyone's password, a high school changed every student's password to "Ch@ngeme!" giving every student the chance to hack into any other student's account, according to emails obtained by TechCrunch. From the report: Last week, Oak Park and River Forest (OPRF) High School in Illinois told parents that during a cybersecurity audit, "due to an unexpected vendor error, the system reset every student's password, preventing students from being able to log in to their Google account."

"To fix this, we have reset your child's password to Ch@ngeme! so that they can once again access their Google account. This password change will take place beginning at 4 p.m. today," the school, which has around 3,000 students, wrote in an email dated June 22. "We strongly suggest that your child update this password to their own unique password as soon as possible."

Security

SEC Notice To SolarWinds CISO and CFO Roils Cybersecurity Industry (csoonline.com) 34

The US Securities and Exchange Commission has roiled the cybersecurity industry by putting executives of SolarWind on notice that it may pursue legal action for violations of federal law in connection with their response to the 2020 attack on the company's infrastructure that affected thousands of customers in government agencies and companies globally. From a report: Current and former employees and officers of the company, including the chief financial officer (CFO) and chief information security officer (CISO), have received so-called Wells Notices notices from the SEC staff, in connection with the investigation of the 2020 cyberattack, the company said in an SEC filing.

"The Wells Notices provided to these individuals each state that the SEC staff has made a preliminary determination to recommend that the SEC file a civil enforcement action against the recipients alleging violations of certain provisions of the U.S. federal securities laws," SolarWinds said in its filing. A Wells Notice is neither a formal charge of wrongdoing nor a final determination that the recipient has violated any law, SolarWinds noted. However, if the SEC does pursue legal action and prevails in a lawsuit, there could be various consequences.

Social Networks

Minecraft's Devs Exit its 7 Million-Strong Subreddit After Reddit's Ham-Fisted Crackdown on Protest (pcgamer.com) 91

An anonymous reader shares a report: If you want official updates from the Minecraft dev team, you better not look on Reddit. A post from a Reddit user bearing the name sliced_lime and a flair indicating they are the Minecraft Java Tech Lead (almost certainly Mojang's Mikael Hedberg) announced yesterday that Mojang would no longer be posting official content to Reddit, in the wake of that platform's response to protests over changes to its API. "As you have no doubt heard by now, Reddit management introduced changes recently that have led to rule and moderation changes across many subreddits," read the post, before announcing that those changes have led Mojang to "no longer feel that Reddit is an appropriate place to post official content or refer [its] players to".

The events are only obliquely referred to in the post, but it seems the move has been sparked by Reddit's crackdown on protests against recent changes to its API that would, in essence, kill off third-party apps that let users access the site. Subreddit mods have spent the last few weeks mounting various campaigns against Reddit's corporate leadership, either "going dark" by turning the subreddits they oversee into private, invite-only communities or else marking them as NSFW, meaning Reddit can't sell ads on those pages. Reddit responded by pressuring disgruntled mods, and in some cases ousting and trying to replace them.

Slashdot Top Deals