Vue lecture

☕️ Fuite de données chez Free : contrôle de la CNIL, un pirate remet une pièce dans le jukebox

Fuite de données chez Free : contrôle de la CNIL, un pirate remet une pièce dans le jukebox

Fin octobre, Free annonçait à ses clients une fuite de données personnelles, mais aussi d’informations bancaires avec le RIB de certains abonnés Freebox. Et, pour les victimes, les risques sont bien réels en pareille situation ; pensez donc à vérifier vos comptes. Dans le même temps, un pirate mettait aux enchères les données sur un forum, puis annonçait la vente pour 175 000 dollars.

La semaine dernière, DataBreaches racontait une histoire assez folle : les données n’auraient finalement pas été vendues et il se serait en fait agi de mettre la pression à Free pour lui essayer de lui extorquer de l’argent. C’est du moins ce qu’affirme le pirate YuroSh qui se présente comme étant à l’origine de la récupération des données.

Dans une mise à jour datée du 7 novembre, nos confrères expliquent avoir été contactés par une autre personne qui « prétend que YuroSh mentait et que les données avaient été vendues à un acheteur, mais pas pour 175 000 dollars ».

DataBreaches ajoute avoir obtenu des échantillons de données, mais « elles doivent faire l’objet d’une enquête ». Nos confrères en concluent que « cette histoire n’est peut-être pas encore terminée », mais sans nouvelle mise à jour depuis maintenant presque une semaine.

Difficile d’y voir clair dans cette affaire floue, entourée de brouillard… Mais la CNIL enquête sur le sujet et le fait savoir. Sur X, elle annonce avoir « effectué un contrôle chez l’opérateur la semaine dernière », suite à la « fuite de données ayant touché de nombreux abonnés Free ». Elle ajoute que « le dossier est désormais en cours d’instruction », sans plus de détails.

Pour rappel, la CNIL avait annoncé la mise en place à venir d’un formulaire en ligne pour porter plainte sans vous déplacer en commissariat, avant de faire machine arrière quelques jours plus tard.

Enfin, en 2022, la Commission a sanctionné Free pour des manquements aux RGPD (notamment sur la gestion des mots de passe).

☕️ Fuite de données chez Free : contrôle de la CNIL, un pirate remet une pièce dans le jukebox

Fuite de données chez Free : contrôle de la CNIL, un pirate remet une pièce dans le jukebox

Fin octobre, Free annonçait à ses clients une fuite de données personnelles, mais aussi d’informations bancaires avec le RIB de certains abonnés Freebox. Et, pour les victimes, les risques sont bien réels en pareille situation ; pensez donc à vérifier vos comptes. Dans le même temps, un pirate mettait aux enchères les données sur un forum, puis annonçait la vente pour 175 000 dollars.

La semaine dernière, DataBreaches racontait une histoire assez folle : les données n’auraient finalement pas été vendues et il se serait en fait agi de mettre la pression à Free pour lui essayer de lui extorquer de l’argent. C’est du moins ce qu’affirme le pirate YuroSh qui se présente comme étant à l’origine de la récupération des données.

Dans une mise à jour datée du 7 novembre, nos confrères expliquent avoir été contactés par une autre personne qui « prétend que YuroSh mentait et que les données avaient été vendues à un acheteur, mais pas pour 175 000 dollars ».

DataBreaches ajoute avoir obtenu des échantillons de données, mais « elles doivent faire l’objet d’une enquête ». Nos confrères en concluent que « cette histoire n’est peut-être pas encore terminée », mais sans nouvelle mise à jour depuis maintenant presque une semaine.

Difficile d’y voir clair dans cette affaire floue, entourée de brouillard… Mais la CNIL enquête sur le sujet et le fait savoir. Sur X, elle annonce avoir « effectué un contrôle chez l’opérateur la semaine dernière », suite à la « fuite de données ayant touché de nombreux abonnés Free ». Elle ajoute que « le dossier est désormais en cours d’instruction », sans plus de détails.

Pour rappel, la CNIL avait annoncé la mise en place à venir d’un formulaire en ligne pour porter plainte sans vous déplacer en commissariat, avant de faire machine arrière quelques jours plus tard.

Enfin, en 2022, la Commission a sanctionné Free pour des manquements aux RGPD (notamment sur la gestion des mots de passe).

Congress To Hold Another UFO/UAP Hearing

Longtime Slashdot reader thephydes writes: The hearing will go ahead on November 13 at 11:30 ET (16:30 GMT). Apparently, it will "further pull back the curtain on secret UAP research programs conducted by the U.S. government, and undisclosed findings they have yielded," according to a House statement. It's driven by two republicans, Nancy Mace (R-S.C.) and Glenn Grothman (R-Wis.), who say: "Americans deserve to understand what the government has learned about UAP sightings, and the nature of any potential threats these phenomena pose. We can only ensure that understanding by providing consistent, systemic transparency. We look forward to hearing from expert witnesses on ways to shed more light and bring greater accountability to this issue." "Expert witnesses in the hearing will include Luis Elizondo, a decorated former counterintelligence officer who has claimed for years that the U.S. government is hiding knowledge of UAP, including materials recovered from crashed flying saucers," reports Space.com. "The House hearing will also include Tim Gallaudet, a retired U.S. Navy Rear Admiral who unidentified submersible objects, arguing that 'these underwater anomalies jeopardize US maritime security.'" "Other speakers at the hearing include journalist Michael Shellenberger, who has also claimed the U.S. government is hiding UFO crash retrieval programs, and former NASA Associate Administrator of Space Policy and Partnerships Michael Gold, who is a member of NASA's independent UAP study team."

Read more of this story at Slashdot.

SilverStone HELA 1650R Platinum, une très grosse connectique

Le ratio puissance / volume est de puis très longtemps un point mis très avant par SilverStone pour les alimentations, mais voilà un point qu'on peut désormais oublier avec la nouvelle HELA 1650R Platinum, bien qu'une petite vignette indique 711 W par litre, ou 710.6 W plus exactement. Ce nouveau venu mesure en effet 180 mm de profondeur, chose assez rare pour la marque, ce qui permet de mettre du lourd sur plusieurs points. Certifiée Cybenetics Platinum, cette alimentation embarque un ventilateur de 140 mm à roulement FDB et mode 0 rpm sous 300 W de charge, de nombreuses protections (OCP, OPP, OVP, SCP, UPP et OTP), ainsi qu'une très grosse connectique basée sur des câbles modulaires plats. SilverStone suit ainsi une tendance qui offre deux connecteurs 12V-2x6 ainsi que de bien trop nombreux connecteurs PCI-E 6+2. Mais pourquoi pas ? […]

Lire la suite

Discord Leaker Sentenced To 15 Years In Prison

An anonymous reader quotes a report from NBC News: Former Massachusetts Air National Guard member Jack Teixeira was sentenced Tuesday to 15 years for stealing classified information from the Pentagon and sharing it online, the U.S. Attorney for Massachusetts announced. Teixeira received the sentence before Judge Indira Talwani in U.S. District Court for the District of Massachusetts. In March, the national guardsman pleaded guilty to six counts of willful retention and transmission of national defense information under the Espionage Act. He was arrested by the FBI in North Dighton, Massachusetts, in April 2023 and has been in federal custody since mid-May 2023. According to court documents, Teixeira transcribed classified documents that he then shared on Discord, a social media platform mostly used by online gamers. He began sharing the documents in or around 2022. A document he was accused of leaking included information about providing equipment to Ukraine, while another included discussions about a foreign adversary's plot to target American forces abroad, prosecutors said. [...] While the documents were discovered online in March 2023, Teixeira had been sharing them online since January of that year, according to prosecutors.

Read more of this story at Slashdot.

Test Teufel Cage Pro : Un excellent son !

Teufel revient sur le marché du casque gaming avec la version Pro du Cage qui profite de l’occasion pour couper le cordon ! En effet, le Teufel Cage Pro est un casque wireless qui intègre par ailleurs la technologie DTS Headphone V2 pour profiter d’un son surround virtuel 7.1. Il est wireless en 2.4 GHz, mais aussi Bluetooth 5.2 et analogique et propose un micro détachable. Cerise sur le gâteau, ou pas, il détient un petit éclairage RGB. Proposé à 199€, il compte débusquer les ténors du milieu. Le jeu en vaut-il la chandelle ? Réponse dans notre test du Teufel Cage Pro !

New Thermal Material Provides 72% Better Cooling Than Conventional Paste

"Researchers at the University of Texas have unveiled a new thermal interface material that could revolutionize cooling, outperforming top liquid metal solutions by up to 72% in heat dissipation," writes Slashdot reader jjslash. "This breakthrough not only improves energy efficiency but also enables higher-density data center setups, cutting cooling costs and energy usage significantly." TechSpot reports: Thanks to a mechanochemically engineered combination of the liquid metal alloy Galinstan and ceramic aluminum nitride, this thermal interface material, or TIM, outperformed the best commercial liquid metal cooling products by a staggering 56-72% in lab tests. It allowed dissipation of up to 2,760 watts of heat from just a 16 square centimeter area. The material pulls this off by bridging the gap between the theoretical heat transfer limits of these materials and what's achieved in real products. Through mechanochemistry, the liquid metal and ceramic ingredients are mixed in an extremely controlled way, creating gradient interfaces that heat can flow across much more easily. Beyond just being better at cooling, the researchers claim that the higher performance reduces the energy needed to run cooling pumps and fans by up to 65%. It also unlocks the ability to cram more heat-generating processors into the same space without overheating issues. [...] As for how you can get your hands on the material: it's yet to make it out of the labs. The UT team has so far only tested it successfully at small scales but is now working on producing larger batches to put through real-world trials with data center partners. The material has been detailed in a paper published in the journal Nature Nanotechnology.

Read more of this story at Slashdot.

Spotify's Car Thing, Due For Bricking, Is Getting an Open Source Second Life

If you have Spotify's soon-to-be-bricked Car Thing, there are a few ways you can give it a new lease on life. YouTuber Dammit Jeff has showcased modifications to Car Thing that makes the device useful as a desktop music controller, customizable shortcut tool, or a simple digital clock. Ars Technica's Kevin Purdy reports: Spotify had previously posted the code for its uboot and kernel to GitHub, under the very unassuming name "spsgsb" and with no announcement (as discovered by Josh Hendrickson). Jeff has one idea why the streaming giant might not have made much noise about it: "The truth is, this thing isn't really great at running anything." It has half a gigabyte of memory, 4GB of internal storage, and a "really crappy processor" (Amlogic S905D2 SoC) and is mostly good for controlling music. How do you get in? The SoC has a built-in USB "burning mode," allowing for a connected computer, running the right toolkit, to open up root access and overwrite its firmware. Jeff has quite a few issues getting connected (check his video description for some guidance), but it's "drag and drop" once you're in. Jeff runs through a few of the most popular options for a repurposed Car Thing: - DeskThing, which largely makes Spotify desk-friendly, but adds a tiny app store for weather (including Jeff's own WeatherWave), clocks, and alternate music controls - GlanceThing, which keeps the music controls but also provides some Stream-Deck-like app-launching shortcuts for your main computer. - Nocturne, currently invite-only, is a wholly redesigned Spotify interface that restores all its Spotify functionality.

Read more of this story at Slashdot.

VMware Makes Workstation and Fusion Free For Everyone

An anonymous reader quotes a report from BleepingComputer: VMware has announced that its VMware Fusion and VMware Workstation desktop hypervisors are now free to everyone for commercial, educational, and personal use. In May, the company also made VMware Workstation Pro and Fusion Pro free for personal use, allowing students and home users to set up virtualized test labs and experiment with other OSs by running virtual machines and Kubernetes clusters on Windows, Linux, and macOS devices. Starting this week, the Pro versions and the two products will no longer be available under a paid subscription model. "Effective immediately, both VMware Fusion and VMware Workstation will transition away from the paid subscription model, meaning you can now utilize these tools without any cost. The paid versions of these offerings -- Workstation Pro and Fusion Pro -- are no longer available for purchase," said Broadcom product marketing director Himanshu Singh. "If you're currently under a commercial contract, you can rest easy knowing that your agreement will remain in effect until the end of your term. You will continue to receive the full level of service and enterprise-grade support as per your contract." While the free versions will include all the features available in the paid products, Broadcom will no longer provide users with support ticketing for troubleshooting. Broadcom plans to continue developing new features and improvements and ensure that updates are rolled out promptly. "We're actively investing in new features, usability improvements, and other valuable enhancements," Singh added. "Our engineering teams are committed to maintaining our high standards for stability, with timely updates and reliable performance." You can download VMware Fusion and VMware Workstation here (sign-in required).

Read more of this story at Slashdot.

Microsoft Edge Is Trying To Forcefully Get Your Chrome Tabs Again

A new update is rolling out that automatically starts Microsoft's Edge browser and prompts users to import their Chrome tabs -- a move that has sparked criticism over its invasive tactics to encourage Edge adoption. The Verge's Tom Warren reports: My colleague Richard Lawler noticed that Edge started automatically on his PC last week at boot and offered up a new prompt to "enhance your browsing experience." The pop-up has a "bring over your data from other browsers regularly" option ticked by default, and encourages people to confirm and continue with a big blue button. If you want to dismiss this prompt there's a tiny white X button that looks similar to the sparkles Microsoft is using in the background of the prompt. If you simply hit confirm and continue then Microsoft Edge will import your Chrome data and continually import your tabs if you have Chrome set as default. The prompt seems to mainly appear on PCs with Chrome installed, suggesting that Microsoft is once again targeting Chrome users. Microsoft confirmed the new "feature" to The Verge. "This is a notification giving people the choice to import data from other browsers," explains Microsoft spokesperson Caitlin Roulston. "There is an option to turn it off."

Read more of this story at Slashdot.

23andMe To Lay Off 40% of Its Workforce, Discontinue All Therapy Programs

The genetic testing company 23andMe announced it will cut 40% of its workforce, or 200 jobs, and halt the work on therapies it was developing. As the BBC notes, the company is fighting for survival after hackers gained access to personal information of millions of its users, causing the stock to crater by more than 70%. All seven of its independent directors also resigned in September, following a protracted negotiation with founder and Chief Executive Anne Wojcicki over her plan to take the company private. The BBC reports: On Tuesday, the company warned investors of "substantial doubt" about its ability to continue operating, as it reported that revenue had fallen to $44 million between July and September compared to $50 million in the same period last year. Losses fell to $59 million from $75 million. The job cuts are expected to lead to one-off costs of $12 million, including severance pay, for the plan that will result in savings of $35 million. "We are taking these difficult but necessary actions as we restructure 23andMe and focus on the long-term success of our core consumer business and research partnerships," Ms Wojcicki said. The company also said it is considering what to do with the therapies it had in development, including licensing or selling them. 23andMe is a giant of the growing ancestor-tracing industry. It offers genetic testing from DNA, with ancestry breakdown and personalised health insights. Its customers include famous names, from rapper Snoop Dogg to multi-billionaire investor Warren Buffett. The company was valued at roughly $3.5 billion when it listed on the Nasdaq stock exchange in 2021 and its share price peaked at $17.65. But they have since tumbled and are currently trading at less than $5.

Read more of this story at Slashdot.

Open Source Project DeFlock Is Mapping License Plate Surveillance Cameras All Over the World

An anonymous reader quotes a report from 404 Media: Flock is one of the largest vendors of automated license plate readers (ALPRs) in the country. The company markets itself as having the goal to fully "eliminate crime" with the use of ALPRs and other connected surveillance cameras, a target experts say is impossible. [...] Flock and automated license plate reader cameras owned by other companies are now in thousands of neighborhoods around the country. Many of these systems talk to each other and plug into other surveillance systems, making it possible to track people all over the country. "It went from me seeing 10 license plate readers to probably seeing 50 or 60 in a few days of driving around," [said Alabama resident and developer Will Freeman]. "I wanted to make a record of these things. I thought, 'Can I make a database of these license plate readers?'" And so he made a map, and called it DeFlock. DeFlock runs on Open Street Map, an open source, editable mapping software. He began posting signs for DeFlock (PDF) to the posts holding up Huntsville's ALPR cameras, and made a post about the project to the Huntsville subreddit, which got good attention from people who lived there. People have been plotting not just Flock ALPRs, but all sorts of ALPRs, all over the world. [...] When I first talked to Freeman, DeFlock had a few dozen cameras mapped in Huntsville and a handful mapped in Southern California and in the Seattle suburbs. A week later, as I write this, DeFlock has crowdsourced the locations of thousands of cameras in dozens of cities across the United States and the world. He said so far more than 1,700 cameras have been reported in the United States and more than 5,600 have been reported around the world. He has also begun scraping parts of Flock's website to give people a better idea of where to look to map them. For example, Flock says that Colton, California, a city with just over 50,000 people outside of San Bernardino, has 677 cameras. People who submit cameras to DeFlock have the ability to note the direction that they are pointing in, which can help people understand how these cameras are being positioned and the strategies that companies and police departments are using when deploying them. For example, all of the cameras in downtown Huntsville are pointing away from the downtown core, meaning they are primarily focused on detecting cars that are entering downtown Huntsville from other areas.

Read more of this story at Slashdot.

Bitcoin Pushes Past $90,000

After setting a record high yesterday, Bitcoin continued its remarkable rally, briefly surging past the $90,000 mark. Since Election Day, the cryptocurrency has gained nearly 30%, adding approximately $20,000 to its value. From a previous report: Bitcoin hit a peak of $90,000 on Coinbase at 12:56 PST on Nov. 12 and is up 11% over the past day, per TradingView data. The cryptocurrency is now just over 11% away from reaching $100,000.

Read more of this story at Slashdot.

Red Hat is Acquiring AI Optimization Startup Neural Magic

Red Hat, the IBM-owned open source software firm, is acquiring Neural Magic, a startup that optimizes AI models to run faster on commodity processors and GPUs. From a report: The terms of the deal weren't disclosed. MIT research scientist Alex Matveev and professor Nir Shavit founded Somerville, Massachusetts-based Neural Magic in 2018, inspired by their work in high-performance execution engines for AI. Neural Magic's software aims to process AI workloads on processors and GPUs at speeds equivalent to specialized AI chips (e.g. TPUs). By running models on off-the-shelf processors, which usually have more available memory, the company's software can realize these performance gains. Big tech companies like AMD and a host of other startups, including NeuReality, Deci, CoCoPie, OctoML and DeepCube, offer some sort of AI optimization software. But Neural Magic is one of the few with a free platform and a collection of open source tools to complement it. Neural Magic had so far managed to raise $50 million in venture capital from backers like Andreessen Horowitz, New Enterprise Associations, Amdocs, Comcast Ventures, Pillar VC and Ridgeline Ventures.

Read more of this story at Slashdot.

The US Has a Cloned Sheep Contraband Problem

Federal authorities are grappling with the aftermath of an illegal sheep cloning operation that has scattered hundreds of contraband hybrid animals across multiple states, following the sentencing of the scheme's mastermind. Montana rancher Arthur Schubarth received a six-month prison term for cloning a near-threatened Marco Polo argali sheep from tissue illegally imported from Kyrgyzstan. The cloned animal, named Montana Mountain King, was used to inseminate over 100 ewes, creating a network of unauthorized hybrid offspring. Court documents reveal that Schubarth sold these hybrids to big game hunting enthusiasts, with prices reaching $10,000 per animal. While the original cloned sheep is now housed at New York's Rosamond Gifford Zoo, authorities cannot account for most of its descendants.

Read more of this story at Slashdot.

Growth of AI Adoption Slows Among US Workers, Study Says

The percentage of workers in the U.S. who say they are using AI at work has remained largely flat over the last three months, according to a new study commissioned by Slack. From a report: If AI's rapid adoption curve slows or flattens, a lot of very rosy assumptions about the technology -- and very high market valuations tied to them -- could change. Slack said its most recent survey found 33% of U.S. workers say they are using AI at work, an increase of just a single percentage point. That represents a significant flattening of the rapid growth noted in prior surveys. Global adoption of AI use at work, meanwhile, rose from 32% to 36%. Between the lines: Slack also found that globally, nearly half of workers (48%) said they were uncomfortable telling their managers they use AI at work. Among the top reasons cited were a fear of being seen as lazy, cheating or incompetent.

Read more of this story at Slashdot.

Microsoft is Killing off Windows 11's Mail and Calendar Apps By the End of the Year

Microsoft is planning to no longer support the Windows Mail, Calendar, and People apps later this year. The Verge: The software giant has been moving existing users of these apps over to the new Outlook for Windows app in recent months, and now it has set an end of support date for the Mail, Calendar, and People apps of December 31st. Once the apps reach end of support later this year, Microsoft warns that users who haven't moved to the new Outlook app "will no longer be able to send and receive email using Windows Mail and Calendar." Microsoft has been rolling out the new Outlook for Windows app for years, with it officially reaching the general availability stage in August. The new web-based Outlook is designed to eventually replace the full desktop version of Outlook too, and Microsoft plans to provide enterprise customers a 12-month notice before it starts to move people away from the desktop version of Outlook.

Read more of this story at Slashdot.

Power Shortage To Hit 40% of AI Data Centres by 2027, Gartner Warns

40% of AI data centers will face operational constraints due to power shortages by 2027 as AI drives unprecedented energy consumption, research firm Gartner said on Tuesday. Data center power requirements for AI-optimized servers are projected to reach 500 terawatt-hours annually by 2027, more than double 2023 levels, as companies rapidly expand facilities to handle large language model training and implementation. The surge in power demand will outpace utility providers' ability to expand capacity, Gartner analyst Bob Johnson said, leading to higher electricity costs that will cascade through the AI industry. Some operators are already seeking direct agreements with power producers to secure guaranteed supply.

Read more of this story at Slashdot.

❌