There is a corner of LinkedIn free from humble brags, self-promotion, thought leadership and strict decorum. You just need to connect with a zoomer. Although LinkedIn is not a popular online hangout for Generation Z, some of their most viral posts are parodies of LinkedIn itself. From a report: Shiv Sharma graduated from the University of Southern California last year, according to his LinkedIn. A few months ago, he updated his profile listing himself as the assistant chef at the fictional restaurant from Sponge Bob Square Pants. "I have accepted an offer to work for The Krusty Krab Restaurant as part of their Entry Level Chef Program in Bikini Bottom," he wrote. The post garnered more than 5,000 reactions and dozens of comments. Harry Tong is a software development intern at a tech company. But, according to a popular post on his profile: "I am officially the CEO of a BILLION dollar company," he wrote. "For my series Z, my mom invested $10 for 0.000001% of my company, giving it a $1 billion valuation."

This subculture of subversion on LinkedIn has inspired countless TikTok videos, a Twitter account called @LinkedinFlex and a devoted Reddit community called LinkedInLunatics. The memes reflect the weariness people feel toward the site -- "primarily a place for bragging," said Jake Zhang, a Toronto-based college student. "People tell stories about how their entire lives have built up to this one moment of getting a job or a promotion, or experts claim they'll change your life with a piece of advice," Tong said. "And I'm just here to poke at the facade a little bit." Most young people treat LinkedIn as a "purely transactional job hunting tool" to be used sparingly, said AJ Wilcox, founder of B2Linked, an advertising agency that specializes in the Microsoft Corp.-owned professional networking site. Maintaining a profile is a "necessary evil," Zhang said. "Everyone I know creates an account due to school or peer pressure," Zhang said. "We use it because there's no alternative for job hunting. But with all the toxic content and bragging, no one I know really likes it." Which is what makes the parodies on LinkedIn so interesting. Most people wouldn't put a joke on their resume. The posts are a byproduct of a generation that lives fearlessly on the internet, eager to entertain and call out any whiff of inauthenticity.

Apple's next iPhone lineup will get at least three major new camera and video-recording features, which the company is betting will be key enticements to upgrade from earlier models. From a report: The new handsets will include a video version of the phone's Portrait mode feature, the ability to record video in a higher-quality format called ProRes, and a new filters-like system that improves the look and colors of photos, according to people familiar with the matter.

Beyond the camera enhancements, the new iPhones will get relatively modest upgrades. Last year, Apple revamped the iPhone design, added 5G wireless networking and updated the camera hardware. For this year, the company will retain the same 5.4-inch and 6.1-inch regular sizes and 6.1-inch and 6.7-inch Pro screen dimensions, as well as their designs. The new phones will include a faster A15 chip and a smaller notch, also known as the display cutout, in addition to new screen technology that could enable a faster refresh rate for smoother scrolling.

An anonymous reader shares a report: When three Chinese nationals were jailed in Beijing almost a decade ago and accused of selling fake Hewlett-Packard networking gear, it looked like an example of U.S. companies getting what they'd long demanded: aggressive protection of intellectual property in the world's most populous nation. A drawn-out court case heading to trial in Massachusetts paints a much muddier picture. The three, exonerated in China, accuse the former Silicon Valley icon of setting them up. They argue that it was H-P units that conspired to sell counterfeit gear, and then pinned the blame on them. H-P disputes the claims, and is asking a U.S. federal judge to dismiss the lawsuit, saying the story was concocted by Integrated Communications & Technologies Inc., the Massachusetts-based company that employed the three Chinese nationals, to cover up its own criminal behavior. U.S. District Judge Leo T. Sorokin may rule on the dismissal request at any time. If he lets the case continue, a trial is scheduled for February.

Western companies have been calling on China for years to combat counterfeiting and take action against those that steal their intellectual property. One of the triggers for former U.S. President Donald Trump's trade war was the technology industry's lobbying of the American government to help protect their IP. A loss for either side in the lawsuit would tarnish its reputation in the world's largest market for computers by marking them as an organization that fraudulently sold counterfeit goods. The Office of the U.S. Trade Representative identified China as the "primary source" of counterfeit goods in a 2020 report. With Hong Kong, the document details, China accounts for 92% of the value of fake goods seized by U.S. Customs and Border Protection in 2019. In this case, the networking gear was made by an affiliate of H-P's in China, exported to India on lease, then sold back into the Chinese market.

LinkedIn will allow most employees to opt for full-time remote work as offices gradually reopen, Chief People Officer Teuila Hanson told Reuters. From the report: This new policy from Microsoft's professional social networking site is a reversal of the company's initial indication last October that employees would be expected to work from an office 50% of the time, when COVID-19 pandemic restrictions lift. The updated policy, offering employees the flexibility to work remotely full-time or work at an office part-time, will apply to LinkedIn's global workforce of more than 16,000 employees. "We anticipate that we'll definitely see more remote employees than what we saw prior to the pandemic," Hanson said in a Wednesday interview ahead of the announcement, adding that some jobs would require in-office work.

Amazon's Kindle e-readers with built-in 3G will begin to lose the ability to connect to the internet on their own in the US in December, according to an email sent to customers on Wednesday. The Verge reports: The change is due to mobile carriers transitioning from older 2G and 3G networking technology to newer 4G and 5G networks. For older Kindles without Wi-Fi, this change could mean not connecting to the internet at all. As Good e-Reader first noted in June, newer Kindle devices with 4G support should be fine, but for older devices that shipped with support for 3G and Wi-Fi like the Kindle Keyboard (3rd generation), Kindle Touch (4th generation), Kindle Paperwhite (4th, 5th, 6th, and 7th generation), Kindle Voyage (7th generation), and Kindle Oasis (8th generation), users will be stuck with Wi-Fi only. In its email announcement, Amazon stresses that you can still enjoy the content you already own and have downloaded on these devices, you just won't be able to download new books from the Kindle Store unless you're doing it over Wi-Fi.

Things get more complicated for Amazon's older Kindles, like the Kindle (1st and 2nd generation), and the Kindle DX (2nd generation). Since those devices relied solely on 2G or 3G internet connectivity, once the networks are shut down, the only way to get new content onto your device will be through an old-fashioned micro-USB cable. For customers affected by the shutdown, Amazon is offering a modest promotional credit (NEWKINDLE50) through August 15th for $50 towards a new Kindle Paperwhite or Kindle Oasis, along with $15 in-store credit for ebooks. While arguably the company could do more to help affected customers (perhaps by replacing older devices entirely) this issue is largely out of Amazon's hands.

storagedude writes: Alan Paller, founder of the cybersecurity training SANS Technology Institute, has launched an initiative aimed at finding and developing cybersecurity talent at the community college and high school level — through a game developed by their CTO James Lyne. A similar game was already the basis of a UK government program that has reached 250,000 students, and Paller hopes the U.S. will adopt a similar model to help ease the chronic shortage of cybersecurity talent. And Paller's own Cyber Talent Institute (or CTI) has already reached 29,000 students, largely through state-level partnerships.

But playing the game isn't the same as becoming a career-ready cybersecurity pro. By tapping high schools and community colleges, the group hopes to "discover and train a diverse new generation of 25,000 cyber stars by the year 2025," Paller told eSecurity Planet. "SANS is an organization that finds people who are already in the field and makes them better. What CTI is doing is going down a step in the pipeline, to the students, to find the talent earlier, so that we don't lose them. Because the way the education system works, only a few people seem to go into cybersecurity. We wanted to change that.

"You did an article earlier this month about looking in different places for talent, looking for people who are already working. That's the purpose of CTI. To reach out to students. It's to go beyond the pipeline that we automatically come into cybersecurity through math, computer science, and networking and open the funnel much wider. Find people who have not already found technology, but who have three characteristics that seem to make superstars — tenacity, curiosity, and love of learning new things. They don't mind being faced with new problems. They like them. And what the game does is find those people. So CTI is just moving to earlier in the pipeline."

"First SolarWinds, now Kaseya. SaaS software heavily used by managed service providers (MSPs) has now been the target of two successful cyberattacks," writes Slashdot reader storagedude.

He shares a ChannelInsider article reporting the Kaseya ransomware attack compromised roughly 1,500 "downstream" businesses — and that now managed service providers "are reassessing their approaches to managing IT" after their own upstream vendors were breached: In many cases, rather than assuming the platforms that MSPs employ are secure, end customers will now require them to prove it via an audit of their software supply chains, says James Shank, Chief Architect of Community Services for Team Cymru, a provider of threat intelligence tools employed to conduct such audits. Shank, who also served on the Ransomware Task Force Committee set up by The Institute for Security and Technology, notes that MSPs should also assume attacks will only get worse before they get any better. "This is not the end or the middle," he says. "It's only the beginning."

Others, however, don't think there will be any widespread mandate to audit IT supply chains in the absence of any government requirement. Most organizations are simply not going to conduct or require extensive audits because of the time, effort, money and expertise required, says Mike Hamilton, chief information security officer (CISO) for Critical Insight, a provider of a managed detection and response platform.

"American companies are not going to do that unless someone holds their feet to the fire," he says.

The challenge that creates for MSPs and their customers is it may force them to continue to place too much trust in IT platforms provided to them by a vendor, says Chris Grove, technology evangelist for Nozomi Networks, a provider of security tools for monitoring networks. "These platforms are over-trusted," he says.

The decision many MSPs are specifically wrestling with is the degree to which they should continue to rely on IT service management (ITSM) platforms from an IT vendor that might be compromised by malware versus building and securing their own custom platform. The latter approach is not immune to malware but might be less of a target as cybercriminals increasingly focus their efforts on platforms that enable them to wreck greater downstream havoc. Alternatively, MSPs could switch to IT service management platforms provided by vendors that don't have enough market share to attract the attention of cybercriminals... Building an IT service management platform from scratch naturally requires a level of investment many MSPs lack the funding or expertise to make, notes Eldon Sprickerhoff, chief innovation officer for eSentire, a provider of a managed detection and response platform. "It's a difficult situation," he says.BR> The article points out that few small- to medium-sized businesses can afford their own internal IT security team.

Slashdot reader storagedude then suggests "on-premises installed and managed software could get another look as a result of the attacks," while vendors who can prove high levels of security "could gain a market advantage."

Intel has rehired 28-year veteran Shlomit Weiss into the position of Senior VP and Co-General Manager of Intel's Design Engineering Group (DEG), a position recently vacated by Uri Frank who left to head up Google's SoC development. "Weiss is the latest in an ever-growing list of 're-hiring' Intel veterans, which leads to the problem that at some point Intel will run out of ex-employees to rehire and instead nurture internal talent for those roles," writes Dr. Ian Cutress via AnandTech. From the report: As reported in Tom's Hardware and confirmed in her own LinkedIn announcement, Weiss will be working at Intel's Israel design center alongside Sunil Shenoy and is "committed to ensuring that the company continues to lead in developing chips." [...] In her first 28-year stint at Intel, Weiss is reported to have lead the team that developed both Intel Sandy Bridge and Intel Skylake, arguably two of the company's most important processor families over the last decade: Sandy Bridge reaffirmed Intel's lead in the market with a new base microarchitecture and continues in its 6+th generation in Comet Lake today, while Skylake has been Intel's most profitable microarchitecture ever. Weiss also received Intel's Achievement Award, the company's highest offer, but is not listed as an Intel Fellow, while CRN reports that Weiss also founded the Intel Israel Women Forum in 2014. Weiss left Intel in September 2017 to join Mellanox/NVIDIA, where she held the role of Senior VP Silicon Engineering and ran the company's networking chip design group. In her new role at Intel, Tom's is reporting that Weiss will lead all of Intel's consumer chip development and design, while the other Co-GM of Intel DEG Sunil Shenoy will lead the data center design initiatives. AnandTech goes on to note that Intel has hired 12 veterans since Dec. 20th of last year. "Of these named hires (plenty of other people hired below the role of VP), seven are listed as ex-Intel employees being rehired into the company, mostly into engineering-focused positions," writes Cutress. He continues: It should be noted however that number of engineers that Intel could rehire is limited -- going after key personnel critical to Intel's growth in the last few decades, despite their lists of successful products and accolades, can't be the be-all and end-all of Intel's next decade of growth. If we're strictly adhering to typical retirement ages as well, a number of them will soon be at that level within the next ten years. Intel can't keep rehiring veteran talent into key positions to get to the next phase in its product evolution -- at some level it has to reignite the initial passion from within.

[I]f Intel is having to rehire those who enabled former glory for the company, one has to wonder exactly what is going on such that talent already within the company isn't stepping up. At some point these veterans will retire, and Intel will be at a crossroads. In a recent interview with former Intel SVP Jim Keller, he stated that (paraphrased) "building a chip design team at a company depends on volume -- you hire in if you don't have the right people, but if you have a team of 1,000, then there are people there and it's a case of finding the right ones." In a company of 110,000 employees, it seems odd that Intel feels it has to rehire to fill those key roles. Some might question if those rehires would have left in the first place if Intel's brain drain had never occurred, but it poses an interesting question nonetheless.

A cyber-espionage group has been observed targeting Indian targets with government and military-related lures in a broad campaign to infect victims with malware. From a report: Tracked under the name of SideCopy, this cyber-espionage group has been active since 2019, according to Seqrite, Quick Heal's threat intelligence team, which first documented its spear-phishing campaigns last September. But in a report published today, Cisco Talos, one of the networking giant's cybersecurity divisions, said the group did not retreat or stop its operations after having its attacks and tooling exposed last year.

It's now being called "the single biggest global ransomware attack on record," with thousands of victims in at least 17 different countries breached with ransomware Friday, reports the Associated Press, citing new details provided by cybersecurity researchers.

An affiliate of the Russia-linked gang REvil deployed the ransomware "largely through firms that remotely manage IT infrastructure for multiple customers." A broad array of businesses and public agencies were hit by the latest attack, apparently on all continents, including in financial services, travel and leisure and the public sector — though few large companies, the cybersecurity firm Sophos reported... The Swedish grocery chain Coop said most of its 800 stores would be closed for a second day Sunday because their cash register software supplier was crippled. A Swedish pharmacy chain, gas station chain, the state railway and public broadcaster SVT were also hit. In Germany, an unnamed IT services company told authorities several thousand of its customers were compromised, the news agency dpa reported...

CEO Fred Voccola of the breached software company, Kaseya, estimated the victim number in the low thousands, mostly small businesses like "dental practices, architecture firms, plastic surgery centers, libraries, things like that." Voccola said in an interview that only between 50-60 of the company's 37,000 customers were compromised. But 70% were managed service providers who use the company's hacked VSA software to manage multiple customers. It automates the installation of software and security updates and manages backups and other vital tasks...

Dutch researchers said they alerted Miami-based Kaseya to the breach and said the criminals used a "zero day," the industry term for a previously unknown security hole in software. Voccola would not confirm that or offer details of the breach — except to say that it was not phishing. "The level of sophistication here was extraordinary," he said. When the cybersecurity firm Mandiant finishes its investigation, Voccola said he is confident it will show that the criminals didn't just violate Kaseya code in breaking into his network but also exploited vulnerabilities in third-party software...

Kaseya, which called on customers Friday to shut down their VSA servers immediately, said Sunday it hoped to have a patch in the next few days.
The attacks may have been timed to exploit America's three-day weekend celebrating the nation's founding, according to experts interviewed by the Associated Press. America's National Security advisor is now urging all who believed they were compromised to alert the FBI.

"The attack comes less than a month after Biden pressed Russian President Vladimir Putin to stop providing safe haven to REvil and other ransomware gangs whose unrelenting extortionary attacks the U.S. deems a national security threat."

UPDATE: Bleeping Computer notes the exploited vulnerability "had been previously disclosed to Kaseya by security researchers from the Dutch Institute for Vulnerability Disclosure (DIVD), and Kaseya was validating the patch before they rolled it out to customers."

In a statement today, DIVD posted that "During the last 48 hours, the number of Kaseya VSA instances that are reachable from the internet has dropped from over 2,200 to less than 140 in our last scan today... A good demonstration of how a cooperative network of security-minded organizations can be very effective during a nasty crisis."

Facebook shares posted their biggest intraday gain in two months after it won a dismissal of two antitrust cases, pushing its market value above $1 trillion for the first time. The social-media giant jumped as much as 4.4%, the most since April 29 after a judge granted Facebook's request to dismiss the complaints filed last year by the U.S. Federal Trade Commission and state attorneys general. Reader phalse phace writes: A federal court on Monday dismissed the Federal Trade Commission's antitrust complaint against Facebook, dealing a major setback for the agency's complaint that could have resulted in Facebook divesting Instagram and WhatsApp.

"Although the Court does not agree with all of Facebook's contentions here, it ultimately concurs that the agency's complaint is legally insufficient and must therefore be dismissed," reads the filing from U.S. District Court for the District of Columbia. "The FTC has failed to plead enough facts to plausibly establish a necessary element of all of its Section 2 claims -- namely, that Facebook has monopoly power in the market for Personal Social Networking (PSN) Services." The court dismissed the complaint, not the case, meaning the FTC could file its complaint once again.

Affected users say social-networking site owned by Microsoft is obstructing them over 'prohibited content' without further explanation. From a report: Eyck Freymann, an Oxford University doctoral student, was surprised to get a notice from LinkedIn this month telling him his account had been blocked in China. The "Experience" section of his profile, which detailed his career history, contained "prohibited" content, he was informed. The social-networking site owned by Microsoft didn't explain more, but Mr. Freymann said he thought it was because he had included the words "Tiananmen Square massacre" in the entry for his two-year stint as a research assistant for a book in 2015. "LinkedIn is pulling people's material off without telling them why," he said. "It was surprising because I am just a graduate student. I didn't think I would have mattered."

The academic is one of a spate of LinkedIn users whose profiles have been blocked in recent weeks. The Wall Street Journal identified at least 10 other individuals who had their profiles blocked or posts removed from the China version of LinkedIn since May, including researchers in Jerusalem and Tokyo, journalists, a U.S. congressional staffer and an editor based in Beijing who posted state media reports about elephants rampaging across China. A LinkedIn spokeswoman said in a statement that while the company supports freedom of expression, offering a localized version of LinkedIn in China means adherence to censorship requirements of the Chinese government on internet platforms. The company didn't comment on whether its actions were proactive or in response to requests from Chinese authorities. LinkedIn made a trade-off to accept Chinese censorship when it entered China in 2014 and has typically censored human-rights activists and deleted content focused on posts deemed sensitive to the Chinese government. The recent dragnet stands out for having caught several academics in its path, resulting in the deletion of entire profiles instead of individual posts.

"Frank McCourt, the billionaire real estate mogul and former owner of the Los Angeles Dodgers, is pouring $100 million into an attempt to rebuild the foundations of social media," reports Bloomberg: The effort, which he has loftily named Project Liberty, centers on the construction of a publicly accessible database of people's social connections, allowing users to move records of their relationships between social media services instead of being locked into a few dominant apps.

The undercurrent to Project Liberty is a fear of the power that a few huge companies — and specifically Facebook Inc. — have amassed over the last decade... Project Liberty would use blockchain to construct a new internet infrastructure called the Decentralized Social Networking Protocol. With cryptocurrencies, blockchain stores information about the tokens in everyone's digital wallets; the DSNP would do the same for social connections. Facebook owns the data about the social connections between its users, giving it an enormous advantage over competitors. If all social media companies drew from a common social graph, the theory goes, they'd have to compete by offering better services, and the chance of any single company becoming so dominant would plummet.

Building DSNP falls to Braxton Woodham, the co-founder of the meal delivery service Sun Basket and former chief technology officer of Fandango, the movie ticket website... McCourt hired Woodham to build the protocol, and pledged to put $75 million into an institute at Georgetown University in Washington, D.C., and Sciences Po in Paris to research technology that serves the common good. The rest of his $100 million will go toward pushing entrepreneurs to build services that utilize the DSNP...

A decentralized approach to social media could actually undermine the power of content moderation, by making it easier for users who are kicked off one platform to simply migrate their audiences to more permissive ones. McCourt and Woodham say blockchain could discourage bad behavior because people would be tied to their posts forever...

Eventually, the group plans to create its own consumer product on top of the DSNP infrastructure, and wrote in a press release that the eventual result will be an "open, inclusive data economy where individuals own, control and derive greater social and economic value from their personal information."

The U.S. Supreme Court on Monday gave Microsoft's LinkedIn another chance to try to stop rival hiQ Labs from harvesting personal data from the professional networking platform's public profiles -- a practice that LinkedIn contends threatens the privacy of its users. From a report: The justices threw out a lower court ruling that had barred LinkedIn from denying hiQ access to the information that LinkedIn members had made publicly available. At issue is whether companies can use a federal anti-hacking law called the Computer Fraud and Abuse Act, which prohibits accessing a computer without authorization, to block competitors from harvesting or "scraping" vast amounts of customer data from public-facing parts of a website. The justices sent the dispute back to the San Francisco-based 9th U.S. Circuit Court of Appeals to reconsider in light of their June 4 ruling that limited the type of conduct that can be criminally prosecuted under the same law. In that case, the justices found that a person cannot be guilty of violating that law if they misuse information on a computer that they have permission to access.

An anonymous reader quotes a report from CBS News: The majority of online recruitment in active sex trafficking cases in the U.S. last year took place on Facebook, according to the Human Trafficking Institute's 2020 Federal Human Trafficking Report. "The internet has become the dominant tool that traffickers use to recruit victims, and they often recruit them on a number of very common social networking websites," Human Trafficking Institute CEO Victor Boutros said on CBSN Wednesday. "Facebook overwhelmingly is used by traffickers to recruit victims in active sex trafficking cases." In 2020 in the U.S., 59% of online recruitment of identified victims in active cases took place on Facebook alone. The report also states that 65% of identified child sex trafficking victims recruited on social media were recruited through Facebook. The tech giant responded to the report's findings in a statement to CBS News: "Sex trafficking and child exploitation are abhorrent and we don't allow them on Facebook. We have policies and technology to prevent these types of abuses and take down any content that violates our rules."

"To help realize the possibility of carbon-free applications, Microsoft, the consultancies Accenture and ThoughtWorks, the Linux Foundation, and Microsoft-owned code-sharing site, GitHub, have launched The Green Software Foundation," reports ZDNet: Announced at Microsoft's Build 2021 developer conference, the foundation is trying to promote the idea of green software engineering - a new field that looks to make code more efficient and reduce carbon emitted from the hardware it's running on... The foundation wants to set standards, best practices and patterns for building green software; nurture the creation of trusted open-source and open-data projects and support academic research; and grow an international community of green software ambassadors. The goal is to help the Information and Communication Technology sector to reduce its greenhouse gas emissions by 45% before 2030.

That includes mobile network operators, ISPs, data centers, and all the laptops being snapped up during the pandemic. "We envision a future where carbon-free software is standard - where software development, deployment, and use contribute to the global climate solution without every developer having to be an expert," Erica Brescia, COO of GitHub said in a statement. Microsoft president Brad Smith said "the world confronts an urgent carbon problem."

"It will take all of us working together to create innovative solutions to drastically reduce emissions. Microsoft is joining with organizations who are serious about an environmentally sustainable future to drive adoption of green software development to help our customers and partners around the world reduce their carbon footprint."
VentureBeat also points out that Microsoft "recently launched a $1 billion Climate Innovation Fund to accelerate the global development of carbon reduction, capture, and removal technologies."

But Bloomberg explores the rationale behind the new foundation: Data centers now account for about 1% of global electricity demand, and that's forecast to rise to 3% to 8% in the next decade, the companies said in a statement Tuesday, timed to Microsoft's Build developers conference... While it's tough to determine exactly how much carbon is emitted by individual software programs, groups like the Green Software Foundation examine metrics such as how much electricity is needed, whether microprocessors are being used efficiently, and the carbon emitted in networking. The foundation plans to look at curricula and developing certifications that would give engineers expertise in this space. As with areas like data science and cybersecurity, there will be an opportunity for engineers to specialize in green software development, but everyone who builds software will need at least some background in it, said Jeff Sandquist, a Microsoft vice president for developer relations.

"This will be the responsibility of everybody on the development team, much like when we look at security, or performance or reliability," he said. "Building the application in a sustainable way is going to matter."

An anonymous reader shares a report: One month ago the University of Minnesota was banned from contributing to the Linux kernel when it was revealed the university researchers were trying to intentionally submit bugs into the kernel via new patches as "hypocrite commits" as part of a questionable research paper. Linux kernel developers have finally finished reviewing all UMN.edu patches to address problematic merges to the kernel and also cleaning up / fixing their questionable patches. Sent in on Thursday by Greg Kroah-Hartman was char/misc fixes for 5.13-rc3. While char/misc fixes at this mid-stage of the kernel cycle tend to not be too exciting, this pull request has the changes for addressing the patches from University of Minnesota researchers. [...] Going by the umn.edu Git activity that puts 37 patches as having been reverted with this pull request. The reverts span from ALSA to the media subsystem, networking, and other areas. That is 37 reverts out of 150+ patches from umn.edu developers over the years.

A prominent critic of China based in the U.K. said Microsoft's LinkedIn froze his account and removed content criticizing the country's government, the latest in a series of allegations that the networking website had censored users -- even outside of the Asian nation -- to appease authorities in Beijing. From a report: Peter Humphrey, a British corporate investigator and former journalist who accesses LinkedIn from his home in Surrey, England, said he received notification from LinkedIn last month that comments he had published on the platform had been removed. The comments, seen by Bloomberg News, called the Chinese government a "repressive dictatorship" and criticized the country's state media organizations as "propaganda mouthpieces."

In late April, Humphrey said LinkedIn sent him several notifications that critical comments he posted about China's government and state-controlled broadcaster China Global Television Network, or CGTN, had been removed, on the grounds that the comments constituted "bullying and harassment" or "spam and scams." On April 26, Humphrey said he couldn't access his LinkedIn profile. When Humphrey tried to log in, he said he was met with a message stating his profile had been "restricted" due to "behavior that appears to violate our Terms of Service." After Bloomberg News contacted LinkedIn for comment last week, the company reinstated Humphrey's account and restored some of his comments. Others were not. "Our team has reviewed the action, based on our appeals process, and found it was an error," said Leonna Spilman, a spokeswoman for LinkedIn. Spilman declined to comment further regarding Humphrey's account.

An anonymous reader quotes a report from The Register: A dozen Wi-Fi design and implementation flaws make it possible for miscreants to steal transmitted data and bypass firewalls to attack devices on home networks, according to security researcher Mathy Vanhoef. On Tuesday, Vanhoef, a postdoctoral researcher in computer security at New York University Abu Dhabi, released a paper titled, "Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation" [PDF]. Scheduled to be presented later this year at the Usenix Security conference, the paper describes a set of wireless networking vulnerabilities, including three Wi-Fi design flaws and nine implementation flaws. Vanhoef, who in 2017 along with co-author Frank Piessens identified key reinstallation attacks (KRACKs) on the WPA2 protocol (used to secure Wi-Fi communication), has dubbed his latest research project FragAttacks, which stands for fragmentation and aggregation attacks.

The dozen vulnerabilities affect all Wi-Fi security protocols since the wireless networking technology debuted in 1997, from WEP up through WPA3. [...] In total, 75 devices -- network card and operating system combinations (Windows, Linux, Android, macOS, and iOS) -- were tested and all were affected by one or more of the attacks. NetBSD and OpenBSD were not affected because they don't support the reception of A-MSDUs (aggregate MAC service data units). [...]

Patches for many affected devices and software have already been deployed, thanks to a nine-month-long coordinated responsible disclosure overseen by the Wi-Fi Alliance and the Industry Consortium for Advancement of Security on the Internet (ICASI). Linux patches have been applied and the kernel mailing list note mentions that Intel has addressed the flaws in a recent firmware update without mentioning it. Microsoft released its patches on March 9, 2021 when disclosure was delayed tho Redmond had already committed to publication. Vanhoef advises checking with the vendor(s) of Wi-Fi devices about whether the FragAttacks have been addressed. "[F]or some devices the impact is minor, while for others it's disastrous," he said.

The New York Times reports on surprising silver linings of the global chip shortage: Even as a chip shortage is causing trouble for all sorts of industries, the semiconductor field is entering a surprising new era of creativity, from industry giants to innovative start-ups seeing a spike in funding from venture capitalists that traditionally avoided chip makers. Taiwan Semiconductor Manufacturing Company and Samsung Electronics, for example, have managed the increasingly difficult feat of packing more transistors on each slice of silicon. IBM on Thursday announced another leap in miniaturization, a sign of continued U.S. prowess in the technology race. Perhaps most striking, what was a trickle of new chip companies is now approaching a flood.

Equity investors for years viewed semiconductor companies as too costly to set up, but in 2020 plowed more than $12 billion into 407 chip-related companies, according to CB Insights. Though a tiny fraction of all venture capital investments, that was more than double what the industry received in 2019 and eight times the total for 2016. Synopsys, the biggest supplier of software that engineers use to design chip, is tracking more than 200 start-ups designing chips for artificial intelligence, the ultrahot technology powering everything from smart speakers to self-driving cars. Cerebras, a start-up that sells massive artificial-intelligence processors that span an entire silicon wafer, for example, has attracted more than $475 million. Groq, a start-up whose chief executive previously helped design an artificial-intelligence chip for Google, has raised $367 million.

"It's a bloody miracle," said Jim Keller, a veteran chip designer whose resume includes stints at Apple, Tesla and Intel and who now works at the A.I. chip start-up Tenstorrent. "Ten years ago you couldn't do a hardware start-up...."

More companies are concluding that software running on standard Intel-style microprocessors is not the best solution for all problems. For that reason, companies like Cisco Systems and Hewlett Packard Enterprise have long designed specialty chips for products such as networking gear. Giants like Apple, Amazon and Google more recently have gotten into the act. Google's YouTube unit recently disclosed its first internally developed chip to speed video encoding.

And Volkswagen even said last week that it would develop its own processor to manage autonomous driving.