FreshRSS

🔒
❌ About FreshRSS
There are new available articles, click to refresh the page.
Before yesterdayYour RSS feeds

Volvo creates a dedicated business for autonomous industrial and commercial transport

By Darrell Etherington

Volvo Group has established a new dedicated business group focused on autonomous transportation, with a mandate that covers industry segments like mining, ports and moving goods between logistics hubs of all kinds. The vehicle maker has already been active in putting autonomous technology to work in these industries, with self-driving projects — including at a few quarries and mines, and in the busy port located at Gothenburg, Sweden.

The company sees demand for this kind of autonomous technology use growing, and decided to establish an entire business unit to address it. The newly formed group will be called Volvo Autonomous Solutions, and its official mission is to “accelerate the development, commercialization and sales of autonomous transport solutions,” focused on the kind of transportation “where there is a need to move large volumes of goods and material on pre-defined routes, in receptive flows.”

Their anticipation of the growth of this sector comes in part from direct customer feedback, the automaker notes. It’s seen “significant increase in inquires from customers,” according to a statement from Martin Lundstedt, Volvo Group’s president and CEO.

Officially, Volvo Autonomous Solutions won’t be a formal new business area under its parent company until January 2020, but the company is looking for a new head of the unit already, and it’s clear they see a lot of potential in this burgeoning market.

Unlike autonomous driving for consumer automobiles, this kind of self-driving for fixed-route goods transportation is a nice match to the capabilities of technology as they exist today. These industrial applications eliminate a lot of the chaos and complexity of driving in, say, urban environments and with a lot of other human-driven vehicles on the road, and their routes are predictable and repeatable.

Mozilla flips the default switch on Firefox tracker cookie blocking

By Natasha Lomas

From today Firefox users who update to the latest version of the browser will find a pro-privacy setting flipped for them on desktop and Android smartphones, assuming they didn’t already have the anti-tracking cookie feature enabled.

Mozilla launched the Enhanced Tracking Protection (ETP) feature in June as a default setting for new users — but leaving existing Firefox users’ settings unchanged at that point.

It’s now finishing what it started by flipping the default switch across the board in v69.0 of the browser.

The feature takes clear aim at third party cookies that are used to track Internet users for creepy purposes such as ad profiling. (Firefox relies on the Disconnect list to identify creepy cookies to block.)

The anti-tracking feature also takes aim at cryptomining: A background practice which can drain CPU and battery power, negatively impacting the user experience. Again, Firefox will now block cryptomining by default, not only when user activated.

In a blog post about the latest release Mozilla says it represents a “milestone” that marks “a major step in our multi-year effort to bring stronger, usable privacy protections to everyone using Firefox”.

“Currently over 20% of Firefox users have Enhanced Tracking Protection on. With today’s release, we expect to provide protection for 100% of ours users by default,” it predicts, underlining the defining power of default settings.

Firefox users with ETP enabled will see a shield icon in the URL bar to denote the tracker blocking is working. Clicking on this icon takes users to a menu where they can view a list of all the tracking cookies that are being blocked. Users are also able to switch off tracking cookie blocking on a per site basis, via this Content Blocking menu.

While blocking tracking cookies reduces some tracking of internet users it does not offer complete protection for privacy. Mozilla notes that ETP does not yet block browser fingerprinting scripts from running by default, for example.

Browser fingerprinting is another prevalent privacy-hostile technique that’s used to track and profile web users without knowledge or consent by linking online activity to a computer’s configuration and thereby tying multiple browser sessions back to the same device-user.

It’s an especially pernicious technique because it can erode privacy across browser sessions and even different browsers — which an Internet user might be deliberately deploying to try to prevent profiling.

A ‘Strict Mode’ in the Firefox setting can be enabled by Firefox users in the latest release to block fingerprinting. But it’s not on by default.

Mozilla says a future release of the browser will flip fingerprinting blocking on by default too.

The latest changes in Firefox continue Mozilla’s strategy — announced a year ago — of pro-actively defending its browser users’ privacy by squeezing the operational range of tracking technologies.

In the absence of a robust regulatory framework to rein in the outgrowth of the adtech ‘industrial data complex’ that’s addicted to harvesting Internet users’ data for ad targeting, browser makers have found themselves at the coal face of the fight against privacy-hostile tracking technologies.

And some are now playing an increasingly central — even defining role — as they flip privacy and anti-tracking defaults.

Notably, earlier this month, the open source WebKit browser engine, which underpins Apple’s Safari browser, announced a new tracking prevention policy that puts privacy on the same footing as security, saying it would treat attempts to circumvent this as akin to hacking.

Even Google has responded to growing pressure around privacy — announcing changes to how its Chrome browser handles cookies this May. Though it’s not doing that by default yet.

It has also said it’s working on technology to reduce fingerprinting. And recently announced a long term proposal to involve its Chromium browser engine in developing a new open standard for privacy.

Though cynics might suggest the adtech giant is responding to competitive pressure on privacy by trying to frame and steer the debate in a way that elides its own role in data mining Internet users at scale for (huge) profit.

Thus its tardy privacy pronouncements and long term proposals look rather more like an attempt to kick the issue into the long grass and buy time for Chrome to keep being used to undermine web users’ privacy — instead of Google being forced to act now and close down privacy-hostile practices that benefit its business.

Police hijack a botnet and remotely kill 850,000 malware infections

By Zack Whittaker

In a rare feat, French police have hijacked and neutralized a massive cryptocurrency mining botnet controlling close to a million infected computers.

The notorious Retadup malware infects computers and starts mining cryptocurrency by sapping power from a computer’s processor. Although the malware was used to generate money, the malware operators easily could have run other malicious code, like spyware or ransomware. The malware also has wormable properties, allowing it to spread from computer to computer.

Since its first appearance, the cryptocurrency mining malware has spread across the world, including the U.S., Russia, and Central and South America.

According to a blog post announcing the bust, security firm Avast confirmed the operation was successful.

The security firm got involved after it discovered a design flaw in the malware’s command and control server. That flaw, if properly exploited, would have “allowed us to remove the malware from its victims’ computers” without pushing any code to victims’ computers, the researchers said.

The exploit would have dismantled the operation, but the researchers lacked the legal authority to push ahead. Because most of the malware’s infrastructure was located in France, Avast contacted French police. After receiving the go-ahead from prosecutors in July, the police went ahead with the operation to take control of the server and disinfect affected computers.

The French police called the botnet “one of the largest networks” of hijacked computers in the world.

The operation worked by secretly obtaining a snapshot of the malware’s command and control server with cooperation from its web host. The researchers said they had to work carefully as to not be noticed by the malware operators, fearing the malware operators could retaliate.

“The malware authors were mostly distributing cryptocurrency miners, making for a very good passive income,” the security company said. “But if they realized that we were about to take down Retadup in its entirety, they might’ve pushed ransomware to hundreds of thousands of computers while trying to milk their malware for some last profits.”

With a copy of the malicious command and control server in hand, the researchers built their own replica, which disinfected victim computers instead of causing infections.

“[The police] replaced the malicious [command and control] server with a prepared disinfection server that made connected instances of Retadup self-destruct,” said Avast in a blog post. “In the very first second of its activity, several thousand bots connected to it in order to fetch commands from the server. The disinfection server responded to them and disinfected them, abusing the protocol design flaw.”

In doing so, the company was able to stop the malware from operating and remove the malicious code to over 850,000 infected computers.

Jean-Dominique Nollet, head of the French police’s cyber unit, said the malware operators generated several million euros worth of cryptocurrency.

Remotely shutting down a malware botnet is a rare achievement — but difficult to carry out.

Several years ago the U.S. government revoked Rule 41, which now allows judges to issue search and seizure warrants outside of their jurisdiction. Many saw the move as an effort by the FBI to conduct remote hacking operations without being hindered by the locality of a judge’s jurisdiction. Critics argued it would set a dangerous precedent to hack into countless number of computers on a single warrant from a friendly judge.

Since then the amended rule has been used to dismantle at least one major malware operation, the so-called Joanap botnet, linked to hackers working for the North Korean regime.

❌