The Certification Authority/Browser Forum "is a cross-industry group that works together to develop minimum requirements for TLS certificates," writes Google's Security blog. And earlier this month two proposals from Google's forward-looking roadmap "became required practices in the CA/Browser Forum Baseline Requirements," improving the security and agility of TLS connections... Multi-Perspective Issuance Corroboration
Before issuing a certificate to a website, a Certification Authority (CA) must verify the requestor legitimately controls the domain whose name will be represented in the certificate. This process is referred to as "domain control validation" and there are several well-defined methods that can be used. For example, a CA can specify a random value to be placed on a website, and then perform a check to verify the value's presence has been published by the certificate requestor.

Despite the existing domain control validation requirements defined by the CA/Browser Forum, peer-reviewed research authored by the Center for Information Technology Policy of Princeton University and others highlighted the risk of Border Gateway Protocol (BGP) attacks and prefix-hijacking resulting in fraudulently issued certificates. This risk was not merely theoretical, as it was demonstrated that attackers successfully exploited this vulnerability on numerous occasions, with just one of these attacks resulting in approximately $2 million dollars of direct losses.

The Chrome Root Program led a work team of ecosystem participants, which culminated in a CA/Browser Forum Ballot to require adoption of MPIC via Ballot SC-067. The ballot received unanimous support from organizations who participated in voting. Beginning March 15, 2025, CAs issuing publicly-trusted certificates must now rely on MPIC as part of their certificate issuance process. Some of these CAs are relying on the Open MPIC Project to ensure their implementations are robust and consistent with ecosystem expectations...

Linting
Linting refers to the automated process of analyzing X.509 certificates to detect and prevent errors, inconsistencies, and non-compliance with requirements and industry standards. Linting ensures certificates are well-formatted and include the necessary data for their intended use, such as website authentication. Linting can expose the use of weak or obsolete cryptographic algorithms and other known insecure practices, improving overall security... The ballot received unanimous support from organizations who participated in voting. Beginning March 15, 2025, CAs issuing publicly-trusted certificates must now rely on linting as part of their certificate issuance process.
Linting also improves interoperability, according to the blog post, and helps reduce the risk of non-compliance with standards that can result in certificates being "mis-issued".

And coming up, weak domain control validation methods (currently permitted by the CA/Browser Forum TLS Baseline Requirements) will be prohibited beginning July 15, 2025.

"Looking forward, we're excited to explore a reimagined Web PKI and Chrome Root Program with even stronger security assurances for the web as we navigate the transition to post-quantum cryptography."

An anonymous reader shares a report: Amnesty International published a new report this week detailing attempted hacks against two Serbian journalists, allegedly carried out with NSO Group's spyware Pegasus. The two journalists, who work for the Serbia-based Balkan Investigative Reporting Network (BIRN), received suspicious text messages including a link -- basically a phishing attack, according to the nonprofit. In one case, Amnesty said its researchers were able to click on the link in a safe environment and see that it led to a domain that they had previously identified as belonging to NSO Group's infrastructure.

"Amnesty International has spent years tracking NSO Group Pegasus spyware and how it has been used to target activists and journalists," Donncha O Cearbhaill, the head of Amnesty's Security Lab, told TechCrunch. "This technical research has allowed Amnesty to identify malicious websites used to deliver the Pegasus spyware, including the specific Pegasus domain used in this campaign."

To his point, security researchers like O Cearbhaill who have been keeping tabs on NSO's activities for years are now so good at spotting signs of the company's spyware that sometimes all researchers have to do is quickly look at a domain involved in an attack. In other words, NSO Group and its customers are losing their battle to stay in the shadows. "NSO has a basic problem: They are not as good at hiding as their customers think," John Scott-Railton, a senior researcher at The Citizen Lab, a human rights organization that has investigated spyware abuses since 2012, told TechCrunch.

Anthropic researchers have developed a breakthrough "cross-layer transcoder" (CLT) that functions like an fMRI for large language models, mapping how they process information internally. Testing on Claude 3.5 Haiku, researchers discovered the model performs longer-range planning for specific tasks -- such as selecting rhyming words before constructing poem sentences -- and processes multilingual concepts in a shared neural space before converting outputs to specific languages.

The team also confirmed that LLMs can fabricate reasoning chains, either to please users with incorrect hints or to justify answers they derived instantly. The CLT identifies interpretable feature sets rather than individual neurons, allowing researchers to trace entire reasoning processes through network layers.

Transport for London will ban most e-bikes across its network from March 31 amid growing safety concerns over battery fires, the transport authority announced on Wednesday. The ban, covering London Underground, Overground, Elizabeth Line and DLR trains, exempts only folding e-bikes, which are considered less likely to have been modified and pose a reduced safety risk.

TfL implemented the measure following union strike threats after several incidents, including an e-bike that exploded into flames at Rayners Lane Underground platform last month. The train drivers' union Aslef said the incident could have caused mass casualties.

An anonymous reader quotes a report from ZDNet: There are many stories of how artificial intelligence came to take over the world, but one of the most important developments is the emergence in 2012 of AlexNet, a neural network that, for the first time, demonstrated a huge jump in a computer's ability to recognize images. Thursday, the Computer History Museum (CHM), in collaboration with Google, released for the first time the AlexNet source code written by University of Toronto graduate student Alex Krizhevsky, placing it on GitHub for all to peruse and download.

"CHM is proud to present the source code to the 2012 version of Alex Krizhevsky, Ilya Sutskever, and Geoffery Hinton's AlexNet, which transformed the field of artificial intelligence," write the Museum organizers in the readme file on GitHub. Krizhevsky's creation would lead to a flood of innovation in the ensuing years, and tons of capital, based on proof that with sufficient data and computing, neural networks could achieve breakthroughs previously viewed as mainly theoretical. The Computer History Museum's software historian, Hansen Hsu, published an essay describing how he spent five years negotiating with Google to release the code.

Microsoft is expanding its Security Copilot platform with six new AI agents designed to autonomously assist cybersecurity teams by handling tasks like phishing alerts, data loss incidents, and vulnerability monitoring. There are also five third-party AI agents created by its partners, including OneTrust and Tanium. The Verge reports: Microsoft's six security agents will be available in preview next month, and are designed to do things like triage and process phishing and data loss alerts, prioritize critical incidents, and monitor for vulnerabilities. "The six Microsoft Security Copilot agents enable teams to autonomously handle high-volume security and IT tasks while seamlessly integrating with Microsoft Security solutions," says Vasu Jakkal, corporate vice president of Microsoft Security.

Microsoft is also working with OneTrust, Aviatrix, BlueVoyant, Tanium, and Fletch to enable some third-party security agents. These extensions will make it easier to analyze data breaches with OneTrust or perform root cause analysis of network outages and failures with Aviatrix. [...] While these latest AI agents in the Security Copilot are designed for security teams to take advantage of, Microsoft is also improving its phishing protection in Microsoft Teams. Microsoft Defender for Office 365 will start protecting Teams users against phishing and other cyberthreats within Teams next month, including better protection against malicious URLs and attachments.

For weeks Signal has been one of the three most-downloaded apps in the Netherlands, according to a local news site. And now "Higher education institutions in the Netherlands have been looking for an alternative," according to DUB (an independent news site for the Utrecht University community): Employees of the Utrecht University of Applied Sciences (HU) were recently advised to switch to Signal. Avans University of Applied Sciences has also been discussing a switch...The National Student Union is concerned about privacy. The subject was raised at last week's general meeting, as reported by chair Abdelkader Karbache, who said: "Our local unions want to switch to Signal or other open-source software."
Besides being open source, Signal is a non-commercial nonprofit, the article points out — though its proponents suggest there's another big difference. "HU argues that Signal keeps users' data private, unlike WhatsApp." Cybernews.com explains the concern: In an interview with the Dutch newspaper De Telegraaf, Meredith Whittaker [president of the Signal Foundation] discussed the pitfalls of WhatsApp. "WhatsApp collects metadata: who you send messages to, when, and how often. That's incredibly sensitive information," she says.... The only information [Signal] collects is the date an account was registered, the time when an account was last active, and hashed phone numbers... Information like profile name and the people a user communicates with is all encrypted... Metadata might sound harmless, but it couldn't be further from the truth. According to Whittaker, metadata is deadly. "As a former CIA director once said: 'We kill people based on metadata'."
WhatsApp's metadata also includes IP addresses, TechRadar noted last May: Other identifiable data such as your network details, the browser you use, ISP, and other identifiers linked to other Meta products (like Instagram and Facebook) associated with the same device or account are also collected... [Y]our IP can be used to track down your location. As the company explained, even if you keep the location-related features off, IP addresses and other collected information like phone number area codes can be used to estimate your "general location."

WhatsApp is required by law to share this information with authorities during an investigation...

[U]nder scrutiny is how Meta itself uses these precious details for commercial purposes. Again, this is clearly stated in WhatsApp's privacy policy and terms of use. "We may use the information we receive from [other Meta companies], and they may use the information we share with them, to help operate, provide, improve, understand, customize, support, and market our Services and their offerings," reads the policy. This means that yes, your messages are always private, but WhatsApp is actively collecting your metadata to build your digital persona across other Meta platforms...
The article suggests using a VPN with WhatsApp and turning on its "advanced privacy feature" (which hides your IP address during calls) and managing the app's permissions for data collection. "While these steps can help reduce the amount of metadata collected, it's crucial to bear in mind that it's impossible to completely avoid metadata collection on the Meta-owned app... For extra privacy and security, I suggest switching to the more secure messaging app Signal."

The article also includes a cautionary anecdote. "It was exactly a piece of metadata — a Proton Mail recovery email — that led to the arrest of a Catalan activist."

Thanks to long-time Slashdot reader united_notions for sharing the article.

Web infrastructure provider Cloudflare unveiled "AI Labyrinth" this week, a feature designed to thwart unauthorized AI data scraping by feeding bots realistic but irrelevant content instead of blocking them outright. The system lures crawlers into a "maze" of AI-generated pages containing neutral scientific information, deliberately wasting computing resources of those attempting to collect training data for language models without permission.

"When we detect unauthorized crawling, rather than blocking the request, we will link to a series of AI-generated pages that are convincing enough to entice a crawler to traverse them," Cloudflare explained. The company reports AI crawlers generate over 50 billion requests to their network daily, comprising nearly 1% of all web traffic they process. The feature is available to all Cloudflare customers, including those on free plans. This approach marks a shift from traditional protection methods, as Cloudflare claims blocking bots sometimes alerts operators they've been detected. The false links contain meta directives to prevent search engine indexing while remaining attractive to data-scraping bots.

fahrbot-bot shares a report from Reuters: BYD on Monday unveiled a new platform for electric vehicles (EVs) that it said could charge EVs as quickly as it takes to pump gas and announced for the first time that it would build a charging network across China. The so-called "super e-platform" will be capable of peak charging speeds of 1,000 kilowatts (kW), enabling cars that use it to travel 400 km (249 miles) on a 5-minute charge, founder Wang Chuanfu said at an event livestreamed from the company's Shenzhen headquarters.

Charging speeds of 1,000 kW would be twice as fast as Tesla's superchargers whose latest version offers up to 500 kw charging speeds. The new charging architecture will be initially available in two new EVs -- Han L sedan and Tang L SUV priced from 270,000 yuan ($37,328.91) and BYD said it would build over 4,000 ultra-fast charging piles, or units, across China to match the new platform. "In order to completely solve our user's charging anxiety, we have been pursuing a goal to make the charging time of electric vehicles as short as the refuelling time of petrol vehicles," Wang said.

"This is the first time in the industry that the unit of megawatt (charge) has been achieved on charging power," he said.

An anonymous reader shared this article from TechCrunch: Social network Bluesky recently published a proposal on GitHub outlining new options it could give users to indicate whether they want their posts and data to be scraped for things like generative AI training and public archiving.

CEO Jay Graber discussed the proposal earlier this week, while on-stage at South by Southwest, but it attracted fresh attention on Friday night, after she posted about it on Bluesky. Some users reacted with alarm to the company's plans, which they saw as a reversal of Bluesky's previous insistence that it won't sell user data to advertisers and won't train AI on user posts.... Graber replied that generative AI companies are "already scraping public data from across the web," including from Bluesky, since "everything on Bluesky is public like a website is public." So she said Bluesky is trying to create a "new standard" to govern that scraping, similar to the robots.txt file that websites use to communicate their permissions to web crawlers...

If a user indicates that they don't want their data used to train generative AI, the proposal says, "Companies and research teams building AI training sets are expected to respect this intent when they see it, either when scraping websites, or doing bulk transfers using the protocol itself."
Over on Threads someone had a different wish for our AI-enabled future. "I want to be able to conversationally chat to my feed algorithm. To be able to explain to it the types of content I want to see, and what I don't want to see. I want this to be an ongoing conversation as it refines what it shows me, or my interests change."

"Yeah I want this too," posted top Instagram/Threads executive Adam Mosseri, who said he'd talked about the idea with VC Sam Lessin. "There's a ways to go before we can do this at scale, but I think it'll happen eventually."

A ransomware-as-a-service variant called "Medusa" has claimed over 300 victims in "critical infrastructure sectors" (including medical), according to an joint alert from CISA, the FBI, and the Multi-State Information Sharing Analysis Center.

And that alert reminds us that Medusa is a globe-spanning operation that recruits third-party affiliates to plant ransomware and negotiate with victims, notes the Register. "Even organizations that have good ransomware recovery regimes, meaning they don't need to unscramble encrypted data as they have good backups and fall-back plans, may consider paying to prevent the release of their stolen data, given the unpleasant consequences that follow information leaks. Medusa actors also set a deadline for victims to pay ransoms and provide a countdown timer that makes it plain when stolen info will be sprayed across the internet. If victims cough up $10,000 in cryptocurrency, the crims push the deadline forward by 24 hours.

The advisory reveals one Medusa actor has taken things a step further. "FBI investigations identified that after paying the ransom, one victim was contacted by a separate Medusa actor who claimed the negotiator had stolen the ransom amount already paid," the advisory states. That separate actor then "requested half of the payment be made again to provide the 'true decryptor'," the advisory states, describing this incident as "potentially indicating a triple extortion scheme."
The security groups' advisory stresses that they "do not encourage paying ransoms as payment does not guarantee victim files will be recovered. Furthermore, payment may also embolden adversaries to target additional organizations..." (But "Regardless of whether you or your organization have decided to pay the ransom, FBI, CISA, and MS-ISAC urge you to promptly report ransomware incidents...)

Besides updating software and operating systems, the alert makes these recommendations for organizations:

• Require VPNs (or jump hosts) for remote network access

• Block remote access from unknown/untrusted origins, and disable unused ports

• Segment networks to help prevent the spread of ransomware

• Use a networking monitoring tool to spot and investigate abnormal activity — including lateral movement (using endpoint detection and response tools). Log all network traffic, and monitor it for unauthorized scanning and access attempts.

• Create recovery plans with encrypted offline backups of sensitive/proprietary data and servers

• Require multifactor authentication, use strong (and long) passwords, and "consider not requiring frequently recurring password changes, as these can weaken security." (Also audit access control following the principle of least privilege, and watch for new and/or unrecognized accounts.)

• Disable command-line and scripting activities and permissions.

In late 2023, the FBI alerted the Littleton Electric Light and Water Departments (LELWD) that it had been breached by a Chinese-state-sponsored hacking group for over 300 days. With the help of cybersecurity firm Dragos and Department of Energy-funded sensors, LELWD confirmed the intrusion, identified the hackers' movements, and ultimately restructured its network to remove them. PCMag reports: At the time, LELWD had been installing sensors from cybersecurity firm Dragos with the help of Department of Energy grants awarded by the American Public Power Association (APPA). "The sensors helped LELWD confirm the extent of the malicious activity on the system and pinpoint when and where the attackers were going on the utility's networks," the APPA said last year. Today, Dragos released a case study (PDF) about the hack, which it blamed on Voltzite, a "sophisticated threat group...that overlaps with Volt Typhoon."

The call from the FBI forced Dragos "to deploy quickly and bypass the planned onboarding timeline" for the LELWD, it says. It discovered that Volt Typhoon "had persistent access to LELWD's network." Hackers were looking for specific data related to [operational technology] operating procedures and spatial layout data relating to energy grid operations," Dragos tells SecurityWeek. In the end, Dragos confirmed the compromised systems did not contain "customer-sensitive data," and LEWLD changed their network architecture to kick Volt Typhoon out, the case study says. Groups like Volt Typhoon, "don't always go for high-profile targets first," said Ensar Seker, Chief Security Officer at SOCRadar. "Small, underfunded utilities can serve as low-hanging fruit, allowing adversaries to test tactics, develop footholds, and pivot toward larger targets."

Microsoft says that some USB printers will start printing random text after installing Windows updates released since late January 2025. From a report: The known issue affects Windows 10 (version 22H2) and Windows 11 (versions 22H2 and 23H2), but according to an update to the Windows release health dashboard, the latest Windows 11 24H2 is not impacted.

"After installing the January 2025 Windows preview update (KB5050092), released January 29, 2025, or later updates, you might observe issues with USB connected dual-mode printers that support both USB Print and IPP Over USB protocols," Redmond explains. "You might observe that the printer unexpectedly prints random text and data, including network commands and unusual characters."

On affected systems, users will often see erroneously printed text that begins with the header "POST /ipp/print HTTP/1.1," followed by other IPP (Internet Printing Protocol) related issues headers. These printing issues are more frequent when the printer is turned on or reconnected after being disconnected. Affected users will observe the printer unexpectedly printing when the print spooler sends IPP protocol messages to the printer and the printer driver is installed on the Windows device.

An anonymous reader quotes a report from Ars Technica: Researchers at Harvard University led the study, and it included nearly 58,000 adults in Japan who were followed for up to a year using a database of medical records from routine checkups. Researchers found that when people switched from being nondrinkers to drinkers during the study, they saw a drop in their "bad" cholesterol -- aka low-density lipoprotein cholesterol or LDL. Meanwhile, their "good" cholesterol -- aka high-density lipoprotein cholesterol or HDL -- went up when they began imbibing. HDL levels went up so much, that it actually beat out improvements typically seen with medications, the researchers noted.

On the other hand, drinkers who stopped drinking during the study saw the opposite effect: Upon giving up booze, their bad cholesterol went up and their good cholesterol went down. The cholesterol changes scaled with the changes in drinking. That is, for people who started drinking, the more they started drinking, the lower their LDL fell and higher their HDL rose. In the newly abstaining group, those who drank the most before quitting saw the biggest changes in their lipid levels.

Specifically, people who went from drinking zero drinks to 1.5 drinks per day or less saw their bad LDL cholesterol fall 0.85 mg/dL and their good HDL cholesterol go up 0.58 mg/dL compared to nondrinkers who never started drinking. For those that went from zero to 1.5 to three drinks per day, their bad LDL dropped 4.4 mg/dL and their good HDL rose 2.49 mg/dL. For people who started drinking three or more drinks per day, their LDL fell 7.44 mg/dL and HDL rose 6.12 mg/dL. For people who quit after drinking 1.5 drinks per day or less, their LDL rose 1.10 mg/dL and their HDL fell by 1.25 mg/dL. Quitting after drinking 1.5 to three drinks per day, led to a rise in LDL of 3.71 mg/dL and a drop in HDL of 3.35. Giving up three or more drinks per day led to an LDL increase of 6.53 mg/dL and a drop in HDL of 5.65. The study has been published in JAMA Network Open.

SpaceX's Starlink has secured its first agreement in India, partnering with telecommunications leader Bharti Airtel to bring high-speed satellite internet to the world's most populous country, the companies announced Tuesday [PDF].

The landmark deal will enable Starlink to tap into Airtel's extensive retail network and ground infrastructure while expanding its global reach into previously underserved regions across India, pending regulatory authorizations.

"We are excited to work with Airtel and unlock the transformative impact Starlink can bring to the people of India," said Gwynne Shotwell, President and Chief Operating Officer of SpaceX. "The team at Airtel has played a pivotal role in India's telecom story, so working with them to complement our direct offering makes great sense for our business."

The collaboration will explore selling Starlink equipment through Airtel's retail stores and offering services to business customers while connecting communities in rural areas with limited connectivity.

An anonymous reader quotes a report from TechCrunch: When Bluesky CEO Jay Graber walked on stage at SXSW 2025 for her keynote discussion, she wore a large black T-shirt with her hair pulled back into a bun. At first glance, it might appear as though she's following the same playbook that so many women in tech leadership have played before: downplaying her femininity to be taken seriously. The truth is way more interesting than that. What might look like your average black T-shirt is a subtle, yet clear swipe at Mark Zuckerberg, a CEO who represents everything that Bluesky is trying to work against as an open source social network.

The Meta founder and CEO has directly compared himself to the Roman emperor Julius Caesar. His own shirt declared Aut Zuck aut nihil, which is a play on the Latin phrase aut Caesar aut nihil: "Either Caesar or nothing." Graber's shirt -- which directly copies the style of a shirt that Zuckerberg wore onstage recently -- says Mundus sine caesaribus. Or, "a world without Caesars." With the way Bluesky is designed, Graber is certainly putting her money where her mouth (or shirt) is. As a decentralized social network built upon an open source framework, Bluesky differs from legacy platforms like Facebook in that users have a direct, transparent window into how the platform is being built. "If a billionaire came in and bought Bluesky, or took it over, or if I decided tomorrow to change things in a way that people really didn't like, then they could fork off and go on to another application," Graber explained at SXSW. "There's already applications in the network that give you another way to view the network, or you could build a new one as well. And so that openness guarantees that there's always the ability to move to a new alternative."

Internet shutdowns in Africa hit a record high in 2024, with 21 shutdowns across 15 countries. The previous record was 19 shutdowns in 2020 and 21. The Guardian reports: Authorities in Comoros, Guinea-Bissau and Mauritius joined repeat offenders such as Burundi, Ethiopia, Equatorial Guinea and Kenya. Guinea, Nigeria, Senegal and Tanzania were also on the list. But perpetrators also included militias and other non-state actors. Telecommunication and internet service providers who shut services based on government orders are also complicit in violating people's rights, said Felicia Anthonio, the #KeepItOn campaign manager at Access Now, citing the UN guiding principles on business and human rights.

The details showed that most of the shutdowns were imposed as a response to conflicts, protests and political instability. There were also restrictions during elections. [...] At least five shutdowns in Africa had been imposed for more than a year by the end of 2024, according to Access Now. As of early 2025, the social network Meta was still restricted in Uganda, despite authorities engaging with its representatives. On the Equatorial Guinean island of Annobon, internet and cell services have been cut off since an August 2024 protest over environmental concerns and isolation from the rest of the country. The increase in shutdowns led the African Commission on Human and Peoples' Rights to pass a landmark resolution in March 2024 to help reverse the trend.

A 55-year-old software developer faces up to 10 years in prison after being convicted for deploying malicious code that sabotaged his former employer's network, causing hundreds of thousands of dollars in losses.

Davis Lu was convicted by a jury for causing intentional damage to protected computers owned by power management company Eaton Corp., the US Department of Justice announced Friday. Lu, who worked at Eaton for 11 years, became disgruntled after a 2018 corporate "realignment" reduced his responsibilities.

He created malicious code that deleted coworker profile files, prevented logins, and caused system crashes. His most destructive creation was a "kill switch" named "IsDLEnabledinAD" that automatically activated upon his termination in 2019, disrupting Eaton's global operations. Lu admitted to creating some malicious code but plans to appeal the verdict.

Axiom Space and Red Hat will collaborate to launch Data Center Unit-1 (AxDCU-1) to the International Space Station this spring. It's a small data processing prototype (powered by lightweight, edge-optimized Red Hat Device Edge) that will demonstrate initial Orbital Data Center (ODC) capabilities.

"It all sounds rather grand for something that resembles a glorified shoebox," reports the Register. Axiom Space said: "The prototype will test applications in cloud computing, artificial intelligence, and machine learning (AI/ML), data fusion and space cybersecurity."

Space is an ideal environment for edge devices. Connectivity to datacenters on Earth is severely constrained, so the more processing that can be done before data is transmitted to a terrestrial receiving station, the better. Tony James, chief architect, Science and Space at Red Hat, said: "Off-planet data processing is the next frontier, and edge computing is a crucial component. With Red Hat Device Edge and in collaboration with Axiom Space, Earth-based mission partners will have the capabilities necessary to make real-time decisions in space with greater reliability and consistency...."

The Red Hat Device Edge software used by Axiom's device combines Red Hat Enterprise Linux, the Red Hat Ansible Platform, and MicroShift, a lightweight Kubernetes container orchestration service derived from Red Hat OpenShift. The plan is for Axiom Space to host hybrid cloud applications and cloud-native workloads on-orbit. Jason Aspiotis, global director of in-space data and security, Axiom Space, told The Register that the hardware itself is a commercial off-the-shelf unit designed for operation in harsh environments... "AxDCU-1 will have the ability to be controlled and utilized either via ground-to-space or space-to-space communications links. Our current plans are to maintain this device on the ISS. We plan to utilize this asset for at least two years."
The article notes that HPE has also "sent up a succession of Spaceborne computers — commercial, off-the-shelf supercomputers — over the years to test storage, recovery, and operational potential on long-duration missions." (They apparently use Red Hat Enterprise Linux.) "At the other end of the scale, the European Space Agency has run Raspberry Pi computers on the ISS for years as part of the AstroPi educational outreach program."

Axiom Space says their Orbital Data Center is deigned to "reduce delays traditionally associated with orbital data processing and analysis." By utilizing Earth-independent cloud storage and edge processing infrastructure, Axiom Space ODCs will enable data to be processed closer to its source, spacecraft or satellites, bypassing the need for terrestrial-based data centers. This architecture alleviates reliance on costly, slow, intermittent or contested network connections, creating more secure and quicker decision-making in space.

The goal is to allow Axiom Space and its partners to have access to real-time processing capabilities, laying the foundation for increased reliability and improved space cybersecurity with extensive applications. Use cases for ODCs include but are not limited to supporting Earth observation satellites with in-space and lower latency data storage and processing, AI/ML training on-orbit, multi-factor authentication and cyber intrusion detection and response, supervised autonomy, in-situ space weather analytics and off-planet backup & disaster recovery for critical infrastructure on Earth.

"The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains an undocumented 'backdoor' that could be leveraged for attacks," writes BleepingComputer.

"The undocumented commands allow spoofing of trusted devices, unauthorized data access, pivoting to other devices on the network, and potentially establishing long-term persistence." This was discovered by Spanish researchers Miguel Tarascó Acuña and Antonio Vázquez Blanco of Tarlogic Security, who presented their findings yesterday at RootedCON in Madrid. "Tarlogic Security has detected a backdoor in the ESP32, a microcontroller that enables WiFi and Bluetooth connection and is present in millions of mass-market IoT devices," reads a Tarlogic announcement shared with BleepingComputer. "Exploitation of this backdoor would allow hostile actors to conduct impersonation attacks and permanently infect sensitive devices such as mobile phones, computers, smart locks or medical equipment by bypassing code audit controls...."

Tarlogic developed a new C-based USB Bluetooth driver that is hardware-independent and cross-platform, allowing direct access to the hardware without relying on OS-specific APIs. Armed with this new tool, which enables raw access to Bluetooth traffic, Targolic discovered hidden vendor-specific commands (Opcode 0x3F) in the ESP32 Bluetooth firmware that allow low-level control over Bluetooth functions. In total, they found 29 undocumented commands, collectively characterized as a "backdoor," that could be used for memory manipulation (read/write RAM and Flash), MAC address spoofing (device impersonation), and LMP/LLCP packet injection.

Espressif has not publicly documented these commands, so either they weren't meant to be accessible, or they were left in by mistake.
Thanks to Slashdot reader ZipNada for sharing the news.