Slashdot security articles

Syndicate content Slashdot: Generated for TarPitt (217247)
News for nerds, stuff that matters: Generated for TarPitt (217247)
Updated: 20 hours 52 min ago

Telnet Passwords Leaked For More Than 500,000 Servers, Routers, and IoT Devices

Sun, 01/19/2020 - 10:34
ZDNet is reporting on a security breach leaking "a massive list of Telnet credentials for more than 515,000 servers, home routers, and IoT (Internet of Things) 'smart' devices." The list, which was published on a popular hacking forum, includes each device's IP address, along with a username and password for the Telnet service, a remote access protocol that can be used to control devices over the internet... Some devices were located on the networks of known internet service providers (indicating they were either home router or IoT devices), but other devices were located on the networks of major cloud service providers... According to experts to who ZDNet spoke this week, and a statement from the leaker himself, the list was compiled by scanning the entire internet for devices that were exposing their Telnet port. The hacker then tried using (1) factory-set default usernames and passwords, or (2) custom, but easy-to-guess password combinations.... To our knowledge, this marks the biggest leak of Telnet passwords known to date. As ZDNet understands, the list was published online by the maintainer of a DDoS-for-hire (DDoS booter) service... When asked why he published such a massive list of "bots," the leaker said he upgraded his DDoS service from working on top of IoT botnets to a new model that relies on renting high-output servers from cloud service providers.

Exploit Fully Breaks SHA-1, Lowers the Attack Bar

Sat, 01/18/2020 - 14:34
ThreatPost reported on some big research last week: A proof-of-concept attack has been pioneered that "fully and practically" breaks the Secure Hash Algorithm 1 (SHA-1) code-signing encryption, used by legacy computers to sign the certificates that authenticate software downloads and prevent man-in-the-middle tampering. The exploit was developed by Gaëtan Leurent and Thomas Peyrin, academic researchers at Inria France and Nanyang Technological University/Temasek Laboratories in Singapore. They noted that because the attack is much less complex and cheaper than previous PoCs, it places such attacks within the reach of ordinary attackers with ordinary resources. "This work shows once and for all that SHA-1 should not be used in any security protocol where some kind of collision resistance is to be expected from the hash function," the researchers wrote. "Continued usage of SHA-1 for certificates or for authentication of handshake messages in TLS or SSH is dangerous, and there is a concrete risk of abuse by a well-motivated adversary. SHA-1 has been broken since 2004, but it is still used in many security systems; we strongly advise users to remove SHA-1 support to avoid downgrade attacks." Given the footprint of SHA-1, Leurent and Peyrin said that users of GnuPG, OpenSSL and Git could be in immediate danger. Long-time Slashdot reader shanen writes, "I guess the main lesson is that you can never be too sure how long any form of security will remain secure."

Why Did Red Hat Drop Its Support for Docker's Runtime Engine?

Sat, 01/18/2020 - 10:34
"I've grown quite fond of the docker container runtime. It's easy to install and use, and many of the technologies I write about depend upon this software," writes TechRepublic/ contributor Jack Wallen. "But Red Hat has other plans." The company decided -- seemingly out of the blue -- to drop support for the docker runtime engine. In place of docker came Podman. When trying to ascertain why Red Hat split with Docker, nothing came clear. Sure, I could easily draw the conclusion that Red Hat had grown tired of the security issues surrounding Docker and wanted to take matters in their own hands. There was also Red Hat's issue with "no big fat daemons." If that's the case, how do they justify their stance on systemd? Here's where my tinfoil hat comes into play. Understand this is pure conjecture here and I have zero facts to back these claims up... Red Hat is now owned by IBM. IBM was desperate to gain serious traction within the cloud. To do that, IBM needed Red Hat, so they purchased the company. Next, IBM had to score a bit of vendor lock-in. Using a tool like docker wouldn't give them that lock-in. However, if Red Hat developed and depended on their own container runtime, vendor lock-in was attainable.... Red Hat has jettisoned a mature, known commodity for a less-mature, relatively unknown piece of software -- without offering justification for the migration.... Until Red Hat offers up a sound justification for migrating from the docker container engine to Podman, there's going to be a lot of people sporting tinfoil hats. It comes with the territory of an always-connected world. And if it does turn out to be an IBM grab for vendor lock-in, there'll be a lot of admins migrating away from RHEL/CentOS to the likes of Ubuntu Server, SUSE/openSUSE, Debian, and more. Red Hat's product manager of containers later touted Podman's ability to deploy containers without root access privileges in an interview with eWeek. "We felt the sum total of its features, as well as the project's performance, security and stability, made it reasonable to move to 1.0. Since Podman is set to be the default container engine for the single-node use case in Red Hat Enterprise Linux 8, we wanted to make some pledges about its supportability." And a Red Hat spokesperson also shared their position with The New Stack. "We saw our customer base wanting the container runtime lifecycle baked-in to the OS or in delivered tandem with OpenShift."

Researchers Find Serious Flaws In WordPress Plugins Used On 400K Sites

Fri, 01/17/2020 - 16:45
An anonymous reader quotes a report from Ars Technica: Serious vulnerabilities have recently come to light in three WordPress plugins that have been installed on a combined 400,000 websites, researchers said. InfiniteWP, WP Time Capsule, and WP Database Reset are all affected. The highest-impact flaw is an authentication bypass vulnerability in the InfiniteWP Client, a plugin installed on more than 300,000 websites. It allows administrators to manage multiple websites from a single server. The flaw lets anyone log in to an administrative account with no credentials at all. From there, attackers can delete contents, add new accounts, and carry out a wide range of other malicious tasks. The critical flaw in WP Time Capsule also leads to an authentication bypass that allows unauthenticated attackers to log in as an administrator. WP Time Capsule, which runs on about 20,000 sites, is designed to make backing up website data easier. By including a string in a POST request, attackers can obtain a list of all administrative accounts and automatically log in to the first one. The bug has been fixed in version 1.21.16. Sites running earlier versions should update right away. Web security firm WebARX has more details. The last vulnerable plugin is WP Database Reset, which is installed on about 80,000 sites. One flaw allows any unauthenticated person to reset any table in the database to its original WordPress state. The bug is caused by reset functions that aren't secured by the standard capability checks or security nonces. Exploits can result in the complete loss of data or a site reset to the default WordPress settings. A second security flaw in WP Database Reset causes a privilege-escalation vulnerability that allows any authenticated user -- even those with minimal system rights -- to gain administrative rights and lock out all other users. All site administrators using this plugin should update to version 3.15, which patches both vulnerabilities. Wordfence has more details about both flaws here.

A Hacker is Patching Citrix Servers To Maintain Exclusive Access

Fri, 01/17/2020 - 11:26
Catalin Cimpanu, writing for ZDNet: Attacks on Citrix appliances have intensified this week, and multiple threat actors have now joined in and are launching attacks in the hopes of compromising a high-value target, such as a corporate network, government server, or public institution. In a report published today, FireEye says that among all the attack noise it's been keeping an eye on for the past week, it spotted one attacker that stuck out like a sore thumb. This particular threat actor was attacking Citrix servers from behind a Tor node, and deploying a new payload the FireEye team named NotRobin. FireEye says NotRobin had a dual purpose. First, it served as a backdoor into the breached Citrix appliance. Second, it worked similar to an antivirus by removing other malware found on the device and preventing other attackers from dropping new payloads on the vulnerable Citrix host. It is unclear if the NotRobin attacker is a good guy or a bad guy, as there was no additional malware deployed on the compromised Citrix systems beyond the NotRobin payload. However, FireEye experts are leaning toward the bad guy classification. In their report, they say they believe this actor may be "quietly collecting access to NetScaler devices for a subsequent campaign."

FBI: Nation-State Actors Have Breached Two US Municipalities

Fri, 01/17/2020 - 08:46
Nation-state hackers breached the networks of two US municipalities last year, the FBI said in a security alert sent to private industry partners last week. An anonymous reader writes: The hacks took place after attackers used the CVE-2019-0604 vulnerability in Microsoft SharePoint servers to breach the two municipalities' networks. The FBI says that once attackers got a foothold on these networks, "malicious activities included exfiltration of user information, escalation of administrative privileges, and the dropping of webshells for remote/backdoor persistent access." "Due to the sophistication of the compromise and Tactics, Techniques, and Procedures (TTPs) utilized, the FBI believes unidentified nation-state actors are involved in the compromise," the agency said in its security alert. The FBI could not say if both intrusions were carried out by the same group. The agency also did not name the two hacked municipalities; however, it reported the two breaches in greater detail, listing the attackers' steps in each incident.

Oracle Ties Previous All-Time Patch High With January 2020 Updates

Fri, 01/17/2020 - 05:00
"Not sure if this is good news (Oracle is very busy patching their stuff) or bad news (Oracle is very busy patching their stuff) but this quarterly cycle they tied their all-time high number of vulnerability fixes released," writes Slashdot reader bobthesungeek76036. "And they are urging folks to not drag their feet in deploying these patches." Threatpost reports: The software giant patched 300+ bugs in its quarterly update. Oracle has patched 334 vulnerabilities across all of its product families in its January 2020 quarterly Critical Patch Update (CPU). Out of these, 43 are critical/severe flaws carrying CVSS scores of 9.1 and above. The CPU ties for Oracle's previous all-time high for number of patches issued, in July 2019, which overtook its previous record of 308 in July 2017. The company said in a pre-release announcement that some of the vulnerabilities affect multiple products. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update patches as soon as possible," it added. "Some of these vulnerabilities were remotely exploitable, not requiring any login data; therefore posing an extremely high risk of exposure," said Boris Cipot, senior security engineer at Synopsys, speaking to Threatpost. "Additionally, there were database, system-level, Java and virtualization patches within the scope of this update. These are all critical elements within a company's infrastructure, and for this reason the update should be considered mandatory. At the same time, organizations need to take into account the impact that this update could have on their systems, scheduling downtime accordingly."

Dashcam Flaw Allows Anyone To Track Drivers In Real-Time Across the US

Thu, 01/16/2020 - 16:10
An anonymous reader quotes a report from Motherboard: BlackVue is a dashcam company with its own social network. With a small, internet-connected dashcam installed inside their vehicle, BlackVue users can receive alerts when their camera detects an unusual event such as someone colliding with their parked car. Customers can also allow others to tune into their camera's feed, letting others "vicariously experience the excitement and pleasure of driving all over the world," a message displayed inside the app reads. Users are invited to upload footage of their BlackVue camera spotting people crashing into their cars or other mishaps with the #CaughtOnBlackVue hashtag. But what BlackVue's app doesn't make clear is that it is possible to pull and store users' GPS locations in real-time over days or even weeks. Motherboard was able to track the movements of some of BlackVue's customers in the United States. Ordinarily, BlackVue lets anyone create an account and then view a map of cameras that are broadcasting their location and live feed. This broadcasting is not enabled by default, and users have to select the option to do so when setting up or configuring their own camera. Motherboard tuned into live feeds from users in Hong Kong, China, Russia, the U.K, Germany, and elsewhere. BlackVue spokesperson Jeremie Sinic told Motherboard in an email that the users on the map only represent a tiny fraction of BlackVue's overall customers. But the actual GPS data that drives the map is available and publicly accessible. By reverse engineering the iOS version of the BlackVue app, Motherboard was able to write scripts that pull the GPS location of BlackVue users over a week long period and store the coordinates and other information like the user's unique identifier. One script could collect the location data of every BlackVue user who had mapping enabled on the eastern half of the United States every two minutes. Motherboard collected data on dozens of customers. Following the report, BlackVue said their developers "have updated the security measures" to prevent this sort of tracking. Motherboard confirmed that previously provided user data stopped working, and they said they have "deleted all of the data collected to preserve individuals' privacy."

FBI Changes Policy for Notifying States of Election Systems Cyber Breaches

Thu, 01/16/2020 - 12:50
The Federal Bureau of Investigation will notify state officials when local election systems are believed to have been breached by hackers [the link may be paywalled], a pivot in policy that comes after criticism that the FBI wasn't doing enough to inform states of election threats, WSJ reported Thursday, citing people familiar with the matter. From a report: The FBI's previous policy stated that it notified the direct victims of cyberattacks, such as the counties that own and operate election equipment, but wouldn't necessarily share that information with states. Several states and members of Congress in both parties had criticized that policy as inadequate and one that stifled state-local partnerships on improving election security. Further reading: Despite Election Security Fears, Iowa Caucuses Will Use New Smartphone App.

Bruce Schneier on 5G Security

Thu, 01/16/2020 - 08:50
Bruce Schneier comments on the issues surrounding 5G security: [...] Keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. Neither is banning Chinese microchips, software, or programmers. Security vulnerabilities in the standards, the protocols and software for 5G, ensure that vulnerabilities will remain, regardless of who provides the hardware and software. These insecurities are a result of market forces that prioritize costs over security and of governments, including the United States, that want to preserve the option of surveillance in 5G networks. If the United States is serious about tackling the national security threats related to an insecure 5G network, it needs to rethink the extent to which it values corporate profits and government espionage over security. To be sure, there are significant security improvements in 5G over 4G in encryption, authentication, integrity protection, privacy, and network availability. But the enhancements aren't enough. The 5G security problems are threefold. First, the standards are simply too complex to implement securely. This is true for all software, but the 5G protocols offer particular difficulties. Because of how it is designed, the system blurs the wireless portion of the network connecting phones with base stations and the core portion that routes data around the world. Additionally, much of the network is virtualized, meaning that it will rely on software running on dynamically configurable hardware. This design dramatically increases the points vulnerable to attack, as does the expected massive increase in both things connected to the network and the data flying about it. Second, there's so much backward compatibility built into the 5G network that older vulnerabilities remain. 5G is an evolution of the decade-old 4G network, and most networks will mix generations. Without the ability to do a clean break from 4G to 5G, it will simply be impossible to improve security in some areas. Attackers may be able to force 5G systems to use more vulnerable 4G protocols, for example, and 5G networks will inherit many existing problems. Third, the 5G standards committees missed many opportunities to improve security. Many of the new security features in 5G are optional, and network operators can choose not to implement them. The same happened with 4G; operators even ignored security features defined as mandatory in the standard because implementing them was expensive. But even worse, for 5G, development, performance, cost, and time to market were all prioritized over security, which was treated as an afterthought.

Proof-of-Concept Exploits Published for the Microsoft-NSA Crypto Bug

Thu, 01/16/2020 - 08:10
Security researchers have published proof-of-concept (PoC) code for exploiting a recently-patched vulnerability in the Windows operating system, a vulnerability that has been reported to Microsoft by the US National Security Agency (NSA). From a report: The bug, which some have started calling CurveBall, impacts CryptoAPI (Crypt32.dll), the component that handles cryptographic operations in the Windows OS. According to a high-level technical analysis of the bug from cyber-security researcher Tal Be'ery, "the root cause of this vulnerability is a flawed implementation of the Elliptic Curve Cryptography (ECC) within Microsoft's code." According to both the NSA, the DHS, and Microsoft, when exploited, this bug (tracked as CVE-2020-0601) can allow an attacker to: 1. Launch MitM (man-in-the-middle) attacks and intercept and fake HTTPS connections. 2. Fake signatures for files and emails. 3. Fake signed-executable code launched inside Windows.

The FBI Can Unlock Florida Terrorist's iPhones Without Apple

Thu, 01/16/2020 - 07:21
The FBI is pressing Apple to help it break into a terrorist's iPhones, but the government can hack into the devices without the technology giant, according to experts in cybersecurity and digital forensics. From a report: Investigators can exploit a range of security vulnerabilities -- available directly or through providers such as Cellebrite and Grayshift -- to break into the phones, the security experts said. Mohammed Saeed Alshamrani, the perpetrator of a Dec. 6 terrorist attack at a Navy base in Florida, had an iPhone 5 and iPhone 7, models that were first released in 2012 and 2016, respectively. Alshamrani died and the handsets were locked, leaving the FBI looking for ways to hack into the devices. "A 5 and a 7? You can absolutely get into that," said Will Strafach, a well-known iPhone hacker who now runs the security company Guardian Firewall. "I wouldn't call it child's play, but it's not super difficult." That counters the U.S. government's stance. Attorney General William Barr slammed Apple on Monday, saying the company hasn't done enough to help the FBI break into the iPhones. "We are helping Apple all of the time on TRADE and so many other issues, and yet they refuse to unlock phones used by killers, drug dealers and other violent criminal elements," President Donald Trump wrote on Twitter Tuesday. The comments add to pressure on Apple to create special ways for the authorities to access iPhones. Apple has refused to build such backdoors, saying they would be used by bad actors, too. Indeed, Strafach and other security experts said Apple wouldn't need to create a backdoor for the FBI to access the iPhones that belonged to Alshamrani. Further reading: The FBI Got Data From A Locked iPhone 11 Pro Max -- So Why Is It Demanding Apple Unlock Older Phones?

iPhones Can Now Be Used To Generate 2FA Security Keys For Google Accounts

Wed, 01/15/2020 - 15:25
Most modern iPhones running iOS 13 can now be used as a built-in phone security key for Google apps. 9to5Google reports: A built-in phone security key differs from the Google Prompt, though both essentially share the same UI. The latter push-based approach is found in the Google Search app and Gmail, while today's announcement is more akin to a physical USB-C/Lightning key in terms of being resistant to phishing attempts and verifying who you are. Your phone security key needs to be physically near (within Bluetooth range) the device that wants to log-in. The login prompt is not just being sent over an internet connection. With an update to the Google Smart Lock app on iOS this week, "you can now set up your phone's built-in security key." According to one Googler today, the company is leveraging the Secure Enclave found on Apple's A-Series chips. Storing Touch ID, Face ID, and other cryptographic data, it was first introduced on the iPhone 5s, though that particular device no longer supports iOS 13. Anytime users enter a Google Account username and password, they'll be prompted to open Smart Lock on their nearby iPhone to confirm a sign-in. There's also the option to cancel with "No, it's not me." This only works when signing-in to Google with Chrome, while Bluetooth on both the desktop computer and phone needs to be enabled as the devices are locally communicating the confirmation request and verification.

FBI Arrests Man Suspected of Orchestrating Dozens of 'Swatting' Calls

Wed, 01/15/2020 - 14:45
An anonymous reader quotes a report from Ars Technica: The U.S. government has criminally charged a Virginia man for helping to organize dozens of "swatting" attacks and bomb threats made against a variety of targets in the United States and Canada. The man allegedly belonged to a group that coordinated via IRC and Tor hidden services to target prominent gamers, journalists, and government officials. The group's online chats were often racist, with comments suggesting antipathy toward Jews and black people. In one case, the group made a fake bomb threat to the Alfred Street Baptist Church, a predominantly African American church in Alexandria, Virginia. Security reporter Brian Krebs was one of the first to report on the arrest of defendant John William Kirby Kelley. Krebs was the target of a swatting call he believes was organized by the group. Kelley allegedly did research for the group, identifying possible targets and suggesting that others make calls. He also helped maintain the group's infrastructure, according to the FBI. While Kelley is now in custody, two other suspects are still at large, according to the FBI. The bureau believes that these two suspects are the ones who actually made most of the calls at issue in the case. Evidently, the suspects' efforts to conceal their identities from law enforcement have been successful -- at least so far. Kelley was caught when he failed to properly block his number after calling a bomb threat to his own school. When searching his devices (after receiving a warrant), police found videos, chats, and other records Kelley had saved documenting his involvement in other hoax calls. They also found recruiting material for a violent white supremacist group.

Navy Confirms It Has a Secret Classified Video of an Infamous UFO Incident, Says Releasing It Would Threaten National Security

Wed, 01/15/2020 - 13:25
The US Navy says it has classified documents and video related to a 2004 UFO encounter and releasing those materials would threaten national security. From a report: The Pentagon has Top Secret-classified briefings and a Secret-classified video about an infamous UFO incident, the U.S. Navy said in response to a public records request. The files concern the 2004 encounter between the USS Nimitz and a with strange unknown aerial objects. In 2017 and 2018, three videos of bizarre aircraft taken by Navy pilots from their fighter planes made national news. In December 2017, The New York Times ran a story about Navy pilots who intercepted a strange object off the coast of San Diego on November 14th, 2004, and managed to shoot video of the object with their F-18's gun camera. In September of 2019, Motherboard reported that the Navy confirmed the videos contained footage of "unknown aerial phenomena." In response to a Freedom of Information Act request sent by researcher Christian Lambright seeking more information on the incident, the Navy said it had "discovered certain briefing slides that are classified TOP SECRET. A review of these materials indicates that are currently and appropriate Marked and Classified TOP SECRET under Executive Order 13526, and the Original Classification Authority has determined that the release of these materials would cause exceptionally grave damage to the National Security of the United States." "We have also determined that ONI possesses a video classified SECRET that ONI is not the Original Classification Authority for," the letter continued.

More Than Half a Billion Android Users Have Installed 'Fleeceware' Apps

Wed, 01/15/2020 - 09:25
Security researchers from Sophos say they've discovered a new set of "fleeceware" apps that appear to have been downloaded and installed by more than 600 million Android users. From a report: The term fleeceware is a recent addition to the cyber-security jargon. It was coined by UK cyber-security firm Sophos last September following an investigation that discovered a new type of financial fraud on the official Google Play Store. It refers to apps that abuse the ability for Android apps to run trial periods before a payment is charged to the user's account. By default, all users who sign up for an Android app trial period, have to cancel the trial period manually to avoid being charged. However, most users just uninstall an app when they don't like it. The vast majority of app developers interpret this action -- a user uninstalling their app -- as a trial period cancelation and don't follow through with a charge. But last year, Sophos discovered that some Android app developers didn't cancel an app's trial period once the app is uninstalled and they don't receive a specific request from the user. Sophos said it initially discovered 24 Android apps that were charging obscene fees (between $100 and $240 per year) for the most basic and simplistic apps, such as QR/barcode readers and calculators.

Cloudflare is Giving Away Its Security Tools To US Political Campaigns

Wed, 01/15/2020 - 06:40
Network security giant Cloudflare said it will provide its security tools and services to U.S. political campaigns for free, as part of its efforts to secure upcoming elections against cyberattacks and election interference. From a report: The company said its new Cloudflare for Campaigns offering will include distributed denial-of-service attack mitigation, load balancing for campaign websites, a website firewall, and anti-bot protections. It's an expansion of the company's security offering for journalists, civil rights activists and humanitarian groups under its Project Galileo, which aims to protect against disruptive cyberattacks. The project later expanded to smaller state and local government sites in 2018, with an aim of protecting servers containing voter registration data and other election infrastructure from attacks. Cloudflare's co-founder and chief executive Matthew Prince said there was a "clear need" to help campaigns secure not only their public facing websites but also their internal data security. The company said it's working with the non-partisan, non-profit organization Defending Digital Campaigns to provide its services to campaigns. Last year the Federal Elections Commission changed the rules to allow political campaigns to receive discounted cybersecurity assistance, which was previously a campaign finance violation.

CNCF, Google, and HackerOne Launch Kubernetes Bug Bounty Program

Wed, 01/15/2020 - 05:00
An anonymous reader quotes a report from VentureBeat: The Cloud Native Computing Foundation (CNCF) today announced it is funding a bug bounty program for Kubernetes. Security researchers who find security vulnerabilities in Kubernetes' codebase, as well as the build and release processes, will be rewarded with bounties ranging from $100 to $10,000. Bug bounty programs motivate individuals and hacker groups to not only find flaws but disclose them properly, instead of using them maliciously or selling them to parties that will. Originally designed by Google and now run by the CNCF, Kubernetes is an open source container orchestration system for automating application deployment, scaling, and management. Given the hundreds of startups and enterprises that use Kubernetes in their tech stacks, it's significantly cheaper to proactively plug security holes than to deal with the aftermath of breaches.

Coral Is Google's Quiet Initiative To Enable AI Without the Cloud

Tue, 01/14/2020 - 15:20
Google is working to improve the speed and security of on-device AI through a little-known initiative called Coral. The Verge reports: "Traditionally, data from [AI] devices was sent to large compute instances, housed in centralized data centers where machine learning models could operate at speed," Vikram Tank, product manager at Coral, explained to The Verge over email. "Coral is a platform of hardware and software components from Google that help you build devices with local AI -- providing hardware acceleration for neural networks ... right on the edge device." To meet customers' needs Coral offers two main types of products: accelerators and dev boards meant for prototyping new ideas, and modules that are destined to power the AI brains of production devices like smart cameras and sensors. In both cases, the heart of the hardware is Google's Edge TPU, an ASIC chip optimized to run lightweight machine learning algorithms -- a (very) little brother to the water-cooled TPU used in Google's cloud servers. While its hardware can be used by lone engineers to create fun projects (Coral offers guides on how to build an AI marshmallow-sorting machine and smart bird feeder, for example), the long-term focus, says Tank, is on enterprise customers in industries like the automotive world and health care. Although Coral is targeting the world of enterprise, the project actually has its roots in Google's "AIY" range of do-it-yourself machine learning kits, says Tank. Launched in 2017 and powered by Raspberry Pi computers, AIY kits let anyone build their own smart speakers and smart cameras, and they were a big success in the STEM toys and maker markets. Tank says the AIY team quickly noticed that while some customers just wanted to follow the instructions and build the toys, others wanted to cannibalize the hardware to prototype their own devices. Coral was created to cater to these customers. The Coral team says it's trying to differentiate itself from the competition by tightly integrating its hardware with Google's ecosystem of AI services. "Coral is so tightly integrated with Google's AI ecosystem that its Edge TPU-powered hardware only works with Google's machine learning framework, TensorFlow, a fact that rivals in the AI edge market The Verge spoke to said was potentially a limiting factor," the report says. "Coral products process specifically for their platform [while] our products support all the major AI frameworks and models in the market," a spokesperson for AI edge firm Kneron told The Verge. (Kneron said there was "no negativity" in its assessment and that Google's entry into the market was welcome as it "validates and drives innovation in the space.")

Amazon To Ask Court To Block Microsoft From Working On $10 Billion JEDI Contract

Tue, 01/14/2020 - 14:40
An anonymous reader quotes a report from The Register: Amazon Web Services is expecting a decision next month from a U.S. court about whether the brakes will be slammed on the Pentagon's lucrative Joint Enterprise Defense Infrastructure (JEDI) contract awarded to Microsoft. The filing (PDF), on January 13, sets up the schedule for key dates including February 11, when AWS and Microsoft's lawyers have agreed to expect a court to decide on AWS's motion for a temporary restraining order. A preliminary injunction is also possibly on the cards. The significance of February -- and the reason for the sped-up negotiated schedule -- is that three days before Valentine's, the $10 billion mega-contract is supposed to begin, and, as the filing notes, "the United States has previously advised AWS and the Court [it] will begin on February 11, 2020," reiterating that "the United States' consistent position that the services to be procured under the Contract are urgently needed in support of national security." Interestingly, the U.S. -- via the Department of Defense -- said in the document that in this specific "bid protest case, it does not intend to file an answer" to AWS's complaint. Microsoft and the U.S. government have agreed to file their motions to dismiss on January 24 -- the same date AWS is flinging out its "temporary restraining order and/or preliminary injunction" to pull the JEDI light saber away from Microsoft. Amazon's initial formal appeal of the decision pointed much of the blame at President Trump, who has been a public critic of Amazon. "Should it get the nod, AWS's injunction will 'prevent the issuance of substantive task orders under the contract' despite the U.S.'s position that the services 'are urgently needed in support of national security,'" reports The Register.