Enlarge (credit: Getty Images)

Translating human-readable domain names into numerical IP addresses has long been fraught with gaping security risks. After all, lookups are rarely end-to-end encrypted. The servers providing domain name lookups provide translations for virtually any IP address—even when they’re known to be malicious. And many end-user devices can easily be configured to stop using authorized lookup servers and instead use malicious ones.

Microsoft on Friday provided a peek at a comprehensive framework that aims to sort out the Domain Name System (DNS) mess so that it’s better locked down inside Windows networks. It’s called ZTDNS (zero trust DNS). Its two main features are (1) encrypted and cryptographically authenticated connections between end-user clients and DNS servers and (2) the ability for administrators to tightly restrict the domains these servers will resolve.

Clearing the minefield

One of the reasons DNS has been such a security minefield is that these two features can be mutually exclusive. Adding cryptographic authentication and encryption to DNS often obscures the visibility admins need to prevent user devices from connecting to malicious domains or detect anomalous behavior inside a network. As a result, DNS traffic is either sent in clear text or it's encrypted in a way that allows admins to decrypt it in transit through what is essentially an adversary-in-the-middle attack.

Enlarge / Kenneth Dintzer, litigator for the US Department of Justice, exits federal court in Washington, DC, on September 20, 2023, during the antitrust trial to determine if Alphabet Inc.'s Google maintains a monopoly in the online search business. (credit: Bloomberg / Contributor | Bloomberg)

Near the end of the second day of closing arguments in the Google monopoly trial, US district judge Amit Mehta weighed whether sanctions were warranted over what the US Department of Justice described as Google's "routine, regular, and normal destruction" of evidence.

Google was accused of enacting a policy instructing employees to turn chat history off by default when discussing sensitive topics, including Google's revenue-sharing and mobile application distribution agreements. These agreements, the DOJ and state attorneys general argued, work to maintain Google's monopoly over search.

According to the DOJ, Google destroyed potentially hundreds of thousands of chat sessions not just during their investigation but also during litigation. Google only stopped the practice after the DOJ discovered the policy. DOJ's attorney Kenneth Dintzer told Mehta Friday that the DOJ believed the court should "conclude that communicating with history off shows anti-competitive intent to hide information because they knew they were violating antitrust law."

Enlarge / This gear is from the upcoming "Polar Patriots" Premium Warbond in Helldivers 2. It's an upcoming change the developer and publisher likely wish was getting more attention of late. (credit: Sony Interactive Entertainment)

There's a lot of stories about the modern PC gaming industry balled up inside one recent "update" to Helldivers 2.

Sony Interactive Entertainment announced Thursday night that current players of the runaway hit co-op shooter will have to connect their Steam accounts to a PlayStation Network (PSN) account starting on May 30, with a hard deadline of June 4. New players will be required to connect the two starting Monday, May 6.

Officially, this is happening because of the "safety and security provided on PlayStation and PlayStation Studios games." Account linking allows Sony to ban abusive players, and also gives banned players the right to appeal. Sony writes that it would have done this at launch, but "Due to technical issues … we allowed the linking requirements for Steam accounts to a PlayStation Network account to be temporarily optional. That grace period will now expire."

Enlarge / Cisco Systems headquarters in San Jose, California. (credit: Getty)

A Florida resident was sentenced to 78 months for running a counterfeit scam that generated $100 million in revenue from fake networking gear and put the US military's security at risk, the US Department of Justice (DOJ) announced Thursday.

Onur Aksoy, aka Ron Aksoy and Dave Durden, pleaded guilty on June 5, 2023, to two counts of an indictment charging him with conspiring with others to traffic in counterfeit goods, to commit mail fraud, and to commit wire fraud. His sentence, handed down on May 1, also includes an order to pay $100 million in restitution to Cisco, a $40,000 fine, and three years of supervised release. Aksoy will also have to pay his victims a sum that a court will determine at an unspecified future date, the DOJ said.

According to the indictment [PDF], Aksoy began plotting the scam around August 2013, and the operation ran until at least April 2022. Aksoy used at least 19 companies and about 15 Amazon storefronts, 10 eBay ones, and direct sales—known collectively as Pro Network Entities—to sell tens of thousands of computer networking devices. He imported the products from China and Hong Kong and used fake Cisco packaging, labels, and documents to sell them as new and real. Legitimate versions of the products would've sold for over $1 billion, per the indictment.

Enlarge / Holstein dairy cows in a freestall barn. (credit: Getty | )

The US Department of Agriculture this week posted an unpublished version of its genetic analysis into the spillover and spread of bird flu into US dairy cattle, offering the most complete look yet at the data state and federal investigators have amassed in the unexpected and worrisome outbreak—and what it might mean.

The preprint analysis provides several significant insights into the outbreak—from when it may have actually started, just how much transmission we're missing, stunning unknowns about the only human infection linked to the outbreak, and how much the virus continues to evolve in cows. The information is critical as flu experts fear the outbreak is heightening the ever-present risk that this wily flu virus will evolve to spread among humans and spark a pandemic.

But, the information hasn't been easy to come by. Since March 25—when the USDA confirmed for the first time that a herd of US dairy cows had contracted the highly pathogenic avian influenza H5N1 virus—the agency has garnered international criticism for not sharing data quickly or completely. On April 21, the agency dumped over 200 genetic sequences into public databases amid pressure from outside experts. However, many of those sequences lack descriptive metadata, which normally contains basic and key bits of information, like when and where the viral sample was taken. Outside experts don't have that crucial information, making independent analyses frustratingly limited. Thus, the new USDA analysis—which presumably includes that data—offers the best yet glimpse of the complete information on the outbreak.

Enlarge / The promotional image for Apple's May 7 event. (credit: Apple)

On May 7, Apple will host a product announcement event at 9 am ET. Labeled "Let loose," we expect it will focus on new iPads and iPad accessories.

We won't be liveblogging the stream, but you can expect some news coverage as it happens. Below, we'll go over our educated guesses about why Apple might be doing this.

Why hold an event now?

It's unusual for Apple to host an event shortly before WWDC. New products debut at that event all the time, so if it's just a faster chip and a nicer screen for the iPad Pro and iPad Air, why not wait until June?

Enlarge / A PC running Windows 11. (credit: Microsoft)

It's been a bad couple of years for Microsoft's security and privacy efforts. Misconfigured endpoints, rogue security certificates, and weak passwords have all caused or risked the exposure of sensitive data, and Microsoft has been criticized by security researchers, US lawmakers, and regulatory agencies for how it has responded to and disclosed these threats.

The most high-profile of these breaches involved a China-based hacking group named Storm-0558, which breached Microsoft's Azure service and collected data for over a month in mid-2023 before being discovered and driven out. After months of ambiguity, Microsoft disclosed that a series of security failures gave Storm-0558 access to an engineer's account, which allowed Storm-0558 to collect data from 25 of Microsoft's Azure customers, including US federal agencies.

In January, Microsoft disclosed that it had been breached again, this time by Russian state-sponsored hacking group Midnight Blizzard. The group was able "to compromise a legacy non-production test tenant account" to gain access to Microsoft's systems for "as long as two months."

Enlarge / A Long March 5 rocket carrying the Chang'e-6 lunar probe blasts off from the Wenchang Space Launch Center on May 3, 2024 in Wenchang, China. (credit: Li Zhenzhou/VCG via Getty Images)

China is going back to the Moon for more samples.

On Friday the country launched its largest rocket, the Long March 5, carrying an orbiter, lander, ascent vehicle, and a return spacecraft. The combined mass of the Chang'e-6 spacecraft is about 8 metric tons, and it will attempt to return rocks and soil from the far side of the Moon—something scientists have never been able to study before in-depth.

The mission's goal is to bring about 2 kg (4.4 pounds) of rocks back to Earth a little more than a month from now.

Enlarge (credit: Getty Images)

On Thursday, renowned AI researcher Andrej Karpathy, formerly of OpenAI and Tesla, tweeted a lighthearted proposal that large language models (LLMs) like the one that runs ChatGPT could one day be modified to operate in or be transmitted to space, potentially to communicate with extraterrestrial life. He said the idea was "just for fun," but with his influential profile in the field, the idea may inspire others in the future.

Karpathy's bona fides in AI almost speak for themselves, receiving a PhD from Stanford under computer scientist Dr. Fei-Fei Li in 2015. He then became one of the founding members of OpenAI as a research scientist, then served as senior director of AI at Tesla between 2017 and 2022. In 2023, Karpathy rejoined OpenAI for a year, leaving this past February. He's posted several highly regarded tutorials covering AI concepts on YouTube, and whenever he talks about AI, people listen.

Most recently, Karpathy has been working on a project called "llm.c" that implements the training process for OpenAI's 2019 GPT-2 LLM in pure C, dramatically speeding up the process and demonstrating that working with LLMs doesn't necessarily require complex development environments. The project's streamlined approach and concise codebase sparked Karpathy's imagination.

Enlarge / The first Ecobee Thermostat, may it rest in peace. (credit: Ecobee)

Ecobee is killing off some of its oldest thermostats. The "Ecobee Smart Thermostat" (Model # : EB-STAT-02) and the Ecobee Energy Management System (EMS) business thermostat (Model #: EB-EMS-02) are losing web access on July 31, 2024. Every Ecobee device has nearly the same name, but these are older devices. Ecobee says these will still function as local thermostats after the shutdown, but "any features requiring connectivity to the Ecobee servers, such as control from the Ecobee Web Portal, weather information, integrations etc, will no longer function."

The EB-STAT-02 was "the world’s first Wi-Fi enabled thermostat" when it launched in 2008, and sales ended in 2013. Unlike the current Ecobees, this is a white rectangle that connected to a giant "equipment interface module" box you needed to hide in your HVAC system somewhere. The wall-mounted controller used an old-even-in-2009 resistive touchscreen, was an inch thick, and had a colorful interface that looked a lot like early versions of iOS. Most of the basics were here though, with an app that mimicked the wall controller interface, over-the-Internet control, a web portal, and access to lots of data. The EB-EMS-02 launched two years later as a commercial version of the Stat 02 and needed a subscription fee to work.

As you'd expect from an old Internet-connected device, the Wi-Fi support of the Stat 02 is pretty bad nowadays. According to Ecobee's support page, it only supported 802.11b/g for Wi-Fi (that would be "Wi-Fi 3" under the current naming scheme). Encryption went up to WPA2, and even with firmware updates, you have to start questioning the security of a 16-year-old Internet-connected device. Not relying on the cloud would be nice, but at some point, you just have to throw this stuff out.