Free Republic

Vulnerabilities in common Electronic Logging Devices (ELDs) required in US commercial trucks could be present in over 14 million medium- and heavy-duty rigs, according to boffins at Colorado State University. In a paper presented at the 2024 Network and Distributed System Security Symposium, associate professor Jeremy Daily and systems engineering graduate students Jake Jepson and Rik Chatterjee demonstrated how ELDs can be accessed over Bluetooth or Wi-Fi connections to take control of a truck, manipulate data, and spread malware between vehicles. "These findings highlight an urgent need to improve the security posture in ELD systems," the trio wrote [PDF]. The...

Last year, several security vulnerabilities were discovered, making it difficult for system administrators to patch the systems without downtime quickly.What if some improvements can be made to update some critical components for security/performance improvements without rebooting a system?Intel aims to achieve that with its new PFRUT (Platform Firmware Runtime Update and Telemetry) driver.Intel Plans to Make PFRUT Available With Linux Kernel 5.17While Linux Kernel 5.16 is due later this weekend, Intel aims to merge this new addition with the upcoming Linux Kernel 5.17 stable release.But, what exactly is it?With PFRUT driver, specific components (or the system firmware) can be updated...

Thanks to the coronavirus pandemic, we are woefully short of ventilators that can give the most gravely ill a chance for life. There are many efforts afoot to build more ventilators. Now, instead of building ventilators, a group of open-source developers has a new idea: Create a firmware update, Airbreak, which can transform common Constant Positive Airway Pressure (CPAP) machines into non-invasive ventilators.  Their first effort -- a proof of concept -- converts the Airsense 10 CPAP machine, which is a common, inexpensive sleep apnea treatment device, into a ventilator. It does so by simply replacing its existing firmware with updated firmware. With this...

This is the Read.md file on the site, explaining how to use a standalone executable file (compiled from a batch file) to disable recently discovered Intel's bug, until Intel machines' firmware get fixed. Download the DisableAMT.exe (or DisableAMT.zip) from https://github.com/bartblaze/Disable-Intel-AMT --------------------------------------------- # Disable Intel AMT Tool to disable Intel AMT on Windows. Runs on both x86 and x64 **Windows** operating systems. Download: [DisableAMT.exe](DisableAMT.exe) [DisableAMT.zip](DisableAMT.zip) ## What? On 02 May 2017, Embedi [discovered](https://www.embedi.com/news/mythbusters-cve-2017-5689) "*an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x,...

A few months back, the US Federal Trade Commission (FTC) filed a complaint against Taiwan-based hardware maker Asus accusing it of misrepresenting its products' security features and failure to address security vulnerabilities. The two parties have agreed to a settlement, one that forces Asus to subject its procedures and products to independent security audits for the next 20 years. According to the FTC's complaint, Asus has failed numerous times in addressing severe security issues and has made false claims about its products to its customers. Asus had flaws in its AiDisk and AiCloud router features The FTC pointed to numerous...

Computer scientists warn that proposed changes in firmware specifications may make it impossible to run “unauthorised” operating systems such as Linux and FreeBSD on PCs. Proposed changes to the Unified Extensible Firmware Interface (UEFI) firmware specifications would mean PCs would only boot from a digitally signed image derived from a keychain rooted in keys built into the PC. Microsoft is pushing to make this mandatory in a move that could not be overridden by users and would effectively exclude alternative operating systems, according to Professor Ross Anderson of Cambridge University and other observers. UEFI is a successor to the BIOS...

Get breaking Reg news straight to your desktop - click here to find out how.Dutch researchers have warned that RFID tags – small microchips, which can be used to tag products or animals - can be infected with computer viruses. A group under the guidance of Andrew Tanenbaum at the Amsterdam Free University made the world's RFID "malware" publicly available. "We hope to convince the experts that the problem is serious and better be dealt with,” the Dutch researchers say. As RFID chips only have a limited memory capacity, it was widely assumed they could not become infected with a...