A Year Later, That Brutal Log4j Vulnerability Is Still Lurking
A year ago, as Russia amassed troops at its border with Ukraine and the Covid-19 Omicron variant began to surge around the world, the Apache Software Foundation disclosed a vulnerability that set off a frenzy across the global tech industry. The bug, known as Log4Shell, was in the ubiquitous open-source logging library Log4j and exposed a wide range of applications and services—from popular consumer and enterprise platforms to critical infrastructure and internet-of-things devices. Now, after weeks of intensive remediation last December and a year of cumulative progress on patching, Log4Shell no longer poses the universal threat it once did. But researchers warn that the vulnerability is still present in far too many systems worldwide, and that attackers will be successfully exploiting it for years. Many critical vulnerabilities get discovered every year that are of high urgency to address, but Log4Shell was unusual because it was so easy to exploit wherever it was present, with few caveats or subtleties for attackers to navigate. Developers use logging utilities to record operations in a given application. All attackers need to do to exploit Log4Shell is get the system to log a special string of code. From there, they can take control of their target to install malware or mount other digital attacks. Loggers gonna log, so introducing the malicious snippet can be as easy as including it in an account username or sending it in an email. Continued here |
Aliens-inspired Returnal is coming to PC, and you should probably play it
A lesser-known PlayStation 5 game called Returnal is coming to PC, and while it hasn't had as much fanfare as big-ticket titles like Spider-Man, The Last of Us, or Horizon, it's definitely one you should try. It's simultaneously a throwback to classic arcade action games, a PC-style Roguelike, a technical showcase for modern systems, and an homage to the moody science fiction novels and films of the 1970s and 1980s. But most importantly, it's a good game. Continued here |
�
Pharmeasy: Expansion Dilemma Amidst Regulatory Uncertainties ^ W20396
The two co-founders of PharmEasy, an online medical store and pharmacy website launched in 2015, faced a new challenge in December 2018. Recent judgments by the Madras and Delhi High Courts had suspended the operations of India's more than 250 online pharmacies until new industry regulations could be drafted. Only a few months earlier, in August 2018, the Indian government had released proposed draft regulations for the online sale of medicine. However, an organization representing more than 850,000 pharmacists in India had staged a one-day strike to protest the government's proposal. Should PharmEasy take a cautious approach with its ambitious expansion plans until the government introduces regulations? Or would its competitors seize the opportunity to move forward aggressively to gain market share? The co-founders recognized that the regulatory uncertainty was creating confusion. They needed to decide on their next steps quickly-and communicate their intentions to all stakeholders. Rakesh Gupta is affiliated with Institute of Management Technology, Ghaziabad. Lubna Nafees is affiliated with Appalachian State University. Continued here |
The PikoGym Entrepreneurs: Muscling Up through Intellectual Property ^ W20431
Frustrated with the available means of working out while travelling, the three founders of PikoGym, a start-up out of Erlangen, Germany, had the idea to build a workout device that allowed users to train anywhere and everywhere. The lightweight and compact solution would be combined with a progressive web application to facilitate customers meeting up for workouts, provide motivation, and build community. PikoGym would be entering a growing but highly competitive and relatively fragmented market. Although competitors' solutions were similar to PikoGym's, they lacked the versatility and comfort offered by the latter. The three entrepreneurs wanted to ensure that their intellectual property (IP) management strategy aligned with their business goals and long-term plans for the company's success. Florian Fuchs is affiliated with Friedrich-Alexander-Universität Erlangen-Nürnberg. Peter M. Bican is affiliated with Friedrich-Alexander-Universität Erlangen-Nürnberg. Alexander Brem is affiliated with Friedrich-Alexander-Universität Erlangen-Nürnberg. Continued here |
�
GoSports Foundation: Going Beyond The Gold ^ W21246
GoSports Foundation was a non-profit venture that developed India's emerging athletic talent through athletic scholarships and other supports that helped the athletes achieve sports excellence. The foundation had limited funding and numerous applicants, requiring that it carefully choose the athletes it would support. Nandan Kamath, a co-founder of the organization, has to choose one athlete from several applicants for support. He also has to decide whether the foundation should start supporting the development of coaches and trainers and how it should balance its support with a desire to advance the profile of athletes competing in the Paralympics.Sanjeev Tripathi is affiliated with Indian Institute of Management Indore. Vijay Krishnamurthy is affiliated with SDMIMD, University of Mysore (India). Continued here |
Insta360's X3 is a 360 and Action Camera in One
If you buy something using links in our stories, we may earn a commission. This helps support our journalism. Learn more. Please also consider subscribing to WIRED For years now, Insta360 has been working to merge the world of 360 video with the action camera. The Insta360 One RS (8/10 WIRED Recommends) has an interchangeable lens system that allows exactly this flexibility. Still, changing lenses isn’t the easiest thing to do when you’re in the middle of the action. Continued here |
�
Upgrade Your Motorcycle Helmet—With a Bluetooth Headset
Lately, I've been hearing voices. They tell me all sorts of useful information, such as where to go and how to get there. Don't worry, all of this precisely stops when I take off my motorcycle helmet. That's because it's Bluetooth connected, and I love that I can keep my smartphone in my pocket while riding and get all my directions straight to my ears. It's the best upgrade I've ever made to my riding experience. You should forget about mounting your smartphone to your handlebars and make the upgrade too. Your sanity will thank you. Continued here |
Teach For China and the Chinese Nonprofit Sector ^ 314052
Teach For China was founded in 2008 with the mission of expanding educational opportunity across China. By 2013, Andrea Pasinetti's lofty dream had taken flight: over 300 graduates from top American and Chinese universities were participating in its 2-year teaching fellowships in more than 87 rural Chinese schools. The organization had grown from a founding team of three in a shoebox office to an 80-person operation headquartered in Beijing with teams in six other locations across China. Teach For China adapted the model pioneered by Teach For America to meet the needs of the educationally under-resourced of rural China. Led by an American, could Teach For China reshape its international identity and become an enduring Chinese institution? Could Teach For China manage regulatory risks and challenge public and government skepticism of the still-nascent and highly volatile nonprofit sector? Would Teach For China be able to sustainably scale its model to truly end educational inequality in China? Continued here |
�
P&G Canada: Old Company, New Tricks ^ 916019
P&G Canada faces ongoing global pressure to increase productivity and reduce spending. Thom Lachman, President of P&G Canada, is seemingly out of options that will make a large enough impact without harming the business, until the idea of a radical space reduction strikes him. The case follows Lachman, working closely with Country HR Manager Jane Lewis, from idea inception to the eve of the company-wide transition to a dramatically scaled-down and reorganized office space. In particular, the case provides a basis for discussion surrounding employee motivation-specifically as it is affected by the change management process and workspaces, benefits versus perks, and sorting effects. A (B) case details the outcome of the office space transition. Continued here |
Seeing Earth From Space Will Change You
When he first returned from space, William Shatner was overcome with emotion. The actor, then 90 years old, stood in the dusty grass of the West Texas desert, where the spacecraft had landed. It was October 2021. Nearby, Jeff Bezos, the billionaire who had invited Shatner to ride on a Blue Origin rocket, whooped and popped a bottle of champagne, but Shatner hardly seemed to notice. With tears falling down his cheeks, he described what he had witnessed, his tone hushed. “What you have given me is the most profound experience I can imagine,” Shatner told Bezos. “It’s extraordinary. Extraordinary. I hope I never recover from this.” The man who had played Captain Kirk was so moved by the journey that his post-touchdown remarks ran longer than the three minutes he’d actually spent in space. Shatner appeared to be basking in a phenomenon that many professional astronauts have described: the overview effect. These travelers saw Earth as a gleaming planet suspended in inky darkness, an oasis of life in the silent void, and it filled them with awe. “No one could be briefed well enough to be completely prepared for the astonishing view that I got,” Alan Shepard, the first American in space, wrote in 1962, after he’d made the same trip that Shatner later took. Continued here |
�
The Multiverse is real — just not in the way you think it is
The multiverse is having a moment. From Rick and Morty to Marvel movies, the idea that our universe is just one of many has inspired countless storylines in recent popular culture. Why is the multiverse so compelling? To theoretical physicist and philosopher Sean Carroll, one reason is that we’re drawn to wondering how things might have turned out differently. What if you had chosen a different career path? Married someone else? Moved to a different city? Continued here |
Why We Buy What We Do
This is an edition of The Wonder Reader, a newsletter in which our editors recommend a set of stories to spark your curiosity and fill you with delight. Sign up here to get it every Saturday morning. “I don’t like to shop, but I do like to buy,” Frances Taylor wrote in The Atlantic in 1931. In an essay called “Who Wants My Money?,” Taylor laments how inconvenient the process of shopping is. “I am a business woman working on commission, and I make money which I like to spend,” she writes, but going to stores is “a time-wasting and nerve-racking performance.” Continued here |
�
Why is strep A surging — and how worried are scientists?
Group A streptococcal bacteria (strep A) cause infections that trigger a sore throat — and can lead to scarlet fever or, rarely, more serious conditions and death.Credit: CNRI/Science Photo Library As the days lengthen and temperatures rise each spring, British paediatricians know what to expect: an increase in group A streptococcal infections that should tail off by the summer. But an off-season outbreak of the bacterial infections this year has jumbled expectations, made scores of people ill and killed 13 children under the age of 15 in England since September. Continued here |
After Job 1: Actions and Reactions in the Ford/Firestone Recall ^ BAB113
Few recent events have shaken public confidence in product safety as much as the recall of 6.5 million Firestone tires in August 2000. The defective tires made by Bridgestone/Firestone Inc. were supplied primarily as original equipment on Ford Motor Co. sport utility vehicles (SUVs) and sold as replacement items for SUVs and light trucks. For some consumers, the combination of Firestone tires and Ford vehicles proved lethal. Accidents involving tread separation and rollovers were blamed for 148 deaths and over 500 injuries. Chronicles the actions and reactions of Ford and Firestone, various legislative and regulatory bodies, and the public as the truth emerged. Continued here |
�
Building Effective Working Relationships, Module Note ^ 415030
This note introduces a framework for deliberately building effective interpersonal relationships. First, we will define the necessary attributes of these relationships. Next, we will discuss common barriers to effectiveness. Lastly, we will provide tools to build and maintain these relationships. Continued here |
Starts With A Bang podcast #88: From dust till cosmic dawn
For a cosmologist like me, “cosmic dust” is a thing that’s in the way, confounding our data about the pristine Universe, and it’s a thing to be understood so that it can be properly subtracted out. But the old saying, that “one astronomer’s noise is another astronomer’s data,” proves to be more true than ever with cosmic dust, as how it’s produced, where it came from, and how it comes together to form planets, molecules, and eventually creatures like us, are some of the most essential elements necessary for us to exist within this Universe. In visible light, cosmic dust is normally just a starlight blocker, but in other wavelengths of light, its composition, distribution, density, grain size, polarization, and many other kinetic and thermal features can be revealed. Here to guide us through the ins-and-outs of cosmic dust, with a special view towards millimeter, submillimeter, and radio wavelengths, I’m so pleased to welcome PhD candidate Carla Arce-Tord to the show. Enjoy this far-ranging tour of cosmic dust, and perhaps by the end you’ll walk away inspired about all there is to know as well as the remarkable people making it happen! Continued here |
Seneca Systems (A): General and Confidential Instructions for R. Thompson, Vice President, Marketing ^ 899169
Seneca is a three-party negotiation-mediation simulation. The context is a product failure crisis in a manufacturing company with highly autonomous units. The heads of two divisions are in a dispute over who has responsibility for failures in a key product. The head of a third division is attempting to mediate a resolution to the dispute. Unlike many mediation simulations, the mediator has both independent interests and some power to influence outcomes. Two versions of the mediator role are available. In Seneca Systems (A), the mediator can make a financial contribution to solving the problem and hence has bargaining power. In Seneca Systems (B), the mediator has some coercive power in the form of influence with the CEO and could impose a solution if the parties are unable to resolve the dispute themselves. The core teaching issues concern the tradeoffs inherent in having vested interests and power as a mediator. Continued here |
HBR Working Parents Starter Set (5 Books) ^ 10623
All the advice you need to succeed as a first-time working parent. The year after having your first baby can be one of the most challenging and disorienting periods of your career. From finding the best childcare when you return to work, to setting expectations with your manager, to getting enough sleep so you can show up as the person you want to be and do your job well--juggling it all can seem impossible. You're not alone, but you're going through a tough moment and you need support. The "HBR Working Parents Starter Set" offers insights and practical advice from world-class experts on the topics that are the most important to new working parents who want to be great parents and have impactful careers. The five books in this set--"Succeeding as a First-Time Parent," "Getting It All Done," "Taking Care of Yourself," "Managing Your Career," and "Communicate Better with Everyone"--will teach you how to transition back to work effectively, make decisions that align with your priorities, find time for personal development, and make career choices that work for you--and your family. There's no simple answer or foolproof tip to make working parenthood easy--but the strategies in this collection can help set you on the path toward finding success both in your career and as a parent. The HBR Working Parents Series with Daisy Dowling, Series Editor, supports readers as you anticipate challenges, learn how to advocate for yourself more effectively, juggle your impossible schedule, and find fulfillment at home and at work. Whether you're up with a newborn or planning the future with your teen, you'll find the practical tips, strategies, and research you need to make working parenthood work for you. Continued here |
5 creative ways people are using ChatGPT
On November 30, OpenAI — the research lab behind the groundbreaking text-to-image AI DALL-E 2 — unveiled its latest creation: ChatGPT, an AI chatbot capable of providing detailed responses to text prompts. Within five days, more than one million people had signed up to test the cutting-edge technology, according to OpenAI President Greg Brockman, and their prompts and the AI’s responses are now flooding Twitter feeds as people marvel at the bot’s mastery of language. Continued here |
Lincoln Center CEO Henry Timms on New Models for Effective Leadership
On Nov. 29, tens of millions of people around the world donated their time and money to the causes and institutions that matter most to them. It was all part of an annual movement known as “Giving Tuesday,” which Henry Timms and his team launched a decade ago. Since then it has generated more than $13 billion for good causes in the U.S. alone. The phenomenon is part of what Timms calls “new power,” where smart ideas are circulated for anyone and everyone to interpret and build on – rather than being controlled by a centralized organization. It’s based on what one of Timms’ colleagues calls “un-branding,” where institutions don’t insist on putting their logos and terms of engagement all over everything they initiate. “The ‘old power’ world was: you participate in my mission on my terms, and I tell you what to do, and you do it or don’t,” says Timms. “The ‘new power’ world is: we get people to participate in our mission on their terms.” Continued here |
The Absurd Talent of Kylian Mbappé
The French star player has already proved that he’s one of the best in the history of the game. This is an edition of The Great Game, a newsletter about the 2022 World Cup—and how soccer explains the world. Sign up here. Continued here |
We’re All Capable of Going ‘Goblin Mode’
The Oxford Word of the Year tells a concise story about how many of us are doing these days. The people have spoken about what the people have spoken: The 2022 Oxford Word of the Year, chosen for the first time ever by public vote, went to goblin mode by a 93 percent majority. Oxford defines goblin mode as “a type of behavior which is unapologetically self-indulgent, lazy, slovenly, or greedy, typically in a way that rejects social norms or expectations.” It’s a gloriously evocative phrase—and it tells a concise story about how many of us are doing these days. Continued here |
The Indonesia Strategy Case: Confidential Instructions for Joanna ^ INS978
This is a multi-issue one-on-one internal negotiation between a recently promoted boss, Joanna, and an older-than-her employee, Rupert, who is disgruntled at having been passed over for promotion. Joanna needs his advice to design the new strategy for the Indonesia operations, which she must present to the board soon. Continued here |
The weekend’s best deals: A bunch of Apple devices, Surface, Xbox, Meta Quest, and more
Black Friday and Cyber Week are technically done and dusted. But the season of deals and record-low pricing continues for a variety of electronics as we wind down the year. Continued here |
Creating a Luxury Experience at Value Retail ^ 513009
Value Retail PLC owned and managed a number of premium shopping destinations (Villages) across Europe. Soon the company would be moving into an entirely new market: China. The company's Villages had proven popular with both shoppers (many of whom were international tourists who had come to Europe specifically to visit one of Value Retail's Villages) and brands, a number of which were luxury brands that had historically avoided selling product at outlet locations. The company's Founder and Chairman, Scott Malkin, looked to the future challenges his company might face in China, as well as to the challenges his company faced around human resource management and organizational control as the company grew in size and formalized parts of its processes, and how his company would be impacted by the ongoing changes in the retail industry, including the rise of online shopping. Continued here |
Fatherhood changes men’s brains, according to before-and-after MRI scans
The time fathers devote to child care every week has tripled over the past 50 years in the United States. The increase in fathers’ involvement in child rearing is even steeper in countries that have expanded paid paternity leave or created incentives for fathers to take leave, such as Germany, Spain, Sweden and Iceland. And a growing body of research finds that children with engaged fathers do better on a range of outcomes, including physical health and cognitive performance. Despite dads’ rising participation in child care and their importance in the lives of their kids, there is surprisingly little research about how fatherhood affects men. Even fewer studies focus on the brain and biological changes that might support fathering. Continued here |
Should Local Police Departments Deploy Lethal Robots?
Last month, the San Francisco Board of Supervisors voted in favor of allowing that city’s police department to deploy robots equipped with a potential to kill, should a situation—in the estimation of police officers—call for lethal force. With that decision, the board appeared to have delivered the city to a dystopian future. The vote garnered a loudly negative response from the public, and this week the supervisors reversed course and sent the policy back to committee. But the fact that the decision initially passed—and may yet pass in some form—should not have been surprising. Police departments around the country have been acquiring robotic devices for decades. Most are used for what have become routine policing activities, such as surveillance and bomb disposal. But some can be outfitted with other capabilities, such as to fire 12-gauge shotgun rounds, and in Dallas, in 2016, the police used a bomb-disposal robot to detonate an explosive device, in order to kill a suspected sniper who had shot twelve officers, killing five. The San Francisco Police Department has seventeen robots, twelve of which are functional, and among that number are bomb-disposal units that can be repurposed to deliver an explosive device. (They, too, can be outfitted to fire 12-gauge rounds.) Since 1997, when the National Defense Authorization Act sanctioned the transfer of surplus Department of Defense matériel to local police departments, ostensibly to shore up their defenses for the war on drugs, law-enforcement agencies around the country have been stockpiling the weapons and equipment of war. An earlier program that enabled police departments to buy military surplus at a discounted rate was given a boost after 9/11, when grants from the Department of Homeland Security enabled local forces to purchase armored personnel carriers, tactical gear, sound cannons, drones, and other accoutrements of modern warfare. According to the Law Enforcement Support Office, which oversees the weapon transfers, more than seven billion dollars’ worth of equipment has been transferred to more than eight thousand police departments since the program began. Continued here |
How do floating wind turbines work? 5 companies just won the first US leases for building them off California's coast
Northern California has some of the strongest offshore winds in the U.S., with immense potential to produce clean energy. But it also has a problem. Its continental shelf drops off quickly, making building traditional wind turbines directly on the seafloor costly if not impossible. Once water gets more than about 200 feet deep – roughly the height of an 18-story building – these “monopile” structures are pretty much out of the question. Continued here
Subscribe to:
Post Comments (Atom)
|
No comments:
Post a Comment