Publication cites Tesla boss’s influence ‘for good or ill’, but accolade is criticised over billionaire’s attitude to tax, unions and Covid
Time magazine’s decision to make Tesla billionaire Elon Musk its person of the year for 2021 has been criticised because of his attitude to tax, opposition to unions and playing down the dangers of Covid-19.
Musk, who is also the founder and chief executive of space exploration company SpaceX, recently passed Amazon founder Jeff Bezos as the world’s wealthiest person as the rising price of Tesla shares pushed his net worth to around $300bn.
Describing him as a “clown, genius, edgelord, visionary, industrialist, showman”, Time cited the breadth of Musk’s endeavours, from his founding of SpaceX in 2002, to his hand in the creation of the alternative energy company SolarCity in addition to Tesla, the most valuable car company in the world.
Elon Musk on the cover of Time’s upcoming issue. Photograph: AP
But the accolade drew sharp criticism in the United States . . ."
"In an era where experiences reign and everybody already has too much stuff, gifts that can be consumed (or those that enable it) are the perfect solution.
Whether their tastes run spicy or sweet or they like to booze it up or relax with a cuppa—or even if they appreciate a little kitsch in the kitchen—the food- and drink-related options below offer something for just about anybody on your list.
Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it's possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device's Bluetooth component.
Modern consumer electronic devices such as smartphones feature SoCs with separate Bluetooth, WiFi, and LTE components, each with its own dedicated security implementation.
However, these components often share the same resources, such as the antenna or wireless spectrum.
This resource sharing aims to make the SoCs more energy-efficient and give them higher throughput and low latency in communications.
As the researchers detail in the recently published paper, it is possible to use these shared resources as bridges for launching lateral privilege escalation attacks across wireless chip boundaries.
The implications of these attacks include code execution, memory readout, and denial of service.
Resource sharing diagram of Google Nexus 5 Source: Arxiv.org
Multiple flaws in architecture and protocol
To exploit these vulnerabilities, the researchers first needed to perform code execution on either the Bluetooth or WiFi chip. While this is not very common, remote code execution vulnerabilities affecting Bluetooth and WiFi have been discovered in the past.
Once the researchers achieved code execution on one chip, they could perform lateral attacks on the device's other chips using shared memory resources.
In their paper, the researchers explain how they could perform OTA (Over-the-Air) denial of service, code execution, extract network passwords, and read sensitive data on chipsets from Broadcom, Cypress, and Silicon Labs
CVEs reserved for the particular threat model. Source: Arxiv.org
These vulnerabilities were assigned the following CVEs:
CVE-2020-10368: WiFi unencrypted data leak (architectural)
The info-stealing malware TinyNuke has re-emerged in a new campaign targeting French users with invoice-themed lures in emails sent to corporate addresses and individuals working in manufacturing, technology, construction, and business services.
A new variant of the Agent Tesla malware has been spotted in an ongoing phishing campaign that relies on Microsoft PowerPoint documents laced with malicious macro code.
Workforce management solutions provider Kronos has suffered a ransomware attack that will likely disrupt many of their cloud-based solutions for weeks.
A local privilege escalation security vulnerability could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME's AccountsService component.
Researchers at the University of Darmstadt, Brescia, CNIT, and the Secure Mobile Networking Lab, have published a paper that proves it's possible to extract passwords and manipulate traffic on a WiFi chip by targeting a device's Bluetooth component.
Ukrainian law enforcement arrested 51 suspects believed to have been selling stolen personal data on hacking forums belonging to hundreds of millions worldwide, including Ukraine, the US, and Europe.
1
