A new wave of spamming attacks on a core component of PGP's ecosystem has highlighted a fundamental weakness in the whole ecosystem. From a report: Unknown attackers are spamming a core component of the ecosystem of the well-known encryption software PGP, breaking users' PGP installations and clients. What's worse, there may be no way to stop them. Last week, contributors to the PGP protocol GnuPG noticed that someone was "poisoning" or "flooding" their certificates. In this case, poisoning refers to an attack where someone spams a certificate with a large number of signatures or certifications. This makes it impossible for the the PGP software that people use to verify its authenticity, which can make the software unusable or break. In practice, according to one of the GnuPG developers targeted by this attack, the hackers could make it impossible for people using Linux to download updates, which are verified via PGP.

Read more of this story at Slashdot.

Who are EU nominees Ursula von der Leyen, Christine LaGarde, Charles Michel and Josep Borrell?

'Dangerous' reactor to begin work in days to produce plutonium - key nuclear weapon component, President Rouhani warns.

An anonymous reader quotes a report from Ars Technica: Either Microsoft is gearing up for a very odd promotional effort or somebody on the Windows team has hijacked a functioning time machine. Yesterday, the company posted a video boasting an "all-new Windows 1.0" to its social channels. It even went so far as to completely wipe all its previous posts from the Windows Instagram account, so all you'll find is the clip of its logos over the years. The video scrolls from the simplicity of Windows 10 through the pixellated rainbow flag of Windows XP and Windows 95. Whatever the situation is, the stunt is giving Windows' social media managers a chance to load their replies to confused tweets with throwbacks, from Back to the Future gifs to all the jargon that was once the epitome of cool.

Read more of this story at Slashdot.

There was a time when every woman I met was named Kim. It's happening again, only this time they're all named Maryanne or Marianne or Maryann. There have been four so far. Just got an email from a person working on a project that I'm also working on. Of course, her name is Marianne. My dear departed uncle used to say he was a member of the Church of Non-functional Probabilities. Things would happen to him that could not be predicted by any legit probability distribution. This is an example of a message from god. I was doubting His or Her existence. I don't doubt it now. And further I think my dear uncle in heaven is having a good laugh at his still-living nephew. If you can read this, Ken, I miss you!

China lodges official protest, saying British foreign secretary 'fantasising in the faded glory of British colonialism'.

Judge temporarily blocks state's 'heartbeat law', which opponents argue would effectively ban abortions.

A combination of climate change, bad policies and political apathy is steadily pushing India into a catastrophic water crisis that threatens stability in South Asia. From a report: Recent studies document that glaciers feeding the Indian subcontinent's rivers will recede rapidly, while rapid ground water depletion poses an existential challenge to agriculture. The southwest monsoons remain the biggest source of water in the subcontinent. The monsoons lead to a combination of water sources supporting human habitats that includes glaciers, surface irrigation and ground water. But redundancy and surplus have gone missing from this once abundant system. Taking their place are galloping shortages. Even the best-case scenarios are "scary," water researcher Aditi Mukherjee told Asia Times. Mukherjee is one of the editors of a landmark study that was published earlier this year. It predicts a terrible loss of the glaciers that dot the Hindu Kush-Himalaya region. "The Hindu Kush Himalaya Assessment [PDF]" says that even if urgent global action on climate change is able to limit global warning to 1.5 degrees centigrade, it will still lead to a loss of a third of the glaciers in the region by the year 2100. If the temperatures rise by 2.7 degrees centigrade, then half the glaciers will be gone. And if the current rate of global warming continues and temperatures rise by 6 degrees centigrade, then two-thirds of the glaciers will melt away. This has major implications for India, China, Pakistan, Nepal and Bangladesh. While the nearly 250 million who live in the Hindu Kush-Himalaya region will be most impacted from the outset, another 1.65 billion people who depend on the glacier-fed rivers are primarily at risk. "Even if we look at the best case scenario, which means limiting global warming by 1.5C, we are looking at a 36% loss of glaciers," said Mukherjee. Further reading: Nearly two dozen cities in India will be out of water by next year.

Read more of this story at Slashdot.

UN envoy condemns 'war crime' air strike on detention centre, saying those responsible must be held accountable.

Critics accuse Trump of disregarding 'institutions, values and norms that have sustained' the United States for years.

D-Link has agreed to a settlement with the US Federal Trade Commission in regards to a 2017 lawsuit in which the US government agency accused the Taiwanese hardware maker of misrepresenting the security of its devices and ignoring vulnerability reports. From a report: As part of the settlement, D-Link has promised to implement a new software security program for its routers and Internet-connected cameras. The company has also agreed to subject itself to ten years of biennial security audits from a third-party, independent auditor. The FTC gets to choose the auditor, while D-Link got to decide the certifications the auditor must obtain before allowing it to review its security program.

Read more of this story at Slashdot.

US still plans to impose sanctions on Turkey and remove it from fighter jet programme if it buys Russian air defences.

Google's bet on balloons to deliver cell service soon faces a crucial test amid doubts about the viability of the technology by some potential customers. From a report: The company behind the effort, Loon says its balloons will reach Kenya in the coming weeks for its first commercial trial. The test with Telkom Kenya, the nation's No. 3 carrier, will let mountain villagers buy 4G service at market-rate prices for an undefined period. Kenya's aviation authority said its final approval would be signed this month. Hatched in 2011, Loon aims to bring connectivity to remote parts of the world by floating solar-powered networking gear over areas where cell towers would be too expensive to build. Its tennis-court-sized helium balloons have demonstrated utility. Over the last three years, Loon successfully let wireless carriers in Peru and Puerto Rico use balloons for free to supplant cell phone towers downed by natural disasters. Kenyan officials are enthusiastic as they try to bring more citizens online. But executives at five other wireless carriers courted by Loon across four continents told Reuters that Loon is not a fit currently, and may never be. Those companies, including Telkom Indonesia, Vodafone New Zealand and French giant Orange, say Loon must demonstrate its technology is reliable, safe and profitable for carriers.

Read more of this story at Slashdot.

With more than 100 million installs, file-sharing service 4shared is one of the most popular apps in the Android app store. But security researchers say the app is secretly displaying invisible ads and subscribes users to paid services, racking up charges without the user's knowledge -- or their permission -- collectively costing millions of dollars. From a report: "It all happens in the background... nothing appears on the screen," said Guy Krief, chief executive of London-based Upstream, which shared its research exclusively with TechCrunch. The researchers say the app contains suspicious third-party code that allowed the app to automate clicks and make fraudulent purchases. They said the component, built by Hong Kong-based Elephant Data, downloads code which is "directly responsible" for generating the automated clicks without the user's knowledge. The code also sets a cookie to determine if a device has previously been used to make a purchase, likely as a way to hide the activity.

Read more of this story at Slashdot.

Three found guilty of involvement in university siege given decades in jail after 2015 killing of 148 people by gunmen.