Victoria Fox's Blog, page 113

The technology center, which was born in 2015 from the merger of smaller entities to create an autonomous champion, brings in 62 million in 2023 and plans to increase turnover by 15% this year.

The Eurecat foundation reached a revenue volume of 62 million euros in 2023, which represents a growth of 11% compared to the previous year, at a time of high demand for the technological hybridization solutions of which it is esp.

To continue reading go Premium
Try it for €1 the first month

and enjoy unlimited access to all Expansión web content

I love you

Or sign up with your Google account in two clicks

SOURCE

MásOrange will be the official name of the new joint venture created by the merger of Orange and MásMóvil, as announced this morning at an event headed by Meinrad Spenger, the CEO of the joint venture and in which Ludovic Pech also participated, the CFO (general director of finance) and Germán López , the COO, (general director of operations). MásOrange , which will use +O as its logo, has brought together more than 3,000 employees at the Wizink Center in Madrid (an event that was followed by approximately another 2,000 remote workers via the Internet) to begin the journey of the new merged company that creates the first operator of telecommunications in Spain, by customer volume, since it will have 7.33 million fixed broadband users (compared to Movistar’s 5.93 million) and 30.2 million mobile telephone customers, versus 20, 1 million from Movistar.

Spenger announced yesterday the new leadership of the company, made up of an executive committee of eight members, of which four come from MásMóvil and four from Orange and a broader management committee, with twenty members in total, of which eleven come from MásMóvil and 9 from Orange.

In his words to the more than 3,000 employees gathered at the Madrid event – who have been joined by another 2,000 via telematics – Spenger has tried to reassure the staff by highlighting that MásOrange does not plan to launch an ERE (Regulation File of Employment), which does not mean that other alternative workforce reduction processes are not contemplated, via other mechanisms such as early retirement or incentivized sick leave.

The employees of the former MásMóvil , who worked at a headquarters in Alcobendas (Madrid), will move to the Finca Business Park, in Pozuelo de Alarcón (Madrid), where the Orange headquarters is located, according to what management has communicated to employees and have revealed the sources.

Over the next two months, the company’s organizational chart will be closed and, in the meantime, employees will maintain their role unless otherwise instructed.

SOURCE

Robert Habeck is sitting in the talk show chair, his hair is a bit disheveled as usual, but the most amazing things come out of his mouth. “I don’t give a shit about your potatoes,” he says, apparently directed at farmers who are demanding more subsidies. “We just import the things through Amazon Prime.” Objectively speaking, this video is very funny. But of course it’s not real.

If you scroll through Instagram , this must be one of those deepfakes that everyone from the Pope to the UN is warning about. Videos created using artificial intelligence in which politicians appear to say things they never said. This could be used to manipulate opinions, change moods and bury the truth. Such fears have been around for a long time, but they are becoming increasingly concrete. Now, when important elections are coming up in the US and Germany, when AI companies are releasing ever more impressive tools at ever shorter intervals, when the world has been hyperventilating for a week over a doctored photo of Princess Kate.

SOURCE

Enlarge / This cylindrical object, a few inches in size, fell through the roof of Alejandro Otero’s home in Florida last month.Alejandro Otero on X

A few weeks ago, something from the heavens came crashing through the roof of Alejandro Otero’s home, and NASA is on the case.

In all likelihood, this nearly two-pound object came from the International Space Station. Otero said it tore through the roof and both floors of his two-story house in Naples, Florida.

Otero wasn’t home at the time, but his son was there. A Nest home security camera captured the sound of the crash at 2:34 pm local time (19:34 UTC) on March 8. That’s an important piece of information because it is a close match for the time—2:29 pm EST (19:29 UTC)—that US Space Command recorded the reentry of a piece of space debris from the space station. At that time, the object was on a path over the Gulf of Mexico, heading toward southwest Florida.

This space junk consisted of depleted batteries from the ISS, attached to a cargo pallet that was originally supposed to come back to Earth in a controlled manner. But a series of delays meant this cargo pallet missed its ride back to Earth, so NASA jettisoned the batteries from the space station in 2021 to head for an unguided reentry.

Otero’s likely encounter with space debris was first reported by WINK News, the CBS affiliate for southwest Florida. Since then, NASA has recovered the debris from the homeowner, according to Josh Finch, an agency spokesperson.

Engineers at NASA’s Kennedy Space Center will analyze the object “as soon as possible to determine its origin,” Finch told Ars. “More information will be available once the analysis is complete.”

Ars reported on this reentry when it happened on March 8, noting that most of the material from the batteries and the cargo carrier would have likely burned up as they plunged through the atmosphere. Temperatures would have reached several thousand degrees, vaporizing most of the material before it could reach the ground.

The entire pallet, including the nine disused batteries from the space station’s power system, had a mass of more than 2.6 metric tons (5,800 pounds), according to NASA. Size-wise, it was about twice as tall as a standard kitchen refrigerator. It’s important to note that objects of this mass, or larger, regularly fall to Earth on guided trajectories, but they’re usually failed satellites or spent rocket stages left in orbit after completing their missions.

In a post on X, Otero said he is waiting for communication from “the responsible agencies” to resolve the cost of damages to his home.

Hello. Looks like one of those pieces missed Ft Myers and landed in my house in Naples.
Tore through the roof and went thru 2 floors. Almost his my son.
Can you please assist with getting NASA to connect with me? I’ve left messages and emails without a response. pic.twitter.com/Yi29f3EwyV

— Alejandro Otero (@Alejandro0tero) March 15, 2024

If the object is owned by NASA, Otero or his insurance company could make a claim against the federal government under the Federal Tort Claims Act, according to Michelle Hanlon, executive director of the Center for Air and Space Law at the University of Mississippi.

“It gets more interesting if this material is discovered to be not originally from the United States,” she told Ars. “If it is a human-made space object which was launched into space by another country, which caused damage on Earth, that country would be absolutely liable to the homeowner for the damage caused.”

This could be an issue in this case. The batteries were owned by NASA, but they were attached to a pallet structure launched by Japan’s space agency.

How this happened

At the time of the March 8 reentry, a NASA spokesperson at the Johnson Space Center in Houston said the space agency “conducted a thorough debris analysis assessment on the pallet and has determined it will harmlessly reenter the Earth’s atmosphere.” This was, by far, the most massive object ever tossed overboard from the International Space Station. “We do not expect any portion to have survived reentry,” NASA said.

However, research from other space experts did not match NASA’s statement. The Aerospace Corporation, a federally funded research and development center, says a “general rule of thumb” is that 20 to 40 percent of the mass of a large object will reach the ground. The exact percentage depends on the design of the object, but these nickel-hydrogen batteries were made of metals with relatively high density.

Ahead of the reentry, the European Space Agency also acknowledged some fragments from the battery pallet may survive to the ground.

Enlarge / In March 2021, the International Space Station’s robotic arm released a cargo pallet with nine expended batteries.NASA

NASA typically doesn’t want large chunks of space debris falling to Earth with an uncontrolled reentry. You can trace the reason this object came down unguided back to a Russian launch failure more than five years ago. NASA astronaut Nick Hague and Russian commander Alexey Ovchinin aborted their launch on a Soyuz spacecraft when their rocket failed shortly after liftoff.

One of Hague’s jobs at the International Space Station would have been to go outside on spacewalks to help install a new set of lithium-ion batteries recently delivered by a Japanese HTV cargo ship. But Hague didn’t reach the station in 2018, so NASA put off the spacewalks until a new team of astronauts arrived at the complex.

This interruption to the space station’s carefully choreographed schedule threw off the entire multiyear plan for upgrading the batteries on the outpost’s electrical system. Instead of putting the old batteries back into the HTV for a guided, destructive reentry over the open ocean, NASA held on to the cargo pallet at the station when the HTV supply ship needed to depart.

Each of the subsequent HTV missions delivered more fresh batteries to the space station and then departed the complex with the cargo pallet and decommissioned batteries from the previous HTV mission. That was the case until there were no more HTVs to fly. Japan’s last HTV spacecraft departed the ISS in 2020 with the cargo pallet and batteries from the prior flight, stranding the last battery pallet at the station.

Enlarge / Japan’s ninth HTV cargo ship departed the International Space Station in 2020 with the pallet from the previous HTV mission holding old nickel-hydrogen batteries.NASA

The space station’s other cargo vehicles—SpaceX’s Dragon, Northrop Grumman’s Cygnus, and the Russian Progress—can’t accommodate the HTV cargo pallet.

So NASA decided to jettison the battery pallet using the space station’s robotic arm in March 2021 in order to free up real estate on the lab. Without any propulsion of their own, the batteries were adrift in orbit for three years until aerodynamic drag finally pulled the pallet back into the atmosphere on March 8, almost exactly three years later.

It is notoriously difficult to predict where a piece of space junk will reenter the atmosphere. US Space Command precisely tracks tens of thousands of objects in Earth orbit, but the exact density of the upper atmosphere is still largely an unknown variable. Even a half-day before the reentry, US Space Command’s estimate for when the battery pallet would fall to Earth had a window of uncertainty spanning six hours, enough time for the object to circle the planet four times.

And if you don’t know when something will reenter the atmosphere, you can’t predict where it will come down.

A rare event

If NASA confirms the projectile that fell through Otero’s house last month came from the ISS, it would join a small handful of incidents when an object falling out of orbit damaged someone’s property.

Earth is a big place. It’s fairly common for someone to find a piece of fallen space junk in a field or washed up on a beach. But it is rare for a reentry to hit a structure or injure a person.

Falling space debris has never killed anyone. According to ESA, the annual risk of an individual human being injured by space debris is less than 1 in 100 billion.

But there are a few examples of damage. In 2003, a foot-long metal bracket from the doomed space shuttle Columbia smashed through the roof of a dentist’s office in Texas. Fortunately for those who worked there, the Columbia accident happened on a Saturday when the office was closed.

An Oklahoma resident named Lottie Williams was struck in the shoulder by a lightweight piece of material in 1997 that experts linked to the reentry of the upper stage from a Delta II rocket. It was a glancing blow, and the air helped slow down the piece of debris, so she escaped injury. There was also an incident in 1969 when a fragment from a Soviet spacecraft reportedly hit a small Japanese ship near the coast of Siberia, injuring five people.

When a large Chinese Long March 5B rocket fell out of orbit in 2020, wreckage damaged a village in the Republic of Côte d’Ivoire.

The Long March 5B is a frequent offender of debris. Its design is unique in that the first stage of the Long March 5B actually accelerates to orbital velocity, rather than relying on an upper stage to put its payload into orbit, as most rockets do.

The Long March 5B’s core stage has a mass of about 20 metric tons and measures around 100 feet (30 meters) long and 16 feet (5 meters) wide. An object that size could do a lot of damage if it fell to the ground in the wrong place. China never designed the Long March 5B to steer itself back into the atmosphere, so a few days after each launch, the booster comes down without control.

Four Long March 5Bs have been launched to date, with more flights planned in the coming years to launch Chinese internet satellites and a Chinese astronomical observatory comparable in size to the Hubble Space Telescope. After a launch in 2022, villagers recovered debris from the Long March 5B after it fell in Borneo, although officials reported no damage.

Enlarge / This map from the European Space Agency shows the track of the battery pallet during its final hours in orbit. The path over of the Gulf of Mexico near Florida is where it reentered the atmosphere.European Space Agency

One of the more famous incidents of damage from space debris was the 1978 reentry of Kosmos 954, a nuclear-powered Soviet military satellite, in remote northern Canada. The wreckage from Kosmos 954 didn’t injure anyone or damage any homes, but Canada organized a cleanup effort to recover as much radioactive debris as possible to guard against environmental impacts. The Soviet Union paid Canada $3 million in Canadian dollars to settle the matter.

“Spacefaring nations must minimize the risks to people and property on Earth of re-entries of space objects and maximize transparency regarding those operations,” NASA Administrator Bill Nelson said in a 2021 statement following one of the Long March 5B reentries.

SpaceX’s Starlink internet satellites, which make up most of the active spacecraft in orbit, are designed to burn up on reentry. In most cases, US and European launch companies design their missions to bring their rockets’ upper stages back into the atmosphere over the ocean when their missions are done.

Most recently, SpaceX has designed trajectories for test flights of the Starship rocket out of concern about an uncontrolled reentry. Starship is the largest single object ever launched into space and could pose a significant risk—compared to most space debris—to people or property if it fell to Earth without any guidance.

For the first few Starship test flights, SpaceX has intentionally guided Starship on a trajectory that would bring it down over a remote stretch of ocean within an hour or two of launch rather than putting it into a stable orbit where it might stay for days or weeks. This ensures Starship can safely reenter the atmosphere until SpaceX can demonstrate an ability to deorbit the vehicle for a controlled reentry.

SOURCE

EnlargeDiscord

Discord had long been strongly opposed to ads, but starting this week, it’s giving video game makers the ability to advertise to its users. The introduction of so-called Sponsored Quests marks a notable change from the startup’s previous business model, but, at least for now, it seems much less intrusive than the ads shoved into other social media platforms, especially since Discord users can choose not to engage with them.

Discord first announced Sponsored Quests on March 7, with Peter Sellis, Discord’s SVP of product, writing in a blog post that users would start seeing them in the “coming weeks.” Sponsored Quests offer PC gamers in-game rewards for getting friends to watch a stream of them playing through Discord. Discord senior product communications manager Swaleha Carlson confirmed to Ars Technica that Sponsored Quests launch this week.

Enlarge / Discord shared this image in March as an example of the new type of ads.Discord

The goal is for video games to get exposure to more gamers, serving as a form of marketing. On Saturday, The Wall Street Journal (WSJ) reported that it viewed a slide from a slideshow Discord shows to game developers regarding the ads that reads: “We’ll get you in front of players. And those players will get you into their friend groups.”

Sellis told WSJ that Discord will target ads depending on users’ age, geographic location data, and gameplay. The ads will live on the bottom-left of the screen, but users can opt out of personalized promotions for Quests that are based on activity or data shared with Discord, Swaleha Carlson, senior product communications manager at Discord, told Ars Technica.

“Users may still see Quests, however, if they navigate to their Gift Inventory and/or through contextual entry points like a user’s friends’ activity. They’ll also have the option to hide an in-app promotion for a specific Quest or game they’re not interested in,” she said.

“Users may still see Quests, however, if they navigate to their Gift Inventory and/or through contextual entry points like a user’s friends’ activity. They’ll also have the option to hide an in-app promotion for a specific Quest or game they’re not interested in. “

Discord already tested the ads in May with Lucasfilm Games and Epic Games. Discord users were able to receive Star Wars-themed gear in Fortnite for getting a friend to watch them play Fortnite on PC for at least 15 minutes.

Jason Citron, Discord co-founder and CEO, told Bloomberg in March that the company hopes that one day “every game will offer Quests on Discord.”

Discord used to be anti-ads

It may be a nuisance for users to have to disable personalized promotion for Sponsored Quests when they never asked for them, but it should bring long-term users at least some comfort that their data purportedly doesn’t have to contribute to the marketing. However, it’s unclear if Discord may one day change this. The fact that the platform is implementing ads at all is somewhat surprising. Discord named its avoidance of advertising as one of its key differentiators from traditional social media platforms as recently as late January.

In March 2021, Citron told WSJ that Discord had eschewed ads until that point because ads would be intrusive, considering Discord’s purpose of instant back-and-forth communication and people’s general distaste for viewing ads and having their data shared with other companies.

“We really believe we can build products that make Discord more fun and that people will pay for them. It keeps our incentives aligned,” Citron told WSJ at the time.

That same year, Citron, in response to a question about why being ad-free is important to Discord, told NPR: “We believe that people’s data is their data and that people should feel comfortable and safe to have conversations and that their data is not going to be used against them in any way that is improper.”

Sponsored Quests differs from other types of ads that would more obviously disrupt Discord users’ experiences, such as pop-up ads or ads viewed alongside chat windows.

A tight-rope to walk

Beyond Sponsored Quests, Discord, which launched in 2015, previously announced that it would start selling sponsored profile effects and avatar decorations in the Discord Shop. In March, Discord’s Sellis said this would arrive in the “coming weeks.” Discord is also trying to hire more than 12 people to work in ad sales, WSJ said Saturday, citing anonymous “people familiar with [Discord’s] plans.”

Discord’s Carlson declined to comment to Ars on whether or not Discord plans to incorporate other types of ads into Discord. She noted that Sponsored Quests “are currently in the pilot phase” and that the company will “continue to iterate based on what we learn.”

In 2021, Discord enjoyed a nearly three-times revenue boost that it attributed to subscription sales for Nitro, which adds features like HD video streaming and up to 500MB uploads. In March, Citron told Bloomberg that Discord has more than 200 million monthly active users and that the company will “probably” go public eventually.

The publication, citing unnamed “people with knowledge of the matter,” also reported that Discord makes over $600 million in annualized revenue. The startup has raised over $1 billion in funding and is reported to have over $700 million in cash. However, the company reportedly isn’t profitable. It also laid off 17 percent of staffers, or 170 workers, in January.

Meanwhile, ads are the top revenue generator for many other social media platforms, such as Reddit, which recently went public.

While Discord’s first real ads endeavor seems like it will have minimal impact on users who aren’t interested in them, it brings the company down a tricky road that it hasn’t previously navigated. A key priority should be ensuring that any form of ads doesn’t disrupt the primary reasons people like using Discord. As it stands, Sponsored Quests might already put off some users.

“I don’t want my friendships to be monetized or productized in any way,” Zack Mohsen, a reported long-time user and computer hardware engineer based in Seattle, told WSJ.

Updated April 1, 2024 at 5:32 p.m. ET to add information and comment from Discord. 

SOURCE

The British group Vodafone is going to increase the size of the open mobile network development center ( Open RAN ) that it already maintains in its R&D center located in Malaga . The center was created with a staff of about 50 workers that will increase in the future. At the same time, the Malaga center will see its employment perimeter increase with the incorporation of the 374 employees who will move from Vodafone Spain to Vodafone Intelligent Solutions (VOIS) once the sale of the Spanish subsidiary of Vodafone to Zegona is closed.

The reason for this reduction is the transfer of these people from Vodafone Spain to Vodafone Group , that is, to the British parent company due to the sale of the Spanish subsidiary to the British financial group Zegona . Therefore, the transfer is conditional on the closing of the sale operation of the Spanish subsidiary and will only occur after the operation . These are employees who, on many occasions, had dual responsibilities, mainly in technical positions related to networks or administration, since they carried out tasks in the Spanish subsidiary but also absorbed global responsibilities in the British multinational. For this reason, on many occasions, their salaries were re-invoiced, that is, after paying their salaries, Vodafone Spain charged the group its cost. These 374 employees will maintain their current working conditions intact and unchanged and will move to a company called Vodafone Intelligent Solutions (VOIS) , which is the tool with which the Vodafone group will host these employees with global responsibilities. This VOIS company is the one that employs the workers of the Research and Development centers that the group has launched in the city of Malaga , and which currently number around six hundred people.

1,000 employees

That is to say, after the addition of these almost 400 new employees, the Vodafone group will maintain a workforce of around a thousand employees in Spain, once the main subsidiary has been sold to Zegona .

Regarding the Open RAN development group, Vodafone has indicated that this will be able to “replace many of the current time-consuming manual processes with zero-touch operations. This will make it faster and cheaper to introduce new software updates and install new “5G functions for customers. Likewise, it will continue to promote the development of more efficient chips in energy management from the Malaga Hub.”

Likewise, the group has explained that “the creation of the largest Open RAN laboratory in Malaga will accelerate the adoption of the technology and encourage industry participation, adapting solutions to specific use cases demanded by different sectors. This objective is “aligned with the guidelines of the European Union to promote a solid ecosystem of Open RAN technology suppliers, allowing to increase and consolidate the presence of European suppliers in the global market.”

Open RAN is positioned as the future of mobile networks by allowing the disaggregation of hardware and software in radio stations, allowing the software that controls the system to run on any general-purpose hardware, regardless of the supplier. Open RAN thus allows the generation of an open ecosystem of suppliers, promoting competition and flexibility, encouraging innovation and reducing the total cost of deployment and operation, compared to current access networks, where solutions are monolithic and proprietary.

The Vodafone Innovation Hub , which manages the commercial operations of the Vodafone Group and enterprise clients in 11 countries, is specialized in the development of technological solutions and innovative digital services based on unified communications, Internet of Things, virtual private networks, Open RAN (the standard of open and interoperable networks), Edge Computing, Connected Vehicle, Robotics, artificial intelligence, Cloud or Blockchain.

SOURCE

Meinrad Spenger, the new CEO of the merged firm Orange-MásMóvil , announced late this afternoon the executive committee (8 members) and the management committee (an expanded committee, with 20 members) of the new firm result

To continue reading go Premium
Try it for €1 the first month

and enjoy unlimited access to all Expansión web content

I love you

Or sign up with your Google account in two clicks

SOURCE

The Government’s share package in Telefónica has a value of almost 716 million euros.

The Ministry of Finance approved the injection of 500 million euros to the State Society of Industrial Participations ( Sepi ) to undertake the acquisition of Telefónica shares, according to a report from the General Intervention of the State Administration (IGAE).

Specifically, the February budget execution report (published on March 27) indicates that there was a capital contribution of 500 million euros to the public entity, an injection of liquidity that Treasury sources have confirmed was allocated to the acquisition. of Telefónica shares , of which the State already owns 3.044% through the SEPI.

However, Sepi would have parked another 2% more in financial derivatives, so, once it makes them effective, its weight in the telecom would rise to 5%, according to Europa Press , which also stressed that the Executive’s intention is that additional 2% deposited in a ‘swap’ will emerge “shortly.”

At the end of last year, the Government ordered Sepi to acquire up to 10% of the share capital of Telefónica in a movement that was marked by the surprising landing in the company of the Saudi operator STC, which last September took over the 9.9% of the company – 4.9% through direct shares and 5% with financial derivatives – for approximately 2.1 billion euros.

At the current market price, the Government’s share package in Telefónica has a value of almost 716 million euros , with the company’s price at 4,089 euros at the close of last Thursday (the Stock Market is closed this Monday).

At the same time, at the current market price, the acquisition of the other remaining 7% (until 10% is complete) would have a cost of approximately 1,646 million euros .

The Government’s decision not to present new General State Budgets for 2024 and to extend those of the previous year raised certain doubts about how the State was going to proceed to finance its entry into the Telefónica shareholding .

However, in mid-February the Government assured that the order transmitted to Sepi last December would be maintained despite this decision by the Executive.

SOURCE

Enlarge / Malware Detected Warning Screen with abstract binary code 3d digital conceptGetty Images

On Friday, researchers revealed the discovery of a backdoor that was intentionally planted in xz Utils, an open-source data compression utility available on almost all installations of Linux and other Unix-like operating systems. The person or people behind this project likely spent years on it. They were likely very close to seeing the backdoor update merged into Debian and Red Hat, the two biggest distributions of Linux when an eagle-eyed software developer spotted something fishy.

“This might be the best executed supply chain attack we’ve seen described in the open, and it’s a nightmare scenario: malicious, competent, authorized upstream in a widely used library,” software and cryptography engineer Filippo Valsorda said of the effort, which came frightfully close to succeeding.

Researchers have spent the weekend gathering clues. Here’s what we know so far.

What is xz Utils?

xz Utils is nearly ubiquitous in Linux. It provides lossless data compression on virtually all Unix-like operating systems, including Linux. xz Utils provides critical functions for compressing and decompressing data during all kinds of all kinds of operations. xz Utils also supports the legacy .lzma format, making this component even more crucial.

What happened?

Andres Freund, a developer and engineer working on Microsoft’s PostgreSQL offerings, was recently troubleshooting performance problems a Debian system was experiencing with SSH, the most widely used protocol for remotely logging into devices over the Internet. Specifically, SSH logins were consuming too many CPU cycles and were generating errors with valgrind, a utility for monitoring computer memory.

Through a combination of sheer luck and Freund’s careful eye, he eventually discovered the problems were the result of updates that had been made to xz Utils. On Friday, Freund took to the Open Source Security List to disclose the updates were the result of someone intentionally planting a backdoor in the compression software.

What does the backdoor do?

Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions when performing operations related to lzma compression or decompression. When these functions involved SSH, they allowed for malicious code to be executed with root privileges. This code allowed someone in possession of a predetermined encryption key to log into the backdoored system over SSH. From then on, that person would have the same level of control as any authorized administrator.

How did this backdoor come to be?

It would appear that this backdoor was years in the making. In 2021, someone with the username JiaT575 made their first known commit to an open-source project. In retrospect, the change to the libarchive project is suspicious, because it replaced the safe_fprint funcion with a variant that’s long been recognized as less secure. No one noticed at the time.

The following year, JiaT575 submited a patch over the xz Utils mailing list, and almost immediately, a never-before-seen participant named Jigar Kumar joined the discussion and argued that Lasse Collin, the longtime maintainer of xz Utils, hadn’t been updating the software often or fast enough. Kumar, with the support of Dennis Ens and several other people who had never had a presence on the list, pressured Collin to bring on an additional developer to maintain the project.

In January 2023, JiaT75,made their first commit to xz Utils. In the months following, JiaT75, who used the name Jia Tan, became increasingly involved in xz Utils affairs. For instance, Tan replaced Collins’s contact information with their own on Microsoft’s oss-fuzz, a project that scans open-source software for signs of maliciousness. Tan also requested that oss-fuzz disable the ifunc function during testing, a change that prevented it from detecting the malicious changes Tan would soon make to xz Utils.

In February of this year, Tan issued commits for versions 5.6.0 and 5.6.1 of xz Utils. The updates implemented the backdoor. In the following weeks, Tan or others appeal to developers of Ubuntu, Red Hat, and Debian to merge the updates into their OSes. Eventually, one of the two updates made its way into the following releases, according to security firm Tenable:

DistributionAdvisoryNotesFedora Rawhidehttps://www.redhat.com/en/blog/urgent...Fedora Rawhide is the development distribution of Fedora LinuxFedora 41https://www.redhat.com/en/blog/urgent...Debian testing, unstable and experimental distributions versions 5.5.1alpha-0.1 to 5.6.1-1.https://lists.debian.org/debian-secur...openSUSE Tumbleweed and openSUSE MicroOShttps://news.opensuse.org/2024/03/29/...Backdoored version of xz was included in Tumbelweed and MicroOS between March 7 and March 28Kali Linuxhttps://www.kali.org/blog/about-the-x...Backdoored version of xz was included in Kali Linux (xz-utils 5.6.0-0.2) between March 26 and March 28

Can you say more about what this backdoor does?

In a nutshell, it allows someone with the right private key to hijack sshd, the executable file responsible for making SSH connections, and from there to execute malicious commands. The backdoor is implemented through a five-stage loader that uses a series of simple but clever techniques to hide itself. It also provides the means for new payloads to be delivered without major changes being required.

Multiple people who have reverse engineered the updates have much more to say about the backdoor.

Developer Sam James provided this overview:

This backdoor has several components. At a high level:

The release tarballs upstream publishes don’t have the same code that GitHub has. This is common in C projects so that downstream consumers don’t need to remember how to run autotools and autoconf. The version of build-to-host.m4 in the release tarballs differs wildly from the upstream on GitHub.There are crafted test files in the tests/ folder within the git repository too. These files are in the following commits:tests/files/bad-3-corrupt_lzma2.xz (cf44e4b7f5dfdbf8c78aef377c10f71e274f63c0, 74b138d2a6529f2c07729d7c77b1725a8e8b16f1)tests/files/good-large_compressed.lzma (cf44e4b7f5dfdbf8c78aef377c10f71e274f63c0, 74b138d2a6529f2c07729d7c77b1725a8e8b16f1)A script called by build-to-host.m4 that unpacks this malicious test data and uses it to modify the build process.IFUNC, a mechanism in glibc that allows for indirect function calls, is used to perform runtime hooking/redirection of OpenSSH’s authentication routines. IFUNC is a tool that is normally used for legitimate things, but in this case it is exploited for this attack path.

Normally upstream publishes release tarballs that are different than the automatically generated ones in GitHub. In these modified tarballs, a malicious version of build-to-host.m4 is included to execute a script during the build process.

This script (at least in versions 5.6.0 and 5.6.1) checks for various conditions like the architecture of the machine. Here is a snippet of the malicious script that gets unpacked by build-to-host.m4 and an explanation of what it does:

if ! (echo "$build" | grep -Eq "^x86_64" > /dev/null 2>&1) && (echo "$build" | grep -Eq "linux-gnu$" > /dev/null 2>&1);thenIf amd64/x86_64 is the target of the buildAnd if the target uses the name linux-gnu (mostly checks for the use of glibc)

It also checks for the toolchain being used:

if test "x$GCC" != 'xyes' > /dev/null 2>&1;thenexit 0fiif test "x$CC" != 'xgcc' > /dev/null 2>&1;thenexit 0fiLDv=$LD" -v"if ! $LDv 2>&1 | grep -qs 'GNU ld' > /dev/null 2>&1;thenexit 0

And if you are trying to build a Debian or Red Hat package:

if test -f "$srcdir/debian/rules" || test "x$RPM_ARCH" = "xx86_64";then

This attack thusly seems to be targeted at amd64 systems running glibc using either Debian or Red Hat derived distributions. Other systems may be vulnerable at this time, but we don’t know.

In an online interview, developer and reverse engineer HD Moore confirmed the Sam James suspicion that the backdoor targeted either Debian or Red Hat distributions.

“The attack was sneaky in that it only did the final steps of the backdoor if you were building the library on amd64 (intel x86 64-bit) and were building a Debian or a RPM package (instead of using it for a local installation),” he wrote.

Paraphrasing observations from researchers who collectively spent the weekend analyzing the malicius updates, he continued:

When verifying an SSH public key, if the public key matches a certain fingerprint function, the key contents are decrypted using a pre-shared key before the public key is actually verified. The decrypted contents are then passed directly to system.

If the fingerprint doesn’t match or the decrypted contents don’t match a certain format, it falls back to regular key verification and no-one’s the wiser.

The backdoor is super sneaky. It uses a little-known feature of the glibc to hook a function. It only triggers when the backdoored xz library gets loaded by a /usr/bin/sshd process on one of the affected distributions. There may be many other backdoors, but the one everyone is talking about uses the function indirection stuff to add the hook. The payload was encoded into fake xz test files and runs as a shellcode effectively, changing the SSH RSA key verification code so that a magic public key (sent during normal authentication) let the attacker gain access

​​Their grand scheme was:

1) sneakily backdoor the release tarballs, but not the source code

2) use sockpuppet accounts to convince the various Linux distributions to pull the latest version and package it

3) once those distributions shipped it, they could take over any downstream user/company system/etc

Additional technical analysis is available from the above Bluesky thread from Valsorda, researcher Kevin Beaumont and Freund’s Friday disclosure.

What more do we know about Jia Tan?

At the moment, extremely little, especially for someone entrusted to steward a piece of software as ubiquitous and as sensitive as xz Utils. This developer persona has touched dozens of other pieces of open-source software in the past few years. At the moment, it’s unknown if there was ever a real-world person behind this username or if Jia Tan is a completely fabricated individual.

SOURCE

It will receive about 900 million euros for nearly 6 million homes, which allows the group to pay debt, invest in spectrum and mobile network and finance its growth.

The telecommunications operator Digi Spain Telecom , a subsidiary of the Romanian multinational of the same name, is finalizing an agreement with the Australian multinational Macquarie Capital, to sell it a fiber optic access network made up of cabling that

To continue reading go Premium
Try it for €1 the first month

and enjoy unlimited access to all Expansión web content

I love you

Or sign up with your Google account in two clicks

SOURCE