The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday October 3, 2018

Elon Musk has been forced to step down as chairman of Tesla, but will remain as CEO

Elon Musk has reached a settlement with the Securities and Exchange Commission on the charges filed last week over his abandoned attempt to take Tesla private. Musk will have to step down as the chairman of Tesla within 45 days, and will not be able to take that role with the company again for three years. He will be able to remain Tesla’s CEO during that time.

Alongside the settlement, the SEC also charged Tesla with “failing to have required disclosure controls and procedures relating to Musk’s tweets,” according to the agency. Tesla has already agreed to settle this charge. Both Musk and the company will pay separate $20 million fines that will “be distributed to harmed investors under a court-approved process,” according to the SEC, and Tesla is being made to appoint two new independent directors to its board. According to the agreement, the company will also hire a lawyer to monitor Musk’s communications, including his tweets.

The SEC opened an investigation into Musk and Tesla in early August, shortly after the CEO abruptly announced on Twitter that he was considering taking the company private at a share price of $420. Musk said that he had the “funding secured” to pull off the feat, and that support from investors was confirmed as well.

While Musk reportedly had held multiple meetings with Saudi Arabia’s sovereign wealth fund about backing the privatization effort, the SEC argued in its lawsuit that Musk did not have a solid deal in place, and therefore his tweets were “false and misleading” to investors.

The first hearing in the SEC’s case against Musk was scheduled for February. The Department of Justice reportedly still has an open investigation into his failed privatization attempt, and a number of shareholders have sued Musk in court for losses resulting from the alleged market manipulation.

Source: www.theverge.com

Sent to us by: Robbie Ferguson

Amazon’s newest brick-and-mortar store sells only top-rated products, and Prime members pay the online price in-store, while everyone else pays more.

Another brick-and-mortar Amazon store opened its doors on Thursday: Amazon 4-star, at a new location in New York City's Soho district. The retail giant's new store only sells products that have been rated four stars or above on Amazon.com, plus Amazon's own products.

The company writes in a blog post that Amazon 4-star is a "direction reflection of our customers," and in a way that's true. The average rating for all items in Amazon 4-star is 4.4, and most items have hundreds or thousands of online star-ratings and reviews. Amazon stocked the store with consumer electronics, kitchen and home items, toys, books, games, and more, but it doesn't contain every single product that has a 4-star rating or higher.

Discovery appears to be one of the main purposes of the new store. Not only does the store highlight the most-loved items on Amazon.com, but the company also organizes them into specific categories like Most-Wished-For, Trending Around NYC, and Amazon Exclusives.

As with most Amazon endeavors, Prime members reap benefits in the new store: they'll pay the Amazon.com price, while non-Prime members pay MSRP. Digital price tags list both prices, as well as the amount Prime members save, the average star review for the item, and the total number of reviews.

Over the past few years, Amazon has pushed its way into the brick-and-mortar space after understanding its benefits for a primarily online business. The company's acquisition of Whole Foods gave it hundreds of stores in the US through which customers could buy groceries and other household items and through which Amazon could expand services such as grocery delivery and pickup.

Amazon has a number of other stores, too: Amazon bookstores sell only the most popular books on its website, and cashierless Amazon Go stores act as the company's slowly expanding convenience store chain. Amazon Go is arguably the company's most strategic brick-and-mortar play, as it allows Amazon to track customer behavior in-store using cameras and its mobile app. It's rumored that Amazon wants to open 3,000 Amazon Go stores by 2021.

In addition to gleaning more insight into customers' shopping habits, Amazon 4-star also gives the company another physical location to showcase its own devices. Amazon 4-star has tables dedicated to the newest Echo and Fire TV devices. Brick-and-mortar stores give customers the opportunity to play around with Amazon devices that they may not have seen in person before buying on Amazon.com.

Currently, it's unclear if we could see more Amazon 4-star stores open in other locations in the future.

Source: arstechnica.com

Sent to us by: Roy W. Nash

The first UEFI malware has been discovered in wild. It's a piece of laptop security software hijacked by Russians.

ESET Research has published a paper detailing the discovery of a malware campaign that used repurposed commercial software to create a backdoor in a computer's firmware.

The rootkit has been active since at least early 2017 and is capable of surviving the re-installation of the operating system or even a physical hard drive replacement.

While the malware had been spotted previously, ESET’s research is the first to show that it was actively attacking the firmware of computers to establish a tenacious foothold.

Dubbed “LoJax,” the malware is the first case of an attack leveraging the UEFI boot system being used in an attack by an adversary. And based on the way the malware was spread, it is highly likely that it was authored by a Russian state-sponsored operation tied to the cyber-attack on the Democratic National Committee.

There have been a number of security concerns about UEFI’s potential as a hiding place for rootkits and other malware. The UEFI is essentially a lightweight operating system in its own right, making it a handy place for attackers to hide rootkits that can't be seen or protected from in the system's OS.

WikiLeaks’ Vault 7 files showed that the CIA apparently developed an implant for Apple's computers that used the predecessor of UEFI, but it required physical access to the targeted computer and a malicious Thunderbolt Ethernet adapter. But LoJax is an entirely different animal—it was built to be deployed remotely, using malware tools that can read and overwrite parts of the UEFI firmware’s flash memory.

While LoJax shows all the hallmarks of a state-funded attack, the developers had a little bit of a head start when it came to the UEFI payload—they borrowed from a commercial software product that was purpose-built to stay active in a computer’s firmware. LoJax’s rootkit is essentially a modified version of a 2008 release of the LoJack anti-theft agent from Absolute Software, known at release as Computrace.

That firmware module ensured a software “small agent” stayed installed on the computer, which connected to an Absolute Web server—even if the computer had its drive wiped. In other words, Computrace was a commercially developed firmware rootkit.

In another bit of borrowing, the code in the malicious UEFI module uses an NTFS driver to access the Windows disk partition to make changes and install its agent. This NTFS driver was stolen from leaked software written by the Milan-based information security (and offensive hacking for hire) company Hacking Team. So really, this Russian state-sponsored rootkit was a team effort.

Source: arstechnica.com

Sent to us by: Roy W. Nash

NASA's Kepler telescope has been sent back to sleep as scientists preserve fuel for the next data dump.

Kepler’s resurrection from hibernation has been short-lived - NASA has put the veteran space telescope back in sleep mode after it was up and running for less than a month.

The probe, sent to sniff out exoplanets that may be lie in habitable zones around stars, is expected to run out of fuel soon. Launched in March 2009, the Kepler mission was planned for only three and a half years. When it was preparing for take off, however, NASA found that the rocket could carry spare mass and decided to add enough fuel to last ten years.

It has now been flying for nine and a half years and supplies are slowly petering out. Ground control has powered Kepler down to a state that doesn’t require any fuel so the agency can save what’s left for what they call “Deep Space Network time”.

On October 10th, Kepler will be restarted and directed to point its antenna back to Earth in the hopes that it will be able to transmit data back home.

Kepler has found more than 2,600 exoplanets so far. “A recent notable find is Wolf 503b, a nearby super-Earth-size planet orbiting a bright star. At approximately twice the size of Earth, Wolf 503b is representative of the most common size of planet Kepler found in the galaxy. However, since there are no planets this size in our own solar system, we have a lot left to learn about planets this size.” NASA said.

Hopefully, targets like Wolf 503b can be observed further with Kepler’s successor, the Transiting Exoplanet Survey Satellite, launched in April this year.

Source: www.theregister.co.uk

Sent to us by: Roy W. Nash