There’s 29 hours left in a Kickstarter campaign to fund “an open source, Linux-based, highly modular, customizable portable computer kit that accommodates anything from a Raspberry Pi to a Ryzen x86 4×4 single-board computer and more,” writes READY!100:

Reminiscent of 1980s executive portable computers, the READY! 100 is fully modern with 12 input output ports and 4 antenna ports. Perfect for hackers, ham radio operators, and audio/video folks, it can even be used with external graphics cards.

Engadget hailed it as “a Raspberry Pi enclosure for cyberpunk enthusiasts.”
Thanks to their diminutive size and low-power consumption, single-board computers like the Raspberry Pi can come in all shapes and sizes. We’ve seen DIY enthusiasts like Guy Dupont put a $10 Raspberry Pi Zero W into the shell of a 2004 iPod Classic to create a device that can access Spotify. But few are as cool as this recent Kickstarter project we spotted from a Toronto-based company called Ready! Computer Corporation.

The company’s Ready! Model 100 is essentially a case for your single-board computer that includes a mechanical keyboard, stereo speakers, a touchscreen display and enough I/O ports to connect almost anything you need. The enclosure allows you to fit an SBC that’s about the size of a 4×4 Intel NUC board. Oh, and you can carry it around with a guitar strap.

Basically, it allows you to build the cyberdeck of your dreams.

Read more of this story at Slashdot.

Source: Slashdot – Can ‘Ready’ Crowdfund a Raspberry Pi Cyberdeck Enclosure for Cyberpunk Enthusiasts?

Brave Browser had a privacy issue that leaked the Tor onion URL addresses you visited to your locally configured DNS server, “exposing the dark web websites you visit…”, writes Bleeping Computer.

Long-time Slashdot reader AmiMoJo quotes their report: To access Tor onion URLs, Brave added a “Private Window with Tor” mode that acts as a proxy to the Tor network. When you attempt to connect to an onion URL, your request is proxied through volunteer-run Tor nodes who make the request for you and send back the returned HTML. Due to this proxy implementation, Brave’s Tor mode does not directly provide the same level of privacy as using the Tor Browser.

When using Brave’s Tor mode, it should forward all requests to the Tor proxies and not send any information to any non-Tor Internet devices to increase privacy. However, a bug in Brave’s “Private window with Tor” mode is causing the onion URL for any Tor address you visit to also be sent as a standard DNS query to your machine’s configured DNS server. This bug was first reported in a Reddit post and later confirmed by James Kettle, the Director of Research at PortSwigger. BleepingComputer has also verified the claims by using Wireshark to view DNS traffic while using Brave’s Tor mode.

Brave has since released an update which fixes the bug.

Read more of this story at Slashdot.

Source: Slashdot – Brave Privacy Bug Exposed Tor Onion URLs To Your DNS Provider

“Current and former top executives at SolarWinds are blaming a company intern for a critical lapse in password security that apparently went undiagnosed for years,” reports CNN.

The password in question, “solarwinds123,” was discovered in 2019 on the public internet by an independent security researcher who warned the company that the leak had exposed a SolarWinds file server…

It is still unclear what role, if any, the leaked password may have played in enabling suspected Russian hackers to spy on multiple federal agencies and businesses in one of the most serious security breaches in U.S. history. Stolen credentials are one of three possible avenues of attack SolarWinds is investigating as it tries to uncover how it was first compromised by the hackers, who went on to hide malicious code in software updates that SolarWinds then pushed to some 18,000 customers, including numerous federal agencies. Other theories SolarWinds is exploring, said SolarWinds CEO Sudhakar Ramakrishna, include the brute-force guessing of company passwords, as well as the possibility the hackers could have entered via compromised third-party software.

Confronted by Rep. Rashida Tlaib, former SolarWinds CEO Kevin Thompson said the password issue was “a mistake that an intern made… They violated our password policies and they posted that password on an internal, on their own private Github account,” Thompson said. “As soon as it was identified and brought to the attention of my security team, they took that down….”

Ramakrishna later testified that the password had been in use as early as 2017… That timeframe is considerably longer than what had been reported.

The remarks were made at a hearing of a House security committee, where Representative Katie Porter also strongly criticized the company. “I’ve got a stronger password than ‘solarwinds123’ to stop my kids from watching too much YouTube on their iPad! You and your company were supposed to be preventing the Russians from reading Defense Department emails!”

CNN also reports that Microsoft (which is leading the forensic investigation into the breach) “later said there is no evidence that the Pentagon was actually affected by the Russian spying campaign.”

Read more of this story at Slashdot.

Source: Slashdot – SolarWinds’ Former CEO Blames Intern for ‘solarwinds123’ Password Leak

“People may scream at me for saying this, but net neutrality is one of America’s longest and now most pointless fights over technology.” So argues the New York Times “On Tech” newsletter author Shira Ovide, calling the debate “a distraction for our elected leaders and corporations when there are more pressing issues.”

Ovide also shares their discussion with Times technology and regulatory policy reporter Cecila Kang:

Kang: You can see the appeal of rules that make sure internet providers don’t stall web traffic unless it’s from their preferred business partners or their own streaming services. However, the debate feels much less urgent now that we’re talking about threats of online disinformation about vaccine deployment and elections. The net neutrality debate focused on internet service providers as powerful gatekeepers of internet information. That term now seems better applied to Facebook, Google and Amazon….

Ovide: Internet providers, public interest groups, some tech companies and a bunch of our elected leaders have been screaming holy war about an issue for 13 years without a resolution. Can they reach a middle ground and we’ll all move on?

Kang: There probably isn’t much of a middle ground. There are either net neutrality rules or there aren’t. And the internet service providers see net neutrality as a slippery slope that leads to broader regulation of high-speed internet services or government-imposed limits on prices they can charge. They will fight any regulation. And that’s true, too, of the lobbyists who are hired to argue against anything.

Read more of this story at Slashdot.

Source: Slashdot – Is the Net Neutrality Debate a Pointless Distraction?