The Register

Code shack describes issue as 'moderate' security flaw, plans to disable risky commands gradually Google's bug-hunting Project Zero team has posted details of an injection vulnerability in GitHub Actions after refusing a request to postpone disclosure.…

Reach out to your loved ones - but in Great Britain you'll have to use your phone A handy feature in Google's Nest speakers allows users to place calls to mobiles and landlines free of charge without a subscription or dedicated handset. Sadly, that particular benefit is coming to an end in the UK.…

Jamstack, Kubernetes, community contributions, and automatic translation – what could go wrong? Mozilla's MDN JavaScript and web technology reference documentation is migrating to a new GitHub-based platform, codenamed Yari, which is now in beta and taking contributions.…

Small Brit firm pushes back against Zuckerborg sueball Mobile app developers accused by Facebook of deploying “malicious” SDKs to scrape users’ data from the social network have hit back, telling London’s High Court that nearly all their apps were “not capable” of harvesting data from Facebook itself.…

Drag racing in orbit with Rocket Lab Rocket Lab is planning a 30-satellite launch via its 16th Electron launch from New Zealand. The payload will include a statue of Gnome Chompski*, presumably in an attempt to unlock hitherto unknown Half-Life achievements.…

Just One More Thing, eh? Apple has set a date for the next emission of its inevitably overpriced gear. The socially distanced (and likely pre-recorded) affair will be Cupertino's third event in as many months, and is expected to introduce the inaugural cohort of Arm-powered Macs.…

Also: HoloLens 2 Dev Edition out, .NET 5 prepares debut, and PowerToys Mute gets experimental In Brief It is said that Microsoft giveth and Microsoft taketh away.…

D'oh! If only they'd seen bug before issuing those 402 other fixes Oracle has released an emergency patch after a security vulnerability was revealed in its WebLogic middleware last week.…

Just don't leave. Plus: Cloud subscription model is 'increasing customer lifetime revenue' SAP CEO Christian Klein has committed to extending customer payment terms and helping partners struggling as the second wave of the COVID-19 pandemic grips Europe and governments enforce further lockdowns.…

It's really dope. Yep it's an energy-efficient process kicked off by gadolinium-doped cerium dioxide Researchers in Spain have uncovered a new approach to producing hydrogen via water splitting which could help overcome some of the drawbacks to this promising alternative fuel source.…

But annual report doesn't mention China once The National Cyber Security Centre fended off more than 700 cyber attacks directed against the British state over the last year, of which about a quarter were COVID-19 related.…

Plus: Faster on-demand supercomputing. P4d VMs with Nvidia A100 and GPUDirect RDMA AWS will deliver a new public container registry "within weeks" in response to Docker's introduction of pull rate limits for Docker Hub.…

Why? Because it's 2020. Oh OK, the real reason is: More efficient use of on-board cameras Tiny monitoring devices, strapped to birds, used artificial intelligence to work smarter, it is claimed.…

Ex-BAE Systems bod's letter read to Old Bailey A former BAE Systems engineer accused of failing to hand over his device passwords to Merseyside Police vowed not to give them up until a watchdog investigated his allegations that police workers had perverted the course of justice, the Old Bailey heard.…

Oh never mind, the project was 'reset' It was all smiles when the City of Edinburgh Council announced the extension of its managed IT services contract with supplier CGI in September. But talk of smart city services using artificial intelligence and IoT belied a sorry tale of an abandoned Unit4 ERP project which led two suppliers to the courtroom door.…

Air freight costs grounded mobile profits, but PC sales and overall profits keep rising Lenovo has posted interim results for Q2 and the first half of 2020 and revealed that while clouds builders went on a spending spree, the company’s data centre group (DCG) is still making losses.…

No, no, no, you hit it like this *whack* GitHub has warned it may ban users who fork a DMCA'd YouTube download tool on its platform – while at the same time hinting at how netizens can continue distributing the software without drawing fire.…

Officials go with randomly selected words with unintentionally hilarious results. Filthy Python, anyone? Many memorable events get named, whether they're hurricanes, political events, or security incidents like the Morris Worm, which surfaced 32 years ago yesterday.…

Australian antenna upgrade appears to have worked, should be ready to help with imminent Mars landings NASA has successfully communicated with the Voyager 2 probe after an eight-month hiatus.…

11.11 event should be four times bigger than Amazon Prime Day Chinese digital tat bazaar Alibaba is trying to take its multi-billion-dollar “Singles' Day” online shopping frenzy global.…

Yeah, take that, Microsoft, Facebook, Apple, and everyone else who pays that much anyway The decision by the Trump administration to raise the minimum wage that H-1B visa holders must earn in America before they are eligible to work stateside is going to destroy startup culture, business leaders have warned.…

Harvested usernames, passwords used to drain victims' coffers A Russian programmer has been sentenced to eight years behind bars in America for his part in a massive cybercriminal network that hacked into and drained victims' bank accounts.…

SANS Institute opens up ICS Asia Pacific Summit to all Promo 2020 has been a year of incredible uncertainty and upheaval, which for security professionals inevitably means threats have multiplied right across the enterprise.…

Abuse packet sizes to fool vulnerable application-level gateways Coinciding with Halloween over the weekend, security researcher Samy Kamkar published details of a spooky firewall-busting technique he calls NAT Slipstreaming. It allows a remote attacker to punch through gateway and browser defenses to access services running on computers within a network, depending on the victim's configuration.…

Guess what? It’s going to appeal. Again again. Again. Again Apple has to pay another $502.8m to network security outfit VirnetX for infringing its patents, a court has decided.…

Open-source coders to get 'upgraded' to a trial plan that's not great Travis CI, whose product is a continuous integration tool which can automatically test and deploy applications when new code is merged, has introduced new pricing plans in an effort to strike a better balance between free and paid-for subscriptions.…

console.log("go away and don't come back"); A US federal district court has ruled SAS cannot copyright the ideas behind its analytics software, rendering a senior judicial row over national sovereignty between the UK and America largely irrelevant.…

That's Chromium fixed. But the snap-only problem may reappear for other packages The Linux Mint team has arranged to provide its own Chromium package to users who were previously pointed towards Canonical's Snap Store if they wanted to get the popular browser.…

'The technology works. There's still a lot of development that needs to happen, but it does work' UK network provider Vodafone is proposing to deploy OpenRAN hardware across 2,600 sites in rural Wales and the South West of England - the LTE masts will replace the carrier's existing Huawei estate.…

And it's waving £350m to get it done London's Metropolitan Police Service (MPS) is on the hunt for an IT service oufit to help run its sprawling application estate in a contract that could be worth up to £350m.…

Oh dear Huawei is reportedly aiming to move chip fabrication in-house for its battered telecoms infrastructure business in a move that will allow it to continue trading without falling afoul of ongoing US sanctions.…

Outfit quits browser stats game, and you'll never guess who benefits most from shift to Client Hints NetMarketShare – which has supplied free statistics on browsers, devices, operating system, and search engines for the last 14 years – is ending its reports, with October 2020 being the last month covered.…

Plus: Immigration lawyers for Mountain View breached, SonarQube hack worse than thought, and more In brief Bad news for those who have bought into the Nest Secure home surveillance system – Google has surprised many by halting further deployments.…

Public sector to be treated as one vast buyer of clouds under One Government Value Agreement Exclusive Amazon Web Services is the final of the big three cloud providers to have put pen to paper to sell a range of cloud services to the British government under a pre-defined discount, The Reg can reveal.…

Plus: Watch a self-driving race car drive into a wall, and download the new version of PyTorch In brief Trey Parker and Matt Stone, best known for their cartoon South Park, have created a new comedy deepfake series called Sassy Justice.…

Software, security, distributed systems, process-based engineering... e-voting might not be such a bad idea Column E-voting over the internet is by common consent a bad idea.…

App gap is painful so only true believers should buy it Review The Huawei Mate 40 Pro is a heartbreakingly good phone.…

Blu Tack not included: The Reg pulls it apart, then puts it through its paces Review Perhaps a little too early for a festive gift guide comes another official incarnation of the Raspberry Pi – this time built into a keyboard.…

Web giant insists anti-bot service isn't used for personalized ads – but cookie claims don't quite add up Analysis Six years ago, Google revised its reCAPTCHA service, designed to filter out bots, scrapers, and other automated web browsing, and allow humans through to websites.…

And because all Microsoft really cares about now is Azure, SMB over TCP-killer QUIC is coming to make better cloud connections Microsoft has teased some coming-real-soon-now features for future editions of Windows Server.…

International adventure, crafty customs, and what not to pack in the hand luggage Who, Me? Ever opened a PC only to experience a sinking sensation when things don't look the way you'd expected? Add a twist of international spice and you have this week's Who, Me?…

Court ponders keeping it alive for three plaintiffs before deciding Made-in-China app can keep amusing everyone A group of TikTok users have won a case that will mean the made-in-China social network can keep operating in the United States beyond the November 12th deadline the Trump administration set for it to secure a locally-owned operator.…

Time to take another look at VDI this month Webcast Virtual desktop infrastructure has long been one of the tech industry’s perennial next big things, but you might be forgiven for thinking it’s never quite lived up to its promise.…

This time to protect judicial enforcement authorities, but previous bans on publishing Police's personal details haven't stopped the practice Hong Kong’s government has won a temporary injunction that bans “doxxing”, the practice of publishing private information about an individual in the hope it causes them discomfort.…

Flagship Mate 40 smartmobe adds a wallet for China’s electro-currency Huawei has shown how China might go about spreading its digital currency: by baking it into local smartphones.…

$9bn SpaceJet isn’t dead, but defence, mobility and electronics offer better short-term prospects Mitsubishi Heavy Industries has all-but-abandoned its ambition to become a civil aviation player.…

New security guidance calls for random webcam snaps to authenticate users, adoption of VPN and MFA India’s Securities and Exchange Board (SEBI) appears to have sent a circular to stock exchanges that calls for market participants to upgrade information security as bad actors seek to take advantage of the financial services industry’s move to working from home.…

Coming soon to an app, maybe Academics claim their AI software can detect, with 98.5 per cent accuracy, whether or not someone has caught the COVID-19 coronavirus, just from the sound of their coughing.…

There may be carbon, water, clay, perhaps even platinum, gold in them hills NASA has stowed away its first ever sample of asteroid regolith, collected by its OSIRIS-REx spacecraft from space rock Bennu, and is working on bringing the material home for 2023.…

Chocolate Factory spills beans on make-me-admin flaw Google's Project Zero bug-hunting team has disclosed a Windows kernel flaw that's being actively exploited by miscreants to gain administrator access on compromised machines.…