By Stephen Kalin and Isabel Coles SOUTH OF MOSUL, Iraq (Reuters) - U.S.-backed Iraqi forces pushed into western Mosul on Friday after retaking the city's airport from Islamic State, as aid agencies warned the most dangerous phase of the offensive was about to begin for hundreds of thousands of civilians. Troops disarmed booby traps planted by retreating militant fighters in the airport, which the army plans to use as a base from which to drive Islamic State from Mosul's western districts and deal a decisive blow to the group. As they did, Iraqi fighter jets dropped bombs on Islamic State positions inside Syria on Friday.
The good news is that hackers do not appear to have taken advantage of a severe Cloudflare security bug that would have given them access to sensitive customer data including passwords and authentication tokens. The bad news is that the bug was only recently discovered, which means it went undetected for nearly five months.
Cloudflare is a content delivery serviced used by more than 5.5 million sites, including plenty of popular ones that you might use on a regular basis such as Uber, 1Password, Fitbit and OKCupid. In other words, it's probably a good idea to change your passwords immediately.
The bug was initially discovered by Google’s Project Zero security researcher Tavis Ormandy, Ars Technica explains. He then contacted Cloudflare once he realized what he discovered, comparing it to Heartbleed in scope and severity. The company promptly fixed the issue.
"The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a post on the company blog. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."
The security bug could have exposed plenty of user data, including passwords, cookies, tokens used to authenticate users, and even Cloudflare’s encryption keys used to protect server-to-server traffic. And all that data was then cached by search engines including Google, Yahoo, and Bing, which would have given hackers nearly live access to the data.
Even though Cloudflare acknowledged the issue, Ormandy took issue with the company’s disclosure. "It contains an excellent postmortem, but severely downplays the risk to customers," he wrote in an update. He was also the one to mention the names of the companies that may have been affected by security breaches in a Twitter message.
1Password said in a blog post that thanks to its triple encryption layer, no sensitive data was ever exposed to hackers.
Hundreds of Palestinian protesters clashed with Israeli soldiers Friday in the powderkeg West Bank city of Hebron on the anniversary of a 1994 massacre carried out by a far-right Jewish settler. Soldiers fired tear gas and sound grenades to disperse the crowd as cannons doused them with stinking water, an AFP correspondent said. Jewish settlers, of whom 500 are entrenched in the centre of the city of around 200,000 Palestinians, hurled stones at the protesters who also pelted soldiers with stones.
A spectacular "ring of fire" solar eclipse Sunday will regale skygazers in South America and southern Africa, with seafarers in the nearby Atlantic getting a front-row view too, astronomers say. The eclipse -- during which the Sun will all but disappear as the Moon crosses its path -- will be most visible in a 100-kilometre (62-mile) band cutting through Chile, Argentina, Angola, Zambia and the Democratic Republic of Congo.
May we all find a secret dog bud that will wait for your pets every day. Elisa Lee a 17-year-old senior at Lakewood High School in California has developed somewhat of a routine with her newfound friend Ralph, a golden retriever that really enjoys some friendly pets. SEE ALSO: Meet the dog who's basically a saint This is Ralph he is a dog that lives near school and waits for me everyday after school to say hi to him before I have to leave pic.twitter.com/9gJyYLk6IB — elisa (@babygirIe) February 22, 2017 "One day my friend was giving me a ride home and I saw this dog near the gate," Elisa explained in an email. "At I was afraid that he would bite me since most dogs would bark at you and seem aggressive if you came near their house. Days have passed and he was still waiting there, so one of my friends encouraged me to try to pet him." "The first time I had pet him he was so excited and started licking my hand and pawing at it, Elisa said. "Ever since then I would go after school towards the spot where he lives in to pet him and usually always find him there waiting for me." But if Ralph isn't at the gate waiting for Elisa, he's usually not too far away, unless it's raining outside. "Sometimes he's not there, probably chewing on a toy or laying in the grass, said Elisa. "But if I call his name he is sure to come to the little spot one the right side of the gate where he can see me better." Recently, Elisa says that she had a four day weekend and wasn't able to stop by Ralph's place because she didn't have school. When she returned, Ralph was a little upset the two weren't able to hang out for a while. @katiewright we had a 4 day weekend and he got mad at me since I didn't say hi for a while pic.twitter.com/Y6GBYPfWFq — elisa (@babygirIe) February 22, 2017 Prepare yourselves: Ralph also gets sad when Elisa has to leave. "A lot of the time he looks so sad when I leave and tell him 'bye,' Elisa explained, but she says she always reassures Ralph that she'll be back to hang out. One day, Elisa spotted an older man walking a golden retriever, but she wasn't quite sure if it was Ralph. "I thought to myself in my head kiddingly 'oh what if that's the dog I pet everyday.' And to my surprise, I noticed his cute nose that is pink and has a brownish outlining and realized it was him," Elisa explained. The owner confirmed Elisa's assumption that the dog was Ralph, and told her his name and informed her that Ralph is a little over a year old. Elisa says that she wanted other to appreciate how awesome Ralph is, so she posted a tweet with a few photos, explaining that she visits him every day. The tweet blew up, and has since been retweeted over 12,000 times, gaining tons of Ralph fans on the internet. This also prompted a bunch of people to joking tweet back at Elisa with the hashtag #FreeRalph. Elisa says that she is a little concerned about what happens when she graduates this year, because she won't be near where Ralph lives every day. "I am quite sad that I got to only meet him this school year," Elisa said. "I'm worried about what will happen when I graduate but I'm sure his owner loves him so he should be just fine. I hope Ralph can make new friends around our school and be happy!" BONUS: Popular Twitter account that rates dogs now has a cute mobile game
Self-driving cars are going to ruin everything--in a good way. If all goes as planned, they'll dramatically reduce auto accidents and highway fatalities; boost fuel efficiency; minimize traffic jams; and maybe even cut the number of vehicles we own. Autonomous vehicles are likely to wreak havoc on the insurance industry, too. For insurance agents who might not be worried about that doomsday scenario just yet, they should take a look at Tesla. That's because Tesla has slowly begun offering lifetime insurance policies to some buyers--and that package covers vehicle maintenance, too. The automaker hasn't widely discussed the feature, but it became public knowledge during an earnings call earlier this week. According to Tesla's President of Global Sales and Service, Jonathan McNeill, the insurance and maintenance package has been quietly rolling out to shoppers in Asian markets, where it's proven very popular. In fact, McNeill says that the majority of Tesla buyers in Asia have opted to shell out for the package. Tesla hasn't yet confirmed the price of the package, nor has it hinted when it might be available to shoppers in other markets. However, the offering clearly stems in large part from the company's confidence in its semi-autonomous (and soon, fully autonomous) Autopilot software. Would you be willing to pay upfront for a lifetime insurance and maintenance package? If so, how much? Share your thoughts in the comments below.
In the market for a car--maybe one that's a little gently used? You're in luck: this week, J.D. Power published its 2017 Vehicle Dependability Study, showing which brands are likely to cause the fewest headaches down the road. The Dependability Study is a bit like Power's equally popular Initial Quality Study, which is typically issued in June. Both studies assess real-world data from America's registered drivers about the problems they've had with their cars, trucks, and SUVs. The difference is that the Initial Quality Study looks at issues folks have had with new vehicles during the first 90 days of ownership. The Dependability Study, however, looks at vehicles that are three years old--the idea being that brands that score well stand a better chance of holding up over the long term. For the 2017 edition of its Dependability Study, Power polled 35,186 original owners of 2014 model-year vehicles, asking how many issues they'd had with their vehicles in the previous 12 months. Responses were gathered between October and December 2016. The winners, the losers Tied for first place in this year's study were two perennial top-of-the-heap contenders: luxury marques Lexus and Porsche. Each brand had a reported 110 problems per 100 vehicles during the prior year. But premium cars weren't the only ones receiving high scores: in third place was one of the world's best-known mass-market brands, Toyota, with 123 problems per 100 vehicles. Buick followed with a score of 126, and Mercedes-Benz rounded out the top five with 133. The industry average was 156 problems per 100 vehicles. That's four points higher than the 2016 average. At the bottom of the charts were four of Fiat Chrysler's five brands (which is, unfortunately, fairly common in surveys like this). Fiat fared worst of all, with a staggering 298 problems per 100 vehicles, though in fairness, it might've been bested by Smart if Power had been able to find enough Smart owners to include in the survey. In the penultimate spot, Jeep fared much better than its FCA sibling, with owners reporting 209 problems per 100 vehicles during the previous year. Other low performers were Infiniti (203), Dodge (187), and Ram (183). As far as individual models are concerned, Toyota was the clear winner, earning top marks in 10 of Power's 18 segments. (That's a record for this study.) Those winners included the Lexus ES, Lexus GS, Lexus RX, Toyota Avalon, Toyota Camry, Toyota FJ Cruiser, Toyota Prius, Toyota Prius v, Toyota Sienna, and Toyota Venza. And interestingly enough, of all models--luxury and mass-market--the Toyota Camry had the fewest number of issues. Takeaways What does all this mean for you, the buyer? Apart from fewer trips to the garage, high dependability scores could mean more money in the bank. Because of their strong performance, Power says that Toyota vehicles have resale values that are $750 higher than the national average. It also means that when it comes to issues with your next ride, chances are they'll involve the technology on your dashboard, not the transmission. In-car tech accounted for 22 percent of all owners' visits to the shop, and more often than not Bluetooth pairing and misrecognition of voice commands were the culprits. You've been warned.
The UN sought painstakingly Friday to get a new round of Syrian peace talks off the ground, but there were few signs of progress as dozens more civilian deaths underlined the scale of the challenge. The UN's Syria envoy Staffan de Mistura, who brought rival regime and opposition delegates symbolically together late Thursday, held separate meetings with them Friday to hammer out the format for the meetings. "We discussed issues relating to the format of the talks exclusively," said Syrian regime delegation chief Bashar al-Jaafari after meeting de Mistura.
It hasn't been a great week for Uber. First, a bombshell account from Susan Fowler, a former Uber engineer went viral. In it, she alleges unchecked sexual harassment and a corporate culture that emboldens harassers and does little to make women feel welcome or even safe. That on its own is enough to make many Uber customers second guess their decision to hail a ride from the company, but a second blow wasn't far behind.
Yesterday, Google's Waymo team revealed that it had filed a lawsuit against Uber and Otto — a self-driving vehicle startup Uber acquired in 2016 — for stealing its trade secrets in order to jumpstart its own failing self-driving car platform. Now, with users fleeing in droves and a pair of huge controversies on its hands, Uber is begging people to stop deleting their accounts.
When you decide to shut down your Uber account — not just delete the app, but actually choose to close your account itself — the app prompts you to provide a reason. Uber is now scanning those responses for mentions of the Susan Fowler controversy and sending its disgruntled former users a special email message pledging to right what it has wronged.
"Everyone at Uber is deeply hurting," the message begins, followed by an explanation that outside investigators will be brought in to do an independent review of the entire operation. "We believe in creating a workplace where a deep sense of justice underpins everything we do and it's everyone's number one priority to create change in the coming months and years."
It's worth noting that Uber hasn't taken the time to comment on Google's allegations of intellectual property theft, which has now been simmering for about a day. Whatever their approach, neither of these fires are easily put out, and it's already clear that the company is in for a bumpy ride to start out 2017.
President Trump is interviewed by Reuters in the Oval Office Feb. 23. President Trump said the FBI is “totally unable” to crack down on U.S. government employees who plan to leak sensitive information to the media. The FBI is totally unable to stop the national security "leakers" that have permeated our government for a long time.
Israel has denied a work permit to a Human Rights Watch researcher, accusing the group of serving as Palestinian propagandists in a move the U.S.-based organisation called an "ominous turn". The news emerged as Israel faced criticism from the U.N. Human Rights Council in Geneva over the 18-month jail sentence handed to an Israeli soldier who shot an incapacitated Palestinian assailant in the head. U.N. human rights spokeswoman Ravina Shamdasani said the sentence given to soldier Elor Azaria was "excessively lenient" and part of a "chronic culture of impunity" for Israeli abuse of Palestinians.
Apple's expanding line of iPad tablets is widely accepted as the gold standard in the tablet market. While tablets as a whole have been largely disappointing considering the explosive growth that leading market research firms predicted following the original iPad's debut, tens of millions of tablets are still sold around the world each quarter. Truth be told, tablets are still a big business for plenty of hardware vendors, despite the fact that sales are declining due in part to a much slower upgrade cycle than most firms were expecting. Oh, how market researchers love to draw straight growth lines that soar endlessly into the sky.
While Apple's iPads have continued to get better and better as time has progressed, most updates in recent years have been somewhat incremental as far as user-facing features are concerned. That's why it was so exciting when reports began to emerge suggesting that Apple actually has a bold new redesign coming to one of its new iPads in 2017. Unfortunately, a new report now suggests that Apple's nifty next-generation iPad may have been delayed.
According to a handful of independent reports headlined by ever-accurate insider Ming-Chi Kuo, Apple has a brand new addition to its iPad lineup in 2017. Slotted in between the 9.7-inch iPad Pro and the 12.9-inch iPad Pro will reportedly be a new model with a 10.5-inch display. This new iPad will apparently be roughly the same size as the 9.7-inch iPad model, however, because it will feature much narrower bezels than other tablets in Apple's iPad lineup. Bezel-narrowing is an ongoing trend in 2017, and it will continue right up until September when the "all-screen" iPhone 8 is unveiled.
This sleek new iPad model will reportedly be unveiled next month alongside new 9.7- and 12.9-inch iPad models that feature incremental updates. That's the good news. The bad news, however, is yet another report emerged on Friday suggesting that the launch of Apple's hot new iPad model has been delayed.
"Vendors have hoped that at least one of the two large-size tablets, 10.5-inch iPad or the 12.9-inch iPad Pro, will be released in the first quarter of 2017 along with the entry-level 9.7-inch iPad," Digitimes' Siu Han and Steve Shen reported on Friday. "However, the sources said that they are now more certain that both of the planned two large-size models will not come until May-June, thereby affecting first-quarter sales of supply chain makers."
Delayed launches obviously won't put a huge dent in Apple's earnings since iPad models make up such a minuscule percentage of the company's sales and profits. Apple fans are growing increasingly anxious for something new and exciting to sink their teeth into though, and it looks like the wait may have just gotten a few months longer.