Highlight

In Germany, a bug in the Air Traffic Control System led to the cancellation of numerous flights at Frankfurt Airport. It's not the first time that the German Air Traffic Control System has suffered technical problems, this time Frankfurt Airport was affected by an unexpected interruption. The operator of Germany's largest airport, Fraport, reported the problem, immediately informing that there would be disruptions throughout European airspace and therefore delays in operations and isolated flight cancellations. The investigation into the technical problem revealed that it was related to a software failure during the installation of an update to the Langen Control System. Although the problem was resolved early in the morning local time, all passengers were instructed that delays and cancellations were to be expected for the rest of the day, before operations returned to normal. The Langen Control Center is responsible for the lower airspace in Germany's central regions, including some of the country's busiest airports, such as Düsseldorf, Cologne and Frankfurt. The original article via Simple Flying can be read at: https://simpleflying.com/german-atc-issue-flight-delay/

Baraa Habab is the name of a young Syrian who recently discovered security flaws in Facebook, but his concerns were ignored by the US company. To draw attention to these problems, Baraa hacked the account of one of Facebook's founders, prompting them to thank him and offer him a job. The 25-year-old from Damascus was forced to leave his university, where he was studying Information Engineering, and his home country because of the civil war that has been raging since 2011. Driven by his passion for the world of programming, Baraa's resilience and hard work have been crucial to withstanding all the difficulties he has faced since then. Between 2016 and 2017, he eventually discovered a software bug on Facebook, so he wrote several times to report the problem, in both Arabic and English, but without any feedback. To ensure that his concerns were legitimate, Baraa Habab surprised the Facebook administration itself by accessing several private and public Facebook pages, without knowing the username, email or password associated with the page, and without even contacting the owners of the pages. One of these pages was precisely that of Facebook co-founder Chris Hughes, where the young Syrian wrote on his wall in both English and Arabic: "There is no 100% protection, there is always a flaw.". And that's how Baraa got Facebook's attention, and was even offered a contract to work in security. With an attachment to Facebook, Baraa ended up discovering another software error later in 2018. An error that would allow the privacy of millions of users to be affected without their knowledge. In addition to helping countless people find solutions to technical problems, as well as many victims of Facebook fraud, Baraa Habab also helps companies in the field of information security and protection, and also plays a role in training and education on the subject of digital extortion. The original article via Middle East Monitor can be read at: https://www.middleeastmonitor.com/20220618-young-syrian-man-discovers-several-facebook-security-loopholes/

US cybersecurity authorities last week ordered all federal agencies to fix software flaws exploited by hackers. These are believed to be linked to foreign governments. "These vulnerabilities pose an unacceptable risk to the security of the federal network," said Jen Easterly, director of the US Cybersecurity and Infrastructure Security Agency (CISA), in a statement. CISA's "emergency directive" gives agencies five days to update the vulnerable software, or as a last resort, remove it entirely from their networks. It does not apply to Pentagon computer networks, which are not under CISA's jurisdiction. The vulnerabilities in question are found in a type of software made by VMware, whose products are widely used in the US government. On April 6, the California-based technology giant issued a fix for the software flaws that would allow hackers not only to access files remotely, but also to install themselves on the network itself. Two days after the patch was released, hackers discovered an alternative way of breaking into computers using the vulnerabilities, according to CISA. This event forced VMWare to release software updates to plug these newly discovered vulnerabilities, which CISA ordered the agencies to address. The agency has not identified the hackers or which systems they served as. As a rule, CISA officials use their emergency authority to force agencies to address serious software flaws when spies or criminals might attack their security. In the last three years, the agency has used its resources 10 times, including in response to the so-called SolarWinds hacking campaign, believed to have been carried out by Russian agents. This ultimately went unnoticed by US authorities for a long time, resulting in a security breach of at least nine federal agencies, including those dealing with national security, such as the departments of Homeland Security and Justice. The original article via CNN International can be read at: https://edition.cnn.com/2022/05/18/politics/software-bug-warning-vmware/index.html

According to the European Aviation Safety Agency (EASA), a software problem could lead to loss of elevator control for certain Airbus A350 aircraft. The directive issued on May 5 by EASA warns operators of Airbus A350-900 and -1000 aircraft to amend their applicable AFM (aircraft flight manual) and Minimum Equipment List due to a software problem that could lead to loss of elevator control."An occurrence was reported in which the PRIMary flight control computers (PRIMs) indicated that both elevator actuators were found to be defective." EASA also states that further investigations revealed that incorrect instructions were implemented with the introduction of the "PRIM P13 standard", which is part of the X13 Flight Control and Guidance System (FCGS) standard. Since the effective date for resolving the problem was immediately set for the following days, EASA also required operators to change their applicable AFM, which is subject to a temporary update and revision. The EASA directive also states that they must "inform all flight crews and thereafter operate the aircraft accordingly". Affected operators must also amend the Airbus A350 Minimum Master Equipment List (MMEL) accordingly. This directive is considered to be an interim action, which means that other actions may take place in the coming days. Interestingly, this is not the first software bug related to the Airbus A350. In July 2019, some models of the A350-900 had an aviation problem, which could be corrected with a software update, or even by turning the aircraft off and on at least once every 149 hours. Carrying out this rudimentary action would have prevented "partial or total loss of some aviation systems or functions". The original article via Simply Flying can be read at: https://simpleflying.com/a350-software-bug-easa-emergency-directive/

In Dallas, Texas, Toyota has been forced to recall more than 400,000 vehicles due to a software problem that affects the stability of the vehicles. According to a company statement, the software error causes the vehicle's electronic stability control system to deactivate unexpectedly. The Japanese manufacturer also advises customers to check the condition of their vehicles and to report any problems on its website. With regard to the bug in question, the statement reads: "For all vehicles involved, Toyota and Lexus dealers will update the Skid Control ECU software free of charge for customers. Owners of the vehicles involved will be notified by mid-June 2022." The original article via Big News Network can be read at: https://www.bignewsnetwork.com/news/272487413/toyota-recalls-460000-vehicles-due-to-stability-control-issue

On April 1st, Ford announced that it was recalling almost half a million trucks, as a brake system malfunction caused by a software error was discovered. According to ABC News, the recalled vehicles concern Ford 2021 and 2022 models, which include: Super Duty, Ford Maverick, F-150, Lincoln Navigator and Expedition. Given that the problem detected is directly related to its software, its resolution is simple, with the Ford dealership applying the appropriate software update. Ford will begin notifying owners of the affected models by post in the coming weeks. Just last week, the US multinational was in a similar situation, where it recalled more than 700,000 vehicles due to a problem related to an oil leak. According to Reuters, the models included the 2020 to 2022 Ford Escape SUV and the 2021 and 2022 Bronco Sport SUV with 1.5-liter engines, in which the oil leak could occur in the engine parts, thus causing a serious risk of fire. The original article via Tech Times can be read at:https://www.techtimes.com/articles/273797/20220401/ford-recalled-400-000-trucks-due-software-bug-affects-brake.htm

Last Sunday, a group of large vessels were prevented from entering the Kiel Canal in Germany, which connects the North Sea to the Baltic, due to a software problem - the signal was given by a spokesman for the maritime authority. "We had to stop traffic for safety reasons. Our colleagues have been trying everything to solve the problem as quickly as possible," Detlef Wittmüss, head of the Kiel Canal Waterways and Shipping Authority, told the Kieler Nachrichten newspaper. According to the spokesman, even earlier in the afternoon, smaller ships were able to re-enter the canal at Brunsbüttel, on the North Sea side, and by the end of the day, small vessels were also able to resume their journeys. Normally, Sundays are days when more than 80 ships use the Kiel Canal. In recent days, new software has been installed to control navigation on the artificial waterway, the spokesman added. So far, it has worked flawlessly. The original article via Daily Sabah can be read at:https://www.dailysabah.com/world/europe/software-glitch-causes-traffic-jam-in-germanys-kiel-canal

With rising fuel prices, Tesla Inc's electric cars are proving more attractive than ever, yet one customer has been charged more than half a million dollars for only charging his vehicle at a Tesla Supercharger station. In an article shared by Electrek, a Tesla Model 3 owner in China was charged more than 600,000 US dollars after a small charge at a Tesla Supercharger station, an error that was mainly due to a bug in the software. In addition to this hefty bill, the bug also led to the customer being banned from Supercharging after charging his vehicle for 20 minutes. The US company has already admitted that the problem was indeed due to a software error, and that a fix is already underway. The customer in question had more than 2,000 free charging miles, all of which ended up being used in his last charging session. Since you can only use so much energy in such a short space of time, the problem in question was related to the billing calculation. In this sense, as the payment was not being made and the user was banned, the system ended up accumulating the inactivity fees quite quickly, thus leading to the amount of more than 600 thousand dollars. The original article via Benzinga can be read at: https://www.benzinga.com/tech/22/03/26025054/tesla-owner-billed-600-000-after-visiting-supercharger-due-to-software-bug

British Airways, the British airline, was recently hit by major technical problems, leading to the cancellation of all short-haul flights from Heathrow airport until Saturday. In a statement issued to Insider, British Airways said: "We very much regret that, due to the ongoing technical problems we are facing, we have unfortunately had to cancel all short-haul flights from Heathrow today until midday." The statement also said that the British airline "anticipates further disruptions during the day". The airline also confirmed to Reuters that the problem was not due to a cyber attack. Heathrow Airport also apologized for the situation via its official Twitter account. According to Sky News, the British Airways website and app were down for several hours last Friday, preventing customers from booking flights or checking in online. Nevertheless, British Airways said that long-haul services at Heathrow and all flights at Gatwick and London City Airport should operate as planned. Customers will be able to receive a full refund and can choose to rebook their flights at a later date, according to the airline. One passenger, Ed Hall, told The Press Association that he was stuck on a plane for more than an hour after landing at Heathrow Terminal 5. According to him, this was because the crew couldn't access any IT systems to find out where passengers could disembark from the plane. This systems disruption comes after British Airways itself canceled several flights in and out of London airports last week after Storm Eunice hit the UK. The original article via Insider can be read at:https://www.businessinsider.com/british-airways-cancels-flights-technical-issues-denies-cyber-attack-2022-2

A software bug at Apple has led to Siri, its virtual assistant feature, recording personal interactions with its users without their consent. Last week, Apple acknowledged this very serious problem in its most recent update, iOS 15. According to Apple, the AI-based virtual assistant recorded people's conversations, even though they had refused to do so: "The bug automatically activated the Improve Siri and Dictation setting that gives Apple permission to record, store and review personal conversations with Siri," reported ZDNet. Later, issuing an apology, the US company said it had fixed the bug for "many" users. There are still many unanswered questions: the company's statement does not clarify, for example, how many phones were affected, or even when. "Without transparency, there's no way of knowing who might have their conversations recorded and listened to by Apple employees, despite the user having acted in exactly the way to avoid that scenario," added the online portal The Verge. Technology and AI experts have previously argued in favor of these big tech companies listening to our requests - mainly in order to adjust the flaws in voice-based technology. This is what Amazon's Alexa FAQ says: "The more data we use to train these systems, the better Alexa works, and training Alexa with voice recordings from multiple customers helps ensure that Alexa works well for everyone." In other words, the only way to improve voice-based technology, according to some experts, is to make private interactions listenable. It is estimated that in 2020, more than 60% of Indian users used voice assistants on their smartphones for a multitude of tasks - from listening to music, to setting an alarm, or even asking questions. Florian Schaub, an assistant professor at the University of Michigan who has studied people's perceptions of privacy, argues that people tend to personify their devices, which makes them even more inattentive to these kinds of issues. In this sense, when they ask Alexa or Siri innocuous questions, they are not really thinking deeply about these actions, but when they realize that someone is listening to their conversations, they feel that it is intrusive and a violation of their privacy, and are therefore much more likely to disconnect from these systems. This is an issue that raises a number of concerns not only about users' privacy, but also about the extent to which their data is retained and how it is harnessed and used by these companies. "VAs work on the basis of users' voices - that's their main feature. All the VAs mentioned above are activated by listening to a specific activation keyword. Although some of the policies state that cloud servers do not store data/voice unless the activation word is detected, there is a constant exchange of voice and related data between your cloud servers and the VA device. This turns out to be particularly worrying in cases of false activation, when data can be stored without real knowledge," according to a report by the Internet Freedom Foundation (IFF). The original article via The Swaddle can be read at: https://theswaddle.com/apples-siri-was-accidentally-recording-conversations-without-peoples-consent/