How to accidentally stop a global cyber attacks So finally I've found enough time between emails and Skype calls to write up on the crazy events which occurred over Friday, which was supposed to be part of my week off (I made it a total of 4 days without working, so there's that). You've probably read about the WannaCrypt fiasco on several news sites, but I figured I'd tell my story. MalwareTech (also, Global 'Wana' ransomware outbreak earned perpetrators $26,000 so far and Everything you need to know about the WannaCry / Wcry / WannaCrypt ransomware)

How Steam selects the games it shows you (according to Steam) The people working on Steam (and more generally, the team at Valve) seem to be on a transparency kick at the moment. There are multiple blog entries which try to open up particularly opaque bits of the company so users can understand what's going on. Presumably there's an element of using that understanding to defuse criticism when it comes to subjects like the terrible reputation of Steam's support system and whether it's warranted if you add in some more data. RPS

Designing for fab: A heads-up before designing PCBs for professional assembly Designing pcbs for assembly is easy, right? We just squirt all the footprints onto a board layout, connect all the traces, send out the gerbers and position files, and we're done-right? Whoa, hold the phone, there, young rogue! Just like we can hack together some working source code with variables named after our best friends, we can also design our PCBs in ways that make it fairly difficult to assemble. Hackaday

Windows 10 Edge, IE: We're now blocking sites signed with SHA-1 certs, says Microsoft With this week's monthly Patch Tuesday, Microsoft has also rolled out a new policy for Edge and Internet Explorer that prevents sites that use a SHA-1-signed HTTPS certificate from loading. The move brings Microsoft's browsers in line with Chrome, which dropped support for the SHA-1 cryptographic hash function in January's stable release of Chrome 56, and Firefox's February cut-off. ZDNet

Amazon is the 2nd most popular app among teens, higher than Instagram When it comes to apps they're using these days, teens and millennials say Snapchat is king --- no surprise there. But second place? It's not Instagram: It's Amazon. This is according to a survey --- The 2017 Love List Brand Affinity Index, run by Condé Nast and Goldman Sachs --- that asked 2,345 U.S. millennial and Gen Z shoppers about their fashion, retail and consumer preferences. CNBC

Amazon cuts free shipping minimum to $25 Amazon.com Inc (AMZN.O) said on Tuesday it cut the threshold for free shipping to $25 from $35, upping the ante against Wal-Mart Stores Inc (WMT.N) in a hotly contested battle for ecommerce supremacy. Reuters

OSS-Fuzz: Five months later, and rewarding projects Five months ago, we announced OSS-Fuzz, Google's effort to help make open source software more secure and stable. Since then, our robot army has been working hard at fuzzing, processing 10 trillion test inputs a day. Thanks to the efforts of the open source community who have integrated a total of 47 projects, we've found over 1,000 bugs (264 of which are potential security vulnerabilities). Google

Multiple vulnerabilities found in Wireless IP Camera (P2P) WIFICAM cameras and vulnerabilities in custom http server TL;DR: by analyzing the security of a camera, I found a pre-auth RCE as root against 1250 camera models. Shodan lists 185 000 vulnerable cameras. The "Cloud" protocol establishes clear-text UDP tunnels (in order to bypass NAT and firewalls) between an attacker and cameras by using only the serial number of the targeted camera. Pierre Kim

Five EFF tools to help you protect yourself online Do you get creeped out when an ad eerily related to your recent Internet activity seems to follow you around the web? Do you ever wonder why you sometimes see a green lock with "https" in your address bar, and other times just plain "http"? EFF's team of technologists and computer scientists can help. We engineer solutions to these problems of sneaky tracking, inconsistent encryption, and more. EFF

Researchers create touchpads with a can of spray paint Touch sensing is most common on small, flat surfaces such as smartphone or tablet screens. Researchers at Carnegie Mellon University, however, can turn surfaces of a wide variety of shapes and sizes into touchpads using tools as simple as a can of spray paint. Walls, furniture, steering wheels, toys and even Jell-O can be turned into touch sensors with the technology, dubbed Electrick. Phys.org

Japan takes lead in legitimizing digital currencies The financial industry is usually no cheerleader of new regulations imposed on it by government authorities. But when the Japanese government amended its Payment Service Act by promulgating the Virtual Currency Act this April, fintech (financial technology) service companies and institutional investors generally welcomed the move. IEEE Spectrum

The MP3 is officially dead, according to its creators So opens Stephen Witt's How Music Got Free, an investigation into the forced digitization and subsequent decimation of the music business, from which it has only very recently started to recover. That ironic conference room eulogy actually took place just before the compression algorithm caught on (don't worry, we'll explain in a bit). NPR

Ubuntu 17.04 review: Don't call it abandonware, per se Last month, it finally happened. Six years after its tumultuous switch from GNOME 2 to the homegrown Unity desktop, Canonical announced it was abandoning work on Unity. Going forward, the company will switch the default Ubuntu desktop back to GNOME beginning with next year's 18.04 LTS release. This means Canonical is also abandoning the development of the Mir display server and its unified interface of Ubuntu for phones and tablets. Ars Technica

Rocket League: The Great Gig in the Sky There's that awful moment, every so often, when you're in your Steam library and go to click 'Play' on a favourite game. Your eye wanders a few millimetres off the light blue button and there it is. 600 hours played. Gaben is too merciful to spell it out. 25 days of your life, right there, spent playing Rocket League. Kotaku