Yahoo Hack: Whodunnit

A week has passed since Yahoo was subjected to the worst data breach in history. Yet, there have been no profound details made known about who nabbed info on 500 million email accounts remain sketchy.

At least one firm says it wasn’t a “state-sponsored actor” as Yahoo claimed, but like many things related to hacks, cybersecurity and the dark web, even that claim is impossible to verify.

“The group responsible for the Yahoo hack are cybercriminals,” said Andrew Komarov, chief intelligence officer at InfoArmor. The company posted a report on Wednesday detailing the involvement of “Group E,” a hacking syndicate that InfoArmor says it has been monitoring in dark corners of the internet for some time.

The FBI is currently investigating the data breach but hasn’t put forward a theory publicly about who is behind it.

“We take these types of breaches very seriously and will determine how this occurred and who is responsible,” the FBI said in a statement.

Komarov said InfoArmor was able to obtain “a pretty large sample of the database” of stolen email addresses, encrypted passwords and other personal information. With the permission of people whose information was caught up in the hack, the company checked the database and found it corresponded with real Yahoo accounts from 2014.

Details of the breach were confirmed shortly within weeks of the Democratic National Committee’s emails being hacked, exposing the Democrats’ attempt to smear former presidential candidate Bernie Sanders.

Other large-scale company security breaches include Dropbox, which announced earlier this month that 68m users’ accounts were compromised in 2012, representing two thirds of its customer base. Some 167m LinkedIn users’ account details were leaked the same year.

Sony Pictures Entertainment also suffered an attack with around 47,000 social security numbers of current and former employees leaked online, including those of actors and freelancers.

This year, around 37m users of Ashley Madison, a site to facilitate extramarital affairs, were hacked. More than 400m MySpace accounts were compromised in July, the second largest breach in history.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

Windows 10 now active on 400 million devices

There have been more than enough questions raised about how many device upgrades the company has actually logged in the last phase of its rollout. In July, the company declared 350 million people had upgraded to or were using Windows 10. Now, after the conclusion of its Get Windows 10 campaign, Microsoft declared it has more than 400 million customers using the OS.

Microsoft is expected to get another substantial bump to total Windows 10 usage figures once it rolls that OS out on Xbox One on November 12. Total uptake has been significantly faster than Windows 7, which took an additional seven months to hit the 400 million mark, according to data.

The free Windows 10 upgrade has been blamed for some of the continued softness in the PC market. The OS even remains available for free if you know where to look - but it’s too early to tell if ending the giveaway will spark any kind of uptick in PC sales. Given the trends of the last five years, there’s not much chance the consumer space has bottomed out yet. Increased sales of boutique gaming systems and 2-in-1s have not been sufficient to offset the general decline in shipments.

Despite Microsoft’s assurances about Windows 10, not everyone is happy with the new operating system, which Microsoft recently began updating with the rollout of the Windows 10 Anniversary Update. Ongoing complaints have emerged regarding compatibility and reliability issues, which is likely to explain why Microsoft is phasing in the anniversary update over a period of three months so it can continue testing throughout the process.

The latest build also addressed a problem that caused some Windows 10 apps, including the calculator, alarms and clock, not to work after updates to a new build, Sarkar said. She added that Microsoft is continuing to investigate some other issues that arose with a recent developer version of Windows 10 for Mobile. She said that a new build will be delayed until those problems, which affected the pin pad display and SIM card usage, are resolved.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

An unknown state may be running drills for taking down the entire internet

It seems as though there is single body out there carrying out a systematic attempt to test the defenses of the internet’s fundamental infrastructure, presumably with the intention of one day breaking those defenses.

While the sources for the article are anonymous, they hardly need naming since Schneier makes it clear that his research has collected insight from virtually all major internet companies, from large service providers like AT&T all the way to organizing bodies like Verisign or potentially even ICANN itself. Somebody is searching for weaknesses in the sorts of places that many assume you’d only attack for one reason: crashing all or a large portion of the internet.

The basic narrative is this: Schneier has been hearing sustained, widespread reports from fundamentally important internet companies that they are experiencing a marked uptick in certain kinds of attacks, in particular Distributed Denial of Service (DDoS) attacks. These have been not only getting stronger, longer lasting, and more diverse, but they’ve been moving in seemingly systematic, investigatory ways. Schneier describes a scenario in which attackers sent predictable probing attacks against successively higher levels of security until it had tested everything, apparently being exhaustive in their search for failure points.

One important aspect of these attacks is their power and frequency, implying enormous resources at the disposal of the attacker and strongly indicating a nation-state as the culprit. Schneier name-drops both China and Russia as the most likely culprits (China most of all), but he can’t say for sure. In addition to the sheer volume of the attacks, however, is their variety, forcing defenders to roll out their full complement of defenses. This could be interpreted as an attempt to get defenders to “bare all,” and make their full defensive capabilities known. Corero director Sean Newman said the attacks his company has seen are short and “sub-saturating,” likely meant to slowly approach and find the target’s exact maximum traffic capacity.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

New Ethernet standards will offer up to 5Gbps performance using cables already owned

Consumer Ethernet performance has been stuck at gigabit speeds for nearly 20 years. Apple was the first company to ship gigabit Ethernet in motherboards. Intel’s 875P chipset popularized the feature in the PC market by connecting the Ethernet controller to the northbridge, thereby offering improved performance. Thirteen years later, gigabit is still the standard for wired Ethernet – but that might be about to change, thanks to a new wired networking standard from the IEEE 802.3bz task force.

There are multiple reasons why we’ve been stuck on gigabit for as long as we have. 10GbE requires more expensive cabling – either fiber optic cable in some cases, or more expensive Cat6a or Cat7 cabling for others. It’s not as backwards-compatible with previous standards (half-duplex operation isn’t supported), and routers, switches, and network cards that can support 10GbE are all far more expensive than their gigabit counterparts.

The two new IEEE standards, known as 2.5GBASE-T and 5GBASE-T, should satisfy that need. These two standards were specifically created to use 10GbE signaling, but at a rate that would be compatible with existing runs of Cat5e and Cat6 cable out to 100 meters. The 2.5Gbps standard can run on Cat5e out to 100 meters, while the 5Gbps standard requires Cat6 cable to run 100 meters. Both should be far easier – and cheaper – to bring to market than current 10GbE technologies.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

All you need to know about the iPhone 7

The iPhone can be pre-ordered on September 9, will officially be released on September 16, 2016

With months of speculation about the new iPhone 7, Apple has announced the release date with an event that will be held on September 7, 2016.

Apple presents two models – the iPhone 7 Plus and the 4.7-inch model. There are no reports of a radical design change, and the phone will look similar to the previous model.

The price range is likely to replicate the iPhone 6, with the Plus model being more expensive. The iPhone 7 will have a bigger camera, and the Plus model will have the dual camera, which is considered the future of smartphones. It will produce much better low light images and optical zoom, which won’t become blurred like the previous models. The dual-camera technology will be the closest thing to a DSLR (Digital single-lens reflex camera).

The headphone jack is going away, and this is considered the most radical reported change to the iPhone 7. Rather than the traditional headphones, you will likely have to use the iPhone’s Lightning charging port. Apple co-founder Steve Wozniak has urged Apple not to get rid of the iPhone’s 3.5mm headphone jack in favour of a proprietary one on the iPhone 7

“If it’s missing the 3.5mm earphone jack, that’s going to tick off a lot of people,” Wozniak told the Australian Financial Review. Wozniak said removing the standard 3.5mm port would mean those who have spent lots of money on headphones may even be deterred from buying the iPhone 7 if it means they have to shell out again for new ones that will be supported by the iPhone 7, or add on an adaptor.

As with other iPhones, the smartphone will likely come with the new Lighting port earbuds or maybe headphones, but it is unlikely. There are also reports about Apple manufacturing wireless earbuds, which may accompany the iPhone 7.

Future iPhones could be waterproof. A report has unearthed a patent to take better pictures underwater. According to Patently Apple, Apple has been granted around 80 patents, one of which relates to underwater photography editing tools. The patent describes a system for colour-balancing images taken underwater that improves those pictures. It would remove unwanted tints without changing the colour of the water itself.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

Google Duo crosses 5 million downloads

Google Duo now over 5M Android downloads in a week,” Google CEO Sundar Pichai said. Google Duo, a video-calling app for one-on-one interactions, was made available globally on August 18. The app works on Android and iOS. Users need only their mobile number to sign into Duo.

The highlight of Google Duo is its network efficiency. Google’s Product Manager says “our app is reliable across networks, and works across platforms. So if your network is not that good, it will adjust the video definition accordingly, and Duo is smart enough to adapt to these conditions.” In our review, we said our download and upload speeds will make a difference to how well a video call goes on Duo.

Google wanted to create “as simple an experience as possible” with a “solution that is almost as simple as voice calling,” says Amit Fulay, Group Project Manager at Google.

The app can be installed in under a minute. Just type in your phone number, receive a confirmation text, and you’re done. Duo instantly syncs with your existing contact list, so there will be no need to repopulate your phone book manually. Calling is simple too, requiring only two taps, one for “call” and one for the contact’s name. Duo has virtually no fancy features or bells and whistles. The only standout feature is called Knock-Knock, a sort of visual caller ID that shows you a streaming video of the caller before you pick up. Knock-Knock seems like a great way to gauge the caller’s environment or mood before diving into the video chat.

Besides its simplicity, Duo also gets nods for working with very small bandwidths, making it a great option for rural and other low-service areas, as well as for developing nations.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

WhatsApp and Facebook’s plan to share contacts under fire

WhatsApp’s new terms-of-service are causing quite a stir among privacy advocates. The company recently announced it would begin sharing user phone numbers, profile data, status message and online status with Facebook, its parent company — a change that the Electronic Privacy Information Center (EPIC) claims violates a Federal Trade Commission consent order.

Specifically, the privacy group says it’s planning to file a complaint against the companies for violating statues of the Federal Trade Commission act that warns against “unfair or deceptive acts or practices.” Here, EPIC is accusing WhatsApp of lying to users when it promised its 2014 sale to Facebook wouldn’t effect its privacy policy — which pledged never to share or sell “personally identifiable information” like the phone number, name and profile data shared under the new policy.

This announcement should be very concerning to WhatsApp users, who have been promised many times by both WhatsApp and Facebook that their privacy will be respected and protected,” said Claire T. Gartland, consumer protection counsel at the Electronic Privacy Information Center.

WhatsApp says it needs to share limited data with Facebook to test out new features designed to help users “communicate with business,” such as receiving fraud notifications from a bank or flight delays from airline companies.

The warnings over privacy concerns actually go back to 2014 when Facebook first acquired WhatsApp for approximately US$19.3 billion.

“Jessica Rich, director of the FTC’s Consumer Protection Bureau, sent a letter to the companies during Facebook’s acquisition of WhatsApp warning the companies that the privacy promises made to WhatsApp users must be respected,” recalled EPIC’s Gartland.

“WhatsApp’s blog describes two different means of opting out of the proposed new sharing,” she noted, “and neither of these options appear consistent with Rich’s letter, which requires Facebook to get users’ affirmative consent before changing the way they use data collected via WhatsApp.”

Moreover, it does not appear as if WhatsApp even plans to secure what could be considered “meaningful, informed opt-in consent from its users to begin sharing this information with Facebook,” Gartland suggested.

Users also have up to 30 days to opt-out of the sharing portion of the new terms-of-service, but according to EPIC, that doesn’t protect the companies from the FTC’s consent order. The order apparently requires the company to obtain an opt-in consent before asking them to agree to the new terms. WhatsApp does technically offer an opt-in option, but it’s not clear how to access it: one must click “read” to view the terms-of-service agreement before the opt-in checkbox appears.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

Twenty Five years of Linux and still going strong

Happy Birthday Linux!

Linux turned 25 years old on Aug. 25.

Back in the day in 1991 was the day Linus Torvalds posted his message asking for assistance from fellow coders about a personal project.

In a message board, he requested for feedback from developers’ on an OS which was “just a hobby,” and according to its author “won’t be big and professional like gnu.” Meanwhile, Linux expanded way beyond any limits than Torvalds might have fathomed at the time.

The OS keeps important parts of the internet infrastructure going, powers up data centers from big names in the industry, and helps coders build stock exchanges, websites, and the most popular smartphone OS. What is more, the majority of global supercomputers run on Linux.

Despite not being able to rival Microsoft’s dominance over the PC environment, Linux is active on millions of desktops. In fact, it is so popular that Microsoft recently announced in June that the company’s software development platform .NET Core 1.0 will run on Linux as well as Mac OS X.

Despite not being able to rival Microsoft’s dominance over the PC environment, Linux is active on millions of desktops. As the operating system saw increased traction, Linux development started to rely more on professional coders than unpaid volunteers.

Jane Silber, CEO of Canonical (the company behind Ubuntu), said that the organization is continuing to “support Linux’s journey as the production platform for the enterprise and telecoms infrastructure we see today.” She added that while cloud technology runs almost entirely on Linux, Canonical still thinks the desktop is important to Linux’s growth. Ubuntu also started as a desktop OS, and it’s still used for both mobile and desktop programs, she said.

In the next 25 years, Silber believed that developers and software organizations can put their trust in Linux for everyday needs, whether it’s for simple developments, or for things like the IoT or machine learning.

Canonical also sees software remaining free to share so it can continue to improve by the community. Under the GPL, no one can take advantage of anyone’s code, and it will always remain free, said Torvalds.

Canonical’s Silber agreed: The fact that Linux is still an open platform is something to celebrate, she said.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

PokeFit gives Pokemon Go a real-time fitness dashboard

PokeFit, from P3 communications, helps trainers get a real-time grasp on the positive health benefits they’re getting by playing Pokemon Go. The app itself keeps a log of your sessions, giving you a breakdown of how long each lasted and how much distance you traversed during your trip. When you’re using Pokemon Go, it displays a small rectangular frame in the upper left corner of your screen, providing quick access to info at a glance. You can also turn off the display but still track your stats for review later if you’d rather go for the pure PoGo experience.

The app has another special feature that power trainers will welcome: You can use it to override your screen’s timeout settings, keeping the display on Android devices from going dark while you’re out tracking down your ‘mons. The app also tracks battery usage and data spent while playing Pokemon Go, which might be eye-opening info for frequent players.

LookOut! for instance, offers a live video feed at the top of your display overlaid on Pokemon Go to give players a look at what’s in front of them, so they don’t walk into traffic or fall down a well.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment

Instagram and anti-harassment tools

In order to combat harassment on Instagram, the photo-sharing platform is gearing up to let people with “high volume content threads” filter their comment streams, or just turn them off entirely, The Washington Post reported.

For those who decide to leave on the comments, they can create a banned words list that will enable them to hide the comments that use those terms. Soon, Instagram will enable everyday people on Instagram – the ones with not as much action on their accounts – to moderate their comments.

This also means that any person who cares about preventing harassment on their photos – likely the very people who are already experiencing harassment on Instagram or elsewhere – are going to have to put some work into stopping it. But the fact that tools will be there at all, and the fact that banned phrases can be updated at will, is a big step forward.

Instagram has already begun testing these features with celebrities – this is very likely what Taylor Swift used to stop all those snake emoji comments. Advertisers may also have been asking for this to prevent critical commenters.

“High-volume” Instagram accounts will receive the anti-harassment features first, according to the Post. The filtering feature is supposed to appear in “the coming weeks,” while Instagram is still determining whether to widely roll out the ability to disable comments.

0 votes, 0.00 avg. rating (0% score)
Posted in General | Leave a comment