Notebookcheck

Security

     restrict settings
additional restrictions: Security
Smartwatches targetted at children, like the VTech Kidizoom, are now banned in Germany. (Image: VTech)

Germany bans smartwatches marketed at children

Children's smartwatches have been found to have glaring security holes, some of which can present a serious threat to the safety of the children that wear them. These security issues, along with privacy concerns, have led German officials to ban the sale of children's smartwatches.
Android Oreo has new APIs which help remove developers reliance on accessibility permissions. (Source: knd61/Pixabay)

Google's new security policy on accessibility features will limit or remove 'hundreds of good, useful apps'

The next stage of Google's push to improve Android security is putting a spotlight on applications which misuse accessibility features to add functionality that wasn't expressely designed to improve use for people with disabilities. Some popular apps affected include LastPass, Cerberus, and Tasker.
Amazon Key relies on a compatible smart lock, smart camera, and Amazon Cloud. (Source: Amazon)

Amazon Key lets couriers unlock your door when you're not home

Amazon has released their Amazon Key service which uses an Amazon produced smart camera, a smart lock from Yale or Kwikset, and the Amazon Cloud to allow delivery drivers to unlock your front door and leave your parcel inside.
The Samsung J7 smartphone. (Source: Samsung)

Samsung J7 catches fire in an Indian flight causing a mid-air scare

A Samsung J7 smartphone caught fire on a Jet Airways flight bound to Indore from New Delhi causing mid-air panic. The flight staff were unable to extinguish the fire and had to drop the phone in a tray of water to put off the flames.
Asus VivoBook S15 S510UQ (i5-7200U, 940MX) Laptop Review

81% Asus VivoBook S15 S510UQ (i5-7200U, 940MX) Laptop Review

The Unfinished. Asus' multimedia-office newcomer compels with its elegant design and a particularly light and compact case, but can hardly keep up in the gaming arena with its GeForce 940MX. Despite many good attributes, we cannot give a purchase recommendation to the device, which is not just due to the modest battery life.
Intel Core i5-7200U | NVIDIA GeForce 940MX | 15.6" | 1.7 kg
OnePlus logo. (Source: OnePlus)

OnePlus makes statement regarding data collection, will release update to reduce what is transmitted

OnePlus co-founder, Carl Pei, has posted a response to the data collection being performed by his company. Some details were given on what purpose the collected data had, and what OnePlus will do going forward.
Liberty secured: Purism's Librem 5 Linux-based smartphone meets crowdfunding goal

Liberty secured: Purism's Librem 5 Linux-based smartphone meets crowdfunding goal

The Librem 5, a smartphone currently in development by Purism, recently reached its USD$1.5 million crowdfunding goal. The device will be designed with privacy in mind and will run a mobile flavor of Purism's own PureOS.
The wolf in sheep's clothing which snuck into thousands of unsuspecting digital pens. (Source: SwiftOnSecurity)

A fake Adblock Plus extension has infected about 37,000 Google Chrome users

Posing as the world's most popular ad-blocking software, a fraudulent extension made it onto the Chrome Web Store and tricked tens of thousands of victims into installing what turned out to be a very annoying piece of adware.
A more fitting name if this trend of fails continues. (Source: CHEIL India)

OnePlus is collecting user data without permission, and you should be scared

OnePlus has dropped the ball yet again, with a user discovering a data siphon that sends his private phone information and logs to a remote OnePlus server.
The next all-touchscreen smartphone from BlackBerry has surfaced. (Source: Evan Blass)

Blackberry's next all-touchscreen smartphone leaks out

Serial leaker Evan Blass has introduced the new BlackBerry Motion to the world. The new device will be the third touchscreen-only Android-based model from the the once dominant Canadian smartphone maker.
Yahoo? Help! (Source: Yahoo)

All 3 billion Yahoo user accounts were involved in the 2013 data breach

If you held a Yahoo account in 2013, then you were almost certainly involved in the data breach. At 3 billion user accounts affected, this announcement sets the record for the largest known data breach.
Austrian and Chinese scientists conversed over the quantum-secured communication line. (Source: Austrian Academy of Sciences)

Chinese and Austrian scientists make first unhackable quantum video call

The quantum communication process involves data that is embedded into entangled photons. Any unauthorized tempering with the quantum data stream is immediately exposed and the quantum signature is automatically changed to prevent further data tempering.
What Can a Chromebook Do?

What can you do with a Chromebook?

Chromebooks, which run on Google's ChromeOS, have quickly become one of the major drivers of mobile computing as they provide an easy way to access the web without worrying a lot about deployment, administration and configuration. Although ChromeOS is an almost online-exclusive OS, Chromebooks can still be adapted to handle most workflows. In this article, we explore what a Chromebook can do and help you decide if you should be hopping on the Google bandwagon.
Sirin Labs intends to bring the crypto world closer to mainstream with the upcoming Finney devices.

Sirin Labs is developing world's first blockchain smartphones and PC terminals

The Finney smartphones and PC terminals will be the first open-soruce devices to connect to an independent blockchain network. These will run a proprietary Android-based Shield OS that comes with an array of security features like behavioral based intrusion prevention system, secured communications through VoIP, text or email, and biometric authentication. T...
...
The Wi-Fi exploit could be affecting billions of devices. (Source: Google)

Google and Apple release emergency patches to fix Wi-Fi exploit in iPhone 7 and Galaxy S7 Edge

The Wi-Fi exploit works with any mobile device that integrates Broadcom Wi-Fi chips. Google and Apple claim they have released emergency patches for Android 8.0 Oreo and iOS 11, but it may take some time to patch all devices.
No indication from Showtime whether the script was placed by them, or if their websites were hacked. (Source: Showtime)

CBS-owned 'Showtime' joins The Pirate Bay and rogue chrome extensions in using your CPU to mine cryptocurrency

CoinHive's cryptomining JavaScript has been found embedded in the site code of two of Showtime's websites, causing increases CPU usage. The script has now been removed, but silence from Showtime leaves the question open on whether they had placed the code there, or if their websites were hacked.
The neuromorphic processor integrates 130,000 artificial neurons that can develop 130 million synapses. (source: Intel)

Intel presents its first self-learning neuromorphic processor codenamed Loihi

Intel's self-learning Loihi processor is built using the 14 nm manufacturing process and integrates 130,000 artificial neurons that can develop up to 130 million synapses. The chip can perform training and inference tasks, so it adapts in real time to environmental variables. Loihi could power self-driving cars in a few years, but it could also help improve ...
...
All this considered, this is about par for cyber information control in most parts of the world. (Source: The Verge)

Your private data isn't so private after all, Wechat confirms

It's been a good week for privacy intrusions, with GO Keyboard being reported to siphon user data. This time out, it's the Wechat app on all the headlines, as the app's new privacy policy sheds light on how public, private user data actually is.
The main weakness of pattern and PIN is the ability for those around you to obverve entry. (Source: Msporch/Pixabay)

Android pattern unlock is the easiest authentication method to snoop

A study by researchers from the University of Maryland and the US Naval Academy has been published showing that a six-spot pattern unlock is six times easier for snoopers to repeat after seeing once than a six-digit PIN.
Image: Twitter user Nick Sweeting

Equi-fail: Equifax directs customers affected by hack to fake phishing website

In another major misstep for Equifax, an employee of the credit services company responded to customer tweets with a link to a fake phishing website. The site, which was styled to look like the official Equifax site dedicated to the hack, was a fake used to demonstrate how easily malicious parties could further exploit Equifax's customers.
...
CCleaner's binary was modified by hackers to insert a backdoor. (Source: Piriform)

CCleaner hijacked by hackers to open a backdoor for remote code execution

Piriform, makers of the popular PC cleaning software CCleaner, said that a few versions of the program's 32-bit binary were hijacked by hackers who could insert a two-stage backdoor capable of remote code execution. Investigation is on to understand what exactly caused the hijack that resulted in about 2.27 million users getting affected.
...
Google Tez aims to make payments hassle-free. (Source: Google)

Google Tez aims to revolutionize the digital payment landscape in India

Google has launched a new payment service, Tez, which enables fast payments without the need to share information such as bank account numbers, fund transfer codes, or even pair up mobiles by NFC. The new service is compatible with any Indian bank that supports the Unified Payments Interface (UPI).
Image: Equifax

Equifax security breach blamed on known web vulnerability in Apache Struts

One week after announcing a major data breach affecting over 143 million consumers, Equifax is pointing blame at a security vulnerability in the Apache Struts web framework. However, the vulnerability was publicly announced in March and a patch was available months before the attack.
The QNAP TS-x77 features upto an 8-core 16-thread AMD Ryzen 7 CPU and 64 GB of RAM. (Source: QNAP)

QNAP briefs about QTS 4.3.4 OS and the TS-x77 NAS powered by AMD Ryzen

QNAP offered a glimpse into some of the advancements coming to the QTS 4.3.4 operating system that includes new features such as snapshot support for ARM-based QNAP NAS. It also offered a closer look into the TS-x77 NAS powered by AMD Ryzen CPUs.
Windows 10 Fall Creators Update is due on October 17th. (Source: Microsoft)

Android and iOS-like app permissions coming to Windows 10 apps

Microsoft is bringing app permissions for improved privacy and security with UWP (Windows Store) applications. Admins of the Enterprise Edition have an option to reduce the diagnostic data collected to be reduced to the minimum needed for administration by company IT departments.
Armis Labs warns that current security solutions will not detect BlueBorn, beacuse these are focused on IP attacks, not on airborne attacks. (Source: Armis Labs)

BlueBorne vulnerability could target billions of unpatched Bluetooth devices

Armis Labs discovered a Bluetooth vulnerability codenamed BlueBorne that could affect billions of devices including smartphones like Google Pixel and Samsung Galaxy, tablets like Samsung Galaxy Tab, smartwatches like LG Watch Sport, or audio systems like the Pumpkin Car Audio System. BlueBorne can also attack unpatched Windows and Linux PCs, and a variety of...
...
Graph of the increase in cryptocurrency mining trojans as measured by Kaspersky Labs. (Source: Bleeping Computer)

Cryptocurrency mining malware has infected over 1.65 million computers this year

Data from Kaspersky Labs shows that the number of cryptocurrency mining trojan infections in 2017 has passed 1.65 million to date. Criminals use infected PCs to crunch transactions and route the success fee to their own digital wallets.
Google Chrome. (Source: Google)

Google Chrome to include protection from man-in-the-middle attacks

Google Chrome 63 will come with a feature designed to protect users from third parties who are attempting to intercept their encrypted SSL transmissions.
Swelling batteries in the XPS 15 9550 have caused displacement of trackpads rendering them useless. (Source: User Crashnorun on the Dell Support Forum)

PSA | Dell offers to replace swelling XPS 15 9550 batteries for free, even if out-of-warranty

There were problems with batches of 84Wh batteries in the XPS 15 9550 that led to the battery bulging and pushing against the trackpad. Once the swelling was bad enough, it not only hindered the trackpad function but also posed a safety hazard. Users are now reporting that Dell is now finally accepting out-of-warranty battery replacements for the XPS 15 9550...
...
ASRock's X10 IoT router can remotely control various smart appliances around the house. (Source: ASRock)

ASRock's X10 IoT Router remotely controls home appliances over radio and IR

The X10 comes with the usual dual band Wi-Fi and Gigabit Ethernet connections, but also offers remote control capabilities for smart home appliances through the integrated ZigBee radio controller and IR blaster.
Equifax announces major security breach affecting 143 million customers in the U.S.

Equifax announces major security breach affecting 143 million customers in the U.S.

Equifax announced today that the personal information of over 143 million American consumers was compromised in late July. Items such as birth dates, social security numbers, and even drivers licenses were stolen by hackers, in addition to over 200,000 credit card numbers.
Apple's Siri is vulnerable to ultrasonic voice hacks.

Siri and Alexa are vulnerable to ultrasonic voice commands

Chinese researchers have been able to launch malicious voice command attacks on every major voice assistant including Siri and Alexa. Using ultrasonics, the researchers were able to hack devices with any victim completely unaware that their device had been compromised.
Lenovo has been fined US$3.5 million and had restrictions placed on pre-installed software on their systems in the United States. (Source: Geralt/Pixabay)

Lenovo fined US$3.5 million for pre-installing adware on some laptops in 2015

The saga about some Lenovo laptops coming pre-installed with adware in 2015 has now come to an end with the results of their court case being announced a few hours ago. Lenovo must pay a fine of US$3.5 million and has had some restrictions placed on how they handle pre-installed software in the United States.
...
The Windows 10 Fall Creators Update is all set to roll out starting October 17

IFA 2017 | Windows 10 Fall Creators Update will officially roll out starting October 17 along with a slew of Windows Mixed Reality headsets

At its IFA 2017 keynote in Berlin, Microsoft announced that the Windows 10 Fall Creators Update will start officially rolling out starting October 17. Microsoft's partners will also start shipping affordable Windows Mixed Reality headsets alongside the new OS update.
Insiders can now test drive full Office 365 apps directly from the Windows Store. (Source: Windows Central)

Microsoft invites Insiders to test drive Office 365 from the Windows Store

Microsoft is inviting Insiders to test out Office 365 programs from Windows Store. These are the original Win32-based programs converted using the Project Centennial desktop bridge that can now call UWP-specific APIs and services.
Image: Essential

Andy Rubin issues apology for Essential customer privacy debacle

After a massive privacy foul-up, Essential's Andy Rubin has issued a formal apology to customers that had their personal information emailed to other customers. Essential will provide affected individuals with a one-year subscription to LifeLock and, possibly, a free Essential Phone.
Acer Holo360 (left) and Acer Vision360 (right) LTE enabled 360-degree cameras. (Source: Acer)

IFA 2017 | Acer showcases 360-degree cameras with LTE connectivity

Acer has showcased two LTE enabled 360-degree cameras, the Holo360 and Vision360, at its IFA press conference. The Holo360 is a one-stop device for all things concerned with video recording, editing and sharing while the Vision360 is an in-car camera designed to augment driving safety.
Toshiba Tecra X40-D (i7-7600U, FHD) Laptop Review

87% Toshiba Tecra X40-D (i7-7600U, FHD) Laptop Review

Carbon Copy. Toshiba's new Tecra X40-D is the Japanese manufacturer's latest entry in the thin-and-light business market and carries over several features from its smaller brother, the Portégé X30. Is the X40 able to differentiate itself enough, or is it more of the same in a larger package?
Intel Core i7-7600U | Intel HD Graphics 620 | 14" | 1.3 kg
Deep digging into the Intel ME firmware has finally enabled security researchers to disable its functioning. (Source: Positive Technologies)

Eureka! The Intel Management Engine can finally be disabled, thanks to the NSA

Researchers have found a way to disable a much hated component of Intel CPUs — the Intel Management Engine, thanks in part to the NSA's High Assurance Platform (HPA) program.
WhatsApp will soon enable verified business numbers as a medium for customer interaction. (Source: WhatsApp)

WhatsApp will soon allow you to chat with verified businesses

Facebook-owned WhatsApp has started a pilot program to verify business numbers. This allows customers to directly chat with businesses for quicker updates and problem resolution.
Verizon is one the first US carriers to roll out the new Android Oreo OTA update. (Source: Verizon)

Verizon starts rolling out Android Oreo to Google Pixel handsets

Contrary to popular notion, Verizon has started to seed the Android Oreo update to Google Pixel phones on its network much before any other major US carrier has initiated the process.
Google's Certified Android devices program is a continuation of its security efforts. (Source: Google)

Google launches Certified Android device program

Google has announced its new Certified Android devices program. Designed to give customers the guarantee of a malware-free device out of the box, it is the company's latest effort to clamp down on Android security.
NY Mayor Bill de Blasio with NYPD deputy commissioner for IT, Jessica Tisch. (Source: NY Post)

NYPD contemplating on replacing 36,000 odd Windows Phones with iPhones

In the continuing habitual setback for Microsoft in its mobile endeavors, the NYPD will soon be scrapping its 36,000 odd smartphones running Windows Phone 8.1 for iPhones. The department is taking the decision in the wake of Microsoft halting updates for the ill-fated mobile OS.
The Librem 5 will feature hardware kill switches for the camera, microphone, and wireless radios. (Image: Purism)

Purism turns to crowdfunding to develop their Linux-based smartphone

The Librem 5, currently up for preorder through a crowdfunding campaign, is Purism's attempt to create a privacy-focused smartphone. The phone will run a mobile variant of PureOS, which is Purism's own custom GNU/Linux-based operating system.
Windows 95 is still used in various machines around the world, including critical systems inside the Pentagon. (Source: Brian Miller)

Windows 95 turns 22 - still lurks inside Pentagon's critical systems

22 years after its release, Microsoft Windows 95 is still running on machines around the world, including critical systems inside the Pentagon. The US Department of Defense is collaborating with Microsoft to migrate all Pentagon systems to Windows 10.
Not all apps using the Igexin SDK were found to be collecting data, but they all had the potential to do it. (Source: Pixabay)

Igexin use their advertising SDK to siphon user data back to their servers in China

Igexin, the developer of an advertising software kit, has been caught collecting user data and sending it back to servers in China. Their kit was used in 500 legitimate applications and used the permissions granted to those apps to collect data such as call logs. Google has disabled the compromised applications while the developers replace the advertising AP...
...
Latest XPS 13 9360 1.0.7 BIOS update purportedly bricking systems

Latest XPS 13 9360 1.0.7 BIOS update purportedly bricking systems

In what could be another potential PR headache for Dell, the latest 1.0.7 BIOS update for the XPS 13 may be accidentally rolling back systems. It's recommended that XPS 13 owners do not install this latest update until Dell either reuploads a replacement or directly addresses users' complaints.
Hacking your phone through the touchscreen? Yes, it can be done. (Image: Shattered Trust)

New research paper demonstrates smartphone security hole in replacement hardware

A research team has successfully compromised a smartphone by injecting malicious code into the drivers for the touchscreen. The code allows full access to the device, including the ability to alter files, use the phone's camera, download malicious apps, and grant root access without unlocking the bootloader.
...
BlackBerry KEYone

83% BlackBerry KEYone Smartphone Review

Press me! TLC has presented a new BlackBerry smartphone with a physical keyboard: the KEYone. The new smartphone combines a 4.5-inch touchscreen with a touch-sensitive keyboard that can also be used as a Trackpad.
Update: Build AAN358 is rolled out.
Qualcomm Snapdragon 625 | Qualcomm Adreno 506 | 4.5" | 180 g
Ransomware Locky and Mamba have started rearing their ugly heads again. (Source: 2-Spyware)

Beware! Ransomware Locky and Mamba on the prowl again

Variants of ransomware Locky and Mamba have resurfaced and are more lethal than ever. Those unfortunate to be infected, risk encryption of the entire HDD and need to cough up a huge sum of money for decryption and recovery of their data.

Working For Notebookcheck

Are you a loyal reader of notebookcheck? Are you a techie who knows how to write? Then join our Team!

Especially wanted: 
German-English-Translator - Details here
Review Editor - 
Details here
News Editor - Details here

 

 

 

 

 

 

 

 

Phablet

Phablet

Tags

Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > Topics
Redaktion, 2013-05- 8 (Update: 2013-09-27)