Notebookcheck

Cyberlaw

     restrict settings
additional restrictions: Cyberlaw
The new AMT hack can bypass all known security measures. (Source: Anandtech)

Gone in 30 seconds: New Intel AMT exploit is scarier than you can ever fathom

F-Secure's security researchers discovered another flaw in Intel's Active Management Technology (AMT) that a hacker can potentially misuse to gain remote access to a system.
'Haswell' CPU owners are getting increased security at the expense of reliability. (Source: Overclock3D)

Intel 'Haswell' and 'Broadwell' CPU users complain of higher system reboots after applying Meltdown and Spectre patches

Users of older generation 'Haswell' and 'Broadwell' Intel CPUs are reporting of constant reboots after applying patches to address the Meltdown and Spectre vulnerabilities. Intel is looking at issuing a revised firmware to address specific issues related to these CPUs.
Image: Computerworld.com

Apple devices are already protected against Meltdown without any hit to performance

With the massive vulnerabilities recently discovered in Intel CPUs, the main question on everyone's minds are when affected devices will be updated to guard against possible exploits. Apple is ahead of the game; apparently, the latest versions of their various operating systems protect against Meltdown, and a fix for Spectre is coming to Safari in the next f...
...
The NVIDIA GeForce GTX 1080 Ti. (Source: NVIDIA)

Consumer NVIDIA GPUs cannot be used in datacenters henceforth

Recent changes to NVIDIA's EULA prohibits datacenter deployment of their consumer grade GeForce GPUs apart from those used for blockchain processing. This being seen as a move to curb deployment of cost-effective GeForce GPUs for half-precision Deep Neural Network processing.
Torrenting can affect your coziness at home. (Source: The WireCutter)

Torrenting can cost you the ability to remotely control your smart thermostat

Armstrong Zoom Internet has sent notices to its users that copyright infringement can lead to speed throttling that not only affects file transfer but also the ability to remotely control connected devices such as smart thermostats and video monitoring services.
Honey Quest uses technology to target ads based on the user's viewing habits. (Source: NY Times)

Android games found tracking users' TV viewing habits

Many Android games have been found to track the user's TV viewing habits for displaying ads. The games use software from Alphonso that collects data from the phone's microphone, identifies the audio stream, and displays targeted advertising.
Vincenzo and Giacomo Barbato with their 'Steve Jobs' brand. (Source: Business Insider Italia)

Brothers do a neat Italian Job of trademarking 'Steve Jobs'

Vincenzo and Giacomo Barbato have emerged victorious in the legal battle against Apple in naming their brand after Steve Jobs. Their company currently produces clothing and plans to enter into electronics very soon.
Apple had a lot of explaining to do after the recent reports of iPhone slowdowns. (Source: Steemit)

HTC and Motorola say slowing down older phones is not their cup of tea

In emails to The Verge, HTC and Motorola have clarified that they do not slow down phones as the batteries start wearing out. This comes in the wake of Apple's now controversial policy of slowing down phones with ageing batteries.
Keeper is being installed by default in new Windows 10 installations. (Source: User ToppestofDogs on Reddit)

Windows 10's included password manager can pose a security risk

A Google security researcher has discovered that the included third-party password manager in Windows 10, Keeper, comes with a security vulnerability that injects privileged UI into web apages that exposes a user's passwords.
Mozilla in hot water after installing a browser add-on for some users without their permission

Mozilla in hot water after installing a browser add-on for some users without their permission

Some Firefox users recently found an unwarranted add-on installed in their browsers. The add-on, which is a page tool tied to the popular online show "Mr. Robot," was installed for some users that are a part of Mozilla's Studies program. While not malicious, the add-on was installed without the users' knowledge and raised some alarm from fervent Mozilla fans...
...
Indian Intelligence Bureau calls out smartphone apps sending data to China

Indian Intelligence Bureau calls out smartphone apps sending data to China

The Indian Intelligence Bureau has directed its border troops to format their smartphones and delete a number of specified apps, citing the reason as a discovered data trail leading from these apps to China.
HP stealthily replace the older Touchpoint Manager with a Touchpoint Analytics Service app that is sending user data to HP's servers without consent. (Source: HP)

HP accused of spying on its customers through stealthy telemetry app

HP stealthily replaced the "Touchpoint Manager" app with a new version called "Touchpoint Analytics Service", causing full CPU usage on its clients' systems and syphoning user data.
They may take everything but never our freedom. Never our right to choose.

The fight for Net Neutrality is on...you should take action today

The US Federal Communications Commission is set to cast a vote that will repeal the Net Neutrality laws that keep the Internet fun for everyone. American or not, it's time you had a say in this matter. Let your voice be heard today.
Smartwatches targetted at children, like the VTech Kidizoom, are now banned in Germany. (Image: VTech)

Germany bans smartwatches marketed at children

Children's smartwatches have been found to have glaring security holes, some of which can present a serious threat to the safety of the children that wear them. These security issues, along with privacy concerns, have led German officials to ban the sale of children's smartwatches.
A more fitting name if this trend of fails continues. (Source: CHEIL India)

OnePlus is collecting user data without permission, and you should be scared

OnePlus has dropped the ball yet again, with a user discovering a data siphon that sends his private phone information and logs to a remote OnePlus server.
An always on camera?

Google Clips is Watching You: Google's new action camera automatically snaps shots, records video

Google Clips is a small wearable action camera that automatically takes pictures of what it judges to be special moments. It learns who the important people in your life are via machine learning, and it may pose a serious privacy concern.
All this considered, this is about par for cyber information control in most parts of the world. (Source: The Verge)

Your private data isn't so private after all, Wechat confirms

It's been a good week for privacy intrusions, with GO Keyboard being reported to siphon user data. This time out, it's the Wechat app on all the headlines, as the app's new privacy policy sheds light on how public, private user data actually is.
Image: Twitter user Nick Sweeting

Equi-fail: Equifax directs customers affected by hack to fake phishing website

In another major misstep for Equifax, an employee of the credit services company responded to customer tweets with a link to a fake phishing website. The site, which was styled to look like the official Equifax site dedicated to the hack, was a fake used to demonstrate how easily malicious parties could further exploit Equifax's customers.
...
CCleaner's binary was modified by hackers to insert a backdoor. (Source: Piriform)

CCleaner hijacked by hackers to open a backdoor for remote code execution

Piriform, makers of the popular PC cleaning software CCleaner, said that a few versions of the program's 32-bit binary were hijacked by hackers who could insert a two-stage backdoor capable of remote code execution. Investigation is on to understand what exactly caused the hijack that resulted in about 2.27 million users getting affected.
...
Image: Equifax

Equifax security breach blamed on known web vulnerability in Apache Struts

One week after announcing a major data breach affecting over 143 million consumers, Equifax is pointing blame at a security vulnerability in the Apache Struts web framework. However, the vulnerability was publicly announced in March and a patch was available months before the attack.
Graph of the increase in cryptocurrency mining trojans as measured by Kaspersky Labs. (Source: Bleeping Computer)

Cryptocurrency mining malware has infected over 1.65 million computers this year

Data from Kaspersky Labs shows that the number of cryptocurrency mining trojan infections in 2017 has passed 1.65 million to date. Criminals use infected PCs to crunch transactions and route the success fee to their own digital wallets.
Qualcomm claims a list of Android firsts on its blog just in time for the launch of the new iPhones. (Source: Qualcomm)

Qualcomm lists innovations that appeared first on Android — just ahead of the iPhone X launch

Qualcomm has published a blog post detailing some of the mobile innovations that were made possible by the collaboration with Google and other Android OEMs. Cheekily, the list of innovations seem to reflect some of the new features that will be debuting in the new iPhones set to be launched later today.
...
Equifax announces major security breach affecting 143 million customers in the U.S.

Equifax announces major security breach affecting 143 million customers in the U.S.

Equifax announced today that the personal information of over 143 million American consumers was compromised in late July. Items such as birth dates, social security numbers, and even drivers licenses were stolen by hackers, in addition to over 200,000 credit card numbers.
Lenovo has been fined US$3.5 million and had restrictions placed on pre-installed software on their systems in the United States. (Source: Geralt/Pixabay)

Lenovo fined US$3.5 million for pre-installing adware on some laptops in 2015

The saga about some Lenovo laptops coming pre-installed with adware in 2015 has now come to an end with the results of their court case being announced a few hours ago. Lenovo must pay a fine of US$3.5 million and has had some restrictions placed on how they handle pre-installed software in the United States.
...
Image: Essential

Andy Rubin issues apology for Essential customer privacy debacle

After a massive privacy foul-up, Essential's Andy Rubin has issued a formal apology to customers that had their personal information emailed to other customers. Essential will provide affected individuals with a one-year subscription to LifeLock and, possibly, a free Essential Phone.
Deep digging into the Intel ME firmware has finally enabled security researchers to disable its functioning. (Source: Positive Technologies)

Eureka! The Intel Management Engine can finally be disabled, thanks to the NSA

Researchers have found a way to disable a much hated component of Intel CPUs — the Intel Management Engine, thanks in part to the NSA's High Assurance Platform (HPA) program.
NY Mayor Bill de Blasio with NYPD deputy commissioner for IT, Jessica Tisch. (Source: NY Post)

NYPD contemplating on replacing 36,000 odd Windows Phones with iPhones

In the continuing habitual setback for Microsoft in its mobile endeavors, the NYPD will soon be scrapping its 36,000 odd smartphones running Windows Phone 8.1 for iPhones. The department is taking the decision in the wake of Microsoft halting updates for the ill-fated mobile OS.
Samsung logo (Source: Samsung)

Judge gives Samsung heir five years in jail for bribery scandal

A judge has sentenced Lee Jae-jong, the Samsung heir, to five years jail time for his part in the bribery scandal with the administration of the former President of South Korea. He was also found guilty of giving false testimony in court and hiding overseas assets.
Ransomware Locky and Mamba have started rearing their ugly heads again. (Source: 2-Spyware)

Beware! Ransomware Locky and Mamba on the prowl again

Variants of ransomware Locky and Mamba have resurfaced and are more lethal than ever. Those unfortunate to be infected, risk encryption of the entire HDD and need to cough up a huge sum of money for decryption and recovery of their data.
suhide-lite can bypass Google's SafetyNet, allowing rooted phones to run apps that would otherwise be restricted. (Source: XDA-Developers)

It's now easier to hide root on your Android phone with suhide-lite

A new SuperSU package by developer Chainfire allows users to hide root status from specific apps, which can enable the use of certain apps on rooted devices that would otherwise be blocked via Google's SafetyNet API.
Nintendo Switch with removable Joycon controllers. (Source: Nintendo)

Nintendo sued over joycon controller design, meanwhile NVIDIA says Nintendo are "innovators"

NVIDIA has praised Nintendo for being innovators and risk takers for their successful Switch console. Meanwhile, Nintendo is facing a lawsuit from Gamevice, who claim that the detachable controller design of the switch infringes on patents they own and use with their product line.
The malicious software is activated whrn the DNA sequencer analyzes the data. (Source: Shutterstock)

Biohackers splice malware directly into DNA strands

Scientists came up with a plan to infect computers using altered human DNA. The malicious code is activated when the altered human genetic code is analyzed by a DNA sequencer that is hooked to a computer network.
Windows 10 collects more telemetry data than previous versions of the operating system. (Source: Microsoft)

71 percent of Windows 10 Creators Update users send Microsoft their full telemetry data

Microsoft has reduced the amount of telemetry data collected under the 'basic' diagnostic option to be compliant with privacy laws and customer desires. However, 71 percent of Creators Update users still opt to send full diagnostic data to Microsoft including browsing and typing data.
Friends with benefits — Kaspersky and Microsoft seem to have reconciled their differences with respect to security in Windows 10. (Source: Kaspersky)

Kaspersky withdraws antitrust claim after Microsoft offers to make Windows 10 more AV vendor friendly

It appears that Microsoft and Kaspersky have come to terms with respect to the latter's demands of a more antivirus vendor friendly approach in Windows 10 resulting in withdrawal of all antitrust allegations against Microsoft by Kaspersky.
Disney Princess: Charmed Adventures is one of 42 titles the suit alleges to collect personal information of children without parental consent. (Source: Disney)

Disney sued for allegedly illegally collecting data on children with smartphone apps

Disney is being sued along with three software companies for creating software targeted at young children that collect personal information and send it to advertisers without the consent of parents. Disney has signaled it aims to face the suit in court.
BLU's tweet announcing their product are back online. (Source: Twitter)

BLU phones back on Amazon following privacy fears

After privacy concerns caused Amazon to delist some phones by budget smartphone manufacturer BLU, the products are once again available through the online retailer. Although BLU has denied allegations of any wrongdoing, privacy issues with budget Android phones may remain a concern.
The WannaCry hackers are taking a risk emptying their bitcoin wallets. (Source: HypnoArt/Pixabay)

WannaCry hackers empty their wallets

The three ransom wallets associated with the WannaCry ransomware have been monitored by law-enforcement for the last three months. A few days ago the total Bitcoin balances were transferred from each of those wallets into a number of smaller ones as the hackers start the process of trying to make any cash withdrawals untraceable.
...
Apple is not the only company forced to either cooperate with the Chinese government or face losing access to the market, but they are the largest. (Source: Shutterstock)

Apple pulls VPNs from Chinese App Store

Apple has pulled a number of censorship-defeating tools from their App Store in China, citing Chinese law. The move to accommodate the Chinese government deprives many in the country of access to information.
Source3 joins Facebook to get content creators paid

Facebook acquires Source3

Thanks to the Source3's technology and this content rights management company's team, Facebook plans to help digital artists monetize their content while staying safe from piracy.
Chinese security forces in Xinjiang are reportedly checking residents for whether or not they have installed the spying app. Failure to have the app installed can lead to up to 10 days detention. (Source: Twitter/即时中国大陆映像)

Some Chinese residents forced to install government spyware on phones

The Chinese government has made the installation of surveillance software on phones mandatory in the north-western city of Urumqi. Urumqi is the capital of Xin Jiang province, which is home to most of China's Turkic Uighur minority.
Users found that using a proxy could triple their bandwidth on the affected sites. (Source: ArsTechnica)

Verizon allegedly throttling Netflix and Youtube

Verizon "unlimited" subscribers have complained about YouTube and Netflix being throttled to 10Mbps, resulting in decreased video quality in some situations. Verizon later admitted to testing"optimizations", but denied that they had throttled the connection.
Yesterday's memes are now today's news. (Source: Know Your Meme)

Facebook to allow paywalled articles later this year

Facebook is reportedly working on a paywall system to access shared articles.
Petya's decryption key is now available but tough luck for those affected by NotPetya. (Source: MalwareBytes Blog)

Master decryption key for Petya ransomware found to be ineffective against NotPetya

The decryption key for the Petya ransomware seems to be ineffective for use in systems infected by NotPetya, leaving those infected by the nefarious program still in the lurch.
A resolution passed by the European Parliament echoes the demands of consumers and companies like iFixit: give us devices that are easier to repair. (Source: Wikimedia Commons)

Europeans want devices that can be easily repaired

In 2014, a poll showed that a majority of consumers in the EU would prefer to repair their old devices instead of just buying new ones. Recently, the European Parliament passed a resolution calling for device manufacturers to create products better suited to meet this demand.
Identity verification is now just a video call away. (Source: MSPoweruser)

Skype Lite for Android updated with user verification integration for Indian users

Integration of a citizen's 'Aadhaar' identification into Skype is now possible, providing Indian users with identity verification facility for important calls.
Negotiations with Microsoft by the Indian Government may offer users a low cost upgrade option to Windows 10. (Source: Microsoft)

Microsoft pressured to offer Windows 10 upgrades at 75 percent off due to ransomware attacks

With many devices still languishing with older Windows versions, the Indian Government is pressing Microsoft for a one-time discount on Windows 10 to curb the proliferation of ransomware.
Windows Defender Exploit Guard in action. (Source: GHacks)

Microsoft reveals some of the upcoming enterprise security features in the Windows 10 Fall Creators Update

There's never been a time to be more secure than now, and the upcoming Windows 10 Fall Creators Update looks to reinforce this fact
The submitted patent for the disablement system. (Source: MSPowerUser)

Microsoft patents always-on anti-theft technology for laptops

Microsoft has patented an anti-theft system for upcoming PCs with cellular connectivity, allowing them to be remotely disabled even without a network connection.
UK Parliament was forced to restrict access to their email accounts due to sustained cyber-attacks today. (Source: Justin Tallis/AFP/Getty Images)

UK parliament suffering from sustained cyber-attacks

Parliament's email system has been forced to close itself off from outside connections following a series of persistent cyber-attacks discovered today.
Image source: Microsoft

Windows 10 S can be infected with malware

While Microsoft has claimed that Windows 10 S is not vulnerable to any currently known malware, a clever cybersecurity professional has found an exploit in Microsoft Word that can run malicious code in the operating system.

Working For Notebookcheck

Are you a loyal reader of notebookcheck? Are you a techie who knows how to write? Then join our Team!

Especially wanted: 
German-English-Translator - Details here
Review Editor - 
Details here
News Editor - Details here

 

 

 

 

 

 

 

 

 

 

Tags

Please share our article, every link counts!
> Notebook / Laptop Reviews and News > News > Topics
Redaktion, 2013-05- 8 (Update: 2013-09-27)