Researcher Turns HDD Into Rudimentary Microphone

An anonymous reader writes from Bleeping Computer: Speaking at a security conference, researcher Alfredo Ortega has revealed that you can use your hard disk drive (HDD) as a rudimentary microphone to pick up nearby sounds. This is possible because of how hard drives are designed to work. Sounds or nearby vibrations are nothing more than mechanical waves that cause HDD platters to vibrate. By design, a hard drive cannot read or write information to an HDD platter that moves under vibrations, so the hard drive must wait for the oscillation to stop before carrying out any actions. Because modern operating systems come with utilities that measure HDD operations up to nanosecond accuracy, Ortega realized that he could use these tools to measure delays in HDD operations. The longer the delay, the louder the sound or the intense the vibration that causes it. These read-write delays allowed the researcher to reconstruct sound or vibration waves picked up by the HDD platters. A video demo is here. “It’s not accurate yet to pick up conversations, ” Ortega told Bleeping Computer in a private conversation. “However, there is research that can recover voice data from very low-quality signals using pattern recognition. I didn’t have time to replicate the pattern-recognition portion of that research into mine. However, it’s certainly applicable.” Furthermore, the researcher also used sound to attack hard drives. Ortega played a 130Hz tone to make an HDD stop responding to commands. “The Linux kernel disconnected it entirely after 120 seconds, ” he said. There’s a video of this demo on YouTube. Read more of this story at Slashdot.

Read this article:
Researcher Turns HDD Into Rudimentary Microphone

Uber’s iOS App Had Secret Permissions That Allowed It to Copy Your Phone Screen, Researchers Say

To improve functionality between Uber’s app and the Apple Watch, Apple allowed Uber to use a powerful tool that could record a user’s iPhone screen, even if Uber’s app was only running in the background, security researchers told news outlet Gizmodo. From a report: After the researchers discovered the tool, Uber said it is no longer in use and will be removed from the app. The screen recording capability comes from what’s called an “entitlement” — a bit of code that app developers can use for anything from setting up push notifications to interacting with Apple systems like iCloud or Apple Pay. This particular entitlement, however, was intended to improve memory management for the Apple Watch. The entitlement isn’t common and would require Apple’s explicit permission to use, the researchers explained. Will Strafach, a security researcher and CEO of Sudo Security Group, said he couldn’t find any other apps with the entitlement live on the App Store. “It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature, ” Strafach said. “Considering Uber’s past privacy issues I am very curious how they convinced Apple to allow this.” Read more of this story at Slashdot.

Visit link:
Uber’s iOS App Had Secret Permissions That Allowed It to Copy Your Phone Screen, Researchers Say

HP’s Spectre x360 13 Promises Up To 16 Hours of Battery Life in a Faster, Cooler Design

From a report: The HP Spectre x360 13 is already one of the most popular 360-degree convertible laptops, and it’s about to get faster and cooler, thanks in part to Intel’s latest 8th-generation Core CPUs. Announced Wednesday, the refreshed Spectre x360 13 also offers greatly improved thermals and other nice tweaks. The Spectre x360 13 will ship on October 29 with a starting price of $1, 150, including a color-matched pen. Best Buy will begin taking pre-orders October 4. Multiple configurations will be available, but we’re listing below the specs we were given for the higher-end model ae013dx: CPU: Intel 8th-generation Core i7-8550U, a quad-core CPU with a 1.8GHz base clock and turbo boost up to 4GHz. Core i5 CPUs will also be available. RAM: 16GB LPDDR3 SDRAM. Storage: 512GB PCIe NVMe M.2 SSD. Read more of this story at Slashdot.

Visit site:
HP’s Spectre x360 13 Promises Up To 16 Hours of Battery Life in a Faster, Cooler Design

US Studying Ways To End Use of Social Security Numbers For ID

wiredmikey quotes a report from Security Week: U.S. officials are studying ways to end the use of social security numbers for identification following a series of data breaches compromising the data for millions of Americans, Rob Joyce, the White House cybersecurity coordinator, said Tuesday. Joyce told a forum at the Washington Post that officials were studying ways to use “modern cryptographic identifiers” to replace social security numbers. “I feel very strongly that the social security number has outlived its usefulness, ” Joyce said. “It’s a flawed system.” For years, social security numbers have been used by Americans to open bank accounts or establish their identity when applying for credit. But stolen social security numbers can be used by criminals to open bogus accounts or for other types of identity theft. Joyce said the administration has asked officials from several agencies to come up with ideas for “a better system” which may involve cryptography. This may involve “a public and private key” including “something that could be revoked if it has been compromised, ” Joyce added. Read more of this story at Slashdot.

See the original post:
US Studying Ways To End Use of Social Security Numbers For ID

According To Star Trek: Discovery, Starfleet Still Runs Microsoft Windows

AmiMoJo shares a report from The Verge: The third episode of Star Trek: Discovery aired this week, and at one point in the episode, Sonequa Martin-Green’s Michael Burnham is tasked with reconciling two suites of code. In the show, Burnham claims the code is confusing because it deals with quantum astrophysics, biochemistry, and gene expression. And while the episode later reveals that it’s related to the USS Discovery’s experimental new mycelial network transportation system, Twitter user Rob Graham noted the code itself is a little more pedestrian in nature. More specifically, it seems to be decompiled code for the infamous Stuxnet virus, developed by the United States to attack Iranian computers running Windows. Read more of this story at Slashdot.

View the original here:
According To Star Trek: Discovery, Starfleet Still Runs Microsoft Windows

Tesla Is Shipping Hundreds of Powerwall Batteries To Puerto Rico

schwit1 quotes a report from Futurism: In a continued streak of goodwill during this year’s devastating hurricane season, Tesla has been shipping hundreds of its Powerwall batteries to Puerto Rico in the aftermath of Hurricane Maria. Since the hurricane hit on 20 September, much of the U.S. territory has been left without power — about 97 percent, as of 27 September — hampering residents’ access to drinkable water, perishable food, and air conditioning. The island’s hospitals are struggling to keep generators running as diesel fuel dwindles. Installed by employees in Puerto Rico, Tesla’s batteries could be paired with solar panels in order to store electricity for the territory, whose energy grid may need up to six months to be fully repaired. Several power banks have already arrived to the island, and more are en route. Read more of this story at Slashdot.

Read More:
Tesla Is Shipping Hundreds of Powerwall Batteries To Puerto Rico

Instagram Now Has 800 Million Monthly, 500 Million Daily Active Users

An anonymous reader quotes a report from CNBC: Instagram said Monday that it’s added another 100 million monthly users. That brings the photo-sharing app to 800 million monthly active users, up from 700 million in April, according to Carolyn Everson, vice president of global marketing solutions at Facebook, who spoke at an Advertising Week event in New York City. Five hundred million of those are daily active users, the company said. That means that Instagram is still ahead of rival Snap in terms of users, based on Snap’s last report. Snap said in August that it had 173 million daily active users. Time spent watching video on Instagram is up more than 80 percent year over year, the company also said on Monday, and four times as many videos are being produced every day on Instagram compared with a year ago. Read more of this story at Slashdot.

Visit site:
Instagram Now Has 800 Million Monthly, 500 Million Daily Active Users

Chicago School Official: US IT Jobs Offshored Because ‘We Weren’t Making Our Own’ Coders

theodp writes: In a slick new video, segments of which were apparently filmed looking out from Google’s Chicago headquarters giving it a nice high-tech vibe, Chicago Public Schools’ CS4ALL staffers not-too-surprisingly argue that creating technology is “a power that everyone needs to have.” In the video, the Director of Computer Science and IT Education for the nation’s third largest school district offers a take on why U.S. IT jobs were offshored that jibes nicely with the city’s new computer science high school graduation requirement. From the transcript: “People still talk about it’s all offshored, it’s all in India and you know, there are some things that are there but they don’t even realize some of the reasons that they went there in the first place is because we weren’t making our own.” Read more of this story at Slashdot.

Originally posted here:
Chicago School Official: US IT Jobs Offshored Because ‘We Weren’t Making Our Own’ Coders

Popular Chrome Extension Embedded A CPU-Draining Cryptocurrency Miner

An anonymous reader writes: SafeBrowse, a Chrome extension with more than 140, 000 users, contains an embedded JavaScript library in the extension’s code that mines for the Monero cryptocurrency using users’ computers and without getting their consent. The additional code drives CPU usage through the roof, making users’ computers sluggish and hard to use. Looking at the SafeBrowse extension’s source code, anyone can easily spot the embedded Coinhive JavaScript Miner, an in-browser implementation of the CryptoNight mining algorithm used by CryptoNote-based currencies, such as Monero, Dashcoin, DarkNetCoin, and others. This is the same technology that The Pirate Bay experimented with as an alternative to showing ads on its site. The extension’s author claims he was “hacked” and the code added without his knowledge. Read more of this story at Slashdot.

View original post here:
Popular Chrome Extension Embedded A CPU-Draining Cryptocurrency Miner

This Guy Is Digitizing the VHS History of Video Games

An anonymous reader shares a report: UK-based gaming journalist and blogger Chris Scullion is on a mission to preserve his collection — and maybe your collection, too — of these old video game VHS tapes. In the 80s and 90s, video game companies and trade magazines made these tapes to accompany popular titles or new issues with bonus material or promotional footage, giving a glimpse into how marketing for games was done in the industry’s early days. Scullion has 18 tapes to upload so far, and plans to provide accompanying commentary as well as the raw video as they go up on his YouTube channel. Scullion’s first upload is a promotional tape for Super Mario All-Stars, given away by Nintendo UK in 1993. It’s hosted by Craig Charles, who played Lister in the British sci-fi sitcom Red Dwarf. Digitizing his collection keeps that sweet nostalgia content safe from degradation of the magnetic tape, which starts to go downhill within 10 to 25 years. He’s capturing them in HD using a 1080p upscaler, at a full 50fps frame rate by converting to HDMI before grabbing — a higher frame rate than many standard commercial digitizing devices that capture at 30fps — so that no frames are missed. Some of the tapes he’s planning to digitize have already been converted and uploaded to YouTube by other people, he says, but most are either poor quality or captured with less-advanced grabbing devices. Read more of this story at Slashdot.

View article:
This Guy Is Digitizing the VHS History of Video Games