brides-cond – Page 36 – Tech Today w/ Ken May

Samsung has more employees than Google, Apple, and Microsoft combined

Samsung loves “big.” Its phones are big, its advertising budget is big, and as you’ll see below, its employee headcount is really big, too. Samsung has more employees than Apple, Google, and Microsoft combined . We dug through everyone’s 10-K (or equivalent) SEC filings and came up with this: Samsung Electronics vs the headcounts of other companies. Ron Amadeo At 275,000 employees, Samsung ( just Samsung Electronics) is the size of five Googles! This explains Samsung’s machine-gun-style device output; the company has released around 46 smartphones and 27 tablets just in 2014. If we wanted to, we could cut these numbers down some more. Google is going to shed 3,894 employees once it finally gets rid of Motorola. Over half of Apple’s headcount—42,800 employees—is from the retail division, putting the non-retail part of the company at only 37,500 employees. The “Sony” on this chart only means “Sony Electronics,” the part of the company that is most comparable to Samsung Electronics. Sony Group has a massive media arm consisting of Sony Pictures Entertainment, Sony Music Entertainment, and Sony Financial Services. Read 9 remaining paragraphs | Comments

View article:
Samsung has more employees than Google, Apple, and Microsoft combined

Update: Bug in Bash shell creates big security hole on anything with *nix in it

Mac OS X Mavericks is also a *nix, and also vulnerable to the Bash bug. Sean Gallagher Update: The Bash vulnerability, now dubbed by some as “Shellshock”, has been reportedly found in use by an active exploit against web servers. See Ars’ latest report for further details. A security vulnerability in the GNU Bourne Again Shell (Bash), the command-line shell used in many Linux and Unix operating systems, could leave systems running those operating systems open to exploitation by specially crafted attacks. “This issue is especially dangerous as there are many possible ways Bash can be called by an application,” a Red Hat security advisory warned. The bug , discovered by Stephane Schazelas , is related to how Bash processes environmental variables passed by the operating system or by a program calling a Bash-based script. If Bash has been configured as the default system shell, it can be used by network–based attackers against servers and other Unix and Linux devices via Web requests, secure shell, telnet sessions, or other programs that use Bash to execute scripts. Read 8 remaining paragraphs | Comments

Visit link:
Update: Bug in Bash shell creates big security hole on anything with *nix in it

Google stops malicious advertising campaign that could have reached millions

Malicious ads appears on Last.fm after advertising network Zedo serves up malicious content. Courtesy Malwarebytes Google shut down malicious Web attacks coming from a compromised advertising network on Friday. The move follows a security firm’s analysis that found the ad platform, Zedo, serving up advertisements that attempted to infect the computers of visitors to major websites. In an attack that ended early Friday morning, visitors to Last.fm, The Times of Israel, and The Jerusalem Post ran the risk of their computers becoming infected as Zedo redirected visitors’ systems to malicious servers . Because the advertisements hosted on Zedo’s servers were distributed through Google’s Doubleclick, the attack reached millions of potential victims, Jerome Segura, senior security researcher at Malwarebytes Labs, told Ars. Distributing malware through legitimate advertising networks, a technique known as “malvertising,” has become an increasingly popular way to compromise the systems of consumers and workers alike. Read 9 remaining paragraphs | Comments

Original post:
Google stops malicious advertising campaign that could have reached millions

Reversible, tiny, faster: Hands on with the USB Type-C plug

Megan Geuss SAN FRANCISCO—Last week, Ars met up with several representatives of the non-profit USB Implementers Forum (USB-IF) to check out some of the first USB Type-C connectors off the assembly lines. The Type-C specification was announced in December and finalized in August , and it’s set to bring a number of improvements to its predecessors, in addition to being smaller than the Type-A USB plugs we’re familiar with today. Considering how many USB Type-A devices are still being actively built out there (over 4 billion USB-compatible products are made each year), this smaller, reversible connector represents a significant jump. Jeff Ravencraft, President and COO of USB-IF, told Ars that USB-IF wanted a connector that worked equally well for large and small devices. “We also understand that yeah the consumer maybe has some trouble with putting in that cable connector,” he added of the Type-C’s new-found ability to be plugged in right-side up or upside down, like Apple’s Lightning connector. The new Type-C connector is also slightly bigger than its proprietary cousin, with Type-C sized at approximately 8.4mm by 2.6mm and Lightning coming in at 7.7 mm by 1.7 mm. Unlike the reversible Lightning, but similar to USB connectors before it, the USB Type-C connector has a mid-plate inside the receptacle that the plug surrounds when it’s inserted. Read 14 remaining paragraphs | Comments

View post:
Reversible, tiny, faster: Hands on with the USB Type-C plug

Hack runs Android apps on Windows, Mac, and Linux computers

The official Android Twitter app running on Mac OS. Ron Amadeo If you remember, about a week ago, Google gave Chrome OS the ability to run Android apps through the ” App Runtime for Chrome .” The release came with a lot of limitations—it only worked with certain apps and only worked on Chrome OS. But a developer by the name of ” Vladikoff ” has slowly been stripping away these limits. First he figured out how to load any app on Chrome OS, instead of just the four that are officially supported. Now he’s made an even bigger breakthrough and gotten Android apps to work on any desktop OS that Chrome runs on. You can now run Android apps on Windows, Mac, and Linux. The hack depends on App Runtime for Chrome (ARC), which is built using Native Client , a Google project that allows Chrome to run native code safely within a web browser. While ARC was only officially released as an extension on Chrome OS, Native Client extensions are meant to be cross-platform. The main barrier to entry is obtaining ARC Chrome Web Store, which flags desktop versions of Chrome as “incompatible.” Vladikoff made a custom version of ARC, called ARChon , that can be sideloaded simply by dragging the file onto Chrome. It should get Android apps up and running on any platform running the desktop version of Chrome 37 and up. The hard part is getting Android apps that are compatible with it. ARC doesn’t run raw Android app packages (APKs)—they need to be converted into a Chrome extension—but Vladikoff has a tool called ” chromeos-apk ” that will take care of that, too. Read 4 remaining paragraphs | Comments

View article:
Hack runs Android apps on Windows, Mac, and Linux computers

Facebook acknowledges news feeds are bad at news, vows to improve

Facebook’s News Feed pays attention to trending topics, right, but news feeds have lately seemed to be lacking in news. Following criticism of the lack of current events in Facebook news feeds, Facebook has announced tweaks to its algorithms meant to help surface timely content. The company plans to do this by giving more value to posts that get interactions, such as likes and comments, and pushing posts when that activity seems to be cresting. In the blog post announcing the changes, Facebook wrote that it often prioritizes posts about “trending” topics that appear in the chart of hashtags posted on the right side of users’ homepages. Facebook also places higher value on posts according to how many interactions (likes, comments, shares) they receive. But as things are, some users have noted that Facebook seems to miss news waves , or is late to them, as with the fatal shooting of Mike Brown and the related protests that played out over weeks in August. When Facebook’s curation methods didn’t acknowledge those events, users noticed the news vacuum in their news feeds. Read 1 remaining paragraphs | Comments

Visit site:
Facebook acknowledges news feeds are bad at news, vows to improve

Apple releases OS X 10.9.5 with fixes, new code signing requirements [updated]

Yesterday evening Apple released OS X 10.9.5 to the general public, the fifth major update for OS X Mavericks. As usual, the update comes with a handful of fixes for user-facing features as well as a small pile of security updates . Many of these security patches are also available for OS X 10.7.5 and 10.8.5 in separate updates. Like OS X 10.9.4 , the update focuses on smaller problems that affect a subset of Macs. The new features include Safari 7.0.6, improved “reliability for VPN connections that use USB smart cards for authentication,” and better reliability for connecting to file servers that use the SMB protocol. For businesses using OS X, the update fixes a problem that could keep system admins from “performing some administrative tasks successfully” on larger groups of Macs, and it also speeds up authentication “when roaming on 802.1x networks which use EAP-TLS.” Among the security updates are fixes for Bluetooth, CoreGraphics generally and the Intel graphics driver specifically, and OS X’s version of OpenSSL among many others. The latter problems were fixed by updating from OpenSSL version 0.9.8y to 0.9.8za. Read 6 remaining paragraphs | Comments

See original article:
Apple releases OS X 10.9.5 with fixes, new code signing requirements [updated]

Why T-Mobile needs Wi-Fi calling: its network can’t match AT&T and Verizon

T-Mobile’s “data strong network.” T-Mobile T-Mobile US’ latest “Un-carrier” move is just about the most amazing thing ever, CEO John Legere said last week. “This is like adding millions of towers to our network in a single day,” Legere boasted in a press release . “The difference between us and the traditional carriers is that they’ll do everything they can to make more money off you. We’ll do everything we can to solve your problems.” The innovation is actually something that T-Mobile has had since 2007: Wi-Fi calling. It makes sense for T-Mobile to promote Wi-Fi calling now, given that Apple is adding the capability to iPhones in iOS 8. The initiative has some nice benefits for customers—T-Mobile offered to upgrade all customers to phones that can make Wi-Fi calls and is giving out a free “Personal CellSpot,” a Wi-Fi router that prioritizes voice calls. Read 22 remaining paragraphs | Comments

Read this article:
Why T-Mobile needs Wi-Fi calling: its network can’t match AT&T and Verizon

Android Browser flaw a “privacy disaster” for half of Android users

Thanks to a bug in the Android Browser, your cookies aren’t safe. Surian Soosay A bug quietly reported on September 1 appears to have grave implications for Android users. Android Browser, the open source, WebKit-based browser that used to be part of the Android Open Source Platform (AOSP), has a flaw that enables malicious sites to inject JavaScript into other sites. Those malicious JavaScripts can in turn read cookies and password fields, submit forms, grab keyboard input, or do practically anything else. Browsers are generally designed to prevent a script from one site from being able to access content from another site. They do this by enforcing what is called the Same Origin Policy (SOP): scripts can only read or modify resources (such as the elements of a webpage) that come from the same origin as the script, where the origin is determined by the combination of scheme (which is to say, protocol, typically HTTP or HTTPS), domain, and port number. The SOP should then prevent a script loaded from http://malware.bad/ from being able to access content at https://paypal.com/. Read 9 remaining paragraphs | Comments

View post:
Android Browser flaw a “privacy disaster” for half of Android users

Hacker exploits printer Web interface to install, run Doom

Doom on a printer’s menu screen! Personally, we can’t wait until someone makes Descent playable on a toaster. Context Internet Security On Friday, a hacker presenting at the 44CON Information Security Conference in London picked at the vulnerability of Web-accessible devices and demonstrated how to run unsigned code on a Canon printer via its default Web interface. After describing the device’s encryption as “doomed,” Context Information Security consultant Michael Jordon made his point by installing and running the first-person shooting classic Doom on a stock Canon Pixma MG6450. Sure enough, the printer’s tiny menu screen can render a choppy and discolored but playable version of id Software’s 1993 hit, the result of Jordon discovering that Pixma printers’ Web interfaces didn’t require any authentication to access. “You could print out hundreds of test pages and use up all the ink and paper, so what?” Jordon wrote at Context’s blog report about the discovery , but after a little more sniffing, he found that the devices could also easily be redirected to accept any code as legitimate firmware. A vulnerable Pixma printer’s Web interface allows users to change the Web proxy settings and the DNS server. From there, an enterprising hacker can crack the device’s encryption in eight steps, the final of which includes unsigned, plain-text firmware files. The hacking possibilities go far beyond enabling choppy, early ’90s gaming: “We can therefore create our own custom firmware and update anyone’s printer with a Trojan image which spies on the documents being printed or is used as a gateway into their network,” Jordon wrote. Read 4 remaining paragraphs | Comments