Tag: fnself-program1

New Android lockscreen hack gives attackers full access to locked devices

Software bugs that allow attackers to bypass smartphone lockscreens are common enough for both Android and iOS devices, but like a fender bender on the highway, many of us can’t resist the urge to gawk anyway. There’s a  newly disclosed way  for someone who has a few uninterrupted moments with a handset running most versions of Android 5.x to gain complete control of the device and all the data stored on it. The hack involves dumping an extremely long string into the password field after swiping open the camera from a locked phone. Unless updated in the past few days, devices running 5.0 to 5.1.1 will choke on the unwieldy number of characters and unlock, even though the password is incorrect. From there, the attacker can do anything with the phone the rightful owner can do. The following video demonstrates the attack in action. The technique begins by adding a large number of characters to the emergency call window and then copying them to the Android clipboard. (Presumably, there are other ways besides the emergency number screen to buffer a sufficiently large number of characters.) The hacker then swipes open the camera from the locked phone, accesses the options menu, and pastes the characters into the resulting password prompt. Instead of returning an error message, vulnerable handsets unlock. Read 2 remaining paragraphs | Comments

More:
New Android lockscreen hack gives attackers full access to locked devices

Chicago citizens sue to halt new “Netflix tax,” an increase of 9 percent

michel Six Chicagoans have sued the Windy City over its new 9 percent tax levied as part of the “Amusement Tax Ruling ” that went into effect on September 1. The tax, which the city of Chicago maintains is “not an expansion of the laws,” imposes an additional surcharge on various online services, including Netflix, Spotify, Hulu, Xbox Live, and others. “We will be adding it to the cost we charge subscribers,” Anne Marie Squeo, a Netflix spokeswoman, previously told Ars in a statement. “Jurisdictions around the world, including the US, are trying to figure out ways to tax online services. This is one approach.” Read 7 remaining paragraphs | Comments

See original article:
Chicago citizens sue to halt new “Netflix tax,” an increase of 9 percent

Zuckerberg confirms a form of “dislike” button coming to Facebook

Facebook In recent interviews, Facebook’s Mark Zuckerberg has addressed the social network’s “like” button, which users can use to quickly acknowledge posts or messages—but which also lacks a certain amount of nuance for more sensitive or sad content. As recently as December, Zuckerberg said that he wasn’t interested in a “dislike” button, but a Tuesday “town hall” Q&A saw the cofounder change his tune. “People have asked about the dislike button for many years,” Zuckerberg told a crowd on Tuesday at Facebook’s Menlo Park office (and a livestream crowd at the event’s official site ). “We’ve finally heard you, and we’re working on this.” Like in prior interviews, Zuckerberg commented on fears that a form of “dislike” button would be used to “downvote” posts à la Reddit, but on Tuesday, he acknowledged growing interest in a simple interaction that better fits sad posts—he mentioned topics ranging from personal trauma to international tragedies—that offers “the ability to express empathy.” Read 1 remaining paragraphs | Comments

More:
Zuckerberg confirms a form of “dislike” button coming to Facebook

Xcode’s iOS simulator reports 2GB RAM for iPhone 6S, 4GB for iPad Pro

Developer Hamza Sood built a demo app that would display the amount of memory reported by difference iDevice simulators. Hamza Sood Apple doesn’t talk much about its SoCs beyond basic “chip X is Z percent faster than chip Y” comparisons—this is unfortunate, since Apple’s new chips are typically as fast or faster than the best high-end chips from Qualcomm and Intel when they’re released. One place where Apple has historically been stingy, though, is RAM. Even last year’s iPhone 6 and 6 Plus shipped with 1GB of memory, at a time when comparable Android phones were shipping with 2 or 3GB. That may be changing for the new iPhone 6S and 6S Plus , according to some sleuthing by developer Hamza Sood . Using a custom app and the iPhone 6S simulator included with the Xcode 7.1 beta, Sood has apparently confirmed that the iPhone 6Ses will include 2GB of RAM, and the developer offers more evidence pointing to 4GB of RAM for the iPad Pro. The iPad Air 2 was the first iDevice to ship with 2GB RAM, and since the new iPad Mini 4 supports Split View multitasking we can assume that it includes at least 2GB of RAM as well (Xcode doesn’t included dedicated simulators for the iPad Mini lineup, presumably since any app running on a standard iPad will look and act the same way on an iPad Mini). This isn’t a guarantee that the new iPhones will include 2GB of RAM, but Sood’s tool running in the iPhone 6 simulator does correctly state that last year’s phone has just 1GB of RAM. It’s as close to a confirmation as we can get before we actually have hardware to test with. Read 3 remaining paragraphs | Comments

Visit site:
Xcode’s iOS simulator reports 2GB RAM for iPhone 6S, 4GB for iPad Pro

Office 2016 confirmed for September 22 release, February for business

Microsoft today confirmed a previous leak that Office 2016 would be released on September 22nd. But the release of Office 365 ProPlus—the version of the desktop suite that comes with some Office 365 subscriptions—is a little more complex. Office 365 ProPlus, unlike the perpetually licensed, non-Office 365 version of Office, currently receives a steady trickle of monthly feature updates in addition to the security updates that all desktop Office products receive. This will continue with Office 2016—but only for one branch, the “Current Branch.” A new second branch is being created, the “Current Branch for Business” (CBB). The CBB won’t receive these monthly feature updates. Instead, those will happen three times a year—February, June, and October—and these features will lag the Current Branch by four months. Read 4 remaining paragraphs | Comments

Continue reading here:
Office 2016 confirmed for September 22 release, February for business

Apple announces iPhone 6S and 6S Plus, with 3D Touch and A9 SoC

SAN FRANCISCO—Apple has officially unveiled its newest iPhones, the 6S and 6S Plus. Like the 3GS, 4S, and 5S before them, the phones are visually similar to their predecessors, and the devices focus mainly on internal upgrades and tweaks. The new phones will be available for preorder on September 11 and will officially launch on September 18. The new phones are built out of the same 7000-series aluminum used in the Apple Watch, a change which should make them sturdier and less prone to bending. The phones retain their 4.7- and 5.5-inch screens, though, as well as the TouchID sensor and button layout used in the iPhone 6. A new color option joins the line-up, too: Rose Gold. This brings the iPhone more in line with the Apple Watch’s exterior appearance options (especially important if you’re the kind of person who clutches their pearls at the idea of your phone’s color not coordinating with your watch). Unlike the Apple Watch,though, the iPhone’s Rose Gold is just annodized aluminum, not actual-for-real Apple Gold . The front of the devices has been given a new type of glass—one which Apple calls “dual ion-exchange” glass. Behind the new face, the phones’ also have Force Touch-style pressure sensitivity, which is called “3D Touch.” The new devices also provide tactile feedback via a Taptic Engine similar to the one in the Apple Watch. In the Apple Watch, Force Touch is usually used to bring up menu items, and 3D Touch provides similar functionality on the new iPhones. Read 5 remaining paragraphs | Comments

See the original post:
Apple announces iPhone 6S and 6S Plus, with 3D Touch and A9 SoC

Feds allege 4 men executed heist of $1 million worth of MacBook Airs

The way federal prosecutors tell it , not only did four men conspire to steal a large quantity of MacBook Airs, but they did a poor job of covering it up. The men were arrested on Wednesday and appeared before a federal judge in White Plains, New York. They are accused of “participating in a scheme to steal, transport, and sell a shipment of approximately 1,200 computers, valued at over $1 million, that were bound for two public high schools in New Jersey.” According to the criminal complaint , one of the men, Anton Saljanin, was hired to transport 1,195 laptops from a vendor in Massachusetts on January 15, 2014, after having successfully delivered 1,300 other laptops. Read 11 remaining paragraphs | Comments

Visit link:
Feds allege 4 men executed heist of $1 million worth of MacBook Airs

Serious bug causes “quite a few” HTTPS sites to reveal their private keys

According to a security researcher for Linux distributer Red Hat, network hardware sold by several manufacturers failed to properly implement a widely used cryptographic standard, a data-leaking shortcoming that can allow adversaries to impersonate HTTPS-protected websites using the faulty equipment. A nine-month scan that queried billions of HTTPS sessions from millions of IP addresses was able to obtain leaked data for 272 keys, reports Red Hat security researcher Florian Weimer in a research paper  published this week. Because the scan surveyed only a very small percentage of the overall number of transport layer security protocol  handshakes, many more keys and manufacturers are likely to be affected by the leakage. Vulnerable hardware includes load balancers from Citrix as well as devices from Hillstone Networks, Alteon/Nortel, Viprinet, QNO, ZyXEL, BEJY, and Fortinet. The results of Weimer’s nine-month scan. Florian Weimer Enter Chinese Remainder Theorem The leakage is the result of insecure implementations of the RSA public key cryptosystem , which is one of several that HTTPS-protected websites can use to exchange keys with visitors. A 1996 research paper by researcher Arjen Lenstra warned that an optimization known as the Chinese Remainder Theorem sometimes causes faults to occur during the computation of an RSA signature. The errors cause HTTPS websites that use the perfect forward secrecy protocol to leak data that can be used to recover the site’s private key using what’s known as a side-channel attack . Read 6 remaining paragraphs | Comments

Link:
Serious bug causes “quite a few” HTTPS sites to reveal their private keys

Man who helped code highly destructive financial malware pleads guilty

The Latvian man accused of helping create the Gozi virus, which United States prosecutors dubbed ” one of the most financially destructive computer viruses in history ,” has pleaded guilty. As the original indictment stated : “The Gozi Virus has caused, at a minimum, millions of dollars in losses.” According to Reuters , Deniss Calovskis made the admission in federal court in Manhattan on Friday. Read 9 remaining paragraphs | Comments

Read More:
Man who helped code highly destructive financial malware pleads guilty

FBI, DEA and others will now have to get a warrant to use stingrays

The Department of Justice (DOJ) announced sweeping new rules Thursday concerning the use of cell-site simulators, often called stingrays, mandating that federal agents must now obtain a warrant in most circumstances. The policy, which takes effect immediately, applies to its agencies, including the FBI, the Bureau of Alcohol, Tobacco and Firearms (ATF), the Drug Enforcement Administration, and the United States Marshals Service, among others. “Cell-site simulator technology has been instrumental in aiding law enforcement in a broad array of investigations, including kidnappings, fugitive investigations and complicated narcotics cases,” Deputy Attorney General Sally Quillian Yates said in a statement . “This new policy ensures our protocols for this technology are consistent, well-managed and respectful of individuals’ privacy and civil liberties.” Read 15 remaining paragraphs | Comments

View article:
FBI, DEA and others will now have to get a warrant to use stingrays