Tag: linkedin

Samsung To Let Proper Linux Distros Run on Galaxy Smartphones

An anonymous reader shares a report: Samsung has announced it will soon become possible to run actual proper Linux on its Note8, Galaxy S8 and S8+ smartphones — and even Linux desktops. Yeah, yeah, we know Android is built on Linux, but you know what we mean. Samsung said it’s working on an app called “Linux on Galaxy” that will let users “run their preferred Linux distribution on their smartphones utilizing the same Linux kernel that powers the Android OS.” “Whenever they need to use a function that is not available on the smartphone OS, users can simply switch to the app and run any program they need to in a Linux OS environment, ” Samsung says. The app also allows multiple OSes to run on a device. Linux desktops will become available if users plug their phones into the DeX Station, the device that lets a Galaxy 8 run a Samsung-created desktop-like environment when connected to the DeX and an external monitor. Read more of this story at Slashdot.

See the original article here:
Samsung To Let Proper Linux Distros Run on Galaxy Smartphones

New Law Bans California Employers From Asking Applicants Their Prior Salary

An anonymous reader shares a report: California employers can no longer ask job applicants about their prior salary and — if applicants ask — must give them a pay range for the job they are seeking, under a new state law that takes effect Jan. 1. AB168, signed Thursday by Gov. Jerry Brown, applies to all public- and private-sector California employers of any size. The goal is to narrow the gender wage gap. If a woman is paid less than a man doing the same job and a new employer bases her pay on her prior salary, gender discrimination can be perpetuated, the bill’s backers say. Last year, the state passed a weaker law that said prior compensation, by itself, cannot justify any disparity in compensation. The new bill goes further by prohibiting employers, “orally or in writing, personally or through an agent, ” from asking about an applicant’s previous pay. However, if the applicant “voluntarily and without prompting” provides this information, the employer may use it “in determining the salary for that applicant.” Read more of this story at Slashdot.

More:
New Law Bans California Employers From Asking Applicants Their Prior Salary

Microsoft Has Already Fixed the Wi-Fi Attack Vulnerability; Android Will Be Patched Within Weeks

Microsoft says it has already fixed the problem for customers running supported versions of Windows. From a report: “We have released a security update to address this issue, ” says a Microsoft spokesperson in a statement to The Verge. “Customers who apply the update, or have automatic updates enabled, will be protected. We continue to encourage customers to turn on automatic updates to help ensure they are protected.” Microsoft is planning to publish details of the update later today. While it looks like Android and Linux devices are affected by the worst part of the vulnerabilities, allowing attackers to manipulate websites, Google has promised a fix for affected devices “in the coming weeks.” Google’s own Pixel devices will be the first to receive fixes with security patch level of November 6, 2017, but most other handsets are still well behind even the latest updates. Security researchers claim 41 percent of Android devices are vulnerable to an “exceptionally devastating” variant of the Wi-Fi attack that involves manipulating traffic, and it will take time to patch older devices. Read more of this story at Slashdot.

Read the article:
Microsoft Has Already Fixed the Wi-Fi Attack Vulnerability; Android Will Be Patched Within Weeks

Toshiba’s Fast-Charging Battery Could Triple the Range of Electric Vehicles

Big Hairy Ian quotes New Atlas: A key focus of electric vehicle (EV) makers is maximizing the range users can get from each charge, and for that reason new battery technologies are poised to play a huge part in driving their adoption. Toshiba has developed a new fast-charging battery it claims could allow EVs to travel three times as far as they do now, and then be fully recharged again in a matter of minutes. Toshiba’s SCiB (Super Charge ion Battery) has been around in various forms since 2007, with its chief claim to fame an ability to charge to 90 percent of capacity in just five minutes. It also boasts a life-span of 10 years and high levels of safety, and has found its way into a number of notable EVs, including Mitsubishi’s i MiEV and Honda’s Fit EV. The current SCiB uses lithium titanium oxide as its anode, but Toshiba says it has now come up with a better way of doing things. The next-generation SCiB uses a new material for the anode called titanium niobium oxide, which Toshiba was able to arrange into a crystal structure that can store lithium ions more efficiently. So much so, that the energy density has been doubled. Toshiba calls the battery “a game changing advance that will make a significant difference to the range and performance of EV, ” and hopes to put it “into practical application” in 2019. Read more of this story at Slashdot.

Read the original:
Toshiba’s Fast-Charging Battery Could Triple the Range of Electric Vehicles

Researcher Turns HDD Into Rudimentary Microphone

An anonymous reader writes from Bleeping Computer: Speaking at a security conference, researcher Alfredo Ortega has revealed that you can use your hard disk drive (HDD) as a rudimentary microphone to pick up nearby sounds. This is possible because of how hard drives are designed to work. Sounds or nearby vibrations are nothing more than mechanical waves that cause HDD platters to vibrate. By design, a hard drive cannot read or write information to an HDD platter that moves under vibrations, so the hard drive must wait for the oscillation to stop before carrying out any actions. Because modern operating systems come with utilities that measure HDD operations up to nanosecond accuracy, Ortega realized that he could use these tools to measure delays in HDD operations. The longer the delay, the louder the sound or the intense the vibration that causes it. These read-write delays allowed the researcher to reconstruct sound or vibration waves picked up by the HDD platters. A video demo is here. “It’s not accurate yet to pick up conversations, ” Ortega told Bleeping Computer in a private conversation. “However, there is research that can recover voice data from very low-quality signals using pattern recognition. I didn’t have time to replicate the pattern-recognition portion of that research into mine. However, it’s certainly applicable.” Furthermore, the researcher also used sound to attack hard drives. Ortega played a 130Hz tone to make an HDD stop responding to commands. “The Linux kernel disconnected it entirely after 120 seconds, ” he said. There’s a video of this demo on YouTube. Read more of this story at Slashdot.

Read this article:
Researcher Turns HDD Into Rudimentary Microphone

Hyatt Hotels Discovers Card Data Breach At 41 Properties Across 11 Countries

Hyatt Hotels has suffered a second card data breach in two years. In the first breach, hackers had gained access to credit card systems at 250 properties in 50 different countries. This time, the breach appears to have impacted 41 properties across 11 countries. Krebs on Security reports: Hyatt said its cyber security team discovered signs of unauthorized access to payment card information from cards manually entered or swiped at the front desk of certain Hyatt-managed locations between March 18, 2017 and July 2, 2017. “Upon discovery, we launched a comprehensive investigation to understand what happened and how this occurred, which included engaging leading third-party experts, payment card networks and authorities, ” the company said in a statement. “Hyatt’s layers of defense and other cybersecurity measures helped to identify and resolve the issue. While this incident affects a small percentage of total payment cards used at the affected hotels during the at-risk dates.” The hotel chain said the incident affected payment card information — cardholder name, card number, expiration date and internal verification code — from cards manually entered or swiped at the front desk of certain Hyatt-managed locations. It added there is no indication that any other information was involved. Read more of this story at Slashdot.

Continue Reading:
Hyatt Hotels Discovers Card Data Breach At 41 Properties Across 11 Countries

Cyberstalking Suspect Arrested After VPN Providers Shared Logs With the FBI

An anonymous reader writes: “VPN providers often advertise their products as a method of surfing the web anonymously, claiming they never store logs of user activity, ” writes Bleeping Computer, “but a recent criminal case shows that at least some do store user activity logs.” According to the FBI, VPN providers played a key role in identifying an aggressive cyberstalker by providing detailed logs to authorities, even if they claimed in their privacy policies that they don’t. The suspect is a 24-year-old man that hacked his roommate, published her private journal, made sexually explicit collages, sent threats to schools in the victim’s name, and registered accounts on adult portals, sending men to the victim’s house… FBI agents also obtained Google records on their suspect, according to a 29-page affidavit which, ironically, includes the text of one of his tweets warning people that VPN providers do in fact keep activity logs. “If they can limit your connections or track bandwidth usage, they keep logs.” Read more of this story at Slashdot.

Continued here:
Cyberstalking Suspect Arrested After VPN Providers Shared Logs With the FBI

Massive 70-Mile-Wide Butterfly Swarm Shows Up On Denver Radar System

dryriver shares a report from BBC: A colorful, shimmering spectacle detected by weather radar over the U.S. state of Colorado has been identified as swarms of migrating butterflies. Scientists at the National Weather Service (NWS) first mistook the orange radar blob for birds and had asked the public to help identifying the species. They later established that the 70-mile wide (110km) mass was a kaleidoscope of Painted Lady butterflies. Forecasters say it is uncommon for flying insects to be detected by radar. “We hadn’t seen a signature like that in a while, ” said NWS meteorologist Paul Schlatter, who first spotted the radar blip. “We detect migrating birds all the time, but they were flying north to south, ” he told CBS News, explaining that this direction of travel would be unusual for migratory birds for the time of year. So he put the question to Twitter, asking for help determining the bird species. Almost every response he received was the same: “Butterflies.” Namely the three-inch long Painted Lady butterfly, which has descended in clouds on the Denver area in recent weeks. The species, commonly mistaken for monarch butterflies, are found across the continental United States, and travel to northern Mexico and the U.S. southwest during colder months. They are known to follow wind patterns, and can glide hundreds of miles each day. Read more of this story at Slashdot.

Read more here:
Massive 70-Mile-Wide Butterfly Swarm Shows Up On Denver Radar System

Uber’s iOS App Had Secret Permissions That Allowed It to Copy Your Phone Screen, Researchers Say

To improve functionality between Uber’s app and the Apple Watch, Apple allowed Uber to use a powerful tool that could record a user’s iPhone screen, even if Uber’s app was only running in the background, security researchers told news outlet Gizmodo. From a report: After the researchers discovered the tool, Uber said it is no longer in use and will be removed from the app. The screen recording capability comes from what’s called an “entitlement” — a bit of code that app developers can use for anything from setting up push notifications to interacting with Apple systems like iCloud or Apple Pay. This particular entitlement, however, was intended to improve memory management for the Apple Watch. The entitlement isn’t common and would require Apple’s explicit permission to use, the researchers explained. Will Strafach, a security researcher and CEO of Sudo Security Group, said he couldn’t find any other apps with the entitlement live on the App Store. “It looks like no other third-party developer has been able to get Apple to grant them a private sensitive entitlement of this nature, ” Strafach said. “Considering Uber’s past privacy issues I am very curious how they convinced Apple to allow this.” Read more of this story at Slashdot.

Visit link:
Uber’s iOS App Had Secret Permissions That Allowed It to Copy Your Phone Screen, Researchers Say

Russian Hackers Exploited Kaspersky Antivirus To Steal NSA Data on US Cyber Defense: WSJ

An NSA contractor brought home highly classified documents that detailed how the U.S. penetrates foreign computer networks and defends against cyberattacks. The contractor used Kaspersky antivirus on his home computer, which hackers working for the Russian government exploited to steal the documents, the WSJ reported on Thursday (the link could be paywalled; alternative source), citing multiple people with knowledge of the matter. From the report: The hackers appear to have targeted the contractor after identifying the files through the contractor’s use of a popular antivirus software made by Russia-based Kaspersky Lab, these people said. The theft, which hasn’t been disclosed, is considered by experts to be one of the most significant security breaches in recent years. It offers a rare glimpse into how the intelligence community thinks Russian intelligence exploits a widely available commercial software product to spy on the U.S. The incident occurred in 2015 but wasn’t discovered until spring of last year, said the people familiar with the matter. Having such information could give the Russian government information on how to protect its own networks, making it more difficult for the NSA to conduct its work. It also could give the Russians methods to infiltrate the networks of the U.S. and other nations, these people said. Ahead of the publication of WSJ report, Kaspersky founder Eugene Kaspersky tweeted, “New conspiracy theory, anon sources media story coming. Note we make no apologies for being aggressive in the battle against cyberthreats.” Read more of this story at Slashdot.

More:
Russian Hackers Exploited Kaspersky Antivirus To Steal NSA Data on US Cyber Defense: WSJ