Less than a month after their command performances at the Black Hat and Def Con security conferences in Las Vegas, security researchers Charlie Miller (late of Twitter) and Chris Valasek (formerly of the security firm IOActive) have been poached by Uber—which ironically had security flaws in its own in-car technology exposed by University of California-San Diego researchers this month as well. According to a report from Reuters , Uber will announce the hiring of Miller and Valasek on Monday. Miller and Valasek’s research on Fiat Chrysler’s Uconnect system exposed vulnerabilities in the design of the system that allowed them to take remote control of many of the systems of a targeted vehicle—as they demonstrated by shutting down the throttle of a 2014 Jeep Cherokee while it was being driven on an interstate by Wired reporter Andy Greenberg . The research, coordinated with Fiat Chrysler, led to the distribution of a fix by Chrysler and blocking of vulnerable ports by Sprint, the mobile carrier providing the network for Uconnect. But the attention garnered by the video led to Chrysler announcing a recall of 1.4 million vehicles to accelerate the installation of the software patches. Uber announced grants to the University of Arizona to fund autonomous vehicle technology earlier this week. The hiring of Miller and Valasek is likely part of an effort to ensure that Uber’s autonomous vehicle development work remains secure and may be partially prompted by the findings of the UCSD researchers Ian Foster, Andrew Prudhomme, Karl Koscher, and Stefan Savage. The group presented research at the Usenix Security conference two weeks ago that showed a telematics device used by Uber and some auto insurers could be compromised to take remote control of systems in a similar fashion to Miller and Valasek’s hack of the Jeep. Read 1 remaining paragraphs | Comments
Tag: portfolio-cond
BitTorrent patched against flaw that allowed crippling DoS attacks
The maintainers of the open BitTorrent protocol for file sharing have fixed a vulnerability that allowed lone attackers with only modest resources to take down large sites using a new form of denial-of-service attack. The technique was disclosed two weeks ago in a research paper submitted to the 9th Usenix Workshop on Offensive Technologies. By sending vulnerable BitTorrent applications maliciously modified data, attackers could force them to flood a third-party target with data that was 50 to 120 times bigger than the original request. By replacing the attacker’s IP address in the malicious user datagram protocol request with the spoofed address of the target, the attacker could cause the data flood to hit the victim’s computer. In a blog post published Thursday , BitTorrent engineers said the vulnerability was the result of a flaw in a reference implementation called libuTP . To fix the weakness, the uTorrent, BitTorrent, and BitTorrent Sync apps will require acknowledgments from connection initiators before providing long responses. Read 3 remaining paragraphs | Comments
Continued here:
BitTorrent patched against flaw that allowed crippling DoS attacks
Windows 10 won’t run games with SecuROM DRM, says Microsoft
While Windows 10 is largely good news for gamers , it turns out that those with a collection of older games laden with DRM copy protection software are going to have a hard time getting them up and running on the new OS. In an interview with Rocket Beans TV (as translated by Rock, Paper, Shotgun ) at this year’s Gamescom, Microsoft’s Boris Schneider-Johne explained that that Windows 10 won’t be able to run games that use SafeDisc and SecuROM technology. “Everything that ran in Windows 7 should also run in Windows 10,” said Johne, “There are just two silly exceptions: antivirus software, and stuff that’s deeply embedded into the system needs updating—but the developers are on it already—and then there are old games on CD-ROM that have DRM. This DRM stuff is also deeply embedded in your system, and that’s where Windows 10 says, ‘Sorry, we cannot allow that, because that would be a possible loophole for computer viruses.’ That’s why there are a couple of games from 2003-2008 with SecuROM, etc. that simply don’t run without a no-CD patch or some such.” This isn’t a bad thing for most people, though. While SafeDisc has hit the headlines before thanks to security issues in Windows— introducing access vulnerabilities into the OS , for example—it’s SecuROM that is the most famous, and the most hated of all DRM software. Developed by Sony DADC, SecuROM took a heavy-handed approach to DRM, limiting the number of installs and activations end-users had access to, as well as requiring users to check in online to keep the game running. SecuROM even counted certain hardware changes as a change of computer, forcing another activation. Read 2 remaining paragraphs | Comments
Originally posted here:
Windows 10 won’t run games with SecuROM DRM, says Microsoft
Comcast VP: 300GB data cap is “business policy,” not technical necessity
Why does Comcast Internet service have a 300GB monthly data cap? When asked that question today, Comcast’s vice president of Internet services, Jason Livingood, said that he doesn’t know, because setting the monthly data limit is a business decision, not one driven by technical necessity. “Cable Cares,” a parody account on Twitter, asked Livingood, “Serious question, why are Comcast’s caps set so low compared to the speeds they’re being sold at? 100mbps can hit 300GB in 6hr~.” Read 11 remaining paragraphs | Comments
Original post:
Comcast VP: 300GB data cap is “business policy,” not technical necessity
Xbox streaming on Windows 10 has a hidden “very high quality” setting
In reviewing Windows 10’s new “Streaming from Xbox 10” feature , Ars’ Sam Machkovech complained that “streamed Xbox One games look significantly worse through Windows 10, even at the highest-quality setting.” Apparently, though, Sam wasn’t actually testing the “highest quality” setting available in the streaming app. That’s because there’s a newly uncovered “very high quality” option that can be unlocked by tinkering with some of the Xbox app’s configuration files. Reddit user OomaThurman has publicized the method for unlocking this hidden quality setting, which involves editing the “userconsoledata” file in your Xbox app folder. You can activate the new higher-quality setting by setting the “IsInternalPreview” flag from “false” to “true,” a naming convention that strongly suggests this feature is part of an early test that will be formally rolled out to all Windows 10 users in the future. We’ll be trying out this hidden feature for ourselves soon, but the folks at Digital Foundry already found a marked jump in quality when using the “very high” setting, saying it “appears to transmit full 1080p imagery.” Comparison shots published by Digital Foundry show a noticeable increase in sharpness of details like faces, hair, and edges, which are much closer to the “source” image with the new setting. Read 1 remaining paragraphs | Comments
Read more here:
Xbox streaming on Windows 10 has a hidden “very high quality” setting
Samsung unveils 2.5-inch 16TB SSD: The world’s largest hard drive
At the Flash Memory Summit in California, Samsung has unveiled what appears to be the world’s largest hard drive—and somewhat surprisingly, it uses NAND flash chips rather than spinning platters. The rather boringly named PM1633a, which is being targeted at the enterprise market, manages to cram almost 16 terabytes into a 2.5-inch SSD package. By comparison, the largest conventional hard drives made by Seagate and Western Digital currently max out at 8 or 10TB. The secret sauce behind Samsung’s 16TB SSD is the company’s new 256Gbit (32GB) NAND flash die , twice the capacity of 128Gbit NAND dies that were commercialised last year by various chip makers. To reach such astonishing capacities, Samsung has managed to cram 48 layers of 3-bits-per-cell (TLC) 3D V-NAND into a single die. This is up from 24 layers in 2013, and then 36 layers in 2014. A diagram that goes some way to explaining what 3D NAND is. Historically, like most computer chips, NAND flash has been planar—that is, the functional structures on the chip are (for the most part), laid down on a single two-dimensional plane. In a similar way to how logic chips are moving towards 3D transistors ( FinFETs ), Samsung (and more recently Toshiba and Intel) has been forging ahead with 3D NAND . Read 5 remaining paragraphs | Comments
View original post here:
Samsung unveils 2.5-inch 16TB SSD: The world’s largest hard drive
Smach Zero: A portable x86 Steam Machine for $300
Even the most hardened of Valve fans would be hard pressed to call the company’s Steam Machine initiative particularly exciting. After all, with the exception of Alienware’s Alpha or Asus’ ROG, most of them are simply glorified tower PCs, rather than innovative pieces of console-like design. Today, however, that all changes with the Smach Zero, an x86-based portable Steam Machine that promises access to the 1000+ SteamOS games in Valve’s library. The Smach Zero is powered by an AMD G-Series SoC named Steppe Eagle, which features a Jaguar-based CPU paired with a GCN-based GPU. We don’t know which G-Series SoC is actually being used, but presumably it’ll be one of the 6W or 9W TDP parts (PDF). The CPU is probably clocked somewhere around 1GHz, and the GPU between 200-300MHz (roughly equivalent to an HD 8210E). Along with the SoC, there’s 4GB of RAM, 32GB of storage (expandable via an SD card slot), a 5-inch 720p touchscreen, HDMI output, WiFi, and Bluetooth. On the front of the Smach Zero there are “configurable tactile gamepads,” which look suspiciously like the ones that Valve initially had on the Steam Controller before its redesign. Read 5 remaining paragraphs | Comments
Follow this link:
Smach Zero: A portable x86 Steam Machine for $300
No more endless CDs for pennies: Columbia House files for bankruptcy
It’s a sad day for the musical childhood of many generations. The Associated Press is reporting that the parent company of Columbia House, the organization behind the famous music and DVD clubs of yore, has filed for Chapter 11 bankruptcy protection. The move comes after nearly 20 years of declining sales according to the AP. Filmed Entertainment (Columbia House’s parent company) told the wire service that revenue hit a high of $1.4 billion in 1996. In 2014, that figure fell to $17 million (or roughly 1 percent of its peak, the AP notes). While Chapter 11 protection doesn’t necessarily mean Filmed Entertainment intends to go out of business, it’s not looking good. Companies like RadioShack and Kodak have done this in recent years to obtain a certain period of time within which to rebuild itself and shield itself from creditors. Kodak at least emerged from its situation. The service started in 1955 with vinyl records, and Columbia House introduced pop culture fans to many, many film and music entities over the years through its service. It operated on offers like eight CDs for 1¢ (plus shipping!) or an 8-track tape of the month club (relying on a “return or pay to keep” philosophy). But physical media at large has gradually fallen out of favor over the years, and services from Napster to Netflix to iTunes all overlap with what Columbia House intended to do. Read 2 remaining paragraphs | Comments
View original post here:
No more endless CDs for pennies: Columbia House files for bankruptcy
Spaniard fatally gored while trying to film bull run on smartphone
While the Spanish town of Pamplona hosts the world’s most well-known running of the bulls, other cities in Spain, Portugal, and nearby nations host their own annual runs where bulls run through city streets while locals and tourists run alongside—or away from—the giant beasts. For one participant of a Sunday bull run in Villasecra de la Sagra, Spain, trying to share his experience by way of a smartphone recording ended traumatically. According to details ascertained from a local Spanish-language report , an English-language AFP report , and bystander video of the incident, a 32-year-old man was gored from behind while attempting to film that city’s annual bull run. The bystander video, posted Sunday on Instagram (not linked here due to its graphic nature), showed the currently unidentified victim standing near a barricade so that he was behind other viewers and away from the general fray of the bull run. However, a stray bull appeared to become separated from the general herd, at which point it ran at full speed behind the crowd and struck the 32-year-old while he was holding a smartphone to film in the opposite direction. According to reports, after receiving brief treatment at a nearby bullring’s medical center, the victim was transferred to a hospital in nearby Toledo, where he was soon pronounced dead from neck and thigh wounds. Read 2 remaining paragraphs | Comments
Originally posted here:
Spaniard fatally gored while trying to film bull run on smartphone
In just 2 years, Zynga’s daily average users have fallen by half
Have you played any Zynga games lately? Yeah, we didn’t think so. And that’s exactly the problem: in two years, the social gaming company’s daily average users (DAU) has plummeted from 39 million to 21 million. Consequently, on Thursday, Zynga announced that it had lost $26.8 million in the second quarter of 2015, and a total of $73.3 million in the first half of the year. Assuming that rate of loss holds, the company is on pace to lose over $150 million in 2015, and that’s on top of the over $472 million the company already lost from 2012 through 2014. Read 4 remaining paragraphs | Comments
Taken from:
In just 2 years, Zynga’s daily average users have fallen by half