yorker-vanity – Page 28

Don’t cry for the Google Play edition program; it was already dead

Earlier this week, the last of the Google Play edition Android phones in Google’s online storefront were listed as ” no longer available for sale .” When contacted for comment, Google had nothing to say, but it’s not hard to read between the lines here. The last new Google Play phone was introduced in the spring of 2014. Plans for a Galaxy S5 GPe phone made it far enough that official press photos leaked out into the wild , but the phone never materialized. The program hit its peak early last year, when a full half-dozen devices were listed all at once: the Galaxy S4 , the HTC Ones M7 and M8 , the first-generation Moto G , the Sony Z Ultra , and the LG G Pad 8.3 . Like doomed kids making their way through Willy Wonka’s factory, they silently dropped out one by one. Now they’re all gone, and it looks a whole lot like the program has wrapped up. If so, it’s a quiet, inconspicuous end to a quiet, inconspicuous program. Normally we’d say that fewer choices for Android shoppers would be a bad thing, but the changes Google has made to Android since the GPe program was introduced had already rendered it mostly irrelevant. Read 13 remaining paragraphs | Comments

Read the original:
Don’t cry for the Google Play edition program; it was already dead

Verizon nears “the end” of FiOS builds

It’s been nearly five years since Verizon decided to stop expanding its FiOS fiber network into new cities and towns, so this week’s news won’t come as a huge surprise: Verizon is nearing “the end” of its fiber construction and is reducing wireline capital expenditures while spending more on wireless. “I have been pretty consistent with this in the fact that we will spend more CapEx in the Wireless side and we will continue to curtail CapEx on the Wireline side. Some of that is because we are getting to the end of our committed build around FiOS, penetration is getting higher,” Verizon CFO Fran Shammo said yesterday in the Q4 2014 call with investors . Wireline capital spending totaled $1.6 billion in the most recent quarter and $5.8 billion for 2014, down 7.7 percent from 2013, Verizon said. Read 11 remaining paragraphs | Comments

Read the article:
Verizon nears “the end” of FiOS builds

Making ultra-thin materials with holes the size of water molecules

While visiting GE’s China Technology Center, we got to take a look at reverse osmosis membranes. Reverse osmosis is the most energy-efficient means of removing dissolved substances from water. It’s what’s used commercially for desalination, the process of producing drinking water from seawater. The term “membrane” is typically used to mean a thin sheet of some material (in fact, the word “sheet” appears in the definition of the term). But for some of the things GE is using it for, the membranes were thin yet robust tubes, each one capable of supporting the weight of a bowling ball. Despite that toughness, features on the tubes are so fine that they can allow water molecules to pass through but reject many things that are roughly the same size, such as the salt ions found in seawater. This all raises an obvious question: how do you actually produce anything like that? We decided to look into the process of making reverse osmosis membranes. Read 12 remaining paragraphs | Comments

Google drops three OS X 0days on Apple

Don’t look now, but Google’s Project Zero vulnerability research program may have dropped more zero-day vulnerabilities—this time on Apple’s OS X platform. In the past two days, Project Zero has disclosed OS X vulnerabilities here , here , and here . At first glance, none of them appear to be highly critical, since all three appear to require the attacker to already have some access to a targeted machine. What’s more, the first vulnerability, the one involving the “networkd ‘effective_audit_token’ XPC,” may already have been mitigated in OS X Yosemite, but if so the Google advisory doesn’t make this explicit and Apple doesn’t publicly discuss security matters with reporters. Still, the exploits could be combined with a separate attack to elevate lower-level privileges and gain control over vulnerable Macs. And since the disclosures contain proof-of-concept exploit code, they provide enough technical detail for experienced hackers to write malicious attacks that target the previously unknown vulnerabilities. The security flaws were privately reported to Apple on October 20, October 21, and October 23, 2014. All three advisories appear to have been published after the expiration of the 90-day grace period Project Zero gives developers before making reports public. Read 1 remaining paragraphs | Comments

Visit link:
Google drops three OS X 0days on Apple

Attack for Flash 0day goes live in popular exploit kit

If you’ve been meaning to disable Adobe Flash, now might be a good time. Attacks exploiting a critical vulnerability in the latest version of the animation software have been added to a popular exploitation kit, researchers confirmed. Attackers often buy the kits to spare the hassle of writing their own weaponized exploits. Prolific exploit sleuth Kafeine uncovered the addition to Angler , an exploit kit available in underground forums. The zero-day vulnerability was confirmed by Malwarebytes . Malwarebytes researcher Jérôme Segura said one attack he observed used the new exploit to install a distribution botnet known as Bedep. Adobe officials say only that they’re investigating the reports. Until there’s a patch, it makes sense to minimize use of Flash when possible. AV software from Malwarebytes and others can also block Angler attacks. Read on Ars Technica | Comments

Read this article:
Attack for Flash 0day goes live in popular exploit kit

Hard disk reliability examined once more: HGST rules, Seagate is alarming

A year ago we got some insight into hard disk reliability when cloud backup provider Backblaze published its findings for the tens of thousands of disks that it operated. Backblaze uses regular consumer-grade disks in its storage because of the cheaper cost and good-enough reliability, but it also discovered that some kinds of disks fared extremely poorly when used 24/7. A year later on and the company has collected even more data , and drawn out even more differences between the different disks it uses. For a second year, the standout reliability leader was HGST. Now a wholly-owned subsidiary of Western Digital, HGST inherited the technology and designs from Hitachi (which itself bought IBM’s hard disk division). Across a range of models from 2 to 4 terabytes, the HGST models showed low failure rates; at worse, 2.3 percent failing a year. This includes some of the oldest disks among Backblaze’s collection; 2TB Desktop 7K2000 models are on average 3.9 years old, but still have a failure rate of just 1.1 percent. Read 4 remaining paragraphs | Comments

Read this article:
Hard disk reliability examined once more: HGST rules, Seagate is alarming

Liveblog: Windows 10 “The Next Chapter” event on January 21st

REDMOND—Microsoft is unveiling the next major beta of Windows 10, the Consumer Preview, with an event at the company’s home in Redmond, Washington. We’ll be on the scene to report on the news and get a first look at the new release. We’re expecting to see the new Continuum feature that adapts the Windows interface on 2-in-1 devices and a new browser that sheds the legacy (and name) of Internet Explorer. Representatives of the Xbox team will also be at the event, with Microsoft having news about Windows gaming—though precisely what that will be is currently a mystery. Read on Ars Technica | Comments

Taken from:
Liveblog: Windows 10 “The Next Chapter” event on January 21st

How installing League of Legends and Path of Exile left some with a RAT

Official releases for the League of Legends and Path of Exile online games were found laced with a nasty trojan after attackers compromised an Internet platform provider that distributed them to users in Asia. The compromise of consumer Internet platform Garena allowed the attackers to attach malicious software components to the official installation files for the two games, according to a blog post published Monday by antivirus provider Trend Micro. In addition to the legitimate game launcher, the compromised executable file also included a dropper that installed a remote access tool known as PlugX and a cleaner file that overwrote the infected file after it ran. According to Trend Micro, the attackers took care to conceal their malware campaign, an effort that may have made it hard for victims to know they were infected. The cleaner file most likely was included to remove evidence that would tip users off to a compromise or the origin of the attack. The cryptographic hash that was included with the tampered game files was valid, so even people who took care to verify the authenticity of the game installer would have no reason to think it was malicious, Trend Micro researchers said. The researchers linked to this December 31 post from Garena . Translated into English, one passage stated: “computers and patch servers were infected with trojans. As a result, all the installation files distributed for the games League of Legends and Path of Exile are infected.” Read 2 remaining paragraphs | Comments

See the article here:
How installing League of Legends and Path of Exile left some with a RAT

Pirates defeating watermarks, releasing torrents of Oscar movie screeners

When an incomplete and early version of the X-Men Origins: Wolverine leaked to torrent sites in 2009, Twentieth Century Fox announced that the uploader “will be prosecuted to the fullest extent of the law.” “We forensically mark our content so we can identify sources that make it available or download it,” the studio said in a statement. Nabbed by a watermark, a New York man subsequently pleaded guilty to making the movie available on Megaupload. Gilberto Sanchez was sentenced to a year in prison in 2011. A triumphant US Attorney Andre Birotte Jr . said that “sentence handed down in this case sends a strong message of deterrence to would-be Internet pirates.” Read 6 remaining paragraphs | Comments

View article:
Pirates defeating watermarks, releasing torrents of Oscar movie screeners

Google drops more Windows 0-days. Something’s gotta give

Google’s security researchers have published another pair of Windows security flaws that Microsoft hasn’t got a fix for, continuing the disagreement between the companies about when and how to disclose security bugs. The first bug affects Windows 7 only and results in minor information disclosure. Microsoft says, and Google agrees, that this does not meet the threshold for a fix. Windows 8 and up don’t suffer the same issue. The second bug is more significant. In certain situations, Windows doesn’t properly check the user identity when performing cryptographic operations, which results in certain shared data not being properly encrypted. Microsoft has developed a fix for this bug, and it was originally scheduled for release this past Tuesday. However, the company discovered a compatibility issue late in testing, and so the fix has been pushed to February. Read 7 remaining paragraphs | Comments

See the original post:
Google drops more Windows 0-days. Something’s gotta give

Ken May

Tag: yorker-vanity