How a wireless keyboard lets hackers take full control of connected computers
While the keyboard and mouse send input that’s protected with the time-tested Advanced Encryption Standard, the USB dongle that accepts the input accepts unencrypted packets as well, as long as they’re in the proper format.
Matthias Deeg, a SySS researcher, said there is no reliable way keyboard users can protect themselves against the vulnerabilities other than to ensure they are completely isolated from all other radio-based devices.
The 6 reasons why Huawei gives the US and its allies security nightmares
The detention in Canada of Meng Wanzhou, Huawei’s CFO and the daughter of its founder, is further inflaming tensions between the US and China. Her arrest is linked to a US extradition request.
Behind this very public drama is a long-running, behind-the-scenes one centered on Western intelligence agencies’ fears that Huawei poses a significant threat to global security.
In its defense, Huawei can point to the fact that no security researchers have found back doors in its products. “There’s all this concern, but there’s never been a smoking gun,” says Paul Triolo of the Eurasia Group.
Kansas trying to unload $10 million in computer equipment
The state still owes $2 million on the equipment, which it bought in 2016 as part of a failed plan to develop a centralized storage system, call Kansas GovCloud, for computer information. That idea was canceled by state IT officials who said it was too expensive. Instead, the state contracts with an outside company to store data on remote servers.
“We keep changing our IT philosophy as a state. Knee-jerk reactions. We need an overall picture to understand the direction the state needs to go,” she said.
The Commodore Amiga Was A Computer Ahead Of Its Time
Despite being ahead of its time when it was unveiled in 1985, the Commodore Amiga didn't survive past 1996.
The Amiga had enough support from consumers to sell over the years, with the stripped-back Amiga 500 doing particularly well. Video games did well on the platform, thanks to its technical edge.
Helium implicated in weird iPhone malfunctions
The iPhone user guide warns that proximity to helium can impair functionality and that to recover, devices should be left to air out for a week or so in an environment far away from the rogue helium.
Smartphones contain microelectromechanical systems (MEMS): tiny mechanical systems that are integrated into chips.
That's probably the weirdest way to make a smartphone stop working that we've heard. As for why non-Apple devices appear to escape without harm? They might use different seals or perhaps aren't using MEMS devices in such critical roles.
Printer Makers Are Crippling Cheap Ink Cartridges Via Bogus 'Security Updates'
Printer maker Epson is under fire this month from activist groups after a software update prevented customers from using cheaper, third party ink cartridges. It’s just the latest salvo in a decades-long effort by printer manufacturers to block consumer choice, often by disguising printer downgrades as essential product improvements.
Hardware makers began cooking draconian restrictions into printers, ranging from unnecessary cartridge expiration dates to obnoxious DRM and firmware updates blocking the use of “unofficial” cartridges.
Facebook unveils smart displays, promises not to snoop on your video calls
In addition to their price and size differences, the Portal+ has a more powerful speaker that includes two tweeters with high-range frequency and a single, four-inch bass speaker for richer sound. Both devices have a four-mic array that's designed to pick up your voice no matter where you are in the room.
Facebook hasn't been the most forthcoming company when it comes to letting users know which data it collects and how it's using that data. It also doesn't have the best track record when it comes to keeping users' data safe.
Facebook said it doesn't "listen to, view, or keep the contents of" Portal video calls and that all video calls are encrypted as well.
A $1, Linux-Capable, Hand-Solderable Processor
This is an ARM processor capable of running Linux. It’s hand-solderable in a TQFP package, has a built-in Mali GPU, support for a touch panel, and has support for 512MB of DDR3.
There is no HDMI support, you’ll need to add some more chips (that are probably in a BGA package), but, hey, it’s only a dollar.
While the Allwinner A13 beats all the other options on price and solderability, it should be noted that like all of these random Linux-capable SoCs, the software is a mess. There is a reason those ‘Raspberry Pi killers’ haven’t yet killed the Raspberry Pi, and it’s because the Allwinner chips don’t have documentation and let’s repeat that for emphasis: the software is a mess.
Intel rips up microcode security fix license that banned benchmarking
Intel's gagging order came in the form of this license clause: "You will not, and will not allow any third party to … publish or provide any Software benchmark or comparison test results."
Predictably, Intel's contractual omertà had the opposite effect and drew attention to the problem. "Performance is so bad on the latest Spectre patch that Intel had to prohibit publishing benchmarks," said Lucas Holt, MidnightBSD project lead, via Twitter.
German researchers defeat printers' doc-tracking dots
Beating the unique identifiers that printers can add to documents for security purposes is possible: you just need to add extra dots beyond those that security tools already add. The trick is knowing where to add them.
Anybody can take a scan of the document, and clear “empty” areas in an image editor, but the group's second technique is more sophisticated. After their algorithm identifies the pattern in use, it takes a mask of all possible dot locations in that pattern, and adds extra dots that conform to the layout, but render the code meaningless.