Link

Researchers Uncover Serious Flaws Within DRAM Chips

Andrew Orr ·

ETH Zurich reports that researchers from the Vrije Uni­versiteit Am­s­ter­dam and Qual­comm Tech­no­lo­gies found flaws within DRAM chips. The article I’m linking to is more of an announcement; ETH Zurich tells me the full results will be presented at IEEE in 2022.

It means that by re­peatedly ac­tiv­at­ing – or “ham­mer­ing” – a memory row (the “aggressor”), an at­tacker can in­duce bit er­rors in a neigh­bour­ing row, also called the “victim” row. That bit er­ror can then, in prin­ciple, be ex­ploited to gain ac­cess to re­stric­ted areas in­side the com­puter sys­tem – without re­ly­ing on any soft­ware vul­ner­ab­il­ity.

Link

Apple TV+ Show Dr. Brain is Big Moment For Company and Korean Content

Charlotte Henry ·

Dr. Brain premiered on Apple TV+ on November 4, the same day the streaming service went live in South Korea. As a new feature from Reuters shows, the move is a significant one, coming at a time when Korean content is more popular, and valuable, than ever.

Apple’s foray into original Korean content comes as the country’s entertainment industry reaches new global popularity, from k-pop superstars such as BTS to the 2020 Oscar-winning South Korean film “Parasite,” and now “Squid Game”, which became Netflix’s (NFLX.O)biggest original series launch. Director Kim Jee-woon said after the consecutive success of such Korean content, global audiences began to understand Korean culture through artistic works and that he had made an extra effort to get the translations right. “I hope Dr. Brain can prove there are diverse works in South Korea that cover a wide variety of genres, sensibilities and materials as much as previous mega hit Korean series,” Kim said.

Link

FBI Says Data Was Not Compromised After Hackers Took Over Email Server

Andrew Orr ·

Hackers took over an FBI server over the weekend, sending thousands of fake cyberattack warnings. The agency says no personal information or data was affected.

The agency said it has fixed the software vulnerability that allowed the attack.

The fake emails originated from an FBI-operated server, which was dedicated to pushing notifications to the Law Enforcement Enterprise Portal (LEEP), which the FBI uses to communicate with state and local agencies. The compromised server was not part of the FBI’s corporate email service, the FBI added.

Link

Get Ready For Apple vs Meta in the AR Headset Wars

Charlotte Henry ·

Over the years, Facebook and Apple have become involved in an increasingly tense relationship, normally over issues of privacy. We’ve got used to snide comments about tracking and new privacy products. However, in the latest edition of his Power On newsletter, Bloomberg News‘s Mark Gurman suggests we may not have seen anything yet. The fight over the AR headset space is set to be the real battleground, as Apple and the newly rebranded Meta go head-to-head in the hardware space for really the first time.

Meta has shipped headsets for several years, but 2022 is when the market is set to heat up, both in terms of hardware capabilities and competition. Last month, Meta previewed Project Cambria, its first true mixed reality headset. To date, Meta’s headsets have focused on virtual reality, enveloping users completely in the digital world. That compares with augmented reality glasses, which overlay digital information on top of the real world. The Cambria headset mixes both, adding full-color AR overlay abilities to VR. The Cambria headset also has far more advanced processors, sensors and lenses compared with previous Meta devices. That brings us to Apple, which plans to launch a similarly high-end mixed reality headset next year, perhaps within a few months of the Meta device. Apple’s offering will probably be in the $2,000 range, whereas I expect Meta’s to be quite a bit cheaper. Still, the two products will be direct challengers for users looking to jump into the metaverse.

Link

Contract Lawyers Latest Sector to Face Remote Surveillance Programs

Andrew Orr ·

As WP reports, businesses are increasingly using surveillance software to monitor what their employees do on computers. Contract lawyers are the latest group to face this.

The monitoring is a symptom of “these pervasive employer attitudes that take advantage of these technologies to continue these really vicious cycles … that treat employees as commodities,” she said. “The irony in this situation is that it’s attorneys, who traditionally advocate for employee rights or justice when they’re made aware of intrusions like these.”

Link

Newly Discovered 'OSX.CDDS' Implant Targets Visitors to Hong Kong Websites

Andrew Orr ·

Google’s Threat Analysis Group discovered a new macOS implant that security researcher Patrick Wardle dubbed OSX.CDDS. It targets “visitors to Hong Kong websites for a media outlet and a prominent pro-democracy labor and political group.”

Notable features for this backdoor include: victim device fingerprinting, screen capture, file download/upload, executing terminal commands, audio recording, keylogging.

Link

How Thieves are Stealing Apple ID Credentials for Stolen iPhones

Andrew Orr ·

A report from India Today shares the story of how thieves tricked an Apple user to steal his credentials in order to unlock the iPhone they stole.

Vedant narrated his ordeal on Twitter and urged users to be aware of the types of attacks that can be used to extract sensitive information from users. He revealed that the first thing he did after losing his phone was log in to the Find My app with his Apple ID using his MacBook and try to get the phone’s exact location through the Find My app.

Classic phishing attack.

Link

Could Apple Make Major Smart Home Moves in 2022?

Charlotte Henry ·

As we go hurtling towards the holiday season, it’s always exciting to look at what might come next. Dan Moren has written a very astute take at what Apple might do in 2022 for Macworld. His look at the moves the company could make in the smart home market is particularly interesting.

Apple’s had a challenging couple years in the home space. It’s discontinued its full-size HomePod in favor of the smaller HomePod mini, and while it’s ramped up support for the upcoming Matter initiative that aims to interconnect smart home devices across manufacturers, that really won’t kick off in earnest until next year. But word of a “homeOS” project reared its head once again this week, after a mention in an Apple job posting. The term had cropped up earlier this year, ahead of the Worldwide Developers Conference, but nothing more was heard of it until now. It could suggest a more in-depth investment in smart home tech for Apple, and, combined with a recent hire to oversee HomePod software might mean the company is reinvigorating development in that area.

Link

YouTube Moves to Hide Dislike Count From User Interface

Andrew Orr ·

YouTube announced on Wednesday that it will begin hiding the number of dislikes videos have on its platform.

And earlier this year, we experimented with the dislike button to see whether or not changes could help better protect our creators from harassment, and reduce dislike attacks — where people work to drive up the number of dislikes on a creator’s videos.

YouTube is only making it harder to spot crappy videos at a distance. Now you’ll have to click on each video to be sure, or read the comments. More views = more money for Google.

Link

Veterans Use Apple Technology to Update Approach to Trauma Medicine

Charlotte Henry ·

Various Apple products are increasingly used in medical settings, and health is clearly an area the company is very interested in. Normally the focus is on general health monitoring, but on Wednesday it posted a feature highlighting one perhaps overlooked use case – trauma medicine. Of particular interest is how veterans used products to help change approaches, via a product called T6.

T6 allows medical teams to input and analyze patient data in real time through iPad. In a hospital setting, data such as vitals and injury details are entered into the app and displayed on a large screen for the entire trauma team to see, along with standard-of-care guidelines and alerts. In the field, whether that’s in an ambulance or medical helicopter, or if T6 is being used by a military team or medic, the iPad app will allow real-time virtual communication between the person administering care and a trauma team in another location.

Link

What is the World Economic Forum Doing About Blockchain?

Andrew Orr ·

The World Economic Article advises companies to integrate blockchain technology, writing about “middleware” such as Chainlink (LINK).

While there remains a general assumption that blockchain technology is still in its early stages, in reality, it is already entering the early phase of majority adoption, especially by the finance industry. Recalling the massive digital transformation propelled by the internet, many forward-thinking enterprises in the finance sector and beyond are already taking important steps to become blockchain-ready.

I think it’s interesting that WEF is talking about blockchain stuff. It’s also good news for companies such as Chainlink, because they make it easy for stuff on a blockchain to interact with stuff off the chain. Disclaimer – LINK is one of the cryptocurrencies I invest in.

Link

Disk Utility Can Now Manage Snapshots in macOS Monterey

Andrew Orr ·

Disk Utility can now manage AFPS snapshots, no matter which app created them, in macOS Monterey.

This new feature is cunningly hidden so that you don’t notice this huge leap forward when you first open the app. To engage its new powers, select a volume and use the Show APFS Snapshots command in its View menu. This opens a new table view in the lower part of the main view in which the selected volume’s snapshots are listed.

Link

Stop Treating Email Like Slack

Charlotte Henry ·

Let’s face it, most people hate detailing with email – writing, reading, and organizing it. Wired dug into the science that may offer a solution.

Email is a valuable tool because it’s flexible, allows broad collaboration even with people outside your company, and it’s asynchronous, meaning the receiver and sender don’t need to both be online or working at the same time. “We’ve turned the advantages into disadvantages,” says Giurge. “It’s something that should be used as an asynchronous means of communication, and somehow we started using it as an ‘all the time’ means of communication. Instant messaging tools, such as Slack, may require an immediate acknowledgement—even if it’s just a GIF or thumbs up emoji—as they’re generally used as ways to collaborate on work at the same time. But it’s time to reconsider email more like old-fashioned paper mail: Upon receiving your broadband bill from your ISP, you don’t, after all, write a letter to confirm receipt and signal your intent to pay; you just pay it when you have a moment.