By msmash from
Slashdot's malware-on-tv department:
Security firms have been warning us for more than a year about the possibility of Android malware jumping from phones and tablets to other Android-powered devices, such smart TVs. The latest incident involving ransomware on a smart TV involves software engineer Darren Cauthon, who revealed that the LG smart TV of one of his family members was infected with ransomware right on Christmas day. What's worse? He claims LG wouldn't help him with perform factory reset of the device. From a report: Based on a screenshot Cauthon posted online, the smart TV appears to be infected with a version of the Cyber. Police ransomware, also known as FLocker, Frantic Locker, or Dogspectus. The infected TV is one of the last generations of LG smart TVs that ran Google TV, a smart TV platform developed by Google together with Intel, Sony, and Logitech. Google TV launched in 2010, but Google discontinued the project in June 2014. In the meantime, LG has moved on from Google TV, and the company's TVs now run WebOS. Cauthon says he tried to reset the TV to factory settings, but the reset procedure available online didn't work. When the software engineer contacted LG, the company told him to visit one of their service centers, where one of its employees could reset his TV.
Read Replies (0)
By msmash from
Slashdot's 'unfair-business' department:
South Korea's antitrust regulator has fined Qualcomm $854 million for what it called unfair business practices in patent licensing and modem chip sales, a decision the U.S. chipmaker said it will challenge in court. From a report on ZDNet: Qualcomm's business model includes collecting royalty payments from clients, which are calculated on the price of the handset using the chip, rather than the price of the chipset itself, and royalties from its patents. The KFTC has said it will issue a corrective order specifying the precise business practices with which it took issue, although Qualcomm has pointed out that this usually takes between four and six months. "Qualcomm strongly believes that the KFTC findings are inconsistent with the facts, disregard the economic realities of the marketplace, and misapply fundamental tenets of competition law," Don Rosenberg, executive vice president and general counsel for Qualcomm, said in response to the fine.
Read Replies (0)
By msmash from
Slashdot's Clean-Windows-experience department:
An anonymous reader writes: Ahead of tradeshow CES 2017, Lenovo today announced major changes coming to its ThinkPad lineup of laptops and PCs. First, Lenovo has decided to ship 2017 ThinkPad models with Microsoft's Signature Edition Windows 10 right out of the box. So, users don't have to worry about bloatware anymore. Signature Edition PCs are clean, fast and protected. The second big announcement is that Lenovo is now offering optional Intel Optane 3D drives on select ThinkPad models. Due to the small capacity, initial Optane M.2 drives will be used for caching in the ThinkPad T470p, L470, L570, T470, and T570. Third, Lenovo is moving to the Microsoft Precision TouchPad drivers for consistent touchpad experience across ThinkPad devices. The Windows Precision Touchpad drivers provide high precision pointer input and gesture functionality.
Read Replies (0)
By BeauHD from
Slashdot's internet-connected department:
An anonymous reader quotes a report from The Verge: The U.S. Food and Drug Administration released its recommendations for how medical device manufacturers should maintain the security of internet-connected devices, even after they've entered hospitals, patient homes, or patient bodies. Unsecured devices can allow hackers to tamper with how much medication is delivered by the device -- with potentially deadly results. First issued in draft form last January, this guidance is more than a year in the making. The 30-page document (PDF) encourages manufacturers to monitor their medical devices and associated software for bugs, and patch any problems that occur. But the recommendations are not legally enforceable -- so they're largely without teeth. The FDA issued an earlier set of recommendations in October 2014 (PDF), which recommended ways for manufacturers to build cybersecurity protections into medical devices as they're being designed and developed. Today's guidance focuses on how to maintain medical device cybersecurity after devices have left the factory. The guidelines lay out steps for recognizing and addressing ongoing vulnerabilities. And they recommend that manufacturers join together in an Information Sharing and Analysis Organization (ISAO) to share details about security risks and responses as they occur. Most patches and updates intended to address security vulnerabilities will be considered routine enhancements, which means manufacturers don't have to alert the FDA every time they issue one. That is, unless someone dies or is seriously harmed because of a bug -- then the manufacturer needs to report it. Dangerous bugs identified before they harm or kill anyone won't have to be reported to the FDA as long as the manufacturer tells customers and device users about the bug within 30 days, fixes it within 60 days, and shares information about the vulnerability with an ISAO.
Read Replies (0)
By BeauHD from
Slashdot's dark-side-of-the-moon department:
China has revealed some ambitious plans for space domination in the 2020s. On Tuesday, China set out its plans to become the first country to land a probe on the far side of the moon, in around 2018, and launch its first Mars probe by 2020. Phys.Org reports: "To explore the vast cosmos, develop the space industry and build China into a space power is a dream we pursue unremittingly," read a white paper setting out the country's space strategy for the next five years. It says China aims to use space for peaceful purposes and to guarantee national security, and to carry out cutting edge scientific research. The white paper released by the information office of China's Cabinet points to the growing ambitions of China's already rapidly advancing space program. Although the white paper doesn't mention it, China's eventual goal is the symbolic feat of landing an astronaut on the moon. The white paper reiterated China's plans to launch its first Mars probe by 2020, saying this would explore and bring back samples from the red planet, explore the Jupiter system and "conduct research into major scientific questions such as the origin and evolution of the solar system, and search for extraterrestrial life." The paper says the Chang'e-4 lunar probe will help shed light on the formation and evolution of the moon.
Read Replies (0)
By BeauHD from
Slashdot's desperate-times-call-for-desperate-measures department:
As Amazon prepares its drone-based delivery service Prime Air for the United States, the company has been looking for ways to keep its drones safe while they're flying to and from their destinations. According to the U.S. Patent and Trademark Office, the company has patented a plan that lays out countermeasures for potential threats ranging from computer hacking to lightning flashes to bows and arrows. GeekWire reports: The "compromise system" that Amazon's engineers propose relies on an array of sensors to orient the drone based on the sun's position in the sky, if need be. That's in case the drone gets confused by, say, lightning or a muzzle flash. The system also provides for a mesh network, in which drones would check with each other and other data sources -- including satellite signals -- to verify the readings they're following. If there's a discrepancy in the data, the drone would tally up the verdicts from all of the sources available, then go with the majority opinion. The onboard compromise system would be designed to keep the drone on track even if someone tried jamming its communication system. And if the drone became completely disoriented, it would be programmed to land safely and broadcast its location to its handlers. Now, about those arrows: Amazon lays out a scenario in which an attacker shoots an arrow at a drone in the air. "The malicious person may be attempting to cause the UAV to fall to ground, so that that malicious person may steal or destroy the UAV," the application reads. This is what Amazon suggests would happen: "The compromise module detects the presence of the arrow and generates the UAV compromise data indicating that a threat exists that may compromise the UAV. The fail-safe module terminates the navigation to the first computing device, and the fail-safe module directs the UAV towards the ground. In some implementations, the fail-safe module may be configured to direct the UAV to take evasive maneuvers, navigate to a safe landing or parking zone for inspect, and so forth."
Read Replies (0)
By BeauHD from
Slashdot's top-of-the-list department:
An anonymous reader quotes a report from Mac Rumors: Apple's iPhone and iPad were the most popular mobile devices gifted during the holidays this year, according to new data shared by Yahoo-owned mobile analytics firm Flurry. Flurry examined device activations by manufacturer between 12/19 and 12/25, finding Apple devices to be twice as popular as Samsung devices. 44 percent of all new phone activations were Apple iPhones, while Samsung smartphones accounted for 21 percent of activations. Huawei, LG, Amazon, Oppo, Xiaomi, and Motorola trailed behind with between two and three percent of activations each. Google's Pixel smartphone, which came out in October, did not make Flurry's list. Last year, Flurry released a similar report, and Apple devices made up 49.1 percent of all device activations, while Samsung devices came in at 19.8 percent. Phablets, or smartphones and tablets ranging in size from 5 inches to 6.9 inches, continued to grow in popularity. In 2016, the phablets category, which includes the 5.5-inch iPhone 6 Plus, 6s Plus, and 7 Plus, was responsible for 37 percent of total device activations. Medium-sized phones, like the 4.7-inch iPhone 6, iPhone 6s, and iPhone 7, were responsible for 45 percent of all activations. Activations of full-sized tablets, like the iPad, have continued to wane. From Flurry's report: "While Samsung is slowly growing in popularity throughout the holiday season, up 1% from last year, Apple devices continue to be the gift to give. Holding the third and fourth positions for activations are Huawei and LG; which is remarkable, as both manufacturers do not have an individual device within the top 35 devices activated. Their high rank is likely due to the fact that they have wide variety of devices and affordable options (hundreds of phablet and medium phones) for consumers to choose from."
Read Replies (0)
By BeauHD from
Slashdot's baby-steps department:
An anonymous reader quotes a report from ValueWalk: A robot designed by a veteran of science fiction blockbusters which bear a striking resemblance to the military robots seen in the movie Avatar has taken its first baby steps. The robot standing in a room on the outskirts of Seoul, South Korea stands four meters (13 feet) tall and weighs 1.5 tons. In a Facebook post, designer Vitaly Bulgarov said, "Everything we have been learning so far on this robot can be applied to solve real-world problems." His previous work experience includes work on film series such as Transformers, Terminator and Robocop, reports phys.org. Its creators at the Hankook Mirae Technology, a robotics company in South Korea, claim it is the world's first. About 30 engineers there worked hard conducting initial tests Tuesday afternoon, notes phys.org. For the engineers, it was a challenge to build the giant robot because the unprecedented scale meant they had nothing to refer to. Company chairman Yang Jin-Ho said, "Our robot is the world's first manned bipedal robot and is built to work in extreme hazardous areas where humans cannot go (unprotected)." A pilot sitting inside the robot's torso made some limb movements, and the robot, Method-2, mimicked them with his metal arms, each weighing 130 kilograms (286 pounds). It is so huge that it is twice the size of a tall man, and when it takes a step, the ground shakes with a loud whirring of motors. Method-2 has grabbed the media's attention due to its enormous size, but its creators say that the core achievement of the project is the technology they developed. How the robot will be used is unclear so far, but it is seen more as a test-bed for various technologies that will make it possible for the creators to build robots of any type and size in the future, notes phys.org.
Read Replies (0)
By BeauHD from
Slashdot's future-of-trucking department:
Uber has launched a website for a service called Uber Freight. While there are little details about the company's expansion from ride-hailing, Uber Freight is meant to prepare the world for autonomous delivery trucks, according to Inverse. From the report: Uber acquired a startup called Otto, which planned to bring the first self-driving trucks to market, in August. Since then the company has used its trucks to deliver 50,000 cans of beer and hundreds of Christmas trees in San Francisco. This new service won't use those trucks, at least not at the beginning. Instead it will function much like Uber's existing platform: Some people will sign up to drive items across the country, and others will join so they can send packages without having to sign a contract with established shipping companies. The service will likely bring "surge pricing" to trucking, too. Uber Freight could also help Otto's trucks by using data gathered from drivers on the platform. This would allow the self-driving vehicles to learn from experienced people while regulators figure out how to govern autonomous trucks and the technology catches up to all of the promises made by its creators. Uber Freight's launch coincides with growing interest in trucking from many tech companies. Nikola Motor Company wants to use tech to make trucking more environmentally friendly and appealing to millennials; Tesla's working on self-driving trucks; the list could go on. Uber told Inverse it's going to wait until the new year to elaborate on how the system works. "We don't have any new information to share at the moment," a spokesperson said, "but hope to in the new year so please do stay in touch." It looks like the future of trucking -- or at least one potential future -- is going to take a little while longer to make its debut.
Read Replies (0)
By BeauHD from
Slashdot's time-to-update department:
An anonymous reader writes from a report via BleepingComputer: A security flaw discovered in a common PHP class allows knowledgeable attackers to execute code on a website that uses a vulnerable version of the script, which in turn can allow an attacker to take control over the underlying server. The vulnerable library is PHPMailer, a PHP script that allows developers to automate the task of sending emails using PHP code, also included with WordPress, Drupal, Joomla, and more. The vulnerability was fixed on Christmas with the release of PHPMailer version 5.2.18. Nevertheless, despite the presence of a patched version, it will take some time for the security update to propagate. Judging by past incidents, millions of sites will never be updated, leaving a large chunk of the Internet open to attacks. Even though the security researcher who discovered the flaw didn't publish any in-depth details about his findings, someone reverse-engineered the PHPMailer patch and published their own exploit code online, allowing others to automate attacks using this flaw, which is largely still unpatched due to the holiday season.
Read Replies (0)
By BeauHD from
Slashdot's always-listening department:
Tulsa_Time quotes a report from CNET: Amazon's Echo and Echo Dot are in millions of homes now, with holiday sales more than quadrupling from 2015. Always listening for its wake word, the breakthrough smart speakers boast seven microphones waiting to take and record your commands. Now, Arkansas police are hoping an Echo found at a murder scene in Bentonville can aid their investigation. [First reported by The Information, investigators filed search warrants to Amazon, requesting any recordings between November 21 and November 22, 2015, from James A. Bates, who was charged with murder after a man was strangled in a hot tub. While investigating, police noticed the Echo in the kitchen and pointed out that the music playing in the home could have been voice activated through the device. While the Echo records only after hearing the wake word, police are hoping that ambient noise or background chatter could have accidentally triggered the device, leading to some more clues. Amazon has not sent any recordings to the officers but did provide Bates' account information to authorities, according to court documents. The retailer giant said it doesn't release customer information without a "valid and binding legal demand." "Amazon objects to over-broad or otherwise inappropriate demands as a matter of course," the company said in a statement. Even without Amazon's help, police may be able to crack into the Echo, according to the warrant. Officers believe they can tap into the hardware on the smart speakers, which could "potentially include time stamps, audio files or other data."] Police also found a Nest thermostat, a Honeywell alarm system, wireless weather monitoring in the backyard and WeMo devices for lighting at the smart home crime scene. Officers have also seized an iPhone 6S, a Macbook Pro, a PlayStation 4 and three tablets in the investigation.
Read Replies (0)