Saturday, 25 February 2017
News with tag Update  RSS
Uber, 1Password, Fitbit and OKCupid user data exposed by massive security flaw

Added: 25.02.2017 4:13 | 0 views | 0 comments

The good news is that hackers do not appear to have taken advantage of a severe Cloudflare security bug that would have given them access to sensitive customer data including passwords and authentication tokens. The bad news is that the bug was only recently discovered, which means it went undetected for nearly five months.
Cloudflare is a content delivery serviced used by more than 5.5 million sites, including plenty of popular ones that you might use on a regular basis such as Uber, 1Password, Fitbit and OKCupid. In other words, it's probably a good idea to change your passwords immediately.
The bug was initially discovered by Google’s Project Zero security researcher Tavis Ormandy, . He then Cloudflare once he realized what he discovered, comparing it to Heartbleed in scope and severity. The company promptly fixed the issue.
"The bug was serious because the leaked memory could contain private information and because it had been cached by search engines," Cloudflare CTO John Graham-Cumming wrote in a  on the company blog. "We are disclosing this problem now as we are satisfied that search engine caches have now been cleared of sensitive information. We have also not discovered any evidence of malicious exploits of the bug or other reports of its existence."
The security bug could have exposed plenty of user data, including passwords, cookies, tokens used to authenticate users, and even Cloudflare’s encryption keys used to protect server-to-server traffic. And all that data was then cached by search engines including Google, Yahoo, and Bing, which would have given hackers nearly live access to the data.
Even though Cloudflare acknowledged the issue, Ormandy took issue with the company’s disclosure. "It contains an excellent postmortem, but severely downplays the risk to customers," he wrote in an update. He was also the one to mention the names of the companies that may have been affected by security breaches in a Twitter message.
1Password said in a that thanks to its triple encryption layer, no sensitive data was ever exposed to hackers.

Google’s Pixel XL works much better on Verizon than T-Mobile for one weird reason

Added: 24.02.2017 23:18 | 0 views | 0 comments

It's 2017, which means we're long past the days when your phone should lock you in to one particular carrier. Unfortunately, Google doesn't seem to agree.
A  Cellular Insights takes a deep dive into how the Google Pixel XL performs on different networks. According to their testing, 3x Carrier Aggregation -- a feature that combines different LTE bands for blazing-fast speeds -- doesn't work on T-Mobile, but does on Verizon.

The end result will be slower speeds for T-Mobile users compared to Verizon, even if the two networks are totally equal in one place. It's a handicap for T-Mobile, as most customers won't know that it's the phone causing the slowdown.
The reason for the lack of 3xCA on T-Mobile appears to be software related. 3xCA works just fine on Verizon, and Google advertises 3xCA as a feature for the Pixel XL. Cellular Insights explains the problem:
"Despite the device being fully unlocked and (at least initially) marketed in North America as Cat 9 capable, Google exercises the right to enable and disable not only LTE bands and CA combos on “per operator” basis, but capabilities and features as well, such as LTE Category and Higher Order Modulation. We simply can not rationalize the reason behind this decision, but it is hard to imagine that this was an accident, knowing that T-Mobile is one of the very first U.S. operators to rollout 3xCA, as well as one of the first operators globally to activate DL-256QAM, UL-64QAM, EVS, etc. We are hoping that one of the upcoming Google OTA updates will take care of T-Mobile specific carrier profile, allowing the Pixel XL to take the full advantage of the network."
With your tinfoil hat on, there's one obvious explanation for this behaviour: Verizon is the exclusive carrier retail partner for the Pixel and Pixel XL in the States. If you want a Pixel on T-Mobile, you'll have to buy it outright unlocked from Google and get your own T-Mobile SIM. Hypothetically, there might be some agreement between Verizon and Google to only enable certain network features on Verizon, giving the network a sly upper hand.
Google did not immediately return a request for comment.

NieR: Automata Gets 1.03 Update on PS4 Ahead of Western Release; "Fixes" Name of "NIN64" Junk Item

Added: 24.02.2017 23:13 | 0 views | 0 comments

NieR: Automata isn't even out worldwide yet, but Square Enix and PlatinumGames are already patching it.


Google discloses unpatched IE vulnerability after Patch Tuesday delay

Added: 24.02.2017 18:44 | 1 views | 0 comments

Google's Project Zero team has disclosed a potential arbitrary code execution vulnerability in Internet Explorer because Microsoft has not acted within Google's 90-day disclosure deadline.
This is the second flaw in Microsoft products made public by Google Project Zero since the Redmond giant and postpone its previously planned security fixes until March.
Microsoft blamed the unprecedented decision to push back scheduled security updates by a month on a "last minute issue" that could have had an impact on customers, but the company hasn't clarified the nature of the problem.

Microsoft's latest Windows 10 Creators update builds inch closer to completion

Added: 24.02.2017 18:18 | 6 views | 0 comments

Microsoft has released two new Fast Ring test builds (15042 for PC; 15043 for phones), as it closes in on finalizing its Windows 10 Creators Update.

Star Wars Galaxy of Heroes: Sith Update Tips

Added: 24.02.2017 17:13 | 0 views | 0 comments

SWGOH refreshes with a massive Dark Side and Sith update on 2/15/17. So what should you do differently when it comes to playing and farming characters? Apparently, a lot.

LG puts a massive battery in the X Power2, but not much else

Added: 24.02.2017 16:46 | 1 views | 0 comments

LG will be showing its new at  next week, but that's not the only handset the company is bringing to Barcelona. Joining it will be an update to the , the X Power 2. Like its predecessor, the second-gen X Power's X-factor is battery life.
Part of a new line of affordable phones that “incorporates different exclusive features that are usually found only in premium smartphones,” the features a massive 4,500mAh battery that will easily get users through a full day of heavy use. LG estimates that the phone “can play back videos continuously for approximately 15 hours, provide navigational directions for about 14 hours or surf the web for around 18 hours.” And if that’s still not enough juice, it features high-speed charging that can provide 50 percent battery life after being plugged in for an hour.

Lobodestroyo's Kickstarter Absence and the Virtue of Patience

Added: 24.02.2017 16:13 | 0 views | 0 comments

Josh Griffiths writes: "It's been eight months since Lobodestroyo's last update promised more frequent updates. What's going on with the 3D platformer, and why the silence?"


MacBook Pro Touch Bar Will Be Supported By Latest Chrome 58 Canary Update; What Does It Offer? [VIDEO]

Added: 24.02.2017 13:34 | 0 views | 0 comments

The MacBook Pro Touch Bar will now be supported by the latest Chrome 58 Canary update that will give additional feature to the device.


Only One In A Thousand PokéStops Are Giving Out Pokémon GO's Gen 2 Evolution Items

Added: 24.02.2017 13:31 | 0 views | 0 comments

While your local area might be flooded with new Gen 2 Pokémon in the wake of Pokémon GO’s latest update, you might be finding that you’re missing a few key ingredients in pursuit of some specific evolutions. And you might be missing them for a while.


Older articles »

Copyright © 2008-2017  - all rights reserved