Microsoft Reconsiders Recall Release Amidst Privacy Concerns

andreasc
-
0
Microsoft Reconsiders Recall Release Amidst Privacy Concerns
[ad_1]

After much hype and the subsequent negative attention due to privacy concerns, Microsoft Recall planned release now experiences some modifications. Instead of a public preview as planned, it will now arrive as Windows Insider Program preview.

Microsoft Changes Recall Release Plans As Experts Raise Privacy Concerns

Through a recent post, Pavan Davuluri (Corporate VP, Windows + Devices) shared an update on the release plans for Windows Recall. As disclosed, the tech giant has reverted its decision to roll out the new feature in the coming days following significant backlash over security problems.

Microsoft first unveiled “Recall” earlier in May 2024 as an AI-powered memorizing tool that helps users literally recall anything at any time. Explaining its features, Microsoft stated that the tool facilitates users when looking up any files or recent activity. It takes screenshots on users’ devices every five seconds, preparing a comprehensive log of almost every user activity. Thus, if a user simply wants to recall a previous activity, asking Recall can help immediately.

While it sounds convenient, the security community raised concerns over the inclusive user logging via Recall. Some researchers even demonstrated how an adversary may exfiltrate all Recall screenshots, breaching the target user’s security.

Although Microsoft explained that the data remains secured via encryption and is stored locally on the device, with the user having full control over the feature’s activity and stored snapshots, it seems it didn’t help much. And finally, Microsoft had to make changes to the Recall release, explaining how it addressed customers’ feedback to strengthen Recall security.

First, Microsoft plans to release Recall as an opt-in feature to Copilot+ PCs, turned off by default. Second, users need to use Windows Hello to enable Recall, alongside providing proof of presence for further search. Lastly, Recall will feature “just in time” decryption that only decrypts stored data (encrypted snapshots) following user authentication. Moreover, encryption will also apply to the search index database.

Regarding the release, Microsoft plans to roll out Recall as a Windows Insider Program preview on June 18, 2024, pledging public availability afterward.

Let us know your thoughts in the comments.


[ad_2]
Source link

Some Motorola Razr 50 Ultra specs confirmed, live images appear

andreasc
-
0
Some Motorola Razr 50 Ultra specs confirmed, live images appear
[ad_1]

Motorola’s upcoming powerful flip phone is hardly a secret at this point. We’ve seen a ton of information about it thus far, and some Motorola Razr 50 Ultra specs just got confirmed. In addition to that, the phone’s live images surfaced too.

The Motorola Razr 50 Ultra specs have been confirmed… some of them

Let’s take it one step at a time, though. The Motorola Razr 50 Ultra appeared on Geekbench. So it got benchmarked. As part of that listing, the Snapdragon 8s Gen 3 processor has been confirmed.

That is Qualcomm’s brand new chip that is quite powerful. It’s not quite as powerful as the Snapdragon 8 Gen 3, but it’s up there. The listing also confirms that 12GB of RAM will be included. More than one RAM variant is a possibility, though.

Motorola Razr 50 Ultra Geekbench

Android 14 will come pre-installed on the Motorola Razr 50 Ultra. That much has been confirmed here too. The device managed to score 1,829 points in the single-core, and 4,214 points in the multi-core test on Geekbench.

With that being said, the device also got certified by the NCC. As part of that certification, the phone’s design was shared. That design was not a secret, but we got to check it out yet again, prior to launch.

If you take a look at the images below, you’ll not only see the phone itself, but its measurements and battery too. Peach and Dark Blue colors are coming, by the way, in case you were wondering.

The device will offer 68W wired charging, and have a 4,000mAh battery

The phone will support 68W wired charging, and include a 4,000mAh battery. That battery will consist of two batteries, actually, 1,050mAh and 2,950mAh units.

 

The Motorola Razr 50 Ultra will become official on June 25. That’s the date Motorola confirmed quite recently. Do note that the initial launch event will take place in China, though. Both the Motorola Razr 50 and Razr 50 Ultra are expected to arrive to other markets, though.


[ad_2]
Source link

5 things to know about proactive voice assistants

andreasc
-
0
5 things to know about proactive voice assistants
[ad_1]

Proactive voice assistants are advanced versions of voice-activated technology that offer more than just reacting to commands—they predict user needs and offer assistance before being asked. This new technology uses complex algorithms to analyze user behavior, preferences, and data to predict what the user might need next, whether it’s a traffic update on the way to work or a reminder about an upcoming appointment. As voice technology becomes integrated into our daily lives, this feature can significantly improve the efficiency of it. However, this also comes with the responsibility of securely managing our personal data. One way we can do it is by using a VPN free trial which strengthens digital privacy and also defends against cyber threats. It is also important for users to be vigilant about the permissions they grant and aware of the information they share. Keeping your data secure and understanding privacy policies are crucial steps in protecting your personal information from potential misuse.

Here are other essential things to know about proactive voice assistants:

1. Understanding of the context

One of the most significant features of proactive voice assistants is their ability to understand context. This technology can distinguish between different environments and adapt to them accordingly. For instance, if it detects that you are at home on a weekend morning, it might suggest breakfast recipes, while, in an office setting, it could offer to read out your schedule for the day. This allows the assistant to provide more relevant and timely assistance.

2. Wide-ranging Device Integration

Proactive voice assistants are designed to work across various devices, improving the user’s experience by being consistent regardless of the device used. The assistant can sync data in real-time whether you interact through your smartphone, speaker, or car audio system. This means it can provide helpful suggestions in different situations, like reminding you to pick up groceries as you drive past the store or adjusting your thermostat before you arrive home.

3. Predictive Capabilities

The predictive nature of these assistants is what sets them apart from their predecessors. By analyzing your past actions and routines, they can predict future needs. For example, if you typically order pizza on Friday nights, your assistant might suggest placing an order at your favorite restaurant before you even think to ask. These predictive capabilities can make daily routines much more efficient.

4. Improved Communication

Proactive voice assistants can also manage communication more effectively. They can suggest responding to missed calls or messages based on the priority you’ve assigned to contacts or remind you of birthdays and anniversaries, offering to send messages or gifts on your behalf. This feature is especially beneficial for busy individuals who may struggle to keep up with personal communications.

5. Privacy and Customization Controls

Despite their many benefits, voice assistants’ proactive features raise some privacy concerns. Considering this, developers have applied strong privacy settings and customization options to these systems. Users can adjust what data is collected, how it’s used, and when the assistant should intervene. This customization not only helps secure personal data but also ensures that the assistance is aligned with the user’s preferences and comfort levels.

Proactive voice assistants represent a significant step forward in technology by offering users a more intuitive and personal interaction with their devices. By understanding context, integrating effortlessly across devices, predicting user needs, bettering communication, and providing improved privacy controls, they can impact our daily lives in a subtle but profound way. If used at full potential, they can make our routine tasks much easier and more efficient. Taking into consideration all the benefits they offer, it is daunting not to use this remarkable technological innovation. However, it is also necessary to stay informed about data security and privacy practices to keep our personal information protected. Regarding future predictions, if AI continues to advance at the pace we’re witnessing now, we can expect these assistants to soon become even more integrated into our lives, providing an even greater level of support in our everyday activities.


[ad_2]
Source link

Galaxy Z Fold 6 may disappoint when it comes to display crease

andreasc
-
0
Galaxy Z Fold 6 may disappoint when it comes to display crease
[ad_1]

The Samsung Galaxy Z Fold 6 may disappoint you if you were expecting a notable improvement to its display crease. This information comes from Ice Universe, a well-known tipster.

The Galaxy Z Fold 6 may not offer a notable improvement in the display crease department

He went to X to clarify that the Galaxy Z Flip 6 will offer more of an improvement in the crease department than the Galaxy Z Fold 6. He said that the crease will be “better” than it is on the Galaxy Z Flip 5.

To that he added that the Galaxy Z Fold 6 will offer “little improvement” in that department. We have to say that is a bit odd, as we expected changes to be the same for both devices. That won’t be the case, though, it seems.

The Galaxy Z Fold 5 has a really noticeable crease, and it’s not even close to the likes of the OnePlus Open, OPPO Find N3, HONOR Magic V2, and so on. So, we were expecting to see a notable improvement in that department. Well, that seemingly won’t be the case.

The company’s new book-style foldable won’t represent a huge change/improvement

The Galaxy Z Fold 6 looks more and more like a very small change compared to the Galaxy Z Fold 5. The phone will allegedly ship with the same camera hardware, and not many improvements overall.

It will include generational improvements in the form of the SoC, of course, and sharper corners, with a slightly upgraded design. Its cover display will also be wider, and thus the device will be wider than the Galaxy Z Fold 5.

Other than that, well, there won’t be many changes based on everything we’ve seen thus far. Both the Galaxy Z Fold 6 and Galaxy Z Flip 6 will arrive on July 10, it seems. Evan Blass confirmed the launch date, even though Samsung did not.

The Galaxy Ring is also expected to arrive, a couple of smartwatches, and a pair of earbuds too. It will be a packed event, to say the least.


[ad_2]
Source link

Top 5 AR innovations of 2024

andreasc
-
0
Top 5 AR innovations of 2024
[ad_1]

Augmented Reality (AR) is a technology that adds digital elements, like graphics and sounds, to our real world. Unlike Virtual Reality (VR), which creates entirely virtual environments, AR uses our existing surroundings and upgrades them with new digital information. This technology is commonly used in smartphone apps and special glasses or headsets, allowing us to interact with these digital extensions as part of our everyday environments.

One of AR’s main advantages is its variability. It can be used for everything from interactive maps and live events to historical content and artistic installations. It can also be improved with various plugins and extensions, such as image recognition capabilities, 3D object rendering, and interactive gaming elements. A virtual private network is another tool that helps strengthen and enhance the use of AR technologies. If, for example, a user from anywhere in the world wants to access content available only for the Canadian market, they can use VPNs such as Express VPN for Canada, which allows them to access that specific content without geographic restrictions. Additionally, VPNs secure your interaction with AR technology and make your connection private.

This flexibility and the ongoing advances in AI technology contribute to the fast evolution of AR, constantly expanding its offerings. This article will mention the top new AR technologies and gadgets worth knowing.

1. HoloLens 3 by Microsoft

The latest version of Microsoft’s HoloLens has pushed the boundaries of AR with its advanced mixed reality applications. The HoloLens 3 offers improved spatial recognition and a more user-friendly interface. It also integrates with various productivity tools, making it outstanding for both educational and professional purposes. Its ability to project holographic data into the user’s field of vision in high definition helps to resolve complex tasks and learn by bringing abstract concepts to life.

2. Google ARCore’s New Features

Google significantly upgraded its ARCore platform in 2024, introducing features that allow deeper interaction with the environment. These include better environmental understanding that lets the device understand the sizes and locations of different types of surfaces, precise motion tracking, and light estimation, improving virtual objects’ appearance. This makes AR experiences almost identical to reality, making it ideal for applications in interior design and education, where accurate environmental integration is crucial.

3. Apple’s ARKit 5

Apple has consistently been at the front of AR with its ARKit, and 2024’s version has introduced ground-breaking changes, particularly in personal health and fitness. ARKit 5 includes an advanced skeletal tracking system that helps users in sports analytics and personal training. It offers coaches and athletes real-time data on body movements, improving performance and decreasing injury risks, all from the user’s iPhone or iPad, without the need for additional hardware.

4. AR-Enabled Wearable Smart Glasses

AR-enabled smart glasses had a commercial breakthrough in 2024. Unlike their predecessors, these glasses combine AR technology with real-time data and personal assistant functionalities while maintaining the style and comfort of traditional eyewear. They can display notifications, navigation arrows, and speech in real time, revolutionizing the way users interact with the world and translating digital information into the physical realm.

5. Snap’s Next-Gen Spectacles

Snapchat’s new generation of Spectacles has taken social media interaction to another level. These spectacles allow users to create, share, and view AR content directly on eyewear. With built-in cameras and direct Snapchat integration, users can share their views with followers in real time, offering a new form of interactive storytelling that’s particularly popular among content creators and influencers.

The potential for AR technologies is astonishing, especially with ongoing advancements in AI. The integration of AI with AR will continue to improve the user experience, making interfaces more intuitive and content more personalized. Future innovations may lead to even better integration between digital information and the physical world and make AR an indistinguishable part of daily life. As AI becomes more sophisticated, we can expect AR applications to become even more adaptive, not just to our preferences but also to our needs before we even express them. This could revolutionize fields such as medicine, education, and communication, with AR remaining at the forefront of technological advancement.


[ad_2]
Source link

The EU says “not so fast” to Meta’s AI data training plans

andreasc
-
0
The EU says “not so fast” to Meta’s AI data training plans
[ad_1]

Europe might be preoccupied with the football (or soccer) finals tournament right now, but the EU regulators are not cutting Meta any slack.

Meta decided to delay the launch of its AI models in Europe: this comes after a directive from the Irish privacy regulator to delay Meta’s plans to use data from Facebook and Instagram users. At the core of it all is the advocacy group NOYB, a non-profit organization based in Austria, which urged data protection authorities in several European countries to take action against Meta.

The issue lies in Meta’s intent to use personal data for training its AI models without user consent, though Meta claimed it would only use publicly available and licensed online information. The Irish Data Protection Commission (DPC) asked Meta to postpone training its large language models (LLMs) with public content from Facebook and Instagram users.

Meta expressed disappointment over the request, noting that it had incorporated regulatory feedback and kept European data protection authorities informed since March. The company stated that without local information, it couldn’t offer a high-quality experience, thus preventing the launch of Meta AI in Europe.

In my humble opinion, though, whatever Meta has planned will happen – it’s just a matter of time. I think the AI race is too important for the behemoth corporations to just let go of.

Apple joins the EU “party” with Meta


Meanwhile – again on the Old Continent – Apple and Meta are likely to face charges under the EU’s Digital Markets Act (DMA) before the summer, another Reuters report reads. The European Commission, having launched investigations into Apple, Meta, and Google in March, prioritizes Apple and Meta. The DMA aims to curb Big Tech’s power, foster competition from smaller rivals, and facilitate easier movement between competing online services.

EU regulators plan to issue preliminary findings akin to antitrust charges by August, with Apple expected to be charged first, followed by Meta. While the Commission and Meta declined to comment, Apple reiterated its confidence in complying with the DMA and its ongoing constructive engagement with the Commission.

Penalties could include fines up to 10% of a company’s global annual turnover for violations.

Apple is likely facing charges because its rules make it hard for app developers to tell users about offers outside the App Store, and it has added new fees for developers. Another investigation about Apple’s choice screen for the Safari web browser is expected to take more time. Meta is being investigated for its new model, where users either pay a subscription fee or give consent for ads on Facebook and Instagram.

In other words, the summer is getting hotter by the day for Apple and Meta!

[ad_2]
Source link

Hackers Employing New Techniques To Attack Docker API

andreasc
-
0
Hackers Employing New Techniques To Attack Docker API
[ad_1]

Attackers behind Spinning YARN launched a new cryptojacking campaign targeting publicly exposed Docker Engine hosts by using new binaries chkstart (remote access with payload execution), exeremo (lateral movement through SSH), and vurld (Go downloader for malware retrieval) and a persistence mechanism that modifies systemd services with ExecStartPost for malicious commands. 

It targets Docker API endpoints without authentication and shares TTPs with Spinning YARN, leading to high confidence they are linked, while analysis of individual payloads is crucial to understanding these campaigns’ evolution as they reuse names for updated or replaced payloads. 

systemd unit files

The Spinning YARN malware campaign exploits misconfigured Docker, Apache Hadoop, Redis, and Confluence servers, infecting the system by scanning for open port 2375 and then deploying an Alpine Linux container. 

The container exploits the Docker host by binding the root directory, giving the attacker full access to the system.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot

The attacker then installs persistence by adding cron jobs that fetch and execute malicious shell scripts. These scripts download additional tools and payloads that ultimately disable security measures, steal information, and potentially install cryptomining software. 

Example contents of a modified amazon-ssm-agent.service

The chkstart malware establishes persistence on an Amazon Linux EC2 instance by modifying systemd unit files, searches for systemd services with the “enabled” status, and injects a malicious command (ExecStartPost) to execute a hidden binary named “top” upon their startup. 

According to Datadog Security Researchers, it modifies the SSH daemon configuration to accept SSH keys from specific locations, enabling the attacker to add their own key for unauthorized access. 

Once persistence is achieved, the “top” binary, revealed to be a custom-built XMRig cryptocurrency miner, utilizes the compromised system’s resources for crypto mining.  

Lateral Movement:

Exeremo, a malicious Go binary, extracts usernames, hostnames, SSH keys, and ports from compromised servers’ shell history, SSH configs, and known_hosts files, then uses this information to spread laterally by connecting to other SSH servers and executing a remote shell script (ar.sh) on them. 

Exeremo also retrieves and executes another script (s.sh) that installs scanning tools and deploys a custom Docker discovery utility. s.sh disguises a malicious binary (sd) as a common HTTPD process and configures it for persistence using systemd.  

systemctl commands

The newly discovered payloads, sd/httpd and fkoths, are both Go ELF binaries. sd/httpd scans for vulnerable Docker Engine hosts and exploits them using the described techniques. 

fkoths removes Docker images created during the initial infection and modifies the hosts file to block communication with the Docker registry by demonstrating continued development of the Spinning YARN campaign but doesn’t introduce novel functionalities.  

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link

A week in security (June 10 – June 16)

andreasc
-
0
A week in security (June 10 – June 16)
[ad_1]
Truist bank logo

June 14, 2024 – On Wednesday June 12, 2024, a well-known dark web data broker and cybercriminal acting under the name “Sp1d3r” offered a significant…

Google Pixel logo

June 13, 2024 – Google revealed that a firmware vulnerability in its Pixel devices has been under limited active exploitation

Adobe logo

June 12, 2024 – Adobe announced changes to its ToS which sparked backlash among users, so it posted an explainer to take away the major concerns

23andMe logo

June 11, 2024 – Canada’s and UK privacy authorities are going to investigate the data breach at 23andMe to assess what the company could have done better.

A bright "X" is placed at the center of red, concentric circles, which are inside a pink square

June 11, 2024 – Digital sharing is the norm in romantic relationships. But some access could leave partners vulnerable to inconvenience, spying, and abuse.


[ad_2]
Source link

FBI Arrested U.K. Hacker Link to Scattered Spider Hacking Group

andreasc
-
0
FBI Arrested U.K. Hacker Link to Scattered Spider Hacking Group
[ad_1]

A 22-year-old British man was apprehended by authorities in Palma de Mallorca, Spain.

The arrest, carried out by the United States Federal Bureau of Investigation (FBI) in collaboration with the Spanish Police, marks a breakthrough in the fight against cybercrime.

According to a recent tweet from vx-underground, a U.K. hacker who was arrested by the FBI and linked to the scattered spider hacking group.

Allegations and Arrest Details

The currently unidentified male is allegedly behind a series of high-profile cyberattacks targeting large enterprises.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot

These attacks reportedly resulted in the theft of sensitive corporate information and facilitated unauthorized access to multi-million-dollar funds.

While specific details about the nature of the cybercrimes remain undisclosed, the suspect is broadly described as a “hacker” who “stole information,” leading to financial gains for his group.

The arrest was executed as the suspect attempted to flee Spain for Italy.

A judge in Los Angeles, California, had issued a warrant for his arrest, underscoring the international scope of the investigation and the coordinated effort between U.S. and Spanish authorities.

Media outlets in Spain captured footage of the arrest, which has since gone viral. The suspect’s face was censored in the footage, maintaining his anonymity.

The arrest of the British hacker is a significant milestone in the ongoing battle against cybercrime.

Authorities are now focused on uncovering the full extent of the suspect’s activities and identifying other Scattered Spider hacking group members.

The case highlights the importance of international cooperation in tackling cyber threats and protecting corporate and financial interests from malicious actors.

As the investigation continues, more details will emerge, shedding light on the methods and motivations behind these sophisticated cyberattacks.

For now, the arrest serves as a reminder of the ever-present threat of cybercrime and the relentless efforts of law enforcement agencies to bring perpetrators to justice.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free


[ad_2]
Source link
1...108109110...1,452Page 109 of 1,452