Posted: by
The most interesting security related news from the week of February 6 to 12.
Last week on Malwarebytes Labs:
[ad_2]
Source link
Posted: by
The most interesting security related news from the week of February 6 to 12.
Last week on Malwarebytes Labs:
Ahead of MWC later this month, Qualcomm has announced a new 5G modem in the Snapdragon X75. The company claims that this new modem “sets the benchmark for smartphone connectivity with the world’s first 5G Advanced-ready Modem-RF System”.
This is the 6th generation modem-to-antenna solution and it’s the first that is ready to support 5G Advanced. Which is going to be the next phase of 5G. This does introduce new architecture, a new software suite and includes numerous world’s first features to push the boundaries of connectivity. This includes latency, power efficiency, coverage and mobility.
It also uses a dedicated hardware tensor accelerator, the Qualcomm 5G AI Processor Gen 2. Which will enable over 2.5 times better AI performance. This is when compared to Gen 1.
Qualcomm is proud to note that this is the first in the world to have 10-carrier aggregation for mmWave, 5x downlink carrier aggregation and FDD uplink MIMO for sub-6 GHz bands. This is going to allow for unparalleled spectrum aggregation and capacity.
It also has converged transceiver for mmWave and Sub-6 paired with new Qualcomm QTM565 fifth generation mmWave antenna modules. This will reduce cost, board complexity, hardware footprint and power consumption.
Qualcomm has also include AI-based sensor-assisted mmWave beam management for superior connectivity reliability and AI-based location accuracy enhancements. Qualcomm 5G PowerSave Gen 3 and Qualcomm RF Power Efficiency Suite is included here for extended battery life, carrying on from the most recent modems and SoCs from the company.
The new Snapdragon X75 5G modem is currently sampling and the company expects that commerical devices will launch in the second half of 2023. While we don’t know for sure, it sounds like this will be part of the Snapdragon 8+ Gen 2 that typically launches for the second half of the year.
POCO’s latest M series smartphone, Poco M5 is now available globally. POCO M series consistently offers great performance and bargain basement pricing. Let’s dive in and see how the new POCO M5 stacks up against previous POCO devices and against the competition.
The yellow box reveals a yellow insert with a clear TPU case, screen protector, SIM tool, and paperwork. Underneath is the Black Poco M5 smartphone. Below the smartphone are an 18W charging brick, and a USB-C cable. The retail box has everything to get you going in terms of charging and device protection.

First impressions –at first glance the newer M5 looks more like the POCO M3 from 2020. The POCO M4 series didn’t include a base version hence there isn’t a predecessor from 2021 to compare the new POCO M5 against.
I like the textured plastic back cover that mimics faux leather. It resists fingerprints and smudges quite well and provides a good grip without a case. The rear camera module design is also eye-catching in my opinion. The POCO logo is large enough to be spotted from at least 10 feet away.
The rails on the sides are flat and mimic the look of Redmi Note 11 series. On the top rail is a headphone jack and a microphone. Moving on to the left hand side, there’s a dual-SIM tray which also contains a slot for a micro SD card. Down on the bottom rail there’s a USB-C charging port, microphone, and a single speaker grille. The right-hand side rail has the power button with an integrated fingerprint scanner and above it is the volume rocker.

The front display is a 6.58″ FHD+ IPS LCD panel. Refresh rate is 90Hz which is a nice touch for a budget device. Instead of the usual punch hole, the selfie camera is a teardrop and bezels are a bit chunkier than more expensive devices. To give you an idea about the bezels, mid-range devices that are physically the same size tend to sport around 6.8-inch displays.
One thing that I cannot wrap my head around is that the POCO M5 has a smaller 5,000 mAh battery versus the 6,000 mAh in the older POCO M3 and yet for some inexplicable reason is heavier. Both have the vegan leather back, plastic frame and Gorilla Glass 3. So I am not sure what is going on here.
Despite the hefty 201 gram weight, the overall ergonomics are great but this is a large phone. So folks with small hands might want to check out the slightly more petite POCO M5s. The POCO M5 comes in Black, Green, and Yellow. Three versions are offered in terms of storage and RAM: 4GB+64GB, 4GB+128GB, and 6GB+128GB. The Green looks the best of the bunch, unfortunately, we only got the Black color device for review.

The POCO M5 has a 6.58″ IPS LCD dot display. It has a 90Hz refresh rate and the ability to toggle between 30Hz/60Hz/90Hz depending on scrolling, video, or gaming apps. The resolution is 1080 x 2408 pixels, yielding a pixel density per inch of 401 PPI. The aspect ratio is 20:9 aspect ratio which is what most modern smartphones have. The 83.6% screen-to-body ratio is quite good for a budget smartphone, in my opinion.
POCO kept the same Corning Gorilla Glass 3 to protect the LCD display which isn’t bad. Screen brightness is 500 nits, on an extremely hot and sunny day in Southern California, it still displayed enough information in direct sunlight. Check out the picture and decide for yourself.

POCO M5 is powered by a MediaTek Helio G99 chip based on the 6nm manufacturing node. The choice of a better processor than the slightly more expensive POCO M5s is a bit strange. But I guess POCO/Xiaomi have enough marketing data to justify the hardware choices they made.
Geekbench 5 scores are almost as good as the Snapdragon 7 series. Single-core score is 552 and the multi-core score is 1900. My current daily driver is a Pixel 5, and that device has a single-core score of 590 and a multi-core score of 1616. So you can see that from a performance perspective, the POCO M5 should not struggle with daily tasks including gaming at medium settings.
During my review period, the phone had zero hiccups with Twitter, YouTube, YouTube Music, and some light gaming. POCO sent us the top-end M5 with 128GB storage and 6GB RAM. MIUI 13 allows you to extend the onboard RAM by 2GB if you intend to use the phone extensively for gaming.

POCO M5 out of the box came with MIUI 13 and the August 2022 security update. POCO M5 is device number 12 for review in 2022 courtesy of POCO/Xiaomi. So it is safe to say that there isn’t something new to report as far as MIUI13 goes. I wasn’t able to find anything new to report in the POCO launcher as well.
Android as an operating system has matured quite a bit and MIUI is also now making incremental changes versus radical ones from a few years ago. And this is not a bad thing. Operating systems for modern smartphones have plateaued somewhat.
I like that the POCO launcher keeps things fairly close to stock Android or Pixel experience from around late 2020. Another plus with MIUI is all the features you get across the entire range, from a budget smartphone like the M5 to the flagship POCO F4 GT.
Now that we have all the platitudes out of the way, let’s address some of the software downsides. The obvious one is pop-up ads. To keep the price low, POCO/Xioami do bundle ads in the UI experience on their budget offerings. However, you can improve your software experience dramatically by getting rid of the pesky ads. Just follow our step-by-step guide shown below.
During initial setup, out of the box ensure that you turn off Personalized Recommendations. Once you have the phone set up and arrive at the home screen, then manually go into Themes, File Manager, Security, and Cleaner apps. Once you are in the app, go to Settings and turn off Recommendations/Ads in each of these specific apps.
After performing these steps you will be able to pretty much eliminate ads from showing up during daily use. Five minutes of extra effort is worth having an ad-free user experience.

POCO M5 has a 5,000 mAh battery which is smaller than the older POCO M3. Losing 1,000 mAh doesn’t really impact the battery life much because the newer Helio G99 is based on a far more efficient 6nm manufacturing process.
On average during my review, I saw battery life hover around 7-hour screen on time. With more outdoor usage it would be slightly less than 7 hours and on Wi-Fi, you can even eke out close to 7.5 hours with this smartphone. If you are upgrading from the POCO M3 though be warned that the older reverse charging feature is no longer available.
For light to moderate users, this is definitely a two-day charge cycle smartphone. Even heavy users should not fear that they will run out of battery as long as they start the day with 100% in the tank.
The recharging speed is still 18W and there’s a charging brick in the box. Charging times are a bit on the slow side. Zero to 50% is about an hour and a full charge takes closer to just over 2 hours. So it’s probably best that you charge this phone overnight.

There is a 50MP main camera on the rear of POCO M5. The other two cameras are just 2MP with f/2.4, one is for macro shots and the other helps with depth sensing. In the front, there is a 5MP f/2.0 selfie camera. So on paper, the main camera is a slight upgrade while the selfie camera is a definite downgrade.
The quality of the photos during the daytime is pretty good. Pictures tend to be colorful, and vivid with good detail. Colors are generally accurate although a bit on the cooler side with good dynamic range. Sharpness is good enough for the price. Overall this is a good camera for daytime still photography, especially outdoors.
Once you get into indoor lighting or twilight situations the results are not that great. Pictures tend to get noisy quickly and in nighttime lighting they can get blurry in a jiffy. Overall though, the results are good enough to remain competitive in the budget smartphone market.
Macro shots are definitely underwhelming. I wasn’t able to get one reasonably clear shot to include in the camera sample gallery. Portraits on the other hand in outdoor lighting come out great thanks to the main camera and the 2MP depth sensor. Details are preserved well and there’s good edge detection and background blur.
Selfie camera results tend to suffer from poor white balance and suffer from overexposure, especially in video mode. Portraits with the selfie camera are so-so with a hit-and-miss in terms of edge detection and background blur.
If you like to take videos you might want to invest in a gimbal because while colors, dynamic range, and white balance are good the videos are quite jittery even if you are shooting while walking at a slow pace. Selfie videos are not that great and the microphone recording quality is poor. Take a look at some sample pictures in our Flickr gallery below.
POCO M5 Camera Samples – Flickr Gallery
My main gripes are no ultrawide camera and a subpar selfie camera experience. Other than that the POCO M5 does the job in terms of camera performance for being a sub €200 phone.

I was bummed to see only a single bottom-firing speaker on the POCO M5. And it is very easy to cover it up, especially while gaming. Usually, we see POCO/Xiaomi devices with dual speakers and top and bottom speaker grilles. So it is disappointing that the M5 has only one speaker.
There is one redeeming audio feature and that is the headphone jack. Output from the jack is quite good and the same is true while using wireless earbuds via Bluetooth.

The POCO M5 got LTE or LTE+ signal along with the VoLTE symbol out of the box on the T-Mobile network. I am based in a hilly region here in Southern Californi and so the data speeds aren’t that great. POCO M5 download speeds were around 1-2 Mbps but I blame my network and not the smartphone. My daily driver – Pixel 5 – gets equally poor data download speeds.
POCO M5 does all the regular tasks – calling, texting, updating apps, browsing the web, or watching videos with ease on data and Wi-Fi. MIUI 13 offers you additional connectivity options such as Mi Share, Nearby Share, Screen Cast, and IR blaster. Just like the POCO M5s, this POCO M5 has NFC which works great. And yes, it also has the constant NFC on notification bug. I hope POCO/Xioami fixes this in a future software update.

The Poco M5 is a great budget smartphone. It has great-looking hardware, excellent benchmark performance, fluid software experience, superb battery life, and a fairly good 90Hz display. There are some nice perks like a headphone jack, micro SD card support, and NFC onboard. And the main camera performance is more than adequate considering the price.
So what are the downsides you ask? Well, the single speaker is quite average, the charging speeds are quite slow, the selfie camera could be better and there’s no ultrawide camera.
For an entry-level smartphone, I believe the POCO M5 checks all the right boxes. If you want a smartphone that has better speakers, faster-charging speeds, and an ultrawide camera, well it’s easy. Just get the slightly more expensive POCO M5s. But keep in mind that the more expensive device has an inferior MediaTek processor. But for just €189 the POCO M5 packs a serious punch for a budget smartphone.
This week on Lock and Code, we speak with Josh Saxe about artificial intelligence, machine learning, security, and where the three intersect.
In November of last year, the AI research and development lab OpenAI revealed its latest, most advanced language project: A tool called ChatGPT.
ChatGPT is so much more than “just” a chatbot. As users have shown with repeated testing and prodding, ChatGPT seems to “understand” things. It can give you recipes that account for whatever dietary restrictions you have. It can deliver basic essays about moments in history. It can — and has been — used to cheat by university students who are giving a new meaning to plagiarism, stealing work that is not theirs. It can write song lyrics about X topic as though composed by Y artist. It can even have fun with language.
For example, when ChatGPT was asked to “ Write a Biblical verse in the style of the King James Bible explaining how to remove a peanut butter sandwich from a VCR,” ChatGPT responded in part:
“ And it came to pass that a man was troubled by a peanut butter sandwich, for it had been placed within his VCR, and he knew not how to remove it. And he cried out to the Lord, saying ‘ Oh Lord, how can I remove this sandwich from my VCR, for it is stuck fast and will not budge. ’ ”
Is this fun? Yes. Is it interesting? Absolutely. But what we’re primarily interested about in today’s episode of Lock and Code, with host David Ruiz, is where artificial intelligence and machine learning — ChatGPT included — can be applied to cybersecurity, because as some users have already discovered, ChatGPT can be used to some success to analyze lines of code for flaws.
It is a capability that has likely further energized the multibillion-dollar endeavor to apply AI to cybersecurity.
Today, on Lock and Code, we speak to Joshua Saxony about what machine learning is “good” at, what problems it can make worse, whether we have defenses to those problems, and what place machine learning and artificial intelligence have in the future of cybersecurity. According to Saxony, there are some areas where, under certain conditions, machine learning will never be able to compete.
“If you’re, say, gonna deploy a set of security products on a new computer network that’s never used your security products before, and you want to detect, for example, insider threats — like insiders moving files around in ways that look suspicious — if you don’t have any known examples of people at the company doing that, and also examples of people not doing that, and if you don’t have thousands of known examples of people at the company doing that, that are current and likely to reoccur in the future, machine learning is just never going to count with just manually writing down some huristics around what we think bad looks like.”
Saxony continued:
“Because basically in this case, the machine learning is competing with the common sense model of the world and expert knowledge of a security analyst, and there’s no way machine learning is gonna compete with the human brain in this context.”
Tune in today
You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use.
Show notes and credits:
Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)
Samsung has received record-breaking pre-orders for the Galaxy S23 series in its homeland South Korea. According to local sources, the company received 1.09 million pre-orders for the new Galaxy flagships in the country. The devices broke pre-order records in India as well.
Samsung unveiled the Galaxy S23 lineup on February 1. While pre-orders began immediately after launch in most markets, the company kept fans on its home turf waiting until February 7. The pre-order period in South Korea ran until this Monday, February 13. During those seven days, as many as 1.09 million people in the country ordered the new Galaxy smartphones. The previous record was 1.01 million set by last year’s Galaxy S22 series over eight days.
Unsurprisingly, the Ultra model is the crowd favorite once again. The Galaxy S23 Ultra has accounted for about 60 percent of overall pre-orders (650,000 units). The base Galaxy S23 accounted for 23 percent of pre-orders, while the Galaxy S23+ captured the remaining 17 percent share. This has been the trend in recent years. The Plus model has been the worst-selling device in the lineup. Perhaps that is why Samsung is mulling canceling it altogether next year, launching only two Galaxy S24 models.
Samsung’s pre-order promotions may have also helped drive Galaxy S23 Ultra sales. The company offered a 44mm Galaxy Watch 5 Bluetooth model for free to anyone who pre-ordered the 1TB storage variant of the phone, which is priced at KRW 1,962,400 (approx. USD 1,530) in South Korea. All buyers also got the SmartThings Station for free, along with a discount coupon for the Galaxy Buds 2 Pro. This is on top of the free storage upgrade that Samsung is offering in most markets.
Samsung’s latest flagships aren’t only popular in its home country. The word of mouth is very strong and is helping drive sales globally. The phones received record-breaking pre-orders in India as well. While we don’t have the total numbers, the Galaxy S23 trio reportedly received 1,40,000 pre-orders in the country within the first 24 hours. That’s twice as much as the Galaxy S22 series last year.
This overwhelmingly positive response from the public may help Samsung achieve its Galaxy S23 sales target this year. The company is looking to sell at least 26 million units of the three models combined, about ten percent more than the Galaxy S22 series. It’s an ambitious target considering the current market situation. Time will tell whether the Korean firm manages to sell that many Galaxy S23 phones by the end of 2023.
After the whole LastPass fiasco, many users are wary of entrusting their sensitive information to online password managers. But the era of password-protected vaults may soon be a thing of the past, as leading tech companies, including 1Password, are pushing for a new form of authentication technology that is more secure than passwords called passkeys. The company recently announced plans to support passkeys in the summer of 2023, allowing users to log in to accounts without using a master password.
This move follows the acquisition of ID authentication start-up Passage and the company’s announcement last year that users would soon be able to log in to apps and websites through its platform using passkeys. While 1Password already supports biometric authentication, CPO Steve Won believes that “For passkeys to be the way forward, it’s not enough for them to replace some of your passwords. They have to be able to replace all passwords – including the one you use to unlock 1Password.”
Developed by the FIDO alliance, Passkeys, rather than relying on traditional passwords, which can be vulnerable to theft or compromise, uses public key cryptography and unique digital keys stored on your device to allow users to log in using their device’s authentication, such as a fingerprint or face ID scan. This eliminates the risk of phishing attempts, as malicious actors would not have access to the site-stored counterpart to the device-stored keys.
The company’s shift towards passkeys follows in the footsteps of other companies, such as Dashlane, which has already incorporated this technology into its service. Further, Google has also released the Credential Manager API to make it easier for app developers to support multiple login methods, including passwords and passkeys.
1Password will roll out the passkeys feature later this summer, but according to CPO Won, “The migration to passwordless won’t happen overnight, so we’re going to make it optional to start when we hit this summer. We have to meet people where they are. However, our goal is to go passkey-only as soon as possible.”
The tablet market is not where it used to be. These devices were snuffed out by the phablet market a few years back, and now it’s struggling. However, companies like Honor still want to prove that tablets are still relevant. We were given the opportunity to review the new Honor Pad 8. Should this tablet be your next business companion? Let’s find out.
Starting off with this tablet’s design, there’s not much that stands out. It’s a pretty straightforward slab with a singular camera housed in a slight camera bump. It has a solid metal body that feels nice to the touch. Picking up this tablet, it doesn’t feel like you’re grabbing a cheap device at all.

We have two speakers on each side of the tablet with the USB-C port in between one pair. There’s no headphones jack for this device, unfortunately, so it’s either the speakers or your Bluetooth headphones.
There is one strange decision that the company made regarding the volume rocker. Though this is a device best used in landscape mode, the volume rocker is set up to operate as though you’re using it in portrait mode. So, when you flip it to landscape mode, the volume button works opposite of how you’d expect them to work.
The Honor Pad 8 comes with a nice 12-inch 2000 x 1200 LCD panel. There aren’t any bells or whistles with this display, but it’s still a great panel to look at. We’ve become accustomed to looking down on LCD displays compared to OLED displays, but times have changed.

This display has great punchy colors, exceptional contrast, and amazing viewing angles. This is definitely an upper-tier LCD display. If you want to adjust the color temperature of the display, you can do so from the settings.
This display’s about 16% sharper than a traditional 1080P display, but you’ll notice some pixels if you really look closely at the screen. Regardless, the screen is still pretty sharp for its size.
The Honor Pad 8 comes with a fantastic set of quad-speaker. They’re set up to have two speakers on each side of you while in landscape mode.

As for the audio quality, these speakers have a lot of depth to their sound. There’s decent bass in the sound with enough attention to the mids and treble to create an all-around great listening experience.
While listening to classical music, it’s an extremely well-balanced experience, but they really shine while listening to more modern music.
If you want to choose between different sound profiles, you can do so in the settings. Digging into the sound settings, you can choose different EQ presets based on different listening scenarios. You can pick a preset for music, games, movies, or vocals. There’s also a standard mode and an auto mode. The auto mode chooses a preset based on what you’re doing.
This tablet doesn’t exactly have the latest and greatest silicon under the hood, but it’s tough to notice in real-world usage. It uses the Qualcomm Snapdragon 680 4G SoC. However, the instances of stutter within the interface were extremely rare. Gliding through the interface is buttery smooth, and the fluid animations only make it better.
On the gaming front, the Honor Pad 8 was able to easily handle any game that I threw at it. It, of course, handled the simple 2D titles like Simon’s Cat’s “Crunch Time” and simple 3D games like Final Fantasy VII with no hassle.
But, those aren’t going to broil a GPU. Kicking things up a notch, I went and installed Genshin Impact on the tablet. It played respectably smooth with only slight jitters every once in a while. It was more than playable. You should have no trouble making this your primary gaming mobile device.
The camera is the only area where this tablet truly fails. Being a tablet, you shouldn’t really expect it to have stellar camera performance. However, in the case of the Honor Pad 8, it’s really bad.
You’re given a 5MP camera on both the front and the back. This low resolution, coupled with the large size of the screen, makes taking photos with this tablet a rather poor experience.
Not only are the images extremely grainy and blurry (even in good lighting conditions), but once you turn the lights down a little, the quality degrades quickly.

In bright lighting conditions, you’ll have better luck but not much. Also, to make things worse, the colors and dynamic range are just not there. The story is the same for the front-facing camera.
While the camera quality is bad, it’s a feature that you’re not likely to use on a tablet. If you’re in a pinch, it will get the job done, but it’s understandable that the company chose this to compromise.
The battery life for this tablet is amazing. It’s rocking a 7,250mAh battery. I was able to go through heavy work days with hours of writing and some light gaming, and I ended the day with more than 30% left. You’re good to bring this tablet out with you for a workday and not worry about needing a charger.

When it comes to charging, you get up to 22W charging. It’s not the fastest out there, and it will charge the battery in a few hours, so you’ll want to plan your charges.
The latest version of the software I’m using is Honor’s Magic UI 6.1 running on Android 12. This is a heavily-modified Android skin. Thus, you’re not going to see any Material You influence at all. This means that there’s also no Dynamic Color, unfortunately. The camera and microphone indicators are there, however.
Honor took the software in its own direction, and it work for the most part. One issue is that some parts of the software remind me of the software on older Samsung devices. The settings menu even resembles TouchWiz from back in the day (yikes!).
Overall, the software is great to navigate. However, since it’s so departed from stock Android, it doesn’t seem likely that it will get the tablet optimizations we see with Android 12L and 13. The software is still the phone version of Android but stretched out. You still have the benefit of using tablet-optimized first-party Google apps like YouTube Music and Google Calendar.
There are a few little things that I had an issue with. They’re not gigantic, but they’re still worth noting.
Firstly, this tablet uses facial recognition to unlock it along with a passcode. The facial unlocking isn’t the best. There are times when I need to move the tablet when the lighting conditions aren’t absolutely great. I think that the low resolution of the front-facing camera contributes to this difficulty.

Lastly, if you want to add widgets, they’ll be a bit hard to find at first. There isn’t really a widgets section in the home screen settings. Rather, it’s referred to as “Cards” (Cards are Honor’s first-party apps’ widgets).
You’ll have to scroll all the way down in the cards section and tap on the “Classic Widgets” button. The button itself is really out of the way. You’ll then see all of the standard widgets for your other apps. Honor put so much emphasis on its first-party product that it neglected such a basic feature. It’s a little frustrating.
In a word, yes! This is a fantastic tablet for its price, and it punches far above its weight class. The performance, speakers, and display are great, and the software is not too shabby.
The only downside is the camera, but the majority of people won’t even use it. This makes it easy to give that aspect a pass.

If you’re looking for a great device for both work and play, then I highly recommend that you pick up the Honor Pad 8.