Earlier this month Samsung revealed its latest devices, which included the new Galaxy Book 3 Pro and Galaxy Book 3 Ultra, both of which you can now pre-order. The Galaxy Book series has always been about providing consumers with a premium laptop experience, but this year Samsung took it up a notch. The Galaxy Book 3 Ultra in particular showcases Samsung’s commitment to amping things up.
Not only does it come with 32GB of RAM, but it’s powered by up to a 13th Gen Intel Core i9 CPU and an NVIDIA RTX 4070 GPU. The aim here is likely to capture the creator consumer. Someone who needs a powerful enough laptop for content creation or professional use. But the specs seem to be more than capable of handling other high-load activities, too. Such as gaming.
This begs the question then. Is the Galaxy Book 3 Ultra a good gaming laptop option? Well, it’s not a gaming laptop per se. But it does seem equipped to handle games with decent graphics settings. The better question might be whether or not the cooling is up to the task. And if so, for how long?
Either way, if you’re looking for a premium laptop for, whatever your needs are, Samsung’s latest are up for pre-order through the company directly.
Pre-order the Galaxy Book 3 and get a free storage upgrade
Samsung usually has pre-order offers available for those that jump on their latest products early. And this time is no different. If you pre-order the Galaxy Book 3, you get a free storage upgrade. More specifically, Samsung will sell you the 1TB model for the same price as the 512GB model. So for example, if you pre-order the Galaxy Book 3 Ultra with an Intel Core i9, you can get the 1TB model for $2,499.99. This would normally be $2,999.99. And that’s the price it’ll go up to once the pre-order promotion is over.
The same storage upgrade offer is available for the other two models as well – the Galaxy Book 3 Pro and Galaxy Book 3 Pro 360. You can find all three at Samsung’s website.
Google Assistant is considered by most device users to be the best virtual digital assistant beating out Alexa, Siri, Bixby, and others. But you might have noticed (and in all honesty, it isn’t hard to spot) that on Android, Google Assistant is always in Dark mode even if you have your system setting on Light mode. Back in October, Google said that Light mode is no longer available for Assistant on Android.
Now, Google has issued a support page titled “Assistant Uses Dark Mode By Default” in an attempt to revisit the issue. On the page, Google writes, “Google Assistant regularly tries new ideas to see what works and what could work better. This includes ways to make our products look and feel consistent throughout our product ecosystem.”
The company continues, “To offer a more helpful visual experience across all your devices, including Pixel Watch and Google TV, when you engage with Assistant on mobile Light mode is no longer available – it will now have a dark appearance, even if you have Dark theme turned off in your phone settings.”
The bottom line is that you shouldn’t expect to see Google Assistant in any other theme other than Dark and if you’re not a fan of white text on a black background, you’re SOL (Google it).
Google Assistant, on the bottom of the screen, will show up in Dark mode only on Android
As we told you less than a week ago, Google Assistant will be playing a key part in the new Google Lens feature “Search your screen.” This feature allows users to employ Lens to search photos and videos from websites and messaging and video apps. For example, if someone sends a video to you via your Messages app and you see a landmark in the background that you’re curious about, activate Google Assistant by long-pressing on your Android’s power or home button. Tap on “search screen” to get the info you want.
This feature is part of an update that will be disseminated over the upcoming months.
Perhaps there will be a day in the future when Google gives Android users the ability to decide whether they want to see Google Assistant in Dark Mode or Light Mode. But for right now, if you’re an Android user, you have no choice.
A WiFi 6E-compatible router from Google has been long awaited, and it’s finally here. It’s here at a price that is much less than the competition. For example, the eero 6E is priced at $299 for the same single-pack that Google is charging $199. And that’s actually the least expensive competitor for Google. So this is a big deal.
But the real question is, is the Nest WiFi Pro any good? Typically when a product significantly (by about 33%) undercuts the competition, it’s not very good. So is that the case here? Let’s find out in our Nest WiFi Pro Review.
Google Nest WiFi Pro Review: Unboxing & Setup
I’ll be frank here, when FedEx dropped off the Nest WiFi Pro, I thought maybe something else had been delivered. I was expecting it to be bigger and weigh more. But the Nest WiFi Pro is actually fairly small compared to the eero 6+ that I recently tested out. The Nest WiFi Pro itself is about the same size and height as my Comcast modem. Which is fairly impressive.
In the box, you’ll get the Nest WiFi Pro, an Ethernet cable, power cable and of course some instructions. It’s pretty minimal. To get started, plug it into the wall, and plug your modem into the Nest WiFi Pro.
Setting it up was quite easy. You just open the Google Home app and it should find your Nest WiFi Pro to setup. It took me about 5 minutes to set it up. And the actual input from me was pretty minimal. Making it very easy to do is a big deal. This means that I’d have no regrets about recommending my parents to get the Nest WiFi Pro for their home.
When I initially set it up, I tried to be lazy and just use the same SSID and password as my old network (which was on the eero 6+). That way I wouldn’t have to reconnect every single device in my house. That worked for about two days, until the network stopped allowing new devices to join and even refused to let known devices rejoin. So I had to factory reset it and set it up again, with a different SSID. So just a word of caution to those hoping to take the lazy way out, it might not work.
Otherwise, setup was extremely easy, and I wish all smart home products were this easy to do.
Google Nest WiFi Pro Review: Design
The design is quite polarizing, surprisingly. It’s surprising because it’s a router. But Google wanted to design this router to look nice, so that you won’t hide it away in a cabinet. That’s not a good thing to do with your router, as it will mess up your signal and speeds. It’s always good to put out in the open, and about halfway between the floor and ceiling.
So this router looks like an Easter Egg, and the pastel colors doesn’t help this very much either. I actually don’t mind the color. It matches my Comcast router and Philips Hue Bridge that are all connected to it. But the only issue I have with it is, that it is glossy. The older Nest WiFi is not glossy, and is a matte finish, which looked really nice. For some reason, the Nest WiFi Pro is glossy, which means you’re going to see more dust, dirt, scratches and more on the router. Making the whole “let it be part of your decor” thing, a bit irrelevant.
Nest WiFi Pro colors
Google does offer the Nest WiFi Pro in four colors: Snow, Linen, Fog and Lemongrass.
Google Nest WiFi Pro Review: Managing your network
As mentioned already, the Nest WiFi Pro is all managed within the Google Home app. Which makes things a whole lot easier for controlling all of your smart home devices. Once it is setup, you’ll see a new option at the top for “WiFi”, between Cameras and Routines. Just tap on that to manage your Nest WiFi Pro system.
Within the WiFi section, you’ll see the name of your WiFi at the top, along with how it’s doing. That includes a message telling you that everything is connected and working normally, or not. There’s also indicators for the internet, WiFi devices and then how many devices are connected at this time. Below that, you can see your network and devices. You can run a speed test within the app. Now I like this feature, because it does record your speedtests so you can see how things used to be, if you’re having issues. It does also run speedtests on its own to make sure things are running properly.
Now if you tap on “devices”, you are able to see what’s connected, and what kind of bandwidth they are using. You can prioritize specific devices as well. Google will let you show real-time usage, usage over the past day, week and month. Which can be very useful. This made me realize just how much bandwidth my Nest Cam uses everyday, it was a shocker.
Overall, the app makes it very easy to keep tabs on your network, prioritize devices, and apps you might use (like Zoom or Luna), and to see when you’re having problems.
Google Nest WiFi Pro Review: Should I buy it?
The Google Nest WiFi Pro is a pretty good WiFi 6E router, and definitely going to be future-proof for probably a decade or so from now. So even at $199, it’s a good investment for your home. If you’re still working from home and have a lot of devices on your network, then it’s definitely worth the money.
You should buy the Google Nest WiFi Pro if:
You use a lot of smart home products (light bulbs, thermostats, robot vacuums, etc)
You do some cloud gaming (Luna, NVIDIA GeForce Now, etc)
You have a lot of people in your home
You have a larger home (a single Nest WiFi Pro can cover 2,200 square-feet)
You should not buy the Google Nest WiFi Pro if:
You have slower internet speeds (anything under, I’d say, 200Mbps won’t notice a big difference)
Researchers found two security vulnerabilities in the ImageMagick tool that could trigger denial of service attacks or leak data. The vendors patched the bugs in time, preventing any active exploitation. Users must ensure updating to the latest patched releases to avoid any mishap.
Multiple Vulnerabilities Spotted In ImageMagick Tool
According to a recent post from the cybersecurity firm Metabase Q, their researchers found two security issues in the ImageMagick graphics tool.
ImageMagick is an open-source software for image conversion, designing, and editing. Given its free availability and support for a large number of file formats (200+), ImageMagick is a popular tool among graphic designers and web developers, particularly those dealing with open-source apps.
Specifically, the researchers found the following two vulnerabilities affecting ImageMagick.
CVE-2022-44267: a denial-of-service (DoS) vulnerability that affected the image conversion feature when parsing PNG files. According to the researchers, parsing .png files could “leave the convert process waiting for stdin input.”
CVE-2022-44268: an information disclosure vulnerability that could leak data from arbitrary remote files when parsing PNG images in the resulting image.
Exploiting both vulnerabilities simply required an attacker to upload a malicious PNG image file to the target website using ImageMagick. The researchers have shared a detailed technical analysis of both vulnerabilities in their post.
Vendors Patched The Flaws
Metabase Q’s Ocelot team discovered these images when analyzing the then-latest version of ImageMagick 7.1.0-49. Following this discovery, they promptly reported the matter to ImageMagick developers.
Consequently, the app developers worked on fixing the vulnerabilities, ultimately releasing the patches with the subsequent app release.
Their site now lists the ImageMagick 7.1.0-60 version as the latest release. Hence, to ensure receiving all the feature updates and bug fixes, users must update their websites and systems with this release at the earliest.
The campaign has been active since September 2022, and the recent surge in website infections was noted in January 2023.
Sucuri researchers have reported a backdoor that has successfully infected around 11,000 websites in recent months. Here are the details shared by Sucuri in its technical report.
It is a fact that, lately, several Google products have been exploited and abused to spread malware and other malicious components, including Google Ads, Google Home, and Google Drive.
In fact, a study revealed that Google Drive accounted for 50% of malicious Office document downloads in 2022.
Backdoor Redirecting Visitors to Hacked Sites
According to Sucuri’s research, the backdoor redirects users to sites that show fraudulent views of Google AdSense ads. The company’s SiteCheck remote scanner has detected more than 10,890 infected sites. The activity has further intensified recently, with 70 new malicious domains disguised as legitimate in 2023 and 2,600 infected sites discovered on the web.
All the infected websites detected by Sucuri were using WordPress CMS. These had an obfuscated PHP script injected into the legitimate files on the websites, such as index.php, wp-activate.php, wp-signup.php, and wp-cron.php, etc.
How Does the Attack Work?
In the past two months, Sucuri researchers have identified over 75 pseudo-short URL domains linked with redirected traffic. It must be noted that almost all of the malicious URLs appear to belong to the same URL-shortening service. Some even mimic the names of popular shortening services, such as Bitly.
The visitors are redirected to a range of low-quality websites developed on the Question2Answer CMS, and the discussion topics are mostly related to cryptocurrency or blockchain.
Researchers believe it could be intentional to advertise new cryptocurrencies in a pump-and-dump, ICO fraud. However, researchers are certain that the primary objective of this ad fraud is to inorganically increase traffic to sites that contain the AdSense ID so that Google ads can be displayed for revenue generation.
Image source: Sucuri
How does It Evade Detection?
Some of these malicious sites also inject obfuscated code into “wp-blog-header.php.” This code works as a backdoor to ensure the malware evades disinfection attempts. It performs this by loading itself into files that run as soon as the targeted server is restarted.
“Since the additional malware injection is lodged within the wp-blog-header.php file it will execute whenever the website is loaded and reinfect the website. This ensures that the environment remains infected until all traces of the malware are dealt with.”
The malware hides its presence by suspending redirections when a visitor logs in as an administrator or visits an infected site within 2 to 6 hours. The malicious code is hidden using Base64 encoding.
How URL Shorteners Abused in the Attack?
When the user enters any domain names in their browser, they are redirected to a real URL shortening service, e.g., Cuttly or Bitly, but these are not genuine public URL shorteners. Each domain has a few working URLs that redirect visitors to spammy Q&A sites featuring AdSense monetization.
In a blog post, Sucuri researcher Ben Martin stated that the “backdoors download additional shells and a Leaf PHP mailer script from a remote domain filestacklive and place them in files with random names in wp-includes, wp-admin, and wp-content directories.”
The campaign has been active since September 2022, and the recent surge in website infections was noted in January 2023.
“At this point, we haven’t noticed malicious behaviour on these landing pages. However, at any given time, site operators may arbitrarily add malware or start redirecting traffic to other third-party websites,” researchers noted.
Dark Mode is a feature that a lot of people love on their phones and tablets, and even on their laptops. It’s because a lot of things look better in dark mode, versus a searing white background. Since a lot of us use our phones at night and in dark environments, dark mode makes a lot of sense. And on a phone like the Galaxy S23 Ultra which uses an AMOLED display, it also helps with battery life. You see, AMOLED displays light up pixels independently. So if the majority of pixels are black or darker, they use less power.
Not only that, but dark mode is also nicer on the eyes compared to light mode. But you might want to use light mode during the day, as it can be tougher to see outside when your phone is in dark mode. So it’s a good idea to use a schedule for dark mode, or add a toggle to the quick settings.
Here’s how you can turn on dark mode for the Galaxy S23.
How To Turn on Dark Mode on Galaxy S23
Open up the Settings app on your Galaxy S23 smartphone.
Next, tap on Display.
At the top of this screen, you’ll see “Light” and “Dark”. Tap on “Dark” to turn on dark mode for your device.
Now if you don’t want to have dark mode on 24/7, you can tap on “Dark mode Settings” and change there.
Within the dark mode settings, you can set a schedule.
There are two options for scheduling: Sunrise to Sunset, and a custom schedule.
Sunrise to Sunset is the best option for most people, as you’ll use dark mode when it’s dark, and light mode when the sun is out. Like using your phone in direct sunlight.
That’s it. That’s just how easy it is to turn on dark mode, and even set up a schedule for dark mode.
With the internet and social media playing a significant role in how people consume information, combating misinformation is more important than ever. To address this issue, Google recently launched a new campaign named “prebunking,” which aims to help people identify misinformation and become more resilient against manipulation.
What exactly is Prebunking?
Prebunking is a technique that goes beyond fighting individual instances of fake news. It involves teaching people how to spot false claims before they encounter them. The idea is to use short videos that highlight the techniques commonly used in misleading claims and help people develop critical thinking skills to combat misinformation.
Google first launched the campaign in Poland, Slovakia, and the Czech Republic, in collaboration with the universities of Cambridge and Bristol, by distributing the prebunking videos through social media platforms like YouTube, Facebook, Twitter, and TikTok. These videos focused on exposing the spread of false information that was being used to hold Ukrainian refugees accountable for a housing crisis in Poland.
Surveys conducted after the campaign showed that those who watched the videos were up to 8% more likely to correctly identify fake news. Given its success in Eastern European countries, Google’s Jigsaw now plans to expand the campaign to Germany.
However, prebunking videos come with their own set of challenges. The effects of the videos wear off eventually, and companies like Google will need to produce “booster” videos periodically. Additionally, to be effective, the videos must also tailor to different languages, cultures, and demographics.
The future of fighting misinformation could be AI
As Google and Microsoft are developing their conversational AIs with advanced natural language processing algorithms, it’s evident that AI could serve as a potential weapon against misinformation. Given that AI can handle massive data quantities and spot irregularities and patterns that humans might not perceive, companies like Google can design algorithms capable of identifying and flagging fake news articles or social media posts. Such a system could curb the spread of false information and notify fact-checkers to research and disprove the claim.
Apple has always cited security as the reason why it doesn’t allow sideloading on the iPhone. Sideloading is when an app is downloaded and installed from a third-party app storefront. Since Apple has no control over the apps in a third-party app store, it worries that iPhone users will end up installing malware. Android users are allowed to sideload apps although we do suggest that you limit the apps you sideload to those from developers you’re familiar with.
Thanks to Europe’s Digital Markets Act (DMA), Apple will have to allow sideloading on the continent (possibly starting with iOS 17) which will allow developers to host iOS apps outside of the Apple App Store. This means that some developers will be able to get around the 15%-30% cut that Apple collects from in-app purchases and subscriptions. The U.S. government would also like to force Apple to allow sideloading on the iPhone.
U.S. Commerce Department’s NTIA would like to see Apple allow sideloading of apps for the iPhone
A press release from the Department of Commerce’s National Telecommunications and Information Administration (NTIA) says that “the current mobile app store model is harmful to consumers and developers.” Two key points were made. One, “Consumers largely can’t get apps outside of the app store model, controlled by Apple and Google.” And two, “Apple and Google create hurdles for developers to compete for consumers by imposing technical limits, such as restricting how apps can function or requiring developers to go through slow and opaque review processes.”
NOTE: while Google does allow sideloading on Android, the report says 90% of app downloads on Android are through the Google Play Store. So when the report says that “Consumers largely can’t get apps outside of the app store model, controlled by Apple and Google,” it means that even with the ability to sideload apps on their devices, most Android users still turn to Google’s app storefront.
The NTIA would like to see Apple allow sideloading of apps and give developers the choice of using a different in-app payment platform
The NTIA report said, “Mobile apps have become an essential tool for participation in much of daily life. Given both the growing importance of mobile apps and the need to promote innovation in this space, President Biden called for a study of the ecosystem along with recommendations for improving competition, reducing barriers to entry, and maximizing the benefits for consumers as part of a 2021 Executive Order on competition.”
The report reaches the following conclusions:
Consumers need to have more control over which apps they choose as default apps, use third-party app stores, and delete or hide pre-installed apps.
Operators should not be allowed to favor their own apps or discriminate against other apps that are similar.
Legislative and regulatory agencies should prohibit restrictions on sideloading, using alternative app stores, and web apps.
Ban requirements that developers must use an app store operators’ in-app payment systems.
The NTIA would like to see Congress enact measures including “Guaranteeing that platforms allow, or provide, a readily accessible means for users to download and install third-party apps or mobile app stores, including through means other than the Google Play Store and Apple’s mobile app store, while allowing for reasonable privacy, security and safety precautions (e.g., to prevent malicious software from being installed unintentionally).”
Agency wants operators to allow users to install third-party web browsers through third-party app stores
The all-inclusive report also discusses how operators should allow users to install third-party web browsers. “To allow web browsers to be competitive…the platforms would need to allow installation and full functionality of the third-party web browsers. This would require platforms to permit third-party browsers a comparable level of integration with device and operating system functionality.”
Alan Davidson, Assistant Secretary of Commerce for Communications and Information and NTIA Administrator says, “From finding directions to chatting with loved ones, apps are a critical tool for consumers and an essential part of doing business online. It is more important than ever that the market for mobile apps remains competitive. NTIA’s recommendations will make the app ecosystem more fair and innovative for everyone.”
The NTIA might not be the most famous agency, but it is “part of the U.S. Department of Commerce [and] is the Executive Branch agency that advises the President on telecommunications and information policy issues. NTIA’s programs and policymaking focus largely on expanding broadband Internet access and adoption in America, expanding the use of spectrum by all users, advancing public safety communications, and ensuring that the Internet remains an engine for innovation and economic growth.”
The agency would like to see its recommendations enacted by lawmakers so that the rules are put in place to make the mobile app ecosystem fair for both consumers and competitors to the main operators. Those main operators would be Apple and Google.
The tablet market might seem like a sinking ship, but that’s not stopping companies like Samsung, Apple, and Lenovo from staying on board. Lenovo has several tablets out in the wild, and the Chinese OEM just gave us the opportunity to review its mid-range Lenovo Tab M10 Plus Gen 3. It promises to give you a strong tablet experience for a fraction of the price of the competition. Let’s dive and see if this should be your next tablet.
Build quality and design
This is a mid-range tablet, but it doesn’t really feel like it. The majority of this device is made from metal, and that gives it a premium feeling despite the affordable price. The top section of the chassis that houses the volume and power buttons is made from plastic. This part feels much cheaper to the touch, but it makes for a nice two-tone aesthetic.
This is a solid-feeling device even with the plastic top. It honestly feels like you’re holding a much more expensive tablet once you get it in your hands. While it feels solid and premium, it’s also pleasantly lightweight. You’re able to hold it for extended periods of time before your hand gets tired.
All in all, this tablet is one of those devices that look and feel better than their price would suggest. I think Lenovo paid a lot of attention to the design.
Display
The Lenovo Tab M10 Plus has a 10.61-inch LCD display with a 2000 x 1200 resolution. Basically, it’s a handful of pixel north of 1080p, which is expected for a device in the price range. It’s a good resolution for the screen size, as there’s very minimal pixelation.
As for the overall quality, I have no complaints; it’s pleasantly middle-of-the-road. It won’t really wow you with its colors or contrast, but it’s not bad to look at it. It’ll make the content you’re watching look nice. You can adjust the color temperature in the display settings.
A good thing about the display is the sunlight visibility. I was able to take this tablet out of the house, and I didn’t have any trouble seeing it in the bright sun. Overall, I wouldn’t call the display this tablet’s standout feature, but it’s not bad at all.
One of the great things about this display is its stylus compatibility. You can use Lenovo’s proprietary stylus (not included with the tablet) to draw and write on the tablet with excellent precision. It’s perfect if you’re an artist or if you like to handwrite stuff on your tablet.
Speakers
The Lenovo Tab M10 Plus has a set of quad speakers, and they can get decently loud. However, the speakers are another area that reminds you that this is a mid-range device. They’re not bad, but they do lack in the immersion department. The sound can be a bit flat most of the time.
You have the option to enable Dolby Atmos. With it on, you have the choice between three sound profiles: Music, Dynamic, and Movie. Of the profiles, Music offers the most immersive sound. It does give a little boost to the bass and cuts down on the higher frequencies.
However, even with that mode enabled, the audio still sounds a bit flat. You shouldn’t have much of an issue listening to more modern music like pop, rock, or hip-hop. However, instrumental and classical music will definitely suffer from the lack of immersion.
Overall, the speakers are just like the display. They’re not bad, but they’re nothing really to write home about. They’re comfortably mid-range. In fact, they’re more than serviceable for the price.
Performance
This tablet’s performance is another area that’s very mid-range. The Lenovo Tab M10 Plus uses the octa-core MediaTek G80 SoC, and you have the option between 3GB and 4GB of RAM. The unit I was reviewing had 4GB of RAM.
The experience is rather smooth for the most part with stutters and hiccups here and there. They’re not what I’d call few and far apart, but they don’t bog down the experience either. Maybe the system skips an animation, maybe an app takes a few seconds longer to load. There are stutters, but it’s well within the margin of error allowed for a mid-ranger tablet. The stutters and hiccups are a part of the experience, but they don’t get in the way too much.
Gaming
When it comes to gaming, you’ll be able to play most games without any issues. The Tab M10 handles 2D and simple 3D games without breaking a sweat. It can even nip at the heels of more graphically-intensive games. I played games like Bowling Crew and Darts of Fury- two simple 3D games- and the tablet handled them flawlessly.
Upping the ante, I installed Genshin Impact on this tablet and, unless you turn all of the graphic settings to their lowest setting, you can forget about playing it. With all of the settings turned down, it was a slightly stuttery experience at best. However, it’s still playable.
You can get some moderate gaming and even some work done with this tablet without skipping a beat. However, just know that it won’t be hard to reach this device’s limits.
Battery and charging
The battery life of this tablet is pretty decent. I was able to get more than 6.5 hours of screen-on time while testing it out. This included solid hours of constant gaming, video watching, and scrolling social media. That’s not too bad, and it will get you through the day with light to moderate use.
If you plan on using it constantly, then you’re going to want to reach for the charger. Unfortunately, charging this tablet is a slow affair. Charging from 0%-100% takes about 3.5 hours. You’ll want to make sure that it’s charged before you go out and start using it.
Software
Moving onto software, if you’re planning on getting this tablet right now, then there’s going to be something missing. Lenovo said that it’s going to deliver Android 13 to this tablet sometime this year. However, at the time of this review, it’s still on the older version of Android 12 for tablets. This means that it’s lacking all of the tablet optimizations that Google introduced in 2021.
Lenovo’s take on Android is similar to stock Android but with some of the company’s influence mixed in. You still have Material You elements like the rounded rectangular buttons and the two-tone aesthetic.
However, while this is true, the Dynamic Color implementation isn’t as versatile. The color of the theme will change color based on the wallpaper, but you can’t choose which color palette you want to apply like in Stock Android, One IU, My UX, etc. That’s really the main difference between Lenovo’s UI and stock Android. Other than that, there’s not much of a difference.
So, who is this tablet for?
The Lenovo Tab M10 Plus is for people who want a solid tablet experience for a good price. You want a tablet that can do the essentials like binge-watching content, reading e-books, browsing the web, and checking up on social media. When it comes to gaming, you won’t have an issue with playing some lower-powered favorites, but once you get into 3D games, be prepared for a little lag.
The display, speakers, and performance are middle-of-the-road, but they’re not offensive. They get the job done. Overall, this tablet is fantastic for the price, and I recommend it.
According to analysis from different sources, Yandex source code does not contain user data, but it does contain over 1,900 factors for ranking search results and more.
The source code repository of the Yandex search engine and technology giant was leaked as a torrent, containing over 1,900 factors for ranking search results. The company, also called Russian Google, had the data leaked on Brached Forums, a hacker forum that surfaced as an alternative to the popular and now-seized Raidforums.
The incident should not come as a surprise, since Yandex or its products are often under cyber attack. In 2016, Hackread.com exclusively reported on how a dark web vendor was selling 6.3 million Yandex user account data.
In September 2021, the Russian search engine giant was hit by one of the largest DDoS attacks powered by 200,000 compromised IoT devices.
Data published by the threat actor (Image credit: Hackread.com)
What was Leaked?
The leaker has shared a magnet link containing 44.7GB of files linked to Yandex git sources. The files were allegedly stolen from Yandex in July 2022. Apart from containing anti-spam guidelines, the code repositories are believed to have Yandex’s source code.
The leak revealed around 1,922 ranking factors the search engine uses in its search algorithm. The code was leaked as a torrent. Per the analysis posted by Twitter user Alex Buraks, the leaked data includes numerous ranking factors, including text relevancy, PageRank, content age, freshness, etc.
Moreover, several end-user behaviour factors, link-related factors, and host reliability exist. SEOs find some unusual ranking factors, such as the number of unique visitors, average domain ranking across queries, and percent of organic traffic.
You probably heard about Yandex, it’s the 4th biggest search engine by market share worldwide. Yesterday proprietary source code of Yandex was leaked.
The most interesting part for SEO community is: the list of all 1922 ranking factors used in the search algorithm
According to a data leaks investigator/researcher, Arseniy Shestakov, the leaked Yandex Git repository contained technical data and coding related to Yandex’s major products such as the following:
Yandex Taxi
Yandex Mail
Yandex Maps
Yandex Market
AI assistant Alice
Yandex Direct Ads service
Workspaces service Yandex360
Cloud storage service Yandex Disk
Travel booking service Yandex Travel
Payment processing service Yandex Pay
Yandex Cloud, and internet analytics solution Yandex Metrika.
Shestakov further noted some API keys, which most likely have been used to test deployment.
Yandex Denies Hacking Attempt
Yandex claims that it is aware of the leak and has already initiated an investigation to check how source code ‘fragments’ were exposed to the public. It is worth noting that the leak doesn’t include user or employee personal data.
However, considering the significance of Yandex in Russia’s IT infrastructure and leaked data, it could be assumed that the attack was motivated by the country’s invasion of Ukraine. So, pro-Ukraine hackers could be involved.
In its official statement, Yandex clarified that the company wasn’t hacked and a former employee could be involved in leaking its source code in the public domain. Russia’s leading IT firm noted that the leaked archive includes code fragments that are part of an internal repository, the data of which is different from what is used in the latest version of the repository.
“Yandex was not hacked. Our security service found code fragments from an internal repository in the public domain, but the content differs from the current version of the repository used in Yandex services,” the company’s statement read.
Nevertheless, source code leaks are dangerous for posing serious security issues to organizations since threat actors can observe the company’s intellectual property and system data. Leaking of source code would help attackers create targeted security exploits.