Pixel 8a will cost more than the Pixel 7a based on new leak

andreasc
-
0
Pixel 8a will cost more than the Pixel 7a based on new leak
[ad_1]

The Google Pixel 8a will cost more than its predecessor, the Pixel 7a, it seems. A Canadian retailer shared a price tag for the Pixel 8a, and it’s higher than the Pixel 7a’s price was at launch.

The Pixel 8a is expected to cost more than the Pixel 7a

A price of CAD709 is highlighted for the 128GB storage model and CAD793 for the 256GB storage option. That translates to well above $500, which means the Pixel 8a will cost more than its predecessor.

Do take this information with a grain of salt, of course, it could be just a rather odd placeholder or something like that. Chances are that the Pixel 8a will be more expensive, though. That part won’t surprise us.

The Pixel 8a will be coming with a new chip, the Google Tensor G3. Well, a new chip for the Pixel A series, as that chip already fuels Google’s flagship smartphones. It will also include a better display this time around, as Google will bump up its refresh rate to 120Hz.

Now, the same camera setup is expected on the back. That means we’ll get a 64-megapixel main camera and a 13-megapixel ultrawide unit. A 13-megapixel unit will sit on the front side of the phone.

It will arrive in two storage variants, and we know what it will look like

128GB and 256GB storage variants are expected, while a 4,500mAh battery will likely be used. The phone will look very similar to the Pixel 7a. We’ve actually exclusively shared the Pixel 8a renders quite recently.

The phone will have a flat display with a centered display camera hole. A camera visor will still be present on the back, with two cameras inside it. The phone will come in rather interesting colors too.

The one that attracts the most attention is the ‘Mint’ model. Obsidian, Porcelain, and Bay colors will also be on offer. The Pixel 8a will launch during Google I/O 2024 next month. It will take place on May 14 and 15, but the phone will arrive during the keynote on May 14.


[ad_2]
Source link

US House passes new TikTok ban bill with longer divestment period

andreasc
-
0
US House passes new TikTok ban bill with longer divestment period
[ad_1]

The United States House of Representatives has passed another bill to ban TikTok in the country. The new bill has a similar core structure to the original bill passed last month. However, it is part of a larger group of foreign aid bills, making it harder for the Senate to hinder its progress. The previous bill has yet to pass the upper house.

Another TikTok ban bill passes the US House

TikTok is facing a nationwide ban in the US over security concerns. Last month, the House voted 352-65 to pass a bill that could ban the popular video-based social media app across the country. If signed into law, TikTok’s Chinese owner ByteDance would get six months to either divest the US arm of the platform or exit the nation.

However, the bill has made little progress in the Senate. Lawmakers in the upper house have expressed mixed concerns about the proposed ban on TikTok. As noted by The Verge, Senate Commerce Committee Chair Maria Cantwell (D-WA) has remained mysterious about it. This is despite President Joe Biden suggesting he is ready to sign the legislation.

Meanwhile, the House prepared another bill with similar terms—ByteDance has to either sell the US arm of TikTok or face a nationwide ban. The only notable difference is that the Chinese firm will have a year to decide, double what is offered by the original bill. The initial divestment period will be nine months. If the firm makes progress, Biden can extend it by three more months.

The new bill passed the House by a margin of 360 to 58. Interestingly, Cantwell liked the new terms. A few others who voted against the standalone bill last month have also shown support for the new one. They believe six months is too little for a global company to finalize a complex divesture process. A year might be enough for ByteDance to decide.

The Senate may soon vote on the updated bill

The latest bill to ban TikTok in the US is packaged with foreign aid bills “that seek to provide military aid to Ukraine and Israel and humanitarian aid to Gaza.” Since these funds are to be finalized with urgency, the Senate has to move the bills swiftly. This also means that the TikTok bill won’t be stalled in the upper house for long. The Senate doesn’t necessarily have to approve it alongside other bills in the package, though.

However, if they do, President Biden might not take long to pass the bill into law. TikTok, meanwhile, isn’t happy about the House cleverly bundling the bill with foreign aid bills. “It is unfortunate that the House of Representatives is using the cover of important foreign and humanitarian assistance to once again jam through a ban bill that would trample the free speech rights of 170 million Americans,” the firm said in a statement.


[ad_2]
Source link

WhatsApp testing scheduling feature for easier event management in Communities

andreasc
-
0
WhatsApp testing scheduling feature for easier event management in Communities
[ad_1]
A long-awaited WhatsApp feature that was in the headlines from October of last year seems to be finally making its way to beta testers, reports Android Police. We’re talking about a feature that allows you to schedule events within a WhatsApp Community.

WhatsApp is now finally beta testing its event scheduling feature


The feature seems to be available for some beta testers on the Android version of WhatsApp. The folks over at WABetaInfo have uncovered that the feature has finally made its way to testing. Usually, WhatsApp Communities could consist of tens or even hundreds of people, and the event scheduling feature will bring the organization to the next level.

The option is found in WhatsApp’s attachment menu within a Community chat. You will also be able to generate and attach a WhatsApp call link, and you can select whether it will be a video or voice call.


Community members will receive a notification about the event automatically, and, as such features usually work, each person will be able to review and accept the invite. The event creator can modify the event details later, and all invitees will receive a notification about the changes. On top of that, all Community events will be visible from the group info and the community pages. To wrap the feature in a little bow, WhatsApp will be sending you reminders for events, and you can add an event to your calendar with the Add to Calendar button.

WhatsApp seems to also be looking into event scheduling for regular groups as well.

For now, the feature is available for some WhatsApp beta testers with version 2.24.9.20 of the Android app. It seems to be a limited release at this point, and you may not have the feature yet even if you’re a beta tester on the required version. However, we expect it will soon propagate to more people before becoming official.

Izzy, a tech enthusiast and a key part of the PhoneArena team, specializes in delivering the latest mobile tech news and finding the best tech deals. Her interests extend to cybersecurity, phone design innovations, and camera capabilities. Outside her professional life, Izzy, a literature master’s degree holder, enjoys reading, painting, and learning languages. She’s also a personal growth advocate, believing in the power of experience and gratitude. Whether it’s walking her Chihuahua or singing her heart out, Izzy embraces life with passion and curiosity.


[ad_2]
Source link

Palo Alto Networks Patched A Pan-OS Vulnerability Under Attack

andreasc
-
0
Palo Alto Networks Patched A Pan-OS Vulnerability Under Attack
[ad_1]

A critical zero-day vulnerability in Palo Alto networks Pan-OS firewall has received an emergency fix following active exploitation. The vulnerability lets an attacker execute arbitrary codes on vulnerable devices under specific conditions. Given the active exploitation of the flaw, users must rush to update their devices with the hotfixes to prevent the threat.

Palo Alto Fixed Actively Exploited Pan-OS Zero-Day Vulnerability

Earlier this week, Palo Alto warned users about a critical severity vulnerability that it classified as a zero-day. The vulnerability affected Palo Alto Pan-OS firewalls, putting thousands of vulnerable systems and the organization using them at risk.

Specifically, the vulnerability, CVE-2024-3400, allowed root access to an adversary if exploited under specific configurations. It impacts PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls configured with GlobalProtect gateway or GlobalProtect portal or both. Exploiting the flaw allows code execution attacks from an unauthenticated attacker.

Palo Alto Networks confirmed that the Cloud NGFW, Panorama appliances, and Prisma Access devices remain unaffected by the flaw. The tech giant has shared a detailed list of the affected and unaffected devices in its advisory.

This vulnerability first caught the attention of security researchers from Volexity, who traced back the zero-day exploitation in the wild to March 2024. The firm patched the vulnerability with these hotfixes for vulnerable software versions: PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and later.

While they initially recommended disabling device telemetry as a secondary mitigation, the firm later clarified that the mitigation no longer worked. Hence, patching the devices with the hotfixes is the only viable option for the users to protect their systems.

PoC Exploits Deployed Publicly

While the vulnerability initially emerged as a zero-day, it eventually became more severe as the PoC exploits started appearing online publicly. Consequently, it further risks vulnerable devices, increasing the spread and frequency of malicious exploits and large-scale attacks.

Shortly after the emergency patches were released, watchTowr Labs dropped their PoC exploit, emphasizing the need for swift device patching. Then, TrustedSec CTO Justin Elze also shared another exploit via an X post that he found in the wild.

Given the availability of these PoC exploits, organizations may now analyze their systems swiftly for vulnerabilities. Simultaneously, users must rush to update the vulnerable devices as soon as possible.

Let us know your thoughts in the comments.


[ad_2]
Source link

Deciphering the Economics of Software Development: An In-Depth Exploration

andreasc
-
0
Deciphering the Economics of Software Development: An In-Depth Exploration
[ad_1]

The depth of activities within software development ranges from ideation and design to coding, testing, and deployment. The cost of software development varies widely, as it strongly depends on the project’s scope and technology, the developers’ skills, and the program’s final objective.

Understanding the cost of developing software, particularly in the different areas that deal with these expenses, will equip an organization with the tools necessary for smooth planning and control of resources concerning the projects at hand.

This article presents the crucial areas of cost determination in the software development process with an overall guide on how to navigate them.

Pre-Development Costs: The Initial Investment

Before real coding, a lot of resources are invested in setting up the groundwork for a successful software project.

Conceptualization and Planning

Indeed, there are some basic stages that virtually every software project goes through, and the first one is majorly concerned with planning and idea development. The planning in these phases is highly critical in impacting the general success and cost-effectiveness of the project.

Research and Feasibility Analysis

The feasibility of the proposed software is one area that will require enormous research. Some analysis will consist of market needs, available solutions in the market, and the latest technological trends that are likely to impact the development of the software and prevailing trends in the market.

Design and Prototyping: Shaping the Software

Design and prototyping transform conceptual plans into tangible products. At this stage, software attains the final form of functional blueprint and user experience.

User Interface and User Experience Design

Important is that the user interface and user experience (UI/UX) design help in determining how the end-users will get to interface with the software. Investing in good design will help make the software accessible, intuitive, and appealing to its users.

Prototyping

Prototyping helps to enable the developers and stakeholders to understand how the software is going to work much better. It is a prototype of the software used to identify problems and get feedback from end-users at the beginning of the development phase.

Development Phase: Building the Software

This is the stage of development in which the implementation and assembling are to be done in the software development lifecycle. Many a time, it is a stage with many resources.

Coding and Programming

This is where the actual coding takes place in a bid to bring to life the desired functionalities of the software. Effective coding must be developed in such a way that it may be translated from design prototypes into operational software by experienced developers.

Integration and Testing

Integration tests take an approach towards finding how individual software components interact, while the testing itself is a general activity and looks toward finding and fixing all bugs. Both are very important for making the software stable, functional and secure at the time of the release of the software.

Deployment and Maintenance: Releasing and Upkeeping

It is deployed and followed by operational maintenance, which involves an additional cost after development.

Deployment

Deployment includes an installation of the software on a production environment, which requires all the necessary adjustments for smooth running; these may include the configuration of the software and the setting up of the hardware.

Maintenance and Updates

After deployment, it should follow an update and maintenance cycle for bug fixing, better functionalities, and improvement of security. The process plays an essential role in expanding the life of the software and being adapted to any need change of the user or technology standards. 

Post-Deployment Costs: Ensuring Long-Term Success 

These costs fall into place after deployment to ensure that the software remains effective for the users and is updated according to the requirements of the industry.

Training and Support 

It involves end-users needing training on how to be able to use the software without any problems. The provision of support services is paramount, in that they can attend to any problem, ensuring perfection on the software running and customer satisfaction. 

Marketing and Scaling 

Marketing is indispensable in the sense that it will ensure penetration of the software to the market for the very best final user it was intended for. Scaling will involve continuous investment towards changing the software capacity and performance as it grows or demands any change. 

This comprehensive overview plunges into the software development cost through its lifecycle—from the onset of planning to long-term maintenance—pointing stakeholders to what to expect and how to strategically manage expenses.

  1. The Role of Software Escrow in Mitigating Business Risks
  2. Benefits of CI/CD for Your Software Development Company
  3. Understanding Software Supply Chain and How to Secure It
  4. Why Front-End Development Matters for Online Businesses?
  5. Exploring Software Categories: From Basics to Specialized Apps

[ad_2]
Source link

The first Polestar Phone is coming tomorrow, design revealed

andreasc
-
0
The first Polestar Phone is coming tomorrow, design revealed
[ad_1]

After smartphone manufacturer Xiaomi made its venture into the world of cars with the Xiaomi SU7, EV maker Polestar is now venturing into the world of smartphones.

The company has been working on its Polestar Phone for quite a while. Back in September last year, Polestar announced the phone and we expected it to launch in December. Now the company has finally informed through its official Weibo account (a Chinese microblogging site) that it will unveil the Polestar Phone on April 23.

A collaboration between Polestar & smartphone maker Meizu

For those unfamiliar, Polestar is an electric vehicle brand under Chinese automotive giant Geely, which also owns smartphone maker Meizu. The Polestar global design team in Gothenburg, Sweden has partnered with the Meizu design team to design the first Polestar Phone.

Polestar previously showed off the phone in a short video showcasing its thin uniform bezels, flat design, and separately protruding camera modules on the back. Now the company has shared more images revealing the design and appearance of the phone.

The Polestar Phone comes with four cameras on the back with separately protruding camera modules, just like the Meizu 20 Pro and Meizu 20 Infinity. Speaking of the front, this phone equips a 2K+ display with a 21:9 aspect ratio, and 2.2mm thin uniform bezels on all four sides. It offers a screen-to-body ratio of up to 91.5%. This is also very similar to the recent Meizu flagships. The middle frame of the mobile phone, made of NP66 aerospace-grade aluminum, provides reasonably good drop resistance.

Although the basic design of the phone is still very similar to last year’s flagship Meizu 20 Pro, there are certain changes in different aspects of the Polestar Phone.

Design elements that make the Polestar Phone stand out

The back glass cones with a different finish. The center and bottom are etched and silk-screened respectively. The etched portion of the back cover is polished with “soft sand crystal sparkle technology” which reportedly emits a distinctive reflection under sunlight. The soft finish and the unique reflection could make it stand out from the Meizu flagships.

Additionally, the company has electroplated the SIM card ejector tool with Swedish gold. One of the camera modules on the back also comes with a golden finish. This phone phone will reportedly launch with the Google Play support.


[ad_2]
Source link

Huawei’s Kirin 9010 can’t compete with Snapdragon flagships, but that’s fine

andreasc
-
0
Huawei’s Kirin 9010 can’t compete with Snapdragon flagships, but that’s fine
[ad_1]

As many of you know by now, some of Huawei’s new Pura 70 smartphones are fueled by a new chip, the Kirin 9010. The Huawei Pura 70 Ultra flagship is one of them. Reports have been coming in regarding the Kirin 9010, and as we thought, the chip can’t compete with Snapdragon flagships.

The Huawei Kirin 9010 can’t compete with Snapdragon flagships, but that is to be expected

That’s perfectly fine, though. Why? Well, because this is just a more powerful version of the Kirin 9000S, which was trailing behind. Both of them are 7nm processors, though the Kirin 9010 comes with more cores and an upgraded GPU.

Considering that Huawei got banned by the US in a number of ways, it’s actually impressive that Huawei managed to release these two chips in collaboration with SMIC. In fact, a 5nm chip is expected later this year.

A freelance coder shared some information via X. He ran the Kirin 9010 SoC over benchmark test AndSPECMod. That test showed that the Kirin 9010 consumes more energy than the Snapdragon 8+ Gen 1 SoC. It also delivers lower performance scores than that chip.

The Snapdragon 8+ Gen 1 seems to offer better performance

The Snapdragon 8+ Gen 1, as a reminder, was announced in May 2022. It did prove to be a very compelling SoC, and it still works really well in smartphones that it’s included in.

This performance gap was expected, however. SMIC was unable to obtain the advanced EUV lithography machines in order to make something more compelling. SMIC does own deep ultraviolet lithography machines, but they can’t create anything more advanced than 5nm chips with them.

Huawei did file a rather interesting patent for a low-tech lithography system a while back. That could help SMIC provide a 5nm chip for Huawei later this year, as reports are suggesting.

In any case, the Kirin 9000S seemed to do a wonderful job of powering the Huawei Mate 60 series of phones. The Kirin 9010 is even more powerful, and we’re expecting that there won’t be issues with the Huawei Pura 70 Pro and Ultra.

We’ll have to wait in order to test them, however. The Huawei Pura 70 series will likely arrive to global markets, but we still don’t know when exactly will that happen.


[ad_2]
Source link

EU set to approve Apple’s plan to open its NFC technology for rivals

andreasc
-
0
EU set to approve Apple’s plan to open its NFC technology for rivals
[ad_1]

Apple is gradually opening its ecosystem to competitors in the European Union. Just last week, the first third-party app store became officially available. Now, it appears that it’s time for Apple to open up its mobile wallet.

EU might be close to giving a nod to Apple’s iPhone NFC change

According to Reuters, the EU Commission is poised to greenlight Apple’s previously announced policy changes regarding access to the NFC chip on the iPhone. This move aims to foster competition in the contactless payments market. The commission’s decision is expected to be officially announced in the coming weeks.

These changes mean that third-party apps can be the default wallet app that pops up when users double-click the side button and hold their phone near a payment terminal. Apple’s tap-and-go technology, called near-field communication (NFC), lets you make contactless payments with mobile wallets.


Until now, Apple has tightly controlled access to the NFC contactless chip on the iPhone, citing concerns about user experience, privacy, and security. This has made Apple Pay the dominant contactless payment option on the iPhone, with virtually no competition.


Two years ago, the European Commission accused Apple of stifling competition for its Apple Pay mobile wallet by blocking rival mobile wallet app developers from accessing its tap-and-go technology.


Apple’s attempt to settle the investigation by altering its policies would enable it to avoid a finding of wrongdoing and fend off a potential significant fine, which could amount to as much as 10% of its global annual turnover.


And the Cupertino tech giant likely wants to avoid further fines, especially considering that just last month, the company received a hefty €1.84 billion (around $2 billion directly converted) fine, its first EU antitrust penalty. This fine was imposed for hindering competition from Spotify and other music streaming rivals through restrictions on its App Store.

That being said, the inclusion of alternative contactless payment apps won’t be a completely unrestricted free-for-all. App developers will need to request entitlement from Apple to gain these privileges. They’ll also need to adhere to various industry standards and possess the necessary licenses to handle consumer payments to qualify.


[ad_2]
Source link

CrushFTP Servers Zero-day Under Active Attack : Update Now

andreasc
-
0
CrushFTP Servers Zero-day Under Active Attack : Update Now
[ad_1]

CrushFTP is a file transfer server that supports secure protocols, offers easier configuration, and offers powerful monitoring tools.

It also provides a web interface that allows users to transfer files using a web browser. 

A critical vulnerability associated with FileSystem escape has been discovered and addressed in the latest version.

This particular vulnerability allows any user to download system files escaping from the virtual file system present in the CrushFTP application. 

Moreover, there have also been reports indicating the exploitation of this vulnerability in the wild by threat actors.

Free Webinar | Mastering WAAP/WAF ROI Analysis | Book Your Spot

No CVE was assigned to this vulnerability at the time of reporting.

Additionally, customers who use Demilitarized Zones (DMZ) in with their CrushFTP instance are not affected by this vulnerability due to the protocol translation system.

CrushFTP Servers Zero-day

According to the reports shared with Cyber Security News, there have been several exploitation attempts over CrushFTP instances owned by multiple U.S. Entities, which are speculated to be an activity of Politically Motivated Intelligence Gathering.

Exploitation attempts (Source: r/crowdstrike – Reddit)

To provide a brief insight, the CrushFTP application is a bundled stand-alone portal executable (PE) that probably doesn’t have a standard installation location.

The application can run on Windows, macOS and Linux and depend on Java.

To prevent the exploitation of this vulnerability, users of CrushFTP are recommended to upgrade to the latest version, v11.1.0, which has a patch for it.

All versions before CrushFTP v9 are affected.

For more information about the changelogs and other information, the CrushFTP wiki page can be viewed.

How To Update?

To update CrushFTP to the latest version v11.1.0 (for Online users), the following steps can be followed:

  1. Login to the dashboard using your “crushadmin” equivalent user in the WebInterface.
  2. Click on the About tab.
  3. Click Update, Update Now.
  4. Wait roughly 5 minutes for the files to download, unzip, and be copied in place. CrushFTP will auto-restart once done.
  5. Finished.
How to update Online (Source: CrushFTP)

For Offline users, the below steps can be followed

  1. Download CrushFTP11.zip from our download page. (https://www.crushftp.com/early11/CrushFTP11.zip)
  2. Give it the name `CrushFTP10_new.zip` and place it in the CrushFTP main folder. (Same location where you have your prefs.XML file)
  3. See the above normal instructions, as Crush will use your local offline zip file.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP.


[ad_2]
Source link

A week in security (April 15 – April 21)

andreasc
-
0
A week in security (April 15 – April 21)
[ad_1]
Fishing in a lake

April 18, 2024 – A major international law enforcement effort has disrupted the notorious LabHost phishing-as-a-service platform.

Cerebral logo

April 18, 2024 – The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data.

JuicyFields investment scam

April 18, 2024 – JuicyFields was an investment scam that urged victims to invest in cannabis production.

A mobile phone in the hands of a young woman in a dark colored t-shirt.

April 17, 2024 – Location sharing is popular among couples. But is it something you want in your own relationship?

Giant Tiger logo

April 16, 2024 – A threat actor claims to be in possession of 2.8 million records originating from a hack at Canadian retail chain Giant Tiger


[ad_2]
Source link
1...173174175...1,471Page 174 of 1,471