TikTok now looks so much better on your foldable phone

0
[ad_1]

If you’re one of the maniacs who watch TikToks on a tablet, your life is about to get better. Obviously, TikTok is an app that’s meant to be viewed on phone-sized screens, but your phone isn’t always around. TikTok just announced that it’s making the app work much better on larger screens.

Larger screens are getting more attention nowadays because of the rise in the foldable phone market. Thanks to companies like Samsung, Motorola, Vivo, Oppo, Google, etc. foldable phones are all the rage in the tech industry despite a diminishing economy. This is why we’re seeing more apps change their DNA to work on larger screens.

TikTok now works better on larger screens

Making vertical videos look good on a large screen requires some compromises, but ByteDance, the company that owns TikTok, did a good job with its implementation. When you view your videos on larger devices, the company says that you’ll see the videos in higher quality. That’s important if the videos are going to be stretched over a larger canvas.

Your video will sit in the middle of the screen with UI elements on either side of it. The right side will have the “Like”, comment, bookmark, share, and video audio buttons. This is what you see on smaller screens as well However, unlike with smaller screens, these elements don’t overlap the video. They sit in their own letterbox on the right of the video.

TikTok on larger screens

This goes for information on the left of the screen to an extent. On the left side, you’ll see the video’s description. If your device is in landscape orientation, then the description most likely won’t overlap the video. However, in portrait orientation, it looks like the description will overlap the video just a bit.

You’ll also see the navigation bars on the top and bottom of the screen just like with smaller screens. So, in essence, the app didn’t really make too big of a change. However, it was effective, and it enhances the overall experience.


[ad_2]
Source link

How Google Bard and Gemini are different

0
[ad_1]

AI AI AI, that’s all we hear about nowadays. There are several different flavors of artificial intelligence on the market with Google, OpenAI, Microsoft, Anthropic, and other chefs dishing them out. To the common user, it can be tough to differentiate between the products that are sprouting. Thus, many people don’t know fundamental information like how Google’s Bard and Gemini are different.

It might not mean much to the average user looking to AI for casual tasks. However, if you’re looking to have a deeper understanding of the fundamentals of AI, then this is information that you’ll want to learn. Knowing how Bard and Gemini are different will also help you know more about other AI products like OpenAI’s ChatGPE and GPT-4. So, here’s a handy rundown of how these are all different.

What is Bard?

Google launched Bard back in March of 2021. It’s a chatbot that’s meant to take on the likes of ChatGPT. So, that’s the interface that you interact with. You’re able to enter text-based prompts and get results based on them. You’re also able to input images to get text-based responses from the bot. Imagine it as the face of a person. You directly interact with a person to their face, and that’s where you get your responses. 

What is Gemini?

If you’re still unfamiliar with what Google’s Gemini is, here’s a quick rundown (we also have more information if you want to know everything you need to know about Gemini). Google launched Gemini on December 6th, 2023. It’s a multimodal model, which means that it can accept more than one form of media. So, if you want to feed it images, it’s able to understand what’s present in that image. Google says that Gemini can understand text, images, video, and audio.

Versions of Gemini

The company launched Gemini in three different sizes. The smallest version is called Gemini Nano, and this is designed to live on devices. It’s actually powering some AI tools on the Pixel 8 Pro. As you can imagine, this isn’t as powerful as the other versions, but it makes the Pixel 8 Pro one of the smartest phones on the market.

The next size up is Gemini Pro. This is what’s powering Bard. Gemini pro provides more power over the model that previously powered Bard, and it could be very useful for individual developers and smaller companies. In fact, Gemini Pro is currently available for developers to use. At the time of writing this article, it’s free to use, but this is only a limited-time trial.

Lastly, the largest size is called Gemini Ultra. This version, as of the time of writing this article, is not available. When it launches, it will be for large enterprise applications. The two smaller versions are only able to output text as their responses like ChatGPT. However, Gemini Ultra is expected to be able to output different forms of media like text, music, and images. At the moment, we’re not sure how Google is going to implement this, but we’re certain that it will come with a price tag. Gemini Ultra is slated to come out sometime in early 2024. We expect it to come out before the end of January.

How Bard and Gemini are different

It must have been confusing hearing that Gemini was coming out. This put into question what the company was planning on doing with Bard. Was it going to have both of them coexist? Is Bard on its way out? This got more confusing when we found out that Bard was being powered by Gemini. However, this is why it’s important to know what Bard and Gemini are because they’re not the same thing.

As stated, Bard is the chatbot. Gemini, on the other hand, is not a chatbot; it’s what’s called the “Model”. If Bard is the face of a person, then Gemini is the brain. You, undoubtedly, heard about companies scraping data from around the internet to train models. Well, all of the data from the internet goes right into the model; that’s what’s being trained.

When Google is scraping data from the internet, it feeds it into Gemini so that it gets smarter. When you use Bard, it taps into the Gemini model to receive its information.

Pixel 8 Pro and Gemini

A model doesn’t need to be tied to a model to be functional. Let’s use the Pixel 8 Pro as an example. The chip powering this phone, the Tensor G3, has Gemini Nano implemented on it. This powers some powerful AI tools on the phone, but the tools aren’t necessarily associated with a chatbot.

The Pixel Recorder app uses AI to transcribe audio recordings. When it uses that feature, the app taps the Gemini model present on the chip to decipher the text in the audio recordings. So, in this case, the Pixel Recorder app plays the role of the chatbot. The Pixel Recorder is the interface that you interact with directly.

Another example is OpenAI’s products

If you’ve been in the loop with AI products, you’ve been hearing about ChatGPT, GPT-3.5, and GPT-4. Again, many people might be confused about what all of these are. Well, ChatGPT is the equivalent of Bard. It’s the chatbot that you interact with.

GPT-3.5 is the model that powers the chatbot. What’s the difference between GPT-3.5 and GPT-4? Well, if you’re a free ChatGPT user, then the chatbot you’re using is powered by GPT-3.5. This is a powerful model, but it’s not as powerful as GPT-4. That’s the larger and more advanced model.

Think of it as a bigger brain. and it powers ChatGPT if you’re subscribed to ChatGPT Plus. This is the company’s $20/month subscription plan that offers more perks than the free plan. Using GPT-4, you’re also able to use images as input, which is not present with ChatGPT.


[ad_2]
Source link

Lawmakers demand Apple be investigated for Antitrust violations after shutting Beeper Mini

0
[ad_1]

Apple’s decided a little over a week ago to put the kibosh on the Beeper Mini app that was allowing Android users to use iMessage and become a “blue bubble” on iOS. Let’s be real though, it isn’t just the color of the bubble that’s at stake here. With access to iMessage, Android users don’t have to chat with their iPhone totin’ pals, family, and fellow workers over the antiquated SMS platform.
When an Android user messages an iPhone user, the images and video shared are of poor quality, there is no end-to-end encryption, no read receipts, no typing indicators, and of course, the text bubbles are green. Apple already announced that sometime next year, it will support RCS and most of these great features will work on cross-platform chats between iOS and Android users. The latter group will have to have an RCS-enabled app like Google Messages installed.
For now, though, Apple is willing to protect iMessage, a feature it cites as a selling point for the iPhone. That alone explains why Apple had been so unwilling to add RCS support. And while it might be part of the reason why Apple shut down Beeper Mini, some lawmakers are not happy with Apple for taking this action. In addition to Senator Elizabeth Warren, who quickly knocked Apple and called the company anticompetitive, a group of bipartisan lawmakers sent a letter to Assistant Attorney General Jonathan Kanter complaining about Apple’s actions.

After explaining that to keep markets in the U.S. free and open, the Antitrust Division must be able to “police abuses of market power.” The letter then explains what happened and notes that “Apple executives have previously admitted the company leverages iMessage to lock users into Apple’s ecosystem of devices and services. Beeper Mini threatened to reduce this leverage creating [a] more competitive mobile applications market, which in turn a more competitive mobile device market.”

The letter also cites a report from the Department of Commerce called “Competition in the Mobile Application Ecosystem.” The report calls Apple a “gatekeeper” with a “mobile app ecosystem” The end of the letter mentions that the four lawmakers who affixed their signatures to the latter are concerned that Apple’s recent actions to disable Beeper Mini harm competition while hurting consumers “and will discourage future innovation and invention in interoperable messaging services.”

The lawmakers are referring the matter to the Antitrust Division to investigate whether Apple violated antitrust law.


[ad_2]
Source link

Disruptions at 70% of Iran’s Gas Stations Blamed on Cyberattack

0
[ad_1]

The responsibility for the attack has been claimed by Gonjeshke Darande,” (which means Predatory Sparrow in Persian), a hacker group with pro-Israeli sentiments.

A hacking group linked to Israel has claimed responsibility for a cyberattack that reportedly disrupted most gas stations in Iran, leading to long lines and angry crowds. The group, known as “Gonjeshke Darande,” (which means Predatory Sparrow in Persian) cited that the attack was in response to the Islamic Republic’s aggression.

In a series of Tweets on X (formerly Twitter) in both English and Persian languages, the group explained the reason behind the attack:

“We, Gonjeshke Darande, carried out another cyberattack today, taking out a majority of the gas pumps throughout Iran. This cyberattack comes in response to the aggression of the Islamic Republic and its proxies in the region.”

Addressing Iran’s leader Ayatollah Ali Khamenei, the group said he is playing with fire and will pay the price.

“Khamenei, playing with fire has a price.”

In a statement given to Iran’s state TV, the country’s Oil Minister Javed Owji, said that the attack was caused by external interference and led to service disruption on 70% of Iran’s gas stations. At least 30% of Iran’s gas stations are operational, with the rest gradually resolving service disruptions.

Some petrol stations, particularly in the capital, have experienced software issues with their fuel systems, and experts are working to fix the issue. The possibility of a cyberattack is also being considered.

Gonjeshke Darande revealed that the attack was conducted in a controlled manner, limiting potential damage to emergency services and ensuring a portion of gas stations were left unharmed. The group also emphasized the precautions taken to avoid harm to civilians, claiming that these companies are subject to international sanctions and continue their operations despite restrictions.

Screenshot from the Telegram channel of the Gonjeshke Darande group (Credit: Hackread.com)

“We delivered warnings to emergency services across the country before the operation began, and ensured a portion of the gas stations across the country were left unharmed for the same reason, despite our access and capability to completely disrupt their operation,” the attackers noted.

This isn’t the first time Gonjeshke Darande has targeted Iranian infrastructure. It claimed responsibility for a cyberattack on Iran’s major steel companies in June 2022. The attack started a fire in a steel factory, releasing top secret documents proving the companies’ affiliation with Iran’s Revolutionary Guard Corps. The plant’s CEO confirmed no harm

The country’s civil defence agency is currently investigating the Monday attack on Iran’s gas stations, and Israeli media has covered the alleged attack. It is worth noting that there has been no statement from the Israeli government about the cyberattack.

  1. Iranian Gas Stations Crippled After Suffering Cyberattack
  2. Watch as hackers disrupt Iran’s prison computers; leak live footage
  3. Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras
  4. Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers
  5. Iranian State TV Hacked During President’s Speech on Revolution Day
  6. Iran’s Fars News Agency website hacked as part of anti-govt protests
  7. Black Reward Hackers Steal Emails from Iran’s Atomic Energy Agency

[ad_2]
Source link

Galaxy S22 and S20 series receive December 2023 update

0
[ad_1]

Samsung has released the December 2023 Android security patch for the Galaxy S22 series. The latest security update for the 2022 flagships is currently rolling out in several international markets. A US rollout should be just around the corner. The Galaxy S20 series, meanwhile, is now picking it up globally. The US versions received the update last week.

Galaxy S22 series grabs Samsung’s December security update

As of this writing, Samsung is pushing the December SMR (Security Maintenance Release) to the Galaxy S22, Galaxy S22+, and Galaxy S22 Ultra in Europe and Asia. The updated firmware build number for the 2022 flagship phones is S90*BXXS7DWL1. The official changelog supplied by the Korean firm reveals that the update doesn’t bring anything more than the latest security fixes, which we will detail shortly.

The new firmware release for the trio has an OTA (over-the-air) file size of around 280MB in Europe and 435MB in Asia, specifically in India. However, despite the varying file sizes, the changelog is the same. The update is all about this month’s SMR. The latest security update contains fixes for more than 60 vulnerabilities. These include seven critical Android OS security flaws and over a dozen Galaxy-specific issues.

If you are using a Galaxy S22 phone, you will soon receive the December SMR with all of these vulnerability patches. Since your phone recently picked up the Android 14-based One UI 6.0 update with tons of new features and improvements, the latest release doesn’t bring any additional goodies. The next major feature update will be One UI 6.1, which debuts with the Galaxy S24 series in January.

The Galaxy S20 series is receiving the latest security patch globally

Last week, Samsung released the December SMR for the Galaxy S20, Galaxy S20+, and Galaxy S20 Ultra in the US and Canada. The update gradually expanded beyond North America and has reached other regions, including Europe. The new security patch for the international versions of the 2020 flagships comes with the firmware build number G981BXXSIHWKD.

Like the Galaxy S22 series, the update for the Galaxy S20 also doesn’t bring anything else. The aging flagships are no longer receiving feature updates. They arrived with Android 10 and will end their lives on Android 13. Security patches will come for at least a few more months. If you are using a Galaxy S20, you should consider upgrading to a newer model. You can pick one of the best Samsung smartphones or grab something else.


[ad_2]
Source link

TikTok optimizes its mobile app for foldables and tablets

0
[ad_1]

TikTok announced it’s now rolling out an enhanced app experience for larger devices, specifically foldable smartphones and tablets. One of the most popular mobile apps, TikTok is now being optimized for tablets and foldables to provide users with an enhanced experience.

Among the most important changes included in the latest update, TikTok mentions streamlined navigation bars, orientation support, as well as a clear video feed.

  • Clear video feed: Enjoy a more refined video feed that showcases content with enhanced clarity.
  • Streamlined navigation bars: Navigate through TikTok effortlessly with sleek navigation bars at the top and bottom of the screen for easy access to your favorite features and tabs.
  • Support for landscape or portrait use: It doesn’t matter how you hold your device, TikTok will now work in landscape or portrait orientation.

Additionally, TikTok says it will continue to experiment with features like Topic Feeds, which enables users to explore videos across categories like Gaming, Food, Fashion, and Sports.The social app says it’s committed to providing an inclusive and enjoyable space for all of its users, and that it will continue to invest in creating a better experience for its community.

[ad_2]
Source link

8220 Hacker Group Attacking Windows and Linux Web Servers

0
[ad_1]

The 8220 hacker group, which was first identified in 2017 by Cisco Talos, is exploiting both Windows and Linux web servers with crypto-jacking malware. One of their recent activities involved the exploitation of Oracle WebLogic vulnerability (CVE-2017-3506) and Log4Shell (CVE-2021-44228).

However, the history of this threat group had several exploited vulnerabilities such as Confluence, Log4j, Drupal, Hadoop YARN, and Apache Struts2 applications. Their TTPs are evolved with different publicly released exploits.

8220 Hacker Group

In addition to this, the group was also discovered to be exploiting (CVE-2020-14883), a Remote code execution vulnerability in Oracle WebLogic Server. This exploitation chain is combined with another authentication bypass vulnerability (CVE-2020-14882) in the Oracle WebLogic server.

The exploitation methods of these two vulnerabilities are publicly available, making it relatively easy for the threat actor to modify and exploit them for malicious purposes. 

Two different exploit chains were discovered, and one of them enables the loading of an XML file used for further phases of execution of commands on the OS, whereas the other one executes Java code without the use of an XML file.

Infection Chains

The first infection chain uses different XML files that depend on the target OS. In the case of Linux, the downloading of other files is performed via cURL, wget, lwp-download, and python urllib along with a custom bash function that encodes it to base64.

Custom bash function (Source: Imperva)

The method injects a Java code which also initially evaluates the OS and executes the same command strings executed in the first method. Once the download and execution process takes place, the compromised hosts are infected with AgentTesla, rhajk, and nasqa malware variants.

A complete report has been published, which provides detailed information about the exploitation, command used, encoding, and other information.

Indicators of Compromise

URL

URL

Source IPs

Source IPs
Malicious File Hashes

[ad_2]
Source link

Samsung has big camera upgrades planned for Galaxy S25 Ultra

0
[ad_1]

With the Galaxy S24 series almost here, the tech industry has started looking forward to Samsung’s future flagship offerings. We have already come across a few rumors about the Galaxy S25 lineup scheduled to arrive in early 2025. A tipster has now shared an alleged camera hardware upgrade roadmap for the company’s upcoming Ultra flagships. The Galaxy S25 Ultra may bring a handful of upgrades to the table.

The Galaxy S25 Ultra may see a major camera hardware upgrade

Leaks have already revealed that Samsung is upgrading the periscope zoom camera on the Galaxy S24 Ultra next year. The 2024 model will feature a 50MP sensor with 0.7µm pixels. The current Ultra has a 10MP periscope zoom camera featuring 1.12µm pixels. There is confusion regarding the maximum optical zoom levels, though. Some reports say the phone will retain 10x zoom but others have hinted at a drop to 5x optical zoom.

Despite this drop, the Galaxy S24 Ultra is expected to capture as good zoom shots as the 2023 model if not better. While we wait for confirmation about its optical zoom levels, tipster Revegnus has revealed that Samsung will further upgrade the periscope camera in 2025. The Galaxy S25 Ultra’s zoom camera will reportedly boast variable focal length. This means optical zoom at all magnification levels in the supported range.

The Galaxy S23 Ultra, for example, has 3x and 10x zoom cameras of fixed focal length. The phone relies on in-sensor zoom at 4x, 5x, and other magnification levels. With variable focal length, you get continuous optical zoom at all levels. In-sensor zoom won’t kick in until the end of its optical zoom capabilities. Effectively, you will get better zoom shots within this magnification range.

Samsung has more upgrades planned for the 2025 Ultra

The 2025 Ultra model is also said to get an improved 200MP main camera and a new ultrawide lens—12MP to 50MP. If these rumored upgrades turn out to be accurate, the Galaxy S25 Ultra could be an unbeatable camera phone. Expectedly, Samsung won’t change things much in 2026. The Galaxy S26 Ultra will get a new main camera—a larger 200MP sensor with 0.7µm pixels and a 1/1.10-inch size. The current sensor is 1/1.3 inches with 0.6µm pixels.

The rest of the camera setup may remain unchanged from the Galaxy S25 Ultra. It is worth noting that Samsung may also upgrade the selfie camera of its Ultra flagships in the coming years. The current model has a 12MP unit, which is a better solution than the 40MP selfie shooter found on last year’s Galaxy S22 Ultra. The 2024 model won’t replace it but Samsung may have something planned for 2025 or later. We will let you know when we have more information.


[ad_2]
Source link

Discord Rolls Out Security Key Support For All Users

0
[ad_1]

Discord users can now enjoy a secure experience as the service launched security key support for all users. The app now supports WebAuthn across all platforms to ensure secure account logins and prevent malicious attempts.

Discord Security Key Support Now Available Publicly

Through a recent post, Discord elaborated on using WebAuthn for secure sign-ins on the app. As described, users can now apply a more secure multi-factor authentication approach on their accounts as Discord rolls out security key support.

Specifically, Discord first launched YubiKeys support for its employees in August 2023. And now, after successfully testing the feature with its staff, the app has released this feature globally, enabling all Discord users to protect their accounts with MFA regardless of their device platforms.

Discord’s latest move isn’t new, given that the app already offered numerous 2FA options to its users, such as one-time passwords, verification codes, and one-time backup codes. However, given that security keys provide a safer sign-in facility, the app integrated this feature.

To enable this feature, users should follow this path in their Discord apps: Settings > My Account > Register a Security Key. After that, users can configure WebAuthn to activate hardware security keys or another second authentication factor (such as Windows Hello, FaceID, or Touch ID, depending on their devices).

Once done, users can enjoy secure account logins, keeping threats like credential theft via malware and phishing attempts at bay.

While security key support is now available across all platforms, Discord doesn’t mandate users to enable this feature. Instead, the new feature is merely an additional option for savvy users alongside all the legacy authentication options. Hence, users who do not prefer passwordless sign-ins may continue to protect account logins via traditional methods like OTPs.

In November, Discord announced switching to temporary CDN links for file sharing to prevent malware threats.

Let us know your thoughts in the comments.


[ad_2]
Source link

Meet the entirely legal, iPhone-crashing device, the Flipper Zero: Lock and Code S04E25

0
[ad_1]

This week on the Lock and Code podcast…

It talks, it squawks, it even blocks! The stocking-stuffer on every hobby hacker’s wish list this year is the Flipper Zero.

“Talk” across low-frequency radio to surreptitiously change TV channels, emulate garage door openers, or even pop open your friend’s Tesla charging port without their knowing! “Squawk” with the Flipper Zero’s mascot and user-interface tour guide, a “cyber-dolphin” who can “read” the minds of office key fobs and insecure hotel entry cards. And, introducing in 2023, block iPhones running iOS 17!

No, really, for a couple of months near the end of 2023, this consumer-friendly device could crash iPhones (a vulnerability that Apple fixed in a software update in mid-December), and in the United States, it is entirely legal to own.

But for security researcher Jeroen van der Ham, the Flipper Zero also served as a real pain in the butt one day in October, when, aboard a train in the Netherlands, he got a popup on his iPhone about a supposed Bluetooth pairing request with a nearby Apple TV. Strange as that may be on a train, van der Ham soon got another request. And then another, and another, and another.

In explaining the problem to the outlet Ars Technica, van der Ham wrote:

“My phone was getting these popups every few minutes and then my phone would reboot. I tried putting it in lock down mode, but it didn’t help.”

Later that same day, on his way back home, once again aboard the train, van der Ham noticed something odd: the iPhone popups came back, and this time, he noticed that his fellow passengers were also getting hit.

What van der Ham soon learned is that he—and the other passengers on the train—were being subjected to a Denial-of-Service attack, which weaponized the way that iPhones receive Bluetooth pairing requests. A Denial-of-Service attack is simple. Essentially, a hacker, or more commonly, an army of bots, will flood a device or a website with requests. The target in these attacks cannot keep up with the requests, so it often locks up and becomes inaccessible. That can be a major issue for a company that is suffering from having its website attacked, but it’s also dangerous for everyday people who may need to use their phones to, say, document something important, or reach out to someone when in need.

In van der Ham’s case, the Denial-of-Service attack was likely coming from one passenger on the train, who was aided by the small, handheld device, the Flipper Zero.

Today, on the Lock and Code podcast, with host David Ruiz, we speak with Cooper Quintin, senior public interest technologist with Electronic Frontier Foundation—and Flipper Zero owner—about what the Flipper Zero can do, what it can’t do, and whether governments should get involved in the regulation of the device (that’s a hard “No,” Quintin said).

“Governments should be welcoming this device,” Quintin said. “Every government right now is saying, ‘We need more cyber security capacity. We need more cyber security researchers. We got cyber wars to fight, blah, blah, blah,’ right?”

Quintin continued:

“Then, when you make this amazing tool that is, I think, a really great way for people to start interacting with cybersecurity and getting really interested in it—then you ban that?”

Tune in today to listen to the full conversation.

You can also find us on Apple PodcastsSpotify, and Google Podcasts, plus whatever preferred podcast platform you use.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)


We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.


[ad_2]
Source link