By Christopher Bing and Joseph Menn
WASHINGTON/SAN FRANCISCO (Reuters) – Apple Inc <AAPL.O> is planning to fix a flaw that a security firm said may have left more than half a billion iPhones vulnerable to hackers.
The bug, which also exists on iPads, was discovered by ZecOps, a San Francisco-based mobile security forensics company, while it was investigating a sophisticated cyberattack against a client that took place in late 2019. Zuk Avraham, ZecOps’ chief executive, said he found evidence the vulnerability was exploited in at least six cybersecurity break-ins.
An Apple spokesman acknowledged that a vulnerability exists in Apple’s software for email on iPhones and iPads, known as the Mail app, and that the company had developed a fix, which will be rolled out in a forthcoming update on millions of devices it has sold globally.
Apple declined to comment on Avraham’s research, which was published on Wednesday, that suggests the flaw could be triggered from afar and that it had already been exploited by hackers against high-profile users.
Avraham said he found evidence that a malicious program was taking advantage of the vulnerability in Apple’s iOS mobile operating system as far back as January 2018. He could not determine who the hackers were and Reuters was unable to independently verify his claim.
To execute the hack, Avraham said victims would be sent an apparently blank email message through the Mail app forcing a crash and reset. The crash opened the door for hackers to steal other data on the device, such as photos and contact details.
ZecOps claims the vulnerability allowed hackers to remotely steal data off iPhones even if they were running recent versions of iOS. By itself, the flaw could have given access to whatever the Mail app had access to, including confidential messages.
Avraham, a former Israeli Defense Force security researcher, said he suspected that the hacking technique was part of a chain of malicious programs, the rest undiscovered, which could have given an attacker full remote access. Apple declined to comment on that prospect.
ZecOps found the Mail app hacking technique was used against a client last year. Avraham described the targeted client as a “Fortune 500 North American technology company,” but declined to name it. They also found evidence of related attacks against employees of five other companies in Japan, Germany, Saudi Arabia, and Israel.
Avraham based most of his conclusions on data from “crash reports,” which are generated when programs fail in mid-task on a device. He was then able to recreate a technique that caused the controlled crashes.
Two independent security researchers who reviewed ZecOps’ discovery found the evidence credible, but said they had not yet fully recreated its findings.
Patrick Wardle, an Apple security expert and former researcher for the U.S. National Security Agency, said the discovery “confirms what has always been somewhat of a rather badly kept secret: that well-resourced adversaries can remotely and silently infect fully patched iOS devices.”
Because Apple was not aware of the software bug until recently, it could have been very valuable to governments and contractors offering hacking services. Exploit programs that work without warning against an up-to-date phone can be worth more than $1 million.
While Apple is largely viewed within the cybersecurity industry as having a high standard for digital security, any successful hacking technique against the iPhone could affect millions due to the device’s global popularity. In 2019, Apple said there were about 900 million iPhones in active use.
Bill Marczak, a security researcher with Citizen Lab, a Canada-based academic security research group, called the vulnerability discovery “scary.”
“A lot of times, you can take comfort from the fact that hacking is preventable,” said Marczak. “With this bug, it doesn’t matter if you’ve got a PhD in cybersecurity, this will eat your lunch.”
(Reporting by Christopher Bing in Washingtong and Joseph Menn in San Francisco. Contributions from Jack Stubbs in London and Stephen Nellis in San Francisco; editing by Chris Sanders, Edward Tobin and Sonya Hepinstall)
Customers are reporting a bug in their iPhone 11's display – Pocketnow
It seems that the green tint isn’t a Samsung problem only. Some Apple users are starting to report a green tint on the displays in their iPhone 11, iPhone 11 Pro, and iPhone 11 Pro devices. It apparently appears randomly after unlocking their devices.
The guys over at MacRumors have spotted several reports at Reddit, of Apple customers that mention a green tint on the iPhone 11 models. In most cases, the displays turn green after unlocking their devices or when Dark Mode and Night Shift are activated. It is believed that this is a software issue since it started to show up after the iOS 13.5 update.
The green tint disappears after a while, but it comes back from time to time. Maybe this bug will go away with a future iOS update, but iPhone 11 users will have to wait, as Apple is currently testing iOS 13.5.5 beta.
Linus apologizes to Epic boss over PlayStation 5 SSD remarks – TweakTown
A bit ago Linus from Linus Tech Tips called Tim Sweeney out and criticized the Epic boss’ remarks about the PS5’s SSD. Now Linus has apologized and delves deeper into the PlayStation 5’s storage tech.
Tim Sweeney is a huge fan of the PS5’s SSD, and went so far as to call it ‘god-tier.’ Sony’s next-gen SSD is beyond the highest-level PC SSDs on the market today with best-in-class storage, Sweeney said. Like many PC gamers, Linus Sebastian was skeptical and made some comments about Sweeney shilling for the PS5. But now after actually watching Mark Cerny’s presentation, digging through research, and checking out older Sony SSD patents, Linus is apologizing.
The apology video goes into depth about the PS5’s SSD, but none of the details will be a surprise to anyone that’s read our PlayStation 5 SSD deep dive coverage.
“Bottom line, Mr. Sweeney probably knows thigns we don’t. But even based on what we can see for ourselves, if what Sony is saying is true, he wasn’t shilling for the PS5,” Linus said.
“I set some of you on a wrong path, it was a breach of our trust, and I can do better. And finally, once more, I’m especially sorry to Mr. Sweeney who might not give a hoot about my blunder, or my apology, and I would understand that.”
VIEW GALLERY – 5 IMAGES
The gist of the PS5 SSD’s potential isn’t just the raw 5.5GB/sec speeds of the PCIe 4.0 NVMe M.2 SSD, but how the console will be able to actually make use of those speeds.
The PS5 has a special 12-channel memory controller that allows for instantaneous data access and streaming right into special dedicated I/O block built right into the SoC, which is then loaded into the 16GB GDDR6 RAM pool and passed to the CPU and GPU for processing. Custom OS software and tools allows Sony to circumvent limitations of environments like Windows 10–instead of being built for a myriad of builds, the PS5’s OS is made specifically to synergize with the hardware itself.
Alongside a decompression block that uses Kraken’s new compression tech, the PS5 can pull compressed assets at 9GB/sec with up to 20GB/sec speeds, and rapidly decompress them for use within the system.
So what does this mean? The following is a brief breakdown of what to expect from the PS5’s SSD, but bear in mind this is just the beginning. We don’t truly know how far devs can push this technology yet.
Decompressed assets will load much faster, leading to instantaneous gaming without loading times.
Since SSDs don’t need to seek for data like an HDD, the elimination of seek times will also supercharge loading and streamline gaming–environments will be accessible right away, no textures will pop in like in No Man’s Sky on PS4, and the system will be able to access and load data within the blink of an eye. Compressed assets can also be made ready faster than ever before.
Sony says the PS5’s SSD is 100x faster than the PS4 and will lead to instantaneous open-world gaming.
Games can be smaller now that there’s no need for asset duplication.
Right now games have to store assets into the RAM memory buffer, which requires lots of data replication. Games like Spider-Man, for instance, have many separate instances of smaller objects like light poles, newspapers, cars, and fire hydrants. With the PS5’s SSD, the game can simply load a single asset as its needed instead of having to load hundreds of them from the RAM pool (the PS5’s memory buffer can also process speeds at up to 448GB/sec).
Streamlined data will make everything more efficient, including graphical effects.
Now that the PS5 can blast data, textures, and assets through the RAM and to the CPU and GPU for processing at such high speeds, it allows an even more efficient delivery pipeline for said data. This is vital for new enhanced graphical upgrades like ray tracing, which depends on complex lighting rendering techniques made possible by data fed to the Navi RDNA 2.0 GPU.
It will also enable the new Lumen features found in Unreal Engine 5, a new kind of photogrammetry lighting system that lets developers bake in next-gen global illumination into environments.
This pipeline will also allow UE5’s new Nanite system, a micro-polygon rendering technique that lets developers render cinematic-quality visuals in real-time with sub-pixel control. Streamlined data pipelines are needed to facilitate this kind of higher-end tech.
The SSD will also be hugely instrumental for other features like 8K visuals, native 4K 60FPS, 1080p 120FPS, etc.
Sony’s PlayStation 5 is slated to release Holiday 2020. No pricing or exact launch has been announced, but Sony will reveal PS5 launch exclusives sometime soon.
PlayStation 5 specs and details:
- Custom SoC with second-gen Navi GPU, Zen 2 CPU
- 8-Core, 16-thread Zen 2 CPU at 3.5GHz
- Navi 2X GPU with 36 CUs on RDNA 2 at 2.23GHz
- Ultra-fast 825GB SSD with up to 9GB/sec speeds
- Support for 4K 120 Hz TVs
- Ray-tracing enabled
- 8K output support (for gaming)
- Plays PS4 games, BC is on a title-to-title basis
- Separate games that ship on BD-XL Blu-ray discs
- New controller with extensive haptic and tactile feedback
Google is facing a class action lawsuit because it's incognito mode still allows websites to track your data – Mashable SE Asia
Using incognito mode might not be the best way to hide yourself on the internet.
Many of us think that it’s a somewhat ‘safer’ way to surf the internet. But in truth, the only thing it does is not save your browsing history.
But the misconception of what it can and can’t do has angered some people who used incognito mode on Chrome.
Because of this, the tech giant was slapped with a US$5 million lawsuit for illegally tracking millions of users.
The class action lawsuit states that Google needs to pay US$5,000 in damages for each violation, which covers wiretapping and privacy laws in California.
It was filed by the San Jose, California federal court on June 2. The court said that Google collects user’s data through its Google Analytics, Google Ad Manager, website plug-ins, and mobile apps in incognito mode. Google knows everything users do, including the “most intimate and potentially embarrassing things” they search on the internet.
However, if you open the incognito window in Chrome, it clearly states that:
Your activity might still be visible to:
– Websites you visit
– Your employer or school
– Your internet service provider
And it doesn’t save the following information:
– Your browsing history
– Cookies and site data
– Information entered in forms
Google spokesperson Jose Castaneda said, “Incognito mode in Chrome gives you the choice to browse the internet without your activity being saved to your browser or device. As we clearly state each time you open a new incognito tab, websites might be able to collect information about your browsing activity.”
Castaneda also said that the company plans to defend itself, because Google has clearly stated in its support page that incognito mode doesn’t hide your activity or location from websites you visit.
If you want to hide yourself on the internet, the best way is to use a Virtual Private Network (VPN). While these kind of services are quite costly, it’s a sure-fire way that your identity and information are kept from prying eyes.
So the next time you browse or search the internet in incognito mode, just remember that you’re still being tracked.
Saints’ Drew Brees responds to Trump: It was ‘never’ about the flag – Sportsnet.ca
Customers are reporting a bug in their iPhone 11's display – Pocketnow
Small percentage of Ottawa residents infected with COVID-19: Ottawa Public Health – CTV News Ottawa
- Science18 hours ago
Full 'Strawberry' Moon coincides with a penumbral lunar eclipse tonight – Daily Mail
- Media10 hours ago
3 Media and Entertainment Industry Trends Driven by the Impact of COVID-19 on Digital Content Consumption Patterns | Submit RFP for Detailed Insights | Quantzig – Business Wire
- News22 hours ago
Canadians living in China watch developments in Meng case closely – CTV News
- Art24 hours ago
Ottawa business faces backlash after posts on Blackout Tuesday – CTV News Ottawa
- News10 hours ago
Feds to send $600 to some Canadians with disabilities – CTV News
- Economy22 hours ago
BoC eyeing supply, consumer demand for July economic outlook, deputy says – BNNBloomberg.ca
- Tech22 hours ago
Reminder: You Can Download A Free Version Of Clubhouse Games: 51 Worldwide Classics – Nintendo Life
- Media22 hours ago
Hong Kong's free media fears being silenced by China's national security law – The Globe and Mail