Tech News Feed

PSA: Update Your iPhone To iOS 15.6.1 For Two Major Security Fixes

SlashDot - Fri, 2022-08-19 21:25
Apple is advising iOS and iPadOS users to update to the latest software version to patch two security holes that could allow an application to execute arbitrary code with kernel privileges. They also issued a patch for WebKit, the browser that powers Safari and all third-party browsers on iOS. For this vulnerability, Apple says that "processing maliciously crafted web content may lead to arbitrary code execution." "With two major security fixes, we recommend all iPhone users update to iOS 15.6.1 immediately and all iPad users update to iPadOS 15.6.1," writes Chance Miller via 9to5Mac. "You can do so by heading to the Settings app, choosing General, then choosing Software Update."

Read more of this story at Slashdot.

Vietnam Demands Big Tech Localize Data Storage and Offices

SlashDot - Fri, 2022-08-19 21:02
Vietnam's Ministry of Information and Communications updated cybersecurity laws this week to mandate Big Tech and telecoms companies store user data locally, and control that data with local entities. The Register reports: The data affected goes beyond the basics of name, email, credit card information, phone number and IP address, and extends into social elements -- including groups of which users are members, or the friends with whom they digitally interact. "Data of all internet users ranging from financial records and biometric data to information on people's ethnicity and political views, or any data created by users while surfing the internet must be to stored domestically," read the decree (PDF) issued Wednesday, as translated by Reuters. The decree applies to a wide swath of businesses including those providing telecom services, storing and sharing data in cyberspace, providing national or international domain names for users in Vietnam, e-commerce, online payments, payment intermediaries, transport connection services operating in cyberspace, social media, online video games, messaging services, and voice or video calls. According to Article 26 of the government's Decree 53, the new rules go into effect October 1, 2022 -- around seven weeks from the date of its announcement. However, foreign companies have an entire 12 months in which to comply -- beginning when they receive instructions from the Minister of Public Security. The companies are then required to store the data in Vietnam for a minimum of 24 months. System logs will need to be stored for 12 months. After this grace period, authorities reserve the right to make sure affected companies are following the law through investigations and data collection requests, as well as content removal orders. Further reading: Vietnam To Make Apple Watch, MacBook For First Time Ever

Read more of this story at Slashdot.

Aston Martin V12 Vantage Roadster Is an Open-Air Swan Song - CNET

CNET News - Fri, 2022-08-19 21:00
Only 249 units will be built, and they're already spoken for.

British Judge Rules Dissident Can Sue Saudi Arabia For Pegasus Hacking

SlashDot - Fri, 2022-08-19 20:45
An anonymous reader quotes a report from The Guardian: A British judge has ruled that a case against the kingdom of Saudi Arabia brought by a dissident satirist who was targeted with spyware can proceed, a decision that has been hailed as precedent-setting and one that could allow other hacking victims in Britain to sue foreign governments who order such attacks. The case against Saudi Arabia was brought by Ghanem Almasarir, a prominent satirist granted asylum in the UK, who is a frequent critic of the Saudi royal family. At the centre of the case are allegations that Saudi Arabia ordered the hacking of Almasarir's phone, and that he was physically assaulted by agents of the kingdom in London in 2018. The targeting and hacking of Almasarir's phone by a network probably linked to Saudi Arabia was confirmed by researchers at the Citizen Lab at the University of Toronto, who are considered among the world's leading experts in tracking digital surveillance of dissidents, journalists and other members of civil society. Saudi Arabia is known to be a former client of NSO Group, whose powerful Pegasus hacking software covertly penetrates and compromises smartphones. Saudi Arabia's attempt to have the case dismissed on the grounds that it had sovereign immunity protection under the State Immunity Act 1978 was dismissed by the high court judge. In the ruling, against which Saudi Arabia is likely to appeal, Justice Julian Knowles found that Almasarir's case could proceed under an exception to the sovereign immunity law that applies to any act by a foreign state that causes personal injury. He also found that Almasarir had provided enough evidence to conclude, on the balance of probabilities, that Saudi Arabia was responsible for the alleged assault. Saudi Arabia's claim that the case was too weak or speculative to proceed was dismissed. [...] The decision could have profound implications for other individuals targeted or hacked by NSO's spyware within the UK. They include Lady Shackleton and Princess Haya, the former wife of Dubai's ruler Sheikh Mohammed bin Rashid al-Maktoum. Both were hacked by the sheikh using NSO spyware during lengthy court proceedings between Haya and her former husband in London. In a statement praising the decision, Almasarir said: "I no longer feel safe and I am constantly looking over my shoulder. I no longer feel able to speak up for the oppressed Saudi people, because I fear that any contact with people inside the kingdom could put them in danger. I look forward to presenting my full case to the court in the hope that I can finally hold the kingdom to account for the suffering I believe they have caused me."

Read more of this story at Slashdot.

Audi Teases Activesphere Concept Ahead of 2023 Debut - CNET

CNET News - Fri, 2022-08-19 20:17
This will be the fourth car in Audi's Sphere series.

Lenovo Doesn't Like Framework's Circular Power Button

SlashDot - Fri, 2022-08-19 20:02
Lenovo has taken issue with the design of the Framework Laptop and one of its power buttons. The Verge reports: In a tweet, the startup claims to have been contacted by Lenovo's legal team, who say the circular design of the power button on one of Framework's designs is too similar to the stylized "O" Lenovo uses in the wordmark for its "Legion" brand of gaming laptops. "Consumers could believe that Framework's Broken O Case or the motherboards they cover are produced by, sponsored, endorsed, licensed, or otherwise affiliated with Lenovo, when that is not the case," a screenshot of the legal letter from Lenovo posted by Framework reads. The offending power button design doesn't appear on any of Framework's laptops. Instead, the circle can be found in the 3D printer case schematics that Framework released back in April, which allow customers to build their own Raspberry Pi-style miniature PCs using just the laptop's motherboard (these can be bought separately, as well as harvested from a Framework laptop). This YouTube video gives a nice overview of how the 3D-printed enclosure is supposed to work (the power button gets pressed at the 9:35 minute mark). [...] Framework doesn't physically sell anything with the offending power button design on it, so fixing the problem is theoretically as simple as uploading a replacement set of CAD files to GitHub. So, rather than fighting Lenovo, Framework is holding a competition for its users to submit new designs for its power button. Entries are open until August 25th, and the winner gets a free i5-1135G7 Mainboard.

Read more of this story at Slashdot.

iPhone 13 vs. iPhone 14: Selfie Cameras May Get Biggest Overhaul in Years - CNET

CNET News - Fri, 2022-08-19 20:00
With rumors of a better selfie autofocus and night photos (and no notch) the iPhone 14's most improved feature might be its front-facing cameras.

Lincoln Model L100 Concept Is Wild and Wonderful - CNET

CNET News - Fri, 2022-08-19 20:00
This is about as futuristic as concept cars get.

PayPal Phishing Scam Uses Invoices Sent Via PayPal

SlashDot - Fri, 2022-08-19 19:40
Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. Krebs on Security reports: The missives -- which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction -- state that the user's account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote control over their computer. While the phishing message attached to the invoice is somewhat awkwardly worded, there are many convincing aspects of this hybrid scam. For starters, all of the links in the email lead to paypal.com. Hovering over the "View and Pay Invoice" button shows the button indeed wants to load a link at paypal.com, and clicking that link indeed brings up an active invoice at paypal.com. Also, the email headers in the phishing message (PDF) show that it passed all email validation checks as being sent by PayPal, and that it was sent through an Internet address assigned to PayPal. Both the email and the invoice state that "there is evidence that your PayPal account has been accessed unlawfully."

Read more of this story at Slashdot.

Upcoming Google Pixel 7 May Be Revealed In Hands-On Video - CNET

CNET News - Fri, 2022-08-19 19:21
A pair of Google Pixel 7 and Pixel 7 Pro prototypes shown in a YouTube video reveal slight design tweaks.

How W4 Plans To Monetize the Godot Game Engine Using Red Hat's Open Source Playbook

SlashDot - Fri, 2022-08-19 19:20
An anonymous reader quotes a report from TechCrunch: A new company from the creators of the Godot game engine is setting out to grab a piece of the $200 billion global video game market -- and to do so, it's taking a cue from commercial open source software giant Red Hat. Godot, for the uninitiated, is a cross-platform game engine first released under an open source license back in 2014, though its initial development pre-dates that by several years. Today, Godot claims some 1,500 contributors, and is considered one of the world's top open source projects by various metrics. Godot has been used in high-profile games such as the Sonic Colors: Ultimate remaster, published by Sega last year as the first major mainstream game powered by Godot. But Tesla, too, has apparently used Godot to power some of the more graphically intensive animations in its mobile app. Among Godot's founding creators is Juan Linietsky, who has served as head of development for the Godot project for the past 13 years, and who will now serve as CEO of W4 Games, a new venture that's setting out to take Godot to the next level. W4 quietly exited stealth last week, but today the Ireland-headquartered company has divulged more details about its goals to grow Godot and make it accessible for a wider array of commercial use cases. On top of that, the company told TechCrunch that it has raised $8.5 million in seed funding to make its mission a reality, with backers including OSS Capital, Lux Capital, Sisu Game Ventures and -- somewhat notably -- Bob Young, the co-founder and former CEO of Red Hat, an enterprise-focused open source company that IBM went on to acquire for $34 billion in 2019. [...] "Companies like Red Hat have proven that with the right commercial offerings on top, the appeal of using open source in enterprise environments is enormous," Linietsky said. "W4 intends to do this very same thing for the game industry." In truth, Godot is nowhere near having the kind of impact in gaming that Linux has had in the enterprise, but it's still early days -- and this is exactly where W4 could make a difference. [...] W4's core target market will be broad -- it's gunning for independent developers and small studios, as well as medium and large gaming companies. The problem that it's looking to solve, ultimately, is that while Godot is popular with hobbyists and indie developers, companies are hesitant to use the engine on commercial projects due to its inherent limitations -- currently, there is no easy way to garner technical support, discuss the product's development roadmap, or access any other kind of value-added service. [...] "W4 will offer console ports to developers under very accessible terms," Linietsky said. "Independent developers won't need to pay upfront to publish, while for larger companies there will be commercial packages that include support." Elsewhere, W4 is developing a range of products and services which it's currently keeping under wraps, with Linietsky noting that they will most likely be announced at Game Developers Conference (GDC) in San Francisco next March. "The aim of W4 is to help developers overcome any problem developers may stumble upon while trying to use Godot commercially," Linietsky added. It's worth noting that there are a handful of commercial companies out there already, such as Lone Wolf Technology and Pineapple Works, that help developers get the most out of Godot -- including console porting. But Linietsky was keen to highlight one core difference between W4 and these incumbents: its expertise. "The main distinctive feature of W4 is that it has been created by the Godot project leadership, which are the individuals with the most understanding and insight about Godot and its community," he said.

Read more of this story at Slashdot.

The US Plans To Block Sales of Older Chipmaking Tech To China

SlashDot - Fri, 2022-08-19 18:40
The Biden administration will attempt to roll back China's chipmaking abilities by blocking tools that make a widely used type of transistor other chipmakers have employed for years. From a report: The Biden administration has for several months been working to tighten its grip on U.S. exports of technology that China needs to make advanced chips, with the goals of both hurting China's current manufacturing ability and also blocking its future access to next-generation capabilities. According to two people familiar with the administrations plans, President Joe Biden's approach is based around choking off access to the tools, software and support mechanisms necessary to manufacture a specific type of technology that is one of the fundamental building blocks of modern microchips: the transistor. To achieve its objectives, the administration has elected to work to block China's access to transistors that use a specific design called FinFET. The plans include blocking domestic exports of tools that are capable of printing chips with FinFET transistors, while also preventing the tool makers -- such as Applied Materials, Lam Research and KLA -- from servicing or supporting equipment they have already sold to various Chinese companies, according to the sources. Big chip manufacturers achieved high-volume production of the transistor technology targeted by the Biden administration roughly eight years ago, but it is still widely used today to manufacture advanced chips designed for servers and iPhones alike. China's largest chipmaker, SMIC, disclosed in 2019 it recently began high-volume production of FinFET-based chips.

Read more of this story at Slashdot.

Snapchat Brings House of the Dragon to Cities Across the World Via AR - CNET

CNET News - Fri, 2022-08-19 18:39
The location-specific feature will see different dragons grace different global landmarks.

John Carmack's AGI Startup Keen Raises $20M From Nat Friedman, Daniel Gross and Sequoia

SlashDot - Fri, 2022-08-19 18:13
John Carmack, a programmer who founded gaming firm id Software and served as chief technology officer of Oculus, has launched a new artificial general intelligence startup called Keen Technologies, and it has raised $20 million in a financing round co-led by former GitHub chief executive Nat Friedman and Cue founder Daniel Gross, Carmack said Friday. Stripe co-founder Patrick Collison, Shopify co-founder Tobi Lutke, storied venture fund Sequoia and microprocessor engineer Jim Keller also invested in the round, a name of which as well as the startup's valuation Carmack did not disclose. In a Twitter thread, Carmack adds: This is explicitly a focusing effort for me. I could write a $20M check myself, but knowing that other people's money is on the line engenders a greater sense of discipline and determination. I had talked about that as a possibility for a while, and I am glad Nat pushed me on it. I am continuing as a consultant with Meta on VR matters, devoting about 20% of my time there.

Read more of this story at Slashdot.

Trump's Truth Social Sees Uptick in Users After FBI's Mar-a-Lago Search - CNET

CNET News - Fri, 2022-08-19 18:09
The former US president has been using the social media app to share his thoughts about the FBI searching his Mar-a-Lago home in Florida.

What Belt-Tightening? Cisco CEO Planned $1 Billion Budget Increase To Retain Employees

SlashDot - Fri, 2022-08-19 18:00
Cisco Systems CEO Chuck Robbins told managers earlier this month that the networking hardware pioneer would increase its operating expenses $1 billion over the next 12 months, in part to raise employee pay to stem a rise in departures, The Information reported Friday, citing a person with direct knowledge of the situation. From a report: Robbins made the surprising comment after the company's revenue growth flatlined in the quarter that ended in July and following a 12-month period in which Cisco shrank its operating expenses as its free cash flow fell. The company didn't discuss Robbins' plan in its quarterly earnings report or conference call on Wednesday. Cisco's move may seem unusual, given the belt-tightening happening almost everywhere else in the tech sector. Most major technology companies, including Google, Meta Platforms and Oracle, are freezing hiring, laying off employees or cutting contractors and extraneous projects as their growth slows. At the same time, these companies face enormous pressure to retain employees in a tight labor market after some workers have expressed concerns about their pay amid rising inflation. Earlier in the year, before macroeconomic conditions deteriorated further, managers' concerns about employee turnover prompted Microsoft and Amazon to announce broad pay increases.

Read more of this story at Slashdot.

Following Mar-a-Lago raid, lawmakers want information from platforms on threats against law enforcement

Engadget - Fri, 2022-08-19 17:45

The FBI’s search of former President Donald Trump's residence inspired a flurry of online death threats directed at law enforcement personnel. Now, members of the House Oversight Committee want information from major social platforms, including the number of threats that have surfaced on their sites and what they’ve done in response. The Washington Postreported that lawmakers on Friday sent letters to eight different platforms, including Meta, Twitter, TikTok and the messaging app Telegram, as well as the right-wing leaning platforms Truth Social, Rumble and Gettr.

“The Committee is seeking to understand how your company responds when users post threats against law enforcement, how your company plans to prevent your platform from being used to incite violence against law enforcement personnel, and whether legislative reform is necessary to protect law enforcement personnel and increase coordination with federal authorities,” wrote House Oversight Committee Chairwoman Carolyn B. Maloney (D-NY) and House national security subcommittee Chairman Stephen F. Lynch (D-MA.) No Republicans signed on to the letter.

Earlier this month a man attempted to break into an FBI field office in Ohio, armed with a nail gun and rifle. The suspect was later shot by officers and pronounced dead at the scene. Media outlets later reported that the suspect posted numerous times about his plans on Trump-owned Truth Social in the days leading up to the attack. “We must not tolerate this one,” the suspect wrote in one post.

So far, only Gab has responded to the Post's request for comment. CEO Andrew Torba sent the Post links to blog posts, one which mentioned it is still "considering" its request to Congress. Gab has ignored a prior request from Congress regarding posts related to the January 6th insurrection, claiming that it does not possess such information. A hacker later exfilterated data from millions of accounts on Gab, including many associated with prominent white supremacists and far-right extremists on the platform." The House panel has given the companies until September 2nd to respond to the request. 

Australia To Target Vehicle Emissions To Boost Electric Car Supply

SlashDot - Fri, 2022-08-19 17:20
Australia's government said on Friday it plans to introduce new regulations targeting vehicle carbon emissions to boost the uptake of electric cars, as it looks to catch up with other developed economies. From a report: Just 2% of cars sold in Australia are electric compared with 15% in Britain and 17% in Europe, and the country risked becoming a dumping ground for vehicles that can't be sold elsewhere, Climate Change and Energy Minister Chris Bowen said. Apart from Russia, Australia is the only OECD country to either not have or be developing fuel efficiency standards, which encourage manufacturers to supply more electric and no-emission vehicles, he said. "To me, this is ultimately about choice. And policy settings are denying Australians real choice of good, affordable, no emissions cars," Bowen told an electric vehicle summit in Canberra. The government will release a discussion paper for consultation in September, with a focus on increasing EV uptake, improving affordability, and looking at options for fuel efficiency standards.

Read more of this story at Slashdot.

Lucid debuts its performance EV brand with the $249,000 Air Sapphire

Engadget - Fri, 2022-08-19 17:15

Are you considering a Lucid Air, but worried you might not outrun a Model S Plaid in a drag race? That might not be a problem if you have a large-enough bank account. Lucid has introduced a Sapphire badge devoted to "ultra-high-performance" EVs. The first model in the line, the Lucid Air Sapphire, promises to outperform Tesla's Plaid cars in at least some conditions — and not just in a straight line.

The Air Sapphire centers around a tri-motor system (one front, two rear) producing over 1,200HP, topping even the no-longer-available Dream Edition. In tandem with better cooling, the new powerplant reportedly delivers a 0-60MPH sprint in under two seconds, 0-100MPH in less than four seconds and a quarter-mile time below nine seconds. You can expect a top speed above 200MPH. While that's not guaranteed to demolish a customized Model S Plaid, this is also a factory-stock car that doesn't need a preconditioning period (like Tesla's Drag Strip Mode) to reach its full potential.

And yes, Lucid believes the Air Sapphire can handle turns and twists. You can expect a slightly wider body to accommodate new Aero Sapphire wheels with special Michelin tires. The motors' torque vectoring, meanwhile, promises both better turn-in while upgrading stability in straightaways. You can also expect a stiffer suspension, stiffer bushings and custom tuning for everything from the antilock brake system through to power steering. Range and other details are forthcoming.

Lucid Air Sapphire interiorLucid Motors

Most of the interior changes revolve around software. While there is a new visual theme and "highly bolstered" seating, the centerpiece is an updated interface with more performance-oriented features that include a dedicated Sapphire Mode.

None of these optimizations come cheap, however. Lucid will ask $249,000 for the limited-run Air Sapphire, with pre-orders in the US and Canada starting August 23rd at 9AM Eastern. That makes the $179,000 Grand Touring trim seem like a relative bargain, and even Porsche's $187,400 Taycan Turbo S is more affordable. In this category, though, bragging rights often help justify any premiums.

This might also represent an important strategy switch for Lucid. The fledgling EV maker has had to drastically cut its production targets in light of supply chain problems, and now expects to make no more than 7,000 cars in 2022 instead of the originally planned 20,000. Sapphire will arrive too late to help this year, but it might offset future financial trouble by increasing Lucid's profit from the cars it ships.

TikTok's In-App Browser Can Monitor Your Keystrokes, Researcher Says - CNET

CNET News - Fri, 2022-08-19 17:07
The app inserts code that can track activity on sites its browser is used to access, says a privacy researcher. TikTok says it uses the code for things like debugging.

Pages