Thirty years of Windows is a lifetime.
For better or for worse, Windows has defined the modern era of personal computing. Microsoft’s signature OS runs on the vast majority of PCs worldwide, and it has also worked its way into servers, tablets, phones, game consoles, ATMs, and more.
Windows’ 30 years or so of existence has spanned generations of computing and entire lifetimes of companies and their products. Understandably, choosing the most noteworthy moments of Windows’ long life has been a challenging task, but we went for it. On the following slides we present our our list of the obvious, and not-so-obvious, milestones in Windows history. continued…
first published week of: 08/15/2016
Attackers can use rogue USB-to-Ethernet adapters to steal credentials from locked Windows, and possibly OS X, computers
Most users lock their computer screens when they temporarily step away from them. While this seems like a good security measure, it isn't good enough, a researcher demonstrated this week.
Rob Fuller, principal security engineer at R5 Industries, found out that all it takes to copy an OS account password hash from a locked Windows computer is to plug in a special USB device for a few seconds. The hash can later be cracked or used directly in some network attacks.
For his attack, Fuller used a flash-drive-size computer called USB Armory that costs $155, but the same attack can be pulled off with cheaper devices, like the Hak5 LAN Turtle, which costs $50.
The device needs to masquerade as an USB-to-Ethernet LAN adapter in such a way that it becomes the primary network interface on the target computer. This shouldn't be difficult because: 1) operating systems automatically start installing newly connected USB devices, including Ethernet cards, even when they are in a locked state and 2) they automatically configure wired or fast Ethernet cards as the default gateways.
For example, if an attacker plugs in a rogue USB-to-Gigabit-Ethernet adapter into a locked Windows laptop that normally uses a wireless connection, the adapter will get installed and will become the preferred network interface. continued…
first published week of: 09/12/2016
VoCo lets you copy and paste existing words, or just write whole new words.
VoCo tech ingests speech, deconstructs it, then creates new words from scratch.
Adobe has demonstrated tech that lets you edit recorded speech so that you can alter what that person said or create an entirely new sentence from their voice. It seems inevitable that it will eventually be referred to as "photoshop but for audio."
The tech, dubbed VoCo (voice conversion), presents the user with a text box. Initially the text box shows the spoken content of the audio clip. You can then move the words around, delete fragments, or type in entirely new words. When you type in a new word, there's a small pause while the word is constructed—then you can press play and listen to the new clip. VoCo works by ingesting a large amount of voice data (about 20 minutes right now, but that'll be improved), breaking it down into phonemes (each of the distinct sounds that make up a spoken language), and then attempting to create a voice model of the speaker—presumably stuff like cadence, stresses, quirks, etc., but Adobe hasn't provided much detail yet.
Then, when you edit someone's speech, VoCo either finds that word somewhere within the 20-minute clip—or if the word hasn't been uttered, it is constructed out of raw phonemes. At around the 4:30 mark in the video you can hear the phase "three times" being constructed from scratch; if you listen carefully, it does sound a bit synthetic, but it's not awful. Copying and pasting existing words sounds better. continued…
first published week of: 11/07/2016
Don't count on seeing an actual Apple Car anytime soon, but a future car may still run on Apple's self-driving platform.
Apple’s oft-rumored (but never confirmed) car project is reportedly being scaled back. The effort, codenamed Project Titan, will now focus on creating an autonomous driving software platform as opposed to a full-blown car, according to Bloomberg.
The latest report from Bloomberg basically confirms the news organization’s own suspicions back in July. At that time, Apple hired Dan Dodge, creator of BlackBerry-owned QNX automotive software platform, which Bloomberg believed signaled a stronger focus on software.
However, Bloomberg said at the time that Apple was not abandoning car development, which no longer appears to be the case. Project Titan has been scaled back with “hundreds” of job cuts, and a declaration by project leader Bob Mansfield that Apple was shifting to focus on the platform, Bloomberg reports. continued…
first published week of: 10/24/2016
Auto Supplier Wants To Make LiDAR cHeaper For Automakers
Infineon announced on Monday that it is buying Innoluce BV, a Dutch company that manufactures teensy LiDAR modules, in hopes of using the technology to bring self-driving car technology into the mainstream. "We intend to make lidar an affordable feature for every new-built car worldwide," Peter Schiefer, the head of Infineon's automotive division, said in a statement.
LiDAR, which works like RADAR except with laser light, is essential for autonomous cars as it enables the vehicles to accurately gauge their distance from surrounding obstacles. The problem is that, until recently, LiDAR units were insanely expensive to produce en masse. continued…
first published week of: 10/17/2016
The term "wearable technology" can refer to a wide variety of gadgets you strap on your body, from smartwatches and fitness trackers to headworn virtual reality systems. We spent plenty of time with all of the above in 2016: These are our picks for the best wearables money can buy.
Google's smartphone-based virtual reality can do big things down the road, after compatibility widens and developers make more content for it. Right now it has a small handful of games and works with an even smaller handful of phones.
Its sleek, fabric construction does, however, mark a step forward for mobile VR design. And its remote-pointer, while a far cry from the motion controls on the Oculus Rift and HTC Vive (read on), is akin to using a Wii remote in VR. continued…
first published week of: 12/12/2016
The new law that tightens China’s control over the internet could impact foreign companies
China has passed a new cybersecurity law that gives it greater control over the internet, including by requiring local storage of certain data.
Human rights groups and trade associations in the U.S. and other countries have warned of the implications of the law both for internet businesses and human rights in the country.
The National People's Congress Standing Committee passed the new cybersecurity law Monday, according to reports.
“Despite widespread international concern from corporations and rights advocates for more than a year, Chinese authorities pressed ahead with this restrictive law without making meaningful changes,” said Sophie Richardson, China director of Human Rights Watch (HRW), in a statement over the weekend. continued…
first published week of: 11/07/2016
Chrome’s security team announced today that the browser will start marking websites that use insecure HTTP connections to transmit passwords and credit card data as insecure, beginning in January 2017. The warning will appear in the address bar of the browser and will call users’ attention to the fact that their personal information could be snooped or stolen.
Eventually, Chrome will add the security warning to HTTP pages when a user visits them in the browser’s “Incognito” mode, and later the warning will roll out to all HTTP pages.
The changes seem intended to pressure site owners to switch to the more secure HTTPS, which encrypts data while in transit and helps prevent the site from being modified by a malicious user on the network. “Don’t wait to get started moving to HTTPS. HTTPS is easier and cheaper than ever before, and enables both the best performance the web offers and powerful new features that are too sensitive for HTTP,” Chrome’s Emily Schechter wrote in a post announcing the changes. continued…
first published week of: 09/12/2016
Company advisories further corroborate authenticity of mysterious Shadow Brokers leak.
Cisco Systems has confirmed that recently-leaked malware tied to the National Security Agency exploited a high-severity vulnerability that had gone undetected for years in every supported version of the company's Adaptive Security Appliance firewall.
"It's still a critical vulnerability even though it requires access to the internal or management network, as once exploited it gives the attacker the opportunity to monitor all network traffic, Mustafa Al-Bassam, a security researcher
The previously unknown flaw makes it possible for remote attackers who have already gained a foothold in a targeted network to gain full control over a firewall, Cisco warned in an advisory published Wednesday. The bug poses a significant risk because it allows attackers to monitor and control all data passing through a vulnerable network. To exploit the vulnerability, an attacker must control a computer already authorized to access the firewall or the firewall must have been misconfigured to omit this standard safeguard.
"It's still a critical vulnerability even though it requires access to the internal or management network, as once exploited it gives the attacker the opportunity to monitor all network traffic," Mustafa Al-Bassam, a security researcher, told Ars. "I wouldn't imagine it would be difficult for the NSA to get access to a device in a large company's internal network, especially if it was a datacenter." continued…
first published week of: 08/22/2016
A few dozen cities in America have next-generation broadband networks that offer speeds of 1 gigabit per second — about 50 times faster than a typical connection. These super-fast connections were supposed to revolutionize Americans’ experience of the internet and rev up the country’s noncompetitive broadband market.
When these networks were being built, advocates pointed to a number of potential applications. Gigabit networks, they promised, would enable users to interact in complex virtual reality environments. They’d make possible good-as-life teleconferencing that could allow seniors to visit doctors from home.
But six years after the first super-fast connections went live, even proponents concede no “killer” gigabit application has emerged. Most of their potential, critics say, is simply ignored by users. And building gigabit networks nationwide would be a colossally expensive undertaking.
That has caused even some former enthusiasts of these networks to wonder whether the early hype around gigabit networks was misplaced. Perhaps it makes sense to settle for more incremental — and much less expensive — upgrades to the networks we already have. continued…
first published week of: 10/24/2016