Today's Hard|Forum Post
Today's Hard|Forum Post

[H]ard News

Wednesday February 20, 2019

Disney Removes Advertising from YouTube in Response to Child Exploitation Videos

The Walt Disney Company, Epic Games, Nestle SA and other corporations have removed their advertising from YouTube in response to a video that detailed how criminals are using the YouTube comments section to run a "soft-core pedophilia ring." Video blogger Matt Watson showed evidence of how these pedophiles are encouraging children to do challenges and upload them. When the videos are uploaded by the child, the criminals upload a copy on their own channel(s). There they create timestamps to the parts that show the children in compromising positions. Also they bombard the comments section with links to pedophilia on other websites and hidden videos.

The worst part is that pedophiles are using YouTube's algorithm to find the videos. For example, by searching for bikinis and then clicking on a video of a child, the algorithm "locks" the user into these videos in the recommended section. By interacting with the pedophiles in the comment section, the algorithm shows more disturbing content. Matt Watson calls it a wormhole. YouTube knows this activity is happening, but only disables the comment section of the videos. According to Matt Watson, Youtube doesn't remove the offensive videos or accounts that uploaded them. After the uproar happened, YouTube is now removing the content shown in the blogger's video. But what of the countless others out there? The link to the video from Matt Watson is NSFW and can be found in the Bloomberg article.

News Image

"Any content --including comments -- that endangers minors is abhorrent and we have clear policies prohibiting this on YouTube. We took immediate action by deleting accounts and channels, reporting illegal activity to authorities and disabling violative comments," a spokeswoman for YouTube said in an email.

Discussion

Password Manager Vulnerabilities Exposed

A report from Independent Security Evaluators (ISE) showed that password manager security is acceptable in non-running states, but are vulnerable to memory attacks when in running states. Products from 1Password4, 1Password7, Dashlane, KeePass, and LastPass were tested in the report. For example, 1Password4 properly scrubbed old password entries from memory when it loaded a new entry; this meant that only one password was exposed at a time. But the master password remained obfuscated in memory and a bug allowed the master password to be stored in memory in a cleartext form; even when locked. In another example, 1Password7 decrypted and loaded all the individual passwords in the running state and didn't scrub the individual passwords, master password or the secret key when transitioning from the unlocked to locked state!

Dashlane exhibited good security practices until the user changed an entry. Then it exposed the "entire database plaintext in memory and it remains there even after Dashlane is logged out of or 'locked'." The entries remained in memory for more than 24 hours. KeePass was decent until a simple strings dump from the process memory of KeePass was performed. There it exposed all entries that had been interacted with. LastPass performed as well as KeePass. ISE concluded that while "it is evident that attempts are made to scrub and sensitive memory in all password managers. However, each password manager fails in implementing proper secrets sanitization for various reasons."

The password manager vendors responded to the report from ISE. LastPass says it patched its issues and KeePass noted that the basic underpinnings of Windows affected its ability to scrub the password entries as "Windows and .NET may make copies of the data (in the process memory) that cannot be erased by KeePass." Dashlane noted that "if an attacker has full control of a device at the lowest operating systems level, they can read any and every information on the device." 1Password's spokesperson took the same stance with "An attacker who is in a position to exploit this information in memory is already in a very powerful position. No password manager (or anything else) can promise to run securely on a compromised computer."

News Image

In this paper we will examine the inner workings as they relate to secrets retrieval and storage of 1Password, Dashlane, KeePass and LastPass on the Windows 10 platform (Version 1803 Build 17134.345) using an Intel i7-7700HQ processor. We examine susceptibility of a password manager to secrets exfiltration via examination of the password database on disk; memory forensics; and finally, keylogging, clipboard monitoring, and binary modification. Each password manager is examined in its default configuration after install with no advanced configuration steps performed. This paper is not meant to criticize specific password manager implementations; however, it is to establish a reasonable minimum baseline which all password managers should comply with.

Discussion

Here Is the Samsung Unpacked Press Event

The Samsung Unpacked Press Event is live.

Welcome to the next generation. #SamsungEvent #Unpacked.

Discussion

ASUS Maximus XI Apex Motherboard Broken Down

Actually Hardcore Overclocking just posted a detailed analysis of an ASUS Maximus XI Apex LGA 1151 motherboard, and overall, it looks like great board. In the YouTuber's own words, the motherboard's VRM setup is "overkill," yet it's significantly cheaper than other LGA 1151 motherboards from Asus with inferior VRM setups. This particular board has several features designed exclusively for LN2 runs, but also has other features water or air overclockers would appreciate, like a dual BIOS setup and only 2 DDR4 DIMM slots for maximum memory overclocking performance. Check out the analysis below:

Discussion

Japanese Government Will Hack Their Citizen's IoT Devices

Numerous security experts have (justifiably) expressed concern with the security of IoT devices that enter the market every day, But today, the Japanese government is doing something about it, as they will start testing the security of their own citizen's IoT devices. "NOTICE," as they call it, will identify internet-connected IoT devices with "weak password settings," and notify the relevant telecommunications carrier, who in turn will notify the owners of the vulnerable device. IEEE Spectrum, who spotted the notice, notes that the government recognized IoT as a national security thread in 2015, and that they probably don't want any security trouble at the 2020 Olympics, when the whole world is watching.

News Image

The survey is to check whether the password setting in each IoT device is easily guessed (e.g., "123456", "password", etc.), and the survey will not intrude into the device or acquire information other than that required for the survey. As for the information obtained by the survey, strict safety control measures will be taken in accordance with NICT's implementation plan approved by the Minister for Internal Affairs and Communications.

Discussion

Intel Confirms that FinFET MRAM is Production Ready

Late last year, EE Times published a report claiming that Intel was already shipping MRAM products to undisclosed customers. At the time, Intel only confirmed that their MRAM was "production ready" and didn't elaborate any further. But now, the news outlet says that Intel presented a paper on their embedded MRAM at the International Solid-State Circuits Conference. The fast, non-volatile 7Mb memory arrays reportedly achieve "10-year retention at 200C" and have "demonstrated write endurance of more than 1E06 cycles and read disturb error rate of more than 1E12 cycles." While EE Times calls the 22FFL process the MRAM arrays are built on a "22nm" process, semantics in the world of semiconductors are fuzzy, and Wikichip believes that 22FFL actually has more in common with Intel's 14nm processes. "Analysts" still believe that Intel is shipping products with MRAM, but the chip company hasn't elaborated on any of them yet.

Article Image

According to Intel's ISSCC paper, each 0.0486-um2 transistor to one magnetic tunnel junction (1T1MTJ) MRAM bit cell is 216 x 225 nm2, with two polysilicon word lines. The tunnel-magneto-resistance ratio of the MTJs is 180% at 25C, with a target device-critical dimension between 60 nm and 80 nm. Wei said that the eMRAM design is also tolerant of wide variations in supply voltage. The design achieves a 4-ns read sensing time at 0.9 V but is also capable of 8-ns read sensing time at 0.8 V, she said... In a separate ISSCC paper presented Tuesday, Intel also described the development of resistive RAM (ReRAM) as a low-cost option for embedded non-volatile memory for SoCs used in IoT and automotive. The embedded ReRAM technology - also implemented in a 22-nm FinFET process - demonstrate what the company says is the smallest and highest-density ReRAM subarray and material innovations to allow low-voltage switching without impact to transistor reliability.

Discussion

Gamers Love Call of Duty 15's New Loot Boxes

After a 4 month absence, loot boxes have finally come to Black Ops 4, and players couldn't be happier... Just kidding. Call of Duty fans in the game's subreddits and other communities aren't pleased with the new microtransaction changes, to say the least, and Eurogamer's writeup on the system largely reflects the opinion of other CoD playing journalists across the web. The publication says that Black Ops 4's crate system "feels particularly grubby," as they don't display probabilities and sometimes contain duplicate items. Additionally, some of the rewards affect gameplay and progression, and some weapons are only attainable through opening loot boxes.

News Image

Much of the anger at these loot boxes stems from the growing feeling that Black Ops 4 is buckling under the pressure to generate more money for publisher Activision. Here we have a full price video game with a userbase-splitting آ£39.99 season pass for DLC maps, a take on Fortnite's incredibly successful battle pass called the Contraband progression system, the ability to pay to complete tiers on the Contraband progression system, Special Orders you can pay real world money for, individual cosmetic items you can spend real world money on directly, and even reticles as microtransactions. It's convoluted, confused and inescapably money-grabbing - and it's also a real shame as the core game underneath all these alternative revenue streams remains fantastic. Indeed, the controversy around loot boxes threatens to overshadow the meaningful changes made this week to Blackout, Black Ops 4's battle royale, which feels like it's being squeezed between Respawn's Apex Legends and the ongoing popularity of Fortnite and PUBG as Treyarch struggles to freshen up the experience often enough.

Discussion

China Freezes New Game Applications Again

Last year, China stopped approving new video games in an effort to (this is a direct translation) "protect children's eyesight," which created quite a bit of anxiety in the gaming industry. Eventually, the government started approving games again, but the pace was relatively slow, and many worried that the government wouldn't be able keep up with the sheer volume of games coming to market.

Now, it appears that those fears have been realized. The eloquently named "State Administration of Press, Publication, Radio, Film, and Television of the People's Republic of China" released a new batch of approved games 5 days ago, but like the previous releases, I don't see any major titles from Tencent or western publishers in the list. I spotted a few console and PC titles, but it's largely dominated by a wave of mobile releases which, according to a report by Reuters, may be too much for the government to handle. Reuters' sources claim that the Chinese government stopped approving new games to work through their existing backlog. While investors in Chinese gaming companies will undoubtedly lose sleep over this, China is the world's largest gaming market by a considerable margin, so this freeze is also bad news for outside publishers that want to expand into the booming market. Ironically, it might also be good news for Valve, as much of their existing library is still accessible in the country.

News Image

"The regulator asked local authorities to stop submitting applications because there is too much of a backlog for it to deal with at the moment," said one of the people, whose company was informed about the matter by its local authority. The person said the request was made to local authorities nationwide. The regulator approved 1,982 domestic and foreign online games during January-March last year before the freeze, government data showed. That came after approving 9,651 domestic and foreign online games in all of 2017. GAPP has approved 538 games since December. It is likely to approve just 2,000 to 3,000 titles in 2019, said Jefferies analyst Karen Chan in a note to clients. "Generally speaking the whole industry is frightened. There is no sign that regulators will loosen their control, said Beijing-based tech analyst Li Chengdong. "Investors are worried about the red line and risks here."

Discussion

Facebook Is Allegedly Working on Custom Machine Learning Hardware

Nvidia GPUs are the undisputed king of the machine learning hardware market today, but more and more companies are throwing their hat into the AI ring. Google has already introduced their machine learning-focused TPU, and other giants like Amazon and Intel are reportedly following suit, while a number of smaller startups are filling in niches or taking riskier approaches to compete with the bigger players. Last year, various reports surfaced claiming that Facebook was working on their own, custom ASICs, but an EE Times report said that it was "not the equivalent of [Google's] TPU." Now, according to a Bloomberg report published earlier this week, some of Facebook's upcoming custom silicon may focus on machine learning after all. Facebook's chief AI researcher says that "the company is working on a new class of semiconductor that would work very differently than most existing designs," and mentioned that future chips will need radically different architectures.

News Image

"We don't want to leave any stone unturned, particularly if no one else is turning them over," he said in an interview ahead of the release Monday of a research paper he authored on the history and future of computer hardware designed to handle artificial intelligence... LeCun said that for the moment, GPUs would remain important for deep learning research, but the chips were ill-suited for running the AI algorithms once they were trained, whether that was in datacenters or on devices like mobile phones or home digital assistants.

Discussion

Rice Researchers Reveal Silicon Based Security Keys

Integrated circuit designers from Rice University claim they've developed a digital fingerprint technology that is "10 times more reliable than current methods" used in IoT devices. Their "physically unclonable function," or PUF, supposedly uses physical imperfections in the security device's silicon itself to generate unique keys that are nearly impossible to spoof. The researchers say their test chip "measures just a few millimeters in size" and generates keys using an array of hundreds of transistors, and does so with a minimal amount of power. The PUF concept itself isn't new, but as you probably know, transistors are sensitive to environmental changes, and previous implementations weren't reliable or small enough to be of practical use. But this particular design was tested at abnormal voltages and at "temperatures ranging from 125 degrees Celsius to minus 55 degrees Celsius." The researcher are scheduled to present their findings at the 2019 International Solid-State Circuits Conference today, but just how far away the tech is from commercialization isn't clear yet.

Article Image

"Basically each PUF unit can work in two modes," said Yang, assistant professor of electrical and computer engineering. "In the first mode, it creates one fingerprint, and in the other mode it gives a second fingerprint. Each one is a unique identifier, and dual keys are much better for reliability. On the off chance the device fails in the first mode, it can use the second key. The probability that it will fail in both modes is extremely small." As a means of authentication, PUF fingerprints have several of the same advantages as human fingerprints, he said. "First, they are unique," Yang said. "You don't have to worry about two people having the same fingerprint. Second, they are bonded to the individual. You cannot change your fingerprint or copy it to someone else's finger. And finally, a fingerprint is unclonable. There's no way to create a new person who has the same fingerprint as someone else."

Discussion

Digital Foundry Analyzes Crackdown 3's Cloud Based Destruction

Fully destructible environments have long been a holy grail of game physics engines. I remember Red Faction: Guerrilla generating quite a bit of buzz when it came out, and according to Digital Foundry, the Crackdown devs have been working on an even more ambitious system that leverages the power of Microsoft's cloud servers. Crackdown 3 is the culmination of those efforts, and while it does have destructible environments that seem to be synced across multiplayer instances, the game itself feels rushed and somewhat underwhelming. The competitive "wrecking zone" mode, for example, has conspicuously small arenas and doesn't even have a party system, while the co-op mode still falls short of the 2015 tech demo. Check out the analysis in the video below:

What Wrecking Zone delivers is still impressive in many respects, but is definitely a simplification of the original demo - a situation which looks like a combination of both technological limitations and gameplay considerations. To begin with, the cityscape of the original demo becomes a series of enclosed holodeck-esque arenas - high on verticality, but small in terms of their overall footprint. What's clear from the 2015 demo is that it's exactly that - a demonstration, with no real gameplay as such. Limiting the scale of the play space means that players can actually find one another, which definitely helps, but there's still the sense that there's not much to actually do. The destruction can look wonderful, but little of the gameplay is actually built around the concept. Technologically, the cutbacks are legion. Micro-scale chip damage is completely absent, while destruction generally is far less granular, with buildings and statues breaking apart into more simplistic polygonal chunks. It's interesting to stack up Wrecking Zone with Red Faction Guerrilla Remastered - a game we sorely regret not covering at the time of its launch. Originally a last-gen Xbox 360 title, it does many of the same things as Wrecking Zone - on a smaller scale definitely, but with more granularity and detail. And this raises the question of whether the cloud would actually be necessary at all for Wrecking Zone.

Discussion

Hackers Use Stolen Credentials from Data Breaches to "Hack" a Nest Thermostat

Jonathan Schisler thought his Amazon Alexa or kids had changed the temperature to 90 degrees on his Nest thermostat. But while scrolling through the device to clear a message about changing the air filter, he noticed that the email address on the device wasn't his wife's. Even his phone app was logged in under another person's name as the owner of the account. Nest says the Schisler family was affected by a data breach from another website where the credentials were initially exposed. Because the Schisler family used the same username and password for multiple websites, the hackers were able to commandeer the Nest thermostat. Taking stolen usernames and passwords from data breaches and inputting them into the login page of random websites is known as "credential stuffing."

Nest said it hasn't been breached. Instead, the company, which is owned by Google, said Schisler's password was breached on another website. For example, he was using the same password for his Nest thermostat that he used for another site. "In nearly all cases, two-factor verification eliminates this type of security risk," a Google spokesperson said. "We take security in the home extremely seriously, and we're actively introducing features that will reject compromised passwords, and allow customers to monitor access to their accounts and track external entities that abuse credentials."

Discussion

Google Forgets to Tell Consumers That Its Nest Security System Has a Built-in Mic

Google recently announced that Google Assistant features are coming to its Nest Secure home security system. Giving consumers free features seems like a great idea, but Google forgot to list the microphone in the technical specifications for Nest Secure devices. Google says it was an "error" to not list the microphone in the tech specs. A Google spokesperson told Business Insider the microphone functionality was never enabled on the devices and was included to add additional features such as a glass breakage sensor at a later date.

On Tuesday, a Google spokesperson told Business Insider the company had made an "error." "The on-device microphone was never intended to be a secret and should have been listed in the tech specs. That was an error on our part," the spokesperson said. Google says that "the microphone has never been on and is only activated when users specifically enable the option."

Discussion

Tuesday February 19, 2019

Here Is the Path of Exile: Synthesis Official Trailer

Fight your way through the Path of Exile: Synthesis expansion to learn of Cavas and recover his lost memories. Players will experience new boss fights, mobs, rewards, story, and lore. Gamers will be able to craft all new items from fragments found throughout Wraeclast. The deeper that you explore Cavas's mind, the more challenging the encounters will become. The expansion features a new Holy Spellcaster archetype and Chaos Spellcaster archetype. Path of Exile: Synthesis will launch on March 8th (PST) on PC, March 11 on Xbox One and mid-March on PlayStation 4.

Path of Exile's 3.6 Expansion and Challenge League is called SYNTHESIS! In this league we'll attempt to piece together the memories of Cavas, a spirit who has forgotten who he was. Cavas will take us to the Memory Nexus where we can use his found memories to creates paths in the void - in the process claiming new Fractured items and turning them into Synthesised items! In this video I explain the new Synthesis League mechanics, as well as giving a first look at the new chaos skill Soulrend, and the new Holy spell Divine Ire as well as a look at a new Shaper unique "The Eternity Shroud".

Discussion

Boeing 787-9 Twin Jet Dreamliner Hits Top Speed of 801 MPH

A Boeing 787-9 twin jet Dreamliner hit 801 mph during a Virgin Atlantic flight from Los Angeles to London. The normal top speed for the plane is 587 mph, but the jet stream was moving at 230 mph over Long Island on Monday. This natural phenomenon assisted the plane to the 801 mph top speed and shaved 48 minutes off the flight time. Pilot Peter James tweeted, "Almost 800 mph now never ever seen this kind of tailwind in my life as a commercial pilot !! (200 mph tailwind )"

News Image

An LAX-JFK Delta flight overnight hit 678 mph at 39,000 feet over the Ohio Valley, while a 737 from Chicago to New York passed 700 mph at 8:43 Eastern this morning. Chicago to New York/Boston routes will be shortened to 1 hour, 24 minutes Wednesday instead of the usual nearly two-hour flight time. Likewise, flight times from Dallas to Boston dipped below three hours, with an Embraer ERJ-190 twin jet achieving 739 mph in the jet streak.

Discussion

YouTube Updates Its Strike System

Starting on February 25, YouTube will release its updated strike system. The new strike system will feature a simple, one-time warning for the first strike issued against a channel when content posted to the channel crosses the line. Warnings don't reset after 90 days, but strikes do. YouTube has also updated its policy resources to give more detail about what behavior will result in a strike.

The first strike will result in a one-week freeze on the ability to upload any new content to YouTube, including live streaming, and other channel activities. Strikes will expire after 90 days. The second strike in any 90-day period will result in a two-week freeze on the ability to upload any new content to YouTube. The third strike in any 90-day period will result in channel termination.

Discussion

Samsung Galaxy S10+ and Galaxy Buds Commercial Leaks

Slashleaks on YouTube has leaked a Samsung commercial that features the upcoming Samsung Galaxy S10+ phone and Samsung Galaxy Buds products.

Samsung Galaxy s10+ & Galaxy buds TV commercial

Discussion

High Inventory Levels of PC DRAM Cause Contract Prices to Drop

The PC DRAM market is experiencing high inventory levels and this oversupply is expected to cause notable price declines in the 1H19. Market demand remains weak due to the off-season and the substantial amount of inventory that has carried over from the previous quarter. Contract prices of DRAM products already declined 15% month-over-month (MoM) in January and are expected to slide lower in February and March. The PC DRAM market is expected to see a 20% quarter-over-quarter (QoQ) decline in Q1 2019 while the server DRAM market is forecast to decline nearly 30% QoQ.

According to the latest analysis from DRAMeXchange, the PC DRAM and server DRAM inventory problem will persist into Q2 2019. An extended period is needed to deal with the inventory issues even if some recovery in demand occurs. New emergent technologies that will fuel demand such as 5G and automotive electronics are in the early stages of development. Thus they won't have much influence on the DRAM market in 2019. DRAM suppliers have scaled back their capacity expansions and this is expected to narrow the gap between supply and demand. The price downswing is expected to moderate over the next several quarters. The mobile DRAM market will experience less of a price swing, but the demand for products is still too weak to prevent prices from falling.

Article Image

With respect to the price trends in the major application markets, PC DRAM prices are the most sensitive to demand changes and often serve as an indicator of the overall price trajectory. The average QoQ decline in contract prices of PC DRAM products was already 10% in 4Q18 and is projected to be nearly 25% in 1Q19. Currently, the average contract price of mainstream 8GB PC DRAM modules is on its way to under US$45.

Discussion

PC World Bulgaria Uploads a 1660 TI Unboxing Video

Earlier today, PC World Bulgaria appears to have accidentally uploaded an unboxing video of an MSI GeForce GTX 1660 TI Gaming X. The video has already been taken down, pclab.pl, OC3D, and TechPowerUp all managed to grab some screenshots of the video while it was still up, more or less confirming the existence of the technically unannounced Turing GPU. Among other things, the new GPU appears to lack any noticeable RTX branding, and the cooler on this particular card seems to resemble the TwinFrozr 7 on MSI's RTX lineup. HardOCP still believes that the 1660 TI is launching on the 22nd with a MSRP around $279,

News Image

Looking at the card directly, we can clearly see that this new MSI graphics card is a Geforce GTX series part, lacking any RTX branding, confirming Nvidia's move away from the RTX brand name in their lower-end products. On the box, we can also see that RTX features such as ray tracing and DLSS are excluded, instead referencing Turing Shaders, backing up the rumours that the GTX 1660 Ti will lack both RT cores and Tensor cores. On the GPU's boxart, we can also see that MSI's Geforce GTX 1660 Ti Gaming X features plenty of RGB lighting locations and utilises an 8-pin PCIe cable for power. The major difference between this cooler and its RTX 2060 counterpart is the lack of Geforce RTX branding on the side of the cooler, which instead says Geforce GTX. The Twin Frozr 7 cooler design appears to be the same as MSI's RTX 2060 Gaming X model. On the topic of display outputs, MSI's GTX 1660 Ti offers three DisplayPort 1.4 connections and a single HDMI 2.0b connection. This GPU lacks support for VirtualLink and DVI-D.

Discussion

Google Might Announce a Game Streaming Platform Next Month

GamesIndustry.biz claims that Google has sent out a round of invitations for a GDC keynote address on March 19. While the invitation was particularly short on details, as both gamesindustry.biz and Kotaku's Jason Schreir note, its not hard to guess the direction Google will take. They recently streamed Assassin's Creed: Odyssey for free as an early test for Project Stream, and Schreier speculates that "their focus will be more on building a platform than a console. Wouldn't be surprised to see them put their streaming platform on both their own hardware and other people's." I've watched others play AC: Odyssey during the test, and Google's streaming service offered a better experience than I expected, but what kind of platform Google will announce next month is still anyone's guess.

News Image

The invitation includes a .gif image of a hallway with a white light at the end of it that becomes blinding before displaying the date of the keynote and the slogan "Gather around." "All will be revealed at the Google Keynote," the invitation promises. "10:00am on March 19, 2019. Find us in Moscone South, San Francisco."

Discussion

Facebook Bug Would've Allowed for One Click Account Takeovers

A security researcher spotted a bug in Facebook that would've allowed attackers to take over accounts from users that clicked on a single link. According to Youssef Sammouda, a vulnerable endpoint easily allowed him to makes posts on a user's timeline, delete profile picture, or delete accounts with a single, relatively simple URL. But putting up an external domain with a simple script allowed samm0uda to completely take over Facebook accounts. Fortunately, Facebook's security team is more diligent than most, as they immediately responded to his bug report and fixed it in a matter of days. This security researcher seems to be a particularly prolific bug hunter, as he's posted over a dozen separate exploits in the last month alone, and Facebook has officially listed him as one of their top security researchers. Thanks to The Hacker News for spotting the post.

News Image

This bug could have allowed malicious users to send requests with CSRF tokens to arbitrary endpoints on Facebook which could lead to takeover of victims accounts. In order for this attack to be effective, an attacker would have to trick the target into clicking on a link... The attack seems long but it's done in a blink of an eye and it's dangerous because it doesn't target a specific user but anyone who visits the link in step 1.

Discussion

Free Repair Kit can Fix Busted Oculus Rift CV1 Audio

Oculus founder Palmer Lucky many not work for Facebook's VR division anymore, but apparently, he's still supporting some of his company's earliest adopters. In a blog post, he acknowledges that long term use of Oculus Rift CV1 kits can lead to the failure of one, or both, of the headset's earpieces, and at this point, most of those headsets are well outside their warranty period. Fortunately, Palmer is offering a RR1 repair kit to Rift owners free of charge. He says the kit can not only fix audio failures, but also functions as a "third-party headphone adapter on fully-functional Rifts."

News Image

The first step for any user with this problem should be to contact Oculus Customer Support and see what they can do. In some cases, you might just need to clean some contacts, tighten the connection between your headphones and straps, or fix your PC's sound settings. If you are unsuccessful in resolving your problem, please forward your ticket and a mailing address to RiftRepairOne@gmail.com, and I will send you an RR1 repair kit free of charge so you can get back in the Metaverse as quickly as possible.

Discussion

Huawei is Allegedly Stealing Technology from Apple Suppliers

Last week, we posted a report claiming that Huawei was trying to reverse engineer screen hardening tech from a U.S. startup. The claims about Akhan Semiconductor's potential military applications were seemingly confirmed yesterday, as they've just been selected by the Army for the integration of their coatings in future U.S. Army aircraft, so it's no surprise that the FBI quickly got involved in their case so quickly. But, according to a pay-walled report from The Information that Kitguru reported on today, that incident was part of a larger effort by Huawei to steal tech from Apple suppliers. Neither Apple nor Huawei have chosen to comment on the report yet, but the accusations certainly won't help Huawei's existing problems business outside their home country.

News Image

According to the stories, Huawei has had an interesting relationship with Apple suppliers. Alongside suggesting a supplier run with a "design you already have experience with" and being knocked back from another supplier that recognised the hinge technology to be identical to that seen on the MacBook Pro, Huawei assured a third supplier that its wearable schematics were similar enough to the Apple Watch to warrant similar pricing for a heart-rate sensor. While being careful not to create an impossible task by requesting Apple's factory workers smuggle components out of the building, Huawei has also been accused of paying off disgruntled staff members to draw the parts as they see them on the line.

Discussion

Millions of Sensitive Swedish Medical Calls Leak Out

According to a recent BBC report, about 2.7 million calls made to a Swedish national health service telephone line have been "exposed." The calls date back to 2013, and supposedly contain sensitive medical information and social security numbers, while Martin Svensson says that there was no encryption or authentication on the server the calls were found on. From the looks of things, all 170,000 hours of those calls were stored out in the open as uncompressed, unprotected .wav files, but access to the website is "currenty blocked."

News Image

"We were absolutely astounded by what we found on there. People talking about their symptoms, diseases, their kids' illnesses, giving out their social security numbers. This data is as private as it gets," explained Marcus Jerrang, editor-in-chief at Computer Sweden. Sweden operates a national advice line - 1177 - run by a firm called Medhelp. In turn, this Swedish firm subcontracts out-of-hours calls to Medicall. Medicall had not responded to requests for comment from the BBC. Mr Jerrang told the BBC that a brief conversation between the reporter who uncovered the website and Medicall chief executive Davide Nyblom ended with him denying such a breach was possible and then hanging up when the reporter offered to play one of the files.

Discussion


Previous News