Archive for February 8, 2018

Have A Netgear Router? You Might Want To Check For A Firmware Update To Avoid Pwnage

Posted in Commentary with tags on February 8, 2018 by itnerd

If you’re using a Netgear router at home, you might want to check for a firmware update because a bunch of firmware updates have been released to fix some remote access vulnerabilities.

The flaws were found by Martin Rakhmanov of Trustwave and confirmed by Netgear. Apparently 17 routers have a remote authentication bypass flaw which allows someone to reach the web based configuration interface and gain control without using a password. From there, a bad guy can pwn the network. What’s worse is that another 17 Netgear routers have a similar bug. Finally, six other models have an issue with Wi-Fi Protected Setup which when you press the WPS button opens up a two-minute window during which an attacker can potentially execute arbitrary code on the router as root over the air.

My advice for owners of Netgear routers is to check for updates and update now. That way that you can avoid pwnage now that these flaws are public.

 

 

Advertisements

DRONE VOLT Releases The New Version of Its Intelligent Camera AERIALTRONICS PENSAR

Posted in Commentary with tags on February 8, 2018 by itnerd

AERIALTRONICS, a brand from DRONE VOLT Group, officially launches the new version of its PENSAR camera-computer driven by artificial intelligence.

vcsPRAsset_3214424_68817_10f65dcf-7ad7-4070-81d4-cc2c862f201e_0.jpg

A true technological feat, PENSAR is one of the world’s first platforms with dual spectrum digital vision that allows real-time analysis of images or data. Infinitely customizable, it can be mounted on professional drone, mobile robot or used as an independent camera.

One of the world’s first dual spectrum digital vision platforms with real-time analysis

PENSAR, developed in AERIALTRONICS’ artificial intelligence laboratory, is one of the world’s first dual spectrum digital vision platforms dedicated to real-time data analysis using a miniaturized NVIDIA® embedded processor with 1.5 teraflops of power. Its computing power, accelerated by the NVIDIA® Jetson™ GPU processor in the NVIDIA® Jetson™ module, enables it to detect, recognize, analyze and classify objects or people in real time. Simultaneous data acquisition and processing allows for immediate decision making.

Its integrated camera with a 30x optical zoom makes it possible to spot very small details. Another FLIR thermal camera is used to identify heat sources and determine their temperature. The streams from these two cameras, recorded simultaneously, help optimize image analysis in day and night time and bad weather conditions.

Unlimited potential for infinite applications 

Infinitely customizable, this camera-computer offers unlimited potential and can be designed and adapted for multiple applications: surveillance, inspection, public security and anti-terrorist operations, search and rescue, etc. It can be used in a wide range of applications.

It’s equipped with a system for facial recognition, object recognition such as license plates, animal recognition animals and similar tasks. A digital “privacy mask” can be integrated into the images to guarantee confidentiality and anonymity.

The intelligent platform comes with an Ubuntu Linux Open Source operating system that allows you to customize it to suit your needs. PENSAR is compatible with open source libraries such as Google’s Tensor Flow.

For more information: www.aerialtronics.com

Intel Releases New Spectre & Meltdown Fixes… But Will They Work This Time?

Posted in Commentary with tags on February 8, 2018 by itnerd

Intel has released new microcode to address the stability and reboot issues on systems after installing its initial mitigations for Variant 2 of the Meltdown and Spectre attacks. Allegedly these ones work without crashing PCs and servers. Intel has also said that more fixes are inbound “in the coming days” which should be interesting to see given how this last round of patches went.

Key iOS Source Code Leaked To GitHub

Posted in Commentary with tags on February 8, 2018 by itnerd

This could be bad if you’re an iPhone or iPad user. As per this Motherboard story, we may have the biggest leak in history:

An anonymous person posted what experts say is the source code for a core component of the iPhone’s operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve. The code is for “iBoot,” which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. It’s the program that loads iOS, the very first process that runs when you turn on your iPhone. The code says it’s for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11. Bugs in the boot process are the most valuable ones if reported to Apple through its bounty program, which values them at a max payment of $200,000.

Here’s why this is a big deal. It’s a safe bet that every hacker on planet Earth is taking the time peruse this code to find exploits that they can use today. That means that in the coming weeks and months it is entirely possible that we may see a wave of attacks on the iOS platform. Or it is entirely possible that this is much ado about nothing. Who can say for sure at this point? But the mere fact that this code is out in the wild is cause for concern. And I for one will be waiting to see how Apple responds to this as saying nothing isn’t an option that they have.

UPDATED: Apple has put out a statement that implies that there is nothing to see here. Their spin on this is that this is a non-issue because their security doesn’t rely on just the source code. I guess we’ll find out soon enough.

Samsung & Roku Smart TV’s Are Vulnerable To Pwnage Study Finds

Posted in Commentary with tags , on February 8, 2018 by itnerd

Consumers Reports is running a story that claims that smart TV’s made by Samsung and Roku have security flaws in them that make them easy to pwn:

Consumer Reports has found that millions of smart TVs can be controlled by hackers exploiting easy-to-find security flaws. The problems affect Samsung televisions, along with models made by TCL and other brands that use the Roku TV smart-TV platform, as well as streaming devices such as the Roku Ultra. We found that a relatively unsophisticated hacker could change channels, play offensive content, or crank up the volume, which might be deeply unsettling to someone who didn’t understand what was happening. This could be done over the web, from thousands of miles away. (These vulnerabilities would not allow a hacker to spy on the user or steal information.) The findings were part of a broad privacy and security evaluation, led by Consumer Reports, of smart TVs from top brands that also included LG, Sony, and Vizio. The testing also found that all these TVs raised privacy concerns by collecting very detailed information on their users. Consumers can limit the data collection. But they have to give up a lot of the TVs’ functionality — and know the right buttons to click and settings to look for.

Well, that’s not good. And it reinforces why I will never have a smart TV in my home. Though I will admit that I do have a Roku device which I use frequently. But that’s likely not going to get disconnected anytime soon.

Having said that, Roku shot back at this report very quickly by saying that there’s no risk and giving details on how one can protect themselves. Which to me seems a bit counterintuitive seeing as there’s supposedly no risk according to the company. Samsung on the other hand had something different to say:

In an emailed statement, Samsung said, “We appreciate Consumer Reports’ alerting us to their potential concern,” and that the company was still evaluating the issue. The company also said it would update the API to address other, less severe problems related to data security that CR uncovered. Those changes “will be in a 2018 update, [with timing] to be determined, but as soon as technically feasible,” the spokesman said.

The bottom line is this. If you put anything on the Internet, your car, a light bulb, or whatever, it can get pwned by hackers. Thus before you put anything on the Internet, think long and hard about the risk that may present to you. Because this sort of thing isn’t going to go away anytime soon.

Website and Mobile App Help You Take Control of Exposure to Most Common Illnesses Spreading Right Now

Posted in Commentary with tags on February 8, 2018 by itnerd

Knox Spencer Associates, LLC, has announced its release of a new website and mobile app that give users access to doctors’ reports from across the nation so that they can personally manage their exposure to common and potentially serious illnesses by tracking where they happen and when they are happening.  The website and app, called Doctors Report  Illness Tracker, is available as a free download now.

Because it comes directly from doctors’ reports (with all personal information removed and “de-identified”), the information is accurate, timely, credible and accessible.  This disruptive website and mobile app puts the most current, reliable information on current spreading health risks in the pockets of millions thanks to its simple, intuitive and trustworthy data – actual data from doctors’ reports generated in almost one million doctors’ offices across the country.  Users can instantly find out where the most common and prevalent infectious health risks exist right down to their zip code.

The Doctors Report app is powered by the same data that health providers and others have used to understand and analyze outbreaks of contagious diseases and other spreading health risks.  The Doctors Report website and mobile app allow users to track the following diseases: flu, flu A, strep, bronchitis, pneumonia, conjunctivitis, mononucleosis, common cold and cold symptoms, sinusitis, croup, Lyme disease, otitis media or ear infection, MRSA, RSV, and gastroenteritis.

The Doctors Report website and mobile app platform is powered by the same data stream that flows from doctor visits nationwide.  That data stream is characterized by diagnosis codes that are automatically processed by the Doctors Report proprietary platform so that users can find out what common health risks exist where they are and where they are going.

Thanks to the Doctors Report website and mobile app, users can find out where the flu or MRSA, for example, is strongest in their own towns, or in the places they plan to visit in the coming days, and they can break it down by age group: infant; toddler; school age; teen; college age; adult; and older adult.

The website and app are available as a free download via the App Store, Google Play and Amazon.  It is also available at the company website, www.doctorsreport.com.

 

Guest Post: Everything You’d Like To Know About eBay

Posted in Commentary with tags on February 8, 2018 by itnerd

n the +20 years, it has existed, eBay has definitely become a household name. Whether you’ve heard it being mentioned in movies or on TV shows or even your daily news, you’ve definitely heard it come up over the years.

While defining eBay is easy, as it’s basically an eCommerce platform, we’re here to show you that it has actually become much more than that. Nowadays, eBay is a big part of the global culture. It’s become the go-to place for millions of sellers and buyer. From a place where people used to go to make a decision whether or not to buy something, eBay has evolved to a place where visiting means definitely buying thanks, in part, to the various eBay discount codes and savvy social marketing.

As a marketplace, the platform has grown so much, that there are millions of people who trade there on a daily basis. Some of them are sellers, some of them are buyers, and some are a little bit of both. And the beauty of a platform like eBay is that all of the items that are sold there are only worth what someone will pay for them.

This means that you can find shockingly high prices for items that are highly sought after.

Things like vintage products, collectibles, unusual items and goods that are in short supply can command some staggering price tags. You can also bid for items that you really want to have or even find things that are priced ridiculously cheap.

There have been times where sellers have posted some strange things on the platform, such as boxes of Twinkies, back when they were temporarily discontinued or a Limited edition of Coconut M&Ms. It’s also a place where people can find items that they’ve been collecting all their lives, and that doesn’t just include stamps and coins.

This infographic beautifully outlines all of the different and interesting facts that have been going on with eBay since its establishment back in 1995, all the way up to today.