Archive for October 2, 2019

So…. What Did Microsoft Announce Today At The Surface Event?

Posted in Commentary with tags on October 2, 2019 by itnerd

Microsoft had a media event in New York today and the company announced a ton of new Surface related hardware. Here’s the highlights:

  • Microsoft announced the Surface Pro X. It has a 13″ screen with a resolution of 2880 x 1920 at 267 PPI with a 1400:1 contrast ratio. The unit weighs 1.68 pounds, has USB-C and constant LTE connectivity.” It has a pen that lives in the cover/keyboard and uses a custom Qualcomm processor called the Microsoft SQ1 and runs “full Windows 10.” Additionally, the Pro X has a removable solid-state drive.
  • Microsoft is taking dead aim at the MacBook Pro with the Surface Laptop 3. It comes in 13″ and 15″ sizes. The former uses the Intel 10th-gen “Ice Lake” quad-core processor which Microsoft claims that makes it faster than the MacBook Air. The 15″ uses an AMD Ryzen processor that is custom made for Microsoft. The trackpads are supposed to be spacious and the keyboard is designed to have travel and be silent. Something that isn’t the case with the MacBook Pro at the moment. Something else that the MacBook Pro can’t touch is the fact that these laptops are modular and repairable which should make a whole lot of people happy.  Preorders are open now from the online Microsoft Store, Expect to pay $999 USD and $1,199 USD for the 13-inch and 15-inch models respectively, with Microsoft shipping them on October 22.
  • Up next is the The Surface Pro 7 retains the same size as the previous model. Microsoft has kept the Surface Connector for power, but has replaced the mini DisplayPort with a USB-C port because USB-C is what all the cool kids use in their devices. The Surface Pro 7 will ship on October 22, and will start at $749 USD.
  • Microsoft has joined Samsung, Amazon and others in coming out with an Apple AirPods killer. The Surface Buds have a charge case with 24 hours or so of charge. But of more interest, they have Spotify integration, and each earbud has a disc-like exterior that provides a huge looking flat surface for users to tap on and interact with. The company showed off being able to swipe through a Power Point presentation using them. Expect to pay $249 USD for a pair this holiday season.
  • Microsoft has a new flavor of Windows 10 called Windows 10 X. designed for dual-screen PCs. Windows 10X will power dual-screen PCs from Asus, Dell, HP, Lenovo, and of course Microsoft.
  • Coming for the holiday season next year is the Surface Neo foldable tablet. Unlike the Samsung Galaxy Fold, the Neo is a foldable tablet that has a 360 degree hinge that separates two 9″ displays. It also runs Windows 10 X. The Neo features a keyboard that seems to magnetically attach to the foldable tablet, as well as a Surface Pen that attaches to its rear. Both of which I am sure are “borrowed” the iPad.
  • Microsoft also announced the Surface Duo which is a folding smartphone that uses two 5.6-inch displays that are connected by a hinge. Google, yes that Google is working with Microsoft on the device to make it work with Android apps. Beyond that, there wasn’t a whole lot else that was shared. This too will ship next year in time for the holidays.

In case you missed the event or you want more details, I can help you with that:

Chrome & WebKit Flaws Allowed Malvertiser To Display Sketchy Ads

Posted in Commentary with tags on October 2, 2019 by itnerd

It seems that a malvertiser known as eGobbler has been exploiting multiple browser security flaws to display invasive pop-up ads and to redirect users to malicious websites. This comes from security researchers at Confiant who said that in April they noticed eGobbler exploiting a bug in Chrome for iOS, which enabled them to bypass the built-in pop-up blocker in the OS to overwhelm users with ads. The exploit also enabled them to redirect users to malicious sites. Confiant researchers notified the Chromium team about the bug (CVE-2019-5840), which eventually got patched in June with the release of Chrome 75.

Then in August they saw the same thing as the same actor started exploiting flaws in WebKit, the browser engine working at the core of older Chrome versions and Apple’s Safari and Blink, the Webkit fork used in recent versions of Chrome. Both Apple and Google were alerted to this. And Apple released a patch for WebKit in three days and closed the bug in both iOS 13 and Safari 13.0.1 in September. But Google has yet to close the hole which means Chrome users may be still vulnerable.

According to researchers, malvertising campaigns by eGobbler typically last for a few days. In that period, eGobbler buys advertisements on genuine services but embeds malicious code in its adverts to perform unauthorized activity on users’ browsers. These activities normally include displaying disrupting popup ads or redirecting users to malicious sites running scams or hosting malware. Thus making what they do very dangerous.

So how do you protect yourself? If you’re on Mac and you use Safari, you need to make sure that you are running Safari 13.0.1. If you’re using Chrome, you may want to consider switching browsers until this is addressed by Google.