Archive for September 14, 2021

Mujjo Launches New Cases For The iPhone 13 Series

Posted in Commentary on September 14, 2021 by itnerd

Good things can come in big packages (acing an interview, a surprise trip away, or the new iPhone 13 Pro Max) and in more subtle ways (that much needed cup of coffee, a smile, or iPhone 13 mini). Your favorite leather cases from Mujjo are now available for iPhone 13, this time with improved protection.

Yet another good thing to come your way!

Just like with iPhone 13, the little things that sometimes go unnoticed make all the difference to the big picture. Take, for example, their stitching lines that elegantly and securely hold your wallet compartment to the back of your case, the leather covered power and volume buttons, or the neatly chamfered opening that makes accessing the mute button easy and comfortable. They’ve made sure these are just right, no compromise.

Mujjo knows how important the details are, no matter how big or small – every detail has been triple checked to make sure the finished product is nothing short of perfection.

What’s new this year?

  • Firstly, they’ve neatly covered the bottom of the device to provide extra protection and they’ve made sure to leave the charging port and the speakers uncovered to allow easy access for the charging cable and an unrestricted listening experience.
  • Secondly, the cases now come with a raised bezel around the rear camera to protect the protruding lenses against scratches from abrasive surfaces.

Defining features

  • To protect the display, the leather rises 1mm above the edge of the glass, creating a raised bezel that keeps abrasive surfaces away from your screen.
  • Made from high-quality, full grain, vegetable tanned leather, our cases age beautifully – and with a patina unique to each user.
  • A luxurious Japanese microfiber, with a sophisticated satin-like finish, lines the inside.
  • Volume and power buttons are fully covered in leather, specifically designed for responsiveness.
  • Available with a wallet that stores up to 3 bank or ID cards, allowing ease of access and minimal clutter in your life.

The new line-up will be available in three gorgeous colourways: 

Signature Tan
This vivid caramel brings the perfect balance between sophistication and playfulness (and mellows to a deep and dark amber over time).

Monaco Blue
A deep shade of blue which reveals hints of purple and green under different lighting – fit for any occasion, while remaining formal when it needs to.

Low-key Black
The classic solid black tone brings uniformity and makes a powerful statement.

Available with a wallet

By adding a leather pocket card to the back, we’ve designed this wallet case for extra life-on-the-go convenience. The case carries up to 3 cards (5 once the leather softens) – perfect for your debit/credit cards, or driver’s license – keeping everything you need in one sleek package. Grab your wallet case and keys, and you’re ready to go.

Whether you treat yourself to the mini or go all out with the Pro Max, you’ll notice their uncompromising attention to detail will make the little things seem like a big deal.

Compatible with iPhone 13 Pro, iPhone 13 Pro Max, iPhone 13 and iPhone 13 mini, the cases start at US$44.90, ranging up to US$54.90 and EUR €44.90 ranging up to EUR €54,90 (incl. VAT for European customers).

Available to order on mujjo.com (ships worldwide).

My Thoughts On What Was Announced During Today’s Apple Event

Posted in Commentary with tags on September 14, 2021 by itnerd

Every time Apple does one of their events, people ask me about what I think about what was announced. Thus I took a deep dive on everything that was announced so that you can make the best purchasing decision possible. So let’s have a look at what was announced:

iPad: Well, there’s not much to see here. On the surface this seems to be a decent upgrade. Apple did cut some corners with Bluetooth support as it “only” supports Bluetooth 4.2 in an era where Bluetooth 5.x is a thing. Ditto for the fact that it also comes with 802.11ac WiFi instead of 802.11ax WiFi as that is the new hotness. But other than that, it’s the same iPad that’s been around for a while now. Only faster. And the fact that it works with accessories that you may already have if you’re upgrading from an older iPad is a big plus. One thing that I will note is that you have a choice of 64GB and 256GB storage options. There’s nothing in the middle which is a bit of a #Fail as it forces you to spend more than you may want to if you need more storage.

iPad Mini: Apple didn’t cut corners here as it’s pretty up to date with USB-C, 802.11ax WiFi, Bluetooth 5.0 and second generation Apple Pencil support. Though like the iPad above, you again only get 64GB and 256GB storage options. Other than that, this new iPad Mini seems pretty solid at first glance.

Apple Watch Series 7: This at first glance looks like Apple addressed a bunch of things that have been irritants for Apple Watch owners. It has IP6X dust resistance for the first time which to be frank Apple should have done years ago. It also has a screen that is more durables it offers better shatter resistance. That’s important as the ION-X glass isn’t that durable, and you have to spend a lot of money to get the Sapphire glass which is more durable. But it doesn’t seems to be any more scratch resistant which is a #Fail. Said screen is bigger now and it allows you to have a full keyboard which makes responding to text messages or emails something that is practical for the first time. It charges faster as they’ve moved to USB-C for the charging. But that via reading the fine print requires the Apple 20W USB-C Power Adapter for it to work. Which is handy as it still has 18 hours of battery life which is another #Fail. Tech specs are not available so it makes it a bit hard to judge what changes were made under the hood. But I can say that there are no health sensors that have been added. Thus as it stands, I find no compelling reasons to upgrade if you have a Series 6. But if you have a Series 5 or earlier, you might have a reason to upgrade.

UPDATE: 9to5Mac has evidence that the internals of the Apple Watch Series 7 are basically the Series 6 internals. Another reason that the Series 7 is not a compelling upgrade.

iPhone 13/13 Mini: The big news is the battery life improvements. Apple now promises “all day battery life” with the Mini. That’s huge as the battery life on the iPhone 12 Mini wasn’t very good. Storage starts at 128GB and goes as high as 512GB. The display notch at the top of the screen is slightly smaller in width. Apple says about 20% smaller for those who care about the size of the notch. It’s faster as usual. The iPhone 13 and iPhone 13 camera system is better. The lenses now take in more light, with 46% more light gathering capability at a f/1.6 aperture on the main wide camera. Sensor shift optical image stabilization is now available for the first time on the entry-models. For video, Apple has added a rack focus effect that they call ‘Cinematic Mode’, somewhat similar to Portrait mode photos but for video. Cinematic Mode focuses on a subject and adjusts focus as they move around the frame. 5G support on iPhone has been expanded with upgraded radios in the iPhone 13. Apple will double 5G compatibility to more than 200 carries across 60 countries. This makes the iPhone 13 and 13 Mini the phone that most users should get.

iPhone 13 Pro/Pro Max: The big news is that Apple finally has ProMotion display technology that can refresh from 10Hz to 120Hz. Thus Apple catches up to pretty much every Android phone. The cameras have of course improved:

  • 77mm telephoto camera with 3x optical camera
  • Ultra Wide camera with 92% boost in low light , f/1.8 aperture, auto-focus, 6-element lens
  • Wide camera: f/1.5 aperture, up to 2.2x improvement in low light
  • New macro photography features for the iPhone 13 Pro and iPhone 13 Pro Max
  • Night mode available across all three lenses 
  • New camera filter options, “Photographic Styles” will be available on iPhone 13 and iPhone 13 Pro
  • iPhone 13 Pro features Cinematic Mode for video, which is basically the same thing as Portrait Mode but for video. Other features include focus tracking and the ability to adjust the focus after recording
  • Macro slow mo video recording on ultra wide camera
  • ProRes video coming to iPhone 13 Pro later this year

If you care about photography, this will be the iPhone to get. iPhone 13 Pro offers 1.5 hours longer battery life than iPhone 12 Pro, while iPhone 13 Pro Max offers 2.5 hours longer battery life than iPhone 12 Pro Max. And there’s a 1TB option. This may entice me to upgrade from my iPhone 12 Pro.

UPDATE: The iPhone 13 Pro and Pro Max with 128GB of storage do not work with ProRes video at 4K resolution. This is found on Apple’s tech specs page:

That makes the 128GB models a must pass if you’re interested in ProRes at 4K resolution.

Now, what did you not see in the presentation? Here’s a list:

  • The leather loop Apple Watch bands are dead.
  • There’s a new Apple Wallet for MagSafe that has FindMy functionality.
  • iPhone 13/13 Pro has Dual eSIM support for the first time.
  • AirTag accessories have been refreshed with new colors
  • There are new silicon and leather cases for the iPhone 13/13 Pro
  • An Apple Watch Magnetic Fast Charger to USB-C Cable with a max length of 1M is now available.
  • iPad Pro & Air also gain ‘English lavender’ smart folios

A replay of the entire event is now available below:

TELUS Ventures Recognized As A Global Leader In Diversity & Inclusion 

Posted in Commentary with tags on September 14, 2021 by itnerd

TELUS Ventures, the strategic investment arm of TELUS and one of Canada’s most active corporate venture capital (CVC) funds, has been awarded the Diversity VC Standard Level 2 certification for its work in advancing diversity and inclusion in the global VC and CVC industry. 

The Diversity VC Standard is an assessment and certification process that sets a benchmark for best practices in Diversity and Inclusion (D&I) in venture capital (VC) and sends a signal to the rest of the ecosystem that a fund follows D&I best practices. TELUS Ventures is the first Canadian VC and first North American CVC to receive Diversity VC’s Level 2 certification, given to funds recognized as leading the charge on D&I policies. 

TELUS Ventures is ahead of the curve as one of the few active VCs in Canada ensuring its portfolio companies hold themselves to the same high standard. 

With the strong belief that diversity and inclusion also builds more innovative and successful companies, TELUS Ventures provides its portfolio companies with access to tools, resources, and networks to succeed in their own diversity and inclusion initiatives based on best practice and industry experience. This includes: 

  • Establishing partnerships with diversity and inclusion organizations, such as Black Innovation Capital and the DMZ’s Black Innovation Program
  • Promoting internal programs and policies to minimize bias during the investment process
  • Setting and measuring diversity and inclusion-related goals included in the fund’s investment strategy
  • Assessing diversity and inclusion throughout the portfolio annually

The Diversity VC Standard was launched on 9th September 2020 pioneered by 15 leading funds across Europe and Canada to provide VCs with the tools and recommended practices they need to open their networks and make funding available to underrepresented founders, as well as the resources needed to cultivate an environment where founders and colleagues from all backgrounds feel they belong in the industry and the ecosystem. The Diversity VC Standard is powered by Diversity VC, a not-for-profit dedicated to advancing D&I in venture capital, and Diversio, the people intelligence platform that measures, tracks, and improves diversity & inclusion. For more information, please visit www.diversity.vc

As the strategic investment arm of TELUS Corporation, TELUS Ventures is one of Canada’s most active corporate venture capital funds. TELUS Ventures invests globally in companies from Seed to Pre-IPO with a focus on innovative technologies such as AgTech, HealthTech, Connected Consumer, IoT, AI, and Security to actively drive new solutions across the TELUS ecosystem. Led by a team of experienced operators, investors and executives, the Ventures team is passionate about creating positive social impact through financial tools and has invested in more than 90 companies since inception. For more information please visit ventures.telus.com

Infosec Awards $120,000 in Security Education Scholarships to Help Close Cyber Skills and Diversity Gap 

Posted in Commentary with tags on September 14, 2021 by itnerd

Infosec today announced 12 recipients of the 2021 Infosec Accelerate Scholarship. Established in 2018 to encourage new talent to join the cybersecurity industry and close the growing skills gap, the program awards lifetime access to Infosec Skills to help recipients launch and advance their cybersecurity careers. 

2021 Infosec Accelerate Scholarship winners are: 

Infosec Accelerate Women Scholarship 

  • Rachel Jones
  • Edelia McDaniel
  • Oriana Lau

Infosec Accelerate BIPOC Scholarship 

  • La’Neyshia Drew
  • Armaan Kapoor
  • Jorge Almengor

Infosec Accelerate Military and Veteran Scholarship 

  • Ryan Bardes
  • Ryan Gordon
  • Hugh Shepherd

Infosec Accelerate LGBTQI+ Scholarship 

  • Steff Allen

Infosec Accelerate Undergraduate Scholarship 

  • Olivia Galluci
  • Tyson Rhodes
  • Chanthea Quinland

Infosec’s technical skill development platform, Infosec Skills, includes over 1,200 resources to assess teams and close skills gaps with hands-on cyber ranges, projects and courses. Scholarship recipients have access to the newly released Infosec Skills cyber range, where cyber professionals can learn to defend against MITRE ATT&CK® Matrix for Enterprise tactics and techniques, perform penetration tests and write secure code hands-on. Labs inside the cyber ranges guide learners through realistic scenarios inside the operating environments they’d encounter on the job — with clear learning objectives and actionable lessons.

Scholarship recipients will also receive complimentary access to the Infosec Inspire User Conference, where they will be recognized. The only virtual event of its kind, Inspire is hyper-focused on building a culture of security — equipping cybersecurity leaders with knowledge and insights to develop employee cyber skills, strengthen security awareness and make a lasting impact. Learn more about Infosec Inspire here.

Sonos Launches Sonos Beam (Gen 2)

Posted in Commentary on September 14, 2021 by itnerd

Sonos is introducing Beam (Gen 2) with support for Dolby Atmos, as well as new hi-fi streaming options from Amazon Music that give fans more immersive ways to enjoy their favorite tracks.

With the explosive rise in straight-to-streaming movie premieres – which have tripled over the last year – consumers are demanding theater-like audio experiences as they continue to invest in their home. Building on its leadership in the home theater category, the new Beam delivers an upgraded, more immersive sound experience, all in the same compact size, thanks to exciting improvements across sound, design and packaging.  

New features on Beam (Gen 2)  include:

  • 3D Audio with Dolby Atmos: Immersive sound technology that places you in the center of the action, whether it’s experiencing planes as if they were flying overhead, hearing footsteps moving across the room, or feeling the score all around you.
  • Enhanced Sound, Same Compact Size: With more processing power and newly developed phased speaker arrays, the new Beam is able to deliver two new audio paths – height and surrounds – without any changes to its design, delivering a virtual Atmos experience which steers and localizes sound around the room. The speaker is also now compatible with HDMI eARC on your TV, so you can experience your favorite movies and games in even higher definition sound with support for new audio formats.
  • A New Look: A new rigid polycarbonate grille that’s precisely perforated allows the speaker to sound great and blend seamlessly into your home – all without changing the size and shape of the original Beam.
  • Easy, More Secure Set-Up: With just two cables and new NFC capabilities, setup is seamless and will have you listening in minutes. Simply open the Sonos app, follow a few prompts, and tap your phone to Beam.
  • Sustainable Sound: The new Beam features sustainable packaging, including premium uncoated kraft paper, a gift box made of 97% sustainable paper, and no single use foam.
  • New services and audio formats: Launching later this year in select markets, Sonos plans to support Amazon Music’s Ultra High Definition audio, which will allow listeners to hear tracks in lossless audio up to 24-bit / 48kHz on their Sonos speakers, as well as Dolby Atmos Music, an immersive audio format that puts you inside the song. Sonos also plans to add support for decoding DTS Digital Surround Sound later this year.

Beam (Gen 2) will be available globally starting October 5 for $559 CAD, with pre-order open now on Sonos.com.

Google Cloud Expands In Canada with Official Toronto Region Launch

Posted in Commentary with tags on September 14, 2021 by itnerd

Today, Google Cloud announces its new Toronto Cloud Platform region is now open. 

The new Toronto region will allow Canadian organizations across all industries – including TELUS, Accenture, Deloitte and Scotiabank, among others – to build faster, more efficient applications that better serve their customers. The new cloud region also offers more choice for companies in regulated industries to store their data locally and meet important digital sovereignty requirements.

Following on the heels of its announcement last spring, Toronto is now home to the second Google Cloud region in Canada since opening Montréal in 2018. Toronto joins 27 existing Google Cloud regions connected through their high-performance network – signaling the continued growth and customer base in Canada.

What Google Cloud’s new Toronto region signals for the future of cloud in Canada:

  • The launch of Google’s Toronto region highlights the rapid growth of cloud-based technology and services as Canada’s businesses across all industries continue making big investments to accelerate their digital transformation.
  • The new Toronto Google Cloud region is building on growing demand from Canadian customers across every industry.
  • The Toronto region will make it easier and faster for Canadian companies to leverage Google Cloud’s on-demand network that’s faster, more reliable and less expensive than one they could build themselves – along with being the cleanest cloud in the industry.
  • It will also enable customers to meet local regulatory and compliance requirements and provide more disaster recovery options for customers, which is critical for financial institutions, public sector organizations, online retailers and other businesses operating in highly regulated industries.

Additional details about Google Cloud’s Toronto region launch can be found in Google Cloud’s latest blog post.

Fraggle Rock Experience Is Now Available On Waze

Posted in Commentary with tags on September 14, 2021 by itnerd

This fall, make back-to-school easier by bringing the fun-loving spirit of Jim Henson’s Fraggle Rock to your commute! That’s right; Fraggle Rock is taking over Waze to coach you through traffic, sing a song or two, and show us that the road is a better place if we just save our worries for another day.

September 24th marks the 85th birthday of Jim Henson (1936-1990), so Waze is celebrating by bringing his beloved franchise to Waze for a limited time. When you activate the experience, Silly Creatures of all ages will be transported to Fraggle Rock—a world that celebrates diversity and acceptance—and get inspired to follow the Fraggles’ example by doing good in their own communities. 

Once you’re “down in Fraggle Rock” you’ll meet fan-favourite and ever-energetic Red Fraggle, as your voice navigation, letting you know the road is “full of all kinds of surprises.” There are vehicles inspired by the tiny and industrious Doozers, and you’ll find a full cast of Waze Moods, including Red, Boober, Mokey, Gobo, Wembley, a Doozer, and Junior Gorg. 

Sharing the roads in harmony
Despite our differences, we’re all connected to each other—and it’s no different when we’re on the road. So as you head out on the roads this fall, drive your cares away with the Fraggles—because there’s nothing a song, friend or tasty Doozer stick can’t make better—not even traffic! 

Click here for the full Fraggle Road experience, or tap “My Waze” in your Waze app and click the Fraggle Rock banner to activate. It’ll be available everywhere, in English, for a limited time. 

Guest Post: Google and Microsoft products accumulated the most vulnerabilities in H1 2021 Says Atlas VPN

Posted in Commentary with tags on September 14, 2021 by itnerd

Cybercriminals are constantly attempting to exploit vulnerabilities that affect as many people as possible to maximize their profit opportunities.

According to the recent Atlas VPN team findings, Google and Microsoft accumulated the most vulnerabilities in the first half of 2021. Although not all exposures can cause critical damage, hackers could exploit some of them for severe attacks.

Google had 547 accumulated vulnerabilities throughout the first half of 2021. Exploiting Google products like Chrome is popular among cybercriminals. 

Next up, the second most exposures were found in Microsoft products — 432. State-sponsored threat actors from China abused Microsoft Exchange Server vulnerabilities to carry out ransomware attacks.

Oracle registered 316 total vulnerabilities in the first six months of 2021. Usually, the exploits are found in Oracle WebLogic Server, which functions as a platform for developing, deploying, and running enterprise Java-based applications. 

Networking hardware company Cisco accumulated 200 vulnerabilities. Lastly, the producer of software for the management of business processes SAP had 118 exploits in total.

Cybersecurity writer and researcher at Atlas VPN William Sword shares his thoughts on Microsoft and Google vulnerabilities:

“Exploiting vulnerabilities in Google or Microsoft products allow cybercriminals to probe millions of systems. While the tech giants are doing a fair job of keeping up with exploits and constantly updating their software, people and organizations need to follow suit and keep up with the updates to prevent further exploitation.”

Vulnerability tiers

Exploits that can be turned into a severe attack get more attention from cybercriminals and companies themselves to fix the flaw as soon as possible.

In the first half of 2021, there were 1,023 vulnerabilities found with a risk tier of 10. One of the exploits that applied to such a tier is CVE-2021-22986, with a score of 9.8.

National Vulnerability Database (NVD) issued risk tier 9 to 927 vulnerabilities. At this tier, exploit CVE-2021-28111 stood out with a score of 8.8.

NVD recorded most vulnerabilities at a risk tier of 8 — 2,164. A notable exploit was CVE-2021-24092, with a score of 7.8.

Finally, NVD recorded 501 vulnerabilities at risk tier 7. While second-most vulnerabilities — 1,765 — were found at tier 6.

To read the full article, head over to:https://atlasvpn.com/blog/google-and-microsoft-accumulated-the-most-vulnerabilities-in-h1-2021

Apple Releases Updates To Stop NSO Group Exploits That You Should Install Immediately

Posted in Commentary with tags on September 14, 2021 by itnerd

Yesterday Apple dropped an series of updates to stop exploits that were being used by the NSO Group to spy on targets such as human rights activists. If you value your security, you should ensure that you’re running the following Apple Software:

  • iOS/iPadOS 14.8
  • watchOS 7.6.2
  • macOS 11.6

Those versions fix one or both of these vulnerabilities. This is taken from the iOS/iPadOS security page:

One of these exploits was discovered by The Citizen Lab at the University Of Toronto who has found other exploits used by the NSO Group in the past. They have a very detailed write up on these exploits. It’s very much worth reading. But the key thing that you need to know about these exploits is that they allow the NSO Group to install their Pegasus spyware without user interaction. Meaning that it’s a “zero click” exploit which is the most dangerous type of exploit that’s out there as you don’t have to do anything to get pwned.

Now, while it is very unlikely that you’re a target of the NSO Group, installing these updates ensures that bad actors can’t threaten your security. I say that because now that these updates are out there, it is highly likely that bad actors will try to exploit these vulnerabilities on older versions of Apple’s software. Assuming that they haven’t already. Thus it’s once again time to patch all the things.

UPDATE: Toby Lewis, Global Head of Threat Analysis, Darktrace had these comments: 

How Pegasus is getting inside the phones:

Pegasus will use a range of exploits to gain access to a device and can be somewhat tailored to the target or attack campaign. Fundamentally, they have access to a range of iOS (Apple) and Android vulnerabilities that would allow them to exploit a range of native applications (i.e., applications that came pre-installed on the devices), often by just trying to open a file sent in an email or over text message; or clicking on a link that opens in Safari (for example). The exploits allow them to jailbreak the device, give them elevated privileges to install additional applications, or configure the device however the attacker wants – including installing the spyware component of Pegasus.Pegasus spyware can record texts, emails, and phone calls and share them with the NSO Group’s clients. It can also turn on devices’ cameras and microphones. Exploits like these are highly sophisticated and often target specific individuals like intelligence agents, reporters, etc., who have highly classified or confidential information. For high-priority targets, hackers will always find a way. While these attacks are not a threat to most Apple users, increased cyber-criminal adoption could be a severe issue. For example, criminal attackers could use the access to steal personal data for bigger campaigns, fraud, theft, and potentially even mass user lockout to ask for payment. Once bad actors make spyware, it can be sold and proliferate quickly globally. If it gets into the wrong hands, it will absolutely be used nefariously and potentially to a broader group of targets.There are also some good details on the “FORCEDENTRY” exploit directly from the researchers: https://citizenlab.ca/2021/09/forcedentry-nso-group-imessage-zero-click-exploit-captured-in-the-wild/

Thoughts on Apple’s history of protecting users against spyware: Why do you think it’s something that’s still a problem? How do they compare to similar companies such as Google (Android) in terms of cybersecurity and privacy?

Cyber-attackers will always target companies like Apple, given the proliferation of their technology and how critical it has become to everything we do. From navigating with maps to accesses our bank accounts, our lives depend on these devices. From a security architecture perspective, Apple has long operated a so-called “Walled Garden” where the underlying Operating System on the phone is completely inaccessible to any third-party applications, which can only be installed via the official App Store and are themselves installed and ran from a compartmentalized area of storage and processing. With the high degree of vetting for applications in the App Store, the only real way for malware to become installed on an Apple device is by exploiting the underlying operating system – the process known as Jailbreaking.Android’s architecture has been a much more open affair, on the one hand, given users greater freedom to install whatever applications they like, but without the protections afforded by Apple. Even via the official App Store (Google Play), there is only limited vetting and moderation, increasing the risk of malware being installed without the need for a clever exploit.Overall, Apple has a great track record of working with researchers to identify exploits so they can quickly patch. But that doesn’t mean the zero-day hadn’t already been exploited in the wild before it was identified. The research group who discovered the exploit found it in March while examining a Saudi activist’s phone. Apple issued a patch in September. 

Additional background/industry context:

It is crucial for everyone to immediately update their Apple devices, especially if you access proprietary information. While most people aren’t likely to be targeted, better to be safe than sorry. We must accept that all technology introduces security risks. At-risk sectors should take additional precautions to protect their communications through additional layers of defense. Self-learning AI has made leaps and bounds in allowing organizations to detect malware and spyware on employee devices before sensitive information leaks out of the organization.