OVHcloud Opens New Data Centre and Invests $145 Million in the Toronto Area

Posted in Commentary with tags on March 13, 2024 by itnerd

OVHcloud continues its international expansion with the opening of a second Canadian site (the Group’s 42nd data centre), supported by a long-term investment of CAD 145 million. Located in Cambridge, Ontario, the OVHcloud data centre is in the heart of one of North America’s most dynamic innovation clusters, providing trusted cloud solutions meeting the heightened demands of Canadian businesses in terms of performance, resilience, and data governance.

A global player and European leader in cloud computing, OVHcloud has been established in Canada since 2011, where it employs 250 people and operates 90,000 servers hosted in one of the industry’s most eco-responsible data centres, located on Montreal’s South Shore. OVHcloud is opening its first site in Ontario, supported by a CAD 145 million investment over the next 8 years, to support the growth and needs of its customers within a framework of extended trust. Dedicated to the development of its new data centre and to the industrial innovations that are the hallmark of the trusted cloud leader, this investment includes, in its first phase, the hiring of a number of qualified talents.

Located in the Ascent TOR1 hyperscale development, this new data centre has a surface area of 1,000 m2, a capacity of 10,000 servers and 2MW of power. More than just a data centre, it embodies the technological know-how that has earned OVHcloud its reputation for operational excellence and energy efficiency. Its vertically integrated model (OVHcloud builds its own servers, up to 600 a week in its Beauharnois plant) and the industrial scale-up of its water-cooling technology are major assets in guaranteeing an optimal performance-price ratio and a controlled environmental footprint, in line with the expectations of businesses that want to exercise full control over their digital assets. 

Giving companies greater control over their digital journey


In this age of hybrid and multi-cloud strategies, the arrival of OVHcloud in the Toronto area offers a real alternative for companies wishing to diversify and consolidate their cloud infrastructure, based on trusted solutions that meet a variety of requirements.

Reduced visibility of the macro-economic context calls for optimization of cloud spending, and OVHcloud meets this challenge with a pricing model that is predictable, has no hidden costs, charges no egress fees, and includes both inbound and outbound traffic.  

Guaranteeing enhanced resilience, thanks to a multi-site footprint, this new data centre is particularly well-suited to companies requiring a second, geographically-distant Canadian data centre to deploy their backup or disaster recovery solution. They can rely on the robustness of OVHcloud’s own network, connected to several points of presence (PoPs) in Montréal and Toronto, and more than 40 worldwide.

It will also meet the growing demands of highly regulated industries, increasingly intransigent about data sovereignty. Public services, healthcare, financial services, professional services, or telecommunications can count on OVHcloud’s exemplary level of compliance with the highest industry certifications (ISO 27001-017-018, SOC 2 Type 2, CSA Star), as well as the total immunity of its solutions to extraterritorial legislation, such as the US Cloud Act.

An evolving portfolio 


To meet these requirements, a varied and competitive range of solutions is now available in the Cambridge data centre:

  • Scale and High Grade dedicated servers, designed for complex infrastructures and optimized for mission-critical workloads. Powered by the latest AMD and Intel processors, they meet the new challenges of hyper-convergence, storage and AI, without compromising on performance and availability. 
  • A complete Object Storage solution compatible with the S3 API, as effective for platform modernization as for data backup.
  • Network and connectivity options such as Additional IP for application flexibility, and Load Balancer for efficient load balancing across multiple data centres. Ascent TOR data centre has ultra low latency to the greater Toronto region.
  • The OVHcloud Connect solution, which enables 100% private and highly resilient interconnection (SLA of 99.99%) of its on-prem infrastructure with the OVHcloud network.
  • And, of course, emblematic (and free) OVHcloud services, such as the vRack private network, which connects services between several OVHcloud data centres, or Anti-DDoS to protect infrastructures against computer attacks.

In 2024, the Private Cloud solution leveraging VMware by Broadcom will be added, offering an additional option for companies wishing to boost their level of resilience by activating Veeam or Zerto virtualized solutions in a 100% dedicated environment.

Building a sustainable digital ecosystem


In a move towards regional integration similar to what it has been doing in Quebec for over 10 years, OVHcloud is committed to stimulating innovation and helping to build a trusted digital ecosystem in the Waterloo region – which includes the cities of Waterloo, Cambridge and Kitchener. This region is the entrepreneurial heart of the country, and together with Toronto forms an internationally renowned innovation corridor, the 2nd largest technology hub in North America after Silicon Valley, and one of the world’s Top 20 startup ecosystems.

As such, start-ups’ appetite for cloud computing will naturally find refuge in the dedicated startup program that OVHcloud makes available to support innovation. Open to all, it offers selected startups up to $100,000 in infrastructure credits and personalized support based on open, reversible and interoperable cloud solutions.

Finally, OVHcloud’s commitment to sustainability is reflected positively in Ontario, which is over 90% powered by low-carbon energy sources. Its integrated industrial model and proprietary liquid cooling technology have enabled it to achieve some of the best energy efficiency ratings in the industry. OVHcloud is also the only cloud provider to offer its customers the opportunity to measure the carbon footprint of their cloud services, thanks to a carbon calculator that analyzes the entire lifecycle of their infrastructure, from manufacturing to operation (scope 1-2-3).

Leave a comment »

BEWARE: Bell Is Being Used In A Phone #Scam Related To Fibe Internet

Posted in Commentary with tags , on March 13, 2024 by itnerd

I just got a scam phone call that everyone should be aware of. How do I know it was a scam phone call? Well, first of all I got a call from a local area code. When I picked up, I heard a message saying that Bell Canada had just completed their upgrades to fibre and I was being offered an upgraded and faster “router” at no charge. This was a red flag for me as I know that Bell has suspended their fibre rollout because they’re upset with the CRTC. Besides that, I already have Bell fibre optic Internet. So unless I have missed something, there should be no reason why they would be contacting me to swap out my “router”. More likely they would wait for my HH4000 to die. Then I would call in to get a replacement which would likely be the Gigahub. The other thing that got my attention about this message was the call quality was horrendously bad. The message was full of static and at times I could barely understand it. No telco would ever have a message that is that bad.

The message asked me to press one to get my delivery date. Now given everything that I have explained above, what I should have done is hang up. But as proven multiple times on this blog, I want to dig in further. So I pressed one and quickly got a male with an Indian accent. That’s another red flag as the last time I checked, Bell outsources to the Philippines. Again the quality of the call was so bad that I could barely make out what he was saying, and eventually the call disconnected.

Now while I was 99% sure that I was being scammed, I wanted to confirm it with Bell. Which is why I served up this Tweet to them:

While I was waiting for them to respond to this, I decided to look up the number that the phone call came from. I traced it back to the fax line of an electrical company in Markham Ontario. Thus confirming that the call didn’t come from Bell as calls from Bell typically pop up at as your local area code followed by the digits 310-2355. Though if a Bell tech is calling you, that will not be the case as they use their cell phones. And if you’ve called a tech, you’ll be expecting their call. So, why are they spoofing a local number? It’s to encourage you to answer the call because so many of us won’t answer calls from long distance numbers that we don’t know.

Bell got back to me on Twitter to confirm what I already knew:

Though they didn’t come out and say it, it was a scam call. Clearly there’s a threat actor out there who is using Bell to perpetrate a new scam. I wasn’t able to play along to figure out what their game is. But if they do call back, I’ll go into the weeds and let you know about it. But in the meantime, if you get one of these calls, do yourself a favour and hang up.

13 Comments »

US House Passes Bill To Ban TikTok In The US

Posted in Commentary with tags on March 13, 2024 by itnerd

TikTok might be in a bit of trouble as the House Of Representatives in the US have passed a bill that will do one of two things:

The bill, titled the Protecting Americans From Foreign Adversary Controlled Applications Act, would require TikTok to sever itself completely from its Chinese parent company ByteDance or face a potential ban from mobile app stores and web-hosting services. The bill would also create a process through which the president can designate certain social media applications with ties to foreign governments as a national security risk.

Lawmakers in the Republican-controlled lower chamber overwhelmingly supported the legislation, with 352 representatives voting in favor of the act, and just 65 opposing it. The vote breakdown contained little rhyme or reason in terms of party alignment, a rarity considering the months of partisan paralysis in the House.

The bill now goes to the Senate where it faces an uncertain future. Despite the fact that President Joe Biden supports this bill, it’s a question mark if the Senate will pass it. But if they do, one would have to think that TikTok’s days will be numbered.

UPDATE: Clearly TikTok is threatened by this based on this Tweet:

In my opinion, the poster is right. TikTok needs to be banned. In fact, it should have been banned years ago.

1 Comment »

Meta Serves Up A Lawsuit Against A Former VP Over Alleged Document Theft 

Posted in Commentary with tags on March 13, 2024 by itnerd

Business Today is reporting Meta files lawsuit against former VP over alleged data breach: Report. The complaint, filed on February 29 in California state court in Contra Costa County, asserts that Khurana illicitly transferred these documents to his personal Google Drive and Dropbox accounts just prior to his departure from Meta. Here’s the news brief:

Meta has initiated legal action against one of its former vice presidents, accusing him of a ”stunning” act of betrayal after he defected to an undisclosed AI cloud computing startup, as reported by Bloomberg.

Dipinder Singh Khurana, also known as T.S. Khurana, had been at Meta for 12 years, ascending to a senior position as VP of infrastructure. However, Meta alleges that Khurana breached his contract by absconding with a cache of proprietary, highly sensitive, and confidential documents relating to Meta’s business operations and personnel.

The complaint, filed on February 29 in California state court in Contra Costa County, asserts that Khurana illicitly transferred these documents to his personal Google Drive and Dropbox accounts just prior to his departure from Meta. Meta contends that Khurana’s actions were not only disloyal but also had tangible repercussions, as at least eight employees listed on the pilfered documents subsequently left Meta to join Khurana’s new venture last year.

“Khurana’s conduct while leaving Meta, and since then, reflects an utter disregard for his contractual and legal obligations,” the lawsuit states. A spokesperson for Meta told Bloomberg that the company ”takes this kind of egregious misconduct seriously” and will ”continue working to protect confidential business and employee information.”

Troy Batterberry, CEO, EchoMark had this comment:

   “Insider threats represent a significant and growing challenge for organizations, as made clear by the recent case involving an accused former Meta executive. The taking of confidential and proprietary information is not an uncommon situation, especially within enterprises and adequately protecting proprietary information and intellectual property is a prominent issue. The stark reality of what businesses face today regarding data security and insider threats highlights the need to safeguard sensitive information against unauthorized transfers. 

   “Whether or not there’s a breach of legal contract, the misconduct is a blatant misuse of privileged access and a breach of professional expectations and conduct. Actions that involve unauthorized sharing of sensitive information not only breach trust but also undermine the very foundation of an organization’s integrity and security. Incidents like these are not isolated and can have far-reaching consequences for any organization.”

Threats to your organization don’t come from some threat actor in China or Russia. They come from people you trust inside your organization. Thus you need to do everything possible to keep threats from outside and inside from affecting your business.

Leave a comment »

Nissan Australia Notifies 100000 Customers That Their PII Was Swiped In A Hack From Three Months Ago

Posted in Commentary with tags on March 13, 2024 by itnerd

Nissan Australia today released a statement that they have started contacting around 100000 customers who may have had their personally identifiable information (PII) compromised three months ago when they were hit by a cyberattack:

We now know the list of affected individuals includes some of Nissan’s customers (including customers of our Mitsubishi, Renault, Skyline, Infiniti, LDV and RAMS branded finance businesses), dealers, and some current and former employees.

Nissan expects to formally notify approximately 100,000 individuals about the cyber breach over the coming weeks. This number might reduce as contact details are validated and duplicated names are removed from the list.

The type of information involved will be different for each person. Current estimates are that up to 10% of individuals have had some form of government identification compromised. The data set includes approximately 4,000 Medicare cards, 7,500 driver’s licenses, 220 passports and 1,300 tax file numbers.

The remaining 90% of individuals being notified have had some other form of personal information impacted; including copies of loan-related transaction statements for loan accounts, employment or salary information or general information such as dates of birth.

We know this will be difficult news for people to receive, and we sincerely apologise to our community for any concerns or distress it may cause.

Darren Williams, CEO and Founder of Blackfog had this to say:

     “The fact that around 10,000 were believed to have had seriously critical PII data stolen, such as driving licenses and Medicare cards, as a result of the Nissan cyberattack, is really quite concerning. The perpetrators of this attack managed to steal confidential data and will surely try to blackmail the victims endlessly for extortion purposes.

They were able to evade the security tools at the front door and remain hidden in the system of a multinational global brand for months, highlighting the sophistication of today’s cybercriminals. To really reduce the chance of data breaches, organizations need to look beyond perimeter defense and focus on securing the back door with anti data exfiltration solutions.”

This sort of PII is like gold to a threat actor as it can be used by the threat actor to launch secondary attacks or simply sold to the highest bidder to do the same thing. This is bad and hopefully Nissan does better on this front as this situation is not acceptable.

Leave a comment »

Red Canary Detects Spike in Cloud Account Compromises and Email Forwarding Rule Abuse

Posted in Commentary with tags on March 13, 2024 by itnerd

 Red Canary today unveiled its sixth annual Threat Detection Report, examining the trends, threats, and adversary techniques that organizations ought to prioritize in the coming months and years. The report tracks MITRE ATT&CK techniques that adversaries abuse most frequently throughout the year, and two new and notable entries soared to the top 10 in 2023: Email Forwarding Rule and Cloud Accounts. 

Red Canary’s latest report provides in-depth analysis of nearly 60,000 threats detected with the more than 216 petabytes of telemetry collected from customers’ endpoints, networks, cloud infrastructure, identities, and SaaS applications in 2023. The report sets itself apart from other annual reports with its unique data and insights derived from a combination of expansive detection coverage and expert, human-led investigation and confirmation of threats. 

The research shows that while the threat landscape continues to shift and evolve, attackers’ motivations do not. The classic tools and techniques adversaries deploy remain consistent–with some notable exceptions. Key findings include: 

  • Cloud Accounts were the fourth most prevalent MITRE ATT&CK technique Red Canary detected in 2023, rising from 46th in 2022, increasing 16x in detection volume and affecting three times as many customers in 2023 than in 2022.
  • Detections for malicious email forwarding rules rose by nearly 600 percent, as adversaries compromised email accounts, redirected sensitive communications to archive folders and other places users are unlikely to look, and attempted to modify payroll or wire transfer destinations, rerouting money into the criminal’s account.
  • Half of the threats in top 10 leveraged malvertising and/or SEO poisoning, occasionally leading to more serious payloads like ransomware precursors.
  • Half of the top threats are ransomware precursors that could lead to a ransomware infection if left unchecked, with ransomware continuing to have a major impact on businesses. 
  • Despite a wave of new software vulnerabilities, humans remained the primary vulnerabilitythat adversaries took advantage of in 2023, comprising identities to access cloud service APIs, execute payroll fraud with email forwarding rules, launch ransomware attacks, and more.
  • Uptick in macOS threats–in 2023 Red Canary detected more stealer activity in macOS environments than ever before, along with instances of reflective code loading and AppleScript abuse.

Red Canary noted several broader trends impacting the threat landscape, such as the emergence ofgenerative AI, the continued prominence of remote monitoring and management (RMM) tool abuse,the prevalence of web-based payload delivery like SEO poisoning and malvertising, the increasing necessity of multi-factor authentication (MFA) evasion techniques, and the dominance of brazen but highly effective social engineering schemes such as help desk phishing

Emerging techniques for macOS, Microsoft, and Linux users to watch out for 

The techniques section within the report highlights the most prevalent and impactful techniques observed in confirmed threats across the Red Canary customer base in 2023. While many techniques like PowerShell and Windows Command Shell persist, there were some interesting variations, including: 

  • Adversaries compiled malicious installers with Microsoft’s new MSIX packaging tool–typically used to update existing desktop applications or install new ones–to trick victims into running malicious scripts under the guise of downloading legitimate software. 
  • Container escapes–where adversaries exploit vulnerabilities or misconfigurations in container kernels and runtime environments to “escape” the container and infect the host system. 
  • Reflective code loading is allowing adversaries to evade macOS security controls and run malicious code on otherwise hardened Apple endpoints. 

Attackers don’t target verticals; they target systems  

The data shows that adversaries reliably leverage the same small set of 10-20 ATT&CK techniques against organizations, regardless of the victim’s sector or industry. However, adversaries do favor certain tools and techniques that may target systems and workflows that are common in specific sectors: 

  • Healthcare: Visual Basic and Unix Shell were more prevalent likely due to the different machinery and systems used within that industry. 
  • Education: Email forwarding and hiding rules were more common, likely due to a heavy reliance on email.
  • Manufacturing: Replication through removable media, such as USBs, was more common—likely due to a reliance on air-gapped or pseudo air-gapped physical infrastructure and legacy systems. 
  • Financial services and insurance: Less “obvious” techniques, such as HTML smuggling and Distributed Component Object Model were more common, likely due to greater investments in controls and testing.

Recommended actions:

  • Validate your defenses. Look at the top threats and techniques and ask: ‘am I confident in my ability to defend each of these?’ Red Canary’s open source test library Atomic Red Team is free and easy to adopt. 
  • Patching vulnerabilities is key. It remains tried and true as one of the best ways to insulate yourself from risk.
  • Become a cloud expert–ensure your permissions and configurations are properly set up, and know how everyone in your organization is using cloud infrastructure, as the difference between suspicious and legitimate activity is nuanced in the cloud and requires a deep understanding of what is normal in your environment.

Learn more

About the Threat Detection Report

The full report is intended as a reference library for security practitioners to improve their ability to prevent, mitigate, detect, and emulate cyber threats. It offers detailed guidance on data sources that log relevant evidence of adversary behaviors, tools that collect from those data sources, how security teams can use this visibility to develop detection coverage, and much more deeply actionable information.

The Threat Detection Report sets itself apart from other annual reports by offering unique data and insights, accompanied by recommended actions derived from a combination of expansive visibility and expert, human-led investigation and confirmation of threats.

Each of the nearly 60,000 threats Red Canary detected in 2023 were not prevented by the customers’ other expansive security controls. They are the product of a breadth and depth that Red Canary leverages to detect the threats that would otherwise go undetected.

Leave a comment »

RCE Bugs Feature Among 60 CVEs In March Patch Tuesday

Posted in Commentary with tags on March 13, 2024 by itnerd

It is being reported that Microsoft fixed 60 vulnerabilities in this month’s Patch Tuesday security update round. This includes two critical bugs CVE-2024-21407 that enables attackers to escape from a Hyper-V guest virtual machine and achieve remote code execution on the Hyper-V host, and CVE-2024-21408, a denial of service vulnerability in Windows Hyper-V.

Melvin Lammerts, Hacking Lead at cybersecurity firm Hadrian had this comment:

This Patch Tuesday underscores the critical importance of timely system patching. The Hyper-V vulnerabilities are particularly concerning, as they could enable attackers to execute arbitrary code on the Hyper-V host or cause a complete system crash.  Administrators relying on Hyper-V should prioritise these patches without delay.Furthermore, the Microsoft Defender bypass vulnerability serves as a reminder that no single security solution is foolproof. A robust defence-in-depth strategy is essential, incorporating patching, firewalls, intrusion detection systems, and reliable endpoint protection.Finally, staying informed through resources like the Microsoft Security Bulletins is the best way to stay on top of the latest threats and helps you maintain a strong security posture.

This highlights what I tell every client that I have. Which is patch everything the second it becomes available as it’s an easy way to protect yourself.

Leave a comment »

Air Canada’s Aeroplan Is Being Used In An Email Based Phishing #Scam

Posted in Commentary with tags on March 13, 2024 by itnerd

Some new scams have hit my inbox as of late. And this Aeroplan one is interesting. For those of you who don’t know what Aeroplan is, this is an airline rewards program that is run by Air Canada and its partner airlines. I have an Aeroplan account so I do get marketing emails from them. But one look at this, I knew that this wasn’t one of them:

So the first thing was the fact that the word Aeroplan was highlighted several times. That is odd and when I compared it to other Aeroplan emails, this wasn’t present. So that put me on alert. The other thing that put me on alert is the typical scam hook of if you don’t do something, bad things will happen to you. In this case, if I don’t click the link to upgrade your Aeroplan account, your account will be limited. Whatever that means. Then there was the words “Kindly use the link below to upgrade your account.” Air Canada nor Aeroplan would ever use language like that. Finally, the email was allegedly sent from my personal email account. Meaning that the threat actor spoofed my email.

I wanted to go down the rabbit hole to see what the threat actor was up to. So before clicking on the link, I hovered my mouse cursor over it and saw this:

That looks like a link that has been shortened by Twitter’s link shortener. And that’s done to cover up the fact that if you click on it, which you should not do if you get this email, it will be taking you to someplace other than the Aeroplan website. But since I investigate these scams, I clicked it and this is what I got:

Now I have to give the threat actor credit here. Just like the email, this website is a very good replication of the actual Aeroplan website. Most people I think would be fooled by this. But if you look at the address bar, you’ll see that you’re not at the Aeroplan website as it’s not Aeroplan.com.

And at first glance, this fake website is going after your login details so that presumably the threat actors can log into your account and drain it of your Aeroplan points in the form of gift cards or something like that. And what’s interesting is that the website might be trying to validate that you’ve entered a valid Aeroplan number because when I tried to enter a bogus number, I got this:

This was also the case when I tried to enter a bogus email address. Clearly this threat actor has some skills as they really want to get your login details. And what’s even more interesting is that the links to create a new account or reset your password go to the real Air Canada website. I guess that they’re hoping that those who don’t remember their passwords will reset them, then come back to enter them in what’s clearly a phishing site. What concerns me is that the fact that the threat actor has spoofed my email address to try and scam me. That implies that this might be a targeted attack. I wonder if this is related to the fact that Air Canada got pwned in 2018. Then pwned again in 2023. And the threat actor or actors behind either of those attacks are using the information gained in either of those events to launch further attacks against Aeroplan members. Seeing as I’ve been an Aeroplan member for years, that seems plausible. Thus I would be interested to know if you’re an Aeroplan member and you get an email like this. If so, feel free to leave a comment below.

Leave a comment »

New Online Investment Scams: Fake Trading Platforms Exploit Victims Using Email, Social Media, Ads

Posted in Commentary with tags on March 13, 2024 by itnerd

Netcraft has published its new research following the recent release of the FBI’s 2023 IC3 Report, which revealed that investment fraud was the costliest type of crime, with losses rising to $4.57 billion in 2023, a 38% increase from the previous year.

Netcraft’s newest report reveals it detected and blocked almost 13,000 fake investment platform domains across more than 7,000 IPs, the highest number since they began tracking these platforms independently and 25% more than in December when compared to January alone.

The Netcraft research delves into how cybercriminals behind these scam websites find their victims, operate fake trading platforms, use social engineering tactics, and eventually trick victims into depositing significant amounts of money. Cybercriminals often depend on sophisticated fraudulent investment websites that use fake trading platforms to lure victims through email, social media posts, or counterfeit ads. Netcraft’s report includes a real-world example of a WhatsApp invitation to join an investment group that promises to teach you how to earn huge profits in the cryptocurrency market and emails containing links to fake investment platforms, which offer tiered accounts and promise unrealistic ROI.

You can read the report here.

Leave a comment »

Apple’s Plan To Deal With Massimo Is To Win On Appeal Or Let The Clock Run Out

Posted in Commentary with tags on March 13, 2024 by itnerd

I have to admit that when I heard about this, my first thought that Apple was being super crafty here. What I mean by “this” is this report is this one by MacRumors where they talk about how Apple got around the pulse oximetry ban that came about via the patent lawsuit that Masimo brought against Apple:

The original January 12 order from CBP that allowed Apple to bring Apple Watch models with a disabled sensor in the United States was published recently (via ip fray), and it gives some insight into how Apple disabled pulse oximetry. While some of the order is redacted, Apple implemented a fix that turns off pulse oximetry when an Apple Watch is paired to an iPhone. Blood oxygen sensing becomes inaccessible to the user, and opening the blood oxygen app gives a warning that the feature is not available. Apple said that it hardcoded each Apple Watch at the factory with new software.

As part of the process to get approval to sell ‌Apple Watch Series 9‌ and Ultra 2 models without pulse oximetry enabled, Apple had to provide the code disabling the feature and test devices to Masimo. Masimo didn’t want Apple to have such an easy fix, so it paired the “redesigned” Apple Watches with a jailbroken ‌iPhone‌ running an older version of iOS, and was able to get pulse oximetry working.

Masimo tried to argue that activating pulse oximetry through a jailbroken phone meant Apple had not effectively removed the feature and the devices should not be allowed to be imported in to the U.S. Masimo also tried to say that jailbreaking is “permissible, common, and readily known,” but Masimo’s arguments were unsuccessful. The Exclusion Order Enforcement Branch of the U.S. Customs and Border Patrol ultimately decided that disabling pulse oximetry in the ‌Apple Watch Series 9‌ and Ultra 2 was enough to avoid infringing on Masimo patents, allowing those models to be offered for sale at Apple retail stores in the U.S.

Because Masimo was able to get blood oxygen sensing working using software on a jailbroken ‌iPhone‌, Apple too would be able to reactivate the blood oxygen sensor in the models where it has been disabled through a software update. When no longer subject to an import ban, Apple will be able to reintroduce blood oxygen sensing for ‌Apple Watch Series 9‌ and ‌Apple Watch Ultra 2‌ users who are not able to access the feature.

As noted by ip fray, the patents that Apple was found to have infringed on expire in August of 2028, which means that Apple will be able to re-enable pulse oximetry in affected models at that time. Apple filed an appeal with the United States International Trade Commission to attempt to get the ruling overturned, so if the appeal is successful, Apple could be able to re-add blood oxygen sensing sooner.

That’s pretty crafty by Apple seeing as they have no interest in coming to a settlement with Masimo. Likely because everyone and every company that Apple has “Sherlocked” over the years would come out of the woodwork to get paid as well. So that makes letting the clock run out or winning on appeal the best options for the folks at Apple Park. Let’s see how well that works out for them.

Leave a comment »

« Older Entries
Newer Entries »