WebProNews

Tag: ars technica

  • Baidu’s Ernie AI Reveal Stumbles Out of the Gate

    Baidu’s Ernie AI Reveal Stumbles Out of the Gate

    Baidu has revealed its Ernie AI chatbot, and the result has been similar to Google’s AI reveal in that it has stumbled out of the gate.

    Like Google, Baidu has been working overtime to catch up with Microsoft’s Bing AI. Baidu has finally “revealed” its Ernie chatbot, but the reveal did little to reassure investors that the company has a viable product.

    According to Ars Technica, company founder Robin Li only showed a pre-recorded demo of the product at the big reveal. Li tried to emphasize the company’s progress, despite the lackluster showing:

    “Sometimes when we use it we are pleasantly surprised, sometimes we may think there is an obvious error,” Li told the audience. “But one thing is for sure, it’s advancing very fast.

    “Its extremely strong ability to comprehend and express language will allow any company to get closer to their customers,” Li added. “It’s an opportunity for every company and it will even have an impact on every single person.”

    In the aftermath of the “demonstration,” Baidu’s stock tanked by 10% over fears that the company’s AI efforts may not be in as good a position as investors hoped. The sentiment is one shared by at least some Baidu employees.

    “We can only explore by ourselves. Training ChatGPT took OpenAI more than a year, and it took them another year to tune GPT-4,” said one Baidu employee. “It means we’re two years behind.”

  • Hackers Had Access to News Corp’s Systems For Two Years

    Hackers Had Access to News Corp’s Systems For Two Years

    News Corp has revealed that a previously acknowledged breach was much worse than originally thought.

    News Corp, which owns The Wall Street Journal, revealed in February 2022 that it had suffered a cybersecurity breach. The company said the breach involved “persistent cyberattack activity” in a third-party cloud service it used.

    Unfortunately, in a breach notification first spotted by Ars Technica, the company has admitted that the breach went on for two years:

    “Based on the investigation, News Corp understands that, between February 2020 and January 2022, an unauthorized party gained access to certain business documents and emails from a limited number of its personnel’s accounts in the affected system, some of which contained personal information,” the letter stated. “Our investigation indicates that this activity does not appear to be focused on exploiting personal information.”

    The company did say that it does not believe any fraud or identity theft has been committed as a result of the breach. Instead, News Corp told Ars that investigators “believe that this was an intelligence collection.”

    That conclusion would certainly be in line with conclusions gathered last year when the breach was first discovered. At the time, News Corp enlisted security firm Mandiant to help it resolve the situation. Mandiant’s conclusion was that the attack was carried out by hackers affiliated with the Chinese government.

  • Comcast Caught Giving Fake Coverage Data to FCC…Again

    Comcast Caught Giving Fake Coverage Data to FCC…Again

    Comcast seems determined to maintain its status as one of America’s most hated companies, repeatedly misleading the FCC about its coverage.

    The FCC has been working to build accurate internet coverage maps of the US in an effort to better allocate funds and resources to close the digital divide. Unfortunately, Comcast seems hell-bent on not providing accurate information.

    According to Ars Technica, the company has once again been caught providing misleading information, only correcting it when called out for the behavior.

    The issues revolved around service in Fort Collins, Colorado, an area Comcast claimed to cover with its service. Justin Olsson, a lawyer for a tech company, was unable to get Comcast service for his mother’s address, despite Comcast claiming it covered the location.

    Only after Ars reached out to Comcast did the company stop disputing Olsson’s challenges and admit to the FCC that it did not, in fact, cover Olsson’s mother’s address.

    Upon further review of the location ID in question, Comcast has determined that the location is currently not serviceable by Comcast,” the company told the FCC.

    Olsson shared his response to Comcast with Ars after the broadband company informed him that it had modified its coverage data to reflect reality:

    I appreciate that you finally admitted it after Ars Technica reached out to you… I would like to point out, however, that it’s really absolutely unacceptable that you contested my challenge without even looking into it—even when you had evidence in your own system that the address wasn’t serviceable.

    You wasted hours of my time, and it’s hard not to think that was part of the strategy, hoping that people wouldn’t follow up and letting you get away with your blatant dishonesty in the broadband map effort. I hope for the country’s sake that you all can clean up your act and not continue to do business in this way.

    Olsson hits the nail on the head and rightly calls out Comcast for its unacceptable and dishonest behavior.

    In the meantime, the company’s status among America’s most hated companies remains securely intact.

  • China Files WTO Complaint Over US Chip Sanctions

    China Files WTO Complaint Over US Chip Sanctions

    China is going on the offensive, filing a complaint with the World Trade Organization over US efforts to sanction its semiconductor industry.

    The US has been working to strangle China’s semiconductor industry, isolating the country and limiting its access to advanced technologies. The effort has been largely successful, with some analysts saying US sanctions have “collapsed” China’s chip industry.

    According to Ars Technica, China is firing back with a WTO complaint, alleging it was necessary to protect its “legitimate rights and interests.” The timing of the complaint is a bit of a two-edged sword, however, both helping and hurting China simultaneously.

    One the one hand, the WTO complaint comes a day after the body ruled that Washington was not justified in its position regarding 2018 steel tariffs against China. On the other hand, the body that would normally mediate these kind of disputes has been suspended, as a result of disagreements among the member states that comprise it. As a result, there is unlikely to be any real action resulting from China’s complaint.

    Whatever the outcome, China’s willingness to file the complaint indicates an escalation in the trade and tech war between the two countries.

  • Apple Sued Over AirTags for Revolutionizing Scope of Stalking

    Apple Sued Over AirTags for Revolutionizing Scope of Stalking

    Apple is once again under fire over its AirTags devices, with a class-action suit filed over their use in stalking.

    Apple introduced AirTags in April 2021 as a way for individuals to keep track of items. Unfortunately, the devices were quickly used for nefarious purposes, including tagging vehicles for theft and stalking, to name just a couple. Apple announced plans to address the issues in early 2022, but that hasn’t stopped the company from facing a class-action lawsuit.

    The lawsuit (courtesy of Ars Technica) was filed in the state of California and describes the impact AirTags have had on stalking:

    One of the products that has revolutionized the scope, breadth, and ease of location-based stalking is the Apple AirTag. Introduced in April 2021, this device is roughly the size of a quarter, and its sole purpose is to transmit its location to its owner.

    The lawsuit then goes on to describe in damning detail just how AirTag works and why it is such an effective tool for stalkers:

    What separates the AirTag from any competitor product is its unparalleled accuracy, ease of use (it fits seamlessly into Apple’s existing suite of products), and affordability. With a price point of just $29, it has become the weapon of choice of stalkers and abusers.

    The AirTag works by emitting signals that are detected by Bluetooth sensors on the hundreds of millions of Apple products across the United States. These sensors comprise Apple’s “FindMy” network. When a device on the network detects a signal from the missing device, it reports that missing device’s location back to Apple, which in turn reports it to the owner.

    The ubiquity of Apple products, and their constituency in the FindMy network, means that an AirTag can more reliably transmit location data than any competitor. Indeed, in all metropolitan areas, and even many rural areas, one is never more than 100 yards away from an Apple device. Thus, one is never more than 100 yards away from having location data transmitted back to Apple.

    The lawsuit goes on to cite two murders wherein AirTags were used to stalk and track the victims.

    While Apple’s goal in creating AirTag may have been well-intentioned, the device clearly has flaws that are not being addressed adequately, flaws that have had disastrous consequences.

  • Half of Small Computer Repair Shops Access Private Data

    Half of Small Computer Repair Shops Access Private Data

    In a report that surprises no one, half of of small computer shops access customers’ private data, with some copying and saving it.

    Small computer repair shops may be a common site, but a new report indicates customers should be wary before taking their computers to them. Researchers at University of Guelph in Ontario, Canada took laptops to 12 repair shops. The laptops were fully functional, except for a disabled audio driver. The researchers specifically chose that issue, since it is easy to diagnose and repair, and does not require access to personal files.

    The researchers populated the computers with what appeared to be personal information, online accounts, a crypto wallet, and a variety of sexual and non-sexual pictures. The researchers also made it appear that half the computers belonged to men and half to women.

    In 50% of cases, the researchers found that personal files were accessed by the repair shop, although unsurprisingly the computers that seemed to be belong to women were much more likely to have their data accessed. In at least two cases, one for a male customer and one for a female, data was copied and saved onto personal devices.

    “We were blown away by the results,” Hassan Khan, one of the researchers, said in an interview with Ars Technica. The researchers were especially concerned with the data copying.

    “We thought they would just look at [the data] at most,” Khan added.

    With few if any real privacy safeguards in place, most customers would do well to take their computers to reputable large companies, at least until small shops get with the program, in terms of privacy.

  • Chinese Firms Throttling Semiconductors to Avoid US Restrictions

    Chinese Firms Throttling Semiconductors to Avoid US Restrictions

    Chinese firms are going to extreme measures to circumvent US chip sanctions, even resorting to throttling semiconductor performance.

    The US has imposed strict sanctions on semiconductor exports to China. The US is even using its export rules to prevent foreign companies from exporting advanced semiconductors to China if those companies use American-developed tech.

    US authorities are tightening the noose even more with the CHIPS Act, which makes $53 billion available to chipmakers — with the caveat that they cannot ship advanced semiconductors to China if they accept US funds.

    According to Ars Technica, companies like Alibaba, Biren Technology, and others are throttling their processor designs in an effort to bring them under the threshold that would make them subject to US sanctions. In many cases, the companies already had designs in play and being manufactured by TSMC, but have had to go back to the drawing board to redesign them.

    “Attempting to freeze a country in place for a technological level of hardware is a big deal,” said Paul Triolo, ASG consulting group head of tech policy. “That is what the US is trying to do by restricting sales and closing off the manufacturing road map to get to these advanced levels of hardware.”

  • Charter Raises Spectrum Home Internet Prices

    Charter Raises Spectrum Home Internet Prices

    Charter is raising prices for multiple Spectrum home internet plans, including its base plan.

    The company told Ars Technica it is raising prices by $5, a move that is expected to impact some 9.5 million customers.

    “The price for Spectrum Internet reflects the cost of delivering the best value in broadband for your family: 300Mbps starting speeds with no modem fees, data caps or contracts,” the company said.

    The new prices are $79.99 for 300Mbps download speed, $99.99 for 500Mbps, and $119.99 for 1Gbps.

    While the company says it is the first price hike since December 2020, it’s not likely to go over well with customers at a time when the economy is putting a strain on people’s wallets.

  • Comcast Ties Higher Upload Speeds to $25 a Month Equipment Rental

    Comcast Ties Higher Upload Speeds to $25 a Month Equipment Rental

    Comcast is once again proving why it has earned its place as one of America’s most hated companies.

    Comcast recently upgraded its internet speeds for both its main service and its Xfinity brand. The announcement was welcome news, as the company is often criticized for its paltry 10Mbps upload speed. There’s a big catch, however, with the company requiring a $25 a month equipment rental to get the faster upload speeds, according to Ars Technica.

    The company’s original announcement contained a…shall we say, carefully worded statement regarding the hardware:

    As markets launch, Xfinity Internet customers who subscribe to xFi Complete, will have their upload speeds increased between 5 and 10 times faster. xFi Complete includes an xFi gateway, advanced cybersecurity protection at home and on the go, tech auto-upgrades for a new gateway after three years, and wall-to-wall WiFi coverage with an xFi Pod included if recommended. Now, another benefit of xFi Complete is faster upload speeds.

    Comcast told Ars that the xFi Pod would be required for customers with 10Mbps to be upgraded to 100Mbps. The xFi Pod will cost $25 per month, although customers that sign up for new service before the end of the year can get it for $20 a month for the first year.

    The company painted its decision as a technical one, telling Ars it plans on bringing the speeds to non-Comcast modems “later next year.” That explanation doesn’t make a lot of sense, however, as the xFi Pod is also available to some customers for $14…yet those customers are not eligible for the faster speeds unless they upgrade to the more expensive plan.

    These kinds of shenanigans are exactly why customers hate Comcast and why consumer activists are continually working to pass legislation to ban equipment rentals and hidden fees.

    In the meantime, Comcast continues to set a sterling example of how NOT to treat customers.

  • Microsoft Mistake Left Millions of PCs Vulnerable for Years

    Microsoft Mistake Left Millions of PCs Vulnerable for Years

    Microsoft is under fire for a mistake that left millions of PCs vulnerable for years, according to a new report.

    Microsoft maintains a blocklist of vulnerable drivers that hackers can use to attack Windows. Drivers that have already been proven to have vulnerabilities are tempting targets for hackers since it saves them the work of creating a vulnerability from scratch. These types of hacks are called BYOV (Bring Your Own Vulnerability) attacks. Microsoft updates Windows with its blocklist, ensuring that Windows isn’t vulnerable to BYOV attacks..

    At least, that’s how the system is supposed to work. According to Ars Technica, Microsoft failed to properly update Windows to utilize the updated blocklist. As a result, for nearly two years, Windows didn’t download the new lists, leaving millions of machines vulnerable.

    To make matters worse, not only are BYOV attacks on the rise, but Microsoft even discouraged customers from using alternative security measures, assuring them Windows Update would protect them from these issues.

    “Security vendors are going to tell you [that you] need to buy their stuff, but Windows has everything you need to block it,” David Weston, Microsoft Senior VP of Enterprise and OS Security, tweeted in late 2020.

    Given Microsoft’s status as the leading operating system vendor, not to mention the second-largest cloud vendor, this is an embarrassing and inexcusable lapse, one the company will be dealing with for some time.

  • Most AT&T Customers Will Not Be Able to Access Faster 5G

    Most AT&T Customers Will Not Be Able to Access Faster 5G

    Many of AT&T’s customers are in for a major disappointment, with the carrier’s mid-band 5G not supporting the majority of recent phones.

    AT&T spent billions to purchase mid-band spectrum, considered the sweet spot for 5G. Mid-band offers much faster speeds than its low-band nationwide 5G network. While not quite as fast as the high-band mmWave, mid-band can still offer speeds in the gigabit range.

    Unfortunately for the company’s customers, however, only the very latest 2022 Apple and Samsung phones can support the company’s mid-band 3.45 GHz spectrum, according to Ars Technica.

    This is in direct contradiction to a CNET story in which AT&T told the outlet it planned to release a software update that would enable the mid-band spectrum on many more devices.

    AT&T spokesperson Jim Greer told Ars Technica that “only 2022 and newer devices can be certified by the FCC to use 3.45 GHz.” Greer also said the information provided to CNET was incorrect, saying: “We regret the error and apologized to the reporter and his readers for the mistake.”

    Unfortunately, many of AT&T’s customers are still left with phones that can’t benefit from the company’s most useful type of 5G.

  • Brazil Looking to Standardize on USB-C for Phone Chargers

    Brazil Looking to Standardize on USB-C for Phone Chargers

    Brazil is investigating the possibility of mandating USB-C for phone chargers, the latest country to consider such measures.

    The European Union recently passed rules requiring smartphone and device manufacturers to use USB-C chargers in an effort to cut down on e-waste and improve the consumer experience. US Senators have since asked the FCC to consider a similar measure. According to Ars Technica, Brazil is considering taking similar action.

    The National Telecommunications Agency has announced a public consultation for a proposal that would follow the EU’s example. The one big difference is the scope of the proposal. The EU’s mandate applies to smartphones, tablets, handheld gaming consoles, cameras, and more. Eventually, it will also extend to laptops. In contrast, Brazil is only investigating a mandate for cell phones at this time.

    Apple is the company that will be most impacted by these rules and, in all likelihood, will opt to adopt USB-C across its entire lineup rather than have specific hardware models for different jurisdictions.

  • Google Hangouts Is Shutting Down November 2022

    Google Hangouts Is Shutting Down November 2022

    Google is shaking up its messaging efforts yet again, urging users to migrate from Hangouts to Google chat before November 2022.

    Google has been working to replace Hangouts for the last couple of years but is now telling customers it will shutter the service in November 2022. Google already moved its Workspace customers over to chat in March 2022, but the November deadline will impact anyone still using the defunct service.

    “For most people, conversations are automatically migrated from Hangouts to Chat, so it’s easy to pick up where you left off,” writes Ravi Kanneganti, Product Manager, Google Chat. “However, we encourage users who wish to keep a copy of their Hangouts data to use Google Takeout to download their data before Hangouts is no longer available in November 2022 by following these instructions. You can visit the Help Center for more information on the differences between Chat and Hangouts, the migration timelines, and why we recommend downloading your Hangouts data.”

    Google may hold a world record for the number of chat and messaging apps developed (and abandoned) by a single company.

    When discussing Google’s “decade and a half of instability” in the messaging space, Ars Technica Ron Amadeo made this comment:

    Because no single company has ever failed at something this badly, for this long, with this many different products (and because it has barely been a month since the rollout of Google Chat), the time has come to outline the history of Google messaging. Prepare yourselves, dear readers, for a non-stop rollercoaster of new product launches, neglected established products, unexpected shut-downs, and legions of confused, frustrated, and exiled users.

    Only time will tell if Chat will fare any better than Google’s previous messaging efforts. In the meantime, users are left to make yet another transition from one product to another.

  • Apple Significantly Raises Starting Pay For Hourly Employees

    Apple Significantly Raises Starting Pay For Hourly Employees

    Apple is significantly raising its starting pay for hourly employees, some 45% over 2018 levels.

    Like many companies, Apple is working to retain its workforce and attract new talent amid a market that is being squeezed by rising costs, soaring inflation, and increased competition among rivals. In response, according to The Wall Street Journal, via Ars Technica, the company is raising the starting pay of hourly employees to $22, although it may be even higher in some markets.

    In addition, the company said it would move up some annual reviews by as much as several months in an effort to open the door for existing employees to get pay increases faster.

    “Supporting and retaining the best team members in the world enables us to deliver the best, most innovative, products and services for our customers,” a spokesperson told WSJ. “This year as part of our annual performance review process, we’re increasing our overall compensation budget.”

    Read more: Apple Delays Increased In-Person Work Indefinitely

    The move is not surprising, given the overall state of the market. Microsoft recently doubled its salary budget, following similar moves by Amazon.

    To complicate matters even further, Apple has been struggling more than some of its tech rivals with getting employees back to the office. After a couple of years of groundbreaking product releases and record-breaking quarters, many employees see no need to be forced back to the office an arbitrary number of days. Apple’s employees have already penned numerous letters in protest and some have quit, with the company’s AI chief being the most high-profile loss over its back-to-office policies.

    One thing is clear: Apple is pulling out the stops to keep employees happy, although it remains to be seen if it will pull out the stop most people want, and let employees continue to work remotely.

  • Top Websites Capture Email and Passwords — Without You Clicking ‘Submit’

    Top Websites Capture Email and Passwords — Without You Clicking ‘Submit’

    New research shows that some of the world’s top websites collect data — including emails and passwords — from forms even if the user does not click the ‘Submit’ button.

    Submission forms are nearly as old as the internet itself, providing a way for individuals to create accounts, sign in to those accounts, join mailing lists and more. The Submit button is a critical part of those forms, with an implied agreement that data will not be captured until it is clicked. Unfortunately, some of the top websites are collecting users’ data anyway, without the proper consent.

    According to researchers from KU Leuven (Leuven, Belgium), Radboud University, and University of Lausanne, “users’ email addresses are exfiltrated to tracking, marketing and analytics domains before form submission and before giving consent on 1,844 websites when visited from the EU and 2,950 when visited from the US.”

    Interestingly, some 52 websites used third-party session replay scripts to capture passwords as well. Fortunately, all 52 rectified that specific problem when notified.

    Not surprisingly, social media sites were some of the worst offenders, with both Meta and TikTok capturing hashed personal information from forms regardless of whether the user clicked Submit. Obviously the data collection occurred without the user’s consent.

    Below is a list of some of the top sites that leaked email addresses to tracker domains (although some of these have since corrected the issue):

    • businessinsider.com
    • usatoday.com
    • foxnews.com
    • trello.com
    • independent.co.uk
    • theverge.com
    • shopify
    • marriot
    • newsweek
    • codecademy.com
    • azcentral.com

    “If there’s a Submit button on a form, the reasonable expectation is that it does something—that it will submit your data when you click it,” Güneş Acar, a professor and Radboud University researcher, and leader in the study, told Ars Technica. “We were super surprised by these results. We thought maybe we were going to find a few hundred websites where your email is collected before you submit, but this exceeded our expectations by far.”

    “The privacy risks for users are that they will be tracked even more efficiently; they can be tracked across different websites, across different sessions, across mobile and desktop,” Acar added. “An email address is such a useful identifier for tracking, because it’s global, it’s unique, it’s constant. You can’t clear it like you clear your cookies. It’s a very powerful identifier.”

    The researchers have created LeakInspector, a Firefox extension that will help detect when a form is collecting data without consent. Users concerned with their privacy should download the extension immediately.

  • Severe Vulnerability Impacts Linux and Android

    A new, severe vulnerability is putting Linux computers and many Android phones at risk.

    According to Ars Technica the new vulnerability has been dubbed “Dirty Pipe.” The issue allows anyone with an account “to add an SSH key to the root user’s account.” Once done, the user would be able to remotely access to the machine with full root access.

    The vulnerability can also be used for other exploits, such as overwriting read-only files, creating a root shell, setting up a backdoor, and more.

    In addition to impacting computers with Linux installed, the vulnerability also impacts some versions of Android, since the mobile OS runs a modified version of the Linux kernel. While some might be inclined to believe newer versions of Android would be immune, the exact opposite is the case.

    Newer devices, like the Pixel 6 and Samsung S22 run newer versions of the Android kernel, which are vulnerable to the exploit. In contrast, older devices like the Pixel 4 are running older versions of the kernel, which are not vulnerable.

    All Linux and Android users should be on the lookout for a security update.

  • YouTube Offering Top Podcasters $50K to Make the Jump to Video

    YouTube Offering Top Podcasters $50K to Make the Jump to Video

    YouTube is working to entice its top podcasters to make the jump to video, offering $50,000 to sweeten the deal.

    YouTube has been building its base of content subscribers, paying out $30 billion over the last three years. The company even shut down its YouTube Originals, thanks in no small part to having more than two million creators in the YouTube Partner Program.

    In its latest push, Ars Technica is reporting YouTube is offering some of its most popular podcasters $50,000 to switch to video. The money is aimed at helping these creators invest in the equipment they need to produce high-quality videos.

    While the company is offering $50,000 to individuals, some podcasting networks are receiving $200,000 to $300,000.

  • Open Source Drivers or Else: Nvidia Hackers Make Demands

    Open Source Drivers or Else: Nvidia Hackers Make Demands

    The hackers responsible for an Nvidia data breach have finally made their demands, wanting the company to release open source GPU drivers.

    Nvidia is notoriously opposed to open source drivers for its products. The issue is so well-known that it continues to be a problem in the Linux community, with some Linux distros specifically advertising themselves as being Nvidia-friendly by including the company’s official drivers, rather than the normal open source alternatives. The company has also angered some users by including measures to throttle its GPU performance when used for crypto mining.

    On March 1, it was reported that Nvidia had launched a counter-hacking operation against the LAPSU$ group in an effort to encrypt roughly 1TB of stolen data, so it could not be used in a ransomware demand. It’s unclear how successful that operation was, since the group is now making its demands, according to Ars Technica, targeting both complaints against the company.

    So, NVIDIA, the choice is yours! Either:

    –Officially make current and all future drivers for all cards open source, while keeping the Verilog and chipset trade secrets… well, secret

    OR

    –Not make the drivers open source, making us release the entire silicon chip files so that everyone not only knows your driver’s secrets, but also your most closely-guarded trade secrets for graphics and computer chipsets too!

    YOU HAVE UNTIL FRIDAY, YOU DECIDE!

    Given that today is Friday, we won’t have long to wait to see how this demand plays out, but our money is on Nvidia refusing.

  • AT&T Enterprise Customers Hit by Data-Stealing Malware

    AT&T Enterprise Customers Hit by Data-Stealing Malware

    AT&T customers are being hit with a malware attack that uses a network edge device to steal data.

    According to Ars Technica, researchers at Qihoo 360 discovered a new botnet that is targeting the EdgeMarc Enterprise Session Border Controller. The device is commonly used by small to medium-sized enterprises on AT&T’s network.

    “However, during this brief observation, we confirmed that the attacked devices were EdgeMarc Enterprise Session Border Controller, belonging to the telecom company AT&T, and that all 5.7k active victims that we saw during the short time window were all geographically located in the US,” wrote Qihoo 360’s Alex Turing and Hui Wang.

    The vulnerability traces back to 2017 when a researcher discovered a way to attack the devices using an on-device account that used “root” and “default” as the username and password. Despite being discovered years ago, Ars says it’s unclear if AT&T ever notified customers of the vulnerability.

    A patch was released 19 months later, in December 2018. Because the patch required manual installation, however, it’s a safe bet many companies never installed the fix.

    Qihoo 360’s researchers have already found more than 100,000 devices using the same TLS certificate as infected devices. This may indicate the vulnerability is far more widespread than just the confirmed victims.

    “We are not sure how many devices corresponding to these IPs could be infected, but we can speculate that as they belong to the same class of devices the possible impact is real,” the researchers added.

  • Google Working to Bring Android Closer to Linux Kernel

    Google Working to Bring Android Closer to Linux Kernel

    Google is working to bring Android closer to the Linux kernel in a move that could significantly speed up development time.

    Android is arguably the biggest Linux-based operating system (OS) in existence, powering billions of devices the world over. Unfortunately, the OS is a far cry from the base Linux kernel, being forked several times before it gets to a user’s device. The first fork occurs when Google takes the Linux kernel to create the base Android kernel, and then again by each chip maker, and yet again by device manufacturers.

    The end result of repeated forking is that it can take a significant amount of time for improvements, features and fixes to make their way from the top all the way to the end user.

    According to Ars Technica, Google is working on an innovative solution to the problem, one that will only require a single fork from the Linux kernel. From that point forward, System on Chip (SoC) venders — Qualcomm, Samsung and others — and device manufactures will be able to use plugins to customize Android, rather than relying on additional kernel forks.

    The end result will be a much shorter path from the original Linux kernel to end user devices. This will allow Google and its Android ecosystem partners to develop and release updates and patches much faster than the current fragmentation allows.

    Fragmentation and delayed update cycles have been a major problem for Android since its inception. Unlike iOS, where the majority of users quickly migrate to the latest version, Android users are far more spread out over multiple versions of the OS. This poses a problem for Google, as well as the many third-party developers. Google’s efforts to address this are good news for developers and users alike.

  • TSMC Will Be Carbon Neutral By 2050

    TSMC Will Be Carbon Neutral By 2050

    TSMC has announced it plans to be carbon neutral by 2050, a major achievement for the world’s largest chip foundry.

    Computers, cellphones and tablets are part of daily life for most people, yet few think about the amount of energy that goes into making the semiconductors that run popular electronics. TSMC, as the world’s largest chip foundry, produces an astonishing 15 million tons of carbon pollution, according to Ars Technica. That figure puts it well beyond the output of many countries.

    TSMC is determined to do something about it, vowing to be carbon neutral by 2050. In the short term, the company plans to flatten its emissions growth by 2025.

    “TSMC is deeply aware that climate change has a severe impact on the environment and humanity. As a world-leading semiconductor company, TSMC must shoulder its corporate responsibility to face the challenge of climate change,” Chairman Mark Liu said in a statement, according to Ars.