CVS Debuts CVS Pay

CVS has rolled out its CVS Pay program that exists inside its mobile app. It allows customers to pay in store for prescriptions by scanning a barcode at the register.

Will Qualcomm Unveil The Snapdragon 820 SoC

Qualcomm is set to unveil its new Snapdragon 820 SoC on August 11 in LA and more details are being leaked than you would see at a Welsh leak recipe contest.

It appears that the new Snapdragon 820 will have the catchy title MSM8996 and it promises some significant performance improvements in key areas. We already know that it will not be catching fire, but it also has a 40 per cent GPU performance increase with its A530 GPU.

The device is also claimed to have a 30 per cent power improvement with 64b of shared virtual memory with the CPU.

Another big area of improvement is the Hydra CPU, which claims a 35 percent improvement compared to the Snapdragon 810.

The Snapdragon 820 will support 4k60 entertainment and high-speed data connectivity.

There are rumours that there will be a QFE3100 Envelope Tracking system this will not speed up mail in the criminally slow Italian Post Office, but should create a lower power and a thermal footprint. A dedicated low power sensor is integrated for always on use.

Another major upgrade compared to the older SoC is a switch from 20nm to 14nm FinFET manufacturing process. We are still expecting the Xiaomi Mi5 to be the first one to use it.

Source

Qualcomm Gives Snapdragon More Umph

Qualcomm has released a new Trepn Profiler app for Android which will profile Snapdragon processors and tinker with them.

The Trepn Profiler app identifies apps that overwork the CPU or are eating too much data. The app will pinpoint which of the apps drain the battery faster.

All data that will be obtained by this app can provide information you need to know which program is slowing down your phone.

Most Android phone users will not give a damn, but developers will find it useful. Those who are interested in testing roms, custom kernels, and their own apps can use the data gathered by the Trepn Profiler.

Developers can measure optimisation and performance on Snapdragon-powered mobile devices. Data are real-time include network usage, battery power, GPU frequency load, and CPU cores’ load. Key features also include six fast-loading profiling presets, and an advanced mode to manually select data points and save for analysis.

The Advanced Mode allows profiling a single app or device, offline data analysis, and increasing of data collection interval. This special mode also allows longer profiling sessions, displaying two data point in one overlay, and viewing of profile data.

All up this should enable developers to come up with more Snapdragon friendly apps.

Source

Qualcomm Goes Ultrasonic

Qualcomm has unveiled what it claims is the world’s first ‘ultrasonic’ fingerprint scanner, in a bid to improve mobile security and further boost Android’s chances in the enterprise space.

The Qualcomm Snapdragon Sense ID 3D Fingerprint technology debuted during the chipmaker’s Mobile World Congress (MWC) press conference on Monday.

The firm claimed that the new feature will outperform the fingerprint scanners found on smartphones such as the iPhone 6 and Galaxy S6.

Qualcomm also claimed that, as well as “better protecting user data”, the 3D ultrasonic imaging technology is much more accurate than capacitive solutions currently available, and is not hindered by greasy or sweaty fingers.

Sense ID offers a more “innovative and elegant” design for manufacturers, the firm said, owing to its ability to scan fingerprints through any material, be it glass, metal or sapphire.

This means, in theory, that future fingerprint sensors could be included directly into a smartphone’s display.

Derek Aberle, Qualcomm president, said: “This is another industry first for Qualcomm and has the potential to revolutionise mobile security.

“It’s also another step towards the end of the password, and could mean that you’ll never have to type in a password on your smartphone again.”

No specific details or partners have yet been announced, but Qualcomm said that the Sense ID technology will arrive in devices in the second half of 2015, when the firm’s next-generation Snapdragon 820 processor is also tipped to debut.

The firm didn’t reveal many details about this chip, except that it will feature Kryo 64-bit CPU tech and a new machine learning feature dubbed Zeroth.

Qualcomm also revealed more details about LTE-U during Monday’s press conference, confirming plans to extend LTE to unused spectrum using technology integrated in its latest small-cell solutions and RF transceivers for mobile devices.

“We face many challenges as demand for data constantly grows, and we think the best way to fix this is by taking advantage of unused spectrum,” said Aberle.

Finally, the chipmaker released details about a new a partnership with Cyanogen, the open-source outfit responsible for the CyanogenMod operating system.

Qualcomm said that it will provide support for the best features and UI enhancements of CyanogenMod on Snapdragon processors, which will be available for the release of Qualcomm Reference Design in April.

The MWC announcements follow the launch of the ARM Cortex-based Snapdragon 620 and 618 chips last month, which promise to improve connectivity and user experience on high-end smartphones and tablets.

Aberle said that these chips will begin to show up in devices in mid to late 2015.

Source

More Ransomware Plaguing Android

Android users have been warned again that they too can become victims of ransomware.

A Cryptolocker-style Android virus dubbed Simplocker has been detected by security firm Eset, which confirmed that it scrambles files on the SD cards of infected devices before issuing a demand for payment.

The message is in Russian and the demand for payment is in Ukrainian hryvnias, equating to somewhere between £15 and £20.

Naturally, the warning also accuses the victim of looking at rather unsavoury images on their phone. However, while the source of the malware is said to be an app called “Sex xionix”, it isn’t available at the Google Play Store, which generally means that anyone who sideloads it is asking for trouble.

Eset believes that this is actually more of a “proof of concept” than an all-out attack, and far less dangerous than Cryptolocker, but fully functional.

Robert Lipovsky of Eset said, “The malware is fully capable of encrypting the user’s files, which may be lost if the encryption key is not retrieved. While the malware does contain functionality to decrypt the files, we strongly recommend against paying up – not only because that will only motivate other malware authors to continue these kinds of filthy operations, but also because there is no guarantee that the crook will keep their part of the deal and actually decrypt them.”

Eset recommends the usual – use a malware app. It recommends its own, obviously, and advises punters to keep files backed up. Following such advice, said Lipovsky, ensures that ransomware is “nothing more than a nuisance”.

This is not the first Android cryptolocker style virus. Last month a similar virus was found, which Kaspersky said was “unsurprising, considering Android’s market share”.

Source

Will Google’s Project Shield Work?

Google has opened Project Shield, its service for small websites that don’t have the forces to repel denial of service attacks that might come their way.

Google introduced the service on Google+, saying that it is aimed at websites that might otherwise be at risk of online disruption.

“Project Shield, [is] an initiative that enables people to use Google’s technology to better protect websites that might otherwise have been taken offline by “distributed denial of service” (DDoS) attacks. We’re currently inviting webmasters serving independent news, human rights, and elections-related content to apply to join our next round of trusted testers,” it said.

“Over the last year, Project Shield has been successfully used by a number of trusted testers, including Balatarin, a Persian-language social and political blog, and Aymta , a website providing early-warning of scud missiles to people in Syria. Project Shield was also used to protect the election monitoring service in Kenya, which was the first time their site stayed up throughout an election cycle.”

Interested websites should visit the Google Project Shield page and request an invitation to the experience. They should not try to do the same at Nvidia’s website, as they will probably just come away with a handheld games console. This will not offer much assistance against DDoS attacks.

According to a video shared by Google last night, Project Shield works by combining the firm’s DDoS mitigation technologies and Page Speed Service (PSS).

Source

Apple Hacked

A group of German hackers claimed to have successfully breached the iPhone fingerprint scanner on Sunday, just two days after Apple Inc debuted the technology that it promises will better protect devices from criminals and snoopers seeking access.

If the claim is verified, it will be embarrassing for Apple which is betting on the scanner to set its smartphone apart from new models of Samsung Electronics Co Ltd and others running the Android operating system of Google Inc.

Two prominent iPhone security experts told Reuters that they believed the German group, known as the Chaos Computing Club, or CCC, had succeeded in defeating Apple’s Touch ID, though they had not personally replicated the work.

One of them, Charlie Miller, co-author of the iOS Hacker’s Handbook, described the work as “a complete break” of Touch ID security. “It certainly opens up a new possibility for attackers.”

Apple representatives did not respond to requests for comment.

CCC, one the world’s largest and most respected hacking groups, posted a video on its website that appeared to show somebody accessing an iPhone 5S with a fabricated print. The site described how members of its biometrics team had cracked the new fingerprint reader, one of the few major high-tech features added to the latest version of the iPhone.

The group said they targeted Touch ID to knock down reports about its “marvels,” which suggested it would be difficult to crack.

“Fingerprints should not be used to secure anything. You leave them everywhere, and it is far too easy to make fake fingers out of lifted prints,” a hacker named Starbug was quoted as saying on the CCC’s site.

The group said it defeated Touch ID by photographing the fingerprint of an iPhone’s user, then printing it on to a transparent sheet, which it used to create a mold for a “fake finger.”

CCC said similar processes have been used to crack “the vast majority” of fingerprint sensors on the market.

“I think it’s legit,” said Dino Dai Zovi,” another co-author of the iOS Hacker’s Handbook. “The CCC doesn’t fool around or over-hype, especially when they are trying to make a political point.”

Touch ID, which was only introduced on the top-of-the-line iPhone 5S, lets users unlock their devices or make purchases on iTunes by simply pressing their finger on the home button. It uses a sapphire crystal sensor embedded in the button.

Data used for verification is encrypted and stored in a secure enclave of the phone’s A7 processor chip.

Two security experts who sponsored an impromptu competition offering cash and other prizes to the first hackers who cracked the iPhone said they had reviewed the information posted on the CCC website, but wanted more documentation.

“We are simply awaiting a full video documentation and walk through of the process that they have claimed,” said mobile security researcher Nick DePetrillo, who started the contest with another security expert, Robert Graham. “When they deliver that video we will review it.”

The two of them each put up $100 toward a prize for the contest winner, then set up a website inviting others to contribute. While the booty now includes more than $13,000 in cash, it was not clear that the CCC would receive the full payout, even if DePetrillo and Graham declared them winners.

Source

Are Russian Hackers Exploiting Android?

Russian mobile malware factories are working with thousands of affiliates to exploit Android users, a security company has claimed.

According to Lookout Mobile Security the system is so efficient that almost a third of all mobile malware is made by just 10 organisations operating out of Russia. These “malware HQs” are pumping out nasty toll fraud apps, largely aimed at Android users, which force the user to call premium rate numbers the report said.

Thousands of affiliate marketers are also profiting from the scheme and helping spread the malware by setting up websites designed to trick users into downloading seemingly legitimate apps. Affiliates can make up to $12,000 a month and are heavy users of Twitter.

The report’s release at the DEF CON 21 conference in Las Vegas indicated that Lookout Mobile Security are working with the spooks to bring the crooks down. The malware HQs had gone to great lengths to obfuscate and encrypt their code to make detection tricky, but their advertising was pretty brazen.

Source

Is NFC Catching On?

Near Field Communication (NFC) is steadily gaining adoption in the U.S. for sharing data and music among smartphones, but the technology faces years of slow growth as a replacement for physical wallets.

NFC will take a minimum of three more years to grab hold as a technology that enables so-called mobile wallets as a replacement for credit cards and cash in the U.S., according to a consensus of five analysts. And by “grab hold,” these analysts mean being used by only 10% of mobile phone users to make digital purchases.

Gartner analyst Avivah Litan predicts that NFC payments will hit the 10% threshold in 2015, compared to the process of SMS (texting) payments that is expected to represent 50% of mobile payment volume globally in that same year. “We’re still on the edge when it comes to NFC innovation,” Litan says. “It will take a decade before it’s mainstream across the globe.”

Dozens of new smartphones that run Android, BlackBerry and Windows, and that include an NFC chip, launched last year. But Apple notably did not put NFC in its new iPhone 5 when the phone launched in September. That move “surely had a significant detrimental impact on industry adoption of NFC,” Litan says, given Apple’s influence in the mobile market.

Apple justified the move by saying that consumers already could use its Passbook app, which shows barcodes on the display, instead of NFC. The barcodes contain information that can be scanned by optical readers to let users board planes and redeem movie tickets — tasks that Apple notes are “the kinds of things consumers need today.”

Some have criticized Apple for omitting NFC from the iPhone 5, which has led to a widespread reassessment of NFC’s immediate future, especially in the U.S.

Source…

Kaspersky Finds New Malware

Kaspersky Lab has discovered three Flame spyware related malware threats that it said use “sophisticated encryption methods”.

Kaspersky claims that it uncovered the three new hostile programs while analysing a number of Command and Control (C&C) servers used by Flame’s creators.

“Sophisticated encryption methods were utilised so that no one, but the attackers, could obtain the data uploaded from infected machines,” the firm’s statement read.

“The analysis of the scripts used to handle data transmissions to the victims revealed four communication protocols, and only one of them was compatible with Flame.

“It means that at least three other types of malware used these Command and Control servers. There is enough evidence to prove that at least one Flame-related malware is operating in the wild.”

The discovery of the three programs indicates that Flame’s Command and Control platform was being developed in 2006, four years earlier than first thought.

Flame was originally uncovered in May targeting Iranian computer systems. The malware drew widespread concerns within the security industry regarding its advanced espionage capabilities.

The full scale of Flame and its overarching implications remain unknown, despite the ongoing joint research campaign being mounted by Kaspersky, IMPACT, CERT-Bund/BSI and Symantec.

“It was problematic for us to estimate the amount of data stolen by Flame, even after the analysis of its Command and Control servers,” said Kaspersky’s chief security expert, Alexander Gostev.

Following the discovery of the three new related programs, Kaspersky’s chief malware expert Vitaly Kamluk told The INQUIRER that Flame is not the only one in this big family.

“There are others and they aren’t just other known malwares such as Stuxnet, Gauss or Duqu,” he said. “They stay in the shadows and no one has published anything about them yet. Others were probably used for different campaigns.”

Kamluk added that it is “very possible” there are more than the three listed in Kaspersky’s report.

“They started building RedProtocol, yet another ‘language’ for unknown malware. No known client types are using that one, which means that there is even more malware out there,” he added.

Source…

Next Page »