On April 30, the House’s Technology Service Desk informed users about an increase in ransomware-related emails on third-party email services like Yahoo Mail and Gmail.

“The House Information Security Office is taking a number of steps to address this specific attack,” the Technology Service Desk said in an email obtained and published by Gizmodo. “As part of that effort, we will be blocking access to Yahoo Mail on the House Network until further notice.”

The ban on Yahoo Mail access suggests that some House of Representatives workers accessed Yahoo mailboxes from their work computers. This raises questions: Are House workers using Yahoo Mail for official business, and, if they’re not, are they allowed to check their private email accounts on work devices?

If they use the same devices for both personal and work activities, one would hope that there are access controls in place to separate the work and personal data. Otherwise, if they are allowed to take those devices outside of the House’s network, they could just as easily become infected there, where the ban is not in effect.

“The recent attacks have focused on using .js files attached as ZIP files to e-mail that appear to come from known senders,” the House’s Technology Service Desk said. “The primary focus appears to be through Yahoo Mail at this time.”

The increase in ZIP and RAR attachments that contain malicious JavaScript (JS) files has been observed by multiple security companies in recent months. Microsoft offers several recommendations, like using the Windows AppLocker group policy to restrict the execution of .JS files.

The House Information Security Office also banned access to appspot.com, the domain name used by applications hosted on the Google App Engine platform, Reuters reported.

Source- http://www.thegurureview.net/aroundnet-category/u-s-house-of-representatives-block-yahoo-and-google-apps.html

Google announced this week that it released an Android update to patch shedloads of vulnerabilities, but the advisory mentioned an information disclosure vulnerability in the Qualcomm tethering controller (CVE-2016-2060) that allows a malicious application to access user information.

FireEye said that this vulnerablity is “high severity,” but Google noted that it does not affect Nexus devices. The patch for the issue is not in the Android Open Source Project (AOSP) repository but might make it in the  latest driver updates for affected devices.

The security outfit said that researchers informed Qualcomm about the vulnerability in January and the vendor developed a fix by early March, when it started reaching out to OEMs to let them know about the issue. Now it’s up to the device manufacturers to push out the patch to customers. So probably a long time then.

The flaw exists in an open source software package maintained by Qualcomm and is related to the Android network daemon (netd).

“The vulnerability was introduced when Qualcomm provided new APIs as part of the ‘network_manager’ system service, and subsequently the ‘netd’ daemon, that allow additional tethering capabilities, possibly among other things,” FireEye said.

The flaw has been confirmed to affect devices running Android 5.0 Lollipop and earlier, which currently account for roughly three-quarters of Android devices. Researchers noted that the affected Qualcomm software package is used in a variety of projects, including the popular CyanogenMod, and the vulnerable APIs appear to have been around since at least 2011.

The vulnerability can be exploited to escalate privileges to the built-in “radio” user, which has permissions that are normally not available to a third-party app. The most efficient way to exploit CVE-2016-2060 is via a malicious application that is granted the “ACCESS_NETWORK_STATE” permission.

Courtesy-Fud

Researchers from security firm PhishLabs claim that they’ve found 11 such applications since the beginning of 2016 hosted on Google Play, most of them created by the same group of attackers.

The apps are simple, yet effective. They load Web pages containing log-in forms that look like the target companies’ websites. These pages are loaded from domain names registered by the attackers, but because they are loaded inside the apps, users don’t see their actual location.

In some cases attackers registered domain names that are similar to those of the impersonated online payment services, PhishLab Security Threat Analyst Joshua Shilko said in a blog post.

More recently, attackers used domain names similar to those of cryptocurrency companies, suggesting that the cryptocurrency industry is also targeted.

PhishLabs did not name the exact payment card companies and online payment services whose users were targeted by these fake apps. However, most of those companies provide links to their official mobile applications on their websites and users should always use those links instead of manually searching for them on the Play store.

“In one case, a targeted company explicitly states on their website that no mobile application exists for their company and that users should be wary of any mobile application using their brand,” Shilko said.

The danger is that if phishers manage to routinely bypass Google’s review process and upload such apps to the Google Play store, their attacks might extend to other industries in the future.

Another problem is that even when these apps are detected by third-parties and reported, it can take several days for Google to remove them from the app store, leaving a sufficiently large window of opportunity for attackers. It’s not clear how attackers promote these fake apps or if they rely only on users finding them themselves, but in general phishing attacks are most effective during the first several hours after they’re launched.

Source- http://www.thegurureview.net/mobile-category/phishing-apps-continue-to-play-google-play.html

LG said the dispute with Qualcomm has been completely settled, although it did not say how much it had agreed to pay. Earlier it had claimed Qualcomm had overcharged for the chips under a licensing contract.

The news about the lawsuit settlement emerged following Qualcomm’s profit forecast for the second quarter in January, which was below what Wall Street’s tarot readers had predicted.

The company expected its mobile chip shipment to fall by 16-25 per cent in the second quarter. Additionally, it expected 3G and 4G device shipment to decline by 4 to 14 per cent. As for the first quarter of 2016, Qualcomm’s chip shipment fell 10 per cent , with a drop in revenue by 21.6 per cent. Revenue from licensing declined 10.4 per cent, suggests a Reuters report.

An LG spokesperson said that this kind of dispute was “actually nothing” and was similar to the ones that the industries had in the past.

“Qualcomm has lowered its royalty rate to LG in return for LG’s guaranteed purchase of Qualcomm processors, which are currently being used in its flagship handsets and will be used in upcoming flagship models,” added the official.

Qualcomm might have been a little nervy.  LG has invested millions to develop its own chipset, in an attempt to cut down its dependency on Qualcomm for mobile processors.

Courtesy-Fud

While we would have thought that there would be little choice between Oracle and Apple as evil software outfits, the fact that Apple uncharacteristically made Swift open source might make life a bit brighter for Google. At the moment Oracle is suing Google for silly money for its Java use in Android.

Swift was created as a replacement for Objective C, and is pretty easy-to-write. It was introduced at WWDC 2014, and has major support from IBM as well as a variety of major apps like Lyft, Pixelmator and Vimeo that have all rebuilt iOS apps with Swift.

But since Apple open sourced Swift, Google, Facebook and Uber have al said that they are interested in it. Taking Java out of Android is a big job. Google would also have to make its entire standard library Swift-ready, and support the language in APIs and SDKs. Some low-level Android APIs are C++, which Swift cannot bridge to. Higher level Java APIs would also have to be re-written.

Of course if it did all this, Apple might realize that its biggest rival was using its own software to club it to death. It might not be be so nice about allowing Swift out to play and eventually Google have to fork Swift and dump the Apple version. This would probably result in an anst-ridden moan album about how life is so unfair which makes a fortune while scoring passive agressive revenge on the dumpee.

Courtesy-Fud

Nvidia claims it was forced to wind down its cellular mobile broadband chipset business, including its Icera unit just four years after buying it, because of Qualcomm’s anti-trust antics.

Qualcomm’s alleged tactics led to “unexplained delays in customer orders, reductions in demand volumes and contracts never being entered into, even after a customer or mobile network cooperating with a prospective customer has agreed or expressed a strong intention to purchase” Nvidia’s chipsets, the company moaned.

The claim for cash comes as European Union regulators step up antitrust investigations into Qualcomm sales tactics that officials said thwarted other designers of mobile-phone chip technology. This could result in fines or an EU order forcing a company to change its behaviour.

The EU thinks Qualcomm may have charged below-cost fees for chips used in mobile Internet modems known as dongles from 2009 to 2011 to thwart smaller competitor Icera. Regulators are separately probing what they say are exclusivity payments Qualcomm paid to a phone and tablet manufacturer for using its designs.

Qualcomm is “confident” it would prevail in both the EU investigation and the lawsuit.

Nvidia is seeking a declaration from the judge that Qualcomm’s conduct was an abuse of a dominant position, compensation, and an account of the profits it says Qualcomm gained from unlawful conduct, according to the court filings.

Courtesy-Fud

Hexus spotted Yu Zheng, an R&D Manager at AMD Shanghai had listed the work on Project Greenland as a work experience highlight on his LinkedIn profile page. Greenland is described as “A leading chip of the first graphics IP v9.0 generation, it has full capacity of 4096 shader processor along with whole new SOC v15 architecture.”

The Graphics IP v9.0 designation is thought to signify a Vega GPU in the making. Zheng mentions this is an SOC, but then Hawaii and Fiji chips were described the same. Fiji is part of the graphics IP v8.0 family, as will be Polaris.

Vega following after Polaris, and designated as a ‘HMB2′ GPU by AMD, it looks like Vega based graphics cards will be the successors to the HBM equipped Fiji range such as the Radeon Fury and Nano. Fiju can manage 4096 stream processors,  but with an upgrade to HBM2, 14nm process and other optimisation it is estimated that a Greenland/Vega GPU based graphics cards will offer 20 to 30 per cent better performance.

So with Greenland/Vega sporting HBM2 memory Hexus thinks that Polaris packing graphics cards will therefore feature GDDR5/X memory.

Courtesy-Fud

The bulk of the visits to DAP websites originate in the U.S.

So far Windows 10 has recorded 20.2% of visits in March by Windows PCs, smartphones and tablets. That was a one-percentage point increase from February and more than two percentage points above January’s.

Although Microsoft irregularly trumpets the number of devices running Windows 10 — the last time was nearly three months ago — data from DAP and metrics vendors like Net Applications and StatCounter are the only publicly available sources for monitoring Windows 10 adoption.

But these external measurements are rough at best.

A case in point: Because overall traffic to DAP websites plummets on weekends — total visits by Windows devices on Saturday and Sunday are typically less than half that of a weekday — Windows 10 may be unrepresented, as more Windows PCs used during the work week are business machines, which predominantly run the corporate standard, Windows 7.

Microsoft has just over four months left to boost Windows 10 adoption by pushing the free upgrade to eligible Windows 7 and 8.1 devices. That deal is set to expire July 29, on the one-year anniversary of Windows 10′s launch.

Windows 10 adoption growth has slowed each month this year. At the pace of past three months, Windows 10 should account for approximately 26% of DAP’s traffic by the end of July. (Other data sources have repeatedly portrayed global adoption of Windows 10 at lower rates than in the U.S.)

Will that match whatever goal Microsoft set when it decided to give away upgrades? Microsoft’s not saying, and even if it did, there would be no way to verify any claim.

Source- http://www.thegurureview.net/computing-category/windows-10-passes-20-user-share-mark.html 

RealSense is a mix of infrared, laser and optical cameras to measure depth and track motion. It can be used on a drone that can navigate its own way through a city block, but it is also good at detecting changes in facial expressions, and Intel wanted to give RealSense the ability to read human emotions by combining it with an emotion recognition technology developed by Emotient.

Plugging in Emotient allowed RealSense to detect whether people are happy or sad by analyzing movement in their lips, eyes and cheeks. Intel said that it could detect “anger, contempt, disgust, fear,” and other sentiments.

A few months ago the fruity cargo cult Apple acquired Emotient. Intel has removed the Emotient plug-in from the latest version of the RealSense software development kit.

It is not clear at this point if Apple told Intel that it invented the plug in and so it had to sling its hook, or if Intel did not want Jobs’ Mob anywhere near its technology.

The RealSense SDK has features that allow it to recognize some facial expressions, but it’s unclear if they’ll be as effective as the Emotient technology.

Courtesy-Fud

The SDK gives developers access to advanced VR features, according to Qualcomm, allowing them to simplify development and attain improved performance and power efficiency with Qualcomm’s Snapdragon 820 processor, found in Android smartphones such as the Galaxy S7 and tipped to feature in upcoming VR headsets.

In terms of features, the development kit offers tools such as digital signal processing (DSP) sensor fusion, which allows devs to use the “full breadth” of technologies built into the Snapdragon 820 chip to create more responsive and immersive experiences.

It will help developers combine high-frequency inertial data from gyroscopes and accelerometers, and there’s what the company calls “predictive head position processing” based on its Hexagon DSP, while Qualcomm’s Symphony System Manager makes easier access to power and performance management for more stable frame rates in VR applications running on less-powerful devices.

Fast motion to photon will offer single buffer rendering to reduce latency by up to 50 percent, while stereoscopic rendering with lens correction offers support for 3D binocular vision with color correction and barrel distortion for improved visual quality of graphics and video, enhancing the overall VR experience.

Stereoscopic rendering with lens correction supports 3D binocular vision with color correction and barrel distortion for improved visual quality of graphics and video, enhancing the overall VR experience.

Rounding off the features is VR layering, which improves overlays in a virtual world to reduce distortion.

David Durnil, senior director of engineering at Qualcomm, said: “We’re providing advanced tools and technologies to help developers significantly improve the virtual reality experience for applications like games, 360 degree VR videos and a variety of interactive education and entertainment applications.

“VR represents a new paradigm for how we interact with the world, and we’re excited to help mobile VR developers more efficiently deliver compelling and high-quality experiences on upcoming Snapdragon 820 VR-capable Android smartphones and headsets.”

The Snapdragon VR SDK will be available to developers in the second quarter through the Qualcomm Developer Network.

The launch of Qualcomm’s VR SDK comes just moments after AMD also entered the VR arena with the launch of the Sulon Q, a VR-ready wearable Windows 10 PC.

Courtesy-TheInq