Sign up for our Technology Newsletter 
Will Qualcomm Unveil The Snapdragon 820 SoC
Comments Off on Will Qualcomm Unveil The Snapdragon 820 SoC
Qualcomm is set to unveil its new Snapdragon 820 SoC on August 11 in LA and more details are being leaked than you would see at a Welsh leak recipe contest.
It appears that the new Snapdragon 820 will have the catchy title MSM8996 and it promises some significant performance improvements in key areas. We already know that it will not be catching fire, but it also has a 40 per cent GPU performance increase with its A530 GPU.
The device is also claimed to have a 30 per cent power improvement with 64b of shared virtual memory with the CPU.
Another big area of improvement is the Hydra CPU, which claims a 35 percent improvement compared to the Snapdragon 810.
The Snapdragon 820 will support 4k60 entertainment and high-speed data connectivity.
There are rumours that there will be a QFE3100 Envelope Tracking system this will not speed up mail in the criminally slow Italian Post Office, but should create a lower power and a thermal footprint. A dedicated low power sensor is integrated for always on use.
Another major upgrade compared to the older SoC is a switch from 20nm to 14nm FinFET manufacturing process. We are still expecting the Xiaomi Mi5 to be the first one to use it.
Qualcomm Gives Snapdragon More Umph
Qualcomm has released a new Trepn Profiler app for Android which will profile Snapdragon processors and tinker with them.
The Trepn Profiler app identifies apps that overwork the CPU or are eating too much data. The app will pinpoint which of the apps drain the battery faster.
All data that will be obtained by this app can provide information you need to know which program is slowing down your phone.
Most Android phone users will not give a damn, but developers will find it useful. Those who are interested in testing roms, custom kernels, and their own apps can use the data gathered by the Trepn Profiler.
Developers can measure optimisation and performance on Snapdragon-powered mobile devices. Data are real-time include network usage, battery power, GPU frequency load, and CPU cores’ load. Key features also include six fast-loading profiling presets, and an advanced mode to manually select data points and save for analysis.
The Advanced Mode allows profiling a single app or device, offline data analysis, and increasing of data collection interval. This special mode also allows longer profiling sessions, displaying two data point in one overlay, and viewing of profile data.
All up this should enable developers to come up with more Snapdragon friendly apps.
Qualcomm Goes Ultrasonic
Qualcomm has unveiled what it claims is the world’s first ‘ultrasonic’ fingerprint scanner, in a bid to improve mobile security and further boost Android’s chances in the enterprise space.
The Qualcomm Snapdragon Sense ID 3D Fingerprint technology debuted during the chipmaker’s Mobile World Congress (MWC) press conference on Monday.
The firm claimed that the new feature will outperform the fingerprint scanners found on smartphones such as the iPhone 6 and Galaxy S6.
Qualcomm also claimed that, as well as “better protecting user data”, the 3D ultrasonic imaging technology is much more accurate than capacitive solutions currently available, and is not hindered by greasy or sweaty fingers.
Sense ID offers a more “innovative and elegant” design for manufacturers, the firm said, owing to its ability to scan fingerprints through any material, be it glass, metal or sapphire.
This means, in theory, that future fingerprint sensors could be included directly into a smartphone’s display.
Derek Aberle, Qualcomm president, said: “This is another industry first for Qualcomm and has the potential to revolutionise mobile security.
“It’s also another step towards the end of the password, and could mean that you’ll never have to type in a password on your smartphone again.”
No specific details or partners have yet been announced, but Qualcomm said that the Sense ID technology will arrive in devices in the second half of 2015, when the firm’s next-generation Snapdragon 820 processor is also tipped to debut.
The firm didn’t reveal many details about this chip, except that it will feature Kryo 64-bit CPU tech and a new machine learning feature dubbed Zeroth.
Qualcomm also revealed more details about LTE-U during Monday’s press conference, confirming plans to extend LTE to unused spectrum using technology integrated in its latest small-cell solutions and RF transceivers for mobile devices.
“We face many challenges as demand for data constantly grows, and we think the best way to fix this is by taking advantage of unused spectrum,” said Aberle.
Finally, the chipmaker released details about a new a partnership with Cyanogen, the open-source outfit responsible for the CyanogenMod operating system.
Qualcomm said that it will provide support for the best features and UI enhancements of CyanogenMod on Snapdragon processors, which will be available for the release of Qualcomm Reference Design in April.
The MWC announcements follow the launch of the ARM Cortex-based Snapdragon 620 and 618 chips last month, which promise to improve connectivity and user experience on high-end smartphones and tablets.
Aberle said that these chips will begin to show up in devices in mid to late 2015.
OpenSSL Gets Updated
OPENSSL, the web security layer at the center of the Heartbleed vulnerability, has been issued with a further nine critical patches.
While none are as serious as Heartbleed, patching is recommended for all users according to an advisory released today. The vulnerabilities stem from various security research teams around the web including Google, Logmein and Codenomicom, based on their reports during June and July of this year.
Among the more interesting fixes involves a flaw in the ClientHello message process. If a ClientHello message is badly fragmented, it is vulnerable to a man-in-the-middle attack which could be used to force the server to downgrade itself to the TLS 1.0 protocol, a fifteen year old and therefore pre-Heartbleed patch variant.
Other reports include memory leaks caused by denial of service attacks (DoS) and conversely, crashes caused by an attempt to free up the same portions of memory twice.
OpenSSL now has two full time coders as a result of investment by a consortium of Internet industry companies to form the Core Infrastructure Initiative, a not-for-profit group administered by the Linux Foundation. The Initiative was set up in the wake of Heartbleed, as the industry vowed to ensure such a large hole would never be left unplugged again.
While OpenSSL is used by a large number of encrypted sites, there are a number of forks of the project including LibreSSL and the recently launched Google BoringSSL.
Google recently announced that it would be lowering the page rankings of unencrypted pages in its search results as an added security measure.
Many Websites Still Exposed
The world’s top 1,000 websites have been updated to protect their servers against the “Heartbleed” vulnerability, but up to 2% of the top million remained unprotected as of last week, according to a California security firm.
On Thursday, Menifee, Calif.-based Sucuri Security scanned the top 1 million websites as ranked by Alexa Internet, a subsidiary of Amazon that collects Web traffic data.
Of the top 1,000 Alexa sites, all were either immune or had been patched with the newest OpenSSL libraries, confirmed Daniel Cid, Sucuri’s chief technology officer, in a Sunday email.
Heartbleed, the nickname for the flaw in OpenSSL, an open-source cryptographic library that enables SSL (Secure Sockets Layer) or TLS (Transport Security Layer) encryption, was discovered independently by Neel Mehta, a Google security engineer, and researchers from security firm Codenomicon earlier this month.
The bug had been introduced in OpenSSL in late 2011.
Because of OpenSSL’s widespread use by websites — many relied on it to encrypt traffic between their servers and customers — and the very stealthy nature of its exploit, security experts worried that cyber criminals either had, or could, capture usernames, passwords,\ and even encryption keys used by site servers.
The OpenSSL project issued a patch for the bug on April 7, setting off a rush to patch the software on servers and in some client operating systems.
The vast majority of vulnerable servers had been patched as of April 17, Sucuri said in a blog postthat day.
While all of the top 1,000 sites ranked by Alexa were immune to the exploit by then, as Sucuri went down the list and scanned smaller sites, it found an increasing number still vulnerable. Of the top 10,000, 0.53% were vulnerable, as were 1.5% of the top 100,000 and 2% of the top 1 million.
Other scans found similar percentages of websites open to attack: On Friday, San Diego-based Websense said about 1.6% of the top 50,000 sites as ranked by Alexa remained vulnerable.
Since it’s conceivable that some sites’ encryption keys have been compromised, security experts urged website owners to obtain new SSL certificates and keys, and advised users to be wary of browsing to sites that had not done so.
Sucuri’s scan did not examine sites to see whether they had been reissued new certificates, but Cid said that another swing through the Web, perhaps this week, would. “I bet the results will be much much worse on that one,” Cid said.
1 In 5 U.S. PCs Have No Antivirus Protection
Comments Off on 1 In 5 U.S. PCs Have No Antivirus Protection
Nearly a fifth of Windows PCs in the U.S. lack any active security protection, an antivirus vendor stated on Wednesday, citing numbers from a year-long project.
“The scale of this is unprecedented,” argued Gary Davis, the director of global consumer product marketing for McAfee, talking about the scope of his company’s sampling of PC security.
McAfee took measurements from scans of more than 280 million PCs over the last 12 months, and found that 19.3% of all U.S. Windows computers browsed the Web sans security software. Owners of those systems downloaded and used McAfee’s free Security Scan Plus, a tool that checks for antivirus programs and enabled firewalls.
Globally, the average rate was 17%, putting the U.S. in the top 5 most-unprotected countries of the 24 represented in the scans.
Of the unprotected PCs in the U.S., 63% had no security software at all, while the remaining 37% had an AV program that was no longer active. The latter were likely trial versions of commercial antivirus software that had expired.
Antivirus trials are a fact of life in the Windows world. Most new machines come with security software that runs for a limited time. Some new Dell PCs, for example, come with a 30-day trial of McAfee’s Security Center program.