network engineer, cloud infrastructure fluffer, fascinated with the machinations of the tech industry, friend to Cthulu and animals everywhere
3332 stories
·
36 followers

Security Update 2017-001 (Yosemite, El Capitan)

1 Comment
Resolves several security vulnerabilities for the two older operating systems. (Free, various sizes)

 

Read the full article at TidBITS, the oldest continuously published technology publication on the Internet. To get a full-text RSS feed, help support our work and become a TidBITS member! Members also enjoy an ad-free version of our Web site, email delivery of individual articles, the ability to make long comments with live links, and discounts on Take Control orders and other Apple-related products.

Read the whole story
MotherHydra
3 hours ago
reply
My personal MacBook Pro sat on a black screen with a spinner until I restarted 29 minutes later. It came back without issue but beware.
Space City, USA
Share this story
Delete

Alleged vDOS Owners Poised to Stand Trial

1 Comment

Police in Israel are recommending that the state attorney’s office indict and prosecute two 18-year-olds suspected of operating vDOS, until recently the most popular attack service for knocking Web sites offline.

On Sept. 8, 2016, KrebsOnSecurity published a story about the hacking of vDOS, a service that attracted tens of thousands of paying customers and facilitated countless distributed denial-of-service (DDoS) attacks over the four year period it was in business. That story named two young Israelis — Yarden Bidani and Itay Huri — as the likely owners and operators of vDOS, and within hours of its publication the two were arrested by Israeli police, placed on house arrest for 10 days, and forbidden from using the Internet for a month.

The front page of vDOS, when it was still online last year.

The front page of vDOS, when it was still online last year.

After those restrictions came and went, some readers expressed surprise that there were no formal charges announced against either of the young men. This week, however, Israeli police sent letters to lawyers for both men stating that the official investigation was nearing completion and that they planned to urge government prosecutors to pursue criminal charges.

The police are preparing to recommend prosecutors charge the men with computer fraud and extortion, alleging they caused more than six million shekels worth of damage (approximately USD $1.65 million).

Bidani’s attorney Perach Aroch told KrebsOnSecurity that her client has not yet been officially charged with any crime. But she said once the investigation is complete the defense will have 30 days to review the evidence and to make arguments as to why the case should be dismissed.

“They have to give us 30 days to see all the evidence and to try to convince them why they should not take this case to court,” Aroch said. “After that, [the prosecutors will] decide if it should go to trial.”

18-year-old Yarden Bidani.

18-year-old Yarden Bidani.

The arrest of Bidani and Huri came after the police received information from the Federal Bureau of Investigation (FBI). But the United States apparently isn’t the only country weighing in on this case: According to a story published Sunday by Israeli news outlet TheMarker.com, the government of Sweden also is urging Israeli prosecutors to pursue formal charges.

It’s unclear exactly why the Swedish government is so interested in this case, but the vDOS service has been implicated in a series high-profile attacks that brought down some of the country’s largest news media Web sites last year.

Shortly after those attacks in March 2016, Somerville, Mass.-based security intelligence firm Recorded Future published an analysis linking the assaults against Swedish media sites to vDOS and to “applej4ck,” the hacker nickname allegedly used by Bidani.

In publicizing the news of vDOS’s hack last year, KrebsOnSecurity also published several months of attack logs from the vDOS service. However, those logs only dated back to May 2016.

Itay Huri’s lawyer declined to comment for this story, but TheMarker’s Amitai Ziv obtained a statement from Huri’s attorney, who accused Israeli police of applying pressure and terror through the media instead of looking for the truth.

Ziv said sources he’s spoken to believe the case will almost certainly go to trial.

“Professionals involved in the case said the likelihood of indictments in the affair is very high,” he wrote.

According to Bidani’s lawyer Aroch, the two former friends are now pointing the finger of blame at each other and are no longer speaking to one another.

“They each now accuse each other in things, so it’s a little bit of a problem,” Aroch said.

Aroch said both Bidani and Huri are free to travel and even leave the country, although both men have had their bank and PayPal accounts frozen.

Bidani and Huri allegedly started vDOS when they were 14 years old. By the time the service was shut down last September, it had attracted tens of thousands of customers who paid for attacks in PayPal (when vDOS’s PayPal accounts were shut down, the service briefly shifted to accepting payment via Bitcoin).

My Sept. 2016 investigation into the hacking of vDOS revealed that in just two of the four years the service was in operation, it brought in revenues of more than $600,000.

It’s unclear how many digital sieges were launched by vDOS, but it was likely several million. The aforementioned user logs stolen from vDOS and leaked to KrebsOnSecurity show that in just the span of less than three months last year the service was responsible for more than 150,000 attacks.

KrebsOnSecurity paid a heavy price for breaking the story on vDOS’s hacking and the subsequent arrest of its alleged proprietors. Less than two weeks after those stories were published in September 2016, this site came under one of the largest DDoS attacks the Internet has ever witnessed.

That series of attacks ultimately knocked this site offline for nearly four days. According to follow-up reporting published in January 2017, the attacks were paid for by a cybercriminal who was upset and/or inconvenienced by my exposé on vDOS.

Lawyers for Bidani and Huri have said their clients were merely operating a defensive “stresser” service sold to companies that wished to test whether their sites could withstand large cyberattacks. The owners of these stresser services have sought to hide behind wordy “terms of service” agreements which all customers must agree to, arguing that these agreements absolve them of any sort of liability for how their customers use the service.

Law enforcement officials both in the United States and abroad say stresser services enable illegal activity, and they’ve recently begun arresting both owners and users of these services.

In December 2016, federal investigators in the U.S. and Europe arrested nearly three-dozen people suspected of patronizing stresser services (also known as “booter” services). That crackdown was billed as part of an effort by authorities to weaken demand for these services, and to impress upon customers that hiring someone to launch cyberattacks on your behalf can land you in jail. In October 2016, the U.S. Justice Department charged two 19-year-old men alleged to have operated a stresser service affiliated with the hacking group known as the Lizard Squad.

Read the whole story
MotherHydra
11 hours ago
reply
The the Lizard Squad saga continues...
Space City, USA
Share this story
Delete

Apple patent involves sound effects on iOS devices

1 Comment

Apple has been granted a patent (number 9,602,929) for “techniques for presenting sound effects on a portable media player.” The sound effects can be output as audio sounds to an internal speaker, an external speaker, or both. 

In addition, the audio sounds for the sound effects can be output together with other audio sounds pertaining to media assets (e.g., audio tracks being played). In one embodiment, the sound effects can serve to provide auditory feedback to a user of the portable media device. A user interface can facilitate a user's selection of sound effect usages, types or characteristics.

In the patent filing, Apple notes that users often interact with media players (thinkt the iPhone, iPad and iPod touch) while wearing earphones or headphones. In such case, the users will likely not be able to hear any auditory feedback, such as "click" sounds from a piezoelectric device. What’s more, the user might also be listening to audio sounds via the earphones or headphones when the user interaction occurs. Consequently, any users interaction with the media player while wearing earphone or headphones will be without the advantage of auditory feedback. The lack of auditory feedback degrades the user experience and renders the media player less user friendly. Apple’s patent is designed to deal with this.

Of course, Apple files for — and is granted — lots of patents by the U.S. Patent & Trademark Office. Many are for inventions that never see the light of day. However, you never can tell which ones will materialize in a real product.



Read the whole story
MotherHydra
16 hours ago
reply
This is the sort of patent that, after reading, makes me feel a wee bit better about Apple. The company has always been miles ahead of their competition in terms of accessibility so I'm happy to see effort is still being made to enable anyone to use an iOS device.

Space City, USA
Share this story
Delete

Apple patent filing is for iOS, watchOS devices that are self-healing to be more waterproof

1 Comment

iPhone, iPad, and Apple Watch, heal thyself. Apple has filed for a patent (number 20170086321) for “self-energizing sealing mechanisms.” It involves electronic devices with a sealing mechanism to prevent ingress of water into the interior cavity. 

Apple wants to “enhance a user experience as well as for preventing harm to the internal components of electronic devices in high water content environments. In the patent filing, the company notes that as electronic devices become more ubiquitous, “it is beneficial to be able to use them in various environments without damaging the device, including when water is present.”

The sealing mechanism would sport a channel having a first opening at an external environment and a second opening that leads to the interior volume, a membrane that covers the second opening, the membrane being air permeable and water resistant such that the membrane allows air to pass and prevents passage of water up to an upper pressure threshold, a stopper mechanism, and a diaphragm comprising a surface arranged to receive an external water pressure. The surface would be air and water impermeable, the diaphragm being coupled to the stopper mechanism that deflects in response to the water pressure such that the diaphragm actuates the stopper mechanism and seals off the channel from at the first opening preventing water pressure at the membrane from exceeding the upper pressure threshold.

Of course, Apple files for — and is granted — lots of patents by the U.S. Patent & Trademark Office. Many are for inventions that never see the light of day. However, you never can tell which ones will materialize in a real product.



Read the whole story
MotherHydra
16 hours ago
reply
This sounds (reads) like the mechanism used by the Series 2 Apple Watch's speaker port. It always bugs me when patent filings such as this aren't connected to their real-world equivalent and are instead presented for consideration/ speculation. This website is particularly guilty of the practice.
Space City, USA
Share this story
Delete

British Home Secretary Amber Rudd: smartphone apps can’t offer unbreakable encryption

1 Comment

Following last week’s terrorist attack in London, British Home Secretary Amber Rudd (pictured) tells the BBC that Apple can’t allow apps on its online stores that offer unbreakable encryption. 

It was revealed that Khalid Masood accessed WhatsApp two minutes before running into a crowd pedestrians on Westminster Bridge in a rented car, killing three of them, then fatally stabbing a police officer guarding the Houses of Parliament.

WhatsApp Messenger is a freeware, cross-platform and end-to-end encrypted instant messaging application for smartphones. It uses the Internet to make voice calls, one to one video calls; send text messages, images, GIF, videos, documents, user location, audio files, phone contacts and voice notes to other users using standard cellular mobile numbers.

Apple CEO Tim Cook has said it would be "wrong" for governments to force Apple to "build a back door" into products. However, Rudd said, ”I would ask Tim Cook to think again about other ways of helping us work out how we can get into the situations like WhatsApp on the Apple phone."

Europol director Rob Wainwright echoed her call for changes. All messages sent on WhatsApp have end-to-end encryption, meaning they are unreadable if intercepted by anyone, including law enforcement and WhatsApp itself.



Read the whole story
MotherHydra
16 hours ago
reply
The British love engaging in F.U.D., it's the cornerstone of their nanny state.
Space City, USA
Share this story
Delete

Review: Blue Sadie Headphones

1 Comment
Review Blue Sadie Headphones

The successor to Blue’s Mo-Fi over-ear headphones, the Sadie updates and refines the unique-looking — and unique-fitting — set of over-ear cans. This pair, which sits above the planar magnetic Lola and below the amp-devoid Ella in Blue’s lineup, is primarily targeted to mobile users (read: just about everybody who listens to music nowadays) relying on their laptops, smartphones, and tablets as the primary source of music, since all these devices lack dedicated amplifiers and thus require external outboard ones to optimally power HiFi headphones. But more than that they feature a Formula One-inspired articulating frame for improving fit in a way an extending band never could. We finally got a chance to test a pair ourselves over a few weeks so if you’re curious keep on reading.

Design

Sadie may look big in online images but the pair is even bigger in person. Two oversized circumaural earcups press into your head and surround your ears, simultaneously insulating sound while avoiding putting any pressure directly on your ears. The earcups feature a bit of elegant-looking plastic in the form of a shell covering most of the outside, but almost every other visible part on the set is made of metal. That includes the race car-influenced suspension frame. This general frame design is shared with the Mo-Fi, albeit modified here, though it’s still got three articulating joints on either side, expanding in width, height, and angle to fit a variety of head shapes and sizes. They do feel quite sturdy thanks to the use of metal but as a consequence this increases overall weight to just over one pound, nearly twice as much as some comparable pairs.

Below the left cup there’s a 3.5mm input for plugging in one of the two included cables, one plain vanilla at nearly 10 feet long and the other at four feet with three buttons and an inline mic in an enclosure that appears to be made of the same dark, anodized metal as most of the frame. The headphone jack input also sports a textured silver ring around it that switches the headphone amp between its three settings: off, on, and on+. More on the nuances of these settings in the sound section. Besides this there’s a MicroUSB input to charge the inbuilt rechargeable battery. The outgoing Mo-Fi had a tension switch; there’s none of this on the Sadie, though we didn’t really miss it. There’s no on switch anywhere either: instead, put the pair on your head and they’ll turn on automatically; take them off to have them shut off. The frame detects the earcups being pulled apart and knows to turn them on, and you’ll know it thanks to a subtle glow coming from behind the Blue logo on either earcup.

Appreciating their almost mechanical black-and-silver aesthetics is more or less up to individual taste. Minimal they’re not but we think we’d be hard pressed to find anyone thinking they didn’t look good, not to mention well-built.

Comfort

If they weren’t comfortable the suspension frame wouldn’t be doing itself any favors. Fortunately they are, and this despite their size and considerable weight. Thick memory foam padding on both the earcups and headband certainly help dissipate both the weight as well as the clamping pressure of the suspension, which isn’t insignificant considering it needs to be enough to solidly clamp these hefty bad boys to your noggin. We definitely wouldn’t say we could forget we’re wearing them, especially when turning your head or making quick movements and feeling the headphones follow suit a fraction of a second later, but the fit feels tailored, and it basically is considering you’ll naturally (and effortlessly) customize both the fit and angle of the earcups every time you put them on. Even during prolonged wear our head and ears remained surprisingly comfortable.

Sound

To the good stuff. Inside they’ve got the aforementioned 240mW audiophile amplifier as well as 50mm fiber-reinforced dynamic drivers and a rechargeable battery capacious enough for about 12 hours of playtime. If you don’t want to use the amp, or if the batteries are dead, switch the dial to off. If you do have it on though you’ll be rewarded by an enlarged soundstage that gets loud. In fact we recommend, as Blue does, to not only start at a low volume and crank it up as it’s playing to figure out optimal volume levels and avoid blasting your eardrums accidentally — and same goes when switching between modes, just in case.

While the drivers are the same as on the outgoing Mo-Fi they’re tuned slightly differently. And when compared to headphones with smaller drivers we found the sound really shone when volumes were set a little higher. Our experience suggests that the sound isn’t skewed towards the popular bass-heavy profiles of many other modern headphones like those from Bose and Beats, something we appreciated. Sound was warm, rather crisp and clean, and with perhaps just a very slight skew towards lower frequencies. Overall the sound is natural and powerful without tiring out your ears.

If you need more bass switch them to on+ mode. This boosted bass specifically while leaving treble and mids largely unaffected, but still not to Beats levels so if you’re really craving over-the-top booming beats you’ll need to use a software-level equalizer to address that.

All of this isn’t to say that they don’t sound good with the amp off. On the contrary, it results in sound that’s not dissimilar from when it’s on, if you crank the levels up appropriately considering the amp does give it a fair volume boost. Turning it on does extend the soundstage slightly but noticeably, and our preferred general listening mode for as variety of tracks was not on+ nor off but rather on. Tastes vary, though, and different tracks can easily sound subjectively better in one mode or another. It should also be noted that while they’re devoid of active sound cancellation the foam and closed-back (and likely higher-than-average listening volumes you’re likely to set) block out ambient noise fairly well.

Conclusion

To wrap up, the Sadie delivered when it came to sound with the amp both off and on, likely to be appreciated by most music buffs looking for a mid-to-high-end pair of over-ear headphones. Its solid sound is less likely to be a point of contention compared to their size, weight, price, and design. They’re certainly distinctive in appearance and fit us quite comfortably despite the above but listeners perfectly content with traditional extensible headphone bands and cheap-feeling but lightweight plastic might question the necessity of the overbuilt articulating frame. Others, who’ve rarely if ever found a perfect fit that stays comfortably in place over long stretches of listening, are bound to absolutely love it.

 

Learn more at Blue or grab a pair at Amazon – $400

Visit Gear Hungry for the full article: Review: Blue Sadie Headphones.

Read the whole story
MotherHydra
3 days ago
reply
I can't wait to demo a pair of these, long-term comfort with on or over-the-ear headphones remains one of my unicorns.
Space City, USA
Share this story
Delete
Next Page of Stories