Security company G Data has identified more than 20 mobile phones that have malware installed despite being marketed as new, according to a research report. And it doesn’t appear the infection is occurring during manufacturing.
“Somebody is unlocking the phone and putting the malware on there and relocking the phone,” said Andy Hayter, security evangelist for G Data.
Many of the suspect phones are sold in Asia and Europe through third parties or middlemen and aren’t coming directly from the manufacturers, Hayter said.
Brands of affected phones include Xiaomi, Huawei, Lenovo, Alps, ConCorde, DJC, Sesonn and Xido.
G Data has contacted some manufacturers, including Lenovo, whose S860 Android smartphone in one instance was found to have the malware.
Ray Gorman, Lenovo’s executive director of external communications, wrote in an email that the device G Data analyzed came from a third-party marketplace. The malware was installed by middlemen, he wrote.
“This is the only such occurrence we have been made aware of,” Gorman wrote. “We always recommend customers transact with authorized distribution channels and only accept merchandise that comes in an official box with original factory seals.”
The malware is embedded in a legitimate app, such as Facebook, which is sometimes preinstalled on phones, Hayter said. It can read and send text messages, install other apps, collect and change call data, grab location information, record phone calls or send premium SMSes, according to G Data’s report.
It’s impossible for consumers to remove since it resides inside the phone’s firmware.
“You can’t take it off there unless you unlock the phone,” Hayter said.
G Data was alerted to the problem after receiving support calls from users who said a file had been quarantined but that it couldn’t be removed.
The problem has been around for a while. In June 2014, G Data said it found malware in the firmware of a relatively inexpensive Android device made by the Chinese manufacturer Star.
The new service will include features such as GIFs and stickers to add a “little extra personality” to user’s chats, the company said in a blog post.
The messaging service now has improved push and email notifications and messages are organized in a chat-style format with conversation threads akin to most messaging apps today such as Facebook Inc’s Messenger and WhatsApp.
LinkedIn, which operates the biggest social networking site for professionals, has started to roll out the new messaging service to English-language users accessing its platform via a desktop or through an app.
Users can also attach photos and documents to messages.
The company also said it was looking at offering voice and video calling with the messaging platform in the future.
LinkedIn plans to make the revamped messaging feature available in other languages in the coming weeks.
Xiaomi is the latest big phone manufacturer trying to make its own SoCs to differentiate itself from the fearsome competition.
China’s biggest smartphone manufacturer is working on its own SoC that is scheduled to appear in 2016. Details are thin on the ground but it would appear that the company is working on its own ARM based chip. This will help company to compete with Apple, Samsung and Huawei. These three already have an inhouse SoC.
Apple started making its own SoC a while ago with the original iPhone and Samsung has joined in a few years later. This is going to become more common in the phone industry.
Samsung caught everyone by surprise when it announced that its flagship Galaxy S6 and the latest Galaxy 6 Note and edge ended up with a 14nm based 7240 . Before this, they used Qualcomm chips for their high end devices.
HTC ended up using Qualcomm Snapdragon 810 while LG G4 flagship phone chose the Snapdragon 808 which was a slightly slower version of the chip.
Huawei has acquired HiSIlicon SoC manufacturer a few years ago and the company makes its own SoC branded Kirin. The company is doing a decent job with its latest Kirin 930. This “four plus four” A53 chip with one cluster with 2.0 GHz and another with 1.5Ghz seems like a decent chip. It even has Cat 6 modem to compete better.
The future Kirin 950 will have A72 cores and even Cat 10 modems but this is something we will see in course of 2016.
If Xiaomi becomes successful in its SoC plans, it will put Qualcomm and MediaTek in a tough position. The company is using Snapdragon 810 in its MI Note Pro, and Snapdragon 615 in Mi 4i phone.
Redmi Note 2 is using the quite popular MediaTek SoC Helio X10 SoC that ended up in quite a few phones coming from the Far East.
Xiaomi has already developed LC1860 processor for its low end Redmi 2A, which was a sub $100 phone. This was developed by the Xiaomi-owned Pine Cone Electronics working with Chinese chip maker Leadcore Technology. The LC 1860 was significantly less expensive that similar spec Qualcomm chip.
LG has been working on its own SoC codenamed Odin and we still haven’t seen a single device with it. Making SoC chips with an integrated LTE is hard and it costs Qualcomm and MediaTek billions of dollars to refresh the latest offering at least once a year. This was why Nvidia and Texas Instruments have dropped out of this game as it was too hard to compete.
An open saucy general-purpose graphics processor (GPGPU) has been unveiled at the Hot Chips event.
The GPGPU is relatively crude and is part of another piece of an emerging open-source hardware platform called MIAOW.
Karu Sankaralingam, an associate professor of computer science at the University of Wisconsin-Madison said that an open source hardware platform is emerging that has inherent value
He said that big companies will someday be built using open source hardware, just as multi-billion-dollar Web giants owe their existence to open source software.
He said more people needed to contribute to open source hardware to improve the platform layer so there’s enough for entrepreneurs to build from it.
A 12-person team developed the MIAOW core in 36 months. Their goal was simply to create a functional GPGPU without setting any specific area, frequency, power or performance goals.
The resulting GPGPU uses just 95 instructions and 32 compute units in its current design. It only supports single-precision operations. Students are now adding a graphics pipeline to the design, a job expected to take about six months.
MIAOW compares favourably on several benchmarks to AMD’s latest high-end chip, Tahiti. However, it also falls far short on other benchmarks. Apparently AMD had a quick look at it and said that the designers were not doing anything “too crazy”.
However quite how MIAOW will navigate through the shark infested patent sea is anyone’s guess.
The company, which has grown throughoutn Europe and gained a 10 percent share of the Northern European e-commerce market, said it had partnered with around 10 U.S. merchants so far.
Sweden-based Klarna, founded in 2005 and backed by investors such as Sequoia Capital and Atomico, is now planning for rapid expansion in the United States, where it will take on rivals such as PayPal and Stripe.
“I would be disappointed if we didn’t have hundreds of merchants on the platform doing millions of transactions as early as in 2016,” Klarna North America CEO Brian Billingsley, told Reuters.
Klarna’s services allow online consumers to buy goods by entering easy-to-remember details such as an e-mail address and zip code. It also lets consumers pay after delivery with Klarna assuming the risk in the interim and paying the retailer immediately.
Klarna, which had net sales of $319 million last year, said it was currently seeing “significant growth” in its core markets in the Nordics and Germany.
Asked how much the group could grow in 2016, Klarna CEO Sebastian Siemiatkowski said it was to early to tell as the U.S business was still in its infancy.
“There is definitely a potential to quickly reach half a billion dollars in revenue in a very short period of time,” he said.
Klarna said the company would double in size if it was to capture half a percentage of the U.S market.
“And while of course our ambitions are much higher than half a percentage, it is definitely an interesting reflection of how extremely big the market is,” Siemiatkowski said.
Uber Technologies Inc has added two top vehicle security researchers, the company announced, high-profile additions that come as the ride-hailing service ramps up its work on technology for self-driving cars.
Charlie Miller, who had been working at Twitter Inc, and Chris Valasek, who worked at security firm IOActive, have resigned from their jobs and will join Uber this week.
Miller and Valasek won wide attention this month after demonstrating that they could hack into a moving Jeep.
Uber said that Miller and Valasek will join the company’s Advanced Technologies Center, a research laboratory Uber opened in Pittsburgh in February and staffed with dozens of autonomous vehicle experts hired away from Carnegie Mellon University.
An Uber spokeswoman said Miller and Valasek will work with the company’s top security officers “to continue building out a world-class safety and security program at Uber.”
Raffi Krikorian, who heads Uber’s Advanced Technologies Center, tweeted a welcome to the duo last week.
Miller tweeted that he was looking forward to starting his new job on Tuesday. Valasek tweeted that his last day at IOActive will be Monday.
As Uber plunges more deeply into developing or adapting self-driving cars, Miller and Valasek could help the company make that technology more secure.
Uber envisions autonomous cars that could someday replace its hundreds of thousands of contract drivers. The San Francisco company has gone to top-tier universities and research centers to build up this capability.
T-Mobile USA is on a mission to stop data thieves, which it says are taking advantage of the company’s unlimited high-speed data plan through excessive tethering — the use of smartphone data service on other devices.
The carrier offers unlimited 4G LTE on smartphones, but limits data usage through tethering to 7GB a month under a Smartphone Mobile HotSpot feature, which reduces speed beyond that limit. If a customer needs more LTE tethering, he or she can add on more.
But CEO John Legere has accused some users of “hacking” the system to swipe high-speed tethered data, by strategies like downloading apps that hide their tether usage, rooting their phones or writing code to mask their activity.
“It’s a small group — 1/100 of a percent of our 59 million customers — but some of them are using as much as 2 terabytes (2,000GB!) of data in a month,” Legere wrote.
“I’m not sure what they are doing with it — stealing wireless access for their entire business, powering a small cloud service, providing broadband to a small city, mining for bitcoin — but I really don’t care!,” he added.
Legere said the company was going first after the 3,000 users who know exactly what they are doing, as they can compromise the network experience for other T-Mobile customers. The company claims to have developed technology that can detect the people who choose to break its terms and conditions.
Erring customers will be warned, and then lose access to the company’s unlimited 4G LTE smartphone data plan, and be moved to an entry-level limited 4G LTE data plan, according to a support page.
The move comes amid an explosion in the amount of video viewed on Facebook, posted by regular users, publishers and advertisers alike.
Alongside the uptick in video content, copyright holders have complained about videos posted without their permission. A recent report by video marketing and social media consulting companies Tubular and Social@Ogilvy estimated that a majority of the most popular videos on Facebook were pirated.
On Thursday, Facebook said it would be deploying new video matching technology that will be available to a small group of partners. The tool, Facebook said, will let select media companies, multichannel networks and individual video creators identify matches of their videos posted across Pages, profiles, groups and geographies on the site.
The tool will evaluate millions of video uploads quickly. When matches surface, publishers will be able to report them to Facebook for removal, the company said in a blog post.
Facebook has already been using a system called Audible Magic that uses audio fingerprinting technology to identify and prevent unauthorized videos from making their way to the site.
But the video matching tool, currently in beta, is a new step in Facebook’s broader efforts to establish a content ID system akin to what YouTube uses to quickly identify copyright violations.
On YouTube, copyright owners have the option of running ads against videos that the video sharing site has identified as matches.
Chipmaker Intel is taking its competitive game up a notch by investing in its own drones.
Intel has written a check for more than US$60 million to Yuneec International, a Chinese aviation company and drone maker.
This is not the first time that the Chipmaker has invested in drones. It has written smaller amounts for the drone makers Airware and PrecisionHawk. The Yuneec deal is its largest investment in a drone company yet.
Apparently Intel thinks that drones are potential computing platforms for its processors.
Intel CEO Brian Krzanich said he believed in a smart and connected world. And one of the best ways to bring that smart and connected world to everyone and everywhere has been drones.
Amazon and Google are developing drones as they seek new ways to deliver items to consumers, Intel just wants to make sure that its chips are delivering the payload. There is no indication that it is building a secret airforce which it will use to take down competition – that would be silly.
Yuneec makes a range of drones built for aerial photography and imaging. Its technology also powers manned electric aircraft.
Qualcomm has launched its new Official Safety Car for season two of the FIA’s Formula E Championship.
For those not in the know, the Formula E Championship is for electric cars, and they are no longer the milk floats that English people get stuck behind in narrow streets.
The new Official Qualcomm Safety Car is the BMW i8 but it will be charged wirelessly with an advanced Qualcomm Halo 7.2kW wireless charging system.
The Qualcomm Halo 7.2kW wireless charging system delivers twice the amount of energy to the BMW i8′s batteries per hour as compared to last year’s 3.6kW system.
This halves the full charge time, enabling the vehicle to fully charge in one hour. Employing Qualcomm Halo DD technology, with magnetic architecture optimization, ensures higher coupling coefficients and drives lower system currents, higher inefficiencies and the ability to support higher power levels.
A Qualcomm spokesman said that an open championship has encouraged teams to develop their own powertrain tech.
This ensures that the racing remains highly competitive, and it supports the goal of Formula E to advance the development of new technologies for electric vehicles and to bring those technologies, vital to sustainable mobility, to the attention of millions of people around the globe, a spokesman said.
Qualcomm’s general manager of wireless charging, Steve Pazol said Qualcomm was excited to continue its support of Formula E in this second season.
According to J.D. Power’s 2015 Driver Interactive Vehicle Experience (DrIVE) Report, 20% of new-vehicle owners have never used 16 of 33 of the latest technology features.
The 2015 DrIVE Report measures driver experiences with in-vehicle technology features during the first 90 days of ownership.
The five features owners most commonly report that they “never use” are in-vehicle concierge (43%); mobile routers (38%); automatic parking systems (35%); heads-up display (33%); and built-in apps (32%).
Additionally, there are 14 technology features that 20% or more of owners don’t even want in their next vehicle. Those features include Apple CarPlay and Google Android Auto, in-vehicle concierge services and in-vehicle voice texting. When narrowed to just Gen Yers, the number of vehicle owners who don’t want entertainment and connectivity systems increases to 23%.
“In many cases, owners simply prefer to use their smartphone or tablet because it meets their needs; they’re familiar with the device and it’s accurate,” said Kristin Kolodge, executive director of driver interaction and human-machine interface (HMI) research at J.D. Power. “In-vehicle connectivity technology that’s not used results in millions of dollars of lost value for both consumers and the manufacturers.”
About the technology now offered in new cars, vehicle owners said they simply “did not find it useful,” adding that it “came as part of a package on my current vehicle and I did not want it.”
Vehicle owners who said their dealer did not explain a tech feature also had a higher likelihood of never using it, the survey found.
J.D. Power built its report on responses from more than 4,200 vehicle owners and lessees after 90 days of ownership. The report was conducted between April and June 2015.
IBM security research has found that people are using the so-called dark net to launch cyber attacks, force ransomware demands on punters and make distributed denial-of-service (DoS) attacks.
The dark net, accessed via Tor, is often tagged as a threat. The IBM X-Force Threat Intelligence Quarterly 3Q 2015 report identifies a spike in bad traffic and leads with a warning.
The report introduces Tor as the network that takes people to the dark net. We might start calling it the ferryman and the passage across the river Styx, but things are complicated enough.
IBM said that Tor is used by “non-malicious government officials, journalists, law enforcement officials” and bad people alike. It is the latter that should concern us.
“This latest report reveals that more than 150,000 malicious events have originated from Tor in the US alone thus far in 2015,” the report said.
“Tor has also played a role in the growing ransomware attack trend. Attackers have evolved the use of encryption to hold data hostage and demand payment/ransom for the decryption code.”
We have been here before, and ransomware has been a feature of many a security alert this year already. We heard, courtesy of Bitdefender, that ransomware charges start at £320, and are a real pain to deal with. We also heard that it is Android mobile users in the UK who get the worst of the hackers’ grabbing-for-money treatment.
Back at the IBM report, and we find IBM X-Force on the issue. X-Force, which is nothing like X-Men, said that hackers push internet users who are easily fooled by flashy online advertisements into installing the new cyber nightmare. Ransomware, it warns, will separate you from your cash.
“A surprising number of users are fooled by fake/rogue antivirus [AV] messages that are nothing more than animated web ads that look like actual products. The fake AV scam tricks users into installing or updating an AV product they may never have had,” it explains, adding that in some cases people pay the money without thinking.
“Afterward, the fake AV keeps popping up fake malware detection notices until the user pays some amount of money, typically something in the range of what an AV product would cost.”
This establishes the subject as a mark, and the hackers will exploit the opportunity. “Do not assume that if you are infected with encryption-based ransomware you can simply pay the ransom and reliably get your data back,” said IBM.
“The best way to avoid loss is to back up your data. Regardless of whether your backup is local or cloud-based, you must ensure that you have at least one copy that is not directly mapped visibly as a drive on your computer.”
Tor nodes in the US spewed out the most bad traffic in the first half of this year, according to the report, adding up to about 180,000 attacks. The Netherlands is second with around 150,000, and Romania is third with about 80,000.
The bulk of this negative attention lands at technology and communications companies. You might have assumed the financial markets, but you were wrong. IBM said that ICT gets over 300,000 Tor thwacks every six months, manufacturing gets about 245,000, and finance gets about 170,000.
IBM said that the old enemy, SQL injection attacks, is the most common Tor-led threat to come at its customers. Vulnerability scanning attacks are also a problem, and IBM said that the use of the network as a means for distributed DoS attacks should “Come as no surprise”. It doesn’t.
“These attacks combine Tor-commanded botnets with a sheaf of Tor exit nodes. In particular, some of the US-based exit nodes provide huge bandwidth,” explained the report.
“Employing a handful of the exit nodes in a distributed DoS orchestrated by the botnet controller and originating at dozens or hundreds of bot hosts can impose a large burden on the targeted system with a small outlay of attacker resources, and generally effective anonymity.”
There is a lot more. The bottom line is that bad things happen on the dark net and that they come to people and businesses through Tor. IBM said that concerned outfits should just block it and move on, which is along the lines of something that Akamai said recently.
“Corporate networks really have little choice but to block communications to these stealthy networks. The networks contain significant amounts of illegal and malicious activity,” said Akamai.
“Allowing access between corporate networks and stealth networks can open the corporation to the risk of theft or compromise, and to legal liability in some cases and jurisdictions.”
That sounds fine to us, but won’t someone give a thought to those non-malicious government officials out there?
Facebook Inc is testing a personal digital assistant called “M” within its Messenger service that is capable of answering questions with live human help and performing tasks such as buying gifts online and making restaurant reservations.
M is “powered by artificial intelligence that’s trained and supervised by people,” David Marcus, vice president of Messaging products, wrote on his Facebook page on Wednesday.
Rival services like Apple Inc’s Siri, Google Inc’s Google Now and Microsoft Corp’s Cortana rely entirely on technology to answer questions.
M is a hybrid backed by a team of Facebook employees with customer service backgrounds, called M trainers, who can also make travel arrangements and appointments, Marcus wrote.
Facebook has introduced several functions inside Messenger, which boasts more than 700 million users, to transform it into a standalone platform. Earlier this year, it rolled out games exclusively on Messenger and launched products for businesses to directly connect with consumers.
In-flight broadband provider Gogo’s 2Ku technology has received approval from the Federal Aviation Administration, paving the way for data speeds up to 70Mbps. The company plans to launch commercial services this year.
Clearing this regulatory hurdle was an important step for Gogo. The company has received the final so-called Supplemental Type Certificate from the FAA, which it required in order to launch the next-generation technology.
Seven commercial airlines have signed up for either a trial or fleet deployment of 2Ku, covering more than 500 commercial aircraft, Gogo said without giving names. The aircraft will be upgraded next year.
The 70Mbps that 2Ku can deliver is a big improvement over the 3.1Mbps Gogo was able to offer when it got started about five years ago.
The higher speeds are achieved through the use of two antennas: one for the link to the aircraft and the other for the return link to the ground, according to Gogo. The new system is cheaper to install and run, said GoGo, meaning airlines could afford to put it on more planes.
Capacity is shared between all users on the same aircraft, so the actual data speeds users experience will depend on what other passengers are streaming or downloading.
Today GoGo offers connectivity on Air Canada, Alaska Airlines, American Airlines, Delta, United and Virgin America flights. Data plans include a 24-hour pass at $16 and an unlimited monthly pass at $59.95.
By Sept. 4, the Apple Watch will be available in 900 Best Buy stores, and it will appear in the retailer’s remaining locations by the end of the month, CEO Hubert Joly said.
Best Buy began selling the wearable in 100 stores as well as online on Aug. 7. The company had planned to expand availability to 200 additional stores by the Christmas shopping season.
However, “early momentum” from the Apple Watch “triggered” Best Buy to expand and accelerate the rollout, Joly said during a conference call to discuss the company’s second-quarter earnings.
Joly didn’t say how many Apple Watches the chain has sold so far. Apple hasn’t shared watch sales data either.
During Apple’s third-quarter earnings conference call, CEO Tim Cook said customers would have more ways to purchase the smartwatch because the company expects it to be a popular Christmas gift. A few days later, Best Buy said it would carry the wearable.
Best Buy is the only major retailer to stock the Apple Watch. The device can also be purchased from Apple’s retail and online stores and from a few high-end clothing and department stores.
Joly also discussed plans to expand Best Buy’s relationship with Apple.
The Apple shop-in-a-shop sections of 740 Best Buy stores are getting a makeover, with new fixtures and larger display tables to show Apple hardware, he said. So far, Best Buy has remodeled 350 of those departments and will revamp another 170 by the holiday shopping season.