Connect with us

Biz & IT

New Nvidia Shield Android TV streaming device leaks via Amazon listing

Published

on

The fact that Nvidia is updating its Shield TV hardware has already been telegraphed via an FCC filing, but a leak earlier today paints much more of a detailed picture. An Amazon listing for a new Nvidia Shield Pro set-top streaming device went live briefly before being taken down, showing a familiar hardware design and a new remote control and listing some of the forthcoming feature updates new to this generation of hardware.

The listing, captured by the eagle-eyed Android TV Rumors and shared via Twitter, includes a $199.99 price point, specs that include 3GB of RAM, 2x USB ports, a new Nvidia Tegra X1+ chip and 16GB of on-board storage. In addition to the price, the Amazon listing had a release date for the new hardware of October 28.

If this Amazon page is accurate (and it looks indeed like an official product page that one would expect from Nvidia), the new Shield TV’s processor will be “up to 25% faster than the previous generation,” and will offer “next-generation AI upscaling” for improving the quality of HD video on 4K-capable displays.

It’ll offer support for Dolby Vision HDR, plus surround sound with Dolby Atmos support, and provide “the most 4K HDR content of any streaming media player.” There’s also built-in Google Assistant support, which was offered on the existing hardware, and it’ll work with Alexa for hands-free control.

The feature photos for the listing show a new remote control, which has a pyramid-like design, as well as a lot more dedicated buttons on the face. There’s backlighting, and an IR blaster for TV control, as well as a “built-in lost remote locator” according to the now-removed Amazon page.

This Amazon page certainly paints a comprehensive picture of what to expect, and it looks like a compelling update to be sure. The listing is gone now, however, so stay tuned to find out if this is indeed the real thing, and if this updated streamer will indeed be available soon.

UPDATE: Yet another Nvidia leak followed the first, this time through retailer Newegg (via The Verge). This is different, however, and features a Shield TV device (no “Pro” in the name) that has almost all the same specs, but a much smaller design that includes a microSD card, and seems to have half the amount of on-board storage (8GB versus 16GB) and a retail price of around $150.

Source link



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Donald Trump is one of 15,000 Gab users whose account just got hacked

Published

on

The founder of the far-right social media platform Gab said that the private account of former President Donald Trump was among the data stolen and publicly released by hackers who recently breached the site.

In a statement on Sunday, founder Andrew Torba used a transphobic slur to refer to Emma Best, the co-founder of Distributed Denial of Secrets. The statement confirmed claims the WikiLeaks-style group made on Monday that it obtained 70GB of passwords, private posts, and more from Gab and was making them available to select researchers and journalists. The data, Best said, was provided by an unidentified hacker who breached Gab by exploiting a SQL-injection vulnerability in its code.

“My account and Trump’s account were compromised, of course as Trump is about to go on stage and speak,” Torba wrote on Sunday as Trump was about to speak at the CPAC conference in Florida. “The entire company is all hands investigating what happened and working to trace and patch the problem.”

An important data set

GabLeaks, as DDoSecrets is calling the leak, comes almost eight weeks after pro-Trump insurrectionists stormed the US Capitol. The rioters took hundreds of thousands of videos and photos of the siege and posted them online. Mainstream social media sites removed much of the content because it violated their terms of service.

“The Gab data is an important, but complicated dataset,” DDoSecrets personnel wrote in a post on Monday morning. “In addition to being a corpus of the public discourse on Gab, it includes every private post and many private messages, as well. In a simpler or more ordinary time, it’d be an important sociological resource. In 2021, it’s also a record of the culture and the exact statements surrounding not only an increase in extremist views and actions, but an attempted coup.”

Gab and a competing site called Parler were some of the last refuges that allowed much of the content to remain publicly available. Amazon and web hosting providers later cited a lack of adequate content moderation in suspending service to Parler.

Shortly before the shuttering, however, somebody found a way to use Parler’s publicly available programming interfaces to scrape about 99 percent of the user content from the site and subsequently make it publicly available.

While law enforcement groups likely had other ways to obtain the Parler data, its public availability enabled a much wider body of people to do their own research and investigations. The leak was especially valuable because materials contained metadata that’s usually stripped out before users can download videos and images. The metadata gave people the ability to track the precise timelines and locations of filmed participants.

DDoSecrets said that the 70GB GabLeaks contains over 70,000 plaintext messages in more than 19,000 chats by over 15,000 users. The dump also shows passwords that are “hashed,” a cryptographic process that converts plaintext into unintelligible characters. While hashes can’t be converted back into plaintext, cracking them can be trivial when websites choose weak hashing schemes. (Best told Ars they didn’t know what hashing scheme was used.) The leak also includes plaintext passwords for user groups.

Hate-speech haven

Gab has long been criticized as a haven for hate speech. In 2018, Google banned the Gab app from its Play Store for terms of service violations. A year later, web host GoDaddy terminated service to Gab after one of its users took to the site to criticize the Hebrew Immigrant Aid Society shortly before killing 11 people in a Pittsburgh synagogue.

Gab has also been investigated by Pennsylvania’s attorney general. In January, the Anti-Defamation League called on the US Justice Department to investigate Gab for its role in the insurrectionist attack on the capitol.

Attempts to reach Torba for comment didn’t succeed.

Best said that DDoSecrets is making GabLeaks available only to journalists and researchers with a documented history of covering leaks. People can use this link to request access.

Continue Reading

Biz & IT

Verizon tells users to disable 5G to preserve battery, then deletes tweet

Published

on

Enlarge / A Verizon booth at Mobile World Congress Americas in Los Angeles in September 2018.

Verizon has spent years hyping 5G despite it bringing just a minor speed upgrade outside the limited areas where millimeter-wave spectrum has been deployed, but the carrier’s support team advised users yesterday to shut 5G off if their phones are suffering from poor battery life.

The tweet from VZWSupport, now deleted, said, “Are you noticing that your battery life is draining faster than normal? One way to help conserve battery life is to turn on LTE. Just go to Cellular > Cellular Data Options > Voice & Data and tap LTE.”

While Verizon didn’t mention 5G in the tweet, people who responded to Verizon on Twitter and journalists writing stories noted that the effect of these instructions is to shut 5G off. “LTE is active by default as a backup for those times when 5G isn’t available. Following these instructions actually has the effect of turning off 5G,” Mashable noted. (Verizon’s instructions are for iOS, but it’s also possible to disable 5G on Android phones.)

Apple fights 5G battery drain with “Smart Data” mode

An Ars story in December 2018 warned that 5G components would take up precious space inside smartphones, reducing the size of batteries. In October 2020, the Ars review of the iPhone 12 and 12 Pro noted that “5G seems to have a big impact on battery life, especially when you’re riding that ultra-fast mmWave.”

Apple said it implemented a “Smart Data mode” that shifts each phone from 5G to LTE when 5G speeds aren’t necessary, saving on battery life while letting phones use 5G when the speed boost would provide a noticeable difference. Enabling “5G Auto” in the iPhone settings turns Smart Data mode on; the other choices are “5G On” and “LTE.” Apple notes that the 5G On mode “Always uses 5G network when it’s available. This might reduce battery life.”

We asked Verizon for more details on the impact 5G is having on its users’ battery life today and will update this article if we get a response.

Verizon’s tweet came just a few days after its latest 5G announcement that “parts of Sacramento, Seattle, and Pensacola” are the newest areas targeted by Verizon’s “aggressive rollout of its transformational 5G Ultra Wideband service.” Verizon also just committed to spend $45.45 billion in an auction for mid-band spectrum that it plans to use with 5G.

Samsung, Huawei also warn users of 5G battery drain

Other phone makers have acknowledged 5G-related battery drains in support pages. Samsung tells users, “You may notice that your phone’s battery drains faster than usual while you are connected to a 5G network. This is a limitation of the current 5G networks, and will be improved as the networks expand.” Samsung’s support page continues:

At this time, the 5G networks are only used for data connections, and are not yet capable of carrying phone calls and messages. Your phone will need to maintain a connection to the 3G or LTE network in addition to the 5G network so that phone calls, text messages, and data will be delivered consistently.

Because your phone is connected to multiple networks simultaneously, the battery will drain faster than one would typically expect, and the phone may get warmer than when solely on 3G or LTE.

As the 5G networks grow in capacity and capability, they will be able to handle more of your phone’s functions with less battery drain.

The Institute of Electrical and Electronics Engineers (IEEE) backs the multiple-networks explanation. Hopping between 3G, 4G, and LTE uses a lot of battery life, and the “present limited infrastructure of 5G exacerbates this [battery-drain] problem,” the IEEE says. “Current 5G smartphones need to maintain a connection to multiple networks in order to ensure consistent phone call, text message, and data delivery. And this multiplicity of connections contributes to battery drain.”

A Huawei support page tells users they may suffer faster battery drain on 5G compared to 4G, especially when streaming video. “On a 5G network, more bandwidth is required to create a smooth user experience when using the Internet,” Huawei says. “Therefore, more power may be consumed, especially when using the Internet to watch online videos.”

The wireless industry deployed 5G before carriers were ready to use the “standalone 5G” version that doesn’t require a connection to 4G networks. But that’s changing, as T-Mobile launched standalone 5G throughout much of the US in August 2020, while Verizon and AT&T have plans to follow suit.

Continue Reading

Biz & IT

Hackers tied to Russia’s GRU targeted the US grid for years

Published

on

Yuri Smityuk | Getty Images

For all the nation-state hacker groups that have targeted the United States power grid—and even successfully breached American electric utilities—only the Russian military intelligence group known as Sandworm has been brazen enough to trigger actual blackouts, shutting the lights off in Ukraine in 2015 and 2016. Now one grid-focused security firm is warning that a group with ties to Sandworm’s uniquely dangerous hackers has also been actively targeting the US energy system for years.

On Wednesday, industrial cybersecurity firm Dragos published its annual report on the state of industrial control systems security, which names four new foreign hacker groups focused on those critical infrastructure systems. Three of those newly named groups have targeted industrial control systems in the US, according to Dragos. But most noteworthy, perhaps, is a group that Dragos calls Kamacite, which the security firm describes as having worked in cooperation with the GRU’s Sandworm. Kamacite has in the past served as Sandworm’s “access” team, the Dragos researchers write, focused on gaining a foothold in a target network before handing off that access to a different group of Sandworm hackers, who have then sometimes carried out disruptive effects. Dragos says Kamacite has repeatedly targeted US electric utilities, oil and gas, and other industrial firms since as early as 2017.

“They are continuously operating against US electric entities to try to maintain some semblance of persistence” inside their IT networks, says Dragos vice president of threat intelligence and former NSA analyst Sergio Caltagirone. In a handful of cases over those four years, Caltagirone says, the group’s attempts to breach those US targets’ networks have been successful, leading to access to those utilities that’s been intermittent, if not quite persistent.

Caltagirone says Dragos has only confirmed successful Kamacite breaches of US networks prior, however, and has never seen those intrusions in the US lead to disruptive payloads. But because Kamacite’s history includes working as part of Sandworm’s operations that triggered blackouts in Ukraine not once, but twice—turning off the power to a quarter million Ukrainians in late 2015 and then to a fraction of the capital of Kyiv in late 2016—its targeting of the US grid should raise alarms. “If you see Kamacite in an industrial network or targeting industrial entities, you clearly can’t be confident they’re just gathering information. You have to assume something else follows,” Caltagirone says. “Kamacite is dangerous to industrial control facilities because when they attack them, they have a connection to entities who know how to do destructive operations.”

Dragos ties Kamacite to electric grid intrusions not just in the US, but also to European targets well beyond the well-publicized attacks in Ukraine. That includes a hacking campaign against Germany’s electric sector in 2017. Caltagirone adds that there have been “a couple of successful intrusions between 2017 and 2018 by Kamacite of industrial environments in Western Europe.”

Dragos warns that Kamacite’s main intrusion tools have been spear-phishing emails with malware payloads and brute-forcing the cloud-based logins of Microsoft services like Office 365 and Active Directory as well as virtual private networks. Once the group gains an initial foothold, it exploits valid user accounts to maintain access, and has used the credential-stealing tool Mimikatz to spread further into victims’ networks.

Kamacite’s relationship to the hackers known as Sandworm—which has been identified by the NSA and US Justice Department as Unit 74455 of the GRU—isn’t exactly clear. Threat intelligence companies’ attempts to define distinct hacker groups within shadowy intelligence agencies like the GRU have always been murky. By naming Kamacite as a distinct group, Dragos is seeking to break down Sandworm’s activities differently from others who have publicly reported on it, separating Kamacite as an access-focused team from another Sandworm-related group it calls Electrum. Dragos describes Electrum as an “effects” team, responsible for destructive payloads like the malware known as Crash Override or Industroyer, which triggered the 2016 Kyiv blackout and may have been intended to disable safety systems and destroy grid equipment.

Together, in other words, the groups Dragos call Kamacite and Electrum make up what other researchers and government agencies collectively call Sandworm. “One group gets in, the other group knows what to do when they get in,” says Caltagirone. “And when they operate separately, which we also watch them do, we clearly see that neither is very good at the other’s job.”

When WIRED reached out to other threat-intelligence firms including FireEye and CrowdStrike, none could confirm seeing a Sandworm-related intrusion campaign targeting US utilities as reported by Dragos. But FireEye has previously confirmed seeing a widespread US-targeted intrusion campaign tied to another GRU group known as APT28 or Fancy Bear, which WIRED revealed last year after obtaining an FBI notification email sent to targets of that campaign. Dragos pointed out at the time that the APT28 campaign shared command-and-control infrastructure with another intrusion attempt that had targeted a US “energy entity” in 2019, according to an advisory from the US Department of Energy. Given that APT28 and Sandworm have worked hand-in-hand in the past, Dragos now pins that 2019 energy-sector targeting on Kamacite as part of its larger multiyear US-targeted hacking spree.

Dragos’ report goes on to name two other new groups targeting US industrial control systems. The first, which it calls Vanadinite, appears to be have connections to the broad group of Chinese hackers known as Winnti. Dragos blames Vanadinite for attacks that used the ransomware known as ColdLock to disrupt Taiwanese victim organizations, including state-owned energy firms. But it also points to Vanadinite targeting energy, manufacturing, and transportation targets around the world, including in Europe, North America, and Australia, in some cases by exploiting vulnerabilities in VPNs.

The second newly named group, which Dragos calls Talonite, appears to have targeted North American electric utilities, too, using malware-laced spear phishing emails. It ties that targeting to previous phishing attempts using malware known as Lookback identified by Proofpoint in 2019. Yet another group Dragos has dubbed Stibnite has targeted Azerbaijani electric utilities and wind farms using phishing websites and malicious email attachments, but has not hit the US to the security firm’s knowledge.

While none among the ever-growing list of hacker groups targeting industrial control systems around the world appears to have used those control systems to trigger actual disruptive effects in 2020, Dragos warns that the sheer number of those groups represents a disturbing trend. Caltagirone points to a rare but relatively crude intrusion targeting a small water treatment plant in Oldsmar, Florida earlier this month, in which a still-unidentified hacker attempted to vastly increase the levels of caustic lye in the 15,000-person city’s water. Given the lack of protections on those sorts of small infrastructure targets, a group like Kamacite, Caltagirone argues, could easily trigger widespread, harmful effects even without the industrial-control system expertise of a partner group like Electrum.

That means the rise in even relatively unskilled groups poses a real threat, Caltagirone says. The number of groups targeting industrial control systems has been continually growing, he adds, ever since Stuxnet showed at the beginning of the last decade that industrial hacking with physical effects is possible. “A lot of groups are appearing, and there are not a lot going away,” says Caltagirone. “In three to four years, I feel like we’re going to reach a peak, and it will be an absolute catastrophe.”

This story originally appeared on wired.com.

Continue Reading

Trending