Security is a topic we have had to cover a lot over the last few years; certainly a lot more than we would have wanted to have to. Malware has become a big part of the security issues, whether it be Chrome or Android being easy targets, or child porn ransomware, malware is almost everywhere. One thing we have been able to count on is being secure on top-tier websites.
Ad platforms can be a source of revenue for these sites, but it turns out, if you're not careful, they can be a source of disaster, as well. Major sites recently had malicious ads served by their ad services, damaging customers' computers and their brand's reputation. Included in the sites that got hit were AOL, Match.com and Yahoo.
The ads were incredibly deceiving, because they stole creative from actual advertisers, including Bing and Case Logic, two well known and respected brands on the web. To see an ad from either of these companies would not be a surprise. Unfortunately, when the person who clicked ended up on the other end, what they received was not a normal website, but instead ransomware.
Ransomware locks your computer, or just a collection of files, and asks for money to unlock said files. The money is transferred in Bitcoin, making it difficult or impossible to trace. Because of this, it is a very effective way of extorting money out of unsuspecting people. Adding in the ability to trick people into downloading the ransomware from top tier websites adds a lot to the scam.
A couple of things need to come from this. First, as a web user, be very careful what you click on. Just because it is an ad for Bing on Match.com does not mean that Bing is on the other side of the ad. Also, when you get there, don't download anything that it encourages you to download. Bing is never going to download something for you, period.
Second, publishers need to be careful what ads they allow on their sites, and even more careful what ad platforms they allow ads to come from. Google AdSense, LinkShare and Commission Junction are safe ad platforms, but not so much anyone else. Even then, these platforms can be tricked into serving ads from scam groups.
This leads into the third point, aimed at the ad platforms themselves: they must be more vigilant in protecting the end customers. Ads like these never should have been allowed in the first place. If the check doesn't come from Microsoft, the ad should not say Bing. If these platforms know the ad is fake, they should not accept the payment and should not serve the ad.
Hopefully this issue will make a positive change: add a lot of thought to the Internet's advertising world, for the users, publishers and ad platforms.
Super Smash Bros. for 3DS has been out for a few weeks, and it is proving to be quite a seller. It has even helped Nintendo sell hardware, which is something they desperately needed. Now, with Super Smash Bros. for Wii U, Nintendo hopes to duplicate, or even expand on, these results.
In their most recent Nintendo Direct, they showed off 50 cool things about the new title. There were two interesting features shown off that need to be mentioned. First, one of the interesting game elements from Super Smash Bros. Brawl was the create-a-stage. The problem, of course, was the sometimes unpredictable interface because of the motion-controlled console. Well, with the Wii U we now have a touchscreen tablet included, which means that you can actually design a detailed, complete level.
A more important feature of the new title, however, is the expanded gameplay. In Super Smash Bros. for Wii U, you will be able to play an 8 person game instead of the traditional 4. Finally having an HD-capable Nintendo console allows for a more detailed stage, and of course more combat on the screen.
Adding more players to a screen means everything will be a bit smaller, as the game can zoom out pretty far as the action separates. Hopefully you have a large screen to play this crazy new mode on so you can see everything.
Are you excited to see how these new and revamped features play in the real world? Well, for now you can check out the Nintendo Direct video in the source link and tell us your thoughts in the comments section.
Exactly one month ago, Apple had a very bad week. Between build quality issues on the iPhone 6, iOS 8 update issues, iCloud and Apple Pay security plus a UNIX bug, life was not good for their customers or the company in the press. One thing we have learned about Apple is that they have a plan for recovering from major public relations disasters; perhaps that is a thing of the past. This week, Apple had another series of PR disasters, many related to the last batch.
Apple Pay Partners Jumping Ship
Apple Pay is the new kid on the block in the mobile payment world. Numerous companies have had this type of system in place for a while; some for years. Lots of other companies, though, are working on their own standards at the same time as this launch; many of these groups are made up of interested parties.
Softcard is the best known of these groups, partially because of their brand change from ISIS for obvious reasons, but mostly because of the founding partners: AT&T, T-Mobile and Verizon. When 3 of the big 4 get together on something, people tend to pay attention. Softcard is not the only group, however.
Mobile Customer Exchange (MCX) has a competing standard: CurrentC. Unlike Softcard, though, MCX is made up of many large retailers, including CVS Healthcare and Rite Aid. Not coincidentally, both of these pharmacies have turned off their support of Apple Pay this week. This comes almost immediately on the heals of the launch of Apple Pay.
Most of the industry, myself included, had hoped that the launch of Apple Pay would help increase the awareness of NFC-based payments in retailers. Unfortunately, it is doing just that, but not in a way that is going to make these payments easier for consumers. While retailers have the hardware in place to accept Google Wallet, Apple Pay, PayPal, etc., turning off access to one or more of these platforms will not make the idea of NFC payments appear more convenient. What is does is makes Apple Pay look more niche and less useful.
Apple Pay Partner Double Charges
Even if you are using Apple Pay at a compatible retailer, it might not go exactly as planned. If you have used Apple Pay with Bank of America, you have might have noticed an issue where you were charged twice for your purchases.
While Bank of America has not commented on the cause of the issue, they have issued refunds for those charges. The fact that they can issue these refunds indicates that they know the source of the issue and can run a report showing all of the instances of said glitch. Hopefully they have also solved the issue to prevent future instances.
The problem does not appear to be on Apple's side, as they neither process the payments, nor have there been reports of any other processors having similar problems. This should not be enough to prevent people from using the platform, but it is something to think about. With the launch of a new payment product, there are bound to be glitches, and those glitches often end up affecting those willing to test the platform in the wild.
iCloud Attack Acknowledged
After weeks of open speculation, and plenty of proof, Apple has acknowledged that its iCloud data has been breached. Now, there are a number of caveats about the breach, and they are clarified in the company's quote.
We're aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don't compromise iCloud servers, and they don't impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.
The idea here is that, using a fairly common certificate injection, people have managed to get ahold of data stored in iCloud without actually accessing iCloud itself. This happens usually through browser access, though Apple claims that Safari is immune (likely this is not the case, so don't actually let your guard down).
iCloud Spying in China
China has been spying on its people, and others, for a long time. Our government has even barred the importing of certain handsets over the years in fear of just that. This week, some speculation over iCloud spying has come to the surface.
Using a man-in-the-middle attack, the government could get ahold of everything synced to and from Apple's servers. This could be standard iCloud files, like photos and video, iMessages, etc. If the government can get ahold of this data, it can be used to prevent protests. These anti-government protests have happened in other countries, much of which has been coordinated using smartphones.
Luckily for China, it is easy to pull off. Being a communist country, they can force the carriers to do their bidding. In this case, their bidding could be injecting false security certificates to redirect data to government collection servers.
iPad Sales Disappointing
Apple's earnings were released and some interesting stats came out. Obviously, iPhone sales are still their bread and butter. This is the product that changed their business model so much that they changed their company's name from Apple Computers to Apple Inc.
Unfortunately for them, as sales and demand for tablets continues to grow, their iPad sales have stagnated. This likely has a lot to do with the increase in low-cost Android and Windows tablets on the market. When you compare what can be accomplished with an iPad, which is essentially a large-screened iPhone, for $249 with what can be done on a $100 Windows tablet, Apple's value is non-existent.
The good news for the company is they planned for this; sales were right within the margins that were expected. Tim Cook describes the sales dip as a "speedbump and not a huge thing."
Here we go again with yet another data breach. A hacker group says that have a hold of almost 7 million Dropbox usernames and passwords and that if they receive enough Bitcoin, they will release over 1,200 accounts to the public. The group has already released 400 as a sample of what they've acquired. The twist on this story is that Dropbox says this is a non-issue and in fact, they have not been hacked.
According to Dropbox, the passwords released so far have already expired and the rest of the accounts as well. The company has even gone as far as to blame other services for the breach.
These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We'd previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have been expired as well.
So Dropbox says they've basically solved the problem. But Reddit users have tried out some of the accounts and have said they work. Only on a small percentage are the passwords expired. Considering that there are over 220 million accounts on Dropbox, a hacker group having only three percent really isn't that significant of a number, but for Dropbox to deny even this small percentage is pretty alarming.
Even if Dropbox is denying the attack, the username and password combinations still work and users should enable two-step authentication and change their passwords immediately. Is this what companies are going to do from now on, though? Blame other people for their lack of security and care for customers' data?
Something I've always respected about the Rainbow Six series is the willingness the team has to stay as true-to-life as possible in the games, so long as the game allowed them to be. First-person shooters have become a little bit of an arcade, attention-deprived, run-and-gun shootfest that even games like Battlefield, that pride itself on simulation-style, have allowed things to get out of hand. Now, Tom Clancy's Rainbow Six series is going to take things to the next level and go back to its beginnings of 1998 by not letting users respawn after death.
Rainbow Six Siege is a game I have been insanely excited for and Ubisoft's focus on teamwork and tactics are sure to make it a highly anticipated game for a lot more people than just me. At least for those who aren't twitch shooter fans. That's because in the multiplayer matches for Siege, there will be no respawns. Just like in my beloved Counter-Strike of FPS past, when you die, you're out for the round. For anyone tired of the Call of Duty series, highly rendered dog and all, this should be a huge breath of fresh air.
Appropriately called One Life, Rainbow Six Siege forces players to actually use skill to win, and not rely on one type of overpowered weapon or glitch. On the dev blog, Behind the Wall, the team goes on to explain why the decision was made.
When you're not allowed to respawn during a match, twitch reflexes aren't the only skills that keep you alive. Teamwork, map awareness, planning, adaptability, communication, and leadership become just as important to win.
You can't see it, but I've gotten out of my chair and am applauding reading those words right now. In a team game, putting more focus on team efforts makes so much sense I'm surprised it took over a decade for us to remember that. It evens out the playing field to make sure players of all skill types can enjoy a game, work together and have complete tasks laid out in front of them.
Now, there are those who are going to hate this and might say that there won't be anything to do in those few minutes of downtime. Ubisoft has said the matches are short and "precise" operations, so that if you die you'll only be sitting out for three minutes at most. And luckily, Ubisoft is taking advantage of those players removed from the action by giving them something to do that can affect the outcome of the game.
Yes, losing boots on the ground creates a disadvantage in firepower, but the player still contributes to the team by becoming a source of information. They are able to use limited visibility tools, like the drone and security cameras, or survey from a chopper above the operation zone to keep their team informed of the enemy's movements. We call this Support mode, and it's a crucial aspect of the round as the team balances firepower against information.
So even a dead player can provide crucial information to the fireteam. Still not convinced this is probably the most exciting game that will launch in 2015? After the break I posted a video of some gameplay. Watch that, then come back here and let me know what you thought of it.
Lately we're seeing this strange influx of inexpensive gaming set-top boxes that can also stream media. Additionally, we're seeing them all run Android for whatever reason, and each of them just feel cheap. Not even counting the OUYA, there have been a dozen or so other boxes that have been announced in the past eighteen months that all feel the same way. Now, Google is looking to get into that game and prays that you forget all about the Nexus Q.
In a world where we'll probably never see an actual cost-effective Steam Machine, NVIDIA launching some type of graphics-card powered device and the Fire TV, Google has come out with the Nexus Player, not to be confused with that weird-looking Nexus. Google's vision is to harness the success and popularity of the Chromecast and come up with a device that doesn't need a computer counter-part at all. Instead, the Nexus Player is sort of what you'd expect from every other set-top media device we've seen. Play games, stream content and use apps on a clunky, Android-based interface.
You get a remote, just like the others, to navigate through the menus, and if you want to actually game, you can pick up a controller for $39 to compliment the box, both made by ASUS. The slight difference here is that it will be the first-ever gadget to run Android TV, which was announced at Google I/O. A 1.8GHz four-core Atom processor runs alongside 1GB of RAM and 8GB of data space to power the Nexus Player, and it will double as a Chromecast, offering the same experience you've come to know through the $35 HDMI plug-in. Intel says the chipset is capable of pushing 1080p streaming with "console-like" graphics, but I'd be curious to see how accurate those statements will be in the real world.
For $99, the Nexus Player can be purchased on November 3rd when it launches, but you can already pre-order the thing should you want to. Adversely, you can spend the same amount for an Amazon Fire TV if you want, and you'll get pretty much the same features and experience, plus Prime Instant Video. Are any of these interesting to you? Do you have a smart TV instead? Or are you just using an Xbox 360 like the rest of us? Let us know in the comments below and click on the break to see the Nexus Player teaser video.
