The UpStream (Page 48)

Asus update tool hacked, allowed access to millions of computers

posted Sunday Mar 31, 2019 by Scott Ertz

Asus update tool hacked, allowed access to millions of computers

Computer manufacturers and users are definitely getting more sophisticated. Manufacturers, as well as Microsoft and Apple themselves, continue to produce more sophisticated tools to prevent hackers from gaining access to your computer. Users are getting smarter about which sites and emails they interact with, preventing attacks. With a more sophisticated computer user must come a more sophisticated hacker, and we have definitely seen a growth in that area. This week, Asus was the target of an incredibly advanced attack, putting computer owners at risk.

According to Russian security firm Kaspersky, a supply chain attack had been carried out using the ASUS Live Update Utility. Using a flaw in the utility, hackers opened a back door into any computer that had downloaded the tool. Kaspersky said that 57,000 of their users have downloaded the compromised tool, but that represented only a small portion of the Asus customer-base. They believe that as many as a million computers may have this backdoor installed.

ShadowHammer, as the attack has been called, is certainly a sophisticated one. The software was able to bypass initial detection because it was signed using an official Asus security certificate. For most, that would be enough to believe it is legitimate. In addition, the hackers managed to make the file exactly the same size as the original file which it replaced.

While many computers are likely compromised, it would appear that the actual usage of the exploit was incredibly targeted. It appears that only 583 MAC addresses were targeted, representing computers within large organizations. The affected computers are almost exclusively owned by ASUSTek, Intel, and AzureWave Technologies, with only 70 affected computers being owned by anyone else. That does not mean that users should not be concerned about this hack. This is not the first time that a company's update utility had been compromised, and it will not be the last.

Apple's unannounced news and media service will be missing big names

posted Sunday Mar 24, 2019 by Scott Ertz

Apple's unannounced news and media service will be missing big names

After committing over $1 billion to develop and launch a new streaming media service, Apple is prepared to announce the service at a press event tomorrow, March 25. It was once thought to be a competitor to Netflix, but more recent leaks have suggested that it might actually be more like Amazon Prime Video, where there is original and licensed content available directly, but you can also add on additional channels. It is somewhere between their existing Apple TV app, and the idea that Avram has been asking for over the past few months.

Rather than paying one-off bills to each streaming platform, you can pay Apple once for whichever services you want. Well, sort of. That's because the service appears to be moving forward without the most important partner: Netflix. That's because Netflix is not interested in giving up the control that Apple seems to be requiring. Netflix CEO Reed Hastings said,

We want to have people watch our content on our service. We've chosen not to integrate into their service.

Based on some recent reports, Apple is actually planning on requiring partners to stream their content through Apple's servers, which would give Apple access to streaming statistics that would normally not be available to them. They would be able to use that data to decide what types of original content they want to produce with the $1 billion+ they set aside. That data could then pose a threat to the services that integrate into the system, as Apple will then use their customer data to compete against them directly.

It has long been a rule for content creators, especially online, that you should control your distribution methods. For podcasters, that means using your website as your primary fan point of contact. For streaming services, that means not allowing another service to control your stream. For newspapers, that means making sure people read your content on your own site. That's why even The New York Times is warning publishers against the service, which is rumored to also include newspapers.

We'll find out more about the service in just a few hours, including who will and will not be participating.

Not to be outdone by big tech, FEMA announces major data breach

posted Sunday Mar 24, 2019 by Scott Ertz

Not to be outdone by big tech, FEMA announces major data breach

Everyone who has ever had to deal with the Federal Emergency Management Agency (FEMA) in the wake of a disaster always feels a little like they've been screwed over. Those feelings are going to be eclipsed by how they feel now that the organization has added a new disaster to their experience. That'd because FEMA announced they lost data on 2.5 million people. Those affected are people who have had to use the Transitional Sheltering Assistance program. Essentially, these are people who have been in a situation where they have either lost their homes or been unable to return to their homes because of damage.

All victims of this disaster had their addresses released, while 1.8 million of the 2.5 million also had their bank account information revealed by the government. While having your address released is not great, it is a major life event to have the government assist in identity theft. A loss of bank information is not a small matter - it requires replacing nearly every piece of financial data you have, from bank account numbers to checks, debit and credit cards, and more. Then, everything that touches those accounts has to be updated, like your car payments, mortgage or rent, cable, power, Netflix, Hulu, etc.

According to Lizzie Litzow, the press secretary for FEMA, the problem came about when the agency "provided more information than was necessary" to a contractor. The Department of Homeland Security's Office of Inspector General said that, while the data leak could potentially put people at risk of identity theft, there was no evidence that the information had been used for any nefarious purposes. FEMA is working with the contractor to remove the inappropriate information from its system, but that doesn't guarantee protection for those affected. If you are one of those affected, it is worth contacting your bank to get their input on next steps.

Rise of the streaming game services from Microsoft, Google and more

posted Sunday Mar 24, 2019 by Scott Ertz

The idea of streaming games to computers, consoles, and phones has been a long-standing idea in the gaming world. Many companies have attempted it over the past decade, with no one quite making it work successfully. The most famous failure is probably OnLive, the company that tried to pioneer the concept in modern gaming. A number of other contenders haverevived the concept, with a few big entrants taking the lead.

Over the past year, there have been many details of Microsoft's xCloud streaming service that have emerged. The company has been working on the technology for a couple of years and intends to bring the concept to as many gamers as possible. It is built on their industry-leading Azure cloud service, which also powers the modern Xbox Live. The first public demo of Project xCloud was this month, showing just how far the technology has come. We expect to see a much bigger demo, and far more focus on the system, at E3 2019 in June.

At GDC 2019, however, we got our first big look at Google's game streaming platform: Google Stadia. This is the more permanent version of Project Stream, the beta test that Google ran last November with Assassins Creed Odyssey. The service runs within the Chrome browser, which means that it can be used on a large number of platforms, including the often ignored Chrome OS. They've taken an interesting approach to a controller, with the hardware running over Wi-Fi, rather than the more traditional Bluetooth. The service is planned for a late 2019 launch.

It might seem like this announcement might be a trouble for Microsoft, but Xbox head Phil Spencer seems happy to have the competition. He was impressed by the unique Wi-Fi controller, as well as for the market validation that Microsoft had the right idea for the future of gaming. In a year where companies are skipping E3, including Sony, it will be more important than ever for Microsoft to take advantage of this event, especially as companies like Walmart are considering entering the fray.

After claiming no problems, bent iPad Pros are experiencing failures

posted Sunday Mar 24, 2019 by Scott Ertz

After claiming no problems, bent iPad Pros are experiencing failures

The phenomenon of iPad Pros shipping bent has been well documented, with customers all over the world reporting the issue online, as well as to Apple. Despite this, Apple has taken a bizarre position on the topic. Initially, the company said that any shipping bend in an iPad would cause no problems and is a normal part of the manufacturing process. Later, the position changed, posting a support article that simply explains the unibody enclosure. The part they have maintained, however, has been the lack of an issue.

What happens when you do experience a problem with your bent iPad Pro? Well, one customer documented their experiences trying to get his iPad repaired. He went into an Apple Store, expecting the service that Apple has always advertised from their "Geniuses." However, he was told that, because of the bend, his only option was to purchase a new iPad. He left and went into another Apple Store, only to be told the exact same thing.

While most people might have given up, this customer took an unusual step and used the Apple Support page to request a repair from an Apple Repair center. He sent off the iPad and, on the same day the center received the iPad, was shipped a replacement unit. The repair center made absolutely no mention of the bend, which the customer was never able to see from the beginning.

The fact that Apple has not taken a consistent position on the issue has caused an incredibly negative experience for customers. The company should not require a customer to drive around town, contacting different Apple employees, hoping that someone is going to take care of the problem. In this case, it worked out, but not everyone has the time or patience to fight at this level. It is important to remember, however, that the first response is not always the correct one. Persevere.

Disney+ to usher in the death of the infamous "Disney Vault"

posted Saturday Mar 9, 2019 by Scott Ertz

Disney+ to usher in the death of the infamous

Disney has been hard at work preparing for the launch of their streaming service Disney+. Last month we learned a little about their content plans, in particular, that they would offer licensed content in addition to their own. This week, more information about the type and amount of content that Disney+ will offer was made public, in the form of a report about an investor meeting. According to CEO Bob Iger,

The service, which I mentioned earlier is going to launch later in the year, is going to combine what we call library product, movies, and television, with a lot of original product as well, movies and television. And at some point fairly soon after launch it will house the entire Disney motion picture library, so the movies that you speak of that traditionally have been kept in a "vault" and brought out basically every few years will be on the service. And then, of course, we're producing a number of original movies and original television shows as well that will be Disney-branded.

This is a massive shift in the way Disney handles its back catalog. Traditionally, older films were made available for short periods of time and, once they were sold through, they would disappear again for several years. The shift in strategy, making all Disney properties available for exclusive streaming on Disney+, means that the idea of "The Vault" will come to an end. That's not to say that the actual, real-life vault will be retired, however, as that is actually where the films are stored and protected.

The end of the virtual vault will certainly make the value of Disney+ significantly higher. Being able to watch your favorite Disney animated classic, say Snow White and the Seven Dwarfs, without having to sit through the 7 year waiting period, will drive a lot of subscriptions. Add to that the inclusion of new films, such as Captain Marvel, which will release for streaming late this year, and Disney might just have a winner on its hands.

A release date has not been set for the platform, but Iger once again confirmed: "later in the year."

We're live now - Join us!



Forgot password? Recover here.
Not a member? Register now.
Blog Meets Brand Stats