Open post
Security Bits Logo

Security Bits – Spectre & Meltdown Update (Again), Dark Caracal, chaiOS

Meltdown & Spectre Update

  • Steve Gibson of GRC (author of ShieldsUp & SpinRite) has released InSpectre, a free Windows app which clearly communicates your PC’s current level of protection against Meltdown & Spectre, and what kind of a performance hit you should expect — www.grc.com/…
  • RedHat have withdrawn their microcode patch for Spectre after it caused some systems to become unbootable (Linux supports dynamic updating of CPU microcode without the need for a BIOS update) — www.theregister.co.uk/…
  • A great post on the official Raspberry PI blog that primarily aims to explain why the Raspberry PIs are not vulnerable to Spectre, but in the process, explain Spectre in clearest and most understandable way I’ve yet seen — www.raspberrypi.org/…

Continue reading “Security Bits – Spectre & Meltdown Update (Again), Dark Caracal, chaiOS”

Open post
Security Bits Logo

Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre

Security Bits – 5 Jan 2018

Security Medium 1 — Password Managers as Trackers

Security researchers have found that less-reputable tracking firms have deployed JavaScript which uses invisible forms to trick password managers into entering information which can then be used as a kind of super-cookie that users cannot delete, and hence, track them around the web.

This problem affects all features that auto-fill usernames and passwords, whether or not they are native to the browser, or, provided by third-party plugins, so this affects everyone who saves passwords in their browser in any way.

Continue reading “Security Bits – Password Trackers, IOHIDeous, Meltdown & Spectre”

Open post
Security Bits Logo

Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption

Security Medium 1 — macOS High Sierra Root Bug

A nasty bug was found in macOS 10.13 High Sierra — it was possible to cause the root account to become enabled, and to do so with a blank password.

To trigger this bug all you had to do was go into the control panel, click the padlock to un-lock the sensitive settings, change the username to root, enter no password, then hit enter. At this point the authentication would fail, but, the root account would have been made active. Hit enter again, and root with a blank password will be accepted as valid. At this point you can do anything in the control panel, no matter how restricted your account is in theory, and, anything you can get full terminal access as root.

Continue reading “Security Bits – 08 December 2017 – macOS Root Bug, HomeKit Bug, iOS Backup Encryption”

Open post
Chit Chat Across the Pond Lite logo

CCATP #485 – Chris Ashley on Microsoft Surface Laptop and Windows 10S Education Devices

Chris Ashley of the SMR Podcast joins us to talk about all of the big announcements coming out of Microsoft this week. We’ll try to understand where the new Surface Laptop fits into their lineup of mobile devices, and then we’ll shift gears to talk about the new line of Education devices. These devices from many manufacturers will be running the new Windows 10S, a streamlined version of Windows that they hope will compete with Chromebooks. We also talk about Chris’s dream of a world where he only has to carry his phone and can dock it to a display anywhere he goes so he doesn’t have to lug a laptop around when he travels. And we laugh a lot.

itunes
mp3 download

Continue reading “CCATP #485 – Chris Ashley on Microsoft Surface Laptop and Windows 10S Education Devices”

CSUN 2017: Tap Systems Wearable Keyboard

Allison interviews Trevor Settles from Tap Systems about their innovative wearable keyboard. Tap is a bluetooth, one-handed “keyboard” that allows the user to type out characters on any surface with combinations of finger/thumb presses on the surface. Tap works with any bluetooth enabled desktop or mobile OS that supports the HID Keyboard Standard. This includes iOS and Android phones and tablets, Windows and Mac computers, and most Smart TVs. The Tap keyboard will be available for purchase around August of 2017. The setting is the Grand Hyatt Hotel in San Diego.

Learn more at http://tapwithus.com

Using a Screen Reader? click here

Open post
Chit Chat Across the Pond Lite logo

CCATP #468 Chris Ashley On Microsoft Windows on Arm and More

ChrisOne of my best friends on the Internet, Chris Ashley of the SMR Podcast joins us to talk Microsoft. We talk about what the implications are of Windows coming out for the Arm processors, why the Surface Studio has made such a splash, I confess that I bought into Office 365, and how Chris is pretty close to switching from Android back to the iPhone. Chris is delightful, intelligent and funny as always.

itunes
mp3 download

Affinity Photo 1.5 Adds HDR, Tone Mapping, Focus Stacking and More

Affinity logoIf you like photography at all, please stop reading/listening to me right now and go out and buy Affinity Photo. Seriously, do it. Here’s why.

I first told you about Affinity Photo in May of 2016 and I’ve been singing the praises of this app ever since as an alternative to Photoshop. This week Serif came out with version 1.5 of Affinity Photo and it’s even MORE amazing. Not only is it amazing, they also shipped 1.5 for Windows! They explain that they purposely created one code base that could be used for both platforms so there would never be a problem with feature parity between the two.

Normally Affinity Photo is only $50 one time (no subscription service, but the price is $40 right now in the Mac App Store or directly at affinity.serif.com for Mac and Windows. Even if you miss this price and get it for the regular price, that’s crazy inexpensive for an alternative to Photoshop.

Continue reading “Affinity Photo 1.5 Adds HDR, Tone Mapping, Focus Stacking and More”

CCATP #450 Chris Ashley

Chris Ashley in a suit jacket with a sunset behind himChris Ashley of the SMR Podcast joins us to talk about the Windows 10 Anniversary edition release, integration of Android with Windows, as well as the Ring Video Doorbell and the Bose Quiet Comfort QC35 wireless noise cancelling headphones. Chris turns the tables and asks my advice on whether his baby girl should get an iPod Touch or a Mac mini for her 7th birthday. If you haven’t heard Chris before I have to tell you it’s always a great time.


itunes
mp3 download

CES 2016: Bixi Touchfree Device Control

Allison interviews Vijay Narayanan from Bluemint Labs about their Bixi sensor and app for touch-free control of smart devices and apps. The Bixi sensor seamlessly connects with your favorite devices and thousands of connected apps to make your smart home even smarter. The Bixi App works across all iOS, Android, and Windows operating systems. As of CES 2016, Bixi was pursuing crowd funding to complete its development. The setting is the CES Unveiled show floor in the Mandalay Bay Hotel.

Learn more at http://bixi.io

Using a Screen Reader? click here

What Would Make Allison Buy a PC?

Kangaroo w10 ipadEvery once in a while a gadget comes along that’s so cool you just throw your entire belief system in the trash. Or at least that’s what happened to me. I bought the first PC I’ve owned since 2004. Back then I did it just to see what it was like to build a PC, I had no intention of actually using it. This time I bought a Kangaroo PC because it had one wicked awesome feature.

The Kangaroo PC is very small, about the size of a plus-size iPhone and it can use an iPad as its display! How cool is that? I bought the Kangaroo for $100 on NewEgg. As much as it pains me not to give you an Amazon Affiliate link, it’s twice that price on Amazon so go for the NewEgg option or you can buy it via the Microsoft store.   Continue reading “What Would Make Allison Buy a PC?”

Posts navigation

1 2
Scroll to top