'Russian Doll' Season 2: That Ending Explained, All Your Questions Answered - CNET

Does time collapse? Does Nadia get her family's gold back? Here's what happens at the end of season 2 of the Netflix show. Get ready for spoilers.

from CNET https://ift.tt/eO53vbk

Lyrid Meteor Shower Peaks Tonight and Tomorrow: How to See It Sizzle - CNET

Shooting star season starts with the first major shower since the Quadrantids back in early January.

from CNET https://ift.tt/0cFM4Hx

Latest Tech News

Almost all Android smartphones could be vulnerable to remote code execution as a result of vulnerabilities discovered in the audio decoders of Qualcomm and MediaTek chips.

The discovery of these vulnerabilities was made by Check Point Research (CPR) and if left unpatched, an attacker could exploit them to remotely gain access to a device’s camera and microphone by using a malformed audio file. At the same time, an unprivileged Android app could leverage these vulnerabilities to escalate its privileges in order to spy on a user’s media data and listen in on their conversations.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

Since most Android devices are powered by either Qualcomm or MediaTek chips, the impact of these vulnerabilities is wide reaching but thankfully, CPR responsibly disclosed its findings to both chipmakers who have since issued fixes.

Check Point security researcher Slava Makkaveev provided further insight on the firm’s findings regarding these high and critical severity vulnerabilities in a press release, saying:

"We've discovered a set of vulnerabilities that could be used for remote execution and privilege escalation on two-thirds of the world's mobile devices. The vulnerabilities were easily exploitable. A threat actor could have sent a song (media file) and when played by a potential victim, it could have injected code in the privileged media service. The threat actor could have seen what the mobile phone user sees on their phone. In our proof of concept, we were able to steal the phone's camera stream. What is the most sensitive information on your phone? I think it's your media: audio and videos. An attacker could have stolen that through these vulnerabilities.”

Vulnerable audio decoders

The vulnerabilities themselves were found in Apple Lossless Audio Codec (ALAC) which is also known as Apple Lossless.

First introduced back in 2004 for lossless data compression of digital music, at the end of 2011 Apple made ALAC open source and the format is now embedded in many non-Apple audio playback devices and programs including Android smartphones as well as Linux and Windows media players and converters.

Read More

> That Android antivirus could actually be malware

> Google Chrome is killing off its Android Lite Mode

> Android users can switch off 2G to enhance security and privacy

While Apple has updated the proprietary version of its decoder by fixing and patching security issues several times, the shared code in the open source version of ALAC has not been patched since 2011. CPR discovered that Qualcomm and MediaTek ported the vulnerable ALAC code into their own audio decoders which is why so many Android smartphones are now at risk.

CPR responsibly disclosed its findings to both chipmakers last year and they in turn released patches to fix all of their vulnerable audio decoders back in December. To avoid falling victim to any potential attacks though, you should make sure that your Android device has been updated with all of the latest patches.

• Keep your smartphone virus free with the best Android antivirus apps

from TechRadar - All the latest technology news https://ift.tt/fuQbXPB

How Long Will It Take to Get Your Tax Refund? Here's How to Track Your Money - CNET

If you got your taxes submitted by the tax deadline day, you can start checking the status to see when your refund will arrive.

from CNET https://ift.tt/agQOcmP

Latest Tech News

Apple Music is launching a series of new DJ mixes in Spatial Audio with Dolby Atmos enabled and fifteen new Boiler Room recordings on its app.

It's all a part of Apple’s continuous efforts to provide high-quality audio - and maybe a more engaging (thanks, Spatial Audio) experience. The company, which announced the update on Wednesday, goes as far as to call these mixes an “ …immersive audio experience with multidimensional sound and clarity.”

Monthly Spatial Audio series

The Spatial Audio remixes will come out monthly on the revamped One Mix series starting with “Outer to Inner Atmosphere: The Escape Velocity Mix” by acclaimed DJ and producer Jeff Mills. The hour-long set is currently available on the Apple Music app.

The Boiler Room recordings are newly mixed in the same Spatial Audio with Dolby Atmos format and come from a variety of nightclubs and festivals across different dates. It’s meant to emulate an actual clubbing experience.

Spatial audio uses Dolby Atmos, directional audio filters, and frequency adjustments on each ear to place parts of the audio in a virtual 3D space around the listener's head.

The initial fifteen recordings cover a wide array of artists like India Jordan, Analog Soul, and The Blessed Madonna. More DJ sets in Spatial Audio will release throughout the year and will be part of the overall Boiler Room collection on Apple Music.

Supporting hardware

If you own a pair of AirPods or Beats headphones that have either an H1 or W1 chip installed, you’ll be able to enjoy the high-quality remixes by default. What’s special about those AirPods and headphones are the accelerometers and gyroscopes inside them that track your head’s position and the iPhone’s placement.

That way, no matter how you turn, the audio doesn’t shift in quality and stays consistent.

Speaking of which, the speakers on the latest iPhones and iPads also support Spatial Audio. Some of the devices that support Spatial Audio include the iPhone 7 and later, the 6th generation iPad and later, iPad Air 3rd generation, and the iPad mini 5th generation.

It’s unknown if Apple plans on doing something similar for other genres, but it’s worth pointing out that the company spends a lot of time and money on DJ remixes and electronic music in particular.

For example, Apple uses Shazam’s music identifying tech to analyze a remix in order to make sure everyone involved in that song is paid fairly. If that’s the case, other genres may be left behind.

• If you're looking for headphones that can supply that Spatial Audio experience, you might want to read our AirPods Pro review.

from TechRadar - All the latest technology news https://ift.tt/YTl43aN

On 4/20, Here's Where Marijuana Is Already Legal - CNET

These are these states where THC and CBD based products are currently allowed.

from CNET https://ift.tt/jeLgNYJ

Latest Tech News

Fans of delightfully macabre TV will be thrilled to know that Reece Shearsmith and Steve Pemberton are back with another instalment of Inside No. 9, the BAFTA-winning series. Below we explain how you can watch Inside No. 9 season 7 online now, and 100% FREE on BBC iPlayer. 

• Outside of the country? Use a VPN to watch from abroad

Watch Inside No. 9 season 7 online

Premiere date: April 20, from 10pm GMT on BBC Two

New episodes: every Wednesday at the same time

Free stream: BBC iPlayer

Watch from anywhere: tune in today with a 100% risk-free VPN

Debuting in 2014, Inside No. 9 is an anthology series, and – as we’ve come to expect from the duo responsible for The League of Gentlemen – it’s perversely funny, full of twists that will blind-side even the most media-savvy viewer.

Only the number 9 links each episode; otherwise, there’s a different cast, setting, and story. Past instalments featured Helen McCrory in a gothic mansion, David Morrissey in a football locker room, and Killing Eve’s Fiona Shaw enjoying a Private View at a swanky gallery.

This season, expect to see Mark Gatiss in a story about four old friends boating on an isolated lake – great fun until old resentments start to bubble up. Other guest actors will include the brilliant Jessica Hynes (Spaced), Jason Isaacs, and Sophie Okonedo.

Ready for six terrifically taut tales? Then read our guide below for how to watch Inside No. 9 season 7 online from anywhere now.

How to watch Inside No. 9 online for FREE in the UK

This acclaimed anthology of dark tales is back for its seventh season. The first episode debuts on BBC Two from Wednesday, April 20 at 10pm GMT, with new instalments broadcast at the same time each week. 

You can also live stream the show on any device via BBC iPlayer, or watch on catch-up after it airs, including desktop on Windows and Mac machines, on smartphone apps for Android and iOS, as well as media streaming devices like Apple TV, Amazon Fire, Chromecast, Roku and more. You can also get BBC iPlayer on PlayStation and Xbox consoles.

BBC iPlayer is 100% free to stream, but you do need a valid TV licence.

How to watch Inside No. 9 season 7 online from outside your country

Don't let geo-restrictions prevent you from getting Inside No. 9 and streaming season 7. If you find yourself out of the country, you’ll be unable to access your usual streaming service. However, we can get you out of this sticky situation with the help a VPN.

The best VPN – otherwise known as a virtual private network – offers a simple solution. This piece of software alters your IP address to appear as though you're based in another country, allowing you to gain access to your preferred streaming platform, and watch episodes live or on-demand just like you would at home.

Use a VPN to watch Inside No. 9 online from anywhere

ExpressVPN is the world's top VPN right now
Our experts have tried and tested some of the best VPNs on the market so you don't have to and recommend ExpressVPN as their top pick. Not only is it one of the fastest and easiest to use, but this VPN is compatible with a whole host of devices, including Amazon Fire TV Stick, Xbox, Playstation, and iOS and Android devices.

Get an extra 3 months completely FREE when you sign up for an annual Express VPN plan now. If you're not happy with the service within the first 30 days, let them know and they'll give you your money back.

- Try ExpressVPN 100% risk-free for 30 days

Three simple steps to using a VPN to watch Inside No. 9

1. Download and install a VPN - we recommend ExpressVPN

2. Connect to the relevant server location - launch the VPN app, click on 'choose location' and select the right location i.e. UK for iPlayer

3. Head to the chosen broadcaster's live stream - in this case, head to BBC iPlayer

---

from TechRadar - All the latest technology news https://ift.tt/cpv02yU

Latest Tech News

A new variant of the BotenaGo malware that exclusively targets DVR for security camera systems has been spotted in the wild by security researchers.

For those unfamiliar, BotenaGo is a relatively new malware written in Google’s open source Golang programming language. While it was originally used to target IoT devices in an effort to create botnets, BotenaGo’s source code was leaked online back in October of last year.

Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/£10.99.

In the time since, cybercriminals have developed several new variants of the malware while also improving the original by adding new exploits to target millions of connected devices.

Now though, Nozomi Networks Labs has discovered a new variant that appears to be derived from the leaked source code. However, the sample analyzed by the firm’s security researchers exclusively targets Lilin security camera DVR devices which is why it has been dubbed “Lillin scanner”.

Lillin BotenaGo variant

Another thing that sets Lillin scanner apart from the original BotenaGo malware is that the variant is currently undetected by every antivirus engine on VirusTotal.

According to a report from BleepingComputer, this could be because the malware variant’s authors have removed all of the exploits found in the original BotenaGo. Instead, they’ve written the malware to only focus on Lilin DVRs by exploiting a two-year-old critical remote code execution vulnerability. Casting a smaller net for potential targets makes sense in this case as there are still a significant number of unpatched Lilin DVR devices in the wild.

> That Android antivirus could actually be malware

> Raspberry Pi can now detect malware without any software

> This Borat-themed malware is not funny in the slightest

An additional key difference between BotenaGo and Lillin scanner is that the new malware variant leverages an external mass-scanning tool to create lists of the IP addresses of vulnerable devices. Nozomi’s researchers also highlight the fact in their blog post on the matter that the cybercriminals behind Lillin scanner have specifically programmed it to avoid infecting IP addresses that belong to the US Department of Defense (DOD), the US Postal Service (USPS), General Electric, Hewlett Packard and other businesses.

Once a vulnerable device is infected by Lillin scanner, Mirai payloads are then downloaded and executed on it. Still though, this new BotenaGo variant isn’t such a massive threat as it only targets devices from a specific manufacturer.

• Protect all of the devices on your network with one of the best firewalls

Via BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/vXIiylL

BeReal Is Social Media, Minus the Artificial Glamour - CNET

The name is a mission statement: Be Real. Here's what to know about the social media app that's gaining popularity.

from CNET https://ift.tt/ljvbzy0

Latest Tech News

Upgrading the RAM in your Dell laptop may soon be out of the question as the PC maker has developed its own proprietary form factor for DDR5 memory.

As reported by Tom’s Hardware and first spotted by iGPU Extremist on Twitter, the Austin-based company’s upcoming Precision 7670 mobile workstation features its new Compression Attached Memory Module (CAMM) that houses the device’s memory.

While the full details on the Precision 7670 are set to be released later this month, iGPU Extremist shared photographs of the laptop which show what appears to be a single-sided module with 16 integrated circuits (ICs). Dell’s CAMM features two zones with eight ICs on each side and the design will probably run in a dual-channel configuration.

While we haven’t yet heard from the company regarding CAMM, its new memory module will likely offer a more compact alternative to replace two SO-DIMM memory slots.

Thinner laptops at the cost of user upgradability

Unlike business laptops which tend to be both thin and light, mobile workstations are known for being a bit heftier due to their more powerful components and larger batteries.

Through CAMM though, Dell will likely be able to simplify the designs of its laptops and make them thinner and even potentially lighter as more memory can be crammed into a smaller space.

Read More

> Dell overhauls Latitude, Precision laptop lineups for the next era of work

> Dell wants to simplify PC management for the hybrid working age

> This could be the world’s first DDR5 laptop, but you'd never guess who built it

While CAMM certainly sounds like a better implementation than soldering memory to a device’s motherboard, it would prevent users from upgrading the RAM on their devices using off-the-shelf components. Instead, they would need to purchase memory upgrades directly from Dell which would come at a premium.

Still though, Dell could decide to open up CAMM to third-party memory vendors to make future upgrades more readily available and cheaper for its customers.

We’ll have to wait until the end of the month to learn more about the Dell Precision 7670 mobile workstation and the company’s plans for CAMM going forward.

• Tackle even the most daunting computing tasks with one of the best workstations

from TechRadar - All the latest technology news https://ift.tt/vSMTdPA

Cricut EasyPress 3 Review: A Natural Evolution to Cricut's Lineup - CNET

Cricut's new EasyPress heat press machine gets a lot smarter, but upgrading is a maybe.

from CNET https://ift.tt/xfsD0Wp

Best Cooling Mattress Toppers for 2022 - CNET

Heads up, hot sleepers! Cool off for the night when you throw on one of this year's best cooling mattress toppers.

from CNET https://ift.tt/zuvm6Ej

Now Anyone on Instagram Can Tag Products in Their Posts - CNET

The photo app is looking more and more like an e-commerce platform.

from CNET https://ift.tt/BfuKcRC

Amazon Is Giving Away 10 Free Kindle Ebooks for World Book Day 2022 - CNET

You can pick up these 10 free international titles as part of this Amazon free ebook giveaway. The deal lasts till April 27.

from CNET https://ift.tt/zRLlivn

Whole Foods Stores in Austin, Texas, to Get Amazon One Palm-Scan Payment Tech - CNET

It's the first region outside the Seattle area where every Whole Foods Market will offer Amazon One.

from CNET https://ift.tt/tUEzSld