Latest Tech News

For its next trick, Apple might be working on keyboards for its MacBooks that change the appearance and functionality of their keys dynamically, depending on context – so the A key could instantly transform into a 9 key, for example.

This comes from a patent spotted by Patently Apple (via 9to5Mac), outlining a keyboard which would have a flexible backlighting system that could display any symbol on any key. Specifically, keys with "illuminable glyphs that are selectively visible or invisible to an unaided human eye".

At the moment of course, Apple uses keyboards with static, pre-printed labels that can't be changed. Some keys that do have more than one use, such as the media playback keys, have multiple labels on them so it's clear what they do.

How the keys might be designed (Image credit: Patently Apple)

Changeable glyphs

Essentially, the hardware described by the patent involves keys with a matrix of individual pixels that can be turned on or off as required, using finely tuned micro-LED or OLED components that Apple is familiar with from its device displays.

The end result would be "glyphs that are changeable or adjustable between different shapes, letters, colors, symbols, animations, languages, and other features" – so a keyboard could be used for typing, and then switched to offer shortcut controls for video editing, for instance.

As always with patent applications, this doesn't suggest we're anywhere near an end product, or that one will eventually get made – but it does show what Apple is exploring in terms of future hardware innovations.

---

Analysis: a more flexible keyboard

It certainly looks as though Apple wants to shake up the technology of its MacBooks: only a few days ago we heard about plans for a laptop consisting of a single 20-inch foldable display, with the keyboard on one side and the conventional 'screen' on the other.

This latest patent application isn't quite so dramatic, but it makes a lot of sense. Imagine having keys that could quickly shift to take on different functions depending on what was happening on macOS: you could have various layouts for browsing the web, editing photos, playing games and plenty more.

That's not to mention the flexibility it would offer in terms of typing in different languages. Scientists and mathematicians would also benefit by having access to a certain set of functions at certain times – and when these specific keys aren't required, the layout can return to normal with another button press.

All this would cost money of course, so the trade-off might be higher prices for Apple's laptops. Perhaps to begin with it would come as an optional extra, but as with any patent, we'll have to wait and see whether or not it becomes a reality.

• Apple's new Freeform app is one of its best software releases in years

from TechRadar - All the latest technology news https://ift.tt/jDM2LFi

NASA Is Building the 'First Sample Depot on Another World,' on Mars - CNET

NASA has chosen a spot called Three Forks to drop off some of the Perseverance rover's rock collection.

from CNET https://ift.tt/IPHy2FY

Latest Gadgets News

YouTube is testing 'Add to Queue' feature on Android and iOS devices for users having a YouTube Premium subscription. The feature, which has been available on Youtube's web platform, is now being brought to the mobile app. The feature will be accessible through the three-dot menu. Once a video is added to the queue, users will be able to use gestures like drag and dro...

from Gadgets 360 https://ift.tt/hdnI4xq

David Harbour on Mental Health, Running and Supporting Others This Holiday Season - CNET

In need of a way to improve your mental and physical health? Follow David Harbour's lead and hit the ground running.

from CNET https://ift.tt/4s8F1HT

Stop Loading Your Dishwasher the Wrong Way. Here's How to Do It - CNET

Yes, there is a right way to fill up your dishwasher.

from CNET https://ift.tt/tcsejG3

Latest Tech News

After confirming to have aced three independent security audits only about a month ago, ExpressVPN has just released the results of further testing on its software. 

Again, the provider seems to have passed these latest audits with full marks. 

This time, cybersecurity experts from Cure53 were called to assess ExpressVPN mobile apps. Its own password manager tool ExpressVPN Keys – which comes at no extra cost with both its iOS and Android apps – was also tested for any vulnerabilities. 

Despite a few minor bugs, which the provider said to have already addressed, Cure53 was pleased with the results and the commitment shown by the ExpressVPN team in fighting back "many problems that modern VPN applications tend to face."

'Diligent efforts in minimizing any potential threats' 

"All in all, the development team deserves every plaudit for their due diligent efforts in minimizing any potential threats for the iOS application, with only minor adjustments required to further elevate the platform to an exemplary standard from a security perspective," concluded the auditing firm on its iOS audit report. 

A similar outcome ended the Android audit report, too. At the same time, Cure53 was pleased with the access and collaboration grant from the provider during the whole process. 

Teams of three and five senior testers performed white-box testing and source-code audits on ExpressVPN's iOS and Android apps between August 2022 and September 2022. These were aimed to determine whether ExpressVPN's mobile apps could successfully withstand external attacks.  

For the first time, ExpressVPN Keys was also tested to assure it correctly secures users' login details.   

Both audits revealed only a handful of minor vulnerabilities but with very little risk for users' data.

Read more

> Our VPN testing results are in and you'll absolutely guess who's number one

> How to choose the right VPN for you - 9 key things to look out for

> Our pick of the best VPN services around right now

Specifically, the iOS audits identified a total of nine issues. Among these, only four were categorized as low and medium risk security vulnerabilities. The remaining five were referred to as "general weaknesses with lower exploitation potential." 

While the Android testing revealed a total of 13 vulnerabilities. Again, only three of the findings were deemed as security bugs at low or medium severity. 

However, as Cure53 reported: "The vast majority of findings are variations of common misconfigurations that are often present in Android applications. This positive viewpoint is also corroborated by the fact that none of the aforementioned vulnerabilities can be directly abused to conduct successful attacks."

ExpressVPN's very own password manager also received positive feedback, gaining "a solid impression on the whole."    

These latest testing bring the total of ExpressVPN's published independent VPN audits up to 13 since 2018. What's more, a security assessment on the ExpressVPN Keys browser extension is also on the way.

"We recognize the growing global need for digital privacy and security protections,” said Brian Schirmacher, penetration testing manager at ExpressVPN. “Audits by esteemed cybersecurity firms such as Cure53 are one of our many trust and transparency initiatives. We want to continue setting the bar high for the industry.”    

from TechRadar - All the latest technology news https://ift.tt/bGEI1xQ

Facebook Memories You'd Rather Forget? Here's How to Block Them - CNET

Not all memories are good ones. Here's how to prioritize your mental well-being on social media.

from CNET https://ift.tt/dHvyEVQ

Google Nest and Android Devices Now Work With Matter - CNET

Matter is an agnostic smart-home platform that lets users connect devices from different manufacturers.

from CNET https://ift.tt/RkIxm9z

Latest Tech News

Microsoft has officially banned cryptomining within its Azure cloud services in a rather inconspicuous way. 

An update to its Universal License Terms for Online Services, which mainly applies to its cloud platform, states that "mining cryptocurrency is prohibited without prior Microsoft approval."

The post goes on to explain that written approval is needed for those looking to use the company's services for cryptomining, clarifying that "neither customer, nor those that access an online service through customer" are permitted to leverage them for this purpose.

Dangers of mining

The policy change was also posted in the Azure Solution Area of Microsoft's Partner Community webpage, under the heading "Important actions partners need to take to secure the partner ecosystem".

read more

> There's been a huge growth in malicious cryptomining

> Azure eats into AWS lead as cloud market continues to grow

> Many businesses are majorly overspending on cloud services

Here, it was listed as among the changes to "minimize potential fraud damage to your customers’ subscriptions". Again, it stressed the need for "written pre-approval... granted by Microsoft" to sanction the use of its servers for sourcing the digital tokens.

Microsoft is concerned about the dangers such activities present to their infrastructure. In responding to a query from the The Register, the tech giant commented that mining for cryptocurrencies can "cause disruption or even impairment to online services and its users", adding that cryptomining "can often be linked to cyber fraud and abuse attacks such as unauthorized access to and use of customer resources."

They did add the caveat, however, that cryptomining "may be considered for testing and research for security detections."

Microsoft isn't alone in restricting cryptomining on its cloud platforms. Google Cloud, Oracle and OHVcloud have all banned it from their services, and Amazon Web Services only allows it within its paid subscription tiers. 

Microsoft has prohibited mining for a while on its free tier, but has only now escalated its policy to its paid-for options as well.

• Here's our round-up of the best endpoint protection for business

from TechRadar - All the latest technology news https://ift.tt/BWcU9w8

Latest Tech News

Microsoft has identified a huge number of IoT security issues, finding unpatched, high-severity vulnerabilities in 75% of the most common industrial controllers in customer operational technology (OT) networks.

The tech giant's research also found that 72% of the software exploits utilized by what Microsoft terms “Incontroller” are now available online. 

"Incontroller" is what the Cybersecurity and Infrastructure Security Agency (CISA) describes as a "novel set of state-sponsored, industrial control system (ICS) oriented cyberattack tools".

What is true scale of the issue?

Microsoft cited recent IDC figures that estimate there will be 41.6 billion connected IoT devices by 2025, a growth rate much higher than that of traditional IT equipment.

However, it claims that the development of IoT and OT device security has not kept pace with that of other IT systems, and threat actors are exploiting these devices.

Microsoft pointed towards Russia’s cyberattacks against Ukraine, as well as other nation-state-sponsored cybercriminal activity, saying these demonstrate that "some nation-states view cyberattacks against critical infrastructure as desirable for achieving military and economic objectives".

You certainly do not have to look far to see examples of these types of industrial IoT attacks wreaking havoc on all involved.

In May 2021, the Colonial Pipeline ransomware attack disrupted the supply of natural gas in much of the Southern US, causing widespread price rises.

READ MORE:

> Industrial cyberattacks are hitting nearly all IoT companies

> Millions of IoT devices and routers could have a mega security flaw

> Our guide to the best malware removal

To mitigate these types of risks, Microsoft recommends customers work with stakeholders to map business-critical assets, in IT and OT environments, as well as work to identify what IoT and OT devices are critical assets by themselves, and which are associated with other critical assets.

Microsoft also recommends that organizations perform a risk analysis on critical assets, focusing on the business impact of different attack scenarios.

• Interested in keeping your organization safe from cyber threats? Check out our guide to the best firewalls

from TechRadar - All the latest technology news https://ift.tt/90B7JMf

Latest Gadgets News

OnePlus is all set to unveil its first customisable mechanical keyboard. The product, which will launch for global markets, is a part of products that will be unveiled through OnePlus Featuring. It will be compatible for Mac, Windows and Linux. The layout will be similar to MacBook keyboard, but can work with MS Windows as well. 

from Gadgets 360 https://ift.tt/rLWKlOi

Spider-Man 2 Hits PS5 Next Fall - CNET

Marvel heroes will take on an alien symbiote nemesis in developer Insomniac's sequel.

from CNET https://ift.tt/jaicRU4

Latest Tech News

A popular Android browser app with more than five million downloads on the Google Play Store may have been leaking user data including browser history, experts have claimed.

Cybernews says it discovered that the ‘Web Explorer - Fast Internet’ app had left its Firebase instance open - a mobile application development platform that’s designed to assist with analytics, hosting, and cloud storage. 

At risk is five days’ worth of redirect data, including country, direct initiating address, redirect destination address, and user country, all presented by user ID.

Android Web Explorer data leak

Cybernews senior journalist Vilius Petkauskas, explains that getting their hands on this data alone may not be enough to give threat actors what they seek, however cross-referencing it with additional details could prove harmful.

The app was also found to be hardcoding on the client side, including keys relating to anonymized partial user browsing history, unique public identifiers, and a cross-server communication enabler.

Read more

> These are the best firewall tools

> Millions of Twitter users have had their data leaked online

> Sequoia breach sees hackers access customer Social Security numbers and COVID-19 test results

“If threat actors could de-anonymize the app’s users, they would be able to check a bunch of information on browsing history for a specific user and use it for extortion,” CyberNews noted.

It has since been discovered that the open Firebase instance has been closed and is no longer accessible, which means that threat actors can no longer access sensitive data. However, it’s not all good news: Cybernews reached out to the app’s team about its findings, but it’s yet to receive a reply.

Further digging also uncovers that the app was last updated in October 2020, meaning that the hardcoded ‘secrets’ are likely still there. The researchers write: “...we can only guess what other information could be leaking through the application’s secrets”.

• Secure your data with the best ID theft protection

from TechRadar - All the latest technology news https://ift.tt/LFqYK8B

Major Energy Breakthrough: Milestone Achieved in US Fusion Experiment - CNET

The National Ignition Facility achieves ignition in a fusion reactor.

from CNET https://ift.tt/TUPgreO

Latest Tech News

Businesses have become more reliant on their IT hardware every year, as their activities go through increasing digital transformation. The move towards hybrid working during the pandemic has further accentuated the importance of computing to economic success. But while small- and medium-sized businesses (SMBs) have been swept along by this trend as much as larger ones, their ability to roll out the necessary hardware upgrades is more financially constrained. Your choices should prioritize devices that are made to last, so the maximum amount of utility can be obtained from the IT equipment purchased over the longest period.

This goes well beyond merely ensuring that IT purchases deliver the most features possible for the money and are obtained from reputable brands. Computer equipment typically has a three- to five-year lifespan, and it will need to deliver the best possible performance during this period. Not only must the hardware provide performance and features to run contemporary applications, but also fit with emerging work patterns. Most important of all, it must be able to resist current and emerging cyber threats, which are constantly evolving and gaining sophistication.

The right PC for the job

The changing nature of work from being primarily on-premises to hybrid models has meant that employees now use a much wider range of devices than before. Gone are the days when a standard desktop configuration could be rolled out across everyone’s desk, with a fixed specification guaranteed for a long period of time so administrators always knew what they were managing. Now, while some employees will still be in the office, many will divide their time between home and workplace, some will be mostly on the road, and some may even operate almost exclusively from where they live. It may even be necessary to onboard new employees remotely.

While you can’t apply a ‘one size fits all’ approach anymore, you can still unify within a family of systems that offer a reliable set of features. Standardizing on devices based on the Intel vPro®, An Intel® Evo™ Design platform ensures that your fleet will share core capabilities including performance, connectivity, management, updating methods and security. For example, Dell’s Latitude 7420 and 7430 notebooks provide baseline performance that can be enhanced for more demanding workloads, alongside cutting-edge features.

The Dell Latitude 7420 and 7430 powered by Intel vPro®, An Intel® Evo™ Design, offer a dependable level of hardware-enhanced security, business-grade performance, efficient remote management, reliability, and stability. The platform also promises consistent system responsiveness, a long-lasting battery and comprehensive state-of-the-art connectivity. Both Dell devices have a 2-in-1 form factor, with touch screen and foldable hinge, delivering flexible use for employees who need to hot desk, work on the move, present and browse information in a tablet configuration.

For organizations that require a blend of desktops and notebooks, Intel vPro®, An Intel® Evo™ Design features are also available in desktop computers. For example, the Dell OptiPlex 7000 series comes in a broad range of formats, from micro and small form factor to all-in-one, meeting space solutions and medium towers. Virtually any computing need from tiny and inconspicuous to power systems for more gruelling workloads can be accommodated. These systems can be managed alongside Intel vPro®, An Intel® Evo™ Design notebooks as part of a common fleet.

This is a fundamentally valuable characteristic, because keeping systems healthy and running smoothly will extend their useful life for as long as possible. All hardware becomes obsolete eventually, but a lot of it may cease to be used before then because the operating system and software hasn’t been updated, has become corrupted by malware or the device itself hasn’t been repaired in the case of a hardware failure. Intel vPro®, An Intel® Evo™ Design facilitates this process by providing a common interface for management. For example, the Dell Command Intel vPro® Out of Band console, through its support for Intel vPro®, An Intel® Evo™ Design, can remotely manage a range of disparate devices. This enables remote onboarding and offboarding of employees who never come to the central office.

Security and sustainability

Security is another central feature of maintaining system uptime. Intel vPro®, An Intel® Evo™ Design provides built-in hardware security out of the box including Intel Hardware Shield. This delivers protection from malware that is baked into the hardware, allowing devices to be easily and cleanly rebooted if compromised. Alongside these built-in features, the system can use AI to detect new threats as they emerge. Alongside remote management, it’s possible to provide constant additional improvement to security as threats are detected on devices, whether on a local network or remotely connected. So an Intel vPro®, An Intel® Evo™ Design always has the latest protection from cyberattacks.

Keeping systems running through a hardware failure is also key. Upgrading an entire system when a single component has broken is a waste of resources and will also work against sustainability targets. Although functional integration has made this harder, even portable systems can be manufactured in a way that enables repair. Purchasing one of these expands the possibility of keeping systems running longer. Dell’s laptops also score highly amongst independent hardware repairers for being constructed in a way that makes fixing them easier than most other brands. Dell’s commitment to sustainability stretches back some years and underpins this facility. Dell has even pioneered the use of augmented reality to facilitate this process with its AR Assistant.

With the increasing importance of IT in delivering value and enabling a distributed workforce to operate efficiently as a team, ensuring hardware is based on the right platform is paramount. Client systems must be kept healthy, usable and fully operational for the longest time possible. Selecting devices based on Intel vPro®, An Intel® Evo™ Design, such as from Dell’s extensive portfolio, can help deliver the best possible service. That way, companies can get the most enduring service out of their IT spend.

Intel technologies may require enabled hardware, software or service activation.

No product or component can be absolutely secure.

Your costs and results may vary.

@Intel Corp. Intel, the Intel logo, Intel vPro® and other Intel marks are trademarks of Intel Corporation or its subsidiaries. Other names and brands may be claimed as the property of others.

from TechRadar - All the latest technology news https://ift.tt/5KnUviu