The Rising Cost of Pregnancy: What Can Parents Do About It? - CNET

Pregnant parents find their own solutions to high out-of-pocket costs when health insurance falls short.

from CNET https://ift.tt/h65AiUf

12 Kitchen Tools Under $25 I Can't Live Without -- and How to Use Them - CNET

These must-have items are everything I want in a workhorse tool. They're inexpensive, versatile and easy to store, use and clean.

from CNET https://ift.tt/nGhBdDF

The Absolute Best Fantasy Movies on Netflix - CNET

Netflix's fantasy options range from pure magic to touching allegories of the human condition.

from CNET https://ift.tt/UGkm3x6

On Twitter, Suspended Journalists' Accounts Begin Reappearing - CNET

After conducting a public poll via Twitter, Elon Musk says the suspensions are being lifted.

from CNET https://ift.tt/YGOLT29

Best High-Speed Internet Service Providers - CNET

When only the fastest home internet service will do, look to these top ISPs for gigabit and multi-gigabit internet plans.

from CNET https://ift.tt/QLoK1Na

Latest Tech News

For its next trick, Apple might be working on keyboards for its MacBooks that change the appearance and functionality of their keys dynamically, depending on context – so the A key could instantly transform into a 9 key, for example.

This comes from a patent spotted by Patently Apple (via 9to5Mac), outlining a keyboard which would have a flexible backlighting system that could display any symbol on any key. Specifically, keys with "illuminable glyphs that are selectively visible or invisible to an unaided human eye".

At the moment of course, Apple uses keyboards with static, pre-printed labels that can't be changed. Some keys that do have more than one use, such as the media playback keys, have multiple labels on them so it's clear what they do.

How the keys might be designed (Image credit: Patently Apple)

Changeable glyphs

Essentially, the hardware described by the patent involves keys with a matrix of individual pixels that can be turned on or off as required, using finely tuned micro-LED or OLED components that Apple is familiar with from its device displays.

The end result would be "glyphs that are changeable or adjustable between different shapes, letters, colors, symbols, animations, languages, and other features" – so a keyboard could be used for typing, and then switched to offer shortcut controls for video editing, for instance.

As always with patent applications, this doesn't suggest we're anywhere near an end product, or that one will eventually get made – but it does show what Apple is exploring in terms of future hardware innovations.

---

Analysis: a more flexible keyboard

It certainly looks as though Apple wants to shake up the technology of its MacBooks: only a few days ago we heard about plans for a laptop consisting of a single 20-inch foldable display, with the keyboard on one side and the conventional 'screen' on the other.

This latest patent application isn't quite so dramatic, but it makes a lot of sense. Imagine having keys that could quickly shift to take on different functions depending on what was happening on macOS: you could have various layouts for browsing the web, editing photos, playing games and plenty more.

That's not to mention the flexibility it would offer in terms of typing in different languages. Scientists and mathematicians would also benefit by having access to a certain set of functions at certain times – and when these specific keys aren't required, the layout can return to normal with another button press.

All this would cost money of course, so the trade-off might be higher prices for Apple's laptops. Perhaps to begin with it would come as an optional extra, but as with any patent, we'll have to wait and see whether or not it becomes a reality.

• Apple's new Freeform app is one of its best software releases in years

from TechRadar - All the latest technology news https://ift.tt/jDM2LFi

NASA Is Building the 'First Sample Depot on Another World,' on Mars - CNET

NASA has chosen a spot called Three Forks to drop off some of the Perseverance rover's rock collection.

from CNET https://ift.tt/IPHy2FY

Latest Gadgets News

YouTube is testing 'Add to Queue' feature on Android and iOS devices for users having a YouTube Premium subscription. The feature, which has been available on Youtube's web platform, is now being brought to the mobile app. The feature will be accessible through the three-dot menu. Once a video is added to the queue, users will be able to use gestures like drag and dro...

from Gadgets 360 https://ift.tt/hdnI4xq

David Harbour on Mental Health, Running and Supporting Others This Holiday Season - CNET

In need of a way to improve your mental and physical health? Follow David Harbour's lead and hit the ground running.

from CNET https://ift.tt/4s8F1HT

Stop Loading Your Dishwasher the Wrong Way. Here's How to Do It - CNET

Yes, there is a right way to fill up your dishwasher.

from CNET https://ift.tt/tcsejG3

Latest Tech News

After confirming to have aced three independent security audits only about a month ago, ExpressVPN has just released the results of further testing on its software. 

Again, the provider seems to have passed these latest audits with full marks. 

This time, cybersecurity experts from Cure53 were called to assess ExpressVPN mobile apps. Its own password manager tool ExpressVPN Keys – which comes at no extra cost with both its iOS and Android apps – was also tested for any vulnerabilities. 

Despite a few minor bugs, which the provider said to have already addressed, Cure53 was pleased with the results and the commitment shown by the ExpressVPN team in fighting back "many problems that modern VPN applications tend to face."

'Diligent efforts in minimizing any potential threats' 

"All in all, the development team deserves every plaudit for their due diligent efforts in minimizing any potential threats for the iOS application, with only minor adjustments required to further elevate the platform to an exemplary standard from a security perspective," concluded the auditing firm on its iOS audit report. 

A similar outcome ended the Android audit report, too. At the same time, Cure53 was pleased with the access and collaboration grant from the provider during the whole process. 

Teams of three and five senior testers performed white-box testing and source-code audits on ExpressVPN's iOS and Android apps between August 2022 and September 2022. These were aimed to determine whether ExpressVPN's mobile apps could successfully withstand external attacks.  

For the first time, ExpressVPN Keys was also tested to assure it correctly secures users' login details.   

Both audits revealed only a handful of minor vulnerabilities but with very little risk for users' data.

Read more

> Our VPN testing results are in and you'll absolutely guess who's number one

> How to choose the right VPN for you - 9 key things to look out for

> Our pick of the best VPN services around right now

Specifically, the iOS audits identified a total of nine issues. Among these, only four were categorized as low and medium risk security vulnerabilities. The remaining five were referred to as "general weaknesses with lower exploitation potential." 

While the Android testing revealed a total of 13 vulnerabilities. Again, only three of the findings were deemed as security bugs at low or medium severity. 

However, as Cure53 reported: "The vast majority of findings are variations of common misconfigurations that are often present in Android applications. This positive viewpoint is also corroborated by the fact that none of the aforementioned vulnerabilities can be directly abused to conduct successful attacks."

ExpressVPN's very own password manager also received positive feedback, gaining "a solid impression on the whole."    

These latest testing bring the total of ExpressVPN's published independent VPN audits up to 13 since 2018. What's more, a security assessment on the ExpressVPN Keys browser extension is also on the way.

"We recognize the growing global need for digital privacy and security protections,” said Brian Schirmacher, penetration testing manager at ExpressVPN. “Audits by esteemed cybersecurity firms such as Cure53 are one of our many trust and transparency initiatives. We want to continue setting the bar high for the industry.”    

from TechRadar - All the latest technology news https://ift.tt/bGEI1xQ

Facebook Memories You'd Rather Forget? Here's How to Block Them - CNET

Not all memories are good ones. Here's how to prioritize your mental well-being on social media.

from CNET https://ift.tt/dHvyEVQ

Google Nest and Android Devices Now Work With Matter - CNET

Matter is an agnostic smart-home platform that lets users connect devices from different manufacturers.

from CNET https://ift.tt/RkIxm9z

Latest Tech News

Microsoft has officially banned cryptomining within its Azure cloud services in a rather inconspicuous way. 

An update to its Universal License Terms for Online Services, which mainly applies to its cloud platform, states that "mining cryptocurrency is prohibited without prior Microsoft approval."

The post goes on to explain that written approval is needed for those looking to use the company's services for cryptomining, clarifying that "neither customer, nor those that access an online service through customer" are permitted to leverage them for this purpose.

Dangers of mining

The policy change was also posted in the Azure Solution Area of Microsoft's Partner Community webpage, under the heading "Important actions partners need to take to secure the partner ecosystem".

read more

> There's been a huge growth in malicious cryptomining

> Azure eats into AWS lead as cloud market continues to grow

> Many businesses are majorly overspending on cloud services

Here, it was listed as among the changes to "minimize potential fraud damage to your customers’ subscriptions". Again, it stressed the need for "written pre-approval... granted by Microsoft" to sanction the use of its servers for sourcing the digital tokens.

Microsoft is concerned about the dangers such activities present to their infrastructure. In responding to a query from the The Register, the tech giant commented that mining for cryptocurrencies can "cause disruption or even impairment to online services and its users", adding that cryptomining "can often be linked to cyber fraud and abuse attacks such as unauthorized access to and use of customer resources."

They did add the caveat, however, that cryptomining "may be considered for testing and research for security detections."

Microsoft isn't alone in restricting cryptomining on its cloud platforms. Google Cloud, Oracle and OHVcloud have all banned it from their services, and Amazon Web Services only allows it within its paid subscription tiers. 

Microsoft has prohibited mining for a while on its free tier, but has only now escalated its policy to its paid-for options as well.

• Here's our round-up of the best endpoint protection for business

from TechRadar - All the latest technology news https://ift.tt/BWcU9w8

Latest Tech News

Microsoft has identified a huge number of IoT security issues, finding unpatched, high-severity vulnerabilities in 75% of the most common industrial controllers in customer operational technology (OT) networks.

The tech giant's research also found that 72% of the software exploits utilized by what Microsoft terms “Incontroller” are now available online. 

"Incontroller" is what the Cybersecurity and Infrastructure Security Agency (CISA) describes as a "novel set of state-sponsored, industrial control system (ICS) oriented cyberattack tools".

What is true scale of the issue?

Microsoft cited recent IDC figures that estimate there will be 41.6 billion connected IoT devices by 2025, a growth rate much higher than that of traditional IT equipment.

However, it claims that the development of IoT and OT device security has not kept pace with that of other IT systems, and threat actors are exploiting these devices.

Microsoft pointed towards Russia’s cyberattacks against Ukraine, as well as other nation-state-sponsored cybercriminal activity, saying these demonstrate that "some nation-states view cyberattacks against critical infrastructure as desirable for achieving military and economic objectives".

You certainly do not have to look far to see examples of these types of industrial IoT attacks wreaking havoc on all involved.

In May 2021, the Colonial Pipeline ransomware attack disrupted the supply of natural gas in much of the Southern US, causing widespread price rises.

READ MORE:

> Industrial cyberattacks are hitting nearly all IoT companies

> Millions of IoT devices and routers could have a mega security flaw

> Our guide to the best malware removal

To mitigate these types of risks, Microsoft recommends customers work with stakeholders to map business-critical assets, in IT and OT environments, as well as work to identify what IoT and OT devices are critical assets by themselves, and which are associated with other critical assets.

Microsoft also recommends that organizations perform a risk analysis on critical assets, focusing on the business impact of different attack scenarios.

• Interested in keeping your organization safe from cyber threats? Check out our guide to the best firewalls

from TechRadar - All the latest technology news https://ift.tt/90B7JMf