Latest Tech News

HBOMax prices in the US just rose $12 a year. It's not good news, but also par for the course. There's a sea change underway in content-based services. A shame really, because it all started off so promising.

There was, for instance, a brief moment when modern digital conveniences were synonymous with cost savings. We took Ubers, for example, because they were cheaper than taxis - until they weren’t. We booked Airbnbs because they were cheaper than hotels - until all the ads-on and fees made them comparable.

And we signed up for all those streaming services because they were cheaper than cable. Now, in aggregate, they’re really not.

The news of the price hike from $14.99 a month to $15.99 a month should not come as a surprise. Ever since the massive WarnerMedia-Discovery merger to form the new Warner Bros. Discovery media conglomerate, changes have been afoot both in front of and behind the scenes. There have been layoffs (CNN got hit hard) and content cuts, including the shelving of a nearly complete Batgirl movie.

But why?

When asked for comment on the price hike (which we saw coming), HBOMax representatives didn't offer much color but forwarded a statement that reiterated the effective-immediately price change for new customers. Existing ones will pay more next month. I just got my HBOMax bill and can confirm that for January 2023, it's still just $14.99 a month. HBO wouldn't comment on price changes outside the US.

As for why it's raising prices, the statement adds this:

"This price increase of one dollar will allow us to continue to invest in providing even more culture-defining programming and improving our customer experience for all users."

It goes on to note that this is the first price increase since the platform launched back in 2020.

Bella Ramsey and Pedro Pascal in The Last of Us on HBOMax (Image credit: HBO)

I guess HBOMax held out as long as it could before joining virtually every other streaming platform, including Netflix, Disney+, and Hulu in raising subscription prices. The costs of creating new movies and shows (to be fair, the cost of everything) is going up and now it's getting passed along to subscribers.

The reality for us, though, is that this once shiny proposition of an affordable à la carte menu of streaming content is becoming a rather larger financial burden basically equal to the cost of the cable we started cutting more than a few years ago.

A recent study found that one in four households are paying more than $75 a month for streaming services, which is not surprising when you consider that, according to the study, 24% subscribe to at least three services. Interestingly, more than half base their streaming services choices on price, while just a third consider the content library.

But the truth is, once you've subscribed and are hooked on a favorite show like Stranger Things or House of Dragon, it's unlikely you'll give it up, even with these incremental increases.

HBOMax, Netflix, and Parmount+ know this. It's why they launch so many shows, in the hope of hooking you. At least HBOMax can hold onto you for longer by stretching out a show's release over the course of weeks, if not months. But to make all that must-see content, they need millions (if not billions) of dollars. Which is why they're all turning to us for more and more money.

An ad-tier won't save us

There are and will be more options. You can save money by signing up for ad-supported streaming services like Netflix with Ads. It's cheaper but all your favorite shows are interrupted by commercials, just like the cable and broadcast shows you tried to leave behind.

One school of thought says that the very existence of these ad-supported tiers is why premium streaming subscriptions are more expensive. Companies like Netflix can say, sure, we ask more for our top-tier services, but we now make it affordable enough for everyone - as long as you don't mind a few commercials.

HBOMax does not yet have an ad-supported tier. So, if you want to see the already-praised Last of Us series, you'll pay that extra dollar.

In fact, that's the only thing that is certain about the future of streaming services. If you want high-quality ad-free content, you will pay more. Bundles that sweep up three or four streaming services for a minor discount may be the answer, but then aren't we right back to cable bundles where we end up with a lot of content we never wanted in the first place.

Probably.

from TechRadar - All the latest technology news https://ift.tt/c2IuC4P

Researchers May Have Uncovered the Long Lost Ancient Temple of Poseidon - CNET

A buried shrine matches an ancient description of a place dedicated to the mythological god of the sea.

from CNET https://ift.tt/FAzal1J

Latest Tech News

A high-severity vulnerability has been discovered in a number of Cisco routers which allows threat actors to bypass authentication, gain root access to the endpoint, and even launch arbitrary commands on the underlying operating system in the second stage of the attack.

The news comes courtesy of Cisco itself, which said it wouldn’t be addressing the flaw given that it was discovered in endpoints that have reached end of life. The flaw, tracked as CVE-2023-20025, affects Cisco Small business RV016, RV042, RV042G, and RV082 routers. By sending a custom-built HTTP request to the web-based management interface of the vulnerable routers, the attackers could bypass the device’s authentication and remotely exploit it. 

The attackers would then be able to leverage a second vulnerability, also newly disclosed CVE-2023-2002, to execute arbitrary commands on the device’s operating system. 

Blocking important ports

The bugs are rated as “critical”, but Cisco will not be addressing it, mostly because the devices in question are no longer supported by the company. However, BleepingComputer found that RV042 and RV042G routers were available for sale until January 30, 2020, and will be enjoying the company’s support until January 31, 2025. 

There are no workarounds for the flaw, but admins can disable the routers’ web-based management interface, or block access to ports 443 and 60443, which would help block potential attacks.

This is not the first time Cisco decided not to fix critical authentication bypass vulnerabilities. In September, BleepingComputer reminds, a similar flaw was discovered plaguing RV110W, RV130, RV130W, and RV2015W EoL. At the time, Cisco suggested customers move to RV132W, RV160, and RV160W.

Read more

> More Cisco SMB router ranges have serious security flaws

> Cisco routers suffer from multiple maximum severity security bugs

> Check out the best business routers today

In June, a critical remote code execution (RCE) flaw (tracked as CVE-2022-20825) was found and left unchecked. 

Routers are a crucial component in data transit, and as such, are a major target for cybercriminals. Therefore, it’s not uncommon for cybersecurity researchers and OEMs to regularly find, and patch, high-severity flaws. However, unpatched flaws can wreak havoc on a network, as threat actors don’t have to discover new vulnerabilities themselves - they can just leverage what’s already common knowledge.

• Here's our list of the best endpoint protection software today

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/Y6w85sa

Latest Tech News

A major impersonation campaign is aiming to distribute the Vidar infostealer to as many endpoints as possible. 

Cybersecurity researcher from SEKOIA, going under the name crep1x, discovered the campaign and rang the alarm on Twitter. In a short Twitter threat, the researcher said he discovered more than 1,300 domains, all of which impersonate major software brands to push the malware. 

The brands impersonated in this campaign include AnyDesk, MSI Afterburner, 7-ZIP, Blender, Dashlane, Slack, VLC, OBS, and cryptocurrency trading apps, to name a few. All of these impersonated brands lead to the same website, a clone of AnyDesk.

Stealing passwords and cryptocurrency

For the uninitiated, AnyDesk is a remote desktop application that gives users remote access to personal computers and allows them to transfer files and be used as a VPN. 

Victims that navigate to these sites and try to download the application would be redirected to a Dropbox folder hosting the Vidar infostealer. A variant of the Arkei infostealer, Vidar is capable of stealing credit cards, login credentials, files, and grab screenshots. It is also capable of stealing cryptocurrencies, such as bitcoin or ether, from the victim’s hot wallets (software wallets). 

Read more

> Vidar spyware is now hidden in Microsoft help files

> This fake GIMP Google ad just ends up serving malware

> This is the best endpoint protection software right now

According to BleepingComputer, which reported on crep1x’s findings earlier this week, the campaign is still active and many of the typosquatted domains are still active. Some have been shut down in the meantime. Dropbox was also notified of its services being abused to distribute malware and has killed the link in the meantime. 

However, given that all of the malicious sites point to the same place, the threat actors can persist easily by simply updating the download URL.

The best way to protect against such attacks is to be extra careful when downloading software and making sure the apps are only obtained from verified sources. That being said, navigating to the AnyDesk website (as opposed to clicking a supposed AnyDesk link in an email or a social media post) is a good place to start.

• Check out the best firewalls at the moment

Via: BleepingComputer

from TechRadar - All the latest technology news https://ift.tt/OIZlPoe

Latest Gadgets News

Google on Wednesday was refused to be given an interim stay on the competition regulator imposing a Rs. 936-crore penalty on the US tech giant for abusing its dominant position in the market. The National Company Law Appellate Tribunal directed Google to deposit 10 percent of the fine that was slapped by the Competition Commission of India in a case related to its Pla...

from Gadgets 360 https://ift.tt/1zeco73

The Biggest CES 2023 Innovations We Saw at the Las Vegas Show - CNET

CNET's visit to the world's biggest consumer tech show included a staggering amount of gadgets and electronics. Here are the standouts.

from CNET https://ift.tt/vzcufHB

Latest Gadgets News

The NPCI has permitted non-residents from 10 countries, including the US, Canada and UAE, to digitally transfer funds using the UPI platform from NRE/NRO accounts. The National Payments Corporation of India (NPCI) in a circular said it has been receiving requests for allowing non-residents to use international mobile numbers for transacting in Unified Payments Interf...

from Gadgets 360 https://ift.tt/0kcIAuJ

5 Reasons to You Should Eat More Carbs - CNET

Carbs have many benefits. Here's what to know.

from CNET https://ift.tt/tRaeu8G

Latest Tech News

Imagine being trapped inside commercial hell where the only escape is your voice. Who would cook up such a thing? 

According to a tweet that's been viewed over 18 million times, this was Sony's brilliant idea. I almost did a spit-take when the tweet rolled into my feed. It's not a full patent, just an illustration from one that shows someone sitting on a couch watching a TV show in which one person is shooting someone else (weird to have such unnecessary violence in a patent). A McDonald's commercial represented, naturally, by a giant hamburger appears on screen with the message, "Say 'McDonald's' to end commercial." The TV watcher enthusiastically leaps to his feet and yells "McDonald's" and then it's back to the on-screen violence.

That does look like someone is ending a commercial with their voice. But that's not the whole story.

Sony owns a patent that would force viewers to exclaim the brand name during commercials to end them. pic.twitter.com/DC3rcKvzlLJanuary 9, 2023

See more

The total lack of context around the tweet and patent drawing intrigued me. Where did this image come from? Having looked at hundreds of patents over the years, I was convinced that this was, in fact, a real patent drawing (not that someone couldn't have purposely drawn something to mimic one).

I decided to investigate if this was from a real patent. That's not as easy. There are, according to my friends at the US Patent and Trademark Office, more than 11.5M patents (not including the ones lost in a fire in 1836).

The US Patent Office has a search engine, but it doesn't always make it easy to find what you need. I tried searching on "Sony" and "Commercials" but didn't bring back anything that resembled this patent or image.

I switched to Google and searched on "sony end commercials brand name". The first result was for the popular tweet. Thanks, Google.

Scrolling down, though, I noticed articles from 2014 and 2013. All of them highlighted the same image and offered the same lack of context. On Reddit, a post devoted to the image was removed by moderators because it had "no proof/source." No one seemed to know where to find the original patent.

Turns out, though, that there is proof and a source, and I found it in Google Patents. The often-shared image is just one of 21 illustrations from Patent  No. US8246454B2, "System for converting television commercials into interactive networked video games," by inventor Gary M Zalewiski.

Sony applied for the patent back in 2009. The application was granted in August 2021.

The patent is not, ostensibly, about trapping consumers in commercial hell until they jump up and yell a brand name. Here's part of the abstract:

"In one method, a broadcast or streamed commercial is accompanied by an interactive segment. A media player coupled to the broadcast or streaming media source identifies the existence of the interactive segment and presents the user with an enhanced and interactive mini-game commercial that can be played with other “viewers” in a common or disperse demographic."

Based on the description and images, this patent is about interactive and actionable commercials. You could play games within them or even order products. In one illustration, the system shows a TV connected to both a "Media Streaming Computer" and PlayStation (it looked like a PS3). The gaming console connects to an Interactive Commercial Service, which then talks on the back end to an Advertiser or one of almost a dozen networks, including NBC, CBS, Hulu, and, yes, MySpace.

Some more details on how this patent might really work. (Image credit: USPTO)

Each parent illustration or "Figure" as they're called in patents, comes with a little caption. Here's how the key image is described.

"FIG. 9 illustrates a user interacting verbally with a commercial, according to one embodiment."

I know, not much to go on.

The more detailed description of the patent, though, makes clear exactly what's happening in that illustration, and, it's even stranger than I thought.

The original meme-worthy patent illustration. (Image credit: USPTO)

I won't put the entire description here because it's too long and clearly written by someone who isn't interested in elegant prose. Instead, I'll list the steps:

• Someone is watching a movie
• The movie's progress bar shows that a commercial break is coming up (that's something you can see today on services like Hulu).
• The commercial starts
• It's interactive and triggers the on-screen display of "Say McDonald's to end commercial"
• The viewer says "McDonald's (we'll never know why he chose to jump up and raise his arms).
• The viewer's words are captured by a microphone on the TV
• Voice recognition readers the response
• The system skips the rest of the commercial
• The viewer resumes watching the show
• The viewer might get a reward or coupon from the commercial sponsor: i.e. McDonald's

The only wrinkle here is that this is not so much about trapping anyone in an infinite loop of commercials, it's really about triggering user engagement with the carrot of a possible reward. I mean, I'd happily yell, "Subway!" or "Cialis!" to end a commercial more quickly.

And that's the key. This was never an invention intended to create a Morbius strip of commercials that you could only leave if you spoke up. It was, in part, an interactive incentive system, perhaps the first-ever in the history of live TV broadcasts.

I sent queries to both Sony and the inventor to learn more about the status of this patent. If I hear back, I'll update this story.

It's always fun to post, share, and laugh about these standalone images but it's just as important to remember that they rarely, if ever, tell the whole story. For me, the patent is now far more interesting, if even a little weirder. 

I truly cannot wait until we are all yelling at our Best TV of 2023 with a real purpose.

from TechRadar - All the latest technology news https://ift.tt/ZCncbfH

'Star Wars: The Bad Batch' Season 2 Schedule: When Does Episode 3 Drop? - CNET

Hunter, Omega and the rest of the clones are back in 2023's first Star Wars show, which kicked off on Disney Plus last week.

from CNET https://ift.tt/SbICDKk

Latest Tech News

The popular Python package repository PyPI was found hosting AWS keys and malware, putting countless Python developers at risk of serious supply chain attacks. 

The results come courtesy of software developer Tom Forbes, who built a tool using Rust which scanned all new packages on PyPI for AWS API keys. 

The tool came back with 57 positive results, including some from Amazon, Intel, Stanford, Portland, and Louisiana University, the Australian Government, General Atomics fusion department, Terradata, Delta Lake, and Top Glove.

Minimizing the damage

"This report contains the keys that have been found, as well as a public link to the keys and other metadata about the release," Forbes said. "Because these keys are committed to a public GitHub repository, Github’s Secret Scanning service kicks in and notifies AWS that the keys are leaked."

Consequently, AWS notifies the developer of the leak and quarantines it to minimize the damages. The problem is that a tool such as this one was relatively easy to build, and while Forbes might be benign in his intentions, others may not be. Speaking to The Register, he said different keys may cause different levels of pain:

"It depends on the exact permissions given to the key itself," Forbes explained. "The key I found leaked by InfoSys [in November] had 'full admin access' which means it can do anything, and other keys I found in PyPI were ‘root keys’ which are also allowed to do anything. An attacker holding these keys would have full access to the AWS account it is linked to."

Read more

> Malicious PyPi packages turn Discord into password-stealing malware

> This random image is spreading a malicious PyPl package using GitHub

> These are the best firewalls today

He added that GitHub’s automated key scanning is a positive step forward, but not enough to tackle the problem in its entirety:

"GitHub also cares a lot about supply chain security but they have dug themselves a hole: The way they scan for secrets involves a lot of collaboration with vendors who may disclose internal information about how keys are constructed to GitHub," he said. "This means that the regular expressions that GitHub uses to scan for secrets cannot be made public and are sensitive, which also means that third parties like PyPI are effectively unable to utilize this awesome infrastructure without sending every bit of code published on PyPI to GitHub."

While he did blame PyPI, saying the platform could do more to protect its users, he also said developers should take some responsibility for the security of their solutions. What’s more, AWS should be a part of the solution, as well, he added: "AWS has some blame to share here as well: IAM is notoriously difficult to debug and get right which leads to overly wide permissions being granted on keys."

To protect against supply chain attacks via PyPI, Forbes says organizations should reconsider their security policies. 

• Check out our rundown of the best endpoint protection tools right now

Via: The Register

from TechRadar - All the latest technology news https://ift.tt/RnEDd6m

Missed Prince Harry's Explosive '60 Minutes' Interview? How to Watch It - CNET

In a no-holds-barred chat promoting his new memoir Spare, Prince Harry shares his feelings about Camilla Parker-Bowles and his relationship with his father and brother.

from CNET https://ift.tt/xCFQHMZ

We Tried These 48-Megapixel AR Glasses From DigiLens With Our Voice video - CNET

Digilens Argo has clear lenses and is voice-controlled. We tried out the industrial work glasses in Las Vegas.

from CNET https://ift.tt/47NewxU

Switching Phone Carriers in 2023: What to Know Before You Switch Providers - CNET

Before you change your wireless service, you'll want to make sure you have the answers to these questions.

from CNET https://ift.tt/rT4lV5n

Latest Tech News

Hisense’s sprawling booth at CES 2023 was packed with TVs – unlike some other brands, it had its full 2023 lineup on display, with detailed specs listed for each series. All sets should all be available in spring, which is the time that manufacturers typically start rolling out new TVs.

Last year saw Hisense introduce its first mini-LED models, the U8H series, which ended up on our list of the best 4K TVs owing to its great performance for the price. For 2023, the company will incorporate mini-LED backlighting throughout its full premium ULED (quantum dot) TV lineup, with prices starting at under $500 / £410 for a 50-inch model. Along with mini-LED backlighting, each series will use the Google TV smart interface and offer gaming-centric features including up to 144Hz refresh rate, VRR, ALLM, and FreeSync Premium Pro on all save the entry-level U6K. All sets will additionally support the Wi-Fi 6E standard for speedy streaming, along with both the Dolby Vision IQ and HDR10+ high dynamic range formats.

Something of interest for US viewers is built-in ATSC 3.0 tuners found throughout the full Hisense line. We expect to see more TVs coming out in 2023 capable of handling this next-gen TV broadcasting standard, which provides support for 4K video with HDR and Dolby Atmos audio, among other features. But of the new TVs announced at CES 2023, so far only LG has confirmed that its flagship G3 4K and Z3 8K models will have built-in ATSC 3.0 tuning capability.

ULED EX  

The ULED EX (shown at top) is Hisense’s flagship TV for 2023. Available only in an 85-inch screen size, its backlight comprises over 20,000 mini-LED modules. More than 5,000 local dimming zones and a 16-bit light control algorithm are used to enhance contrast and shadow detail, and peak brightness is specced at 2,500 nits. The ULED EX also has an ultra low reflection screen and a 30% wider viewing angle than standard LED-backlit TVs – a first for a Hisense set, and something I could appreciate when viewing it in person at CES.

The limited edition ULED EX has the most advanced built-in audio system to appear in a Hisense TV: 4.1.2 channels, with over 80 watts used to power the set’s seven speakers.

Hisense's new U8K series for 2023 provides twice the number of local dimming zones as 2022's U8H models. (Image credit: Future)

U8K Series 

Last year’s U8H series paved the way for Hisense’s expansion into mini-LED, and the new U8K models for 2023 double-down on that tech with over 1,000 local dimming zones. Peak brightness is listed as 1,500 nits, but if the super-bright U8H model we tested in 2022 is any indication, that will prove to be a conservative spec.

Available in screen sizes ranging from 55 up to 85 inches (last year’s U8H series topped out at 75 inches), U8K series TVs will feature an anti-glare, low reflection screen. A built-in 2.1.2 audio system with up-firing speakers is another new addition, making it possible to hear Dolby Atmos soundtracks without a separate soundbar. The U8H series also features IMAX Enhanced and Filmmaker picture modes – two other features found throughout the 2023 Hisense mini-LED TV line.

U7K Series 

Last year’s U7H series featured a standard LED backlight, but that has been fixed this year on the U7K series with mini-LED backlighting on all screen sizes and up to 500 local dimming zones with a specified 1,100 nits peak brightness. U7H series TVs will be available in 55- to 85-inch screen sizes. 

U6K Series 

Available in 50- to 85-inch screen sizes, the U6K series will be Hisense’s high-value quantum dot models. They will also be affordably priced for TVs with a mini-LED backlight, with the 50-inch version selling for under $500. The U6K series will offer many of the same features found higher up the Hisense TV line, with a main difference being a display panel limited to 200-plus local dimming zones and a 60Hz refresh rate. 

• Check out all of TechRadar's CES 2023 coverage. We're bringing you all the breaking tech news and launches, everything from 8K TVs and foldable displays to new phones, laptops and smart home gadgets.

from TechRadar - All the latest technology news https://ift.tt/sDkuVGn