Best iPhone 13, iPhone 13 Pro, and iPhone 13 Pro Max Cases of 2024 - CNET

Here are our picks for the best iPhone 13, iPhone 13 Pro and iPhone 13 Pro Max cases for 2024.

from CNET https://ift.tt/ZwRVx7e

Stop Asking Me If You Should Wait to Buy a House. I'm Just a Real Estate Agent - CNET

If you're always waiting for the perfect scenario to buy, you'll never seal the deal.

from CNET https://ift.tt/GzJDy35

Latest Tech News

How often do you read through terms and conditions, EULA’s and privacy policies? Although we know we should scour the fine print, it’s something few of us ever bother to do, and certainly not fully.

Non-profit organization Tax Policy Associates wanted to prove how pointless these documents are, and so in February 2024 added a line to its privacy policy, offering a “bottle of good wine” to the first person who spotted the offer and got in touch.

After three months of nobody noticing the addition, the reward was finally found by someone who chanced upon it after looking at several examples of privacy policies online to get an idea of how to create their own.

Not the first time

The organization's head, Dan Neidle, shared the story on X and told the BBC it was "my childish protest that all businesses have to have a privacy policy and no one reads it. Every tiny coffee shop has to have a privacy policy on their website, it’s crazy. It’s money that’s being wasted."

In its coverage, which was the most read story on the site, the BBC pointed out that any company that holds personal data, “including small businesses and charities”, has to have a privacy policy under the UK's General Data Protection Regulation 2018 (GDPR).

This is actually the second time that Tax Policy Associates has made a sneaky addition to its privacy policy. The first time it took four months to be found. "We did it again to see if people were paying more attention and they’re not," Neidle told the BBC.

The writing in the firm's privacy policy has since been changed following the discovery and now says, "We know nobody reads this, because we added in February that we’d send a bottle of good wine to the first person to contact us, and it was only in May that we got a response."

If you're wondering what counts as a "good" bottle of wine in this instance, the answer, according to the BBC, is a Château de Sales 2013/14, Pomerol.

Our ongoing experiment into whether anyone reads website T&Cs continues. We put this in our terms back in February. Just got claimed. pic.twitter.com/N7k3weTuA9May 9, 2024

See more

More from TechRadar Pro

• User privacy must come first with biometrics
• DuckDuckGo offers an all-in-one privacy package
• Microsoft adds swathe of new privacy-focused tools

from TechRadar - All the latest technology news https://ift.tt/2cOnyeH

The 8 Best Indoor Smart Gardens for 2024 - CNET

We tested the best indoor gardens to find the right model for any gardener. Whether you're growing microgreens or a whole salad, you'll find the perfect indoor gardening system.

from CNET https://ift.tt/6L3JfTG

Best Cordless Drill of 2024 - CNET

We've tested the best cordless drills available, so you can find the perfect tool for you.

from CNET https://ift.tt/hMzjygp

Best Amazon Deals: Save Right Now on Outdoor Gear, Tech Gadgets and More - CNET

The merry month of May brings all kinds of great deals, on everything from wireless chargers to AirTags to inflatable paddleboards.

from CNET https://ift.tt/6pADHTJ

Buying a House? Ask These Questions Before You Close - CNET

These 13 questions can help you determine if you’re buying your dream house or a money pit.

from CNET https://ift.tt/NcV4fxr

Latest Tech News

Academic researchers from multiple universities recently discovered a new Spectre-like method of extracting secrets from modern Intel processors. However, Intel says that the original Spectre mitigation fixes these flaws, too.

A group of researchers from the University of California San Diego, Purdue University, UNC Chapel Hill, Georgia Institute of Technology, and Google, discovered that a feature in the branch predictor called the Path History Register (PHR) can be tricked to expose sensitive data. 

Thus, they dubbed the vulnerability “Pathfinder”.

Extracting AES encryption keys

"Pathfinder allows attackers to read and manipulate key components of the branch predictor, enabling two main types of attacks: reconstructing program control flow history and launching high-resolution Spectre attacks," Hosein Yavarzadeh, the lead author of the paper, told The Hacker News.

"This includes extracting secret images from libraries like libjpeg and recovering encryption keys from AES through intermediate value extraction."

For those with shorter memory, Spectre was a side-channel attack that exploited branch prediction and speculative execution in processors, allowing attackers to read sensitive data in the memory. 

PHR’s job is to keep a record of the last branches taken. It can be fooled to induce branch mispredictions and thus cause a victim program to run unintended code paths. As a result, sensitive data gets exposed. 

In the research paper, the academics demonstrated extracting the secret AES encryption key, and leaking secret images during libjpeg image library processing.

Intel was tipped off in November last year, and released a security advisory addressing the findings, in April this year. In the advisory, Intel said that Pathfinder builds on Spectre v1, adding that the previously released mitigations address this problem, as well.

AMD’s silicon seems to be immune to Pathfinder, the researchers concluded.

Those interested in learning more can read the entire paper on this link. 

More from TechRadar Pro

• A customer managed to get the DPD AI chatbot to swear at them, and it wasn’t even that hard
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

from TechRadar - All the latest technology news https://ift.tt/rwl0aWF

Best Mattress Deals: Early Memorial Day Sales Offer $2,000-Plus Discounts - CNET

Casper, Helix, DreamCloud, Bear and others make up these early Memorial Day mattress deals.

from CNET https://ift.tt/9NBL6eO

Latest Tech News

BIG-IP Next Central Manager (NCM), a centralized management and orchestration platform for F5’s BIG-IP product family, was vulnerable to two major flaws which allowed malicious actors to take over its managed assets.

The bugs, which have since been patched, are described as an SQL injection vulnerability, and an OData injection vulnerability. 

They are tracked as CVE-2024-26026 and CVE-2024-21793, and are found in the NCM API. By abusing these bugs, threat actors could run malicious SQL statements on vulnerable endpoints from a distance.

Thousands of potential victims

Cybersecurity firm Eclypsium found and reported the flaws, and the researchers also published a proof-of-concept exploit, which demonstrates how a rogue admin account, created by an attacker, remains invisible in the Next Central Manager, granting persistence on the vulnerable endpoint.

"The management console of the Central Manager can be remotely exploited by any attacker able to access the administrative UI via CVE 2024-21793 or CVE 2024-26026. This would result in full administrative control of the manager itself," the researchers explained. "Attackers can then take advantage of the other vulnerabilities to create new accounts on any BIG-IP Next asset managed by the Central Manager. Notably, these new malicious accounts would not be visible from the Central Manager itself."

F5’s NCM allows IT teams to manage devices such as application delivery controllers (ADCs), firewall solutions, and other network appliances. It provides capabilities for configuration management, policy enforcement, monitoring, and reporting across distributed environments. According to Shodan’s figures, there are more than 10,000 F5 BIG-IP devices with open management ports.

F5 also shared a workaround for admins who are unable to install the patch at this time. Per the company’s instructions, restricting Next Central Manager access to trusted users over a secure network sorts out the problem

There is no evidence of in-the-wild exploitation, Eclypsium confirmed.

Via BleepingComputer

More from TechRadar Pro

• This cloud security software used by many enterprises is being hacked, so patch now
• Here's a list of the best firewalls around today
• These are the best endpoint security tools right now

from TechRadar - All the latest technology news https://ift.tt/tT8fpO9

Best Portable Mini Bluetooth Speakers for 2024: Top Compact Waterproof Wireless Speakers - CNET

Here are our picks of the best small Bluetooth speakers for great audio on the go, many of which cost less than $100.

from CNET https://ift.tt/khKblyY

Latest Tech News

We love crazy tech projects here at TechRadar Pro - Some of our recent favorites include an enthusiast getting ChatGPT to run on a NAS, and the person who transformed AMD's Ryzen 7 5800X3D processor into a storage device with read-write speeds to rival some of the best SSDs.

The latest idea to cross our desks comes from Gabriel Ferraz, a computer engineer and TechPowerUp's SSD database maintainer, who turned a 512GB QLC SATA III SSD into a 120GB SLC one.

You probably know this, but just as refresher, SLC NAND holds one bit of data per cell, resulting in faster data writing, lower power consumption, and higher cell endurance than QLC NAND which stores four bits per cell. QLC NAND is denser and cheaper, but with the downside of compromised longevity and speed.

3000% endurance increase

Ferraz's idea was to trade capacity for massively improved performance and endurance. He took 512GB a Crucial BX500 SSD which has a Silicon Motion SM2259XT2 controller and NAND flash dies from Micron. Using an app called MPtools for the Silicon Motion SM2259XT2 controller, he identified the precise die used in the SSD and inputted in new die reference numbers.

Was it worth it? Well, while Ferraz lost a lot of drive space, he says “the SSD endurance jumps to 4000 TBW (write cycles), which is about a 3000% increase. Additionally, performance increased as well.”

Ferraz explains his process here, and you can also watch him perform his clever trick in the video below, which includes benchmarking results.

More from TechRadar Pro

• These are the best SSDs available now
• 2PB SSD storage in your computer? Why not
• 1200TB SSD modules are in the pipeline thanks to Pure Storage

from TechRadar - All the latest technology news https://ift.tt/2n9ZR3g

Disney Plus to Add a Tile for ESPN Later This Year - CNET

The move follows the streaming service's addition of a Hulu tile.

from CNET https://ift.tt/0hI2Jaf

Latest Tech News

Nvidia has transformed into an AI superpower, becoming the third most valuable company in the world off the back of it, so it's perhaps no surprise other tech giants are looking on in envy and shifting their focus to follow suit.

During its recent earnings call, Samsung reported a consolidated operating profit of $4.8 billion in Q1 - a tenfold increase YoY - and company executives revealed a change in focus going forward. 

The plan is now to concentrate on producing HBM and DDR5 memory and high-capacity SSD chips for the enterprise market, rather than targeting consumer PCs and mobile devices.

Meeting demand

"We plan to increase supply of HBM chips in 2024 by more than threefold versus last year," Kim Jae-june, Samsung’s memory business vice president, said on the call, reported the Korea Economic Daily. “We have already completed talks with our clients on this year's supply of HBM chips. In 2025, our HBM chip production will double from this year. Our talks on the 2025 volume with our customers are also going well.”

Samsung, currently ranked 23 in the world, has already invested heavily in HBM but currently trails behind its archrival, SK Hynix, in this area. SK Hynix recently announced plans to construct the world’s largest chip factory and has begun a partnership with Taiwanese foundry TSMC to produce HBM4.

Samsung said it anticipates a 50% increase in server DRAM production in Q2, and double output of server SSD in terms of bit growth. The company believes robust demand for AI chips will continue and stretch chip supplies throughout the year.

The South Korean tech giant also revealed it will commence mass production of its 8-layer HBM3E chips this month.

More from TechRadar Pro

• Nvidia planning to focus on AI, leaving consumers behind
• Samsung to showcase 280-layer QLC NAND flash memory chip
• Nvidia's AI dominance will be the death knell for its GeForce graphics cards

from TechRadar - All the latest technology news https://ift.tt/5NlTV9i

Latest Tech News

A prominent hardware leaker has alleged that while Thunderbolt 4 will come as standard for Intel Core Ultra 200 CPUs on Z890, that the upcoming CPU generation will miss out on Thunderbolt 5. 

As spotted by Videocardz, hardware leaker Golden Pig Upgrade has claimed that Intel Arrow Lake will miss out on Thunderbolt 5 support for Z890 motherboards after all, despite its unveiling last year. If true, it's disappointing news considering that Intel 14th Gen missed out on Thunderbolt 5 at release, too. 

As a frame of reference, both Thunderbolt 3 and Thunderbolt 4 are capped at 40 Gbps which means there's no great increase in the two technologies despite their seven-year age gap. In contrast, Thunderbolt 5 can achieve double this at 80 Gbps which can be increased to 120 Gbps through Bandwidth Boost. 

Also alleged by Golden Pig Upgrade is that Ultra Core 200 CPUs will feature just four Xe cores baked onto the chip which is half of what's currently available through Meteor Lake for laptops. This is unlikely to be too big a deal considering most (if not all) users will pair the processor with one of the best graphics cards, but it's worth noting. 

We can take the alleged specs for the Arrow Lake flagship as a point of comparison. It's believed that the Intel Core Ultra 9 285K will feature 24 cores and 24 threads with a maximum boost clock of up to 5.5 GHz and a 125W TDP. In contrast, the current-generation Intel Core i9-14900K features 24 cores and 32 threads up to 6 GHz. It's certainly a different approach moving to Disaggregated architecture from Hybrid.

Not the best impression for Arrow Lake 

Should Intel Arrow Lake miss out on Thunderbolt 5, that would mean that we would likely have to wait until Lunar Lake in laptops and Panther Lake in desktops to get ahead. 

The new connectivity standard would mean not only increased bandwidth for external GPUs and SSDs but also boosting higher resolutions and framerates of up to 540Hz and enhanced multi-monitor in 4K and 8K (via Intel). 

You may also like...

• With iPads leading and AI teasing, this could be the strangest Apple event ever
• Microsoft just gave us a first look at the future of its DNS services
• Five ways to keep up with the AI revolution

from TechRadar - All the latest technology news https://ift.tt/VTobvul