They're ALL vulnerable!?
TechLinked
·TechLinked
·2020-05-05
·
1,343 words · ~6 min read
0:00
this is the 200th episode of tackling did you even did you even know that your
0:03
hair's going white is it besides oh gosh
0:07
it's been that long eh researchers working for the center for
0:11
it security privacy and accountability aka cispa
0:17
have discovered a dangerous vulnerability that could allow a hacker
0:20
to snoop on the traffic going between bluetooth devices the flaw is known as
0:25
the key negotiation of bluetooth attack or knob
0:29
that's brutal yeah it is knob can force bluetooth devices to use
0:34
a decryption key consisting of only one byte which makes brute force decryption
0:39
attacks super easy device manufacturers have started rolling out patches for
0:44
knob including Intel apple blackberry
0:47
microsoft lenovo and more so don't be a bloody knob update your device you wanka
0:53
are we allowed to say wanker i think so fortunately the bluetooth news isn't all
0:57
bad today scientists at the university of california have developed an app that
1:01
can detect the bluetooth signature of credit card skimmers and gas pumps and
1:06
it found 64 skimmers across six states in one year so that's nice
1:10
see the world isn't so dark and horrible james there's good stuff happening
1:16
it's fine back to some bad news though surface pro
1:20
6's and surface book 2s are being crippled by a firmware glitch causing
1:24
the device's cpus to throttle down to 400 megahertz even the lowest spec
1:29
surface pro 6 with an Intel core i5 8520u runs at 1.6 gigahertz stock
1:36
that's four times the issue is apparently being caused by a system
1:39
component that thinks the CPU is running too hot so speeds are being throttled
1:43
there are also reports of users suffering from an inability to connect
1:46
to some wi-fi networks it's unclear whether they ask the starbucks employee
1:50
for the password some service owners have reported
1:55
unplugging their device from power helps while others say to install third-party
2:00
antivirus programs but the bug seems to have started off after a surface
2:04
firmware update on august 1st microsoft says they're aware of the issue and are
2:08
working on a firmware update to fix the faulty CPU temperature management should
2:12
have got a macbook pro yeah i think they're all throttled but
2:16
at least it's higher than 400 megahertz yeah you'll get way higher than that
2:20
well i mean you'll in a bad way
2:23
and facebook seems to be learning from all of its privacy breaching mishaps
2:27
just not in the way they should perhaps the
2:31
company is planning a number of pop-up cafes across the uk that will encourage
2:36
people to enjoy some free drinks take in some bland ikea decor and take part in
2:41
simple privacy checkups the objective is
2:44
reportedly to educate users about protecting their privacy online by
2:48
taking them through the privacy section of their facebook settings
2:52
facebook is the one to teach us about that why would i go in there
2:56
yeah because that's the problem facebook people don't know how to protect their privacy cambridge analytica harvesting
3:01
and exploiting the personal information of millions of users with facebook's help that's not that's not that's not
3:06
important oh sure i should have never installed
3:10
this service oh i should have never used facebook right now it's time for quick
3:14
bits brought to you by brilliance daily challenges brilliant believes that
3:18
becoming great at math science or computer science doesn't have to be dull
3:22
so they built a problem-solving website and app with over 50 interactive courses
3:26
chock-full of storytelling code writing and interactive challenges built for
3:31
ambitious and curious people like the scientific thinking course which helps
3:35
you develop a solid foundation in physics while playing with puzzles yay
3:39
they're a great compliment to watching educational videos that will help you master all kinds of technical subjects
3:43
and discover deep truths in unexpected places now that already sounds awesome
3:48
but you can also get 20 off a premium subscription by going to brilliant.org
3:53
techlink so go there or click the link in the description who knows what you
3:56
may find it's brilliant you'll find brilliant
4:00
look whether it's equipment or not i'm gonna say it
4:05
what alex folks we might have a GeForce rtx 2080 ti super on our hands if a new
4:11
listing in ida 64's change log is any indication down the hatches
4:16
it's a store there's a storm coming stock up on tv there's a reference to a
4:20
new graphics card designated GeForce rtx
4:24
t10-8 built on the tu-102 GPU the same
4:28
one used in the rtx titan rtx 2080 ti and the quadro rtx 8000 and 6000. now
4:34
why NVIDIA would do this remains unclear other than to just have another fancy
4:38
thing for rich people to buy oh that's it apple google and amazon all
4:43
suspended their human listening programs after it was discovered that user audio
4:47
is being recorded but microsoft is going to continue feeding audio from cortana
4:52
recordings to their contractors the company is only revising its privacy
4:56
policy to make it clear to users that their audio might be recorded and heard
5:00
by humans which choice yeah which is we
5:03
have so little data exactly it honestly makes more sense we know that the other
5:07
tech companies are going to resume the practice eventually if they haven't already
5:11
so it's it's kind of like cortana's the quiet girl in the back who everyone
5:15
ignores but who has something really interesting to say if you just let her let her speak up
5:20
for for god's sake man hi
5:24
actually security researchers at trend micro have identified 85 apps on the
5:29
google play store that were little more than fronts for adware the apps had 8
5:33
million installs between them and this is like the 18th story about removing
5:37
fraudulent apps with millions of installs oh they removed them i forgot
5:40
to say that google seems to really take an approved first ask questions later
5:45
type of approach with the play store another ar filter app it's probably fine
5:51
apple is suing a company called corillium for copyright infringement the
5:55
small startup provides emulation of iOS devices on desktop machines which
6:00
doesn't seem that bad but the problem as apple sees it is that corellium is
6:04
selling access to its emulated iOS devices for profit and encouraging users
6:09
to sell security flaws they find in iOS on the open market so as much as i hate
6:14
to say it apple might
6:18
be doing the right thing here
6:24
and our last quick bit is actually about the line detective's folding team
6:28
hey i do that yeah if you don't know folding refers to running the folding at
6:32
home client on your computer which helps scientists do research on how proteins
6:36
fold october is LTT folding month and by
6:39
participating you can win steam gift cards game keys and event badges on the
6:43
LTT forums i got those badges do you yeah i don't have it i don't think i
6:47
have anything i got no badges i need to get more badges
6:52
i can so if you want to use your computer for a good cause check the link
6:55
in the description trust me i said trust me it feels good but i
6:59
don't do it it's pretty easy but i will do it heat your house up james told me
7:03
to do it do it all right that's enough i'm over this 200 episode that's a
7:07
that's a fine amount right we can go on vacation we can cut it off there just
7:10
kidding we'll be back on monday and i see and i still love you what
7:16
i'm i'm happy to be here tech lakes back
7:20
all right