Ben ponders hot carbonated drinks, Bios update security fail, new Element names, trademark on “thankyou”, Microsoft+LinkedIn, some Apple news and other GeekNews of the week.
The December 26, 2015 episode of GeekSpeak: Transforming Human Perception with Kara Platoni had more discussion on Taste.
The LiveUpdate feature installed on ASUS devices queries the ASUS servers for new updates via unencrypted HTTP requests, easy to intercept and spoof.
On the other side of the query proces, the ASUS servers reply to these queries in HTTP as well, using obfuscated XML files, which are also easy to reverse-engineer and duplicate.
ASUS LiveUpdate doesn’t verify the validity of the response it receives from the server in any way, and it will also install any software it receives without checking its source or content.
Since LiveUpdate can deliver anything from USB drivers up to BIOS /UEFI firmware, an attacker only needs to have the patience to wait for a user’s laptop to query for updates before delivering their malicious code.
This isn’t finalized, but these are the proposed names that will substitute for the current placeholders (e.g., ununpentium, ununseptium). Nilhonium, Moscovium, and Tennesine are all named for places; Oganessen is named for the Russian physicist Yuri Oganessian.
But we all know scientists are bad at naming things, and we have until November to lobby for other names. Here are some suggestions
In its lawsuit, the financial institution says AT&T is infringing Citigroup’s intellectual property because of AT&T’s brand new marketing campaign
Microsoft Corp. (Nasdaq: MSFT) and LinkedIn Corporation (NYSE: LNKD) on Monday announced they have entered into a definitive agreement under which Microsoft will acquire LinkedIn for $196 per share in an all-cash transaction valued at $26.2 billion, inclusive of LinkedIn
Reddit user FiletOfFish1066 just got fired from his programming job. The reason and circumstances will completely blow your mind, though. FiletOfFish1066 (FOF) worked at a well-known tech company in the Bay Area and for six full years did nothing except play League of Legends, browse Reddit, work out in a gym, and basically do whatever he felt like doing. Guess how much his company paid him to basically do nothing for a full six years? $95,000 per year on average.
APFS looks to be a major update over Apple
But now a Berkeley, California man wants to start a robust conversation among ethicists, philosophers, lawyers, and others about where technology is going
Two researchers from the University of Illinois at Urbana-Champaign have devised a method for turning vibration motors, like the ones found in smartphones, into makeshift microphones, capable of recording the sound around them.
Today’s launch of Firefox 47 means the E10S version, Firefox 48, has reached the beta stage. With Electrolysis, Firefox will finally be able to use two or more processes at once…. the main problem being that it breaks a lot of extensions
Craig Federighi gave his familiar nod to privacy, emphasizing that Apple doesn
This great episode of Linear Digressions covers that Netflix “anonymized” data release that researchers were able to de-anonymize via use of IMDB.
