Western Digital’s My Cloud network attached storage (NAS) devices claim to offer an easy, all-in-one solution for storing your data at home. However, they might also be providing an easy, all-in-one solution for hackers to steal your data take control of your device. Western Digital was told about the vulnerabilities last year but has yet to patch many devices.
It's been clear for a while that the fixes for the Meltdown and Spectre memory vulnerabilities would slow down PCs, but just how bad is the hit, really? Microsoft has run some benchmarks, and it's unfortunately bad news if your system is less than fresh. While the patches for Meltdown and one variant of Spectre will have a "minimal performance impact," fixing a second Spectre variant through low-level microcode imposes a tangible speed penalty -- and it's particularly bad on systems released around 2015 or earlier.
Last year it was revealed that Vivo would be the first smartphone maker to integrate an in-display fingerprint scanner into a phone, and this year at CES the company has decided to show it off at the event in which the technology was demonstrated and tested out by those who attended the event.
Intel CEO Brian Krzanich used the opening of his Consumer Electronics Show keynote in Las Vegas on Jan. 8 to publicly comment on the recently disclosed Meltdown and Spectre security vulnerabilities that impact the majority of the world's CPUs.
Jan. 9 was originally intended to be the day that the Meltdown and Spectre CPU flaws were to be publicly disclosed, but media speculation led to a Jan. 3 disclosure of the critical flaws.
Meltdown and Spectre security risks affecting nearly every modern processor came to light last week, and now Apple has released a pair of software updates to address the Spectre vulnerability. iOS 11.2.2 and macOS High Sierra 10.13.2, while sparse in detail, are both now available for free on compatible devices.
On a cold Sunday early last month in the small Austrian city of Graz, three young researchers sat down in front of the computers in their homes, and tried to break their most fundamental security protections.
By: Adam Edmond
A breach of the Unique Identification Authority of India's Aadhaar biometric system is putting personally identifiable information (PII) of more than 1 billion Indian residents at risk, reports the Tribune, an Indian publication.
Attackers created a gateway to the biometric database, in which any Aadhaar user's ID number can be entered into a portal, the Tribune reports. Once the number is entered, it will pull up the resident's name, address, postal code, photo, phone number, and email address, according to the Tribune.
The Meltdown and Spectre flaws—two related vulnerabilities that enable a wide range of information disclosure from every mainstream processor, with particularly severe flaws for Intel and some ARM chips—were originally revealed privately to chip companies, operating system developers, and cloud computing providers. That private disclosure was scheduled to become public some time next week, enabling these companies to develop (and, in the case of the cloud companies, deploy) suitable patches, workarounds, and mitigations.
Security researchers warned of a serious vulnerability in a GPS service by the China-based firm ThinkRace exposes sensitive data in scores of GPS services, more than two years after the hole was discovered and reported to the firm. (Update: added comment from John van den Oever, the CEO of one2track B.V – PFR 1/3/2018)
