Sofia Elizabella Wyciślik-Wilson

It seems that the Spectre and Meltdown vulnerabilities saga is never-ending, and now there are two new related CPU flaws to add to the mix. Dubbed Spectre 1.1 and Spectre 1.2, the vulnerabilities (CVE-2018-3693) exploit speculative execution and can modify data and bypass sandboxes.

Two security researchers have disclosed details of the new vulnerabilities, both of which have the potential to leak sensitive data. By tinkering with the speculative execution processes of Intel and ARM CPUs, it would be possible to use malicious code to extract information such as passwords and crypto keys.

Continue reading →

Over the coming week, you may well notice that you lose a number of Twitter followers. Don't worry, it's (probably) not the result of something you said -- Twitter is having a spring clean and is cutting locked accounts from follower numbers.

The company says that the change is being introduced so that everyone's follower counts are "meaningful and accurate" and that they are something people can have confidence in. So just how many followers are you likely to lose?

Continue reading →

The security breach suffered by Timehop on July 4 was much more serious than the company first thought. In an update to its original announcement, the company has revealed that while the number of account affected by the breach -- 21 million -- has not changed, the range of personal data accessed by hackers is much broader.

Timehop has released an updated timeline of events, having initially felt forced by new GDPR rules to publish some details of the breach before all information had been gathered. The company says that it is also unsure of where it stands with GDPR, and is working with specialists and EU authorities to ensure compliance.

Continue reading →

There's a new version of Ubuntu on the block -- Minimal Ubuntu. It's been stripped right back to the bone to leave a tiny footprint, and these back Linux distros  should boot 40 percent faster than a standard Ubuntu server image. Despite the reduced footprint size, Minimal Ubuntu retains all of Ubuntu's standard tools (such as ssh, apt and snapd) and maintain full compatibility.

Designed for cloud developers and ops, Canonical says that the release is intended for completely automated operations, and as such much of the user-friendliness has been stripped out, but it's still ideal for used in KVM, Google Computer Engine and AWS.

Continue reading →

Three Arch Linux packages have been pulled from AUR (Arch User Repository) after they were discovered to contain malware. The PDF viewer acroread and two other packages that are yet to be named were taken over by a malicious user after they were abandoned by their original authors.

A user by the name of xeactor took ownership of acroread and tweaked the source code of the package, lacing it with malware. In this particular instance there were no major consequences, but it highlights the security issues associated with user-submitted software.

Continue reading →

For a little while now it has been thought that the P in Android P stood for Popsicle -- based largely on speculation and the fact Google shared some popsicle-related images on Instagram. But it seems that this is wrong.

A new leak -- this time courtesy of Huawei -- suggests that Google has gone with a nutty theme for the upcoming Android 9.0.

Continue reading →

Chrome's Incognito Mode is handy for those times you want to hide your browsing history from others on a shared system -- whether it's because you want to keep a birthday gift secret, or there are just sites you visit that you’d rather keep private.

Now the same feature is coming to YouTube. Having already undergone a period of testing, Incognito Mode is rolling out to Android users around the world, making it easy to hide evidence of the videos you have been watching, or the type of content you have been searching for.

Continue reading →

Apple is working away on iOS 12 at the moment, but it's still pushing out updates for iOS 11. As promised just a few weeks ago, a new update aims to block the use of iPhone passcode cracking tools, such as those used by law enforcement. But the patch has already been found to be flawed.

The latest update to iOS introduces a new USB Restricted Mode which is supposed to prevent the Lightning port of an iPhone or iPad being used to transfer data an hour after the device is locked. However, security researchers discovered that it is possible to bypass this security feature by plugging in an "untrusted USB accessory" -- and Apple sells such a device for just $39.

Continue reading →

There might be interest in a Surface Phone, but for now there's the Surface Go to enjoy. Revealed late yesterday, the Surface Go is described as Microsoft's "smallest, lightest Surface yet" -- and it's available to pre-order right now.

Unfortunately, there's no discount for jumping on a pre-order, but if you're quick, you should be able to guarantee that you'll get one when it launches on August 2. The tablet will cost you $399, but you'll need to purchase a Signature Type Cover separately if you want to type rather than using the on-screen keyboard, and a Surface Pen if you like the idea of stylus operation.

Continue reading →

Google continues to expand the capabilities of Google Pay, and today the company launched a new series of updates. Catching up with the likes of Apple Pay, Google's own digital wallet can now be used to store boarding cards and tickets.

While this is something that is already catered for by other apps -- such as those from airlines and box offices -- Google is clearly hoping that its "everything under one roof" approach will attract users. In addition to the new ticketing option, Google Pay is also combining the Google Pay and Google Pay Send apps.

Continue reading →

Today Samsung is opening what it describes as the world's biggest mobile phone manufacturing facility. The factory is opening in India as the South Korean giant looks to take advantage of the fastest-growing mobile market.

Located in Noida on the outskirts of New Delhi, the new facility will give Samsung the ability to output handsets at an unprecedented rate -- said to be up to 120 million smartphones a year.

Continue reading →

It's not all that long since fitness app Strava caused something of a security nightmare by inadvertently revealing the locations of numerous secret military bases. Now another app -- Polar Flow this time -- has gone a step further and revealed the names and home addresses of nearly 6,500 users.

A joint investigation by Bellingcat and Dutch journalism platform De Correspondent found that the app is "revealing the homes and lives of people exercising in secretive locations, such as intelligence agencies, military bases and airfields, nuclear weapons storage sites, and embassies around the world".

Continue reading →

Timehop -- the social network for those who like to reminisce -- has revealed that it fell victim to a security breach on Independence Day. The attacker managed to access an internal database stole the personal data of 21 million users from Timehop's Cloud Computing Environment.

The vast majority of those affected by the "security incident" (as Timehop refers to it) had their names and usernames exposed, but for nearly a quarter of them -- 4.7 million -- phone numbers were also exposed. The hacker also took access tokens which could be used to view users' posts.

Continue reading →

Seagate is no stranger to the world of SSDs, but it has shied away from the consumer market in this area, choosing instead to focus on the enterprise market. Now that changes.

The company has launched a new consumer-grade SSD -- the BarraCuda SSD -- aimed squarely at the home consumer looking to give their PC or laptop a boost by making the switch to a solid-state drive. Starting at $75, pricing is highly enticing... but there is a slight catch.

Continue reading →

Twitter has revealed that in May and June it suspended more than 70 million accounts as it continues its battle against trolls, fake profiles, bots and abuse.

Closing down over a million accounts a day means that Twitter has more than doubled its rate of clamping down since October, and the suspension rate is continuing into this month. The company confirmed the figures to the Washington Post, but refused to comment on what this might mean for overall user numbers.

Continue reading →