‘Guessing Attack’ Bypasses Credit Card Security in 6 Seconds; WTF is AI? Find out what your web browser is telling websites about you; How to shop online and stay secure; The Best iPad Apps of 2016; Uber now monitors where you go after a ride, but you can stop it; Free data platforms: How to choose a good one; Android Security Bulletin November 2016: What you need to know; How to reinstall Windows 10 without any bloatware; Gifts for people who like to fix things – and much more news you need to know.
‘Guessing Attack’ Bypasses Credit Card Security in 6 Seconds – December is always a very busy time for the banks and credit card companies as we all scramble to purchase presents in time for Christmas. But it’s also a boon period for fraudsters who are trying to steal those precious card details. And now it seems, they can “guess hack” a credit card in mere seconds. A team of researchers at Newcastle University discovered two weaknesses in the way online transactions are verified using the Visa payment system. Neither weakness is of much use alone, but when used together, an attacker can recover a credit card’s security information in as little as six seconds.
How to shop online and stay secure – It’s that time of year again: Soon we’ll begin scouring the internet to find the lowest prices for holiday gifts. As a savvy online shopper, you’ll visit multiple websites to find the perfect deal, usually creating accounts with your credit card and other personal information. But when it’s time for checkout, don’t make the same mistakes I did. Protect yourself and your password.
Find out what your web browser is telling websites about you – Interested in knowing what information a website has access to about you as soon as you visit a page? Here are a couple of websites that will show you what information you are leaking as you browse the internet.
WTF is AI? – These days, AI is a term applied indiscriminately to a host of systems, and while I’d like to say that many stretch the definition, I can’t, because AI doesn’t really have a proper definition. Roughly speaking, we could say that it is a piece of software that attempts to replicate human thought processes or the results thereof. That leaves a lot of wiggle room, but we can work with it. You have AI that picks the next song to play you, AI that dynamically manages the legs of a robot, AI that picks out objects from an image and describes them, AI that translates from German to English to Russian to Korean and every which way. All of these are things humans excel at, and there are vast benefits to be gained from automating them well.
Jim Hillier: What are the Best PC Specs for You – Whenever someone asks me to build a custom machine for them, my first and most important question is always… “what will you be using it for?”. While some users might be financially comfortable enough to be unconcerned about price, most of us are subject to budgetary constraints and there’s not much point in paying a premium for high-end specs which are never going to come into play. So, the first and primary consideration should always be best value for the dollar. However, at the same time, you should, where budget allows, also factor in future-proofing… in other words, make sure your system implements as much of the latest available technology as possible.
The Best External Hard Drives of 2016 – Whether you need a sit-on-your-desk backup solution or a drive you can slip into a pocket to shuttle files, these top-rated external hard drives have your storage needs covered.
Flash’s slow death continues with Chrome 55 – Google is continuing its plan to phase out Flash in favor of HTML5 today by launching Chrome 55. With this new update, many sites around the web will begin defaulting to HTML5 instead of Flash. There are a few exceptions, but Chrome 55 largely implements the measures Google laid out earlier in the year.
The Best iPad Apps of 2016 – According to Apple, more than a million dedicated iPad apps have been released worldwide. The right app can transform the iPad, regardless of its size, into nearly anything you desire. Want to look for a job? Download the LinkedIn app. Want to whip up phat beats during the subway commute? Download GarageBand. Any task you want to do, there’s probably an app for that.
How to reinstall Windows 10 without any bloatware – Windows 10 actually has the ability to install just the OS without any additional software.
How to Turn on Cortana by Voice in Windows 10 – Microsoft’s Cortana voice assistant is an integral part of Windows 10. But normally, to pose a question or command, you first have to click on the microphone icon next to Cortana’s “Ask me anything” field just to wake it up. But why bother clicking on something when you can use your voice? Through Microsoft’s “Hey Cortana” feature, you can get the attention of the voice assistant just by saying “Hey Cortana,” and segue into your converation seamlessly. Let’s see how this works.
Microsoft Teams: The smart person’s guide – This comprehensive guide covers everything you need to know about the chat-based communication and collaboration platform Microsoft Teams.
Windows 10 Creators Update to include new accessibility features for braille, narration – The Creators Update for Windows 10 is still a ways off from its spring 2017 release, but Microsoft continues to share what’s in development and what users can look forward to. The latest blog post from the company details some of the accessibility features that will be included with the update, allowing the Windows 10 OS to be just as easy to use for those with disabilities.
$49 Windows tablets, $1,000 PC discounts, and 50% off Xbox games highlight Microsoft deals – Microsoft’s “12 Days of Deals” contain some hidden gems, including $1,000 off selected PCs, discounts on Groove Music and Xbox Live Gold, as well as sweet stocking stuffers. Here, we tell you what to buy and what to skip.
Report: Microsoft’s Home Hub will chase Amazon’s Alexa and Echo as a software service – A Windows Central report suggests that Microsoft is indeed developing a smart-home solution, though its Home Hub may be a Windows 10 service rather than a device.
5 new tricks for Instagram addicts – Instagram has been rolling out monthly updates that are changing the way you can use the photo-sharing app, including a new live video option that’s already available to some users.
iHeartRadio partners with Napster for on-demand music streaming – The streaming music market is already a crowded one, but that isn’t stopping iHeartRadio, the conglomerate behind over 800 US radio stations, from jumping in. With updates to both its iOS and Android apps this week, the service has debuted two new paid subscription plans that allow users to stream music on-demand, thanks in part to a new partnership with Napster.
Free data platforms: How to choose a good one – Free online tools for understanding data abound, each promising to help your business make sense of its data troves. But how to choose one? Here are the factors to consider.
Google Pixel camera bug: five workarounds that may solve the issue – Google’s newly released Pixel and Pixel XL smartphones are, in some cases, suffering from a serious camera issue that overlays magenta-colored streaks over images. This issue has been reported by Pixel owners over the last several weeks, and though Google is looking into the issue, there’s no solution at this time. However, some Pixel owners report finding troubleshooting techniques, of which these are the five most successful methods.
This Guy Built a Fake News Detector, Then Facebook Blocked It – Last night, TechCrunch ran a story purporting that Facebook was showing certain users red warning labels above fake news links. But as it happens, this wasn’t Facebook’s doing at all, but rather the work of a Chrome plugin called B.S. Detector, made by activist and independent journalist Daniel Sieradski. If that irony wasn’t interview-worthy enough, with the backdrop of an ongoing public crisis over Facebook’s involvement in fake news, the social network appears to have just actually just banned the plugin, according to Sieradski.
2016 Christmas gift guide: Gifts for people who like to fix things – If you’re in the business of repairing PCs, smartphones, or tablets, then you need the tools to help you get the job done in a fast, efficient, and safe way.
The Hottest Tech Toys for Kids – Every year, as the holidays roll around, children’s hearts are filled with joy and anticipation. Adult hearts, in turn, are filled with fear and trepidation. After all, how would you know if that DIY robot is a better buy for your youngster than that hoverboard all her classmates have been talking about? And even as junior yearns for that gizmo with the flashing lights and incessant music, is it really appropriate for their age? The choices are endless, the decisions daunting. Fear not, PCMag has you covered.
Android Security Bulletin November 2016: What you need to know – How did Android fare in the November Security Bulletin? It may come as no surprise to learn that our old friend the Mediaserver has returned with a critical vulnerability. We also see some new entries in the mix. Let’s dive in and see what’s what.
Jim Hillier: Is Your VPN Leaking – With the dramatic increase in tracking online activity, more and more users are turning to VPNs (Virtual Private Networks) to help mask their identity and whereabouts. The general expectation with VPNs is that they provide absolute privacy/anonymity, however, that is not always the case. Some VPNs will actually leak real IP and DNS addresses which, of course, negates the entire reason for using a VPN in the first place.
Uber now monitors where you go after a ride, but you can stop it – Uber now keeps track of where you go after your ride ends. The tracking spans the first five minutes after you reach your destination. The data gathered from this monitoring is used to improve Uber’s service, including pickups and drop-offs. If you, like many users, aren’t happy about being surveilled by the Uber app, you can disable the feature before your next trip.
Blame the ISPs rather than the routers – That its a new variant of Mirai, makes for sexy for headlines, but is not important. That five million devices may be vulnerable is also not important. And, It’s pretty much irrelevant that the buggy routers were produced by Acadyan and Zyxel. The most important issue in this latest router attack is that most of the blame falls on the Internet Service Providers (ISPs). The routers were attacked on TCP port 7547, which is used by the TR-069 protocol (also known as CWMP or CPE WAN Management Protocol). Leaving port 7547 open would have been a non-issue if the ISPs had made better decisions. Its the network equivalent of not wearing seat belts. No surprise then, that customers were eventually thrown through the front window.
There’s a new DDoS army, and it could soon rival record-setting Mirai – For almost three months, Internet-of-things botnets built by software called Mirai have been a driving force behind a new breed of attacks so powerful they threaten the Internet as we know it. Now, a new botnet is emerging that could soon magnify or even rival that threat. The as-yet unnamed botnet was first detected on November 23, the day before the US Thanksgiving holiday. For exactly 8.5 hours, it delivered a non-stop stream of junk traffic to undisclosed targets, according to this post published Friday by content delivery network CloudFlare. Every day for the next six days at roughly the same time, the same network pumped out an almost identical barrage, which is aimed at a small number of targets mostly on the US West Coast. More recently, the attacks have run for 24 hours at a time.
Remote management app exposes millions of Android users to hacking – Poor implementation of encryption in a popular Android remote management application exposes millions of users to data theft and remote code execution attacks. According to researchers from mobile security firm Zimperium, the AirDroid screen-sharing and remote-control application sends authentication information encrypted with a hard-coded key. This information could allow man-in-the-middle attackers to push out malicious AirDroid add-on updates, which would then gain the permissions of the app itself.
Researchers find a way to bypass the iOS activation lock – The researchers crashed the lock screen by inserting long strings in the Wi-Fi configuration settings.
Intel’s silence on Optane SSDs raises questions about launch and focus – There’s a lot of excitement about Intel’s superfast Optane SSDs, but products won’t be on shelves this year as the chipmaker had earlier promised.
In new lawsuit, Instacart shoppers say they were regularly underpaid – The Instacart lawsuit is one of several currently targeting so-called “sharing economy” startups, and they all get at the same question: can workers be accurately classified as independent contractors, or should they properly be designated as employees? In Instacart’s case, customers order groceries online, but those groceries are then picked up and delivered by the company’s shoppers. So, should those shoppers be treated as employees?
Volkswagen launches Moia, a new standalone mobility company – Volkswagen Group is making a significant bet on future mobility services with Moia, a new separate company that will exist under the VW umbrella of brands focused specifically on providing mobility solutions, including fleet-based commuter shuttles and, eventually, autonomous on-demand transportation.
Apple admits what caused your iPhone battery issue – Apple made a statement about the iPhone 6s this morning in China, adding details to a battery issue reported by users in China and the USA. This battery issue has affected a “small number of iPhone 6S devices,” said Apple. In addition to what was reported by Apple earlier, they’ve revealed details on the exact cause of the device switching off as it reaches 40% battery. It would seem that this is not a bug, but a sort of feature – as Apple says: “an iPhone is actually designed to shut down automatically under certain conditions.”
Apple Pay debuts in Spain with support for Mastercard and American Express – Apple Pay officially launched in Spain this week, making it the latest European nation to accept Apple’s contactless mobile payments service. It also comes shortly after similar debuts in Japan, New Zealand, and Russia. Using compatible iPhone models or an Apple Watch, Apple Pay will allow users to make fast and easy payments at 27 Spanish retailers simply by holding their device over an NFC terminal.
Pandora shares up 11% on acquisition report – Internet radio pioneer Pandora, saw its shares jump over 11% on Friday to $12.77, amid renewed acquisition speculation. A report from CNBC indicated that Pandora and SiriusXM are expected to discuss a possible purchase. The story cautions that there is “no assurance” that Pandora will reach a deal with SiriusXM or any other prospective buyers.
Games and Entertainment:
DirecTV NOW vs Sling TV vs PlayStation Vue: Streaming Showdown – The brave new world of live television is upon us, and it comes in three forms: PlayStation Vue, Sling TV, and DirecTV NOW. Having multiple products to choose from is never a bad thing, but it does require more leg work. Which service has the features you can’t live without? Is there some hard-to-find fine print you should know about? Does the service you’re leaning toward offer the best value for your money? We’ve answered all those questions and more.
‘The Last Guardian’ Is a Game About the Only Pure Thing in Life: Dogs – Have you ever seen a dog about to jump into a pool for the very first time? It’s one of life’s great pleasures. The dog’s excited and afraid. It paws at the water hesitantly, preparing to leap in, then backs away at the last minute, because who know knows what the hell is going on in there. Then it’ll come back because the water’s so enticing. This will go on until the dog finally finds the courage to take the leap and discover that the pool is pure ecstasy. I’ve never been as excited about anything in my life as much as a dog can get excited about a pool. The Last Guardian, which after a decade in development is one of the most hotly anticipated games ever, expertly recreates that marvelous sight, only instead of a dog it’s a giant bird-dog-dragon hybrid creature named Trico.
Watch Dogs 2 review: A fresh, interesting rebirth that ditches the stale Ubisoft formula – Watch Dogs 2 is as big a series-defining comeback as Assassin’s Creed II was back in 2009—and it does it by burning away all the worst parts of Ubisoft’s formula.
WWII fighter pilot game leans on Tuskegee Airmen’s legacy to get Kickstarter aloft – By gameplay concept alone, Iron Wings would be difficult to stand out from the crowd of Kickstarted video games begging for your dollar. It’s an air combat shooter proposed for PlayStation 4, Windows PC and Xbox One, and there have been plenty of those, through all periods of history, on consoles and PCs down through the years. What’s eye-catching about Iron Wings, by Messina, Italy-based Naps Team, is the cast: African-American pilots. And women. In World War II. It’s as if the studio — which dates to 1993 — understood how tough it would be to stand out using a bog-standard squadron of Allies, and the gameplay concepts they wish to introduce with Iron Wings wouldn’t be enough to set things apart.
FCC says AT&T, Verizon are violating net neutrality with sponsored data plans – This week the FCC sent letters to both AT&T and Verizon, stating that zero-rated data — plans and services that don’t count against users’ monthly allotment — is a violation of net neutrality rules. For AT&T, this applies to their new DirecTV Now streaming video service, and for Verizon it’s their own Go90 video service. The FCC’s wireless communications chief Jon Wilkins wrote that the telecoms’ practices “inhibit competition, harm consumers, and interfere with the ‘virtuous cycle’ needed to assure the continuing benefits of the Open Internet.”
Ars Cardboard’s 2016 board game gift guide – Whether your giftee is a longtime gamer or a brand new convert, Ars Cardboard is here with a list of games to please players of every stripe. We’ve broken your friends and family into tidy little categories and provided a main pick and some alternatives for each demographic. Our main picks focus on titles released in the last year or two, but we dug into some older titles for our expanded picks. To boot, most games on this list are friendly to tabletop newbies.
Off Topic (Sort of):
The biggest threat to artificial intelligence: Human stupidity – Thoughtless use of artificial intelligence could be much more dangerous than the super-intelligent digital villains of science-fiction.
Another Android update betrayal: when will we learn? – This week another Android device less than 2-years old has been announced to be at its end-of-life for Android updates. It is my opinion that this happens all too often – that while it isn’t necessarily Google’s fault this happens, it should be made more clear. Clarity should be the name of the game when it comes to the promise of a smartphone that’ll last. Clarity should be at the forefront of the presentation of a brand new smartphone – especially when it costs several hundred dollars.
Op-ed: Stop pretending there’s a difference between “online” and “real life” – Sometimes I get into one of those conversations about the Internet where the only way I can reply is to quote from The IT Crowd: “Are you from the past?” I say that every time someone asserts that the online world is somehow separate from real life. You’d be surprised how much this comes up, even after all these years of people’s digital shenanigans leading to everything from espionage and murder to international video fame and fancy book deals. But now that the U.S. has a president-elect who communicates with the American people almost exclusively via Twitter and YouTube, it’s really time to stop kidding ourselves.
How will Silicon Valley respond to Trump? – Capital founding partner Freada Kapor Klein isn’t happy. Klein, one of technology’s leading social activists and impact investors, has been “deeply troubled” by the election of Donald Trump. She is particularly disgusted by what she calls the “unleashing” of “horrific behavior” since the election, such as what she fears might even be the now acceptable use of the N word on the streets of San Francisco. So what can Silicon Valley do to respond to Trump? We need, Kapor Klein says, to “get out of our bubble”.
Something to think about:
“The government consists of a gang of men exactly like you and me. They have, taking one with another, no special talent for the business of government; they have only a talent for getting and holding office.”
– H. L. Mencken (1880 – 1956)
In Pursuit of Freedom – The Pushback Continues:
Snowden says Petraeus shared ‘far more highly classified material than I ever did’ – Edward Snowden blasted the US justice department in an interview with Yahoo News on Sunday, saying “we have a two-tiered system of justice in the United States” that allows the well connected to get off with light punishments.
Snowden, a fugitive and former NSA contractor who revealed the organization’s worldwide spying powers in 2013, pointed to the case of former CIA Director Gen. David Petraeus as evidence.
“Perhaps the best-known case in recent history here is General Petraeus who shared information that was far more highly classified than I ever did with journalists,” Snowden told Katie Couric, global news anchor at Yahoo. “And he shared this information not with the public for their benefit, but with his biographer and lover for personal benefit conversations that had information, detailed information, about military special access programs that’s classified above Top Secret, conversations with the president, and so on.”
Couric traveled to Moscow for the face-to-face interview, where Snowden remains in exile. The full interview will be available to view Monday on YouTube.