Stagefright 2.0 Exploits Android Vulnerabilities
Comments Off on Stagefright 2.0 Exploits Android Vulnerabilities
Newly found vulnerabilities in the way Android handles media files can allow attackers to compromise devices by tricking users into visiting maliciously crafted Web pages.
The vulnerabilities can lead to remote code execution on almost all devices that run Android, starting with version 1.0 of the OS released in 2008 to the latest 5.1.1, researchers from mobile security firm Zimperium said in a report published Thursday.
The flaws are in the way Android processes the metadata of MP3 audio files and MP4 video files, and they can be exploited when the Android system or another app that relies on Android’s media libraries previews such files.
The Zimperium researchers found similar multimedia processing flaws earlier this year in an Android library called Stagefright that could have been exploited by simply sending Android devices a maliciously crafted MMS message.
Those flaws triggered a coordinated patching effort from device manufacturers that Android’s lead security engineer, Adrian Ludwig, called the “single largest unified software update in the world.” It also contributed to Google, Samsung and LG committing to monthly security updates going forward.
One of the flaws newly discovered by Zimperium is located in a core Android library called libutils and affects almost all devices running Android versions older than 5.0 (Lollipop). The vulnerability can also be exploited in Android Lollipop (5.0 – 5.1.1) by combining it with another bug found in the Stagefright library.
The Zimperium researchers refer to the new attack as Stagefright 2.0 and believe that it affects more than 1 billion devices.
Since the previous attack vector of MMS was closed in newer versions of Google Hangouts and other messaging apps after the previous Stagefright flaws were found, the most straight-forward exploitation method for the latest vulnerabilities is through Web browsers, the Zimperium researchers said.
Zimperium reported the flaws to Google on Aug. 15 and plans to release proof-of-concept exploit code once a fix is released.
That fix will come on Oct. 5 as part of the new scheduled monthly Android security update, a Google representative said.
Source-http://www.thegurureview.net/mobile-category/stagefright-2-0-exploits-android-vulnerabilities.html
Qualcomm To Wirelessly Charge BMWs
Qualcomm has launched its new Official Safety Car for season two of the FIA’s Formula E Championship.
For those not in the know, the Formula E Championship is for electric cars, and they are no longer the milk floats that English people get stuck behind in narrow streets.
The new Official Qualcomm Safety Car is the BMW i8 but it will be charged wirelessly with an advanced Qualcomm Halo 7.2kW wireless charging system.
The Qualcomm Halo 7.2kW wireless charging system delivers twice the amount of energy to the BMW i8′s batteries per hour as compared to last year’s 3.6kW system.
This halves the full charge time, enabling the vehicle to fully charge in one hour. Employing Qualcomm Halo DD technology, with magnetic architecture optimization, ensures higher coupling coefficients and drives lower system currents, higher inefficiencies and the ability to support higher power levels.
A Qualcomm spokesman said that an open championship has encouraged teams to develop their own powertrain tech.
This ensures that the racing remains highly competitive, and it supports the goal of Formula E to advance the development of new technologies for electric vehicles and to bring those technologies, vital to sustainable mobility, to the attention of millions of people around the globe, a spokesman said.
Qualcomm’s general manager of wireless charging, Steve Pazol said Qualcomm was excited to continue its support of Formula E in this second season.
Source-http://www.thegurureview.net/computing-category/qualcomm-to-wirelessly-charge-bmws.html
Qualcomm Debuts NextGen Adreno
Qualcomm has announced its next-generation Adreno GPU architecture, promising major improvements to performance, power efficiency and user experience in its upcoming Snapdragon processors.
The first two GPUs available on the new architecture, the Adreno 530 and Adreno 510, will be available integrated with the forthcoming Snapdragon 820 and Snapdragon 620/618 processors, Qualcomm said, and are claimed to “maximize battery life”.
The new GPUs are the successors to the Adreno 4xx family and are claimed to be the “highest-performance GPU ever designed by Qualcomm”, providing 40 percent lower power consumption and 40 percent faster performance for graphics and GPGPU compute when compared with the Adreno 430.
They will also support OpenGL ES 3.1+ Android Extension Pack, Renderscript, as well as the new OpenCL 2.0 and Vulkan APIs.
Other features include support for 64-bit virtual addressing, allowing shared virtual memory and efficient co-processing with 64 bit CPUs, along with improved fine-grain power management, and new rendering, compositing and compression techniques to enable higher performance at lower power consumption and reduced DRAM bandwidth.
The chip company also announced a new 14-bit Qualcomm Spectra image signal processing (ISP) unit, which will also debut in the Snapdragon 820. It is designed to support DSLR-quality photography and enhanced computer vision, Qualcomm said.
This will bring better camera and imaging technology to upcoming Android devices, Qualcomm said, such as more natural skin tones via 14-bit dual ISP units supporting up to three simultaneous cameras – for example, one facing the user, and two rear facing – and up to 25MP at 30 frames per-second with zero shutter lag.
Qualcomm VP of product management Tim Leland said: “Qualcomm Spectra ISP, together with our Adreno 5xx-class GPU, brings an entirely new level of imaging to smartphones, and is designed to allow Snapdragon-powered devices to capture ultra-clear, vivid photos and videos regardless of motion and lighting conditions and display them with the color accuracy that nature intended.”
Devices based on Snapdragon 820 that feature the new GPU and ISP are expected to be available in the first half of next year.
The specs for Qualcomm’s upcoming Snapdragon 820 mobile processor leaked last week ahead of its rumored launch later in August.
The chip was expected to be officially unveiled later this month, but an analyst called Pan Jiutang let the cat out of the bag, posting some slides on Weibo on Wednesday that revealed pretty detailed specifications.
The slides might not be 100 percent legit, but are in line with many other rumors circulating at the moment, and most likely accurate. It shows that the Snapdragon 820 sports the newer Hydra CPU which is claimed to be 35 percent faster than Qualcomm’s current 810 processor.
This better use of power is a result of the chip’s new 14nm manufacturing process, which is much smaller than with the 20nm Snapdragon 810.
Will Qualcomm Give Some Workers The Boot?
Comments Off on Will Qualcomm Give Some Workers The Boot?
Qualcomm is undergoing major restructuring and one side-effect of the overhaul is that some 4,000 jobs might be slashed.
The company, according to our well informed industry sources, will announce this during the upcoming Qualcomm Q3 FY15 earnings conference call that Is scheduled for July 22. We could not find out which jobs will be affected, but we expect that the company will shad more light on it during the call.
In December 2014 the company announced that it would slash some 900 jobs and it ended up slashing roughly 1,500 jobs. This will be the first major announcement and it comes at a bad time, as the company’s sales numbers are not that great. Qualcomm lost its highest end customer, Samsung, and companies like HTC who are using the Snapdragon 810 are not too happy about company’s highest end SoC offering.
Qualcomm has around 31,300 employees, which is still not that much considering that Intel has some 100,000, but its main SoC competitor, MediaTek, has just over 10,000 employees making its operational costs much smaller.
If the number of employees 31,300 didn’t change in recent months, slashing 4,000 jobs would mean cutting the 12.8 percent of the workforce. This is a major adjustment, no question about it.
Still, we believe that the server division will start making some money in 2016 and the new Snapdragon 820 is expected to start shipping later this year. In the long run, the company is more than fine, it is just that the competitors have changed from Nvidia and Intel to MediaTek.
FCC Wants Carriers To Alert When IP Switching
July 22, 2015 by admin
Filed under Smartphones
Comments Off on FCC Wants Carriers To Alert When IP Switching
The U.S. Federal Communications Commission is backing a requirement that the country’s telecom carriers warn residential and business customers about plans to retire copper telephone networks for IP-based systems.
A proposal from FCC Chairman Tom Wheeler would also require telecom carriers retiring their copper networks to offer customers the option of purchasing battery backup systems so that they don’t lose voice service during an electrical power outage, officials said Friday. IP-based voice service depends on working Internet service, which, in turn, requires electricity.
The old copper-based phone service works without electrical service available at the customer’s address, and a loss of voice service during power outages is one of the major concerns of consumer groups as major telecom carriers move to retire their decades-old copper networks.
Wheeler’s proposal, likely to be voted on by the commission during its Aug. 6 meeting, would require telecom providers that are retiring copper to make battery backup systems with eight hours of standby power available to affected customers, either through the carriers themselves or for third-party retailers. Voice customers would have to pay for the battery backups, which now cost $40 and up, but they could choose whether or not they want the backup.
Most consumers and consumer groups in contact with the FCC wanted the option to purchase battery backup from sources other than carriers, an FCC official said. Requiring battery backup systems during VoIP installs could have discouraged customers from signing up for the service, he added.
Within three years, carriers would have to offer a battery backup option with 24 hours of standby power, under the rules proposed by Wheeler.
Telecom carriers retiring their copper would also have to alert customers that their old telephone service was going away. Telecom carriers currently aren’t required to notify customers, but under the proposed rules, residential customers would get a three-month warning, and business customers would get a six-month warning, agency officials said during a press briefing.
Telecom carriers would also have to notify interconnecting carriers of their copper retirement plans, and competitors using the existing copper to provide business voice and Internet services would be eligible to receive similar pricing deals from the large incumbent carriers, the FCC said.
PC Sales Continue The Downward Trend
Gartner is reporting the biggest slump in PC sales for almost two years. The second quarter report saw 68.4 million units shifted in the three-month period, a year-on-year reduction of 9.4 percent, and the steepest drop in seven quarters.
What’s more, the prediction is that the next quarter will see a further reduction of 4.4 percent.
It seems that the dislike of Windows 8, coupled with the impending arrival of Windows 10, has battered the sales of new PCs.
The fact that most PC users will be entitled to a free upgrade, coupled with the fact that chip and RAM technology haven’t moved on at a spectacular pace this year, has created a perfect storm among consumers who are waiting it out for their machines to be born again on 29 July (or 30, or 31, or possibly 1 August).
If you’re reading this and thinking ‘It’s just a dying market’ you’re not wrong, but you have only to look at today’s IDC figures to see that this really is made of Microsoft.
IDC is even more pessimistic than Gartner, quoting 66.1 million units, down 11.8 percent year on year.
But more importantly, when drilled down to the OEMs, you can see where the real problem lies. Apple is the only company in the top five not rooted in the Windows ecosystem.
It is also the only manufacturer to see a rise in its market share, and is now the fourth biggest vendor in the world, up 16.1 percent. Acer at number five has seen its share plummet by 25.9 percent.
Things were a bit rosier this time last year, because businesses were migrating away from Windows XP (not all of them, mind). This year, there’s no ballast and a lot of hesitation to see exactly how Windows 10 does before big orders start being deployed in enterprises.
“The price hike of PCs became more apparent in some regions due to a sharp appreciation of the US dollar against local currencies,” said Mikako Kitagawa, principal analyst at Gartner.
“The worldwide PC market experienced unusually positive desk-based growth last year due to the end of Windows XP support. After the XP impact was phased out, there have not been any major growth drivers to stimulate a PC refresh.”
IDC’s Loren Loverde, VP of worldwide PC trackers and forecasting, said: “We’re expecting the Windows 10 launch to go relatively well, though many users will opt for a free OS upgrade rather than buying a new PC.
“Competition from 2-in-1 devices and phones remains an issue, but the economic environment has had a larger impact lately, and that should stabilize or improve going forward.”
Meanwhile, Apple, despite having a tiny market share for its OS X operating system at just 7.5 percent, according to this month’s Netmarketshare figures, has managed to avoid being the winner or loser OEM by being the referee, which is a nice trick if you can do it.
Both analyst firms see the top three remaining as Lenovo, HP and Dell. Nothing to see there.
Qualcomm Has No Plans To Split
US chipmaker Qualcomm has told the world that it will not be dumping its “essentially useless chip making” business.
Hedge fund Jana Partners said in April that Qualcomm would make a pile more dosh if it just stuck to being a patent troll and stopped trying to flog “essentially worthless” chips.
Apparently Qualcomm thought about it. Executive Chairman Paul Jacobs the idea has been talked about for a long time, but came to the conclusion that the status quo contained a lot more “synergies.” Apparently synergies are a good thing to have about the place, particularly if you have a breeding pair.
Jacobs was less optimistic about Jana Partners’ idea which was apparently full of dis-synergies which might eat the synergies – or just diss them in public.
Executive Chairman Paul Jacobs said all this intensifying industry competition was not enough to spin off his chip business from its patent-licensing business.
Jacobs said, however, that the company is always evaluating its options and that the situation could change in the future, so maybe there a future for a Qualcomm troll walloping other companies with dis-synergies.
Qualcomm Strengthens IoT Lineup
Qualcomm is wedging its foot more firmly in the Internet of Things (IoT) door by announcing a range of moves to secure its position in the market.
The first announcement sees the firm expanding its Internet of Everything (IoE) platform with the addition of six new ecosystem providers: Ayla Networks, Exosite, Kii, Proximetry, Temboo and Xively by LogMeIn.
“This will further simplify the development of devices that use WiFi to connect to the IoE by increasing cloud service flexibility and making these solutions available in a broader global reach,” Qualcomm said.
Qualcomm has also introduced two connectivity solutions, the QCA401x and QCA4531, which bring WiFi capabilities to connect products across development platforms and “give customers an expedited and cost-effective path to deployment”.
The QCA401x is designed to ease manufacturer demand for increased computing and memory while lowering size, cost and power consumption, Qualcomm said.
It features a fully integrated micro controller unit with up to 800KB of on-chip memory and an expanded set of interfaces to directly interconnect with sensors, display and actuators, further reducing system cost, size and complexity.
The QCA401x also includes a suite of communication protocols including Wi-Fi, IPv6, and HTTP, as well as an advanced security feature designed to maximise security in IoT devices.
The QCA4531 is a low-cost turnkey solution that brings high-performance connectivity with a user-programmable Linux/OpenWRT environment.
It is designed to serve as an IoT node taking advantage of the Linux framework and as a hub to enable an IoT Ecosystem.
“As the [IoT] ecosystem expands, the QCA4531 is ideal for multi-protocol bridging and communication, bringing together multiple wireless medium and bridging between different ecosystems,” said Qualcomm.
The QCA4531 can function as an Access Point supporting up to 16 simultaneous devices, and is also power-optimised to enable appliances to meet international standards for energy efficiency.
The firm also banged on about the development of its subsidiaries Qualcomm Technologies, Qualcomm Atheros, Qualcomm Life, and Qualcomm Connected Experiences, and their progress across its range of IoT technologies.
Broadly, this includes an increased focus on providing better connectivity in the smart home with the AllSeen Alliance, as well as the development of more wearables in more countries, deploying more connected cars, more active engagements in smart city developments and partnering with more customers for connected healthcare.
“Driven by the significant growth and diversity of interconnected devices, Qualcomm companies are delivering the solutions and collaborating with technology leaders to empower manufacturers to create the best connected experiences in homes, businesses, cars and cities,” the firm said.
Qualcomm also announced additional features in its AllPlay smart media platform, including Bluetooth to WiFi re-streaming, custom audio settings and optimised synchronisation. The new AllPlay feature combines Bluetooth and WiFi for “whole home streaming”.
This means that all local or cloud-based music on a consumer’s smartphone can be streamed to any Bluetooth-compatible AllPlay speaker and then re-streamed over WiFi to multiple AllPlay speakers, all in sync.
This allows simple wireless connectivity to individual speakers or an entire home audio system over the user’s existing home WiFi network, providing an advantage over Bluetooth-only speakers which are limited to one-to-one streaming.
“The range and capacity of WiFi, coupled with the ubiquity of Bluetooth, is a game-changing combination for manufacturers and consumers alike,” said Sy Choudhury, senior director of product management at Qualcomm.
“AllPlay device manufacturers like Hitachi and Monster can now offer their customers more connectivity options and access to myriad streaming services throughout their home with this new capability.”
Qualcomm announced last month that it has teamed up with Dutch semiconductor maker NXP to bolster its near field communication offering, expanding the technology outside the smartphone and into IoT devices.
NXP’s embedded secure element will be integrated across Qualcomm’s Snapdragon 800, 600, 400 and 200 processor-based platforms.
The new offering features a module variant derived from the recently launched NXP PN66T NQ220 module, now named the NQ220.
Was Dropbox Really Hacked?
January 24, 2014 by admin
Filed under Around The Net
Comments Off on Was Dropbox Really Hacked?
Dropbox suffered a major outage over the weekend.
In one of the more bizarre recent incidents, after the service went down on Friday evening a group of hackers claimed to have infiltrated the service and compromised its servers.
However, on the Dropbox blog, Dropbox VP of engineering Ardita Ardwarl told users that hackers were not to blame.
Ardwari said, “On Friday evening we began a routine server upgrade. Unfortunately, a bug installed this upgrade on several active servers, which brought down the entire service. Your files were always safe, and despite some reports, no hacking or DDOS attack was involved.”
The fault occurred when a bug in an upgrade script caused an operating system upgrade to be triggered on several live machines, rendering them inoperative. Although the fault was rectified in three hours, the knock-on effects led to problems that lasted through the weekend for some users.
Dropbox has assured users that there are no further problems and that all users should now be back online. It said that at no point were files in danger, adding that the affected machines didn’t host any user data. In other words, the “hackers” weren’t hackers at all, but attention seeking trolls.
Dropbox claims to have over 200 million users, many of which it has acquired through strategic partnerships with device manufacturers offering free storage with purchases.
The company is looking forward to an initial public offering (IPO) on the stock market, so the timing of such a major outage could not be worse. Dropbox, which includes Bono and The Edge from U2 amongst its investors, has recently enhanced its business offering to appeal to enterprise clients, and such a loss of uptime could affect its ability to attract customers.
The Netbook Lives On
Tablets may be the hottest mobile devices on display at this year’s Computex. But netbooks still have a presence at the trade show, and vendors are coming out with several new models that will hit the market this year. Their low cost will continue to drive sales, analysts said.
PC maker Asus, a pioneer of the netbook concept, unveiled two new models at Computex. The Asus Eee PC 1025 C and 1025 CE are Windows netbooks that will launch worldwide in the fourth quarter of this year. Priced at $299, the devices are built with an “instant on” feature that allow users to resume Windows in two seconds from sleep mode.
The other Asus netbook that has caught some attention is the Eee PC X101, which runs Intel’s MeeGo mobile operating system. The device will launch worldwide in July and cost $199. Asus will also be releasing a Windows 7 version of the netbook that will cost between $240 and $250.
Asus’ rival Acer is also showing a low-cost netbook priced at $199. The Aspire One Happy has both Windows and Android 2.3 installed. Users can toggle between operating systems by rebooting the system. Acer launched a version of the device worldwide last month.