Is nVidia’s Auto Venture Paying Off?
August 17, 2016 by admin
Filed under Consumer Electronics
Comments Off on Is nVidia’s Auto Venture Paying Off?
The driverless car market is expected to grow to $42 billion by 2025 and Nvidia has a cunning plan to grab as much of that market as possible with its current automotive partnerships.
The company started to take in more cash from its car business recently. The company earned $113 million from its automotive segment in fiscal Q1 2017. While that is not much it represents a 47 percent increase over the year before. Automotive revenue up to about 8.6 percent of total revenue and it is set to get higher.
BMW, Tesla, Honda and Volkswagen are all using Nvidia gear in one way or another.
BMW’s been using Nvidia infotainment systems for years and seems to have been Nvidia’s way into the industry. Tesla has a 17 inch touchscreen display of which is powered by Nvidia. You can see Tesla’s all-digital 12.3-inch instrument cluster display uses Nvidia GPUs. Honda has Tegra processors for its Honda Connect infotainment system.
But rumors are that Nvidia is hoping to make a killing from the move to driverless cars. The company is already on the second version of its Drive PX self-driving platform. Nvidia claims that Drive PX recently learned how to navigate 3,000 miles of road in just 72 hours.
BMW, Ford, and Daimler are testing Drive PX and Audi used Nvidia’s GPUs to help pilot some of its self-driving vehicles in the past. In fact Audi has claimed that it can be used to help normal car driving.
It said that the deep learning capabilities of Drive PX allowed its vehicles to learn certain self-driving capabilities in four hours instead of the two years that it took on competing systems.
According to Automotive News Europe Nvidia is working closely with Audi as its primary brand for Drive PX but then it will move to Volkswagen, Seat, Skoda, Lamborghini, and Bentley.
Tesla also appears to think that Nvida is a key element for driverless car technology. At the 2015 GPU Technology Conference last year, the company said that Tegra GPU’s will prove “really important for self-driving in the future.” Tesla does not use the Drive PX system yet, but it could go that way.
Courtesy-Fud
Tech Firms Form OTrP To Support IoT Security
Comments Off on Tech Firms Form OTrP To Support IoT Security
A bunch of tech firms including ARM and Symantec have joined forces to create a security protocol designed to protect Internet of Things (IoT) devices.
The group, which also includes Intercede and Solacia, has created The Open Trust Protocol (OTrP) that is now available for download for prototyping and testing from the IETF website.
The OTrP is designed to bring system-level root trust to devices, using secure architecture and trusted code management, akin to how apps on smartphones and tablets that contain sensitive information are kept separate from the main OS.
This will allow IoT manufacturers to incorporate the technology into devices, ensuring that they are protected without having to give full access to a device OS.
Marc Canel, vice president of security systems at ARM, explained that the OTrP will put security and trust at the core of the IoT.
“In an internet-connected world it is imperative to establish trust between all devices and service providers,” he said.
“Operators need to trust devices their systems interact with and OTrP achieves this in a simple way. It brings e-commerce trust architectures together with a high-level protocol that can be easily integrated with any existing platform.”
Brian Witten, senior director of IoT security at Symantec, echoed this sentiment. “The IoT and smart mobile technologies are moving into a range of diverse applications and it is important to create an open protocol to ease and accelerate adoption of hardware-backed security that is designed to protect onboard encryption keys,” he said.
The next stage is for the OTrP to be further developed by a standards-defining organisation after feedback from the wider technology community, so that it can become a fully interoperable standard suitable for mass adoption.
Courtesy-TheInq
Is Tesla Poaching nVidia’s Engineers?
April 20, 2016 by admin
Filed under Around The Net
Comments Off on Is Tesla Poaching nVidia’s Engineers?
Tesla Motors,’ which has been poaching engineers from Apple and AMD, could be causing a few headaches for Nvidia.
MKM analyst Ian Ing pointed out that Nvidia and Tesla have partnered in machine-learning which is the key to autonomous driving. Nvidia’s own automotive segment grew 80 per cent to $320 million in revenue.
It had been known that Tesla is swiping Apple and AMD engineers, but the difficulty is that it also needs staff from its old chum Nvidia. Ing said that Apple and AMD staff are not as steeped in graphics processing units and machine learning as Nvidia’s staff.
“Although there are widely reportedly headlines that Tesla has been hiring chip architects from Apple and AMD, we note that expertise has been focused more on multi-purpose application processors vs. the GPU accelerators necessary for machine learning,” Ing wrote.
This could either pressure Nvidia to work more closely with Tesla, or it too might lose staff to the carmarker. However that might be a small headache for Nvidia which is doing obscenely well, according to Ing. He is suggesting everyone should buy Nvidia shares.
Courtesy-Fud
Stagefright 2.0 Exploits Android Vulnerabilities
Comments Off on Stagefright 2.0 Exploits Android Vulnerabilities
Newly found vulnerabilities in the way Android handles media files can allow attackers to compromise devices by tricking users into visiting maliciously crafted Web pages.
The vulnerabilities can lead to remote code execution on almost all devices that run Android, starting with version 1.0 of the OS released in 2008 to the latest 5.1.1, researchers from mobile security firm Zimperium said in a report published Thursday.
The flaws are in the way Android processes the metadata of MP3 audio files and MP4 video files, and they can be exploited when the Android system or another app that relies on Android’s media libraries previews such files.
The Zimperium researchers found similar multimedia processing flaws earlier this year in an Android library called Stagefright that could have been exploited by simply sending Android devices a maliciously crafted MMS message.
Those flaws triggered a coordinated patching effort from device manufacturers that Android’s lead security engineer, Adrian Ludwig, called the “single largest unified software update in the world.” It also contributed to Google, Samsung and LG committing to monthly security updates going forward.
One of the flaws newly discovered by Zimperium is located in a core Android library called libutils and affects almost all devices running Android versions older than 5.0 (Lollipop). The vulnerability can also be exploited in Android Lollipop (5.0 – 5.1.1) by combining it with another bug found in the Stagefright library.
The Zimperium researchers refer to the new attack as Stagefright 2.0 and believe that it affects more than 1 billion devices.
Since the previous attack vector of MMS was closed in newer versions of Google Hangouts and other messaging apps after the previous Stagefright flaws were found, the most straight-forward exploitation method for the latest vulnerabilities is through Web browsers, the Zimperium researchers said.
Zimperium reported the flaws to Google on Aug. 15 and plans to release proof-of-concept exploit code once a fix is released.
That fix will come on Oct. 5 as part of the new scheduled monthly Android security update, a Google representative said.
Source-http://www.thegurureview.net/mobile-category/stagefright-2-0-exploits-android-vulnerabilities.html
Google Upgrades Voice Search
October 8, 2015 by admin
Filed under Around The Net
Comments Off on Google Upgrades Voice Search
Google said it has constructed a better neural network that is making its voice search work faster and better in noisy environments.
“We are happy to announce that our new acoustic models are now used for voice searches and commands in the Google app (on Android and iOS), and for dictation on Android devices,” Google’s Speech Team wrote in a recent blog post . “In addition to requiring much lower computational resources, the new models are more accurate, robust to noise, and faster to respond to voice search queries.”
In 2013, Google brought the same voice recognition tools that had been working in Google Now to Google Search.
Along with being able to find information on the Internet, Google Voice Search also was able to find information for users in their Gmail, Google Calendar and Google+ accounts.
At the 2013 Google I/O developers conference, Amit Singhai, today a senior vice president and Google Fellow, said the future of search is in voice. For Google, he said, future searches will be more like conversations with your computer or device, which also will be able to give you information before you even ask for it.
The company went on to make it clear that it would continue to focus on voice search.
And this week’s announcement backs that up.
Google explained in its blog post that it has updated the neural network it’s using for voice search. A neural network is a computer system based on the way the human brain and nervous system work. It generally uses many processors operating in parallel.
The improved neural network is able to consume the incoming audio in larger chunks than conventional models without performing as many calculations.
“With this, we drastically reduced computations and made the recognizer much faster,” the team wrote. “We also added artificial noise and reverberation to the training data, making the recognizer more robust to ambient noise.”
Source-http://www.thegurureview.net/aroundnet-category/google-upgrades-voice-search.html
Is Windows ‘Threshold’ Enroute?
Microsoft will unveil a preview of “Threshold,” the current code name for Windows 8′s successor, as soon as next month, according to an online report on Monday.
ZDNet’s Mary Jo Foley, citing unnamed sources, said that Microsoft will deliver a “technical preview” of Threshold late in September or early in October. Previously, Foley had reported that Microsoft would offer a preview of some kind this fall.
Threshold may be officially named “Windows 9″ by Microsoft — the company has said nothing about either the code name or labeled the next iteration of its desktop and tablet OS — although there are arguments for dumping a numerical title because of the possible association with Windows 8, which has widely been pegged as a failure.
“Technical Preview” is a moniker that Microsoft has used in the past for its Office suite. For both Office 2013 and Office 2010, Microsoft used the term to describe an invitation-only sneak peek. Both application suites were later released as public betas prior to their official launch.
Windows, however, has used a different nomenclature. For 2012′s Windows 8, Microsoft called the early looks ”Developer Preview,””Consumer Preview” and “Release Preview,” all open to everyone. The first was analogous to an alpha, the second to a beta, and the third to a done-but-not-approved release candidate.
Windows 7, however, had used the more traditional “Beta” to describe the first public preview in early 2009. The previous fall, when Microsoft unveiled Windows 7, the firm had seeded an invite-only “pre-alpha” version, also dubbed a Developer Preview, of the OS to programmers and some influential bloggers.
Within hours, the Windows 7 Developer Preview leaked to file-sharing websites. Microsoft may have changed its practices for Windows 8, letting anyone download the first preview, because of the inevitably of leaks.
In an update to her blog of earlier today, Foley added that the “Technical Preview” nameplate notwithstanding, Microsoft would allow anyone to download Threshold/Windows 9 when it becomes available in the next few weeks.
If Microsoft does ship a preview soon and sets its sights on a second-quarter 2015 final release, it will have significantly accelerated the tempo from past practice. With Windows 7 and Windows 8, Microsoft offered its first previews 12 and 13 months, respectively, and the public beta 8 or 9 months, before launching the operating system.
Eight or nine months from September would be May or June 2015; that, however, assumes that the Technical Preview is of beta quality. The name itself hints at something less.
Microsoft appears eager to put Windows 8 behind it. It has stopped beating the drum about the OS and recently announced that it would not issue any additional major updates. Instead, the firm said last week, it will include improvements or new features in small packets using the same Windows Update mechanism that regularly serves security patches.
Heartbleed Hits Oracle
Oracle issued a comprehensive list of its software that may or may not be impacted by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.
The list includes well over 100 products that appear to be in the clear, either because they never used the version of OpenSSL reported to be vulnerable to Heartbleed, or because they don’t use OpenSSL at all.
However, Oracle is still investigating whether another roughly 20 products, including MySQL Connector/C++, Oracle SOA Suite and Nimbula Director, are vulnerable.
Oracle determined that seven products are vulnerable and is offering fixes. These include Communications Operation Monitor, MySQL Enterprise Monitor, MySQL Enterprise Server 5.6, Oracle Communications Session Monitor, Oracle Linux 6, Oracle Mobile Security Suite and some Solaris 11.2 implementations.
Another 14 products are likely to be vulnerable, but Oracle doesn’t have fixes for them yet, according to the post. These include BlueKai, Java ME and MySQL Workbench.
Users of Oracle’s growing family of cloud services may also be able to breath easy. “It appears that both externally and internally (private) accessible applications hosted in Oracle Cloud Data Centers are currently not at risk from this vulnerability,” although Oracle continues to investigate, according to the post.
Heartbleed, which was revealed by researchers last week, can allow attackers who exploit it to steal information on systems thought to be protected by OpenSSL encryption. A fix for the vulnerable version of OpenSSL has been released and vendors and IT organizations are scrambling to patch their products and systems.
Observers consider Heartbleed one of the most serious Internet security vulnerabilities in recent times.
Meanwhile, this week Oracle also shipped 104 patches as part of its regular quarterly release.
The patch batch includes security fixes for Oracle database 11g and 12c, Fusion Middleware 11g and 12c, Fusion Applications, WebLogic Server and dozens of other products. Some 37 patches target Java SE alone.
A detailed rundown of the vulnerabilities’ relative severity has been posted to an official Oracle blog.
Javascript Security Flaws Discovered
Polish researchers have released technical details and attack code for 30 security issues affecting Oracle’s Java Cloud Service. Some of the flaws make it possible for attackers to read or modify users’ sensitive data or to execute malicious code.
Security Explorations said it would normally withhold public airings until after any vulnerability has been fixed. But apparently Oracle representatives failed to resolve some of the more crucial issues including bypasses of the Java security sandbox, bypasses of Java whitelisting rules, the use of shared WebLogic server administrator passwords, and the availability of plain-text use passwords stored in some systems.
Oracle apparently has admitted to the researchers that it cannot promise whether it will be communicating resolution of security vulnerabilities affecting their cloud data centres in the future.
Adam Gowdiak, CEO of Security Explorations said Oracle unveiled the Java Cloud Service in 2011 and held it up as a way to better compete against Salesforce.com.
Is The Tesla Hackable?
It’s the curse of the connected car once it’s linked to the Internet, it’s, well, on the Internet. In the case of the Tesla Model S, this means that mischievous hackers could, in theory, control some functions of the vehicle and even snoop without the owner’s knowledge.
Tesla offers Android and iPhone apps for Model S owners, which can be used to check the vehicle’s battery, track its location and status, and tweak several other settings, like climate control and the sunroof. It can also be used to unlock the doors on the Model S.
Dell senior engineer George Reese says the REST API used by Tesla to provide access for Android and iPhone apps has several fairly serious security flaws, which could offer a way in for unscrupulous hackers.
According to an article written by Reese for O’Reilly, Tesla appears to have broken from accepted best practice when designing the API for the Model S.
“It’s flawed in a way that makes no sense. Tesla ignored most conventions around API authentication and wrote their own. As much as I talk about the downsides to OAuth (a standard for authenticating consumers of REST APIs–Twitter uses it), this scenario is one that screams for its use,” he wrote.
However, Reese notes, this is merely a potential attack vector, not one that could be immediately exploited. That said, a compromised website particularly one designed to provide “value-added services” via the API to Tesla drivers could prove highly damaging.
“I can … honk their horns, flash their lights, and open and close the sunroof. While none of this is catastrophic, it can certainly be surprising and distracting while someone is driving,” Reese wrote.
Automotive hacking has been posited by experts for some time, and several presentations at this year’s Defcon detailed fairly comprehensive methods of compromising some models.
Java 6 Security Hole Found
Security firms are urging users of Oracle’s Java 6 software to upgrade to Java 7 as soon as possible to avoid becoming the victims of active cyber attacks.
F-secure senior analyst Timo Hirvonen warned about the exploit this weekend over Twitter, advising that he had found an exploit in the wild actively targeting an unpatched vulnerability in Java 6, named CVE-2013-2463.
PoC for CVE-2013-2463 was released last week, now it’s exploited in the wild. No patch for JRE6… Uninstall or upgrade to JRE7 update 25.
— Timo Hirvonen (@TimoHirvonen) August 26, 2013
CVE-2013-2463 was addressed by Oracle in the June 2013 Critical Patch Update for Java 7. Java 6 has the same vulnerability, as Oracle acknowledged in the update, but since Java 6 became unsupported in April 2013, there is no patch for the Java 6 vulnerability.
Cloud security provider Qualys described the bug as an “implicit zero-day vulnerability”. The firm’s CTO Wolfgang Kandek said he had seen it included in the spreading Neutrino exploit kit threat, which “guarantees that it will find widespread adoption”.
“We know about its existence, but do not have a patch at hand,” Kandek said in a blog post. “This happens each time a software package loses support and we track these instances in Qualysguard with our ‘EOL/Obsolete’ detections, in this case.
“In addition, we still see very high rates of Java 6 installed, a bit over 50 percent, which means many organisations are vulnerable.”
Like F-secure, Kandek recommended that any users with Java 6 upgrade to Java 7 as soon as they can.
“Without doubt, organisations should update to Java 7 where possible, meaning that IT administrators need to verify with their vendors if an upgrade path exists,” he added.