AT&T

AT&T Uverse Modems Found To Have Several Serious Security Vulnerabilities (threatpost.com) 75

dustman81 writes: AT&T Uverse modems were found to have several serious vulnerabilities, including a superuser account with hardcoded username/password exposed to the internet via SSH, a HTTP server with little authentication which allows command injection, and an internet exposed service which exposes internal clients to external attacks. Information security consulting and software development firm Nomotion reports the findings in their blog: "It was found that the latest firmware update (9.2.2h0d83) for the NVG589 and NVG599 modems enabled SSH and contained hardcoded credentials which can be used to gain access to the modem's 'cshell' client over SSH. The cshell is a limited menu driven shell which is capable of viewing/changing the WiFi SSID/password, modifying the network setup, re-flashing the firmware from a file served by any tftp server on the internet, and even controlling what appears to be a kernel module whose sole purpose seems to be to inject advertisements into the user's unencrypted web traffic. Although no clear evidence was found suggesting that this module is actually being used currently, it is present, and vulnerable. Aside from the most dangerous items listed above, the cshell application is also capable of many other privileged actions. The username for this access is remotessh and the password is 5SaP9I26." The report continues to detail the other vulnerabilities: Default credentials 'caserver' https server NVG599; Command injection 'caserver' https server NVG599; Information disclosure/hardcoded credentials; and Firewall bypass no authentication.

Further reading: FierceTelecom; The Register

Displays

Sharp Announces 8K Consumer TVs Now That We All Have 4K (theverge.com) 285

Thuy Ong reports via The Verge: Now that you've upgraded to a shiny new 4K TV, Sharp has revealed its latest screen to stoke your fear of missing out: a 70-inch Aquos 8K TV. That 8K (7,680 x 4,320) resolution is 16 times that of your old Full HD (1920 x 1080) TV. Sharp calls it "ultimate reality, with ultra-fine details even the naked eye cannot capture," which doesn't seem like a very good selling point. Keep in mind that having a screen with more pixels doesn't buy you much after a certain point, because those pixels are invisible from a distance -- while an 8K panel would be beneficial as a monitor, where you're sitting close, it won't buy you much when leaning back on the couch watching TV. HDR, however, is something else entirely, and fortunately, Sharp's new 8K set is compatible with Dolby Vision HDR and BDA-HDR (for Blu-ray players). The lack of available 8K HDR content is also a problem. But there is some content floating around. The TV will be rolling out to China and Japan later this year, and then Taiwan in February 2018. Sharp is repurposing its 70-inch 8K TV as an 8K monitor (model LV-70X500E) for Europe, which will be on sale in March. There is no news about a U.S. release.
Communications

Germany Unveils World's Most Powerful X-Ray Laser (theguardian.com) 49

An anonymous reader quotes a report from The Guardian: The world's most powerful X-ray laser has begun operating at a facility where scientists will attempt to recreate the conditions deep inside the sun and produce film-like sequences of viruses and cells. The machine, called the European X-ray Free Electron Laser (XFEL), acts as a high-speed camera that can capture images of individual atoms in a few millionths of a billionth of a second. Unlike a conventional camera, though, everything imaged by the X-ray laser is obliterated -- its beam is 100 times more intense than if all the sunlight hitting the Earth's surface were focused onto a single thumbnail. The facility near Hamburg, housed in a series of tunnels up to 38 meters underground, will allow scientists to explore the architecture of viruses and cells, create jittery films of chemical reactions as they unfold and replicate conditions deep within stars and planets.

XFEL is the world's third major X-ray laser facility -- projects in Japan and the U.S. have already spawned major advances in structural biology and materials science. The European beam is more powerful, but most significantly has a far higher pulse rate than either of its predecessors. "They can send 100 pulses out per second, we can send 27,000," said Robert Feidenhan'l, chairman of the European XFEL management board. This matters because to study chemical reactions or biological processes, the X-ray strobe is used to capture flickering snapshots of the same system at different time-points that can be stitched together into a film sequence.

Cellphones

Slashdot Asks: How Do You Navigate Your Smartphone? 66

There are many different ways to navigate a smartphone. Some devices employ capacitive touch navigation buttons in favor of on-screen navigation buttons for the back, home and overview commands. Others, such as the recently released Moto Z2 Force and Moto Z2 Play, feature a mini trackpad under the display that lets users navigate their device through a series of swipes (on-screen navigation buttons are used by default, but the option to use the "one button nav" mini trackpad can be enabled in the settings). The upcoming iPhone 8, for example, may feature a software bar in lieu of a physical/virtual home button, introducing new gesture controls for returning to the home screen and switching between apps.

How do you navigate your smartphone? Given the many different options available on the market, do you think there is one method of navigation that trumps the others, or is it a classic case of "different strokes for different folks?"
Communications

New Qualcomm Auto Chipset Advances Vehicle-To-Everything Communications (zdnet.com) 24

Qualcomm has introduced a new Cellular Vehicle-to-Everything (C-V2X) chipset and reference design that aims to bring automakers one step closer to deploying the communications systems necessary for fully autonomous vehicles. Ford, Audi, the PSA Group and SAIC are all endorsing the new chipset. ZDNet reports: The Qualcomm 9150 C-V2X chipset, expected to be available for commercial sampling in the second half of 2018, is based on specs from the 3rd Generation Partnership Project (3GPP), a collaboration between groups of telecommunications associations. Meanwhile, Qualcomm's C-V2X reference design will feature the 9150 C-V2X chipset, an application processor running the Intelligent Transportation Systems (ITS) V2X stack, as well as a Hardware Security Module (HSM). C-V2X technology encompasses two transmission modes: direct communications and network-based communications. It's key for both safety features and for implementing autonomous driving capabilities.

For instance, its direct communications capabilities improve a vehicle's situational awareness by detecting and exchanging information using low latency transmissions. Relying on the globally harmonized 5.9 GHz ITS band, the 9150 C-V2X chipset can relay information on vehicle-to-vehicle (V2V), vehicle-to-infrastructure (V2I) and vehicle-to-pedestrian (V2P) scenarios without the need for a Subscriber Identity Module (SIM), cellular subscription or network assistance. On top of that, C-V2X network-based communications (designed for 4G and emerging 5G wireless networks) supports telematics, connected infotainment and a growing number of advanced informational safety use cases.

Data Storage

SanDisk Breaks Storage Record With 400GB MicroSD Card (extremetech.com) 70

SanDisk has managed to cram 400GB into a microSD card, making it the largest microSD card currently on the market. The company said the capacity breakthrough was the result of Western Digital, the company that owns SanDisk, "leveraging its proprietary memory technology and design and production processes that allow for more bits per die." The nitty-gritty details weren't revealed beyond that. ExtremeTech reports: The speed appears to come with a tradeoff. SanDisk trumpets its A1 speed rating, saying: "Rated A1, the SanDisk Ultra microSD card is optimized for apps, delivering faster app launch and performance that provides a better smartphone experience." This is a generous reading of the A1's target performance specification. Last year, the SD Association released a report discussing the App Performance Class memory card specification and why the spec was created in the first place. When Android added support for running applications from an SD card, there was a need to make certain the cards people bought would be quick enough to run apps in the first place. The A1 is rated for 1500 read and 500 write IOPS, with a sequential transfer speed of 10MB/s.

This SanDisk drive should run applications just fine. SanDisk claims it can be used for recording video, not just storing it. But it's not going to be fast enough for 4K data; Class 10 devices are limited to 10MB/s of sequential write performance. Obviously not all phones support shooting in 4K anyway, so whether this is a limitation will depend on what device you plan to plug it into. The 100MB/s speed trumpeted by Western Digital is a reference to read speeds; write speeds are lower and likely closer to the 10MB/s sequential target mentioned above. The microSD card is expected to retail for $250.

Android

LG Announces V30 Smartphone With 'FullVision' OLED Display, Dual Cameras (phonedog.com) 45

At a press conference in Berlin, LG announced their newest flagship smartphone, the LG V30. The V30 doesn't feature a removable battery or a secondary display like its predecessor, but it does feature faster performance and a significantly redesigned build construction that puts in more in line with Samsung and Apple's offerings. PhoneDog reports: A bigger device with beefier specs, the LG's V series took more design cues from the G series this year more than ever. As expected, LG got rid of the secondary display in favor of a single 6-inch LG P-OLED display (not Super AMOLED, although practically the same with rich black and vibrant colors). The V30 switches out its secondary display for slimmer bezels, which may prove to be a smart move considering how popular the concept is this year. Specs look pretty solid, although there were reports that the device would feature 6GB of RAM rather than 4GB. The bread and butter of the V30 are its sophisticated audio and its dual rear camera set-up. Speaking of the back of the device, another small advantage that LG may have over the competition is the center placement of its rear fingerprint sensor, which has been a bit of a pain point for Samsung this year with the S8 and the Note 8. The LG V30 is set to release on September 21 in South Korea, with releases in North America, Asia, Africa, and Europe following shortly after. LG also has yet to announce a price for the V30, although rumors peg it to be around 800,000 KRW in South Korea (which equates to about $699 in the U.S.). For those interested, GSMArena has a full spec sheet available for the LG V30. Some of the noteworthy specs include a 6-inch LG P-OLED display with an 18:9 aspect ratio and QHD (1440 x 2880) resolution, Snapdragon 835 processor with 4GB RAM, dual 16-megapixel/13-megapixel rear-facing camera sensors, headphone jack, 32-bit/192kHz audio, wireless charging and Android 7.1.2 Nougat.
AMD

AMD Releases Ryzen PRO Processors Worldwide, 8-Core Ryzen Threadripper 1900X (techradar.com) 94

Today, AMD announced the global release and broad adoption of AMD Ryzen Pro desktop processors. At its launch event in New York City, the company touted three main pillars that define these chipsets: reliability, security, and performance. They support features like Trusted Platform Module 2.0, which integrates secure microcontrollers into devices, GuardMI technology, which enables silicon-level security to help protect against threats, and SenseMI technology, which consists of a collection of smart features that aims to fine-tune performance for most responsive applications. For the first time, AMD has partnered with the top three PC OEMs: HP, Dell and Lenovo. Brad Chacos for PCWorld provides a "rundown of the commercial-focused Ryzen Pro systems that are coming down the pipeline, straight from AMD":

-Dell Optiplex 5055 desktop PCs are expected to ship in the coming weeks.
-HP EliteDesk 705 desktop PCs are expected to ship in the coming weeks.
-Lenovo ThinkCentre M715 desktop PCs are expected to ship in the coming weeks.
-Lenovo ThinkPad A475 and A275 notebook PCs are expected in Q4 2017.
-Ryzen PRO mobile processors are scheduled for launch in the first half of 2018.

The global launch of the Ryzen Pro processors is not the only bit of news AMD announced. The company also announced the release of a new budget Threadripper 1900X model. From a report via TechRadar: AMD has released its 8-core Ryzen Threadripper 1900X processor, offering people who were put off by high price of the flagship 16-core Threadripper 1950X a chance to build a PC with all of the advanced Threadripper features for almost half the cash. As we expected, the Threadripper 1900X will come with eight cores clocked at 3.8GHz, with a turbo that reaches 4.0GHz (and an XFR boost to 4.2GHz), and will cost $549 -- almost half the Threadripper 1950X's $999 asking price, and a fair bit cheaper than the mid-range Threadripper 1920X, which costs $799. In fact, the price is within touching distance of the AMD Ryzen 7 1800X, which comes with eight cores and 16 threads, and costs $499.
Power

Cummins Unveils Electric Semi Truck Before Tesla (autoblog.com) 264

Cummins has beat Tesla to the punch by unveiling its own electric semi truck. According to Forbes, the fully electric, class 7 day-cab urban hauler, called Aeos, gets 100 miles of range from its 140-kWh battery pack and can haul a 22-ton trailer. While the company does offer the options of additional battery packs to triple the range or a range-extending engine generator, the Aeos is better suited for city use rather than long-haul trucking. Autoblog reports: While this electric truck is a concept, it's a working demonstration of a product Cummins plans to start producing in 2019. At the unveiling in Columbus, Ind., Cummins also revealed its latest near-zero-emissions natural gas engines, as well as the X15 and lightweight X12 clean diesel engines. The company said it is embracing new technologies that allow its customers to contribute to a sustainable future.
Robotics

New T-Shirt Sewing Robot Can Make As Many Shirts Per Hour As 17 Factory Workers (qz.com) 409

An anonymous reader quotes a report from Quartz: In 2015, after years of research, SoftWear Automation introduced LOWRY, a sewing robot, or sewbot, that uses machine vision to spot and adjust to distortions in the fabric. Though initially only able to make simple products, such as bath mats, the technology is now advanced enough to make whole t-shirts and much of a pair of jeans. According to the company, it also does it far faster than a human sewing line. SoftWear Automation's big selling point is that one of its robotic sewing lines can replace a conventional line of 10 workers and produce about 1,142 t-shirts in an eight-hour period, compared to just 669 for the human sewing line. Another way to look at it is that the robot, working under the guidance of a single human handler, can make as many shirts per hour as about 17 humans. The company has emerged as a leader among those trying to automate sewing, drawing the interest of businesses that make home goods and of course clothing manufacturers, including Tianyuan Garments Company, a Chinese firm that produces for brands such as Adidas and Armani. Tianyuan Garments has invested $20 million in a 100,000-square foot factory in Little Rock, Arkansas, planned to open in 2018. The factory will be staffed with 21 robotic production lines supplied by SoftWear Automation, and will be capable of making 1.2 million t-shirts a year.
Google

Google Assistant Coming Soon To More Speakers, Appliances and Other Devices (techcrunch.com) 50

Google announced today several new third-party speakers that will support the Assistant. Their blog post is a follow-up to a post in May where they announced the general availability of the Google Assistant SDK, which lets anyone download and run the Google Assistant on the gadget of their choice. TechCrunch reports: That's likely to be good for both the voice-powered assistant market, as well as for Google's ability to use its service to collect useful data which it can then use to work on its advertising and marketing products. The more places Assistant appears, the more likely it is that people will engage with the voice companion, and that's not territory Google wants to cede to someone like Amazon. Some of the devices getting Google Assistant coming to IFA include the Anker Zolo Mojo, a small cylinder speaker that's sort of like a third-party Google Home, which will go on sale in late October. Two other smart speakers powered by Assistant, including the Panasonic GA10 and the TicHome Mini, are also on their way. Google is also now making it possible to use Assistant to check on the state of your laundry or dishes, using an integration with LG's line of home appliances, which also includes voice commands for LG's Roomba competitor.
The Almighty Buck

Best Buy Will Now Send a Salesperson To Your House To Sell You Things (theverge.com) 144

An anonymous reader writes: Starting next month, Best Buy will launch a free service where salespeople will come to your house to make recommendations about gadgets and services to try and sell you stuff. The service has been in testing in five markets and will be expanded to more cities around the U.S., according to the Associated Press. The Verge reports: "Best Buy has found that shoppers spend more money when at home than in store. CEO Hubert Joly says the in-house service is one way the company will open up 'latent' customer demand. Sales associates are responsible for promoting the service -- when customers ask about certain products, the salesperson will suggest an in-home visit. The topics discussed during the home visits usually involve recommendations for products and gadgets, and other services. Best Buy says the salespeople working in the in-home service receive hourly rates, or a salary, and not commissions. The company already operates a 'Geek Squad' facility, but that's a paid service that offers repairs and installations."
Data Storage

APFS Is Not Optional (apple.com) 330

From a new Apple knowledge base article: When you upgrade to macOS High Sierra, systems with all flash storage configurations are converted automatically. Systems with hard disk drives (HDD) and Fusion drives won't be converted to APFS. You can't opt-out of the transition to APFS.
Robotics

South Korea Moves Towards The World's First 'Robot Tax' (zdnet.com) 83

An anonymous reader quotes ZDNet: It's being called the world's first robot tax. If it goes into effect, South Korea will be the first country to change its tax laws in recognition of the coming burden of mass robotic automation on low and middle-skill workers. The change proposed by the Moon Jae-in administration isn't a direct tax on robots. Rather, policymakers have proposed limiting tax incentives on investments in automation... Under existing law, South Korean companies that buy automation equipment, such as warehouse and factory robots, can deduct between three and seven percent of their investment. The current proposal, which seems likely to advance, is to reduce the deduction rate by up to two percentage points.

The move is evidently not an attempt to staunch companies from adopting automation technology. Rather, it is a kind of formal acknowledgment that unemployment is coming on a big enough scale to eat into South Korea's tax revenue. Policymakers are hoping that reducing the deduction incentives by a couple percentage points will offset the lost income tax and help keep the country's social services and welfare coffers filled.

The Korea Times, which broke the story, reminds readers that former U.S. treasury secretary Lawrence Summers has called robot taxes "profoundly misguided... A sufficiently high tax on robots would prevent them from being produced."
Businesses

Domino's Market Tests A Self-Driving Pizza Delivery Car (cnn.com) 145

An anonymous reader quotes CNN: Someday soon your Domino's Pizza could be delivered to you -- without an actual delivery person. Ford and Domino's are testing out a specially-equipped Ford Fusion that comes not only with self-driving technology but also an oven. It sounds cool but there is a catch -- there's no one to walk the pizza to your front door and ring the bell. That's what Ford and Domino's say they're really testing. "How will customers react to coming outside to get their food?" Domino's president Russell Weiner said in a statement, "We need to make sure the interface is clear and simple."

During the testing phase, an engineer and a driver will be in the car -- but the windows will be heavily tinted so customers can't see them. And both have been instructed not to interact with people at all. Domino's wants to see how well customers deal with coming out and getting their own pie from what is, basically, a pizza ATM built into the car. To get their pizzas, customers will have to enter a number on the touchpad, then a back window will lower, revealing the pizza. Over the next five weeks, randomly selected customers around Ann Arbor, Michigan, will be offered the option of getting their pizza delivered by the hi-tech "driverless" car.

Data Storage

BackBlaze's Hard Drive Stats for Q2 2017 (backblaze.com) 99

BackBlaze is back with its new hard drive reliability report: Since our last report for Q1 2017, we have added 635 additional hard drives to bring us to the 83,151 drives we'll focus on. We'll begin our review by looking at the statistics for the period of April 1, 2017 through June 30, 2017 (Q2 2017). [...] When looking at the quarterly numbers, remember to look for those drives with at least 50,000 drive hours for the quarter. That works out to about 550 drives running the entire quarter. That's a good sample size. If the sample size is below that, the failure rates can be skewed based on a small change in the number of drive failures.

Editor's note: In short: hard drives from HGST, a subsidiary of Western Digital, and Toshiba were far more reliable than those from Seagate across the models BackBlaze uses in its datacenters.

Android

Tech Firms Team Up To Take Down 'WireX' Android DDoS Botnet (krebsonsecurity.com) 29

An anonymous reader quotes a report from Krebs On Security: A half dozen technology and security companies -- some of them competitors -- issued the exact same press release today. This unusual level of cross-industry collaboration caps a successful effort to dismantle "WireX," an extraordinary new crime machine comprising tens of thousands of hacked Android mobile devices that was used this month to launch a series of massive cyber attacks. Experts involved in the takedown warn that WireX marks the emergence of a new class of attack tools that are more challenging to defend against and thus require broader industry cooperation to defeat. News of WireX's emergence first surfaced August 2, 2017, when a modest collection of hacked Android devices was first spotted conducting some fairly small online attacks. Less than two weeks later, however, the number of infected Android devices enslaved by WireX had ballooned to the tens of thousands. Experts tracking the attacks soon zeroed in on the malware that powers WireX: Approximately 300 different mobile apps scattered across Google's Play store that were mimicking seemingly innocuous programs, including video players, ringtones or simple tools such as file managers.

Experts involved in the takedown say it's not clear exactly how many Android devices may have been infected with WireX, in part because only a fraction of the overall infected systems were able to attack a target at any given time. Devices that were powered off would not attack, but those that were turned on with the device's screen locked could still carry on attacks in the background, they found. The identical press release that Akamai and other firms involved in the WireX takedown agreed to publish says the botnet infected a minimum of 70,000 Android systems, but Seaman says that figure is conservative.

Nintendo

Nintendo Faces Supply Issues Ahead of Holiday Season 100

Takashi Mochizuki and Sarah E. Needleman report via The Wall Street Journal (Warning: source may be paywalled; alternative source): Nintendo's latest videogame machine, the Nintendo Switch, is winning fans for both its lineup of popular games and its flexibility -- it works as both a living-room console and a hand-held device. But the real challenge for gamers has been actually getting their hands on it. Production isn't keeping up with demand in Japan, resulting in blockbuster queues and lotteries there. Over weekends in July and early August, tens of thousands of fans lined up at stores for a one-in-10 chance to buy the $300 console at events that have become a form of entertainment. Nintendo's official target is to ship 10 million Switch units in its current fiscal year ending in March 2018. People involved in the supply chain say they have been told to prepare for 18 million units. One executive in the supply chain said his company was ready to pick up the pace of production if asked. One delicate balance for Nintendo: The more it tries to boost output quickly, the more it has to bow to the terms of parts makers, some of whom are also busy with orders for Apple Inc.'s next iPhone. "We're doing everything we can to make sure everyone who wants to buy a Nintendo Switch system can do so," Nintendo said in a statement. "We will ramp up production for the holiday period, which has been factored into our forecast."
Government

New York City Cops Will Replace Their 36,000 Windows Phones With iPhones (theverge.com) 215

The New York City Police Department says it will give up its 36,000 Windows phones and transition to iPhones by the end of the year. The Verge reports: The switch is prompted in part by news in July that Microsoft was ending support for Windows Phone 8.1, which a large percentage of all Windows-powered phones are still using. It's a predictable end to the Windows phone, considering that its market share had already slipped below 1 percent at the time the police department adopted its phones last year. The ill-fated decision to go with the Windows phone was made solely by its NYPD deputy commissioner for IT, according to The New York Post, and apparently did not receive further judgment before implementing the program. The Windows models were Nokia Lumia 830 and Lumia 640 XL, equipped with special 911 apps, case management apps, and the ability to receive assignments. They were purchased as part of a $160 million initiative to modernize the NYPD, which has been around since 1845. The new business for Microsoft's phones was clearly not enough to keep Windows Phone alive.
Iphone

The Next iPhone Is Going To Be Unveiled On Sept. 12, Report Says (cnbc.com) 77

According to CNBC, Apple will host its big iPhone 8 product launch event on September 12th. From the report: The tech giant is expected to announce a bevy of products, including two new iterative iPhone updates, possibly named the iPhone 7s and iPhone 7s Plus, in addition to a high-end iPhone 8. Apple is also reportedly gearing up to announce a new 4K Apple TV that will support sharper content than current models, and a new Apple Watch. The iPhone 8 will reportedly feature a display that takes up almost the entire front of the device, using new OLED panels that are brighter and more colorful than previous screens. Rumor has it Apple has moved the fingerprint reader to the back of the phone but will also support facial recognition thanks to a new 3-D sensor on the front of the device. Rumors have suggested the most high-end iPhone 8 will start at $1,000. Apple typically sells its new phones within a week or so of the announcement.

Slashdot Top Deals