Úvodní stránka » Nezařazené » Acer Aspire V5-531 Battery all-laptopbattery.com

Acer Aspire V5-531 Battery all-laptopbattery.com

Our third attack exploits the fact that some car manufacturers set weak cryptographic keys in their vehicles. We propose a time-memory trade-off which recovers such a weak key after a few minutes of computation on a standard laptop."They say cars with keyless ignitions are particularly at risk because the cryptographic mechanisms were not strengthened to compensate for the removal of the mechanical key.Auto-makers are strangely resistant to moving to superior chips that mitigate much of the attacks despite that the hardware costs less than US$1, the pair say. Vehicle recall costs would of course cost a lot more.The first attack which targets "all vehicles using Megamos Crypto" exploits a lack of pseudo-random number generation allowing for replay attacks.Verdult and Ege say car manufacturers should use randomly generated secret keys, set PINs, and write-lock memory after initialisation. These would defeat the researcher’s attacks.Drivers can buy a Proxmark 3 reader to check and set their lock-bits from zero to one to prevent write access to the transponder memory, and set the latest Megamos Crypto transponder to a random PIN.

The work marks the compromise of all four major engine immobilisers including DST, KeeLoq, and Hitag2. Manufacturer Atmel is the only to have published its open protocol design for public scrutiny, the researchers say. Internet users who think two taps on a smartphone is two taps too much may soon be able to use seamless second factor authentication that verifies a person is in possession of their phone by matching ambient noise sound prints.Researchers Nikolaos Karapanos, Claudio Marforio, Claudio Soriente, and Srdjan Capkun of the University of Zurich say identities can be verified by matching short sound recordings captured by user’s phone with that recorded on a desktop or laptop.The "Sound-Proof" verification process, which occurs without user interaction, can determine that a user and their two factor device are in the same room."One reason why two-factor authentication is so unpopular is the extra steps that the user must complete in order to log in," the team says in the paper Sound-Proof: Usable Two-Factor Authentication Based on Ambient Sound PDF]

"In Sound-Proof the second authentication factor is the proximity of the user’s phone to the device being used to log in."Audio recording and comparison are transparent to the user, so that the user experience is similar to the one of password-only authentication."Sound-Proof with no or limited modification will will work on current model Android and iOS phones and is tested on the Samsung Galaxy S3, Google Nexus 4, and iPhone 6. It functions on new version WebRTC-compliant browsers such as Firefox and Chrome.The researchers find ambient noise-based 2FA saves 25 seconds compared to app-tapping alternatives and as a result is preferable to Google’s popular two factor authenticator app according to a user study.
The boffins also asked 32 folks, none security experts, how they feel about this form of 2FA: most said they would prefer it over no 2FA being used.The team which presented the work at the USENIX security conference contends that ambient noise is a "robust" authentication mechanism, noting the smartphone app will work even if it records through a pocket or purse.It "fares well" outdoors and will prompt users to "clear their throat" if they are in a particularly quiet area.

In a statement yesterday evening, it said: "BT is confident that services have been fully restored following an outage that affected several hundred thousand customers earlier today."A faulty router was to blame for the outage and we apologise to those customers who were affected."Earlier this week, BT posted its best quarter results in seven years. Profit before tax soared by 24 per cent to £862m on revenue up three per cent to £4.6bn compared with the same three months last year.Ofcom is expected to decide whether or not to recommend spinning out BT’s broadband division, Openreach.More than 100 MPs have called for a separation of Openreach, claiming the company has substantially failed to deliver on its rural broadband commitments.However, in its quarterly earnings call, chief exec Gavin Patterson said the company had been "very disappointed" by the report. Getting hold of USB-C cables can be a pain, but a Google engineer has found one that actually qualifies as dangerous after it broke three pieces of hardware, including a very expensive Pixel Chromebook.

Googler Benson Leung has been on a quest to try out the latest USB Type-C cables and find those that aren’t up to snuff. Properly configured Type C connectors should be able to provide power and very high data rates, but most of those on the market have serious flaws, he has found.His findings have already caused one manufacturer to make a public mea culpa. In his latest review, for a Surjtech 3M USB A-to-C cable, Leung found that the cable had been wired up incorrectly and was actively harmful.He reported that he plugged the cable into his 2015 edition Pixel via a USB power delivery analyzer and connected it to an Apple 12W iPad charger. The second the connection was made it fried both the analyzer and the Pixel laptop.

The analyzer, and a second unit he tried, both died on contact with the cable and not even a firmware reinstall would get them working. As for the Pixel, both USB ports died as the current fried the embedded controller, meaning the laptop couldn’t be charged or linked to another device."I directly analyzed the Surjtech cable using a Type-C breakout board and a multimeter, and it appears that they completely miswired the cable. The GND pin on the Type-A plug is tied to the Vbus pins on the Type-C plug. The Vbus pin on the Type-A plug is tied to GND on the Type-C plug," he wrote."This is a total recipe for disaster and I have 3 pieces of electronics dead to show for it – my Pixel 2015 and two USB PD analyzers. Needless to say, this cable is fundamentally dangerous. Do not buy this under any circumstances."

Leung said that he’d gotten in contact with the manufacturer to discuss the issue. As the item is no longer for sale on Amazon, it appears the company has responded. From Taiwan, an advance on a tantalising rumour: Toshiba, Fujitsu and Vaio look to be seriously considering a merger of their laptop-making operations.Vaio, the laptop spin-off from Sony, publicly floated the idea in late 2015. At that time it was thought that Toshiba would probably like the idea, as relieving itself of its laptop division in a declining market would mean one less thing to worry about as it wrestles with its accounting scandal. Fujitsu’s LifeBook products are well-regarded, but are not big sellers globally.Now Taiwan’s Digitimes says news of the merger is causing nervousness among the nation’s manufacturers, who fear consolidation of contracts if the three do pursue a deal.The rumour is hard to dismiss, as PC sales are falling fast and none of the three companies make it into the world’s top half-dozen vendors, meaning they’re selling fewer than 20 million units a year.

Even if the three are doing well in Japan, that market’s not in great shape: analyst firm IDC’s assessment is that “a weaker Yen, high inventory, and lack of Windows 10 marketing continued to constrain PC sales” in 2015.Consolidation into a combined brand could help to defend the Japanese market and make it easier to compete abroad. It’s even possible that the three brands could survive, with Vaio in consumer-land, Fujitsu concentrating on the business sales its global services business brings and Toshiba straddling both markets as it already does today. IPB The first Parliamentary report into the UK’s draft Investigatory Powers Bill, commonly referred to as the "Snoopers’ Charter", says it has great potential to damage the nation’s technology sector and the public should therefore pick up the tab for the £2bn (US$2.85bn) or so it will require to implement the data-harvesting legislation.That’s the gist of the report into the Bill, issued today by the UK’s Science and Technology Select Committee.

The report argues that complying with the Bill will cost business so much that they’ll be disadvantaged when competing with foreign rivals. The report also worries about reputational costs associated with the Bill’s provisions for state hacking and mandatory decryption.Focusing on the technological aspects of the Snoopers’ Charter, the inquiry assessed it only in terms of its feasibility and cost, rather than whether its legal powers were proportionate to the threats they were intended to address. That second assessment is being made by the Joint Committee on the Draft Investigatory Powers Bill which is likely to publish its report within the next fortnight.Nicola Blackwood MP, the committee’s chair, stressed the bill’s poor definitions of matters like decryption-on-demand (the removal of electronic protection) and the state’s legalised hacking abilities (equipment interference). The committee’s greatest worry, however, regarded "the feasibility of collecting and storing Internet Connection Records (ICRs), including concerns about ensuring security for the records from hackers."

"The Bill was intended to provide clarity to the industry, but the current draft contains very broad and ambiguous definitions of ICRs," wrote Blackwood, echoing the sentiments of the submissions her committee had received from almost every party except from the Home Office itself.Does anyone here know what an ‘Internet Connection Record’ might be?
A consensus among those providing witness statements to the Science and Technology Committee’s inquiry, as well as to the Joint Committee providing pre-legislative scrutiny of the draft legislation as a whole, criticised ICRs.Some ISPs simply confessed ignorance as to what the Home Office could possible mean by the term, while other witnesses gave more robust denials regarding whether ICRs even existed. No witnesses believed they current possessed the capacity to collect ICRs, and there was much echo of The Register’s analysis that £2bn was a far closer assessment of its implementation costs than £250m.The report declared that “the Government must work with industry to improve estimates of all of the compliance costs associated with the measures in the draft Bill.”

Napsat komentář