Articles

404 ERROR: REQUEST COULD NOT BE FOUND

The page that you have requested could not be found at this time. We have provided you a list of related content below or you can use our site search to find the information that you are looking for.

SHOCKER - Coinhive URL Shortener Used for Crypto Mining Attacks

Security researches at Securi have identified hundreds of websites that have been utilizing the Coinhive URL shortener to mine cryptocurrency on unsuspecting user devices. What is the Coinhive URL shortener? I'm glad you asked. Coinhive describes it as this: "If you have an URL you’d like to forward your users to, you can create a cnhv.co shortlink to it. The user has to solves[sic] a number of hashes (adjustable by you) and is automatically forwarded to the target URL afterwards."
In the URL shortener's intended form, end users would then be presented with a progress bar showing that Coinhive is now solving hashes on their device. The plot thickens. Some denizens of cyberspace with less than scrupulous intentions (certain website owners / cyber criminals) have found a way to load the progress bar in an IFrame that sports an area of 1 pixel by 1 pixel with zero interaction from the end user. Essentially, the IFrame loads as a 1x1 pixel, no one sees the notification, resource usage jumps to 100%, and BAM! Someone else is making money at your expense. A list of some of the websites identified can be found here. Thanks to SCHTASK for the link and the story. Discussion
Posted by Kyle May 23, 2018 2:25 PM (CDT)

New Processor Vulnerability Discovered

Microsoft and Google Project Zero researchers announced today a new category of processor vulnerability known as a speculative execution side channel vulnerability, or Speculative Store Bypass, that is closely related to the Spectre Variant 1 vulnerability. Microsoft has also released a security advisory for the new vulnerability. Impressively, AMD has already released a 5 page whitepaper on the vulnerability, as well as a post on their security updates page outlining that they will be providing updates back to the Bulldozer series of processors. Even more remarkable, is AMD stats that these updates are already in the hands of Microsoft, who is completing final testing and validation and will be released over the standard update process.
I can't help but just shake my head at yet another CPU vulnerability being discovered, when I still have not gotten a BIOS update for the first Spectre on my X99 system. I must give kudos to AMD though, already having the update going through validation and ready day of release, not just for Windows, the AMD page also notes that Linux distributors are creating the system updates as well. However on the Intel side, is deafening silence. Thanks to @cageymaru for the story.

An attacker who has successfully exploited this vulnerability may be able to read privileged data across trust boundaries. Vulnerable code patterns in the operating system (OS) or in applications could allow an attacker to exploit this vulnerability. In the case of Just-in-Time (JIT) compilers, such as JavaScript JIT employed by modern web browsers, it may be possible for an attacker to supply JavaScript that produces native code that could give rise to an instance of CVE-2018-3639. However, Microsoft Edge, Internet Explorer, and other major browsers have taken steps to increase the difficulty of successfully creating a side channel.

Discussion
Posted by rgmekanic May 21, 2018 7:27 PM (CDT)

GPP Creates Another AMD Exclusive Hardware Line

Despite the fact that the disgusting GeForce Partner Program was killed off by NVIDIA earlier this month, it seems the effects are still being felt. PC World is reporting that MSI is launching a new AMD exclusive brand dubbed the "MECH 2." The article states that the card appears to slot in between the affordable Armor line, and MSI's high-end "gaming" line of GPUs, and the RX and RX 580 MECH 2 cards should be launching in July.
Makes you wonder how long GPP was in the works before we found out about it. For several companies to come up with all new branding for cards has to take more time than the 2 months it has been since @Kyle_Bennet broke the story. Depressing that we are still seeing its effects.

The upstart Radeon brands appear here to stay. The real question: Will top-shelf brands like ROG and Gaming X continue to fly the AMD flag in the future? If not, the spirit of the GeForce Partner Program will live on even if it’s technically dead. Stay tuned.

Discussion
Posted by rgmekanic May 16, 2018 6:53 PM (CDT)

PS4 E3 2018 Press Conference Won’t Have New Hardware

Chairman of Sony Interactive Entertainment Worldwide Studios Shawn Layden has clarified that "there will be no new hardware announcements at E3," putting a damper on any potential PlayStation 5 information at this year’s premiere gaming show. Instead, Sony will focus on four of its upcoming exclusives: Death Stranding, Ghost of Tsushima, Spider-Man, and The Last of Us Part II.

For Death Stranding, Layden said Sony has a "complete new report for everybody about what is happening around that title," while Ghost of Tsushima will also have a "deep dive." For Spider-Man there will be "a new drop," which is likely to be a new trailer. Finally, The Last of Us Part 2 will have "a full new scope and treatment to show progress on the game and give people a better understanding of where we're going with Part 2."

Discussion
Posted by Megalith May 13, 2018 1:05 PM (CDT)

Google Pixel Smartwatch Rumored for Fall Hardware Event

Popular leaker Evan Blass believes that Google will have more to show than just the Pixel 3 at this year’s hardware event: one of his reliable sources claims that a Pixel watch will be unveiled. The wearable is expected to champion Android Wear, which was recently rebranded to Wear OS.

WinFuture concurs that a Google smartwatch is coming, and adds that it will be available in three models, codenamed Ling, Triton, and Sardine. The German publication does not know how the three Pixel watches might differ (presumably either size, connectivity, or finish -- and of course, price).

Discussion
Posted by Megalith May 12, 2018 12:40 PM (CDT)

Steam Hardware Survey Was Wrong

Every month Steam posts it's Steam Hardware & Software Survey, giving data on what hardware and software are Steam users running. While it has long been a bit questionable about the validity of the data, The Tech Report's Wayne Manion has posted an article today explaining that the last few months of stats were wrong. In the latest round of the survey, there were massive changes, with AMD picking up a large percentage in both GPU and CPU, as well as Windows 10 64-bit gaining over 17%, and English users going up over 11%. As it turns out, the way PCs in net cafes around the world are administered, caused them to be counted multiple times. While the article states that Valve's engineers thought that they had prevented this very thing from happening, it obviously did not. If only someone had told us that the stats from the survey could be significantly wrong earlier... oh wait.
Personally I've always been suspect of the Steam Hardware survey, purely based on my own experiences. I've been using Steam since I was required to install it for Half Life 2, back when it was so terrible it was loathed more than uPlay is today, yet I can count on 1 hand the amount of times I have been prompted to take the survey. Add to that the lack of any information about numbers polled and the like, and you have a recipe for data to be easily manipulated.

The company says it has taken these details into account and that the latest results are more representative of true state of the gaming-PC install base. As a result, we suggest taking the deltas presented in the latest set of results with a boulder of salt.

Discussion
Posted by rgmekanic May 04, 2018 6:21 PM (CDT)

CPU Utilization is Wrong

In May of last year, senior performance architect at Netflix, Brendan Gregg posted an interesting article about how the "%CPU" metric is wrong, and is progressively getting worse. Now, Brendan expands on his findings in a 5 minute video from the Southern California Linux Expo. The UpSCALE Lightning Talk from Opensource.com goes over his original idea very well, but also shows an interesting conclusion.

In his Lightning Talk, "CPU Utilization is Wrong," Brendan explains what CPU utilization means-and doesn't mean-about performance and shares the open source tools he uses to identify reasons for bottlenecks and tune Netflix's systems. He also includes a mysterious case study that's relevant to everyone in 2018.

Discussion
Posted by rgmekanic April 30, 2018 4:09 PM (CDT)

AMD 7nm Zen 2 CPUs Sampling This Year for 2019 Volume Launch

Comments made by Lisa Su during a recent earnings call suggest that 7nm Zen 2 CPUs will not fall victim to a paper launch and see wide availability next year, as sampling has already begun. AMD has tasked both TSMC and GLOBALFOUNDRIES for their 7nm lineup, which will include samples of a 7nm GPU based on Vega and 7nm server CPU later this year.

"We have a 7nm GPU based on Vega that we'll sample later this year. We have a 7nm server CPU that we'll sample later this year. And then, obviously, we have a number of products that are planned for 2019 as well. So it's a very, very busy product season for us. But we're pleased with the sort of the execution on the product roadmap," Dr. Su said.

Discussion
Posted by Megalith April 29, 2018 10:30 AM (CDT)

Why Information Integrity Attacks Pose New Security Challenges

DARKReading has posted an interesting article today, focusing on the new and growing threat of attackers using botnets to flood comment sections in a tactic called skewing. The attacks purpose is exactly what it sounds like, to skew public opinion,
I am glad someone is touching on this, as with the nature of public opinion today, this could be a massive problem across nearly every issue you can think of. A good quote would be "If you tell a lie big enough and keep repeating it, people will eventually come to believe it." Except these lies could be spread by a nearly infinite amount of "people."

If left unchecked, these bots will steadily erode human users' trust in anything they see on the Web. Given how easy it is to impersonate human behaviors, how popular will the most popular stories in your feed be, really? Does the song that's topping the charts of your favorite streaming service or the latest viral video really have that many plays? Is the metric that's guiding your company's decisions based in anything real or the work of some unseen manipulator hiding in the shadows?

Discussion
Posted by rgmekanic April 25, 2018 5:20 PM (CDT)

AMD May Release a Ryzen 7 2800X CPU "Someday"

According to Senior Vice President and General Manager Jim Anderson, AMD did not bother releasing a 2800X because the recent Ryzen lineup (2600X and 2700X) already covers all current performance and price points. He does admit that a 2800X is not out of the question, which has led some to think that it will be used to counter Intel’s rumored 8C/16T CPU.

"We felt like, with the 2700X and 2700 at the performance and price points, we had that space covered. We just felt that with those two SKUs we had it sufficiently covered where we wanted to position the product. That doesn’t preclude a 2800X someday, right, maybe. But for now we believe those two SKUs cover the space well."

Discussion
Posted by Megalith April 22, 2018 3:00 PM (CDT)

Microsoft to Kill Off OneNote’s Desktop App

Coinciding with the launch of Office 2019 will be the death of OneNote for the desktop, as Microsoft has decided to switch all focus to the Windows 10 UWP app. Bug fixes and security updates will be provided until October 2020, and 2025, respectively.

While there is a lot of crossover in features between the desktop and UWP versions, there are still a few differences, and this is something Microsoft aims to address, promising a number of new additions to OneNote for Windows 10.

Discussion
Posted by Megalith April 22, 2018 9:50 AM (CDT)

Major Tech Companies Pledge To Never Help Governments Launch Cyber Attacks

33 tech companies have pledged to never help governments launch cyberattacks in what the New York Times calls the "Digital Geneva Accord." Inquisitr summarizes the pledge dubbed the "Cybersecurity Tech Accord," which in addition to not helping governments launch a cyber attack, pledges to have a stronger defense against cyber attacks to protect all customers globally regardless of the motivation for attacks.
Companies in the accord include ABB, Arm, Cisco, Facebook, HP, HPE, Microsoft, Nokia, Oracle, and Trend Micro. We will see how much difference this makes going forward. You can check out the full pledge at the Cybersecurity Tech Accord website.

"The devastating attacks from the past year demonstrate that cybersecurity is not just about what any single company can do but also about what we can all do together." said Microsoft President Brad Smith. "This tech sector accord will help us take a principled path towards more effective steps to work together and defend customers around the world."

Discussion
Posted by rgmekanic April 18, 2018 5:13 PM (CDT)