76
4
77
11
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
78
40
submitted 1 month ago by Tomkoid@lemmy.ml to c/technology@lemmy.ml

I'm starting to learn to touch type correctly on a keyboard, but typing something like :q with the pinky finger always feels so awkward to me. Is it worth using it?

79
25
submitted 1 month ago* (last edited 1 month ago) by geneva_convenience@lemmy.ml to c/technology@lemmy.ml

Oct 18 (Reuters) - A federal judge in California has granted Google's request to temporarily pause his order directing the Alphabet (GOOGL.O) unit to overhaul its Android app store Play by Nov. 1 to give consumers more choice over how they download software.

San Francisco-based U.S. District Judge James Donato made the decision on Friday as part of an antitrust lawsuit against Google by "Fortnite" maker Epic Games. Google argued that Donato's Oct. 7 injunction would harm the company and introduce "serious safety, security and privacy risks into the Android ecosystem."

Donato delayed the injunction to allow the 9th U.S. Circuit Court of Appeals to consider Google's separate request to pause the judge's order. Donato denied Google's separate request to pause the order for the duration of its broader appeal in the case.

80
58
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
81
15
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
82
165

One of Amazon's (AMZN.O) top executives defended the new, controversial 5-day-per-week in-office policy on Thursday, saying those who do not support it can leave for another company.

Speaking at an all-hands meeting for AWS, unit CEO Matt Garman said nine out of 10 workers he has spoken with support the new policy, which takes effect in January, according to a transcript reviewed by Reuters.

Those who do not wish to work for Amazon in-office five days per week can quit, he suggested.

83
38
submitted 1 month ago by fattyfoods@feddit.nl to c/technology@lemmy.ml
84
12
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
85
11
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
86
173

The plan, mentioned in a new 76-page wish list by the Department of Defense’s Joint Special Operations Command, or JSOC, outlines advanced technologies desired for country’s most elite, clandestine military efforts. “Special Operations Forces (SOF) are interested in technologies that can generate convincing online personas for use on social media platforms, social networking sites, and other online content,” the entry reads.

The document specifies that JSOC wants the ability to create online user profiles that “appear to be a unique individual that is recognizable as human but does not exist in the real world,” with each featuring “multiple expressions” and “Government Identification quality photos.”

In addition to still images of faked people, the document notes that “the solution should include facial & background imagery, facial & background video, and audio layers,” and JSOC hopes to be able to generate “selfie video” from these fabricated humans. These videos will feature more than fake people: Each deepfake selfie will come with a matching faked background, “to create a virtual environment undetectable by social media algorithms.”

87
64
submitted 1 month ago by yoasif@fedia.io to c/technology@lemmy.ml

We’ve been anticipating it for years,1 and it’s finally happening. Google is finally killing uBlock Origin – with a note on their web store stating that the ...

88
28

Taiwan Semiconductor Manufacturing Company has announced a forecast-busting quarterly profit amid surging demand for chips used to power artificial intelligence.

TSMC, the world’s largest contract chipmaker, reported a net profit of 352.3 billion Taiwanese dollars ($10.1bn) for the third quarter, up 54.2 percent from the same period last year.

The figure marked the firm’s best-ever quarterly performance and was comfortably ahead of market estimates.

89
3
submitted 1 month ago by linkerbaan@lemmy.ml to c/technology@lemmy.ml

TAIPEI, Oct 17 (Reuters) - TSMC, the world's largest contract chipmaker, bet on sustaining its strong growth, after reporting on Thursday a forecast-beating 54% jump in quarterly profit driven by soaring demand for chips used in artificial intelligence (AI).

Taiwan Semiconductor Manufacturing Co (2330.TW), the dominant producer of advanced chips used in AI applications whose customers include Apple (AAPL.O) and Nvidia (NVDA.O), has benefited from a surge towards AI across a spectrum of industries.

TSMC estimated its capital spending in the current quarter would more than double to around $11.5 billion and that the budget was likely to increase further next year, as it expects healthy demand for its products.

It said 2024 full-year revenue will grow close to 30% in U.S. dollar terms, compared to a previous guidance of slightly above the mid-20% range.

90
81
submitted 1 month ago* (last edited 1 month ago) by cypherpunks@lemmy.ml to c/technology@lemmy.ml

from The Register:

A Chinese industry group has accused Intel of backdooring its CPUs, in addition to other questionable security practices while calling for an investigation into the chipmaker, claiming its products pose "serious risks to national security."

The Cybersecurity Association of China (CSAC), in a lengthy post on its WeChat account on Wednesday described Intel's chips as being riddled with vulnerabilities, adding that the American company's "major defects in product quality and security management show its extremely irresponsible attitude towards customers."

The CSAC also accused Intel of embedding a backdoor "in almost all" of its CPUs since 2008 as part of a "next-generation security defense system" developed by the US National Security Agency.

This allowed Uncle Sam to "build an ideal monitoring environment where only the NSA is protected and everyone else is 'naked,'" the post continued. "This poses a huge security threat to the critical information infrastructure of countries around the world, including China," the industry group claims.

The infosec org also recommends the Cyberspace Administration of China open an investigation into the security of Intel's products sold in the country "to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers."

Intel did not immediately respond to The Register's inquiries.


Here is a machine translation (via google translate) of CSAC's post:

Frequent vulnerabilities and high failure rates. Intel product cybersecurity risks should be systematically checked

China Cyberspace Security Association October 16, 2024 09:02

Frequent vulnerabilities and high failure rates

Intel product cybersecurity risks should be systematically checked

  1. Frequent security vulnerabilities

In August 2023, Intel CPU was exposed to the Downfall vulnerability, which is a CPU transient execution side channel vulnerability. It uses the Gather instruction in its AVX2 or AVX-512 instruction set to obtain sensitive data such as keys, user information, and key parameters previously stored in a specific vector register buffer. The vulnerability affects Intel's 6th to 11th generation Core, Celeron, and Pentium series CPUs, as well as 1st to 4th generation Xeon processors. In fact, as early as 2022, researchers reported the vulnerability to Intel, but Intel, knowing the existence of the vulnerability, neither acknowledged it nor took effective action. It continued to sell products with vulnerabilities until the vulnerability was publicly reported, and Intel was forced to take vulnerability repair measures. Five victims have filed a class action lawsuit against Intel in November 2023 in the San Jose Branch of the U.S. Federal District Court for the Northern California in the name of themselves and representatives of "CPU consumers across the United States".

Coincidentally, in November 2023, Google researchers disclosed that Intel CPUs have a high-risk vulnerability, Reptar. Exploiting this vulnerability, attackers can not only obtain sensitive data such as personal accounts, card numbers and passwords in the system in a multi-tenant virtualization environment, but also cause the physical system to hang or crash, resulting in denial of service for other systems and tenants it carries.

Since 2024, Intel CPUs have successively exposed vulnerabilities such as GhostRace, NativeBHI, and Indirector. Intel's major defects in product quality and security management show its extremely irresponsible attitude towards customers.

  1. Poor reliability and indifference to user complaints

Since the end of 2023, a large number of users have reported that crashes occur when using Intel's 13th and 14th generation Core i9 series CPUs to play specific games. Game manufacturers have even added pop-up processing in the game to warn users who use these CPUs. Dylan Browne, Unreal Engine Supervisor and Visual Effects Manager at visual effects studio ModelFarm, posted that the failure rate of computers using Intel processors in his company was as high as 50%.

With concentrated user feedback and no way to cover up, Intel finally had to admit that there were stability issues with its products and issued a so-called preliminary investigation report, attributing the problem to the motherboard manufacturer setting too high a voltage. However, it was immediately refuted by the motherboard manufacturer, who stated that the motherboards it produced were developed according to the data provided by Intel for BIOS programs, and the cause of the crash was not the motherboard manufacturer. In July 2024, Intel issued a statement to explain the frequent CPU crashes, admitting that due to the incorrect microcode algorithm sending too high a voltage request to the processor, some 13th and 14th generation processors became unstable.

Frequent crashes occurred at the end of 2023, and Intel only identified the problem and provided an update program half a year later, and the mitigation measures given within half a year did not work, which fully reflected that Intel did not actively and honestly face the problems when facing its own product defects, but simply ignored, shirked and procrastinated. Some professionals speculate that the root cause is that Intel has actively sacrificed product stability in order to gain performance improvements and regain competitive advantages. It is also reported that the US law firm "Abington Cole + Ellery" has begun investigating the instability of Intel's 13th and 14th generation processors, and will file a class action lawsuit on behalf of end users.

  1. Under the guise of remote management, the real purpose is to monitor users

Intel, together with HP and other manufacturers, jointly designed the IPMI (Intelligent Platform Management Interface) technical specification, claiming that it is to monitor the physical health characteristics of the server, and technically manages and controls the server through the BMC (Baseboard Management Controller) module. The BMC module allows users to remotely manage devices, and can realize functions such as starting the computer, reinstalling the operating system, and mounting ISO images. The module has also been exposed to high-risk vulnerabilities (such as CVE-2019-11181), resulting in a large number of servers around the world facing great security risks of being attacked and controlled.

In addition, Intel also integrates third-party open source components with serious vulnerabilities in its products. Taking the Intel M10JNPSB server motherboard as an example, this product supports IPMI management and is currently out of after-sales service. The last firmware update package was released on December 13, 2022. Analysis shows that its web server is lighttpd, with version number 1.4.35, which is actually the version of March 12, 2014. At that time, the latest version of lighttpd had been upgraded to 1.4.66. The difference between the two is 9 years, which is surprisingly large. This irresponsible behavior puts the network and data security of the majority of server users at great risk.

  1. Hidden backdoors endanger network and information security

The autonomous running subsystem ME (Management Engine) developed by Intel has been embedded in almost all Intel CPUs since 2008. It is part of its vigorously promoted AMT (Active Management Technology), allowing system administrators to perform tasks remotely. As long as this function is activated, the computer can be accessed remotely regardless of whether the operating system is installed. Based on the redirection technology of peripherals such as optical drives, floppy drives, and USB, it can achieve the effect of physical contact with the user's computer. Hardware security expert Damien Zammit pointed out that ME is a backdoor that can fully access the memory, bypass the operating system firewall, send and receive network packets without the operating system user's knowledge, and users cannot disable ME. Intel AMT (Active Management Technology) based on ME technology was exposed to have a high-risk vulnerability (CVE-2017-5689) in 2017. Attackers can bypass the authentication mechanism and log in to the system directly to obtain the highest authority by setting the response field in the login parameters to empty.

In August 2017, Russian security experts Mark Ermolov and Maxim Goryachy found a hidden switch suspected to be set by the NSA (National Security Agency) through reverse engineering technology. The switch is located in the HAP bit in the PCHSTERP0 field, but the flag bit is not recorded in the official document. Dramatically, HAP is the full name of High Assurance Platform, which belongs to the NSA-initiated project to build a next-generation security defense system.

If the NSA directly shuts down the ME system by turning on the hidden switch of the HAP bit, and at the same time all other Intel CPUs in the world run the ME system by default, it is equivalent to the NSA being able to build an ideal monitoring environment where only it is protected and everyone else is "naked". This poses a great security threat to the critical information infrastructure of countries around the world, including China. At present, the software and hardware on the ME are closed source, and its security mainly relies on Intel's unilateral commitment, but the facts show that Intel's commitment is pale and unconvincing. Using Intel products poses serious risks to national security.

  1. It is recommended to initiate a cybersecurity review

According to reports, nearly a quarter of Intel's global annual revenue of more than US$50 billion comes from the Chinese market. In 2021, Intel's CPU accounted for about 77% of the domestic desktop market and about 81% of the notebook market; in 2022, Intel's x86 server market share in China was about 91%. It can be said that Intel has made a lot of money in China, but the company has continued to do things that harm China's interests and threaten China's national security.

Previously, the US government passed the so-called "Chips and Science Act" to unreasonably exclude and suppress China's semiconductor industry. Intel is the biggest beneficiary of this bill. Intel CEO Pat Gelsinger successfully tied Intel to the US government and became the largest partner of the US chip strategy. It not only received $8.5 billion in direct subsidies, but also $11 billion in low-interest loans.

In order to please the US government, Intel actively took a stand to suppress China on the so-called Xinjiang-related issues, requiring its suppliers not to use any labor, purchase products or services from the Xinjiang region. In its financial report, it even listed Taiwan Province on a par with China, the United States, and Singapore, and took the initiative to cut off supply and service to Chinese companies such as Huawei and ZTE. This is a typical "holding the bowl to eat, and putting down the bowl to smash the pot".

It is recommended to initiate a cybersecurity review of Intel's products sold in China to effectively safeguard China's national security and the legitimate rights and interests of Chinese consumers.

91
10
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
92
11
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
93
265

God bless the FTC.

94
40
submitted 1 month ago by exu@feditown.com to c/technology@lemmy.ml
95
51
submitted 1 month ago by JRepin@lemmy.ml to c/technology@lemmy.ml

Meta has a Palestine problem. If you use Facebook or Instagram, you’ve probably seen the censorship yourself. Dena Takruri uncovers an internal culture of censorship, intimidation and fear within Meta, the parent company of Instagram and Facebook.

She speaks to Meta employees who’ve tried to fix the problem or speak out, and say they were silenced or even fired. She also investigates Meta leaders’ deep ties to Israel, which may explain why it’s suppressing and censoring Palestine content for billions of users around the world.

96
325
submitted 1 month ago by testman@lemmy.ml to c/technology@lemmy.ml
97
69
submitted 1 month ago by schizoidman@lemm.ee to c/technology@lemmy.ml

cross-posted from: https://lemmy.zip/post/24515831

The research team, led by Wang Chao from Shanghai University, found that D-Wave’s quantum computers can optimize problem-solving in a way that makes it possible to attack encryption methods such as RSA.

Paper: http://cjc.ict.ac.cn/online/onlinepaper/wc-202458160402.pdf

Follow up to https://lemmy.ca/post/30853830

98
4
submitted 1 month ago by chobeat@lemmy.ml to c/technology@lemmy.ml
99
113
100
16
submitted 1 month ago by yogthos@lemmy.ml to c/technology@lemmy.ml
view more: ‹ prev next ›

Technology

34928 readers
53 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS