One of the most popular cloud storage in the world (opens in new tab) service providers carried several serious vulnerabilities that allowed threat actors to read even (opens in new tab) files, researchers found.
A team at ETH Zurich discovered five vulnerabilities in the Mega platform that revolve around stealing and decrypting an RSA key (a private key based on the RSA algorithm).
The team discovered the flaws in late March of this year and reported it to the company. Soon, Mega released patches and mitigations for some of the flaws, while for others, the patches are still a work in progress. The patches do not affect the user experience and do not require users to re-encrypt their stored data, it was said. They also don’t need to change any passwords or create new keys.
Ideal for dissatisfied employees
While patches aren’t available for every flaw that’s certainly bad news, the good news is that Mega has yet to see anyone exploit them in the wild. There is no concrete timeline as to when the remaining patches will be released.
In a video explanation of the flaw, the researchers said that the attack is based on prime factor guessing by comparison and that the attacker would need at least 512 login attempts to breach an endpoint. (opens in new tab). Furthermore, they would also need to have access to Mega’s servers, which means that for outside threats – vulnerabilities aren’t exactly viable.
For insiders or disgruntled employees, however, it’s an entirely different story.
“Seeing how seemingly innocuous cryptographic design shortcuts taken nearly a decade ago backfire under scrutiny by three of the brightest minds in the industry is both frightening and intellectually fascinating,” Mega said in a statement.
“The very high limit of exploitability, despite the wide range of cryptographic flaws identified, provides a certain sense of relief.”
Microsoft has released a new feature for Office 365, allowing administrators to prevent users from sending emails to blocked addresses.
The feature, called Tenant Allow Block List, previously only prevented users from receiving emails from selected senders.
Microsoft is ready to start previewing the feature in July and it will be available to everyone in the same month.
The evolution of Office 365
With attack vectors such as phishing attacks remaining an extremely popular way to circumvent antivirus software and carry out identity theft, this isn’t the only feature promising increased security that Microsoft has been able to deploy in previous months on its flagship e-mail client. mail.
The company has also added a new layer of security to the Office 365 email service as it seeks to improve the integrity of incoming and outgoing messages.
Microsoft says the new protection, SMTP MTA Strict Transport Security (MTA-STS), a feature first announced in the second half of 2020, will address issues such as expired TLS certificates, issues with third-party certificates, or unsupported secure protocols.
We expect these features to pay dividends in terms of user security, because the announcement comes as Office 365 prices have increased across all industries.
Since March 15, 2022, Microsoft 365 Business Basic has increased from $5 to $6 per user per year, Microsoft 365 Business Premium has increased from $20 to $22, Office 365 E1 has increased from $8 to $10, Office 365 E3 went from $20 to $23, Office 365 E5 went from $35 to $38, and Microsoft 365 E3 went from $32 to $36.
It’s easy to see why Microsoft might be looking to increase the security of its email services, companies could be even more vulnerable than originally thought to email-based attacks, according to a recent study by BitDam. (opens in new tab) which showed that malicious files often bypass many supposed top email security solutions.
AMD has made the source code of FSR 2.0 (FidelityFX Super Resolution) public, which means any developer can now use frame rate boosting technology in their games.
AMD’s FSR 2.0 is the company’s rival to the Nvidia DLSS, and that’s clearly good news in terms of getting more games up and running with the technology. The small caveat here is that Team Red pushed all the materials (opens in new tab) needed to work with DX12 and Vulkan games, but not DX11 (if you want to go this route you will need to contact AMD directly as Tom’s Hardware (opens in new tab) reports).
Furthermore, support for Unreal Engine 4.26/4.27 (and UE5, for that matter) will arrive soon in the form of a plug-in, promises AMD.
AMD also gave us an idea of how long it might take developers to incorporate FSR 2.0 into their games, that time varies – obviously – but if a title already supports DLSS 2.0, it might only take a few days to implement. Likewise, it will be a quick process for those using the Unreal Engine plugin, as you might expect.
For some games, bringing FSR 2.0 support can be a considerably longer (and windier) path, with AMD putting the longest timeframe in their estimates at over four weeks.
Analysis: The proof is in the upscaled pudding
Interestingly, along with this source code release, AMD took the opportunity to hurl some criticism at Nvidia (and Intel XeSS, which, like DLSS, is AI-powered).
As you may know, with version 2.0, FSR is now quite similar to DLSS, mainly because AMD made the switch to using temporal upscaling, which is how Nvidia weaves its framerate-boosting magic.
FSR 1.0 employed spatial upscaling and there is a big difference in switching to temporal with FSR 2.0, as the former only accesses data pertaining to the current frame in the game – whereas with spatial, previous frames are activated. And that results in better quality results when it comes to the upscaled image (upscaling is how these technologies improve frame rates – in simple terms, letting the GPU run at a lower resolution and then upscaling it to a resolution of target instead of running on that native res).
Now Nvidia will point out that its machine learning (AI) capabilities are in the mix along with temporal upscaling for even better results, but AMD claims in its GPUOpen article that the introduction of AI is simply not necessary to get a good result. high quality image. In fact, AMD argues that machine learning is often only employed on blending past frames to get the enhanced image, rather than actually recognizing objects in the real scene, and so Team Red is basically downplaying the importance of adding the power. of AI.
We certainly can’t take this argument at face value, and Nvidia claims that its AI routines are doing considerably heavier work in terms of producing an improved final image.
Whatever the case – and what’s going on under the hood with this technology is a highly complex subject – it’s quite revealing to see AMD go on the offensive like this. Also, when you look at the results of FSR 2.0 compared to DLSS 2.0, it’s a very close issue of image quality. The proof is in the pudding, as they say, and the upscaling built into supported games so far shows FSR 2.0 giving Nvidia a good run for its money (certainly going for Deathloop and God of War as tested by Tom’s Hardware).
Note that both FSR 1.0 and 2.0 can be used together in a game if the developer wants, giving the player the choice of either one – and this is important if the player in question doesn’t have a good enough GPU for FSR 2.0 (which has more stringent hardware requirements). This comes with the obvious caveat that the quality of FSR 1.0 results is substandard, but it’s still nice to have the choice. Hitman 3 is an example game that is getting support for FSR 1.0 and 2.0.
AMD’s openness towards FSR and assurance that it covers a wider range of bases and different graphics cards – including Nvidia models – is one of the biggest strengths of its frame rate boost solution compared to DLSS, that specifically requires an Nvidia RTX graphics card.
Zoom has revealed its latest step towards becoming a complete communication platform.
Far from just providing video conferencing, the company is now looking to provide a range of tools in its new Zoom One offering.
The new platform will bring together Zoom’s collaboration tools, including persistent chat, phone, meetings, whiteboard, and more in one package, simplifying deployment and choices for businesses around the world.
Zoom One
Zoom One (opens in new tab) will have five pricing tiers, each with its own selection of tools and services.
The free Basic tier provides the standard Zoom video conferencing experience, with meetings of up to 40 minutes with up to 100 people, plus three whiteboards with 25MB cloud storage and messaging in the Zoom collaboration tool.
The $149.90/year/user Pro Tier adds 5GB of cloud storage per license and real-time transcription for calls. It also eliminates meeting time limits and allows group messaging, offering chats and channels for “collaboration, file sharing and more”.
For $199.90/user/year, the Business level allows meetings with up to 300 participants and unlimited whiteboards.
Currently, the top of the class is the Business Plus level, available for $250/year/user, which adds unlimited business phone calls to regional or toll-free numbers, as well as domestic SMS and MMS and automatic call distribution groups ( ACD) with call queue. Users also get 10GB of cloud recording storage per license and real-time transcription and translation.
The last two tiers are currently starting at 10 licenses, but for larger companies, there are the Enterprise and Enterprise Plus offerings, which offer meetings of up to 1,000 participants, full-featured PBX calling with Zoom Phone Pro, Zoom Webinars, and full Zoom Rooms. capabilities.
Users of the Zoom One Business Plus and Zoom One Enterprise Plus packages will also have access to another new feature announced by the company: translated and multi-language subtitles.
Allowing users to view subtitles translated into the language of their choice, the tool will be available between English and 10 additional languages, or from any of 10 languages to English.
The new “two-way translations” will be available in Chinese (Simplified), Dutch, English, French, German, Italian, Japanese, Korean, Russian, Spanish and Ukrainian.
“Simplicity is at the heart of everything we do. As the Zoom platform evolved from a meeting app to a comprehensive communication platform, it became clear that the introduction of new packaging like the Zoom One was the next step in the company’s evolution,” said Greg Tomb, President of Zoom.
“By bringing together chat, phone, meetings, whiteboard and more in a single offering, we are able to provide our customers with simple-to-manage solutions so they can focus on their most important business problems.”
Apple released updates for iOS 16, iPadOS 16, macOS Ventura, and watchOS 9 developer betas this week (June 22), where there were some bug fixes and refinements to the new features announced at WWDC.
While the Stage Manager in iPadOS 16 has seen some improvements, making it easier to resize windows and hide the dock, the Messages app is taking older versions of the software into account when editing messages.
There will be two messages sent – one being the original and the other being the newly edited message.
There’s also the ability to create iCloud backups using your cellular data plan, but as other users are waiting for the public beta of iOS 16 (along with other versions of the platform), we suspect the wait won’t be much longer.
Analysis: When can iOS 16 public beta arrive?
(Image credit: Apple)
Apple beta releases usually arrive two to three weeks after a previous release, whether it’s a minor release like iOS 15.6 (opens in new tab)or iOS 16 support versions.
At the time of writing, it has been two weeks since WWDC and when the first developer betas arrived. We usually see public betas pop up when beta 3 comes out. Until then, there will be a lot of feedback given by developers who have used the previous versions and whatever has been applied to the features of the new software.
For example, WWDC 2021 was on June 7th, with the public beta arriving three weeks later, ahead of Apple’s July date. Although the public beta of iOS 14 arrived on July 8, just under three weeks after WWDC 2020 was hosted remotely.
That’s why we suspect the iOS 16 public beta and other updates will arrive around the week starting July 4th. That way they are released after the federal holiday and users can know how the new updates will benefit them, albeit carefully.
Regardless, these are still early versions in development of what will be on most iPhones by the end of 2022. So be aware that you may run into bugs and other issues if you decide to install the public betas… when they arrive.
Microsoft is updating its responsible AI standard and has revealed that it is retiring Azure Face’s (for the most part) emotional and facial recognition abilities.
O Responsible AI Standard (opens in new tab) is Microsoft’s internal ruleset when it comes to building AI systems. The company wants AI to be a positive force in the world and never be misused by bad actors. It’s a pattern that has never been shared with the public before. However, with this new change, Microsoft decided that now would be the time.
Emotional and facial recognition software has been controversial, to say the least. There are several organizations calling for this technology to be banned. fight for the futurefor example, wrote an open letter in May urging Zoom to halt its own development of emotional tracking software and called it “invasive” and “a violation of privacy and human rights.”
policy change
As established, Microsoft will rework its Azure Face service to meet the requirements of its new responsible AI standard. First, the company is removing public access to the AI emotion scanning feature. Second, Azure Face will no longer be able to identify a person’s facial features, including “gender, age, [a] smile, beard, hair and makeup.”
The reason for the retirement is because the global scientific community still does not have a “clear consensus on the definition of ’emotions’”. Natasha Cramption, chief AI officer at Microsoft, said experts inside and outside the company have voiced their concerns. The problem is “the challenges in how inferences generalize across use cases, regions and demographics, and the biggest privacy concerns…”
In addition to Azure Face, Microsoft’s Custom Neural Voice will have similar restrictions. custom neural voice (opens in new tab) is a surprisingly realistic text-to-speech app. Now, the service will be limited to a few “managed customers and partners”, which are people who work directly with Microsoft’s account teams. The company claims that while the technology has great potential, it can be used to impersonate. To continue to have access to Neural Voice, all existing customers must submit an admission form and be approved by Microsoft. They need to be approved by June 30, 2023 and if not selected these customers will no longer have access to Neural Voice.
still in the works
Despite all that being said, Microsoft isn’t abandoning its facial recognition technology entirely. The announcement refers to public access only. Sarah Bird, who is the Core Group Project Manager at Azure AI, wrote about responsible facial recognition (opens in new tab). And in that post, she states that “Microsoft recognizes that these features can be valuable when used for a set of controlled accessibility scenarios.” One such scenario, according to one representative, is selling AI (opens in new tab)which is an iOS app that helps the visually impaired to identify people and objects around them.
It’s nice to see another tech giant recognizing the issues with facial recognition and the potential for abuse. IBM did something similar in 2020, although its approach was more absolute.
Back to 2020, IBM announced that it was abandoning work in facial recognition because the company feared it could be misused for mass surveillance. Seeing these two industry titans get rid of this technology is a win-win for critics of facial recognition. If you’re interested in learning more about AI, recently published an article on what it can do for cybersecurity.
Final Fantasy 16 is shaping up to be one of the biggest PS5 exclusives, but according to producer Naoki Yoshida, it could be on PS4 too.
Yoshida was recently interviewed about Final Fantasy 16 by the Japanese publication famitsu (opens in new tab), following the release of the latest FF16 trailer during Sony’s State of Play earlier this month. Suggesting that the trailer received a better response than expected, Famitsu asked how Yoshida felt about the response given to the 2020 FF16 reveal trailer. PS4 was being considered.
Translated by Google Translate, he confirmed: “At that time, I was developing with the aim of releasing it on PlayStation 4, so I was worried that I couldn’t improve the quality. I could have pre-rendered there once, but it would be a wasted hours of development, and I didn’t want to do that. That’s because I wanted to make a trailer extracting what I could enjoy as a gameplay experience.”
It’s not particularly surprising to hear that a PS4 version of FF16 has been dropped. Square Enix still has several cross-gen releases planned, including a recently announced Crisis Core remaster, but the Japanese publisher is gradually moving towards the new generation. As it currently stands, there are some big PS5 console exclusives on the way, including Forspoken and Final Fantasy 7 Rebirth.
(Image credit: Square Enix)
Final Fantasy 16 feels like a true next-gen experience
This isn’t the only interview Yoshida has given about Final Fantasy 16 recently. Talking to PlayStation Blog (opens in new tab), the producer of FF16 highly praised the PS5’s capabilities. “It’s only thanks to the power of the PlayStation 5 system that we can make Final Fantasy 16 the roller coaster it is,” he said. The producer also praised the graphics capabilities and “super-fast load times” of Sony’s latest console.
However, what really interests me is your feedback on the gameplay. “In Final Fantasy 16, you jump straight from story scenes to real-time battles and back without any load times, making the gameplay flow at a breakneck pace.” It feels like a true next-gen experience and I’m worried that if Square Enix had opted for a next-gen release, it would have been severely restricted.
Personally, I’m glad Square Enix didn’t stick with those PS4 plans for Final Fantasy 16. Don’t get me wrong, I’m not criticizing the idea of cross-gen releases, but Sony’s oldest console is nine years old. You can only do so much with old hardware before it inevitably constrains developers. The PS5 launched almost two years ago and with the stock shortages starting to ease, it’s finally time to move on.
The battle between MediaTek and Qualcomm is heating up By Joel Khalili published 23 Jun 22 Pro MediaTek has just released its most powerful mobile chipset to date.
If you’re reading about VPN services, you probably care about your privacy online. You can even opt for one of the best VPNs to ensure your data is protected by a strict no-logs policy. However, there is always any information that needs to be stored to keep your monthly plan running.
That’s why Mullvad made the decision to completely remove the ability to create new signatures – all in the name of storing less data about your users.
“Subscriptions clearly offer a lot of convenience, but as we’ve seen that convenience comes at a cost and we no longer think this is an acceptable tradeoff. We care a lot about usability, but when it comes to that, privacy has to win,” the provider wrote. on a blog post (opens in new tab).
This move is a step forward in Mullvad’s commitment to its users’ privacy. In fact, it’s one of the few services that doesn’t ask for any email addresses or other personal information to create an account.
However, when it came to recurring subscription, the provider was required to keep track of payments to provide refunds, bill the user again after the initial period of coverage, or recover a lost account. Therefore, one-time payments seem to be the only solution.
Starting today we are removing the option to create new subscriptions: https://t.co/JDUOwBYCkPJune 20, 2022
View more
“We are constantly looking for ways to reduce the amount of data we store while still providing a usable service. Nowhere is the tension between privacy and usability more apparent than in the area of payments.”
Mullvad’s monthly fee has always been the same across all plans – about $5.50. This is very different from almost all other consumer VPNs, but there’s no need to stress about a price increase.
Also, those who currently have an active Mullvad subscription need not worry either. Your account will continue to function normally for at least six months, or until your subscription reaches the end of a period.
going against the current
When it comes to VPN plans, Mullvad’s competitors take a completely different approach. In fact, almost all the big names in the industry offer discounted pricing for users who decide to commit longer.
Let’s look at some examples. The fee to get ExpressVPN for just one month is $12.95. This drops to $9.99 for a 6 month plan and $6.67 for a 12 month + 3 free plan. This means users are encouraged to subscribe longer to get the same service for half the price. price.
Others, like Surfshark and NordVPN, offer their long-term subscriptions for a lower upfront fee and then raise the price on automatic re-subscription. After being lured in by a tempting price, users may end up paying two or even three times as much when the introductory period ends.
On the one hand, this is a dubious tactic to get more money from users who don’t opt out of auto-billing — and it’s not just limited to the VPN industry. On the other hand, savvy buyers can get a much better price if they are proactive in canceling before being billed again.
Mullvad VPN has a flat fee of approximately $5.50 per month, no matter how long you subscribe. Even before announcing that it would only accept non-recurring payments, the provider never pressured its users to commit longer than they wanted. Also, to make things easier, users will still have the opportunity to pay as many months as they want at once.
(Image credit: Mullvad)
How to create your Mullvad account from a payment
Getting started with Mullvad couldn’t be easier. Just go to Mullvad website (opens in new tab) and press yellow start button placed in the upper right corner.
You will be redirected to your account page. However, unlike most of its rivals, instead of using your email address, just tap the generate account number button. Make a note of this as it will be your sole reference.
(Image credit: Mullvad)
After that you will need select the desired payment method. Mullvad offers a wide choice – from a classic credit card, bank transfer and PayPal to Bitcoin and Monero cryptocurrencies. With the latter, a 10% discount will be applied to the monthly flat rate of about $5.50.
Once you’ve selected your payment method, you’ll be able to choose how long you want to pay. Remember, after that time is up, you will have to re-enroll manually thanks to the policy change.
(Image credit: Mullvad)
Once paid, you will have to download the mullvad app to start protecting your privacy and anonymity when browsing the web. You will be able to use your account on five different devices at the same time – whether they are Windows, macOS, Linux, iOS or Android.
Getting access to some of Microsoft Edge’s most popular online tools should be easier than ever, thanks to a new update.
The company revealed that it is working on an update to its browser that will give users quick access to their favorite tools right from the sidebar of Microsoft Edge.
The upgrade means you will no longer be looking for calculators, internet speed test and unit converter when you need it most.
The entry for the update in Microsoft 365 roadmap (opens in new tab) doesn’t contain much information about how the update will work, or even what it will be like, so we’ll have to stay tuned for more details soon.
However, Microsoft has set a goal of general availability by August 2022, so we may not have long to wait. The company says the update will initially only be available to web users, so we expect a mobile version to be available soon as well.
The release will be the latest in a long series of updates to Edge as Microsoft looks to ensure the browser remains useful to users around the world.
This includes a recent addition that will allow users to pause all extensions from running on specific websites with a single click, giving them greater control over extensions running on risky or sensitive websites.
Microsoft recently introduced redesigned context menus that appear when a user right-clicks somewhere in a window, following user complaints that it was too big when it appears and is filled with a huge list of options that aren’t. particularly useful.
Recent figures from Statcounter have shown that Microsoft Edge has lost or not gained market share in four of the last six months.
It put Edge at a 4.05% market share (on desktop and mobile platforms), which equates to around 200 million users – far below Google Chrome (64.34%) and Apple’s Safari. (19.16%), but ahead of Firefox (3.41%).
