Apple Accidentally Made Your Mac Hilariously Easy To Hack By Anyone
Computer updates are supposed to shore up your system's defences and make your most important files and documents (videos of cats failing to jump off things) impenetrable to would-be hackers and criminals.
But nobody told Apple. In the company's latest version of OS High Sierra, the tech giants have accidentally included a massive security flaw that makes hacking your system hilariously simple.
You see, if you've downloaded the update then anyone can log into your Mac by just typing 'root' into the username field.
Apple are working on a fix, but have said in a statement: "We are working on a software update to address this issue. In the meantime, setting a root password prevents unauthorized access to your Mac. To enable the Root User and set a password, please follow the instructions here: https://support.apple.com/en-us/HT204012. If a Root User is already enabled, to ensure a blank password is not set, please follow the instructions from the 'Change the root password' section."
The only good to come of this is that we can all pretend to be early-noughties hackers on our friends' computers. Just remember to mention the word "mainframe" a lot and clack pointlessly at the keyboard for a few minutes before you login.
Now you can play YouTube videos right inside WhatsApp
With WhatsApp, you can finally watch videos with your friends.
The messaging platform has rolled out a new update to its iOS app that will allow users to play YouTube videos within the app itself, Hindustan Times reports.
Now, when you receive a YouTube link and click on it, the video will play in WhatsApp. Before, the video would open in the YouTube app or a browser.
You can also keep playing the video while you navigate to another chat, with a feature that WhatsApp refers to as "picture-in-picture."
The feature is not yet enabled, but WhatsApp news website WABetaInfobelieves it will begin working tonight (though it's unclear where it got the timeframe info).
Though this update is small, it has the potential to fix an all-too-common annoyance for many users. You can now watch videos alongside your friends, rather than having to pause your conversation, possibly getting pulled down a YouTube autoplay hole as more videos get cued up.
WhatsApp is also testing a feature that will allow you to mute videos in chats, in case your friends start pranking you with Rebecca Black videos.
This type of integration with third-party apps is new for the traditionally bare-bones user experience of WhatsApp. Will the Facebook-owned service heading down the same path as its cousin, Facebook Messenger, and become a more immersive, integrated user experience? This could be the first step.
Google confirms tracking android users even with location services turned off
Google says it has been tracking the location of android users with the addresses of local phone masts, even when location services were turned off and the sim cards removed.
According to a recent Quartz investigation, Google has maintained this since the beginning of 2017.
“Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google,” the report read.
“The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.”
When contacted, a Google spokesperson confirmed the development saying the information was not stored.
“In January of this year, we began looking into using Cell ID codes as an additional signal to further improve the speed and performance of message delivery.
“However, we never incorporated Cell ID into our network sync system, so that data was immediately discarded, and we updated it to no longer request Cell ID.”
The spokesperson also promised that android phones would no longer send cellular tower location data to Google by the end of November.
Although the section of Google’s privacy policy that covers location sharing says the company will collect location information from devices that use its services, it does not explain whether it will collect such information from Android devices when location services are off.
“When you use Google services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide Google with information on nearby devices, Wi-Fi access points and cell tower,” a part of the policy reads.
Location services are used for apps like Google Maps and checking-in location information on apps like Facebook and Instagram.
After the launch of f Apple's iPhone X, Samsung seems to come out with something similar in name. The South Korean company "mistakenly" revealed the Galaxy X phone on their website support page.
Both the But The support page and the NRRA certification reference model number SM-G888N0, which is the Korean model of the phone. While the support page doesn’t reveal any specifications about the phone itself (save for the Bluetooth and Wi-Fi certifications, and one from the South Korean NNRA), it does confirm that Samsung is plotting something X As for the launch date and availability, nothing was revealed but it could coincide with January’s CES 2018.
But let's not mistake the Galaxy X with the Foldable Galaxy X Glass smartphone from same company. More information on this phone will be revealed as time goes on.
Millions of devices in London, including baby monitors and webcams, can be hacked right now
London has more than 2.5 million exposed electronic devices including routers, webcams, medical equipment, personal baby monitors and company databases, new research suggests.
Using Shodan, a search engine for internet-of-things (IoT) devices, security firm Trend Micro said in a report released today (28 November) that the UK capital had one of the highest numbers of exposed devices at risk of hacking and cybercrime. It was matched by Berlin.
An analysis entitled Cities Exposed has warned that tech-savvy criminals use Shodan to scan for so-called "cyber assets" left visible to the public and then use any available tricks to target them.
Connected devices which are not adequately protected can leak personal data or even be held to ransom.
"Despite their prevalence as tech and business hubs, it is concerning that people in these capitals are not extending this knowledge into their security practices," said Trend Micro researcher Rik Ferguson.
"The number of exposed devices is likely just the tip of the iceberg, as anyone breaching these could potentially gain access to entire networks."
After London, Manchester has a high risk ratio with around 320,000 exposed devices. Glasgow has 160,000 devices at risk.
Experts found that the UK had more than 5,000 exposed webcams which "attackers could use for surveillance or stealing and publishing live video feeds from compromised devices".
The Trend Micro report reads: "Connected devices are an integral part of our daily lives. Device security should ideally not affect availability and be transparent to a user.
"There is no one-size-fits-all cybersecurity solution for connected devices.
"In addition to [general guidelines] users must be able to rely on device manufacturers to enable strong security out of the box. Ultimately, we may need to rely on security by obscurity — hiding our devices among billions of other connected devices online to avoid getting compromised."
CoinPouch hack: Over $655,000 worth of Verge cryptocurrency was stolen by hackers
CoinPouch blamed the incident on a Verge node the firm set up to handle Verge transactions for its users.
Hackers allegedly stole over $655,000 (£490,000) worth of Verge cryptocurrency from the CoinPouch wallet this week, which appears to have sparked a blame game between the CoinPouch and Verge aboutwhat caused the hack. Both CoinPouch and Verge have confirmed the hack.
However, while CoinPouch blamed the hack on the Verge node, the firm set up to handle Verge transactions for its users, Verge maintains that CoinPouch was hacked because the app "wasn't secured properly on their side".
CoinPouch took to Twitter to update users about the incident. The firm said that it had reported the hack to the local authorities, adding that the investigation into the hack "will be hampered due to the current Thanksgiving Holiday in the U.S. which may slow down the efforts of attorneys, forensic labs, and law enforcement authorities involved in this matter".
CoinPouch said that on 9 November, a user first reported about having his/her funds stolen from the wallet. This led to CoinPouch investigating the incident alongside Verge project lead Justin, who later concluded that the incident "did not look like a hack". Nevertheless, Justin recommended a few security modifications for CoinPouch's Verge node.
However, despite following the security recommendations from the Verge team, CoinPouch said that it "started getting additional reports from users stating their Verge wallets in Coinpouch were not working correctly".
Meanwhile, Verge managed to track down the wallet where all the stolen funds – 126 million Verge coins – still remain. It is unclear why the hackers have not moved the funds elsewhere. "At this moment neither Coinpouch nor Justin, the founder and lead developer of Verge, are clear how the hack occurred," CoinPouch said in its statement.
This is the second cryptocurrency wallet hack to occur in November. Earlier in the week, hackers stole nearly $30m worth of cryptocurrency from the startup Tether, briefly causing the price of Bitcoin to drop.
10 things you didn't know you could do with Facebook Messenger
1.3 billion people use Facebook Messenger each month. But are they really making the most of it?
Since Messenger became an app of its own, Facebook has been quietly adding functionality to make it stand out. The app has a ton of neat hidden features, from GIFs to addicting games and ever-innovative ways to write and present text.
Here's some of the coolest stuff you didn't know you could do with Facebook Messenger.
1. Use Messenger on the computer
If you want to message your friends on your computer without the distraction of your News Feed, try pulling up Messenger directly onto your computer. Just go toMessenger.com and sign in with your Facebook account. You can also access a conversation directly by going to Messenger.com/ and adding your friend's Facebook username at the end.
The desktop Messenger looks just like the Messenger page that can be accessed from Facebook, but it lacks the Facebook search bar at the top of the screen.
2. Send and request money
Facebook has been allowing users to send and receive money for the past few years. Much like Venmo, Messenger lets you connect your credit card to the app, and send money to your friends, and request money from them as well.
To use it, link your debit card by going toProfile > Payments > Add New Debit Card. To send and request, enter a chat with the friend hit the plus sign on the bottom left corner, select Payments, and enter the necessary amount.
3. Add friends instantly with your profile code
If you ever meet someone and like them so much that you want to friend them instantly, you can have them scan your unique profile code.
To pull it up, tap your profile's icon in the top left corner of the app, then tap the large profile picture in the center of your screen. Press My Code to display your own code, and Scan Code to scan someone else's.
4. Play games
Facebook has a lineup of really addicting games from user favorites Words with Friends and 2048 to classics like Pacman and Snake — all of which can be played right in Messenger.
To challenge a friend or group of friends, start a conversation, press the plus sign, and select Games. If you're a loner, or you want to get some practice, start a conversation with yourself to play any game alone.
5. Chat with bots
If you've had enough of human interaction, never fear: Messenger's army of bots will keep you company. They'll send you news, help you place orders, play games, and more.
Tap Discover in the bottom right corner, and start a conversation with the bot that strikes your fancy.
6. Secret Conversations
You can start encrypted conversations in Facebook messenger that nobody outside of them can see — not even the government or Facebook itself. They useend-to-end encryption similar to that of Facebook's Whatsapp.
Start a conversation, tap Secret in the top right corner, and select the friend you want to message. To make your messages disappear after a certain period of time, tap the clock icon to the left of the text box.
7. Customize your conversations
Facebook has a number of ways to make your conversations with your friends your own. Open a group chat and tap its name to open customization options.
You can change your group's color, give your friends nicknames, or set a group emoji (to replace the "Thumbs Up" icon).
8. Share news, recipes, restaurants, flights, and more
With Messenger's lineup of integrated third-party apps, you can send your friends some pretty cool stuff in just one click.
If you're chatting about travel plans, you can search for and share hotel and flight options with the Kayak extension. You can share recipes from the Food Network, restaurants from OpenTable, songs from Spotify and Apple Music, and news articles from the Wall Street Journal.
To access these extensions, open a conversation and tap the plus sign in the bottom left corner.
9. Scribble Chat
Scribble Chat turns your messages into fun 3D animations. There are currently 42 animation options, and they're all adorable.
Open a conversation and tap the plus sign in the bottom left corner, then swipe left to select ScribbleChat.
10. Send an audio recording
An audio recording is an easy way to share a song you're listening to, or send a fun birthday greeting.
To start a recording, open a conversation and press and hold the microphone button to the left of the text box. Drag up to cancel the recording, and let go of the icon to end and send.