The Tech Corner is a weekly technology news and advice column presented each week courtesy of Melvin McCrary at Ga. Computer Depot in Cedartown.
How to prepare for the new Windows 7/8.1 update changes
Microsoft is changing the way it patches Windows 7 and 8.1. Here’s what we know -- and what to do to keep having Windows your way
With the majority of major organizations still holding off upgrading their fleets to Window 10, this may have significant impact if you’re not prepared for the details.
Windows 7 and 8.1 will no longer receive individual patches. Instead these will change to two separate kinds of monthly updates: a security-only and a full collection of updates. The security strain isn’t cumulative; the full bundle is. Each has its own deployment method. Details are available on the TechNet blog (and its 100-plus questions). There will be no changes to the current patching method for Vista or Server 2008.
The problem is that many individuals and organizations don’t trust the “install all of Microsoft’s patches” approach. Hard to blame them -- the Get Windows 10 lessons run deep, and many dislike and distrust Microsoft’s enhanced telemetry capabilities, which they equate with snooping.
Xiaomi can silently install any app on your Android phone using a backdoor
Do you own an Android Smartphone from Xiaomi, HTC, Samsung, or OnePlus?
A Computer Science student and security enthusiast from Netherlands who owns a Xiaomi Mi4 smartphone started an investigation to know the purpose of a mysterious pre-installed app, dubbed AnalyticsCore.apk, that ran 24x7 in the background and reappeared even if deleted.
Xiaomi is one of the world's largest smartphone manufacturers, which has previously been criticized for spreading malware, shipping handsets with pre-loaded spyware/adware and forked version of Android OS, and secretly stealing users' data from the device without their permission.
Xiaomi can silently install any app on your device
After asking about the purpose of AnalyticsCore app on company’s support forum and getting no response, Thijs Broenink reverse engineered the code and found that the app checks for a new update from the company's official server every 24 hours. During these requests, the app sends device identification information with it, including phone's IMEI, Model, MAC address, Nonce, Package name as well as signature.
If there is an updated app available on the server with the filename "Analytics.apk," it will automatically get downloaded and installed in the background without user interaction. This is a way for hackers to exploit this loophole.
This also means Xiaomi can remotely and silently install any application on your device just by renaming it to "Analytics.apk" and hosting it on the server.
So, what if hackers or any intelligence agency figure out how to exploit this backdoor to silently push malware onto millions of Xiaomi devices within just 24 hours?
Yahoo accused of holding email users hostage
Yahoo has blocked users from automatically forwarding incoming emails to an account with a rival provider. Many are interpreting it as an attempt to stop users jumping ship after revelations of a major security breach.
Samsung Permanently Discontinues Note 7
What's worse than a bunch of smartphones catching fire? A company that recalls them, reissues them, and the reissued ones also going up in flames. That's what's happened to Samsung with its Galaxy Note 7 handset.
Blockchain.Info domain hijacked; site goes down; 8 million Bitcoin wallets inaccessible
Blockchain.info, the world's most popular Bitcoin wallet and Block Explorer service, has been down from last few hours, and it's believed that a possible cyber-attack has disrupted the site.
The site is down at the time of writing, and the web server reports a bad gateway error, with a message on the website that reads:"Looks like our site is down. We're working on it and should be back up soon."
With more than 8 million Digital Wallet customers, BlockChain is users' favorite destination to see recent transactions, stats on mined blocks and Bitcoin economy charts.
Blockchain users are strongly recommended not to log in to the site until the Blockchain team releases an official statement via its Twitter account.
Facebook, Twitter and Instagram share data with social media surveillance startup
Facebook, Instagram, Twitter, VK, Google's Picasa and Youtube were handing over user data access to a Chicago-based Startup — the developer of a social media monitoring tool — which then sold this data to law enforcement agencies for surveillance purposes, the ACLU disclosed Tuesday.
Government records obtained by the American Civil Liberties Union (ACLU) revealed that the big technology corporations gave "special access" to Geofeedia.
Geofeedia is a controversial social media monitoring tool that pulls social media feeds, and then makes it searchable and accessible to its clients, who can search by location or keyword to quickly find recently posted and publicly available contents.
The company has marketed its services to 500 law enforcement and public safety agencies as a tool to track protests. Geofeedia has entered into agreements with Twitter, Facebook, and Instagram for their users' data, gaining a developer-level access to all three social networks that allowed them to review streams of user content in ways that regular users of the public cannot. One Police Department recently signed a $30,000 annual deal with Geofeedia.
Nicole Ozer, technology, and civil liberties policy director for the ACLU of California said: "These special data deals were allowing the police to sneak in through a side door and use these powerful platforms to track protesters."
However, in response to the ACLU report, Geofeedia posted Tuesday an article justifying its commitment to Freedom of Speech and Civil Liberties.