By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

A weakness in the algorithm used to encrypt cellphone data in the 1990s and 2000s allowed hackers to spy on some internet traffic, according to a new research paper. The paper has sent shockwaves through the encryption community because of what it implies: The researchers believe that the mathematical probability of the weakness being introduced on accident is extremely low. Thus, they speculate that a weakness was intentionally put into the algorithm. After the paper was published, the group that designed the algorithm confirmed this was the case. Researchers from several universities in Europe found that the encryption algorithm GEA-1, which was used in cellphones when the industry adopted GPRS standards in 2G networks, was intentionally designed to include a weakness that at least one cryptography expert sees as a backdoor. The researchers said they obtained two encryption algorithms, GEA-1 and GEA-2, which are proprietary and thus not public, "from a source." They then analyzed them and realized they were vulnerable to attacks that allowed for decryption of all traffic. When trying to reverse-engineer the algorithm, the researchers wrote that (to simplify), they tried to design a similar encryption algorithm using a random number generator often used in cryptography and never came close to creating an encryption scheme as weak as the one actually used: "In a million tries we never even got close to such a weak instance," they wrote. "This implies that the weakness in GEA-1 is unlikely to occur by chance, indicating that the security level of 40 bits is due to export regulations."Researchers dubbed the attack "divide-and-conquer," and said it was "rather straightforward." In short, the attack allows someone who can intercept cellphone data traffic to recover the key used to encrypt the data and then decrypt all traffic. The weakness in GEA-1, the oldest algorithm developed in 1998, is that it provides only 40-bit security. That's what allows an attacker to get the key and decrypt all traffic, according to the researchers.A spokesperson for the organization that designed the GEA-1 algorithm, the European Telecommunications Standards Institute (ETSI), admitted that the algorithm contained a weakness, but said it was introduced because the export regulations at the time did not allow for stronger encryption."We followed regulations: we followed export control regulations that limited the strength of GEA-1," a spokesperson for ETSI told Motherboard in an email.Håvard Raddum, one of the researchers who worked on the paper, summed up the implications of this decision in an email to Motherboard. Raddum and his colleagues found that GEA-1's successor, GEA-2 did not contain the same weakness. In fact, the ETSI spokesperson said that when they introduced GEA-2 the export controls had been eased. Still, the researchers were able to decrypt traffic protected by GEA-2 as well with a more technical attack, and concluded that GEA-2 "does not offer a high enough security level for today's standards," as they wrote in their paper. Lukasz Olejnik, an independent cybersecurity researcher and consultant who holds a computer science PhD from INRIA, told Motherboard that "this technical analysis is sound, and the conclusions as to the intentional weakening of the algorithm rather serious." The good news is that GEA-1 and GEA-2 are not widely used anymore after cellphone providers adopted new standards for 3G and 4G networks. The bad news is that even though ETSI prohibited network operators from using GEA-1 in 2013, the researchers say that both GEA-1 and GEA-2 persist to this day because GPRS is still used as a fallback in certain countries and networks. "In most countries, [the risk is] not very high, and significantly lower risk than at the start of the 2000’s since GEA-3 and GEA-4 are used today," Raddum said. "But handsets still support GEA-1. Scenarios where a mobile phone today can be tricked into using GEA-1 exist." You can always get better informed when yu visit OUR FORUM.

Facebook will soon begin testing ads inside its Oculus Quest virtual reality system. In the coming weeks, ads will start appearing inside the Resolution Games title Blaston as well as two other unnamed apps. Facebook will later expand the system based on user feedback, saying it aims to create a “self-sustaining platform” for VR development. Facebook introduced ads on the Oculus mobile app last month, and it’s used limited Oculus data to target Facebook advertising since 2019, but this is its first major foray into putting ads inside the Oculus VR platform itself. “Once we see how this test goes and incorporate feedback from developers and the community, we’ll provide more details on when ads may become more broadly available across the Oculus platform and in the Oculus mobile app,” the company said in a blog post. As on Facebook’s non-VR apps, you can block specific posts or companies from appearing in ad slots. And Facebook says it’s not changing how it collects or analyzes user information. It says that some of the most sensitive data — like raw images from Oculus headset cameras and weight or height information from Oculus Move fitness tracking — remains solely on users’ devices. Also, Facebook says it has “no plans” to target ads based on movement data or recordings from its voice assistant. A Facebook spokesperson says the system will use information from your Facebook profile, as well as “whether you’ve viewed content, installed, activated, or subscribed to an Oculus app, added an app to your cart or wishlist, if you’ve initiated checkout or purchased an app on the Oculus platform, and lastly, whether you’ve viewed, hovered, saved, or clicked on an ad within a third-party app.” As shown above, users can click an ad and either open it or save the link for later. The former option will launch a landing page in the Oculus Quest’s web browser, and the latter will save the ad in the Quest in-VR experience and Oculus mobile app’s Explore sections. Developers will get a share of the revenue from ads in their apps, but Facebook isn’t publicly revealing the percentage. Facebook is leaving its future roadmap open-ended. The spokesperson says Facebook hasn’t determined, for instance, whether ads could eventually appear inside your Oculus Home experience. Facebook also isn’t yet identifying the other apps using advertisements, although it will list additional names in the coming weeks. The first ads look like standard boxes inside game interfaces, but Facebook’s blog post says it’s exploring other options as well. “We’re currently investing in unobtrusive ads as a new way for developers to build businesses — and though we’re not quite ready to test them yet, we’re also exploring new ad formats that are unique to VR,” it says. VR has arguably been an advertising medium for years, with countless film and TV promotional tie-ins as well as novelty experiences from companies like McDonald’s and Ikea. But ad-supported VR apps are using a different model that more closely resembles that of the mobile and web ecosystem. Letting developers integrate advertising could create a greater incentive to work within Facebook’s official ecosystem rather than distributing through sideloading options like SideQuest. Facebook says ads are part of an attempt to figure out profitable business options in the growing but often difficult field of VR app development. “This is a key part of ensuring we’re creating a self-sustaining platform that can support a variety of business models that unlock new types of content and audiences. It also helps us continue to make innovative AR/VR hardware more accessible to more people,” says the blog post. Facebook currently dominates consumer VR with its Oculus Quest 2 headset — which, at $299, is one of the cheapest options on the market. It’s also acquired the studios behind several major VR games, including rhythm game Beat Saber and the battle royale title Population: One. While it may face renewed competition from a second-generation Sony PlayStation VR headset next year, at least one VR company has retreated from consumer hardware in part because of Facebook’s influence: Vive creator HTC, which has called Facebook’s low-cost consumer headsets “artificially subsidized” by the company’s advertising-focused business model. Vists OUR FORUM for more.

Microsoft will soon reveal their next generation of Windows at an upcoming press event later this month. Here is what we know so far about Microsoft's new version of Windows. The upcoming press event is scheduled for June 24th and coincides with a public webcast of the live Windows reveal at 11 AM EST. Way back in 2015, Microsoft's developer evangelist Jerry Nixon stated that Windows 10 is the last version of Windows: "Right now we're releasing Windows 10, and because Windows 10 is the last version of Windows, we're all still working on Windows 10." - Jerry Nixon. However, as pointed out by Microsoft watcher Mary Jo Foley and highlighted by Rich Woods on Twitter, Microsoft has never publicly said in plain words that Windows 10 is the last version of the Windows operating system. Only one developer evangelist only gave the statement. However, the Microsoft PR team never denied it. In fact, Microsoft is slowly dropping hints that suggest Windows 11 is around the corner. For example, the company recently uploaded 11 minutes long relaxing music video on YouTube, which shows off sunlight passing through the Windows logo to form the number '11' on the surface. At the moment, we don't know what the company has in store for us and whether the update is going to be called "Windows 11", but it's safe to assume that it will be based on the long-rumored Windows Sun Valley design, which was recently confirmed in a Microsoft documentation. It's also possible that Microsoft will drop the numbers and start using geographic location names like Sun Valley for Windows updates. Windows 11 update will improve the legacy apps and features of the operating system. On the surface, we're expecting Windows to appear more modern with consistent design language, at least for first-party apps. For example, Microsoft will update file Explorer with dark mode support for the popup menus (properties tab, etc.). However, it appears that the company will not replace File Explorer with a modern version. Instead, the plan is to service the existing Explorer and update it with new icons, rounded corners, and dark mode. Microsoft is using WinUI, modern controls, styles to improve the overall experience. WinUI is not a replacement for Fluent Design, and it is supposed to enhance the overall experience by enabling support for the same UI elements everywhere (legacy and modern). Windows Sun Valley update is built on top of the Fluent Design, which means Fluent Design is not going away. Windows Sun Valley will update File Explorer with new icons, rounded corners, and dark mode improvements. As you can see in the below GIF, Microsoft is spacing out the items, columns, and rows in File Explorer. These changes will help users with touchscreen, and they can easily interact with files without switching to tablet mode. Microsoft is adding a new option to the Settings app that will allow you to turn off the content-adaptive brightness control (CABC) feature. For those unaware, the CABC feature is used by OEMs like Dell and Lenovo to improve battery performance on PCs, but it comes at the cost of image quality. In depth reading can be found on OUR FORUM.

Despite a poor reputation for privacy, Google’s Chrome browser continues to dominate. The web browser has around 65 percent market share and two billion people are regularly using it. Its closest competitor, Apple’s Safari, lags far behind with under 20 percent market share. That’s a lot of power, even before you consider Chrome’s data collection practices. Is Google too big and powerful, and do you need to ditch Chrome for good? Privacy experts say yes. Chrome is tightly integrated with Google’s data gathering infrastructure, including services such as Google search and Gmail – and its market dominance gives it the power to help set new standards across the web. Chrome is one of Google’s most powerful data-gathering tools. Google is currently under fire from privacy campaigners including rival browser makers and regulators for changes in Chrome that will spell the end of third-party cookies, the trackers that follow you as you browse. Although there are no solid plans for Europe yet, Google is planning to replace cookies with its own ‘privacy preserving’ tracking tech called FLoC, which critics say will give the firm even more power at the expense of its competitors due to the sheer scale of Chrome’s user base. Chrome’s hefty data collection practices are another reason to ditch the browser. According to Apple’s iOS privacy labels, Google’s Chrome app can collect data including your location, search and browsing history, user identifiers, and product interaction data for “personalization” purposes. Google says this gives you the ability to enable features such as the option to save your bookmarks and passwords to your Google Account. But unlike rivals Safari, Microsoft’s Edge, and Firefox, Chrome links this data to devices and individuals. Although Chrome legitimately needs to handle browsing data, it can siphon off a large amount of information about your activities and transmit it to Google, says Rowenna Fielding, founder, and director of privacy consultancy Miss IG Geek. “If you’re using Chrome to browse the internet, even in private mode, Google is watching everything you do online, all the time. This allows Google to build up a detailed and sophisticated picture about your personality, interests, vulnerabilities, and triggers.” When you sync your Google accounts to Chrome, the data slurping doesn’t stop there. Information from other Google-owned products including its email service Gmail and Google search can be combined to form a scarily accurate picture. Chrome data can be added to your geolocation history from Google Maps, the metadata from your Gmail usage, your social graph – who you interact with, both on and offline – the apps you use on your Android phone, and the products you buy with Google Pay. “That creates a very clear picture of who you are and how you live your life,” Fielding says. As well as gathering information about your online and offline purchases, data from Google Pay can be used “in the same way as data from other Google services,” says Fielding. “This is not just what you buy, but also your location, device contacts and information, and the links those details provide so you can be identified and profiled across multiple datasets.” Visit OUR FORUM to learn more.

This morning in a live stream, Huawei officially kicked off the launch of Harmony OS, its in-house operating system and (among other things) its replacement for Android. The company announced a new watch, a new tablet, and a new phone powered by HarmonyOS. The company also said it would be updating a massive list of 100 different Huawei Android phone models to Harmony OS over the next year. With today's announcement, Huawei looks like it has two completely different operating systems that it calls "HarmonyOS." First is the IoT and smartwatch version of HarmonyOS, which is based on Huawei's LiteOS and is open source. The second version of Harmony OS is for phones and tablets and is a fork of Android and uses the Linux kernel (Huawei is very reluctant to admit this). Having what seems like two totally different operating systems share the same brand name leads to a lot of confusion, and you can make a lot of claims about the IoT version of HarmonyOS that don't apply to the phone version. For instance, TechCrunch spoke to Huawei and reported "Huawei denied speculations that HarmonyOS is a derivative of Android and said no single line of code is identical to that of Android. A spokesperson for Huawei declined to say whether the operating system is based on Linux, the kernel that powers Android." This statement is true of the IoT version but untrue of the phone version. Meanwhile, the company said the complete opposite thing to the German site ComputerBase, which quotes Huawei's software president as saying "To make sure our existing users can still enjoy the experiences that they are familiar with in our phones and tablets, Huawei uses the open source code from AOSP in HarmonyOS on the condition of complying with open source license rules and fulfilling related responsibilities and obligations." In the wake of the US export ban on Huawei, the company is currently struggling to be independent from the US supply chain. China has plenty of hardware-component manufacturers that Huawei can rely on, but China doesn't do huge amounts of software development. So software is the company's biggest problem. HarmonyOS is supposed to be the answer to that problem, so Huawei wants to sell the OS as an in-house creation that allows it to break free of US influence. Huawei doesn't seem to like it when you point out that Harmony OS for phones is heavily based on Android. We tried the OS in the official emulator a few months ago though, and there was no question that we were looking at an Android fork. HarmonyOS was identical to what Huawei ships on its Android phones, save for a few changes to the "about" screen that swapped out the words "Android" and "EMUI" (Huawei's Android skin) for "HarmonyOS." Huawei even missed a few spots where the OS still said "Android." The OS ran Android apps and supported every Android feature with an implementation that was identical to Android. It used the Linux kernel and listed the version on the "About" screen. Development used the "Android Debug Bridge," Huawei's SDK listed 27 different Android libraries in the third-party software list, and it compiled Android apps with a different file extension. It was Android with no discernible differences. In today's show, HarmonyOS (for phones) got a light reskinning and looks slightly different from the emulator. The main new feature was a new quick settings panel that shows the company isn't afraid to copy both big mobile OSes: the design is ripped straight from iOS's Control Center, while the new functionality—showing multiple media players and a sound output picker—is an Android 11 feature. The HarmonyOS emulator we looked at was based on Android 10, but this media quick settings feature suggests this version of Harmony has been upgraded to Android 11 and Huawei is just cribbing more of the codebase. HarmonyOS also has a feature called "Super Device," which just seems to be a networking feature along the lines of Google Cast, AirPlay, or Bluetooth. When all the devices in your house run Harmony OS, Huawei says you'll be able to use some pedestrian-sounding networking features like pairing a drone to a smartphone for remote control, using a tablet stylus on your PC, or connecting wireless earbuds to your phone. The company showed a plugin for Huawei Windows PCs that would let you quickly transfer files to a phone. Huawei imagined some wild smart home integration like tapping a phone against a toaster oven to look up recipes. There was also a HarmonyOS-power refrigerator. Visit OUR FORUM to learn more.

Microsoft will reveal what the “next generation” of Windows will look like on June 24 but it isn't Windows 11So many people are looking for the new version of windows11, but the thing they don't know, is there any thing called windows 11, in this article we will discover the reality about the next Microsoft OS. Will there be windows 11 any time soon ? The question that every windows user is looking for "when is Windows 11 Release Date", As we know the latest version of windws had been released in 2015. And ever since then we haven't heard much about an upcoming version of microsoft windows.

There is Nothing called Microsoft Windows 11
According to Jerry Nixon, Microsoft developer evangelist said in a conference "Right now we're releasing windows 10, and because 10 is the last version of windows, we are all still working on windows 10", and that was 5 years ago. Steve Kleynhans (a research vice-presedent at analyst), Said "There will be no windows 11" , He also said that Microsoft avoided to use the name "Windows 9" and instead used Windows 10 as signification of a break with a past of successive version of windows (7/8/8.1). "Every three years Microsoft had to create a new OS" and also had to spend a big amount of money on advertising and marketing to convince people to upgrade to the last version of windows, but with the new strategy of the company none of that is going to happen, that strategy will really help developers to focus on their programs and not just changing the plan every 3 or 4 years to keep up with the new version of the OS.

There are no upcoming plans for a new Windows 11!