CryptoDrop, an early warning system against ransomeware

Subject: General Tech | July 13, 2016 - 01:29 PM |
Tagged: ransomware, CryptoDrop

Given the choice between a confirmation pop up every time you zip numerous files simultaneously or add encryption to a folder or being infected with ransomware; which would you choose?  Researchers at the University of Florida and Villanova University have developed software called CryptoLock which scans your systems for bulk modification of file types, a significant change in the contents of those files and an increase in the Shannon Entropy of the files.  All three of those indicate a file is being encrypted and if it is happening to numerous ones in a very short period of time then the software will put a halt to it until you confirm that this is expected behaviour.  You get a quick overview over at The Register as well as a link to the PDF of the researchers work.

Sounds like a pop up we can live with, considering the alternative.  Hopefully this will arrive on the market soon.

Capture.PNG

"Taking a “save what you can” approach, the authors of this PDF reckon in their tests they were able to lower the boom on ransomware when it had encrypted just 0.2 per cent of files on their test setup."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Microsoft finally puts a price on the Enterprise version of Windows 10

Subject: General Tech | July 12, 2016 - 02:36 PM |
Tagged: windows 10, microsoft, enterprise

Thought that Microsoft did a poor job on the consumer side of Windows 10, you haven't being watching the absurdity which is the Enterprise version.  They took putting the cart in front of the horse to new levels but as of today we finally have a monthly price for a user.  This announcement comes several months after they removed the ability of system admins to block installation of random apps from the Windows Store for those using Windows 10 Professional.  It is also a week after they announced the removal of two popular components of the Microsoft Desktop Optimisation Pack, App-V and UE-V. 

Today we have received word that the Windows 10 Enterprise E3 version will be $7 per user per month, though we have yet to hear any pricing on the E5 version which includes Windows Defender Advanced Threat Protection.  You can read more at Slashdot while you laugh about Microsoft's apparent confusion as to why businesses are not yet willing to adopt their new OS.

windows-10-logo-2-760x500.jpg

"Microsoft plans to make its recently renamed Windows 10 Enterprise product available as a subscription for $7 per user per month, or $84 per year. Microsoft took the wraps off the pricing of one of the two renamed versions of Windows 10 Enterprise at the company's Worldwide Partner Conference in Toronto on July 12."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

DOOM comes to Vulkan; or vice versa

Subject: General Tech | July 11, 2016 - 12:16 PM |
Tagged: vulkan, doom, bethesda

*** Update *** an asute reader spotted some quick and dirty benchmarks over at Guru of 3D.  It looks like the RX480 does indeed benefit from Vulkan, the GTX 1070 not so much.

While this does not mean that the new DOOM will run on Linux, today does see Vulkan support arriving for the new FPS.  As we have seen with titles such as BF4 this is not going to benefit users of high end GPUs in any great way, however gamers on a budget should see improvements.  Bethesda did not update their minimum specs but do anticipate older cards being able to maintain more respectable framerates; the current minimum specs are a GTX 670 or HD 7870.  Expect to see some bugs as this their first shot at the Vulkan API, but do check it out if you have a lower end card or are simply curious how well it works. Handy links for drivers and more info over at Bethesda.

"At id Software, we’ve always pushed technology. With DOOM we let the game drive the technology decisions from early on. This has continued even in post-release, with new updates and more. Today we’re excited to share another big technology push: Vulkan support is now live on PC."

Here is some more Tech News from around the web:

Tech Talk

Source: Bethesda

DRAM just doesn't have the torque to compete in the future

Subject: General Tech | July 8, 2016 - 01:22 PM |
Tagged: STT-MRAM, nifty

Good news has arrived for those watching the development of the next type of storage medium, there has been new information about Spin Transfer Torque MRAM published.  One of the major hurdles in the development of the new type of memory, apart from yields, has been predicting the performance of MRAM cells.  The Register have linked to an article on IEEE, jointly published by IBM and Samsung, which details how new STT-MRAM materials fabbed at the 11nm behave.  We are still a while off of STT-MRAM hitting the market but it continues to draw closer as researchers try to bring us the next generation of storage media.

M397SFig1.jpg

"IBM and Samsung scientists have published an IEEE paper demonstrating switching MRAM cells for 655 devices with diameters ranging from 50 down to 11 nanometers in just 10 nanoseconds using only 7.5 microamperes. They say it is a significant achievement towards the development of Spin Torque MRAM."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

When is a headset not simply a headset? When it is the Avegant Glyph Mobile Personal Theater

Subject: General Tech | July 7, 2016 - 07:18 PM |
Tagged: audio, Avegant Glyph, headset

Why is the AVEGANT Glyph headset referred to as a personal theatre you may ask?  That would be because these are headphones and a head mounted display in one package, unfortunately they launched while everyone was gazing at their Vives and Rifts.  Instead of providing a VR experience, this headset is intended to give you the view of a  55-60" TV as if you were sitting 3 to 4 meters away.  The headset uses a microUSB for power and microHDMI for signal and provides a resolution of 1280x720p per eye and even supports 3D-movies and 3D-Vision when gaming.  Unfortunately as Bjorn3D discovered, you need a 720p source, it cannot downscale from 1080p or other resolutions.  Check out their full review here.

avegant_glyph-700x503.jpg

"So what is the Avegant Glyph? Quite simply it is a headset that can be used as a regular audio headset but also comes with lenses to allow you to use it as your own mobile personal theater. And regardless of some issues it actually works great for this purpose."

Here is some more Tech News from around the web:

Audio Corner

Source: Bjorn3D

Podcast #407 - RX 480 Power Concerns, X1 Yoga, Thrustmaster, Micron 9100 MAX, and more!

Subject: General Tech | July 7, 2016 - 02:20 PM |
Tagged: xbox play, video, Thrustmaster, technology, Samsung 840, rx 480, review, radeon 490, radeon, power, Polaris, podcast, pcper, news, Micron 9100 MAX SSD, lenovo thinkpad x1 yoga, Kinetic, gtx 1060, EVO, cooler, coolchip, alcantera

PC Perspective Podcast #407 - 07/07/2016

Join us this week as we discuss RX 480 Power Concerns, X1 Yoga, Thrustmaster, Micron 9100 MAX, and more!

You can subscribe to us through iTunes and you can still access it directly through the RSS page HERE.

The URL for the podcast is: http://pcper.com/podcast - Share with your friends!

This episode of the PC Perspective Podcast is sponsored by Kaspersky! (promo code pcper)

Hosts:  Ryan Shrout, Allyn Malventano, Jeremy Hellstrom, and Josh Walrath

Program length: 1:47:16
  1. Week in Review:
  2. AD BREAK
  3. News items of interest:
  4. Hardware/Software Picks of the Week
    1. Jeremy: Canuck with no patience? Gigabyte GeForce GTX 1070 G1 Gaming
  5. Closing/outro

microSD was just a flash in the pan; meet your new tiny storage overlord, Samsung's UFS cards

Subject: General Tech | July 7, 2016 - 12:37 PM |
Tagged: UFS, Samsung, microSD

Samsung just announced the first product based on the new Universal Flash Storage standard which will be making microSD cards as obsolete as your old mix tape.  They will come in sizes from 256GB down to 32GB but it is the speed of these new storage devices that will impress, not the density.  Samsung tells of sequential read speeds of up to 530MB/s, allowing you to dump HD quality video to a PC and random reads of 40,000 IOPS if you have a usage scenario which would read in such a manner.  For recording video you can expect up to 170MB/s sequential write speed or 35,000 random IOPS; 4K drone recordings won't be limited by bandwidth anymore. 

Unfortunately, as The Inquirer points out, no one can use these yet as we haven't a place to stick them.

UFS_02-0.jpg

"What UFS does mean already is that we'll start to see a bottleneck lifted in storage speeds in phones and tablets. As we've already seen, MicroSD doesn't cut it in the speed stakes, and it doesn't seem so long ago that we reported on torn down phones with 'internal' memory that was really just an SD card hidden away."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Valve Announces TF2 "Meet Your Match" Update

Subject: General Tech | July 6, 2016 - 05:48 PM |
Tagged: valve, tf2

Conveniently just after Overwatch received its Competitive Play update, Valve has announced the Meet Your Match update to Team Fortress 2. This update includes Competitive Mode, which is a ranked, 6v6 gametype, which sounds even more like Overwatch. Only the first day has been revealed thus far, as Valve likes to break update posts into chunks and release them over the course of a week, but it includes three maps, two achievements, and the official launch of the PASS Time game mode. The second part of the update is coming soon.

PASS Time was originally announced last year, in collaboration with Bad Robot (J.J. Abrams' production company) and Escalation Studios. While I've never played it (yes, I pretty much only play 2Fort...) it sounds similar to game modes like Bombing Run or Grifball. Obviously, those game modes are typically for more individual shooters, not TF2's class system, so it's interesting to see how, for instance, a Level 3 Sentry plays into it.

Source: Valve

Saturday July 9 10:00 AM ET - Fragging Frogs VLAN #13 is right around the corner

Subject: General Tech | July 6, 2016 - 03:09 PM |
Tagged: VLAN party, vlan, kick ass, gaming, fun, fragging frogs

That's right, it is time for another Fragging Frog VLAN, this time lucky number 13, kicking off this Saturday morning.  If you are at all interested in having the best possible Saturday ever then head to the forums and put your name in the list of attendees.  If you are not a member of the Forums for some bizarre reason you need to sign up ASAP as it is members and contributors of PCPer and the Fragging Frogs who are given first shot at games and prizes.  To that end you will need to post at least 5 times to our Forums between now and Saturday; pictures of SPAM not included.

FraggingFrogs.jpg

The list of possible games is already quite long, from UT2K4 up to the newly released Overwatch, by way of Battle both field-ish and Front-ian with many more on the list.  If you don't see one of your favourites post it to the thread and we will add it on.  Before joining in, make sure to check out this thread here for the information you need to hop onto the TeamSpeak server so you can chat with your fellow gamers.  You also need to join into the channel if you want to win any of the prizes which will be given away during the event.

2832655240977272601.jpeg

That's right, prizes and gaming!  The wonderful folks at AMD have sent over some mysterious parts for you to have a chance to win and several of the staff of PCPer have dug through their closets and sent out some of the gear we have reviewed recently.  What could these be?  Only one way to find out; see you on Saturday!

That ThinkPwn vulnerability extends beyond Lenovo as the fault is with the motherboard

Subject: General Tech | July 6, 2016 - 01:46 PM |
Tagged: ThinkPwn, Lenovo, gigabyte, 68-UD3H, z77x-ud5h, Z87MX-D3H, Z97-D3H, Intel, SMM

The ThinkPwn vulnerability which has been in the news lately, which allows attackers to disable Secure Boot and bypass Virtual Secure Mode on Win10 Enterprise as well as disabling flash write protection turns out not to be yet another questionable Lenovo feature.  Instead the problem lies with the motherboards UEFI, specifically the Intel System Management Mode implemented on Gigabyte motherboards.  So far the issue has been located on Z68-UD3H, Z77X-UD5H, Z87MX-D3H, and Z97-D3H but it is possible that the vulnerability exists on far more motherboards, perhaps even beyond Gigabyte as the flaw is in the Intel code.  The Register also postulates this could effect HP Pavilion machines as they use these boards as well.

lp486_2.gif

"Gigabyte has been swept into turmoil surrounding low-level security vulnerabilities that allows attackers to kill flash protection, secure boot, and tamper with firmware on PCs by Lenovo and other vendors."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Razer Announces BlackWidow X Tournament Edition

Subject: General Tech | July 5, 2016 - 05:45 PM |
Tagged: razer, mechanical keyboard, Cherry MX

Well this is interesting. Razer has announced the BlackWidow X Tournament Edition, which is a new tenkeyless mechanical keyboard that uses Cherry MX Blue switches. This is interesting, because it does not use Razer's own switches -- not even as a customization (like the BlackWidow X Ultimate). You must use Cherry MX Blue. It's an interesting change, and I'm not sure why they did that, but they did.

razer-2016-blackwidowxte.png

Beyond that, it's a fairly standard keyboard. It doesn't have a number pad, but it does have a button to record macros on it. I personally do not like those ever since my original Razer BlackWidow. I would accidentally press the button, not realize it, then have everything I typed get spammed out for the next half hour, including passwords. I would assume Razer has fixed that issue in the last four-or-so years, but I haven't used their keyboards in a while. There might have even been an option to prevent it back then, but I never found it. Also, for some, a macro button is probably a nice feature, seeing as they've consistently included it.

The talk about Cherry Switches and Macro Keys aside, the keyboard seems like a pretty decent value. The Razer BlackWidow X Tournament Edition costs $69.99 and ships next week.

Source: Razer

Xbox Play Anywhere Has Been Formalized

Subject: General Tech | July 5, 2016 - 05:18 PM |
Tagged: xbox, windows 10, microsoft

Microsoft is launching Xbox Play Anywhere this fall, which allows games that are purchased on Xbox Store and Windows Store to be available on the other for no additional cost.

microsoft-2016-window10xboxplayanywhere.png

To our site, this means that these games will also be available on Windows 10. Moreover, Microsoft has announced that “every new title published from Microsoft Studios will support Xbox Play Anywhere and will be easily accessible in the Windows Store.” So this means that, starting with Re-Core, Microsoft should publish all of their games on the PC.

Update (July 6th @ 3:33pm EDT): Turns out that it was updated to clarify "at this year's E3". So the list of games on XboxPlayAnywhere is all they're announcing so far.

That said, it will all be done through Windows Store, and so we'll need to remain concerned about the openness of that platform. The obvious example is when Games for Windows Live was shut down, bricking all software that the developer didn't patch out (or patch over to Steam). There's also concern about people being able to distribute software independently and anonymously as well.

That said, Microsoft is free to publish their own software however they like, and it's nice to see them supporting the PC again. I just want to make sure a strong, alternative platform exists (like Win32 or a strong Web standard) that cannot be (legally or technically) pivoted into Windows RT (or iOS), which forced all browsers to be re-skins of Internet Explorer (or Safari in iOS's case), forced content guidelines on games, etc. Someone will abuse any restrictions that are made, now or in the future.

Yes, some of your users phones are infected

Subject: General Tech | July 5, 2016 - 12:32 PM |
Tagged: security, Malware

Managing mobile devices in an enterprise environment is a nightmare, even with properly set up security polices and some sort of Mobile Device Manager.  Security firm Skycure recently estimated one in every 200 devices is infected with some form of malware, which seems a bit low especially considering that some the devices tested had 290 apps installed.  Infections of Android devices are most common but do not think for a moment that your iOS device is safe, it may only be half as likely to be compromised but it does indeed have serious vulnerabilities as well.  Drop by The Register for a look at the numbers of bad apps on various stores.

36e22fe6de9f2cf7acc3a2e1ced5f9e5.png

"Researchers found enterprises have three unique infection instances with devices sporting an eye-watering average of 290 apps a piece."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

The 8-Bit Guy (and Friends) on Cassette Tapes for PCs

Subject: General Tech, Storage | July 5, 2016 - 02:52 AM |
Tagged: cassette, tape

Some old PCs didn't have storage, so users needed to add programs manually by typing in the source code. As The 8-Bit Guy explains, one of the first consumer solutions was to attach a cassette tape to the computer through analog audio cables. They would actually be programmed by pulsing electrical intensities, which would be interpreted as binary data, within the audio range. Near the end, he even plays a clip of normal data, and “fast loader” data.

He, and his co-hosts, talk about their experiences with the medium, such as using a two-deck cassette player to copy programs and share them with friends. It doesn't go too deep into the technology or the time period, unlike some of his previous videos, but it's still entertaining none-the-less.

More Examples of Why AV Software Can Be Bad

Subject: General Tech | July 5, 2016 - 02:13 AM |
Tagged: symantec, security

I know that I've mention this in the past, and I'm not advocating running no antivirus software, but it's good to remember that you're using high-privileged software to load untrusted data. While mistakes can happen in any reasonably complex software, some companies are more complacent than others, and some design choices fail to respect the trust you have in them. Symantec, as far as I know, has one of the better reputations of security companies, but this flaw is terrible.

fry-not-sure-if.jpg

Basically, to detect malware that has been obfuscated by executable compression, antivirus software unpacks it themselves and looks. Symantec's solution runs in the kernel, allowing any malware that targets it to have kernel permissions. They were also using “at least” seven-year-old forks of open source libraries. Well... crap.

The bugs have been privately disclosed to Symantec, and fixed before Google went public. If you have any Symantec, or their consumer brand, Norton, software, then make sure it's up to date. Consumer software will have the fix pushed through LiveUpdate, but some some products, like Symantec Endpoint Protection and Symantec Protection for SharePoint Servers might require administrator action.

Source: Google

Your encrypted Android phone's Keymaster will settle for anyone, not just Sigourney

Subject: General Tech | July 4, 2016 - 01:08 PM |
Tagged: andriod, keymaster, qualcomm, snapdragon, encryption

The only good news about this particular decryption hack requires physical access to your phone and as you should be aware once someone has your device in their hands all bets about security are off.  The vulnerability exists on ARM-compatible Snapdragon system-on-chips and the TrustZone, a secure part of the chip which runs outside of the operating system and passes information pertaining to the encryption on your phone via the Qualcomm Secure Execution Environment.

It is possible to to exploit an Android kernel security vulnerability to load your own QSEE application which can then query the TrustZone for your unencrypted blob and RSA key.  From there it is simply a matter of brute forcing the phones PIN or password which then allows you access to all the encrypted data on the device.  The Register explains not only the vulnerability but also how TrustZone and KeyMaster work on your devices in this article.

index.jpg

"Essentially, if someone seizes your Qualcomm Snapdragon-powered phone, they can potentially decrypt its file system's contents with a friendly Python script without knowing your password or PIN."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Microsoft Will Still Be More Polite... But First...

Subject: General Tech | July 2, 2016 - 10:38 PM |
Tagged: microsoft, windows 10

So, despite announcing that they will reskin the Get Windows 10 notification four days ago, Microsoft will release another annoying Get Windows 10 campaign. Based on what looks like a Windows 8.x modern, full-screen prompt, Microsoft will post “Sorry to interrupt, but this is important. Windows 10 free upgrade offer ends July 29th.” It then has two buttons, Upgrade now and Remind me later, and two links, Notify me three more times and Do not notify me again.

microsoft-2016-windows10finalpromptallegedly.png

It's interesting to see that this prompt looks like Windows 8.x, but will also appear on Windows 7 machines. It will probably be very jarring to a Windows 7 user to see the entire screen turn a slightly purple-ish blue in a UI style that you've never seen before, asking you to essentially flip your PC upside down. I would expect them to customize it for each platform, but meh.

Interestingly, Microsoft also lists the conditions that will prevent this prompt from occurring. If you have already tried Windows 10 on the machine, it will not ask you to upgrade back. This is what I would have expected all of Get Windows 10 to do, but, from experience, previous prompts didn't care if you already tried (and even activated) Windows 10. No, it would ask you again to go back. It will also honor all the other ways that you can disable Get Windows 10. They also say it will not appear if “You have a recent version of the Get Windows 10 app installed.” This confuses me, but I'll leave it here regardless.

Anywho, prepare to be annoyed one last time... or not. I don't know.

Source: Microsoft

HTC Vive Currently Dominating Oculus Sales

Subject: General Tech | July 2, 2016 - 09:21 PM |
Tagged: valve, htc, steam, steamvr, vive, Oculus, oculus rift

Thanks to Keith of WCCFTech for tweeting this out.

According to the Steam Hardware Survey, the HTC Vive is dominating the Oculus Rift by more than a factor of two (0.15% to 0.06%). More-so, its rate of change is also double that of Oculus (0.06% to 0.03%). If these numbers are accurate, this means that the SteamVR is massively overtaking Oculus SDK in terms of both amount and rate of change.

htc-valve-2016-viveset.png

Now the questions are “why?” and “what does that mean?”

The most obvious reason, to me, is that HTC has much better availability than Oculus. For the last month, they announced that the Vive ships within two-to-three business days. If you look at Oculus? The website tells you to expect it in August. It is currently the second day of July. While a month is not too long of a time to wait, it would make sense that a consumer would look at the two options and say “Yeah, the this week one, please.”

If that's the case, then the platform battle could be decided simply by retail availability. It wouldn't be decided by a Valve-developed first-party game. It wouldn't be decided by DRM locking games into an exclusive deal. It would simply be decided by “you can buy this one”. That is, unless Oculus ramps up production soon. At that point, we'll need to look back at hardware surveys (not just Steam's) and see what the split is. They could catch up. They could be left behind. Who knows? It could be another factor altogether.

For now, the Vive seems like it's the crowd favorite.

Steam Hardware Survey Shows Drop for Linux

Subject: General Tech | July 2, 2016 - 02:21 AM |
Tagged: valve, steam, linux

The current split of Steam users, according to the Steam Hardware Survey, is 95.5% for Windows, 3.6% for Mac OSX, and 0.8% for Linux. Phoronix reports that this does not count SteamOS, and there might be other “inaccuracies” with the survey, but the Linux figures are 0.04% less than they were before (a relative drop of about 4.8%).

7-TuxGpu.png

Windows users are up, and Mac OSX is flat.

A 4.8% drop in a month isn't promising, but it's also not too concerning. If you were intending to target a platform with 0.8% marketshare, then you can benefit from the long shelf life that Linux provides. It's not like a publisher is counting on that platform to reach two-week launch window sales figures. We'll see if the pendulum will swing back in the future, especially if Valve creates compelling, new, first-party content for Linux. They seem to be waiting to put their full weight behind it.

Mozilla Publishes Servo Nightly (for Mac and Linux)

Subject: General Tech | July 1, 2016 - 07:12 PM |
Tagged: web browser, gecko, servo, Rust, mozilla, Samsung

No love for Windows at the moment, but Mozilla is showing previews of their new browser rendering engine, Servo. This one is developed in Rust, which is a highly parallel yet very memory safe language, which are two great features for a web browser, especially on mobile and multi-core desktops. You are currently able to pick it up on Mac and Linux, although it is not ready to be your primary browser yet. Windows and Android builds “should be available soon”.

Basically, Mozilla has been spending the last few years re-thinking how to design a web browser. Most Web standards are based on assumptions that the browser is going through a main loop, and that these items will occur in sequence. Back in 2013, most of the research was to see far a browser could travel into parallelization before compatibility just stops following. Samsung, who is obviously interested in smartphone technology, partnered with them, because it's easier to add more cores onto a mobile SoC than it is to make existing ones faster.

mozilla-architecture.jpg

At the time, they weren't sure whether this research would be used to improve Gecko, the current rendering engine that has been around since Netscape 6, or create a suitable replacement for it. As far as I know, that decision has still not been made, but they also haven't bailed on it yet.

Perhaps we'll see a new wave of Web technology coming soon? Maybe even break up the Webkit monopoly that seems to be forming, led by iOS and Android devices?

Source: Mozilla