By continuing to use the site or Forum, you agree to the use of cookies, find out more by reading our GDPR policy.

Cybersecurity firm Kaspersky Lab has uncovered a vulnerability in the Telegram desktop app which allows the social messaging app to be exploited for mining cryptocurrencies. In a statement, Kaspersky says the zero-day vulnerability provides a backdoor that “has been actively exploited since March 2017 for the cryptocurrency mining functionality.” It adds that they had notified Telegram of the vulnerability and “at the time of publication, the zero-day flaw has not since been observed in [the] messenger’s products.” Research conducted by Kaspersky showed that the zero-day flaw was based on the RLO (right-to-left override) Unicode method, which is generally used for coding languages written from right to left, such as Arabic and Hebrew. However, it can also be used by hackers to dupe unknowing recipients into downloading malware, for example disguised as images. Kaspersky analysts identified “several scenarios of zero-day exploitation in the wild by threat actors.” The threats identified were two-fold. First, the exploit was used to deliver mining software, allowing hackers to use the victim’s machine to mine cryptocurrency including “Monero, Zcash, Fantomcoin and others.”

‘Search bias & leveraging dominance’ Google has been fined $21 million by India’s antitrust watchdog after being accused of search bias and abusing its dominant position. The search giant says it is reviewing the complaints. The Competition Commission of India (CCI) said in a 190-page order that Google was “found to be indulging in practices of search bias and by doing so, it causes harm to its competitors as well as to users.” “Google was leveraging its dominance in the market for online general web search, to strengthen its position in the market for online syndicate search services,” the CCI said, as quoted by Reuters. The accusations against Google revolve around the CCI claiming the search engine places its commercial flight search function in a prominent position on the search results page. This, according to the commission, resulted in a disadvantage to businesses trying to gain market access. The CCI has ordered that the fine – which represents five percent of the average total revenue generated by Google from its Indian operations – be paid within 60 days. The fine was approved by a majority of 4-2. At the same time, the commission said it did not find any violation related to Google’s specialized search design, AdWords, or online distribution agreements.

A source code for a key component of the iPhone's operating system was leaked online, potentially handing hackers coveted data which will make it easier to break into iOS. It was removed after Apple filed a takedown request. The code posted on GitHub is for the iOS 9.3 version of iBoot, a vital component of iOS which ensures the booting of the operating system. It was posted on the website by user 'ZioShiba.' It remains unclear how the user obtained the code, but it appears to be legitimate. That's according to Jonathan Levin, the author of a series of books on iOS, who spoke to Motherboard and called the incident the “biggest leak in history” and a “huge deal.” The website Gadget Hacks also said the code is "definitely the real deal." The source code was eventually taken down, after Apple filed a copyright takedown request with GitHub. The code's release could have a number of implications. For starters, hackers could use it to locate flaws and bugs that could allow them to crack or decrypt an iPhone. Programmers could use the information to mimic iOS on non-Apple devices.

Polaris could be the most important version of Windows in years. Here's why. Since the release of Windows 10 in 2015, Microsoft has made it clear that it wants to move away from its past style of operating system releases and towards a new, more singular and unified approach. It’s already brought together its desktop Windows 10 OS with Windows 10 Mobile, and Xbox Live infrastructure — and Polaris could be the next step in that trend. But what is Windows Polaris? Although we don’t know for sure just yet, as Microsoft hasn’t made any sort of official announcements, the general line of thinking is that it’s the PC component in Microsoft’s future Windows strategy. Windows Core OS will act as a base for all future Windows iterations. We’ve had hints that Andromeda OS will be the version used in mobile, which could be used on a future Surface phone. Meanwhile, Polaris could be the one you run on your desktop or laptop.
Windows Core OS

The Store-only version of Windows becomes an installation option instead. With the next big update to Windows 10, version 1803, Microsoft is making some big changes to how it sells the software to OEMs. The biggest casualty? Windows 10 S—the restricted version of Windows that can only run apps from the Store—is going away. Currently, Windows 10 S is a unique edition of Windows 10. It's based on Windows 10 Pro; Windows 10 Pro has various facilities that enable system administrators to restrict which software can be run, and Windows 10 S is essentially a preconfigured version of those facilities. In addition to locking out arbitrary downloaded programs, it also prevents the use of certain built-in Windows features such as the command-line, PowerShell, and Windows Subsystem for Linux. For those who can't abide by the constraints that S imposes, you can upgrade 10 S to the full 10 Pro. This upgrade is a one-shot deal: there's no way of re-enabling the S limitations after upgrading to Pro. It's also a paid upgrade: while Microsoft offered it as a free upgrade for a limited time for its Surface Laptop, the regular price is $49. When announcing Windows 10 S, Microsoft expressed the hope that other premium devices would ship with the version. This doesn't appear to have happened; aside from Surface Laptop, the other Windows 10 S devices are all low-end, aimed at education markets.

Microsoft’s long-rumored foldable Andromeda (also referred to as Surface Phone) is launching later this year but it appears that it won’t have Polaris (CShell) version 2 or support for Win32 applications initially. A new report also claims that Microsoft’s ultimate mobile device could launch as soon as this year, and it will be powered by Windows Core OS with Andromeda Shell. While Andromeda CShell is mobile-focused, Polaris is a CShell for the desktop that would run on top of the Windows Core OS to deliver the best experience on large screen size devices. Polaris is reportedly arriving next year, while Windows Core OS with Andromeda will be unveiled later this year. Microsoft is designing Windows Core OS for desktop without the legacy Windows elements and applications, in other words, the operating system will be limited to Microsoft Store, just like Windows 10 OS but in a much better way. Polaris will compete with Chromebook as the devices powered by Polaris Shell will be lightweight, secure and faster than the traditional Windows 10 laptops. While Polaris won’t support Win32 applications natively, Microsoft is exploring new ways to emulate the legacy applications to fill the app gap. Microsoft is also working on adding support for Polaris to the foldable mobile device, and this will make the foldable device, even more, advance, lightweight and faster without Win32 legacy codes.

 

Latest Articles