Just another news site
Zur aktuellen Situation von Konzertveranstaltern, Kulturarbeitern, Clubs und Spielstätten in der Corona-Krise. Teil 1
Checkm8 vulnerability used to jailbreak iPhones hits Macs as well.
Enlarge / The 2014 Mac mini is pictured here alongside the 2012 Mac mini. They looked the same, but the insides were different in some key—and disappointing—ways. (credit: Andrew Cunningham)
A recently released tool is letting anyone exploit an unusual Mac vulnerability to bypass Apple's trusted T2 security chip and gain deep system access. The flaw is one researchers have also been using for more than a year to jailbreak older models of iPhones. But the fact that the T2 chip is vulnerable in the same way creates a new host of potential threats. Worst of all, while Apple may be able to slow down potential hackers, the flaw is ultimately unfixable in every Mac that has a T2 inside.
In general, the jailbreak community hasn't paid as much attention to macOS and OS X as it has iOS, because they don't have the same restrictions and walled gardens that are built into Apple's mobile ecosystem. But the T2 chip, launched in 2017, created some limitations and mysteries. Apple added the chip as a trusted mechanism for securing high-value features like encrypted data storage, Touch ID, and Activation Lock, which works with Apple's "Find My" services. But the T2 also contains a vulnerability, known as Checkm8, that jailbreakers have already been exploiting in Apple's A5 through A11 (2011 to 2017) mobile chipsets. Now Checkra1n, the same group that developed the tool for iOS, has released support for T2 bypass.
On Macs, the jailbreak allows researchers to probe the T2 chip and explore its security features. It can even be used to run Linux on the T2 or play Doom on a MacBook Pro's Touch Bar. The jailbreak could also be weaponized by malicious hackers, though, to disable macOS security features like System Integrity Protection and Secure Boot and install malware. Combined with another T2 vulnerability that was publicly disclosed in July by the Chinese security research and jailbreaking group Pangu Team, the jailbreak could also potentially be used to obtain FileVault encryption keys and to decrypt user data. The vulnerability is unpatchable, because the flaw is in low-level, unchangeable code for hardware.
Read 13 remaining paragraphs | Comments
Nach Facebook verschärft auch Twitter seine Regelungen für die US-Wahlen. Betroffen könnte auch der Account von US-Präsident Trump sein. (Twitter, Soziales Netz)
Nach Facebook verschärft auch Twitter seine Regelungen für die US-Wahlen. Betroffen könnte auch der Account von US-Präsident Trump sein. (Twitter, Soziales Netz) Mobile ransomware has undergone a worrying evolution, new research shows.
Enlarge (credit: Milana Romazanova | Getty Images)
Though ransomware has been around for years, it poses an ever-increasing threat to hospitals, municipal governments, and basically any institution that can't tolerate downtime. But along with the various types of PC malware that are typically used in these attacks, there's another burgeoning platform for ransomware as well: Android phones. And new research from Microsoft shows that criminal hackers are investing time and resources in refining their mobile ransomware tools—a sign that their attacks are generating payouts.
Released on Thursday, the findings, which were detected using Microsoft Defender on mobile, look at a variant of a known Android ransomware family that has added some clever tricks. That includes a new ransom note delivery mechanism, improved techniques to avoid detection, and even a machine learning component that could be used to fine-tune the attack for different victims' devices. While mobile ransomware has been around since at least 2014 and still isn't a ubiquitous threat, it could be poised to take a bigger leap.
Read 8 remaining paragraphs | Comments
Eine Replik auf Kommentare zum Artikel “Denkende Maschinen”
Tesla hat das Model 3 überarbeitet und bietet unverchromte Zierrahmen an. Zudem sollen ein neues Lenkrad und eine Doppelverglasung kommen. (Tesla Model 3, Technologie)
Tesla hat das Model 3 überarbeitet und bietet unverchromte Zierrahmen an. Zudem sollen ein neues Lenkrad und eine Doppelverglasung kommen. (Tesla Model 3, Technologie) In other countries, the UK is often used as a prime example of how pirate site-blocking injunctions can function effectively. However, over the past several years, movie and music companies haven’t requested any new blocks. As a result, new pirate sites can flourish, for now.
From: TF, for the latest news on copyright battles, piracy and more.
Website blocking is without a doubt one of the favorite anti-piracy tools of the entertainment industries.
The UK has been a leader on this front. Since 2011, the High Court has ordered ISPs to block access to many popular pirate sites.
While official numbers are lacking, it’s believed that thousands of URLs are currently blocked, targeting sites such as The Pirate Bay, RARBG, Fmovies, NewAlbumReleases, and Team-Xecuter.
The UK approach has set an example for many other countries and has been used to argue in favor of site blocking measures in other regions including Australia and Canada. More recently, the UK example was highlighted in a US Senate hearing, with Hollywood’s MPA praising its effectiveness.
“Studies in the UK and Australia have shown that this can lead to statistically significant and meaningful increases in legal online consumption. In that respect, the injunctive remedy in the European Union, the UK, Australia, and elsewhere has been decidedly more effective than the endless cycle of DMCA notice sending,” MPA’s Stan McCoy said.
The comment was made to support a new push for ‘no-fault’ site-blocking injunctions in the US. The MPA speaks from personal experience here, as it was the driving force behind several UK court orders. That said, McCoy’s testimony leaves out some important context.
While the MPA is pushing site blocking in the US, the UK efforts have completely died down. The last blocking request from Hollywood studios dates back roughly years ago. Similarly, there hasn’t been any request from record labels since 2013.
As a result, new pirate sites, and those that haven’t been blocked, were able to grow their audiences without much trouble. And indeed, if we take a look at the 500 most visited sites in the UK, names including Magnetdl, Filmix, Lookmovie, Rutor, and 9anime show up.
For a site such as Magnetdl, roughly a quarter of all traffic comes from the UK, where the site isn’t blocked.
This begs the question; if site blocking is so extremely effective in curbing piracy, why aren’t there any new requests? We reached out to the MPA’s EMEA office, which was kind enough to comment on the matter but didn’t offer any answers.
“The MPA EMEA is continuing with site blocking across Europe. Site blocking is a legitimate and effective way of halting the spread of online piracy. Piracy affects everyone involved in the creative process – from the songwriters to authors and the makeup artists, a spokesperson informed us
“Site blocking builds on years of work, and forms just one pillar of the MPA EMEA’s overall enforcement strategy. Online infringement is complex, and there is no single answer to addressing it.”
Reading between the lines it appears that the MPA prefers to focus on other anti-piracy efforts, at least in the UK. This is likely the result of a cost-benefit analysis. Although it wouldn’t be hard to apply for new pirate site blockades, these anti-piracy measures come at a cost.
Previously, it was estimated that an unopposed application for a section 97A blocking order costs roughly £14,000 per site, while maintaining it costs an additional £3,600 per year. With hundreds of blocked sites, the costs are quite significant, to say the least.
The music industry may have similar reasons. In recent years they have complained repeatedly about the copyright-infringing nature of YouTube rippers, but there haven’t been any attempts to have these sites blocked. That will change though.
We reached out to the UK music group BPI which says that it still sees site blocking as a valuable tool. The group hasn’t requested any new blocks in years but it will soon request blocks against stream rippers.
“There are a range of tools that we use to reduce stream ripping and music piracy in all its forms in the UK. We also expect others who are in positions of responsibility within the digital economy to do more.”
“Website blocking is an important and very effective part of our tool kit and is used in a proportionate way. BPI intends to seek the High Court’s judgment in relation to stream rippers in 2021,” a BPI spokesperson added.
While the movie and music industries have other priorities, site-blocking powers are not completely unused. In recent years various sports organizations, including UEFA and the Premier League, have repeatedly requested and renewed IP-address blocks of illegal IPTV services.
From: TF, for the latest news on copyright battles, piracy and more.
In other countries, the UK is often used as a prime example of how pirate site-blocking injunctions can function effectively. However, over the past several years, movie and music companies haven’t requested any new blocks. As a result, new pirate sites can flourish, for now.
From: TF, for the latest news on copyright battles, piracy and more.
Website blocking is without a doubt one of the favorite anti-piracy tools of the entertainment industries.
The UK has been a leader on this front. Since 2011, the High Court has ordered ISPs to block access to many popular pirate sites.
While official numbers are lacking, it’s believed that thousands of URLs are currently blocked, targeting sites such as The Pirate Bay, RARBG, Fmovies, NewAlbumReleases, and Team-Xecuter.
The UK approach has set an example for many other countries and has been used to argue in favor of site blocking measures in other regions including Australia and Canada. More recently, the UK example was highlighted in a US Senate hearing, with Hollywood’s MPA praising its effectiveness.
“Studies in the UK and Australia have shown that this can lead to statistically significant and meaningful increases in legal online consumption. In that respect, the injunctive remedy in the European Union, the UK, Australia, and elsewhere has been decidedly more effective than the endless cycle of DMCA notice sending,” MPA’s Stan McCoy said.
The comment was made to support a new push for ‘no-fault’ site-blocking injunctions in the US. The MPA speaks from personal experience here, as it was the driving force behind several UK court orders. That said, McCoy’s testimony leaves out some important context.
While the MPA is pushing site blocking in the US, the UK efforts have completely died down. The last blocking request from Hollywood studios dates back roughly years ago. Similarly, there hasn’t been any request from record labels since 2013.
As a result, new pirate sites, and those that haven’t been blocked, were able to grow their audiences without much trouble. And indeed, if we take a look at the 500 most visited sites in the UK, names including Magnetdl, Filmix, Lookmovie, Rutor, and 9anime show up.
For a site such as Magnetdl, roughly a quarter of all traffic comes from the UK, where the site isn’t blocked.
This begs the question; if site blocking is so extremely effective in curbing piracy, why aren’t there any new requests? We reached out to the MPA’s EMEA office, which was kind enough to comment on the matter but didn’t offer any answers.
“The MPA EMEA is continuing with site blocking across Europe. Site blocking is a legitimate and effective way of halting the spread of online piracy. Piracy affects everyone involved in the creative process – from the songwriters to authors and the makeup artists, a spokesperson informed us
“Site blocking builds on years of work, and forms just one pillar of the MPA EMEA’s overall enforcement strategy. Online infringement is complex, and there is no single answer to addressing it.”
Reading between the lines it appears that the MPA prefers to focus on other anti-piracy efforts, at least in the UK. This is likely the result of a cost-benefit analysis. Although it wouldn’t be hard to apply for new pirate site blockades, these anti-piracy measures come at a cost.
Previously, it was estimated that an unopposed application for a section 97A blocking order costs roughly £14,000 per site, while maintaining it costs an additional £3,600 per year. With hundreds of blocked sites, the costs are quite significant, to say the least.
The music industry may have similar reasons. In recent years they have complained repeatedly about the copyright-infringing nature of YouTube rippers, but there haven’t been any attempts to have these sites blocked. That will change though.
We reached out to the UK music group BPI which says that it still sees site blocking as a valuable tool. The group hasn’t requested any new blocks in years but it will soon request blocks against stream rippers.
“There are a range of tools that we use to reduce stream ripping and music piracy in all its forms in the UK. We also expect others who are in positions of responsibility within the digital economy to do more.”
“Website blocking is an important and very effective part of our tool kit and is used in a proportionate way. BPI intends to seek the High Court’s judgment in relation to stream rippers in 2021,” a BPI spokesperson added.
While the movie and music industries have other priorities, site-blocking powers are not completely unused. In recent years various sports organizations, including UEFA and the Premier League, have repeatedly requested and renewed IP-address blocks of illegal IPTV services.
From: TF, for the latest news on copyright battles, piracy and more.
“Eine gute Woche für die Elektromobilität” geht aus Sicht der Energiewirtschaft zu Ende. Neben neuen Gesetzen gibt es Rekorde bei Zulassungszahlen. (Elektroauto, Technologie)
"Eine gute Woche für die Elektromobilität" geht aus Sicht der Energiewirtschaft zu Ende. Neben neuen Gesetzen gibt es Rekorde bei Zulassungszahlen. (Elektroauto, Technologie) Holzarchitektur kann vom Hochhaus bis zum naturnahen Einfamilienhaus alles, was die Moderne konnte, weil sie mit ihr und ihren Baustoffen einen Verbund eingeht
You must be logged in to post a comment.