Month: January 2025

Kein grundlegend neues Konzept, sondern Detailverbesserungen - und Rückwärtskompatibilität: Die nächste Konsole von Nintendo heißt Switch 2. (Nintendo Switch, Nintendo)

Amazon hat eine Endoskopkamera mit Licht im Angebot, mit der man über das Smartphone schwer zugängliche Bereiche inspizieren kann. (Technik/Hardware)

For the past seven months—and likely longer—an industry-wide standard that protects Windows devices from firmware infections could be bypassed using a simple technique. On Tuesday, Microsoft finally patched the vulnerability. The status of Linux systems is still unclear.

Tracked as CVE-2024-7344, the vulnerability made it possible for attackers who had already gained privileged access to a device to run malicious firmware during bootup. These types of attacks can be particularly pernicious because infections hide inside the firmware that runs at an early stage, before even Windows or Linux has loaded. This strategic position allows the malware to evade defenses installed by the OS and gives it the ability to survive even after hard drives have been reformatted. From then on, the resulting "bootkit" controls the operating system start.

In place since 2012, Secure Boot is designed to prevent these types of attacks by creating a chain-of-trust linking each file that gets loaded. Each time a device boots, Secure Boot verifies that each firmware component is digitally signed before it’s allowed to run. It then checks the OS bootloader's digital signature to ensure that it's trusted by the Secure Boot policy and hasn't been tampered with. Secure Boot is built into the UEFI—short for Unified Extensible Firmware Interface—the successor to the BIOS that’s responsible for booting modern Windows and Linux devices.

Read full article

Comments

Auch vergangenes Jahr wurden Tausende Rufnummern gesperrt und Verbote für Rechnungsstellungen verfügt. In vielen Fällen ist die Bundesnetzagentur allerdings machtlos. (Festnetz, Instant Messenger)

With 40 million players worldwide and over a billion views on YouTube, the Poppy Playtime game series has gained a massive following.

Created by the American indie game studio Mob Entertainment, the game is particularly popular among fans of horror games and online content creators. A planned Poppy Playtime live action movie will only add to this lure.

Poppy Playtime’s success hasn’t gone unnoticed. As is often the case, popular games serve as inspiration for other developers. That’s fine, but when others use the same brand and content to attract users, a line is clearly being crossed.

‘Copyright Infringing Scam Apps’

According to Mob Entertainment, this is precisely what happened on Google Play. In a new lawsuit filed at a federal court in California, Poppy Playtime’s creators accuse developer ‘Daigo Game 2020, Inc’ of releasing ‘scam’ applications on Google Play.

The unauthorized games versions were advertised as “Poppy Playtime: Chapter 3” and “Poppy Playtime: Chapter 4” and allegedly contain many works protected by Mob Entertainment’s copyright. The comparison below does indeed show striking similarities.

Similarities 

Poppy Playtime’s developer notes that these knockoff games confused many thousands of players, not least due to ‘Chapter 3’ and ‘Chapter 4’ bring uploaded to Google Play before these versions were officially released.

Aside from using Poppy Playtime’s name, logo, and characters, the ‘scam’ apps offer very little to the user. The complaint notes that the app is not a game at all. Instead, it asks users to pay $30 to $95 for the “Guide wuggy playtime mod.”

“When users pay for the “Guide wuggy playtime mod,” all they receive is a link to a dead webpage,” the complaint notes.

‘Google Play Failed to Take Apps Offline’

The complaint doesn’t just target the developers of these alleged scam apps, it also lists Google as a defendant. The plaintiffs allege that Google receives 15% or 30% of the unauthorized sales and failed to take proper action in response to DMCA notices.

Mob Entertainment says it contacted Google on various occasions, using the web-based takedown form and the email address dmca-agent@google.com. These requests to remove the allegedly infringing app didn’t yield a satisfactory result and can be summarized as follows.

---

– October 31, 2024: Takedown request sent for unauthorized Poppy Playtime Chapter 3 app

– November 1, 2024: Google confirms receipt

– December 5, 2024: No response, Mob Entertainment sends a follow-up

– December 9, 2024: Google responds, stating that the app will be removed

– December 9, 2024: Google removes “Poppy Playtime Chapter 3”

– December 13, 2024: “Poppy Playtime Chapter 3” returns to the Play Store (same URL)

– December 13, 2024: Mob Entertainment informs Google that the app returned

– December 16, 2024: Google confirms receipt

– December 19, 2024: Mob Entertainment sends another DMCA takedown notice

– December 19, 2024: Google asks the developer to use the web-based takedown form

– December 30, 2024: Takedown request sent for unauthorized Poppy Playtime Chapter 4

– December 30, 2024: Google confirms receipt

---

Mob Entertainment argues that, despite these efforts, Google did not expeditiously remove the copyright infringing applications, which are still available in the Play Store to this day.

Scam apps? 

Poppy Playtime Requests Damages

Google’s alleged inaction makes the company ineligible for DMCA safe harbor protection, the lawsuit notes. As such, it can be held liable for copyright infringement.

“Google forfeited the benefits of the DMCA’s safe harbor provision for its infringement of Mob Entertainment’s copyrighted works contained in the unauthorized ‘Poppy Playtime: Chapter 3’ and ‘Poppy Playtime Chapter 4’ applications.”

Mob Entertainment accuses Google and Daigo of both copyright and trademark infringement, and they request to be compensated. This includes potential statutory damages of $150,000 per work.

In addition, the indie game developer seeks an injunction preventing both Google and Daigo from infringing its copyrights and trademarks going forward.

—

A copy of Mob Entertainment’s complaint against Google and Daigo, filed yesterday at the California federal court, is available here (pdf). Neither defendant has responded to the lawsuit thus far.

From: TF, for the latest news on copyright battles, piracy and more.

Electric vehicle chargers are increasingly a target of vandals, often in search of copper. "Even at our headquarter site here in Campbell, in Silicon Valley, we've had our site vandalized twice," said Rick Wilmer, CEO of ChargePoint. His customers are starting to get fed up with the problem, too, and so Wilmer has had the company hard at work on a solution: an uncuttable cable, which should be ready to deploy by early summer.

"I literally got so frustrated ... I was at home in my own workshop, building prototypes and taking all my nastiest tools to them, to try and cut them, to see what we could come up with," Wilmer told me. It's a simple idea, involving hardened steel and "some other polymer materials that are just really hard to cut through," Wilmer said.

As well as making cables for its own chargers, ChargePoint plans to license its invention to others in the industry. "So we've collaborated with a few [cable vendors] to build these cables... and we can refer anyone that's interested to those vendors and give [them] permission to build cables with this technology for someone other than us," Wilmer said.

Read full article

Comments

Yesterday was Wikipedia Day, celebrating the first edit made to the online encyclopedia on January 15, 2001. It's a tricky kind of celebration because, for many of us, every day is a Wikipedia Day. Scanning a new Wikipedia tab can feel like turning on a faucet, using a resource that has seemingly always been there and dispensed evenly, almost magically, from the Internet pipes.

But that's not where Wikipedia comes from. It comes from editors, who are volunteers that add missing topics, update pages when new things happen, and settle debates ranging from grammar ticks to deep philosophy. Author Stephen Harrison has written about these people for Slate, WIRED, The Guardian, and The New York Times. Now, he's exploring their distinctive lives, interests, and conflicts of this tribe in a fiction tome, The Editors.

The Editors follows Morgan Wentworth, a recently laid-off journalist, who scopes out a freelance story at a global conference for the book's Wiki stand-in, Infopendium. Wentworth sees the breadth of ages, personalities, and motivations among the editors and comes to appreciate their dedication. Then, a hacker breaks in, posts a cryptic message, and triggers Wentworth's expanding investigation into a global struggle over truth and information.

Read full article

Comments

China ist als autoritärer Überwachungsstaat nach Einschätzung von Datenschützern kein zulässiger Standort für europäische Nutzerdaten. (DSGVO, Datenschutz)

Amazons letzte Preiserhöhung für Prime-Kunden um 30 Prozent ist nicht rechtens gewesen. Der US-Konzern dürfte das Geld zurückerstatten oder muss mit einer Sammelklage rechnen. (Amazon, Verbraucherschutz)

Eine Smart-Home-Stehlampe, die modernes Design mit vielseitiger Lichttechnologie kombiniert und Wohnräume flexibel erleuchten soll. (Technik/Hardware, Smart Home)