Search This Blog

Showing posts with label Technology. Show all posts

Twitter and Facebook CEOs asked to testify on election and content moderation before the US Senate

 

The US Senate Judiciary Committee has asked the CEO of Twitter and Facebook to evaluate their role in “platforms’ censorship and suppression of New York Post articles” and their role in the election.
After voting to move forward with a pair of subpoenas, the Senate Judiciary Committee agreed that the two CEO Twitter's Jack Dorsey and Facebook’s Mark Zuckerberg will be answerable to the Senate set on November 17, two weeks after the US elections. The committee lead by Republican South Carolina Senator Lindsey Graham set the agenda of the day as “platforms’ censorship and suppression of New York Post articles.”

 The aforementioned New York Post article was labeled false as it published a story about Hunter Biden, the son of Democratic presidential nominee and former Vice President Joe Biden. The article claimed that Hunter Biden organized a meeting between Joe Biden and an executive at a Ukrainian energy company Burisma in April 2015. Many are calling it a typical "Right-Wing Agenda" with hacked materials and personal mails. 

Twitter prevented its users from posting links to the article. 

As said in a press release, the senators will also dig the two CEO'S on their performance on the elections. Republicans are looking up to questioning the CEOs on their handling of the New York Post regarding the hacked material and messages fished from Hunter Biden. 

The Republicans also intend to enquire about the recent claims of anti-conservative political bias in the two social media platform's policy decisions. Not only the Republicans but the Democrats are also eager to question content moderation on the platform, "While Republicans on the Senate committee led the decision to pressure Zuckerberg and Dorsey into testifying, the committee’s Democrats, who sat out the vote on the subpoenas, will likely bring to the table their questions about content moderation, as well" reports TechCrunch on the matter.

Expert opinion: how the digital currency of the Bank of Russia will change the future of the country

Announcing the possible appearance of the digital ruble, the Russian Central Bank joined dozens of world Central banks that have begun research and experiments in the field of creating national digital currencies.

Yevgeny Marchenko, Director of E. M. FINANCE, was one of the first to share his opinion on the issue. The expert is sure that the introduction of the digital ruble is necessary to increase the convenience of payments for citizens.

Also, among other advantages for citizens and banks, the introduction of the electronic ruble will allow the Bank of Russia to better regulate the country's economy.

The official representative of the Garantex cryptocurrency exchange, Tatyana Maksimenko, noted that it will be increasingly difficult to conduct gray and black schemes since cash flows will be under control — both foreign and domestic.

According to independent expert Leonid Khazanov, the digital ruble is primarily beneficial to the Bank of Russia and the Federal Tax Service. According to him, it will be possible to more effectively control the movement of cash flows in the country and it will be easy to identify any user who has an electronic wallet, which means complete transparency of all transactions. And no one can create several accounts or disguise themselves in any way, each legal entity and individual can only have one e-wallet.

Experiments by Central banks in a number of countries with the national digital currency reveal unsolved problems: for example, the inability to control cross-border movements or the potential use of anonymizers that make it difficult to track payments. The fate of digital currencies, including the ruble, depends on whether regulators will be able to close these gaps.

The Central Bank of Russia considers the introduction of the digital ruble as a new form of money

The Bank of Russia announced that it is studying the problem of issuing a digital ruble. The initiative has been discussed for several years, and there has always been a lot of controversy around it

The Central Bank is considering the possibility of issuing a digital ruble in Russia in order to increase the competitiveness of the domestic economy. On October 13, the regulator presented a report according to which the so-called digital ruble will become an additional form of money along with cash and non-cash.

It is expected that such a payment system will appear in 2021.

The digital ruble can be used for online payments, as well as in offline mode, without access to the Internet and mobile communications. The Central Bank indicated that the digital ruble will increase the stability of the Russian payment system,  but additional infrastructure will be needed for its turnover.

According to the regulator, the digital ruble can make payments faster, easier and safer. At the same time, its use will reduce the cost of payment services, money transfers, and increase competition among financial organizations.

While cash has a unique number, and non-cash money exists in the form of records on accounts, the digital ruble will receive a unique digital code that will move from one user to another when paying.

The Central Bank will become the Issuer of the digital ruble. The digital ruble will be stored in a special electronic wallet. The regulator emphasizes that its digital currency is an equivalent form of national currency. All three forms of the ruble will be equal and equivalent to each other.

This currency will be introduced into circulation gradually. As the head of the State Duma Committee on the financial market Anatoly Aksakov noted, the law on digital financial assets was adopted in July. The document will come into force on January 1, 2021.

Apple denied Durov's statement about the request to block Telegram channels about Belarus

The founder of Telegram, Pavel Durov, accused Apple of trying to "avoid responsibility for complying with its own rules" by using "tricky language". Durov wrote about this in his Telegram channel.

Earlier, Durov said that the Corporation requested the blocking of three channels dedicated to Belarus. They published photos and personal data of security forces and members of election commissions who, according to the authors, committed violations in the elections. The total number of subscribers was about 100 thousand.

According to Durov, Apple's "trick" lies in the company's claim that it does not require disabling three Belarusian channels that disclose the personal data of security forces involved in suppressing protests. Apple requires not to publish posts that disclose personal information. However, Durov notes, the company does not mention that these channels consist entirely of such posts.

"By hiding its requirements in vague words, Apple is trying to avoid responsibility for complying with its own rules", said the founder of Telegram.

"It's time for Apple to learn to take responsibility for its policies, rather than trying to hide them from users,” added he.

According to Durov, he would prefer to keep these channels. The founder of Telegram suggested that they will eventually be blocked on devices using the iOS operating system, but the channels will remain available on other platforms.

According to Apple, the company received complaints from users that their personal data, including names and phone numbers, was transmitted through channels. These complaints were passed to the messenger team, asking them to remove information that reveals someone's personal data on the Internet without their consent, as well as content aimed at specific people.

Telegram did not raise any objections, but promised to check this information and inform Apple about the results of the check.

Earlier, E Hacking News reported that a group of hackers threatens to bring down the tax, energy and banking systems of Belarus if the head of state Alexander Lukashenko does not comply with the ultimatum.

Russian scientists and a graduate student from Syria create a tool for detecting network anomalies of the Internet

Samara Maykhub, a Syrian-born graduate student, to conduct Research at the Samara National Research University named after Academician S. P. Korolev on the development of specialized software systems for detecting Internet network anomalies and preventing hacker attacks. Samara Maykhub received a grant from the Russian Foundation for Basic Research for this project.

The graduate student intends to create special software tools for measuring the one-way delay of packets transmitted between nodes in the network from one computer to another. This will allow you to more accurately analyze the quality of network connections, identify network bandwidth problems, and solve a number of network security problems.

According to scientists of the Samara University, the problem of insufficient network bandwidth, which many users encountered during self-isolation, is particularly relevant now.

Another area of research of Samara Maykhub within the project will be the development of ways to repel network hacker attacks. The scientist suggests a new approach: to analyze outgoing traffic rather than incoming traffic, that is, to study the response packets that the attacked server sends in response to attacking requests. This innovative approach will allow the development of firewalls with low requirements for server computing power.

To conduct experiments, the University will create a testing ground with NetTestBox complexes, a virtual machine server and various network infrastructure, including the Internet of Things sector, as well as an attacking server with a set of programs for scanning and conducting DDoS attacks.

Hackers Can Use AI and Machine Learning to Attack Cybersecurity

 


According to researchers at NCSA and Nasdaq cybersecurity summit, hackers can use Machine and AI (Artificial Intelligence) to avoid identification during cybersecurity attacks and make the threats more effective. Hackers use AI to escape disclosure; it allows them never to get caught and adapt to new tactics over time, says Elham Tabassi, National Institute of Standards and Technology's chief of staff information technology laboratory. 




Tim Bandos from Digital Guardian says technology always requires human consciousness to strive forward. It has and will require human effort to counter cyberattacks and stop them. According to Tim, Experts and Analysts are the real heroes, and AI is just a sidekick. 

How are hackers using AI to attack cybersecurity? 

1. Data Poisoning 
In some cyberattacks, hackers exploit the data which is used to train machine learning models. In data poisoning, the hacker manipulates a training dataset to manage the model's prediction patterns and prepare it according to his will to do many hacker desires. These can include spamming or phishing emails. Tabassi says that data is the driving mechanism for any machine learning, and one should focus on the information he uses to train the models to act like any model. Machine learning training models and the data it uses affect user trust. For cybersecurity, the industry needs to establish a standard protocol for data quality. 

2. Generative Adversarial Networks 
GANs are nothing but a setting where two AI systems are set up against each other. One AI generates the content, and the other AI finds the errors. The competition between the two AIs together creates reliable content to get through as the original. "This capability could be used by game developers to automatically generate layouts for new game levels, as well as by AI researchers to more easily develop simulator systems for training autonomous machines," says Nvidia blog. According to Bandos, hackers are using GANs to replicate traffic patterns. It allows them not to draw attention to the attack, and the hackers can steal sensitive data and get out of the system within 30-40 minutes.

Russian business expressed fear about the isolation from the global Internet

Representatives of big business warned that banning modern website encryption protocols in Russia is tantamount to disconnecting the country from the global Internet. The adoption of the bill in the proposed form, in their opinion, will formally make it illegal to use smartphones and computers and will entail "catastrophic consequences".

Recall that, in September, the Ministry of Digital Development of Russia proposed banning encryption protocols that allow hiding the name or ID of the site requested by the user. These protocols — TLS 1.3, ESNI, DNS over HTTPS, and DNS over TLS — are already being gradually implemented by some browsers. The department believes that the use of these protocols will prevent the system from restricting access to resources containing prohibited information.

It is noted that any encryption protocols are suitable for vague definitions in the text of the bill, regardless of the scope of application. This means that after the law comes into force, any encryption will be formally outlawed, that is, the use of computers and smartphones as such will become illegal, and the operation of any information (for example, banking) will be paralyzed.

The bill will also entail serious costs for the budget: all "illegal" cryptography in state information systems will have to be upgraded or simply disabled. The business products of Russian IT companies will also suffer — without the support of popular encryption technologies, they will become uncompetitive on the world market. And the personal data of Russians will be visible to any technical specialists of Telecom operators and hackers.

Earlier, E Hacking News was reported that Roskomnadzor has notified one of the largest cryptocurrency exchanges  Binance about entering it into the register of prohibited sites.

Be on the look out for 2 new features on Google meet: Q&A and Polls



Video Conferencing is the one tool that makes work from home achievable and hassle free and with systems like Zoom, Microsoft Teams, and Google Meet the work from home scenario has settled quite comfortably. But with increasing users and demand, competition among these softwares has become cut-throat. Though Zoom is dominating the market currently, Google meet has announced two new features to be integrated from October 8th.

The two features that Google announced on their blogpost are Q&A and Polls.

 “Starting October 8, we’re launching two highly-requested features in Google Meet to help you connect and engage with people on your video calls: Q&A and polls,” said Google in the blog post. 

Both these features will help to engage with your audience; Google said the Q&A will help the audience and well as the host to get their queries answered be it for educators or the workforce.

 “Educators can use Q&A as a structured way for students to ask questions on class content and get answers from teachers,” said Google. 

Q&A will provide students with a structured way to ask their questions and users can even up-vote questions they want to be answered without disrupting the session. It will also help the host to answer the most asked question, they will also get an email listing the questions if they want to address them later. Businesses can also use Q&A to be more clear and inclusive. 

The polls on other hand are an interesting feature to add but not any less relevant with quite some advantages. They are very good for feedbacks, quick decision making that is inclusive, for quiz and votes. 

"Business users can easily get real-time feedback from their colleagues, teachers can quiz remote students to ensure they’re absorbing the material, and sales teams can make their sales presentations to prospective customers more engaging and interactive,” said Google. 

The feature will be available to Suite Essentials, G Suite Business, G Suite Enterprise, and G Suite Enterprise for Education customers but not to G Suite Basic, G Suite for Education, and G Suite for Nonprofit customers. 

 Be on the lookout for the new features on Oct 8, but it could take 15 days to reach everywhere.

Microsoft 365 Services Restored After Hours Long Outage


Recently Microsoft was hit with a massive global outage that interrupted users’ access to multiple services including Outlook.com, Office 365, Teams, Exchange, Azure, OneDrive Dynamics 365, SharePoint, amid other cloud-based services.

As per the Azure status history page, the users who were trying to access any of Microsoft’s services encountered issues with logging in and server connection as the downtime started around 21:25 UTC on Monday.


The service interruptions had a rather short lifetime, lasting for several hours before Microsoft technicians fixed the issue and successfully rolled back their systems on Tuesday.

In current times of global pandemic wherein physical access for people is restricted all over the world, the outage of online services has proven to be even more disruptive as the number of people relying on it for work and studies has sprung up by a remarkable margin. As classrooms moved online, students and educational institutions are heavily dependent on services offered by Microsoft and Google, primarily.

Giving insights on the matter, Microsoft said “Users who were not already authenticated to the cloud services using Azure AD would have seen multiple authentication request failures. The impact was primarily in the Americas based on the issue being exacerbated by load, but users in other regions may also have experienced some impact. Users that had previously authenticated prior to the issue may not have experienced any noticeable effect.”

Acknowledging the issue, Microsoft 365 Status said in a tweet, “we’ve received reports of users experiencing issues accessing their Exchange Online accounts via Outlook on the Web. Our initial investigation indicates that India-based users are primarily impacted audience. Further details can be found in your admin center under EX223208.”

“We took corrective actions to mitigate the impact to Exchange ActiveSync and have confirmed that service has been restored after users force a sync on their impacted devices. More information can be found under EX223053 in the admin portal.” Microsoft 365 Status said in another tweet.

The issues affecting Microsoft’s online authentication systems have been resolved by the company and the services are restored. Most users reported their system being fully recovered and services functioning normally again.

Indian Copyright Office Asks for Executable File for Website Code?


India copyright office grants a series of rights to the developer of a computer program that protects his original creation legally. Under the Copyright Act, computer programming codes can be registered as ‘literary works’. As the program is safeguarded by copyrights, each subsequent modification or addition to the code containing sufficient originality will also be protected under the law. Generally, a computer program is preserved not by just one copyright but by a set of copyrights beginning from the first source code written till the last addition by the creator.

Although, source code and object code differ from each other, the copyright office views both of the code forms as equal for registration purposes – maintaining the notion that the source code and object code are just two distinct forms of the same copyrighted program.

Copyright ownership refers to a collection of rights that gives the creator an exclusive right to use the original creation like a song, literary work, movie, or software. It means that the original authors of works and the people/company to whom they have given authorization to are the only ones having exclusive right to reproduce the creation.

Recently, a company director applied for copyrights for his PHP and python program. However, to his surprise, the Indian copyright office started asking for an executable file. It’s a well-known fact that PHP code used in websites does not have an executable file, hence there was no possible way that the director could have provided the executable file for his PHP program. The question still remains how the officials at the Indian copyright office are not aware of the fact that there is no executable file for website code, moreover, why do they even require it in the first place?

In India, the Copyright Act, 1957 grants protection to the Intellectual Property Rights (IPR) of computer software. As per the definition in the Indian Copyright Act, Computer programs are classified as ‘literary works’. Accordingly, the rights of computer software are protected under the provisions of the Act.

Roskomnadzor has added the site of the Binance crypto exchange to the list of banned sites in Russia

 

Roskomnadzor (the Federal Service for Supervision of Communications, Information Technology and Mass Media) has notified one of the largest cryptocurrency exchanges  Binance about entering it into the register of prohibited sites. So far, the site in Russia is not blocked and continues to work.

"On September 24, 2020, we received a notification from Roskomnadzor of the Russian Federation about the introduction of the site binance.com to the domain name registry containing information prohibited for distribution in Russia. According to the letter, this is information about the possibility of purchasing an electronic cryptocurrency (Bitcoin),” reported the press service of the crypto exchange.

As noted in Binance, the company has not previously received notifications from law enforcement and civil government services, as well as from the judicial authorities about the existence of any lawsuits or court decisions.

"We also continue to provide services to Russian users in full, and customer funds are safe,” said the company.

At the moment, the site in Russia is not blocked and is working.  It is worth noting that the crypto exchange intends to challenge the decision of Roskomnadzor to enter it in the register of prohibited sites in court, told the Director of Binance in Russia Gleb Kostarev.

"Binance values its reputation and does not intend to agree with the court's decision, as well as with the intention of Roskomnadzor… The company plans to challenge the Agency's decision in court,” said Mr Kostarev.

"There have already been precedents in court practice when other crypto sites have challenged such decisions,” added he.

Experts estimate the chances of Binance getting the block cancellation in court as high. Alexander Zhuravlev, managing partner of the law firm EDB, called the court order to block Binance as unfounded. In Russia, there is no ban on the turnover of cryptocurrencies. Last fall, changes were made to the State Code that legalized digital rights, including cryptocurrencies. 

Russian authorities prohibit modern Internet protocols because they make it difficult to block websites


 The Ministry of Digital Development of Russia wants to ban the use of experimental encryption protocols DNS over TLS, DNS over HTTPS and ESNI in Russia, which can be used to bypass access blocks to prohibited sites. Experts warn that to implement such a ban, it will be necessary to block the servers of Google, Cloudflare and Cisco.

On September 21, the Ministry submitted for public discussion a bill that prohibits the use of encryption protocols in the Russian Federation, which allow to hide the name of an Internet page or site. In particular, the Ministry believes that this will help to increase the effectiveness of blocking sites that are prohibited in the territory of the Russian Federation.

According to the head of the Ministry of Digital Development Mister Shadaev, all the advantages of the new DNS request encryption protocols for users are obvious, "but we must understand that their wide distribution will also allow us to bypass all existing filtering and blocking systems for prohibited sites, including sites that contain illegal content."

"Mozilla decided last year to enable DoH Protocol in Firefox by default. DoH Protocol is also already included in the Google Chrome browser. Naturally, all this creates opportunities for many users of these browsers to go to blocked sites and bypass the parental control mode. I don't think that many parents would be very happy about this," the Minister explained the need to develop the bill.

So, mister Shadaev gave an example when, at the request of the UK government, Mozilla agreed not to include the DoH function in its browser by default for users in this country. The head of the Ministry of Digital Development noted that this was done largely under pressure from the public and the Association of British Internet service providers. 

Apple Time Flies Event September 2020: Highlights and the meme aftermath

This Time Flies Apple Event was unlike a regular Apple Event, and the difference was noted right from the beginning as CEO Tim Cook started the event not from the stage at the Steve Jobs theater but from downhill at the Apple Park HQ talking from glass curved panel. He took off with the new Apple Watch with no mention of the previous year's performance or the health factors. Suffice it to say, the 2020 Apple Event was different. 


Highlights

The event starts with the release of Apple Watch Series 6 - capable of measuring your blood oxygen levels in a mere fifteen seconds with a cool red variant. More features include- always-on display, numerous exciting watch faces, a family set, and ten sports mode. Price: $399  Indian Price : 49,900₹ (GPS Cellular) and 40,000₹ (GPS) 

Another Watch SE was announced with all the quirks and features to stay healthy, connected, and fit. This also includes a family set and functions with similar software as the new Watch Series 6. Launched at Price: $199   Indian Price 33,900₹ (GPS Cellular) and 29,900₹ (GPS) 

Apple Fitness Plus is a new fitness app that can track your workout, Yoga and includes various workout modes. You can also pair and save your Apple Music track on Fitness plus. Apple Watch users will get 3 months of free subscription. Priced at  $9.99 for a month and $79.99 for a year. 

Apple One service - with this you can keep all your plans under one umbrella of Apple One plan. In India, the Apple One plan is quite affordable at 365₹ for the family plan. Prices: For an individual- $14.95/month  For family $19.95/month Premier at $29.95/month 

And finally, iPad 8th gen and iPad Air - The iPad 8 generation is promised to be 3 times faster with a faster processor A12 chipset. Priced at: $329 and for students : $299   India: 41,900₹ ( Wifi Cellular) and 29,900 (Wifi) 

The new iPad Air may look like the iPad Pro but is power-packed with the new A14 Bionic chipset increasing performance by 40%. It comes with a larger liquid retina display and in five different colors. The iPad Air is integrated with USB-C, 12MP rear camera and 7MP front camera, touch power button, and a magic keyboard. Price : $599   India : 69,900₹ ( Wifi cellular) and 54,900₹ (Wifi) 

But, alas, to the disappointment of many there was no announcement of the new iPhone 12 and subsequently, social media was in a roar and many fans took to twitter sharing memes and poking fun with the tag, "where is my iphone12?":
 



 






Android 11 is here: check out the new features and your phone's compatibility with the new Android

 

Google has been teasing the Android 11 release for quite some time now and it's finally here. The new OS was released on September 8 but will reach India in the upcoming weeks.




The new OS will be available for Indian users in the next few weeks given your phone is compatible, various smartphone makers like Xiaomi, Oppo, Realme, One Plus, Nokia are backing their new models with Android 11. Google Pixel smartphones of course already have as Android 11 was released on the new Pixel phone.

New Features

Android 11 has rolled out with several interesting new features encompassing conversations, privacy and security, accessibility, device control, content capture, and predictive tools. Some of these are- 

Bubbles (Chat while multitasking)

This feature will pin your conversations to the screen and you can converse without leaving the application your working in. 
 "Bubbles keep the conversation going—while you stay focused on whatever else you’re doing. Access the chat anytime or anywhere. Then carry on doing you.", Android.inc released on their blog.

Get all your messages in one peace

Now you can better manage your conversations in one place. You'll get message notifications from multiple message apps at one place from your priority people. 

Content Capture

Android has finally integrated a built-in screen recording feature. Another quirk with the new OS is that it allows you to copy text as well as pictures and move them wherever you want. 

Smart Reply

The Google Keyboard comes with default smart replay, which gives suggestive replies life 'sound good'. "Replies are intelligently suggested based on what’s been said in the conversation—so the words you need and the perfect emoji are always at your fingertips." 

Privacy 

This Android update comes with more privacy to the user- the user can select data and permissions to be granted to the app and only once not the traditional permissions that apps ask for every time you open the app.

Device and Voice Control

Android 11 welcomes better ease of access that is voice control even offline voice command and connected device control like managing house appliances.

There are other security and privacy updates that are aptly needed and provide a better experience compared to the Android 10 version. Various smartphones are compatible with the new update, namely- 
  •  Google Pixel Phones: Pixel 3, 3A, 4, 4A
  •  Oppo phones: Oppo is testing the feature on their Find X2 series and Reno 3 Series (4G).
  •  One Plus: One plus is also testing open Beta of its Oxygen OS 11 update for OnePlus 8 and OnePlus 8 Pro. 
  •  Realme Phones: Realme X50 Pro
  •  Xiaomi phones: They posted on Twitter that their Mi10 and Mi 10 Pro will be the first to have the 11 updates.

Microsoft Office 365 users will now be able to view their quarantined phishing messages

 

Microsoft Office 365 will now let users view their phishing messages that are automatically screened by Exchange Online Protection (EOP) filter. 



Through this new venture, users will now be able to reclaim that had been unwittingly marked as spam or phishing by EOP. (EOP- a cloud-based filtering service that scans messages and restricts malicious emails like spams, phishing emails, malware attachments from reaching to the end-user) 

"We understand that managing false positives is important to ensuring an email is delivered appropriately, and in the past, end-users weren't granted access to the quarantine to view messages," Microsoft debriefs on the new feature.

However, the new feature will be available as "read-only" access but the user can request a particular message to be dropped in the inbox that might have been accidentally quarantined. This new Office 365 ATP Request Release feature will be available to all users with the Advanced Threat Protection plan this month. 

Office also released a similar feature not too long ago - Application Guard which opens all files from unsafe locations in a secluded sandbox. This isolated sandbox doesn't allow malicious files to corrupt the device and software by not letting the file download any data, file, or extension from the attacker's server. 

Upcoming ATP security features and tools- 

Office 365 is alluding to enhance their security in the third quarter of the year with various new security features in the charts- 

  •  Improving Office 365 ATP Threat Explorer 
To elevate it's distinguishing ability to sort between malicious, spam, or phishing emails.

  •  Disable default email forwarding to external recipients
In order to prevent data theft and "automated malicious content blocking" to all users despite their custom settings.

  •  More transparency through email pathways-
Office ATP users would get more information on the route incoming emails take through Office's EOP (Exchange Online Protection) filtering system and they would know more about the "effectiveness of any security configuration changes" according to bleepingcomputer.com.

  •  New Configuration Analyzer 
This new feature is suspected to release in Q3 and would make it easier to compare your security policies settings efficacy to Office's recommended settings.

A New Security Vulnerability Discovered in Bluetooth technology


Two teams of security researchers have discovered a new vulnerability in Bluetooth technology that has been confirmed by The Bluetooth Special Interest Group (SIG), the bloc responsible for Bluetooth interests. The flaw could potentially allow a hacker to take complete control of a user’s Bluetooth enabled device without authorization.

Bluetooth is a short-range, low powered, high-speed open wireless technology that uses the Internet of Things (IoT) for transmitting fixed and mobile electronic device data. Bluetooth replaces the cables that people conventionally used to connect devices, with an added purpose of keeping the communications secure. However, with convenience and productivity, Bluetooth also presents major security threats.

Devices using the Bluetooth standard 4.0 through 5.0 are vulnerable to a flaw called ‘BLURtooth’ in Cross-Transport Key Derivation (CTKD) - it allows an attacker to manipulate the CTKD component and overwrite authentication keys on the victim’s device. The Bluetooth 5.1 standard released by the Bluetooth SIG in January 2019 contains features that provide security against BLURtooth attacks.

Earlier this year, in May, academics from Italy and Germany identified yet another new type of attack ‘Spectra’, it was reported to break the separation between Wi-Fi and Bluetooth running on the same device. While relying upon the fact that transmissions happen in the same spectrum, the attack works against "combo chips".

In a blog post published on their website, the company told that for CTKD attack to be successful “an attacking device would need to be within wireless range of a vulnerable Bluetooth device supporting both BR/EDR and LE transports that supports CTKD between the transports and permits pairing on either the BR/EDR or LE transport either with no authentication (e.g. JustWorks) or no user-controlled access restrictions on the availability of pairing. If a device spoofing another device’s identity becomes paired or bonded on a transport and CTKD is used to derive a key which then overwrites a pre-existing key of greater strength or that was created using authentication, then access to authenticated services may occur. This may permit a Man In The Middle (MITM) attack between devices previously bonded using authenticated pairing when those peer devices are both vulnerable.”

“The Bluetooth SIG is also broadly communicating details on this vulnerability and its remedies to our member companies and is encouraging them to rapidly integrate any necessary patches. As always, Bluetooth users should ensure they have installed the latest recommended updates from device and operating system manufacturers,” the blog further read.

The Antidrone system and a new platform for online voting were created in Russia

The Antidrone system will allow detecting drones that fly up to any object, said Eugene Kaspersky, CEO of the Kaspersky Lab. Depending on the model of the drones, the program can either land it, send it back, or stun it.

"This is necessary at sporting events, at airports, and for private businesses. Do I want someone's drones flying around our office? I don't want. This is the case when simultaneous sales will probably go both in Russia and in Europe," said Eugene Kaspersky.

Another startup of the Kaspersky Lab is an online voting system based on blockchain. According to Eugene Kaspersky, it can only be hacked by infecting a specific device. However, it will be difficult to infect a lot of devices.

"If you infect a thousand devices, it will not affect big elections in any way, but if you infect a million devices, it will be immediately noticeable. Of course, the elections will be disrupted, but we will see it," said Eugene Kaspersky.

The development also includes a process for monitoring online voting.

"If you want to observe the elections, put the server in the blockchain. So we simultaneously increase the blockchain, that is, the number of machines that calculate all this, and give access to observers. That is, if you want to be an observer, come with your computer,” explained the expert.

Also, during the pandemic, the company created its own travel accelerator "Kaspersky Exploring Russia". The program is designed to help tourism startups overcome the crisis and create the basis for further implementation of their projects. During the selection stage, the Kaspersky Lab received more than 500 applications from 47 countries.

Mister Kaspersky also said that Russia trains the world's best programmers, but this sometimes leads to the fact that the world's best hackers also speak Russian.

Flying V: the futuristic and sustainable drone aircraft makes it's first maiden flight


The Flying V took to air for the first time in July at a German Airbase with a successful flight albeit a slightly bumpy landing.

The image is a representation of the Flying V and not the actual aircraft.


Funded by KLM and Airbus, researchers and engineers from Dutch-based Technical University of Delft (TU Delft) successfully tested the scaled model of Flying V, named after it's 'V' shape. The drone is fuel efficient to quite a sizable degree and is designed to carry passengers in its wings.

TU Delft says, “computer calculations have predicted that the aircraft’s improved aerodynamic shape and reduced weight will reduce fuel consumption by 20% compared to today’s most advanced aircraft.” 

The aircraft has a unique 'V' design with passengers, cargo hold, and fuel tanks incorporated in the wings rather than the fuselage. The researchers estimate that it will save 20% fuel compared to present-day aircraft because of its shape and weight. The aircraft was first presented at the 100th anniversary of KLM, a Dutch airline, and has been one of the supporting partners along with Airbus. 

 Flight and Landing 

The researchers had some qualms with takeoff due to issues with rotation but it was smooth sailing during the actual test. Project Leader Dr. Roelof Vos said, “One of our worries was that the aircraft might have some difficulty lifting-off since previous calculations had shown that ‘rotation’ could be an issue. The team optimized the scaled flight model to prevent the issue but the proof of the pudding is in the eating. You need to fly to know for sure.” 

But both the flight and take off was smooth with a good thirst. The landing though was a bit jerky attributing (according to the researchers) to the design of the aircraft- which the team termed as too much 'Dutchroll'. The next step for the team would be to analyze the test flight and make further improvements to the design and aerodynamics.

Russian engineer raised $5 million for Tamagotchi for hackers

Russian techno enthusiast Pavel Zhovner raised almost $5 million for the production of Tamagotchi for hackers Flipper Zero.  The project attracted 37,987 users of the Kickstarter crowdfunding platform.

Zhovner launched the campaign in early August and expected to be able to raise at least $60,000 within a month — the minimum amount needed to start production in China. However, the enthusiast received this money within 8 minutes after the start of the collection. A day later, the project raised $500,000, and by the end of the weekend - more than $1 million. The campaign ended on 29 August with an impressive result of $4 882 784.

“I’m even a little glad that this will finally end, I can breathe out. We are called to continue the campaign on all sorts of IndieGoGo, but we decided to take a break and go into development more tightly, without being distracted by marketing,” wrote Zhovner in his Telegram channel.

Flipper Zero is an electronic multitool equipped with a built-in radio module for receiving and transmitting signals at frequencies of 300-928 MHz, as well as an infrared transmitter for controlling household appliances.

The creator describes the device as a universal tool that can turn into anything in the hands of experts — from remote control for a TV to a device for hacking a Wi-Fi router.

The developers said that Flipper Zero does not fall under the description of a special tool or device for the secret collection of information. The device does not have the ability to capture audio-visual information and is not disguised as household items. The factory firmware will not contain jamming, brute force, or other potentially malicious features.

Also, inside Flipper Zero there is a cyberdolphin that needs to be fed. This mascot is a reference to Johnny Mnemonic, the cult cyberpunk film.

Kickstarter's sponsors are expected to be able to receive their devices as early as February 2021. Later, the creator plans to release Flipper Zero for free sale through online stores and resellers at a price of $169.

Amazons gets FAA's approval for Drone Delivery Trails



Retail giant Amazon got the approval to deliver their products from the sky (like your package dropped straight from the skies, well the thought is good but not really); that is to say, the online retail behemoth got USA's Federal Aviation Administration approval to start trials for drone airlines for delivery.

The Federal Aviation Administration approved Amazon Prime as an "air carrier" allowing it to begin deliveries by air with their drone tech, probably with the MK27 drone released last year. These will be under a trial program. Other companies that already had this approval are Wing, the Alphabet.Inc (Google) and United Parcel Service Inc. (UPS).

In recent years, companies in retail have been evolving and developing Drone Delivery to quite an extent and have achieved major leaps. Wing and UPS both fly their products to a limited distance via drones and Amazon has stated they would start their own trials through the exact data that was not mentioned. 

During the pandemic, Amazon made extensive profits and grew exponentially and their autonomous air delivery if applied globally with success could change the way for ecommerce forever. 

"This certification is an important step forward for Prime Air and indicates the FAA's confidence in Amazon's operating and safety procedures for an autonomous drone delivery service that will one day deliver packages to our customers around the world," said David Carbon, vice president of Prime Air, in a statement. "We will continue to develop and refine our technology to fully integrate delivery drones into the airspace, and work closely with the FAA and other regulators around the world to realize our vision of 30-minute delivery." 

The FAA said it has granted the approval to support innovation and development in Drone flights. But the approval was difficult and still has some issues as FAA's regulations are for humans aboard and not sans humans. Thus the agency is planning on making a new set of regulations for Drone flights. 

But routine Drone Deliveries still have a long way to go like something like this would require some standards for flight, machine, and mechanism along with proper air traffic control and route settings without a pilot - all of which would take years to set up.