fbpx

Microsoft issues emergency Windows patch to disable Intel’s buggy Spectre fix

meltdown-spectre-malware

If your Windows PC seems buggier than usual after the recent round of Spectre patches, you might want to download this.

By   Senior Editor, PCWorld

If you’ve noticed any unexpected reboots or PC instability as a result of the recent Spectre patches, there’s a solution: Microsoft has issued an emergency Windows patch that rolls back the recent Spectre mitigations.

Confused? It’s a bit complicated. After the intial Spectre and Meltdown vulnerabilites were disclosed, both Intel and Microsoft hustled out patches to mitigate the problem. Unfortunately, Intel’s latest microcode updates—and the BIOS updates from PC makers based upon them—were themselves buggy, causing instability, reboots, and data loss in some PCs.

Microsoft’s latest patch (KB4078130) allows people with affected systems to download the patch via the Microsoft Update Catalog, which disables the mitigations for the “Spectre variant 2.”

Note that the patch notes specifically state that you should run this patch “if you are running an impacted device” (emphasis ours). In other words, if your system is working normally, don’t bother downloading this patch. This is what Microsoft calls an “out of band” patch, and it doesn’t appear that it will be made available via Windows Update, either.

Why should you consider it? Intel has warned previously that the faulty patch can sometimes cause data loss and corruption, and Microsoft is saying the same: “Our own experience is that system instability can in some circumstances cause data loss or corruption,” the patch notes state.

There’s another wrinkle, though. As part of the patch, Microsoft is allowing users to edit the Windows registry to toggle the mitigations on or off. (Instructions are here.) It’s possible to toggle Microsoft’s patch off, and then, when Intel solves its own patching problem, re-enable it. That scenario is actually what Microsoft recommends—again, only if you’ve noticed system instability and want to take action against it.

Toggling the mitigations on and off is also a feature of the latest InSpectre utility.

As Bleeping Computer noted, system makers such as Dell and HP also advise rolling back their own BIOS patches to an earlier version, which they’re redeployed. It’s all horrendously confusing for consumers and IT organizations alike. Fortunately, at least, there haven’t been any public cases of these vulnerabilities being exploited, Microsoft says.

What should you do? There’s no one-size-fits-all answer to this question. But we can tell you what we’re doing: if a PC is working as expected, we’re leaving it patched and in place. If you’re backing up your data (to Remote Backup Services or an external drive) chances are your most crucial data will be saved in case your system goes down unexpectedly. Obviously, install Microsoft’s emergency Windows patch if you’re running into system issues. There’s no perfect solution—if you’re more paranoid than we are, feel free to deploy the patch even if your PC hasn’t hiccuped.

Amazon has created a new computing platform that will future-proof your home

AP/Elaine Thompson

Amazon has created a new computing platform that will future-proof your home

Steve-Kovach

By Steve Kovach

Amazon is in a better position than any other company to dominate ambient computing, the concept that everything in your life is computerized and intelligent.
Amazon’s Alexa platform continues to get better while remaining open to third parties, unlike Apple’s Siri.
Buying into Alexa now will future-proof your home.

Almost four years ago, New York Times tech columnist Farhad Manjoo wrote out a strategy to keep all your technology future-proof in a rapidly evolving environment.

His advice still holds up.

Use Apple hardware for your smartphone and PC. Use Google services for things like email, calendar, and maps. Buy all your digital music, movies, and TV shows from Amazon.

Of course, there are caveats to all of these suggestions, but you’ll future-proof yourself nicely by following them. Amazon’s media can (usually) play on all your devices, no matter what company makes them. Google is not only the best at digital services, it’s also platform agnostic. You don’t have to be an Android user to get the most out of Google. And Apple still makes the best phones, tablets, and PCs you can buy.

But I think it’s time to add one more category to the list: ambient computing, or the concept that there can be a layer of intelligence powering everything in your home from your lights to your thermostat. Many see this as a new phase of computing where our technology works for us automatically. We’re in the early days of ambient computing, but there’s already a clear front-runner powering its future: Amazon Alexa.

Right now, Alexa is great at answering basic questions or playing music from streaming services like Spotify. It’s also laying the foundation for an Alexa-powered smart home as more and more accessories make themselves compatible with Amazon’s platform. Even better, Alexa lets you control all your smart home accessories with your voice, which is a lot more convenient than poking around your iPhone to turn your lights on.

I gave it a try a few weeks ago, starting small by connecting most of my lighting. I bought a bunch of Wemo smart plugs for all the lamps in my apartment. (My apartment doesn’t have a lot of built-in lighting, so I have lamps all over the place instead.) After setting each plug up, I fired up the Alexa app and added the Wemo skill. A few seconds later, I was able to control all my lights with my voice.

Now I’m obsessed with the idea of Amazonifying the rest of my home. I have an Apple TV, but I plan to make the change to the new Amazon Fire TV 4K instead since I can control it with Alexa. (“Alexa, play ‘The Good Place’ on Netflix.”) Instead of a Nest camera, I’m going to buy Amazon’s new security camera, which will let me beam the feed to my phone, Fire TV, or Echo Show. (“Alexa, show me what’s happening in the living room.”)

You get the idea.

No other platform is better poised to dominant ambient computing. It’s not going to happen tomorrow, or even next year, but Amazon has done an incredible job of laying the foundation for something much more profound beyond just playing your favorite Pandora station with an Alexa command.

So what is that foundation? Here are the four key advantages that will propel Amazon to dominate ambient computing.

Alexa is everywhere
During CES this year, I was shocked at how many companies decided to integrate Alexa into their products. Toyota and Ford cars. Kholer bathtubs. Whirlpool ovens and dishwashers. And a bunch of third-party speakers.

Ambient computing needs a voice assistant to be ubiquitous in order to be successful. If you call for “Alexa” and it’s not there to do what you want, it has failed. Amazon’s head start getting Alexa into everything, everywhere will help it maintain its lead.

Alexa is open
Part of the reason why Alexa is showing up everywhere is because Amazon turned it into an open platform that anyone can build into. But it’s not just physical appliances. Services and apps can build into Alexa, making it easy to add a layer of voice controls to their stuff.

It’s the opposite approach rivals like Apple take, which is why devices like the HomePod feel like a wasted opportunity to take on Amazon’s dominance. Siri is limited to Apple’s own services and a few other third-party categories like messaging and to-do list apps. It’s unlikely Apple will want to go against its DNA and completely open up Siri.

Amazon dominates the smart speaker market
Amazon already owns two-thirds of the smart speaker market, with Google playing catch up. It’s likely going to be a two-horse race between the two companies, with Amazon consistently in the lead. The large install base of Echo and Alexa-powered smart speakers provides greater incentive for people to build into Alexa first as opposed to rivals.

Alexa keeps getting better
When the Echo first launched back in 2014, it couldn’t do much more than play streaming music from Amazon and help you buy stuff from the company’s online store.

You know what’s coming next.

Over the years, the Echo has become immensely more powerful and capable. It can stream music from a variety of music services. You can use it to call an Uber or order a pizza from Domino’s. It can even make phone calls. Amazon has done a spectacular job at improving the Echo over time. These are speakers you’re likely to keep in your home for several years before replacing or upgrading them.

Buying one now guarantees you’ll be ready to go for whatever Alexa learns to do next. And, more importantly, it’ll make sure your technology remains future-proof.

From: The Business Insider
Image: AP/Elaine Thompson

These are the Samsung Galaxy S9 and S9+

samsung_galaxy_s9_and_s9_plus

By EVAN BLASS @EVLEAKS

Having opted against what would have been an uncharacteristic debut at the recent Consumer Electronics Show in Las Vegas — in teaser capacity or otherwise — Samsung is now gearing up to launch the 2018 versions of its flagship Galaxy S lineup in a much more traditional fashion, just prior to Barcelona’s Mobile World Congress. These are the Samsung Galaxy S9 and Galaxy S9+ (pictured top, left to right).

As VentureBeat reported previously, more than screen dimensions will separate the two models this year (the Galaxy S8 and S8+, in contrast, are nearly identical save for their Super AMOLED display diagonals). However, as this year is mostly a component upgrade following a comprehensive redesign in 2017, neither the 5.8-inch S9 nor the 6.2-inch S9+ will be significant departures from their predecessors.

Even in an industry built on iterative upgrades, these stand out as adhering closely to the existing script.

Powered by Qualcomm Snapdragon 845 in the U.S. and China, and Samsung’s own Exynos 9810 systems-on-chip in the rest of the world, the first differentiator between the S9 siblings (codenamed Star and Star 2) lies in their memory configurations: 6GB of RAM and 128GB of internal storage for the S9+, but the same 4GB/64GB pairing as last generation for the standard S9. With this distribution of basic components, Samsung is making it more difficult for users, some of whom may even want a smaller screen, to choose the basic S9 without additional trade-offs.

As the Unpacked invitation suggests, the main highlight for both the Galaxy S9 and Galaxy S9+ will be refreshed imaging hardware and software — a notion confirmed by two people briefed on Samsung’s plans. Besides motion-detected, “super slow-mo” video capture (rapid movement triggers 480fps recording at 720p), both devices are said to feature variable aperture on their primary 12-megapixel cameras. It’s a mechanical adjustment that switches between f/2.4 and smallest-in-class f/1.5.

The Galaxy S9+ adds a second 12-megapixel rear module, but this one has a standard fixed aperture. In what will be important to many, all of the phones’ rear elements are aligned vertically, instead of horizontally like the S8, with the fingerprint scanner located more naturally at the bottom of the stack. Around front, both 2018 S-series models sport 8-megapixel selfie cams. On the bottom, another welcome change: stereo speakers.

Expect the Galaxy S9 and Galaxy S9+ to begin shipping, and selling through retail, on March 16 (further evidenced by that date appearing in the official press shots).

Is Your Website ADA Compliant?

ada-compliance-decided-in-the-courts

Are you aware of the regulations regarding section 508 of the American Disabilities Act and the impact it has on your business website?

Poorly designed websites can create unnecessary barriers for people with disabilities, just as poorly designed buildings prevent some people with disabilities from entering. Access problems often occur because website designers mistakenly assume that everyone sees and accesses a webpage in the same way. This mistaken assumption can frustrate assistive technologies and their users. Accessible website design recognizes these differences and does not require people to see, hear, or use a standard mouse in order to access the information and services provided.

The start of a website lawsuit trend?

Winn-Dixie recently faced, and lost an ADA compliance lawsuit for its website, and it made for some pretty sensational headlines. Website accessibility is a hot topic right now, so every case that goes wrong for someone is bound to result in some pretty fanatical headlines. But should you actually be worried? In short — maybe.

So let’s try and make ADA compliance, who needs to be worried, and what you can do about it as simple to understand as possible. Full disclosure — I am not your lawyer, and nothing in here is legal advice.

What Does ADA Compliance Mean?

ADA is short for the Americans with Disabilities Act, which became law in 1990. It prohibits discrimination against individuals with disabilities in all areas of public life. The ADA, at least for Title III (private sector businesses), only applies to companies that employ 15 or more persons.

In January 2018, some new federal regulations will take effect. All federal institutions’ websites must meet AA compliance on all items in WCAG 2.0 by this time. We’ll get into what that means a little later.

Why Is ADA Compliance Suddenly a Bigger Deal?

Legal precedent is changing, and ADA compliance related lawsuits are becoming more successful, and the courts are seeing more of them as a result. Title III of the Americans with Disabilities Act pertains to private sector businesses. Lately, those protections are more frequently expanding into digital territory as web and mobile applications become more necessary in our day-to-day lives.

Who Needs To Be Compliant?

The general consensus right now is that any business considered a “public accommodation” should have an ADA compliant web presence.

“Public accommodation” could apply to most things depending on who is making the interpretation. Generally, however, this would refer to B2C, retail, or any business the general public should be able to use, understand and access easily.

The judgment against Winn-Dixie was determined after the courts felt that the website was too heavily integrated with the physical store presence. This could have been prompted by things like placing their weekly ad on the website.

What Do I Need To Do To Be Compliant?

Why that’s simple, just follow all 61 guidelines laid out in WCAG 2.0 to either AA or AAA level!

Sound scary? It’s not as bad as it seems. Your site probably already meets many of these rules and will not take a web developer very long to bring it up to par. However, there are some items that are much more difficult to fix, depending on the situation.

  • Text must meet a minimum contrast ratio against the background, which can significantly impact your design.
  • Your site must be fully navigable via keyboard only. This usually includes things like skip navigation buttons and can involve manually setting a tabindex everywhere.
  • Your site should be navigable with screen reader software. This can be difficult to test and can involve some arduous fixes similar to what is necessary for keyboard navigation.
  • Your site must handle text scaling up to 200% without causing horizontal scrolling or content-breaking layout issues. Once again, this may be more difficult to fix in some complex designs.

How Do I Check All Of This?

A variety of software can be used to test for ADA compliance.

  • WAVE is a good start, but can produce a lot of false positives, particularly for contrast ratio issues.
  • Lighthouse from Google Developers can help generate a report on potential issues.
  • Manual testing for contrast ratio using this calculator.
  • Manual testing with screen reader software
  • Manual testing with keyboard only navigation
  • Job Access With Speech (JAWS) is the most popular screen reader used by the blind. You can download a free trial for testing.

The automated tools will catch a lot of the simple issues, but manual testing is often still going to be required for nearly all websites if you want to ensure you are meeting requirements.

Hopefully, this sheds a little light on the situation and what it means for your business. Or, if you’re a web developer, how to be proactive to help your clients.

(Excerpted from Hackernoon)