Connect with us


Apple admits the coronavirus will cause a global iPhone shortage



The tech giant closed its Chinese production facilities as the disease spread and they are ‘ramping up more slowly than we had anticipated’ (Image: Reuters)

Apple has confirmed that the coronavirus will cause a global iPhone shortage which is likely to eat into its revenues and reduce profits.

The tech giant issued a long, frank statement which pays tribute to health workers fighting the disease but also bluntly warns of its financial impact.

Apple’s iPhone factories are located outside the Hubei Province where Wuhan, the region’s capital, is currently on lockdown as authorities battle to contain the spread of Covid-19, the official name of the deadly new coronavirus.

In an ominous development, a Wuhan hospital director became the latest medical worker to die of the disease, which has now infected 72,436 people around the world and killed almost 1,900.

Apple wrote: ‘As the public health response to COVID-19 continues, our thoughts remain with the communities and individuals most deeply affected by the disease, and with those working around the clock to contain its spread and to treat the ill.

‘Apple is more than doubling our previously announced donation to support this historic public health effort.’

{“@context”:””,”@type”:”VideoObject”,”name”:””,”duration”:”T1M19S”,”thumbnailUrl”:””,”uploadDate”:”2020-02-13T09:37:37+0000″,”description”:”World Health Organisation gives an update on the coronavirus outbreak.”,”contentUrl”:”″,”height”:360,”width”:640}

To view this video please enable JavaScript, and consider upgrading to a web
browser that
supports HTML5

It has now cut its estimated profits for the year, prompting a drop in stock prices on markets across the world driven by fears that the disease will cause a global economic slump.

‘We do not expect to meet the revenue guidance we provided for the March quarter due to two main factors,’ Apple continued.

‘Worldwide iPhone supply will be temporarily constrained. While our iPhone manufacturing partner sites are located outside the Hubei province — and while all of these facilities have reopened — they are ramping up more slowly than we had anticipated.

‘The health and well-being of every person who helps make these products possible is our paramount priority, and we are working in close consultation with our suppliers and public health experts as this ramp continues. These iPhone supply shortages will temporarily affect revenues worldwide.’

Apple also said that ‘demand for our products within China has been affected’ and continued: ‘All of our stores in China and many of our partner stores have been closed.

‘Additionally, stores that are open have been operating at reduced hours and with very low customer traffic. We are gradually reopening our retail stores and will continue to do so as steadily and safely as we can. Our corporate offices and contact centres in China are open, and our online stores have remained open throughout.

‘Outside of China, customer demand across our product and service categories has been strong to date and in line with our expectations.’

It also wrote: ‘Our first priority — now and always — is the health and safety of our employees, supply chain partners, customers and the communities in which we operate. Our profound gratitude is with those on the front lines of confronting this public health emergency.’

Source link

قالب وردپرس


Twitter put a warning on a Trump tweet for “glorifying violence”



The news: Twitter placed a warning label on a tweet from US President Donald Trump early on May 29, saying that it violated the platform’s rules against “glorifying violence.” In the tweet, sent at 12:53 a.m., the president called Minneapolis protesters demonstrating against the death of a black man in police custody “THUGS,” threatened military intervention, and said that “When the looting starts, the shooting starts.”

Second time in a week: Twitter added a fact-checking label to two of Trump’s tweets about mail-in voting earlier this week, marking the first time the platform had enforced its rules about misinformation against the president. Yesterday, Trump responded by signing an executive order targeting the legal protections that keep social media companies from getting sued for the content on their platforms. 

What the warning label does: While Trump’s tweets about voting are still freely visible on the platform, Twitter used a different approach to his overnight tweet. To see the tweet itself, users must first click past a label warning that it violates Twitter’s rules against glorifying violence. And users can’t reply to or like the tweet. Twitter has a “public interest exception” for rule-breaking tweets from large accounts run by government officials that, the company believes, should not be removed from the platform because of their newsworthiness. 

“When the looting starts, the shooting starts.” Twitter said in a thread from its comms account that the warning label was added to Trump’s tweet because of “the historical context of the last line, its connection to violence, and the risk it could inspire similar actions today.” In 1967, Miami police chief Walter E. Headley used the phrase while promoting his policing tactics against “young hoodlums,” angering civil rights leaders. In the same interview, Headley also said, “We don’t mind being accused of police brutality … they haven’t seen anything yet.” 

How Trump responded: The president has already claimed that he is being censored by Twitter because he is conservative, and that the government should restrict or eliminate Section 230 of the Communications Decency Act, a 1996 federal law that gives internet companies a great deal of legal protection from decisions about user content and moderation. Hours after Twitter took action against his Minneapolis tweet, the official White House Twitter account reposted his comments verbatim. Twitter then added a warning label to that tweet as well.

Source link

قالب وردپرس

Continue Reading


This Week in Security: Leaking Partial Bits, Apple News, and Overzealous Contact Tracing



Researchers at the NCCGroup have been working on a 5-part explanation of a Windows kernel vulnerability, targeting the Kernel Transaction Manager (KTM). The vulnerability, CVE-2018-8611, is a local privilege escalation bug. There doesn’t seem to be a way to exploit this remotely, but it is an interesting bug, and NCCGroup’s work on it is outstanding.

They start with a bit of background on what the KTM is, and why one might want to use it. Next is a handy guide to reverse engineering Microsoft patches. From there, they describe the race condition and how to actually exploit it. They cover a wide swath in the series, so go check it out.

Left4Dead 2

Just a reminder that bugs show up where you least expect them, [Hunter Stanton] shares his story of finding a code execution bug in the popular Valve game, Left4Dead 2. Since the game’s code isn’t available to look at, he decided to go the route of fuzzing. The specific approach he took was to fuzz the navigation mesh data, part of the data contained in each game map. Letting the Basic Fuzzing Framework (BFF) run for three days turned up a few possible crashes, and the most promising turned out to have code execution potential. [Hunter] submitted the find through Valve’s HackerOne bug bounty program, and landed a cool $10k bounty for his trouble.

While it isn’t directly an RCE, [Hunter] does point out that malicious mesh data could be distributed with downloadable maps on the Steam workshop. Alternatively, it should be possible to set up a fake game server that distributes the trapped map.

Big Brother Apple?

There is a constant tension between security and privacy. We’re used to governments making arguments about giving up privacy for the sake of security, but the same trade-off can show up in computer security, too. In this case, Apple has implemented an online check for every executable run by a macOS Catalina system. If you’re running macOS 10.15, you might have noticed your system is a bit slower than it should be. It seems that when connected to the internet, a modern Mac will upload a hash of each binary to Apple, assumably to check it against a blacklist of known malware.

The Reddit thread discussing this issue had a few more interesting observations. First off, one user pointed out that he had observed this issue while flying and connected to the terrible in-flight wifi. A second poster observed that a Mac will take an inordinate amount of time to reboot when connected to a network without internet access.

While there is likely an upside, this approach is terrible for performance and user privacy, and a breach of trust between Apple and their users. If they wanted to monetize the data, Apple now has a record of which binaries are run by which users and when. This sort of behavior should be documented at the very least, and come with an off switch for those who don’t wish to participate.  The fact that it was discovered by internet sleuths is a black eye for Apple.


An interesting attack on certain ECDSA schemes was published on the 25th (PDF). This attack was specifically developed against OpenSSL, and uses a Flush+Reload cache attack to leak information from the elliptic curve operation as it is calculated. At some point we’ll do an in-depth look at elliptic curve cryptography, but for now it’s sufficient to understand that a mathematical operation is performed repeatedly in order to do key exchanges.

For each iteration, the researching team were able to extract approximately one bit of information about the internal state of the key. (Technically less than one bit, since it is a statistical attack.) After the data collection was carried out, a rather intensive CPU process is required to calculate the key. It’s not an attack that is particularly practical at this point, but it’s still important for the affected projects to mitigate against.

The math required to fully appreciate their work is pretty intense, but if that’s your thing, it’s there to be appreciated. For the rest of us, it’s just good to know that our algorithms are under such scrutiny from the good guys. We all win as a result.

iOS Jailbreak

The iOS security landscape has been in a tizzy over the last few weeks. It wasn’t long ago that an iOS exploit was the holy grail of security research, but just recently Zerodium, a zero-day vendor, has stopped accepting iOS zero-days because they have too many.

There’s been a new development, a jailbreak for any device running iOS 11 or newer. This jailbreak, named unc0ver, requires an unlocked phone and a computer. It’s quite a boon to researchers and end users alike.

COVID-19 Contact Tracing — What Could Go Wrong?

The Australian government has developed an Android and iOS app to track the spread of COVID-19, and it seems that it went wrong in all the predictable ways. For starters, it seems that once a device has the app installed, that device can be tracked even after it’s been uninstalled. A few of the issues have been fixed, but as the app is closed source, it’s impossible to fully verify that it’s well behaved. We suspect that there are other bugs. The link above is the working document maintained by a handful of researchers working to audit the app.

Source link

قالب وردپرس

Continue Reading


This Google app will help keep you safe from coronavirus



  • Coronavirus social distancing practices should still be observed, even if governments have started lifting lockdowns measures, as the virus is still very contagious.
  • Google developed a new tool to help users ensure they’re keeping at least six feet away from other people, and it’s available right inside the Chrome browser.
  • The Sodar AR app will show you whether you’re at least six feet away from someone else, as long as you keep your phone turned on.

Social distancing measures may not be as strict as they were last month, but you should still try to stay away from people as much as possible when you’re outside. The novel coronavirus’s infection rate may have slowed in your area, but COVID-19 hasn’t magically disappeared, and it might never will. The only way to reduce transmissibility is to keep your distance from others, wear face masks, and wash your hands often. These activities should be priorities to anyone until we have drugs available to beat this thing. Keeping three to six feet away from others might be difficult to enforce, and the virus can travel well over six feet in the right conditions. But Google does have an app that can help you keep at least six feet between you and other people. Unfortunately, it’s still experimental, it works only on Android, and it requires you to keep the phone screen turned on at all times.

Called Sodar, the augmented reality (AR) app runs right inside the Chrome browser. You’ll have to visit this link from a mobile phone to get it started, at which point the browser will load the site, and use the rear camera to show you the world in front of you as well as a virtual barrier on top of it that signals the two-meter mark, or six feet.

As I said before, the massive downside of the app is that you need to keep your phone’s screen turned on at all times, which can deplete battery life. Also, looking at your phone while you’re walking isn’t exactly great, even if you can see where you’re going. Not to mention that it makes using the phone for other purposes more difficult.

Coronavirus social distancing AR app: Sodar from Google in action.

Finally, social distancing alone won’t guarantee that you won’t get infected. The six feet rule can’t be enforced at all times. And the virus can float in the air for a longer time, and reach farther distances. That’s why the use of face masks with social distancing could increase protection.

The concept is interesting, however, and could be used for future social distancing apps that could run on AR glasses at some point in the coming years.

Experts say that COVID-19 might never go away even if we get a vaccine. And if recent immunity studies are right, and the protection against the novel coronavirus lasts only between six months and a year, then COVID-19 will be here to stay for a much longer time than any of us would have imagined. And we might have to practice forms of social distancing for years to come until effective treatments are available worldwide. By then, the first commercial AR glasses that we’ll actually want to use might be out in stores, ready to support such apps.

Source link

قالب وردپرس

Continue Reading