Categories
Game

Huawei App Store Bug Gives Anyone A Free Pass At Paid Apps

Android app developer Dylan Roussel discovered a bug that, while non-trivial to exploit, isn’t impossible either. In a nutshell, Huawei’s AppGallery exposed certain details about an app, including the download link for the Android package (APK). While that may be normal, the bug is that the same link can be used to directly download a paid app without having to pay for it or even having to verify anything.

This bug has two damaging consequences for Huawei’s app marketplace. The first is more obvious in that anyone with a bit of technical know-how can easily bypass restrictions and download paid apps for free. The bigger threat, however, is that the AppGallery makes it too easy to download apps, both paid and free, outside of official channels, which in turn makes it too easy to pirate apps on that platform. This creates a very large deterrent for developers who may not bother putting in the work needed to offer their apps for Huawei’s ecosystem.

This vulnerability was discovered and reported back in February 2022, but it took Huawei 90 days to send a response. The company did apologize for the miscommunication and delay, citing logistics problems in fixing AppGallery across different regions since it apparently works very differently, too. A fix is promised to arrive by May 25, but the bug’s existence still raises concerns about similar issues that may be lurking in the shadows still undiscovered.

Repost: Original Source and Author Link

Categories
Computing

Microsoft has finally brought Teams to its own app store

Microsoft has now brought the Microsoft Teams app download to the Microsoft Store, providing a new installation method for Windows 10 and Windows 11 users other than a manual download.

Microsoft Group Program Manager, Mik Chernomordikov shared the news on Twitter on Monday, while publications including OnMSFT and Thurrott have confirmed that the software is near similar to the manual install version of Microsoft Teams, which you can get from Microsoft’s website. The current version is (1.5.00.11163.), OnMSFT noted.

Welcoming @MicrosoftTeams to Microsoft Store on @Windows! 🙌https://t.co/VFpFLIeodT pic.twitter.com/pU01CBP5Nc

— Mik Chernomordikov (@mixen) May 16, 2022

The main difference is that the downloadable version at the Microsoft Store is available only for work and school accounts for Windows 11 since there is already a version of Microsoft Teams available for consumer accounts on the new operating system, Thurrott noted.

Meanwhile, users can download Microsoft Teams for work, school, and consumer accounts.

Microsoft Teams was established in March of 2017 and has been available primarily as a manual download, the publication added. However, Microsoft has spent much of this year discussing its plans to streamline its productivity software suites.

Thurrott also noted that other applications, such as Microsoft Edge, have seen similar transitions, from manual downloads to Microsoft Store staples, as the brand works to transition its image into a one-stop-shop for productivity software.

We expect to hear more news on Teams at the upcoming Microsoft Build 2022 conference, which will take place from May 24 to May 26. Based on the names of the sessions, Microsoft may even discuss developments on how the metaverse might work with Microsoft Teams in professional spaces.

The complete Microsoft Build sessions catalog is now available for public viewing ahead of the conference, with approximately 300 of the 500 sessions having some association with Microsoft Teams.

Registration for The Microsoft Build conference is free and it can be attended virtually.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Security

Data leak from Russian delivery app shows dining habits of the secret police

A massive data leak from Russian food delivery service Yandex Food revealed the delivery addresses, phone numbers, names, and delivery instructions belonging to those associated with Russia’s secret police, according to findings from Bellingcat.

Yandex Food, a subsidiary of the larger Russian internet company, Yandex, first reported the data leak on March 1st, blaming it on the “dishonest actions” of one of its employees and noting that the leak doesn’t include users’ login information. Russian communications regulator Roskomnadzor has since threatened to fine the company up to 100,000 rubles (~$1,166 USD) for the leak, which Reuters says exposed the information of about 58,000 users. The Roskomnadzor also blocked access to an online map containing the data — an attempt to conceal the information of ordinary citizens, as well as those with ties to the Russian military and security services.

Researchers at Bellingcat gained access to the trove of information, sifting through it for leads on any people of interest, such as an individual linked to the poisoning of Russian opposition leader Alexey Navalny. By searching the database for phone numbers collected as part of a previous investigation, Bellingcat uncovered the name of the person who was in contact with Russia’s Federal Security Service (FSB) to plan Navalny’s poisoning. Bellingcat says this person also used his work email address to register with Yandex Food, allowing researchers to further ascertain his identity.

Researchers also examined the leaked information for the phone numbers belonging to individuals tied to Russia’s Main Intelligence Directorate (GRU), or the country’s foreign military intelligence agency. They found the name of one of these agents, Yevgeny, and were able to link him to Russia’s Ministry of Foreign Affairs and find his vehicle registration information.

Bellingcat uncovered some valuable information by searching the database for specific addresses as well. When researchers looked for the GRU headquarters in Moscow, they found just four results — a potential sign that workers just don’t use the delivery app, or opt to order from restaurants within walking distance instead. When Bellingcat searched for FSB’s Special Operation Center in a Moscow suburb, however, it yielded 20 results. Several results contained interesting delivery instructions, warning drivers that the delivery location is actually a military base. One user told their driver “Go up to the three boom barriers near the blue booth and call. After the stop for bus 110 up to the end,” while another said “Closed territory. Go up to the checkpoint. Call [number] ten minutes before you arrive!”

In a translated tweet, Russian politician and Navalny supporter, Lyubov Sobol, said the leaked information even led to additional information about Russian President Vladimir Putin’s former mistress and their alleged “secret” daughter. “Thanks to the leaked Yandex database, another apartment of Putin’s ex-mistress Svetlana Krivonogikh was found,” Sobol said. “That’s where their daughter Luiza Rozova ordered her meals. The apartment is 400 m², worth about 170 million rubles [~$1.98 million USD]!”

If researchers were able to uncover this much information based on data from a food delivery app, it’s a bit unnerving to think about the amount of information Uber Eats, DoorDash, Grubhub, and others have on users. In 2019, a DoorDash data breach exposed the names, email addresses, phone numbers, delivery order details, delivery addresses, and the hashed, salted passwords of 4.9 million people — a much larger number than those affected in the Yandex Food leak.



Repost: Original Source and Author Link

Categories
Game

The Xbox Windows app will make it easier to know if a game will run well on your PC

With so many different ways to build a computer, one of the trickiest aspects of PC gaming is knowing whether a game you’re about to install will play well on your machine. Microsoft is testing a feature that could make that easier. As spotted by , the Xbox app on Windows now includes a label that will tell you if a game will “play great” on your PC.

Xbox Windows PC app

Tom Warren/The Verge

Since there are some titles where the app says “performance check not available yet,” it doesn’t appear Microsoft is comparing the listed system requirements against the components in your PC. Instead, it would seem the company is building a database where it tests a game against various different machines. If you want to test the labels, you can do so by downloading the and opting into the Windows gaming preview. 

If the system works well, it could solve a common pain point for PC gamers. In recent years, we’ve seen some developers share more granular system requirements for their games, telling you not just the minimum and recommended spec but also hardware that will deliver the best experience at Full HD, QHD and 4K respectively. Unfortunately, there hasn’t been anything close to standardization across the industry, and that’s even before you consider the fact some developers list overly optimistic requirements for their games.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
Game

Apple’s 2021 App Store Awards highlight ‘connection’

Last year, Apple focused on quarantine life for its App Store Awards. For 2021, it’s continuing that concept with a focus on “connection” as its trend of the year — basically, things that brought us together even though we’re still dealing with a global pandemic. That trend award was bestowed upon five apps, including familiar names like Bumble and Among Us!. But the niche winners are even more interesting: there’s EatOkra, an app that helps you find black-owned restaurants; Canva, which helps anyone create pro-grade designs; and Peanut, a social network focused on connecting women to find support throughout major life events.

You’d probably be surprised by some of the winners for Apple’s mainstay categories too: the Apple TV app of the year was the boxing streaming service Dazn, something I’ve admittedly never heard of. The Apple TV game of the year, Space Marshals 3, also came out of seemingly nowhere. But the strong review scores for both of those apps make it clear that users genuinely enjoy them.

While the App Store Awards are very much a marketing exercise, it’s also a useful way to highlight some of the best apps users may have missed. (And I’m sure developers appreciate the recognition, and the aluminum App Store icon they can display on their shelves.) LumaFusion, the best iPad app of the year, makes complex multi-track video editing easy to do with your fingers. And Carrot Weather, the best Apple Watch app, looks like a truly unique watch face.

Apple App Store Award on a shelf

Apple

Here are the rest of Apple’s App Store Awards for 2021: 

  • iPhone app of the year: Toca Life World

  • Mac App of the year: Craft

  • iPhone game of the year: League of Legends: Wild Rift

  • Mac game of the year: Myst

  • iPad game of the year: MARVEL Future Revolution

  • Apple Arcade game of the year: Fantasian (the incredible RPG from the creator of Final Fantasy)

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
Game

Niantic buys gameplay recording app Lowkey to improve its in-game social experience

Niantic has acquired another company to help build out its augmented reality platforms. The company has announced that it’s acquiring the team behind Lowkey, an app you can use to easily capture and share gameplay moments. While you can use any screen capture application — or even your phone’s built-in feature — to record your games, Lowkey was designed with casual gamers or those who don’t want to spend time editing their videos in mind. 

The app can capture videos on your computer, for instance, and sync them with your phone where you can use its simple editing tools to create short clips optimized for mobile viewing. You’re also able to share those clips with friends within the app Snapchat-style or publish it for public viewing like TikTok. Niantic didn’t reveal what the Lowkey team will be doing for its AR games and experiences exactly, but it said the team’s “leadership in this space will accelerate the social experiences [it’s] building in [its] products.” The company added: “We share a common vision for building community around shared experiences, and enabling new ways to connect and play for our explorers.”

The Pokémon Go creator purchased other companies in the past in its quest to build more tools and features for its augmented reality products. In 2017, it purchased social animation startup Evertoon to build a social network for its games. Last year, it bought 3D mapping startup 6D.ai to develop “planet-scale” augmented reality, and just this August, it acquired LiDAR scanning app Scaniverse to create a 3D map of the world.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
AI

Fortanix reveals confidential AI for seamless app development

Hear from CIOs, CTOs, and other C-level and senior execs on data and AI strategies at the Future of Work Summit this January 12, 2022. Learn more


Fortanix® Inc., a data-first multicloud security company, today introduced Confidential AI, a new software and infrastructure subscription service promising users the secure use of private data without compromising privacy and compliance.

AI modeling relies on accurate complete data sets. Because of privacy laws, data teams instead often use educated assumptions to make AI models as strong as possible. The development of AI applications can be hindered by the inability to use highly sensitive, private data for AI modeling. Fortanix utilizes Intel SGX secure enclaves on Microsoft Azure confidential computing infrastructure to provide trusted execution environments, making AI models more accurate.

Ambuj Kumar, CEO and cofounder of Fortanix said, “For today’s AI teams, one thing that gets in the way of quality models is the fact that data teams aren’t able to fully utilize private data.” Kumar added, “Confidential AI ensures that highly sensitive data can’t be compromised even while in use, giving organizations the peace of mind that comes with assured privacy and compliance.”

Impact of privacy regulations on AI in healthcare

Fortanix’s confidential computing technology has demonstrated proven use cases, such as powering UC San Francisco’s privacy-preserving analytics platform, BeeKeeperAI, which secures healthcare AI with confidential computing by facilitating a zero-trust interaction between algorithm developers and data stewards. In this environment, the validity of these algorithms can be assessed in the context of real-world data, all without algorithm developers having to expose their algorithm or data stewards having to release data.

The practical applications of AI modeling in healthcare are only beginning to be realized, and some clinical implications sound like the stuff of science fiction. AI has the potential to enable better healthcare outcomes, but in regulated, privacy-sensitive industries such as healthcare, utilizing private data will demand ever-shifting controls in order to keep the core data safe.

Algorithms that are used in the context of delivering health care must be capable of consistently performing across diverse patient populations, socioeconomic groups, and geographic locations, and also be equipment agnostic. Gaining regulatory approval for clinical artificial intelligence (AI) algorithms requires highly diverse and detailed clinical data to develop, optimize, and validate unbiased algorithm models.

Fortanix offers customers key management, database encryption, and now confidential computing as required per the Health Insurance Portability and Accountability Act (HIPAA), which sets the privacy standards for protecting sensitive patient data. Healthcare organizations and companies that handle sensitive protected health information (PHI) must have certain processes and security measures in place to provide the necessary framework that controls who has access to data and restrictions on sharing of this sensitive data.

The Fortanix Confidential AI service is available now as a private preview, with full general availability expected in January 2022.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member

Repost: Original Source and Author Link

Categories
Game

LG WebOS Smart TVs will soon have an NVIDIA GeForce NOW app

LG is clearly dead-serious about expanding its smart TV kingdom, not just in terms of hardware but also software. In addition to adding new apps and services to its smart TVs, like Apple TV+ and support for AirPlay 2, LG has also started licensing its WebOS platform to other smart TV manufacturers. Most of those new features have revolved around “passive” entertainment, but this newest feature treads into the realm of interactive content, with the upcoming arrival of NVIDIA’s GeForce NOW game streaming to select LG smart TVs.

There are two or three major game streaming platforms these days, but NVIDIA was actually playing around with that possibility long before Google revealed its own take with Stadia. GeForce NOW did go out of beta a bit later, but it also has one of the largest numbers of supported devices to run. In addition to mobile, computers, and consoles, GeForce NOW is also coming to smart TVs, at least those running LG’s WebOS.

Select 2021 models of LG’s 4K OLED, QNED Mini LED, and NanoCell TVs in 80 markets will soon be able to test out a beta version of the GeForce NOW app that’s coming this week. Of course, availability still depends on whether the service is actually available in particular countries, but US owners need not worry about that at all. They also don’t need to worry about their TV’s hardware capabilities because the whole point of game streaming is to offload the heavy processing to remote computers.

Those remote computers happen to be using NVIDIA’s beefy RTX graphics card to stream smooth 1080p games running at 60 fps, complete with ray tracing effects. That said, this particular feature requires a paid subscription.

LG naturally promotes features of its TVs, like deep blacks on its OLED sets and fast 1 ms response times to combat input lag. It will be curious to see how the image quality will end up since they will have to be upscaled on 2K and 4K TVs. LG also isn’t saying if this app will be exclusive to LG smart TVs or if it will eventually find its way to third-party WebOS sets.

Repost: Original Source and Author Link

Categories
Game

Streamlabs drops ‘OBS’ from its app name after plagiarism complaints

Following accusations of plagiarism and copycat naming schemes, Streamlabs has announced that it’s removing “OBS” from the name of its popular livestreaming app. At first glance, the move is a direct response to the developers behind Open Broadcasting Software (OBS), who claimed that Streamlabs used their naming scheme against their wishes. The fast response, though, is more directly tied to criticism from top streamers like Pokimane and Hasanabi, who threatened to stop using Streamlabs’s software if it didn’t address the copycat concerns. 

Streamlab’s apology comes across as defensive, since it’s arguing that its software is also open source like OBS, one of the first tools built specifically for livestreamers. Streamlab’s app, which has been praised for being well-designed and feature-rich, is also based on a fork of OBS. Despite those shared beginnings, though, Streamlabs has always been a separate project. It also offers premium services on top of its free core app, so you could argue that Streamlabs was partially fueling its business based on OBS’s popularity.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
Computing

Windows 11 Blocks App Letting You Switch Web Browsers

Windows 11 is now blocking the popular app EdgeDeflector, which provides better ability to select alternative web browsers.

The discovery was made in a new build of Windows 11 through the Insider Program, where Microsoft is now blocking applications that sidestep certain restrictions to change web browsers within the operating system.

Arif Bacchus/Digital Trends

You can still change your default web browser to Chrome or Firefox, but as Windows users know, this won’t apply to every situation found in Windows. That’s due to something called the “edge:// protocol,” which a method used by Microsoft within certain elements in Windows, such as the News and Interest widgets.

The protocol ensures that it’ll only open URL links in its Edge browser. It’s implemented within Windows Search as well. Understandably, it’s been a controversial feature as it even circumvents a user’s default browser choice.

Developers have offered alternative apps, such as EdgeDeflector, that allow you to redirect links to a preferred browser, but Microsoft has now made such workarounds worthless through the latest Windows 11 update (build 22494), which is currently available for Insider members.

The developer of EdgeDeflector — home to 500,000 users — has confirmed that Microsoft has effectively disabled his application. As stated in the blog post, the developer, Daniel Aleksandersen, insists that “this isn’t a bug in the Windows Insider preview build. Microsoft has made specific changes to how Windows handles the microsoft-edge:// protocol.”

He added that while he can technically provide a way to bypass Microsoft’s strategy to make apps like EdgeDeflector futile, it would require “destructive changes” to Windows. These alterations to the program’s code would cause several issues for users, the developer stressed. Aleksandersen has thus decided to cease updating the app.

Your web browser is probably the most important — if not the only — app you regularly use.

In October, Brave became the first web browser to incorporate support against Microsoft’s URL scheme by introducing the same functionality EdgeDeflector delivers. Mozilla developer Masatoshi Kimura has also written patches to integrate the protocol into Firefox.

Aleksandersen states that the move by Microsoft is an anticompetitive practice that regulators “just haven’t caught up with yet.”

“Your web browser is probably the most important — if not the only — app you regularly use. Microsoft has made it clear that its priorities for Windows don’t align with its users’.”

This change is only effective in future builds of Windows 11, so as of now, it’s only a preview of what’s to come.

Editors’ Choice




Repost: Original Source and Author Link