Categories
Computing

Glorious’ customizable mechanical number pad looks amazing

Sometimes you just need a good number pad for those intense number crunching sessions. Glorious has unveiled a new mechanical number pad simply called the GMMK Numpad that matches the company’s regular mechanical keyboards — and can be a good companion for those with ten keyless (TKL) keyboards.

The compact accessory is made of anodized aluminum and has the standard 17-key layout of a number pad, but also a configurable rotary knob and slider that the company says offers “unparalleled versatility.” This should make it a great tool for both content creation and productivity.

The keypad also features Glorious’ Fox key switches, GSV2 stabilizers, and ABS Doubleshot V2 keycaps. It connects over Bluetooth 5.0 or wired USB cable with Glorious claiming about 76 hours of use while using Bluetooth.

Glorious clearly wanted to make the Numpad more than just a regular number pad. Like the company’s mechanical keyboards, you’re able to swap out numerous components including the switches, switch plates, top frames, the knob and slider, and even the printed circuit board (PCB) itself. Glorious will have an “ecosystem of accessories” that should allow you to personalize the Numpad to your desired configuration.

It goes without saying that the GMMK Numpad is geared primarily toward people who prefer TKL keyboards. Many people choose TKL keyboards as it offers a sweet spot between a larger full-sized keyboard and the tiny 60 percent keyboards. A lot of people may not want or need a number pad, but still desire the navigational keys.

GMMK NumPad next to a mechanical keyboard.

That said, having a separate number pad such as the GMMK Numpad could be particularly useful to use either as a traditional number pad or even as macro keys. In fact, Glorious intentionally designed the Numpad as a companion to their GMMK Pro and GMMK 2 65% keyboards. You can even position the Numpad on the left side of the keyboard for those who are left-handed.

Glorious says that the GMMK Numpad has been one of the most requested products and seems to have delivered on a functional, yet customizable number pad. For those interested, preorders go live on August 16th and begin shipping next month. It’s not exactly cheap at $130, but it could be a worthwhile purchase for the customizability alone.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Security

Homeland Security bug bounty reveals huge number of flaws

The outcome of a bug bounty program for the Department of Homeland Security (DHS) has been revealed, and it’s not particularly encouraging news for a government agency synonymous with cyber security.

Participants of DHS’ first-ever bug bounty program, named “Hack DHS,” confirmed that they found a worrying number of security bugs.

Stock Depot/Getty Images

They discovered a total of 122 security vulnerabilities in external DHS systems, according to The Register and Bleeping Computer. Twenty-seven bugs were recognized as “critical severity” flaws.

The Hack DHS initiative saw more than 450 security researchers participate in the program. For their efforts, the government agency paid out a total reward of $125,600 that was distributed amongst the ethical hackers.

As aptly highlighted by The Register, the aforementioned payout figure pales in comparison to what other organizations pay to bug bounty hunters.

For example, Intel has previously offered up to $100,000 for successfully uncovering specific vulnerabilities.

Other technology giants like Microsoft offer 10s of thousands of dollars for finding flaws, while Apple paid a single individual nearly the entirety of the Hack DHS bounty by giving him $100,000 for hacking a Mac.

Google, meanwhile, has awarded nearly $30 million to individuals enrolled in its own bug bounty programs. In one particular case, the company gave a self-taught teenage hacker $36,000 for reporting a certain bug.

Considering the fact that one of the Department of Homeland Security’s key responsibilities involves cyber security, many may understandably be concerned that such a high amount of security bugs were found in the first place. Moreover, the somewhat lackluster payment tiers associated with Hack DHS could be a potential deterrent to future interested parties.

All things considered, it seems the DHS is not as secure as many Americans would have hoped it would be.

A physical lock placed on a keyboard to represent a locked keyboard.
piranka/Getty Images

Homeland Security’s quest to become more secure

Hack DHS was originally introduced in December 2021. Any hacker who joined the program would have to provide a comprehensive breakdown of any vulnerability they find. They also have to detail how that flaw can be targeted and exploited by potential threat actors, as well as explain how it can be specifically utilized to access and extract data from DHS systems.

Once these security defects are put through a verification process by “DHS security experts,” which takes 48 hours to analyze after a bug is detected and submitted, they are generally patched within 15 days or so. In some cases, it takes the government agency longer than half a month to fix the more intricate flaws.

The government agency’s bug bounty program will be conducted via a tiered rollout consisting of three stages. The first phase, payouts, has been completed, while the upcoming second stage will see security researchers hand-picked by the DHS taking part in a live hacking event.

As for the final phase, The Register reports that DHS will share information that it hopes will influence additional bug bounty programs.

The popularity of bug bounty programs is increasingly becoming more prominent in an era where cybercriminals have been intensifying their attempts to infiltrate major companies, especially in the technology space.

For example, Intel unveiled Project Circuit Breaker, an expansion to its bug bounty program that was introduced to recruit “elite hackers.” Google also updated its Vulnerability Reward Program last year by launching a new bug platform.

Elsewhere, Google recently confirmed that a record number of dangerous zero-day exploits were identified in 2021, while cybercrimes are more widespread than ever before.

Editors’ Choice




Repost: Original Source and Author Link

Categories
Game

Twitch increases the number of custom emotes affiliate streamers can offer

Emotes are a great way to add character and distinctiveness to a Twitch community — they can also get casual viewers to pay for subscriptions. A Twitch affiliate who’s just starting out, however, used to only have a single custom emote slot. Now, the livestreaming website has upped the initial number of emote slots to five, based on affiliates’ feedback. That means streamers can offer five custom emotes from the get-go, simply by meeting the bare requirements needed to become part of the affiliate program. In all, affiliates can earn nine slots for custom emotes by reaching certain subscription milestones. 

Twitch is also carrying the change over to its partner program, increasing the slots available for them, as well. To be able to apply for partner status, an affiliate must reach a certain number of streaming hours, views and subscribers. Even then, they might not get in. That’s why giving potential subscribers more incentive in the form of emotes could help beginners reach their goal sooner and earn more money.

The website has also given affiliates the capability offer animated emotes to their community. They’ll start with one slot and can unlock up to five as their audience grows. Those who can’t afford to pay an artist to create animated emotes for them can use the website’s Easy Animate feature to quickly convert static emotes into animated versions for free. These updates have started rolling out to Twitch streamers and will be reaching everyone in the coming weeks. 

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.

Repost: Original Source and Author Link

Categories
Game

Call of Duty: Warzone has banned a staggering number of cheaters

Call of Duty: Warzone has turned into one of the more popular royale games around, but that popularity comes with some drawbacks for the playerbase at large. We’re talking, of course, about cheaters, and free-to-play battle royale games seem to swarming with them. While the problem of cheaters in free-to-play games probably won’t ever be truly solved, Warzone devs have now shared some details on just how many cheaters have been over the course of Warzone‘s existence.

In a tweet shared last week, Raven Software added 30,000 more accounts to its tally of banned players. That’s enough to push the total number of banned players over the half-million mark, with Raven Software confirming that it has now banned more than 500,000 accounts over Warzone‘s lifetime.

Raven didn’t share more details about the accounts that were banned or what, specifically, they were banned for, but there’s likely a good reason for that. After all, if Raven’s goal is to reduce the number of cheaters in Warzone, publicizing cheating methods or other exploits quickly becomes counterintuitive.

Hitting half a million cheaters banned is a pretty impressive milestone, particularly when you consider that it was only back in February that Raven was reporting 300,000 accounts banned. These anti-cheating efforts aren’t just limited to Warzone either, with Raven and other Call of Duty developers under the Activision umbrella extending them to Black Ops Cold War and Modern Warfare as well.

With February’s announcement, Raven committed to sharing regular updates on the progress it’s making against cheaters, so it probably won’t be long before we hear about the next wave of cheaters that’s been hit with the banhammer.



Repost: Original Source and Author Link

Categories
Security

Q Link Wireless made private customer information accessible with just a phone number

A mobile carrier allowed anyone with one of its customers phone numbers to access their personal information, including name, address, phone number, and text and call history, according to a report by Ars Technica. The carrier, Q Link Wireless, claimed to have over two million customers in 2019.

Ars Technica noted a Reddit post saying that the app used by the carrier and its subsidiary Hello Mobile never asked for a password or any identifying information when the user was logging on with a phone number. Looking through the reviews, there are references to the poor security practices (to put it mildly) going back to December of 2020. While it’s unclear when the credential-less login system appeared, there is an update note from two years ago that mentions an “updated login process.”

The carrier has reportedly fixed the issue — though it seems it may have done so by just turning off logins to the app altogether. Before the change, Ars was able to see, but not change, a bevy of information from a Hello Mobile customer who volunteered their phone number, including their name, address, account number, email address, and which numbers they’d contacted or been contacted by. The last one is probably the most sensitive — while the contents of texts or phone calls weren’t shown, there’s still a lot of information that can be gleaned from knowing who you talked to and when you talked to them.

The app’s description mentions that it allows users to add more minutes or data to their plans, but it’s unclear if that required extra authentication. Regardless, there’s still a ton of information that was available to anyone able to get the phone number of one of Q Link Wireless’ customers. Reportedly, Q Link Wireless hasn’t notified its customers that their information had been accessible — which seems to be a worrying trend among companies that leak user data.

Ars found no evidence that the security vulnerability was widely exploited, but having to worry about others having access to a ton of their sensitive data isn’t something that anyone needs.

Q Link Wireless didn’t immediately reply to a request for comment.

Repost: Original Source and Author Link