Kategorie

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with SiteNewsroomhttp://www.blogger.com/profile/[email protected]

Apple has a lot to prove at WWDC 2024. Not only must it fend off the negative attention it has been picking up from regulators, but it must also galvanize loyal developers and disabuse the industry perception that it has fallen behind on AI.

That’s a big sentence for a big collection of big challenges — and while doing all of this, Apple will also be seeking to pepper its platforms with great big dollops of its customary consumer-friendly magic.

Strength through adversity

Apple has pushed through challenging times before, and I understand why executives are likely furious that the company — forced to forge its own path in tech — is now being accused of antitrust violations for doing so.

Back when Apple didn’t have an iPod and had a shrinking 2% share of the market, the company decided to build its own beautiful closed system; that made sense as it sought to compete with the behemoths of the time.

That same approach has been a guiding star to everything Apple has achieved since. It’s only now that it’s built platforms, operating systems, and services arguably better than anything else on the market that regulators want to break those walls down, no matter the costs. Presumably, the idea is to give competitors who already lost the war another chance to win again.

All in all, company execs could be forgiven for believing they live in “interesting times.”

Changing the narrative

It’s in this context that Apple will seek to drive home a positive story about its platforms and change the critical narrative around its own brand. One way it might achieve this would be to introduce the world’s biggest smartphone artificial intelligence platform with the announcement of the backwards-compatible iOS 18.

Called by some the “biggest iOS update” in company history, Apple’s next-generation AI fueled smartphone operating system will run on hundreds of millions of devices from the get-go. (Every Apple Silicon chip released in the last few years has untapped capacity.) It seems likely it will run across all of Apple’s devices, and it is also likely you’ll be able to use third-party AI services such as those from Baidu or Google Gemini alongside Apple’s own, as the company is allegedly speaking with them.

Morgan Stanley analyst Erik Woodring in January wrote: “We believe Apple’s efforts to bring these features to market are accelerating, increasingly the likelihood of an ‘AI iPhone’ launch as soon as Fall 2024.”

Will Apple AI sink or swim?

I’ve written before to explain how I think AI in iOS 18 will manifest itself as an edge intelligence built into the device to enable people to get important stuff done while maintaining privacy.

These powerful tools will be the big announcement at WWDC. But we’ll have to wait and see whether industry perception will cast the company as forging ahead or repeat the mantra that it is still playing catch-up.

I suspect some lazy thinkers will stick with the latter, if only because Apple seems likely to focus on narrow task-specific AI that’s really good at specialized tasks, supplemented by public LLM systems such as those from Chat GPT.

That’s also why you’ll be able to choose third-party AI services at a new App Store, some industry observers believe. I think the use of AI in specific tools is absolutely the direction of travel for AI generally, so Apple’s critics will be proved wrong.

The other piece in this is that the intelligence will also be available in Macs, iPads, and through Vision Pro. That latter point is the pre-dawn horizon in this big picture, and as visionOS evolves and new hardware appears you should expect a great deal from the combination of wearable computing and context-aware AI.

Developers need a hug

WWDC 2024 should provide additional insights into Apple’s plans, but it’s possible the biggest challenge will remain unmet. Years of lobbying by competitors and some developers have led to a revolution in regulation, and the company must figure out how to reward the developers that continue to support it and motivate them going forward. Given the direction regulators are taking, this suggests some new developer-focused titbits to keep people on side.

But will Apple’s product and platform news (and a few nice nuggets) be enough to maintain the big buzz around WWDC, or might this year’s event one day be seen as the nadir of Apple’s star?

The future will be better tomorrow

I tend to think it unwise to bet against Apple — but it is true to say the company faces big and existential challenges at this stage of its story.

WWDC 2024 opens for business June 10 with a keynote speech to a small audience in Apple Park and to developers everywhere via streaming services. This year will also be the first time the company makes all its developer sessions available via YouTube.

You know the tech world will be watching. It always does.

Please follow me on Mastodon, or join me in the AppleHolic’s bar & grill and Apple Discussions groups on MeWe.

Apple, Developer, Emerging Technology, Generative AI, iOS

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," GuardioNewsroomhttp://www.blogger.com/profile/[email protected]

Tails 6.1 has been released as the latest version of the renowned Linux distribution focused on privacy and anonymity. This critical analysis will delve into the release's key updates and improvements, discuss the implications for security practitioners, and explore potential long-term consequences.

As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (

As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (The Hacker Newshttp://www.blogger.com/profile/[email protected]

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi

Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies' computing power and leak sensitive data," Oligo Security researchers Avi Newsroomhttp://www.blogger.com/profile/[email protected]

Who doesn’t love Google Maps? The Maps Android app helps those of us with oatmeal for brains find our way anywhere, without having to fire any neurons or exercise any synapses. It even helps us find places to pick up tasty cuisine — like, uh, oatmeal (yum!).

But there’s much more to Google Maps than meets the eye — and odds are, you aren’t taking advantage of at least a few handy hidden features lurking within the Maps Android app. With Android 15 right around the corner and more shiny new Googley goodies showing up by the day lately, I thought it’d be a fine time to dive deep into this ever-evolving Android anchor and think through some of its more off-the-beaten-path advanced options.

Take a few minutes to explore these possibilities the next time you’ve got Maps pulled up on your phone, and get ready to experience the world around you in a whole new way.

[Psst: Love shortcuts? My Android Shortcut Supercourse will teach you tons of time-saving tricks for your phone — stretching far beyond Maps’ borders. Sign up now for free!]

Google Maps Android trick #1: Better directions

The most important part of Maps is navigation — right? And yet, the Maps Android app’s best navigation experience is curiously tucked away in a labyrinth of options and disabled by default. In fact, most average roaming land mammals would never even know the superior route exists!

But hey, you’re reading this column. You clearly aren’t an average organism. So let’s take your Maps adventuring to the next level, shall we?

Start by opening up the Maps app on your phone, then:

• Tap your profile picture in the app’s upper-right corner.
• Select “Settings,” then scroll way down and select “Navigation settings.”
• Scroll down again until you see the section labeled “Glanceable directions while navigating,” and flip the toggle within that section into the on and active position.

One quick switch, and boom: The next time you search for a specific location, you’ll see the detailed steps and ETA info right on the route overview — from the second you hit the “Directions” button.

Google Maps’ glanceable directions options makes it infinitely easier to see where you’re going — at a glance.

JR Raphael / IDG

Much better, wouldn’t ya say?!

Google Maps Android trick #2: Smarter driving

Speaking of navigation improvements, Google’s been flippin’ and floppin’ more than a flailing fish with its Maps- and Assistant-associated driving mode as of late.

I won’t bore you with a recap of all the silly-seeming changes, but just know that at this point, Maps has a built-in driving mode that pops up anytime you actively start a new Maps driving navigation and shows you where you’re headed.

And — oh, yes — with a few fast tweaks, you can make it even more useful.

First, head back into the Maps Android app’s settings area and once again select “Navigation settings.” Then:

• Tap “Google Assistant settings.”
• Flip the toggle next to “Get messaging help while driving” into the on and active position.
• If you see a prompt asking you to allow Google to access your notifications, tap “Allow Access,” then follow the steps to finish that process, make your way back to the Maps menu, and flip that same toggle one more time to turn it on.
• Beneath the line that says “Choose messages alert,” change the option to “Hear entire message” if you want all incoming messages to be read aloud. (If you aren’t able to select that, back out of that menu into the main Assistant settings areas and then make your way back there once more — and it should then work.)

Now, one more thing:

• Back in the main Maps “Navigation settings” menu, scroll down to the bottom and look for the line labeled “Driving notifications.”
• Flip the toggle next to that into the on and active position.

That’ll cause your Maps driving genie to give you ETAs to your destination anytime you’ve got your phone connected to your car’s audio system — as well as allowing it to be more proactive with reading aloud your messages, via that first change we made.

And one more tip to keep in mind: If you ever want to summon driving mode on your own, you can always activate Assistant (by saying “Hey Google” or using whatever Assistant-summoning command you prefer) and then saying “driving mode” — or you can give yourself a one-touch button for launching the mode by long-pressing on your home screen, selecting “Widgets,” then scrolling down to the Maps section and touching and holding the “Driving Mode” widget to place it anywhere on your home screen.

Google Maps Android trick #3: Faster paths

Here’s an interesting one that I only learned about recently by way of some chatter in my Intelligence Insider Community: By default, Maps now gives you directions based on the most fuel-efficient path to your destination.

That’s great if you’re trying to save on gas, but when you’re really in a hurry, you may just want the absolute fastest path possible — even if it potentially costs you a few extra pennies.

If so, do this:

• Speed your way back into the Maps Android app’s settings and again head into the “Navigation settings” area.
• Scroll down to the “Route options” section of the screen.
• See the line labeled “Prefer fuel-efficient routes”? Tap the toggle next to it to turn it off.

And if you would rather stick with the fuel-efficient path, there’s still an option in that area you’ll want to adjust:

• Within the “Navigation settings” area of the Maps app’s settings, tap the line labeled “Engine type.”
• Select the type of car you’re actually using — gas, diesel, electric, or hybrid.

That’ll help Maps better select routes based on actual fuel (or energy) use for your specific vehicle type, if that’s the navigation approach you’d prefer.

Google Maps Android trick #4: Smarter searching

I don’t know about you, but I tend to be a semi-obsessive planner. And part of that, erm, condition means a burning need to know, anticipate, and — well, y’know, plan things out ahead of time.

Maps has a splendid system for this sort of in-advance organization. The next time you’re looking at directions to a specific spot, try this:

• From the directions screen within the Android Maps app — the first screen you see after tapping the Directions button for any given destination — tap the three-dot menu icon alongside the starting location, at the top of the screen.
• In the menu that pops up, select “Search along route.”
• You can then type any term into the box that appears to seek out a specific place along the way or look for, say, restaurants, gas stations, or any other type of business imaginable.

Searching along a specific route is one of Maps’ most helpful hidden options.

JR Raphael / IDG

If you’re already in an active navigation, you can find this same feature by swiping up on the panel at the bottom of the screen.

Google Maps Android trick #5: Better suggestions

Browsing through the Maps app is an underrated way to find something tasty to eat, whether you’re planning to go somewhere on the way to a meeting or just placing an order for a midday office delivery. But navigating your way through the maze of culinary options in your area can get overwhelming fast, especially if you have a specific sort of nourishment in mind.

Well, take note, you hungry, hungry hamster: After tapping the “Restaurants” option at the top of the main Maps screen, you can actually narrow down the types of places that show up as suggestions. You can pick from a sprawling range of variables, too — everything from the establishment’s hours, ratings, and whether it delivers to what kind of cuisine it serves. You can even filter based on whether you’ve visited a place before and whether it’s kid-friendly or vegetarian-prepared.

The trick is to tap the little control panel icon in the upper-left corner of the restaurant search screen and then go to town on selecting whatever filters seem right.

The Maps Android app’s out-of-the-way filters make its restaurant recommendations much more catered to your specific needs.

JR Raphael / IDG

A delectable level of control, no?

Google Maps Android trick #6: Pinned places

Find yourself meandering to the same places or making the same extended drives often? Save yourself some time by tapping into Maps’ easily overlooked trip pinning system. It lets you save common trips and then pull ’em up quickly for on-demand, hassle-free navigation whenever you need it.

You can pin a trip from a couple different places within the Android Maps app:

• When you’re searching for a specific destination, look for the Pin command at the bottom of the screen after you’ve tapped the button to bring up directions.
• From the main Maps screen, tap the Go tab at the bottom and then look at the app’s suggested places based on your recent activity. If you see the trip you want there, tap the pushpin icon alongside it to pin it.

Whichever way you go, anything you’ve pinned will always appear at the top of the app’s Go tab from then on out — and starting a new navigation to that destination will only be one more tap away.

Google Maps Android trick #7: Location collections

One of the Android Maps app’s most underappreciated features is its ability to let you create collections of places and then revisit ’em or share ’em with other human person-people later. It’s like a super-specific sort of bookmarking service that’s all about locations and connected directly to your favorite navigation companion.

And it’s super-practical, too, whether you’re looking to get organized ahead of a Very Important Business Trip or even just to plan around a drive to a different part of town for some manner of work-related meeting.

To take advantage of the system, tap the Saved tab at the bottom of the Maps app, then look for the section labeled “Your list.” Tap the “New list” command within that area of the screen, and you can then give your fancy new list a name and a description and decide whether you want it to be private, shared only with specific people, or public for anyone to find.

Location lists are a lovely way to save related places for future reference — for yourself or for a group.

JR Raphael / IDG

With shared lists, you can even opt to let other people edit and add their own items into the mix — an easy way to collaborate with colleagues, cousins, or chinchillas on a list of lustworthy lunch spots or business supply stop-bys.

Google Maps Android trick #8: Spot saving

Remember way back in the early days of Android when one of the most popular apps was a simple little tool called Car Locator? No? Well, I do — but then again, I’ve been writing about Android for approximately 973 years now. (Related: I may or may not be a wise, if somewhat shriveled, tortoise elder.)

These days, that app is long gone — but little-known fact: Maps itself can do exactly what it used to do and save any location you want, then help you mosey back to it later.

The next time your noggin needs a memory aide, just open up Maps and tap the blue dot that represents your current location. That’ll pull up a big honkin’ menu, within which you’ll see the incredibly useful “Save parking” option — inside a horizontally scrolling bar of buttons toward the top of the panel. (And don’t let yourself be fooled: While its official purpose may revolve around parking, you can just as easily use the feature to save any kind of location for any reason you want.)

Tap that option, and that’s it: Your current location will be burned into Maps’ memory. If you want to add extra info to help your own mushy mammal brain later, swipe up on the bar that says “Parking location” at the bottom of the screen. You can then enter notes about your saved location (what level you parked on, how many oatmeal-serving establishments were in the vicinity, and so on), attach photos (you making silly faces in front of various passersby, etc), and create an alert to remind you about the location after a certain amount of time has elapsed.

Saving your location may be the best way you put Maps to use, ever.

JR Raphael / IDG

When you’re ready to get back to your car — or whatever sort of spot you’ve saved — all you’ve gotta do is tap that same “Parking location” bar at the bottom of the Maps app or look for the “Parking location” notification from anywhere in your phone.

Google Maps Android trick #9: Shared places

Next up: Help someone find you — or maybe just give ’em an update on your whereabouts and progress — by tapping the blue location dot within the main Maps screen and then selecting “Share location” from the menu that comes up.

That’ll let you send anyone a link to follow your location in real-time on a map for a specific amount of time or until you turn the feature off. You can even beam the link directly into another app or service on your phone to get it wherever you need.

Alternatively, if you’re in the midst of a navigation, swipe up on the time estimate panel at the bottom of the Maps navigation screen. There, you’ll find a handy hidden “Share trip progress” option that’ll do exactly what you desire.

Google Maps Android trick #10: Traffic tracking

Did you know Maps can show you live, real-time traffic info as you’re navigating with your phone? All you’ve gotta do is tell it you want that info — a feat that’ll require approximately seven seconds of your time.

The next time you’re in the midst of a navigation within the Maps app on your phone…

• Swipe up on that time estimate panel at the bottom of the screen.
• Flip the toggle next to “Show traffic on map.”
• Perform a spritely little jig to celebrate whilst whistling the tune of Tom Cochrane’s timeless 1991 hit song “Life Is a Highway.” *

* Jig and whistling optional but highly recommended

Google Maps Android trick #11: Incognito mode

On your way to a secret lair? Well, look at you, Bruce Wayne. Pin this bit of info to your amygdala: If you tap your profile picture in the Maps app and then select “Turn on Incognito mode,” Maps will temporarily stop saving your location and using it for any future purposes. And no one — not even Google — will know where you are.

Not to worry: Your secret’s safe with me.

Google Maps Android trick #12: In-app media controls

Why swipe around to control your music when you can do it right from the main Maps interface? Maps has the ability to add audio controls directly into the app so you can see your currently playing tunes and shuffle around as needed within a prominently placed bar in the app’s navigation area.

To get started, open up Maps’ settings, select “Navigation settings,” then tap “Assistant default media provider.” Pick from one of the available options, and whatever service you choose will show up within your navigation interface and also respond to any spoken commands issued to Assistant about audio playing.

Google Maps Android trick #13: Locked orientation

Sometimes, it seems like it’d be easier to understand a map if north were always facing up. Well, good news, my fellow orientation-obsessed organism: You can actually tell Maps to keep a consistent, locked orientation with north at the top whenever it’s navigating.

Just look in the “Navigation settings” section of the app’s main settings and find the option labeled (rather appropriately) “Keep map north up.”

Activate the toggle and then rest easy knowing you’ll never need to do that awkward head-pivoting, trying-to-figure-out-which-way-you’re-facing maneuver again.

Google Maps Android trick #14: Permanent dark mode

In that same “Navigation settings” section of Maps’ settings lies an understated option anyone with sensitive peepers will be pleased to uncover: the ability to set Maps’ color scheme into a permanent dark mode whenever navigation is active.

By default, Maps manages this setting on its own and switches between a light and dark scheme as it sees fit. If you’d rather avoid glary distractions all the time, look for the “Color scheme” setting and switch it from “Automatic” to “Night.”

Google Maps Android trick #15: A quieter voice

I’ve lost count of the number of times I’ve had Maps navigation going and music playing from my phone at the same time — and then jumped in my seat when that jolly genie’s voice cuts in and somehow seems 7,000 times louder than the song behind it. 

If you, too, suffer from this awkward aural occurrence, take heed: There’s an easy fix.

At the very top of the “Navigation settings” section of Maps’ settings sits an option called “Guidance volume.” Try changing it to “Softer” — or “Louder,” if you dare! — and see how that suits your ears.

Google Maps Android trick #16: Voice commands

Last but not least, you’d be forgiven for forgetting — or maybe not ever knowing — but Maps has its own custom set of voice commands that work whenever you’re in the midst of a navigation. All you’ve gotta do is say “Hey Google” or activate Assistant in whatever manner you prefer, and then shout out the command in question.

(And note: These commands all work with the traditional Google Assistant on Android. If you’re using the newer, experimental Gemini Android assistant — as with most practical considerations related to that service — don’t expect much success.)

So buckle up — here are some of the more intriguing possibilities:

• “How’s traffic ahead?”
• “How’s traffic home?”
• “Show the route overview.”
• “Show an alternate route.”
• “What’s my ETA?”
• “What road is this?”
• “What’s my next turn?”
• “Navigate home.”
• “Avoid tolls.”
• “Avoid highways.”
• “Find a gas station.”
• “Take me to Best Buy.”
• “Find a restaurant.”
• “Find me somewhere that serves oatmeal, gosh darn it.”

That last one may or may not work, but hey — it’s always worth a shot.

Go beyond Maps and get even more Android shortcut knowledge with my free Android Shortcut Supercourse. You’ll learn tons of time-saving tricks for your phone!

Android, Mobile, Mobile Apps, Small and Medium Business

Microsoft is sitting on top of the world right now, thanks to its lead in AI. It’s the most valuable company on the planet, with a valuation of more than $3.2 trillion. Its rise was rocket-fueled by its investor relationship with OpenAI, the company that makes the wildly popular generative AI (genAI) chatbot ChatGPT. OpenAI’s GPT large language model is also the basis for Microsoft Copilot, the genAI tool that Microsoft is building into just about every one of its products, from GitHub to Windows to Microsoft 365 and beyond.

Microsoft’s AI dominance appears insurmountable. But things can change quickly in tech. Google and Apple are in talks to embed Google’s genAI tool Gemini into iPhones — a deal that, if it reaches fruition, could unseat Microsoft sooner than you think.

At the same time, Microsoft is moving with lightning speed to extend its AI lead, hiring the best AI minds in the business, furiously racing to launch improved versions of Copilot, and starting to monetize it.

Will Google and Apple topple Microsoft, or will Microsoft remain dominant in AI well into the foreseeable future? Let’s look at the potential Apple-Google blockbuster deal, examine Microsoft’s latest moves, and mix in the biggest wild card of all — the use of antitrust law by the US government (and European governments) to take on the tech super-giants.

The potential Google-Apple AI blockbuster

Google and Apple are in talks to bring Google’s genAI tool Gemini to the iPhone later this year,  “setting the stage for a blockbuster agreement that would shake up the AI industry,” in the words of the Bloomberg article that first reported the news.

If anything, that’s an understatement. Gemini is already built into Android phones made by Google and other device makers. If it were also on iPhones, Google would essentially have a monopoly on AI on mobile devices, shutting out Microsoft and OpenAI. The New York Times puts it this way: “Virtually overnight, Google could have more consumers using its A.I. than its chief rival, OpenAI, which makes ChatGPT.”

The deal would extend a longstanding Apple-Google relationship: Google already pays Apple $18 billion a year for its search engine to be the default on Apple devices.

The deal would do more than put Gemini into the hands of billions of people across the world, eclipsing Microsoft’s and OpenAI’s user base. It would also help Google make Gemini more powerful very quickly. A genAI tool is only as good as the volume and quality of data on which it’s trained — and training is an ongoing process that constantly improves the tool’s power and effectiveness. With billions of people using Gemini every day, Google would likely be able to improve it more quickly than ChatGPT and Copilot can be improved.

If all this were to happen, it could be déjà vu all over again for Microsoft. Decades ago, Microsoft had a worldwide near-monopoly on operating systems with Windows. It also released a mobile operating system — Pocket PC 2000 — seven years before Apple released the iPhone. It seemed its operating system monopoly would last forever.

But iOS (and the iPhone hardware) was dramatically better than anything mobile Microsoft created, and Android was better as well. Microsoft’s OS dominance vanished as smartphones took the world by storm. The same thing could happen with AI if the Google-Apple deal comes to fruition — Gemini would eclipse ChatGPT and Copilot thanks to mobile.

Why Microsoft may still dominate AI

Even if the deal goes through, Microsoft could still dominate AI. It has a substantial lead in AI, and it’s not taking anything for granted. OpenAI has been quickly releasing new, more powerful versions of GPT — version 4 was released in 2023, and it looks as if a “materially better” version 5 will be available this summer. So ChatGPT and Copilot are constantly becoming more powerful.

In addition, Microsoft just hired Mustafa Suleyman, co-founder of DeepMind, which was bought  by Google in 2014 and which ultimately became Gemini. After Suleyman sold DeepMind, he founded another AI startup, Inflection AI, and Microsoft has hired not just Suleyman, but nearly the entire AI staff of Inflection, including its chief scientist Karén Simonyan. Microsoft now has the best AI talent in the world either on staff or working for OpenAI.

Microsoft has also been busy monetizing AI. Copilot is now built into the company’s entire product line, offered as a fee-based add-on. Microsoft can plow that revenue back into research.

And, of course, it’s not a foregone conclusion that Google and Apple will make a deal. Even if they do, it’s not clear how well it will work.

The wild card: government regulators

Who comes out on top could ultimately be determined not by tech companies, but by the US government. Google and Apple are both fighting major federal antitrust lawsuits, and it wouldn’t be surprising if their AI deal draws scrutiny as well. The feds could try to kill a deal before it’s even signed.

At the same time, Microsoft has its own antitrust AI problems. The FTC is said to be investigating Microsoft’s cozy relationship with OpenAI for potential antitrust violations, so Microsoft could lose the main reason it has an AI lead — its deal with OpenAI.

All three companies are facing antitrust investigations and suits in the EU and UK as well.

The results of those suits and investigations could well determine which company will dominate AI in the future. I wouldn’t bet one way or the other on this one — too much is up in the air, including potential federal action. But we do know one thing: it’s going to be a wild ride, and not even ChatGPT, Copilot, and Gemini can predict the ultimate outcome.

Apple, Generative AI, Google, Microsoft, Technology Industry

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie

A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie Newsroomhttp://www.blogger.com/profile/[email protected]

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as

Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as Newsroomhttp://www.blogger.com/profile/[email protected]

Microsoft is reuniting management of its Windows operating system and its Surface devices, as the leader of its Windows and Web Experiences team has quit his current role and may leave the company.

The move is one of the repercussions of Microsoft’s appointment of a former Google artificial intelligence (AI) leader to run its new AI division.

Mikhail Parakhin, who as Microsoft’s CEO of advertising and web services was also responsible for Windows and web experiences, is seeking new opportunities, potentially outside of Microsoft, according to an internal memo seen by Computerworld and sent by Microsoft’s head of experiences and devices, Rajesh Jha.

Parakhin was also in charge of the team responsible for the development of Bing, Edge and Copilot — formerly Bing Chat — and now a key product for the company’s client-side AI strategy.

In that capacity, he was placed under former Google employee Mustafa Suleyman, who recently joined Microsoft as EVP and CEO of AI. Suleyman also now leads Microsoft’s generative AI (GenAI) team, which is run by Microsoft corporate vice president Misha Bilenko.

Leading Microsoft into AI

Jha wished Parakhin well in his new endeavors but did not specify whether they would be inside or outside of Microsoft.

“Satya [Nadella, Microsoft CEO] and I are grateful for Mikhail’s contributions and leadership and want to thank him for all he has done to help Microsoft lead in the new AI wave,” he wrote in the memo.

Those contributions include leading the consumer AI strategy by integrating Copilot into Microsoft products such as Bing Search, Office, and other services and devices as part of Microsoft’s push into AI since unveiling its partnership last year with OpenAI, the creator of ChatGPT.

Parakhin also had a reputation for being transparent about Microsoft’s plans for its products with the company’s vast community of users and maintaining an open dialogue with them about their needs and concerns.

As he mulls his next move, Parakhin will report to Kevin Scott, CTO and EVP of AI, who will continue in his role for the new division.

Windows and Surface reunited

With Parakhin’s move, Microsoft also merged the Windows Experiences and Windows + Devices teams as a core part of the Experiences + Devices (E+D) division to streamline its AI client strategy, according to Jha’s memo.

“This will enable us to take a holistic approach to building silicon, systems, experiences, and devices that span Windows client and cloud for this AI era,” he wrote, announcing direct report Pavan Davuluri as the leader of Microsoft’s Windows and Surface team, which “will continue to work closely with the Microsoft AI team on AI, silicon, and experiences.”

Indeed, this alignment of Microsoft’s client teams will help the company shore up its position moving forward as it carves out its space in the burgeoning AI market, noted John Gallagher, Vice President of Viakoo Labs at Viakoo, a provider of automated IoT cyber hygiene.

“Having Windows and Surface under one leader makes a lot more sense than having those roles split,” he said. “Recombining these functions signals that Microsoft will be more aggressive in how they optimize hardware and software to create a user experience.” 

Streamlined approach

Suleyman co-founded the DeepMind AI lab — one of the pioneers in the space — in London in 2010; Google acquired the lab in 2014. He department Google in 2022 to co-found and lead another AI startup, Inflection AI. Along with Suleyman, another Inflection alum Karén Simonyan also joined Microsoft AI as chief scientist, as did several other former Inflection employees.

Microsoft is tightening up its consumer AI strategy and gearing up for a major push. Indeed, the organizational changes are aimed at helping the company “double down on this innovation,” Nadella wrote in a blog post of the memo sent to employees unveiling Suleyman’s appointment.

The newly formed Microsoft AI group will focus on developing the Copilot chatbot and furthering its integration into various Microsoft products, as well as overseeing consumer AI products and research.

Generative AI, Microsoft Surface, Windows 11

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded 

Threat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded Newsroomhttp://www.blogger.com/profile/[email protected]

Posted by Eugene Rodionov and Ivan Lozano, Android Team

With steady improvements to Android userspace and kernel security, we have noticed an increasing interest from security researchers directed towards lower level firmware. This area has traditionally received less scrutiny, but is critical to device security. We have previously discussed how we have been prioritizing firmware security, and how to apply mitigations in a firmware environment to mitigate unknown vulnerabilities.

In this post we will show how the Kernel Address Sanitizer (KASan) can be used to proactively discover vulnerabilities earlier in the development lifecycle. Despite the narrow application implied by its name, KASan is applicable to a wide-range of firmware targets. Using KASan enabled builds during testing and/or fuzzing can help catch memory corruption vulnerabilities and stability issues before they land on user devices. We've already used KASan in some firmware targets to proactively find and fix 40+ memory safety bugs and vulnerabilities, including some of critical severity.

Along with this blog post we are releasing a small project which demonstrates an implementation of KASan for bare-metal targets leveraging the QEMU system emulator. Readers can refer to this implementation for technical details while following the blog post.

Address Sanitizer (ASan) overview

Address sanitizer is a compiler-based instrumentation tool used to identify invalid memory access operations during runtime. It is capable of detecting the following classes of temporal and spatial memory safety bugs:

• out-of-bounds memory access
• use-after-free
• double/invalid free
• use-after-return

ASan relies on the compiler to instrument code with dynamic checks for virtual addresses used in load/store operations. A separate runtime library defines the instrumentation hooks for the heap memory and error reporting. For most user-space targets (such as aarch64-linux-android) ASan can be enabled as simply as using the -fsanitize=address compiler option for Clang due to existing support of this target both in the toolchain and in the libclang_rt runtime.

However, the situation is rather different for bare-metal code which is frequently built with the none system targets, such as arm-none-eabi. Unlike traditional user-space programs, bare-metal code running inside an embedded system often doesn’t have a common runtime implementation. As such, LLVM can’t provide a default runtime for these environments.

To provide custom implementations for the necessary runtime routines, the Clang toolchain exposes an interface for address sanitization through the -fsanitize=kernel-address compiler option. The KASan runtime routines implemented in the Linux kernel serve as a great example of how to define a KASan runtime for targets which aren’t supported by default with -fsanitize=address. We'll demonstrate how to use the version of address sanitizer originally built for the kernel on other bare-metal targets.

KASan 101

Let’s take a look at the KASan major building blocks from a high-level perspective (a thorough explanation of how ASan works under-the-hood is provided in this whitepaper).

The main idea behind KASan is that every memory access operation, such as load/store instructions and memory copy functions (for example, memmove and memcpy), are instrumented with code which performs verification of the destination/source memory regions. KASan only allows the memory access operations which use valid memory regions. When KASan detects memory access to a memory region which is invalid (that is, the memory has been already freed or access is out-of-bounds) then it reports this violation to the system.

The state of memory regions covered by KASan is maintained in a dedicated area called shadow memory. Every byte in the shadow memory corresponds to a single fixed-size memory region covered by KASan (typically 8-bytes) and encodes its state: whether the corresponding memory region has been allocated or freed and how many bytes in the memory region are accessible.

Therefore, to enable KASan for a bare-metal target we would need to implement the instrumentation routines which verify validity of memory regions in memory access operations and report KASan violations to the system. In addition we would also need to implement shadow memory management to track the state of memory regions which we want to be covered with KASan.

Enabling KASan for bare-metal firmware KASan shadow memory

The very first step in enabling KASan for firmware is to reserve a sufficient amount of DRAM for shadow memory. This is a memory region where each byte is used by KASan to track the state of an 8-byte region. This means accommodating the shadow memory requires a dedicated memory region equal to 1/8th the size of the address space covered by KASan.

KASan maps every 8-byte aligned address from the DRAM region into the shadow memory using the following formula:

shadow_address = (target_address >> 3 ) + shadow_memory_base where target_address is the address of a 8-byte memory region which we want to cover with KASan and shadow_memory_base is the base address of the shadow memory area.

Implement a KASan runtime

Once we have the shadow memory tracking the state of every single 8-byte memory region of DRAM we need to implement the necessary runtime routines which KASan instrumentation depends on. For reference, a comprehensive list of runtime routines needed for KASan can be found in the linux/mm/kasan/kasan.h Linux kernel header. However, it might not be necessary to implement all of them and in the following text we focus on the ones which were needed to enable KASan for our target firmware as an example.

Memory access check

The routines __asan_loadXX_noabort, __asan_storeXX_noabort perform verification of memory access at runtime. The symbol XX denotes size of memory access and goes as a power of 2 starting from 1 up to 16. The toolchain instruments every memory load and store operations with these functions so that they are invoked before the memory access operation happens. These routines take as input a pointer to the target memory region to check it against the shadow memory.

If the region state provided by shadow memory doesn’t reveal a violation, then these functions return to the caller. But if any violations (for example, the memory region is accessed after it has been deallocated or there is an out-of-bounds access) are revealed, then these functions report the KASan violation by:

• Generating a call-stack.
• Capturing context around the memory regions.
• Logging the error.
• Aborting/crashing the system (optional)

Shadow memory management

The routine __asan_set_shadow_YY is used to poison shadow memory for a given address. This routine is used by the toolchain instrumentation to update the state of memory regions. For example, the KASan runtime would use this function to mark memory for local variables on the stack as accessible/poisoned in the epilogue/prologue of the function respectively.

This routine takes as input a target memory address and sets the corresponding byte in shadow memory to the value of YY. Here is an example of some YY values for shadow memory to encode state of 8-byte memory regions:

• 0x00 -- the entire 8-byte region is accessible
• 0x01-0x07 -- only the first bytes in the memory region are accessible
• 0xf1 -- not accessible: stack left red zone
• 0xf2 -- not accessible: stack mid red zone
• 0xf3 -- not accessible: stack right red zone
• 0xfa -- not accessible: globals red zone
• 0xff -- not accessible

Covering global variables

The routines __asan_register_globals, __asan_unregister_globals are used to poison/unpoison memory for global variables. The KASan runtime calls these functions while processing global constructors/destructors. For instance, the routine __asan_register_globals is invoked for every global variable. It takes as an argument a pointer to a data structure which describes the target global variable: the structure provides the starting address of the variable, its size not including the red zone and size of the global variable with the red zone.

The red zone is extra padding the compiler inserts after the variable to increase the likelihood of detecting an out-of-bounds memory access. Red zones ensure there is extra space between adjacent global variables. It is the responsibility of __asan_register_globals routine to mark the corresponding shadow memory as accessible for the variable and as poisoned for the red zone.

As the readers could infer from its name, the routine __asan_unregister_globals is invoked while processing global destructors and is intended to poison shadow memory for the target global variable. As a result, any memory access to such a global will cause a KASan violation.

Memory copy functions

The KASan compiler instrumentation routines __asan_loadXX_noabort, __asan_storeXX_noabort discussed above are used to verify individual memory load and store operations such as, reading or writing an array element or dereferencing a pointer. However, these routines don't cover memory access in bulk-memory copy functions such as memcpy, memmove, and memset. In many cases these functions are provided by the runtime library or implemented in assembly to optimize for performance.

Therefore, in order to be able to catch invalid memory access in these functions, we would need to provide sanitized versions of memcpy, memmove, and memset functions in our KASan implementation which would verify memory buffers to be valid memory regions.

Avoiding false positives for noreturn functions

Another routine required by KASan is __asan_handle_no_return, to perform cleanup before a noreturn function and avoid false positives on the stack. KASan adds red zones around stack variables at the start of each function, and removes them at the end. If a function does not return normally (for example, in case of longjmp-like functions and exception handling), red zones must be removed explicitly with __asan_handle_no_return.

Hook heap memory allocation routines

Bare-metal code in the vast majority of cases provides its own heap implementation. It is our responsibility to implement an instrumented version of heap memory allocation and freeing routines which enable KASan to detect memory corruption bugs on the heap.

Essentially, we would need to instrument the memory allocator with the code which unpoisons KASan shadow memory corresponding to the allocated memory buffer. Additionally, we may want to insert an extra poisoned red zone memory (which accessing would then generate a KASan violation) to the end of the allocated buffer to increase the likelihood of catching out-of-bounds memory reads/writes.

Similarly, in the memory deallocation routine (such as free) we would need to poison the shadow memory corresponding to the free buffer so that any subsequent access (such as, use-after-free) would generate a KASan violation.

We can go even further by placing the freed memory buffer into a quarantine instead of immediately returning the free memory back to the allocator. This way, the freed memory buffer is suspended in quarantine for some time and will have its KASan shadow bytes poisoned for a longer period of time, increasing the probability of catching a use-after-free access to this buffer.

Enable KASan for heap, stack and global variables

With all the necessary building blocks implemented we are ready to enable KASan for our bare-metal code by applying the following compiler options while building the target with the LLVM toolchain.

The -fsanitize=kernel-address Clang option instructs the compiler to instrument memory load/store operations with the KASan verification routines.

We use the -asan-mapping-offset LLVM option to indicate where we want our shadow memory to be located. For instance, let’s assume that we would like to cover address range 0x40000000 - 0x4fffffff and we want to keep shadow memory at address 0x4A700000. So, we would use -mllvm -asan-mapping-offset=0x42700000 as 0x40000000 >> 3 + 0x42700000 == 0x4A700000.

To cover globals and stack variables with KASan we would need to pass additional options to the compiler: -mllvm -asan-stack=1 -mllvm -asan-globals=1. It’s worth mentioning that instrumenting both globals and stack variables will likely result in an increase in size of the corresponding memory which might need to be accounted for in the linker script.

Finally, to prevent significant increase in size of the code section due to KASan instrumentation we instruct the compiler to always outline KASan checks using the -mllvm -asan-instrumentation-with-call-threshold=0 option. Otherwise, the compiler might inline

__asan_loadXX_noabort, __asan_storeXX_noabort routines for load/store operations resulting in bloating the generated object code.

LLVM has traditionally only supported sanitizers with runtimes for specific targets with predefined runtimes, however we have upstreamed LLVM sanitizer support for bare-metal targets under the assumption that the runtime can be defined for the particular target. You’ll need the latest version of Clang to benefit from this.

Conclusion

Following these steps we managed to enable KASan for a firmware target and use it in pre-production test builds. This led to early discovery of memory corruption issues that were easily remediated due to the actionable reports produced by KASan. These builds can be used with fuzzers to detect edge case bugs that normal testing fails to trigger, yet which can have significant security implications.

Our work with KASan is just one example of the multiple techniques the Android team is exploring to further secure bare-metal firmware in the Android Platform. Ideally we want to avoid introducing memory safety vulnerabilities in the first place so we are working to address this problem through adoption of memory-safe Rust in bare-metal environments. The Android team has developed Rust training which covers bare-metal Rust extensively. We highly encourage others to explore Rust (or other memory-safe languages) as an alternative to C/C++ in their firmware.

If you have any questions, please reach out – we’re here to help!

Acknowledgements: Thank you to Roger Piqueras Jover for contributions to this post, and to Evgenii Stepanov for upstreaming LLVM support for bare-metal sanitizers. Special thanks also to our colleagues who contribute and support our firmware security efforts: Sami Tolvanen, Stephan Somogyi, Stephan Chen, Dominik Maier, Xuan Xing, Farzan Karimi, Pirama Arumuga Nainar, Stephen Hines.

Přesně před 25 lety, 26. března 1999, vypustil David L. Smith do té doby nejrychleji se šířící počítačový virus Melissa. Do světa si našel cestu přes usenetovou diskuzní skupinu alt.sex, kam Smith publikoval nevinně vyhlížející soubor list.doc. Měl obsahovat seznam s přístupovými údaji k 80 ...