Home routers from manufacturers including Trendnet and D-Link are vulnerable to attacks that allow attackers anywhere in the world to execute malicious code.
Security researcher Ricky “HeadlessZeke” Lawshae warned HP’s Zero Day Initiative two years ago that the remote command-injection bug affects routers that were developed using the popular RealTek software development kit. It still has not been fixed.
This is means that Trendnet and D-Link routers would be in trouble, although there is no comprehensive list of manufacturers or models that are affected.
A user can find out by using Metasploit to query their router. If the response contains “RealTek/v1.3” or similar, it’s is potentially toast.
Now the organisers of HP’s Zero Day Initiative ZDI have written an advisory highlighting the problem.
“Given the stated purpose of Realtek SDK, and the nature of the vulnerability, the only salient mitigation strategy is to restrict interaction with the service to trusted machines. Only the clients and servers that have a legitimate procedural relationship with products using Realtek SDK service should be permitted to communicate with it.”
ZDI officials went on to recommend the use of a firewall to block outside connections. Other researchers said that turning off a router’s universal plug and play may also prevent exploits.
Huawei Technologies is having another crack at selling its enterprise services in the Land of the Free, despite a political crackdown from US politicians who fear Chinese spooks might be spying on them instead of the NSA.
Despite being much loved in the EU, Huawei was labeled a U.S. national security threat in 2012, and has been effectively blocked from selling telecommunication gear to US carriers.
Government officials there are concerned about Huawei’s alleged ties with the Chinese government, and want to rely on Cisco whose boxes can be opened by its own spies and backdoors inserted .
Huawei, however, hopes it can still attract US customers to its enterprise products, which include servers, storage and IT services.
David He, the company’s president of marketing for its enterprise group told PC World that Huawei executives have also talked with US customers and partners, and they all welcome a new player to enter the market.
“The US represents a large market. We are continually working to expand in this market,” he said at a press conference.
Huawei is betting it can steadily build its US enterprise customer base. The Chinese company makes nearly all its revenue from selling networking gear and consumer products such as smartphones. But Huawei wants its enterprise business to drive much of its growth.
Last year, it made about US$3.2 billion in revenue from enterprise products, but by 2019, Huawei wants that figure to reach $10 billion.
Earlier this week, Huawei revealed one way it could expand in the enterprise sector. In July, the company is launching a public cloud service in China, although it declined to offer details.
A group of researchers has started to implement security in silicon that can help thwart nosey parkers or criminals from understanding what data is in your cloud.
The MIT researchers said two years ago they proposed a method for preventing outsiders by checking the way computers access memory banks.
The researchers said that they’ve already tested their methods on reconfigurable semiconductors and are moving into manufacturing these devices.
The chip improves security by checking that when data is fetched from a memory address, it will query other address too.
Although this puts stress on a system because extra data is involved, the MIT team said they store the memory addresses in a tree-like data structure, with every address randomly assigned to a path through the tree.
The chip they’ve designed avoids a performance overhead by having an additional memory circuit, with storage slots mapped onto the nodes in any path through the tree.
It discards all redundant or decoy data.
The circuits the MIT scientists have designed can be easily added to existing semiconductor designs and switched off or on as needed. So software engineers may activate it only when it’s needed, while other applications could use it all the time.
A report from IHS said that 4K displays, formerly a feature of high end LCD TVs, is about to hit the mainstream.
IHS said the value of the market hit $9.2 billion in 2014 but that’s rapidly going to change in 2015, with 4K revenues amounting to $18 billion – a 94 percent increase.
And by 2020, because of better yields and lower costs, the 4K market will be worth $52 billion by 2020.
IHS expects to see 4K displays appearing on all sorts of devices including desktop monitors, notebook PCs, OLED TVs, digital signs, smartphones and tablet PCs.
Manufacturers of the LCD panels intend to ship 40 million this year – that’s close to 17 percent of all LCD panel shipments.
Panel manufacturers including Sharp and JDI have announced smartphone panels and 4K displays for tablets.
Sales of Taiwanese manufactured TFT LCD screens amounted to 60 million in the first quarter of this year, but that’s down marginally over three percent compared to the same quarter last year.
Digitimes Research (DR) said that of the four sectors it watches – TVs, monitors, notebook and tablets only the first showed positive growth – up 13.5 percent year on year.
Korean flat screen manufacturers LG Display and Samsung both opened next generation fabrication plants in the quarter and concentrated on switching production in the old fabs to churn out TVs and monitors.
But demand for notebook panels and monitors was weak in the first quarter, with DR reporting that Taiwanese manufacturers saw a nine percent sequential decline during the quarter.
Tablet panels fared worse – shipments for these gadgets fell 17.5 sequentially, said the research company.
Both AMD and Intel’s results this week make it clear that the PC market will never be quite the same again.
And while shareholders in both Intel and AMD will be concerned about the future of the PC business, the effect of people not buying PCs and opting instead for smartphones and tablets is having reverberations down the whole supply chain.
That’s underlined by a report in Digitimes that said Taiwanese original design manufacturers (ODMs) will soon be approached by the big boys with request for quotes on machines using Intel’s Skylake microprocessors.
As industry analysts also noted this week, there have been inventory build ups in the supply chain and that’s going to prompt the multinationals to be cautious about over ordering machines from the ODMs.
Digitimes said that Lenovo, Dell, HP, Acer and Asustek will send their requests for quotes any day now – and if they’re over cautious, the ODMs, already operating on very narrow margins, may make losses, particularly as the quotes they’ll deliver to the multinationals will be cut throat.
It’s not just the manufacturers who are being squeezed, of course. The decline in demand for PCs will have its effect on graphics card manufacturers, distributors, and dealers too.
It seems that Apple’s iWatch has failed to interest those who know what they are talking about when it comes to technology.
Early versions of the iWatch have been sent to reviewers and the verdict is not that good.
Reviewers have blasted the product for its weak battery life and slow-loading apps.
The Wall Street Journal’s Geoffrey Fowler said that the Apple iWatch is for “pioneers”, as no-one in their right mind would pay the $1,000 it would cost for the model he tested, only to see a significant improvement roll in before too long.
Of course Apple will not care that much, its fanboys are quite willing to be pioneers and will empty their credit cards for anything with an Apple logo on it if they are asked.
Reviews published yesterday made much of the device’s relatively poor battery life – up to 18 hours, according to Apple – and said its apps will need upgrades to load more quickly.
Nilay Patel, who reviewed the watch for theverge.com said that there was “nothing I can’t do faster or better with access to a laptop or a phone except perhaps check the time… the maps app, surely the answer to wandering pedestrians’ dreams, is so slow”.
Loading an app required the watch to pull tremendous amounts of data from iPhones, Patel said, adding that Apple had told him upcoming software updates would address performance problems.
Re/Code’s Lauren Goode said the watch’s battery life was not nearly as long-lasting as some other wearable devices. CNET’s Scott Stein said the battery’s recharge time was slow.
Apple’s favourite paper, the New York Times, did its best to make a silk purse out of a sow’s ear by saying that the phone was “initially complex” and not suited to tech novices. So in other words it is not really rubbish it is just that you are too stupid to use it.
Analysts at Societe Generale said they expected Apple to sell eight million watches in 2015, contributing about 1.7 percent or $4 billion to Apple’s total sales. This was on the basis that it was any good and would be marketed to death. However since it failed on the first point, it might not do so well on the second.
Fruity cargo cult Apple is not going to be allowed to launch its smartwatch in Switzerland anytime soon.
Apparently the problem is that in 1985 a bloke William Longe, patented the name Apple when it came to launching its watch in Switzerland.
This means that the US tech giant cannot use the image of an apple nor the word “apple” to launch its watch within Switzerland, the home of luxury watches.
According to a document from the Swiss Federal Institute of Intellectual Property, the patent is set to expire on December 5 of this year.
Apple’s watch is appearing on the market two years late and is already outclassed by its rivals. A further delay in the home of the wrist watch is embarrassing to say the least.
The Apple Watch, the firm’s first new device since Tim Cook became CEO, will be available in stores in nine countries on April 24 and, since it has practically no killer app technology behind it, it appears to be part of Jobs’ Mob’s Apple pay payments system.
Swatch countered any change that will work by announcing a plan to put cheap programmable chips in watches that will let wearers make payments with a swipe of the wrist.
Two major Taiwanese hardware manufacturers are backing Google and will introduce Chrome devices this quarter.
Google is determined to outwit Microsoft and Acer, along with Asustek and other major vendors are creating super lightweight laptops as well as an oversized USB like stick, the Chromebit, kitted out with an OS that uses HDMI to turn displays into computers.
Yesterday Asustek showed off a 10-inch Chromebook called the Flip which weighs only a couple of pounds, is priced at $250 and has 13 hours or so of battery life.
Chromebooks don’t have hard drives and store information on the cloud – they also don’t have the overhead of paying for a Windows operating system, making them attractive to Taiwanese vendors, who have razor thin margins anyway.
Earlier this week Microsoft introduced its Surface 3, which costs over £420. Microsoft hopes that it can use legacy Office software to persuade people to pay the premium.
Microsoft’s hopes to leverage the past are not as relevant as once they were – many people are now accustomed to slick interfaces produced for both Apple and Android devices.
There are even cheaper Chromebooks around – Google has showed off two Chromebooks costing less than $150.
Redfaced Samsung has confirmed that some of its suppliers operating in China are operating sweatshops.
The company had been accused of using child labour in China, but Samsung’s own investigations could not find evidence of that. However, it did find that that some of its suppliers were running operations which could have made it into a Charles Dickens novel of the 19th century.
It inspected 105 suppliers who produce components purely for Samsung products. Samsung found “overtime hours in excess of local regulations, management of supplier companies holding copies of labour contracts, and the imposition of a system of fines for lateness or absences”.
According to the Verge, the company has promised to rectify those problems and promises to stamp out discrimination and fines. It also wants to increase health and safety standards.
Factories will be required to provide “additional training for managers on sexual harassment and physical and verbal abuse”. We assume they want to stamp it out, rather than improve it.
All this will be a long term project, so it will be a while before the plants are up to scratch.
Apple also had similar problems with its suppliers in China. Its supplier, Foxconn, dragged students away from their studies on “work experience” to make sure that the toys got to the shops in time.