Technology - Google News

This week in watching: Apple streaming, the drama of the 'SNL' cast, bye-bye 'Broad City' - The Boston Globe
What to expect from Apple today and where can you watch the livestream? - USA TODAY
Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers - Motherboard

This week in watching: Apple streaming, the drama of the 'SNL' cast, bye-bye 'Broad City' - The Boston Globe

Posted: 25 Mar 2019 03:13 AM PDT

Abbi Jacobson (right) and Ilana Glazer end five seasons of

By Matthew Gilbert Globe Staff March 25, 2019

Your TV GPS, Globe critic Matthew Gilbert’s guide to what’s on television, appears at the beginning of each week at BostonGlobe.com. This column covers March 25-31.

APPLE STREAMING

On Monday morning at 10 on the West Coast, Apple is going to announce a new media project that will likely include the company’s plans for streaming original content.

It will be interesting to track the Apple expansion in the age of subscription overload, when viewers are already being deluged by add-ons — Amazon, Hulu, HBO Now, Netflix, DirecTV Now, DC Universe, Acorn TV, CBS All Access, and Shudder, as well as two other high-profile streamers coming soon from Disney and WarnerMedia. Will people be willing to pay for yet another streamer? Some of the Apple content may be free for owners of Apple devices, but there will likely be a pay subscription component.

We know about some of Apple’s upcoming shows. Here are highlights:

• The limited series “Defending Jacob,” based on William Landay’s novel, will star Chris Evans as a man dealing with allegations that his 14-year-old son committed murder.

• A comedy called “Dickinson” will feature Hailee Steinfeld as the poet Emily Dickinson coming of age and Jane Krakowski as her mother.

• A still-untitled drama set at a TV morning show will star Reese Witherspoon, Jennifer Aniston, and Steve Carell.

• Steven Spielberg will reimagine his 1980s anthology series “Amazing Stories.”

• Octavia Spencer, Lizzy Caplan, Aaron Paul, Ron Cephas Jones, and Annabella Sciorra will star in a thriller about a podcast called “Are You Sleeping.”

• “Central Park,” an animated musical comedy about the caretakers of the titular location, will feature the voices of Josh Gad, Leslie Odom Jr., Tituss Burgess, Kristen Bell, Stanley Tucci, Daveed Diggs, and Kathryn Hahn

• Kumail Nanjiani and Emily V. Gordon of “The Big Sick” will deliver an anthology series about the lives of immigrants called “Little America.”

• “For All Mankind,” a space drama from Ronald D. Moore of “Battlestar Galactica,” will star Joel Kinnaman.

• J.J. Abram’s half-hour dramedy “Little Voice,” about the musical world of New York, will include music by Sara Bareilles.

• Jennifer Garner will star in “My Glory Was I Had Such Friends,” based on Amy Silverstein’s memoir about a heart transplant and friendship.

• “See” will be an epic drama set in the future starring Jason Momoa and Alfre Woodard.

• “Swagger,” inspired by the NBA star Kevin Durant’s youth, will look at the world of AAU basketball.

• Original director Terry Gilliam will be onboard a series adaptation of the 1981 film “Time Bandits.”

• Brie Larson will star in a still-untitled series based on Amaryllis Fox’s memoir “Undercover: Coming of Age in the CIA.”

• There will also be series from M. Night Shyamalan, Kristen Wiig, Damien Chazelle, and Rob McElhenney and Charlie Day.

WHAT I’M WATCHING THIS WEEK

1. NOOO, Qween. “Broad City” will air its series finale on Thursday at 10 p.m. It has been one of my favorite shows for all five seasons, not least of all thanks to its endless raunch, poop jokes, and drug adventures. It’s the story of being in your 20s, having a best friend, and living without a lot of money in New York City. It’s also the story of finding yourself. The episodes leading up to the end have been moving, as the friends begin to separate, and filled with lots of Easter eggs. Extra: Ilana Glazer and Abbi Jacobson are on “The Daily Show With Trevor Noah” on Monday night.

2. The TV gods, they giveth and they taketh away. Goodbye to Ilana and Abbi, hello to the seventh (and final) season of “Veep.”The great HBO satire of American politics starring Julia Louis-Dreyfus, which anticipated the Trump presidency, returns on Sunday night at 10:30. In my “Political TV Hall of Fame,” I named it No. 1 (with the “The West Wing” as No. 2). Is the season premiere timely? It’s called “Iowa.”

3. Also back with a new season this week: “Barry,” the bittersweet story of a hit man who takes acting classes. Bill Hader is aces as the war veteran trying to change, and Henry Winkler’s a kick as his acting coach. Hader is promoting the show on ABC’s “Jimmy Kimmel Live!” on Monday. “Barry” returns Sunday at 10 p.m. on HBO.

4. Will Ruth Wilson ever be as fantastically beguiling and slippery as she was in that first season of “Luther”? I’m still waiting, even after her seasons on “The Affair” (for which I still feel she was miscast as a Montauk local). She’s in a new PBS “Masterpiece” serie s called “Mrs. Wilson,” which is based on the life story of Wilson’s real grandmother, who discovered that her late husband had been living a double life. Episodes one and two premiere on Sunday at 9 and 10 p.m.

5. Oh yes. This week on “Saturday Night Live,” Sandra Oh will make her first appearance as host. She’s so damn likeable, I’m betting the episode will have a good vibe. She’s promoting the return of BBC America’s “Killing Eve” (on April 7), and the musical guest is Australia’s Tame Impala.

6. Here’s another star-powered film coming to Netflix on Friday after a very brief theatrical run (where it got middling reviews). Kevin Costner and Woody Harrelson play former Texas Rangers on the trail of Bonnie and Clyde in the new 1930s-set“The Highwaymen.”

7. FX’s “What We Do in the Shadows,” Wednesday at 10 p.m., is an amusing mockumentary about three vampire housemates on Staten Island. Based on the 2014 movie, it spoofs all the vampire tropes while also giving us a story worth following. With shades of so many influences from “Young Frankenstein” to “The Office,” and with an “energy vampire” who feeds by boring people into a stupor, it’s a lot of fun.

8. Amazon has turned the 2011 film “Hanna,” about a 15-year-old girl raised in the wilderness, into a series. The draw for me is the reunion of Joel Kinnaman and Mireille Enos, who co-starred in “The Killing.” Esme Creed-Miles stars as the titular character, played by Saoirse Ronan in the movie. The first season is on Amazon on Friday.

9. At first, I was disappointed by “Miracle Workers,” the TBS series from Simon Rich that stars Steve Buscemi as a slovenly God and Daniel Radcliffe as one of his angels. But, as the angels have tried to make a couple fall in love in order to save the world, thereby deconstructing the meaning of romance, the writing has gotten smarter. Anyhow, it has an hourlong finale on Tuesday at 10:30 p.m. “The Other Two,” Comedy Central’s thoroughly enjoyable look at fame and envy, also finishes its first season, on Thursday at 10:30 p.m.

CHANNEL SURFING

“Traitors”

A six-part British spy thriller set in 1945 London starring Keeley Hawes and Michael Stuhlbarg. Netflix, Friday

“The Kids Are Alright”

It’s a “Partridge Family”-themed episode with guest star Danny Bonaduce. ABC, Tuesday, 8:30 p.m.

“One Nation Under Stress”

Sanjay Gupta looks into why American life expectancy is decreasing, and I’m thinking the title has something to do with it. HBO, Monday, 9 p.m.

“Million Dollar Mile”

A new reality series hosted by Tim Tebow finds contestants trying to win $1,000,000 by running a challenging course. CBS, Wednesday, 9 p.m.

“Call the Midwife”

The eighth season of the PBS period piece premieres. WGBH-2, Sunday, 8 p.m.

“Jesus: His Life”

This eight-episode series mixes scripted scenes with expert interviews to look at Jesus through the eyes of those closest to him. History, Monday, 8 p.m.

“Abby’s”

An ensemble sitcom set at a bar where everybody knows your name. NBC, Thursday, 9:30 p.m.

THE DRAMATIC TURNS OF ‘SNL’

Comedy is famously difficult to do, even though, at its best, it looks easy. But many fine comics yearn to do drama. It gives them a sense of being taken seriously, which makes sense since, while comedy may draw big audiences, it’s the angsty roles that tend to get the awards recognition.

Watching Aidy Bryant as Annie in “Shrill,” I felt as if I was watching the “Saturday Night Live” regular take a solid step into non-sketch, dramatic territory. What’s unusual about her turn as a heavy woman too accustomed to being treated poorly by women and, in particular, men, is that she plays some of the more painful scenes with a smirk on her face. It’s Annie’s character’s default face. And as she begins to drop her submissiveness, as she begins to defend herself and let go of internalized self-loathing, her smirks come less frequently.

Occasionally, a “Saturday Night Live” regular will jump into a dramatic context and pull it off nicely. Here are some of my favorites, in no particular order:

• Kristen Wiig and Bill Hader in “The Skeleton Twins”

• Will Forte in “Nebraska”

• Maya Rudolph in “Away We Go”

• Bill Murray in “Lost in Translation”

• Andy Samberg in “Celeste and Jesse Forever”

• Jenny Slate in “Obvious Child”

• Adam Sandler in “Funny People”

• Eddie Murphy in “Dreamgirls”

• Molly Shannon in “Other People”

• Will Ferrell in “Stranger Than Fiction”

Matthew Gilbert can be reached at gilbert@globe.com. Follow him on Twitter @MatthewGilbert.

Let's block ads! (Why?)

What to expect from Apple today and where can you watch the livestream? - USA TODAY

Posted: 24 Mar 2019 10:01 PM PDT

Edward C. Baig USA TODAY

Published 8:09 AM EDT Mar 25, 2019

Curtain up and light the lights: Apple’s almost certain to be star-studded press gathering is now but hours away.

Here’s what you’re likely to hear once Tim Cook takes the stage, and how to tune in if you aren’t a member of the media or one of the invited guests sitting in the audience at the Steve Jobs Theater at the company’s Apple Park campus.

Where To Watch

Apple will be livestreaming the event at its website.
It’s also fitting, given the expected news of the day, that you’ll also be able to watch on your big screen television you’ve connected an Apple TV set-top box. Download the Apple Events app from the App Store on the Apple TV device.

When does the event start?

The festivities are scheduled to begin at 1 p.m. ET. Broadway shows typically start five minutes after the announced curtain time; movies only start after you've been treated to a strong of trailers. Apple press events typically start on time.

What will we hear?

Unless all the pre-event chatter has been way off base—and there’s no reason to believe that it has been—Apple is almost certainly going to showcase its answer to Netflix, Hulu and Amazon Prime video, with an entertainment-based video streaming service of its own. Likely base cost for consumers, $9.99 a month, with extra fees for premium content from HBO and Showtime.

Subscription overload: News, entertainment, music, iCloud—are you ready to spend $40 monthly with Apple?

Robocalls: Robocalls: AT&T CEO gets spam call alert on his Apple Watch during a live interview

At the same time, though, Apple is also expected to announce some kind of news and magazine service, featuring such publications--again if the pre-launch rumors prove accurate-as the Wall Street Journal and People Magazine. Unknown are the state of other big-time properties, including the New York Times, Washington Post, and yes, USA TODAY.

Still to be answered: How will Apple package the new services and, for that matter, bring the existing Apple Music service into the fold?

And when do all the new services actually get going?

What kind of original content might we see?

Aside from Apple’s earliest efforts in TV content—versions of James Corden’s “Carpool Karaoke” and a reality show “Planet of the Apps”—it is premature to weigh in on the quality of the shows that are likely to appear on Apple’s service.

We do know the quality of the Hollywood types Apple is working with and the roster includes some of the biggest names in showbiz: including Oprah Winfrey, Steven Spielberg, Reese Witherspoon, Jennifer Aniston, Steve Carell, J.J. Abrams, Jennifer Garner, M. Night Shyamalan, even Sesame Workshop. It's a good bet you'll see Cupertino cameos from some or all of the above.

What we also know is that the company is parting with some of its riches to propel the launch of the new services, to the tune of at least $1 billion.

Is Apple going to unveil new hardware?

This seems like an unlikely prospect, except perhaps a freshened up version of the Apple TV box. Apple pretty much cleared the decks for new physical products last week having unveiled in successive days new versions of the iPad mini and iPad Air tablets, iMac desktop computers, and AirPods wireless headphones.

What we may see, however, is a new Apple credit card.

Email: ebaig@usatoday.com; Follow @edbaig on Twitter

Let's block ads! (Why?)

Hackers Hijacked ASUS Software Updates to Install Backdoors on Thousands of Computers - Motherboard

Posted: 25 Mar 2019 08:33 AM PDT

Researchers at cybersecurity firm Kaspersky Lab say that ASUS, one of the world’s largest computer makers, was used to unwittingly install a malicious backdoor on thousands of its customers’ computers last year after attackers compromised a server for the company’s live software update tool. The malicious file was signed with legitimate ASUS digital certificates to make it appear to be an authentic software update from the company, Kaspersky Lab says.

ASUS, a multi-billion dollar computer hardware company based in Taiwan that manufactures desktop computers, laptops, mobile phones, smart home systems, and other electronics, was pushing the backdoor to customers for at least five months last year before it was discovered, according to new research from the Moscow-based security firm.

The researchers estimate half a million Windows machines received the malicious backdoor through the ASUS update server, although the attackers appear to have been targeting only about 600 of those systems. The malware searched for targeted systems through their unique MAC addresses. Once on a system, if it found one of these targeted addresses, the malware reached out to a command-and-control server the attackers operated, which then installed additional malware on those machines.

Kaspersky Lab said it uncovered the attack in January after adding a new supply-chain detection technology to its scanning tool to catch anomalous code fragments hidden in legitimate code or catch code that is hijacking normal operations on a machine. The company plans to release a full technical paper and presentation about the ASUS attack, which it has dubbed ShadowHammer, next month at its Security Analyst Summit in Singapore. In the meantime, Kaspersky has published some of the technical details on its website.

“We saw the updates come down from the Live Update ASUS server. They were trojanized, or malicious updates, and they were signed by ASUS."

The issue highlights the growing threat from so-called supply-chain attacks, where malicious software or components get installed on systems as they’re manufactured or assembled, or afterward via trusted vendor channels. Last year the US launched a supply chain task force to examine the issue after a number of supply-chain attacks were uncovered in recent years. Although most attention on supply-chain attacks focuses on the potential for malicious implants to be added to hardware or software during manufacturing, vendor software updates are an ideal way for attackers to deliver malware to systems after they’re sold, because customers trust vendor updates, especially if they’re signed with a vendor’s legitimate digital certificate.

“This attack shows that the trust model we are using based on known vendor names and validation of digital signatures cannot guarantee that you are safe from malware,” said Vitaly Kamluk, Asia-Pacific director of Kaspersky Lab’s Global Research and Analysis Team who led the research. He noted that ASUS denied to Kaspersky that its server was compromised and that the malware came from its network when the researchers contacted the company in January. But the download path for the malware samples Kaspersky collected leads directly back to the ASUS server, Kamluk said.

Motherboard sent ASUS a list of the claims made by Kaspersky in three separate emails on Thursday but has not heard back from the company.

Read more: What Is a 'Supply Chain Attack?'

But the US-based security firm Symantec confirmed the Kaspersky findings on Friday after being asked by Motherboard to see if any of its customers also received the malicious download. The company is still investigating the matter but said in a phone call that at least 13,000 computers belonging to Symantec customers were infected with the malicious software update from ASUS last year.

“We saw the updates come down from the Live Update ASUS server. They were trojanized, or malicious updates, and they were signed by ASUS,” said Liam O’Murchu, director of development for the Security Technology and Response group at Symantec.

This is not the first time attackers have used trusted software updates to infect systems. The infamous Flame spy tool, developed by some of the same attackers behind Stuxnet, was the first known attack to trick users in this way by hijacking the Microsoft Windows updating tool on machines to infect computers. Flame, discovered in 2012, was signed with an unauthorized Microsoft certificate that attackers tricked Microsoft’s system into issuing to them. The attackers in that case did not actually compromise Microsoft’s update server to deliver Flame. Instead, they were able to redirect the software update tool on the machines of targeted customers so that they contacted a malicious server the attackers controlled instead of the legitimate Microsoft update server.

Two different attacks discovered in 2017 also compromised trusted software updates. One involved the computer security cleanup tool known as CCleaner that was delivering malware to customers via a software update. More than 2 million customers received that malicious update before it was discovered. The other incident involved the infamous notPetya attack that began in Ukraine and infected machines via a malicious update to an accounting software package.

Costin Raiu, company-wide director of Kaspersky’s Global Research and Analysis Team, said the ASUS attack is different from these others. “I’d say this attack stands out from previous ones while being one level up in complexity and stealthiness. The filtering of targets in a surgical manner by their MAC addresses is one of the reasons it stayed undetected for so long. If you are not a target, the malware is virtually silent,” he told Motherboard.

But even if silent on non-targeted systems, the malware still gave the attackers a backdoor into every infected ASUS system.

Tony Sager, senior vice president at the Center for Internet Security who did defensive vulnerability analysis for the NSA for years, said the method the attackers chose to target specific computers is odd.

“Supply chain attacks are in the ‘big deal’ category and are a sign of someone who is careful about this and has done some planning,” he told Motherboard in a phone call. “But putting something out that hits tens of thousands of targets when you’re really going only after a few is really going after something with a hammer.”

Kaspersky researchers first detected the malware on a customer’s machine on January 29. After they created a signature to find the malicious update file on other customer systems, they discovered that more than 57,000 Kaspersky customers had been infected with it. That victim toll only accounts for Kaspersky customers, however. Kamluk said the real number is likely in the hundreds of thousands.

Most of the infected machines belonging to Kaspersky customers (about 18 percent) were in Russia, followed by fewer numbers in Germany and France. Only about 5 percent of infected Kaspersky customers were in the United States. Symantec’s O’Murchu said that about 15 percent of the 13,000 machines belonging to his company’s infected customers were in the U.S.

Kamluk said Kaspersky notified ASUS of the problem on January 31, and a Kaspersky employee met with ASUS in person on February 14. But he said the company has been largely unresponsive since then and has not notified ASUS customers about the issue.

The attackers used two different ASUS digital certificates to sign their malware. The first expired in mid-2018, so the attackers then switched to a second legitimate ASUS certificate to sign their malware after this.

Kamluk said ASUS continued to use one of the compromised certificates to sign its own files for at least a month after Kaspersky notified the company of the problem, though it has since stopped. But Kamluk said ASUS has still not invalidated the two compromised certificates, which means the attackers or anyone else with access to the un-expired certificate could still sign malicious files with it, and machines would view those files as legitimate ASUS files.

This wouldn't be the first time ASUS was accused of compromising the security of its customers. In 2016, the company was charged by the Federal Trade Commission with misrepresentation and unfair security practices over multiple vulnerabilities in its routers, cloud back-up storage and firmware update tool that would have allowed attackers to gain access to customer files and router log-in credentials, among other things. The FTC claimed ASUS knew about those vulnerabilities for at least a year before fixing them and notifying customers, putting nearly a million US router owners at risk of attack. ASUS settled the case by agreeing to establish and maintain a comprehensive security program that would be subject to independent audit for 20 years.

The ASUS live update tool that delivered malware to customers last year is installed at the factory on ASUS laptops and other devices. When users enable it, the tool contacts the ASUS update server periodically to see if any firmware or other software updates are available.

“They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”

The malicious file pushed to customer machines through the tool was called setup.exe, and purported to be an update to the update tool itself. It was actually a three-year-old ASUS update file from 2015 that the attackers injected with malicious code before signing it with a legitimate ASUS certificate. The attackers appear to have pushed it out to users between June and November 2018, according to Kaspersky Lab. Kamluk said the use of an old binary with a current certificate suggests the attackers had access to the server where ASUS signs its files but not the actual build server where it compiles new ones. Because the attackers used the same ASUS binary each time, it suggests they didn’t have access to the whole ASUS infrastructure, just part of the signing infrastructure, Kamluk notes. Legitimate ASUS software updates still got pushed to customers during the period the malware was being pushed out, but these legitimate updates were signed with a different certificate that used enhanced validation protection, Kamluk said, making it more difficult to spoof.

The Kaspersky researchers collected more than 200 samples of the malicious file from customer machines, which is how they discovered the attack was multi-staged and targeted.

Buried in those malicious samples were hard-coded MD5 hash values that turned out to be unique MAC addresses for network adapter cards. MD5 is an algorithm that creates a cryptographic representation or value for data that is run through the algorithm. Every network card has a unique ID or address assigned by the manufacturer of the card, and the attackers created a hash of each MAC address it was seeking before hard-coding those hashes into their malicious file, to make it more difficult to see what the malware was doing. The malware had 600 unique MAC addresses it was seeking, though the actual number of targeted customers may be larger than this. Kaspersky can only see the MAC addresses that were hard-coded into the particular malware samples found on its customers’ machines.

Image: Shutterstock

The Kaspersky researchers were able to crack most of the hashes they found to determine the MAC addresses, which helped them identify what network cards the victims had installed on their machines, but not the victims themselves. Any time the malware infected a machine, it collected the MAC address from that machine’s network card, hashed it, and compared that hash against the ones hard-coded in the malware. If it found a match to any of the 600 targeted addresses, the malware reached out to asushotfix.com, a site masquerading as a legitimate ASUS site, to fetch a second-stage backdoor that it downloaded to that system. Because only a small number of machines contacted the command-and-control server, this helped the malware stay under the radar.

“They were not trying to target as many users as possible,” said Kamluk. “They wanted to get into very specific targets and they already knew in advance their network card MAC address, which is quite interesting.”

Symantec’s O’Murchu said he’s not sure yet if any of his company’s customers were among those whose MAC addresses were on the target list and received the second-stage backdoor.

The command-and-control server that delivered the second-stage backdoor was registered May 3 last year but was shut down in November before Kaspersky discovered the attack. Because of this, the researchers were unable to obtain a copy of the second-stage backdoor pushed out to victims or identify victim machines that had contacted that server. Kaspersky believes at least one of its customers in Russia got infected with the second-stage backdoor when his machine contacted the command-and-control server on October 29 last year, but Raiu says the company doesn’t know the identity of the machine’s owner in order to contact him and investigate further.

There were early hints that a signed and malicious ASUS update was being pushed to users in June 2018, when a number of people posted comments in a Reddit forum about a suspicious ASUS alert that popped up on their machines for a “critical” update. “ASUS strongly recommends that you install these updates now,” the alert warned.

In a post titled “ASUSFourceUpdater.exe is trying to do some mystery update, but it won't say what,” a user named GreyWolfx wrote, “I got an update popup from a .exe that I had never seen before today….I’m just curious if anyone knows what this update would possibly be for?”

When he and other users clicked on their ASUS updater tool to get information about the update, the tool showed no recent updates had been issued from ASUS. But because the file was digitally signed with an ASUS certificate and because scans of the file on the VirusTotal web site indicated it was not malicious, many accepted the update as legitimate and downloaded it to their machines. VirusTotal is a site that aggregates dozens of antivirus programs; users can upload suspicious files to the site to see if any of the tools detect it as malicious.

“I uploaded the executable [to VirusTotal] and it comes back as a validly signed file without issue,” one user wrote. “The spelling of 'force' and the empty details window are indeed odd, but I noticed odd grammar errors in other ASUS software installed on this system, so it's not a smoking gun by itself,” he noted.

Kamluk and Raiu said this may not be the first time the ShadowHammer attackers have struck. They said they found similarities between the ASUS attack and ones previously conducted by a group dubbed ShadowPad by Kaspersky. ShadowPad targeted a Korean company that makes enterprise software for administering servers; the same group was also linked to the CCleaner attack. Although millions of machines were infected with the malicious CCleaner software update, only a subset of these got targeted with a second stage backdoor, similar to the ASUS victims. Notably, ASUS systems themselves were on the targeted CCleaner list.

The Kaspersky researchers believe the ShadowHammer attackers were behind the ShadowPad and CCleaner attacks and obtained access to the ASUS servers through the latter attack.

“ASUS was one of the primary targets of the CCleaner attack,” Raiu said. “One of the possibilities we are taking into account is that’s how they intially got into the ASUS network and then later through persistence they managed to leverage the access … to launch the ASUS attack.”

Listen to CYBER, Motherboard’s new weekly podcast about hacking and cybersecurity.

Let's block ads! (Why?)

This posting includes an audio/video/photo media file: Download Now