Technology - Google News

---

Amazon and Google smart speakers can eavesdrop and phish owners; HomePod safe - 9to5Mac Posted: 21 Oct 2019 04:56 AM PDT We've known since the spring of last year that Amazon Alexa and Google Home smart speakers can eavesdrop on owners, and even phish them via voice. However, new research shows that new malicious apps with these capabilities continue to be approved by both companies. The two vulnerabilities, demonstrated in videos below, occur because both companies make their speakers smarter by allowing third-party developers to create apps or "skills" for them. Apple's HomePod is safe because the company doesn't allow this type of third-party access… NordVPN ZDNet reports on the latest examples. Both Amazon and Google have deployed countermeasures every time, yet newer ways to exploit smart assistants have continued to surface. The latest ones were disclosed today, after being identified earlier this year by Luise Frerichs and Fabian Bräunlein, two security researchers at Security Research Labs (SRLabs), who shared their findings with ZDNet last week. Both the phishing and eavesdropping vectors are exploitable via the backend that Amazon and Google provide to developers of Alexa or Google Home custom apps. These backends provide access to functions that developers can use to customize the commands to which a smart assistant responds, and the way the assistant replies. The way third-party apps should work is that the microphones are active for only a short time after the smart speaker asks the user a question. For example, if I tell Alexa to ask my supermarket app to add something to the basket, the app will check my order history for the exact product details, then Alexa will tell me what it found and ask me to confirm that's what I want. It will then activate the Echo Dot's microphone for a short time while it waits for me to say yes or no. If I don't reply within a few seconds, the microphone is switched off again. However, malicious apps can leave the microphone activated — and recording what it hears — for much longer. It's achieved by using a special string that creates a lengthy pause after a question or confirmation, the mic remaining on during this time. The "�. " string can also be used […] for eavesdropping attacks. However, this time, the character sequence is used after the malicious app has responded to a user's command. The character sequence is used to keep the device active and record a user's conversation, which is recorded in logs, and sent to an attacker's server for processing. In that way, smart speakers can eavesdrop on anything said while the mic is still on. Alternatively, the long pause can be used to make an owner think they are no longer interacting with the app. At that point, a phishing attempt can be made. The idea is to tell the user that an app has failed, insert the "�. " to induce a long pause, and then prompt the user with the phishing message after a few minutes, tricking the target into believing the phishing message has nothing to do with the previous app with which they just interacted. For example, in the videos below, a horoscope app triggers an error, but then remains active, and eventually asks the user for their Amazon/Google password while faking an update message from Amazon/Google itself. This type of attack would not be possible on HomePod because the only way a third-party app can interact with Siri is via Apple's own APIs. Apps have no direct access. Check out the demo videos below. Let's block ads! (Why?) This posting includes an audio/video/photo media file: Download Now

Surface Pro 7 review: USB-C upgrade, battery downgrade - Engadget Posted: 21 Oct 2019 06:00 AM PDT The Surface Pro line hasn't changed much over the years. Each new generation brought incremental spec bumps and slight design changes. And this time around is pretty much the same. Microsoft is giving us newer processors, improved microphones and some Surface Pen software updates. Most important of all, though, there is now a USB-C port. At last! But when the biggest update here is the new socket, you need to ask yourself whether the Surface Pro 7 is still an option worth considering. Gallery: Surface Pro 7 review | 24 Photos 24 +20 Engadget Score Poor Uninspiring Good Excellent Key Microsoft Surface Pro 7 82 Pros New USB-C port Powerful performance Best keyboard cover for a tablet Solid build Cons Poor battery life compared to predecessor Outdated design Summary The Surface Pro 7 is pretty much the same as the Surface Pro 6, with one important difference: USB-C. You'll also get improved performance and microphones, but at the expense of battery life. The Pro 7 is a good hybrid PC, especially for those who've been waiting for the new port, but it's otherwise not worth spending $750 to upgrade. Be the first to review the Surface Pro 7? Your ratings help us make the buyer's guide better for everyone. Write a review Surface Pro 7 Get more info Get more info 82 Scores Engadget 82   Critic Not yet scored   Users Not yet scored   Your rating Your comments (optional) Login to submit a review! Design and display If you've seen a recent Surface Pro, you've seen them all. Frankly, if not for the USB-C slot on the side, I wouldn't be able to tell the Surface Pro 7 and its predecessor apart. The two look nearly identical and have the same dimensions. Also, now that I've seen the Pro X, I'm a little tired of the Pro 7's chunky bezels. If you've never seen a Surface Pro, though, you'll probably appreciate its sturdy frame and well-built kickstand. It looks a little dated compared to other 2-in-1s like the Galaxy Tab S6 and the iPad Pro, but it's still functional. The trouble is, functional might no longer cut it. The whole point of the Surface Pro series is that these are basically notebooks squeezed into the bodies of tablets. Microsoft markets it as a "versatile and lightweight convertible laptop." But laptops continue to get thinner and lighter -- just look at the Dell XPS 13 2-in-1 and HP's "lighter-than-air" Elite Dragonfly. While there may be fewer tablets running Windows that can compete against the Surface Pro, Microsoft also has to pay attention to ultraportable devices like the Galaxy Book S or even the just-announced Pixelbook Go. They run different operating systems or use weaker processors, perhaps, but target the same constantly traveling professional that the Surface Pro does. Plus, they generally have slimmer bezels than the chunky black bars surrounding the Pro 7's display. Speaking of, the 12.3-inch PixelSense screen here is the same as before. It still runs at a 2,736 x 1,824 resolution with a 3:2 ratio, and episodes of The Good Place looked crisp and colorful on it while I was taking breaks from writing this review. Keyboard cover The Surface Pro's Type Cover is the same as before. It's still covered in the luxe Alcantara fabric and will still cost you an extra $160, but pounding out my review on it was a breeze. As before, the individual keys here have ample travel and springy feedback and the entire layout is well-spaced. No buttons here are undersized or out of reach, so I could type accurately and quickly. If I really had to pick on the cover, I'd say it feels a little hollow and is somewhat noisy. I'd also like a bigger trackpad. But those are minor complaints, and this remains without a doubt the best keyboard cover I've used. It's the ThinkPad of made-for-tablet keyboard folios. USB-C What I'm most excited about on the Surface Pro 7 is its new USB-C port. It replaces the mini Displayport from older models, which honestly, good riddance. I never used it, and USB-C is far more versatile. You can do so much more with it. Connect a pair of headphones? Check. Charge the device? Check. You can even connect a USB-C hub and plug in even more peripherals. For someone like me, who uses USB-C to charge her laptop and smartphone, this is a big deal. I have a USB-C charger both at home and in the office, so I no longer have to lug around an extra cable for the Pro 7's Surface Connect charger. I can also use the tablet when I'm at keynotes or covering conventions more easily now, since I can connect a USB-C card reader or ethernet adaptor. Of course, I could also do this with the USB-A port, but I've now got an additional option to link more things to the Surface Pro 7 at the same time. Improved microphones Another small update that Microsoft made to the Pro 7 is giving it enhanced dual far-field studio mics. This is meant to make it easier for the device to hear your Cortana requests and keep your voice crisp and clear on conference calls. The digital assistant was able to correctly interpret my requests for translations, the time in other countries and the weather in various neighborhoods. I also used the Pro 7 to record an interview and could hear everything clearly. Surface Pen updates There are some new Surface Pen features that make it easier to edit documents and spreadsheets, too. When you scrawl into an Excel sheet or a Word doc, Microsoft can recognize not just what you're writing, but also how you might be editing a piece. For example, when you're using a regular pen to edit an essay, you might draw a line through words to strike them out. Or you might use a caret sign to indicate that something needs to be inserted. Using these actions will now work in Word as well, though you must first enable "Ink Editor" mode. The new gestures function most of the time, though they weren't always accurate. I'd draw a diagonal line across two and a half words and only the last word would be deleted. You need to be quite precise, drawing a straight horizontal line across all the words you want removing. If I didn't have a keyboard connected, this would be a useful method to edit documents in a pinch. But using the keyboard was almost always an easier, more accurate means to make changes. Performance and battery life Microsoft may not have made many major improvements to the Surface Pro, but the machines have consistently delivered excellent performance. I watched The Good Place on Hulu while writing a review, editing photos, running benchmarks, messaging my friends, playing Overcooked and shouting into the void on Twitter, and the Pro 7 never so much as hiccuped. My unit has a tenth-generation Intel Core i5 processor and 8GB of RAM, and it predictably outperformed last year's Pro 6 with a ninth-gen Core i5 CPU on pretty much all of the benchmarks we ran. It fell short of the Dell XPS 13 2-in-1, though. PCMark 7 PCMark 8 (Creative Accelerated) 3DMark (Sky Diver) ATTO (top reads/writes) Surface Pro 7 (Core i5-1035G4, Iris Pro) 7,365 4,434 4,447 1.79 GB/s / 750 MB/s Surface Pro 6 (Core i5-8250U, Intel UHD 620) 5,981 4,400 4,678 1.5 GB/s / 660 MB/s Dell XPS 13 2-in-1 (2019, Core i7-1065G7, Iris Plus) 7,795 5,668 N/A 2.2 GB/s / 1.1 GB/s Huawei MateBook 13 (2019, Core i7-8565U, NVIDIA MX150) 5,853 5,492 9,392 2.9 GB/s / 2.38 GB/s The Pro 7's Intel Iris Pro graphics chip is better than the Pro 6's UHD 620 card, but it isn't meant for heavy gaming, so don't expect to be killing it at Call Of Duty here. If you're just looking to play something lightweight, like Overcooked, you'll be fine. Where the new Surface Pro fails to measure up to its predecessor is battery life. On our standard test, the Surface Pro 7 barely lasted eight hours, while the Pro 6 and other tablet-hybrids clocked more than 15 hours. Microsoft did give a lower battery estimate of 10 hours for the Pro 7 compared to the 13 hours it offered for the older model, so this isn't a huge shock. It does seem like a major compromise, though. Battery life Surface Pro 7 7:50 Surface Pro 6 15:34 Dell XPS 13 2-in-1 (2019) 14:25 Huawei MateBook 13 9:02 Apple MacBook Air (2018) 12:35 Wrap-up The Surface Pro 7 ultimately is fine... I guess. It doesn't inspire any excitement. Yes, I was stoked for the introduction of USB-C, but I'm also disappointed it didn't come sooner. The loss in battery life from the previous model is also a major con. It's nice, though, that Microsoft is offering the Pro 7 at a cheaper starting price ($749) than before, albeit with lower-end specs to match. The Pro 6's base model cost $899, and came with a Core i5 chipset and 8GB of RAM, compared to the Pro 7's Core i3 CPU and 4GB of RAM at the entry level. As laptops get smaller, thinner and lighter, the Surface Pro line runs the risk of quickly becoming outdated. With the new Surface Pro X, Microsoft might be able to keep the competition at bay -- that thing is about as thin and light as many devices launched this year. But the Pro X runs Windows on ARM, which has serious limitations. In spite of its lackluster battery life, the Surface Pro series is still the best hybrid PC in the market, especially since there are so few competing Windows tablets nowadays. But Microsoft's competition may come from increasingly thin-and-light laptops, rather than tablets that want to be notebooks. If you're looking for something that's specifically a tablet first and occasionally doubles as a PC, the Surface Pro 7 is worth considering. Anyone that wants a thin-and-light machine to get work done on the go will find there are many ultraportable laptops available that will better meet those needs. In this article: gadgetry, gadgets, gear, microsoft, personal computing, personalcomputing, review, Surface Pro, surface pro 7, windows All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. Comments Share Tweet Share Let's block ads! (Why?)

You are subscribed to email updates from Technology - Latest - Google News. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States