Adobe Releases Emergency Update to Fix Flash Ransomware Exploits

Adobe’s flash plugin has rapidly become extremely unpopular with web users due to its buggy nature and propensity to make browsers hang. As a result, HTML5 is the modern standard for viewing video content or animations which has made Adobe’s flash superfluous. Despite this, Flash can still be used to display adverts or video streams via certain services. The plugin’s reputation is abysmal and various companies including Google have snubbed Flash in recent months. On Thursday, Adobe released an emergency update after researchers discovered an exploit could deliver ransomware to PCs.

The company implored users to install this update as a matter of urgency because ‘drive-by’ attacks were causing havoc. Respected security software maker, Trend Micro warned Adobe about this phenomenon known as ‘Cerber’ in March. This particularly nasty form of ransomware employs a ‘voice tactic’ which reads a ransom note to create a sense of panic. Unfortunately, Adobe’s response wasn’t that swift if the reports regarding Trend Micro’s warnings are correct. This isn’t going to do Flash’s reputation any favours and I can’t see it being used for much longer in consumer applications. The majority of users required Flash to watch YouTube content. Thankfully, this isn’t the case any more and Google automatically sets to plugin to HTML5.

The most important thing to remember from this story is to either uninstall Flash altogether or update to the latest version. Ransomware can be extremely worrying for users who aren’t familiar with how PCs operate and it’s imperative for company’s to stamp out any exploits. I do feel the future of Adobe Flash looks very bleak and I can’t imagine many people are going to miss using it. HTML5 is better for consumers in every possible way and an evolution of better software.

What kind of experience have you encountered using Adobe Flash?

Plextor Announces M7V Value SSD Range

Solid state drives have progressed at an extraordinary pace during the last few years and the latest NVMe products are capable of read speeds well beyond 2000MB/s. In comparison, the traditional SATA interface has a theoretical limit of 6Gb/s and offers significantly lower numbers than extreme M.2 drives. This is evident by the price differences between fairly affordable SATA SSDs and extreme grade NVMe products. Even though SATA drives with capacities up to 500GB can be relatively cheap, it’s still a significantly greater price to capacity ratio when compared to mechanical hard disks.

As a result, enthusiasts often purchase a 250-500GB SSD as a boot drive and mechanical disk for mass storage purposes. This exemplifies the fact that it’s going to be a while before high-capacity solid state drives become the norm and supersede mechanical alternatives. Furthermore, user data demands are increasing at a rapid rate due to 4K video and complex games. Despite this, Plextor is trying to offer more affordable options and decided to launch the M7V range. The drives are available in either an M.2 or 2.5-inch form factor and utilize the SATA3 interface. Plextor will launch 128GB, 256GB, and 512GB products which all use a Marvell 88SS1074B1 processor, wired to Toshiba 15 nm TLC NAND flash memory, and DDR3 DRAM caches of 256 MB, 512 MB, and 768 MB, respectively.

The 512GB M.2 variant features a higher 1GB DRAM cache and each model offers impressive transfer rates. More specifically, each model can achieve sequential reads up to 560MB/s and a maximum write of 500MB/s, 530MB/s and 530MB/s across each capacity. Depending on the capacity, you get a manufacturer rated TBW tolerance of 80 TB, 160 TB, or 320 TB.

Despite the budget focus, Plextor didn’t provide any details about the M7V’s pricing. Although, I expect this information to be revealed soon once it hits retail channels.

Lexar 512GB Portable SSD D512 USB 3.0 Solid State Drive Review

Introduction


Today we are taking a closer look at fast external storage, more specifically Lexar’s newest portable SSD called the D512. Lexar also offers the drive in a smaller D256 version with 256GB capacity, but I have the pleasure to have to big 512GB model on the test bench today.

Right away we see that we have a small and compact drive which is perfect for a portable unit. On top of that, it is also a very light drive that you barely will notice when you have it packed next to the rest of your items. So we have a strong portable drive right of the start, but what about the performance. Performance has to match and that’s where a portable SSD shines over a flash drive. Both types of drives use NAND technology, but other than that there are big differences.

Lexar’s portable SSD is capable of sequential transfer speeds up to 450MB/s when reading and 245MB/s writing which is pretty nice for a portable storage solution that is as small and light as the D512. The is no official rating for random performance, but we’ll naturally have a look at that once we get the benchmarks rolling.

The tiny D512 provides plenty of space for you while you are on the go and travel about. Whether you want to take along you movie collect, music library, and photos, you’re covered with plenty of storage. It is also an optimal drive to unload all your vacation photos onto from memory cards and portable capture devices.

One of the unique things that come with the D512 is the capacity meter on the front. The first five LEDs act as such and will light up as the drive gets filled with data. This allows you an instant view on the drive fillage as soon as you plug it into your system. The second unique feature works in conjunction with Lexar’s other Workflow products. The new portable SSD uses the same form factor and connector which makes it compatible with the Workflow drive hubs. Just plug the drive in and you are good to go. I love the Workflow system so much and use it almost every day for my work here at eTeknix.

The drive is also highly compatible when it comes to volume setup as it supports both NTFS, FAT32, and exFAT. On its own, the drive is fully plug-and-play and doesn’t require any drivers or tools of any sort. This naturally originates from USB standard that is plug-and-play by definition.

Lexar is part of the Micron Group which also means that the drive is equipped with some of the best NAND flash on the market and that has undergone high-grade quality checks before assembly.

Feature Highlights

  • SSD-level performance — up to 450MB/s read and 245MB/s write speeds
  • Sleek and compact design
  • Available in 256GB and 512GB capacity options
  • LED capacity meter displays available storage space
  • Great for use with Lexar Professional Workflow line products
  • Two-year limited warranty

Package and Accessories

Lexar packed the 512GB Portable SSD in a neat white box that shows the drive’s look and basic specifications on the top.

The bottom of the box also has the system requirements, which is a USB port, as well as the basic specification again, but in several languages.

Inside the box, you will find the portable SSD itself as well as a USB 3.0 cable.

Both sides of the drive are covered with a protective plastic film to make sure it arrives scratch-free in your hands. It also gives you that little bit of joy it is to remove the film from your brand new device.

Adobe Issues Patch For Code-Execution Bug

Flash has long been at the heart of a debate over usability and security. The media player has long been used for everything from Youtube to online games, but it has often by problems with even the fixes containing problems. As a result, people are being told to avoid using the tool and instead using HTML 5, seems like we have yet another reason to listen given the latest patch to try to fix a code-execution bug.

By code-execution bug, we mean that it would be possible to execute code remotely, meaning they could quickly perform actions without your knowledge or say. This exploit is a rather large one, enabling a whole host of problems from the get go rather than others with specific purposes or problems.

The zero-day vulnerability was found by Anton Ivanov, a member of Kaspersky Lab, and was credit as such. Kaspersky Lab researchers have been observing the vulnerability and had seen it used in “a very limited number of targeted attacks”.

With so many vulnerabilities, it comes as no surprise that people are trying to steer away from using Flash. We recommend that if you don’t actively use the tool you remove it from your system, something that could only improve your security given flash’s checkered past. If you do use Flash, then we recommend that you update it now and make sure that you keep checking for security patches.

Google is Dropping Flash Display Adverts

Adobe’s Flash is commonly used stream video content on various services including YouTube, DailyMotion and more! However, the software plugin has a fairly terrible reputation for being unstable, and causing web browsers to freeze. As a result, websites began to slowly move towards HTML5 integration which provides a better user-experience. Today, Google AdWords released a statement regarding the future of flash adverts which reads:

“Over the last few years, we’ve rolled out tools to encourage advertisers to use HTML5, so you can reach the widest possible audience across screens (http://goo.gl/nWHctK). To enhance the browsing experience for more people on more devices, the Google Display Network and DoubleClick Digital Marketing are now going 100% HTML5:

– Starting June 30th, 2016, display ads built in Flash can no longer be uploaded into AdWords and DoubleClick Digital Marketing.
– Starting January 2nd, 2017, display ads in the Flash format can no longer run on the Google Display Network or through DoubleClick.

It’s important to update your display ads^ to HTML5 before these dates.

AdWords advertisers who currently use Flash ads in their campaigns have several easy ways to ensure your creative can continue to show on the Google Display Network. Read more here: https://goo.gl/ZBq5DR

^Video ads built in Flash will not be impacted at this time.”

As you can see, Google is really increasing its stance to push HTML5 as the industry standard and making Flash obsolete. This is inevitable and only a matter of time because of the way consumers perceive Flash. It’s no longer acceptable to deal with bugs, crashing and a sub-par plugin on modern browsers. I highly doubt anyone is going to be overly concerned if Flash is completely disposed of and HTML5 is already used as the default format on various websites including YouTube.

Have you experienced problems using Adobe’s Flash?

Image courtesy of Mashable.

ASUS Announces Travelair AC Pocket-Sized Wireless Flash Drive

ASUS has created a few products out of their norm lately and I think it’s nice to see them breaching into new product categories, especially when they create things that aren’t all that common yet. The newest product to be announced is the Travelair AC which is a pocket-sized wireless flash drive.

The ASUS Travelair AC features 802.11ac wireless network connectivity which easily is 3 times faster than the legacy 2.4GHz band that a lot of such devices operate on. The faster wireless connection doesn’t just provide better copy and streaming speeds, it also allows your devices to stay on a single network for less hassle.

Basic 2.4 GHz and 5GHz wireless connectivity is just one of the features in ASUS new portable flash drive as it also feature NFC technology for instant connection to NFC-enabled mobile devices for an even easier setup. The Travelair AC features 32GB built-in memory which in itself isn’t much, but it can be easily expanded through the built-in SD card reader.

The flash drive also features a micro USB connector for a wired connection to non-wifi devices as well as to charge the built-in 3000 mAh battery.

ASUS added a dual wireless functionality to the Travelair AC, so you won’t lose your internet connection when using this wireless flash drive. You simply connect the Travelair AC to your router and any device that connects to the drive will also automatically get the signal forwarding to your internet connection. Naturally this support also includes WPA2 security for secure connections both ways

The ASUS AiDrive app for Android, iOS, and Kindle devices allows for easy setup and connection, but the drive is also compatible with Windows and Mac OS devices. The built-in battery should provide up to 10 hours of multimedia content streaming to Wi-Fi-enabled devices per charge which should be enough for even the longest trips.

Pricing and availability of the ASUS Travelair AC are yet to be announced.

Specifications

  • Wi-Fi standards: IEEE 802.11b/g/n/ac 2.4GHz & 5GHz
  • Storage capacity: 32GB
  • Connectivity: Wi-Fi, Micro USB, NFC
  • OS Compatibility: iOS 7 or higher, AndroidTM 4.0 or higher, Kindle Fire HD and HDX, Windows 10, Windows 8, Windows 7, Mac OS X 10.6 or higher
  • Battery: 3000mAh
  • Colors: White
  • Size: 86 x 86 x 21mm
  • Weight: 120g

Oracle is Killing Off Java

Outdated browser plugin Java is finally being pulled, Oracle has announced. Java will be slowly phased out, beginning with a deprecation of the plugin starting with JDK 9. The advent of HTML5 means that buggy and insecure browser plugins, such as Flash and Java, are no longer required, with Google Chrome already suspending use of Java last year. Adobe has made a similar move, rebranding Flash and shifting toward HTML5.

“By late 2015, many browser vendors have either removed or announced timelines for the removal of standards based plugin support, eliminating the ability to embed Flash, Silverlight, Java and other plugin based technologies,” Oracle’s announcement on its blog reads. “With modern browser vendors working to restrict and reduce plugin support in their products, developers of applications that rely on the Java browser plugin need to consider alternative options such as migrating from Java Applets (which rely on a browser plugin) to the plugin-free Java Web Start technology.”

“Oracle plans to deprecate the Java browser plugin in JDK 9. This technology will be removed from the Oracle JDK and JRE in a future Java SE release,” the post continues. “Early Access releases of JDK 9 are available for download and testing at http://jdk9.java.net. More background and information about different migration options can be found in this short whitepaper from Oracle.”

Lexar Releases A Bunch of New Flash Products

Lexar released a bunch of new flash-based products and we naturally also want to update you on these. While HDDs are the go-to medium for NAS and SSDs for the PC systems, we shouldn’t forget about our portable storage and mobile devices.

The drive pictured above is the first of Lexar’s new flash drives and it is actually an SSD, just an external one. We have previously reviewed Lexar’s Professional Workflow SSD in the same form factor and that is compatible with the Workflow drive dock system, and this new Lexar Portable SSD is compatible to that system too despite not being from the Professional Workflow series.

The compact and durable drive reads with up to 450MB/s and writes with up to 245MB/s, making it quick and easy to take your files on the go. The LEDs on the front work as capacity meter and the drive is available as 256GB and 512GB models. Since it’s a full-fledged SSD, the drive supports NTFS, FAT, and exxFAT without any trouble. The Lexar Portable SSD will be available in Q1 2016 with MSRPs of £120.99 (256GB) and £200.99 (512GB), a more than fair price.

The second new Lexar product is the 1800x microSD card with impressive speeds that hold up to even the most demanding tasks. The Lexar 1800x is available as 32GB, 64GB, and 128GB models and it leverages Ultra High Speed II (U3 technology) to provide you with the best experience. The card is capable of speeds up to 270MB/s read speeds and is designed for high-speed capture of extended lengths of 4K, 3D, and 1080p full-HD video and high-quality images.

Lexar’s Professional 1800x microSD UHS-II cards are already available with an MSRP of £65.99 (32GB), £109.99 (64GB), and £219.99 (128GB).

The next new Lexar product is quite ingenious. Whether you’ll want to call it a 3-in-1 drive or an Apple Lightning charging cable with built-in flash storage, you’d be right. The JumpDrive C20i is all that and also a USB 3.0 flash drive at the same time, completing the 3-in-1 scenario. The drive can read with up to 95 MB/s and write with up to 20 MB/s for easy expansion of your iPhone or iPad memory. The new JumpDrive C20i flash drive will be available in Q1 of 2016 and have MSRPs of £28.99 (16GB), £39.99 (32GB), £56.99 (64GB), and £79.99 (128GB).

The last new Lexar drive is a little more traditional and it is called the JumpDrive S45. The tiny nano-styled drive is designed for a plug-and-stay setup with its low profile. It is capable of speeds up to 150MB/s reading and 45MB/s writing and be available in capacities up to 128GB. An impressive capacity for a nano-drive. Depending on the capacity, the JumpDrive S45 comes in different colours: Orange, Blue, Teal, and black. Along with the JumpDrive S45, you also get the EncryptStick Lite software for 256-bit AES encryption of your content. The flash drive has MSRPs of £7.99 (16GB), £10.99 (32GB), £18.99 (64GB), and £28.99 (128GB) and will be available in Q1 2016.

Which Companies Had The Most Security Vulnerabilities In 2015?

Cyber security is a hot topic and the rise of attacks which looks to exploit security flaws within a company’s software is becoming increasingly commonplace within the tech world. CVE Details have thus released its rundown of the most security vulnerabilities in a variety of software products for 2015 and it contains a top five that includes Mac OS X, iOS, Flash, Adobe Air and Air SDK.

Below is an image which details the number of vulnerabilities per software product, as you can see, the reports suggest that Mac OSX had a reported total of 384 vulnerabilities with IOS just slightly behind on 375, Adobe Flash player makes up the top 3 with 314 that have been officially disclosed. There is, however, one or two caveats behind these stats, for example, CVE Details Lists every version of Mac OSX as one entry, while the many multiple editions of Windows are listed separately, this means that while OSX is at the top, if you look down you will see Windows has a higher count of vulnerabilities when you take into account versions from Windows 8.1 all the way back to Vista etc.

The second image of the bar graph also conveys the vulnerabilities of the top 50 products by vendor, as you can see, Microsoft edges out Adobe while Apple is third.

In 2014 the list of the top five were IE browser, Mac OS X, Linux Kernel, Chrome and iOS, it is also worth noting that not every software company has the same policy when it comes to disclosing security vulnerabilities within their software. 

Image courtesy of businesscomputingworld

How Bad Are Adobe Flash Bug Repair Stats?

It’s safe to say Adobe flash did not have the best of years, from crashes, hacks, crashes, vulnerabilities and, yes more crashes, many in the industry doubt whether this will be the year Adobe finally pulls the plug. It seems the ill-fated Flash player is constantly being fixed, but, how often does it need to be patched from the many bugs?

Well, it turns out it’s quite a lot if you take into account official data on the subject, according to the information, “Adobe have repaired Flash Player 2015 a total of 316 Bugs”. This works out at almost 1 bug a day, or to be more precise; Adobe has fixed 1 bug every 1.15 days. Prominent industry figures have been somewhat sarcastic to the point whereby they have suggested Adobe is able to only rest on a “Sunday” before continuing to fix Flash again and again.

To place this into perspective, Adobe fixed 12 bugs in Flash on average per month in 2014, worse still, “the fourth quarter of 2015 saw the repair scale reach up to 113 bugs” Oh, there is more, recently Microsoft found that Flash crashed almost any browser on Windows 10 after conflicting security patches were pushed to users.

The implementation of Flash on many websites is also declining, once it used to be the standard, but stats have shown that in 2010, 28.5% of websites used Flash, today it is less than 10%.

Will Flash make it through 2016?  Not on this evidence.

Add to Anti-Banner

Adobe Renames Flash and Shifts Emphasis to HTML5

Adobe has unveiled its new 2016 Creative Cloud package, bringing with it the end of Flash, but in name only. From now on, Flash – now notorious for its regular security holes and exploits – will be known as Adobe Animate CC, with Adobe making a noticeable shift toward HTLM5.

“For nearly two decades, Flash Professional has been the standard for producing rich animations on the web,” Adobe writes on its announcement blog post. “Because of the emergence of HTML5 and demand for animations that leverage web standards, we completely rewrote the tool over the past few years to incorporate native HTML5 Canvas and WebGL support. To more accurately represent its position as the premier animation tool for the web and beyond, Flash Professional will be renamed Adobe Animate CC, starting with the next release in early 2016.”

While Adobe insists that the newly-branded Animate CC will remain a “first-class citizen” as a content platform, along with Adobe Air, the company is pushing the HTML5 capabilities of its latest iteration.

“Today, over a third of all content created in Flash Professional today uses HTML5,” Adobe adds, “reaching over one billion devices worldwide. It has also been recognized as an HTML5 ad solution that complies with the latest Interactive Advertising Bureau (IAB) standards, and is widely used in the cartoon industry by powerhouse studios like Nickelodeon and Titmouse Inc.”

YouTube has already abandoned Flash in favour of HTLM5 as its default video format, while sites such as Amazon have banned Flash adverts on its sites.

PageFair Breach Infects Windows PCs with Trjoan Flash Installers

PageFair, a service designed to “help websites survive the rise of adblock”, has been compromised, causing websites using its software to spread malicious Trojan Flash installers the PCs of visiting users. The company, which believes that “the rise of adblocking is now leading to the death of quality free websites”, admitted in a blog post that its Content Distribution Network (CDN) services account, used to serve its analytics JavaScript tag, had been compromised by hackers. The CDN was modified to distribute a Trojan botnet in the form of a fake Adobe Flash update for Windows.

Sean Blanchfield, CEO of PageFair, revealed in a blog post the attack took place on 31st October, was seemingly designed to target PageFair specifically, and lasted for just over 80 minutes.

“For 83 minutes last night,” the post reads, “the PageFair analytics service was compromised by hackers, who succeeded in getting malicious javascript to execute on websites via our service, which prompted some visitors to these websites to download an executable file. I am very sorry that this occurred and would like to assure you that it is no longer happening.”

While PageFair is taking its share of responsibility for the attack, Ben Hartnett, VP of EMEA at security firm RiskIQ, thinks that it merely demonstrates how sophisticated hackers are becoming.

“We all know that hackers are getting smarter about how they distribute malware. The latest attack on PageFair shows how hackers are now actively targeting third-party components in a bid to reach a much larger number of victims,” Hartnett told The Inquirer. “By compromising PageFair’s analytics service, hackers were able to distribute malicious code to visitors of any website using this service. With organisations increasingly relying on their online presence to engage with customers, this style of attack is only going to increase, especially with organisations adopting more third party components to stay ahead of the competition.”

How to Flash a BIOS: Graphics Card and Motherboard Edition

Introduction


Flashing a BIOS can seem a daunting process and in some cases, it really is. You have the potential at any moment to completely break the component thanks to any number of causes from power cuts to accidental premature turn off; although the latter only normally happens if your computer is connected to a plug and someone else wants it.

So why are we required to flash the BIOS? Well firstly is system stability, in recent weeks we have seen the release of new graphics cards and motherboards and while the out of the box stability is great, things can only get better. While in the manufacturers testing facilities, they can only test so much. When testing motherboards, there are so many different types of RAM, Processor, Hard Drive, Graphics Card, etc… options available, that the manufacturer would have millions of different possibilities to test; taking up much-needed time. If you think of game testing, there is in-house, Alpha and Beta tests, consider that the early weeks after the launch is the Beta testing period where most of the issues are fixed, but there may still be some remaining.

Secondly, performance. We all want the maximum performance and while when the product is first released it roughly lands within expectations, after weeks or months of consumer testing; there could be a new stable performance level which could be permanently saved through the BIOS. This part impacts both graphics cards and motherboards, so periodically checking for updates could unleash a decent amount of performance.

Updating your BIOS can bring good and bad experiences, if you are updating to a Beta BIOS, you may experience some issues such as instability or even incompatibility with some external hardware; though that is extremely unlikely. Worst case scenario is a power cut or early removal of the flash drive and the BIOS breaks through corrupt file saving. On some motherboards and graphics cards, this can be rectified through a dual BIOS system that can repair the broken BIOS.

Fully Patched Adobe Flash Hit by New Zero-Day Update

Just as day follows night, and just as UbiSoft thinks up new and amazing game elements to strip away and charge microtransactions for, another zero-day exploit has been discovered for Adobe Flash. But this isn’t any old zero-day exploit, it’s an exploit found in the fully patched version of Flash.

The vulnerability, discovered by Trend Micro yesterday, allows attackers to secretly install malware on computers that carry Flash versions 19.0.0.185 and 19.0.0.207, and possibly earlier versions, too. Attacks exploiting the vulnerability have so far only targeted government agencies, undertaken as part of cyber-espionage initiative Operation Pawn Storm. The researchers from Trend Micro wrote:

In this most recent campaign of Pawn Storm, several Ministries of Foreign Affairs received spear phishing e-mails. These contain links to sites that supposedly contain information about current events, but in reality, these URLs hosted the exploit. In this wave of attacks, the emails were about the following topics:

“Suicide car bomb targets NATO troop convoy Kabul”

“Syrian troops make gains as Putin defends air strikes”

“Israel launches airstrikes on targets in Gaza”

“Russia warns of response to reported US nuke buildup in Turkey, Europe”

“US military reports 75 US-trained rebels return Syria”

It’s worth noting that the URLs hosting the new Flash zero-day exploit are similar to the URLs seen in attacks that targeted North Atlantic Treaty Organization (NATO) members and the White House in April this year.

Operation Pawn Storm has hit a number of foreign agencies over the last few months, including politicians and journalists in Russia and iOS devices used by Western governments and news outlets.

Oh, and don’t use Flash.

Thank you Ars Technica for providing us with this information.

Image courtesy of Wikimedia.

The BBC Implements HTML5 to iPlayer

I think we can all say that Adobe Flash Player is very much being knocked to its knees in recent months, from endless, and I do mean endless, vulnerabilities which put countless users at risk to the annoying aspect of running a plug-in which enjoys crashing and breaking functionality on a regular basis. Well, now the BBC has also seen the light and are implementing the HTML 5 web standard language within its BBC iPlayer service.

The move is seen as progress and an update which modernizes the service and security aspect of the site. The BBC state that it is “now confident [it could] achieve the playback quality you’d expect from the BBC without using a third-party plug-in such as Flash player”. Users have also been invited to visit a BBC site where they can set a cookie in their browsers that will allow them to access the HTML5 player when they visit iPlayer in future. However, the Flash version will remain available.

Security analysts have responded positivity to the news but have also confirmed that Adobe Flash still has a role; this has been echoed by security expert Chris Green, who says “The industry has moved on from trying to shoehorn one thing in, whether that is Flash or Microsoft’s Silverlight. It continues to be very effective in delivering rich content into web pages.”  

The BBC is testing the new more improved player on a range of browsers, these include Firefox 41, Safari on iOS 5 and above, Opera 32, Internet Explorer 11 (Good luck with that piece of, let’s say junk, as this is a family site) and Microsoft Edge on Windows 10 (Good luck with that piece of, to be fair I have not as yet tried edge but anything with the words browser and Microsoft in the title concerns me) and Blackberry OS 10.3.1 The BBC added that it was also going to “move away from the BBC Media Player app on Android devices” with users invited to join a limited beta test

HTML 5 is considered the standard in content delivery and the BBC are implementing this with the aim of modernizing the service, it will be interesting to see how it works and also how rapid the decline of Flash will be in the coming months and years. It is worth noting that Flash is used by Amazon and Hulu among others, which is positive for them, it’s just frustrating for consumers who have to put up with a range of exploits which make services insecure.

Thank you bbc for providing us with this information.

Image courtesy of plus.google

Chrome to Block Flash Ads from 1st September

Google has confirmed that from 1st September onwards, its Chrome internet browser will “begin pausing many Flash ads by default”. Though the announcement, made through the AdWord Google+ page, claims that the measure is being taken “to improve performance for users”, but it coincides with a raft of security concerns and zero-day vulnerabilities regularly reported within Adobe Flash.

The most recent Flash exploit, discovered in July, allowed hackers remote access to computers to execute malicious code. Soon after, Flash was blocked by Mozilla’s Firefox browser and by the beta version of Chrome. Google’s Tommi Li announced that the move was initiated to save laptop battery life, which seems farfetched.

YouTube has already transitioned from Flash to HTML5 to display its videos, with game streaming site Twitch following suit, while Amazon is also banning Flash ads on its domains from the start of next month. Apple has never allowed Flash on its mobile devices, citing its security holes as a rick to users, while Android removed Flash support three years ago for similar reasons.

Though the more advanced and secure HTML5 is slowly taking over – Google has even converted a number of its AdWords Flash ads into HTML5 – Flash ads still dominate the market. A report from Sizmek shows that advertisers delivered over 5.35 billion Flash ads during the first quarter of 2015, versus 4.25 billion HTML5 ads.

Thank you Ars Technica for providing us with this information.

SK Hynix Earmarks $26 Billion for Capacity Expansion

With the many stories about SSD price parity and the ever increasing size of SSDs, one imagines that NAND production will have to increase dramatically to fuel such gains. This is just the case as SK Hynix just announced plans to spend $26 billion to build 2 new semiconductor manufacturing facilities. This investment comes on top of an already large $13 billion investment in the new M14 DRAM facility set to come online in 2017. SK Hynix is expecting the two new facilities to be operational by 2024.

Even with such large investment from SK Hynix and competitors like Samsung, SanDisk/Toshiba and IMFT, analysts are not predicting a sharp drop in DRAM or NAND prices. On one hand, there is the fact that the few players aren’t keen to enter into a destructive race to the bottom just yet as along as their marketshare remains stable. It’s only once the NAND and DRAM markets stop growing will we see a massive price war start up. Given the increasing adoption of both mobile computing devices and SSDs in general, that is unlikely to happen anytime soon. Even without a massive price drop, NAND and DRAM prices should continue to fall as manufacturers transition to 3D NAND and ever lower processes. The biggest question is if 3D Xpoint will revolutionize the industry or not.

Thank you Reuters for providing us with this information 

Toshiba Wants 128TB SSDs with QLC and BiCS by 2018

 

Remember those 6TB and 8TB SSDs some vendors have planned for next year? You can ignore those, because pretty soon, we’re going to get drives that are going 16x as large. At least that is what Toshiba is planning on releasing in 2018. With capacities like those, hard drives will lose both the capacity and speed wars, relying solely on their price to compete. With enterprise 128TB drives being the norm then, maybe consumer grade drives will also benefit from a price drop as well.

In order to get to those unprecedented sizes, Toshiba is banking on two “new” developments, quad-level cell (QLC) and  BiCS (bit cost scalable) 3D NAND, to drop the price of flash enough to make these drives both possible technically and financially. It looks like price parity will be coming pretty close to on time if Toshiba and other NAND producers manage to master both QLC and BiCS .

QLC as the name implies allows NAND cells to store 4 bits per cell, doubling capacity over current MLC and adding 33% more over TLC. BiCS (bit cost scalable) 3D NAND is Toshiba and SanDisk’s 3D NAND offering with the stacking of layers to improve density without raising the cost too much. With 3D NAND, older processes can be used and more bits stuffed into each die. Combined with QLC, this can create pretty high density per die. The decreased performance and durability of QLC compared to MLC and TLC can also be partially offset by the use of 3D NAND.

Besides having to develop all new controllers to address all that capacity, Toshiba will probably have to make improvements throughout their SSDs. Datacenters will also have to figure out new ways to utilize such large SSDs and it’s possible a new connection protocol will have to be developed as well, though PCIe 4 might suffice. Even if there are some delays and technical difficulties, HDDs are going to have a hard time competing with these SSDs. Seagate and WD will have to hope HAMR does pan out or their business may soon end.

Thank you Nordic Hardware for providing us with this information 

Amazon Bans Flash Adverts on Its Own Domains

Amazon has updated the terms of its Technical Guidelines to prohibit any advert on Amazon-branded sites using Adobe’s Flash protocol. The change will commence on the 1st September and Amazon explained their reasoning in an introductory post:

“Beginning September 1, 2015, Amazon no longer accepts Flash ads on Amazon.com, AAP, and various IAB standard placements across owned and operated domains.”

“This is driven by recent browser setting updates from Google Chrome, and existing browser settings from Mozilla Firefox and Apple Safari, that limits Flash content displayed on web pages.”

“This change ensures customers continue to have a positive, consistent experience across Amazon and its affiliates, and that ads displayed across the site function properly for optimal performance.”

This is a clear message from one of the leading online giants to universally drop Flash support across web pages, browsers and other applications. Flash can cause a myriad of stability issues and HTML5 has proven to be a far superior replacement. Amazon clearly feels the conflict between browser settings and Flash content is creating a sub-par shopping experience and could deter users from purchasing on the Amazon store. Frustratingly, Chrome embeds Flash by default but you can download Chromium or Firefox as an alternative.

Thankfully, it seems the Flash is now on the target radar of influential web companies and could become obsolete in the near future.

Have you ever experienced any issues with Adobe Flash?

You Can Install Windows 10 to a Raspberry Pi

Microsoft has launched Windows 10 now and everyone is talking about it. A lot of people have already upgraded while just as many wait for their downloads to finish. There are of course also those who don’t want to upgrade or aren’t eligible for the free upgrade and then there is them that own a Raspberry Pi.

Yes, you read that right, you can also get Windows 10 for that tiny $35 pocket PC as well as other mini-systems such as the MinnowBoard Max and Intel Galileo. Okay granted, this isn’t the full desktop version, but rather the IoT (Internet of Things) version and you’ll need an already upgraded PC with the normal Windows 10 to get started. But from there on it is an easy task.

The Windows 10 IoT Core tools are available to download directly from Microsoft. Flash it onto an SD card and boot up your Raspberry Pi and get coding and controlling. Windows 10 IoT Core will boot automatically after connecting the power supply. This will take a few minutes. Once the device has booted, the DefaultApp will launch and display the IP address of RPi2. You can now connect through PowerShell or SSH to your freshly installed Windows 10 Pi.

Files and guides can all be found on Microsofts site and it is truly as easy as following a checklist.

Windows 10 USB Installers And U Drives Pose for the camera

There is little doubt that people want Windows 10 and are looking forward to the final version. Not only have Microsoft listened to what users want this time instead of telling them what they want, they’ve also come up with a lot of new things that most likely will make Windows 10 the most popular Microsoft OS to date.

The full launch is almost here and the first images of the actual USB drives with the installers are starting to surface. We’ve previously seen the retail packaging, but this time it’s the actual drives that pose for the camera. The first one is courtesy of Paul Thurrott that shared this aesthetic pleasing USB drive on Twitter. It contains both a 32-bit and 64-bit version, ready for both older and newer systems.

The second photo that surfaced comes via IThome and show the U (update) drives. These aren’t looking as good as the above and they are most likely intended to be bundled with systems as an upgrade option. The Chinese text on the box that you most likely aren’t able to read is “Windows 10 upgrade Package. July 29 is enabled”, which speaks for the above statement.

Will be you be upgrading to Windows 10 when it’s released? Or will you wait and see what the general opinion is before making the switch?

Thank You WCCFTech for providing us with this information

How a Hacker Made $45,000 Selling 0Day Exploits to Hacking Team

We previously reported that Italian spyware company, Hacking Team, has been hacked and had 400 GB of data publicly released via torrent websites. Well, Arstechnica reportedly found how easy it was doing business with the latter company by digging through their emails.

It seems that a Russian hacker approached the Hacking Team in 2013 with a few 0day bugs he found on Windows, OS X and iOS operating systems, with price ranges of $30,000 to $45,000. The company apparently was not interested in the latter, but it did show interest in another exploit offered by the hacker, namely the “Adobe Flash Player 9.x/10.x/11.x with the RCE exploit for the current Flash Player 11.9.x for Windows 32/64-bit and OS X 64-bit”.

The correspondence even revealed how the money was transferred to the hacker. According to the findings, the hacker received the money via bank wire transfer in three instalments, one of $20,000 in October 2013, the other of $15,000 in November 2013 and the last one of $10,000 in December 2013. There has not been any evidence of the hacker and the company doing any business up until 2015, when the Russian hacker received another $35,000 in his bank account in Moscow.

Arstechnica also approached the hacker and surprisingly, he explained that such transactions are very common between companies such as Hacking Team and freelance hackers. He stated that such transactions are “routine sales like with ZDI, VCP, pentesters and other legal 0day buyers”. I don’t know about you, but this information is as exciting as it is scary. So what are your thoughts on this?

Thank you arstechnica for providing us with this information

Adobe Flash Vulnerability Patch Released

Adobe has released a recent patch to address a critical vulnerability that could possibly allow an attacker to take control of the affected system. Adobe acknowledged that this flaw is being actively exploited in the wild via limited targeted attacks, the known affected systems are those using internet explorer for the windows 7 operating system also including Firefox on windows xp. according to the patch details Adobe states the following software can be potentially impacted:

  • Adobe Flash Player 18.0.0.161 and earlier versions for Windows and Macintosh
  • Adobe Flash Player Extended Support Release version 13.0.0.292 and earlier 13.x versions for Windows and Macintosh
  • Adobe Flash Player 11.2.202.466 and earlier 11.x versions for Linux

The company advises updating to the latest version of flash in order to prevent the risk of exploitation, but at this point the users should good look at how important flash is to their regular internet use.

This recent flaw was uncovered through the help of a FireEye security researchers. a Singapore based FireEye team discovered the flaw in June when they detected a phishing campaign exploiting CVE-2015-3113. ”The attackers’ e-mails included links to compromised Web servers that served benign content or the malicious Adobe Flash Player file that exploits CVE-2015-3113.”

Do you think there is a risk using Flash player with the likelihood of these dangers? have you updated your flash?

Thank you artstechnica for providing us with this information.

Google Changes how Flash Ads Work in Chrome

Despite helping pay for web content, auto-playing Flash ads have become the bane of internet users. While third party plugins have long offered the ability to control Flash elements, Google is now baking in the ability to pause auto-playing Flash ads right into Chrome. Starting with the latest Chrome Beta build, pausing non-central plugin elements will become the default setting. Pausing auto-play ads is one thing but Chrome being able to determine which Flash elements are ads and which ones are the content makes the feature so much more useful.

In their blog post announcing the new feature, Google states that the main purpose of adding this ability into Chome is to help improve battery life. By reducing the number of flash elements being played, the processor has a lower workload, reducing power consumption and improving battery life. Flash has long been notorious for consuming processor cycles and being a performance hog so disabling unnecessary elements is sure to help not only battery life but those on older machines.

It’s important to note that it’s not clear how Chrome will determine which elements need to be paused. The feature also isn’t meant to block ads necessarily as a Flash ad that plays in the main video frame before the real video likely won’t be blocked. HTML 5 playable ads and other ads also won’t be blocked so this feature won’t be a replacement for ad-blockers. Nethertheless it’s interesting to see an advertising firm pushing out features that could reduce their ad revenue.

SanDisk Flash Drives and SSDs at Computex 2015

Computex 2015 – SanDisk also brought along all their other storage devices such as the impressive 128GB Ultra Fit USB 3.0 drive. This is the world’s smallest high-capacity USB 3.0 drive and it can hold up to 16 hours of Full HD video while not being much bigger than the nail on your thumb. The drive still transfers files at up to 130MB/s, allowing you to transfer a full movie in less than 40 seconds.

The new Z400s SSD was also on display, a perfect balance between performance, capacity, and reliability for replacing your PC’s HDD. It’s build as a cost effective alternative to mechanical HDDs.

If the 128GB capacity from the tiny Ultra Fit drive isn’t enough, then SanDisk also has the 256GB Ultra USB 3.0 drive with up to 256GB capacity.

The SanDisk Extreme 500 is a portable SSD with a capacity up to 480GB that fits right into your pocket while being four times faster than an external HDD. It has a rugged and durable design and it is shock resistant, a perfect combination for when you’re on the go.


SanDisk also had their other drives such as the X300 and X110 in 2.5-inch and small form factor drives with them.

Enterprise users also had their part to look at with the CloudSpeed ECO Gen2 SATA3, Lighting Ultra Gen2 12Gb/s SAS, Optimus MAX 4TB SAS and Fusion ioMemory SX300 PCIe Application Accelerator.

SanDisk Retail Products at Computex 2015

Computex 2015 – We had to stop by the SanDisk booth and check out their storage drives, and we were not disappointed. They brought along pretty much their entire portfolio of current and new products.

In the Retail section the had anything from the tiny UltraFit USB 3.0 over the iXpand USB 23.0 drive to the Ultra Dual USB drive with both micro and normal USB plug.

Memory cards are used everywhere from cameras to smartphones and a lot in between. Sandisk has quite a few different models on display, both microSD and full-sized SD cards.

SanDisk’s SSDs were also among the retail products, that includes the Ultra II in mSATA and 2.5-inch form factor, SSD Plus, and the awesome Extreme PRO that you might remember from our review.

SanDisk also has Wireless storage in their portfolio, for example the Connect Wireless Flash Drive and Wireless Media Drive.

Intel SSD 750 PCIe 1.2TB NVMe Solid State Drive Review

Introduction


Once in a while we see a new generation of products being released that completely change how we view the area and make what we used to think was good into something rather mediocre. Such a time is upon us right now thanks to Intel and their brand new consumer drives, the Intel SSD 750 Series. I’ll be taking a closer look at the 1.2TB PCIe Half-Height Half-Length (HH-HL) add-in card today, but the drive is also available as a smaller version with 400GB capacity and both capacities are also available as 2.5″ inch form factor with an SFF8639 connector.

The Intel SSD 750 series is an NVMe based drive which both is a wonderful thing and has a hitch at the same time. Your motherboard has to support it and you need the proper drivers to get the full potential. But assuming we have this, and major manufacturer are all upgrading their Intel 9 series motherboards to support this, then you have the next generation of storage drives.

What started out as something available only for enterprises and at a price that no normal person could afford has now moved into the consumer range. In a way, this storage drive can be seen as a consumer version of the Enterprise DC series and now that the processes have matured and a lot of R&D costs have been paid by enterprises utilizing the DC drives, we end users rake the benefits.

NVMe is the next generation of storage connectivity and it will replace the AHCI standard the same way that replaced the IDE. AHCI and SATA3 were created for with mechanical drives in mind and it’s far from the perfect platform to build flash storage upon. NVMe on the other hand is designed from the ground up for this use and performs a lot better thanks to this. NVMe lowers overall CPU overhead because NVMe has a simplified command set which minimizes the number of CPU clocks per I/O in comparison to AHCI.

I’ve talked a lot about how great this new drive performs, but I haven’t mentioned any numbers yet and that has to change. The drive is rated for impressive 2400MB/s read and 1200MB/s write performance at sequential operations and has even more impressive 440K IOPS read and 290K IOPS random 4K write performance.

The drive is rated for 70GB writes per day that equals to 219TB total bytes written over a five-year period. It comes with a mean time before failure of 1.2 million hours and is backed by a five-year warranty. SMART, TRIM, and ECC are also part of the package.

Diving further into the card and having a look at the PCB on the bottom of the card and we find 14-BFA packages with 20nm Intel Multi-Level Cell NAND and two Micron DDR3 DRAM packages.

Removing the giant heatsink isn’t an easy task, and it is one that I failed at. It is mounted so solid that I couldn’t make it move the tiniest bit despite having removed all screws. I wasn’t using more than a sensible amount of force on a product like this, and I had to give up as I didn’t want to destroy the card.

Inside the large heatsink that covers the entire card, we find a smaller one that can be removed and below we find the SSD controller.

Intel is using their own proprietary controller named the CH29AE41AB0 and I really like how Intel used proper thermal paste rather than pads. Overall the cooler design is impressive for a storage drive and it should keep the drive running perfectly in even the most demanding setups.