Categories
News

India warns Apple users to update devices to fix critical security vulnerabilities

CERT-In has issued a high-severity advisory alerting Apple device users to multiple vulnerabilities. The advisory impacts various Apple products, including iPhones, iPads, and Macs, and recommends users update their devices to the latest software versions.

In its advisory note, CERT-In has outlined two significant vulnerabilities affecting a range of Apple products, including:

  • iPhones and iPads: Running iOS and iPadOS versions prior to 18.1.1 and 17.7.2.
  • MacBooks and Desktops: Using macOS Sequoia versions prior to 15.1.1.
  • Vision Pro: Running visionOS versions prior to 2.1.1.
  • Safari Browser: Versions earlier than 18.1.1.

Invisible Threat: Zero-Day Apple Exploits

On Nov. 19,Apple issued a critical security alert, revealing that two zero-day vulnerabilities — CVE-2024-44308 and CVE-2024-44309 — had been actively exploited.

A zero-day vulnerability refers to a software flaw unknown to the vendor, with no available patch at the time of discovery. Attackers exploit these vulnerabilities before developers can address them, making zero-day attacks particularly dangerous. In this instance, the vulnerabilities in JavascriptCore and WebKit were exploited to execute malicious code through specially crafted web content.

1. Arbitrary Code Execution (CVE-2024-44308)

This vulnerability resides in JavascriptCore, JavascriptCore is the engine that powers Javascript execution in Apple’s software, including the Safari browser. 

 Malicious actors can exploit this vulnerability by sending specially crafted web content to execute arbitrary code on the target device. When loaded in the browser, the script exploits the vulnerability, bypassing protections that normally isolate Javascript from accessing sensitive system-level resources. Once the code executes, it can steal personal information, install malware or even grant the attacker remote access to the system.

2. Cross-Site scripting (XSS) (CVE-2024-44309)

This vulnerability exists in WebKit.WebKit is Apple’s open-source browser engine that renders web pages. It handles everything from displaying text and images to running interactive elements on websites. If you’re using Safari, every webpage you load passes through WebKit.

The exploit involves sending carefully crafted web content that causes WebKit to mishandle memory during processing. This creates a “buffer overflow” or similar memory corruption issue, allowing attackers to insert and run their own code.Exploiting this issue involves sending maliciously crafted web content that triggers XSS attacks, potentially allowing attackers to manipulate web pages, steal sensitive data, or impersonate users online.

How to stay safe

To help users protect their Apple devices, CERT-In strongly advises users to update their devices to the latest software versions. To update:

  • iPhones and iPads: Go to Settings > General > Software Update and install the latest iOS or iPadOS version.
  • MacBooks: Open System Preferences > Software Update and upgrade to macOS Sequoia 15.1.1 or later.
  • Vision Pro: Navigate to Settings > Software Update to ensure you’re on visionOS 2.1.1 or above.
  • Safari browser: Update to version 18.1.1 via the App Store or through system updates.
Categories
News

Brazil orders Apple to lift in-app purchase restrictions within 20 days

Brazil’s antitrust regulator has ordered Apple to remove App Store restrictions on third-party payment systems and allow developers to market alternative payment options for in-app purchases,Reuters reports. Apple will have 20 days to comply with the measures, imposing a 250,000 real (about $43,000) fine per day if Apple fails to comply with the demands.

This decision follows a complaint filed in 2022 by Mercado Libre, a prominent e-commerce platform.

MercadoLibre’s complaint, filed in 2022 in Brazil and Mexico, accused Apple of imposing a series of restrictions on the distribution of digital goods and in-app purchases, including banning apps from distributing third-party digital goods and services such as movies, music, video games, books and written content.

The company accused Apple of abusing its monopolistic position by requiring developers to use Apple’s own payment system and preventing them from redirecting users to external payment options.The e-commerce giant’s SVP general counsel, Jacobo Cohen Imach, criticized Apple’s practices as creating an “artificial tilt towards integrated ecosystems.”

Under the new requirements, Apple must permit app developers to implement tools allowing customers to make purchases outside the Apple ecosystem. This includes enabling the use of hyperlinks to external websites and allowing developers to market third-party products and services within their apps.

The move aligns with similar regulatory actions worldwide, which have been challenging Apple’s strict App Store policies. Apple has faced mounting pressure to enable third-party payment methods and external links in regions like Europe, Japan, South Korea, and the U.S. In March 2024, the European Commission fined Apple €1.8 billion ($1.95 billion) for restricting music streaming apps from informing users about cheaper subscription options outside the App Store. 

This latest ruling represents another potential crack in Apple’s tightly controlled App Store model, often criticized as a “walled garden.” As global regulators scrutinize the company’s practices, further changes to App Store policies may be on the horizon.

Categories
News

Xiaomi India releases additional details of Redmi Note 14 Pro+

Xiaomi already confirmed the India launch of Redmi Note 14 5G series in India on December 9th and has been steadily releasing details of the flagship model in the series, the Redmi Note 14 Pro+.

According to the specs released so far,the phone will have a 50MP telephoto camera, IP68 dust and water resistance, Corning Gorilla Glass Victus 2 on the front, and a curved AMOLED display.The camera cluster on the back has been modeled after the Xiaomi logo.

The phone strikes a perfect balance between symmetry and curves inspired by Xiaomi’s Alive design language, and it will be three colours Green, Blue and Black colours with the Blue version featuring a vegan leather finish.The camera cluster on the back has been modeled after the Xiaomi logo.

So far, the revealed and leaked specs look very similar to the version that launched in China a while back. The version which was introduced in China back in September has a 6.67-inch 1.5K 120Hz OLED display, is powered by Snapdragon 7s Gen 3 SoC, has a 50MP main camera with Light Fusion 800 sensor along with an 8MP ultra-wide and a 50MP telephoto camera and packs a 6200mAh battery with 90W fast charging.

More details on the device will be revealed as we inch closer towards the launch

Categories
News

OnePlus Watch 3 might be launching internationally alongside sooner than expected

Following the launch of the OnePlus Watch 2 at MWC, the Watch 2R was followed at the end of the year as a cheaper alternative. 

The OnePlus Watch 2 is a Wear OS-based smartwatch that OnePlus launched in early 2024 as a drastic upgrade over 2020’s dreadful OnePlus Watch. Later on in the year, the OnePlus Watch 2R launched as a slightly cheaper, but essentially identical device.

The Watch 2 has only been available since March and the 2R since July, but the company is clearly already preparing for the launch of another smartwatch in the near future.

According to a very active tipster Yogesh Brar on X, the OnePlus Watch 3 will be hitting “global markets” in the near future.It will launch internationally alongside the OnePlus 13 and OnePlus 13R.However, this seems unlikely as the former was officially launched in China last month, a global launch could be imminent, and OnePlus has yet to reveal anything about the new smartwatch.

There are no details about the OnePlus Watch 3 yet, but we of course expect it to run Google’s Wear OS just like its two predecessors from earlier this year.  The Watch 2 was widely regarded for its stellar battery life, but it’s unclear what a sequel might bring to the table.

Categories
News

Apple Could Plans to Remove iPhone SIM Card Tray in More Countries

With the rumored radical design choices of the upcoming iPhone 17 Air in mind, it is clear that Apple has decided that e-sim is the future of the iPhone. However, for countries that do not support eSIM, this could severely impact iPhone sales.

Apple is planning to remove the physical SIM card tray on iPhones in more countries next year, The Information said today, in a report focused on the ultra-thin “iPhone 17 Air.” However, the report did not mention any specific countries.

Apple has expressed its preference for eSIM in the past and highlighted its benefits.Apple promoted eSIMs as being more secure than a physical SIM, as they cannot be removed from an iPhone that is lost or stolen. In addition, at least eight eSIMs can be managed on an iPhone at once, eliminating the need to obtain, carry, and swap physical SIM cards while traveling.

In the U.S., all iPhone 14 through iPhone 16 models do not have a SIM card tray, and instead rely entirely on digital eSIM technology. Apple has yet to release any iPhones without a SIM card tray outside of the U.S., but it sounds like the change will finally expand internationally starting with the iPhone 17 lineup next September.

Indeed, the report said that all current “iPhone 17 Air” prototypes lack a SIM card tray. Featuring a rumored thickness of 5 mm, the iPhone 17 Air will be the thinnest iPhone to date. With such limited internal space and Apple’s affinity for eSIM, it is no wonder that the iPhone 17 Air would not include a SIM tray by design.

The report said it is unclear if the device will be sold in China as a result, since the country has not approved the use of eSIMs in smartphones. Of course, that could change.

Categories
News

Valve ends Steam support for Windows 7 and 8 users

Those of you still using Windows 7 and 8 that avidly play Steam games might want to consider finally upgrading.Almost two years after Microsoft itself abandoned Windows 7 and 8: Steam’s most recent client update is the first to not work on the old OSes, more than 11 months after Valve announced it would stop supporting them.

“This version of the Steam client will no longer run on Windows 7 or Windows 8,” reads the accompanying documentation of the November 5 Steam client update. “Users on these OS versions will not automatically update to this new version of the Steam client.”

Back in January, Valve announced that official support for Windows 7 and 8 had officially ended, meaning Steam Support would not be able to offer any technical support for issues users might be facing on those operating systems.

 “We expect the Steam client and games on these older operating systems to continue running for some time without updates after January 1st, 2024,” Valve wrote on the Steam support website at the time, “but we are unable to guarantee continued functionality after that date.” According to Valve, the embedded version of Google Chrome required for core functions of the Steam client was the impetus for the move⁠—it just doesn’t support older versions of Windows anymore.

As of October’s Steam hardware survey, only .28% of users were still on Windows 7, while there were no reported users at all on Windows 8.  It’s surprising that Valve took this long to make the call to end support.

Categories
News

Samsung explores partnership with OpenAI to enhance Galaxy AI with ChatGPT

According to a report, Samsung and OpenAI are in talks to form a partnership and potentially integrate ChatGPT into Samsung Galaxy AI services.

Earlier, The Information suggested that a potential partnership between Samsung and OpenAI might be happening, but now analyst Dan Nystedt took it to X to share that OpenAI is in talks with Samsung over bringing its AI technology to Samsung’s devices. This could be bad news for Google because Samsung is already a key partner.

Google seems to have been the target of the DOJ for its monopolistic practices for quite some time. The regulatory authorities are firm on breaking Google’s dominance in the search engine industry and even pushing the company to sell off Chrome. While Google’s hands are full dealing with legal matters, the Department of Justice is not the only thing it has to worry about.

Google’s established presence in the search engine market is already being challenged actively, with tech experts suggesting that if the company is to sell off Chrome, it would make more sense for OpenAI to acquire it, keeping in view its vigorous attempts to bring robust AI-driven experience. With OpenAI not only challenging Google’s position as the search engine giant but also looking for integration with Google’s partner, Samsung, it can pose some serious threats to the company.

As of now, Samsung uses its own LLM and Google’s Gemini AI to power its Galaxy AI features. It will be interesting to see how ChatGPT fits in all of this.For instance, Apple leverages OpenAI’s ChatGPT for its own Apple Intelligence, but only when the on-device models aren’t sufficient for the task at hand. That’s when the system asks ChatGPT for help.We could see a similar implementation in Galaxy AI or use ChatGPT’s service altogether. 

OpenAI becomes increasingly competitive toward Google with the announcement of its Search service and is now trying to snatch Google’s long-term partners.The same report claims that OpenAI is even working on a ChatGPT-powered browser. The company has already hired developers who have worked on Chrome.

But until either of the companies officially confirms its ongoing initiatives, the leaks or reports should be taken with a grain of salt. If OpenAI does end up collaborating, it would not only mark an intense wave of competition in the AI ecosystem but also could change the dynamics of the industry, given how the company is determined to establish itself extensively and advance AI technology.

Categories
News

Huawei targets 100,000 apps for Harmony OS in the next year

China’s Huawei said on Saturday it is targeting 100,000 applications for its Harmony operating system in coming months as it seeks widespread help to achieve self-reliance.

The tech giant has more than 15,000 applications based on Harmony that can meet consumers’ basic needs, but the ecosystem requires more personalised and boutique apps, Huawei Chairman Xu Zhijun told a conference on Saturday.

Huawei unveiled Harmony in August 2019, after U.S. sanctions cut off support for Google’s (GOOGL.O). The Shenzhen-based company, which sells products ranging from smartphones to laptops, later developed an open-source version of the Harmony system.

Due to the US sanctions, “Huawei has been forced to accelerate developing its own operating system,” Xu said. Although much progress has been made, “for any operation system, no matter how advanced it is, it would be of no value if no one uses it.”

Xu expressed hope that developers could work hard to enrich app offerings and called on government agencies, state companies and social organisations to use Harmony as their operating system at work.

He asked consumers to be tolerant of the system’s immaturity, saying, “The more people use it, the more quickly it will become mature.”

Categories
Batteries

Unraveling The Mysteries: Understanding Lithium Battery Explosions

Lithium batteries have become the powerhouse of energy storage in modern technology, powering a vast array of electronic devices from smartphones and laptops to electric vehicles and renewable energy systems. Their lightweight design, high energy density, and long-lasting performance have made them the go-to choice for portable electronics and beyond. The use of lithium batteries has revolutionized industries by providing efficient and reliable power sources that enable our fast-paced, connected world to function seamlessly.

Unraveling The Mysteries: Understanding Lithium Battery Explosions

While lithium batteries offer numerous benefits, they also pose potential risks, most notably the risk of explosion. Understanding the causes behind lithium battery explosions is crucial for ensuring the safety of users and preventing catastrophic incidents.

These explosions can result from various factors such as overcharging, physical damage, manufacturing defects, or exposure to extreme temperatures. By delving into these causes and their mechanisms, we can implement strategies to mitigate risks and enhance safety measures in utilizing lithium batteries.

Overcharge

Overcharging of lithium batteries is a common cause of explosions due to the buildup of unstable lithium metal deposits on the anode. When a battery is overcharged, it leads to an excessive flow of current, causing lithium ions to plate onto the anode in a non-uniform manner.

This uneven deposition creates dendrites or needle-like structures that can pierce the separator between the electrodes, leading to internal short circuits. The risk of thermal runaway and explosion further escalates as these dendrites continue to grow with subsequent charge cycles.

As more lithium metal accumulates, it increases the chances of direct contact between the anode and cathode, causing a rapid increase in temperature within the battery due to uncontrolled chemical reactions. This thermal runaway scenario can result in a violent release of energy and gases, ultimately culminating in an explosion.

Physical Damage

Physical damage remains another significant culprit behind lithium battery explosions. Impact or puncture on a battery can lead to internal short circuits within its structure. When the battery casing is compromised, it exposes reactive components such as the electrolytes to air or other materials present in its surroundings.

This exposure can trigger chemical reactions that release flammable gases and heat rapidly within the confined space of the battery cell. The build-up of pressure from these reactions can cause the battery casing to rupture explosively, releasing potentially hazardous materials and leading to a sudden explosion.

Manufacturing Defects

Poorly designed or faulty batteries resulting from manufacturing defects pose a serious threat as they are prone to internal shorts or overheating. Issues such as substandard materials used in construction or improper assembly processes can compromise the integrity and safety mechanisms within a lithium battery.

Lack of stringent quality control measures during production further exacerbates these risks by allowing defective batteries with hidden flaws to enter circulation undetected. Without proper safeguards in place, such batteries may exhibit erratic behavior under normal usage conditions, increasing the likelihood of critical failures that could lead to catastrophic outcomes like explosions.

Over-Discharge

Battery over-discharge or over-current discharge (more than 3C) is easy to make the negative electrode copper foil dissolved and deposited on the diaphragm so that the positive and negative electrodes are directly short-circuited to produce an explosion (rarely occurs). Lithium battery cells should also have a lower voltage limit when discharging. When the voltage of the battery cell is lower than 2.4V, some materials will begin to be destroyed. And because the battery will self-discharge, the longer you put the lower the voltage will be, therefore, it is best not to discharge to 2.4V before stopping. Lithium batteries from 3.0V to 2.4V discharge period, the energy released only accounts for about 3% of the battery capacity. Therefore, 3.0V is an ideal cut-off voltage for discharge.

Overcurrent

Protection line out of control or detection cabinet out of control so that the charging current is too large to cause lithium ions to be embedded in time, but the formation of lithium metal on the surface of the pole piece, penetrating the diaphragm, positive and negative electrode direct short circuit resulting in an explosion (seldom occurs). Charge and discharge, in addition to the voltage limit, the current limit is also necessary. When the current is too high, lithium ions will not have time to enter the storage compartment and will gather on the surface of the material.

Battery Aging

As batteries are used over time, their internal chemistry may change, increasing the risk of explosion.

Excessive Moisture Content

Moisture can react with the electrolyte in the lithium battery cell to produce gas, when charging, it can react with the generated lithium to produce lithium oxide, making the capacity loss of the battery cell, easy to overcharge the battery cell and generate gas, the decomposition voltage of the water is low, it is easy to decompose and generate gas when charging, when this series of generated gases will make the battery cell’s internal pressure increase, and when the battery cell’s casing can’t withstand it, lithium batteries will explode.

Handling And Storage Guidelines

Proper handling and storage of lithium batteries play a crucial role in mitigating explosion risks.Store your batteries in a cool, dry place away from direct sunlight or heat sources to maintain optimal operating conditions.Extreme temperatures can compromise battery integrity and increase the likelihood of thermal runaway.

Furthermore, protect your batteries from physical damage by utilizing protective cases or sleeves when transporting them.A minor impact or puncture can potentially lead to internal short circuits within the battery, paving the way for catastrophic consequences.

Categories
News

Huawei to launch FreeBuds Pro 4 with HarmonyOS Next

Huawei is holding a big event on November 26 to introduce the Mate 70 lineup and the Mate X6 foldable smartphone. Today, we learned that the company is also launching FreeBuds Pro 4, the first TWS earbuds with HarmonyOS Next.

The reveal came through a Weibo post featuring a single image of the FreeBuds Pro 4. The buds are quite similar visually to the FreeBuds Pro 3 but with a finer edge of the stem. It will also have Huawei Sound, which appears to be a rebrand of Huawei Histen audio features.

The most noticeable changes include grille patterns on the sides and back of the earbuds, likely added for aesthetics. The teaser also has the buds in a sleek black-metallic finish, paired with a gold Huawei Sound logo and a bold gold rim encircling the back cover stick.

Tese earbuds having a dedicated operating system means they will feature extended integration in the HarmonyOS Next environment, which should include the new Mate smartphones, Pura 70 devices in China, and the Pocket 2 clamshell foldable.

Huawei is set to launch the FreeBuds Pro 4 on November 26th at the company’s Mate Brand Festival. The event will also introduce other new products, including the Mate 70 smartphone series.

A look at the predecessor

While we are short on specs on FreeBuds Pro 4, let’s look at the specs of its predecessor. 

The FreeBuds Pro 3 features advanced active noise cancellation (ANC) 3.0 and the Kirin A2 chip, which uses Polar code technology for impressive 1.5Mbps lossless audio transmission. 

It also delivers improved sound quality, noise reduction, and battery life. With QuietCall 2.0, these earbuds excel at minimizing background noise during calls. In terms of battery life, the FreeBuds Pro 3 offers up to 7 hours of playback on a single charge, extending to 30 hou2rs with the charging case.

The FreeBuds Pro 4 will likely build on these features and may also introduce new AI features. After all, 2024 has been a year of AI.