Skip to content

An exploit in Android’s GUI framework lets hackers access … pretty much anything.

flaw in Android’s GUI framework let university researchers hack into applications with up to 92 percent success rate.

They tested apps from Gmail, H&R Block, Newegg,WebMD, Chase Bank, and Amazon.

When a new screen or window is shown, the GUI framework allocates a fixed amount of memory in the shared memory register that’s proportional to the size of the screen. This memory is allocated inside the app process and shared with a separate window compositor process.

Shared memory is commonly adopted by window managers to receive window changes or updates from running applications.

When a user downloads a malicious app, the shared memory lets attackers steal information such as login credentials, and obtain sensitive camera images such as photos of personal cheques sent through banking apps.

As for fixing the flaw, Newegg’s Wu said, “everyone is responsible — the OS makers, app developers and phone users.”

The researchers “did a good job at pointing out and educating everyone about a possible vulnerability,” he continued. “Now it is up to all of us to do something about it.”


Sourced by Tennessee Frank

Posted in Uncategorized.

A Dr. Who and Sherlock mashup is so realistic, you’ll find it hard to tell that it’s not a real show.

What do you get when you combine footage from Doctor WhoSherlock, and some impressive fan-made visual effects? Aside from every fan’s dream, you get Wholock, a mashup between two of the greatest British shows of all time.

We would’ve been way less impressed (and not a bit surprised) if the video hadn’t been much more than scenes from the two shows cut together, but Wholock‘s creator, YouTuber John Smith, really surprised us with the visual effects he pulled off. If you want to take a look at how it was made, he put together another video showing how he accomplished the effects for the mashup.

You may find it hard to believe the video isn’t actually shot the way it’s presented. Check it out at


Posted in Uncategorized.

Google images may have been hacked this morning.

A repeating image of a car crash appeared consistently in Google search results this morning, prompting speculation that the tech giant might have fallen victim to hackers.

The image, which showed a car wreck in front of a Russian stop sign, appeared in Google news and image searches. A Google news search for “Obama,” for instance, produced multiple images of the car crash accompanying stories related to President Obama. A search for “Emmys” produced a similar result.

Google’s image search was also disrupted, with multiple images of the car crash appearing amid the correct results.

It remains unclear whether the search results were due to a technical glitch or were caused by hacker activity. Multiple users on the Google Search Help Forum and Twitter discussed the possibility that the tech giant had been hacked.


Posted in Uncategorized.

Twitch has been sold… to Amazon!

Now we may know a bit more about why Justin.TV shut down to focus entirely on Twitch.

Amazon has bought Twitch for nearly $1 billion.

The move, which includes a price tag of $970 million in cash, may seem odd to the online retailer’s main customers, but it indicates Amazon wants a bigger piece of a multi-billion dollar gaming business. Buying Twitch, a site that live streams people playing games like League of Legends and DOTA 2, lets Amazon tap into the most loyal consumers of games — the hardcore gamers.

Twitch’s approach — live broadcasts of video game play — is still in its developing stages. The site originally was a channel of, a live streaming site co-founded by Twitch CEO Emmett Shear and Justin Kan. The pair launched Twitch in 2011 and rapidly gained popularity, garnering more traffic than video-streaming site Hulu in February.

It’s a lucrative opportunity for Amazon, a company eager to tap into the estimated $100 billion gaming industry. Hardcore gamers are the ones buying gaming consoles and software, driving around 49 percent of sales, yet Amazon’s previous tactics have not reached that audience. Twitch could provide a way in. It’s a new media channel that allows Amazon to build a relationship with the most loyal of gamers.


Posted in Uncategorized.

A web site-based health data aggregation service detected the Ebola outbreak more than a week before WHO announced it.

When an infectious disease starts spreading, it seldom takes its time. And when that infection is called Ebola, any delay in halting its spread can take a very real toll in human lives. The trouble, of course, is that it takes time for people to even figure out that an outbreak has occurred. Thankfully, machines are getting smarter.

Nine days before the World Health Organization announced the African Ebola outbreak now making headlines, an algorithm had already spotted it. HealthMap, a data-driven mapping tool developed out of Boston Children’s Hospital, detected a “mystery hemorrhagic fever” after mining thousands of web-based data sources for clues.

Those data sources include news reports, social media, international health organizations, government websites, and even the personal blogs of health care workers operating in affected areas. The team’s custom-built web crawler traverses RSS feeds and APIs, analyzing the text from these content sources for disease-related terminology and clues about geography.

Fortunately, HealthMap applies a machine learning algorithm to filter out irrelevant information like posts about “Bieber fever”.

The team behind HealthMap is busily working on improving its filtering algorithms and adding new sources of data.

Check out to see the map and keep one up on infectious disease.


Sourced by Bekah Ferguson

Posted in Uncategorized.

A potentially genius mom has created an app that every parent should install on their teen’s phones.

Sharon Standifird wanted her kids to show a little respect. Her teens tended to do what teens do: when she called them on their cell phones, their natural instinct was to press “ignore.”

What’s a mom to do? Get mad? Or get spectacularly, ingeniously even?

She chose the latter. She began to consider what sort of app might get her teens to see the light. The result was Ignore No More.

This charming addition to her kids’ phones does something very simple: if the kids don’t pick up mom’s calls, the app locks their phones.

Her website explains the app in a charming way: “When you lock your child’s phone with Ignore No More your child has only two options — he or she can call you back, or call for an emergency responder. No calls to friends, no text, no games, notta’ until they call you back. When they do, you can unlock their phone if you choose to do so. How’s that for parental control?”

Ignore No More is currently only available on Android and costs $1.99.


Sourced by Tennessee Frank

Posted in Uncategorized.

Find your favorite coffee.

Having trouble finding that “perfect” cup of coffee?  Craft Coffee may be able to help: they’ve come up with a way to connect their customers with roasters and beans that they’ll love.

Craft Coffee has been around since 2011, offering up a coffee subscription service designed to help users discover new roasts from around the country. It partners with dozens of different independent roasters to source beans and deliver them to customers that would probably never have heard of them.

The subscription commerce model for coffee by itself isn’t exactly novel. But what is interesting about what Craft Coffee is that it’s used data from all its previous sales, as well as what it knows about different roasters, to create a new discovery model based on what it calls the Coffee DNA project.

Having shipped more than 50,000 pounds of coffee already, Craft Coffee has a large database of what people have tried and loved already. It’s also surveyed coffee drinkers to find out more about its customers’ taste preferences and create an algorithm that helps them discover new roasts to buy.

New customers just sign up and take a short survey to tell Craft Coffee what coffee they drink now, and if they’re looking for something similar or something new and different. They then choose a price level and delivery schedule, as well as whether they’d prefer whole or ground beans.

Sourced by Tennessee Frank

Craft Coffee then sends them new coffee each month — either one package of beans or a sampler from three different roasters.

Posted in Uncategorized.

4.5 Million US patients have had their personal information stolen by hackers.

Community Health Systems, one of the largest hospital operators in the U.S. announced that hackers stole about 4.5 million records with patient names, addresses, birth data, phone numbers and Social Security numbers. The company says the data was stolen in attacks that occurred between April and June 2014 and the hackers gained access to data from anybody who was referred for or received services from any doctor affiliated with Community Health Systems. The only good news about this breach is that the hackers did not gain access to any medical records.

Community Health Systems believes that the attack originated from China and that the hackers used “highly sophisticated malware and technology to attack the Company’s systems.” The company notes that these attacks typically go after intellectual property like medical device and equipment development data. This time around, however, the hackers went after personal records.

Community Health Systems will offer identity theft protection to all the patients whose data was stolen.


Sourced by Tennessee Frank

Posted in Uncategorized.

Russia has outlawed anonymous wifi in public places.

Russian Prime Minister Dmitry Medvedev has signed an order prohibiting unidentified access to Wi-Fi in public places.

As a result, anonymous access to public Wi-Fi is restricted, and anyone wanting to connect will have to register with a personal ID, although the affected public areas are not clear at the moment.

Access will be given only after users enter their full name when prompted, and confirm it by personal identification. In addition, hardware (the device being used to connect to public Wi-Fi) must also be identified.

The move was approved earlier in the week by government order, adding to the series of measures that have been taken in the country to tighten internet regulation. While some European countries have been placing similar sanctions, the application in Russia is more worrisome according to civil-rights advocates.

MP Vadim Dengin said that the clampdown of the public Wi-Fi was related to the ‘information war’ against the United States.

Deputy head of the parliament’s information police committee Leonid Levin gave different views on the new law, saying “No one will have to show their passports to anybody. The identification process will consist of getting a password for Wi-Fi access by providing your mobile phone number. Since providing a passport is required to buy a SIM-card in Russia, there will be no need to show your passport.”.


Posted in Uncategorized.

A hacker use a Canadian ISP’s router to steal more than $83,000 in Bitcoin and other virtual currency.

A hacker with access to a Canadian Internet provider hijacked net traffic from large foreign networks to steal more than US$83,000 in virtual currency over a four-month period, a cyber security company said Monday.

Researchers with the U.S.-based Dell SecureWorks said the hacker’s attack started last February and stopped in May, after the Canadian Internet service provider was notified.

Joe Stewart, director of malware research at SecureWorks, said the hacker targeted firms that hosted servers generating virtual currencies such as Bitcoin — including Amazon in the U.S. and OVH in France — and redirected some activity.

He said they were able to track the origins to a Canadian ISP, stating “Someone had access to a router at that ISP. It had to be someone who managed to hack into that router and gained administrative rights, or someone who already had access.”

Pat Litke, another security researcher at SecureWorks, said the firm is “fairly confident” the attacks came from Canada, but the hacker may be based elsewhere.

He said that in order to execute the cyberattack, you literally can be anywhere in the world, as long as you have privileged access.

According to SecureWorks, a total of 51 networks from 19 other ISPs were “compromised” in the attack.


Posted in Uncategorized.