The Category5.TV Newsroom

Here are the stories we're following for the week of Wednesday November 27, 2019

Tesla CEO Elon Musk suggested late Tuesday that his company had now received 250,000 pre-orders for the Cybertruck, its “Blade Runner”-inspired electric pickup. Tesla’s unveil event for its first pickup truck was marred by the vehicle’s windows breaking when an executive threw a metal ball at them in an effort to demonstrate their unbreakability. As it turns out, the same test was performed before the event, and went perfectly. The car’s trapezoid shape was also mocked in various memes. Even the official social media pages of LEGO had their go at the Cybertruck, but included innovative modular roof racks. Mr. Musk has said on Twitter that the reason Cybertruck is so planar is that you can't stamp ultra-hard 30X steel, because it breaks the stamping press. Despite the initial social media storm of people mocking the truck's design, others have praised the Cybertruck for bringing something new to the table.

Tesla CEO Elon Musk suggested late Tuesday that his company had now received 250,000 pre-orders for the Cybertruck, its “Blade Runner”-inspired electric pickup. Tesla’s unveil event for its first pickup truck was marred by the vehicle’s windows breaking when an executive threw a metal ball at them in an effort to demonstrate their unbreakability. As it turns out, the same test was performed before the event, and went perfectly. The car’s trapezoid shape was also mocked in various memes. Even the official social media pages of LEGO had their go at the Cybertruck, but included innovative modular roof racks. Mr. Musk has said on Twitter that the reason Cybertruck is so planar is that you can't stamp ultra-hard 30X steel, because it breaks the stamping press. Despite the initial social media storm of people mocking the truck's design, others have praised the Cybertruck for bringing something new to the table.

Source: www.cnbc.com

Sent to us by: Robbie Ferguson

WyzeCam owners will soon find an update removes the AI-driven person detection from their device due to the unexpected termination of the agreement Wyze had with their AI provider. In Wyze's commitment to offer the feature for free, they are starting their own AI division to bring back person detection and other AI improvements to the motion detection. Wyze is being praised by its users on social media for their transparency through what is no doubt a difficult situation for their staff. The new firmware which removes the AI features is planned for mid-January 2020. There is no ETA yet as to when their new in-house solution will be ready.

WyzeCam owners will soon find an update removes the AI-driven person detection from their device due to the unexpected termination of the agreement Wyze had with their AI provider. In Wyze's commitment to offer the feature for free, they are starting their own AI division to bring back person detection and other AI improvements to the motion detection. Wyze is being praised by its users on social media for their transparency through what is no doubt a difficult situation for their staff. The new firmware which removes the AI features is planned for mid-January 2020. There is no ETA yet as to when their new in-house solution will be ready.

Sent to us by: Robbie Ferguson

The Department of National Defense is joining the fight against 5G, citing risks to GPS and military operations.

The Department of Defense is joining the fight against 5G, citing risks to GPS and military operations.

The issue is with a proposal before the Federal Communications Commission to open the 1 to 2 Gigahertz frequency range—the L band—for use in 5G cellular networks. The problem is that some of those frequencies are already in use by the Global Positioning System and other military systems.

In a letter to FCC Chairman Ajit Pai, Secretary of Defense Mark Esper pressed for the rejection of the proposal, saying, "There are too many unknowns and the risks are far too great to federal operations to allow [the] proposed system to proceed... This could have a significant negative impact on military operations, both in peacetime and war."

While supporters of the proposal cite the low power of the transmitters and say this should not cause interference, studies performed in 2011 show that GPS signals arriving from space could be overpowered by even low-powered ground-based transmissions thanks to the inverse-square law.

A report from the National Space-Based Positioning, Navigation, and Timing Systems Engineering Forum noted that the tests "demonstrated there are significant detrimental impacts to all GPS applications assessed."

Source: arstechnica.com

Sent to us by: Roy W. Nash

Google is serious about ensuring the Pixel line of Android phones is secure. They've announced that they'll pay security researchers up to $1.5 million to find hacks and exploits.

Google is serious about ensuring the Pixel line of Android phones is secure. They've announced that they'll pay security researchers up to $1.5 million to find hacks and exploits.

The company said Thursday that effective immediately, they'll pay $1 million for a “full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices.” They'll also pay $500,000 for exploits that covertly steal data from a Pixel or bypass its lock screen.

Google will offer a 50 percent bonus to any of its rewards if the exploit works on specific developer preview versions of Android. That means a critical Titan M hack on a developer preview could fetch $1.5 million, and a data exfiltration or lockcscreen bypass could earn $750,000, and so on. Previously, rewards for the most severe Android exploits topped out at $200,000.

The big reward bump coincides with the investments Google has poured into securing the Pixel. The Titan M is a Google-designed chip that’s physically segregated from the main chipset of the device.

Titan M was first introduced in 2018 with the roll out of the Pixel 3. It’s also in the recently released Pixel 3a, and will also be included in the just-released Pixel 4.

Security researcher Saleem Rashid suspects we're in the midst of an iOS/Android security paradigm shift.

To understand the significance of Google's announcement, third-party exploit broker Zerodium will pay hackers $100,000 to weaponize a lockscreen bypass on either iOS or Android. Google are offering up to 7 1/2 times as much.

Source: arstechnica.com

Sent to us by: Roy W. Nash

The official site for the Monero digital coin was hacked to deliver currency-stealing malware to users who were downloading wallet software.

The official site for the Monero digital coin was hacked to deliver currency-stealing malware to users who were downloading wallet software.

The supply-chain attack came to light last week Monday when a site user reported that the cryptographic hash for a command-line interface wallet downloaded from the site didn't match the hash listed on the page. Over the next several hours, users discovered that the miss-matching hash wasn't the result of an error. Instead, it was an attack designed to infect GetMonero users with malware. Site officials later confirmed that finding.

An analysis of the malicious Linux binary found that it added a few new functions to the legitimate one. One of the functions was called after a user opened or created a new wallet. It sent the wallet seed—which is the cryptographic secret key used to access wallet funds—to a third party server. The malware then sent wallet funds to another server.

At least one person participating in a Reddit forum claimed to have lost digital coins after installing the malicious Linux binary.

A malicious Windows version of the CLI wallet carried out an almost identical attack sequence.

Anyone who downloaded the CLI Monero wallet on Monday November 18th, 2019 is advised to check the hashes of their binaries. If they don't match the official ones, delete the files and download them again. Do not run the compromised binaries for any reason.

Source: arstechnica.com

Sent to us by: Roy W. Nash

Wouldn't it be nice if there was a Facebook rival? Well, there is! And it's founded by the guy who built Wikipedia.

Wouldn't it be nice if there was a Facebook rival? Well, there is! And it's founded by the guy who built Wikipedia.

Jimmy Wales is expressing excitement that his new social network, WT:Social, already has more than 160,000 members.

The platform says it will never sell user data and relies on "the generosity of individual donors" rather than ads. The donations are by way of a modest subscription fee.

It is positioning itself as a "news focused" place, and says members will be able to edit "misleading" headlines.

They will see the articles shared by their network in a timeline format, appearing with the newest first rather than algorithms that try to appeal to their interests.

The introduction to WT:Social says, "We will empower you to make your own choices about what content you are served, and to directly edit misleading headlines, or flag problem posts. We will foster an environment where bad actors are removed because it is right, not because it suddenly affects our bottom-line."

In a recent interview with the Financial Times, Mr Wales shared his view that the problem with advertising-led services such as Facebook is that the winner is often low-quality content.

Social media consultant Zoe Cairns said she thought the network would have to grow its numbers quickly in order to prove itself to be a viable alternative to the giants.

She said, "It's going to need a lot of money ploughed into it. People are so used to social media being free. I think businesses might pay for it, but people are so used to having news at their fingertips for free."

WT:Social is a separate entity to Wikipedia and can be found at wt.social

Source: www.bbc.com

Sent to us by: Roy W. Nash