Connect with us

Apps

Windows 10’s Password Manager had a Major Vulnerability

blank

Published

on

Vulnerability

We’ve talked about the issues with HP and BLU’s issues regarding unwanted software. One is distributing a telemetry app that uses a lot of resources from the end user. The other distributed smartphone malware that killed its own phone. However, what about very vulnerable security programs? Have you ever heard of the program Keeper?

A Google Security Researcher revealed that Microsoft has been bundling a password manager which features a dangerous flaw with some versions of Windows 10. Tavis Ormandy noticed that his copy of Windows 10 included Keeper, which he had previously found to be injecting privileged UI into pages.

Now, Keeper in and off itself is a good password manager if the reviews it has gotten are anything to go by. The password manager uses 256-bit AES encryption, zero-knowledge architecture and Two-Factor Authentication. It also comes as an extension for a lot of popular web browsers such as Google Chrome, Mozilla Firefox and Safari.

However, the browser extension is the part that comes into question here. Mr. Ormandy noticed that the Windows 10 version of Keeper had the same issues and exploitative capabilities the software was exposed to since a year and a half ago.

https://storage.googleapis.com/monorail-prod.appspot.com/26/attachments/73db5312-2d5b-4d06-a83a-4b1f4d29b09a?Expires=1513630408&GoogleAccessId=monorail-prod%40appspot.gserviceaccount.com&Signature=DSmOvBB9HD8rkxV686hWR5uPwBNl7jRWWYtr%2FVrUq4lIlPoHGNRGA05zry28amkZoQaKNndYfdV9eYL%2FW9numO3LtSO428AWjXKeSVTWGsnFk%2FyswoQE4mmDppyHTEvaHu1puXrfDX77yFMPlzMyxBH98ZWHUwmpzd34LbVcIgeOrhetClAziKnmTZKwUTB9n4Z8InNpbPzrm90gYr%2Fd3FGI1jTXZBMRpJtDY3h9tGmOpcZTDF09P%2FMWurg4tTZj%2BycpWjctiVDTw2lGHZWG4gjWi9JzH%2BDpJfsyLxsxNJRbQRZgI947pfe%2B6R0umItIIjNiqCrbbLVDZufB4%2BK%2FFg%3D%3D

Without that much effort and a few tweaks, Tavis soon found out that anyone with bad intentions can easily steal any and all of the passwords stored within the Keeper app. Soon, he shared the vulnerability details on Twitter to make notice of this:

The page Tavis is linking to leads to a Project Zero page where Tavis states the process surrounding his finding. He started a Virtual Machine and from there he pulled off the same exploit he reported a long time ago.

Now, not everything is doom and gloom in this case. Especially now that Keeper has since patched the issue out. However, this is still software that nobody has asked for and the public should be left with a choice about whether or not they install it.

I always wanted to be a journalist who listens. The Voice of the Unspoken and someone heavily involved in the gaming community. From playing as a leader of a competitive multi-branch team to organizing tournaments for the competitive scene to being involved in a lot of gaming communities. I want to keep moving forward as a journalist.

Android

Google Chrome now has a ‘picture-in-picture’ feature

blank

Published

on

blank

Google is getting ready to make a big change to how its Chrome browser works. This is because new browsers from startups like Arc are making the market more competitive. The company said on Wednesday that it will be adding a new feature called “Minimized Custom Tabs” that will let users tap to switch between a native app and their web content. When you do this, the Custom Tab turns into a small window that floats above the content of the native app.

The new feature is all about using Custom Tabs, which is a feature in Android browsers that lets app developers make their own browser experience right in their app. Users don’t have to open their browser or a WebView, which doesn’t support all of the web platform’s features. Custom tabs let users stay in their app while browsing. Custom tabs can help developers keep users in their apps longer and keep them from leaving and never coming back.

blank

If you make the Custom Tab into a picture-in-picture window, switching to the web view might feel more natural, like you’re still in the native app. People who send their customers to a website to sign up for accounts or subscriptions might also find this change useful, since it makes it easier for users to switch between the website and the native app.

After being shrunk down to the picture-in-picture window, the Custom Tab can be pushed to the side of the screen. Users can tap on a down arrow to bring the page back to the picture-in-picture window when it is full screen.

The new web experience comes at a time when Google is making it easier for Android users to connect to the web. People can find their way to the web with AI-powered features like Circle to Search and other integrations that let them do things like circle or highlight items.

The change is coming to the newest version of Chrome (M124), and developers who already use Chrome’s Custom Tabs will see it automatically. Google says that the change only affects Chrome browsers, but it hopes that other browser makers will add changes like these.

Continue Reading

Apps

Threads finally starts its own program to check facts

blank

Published

on

blank

Meta’s latest social network, Threads, is launching its own fact-checking initiative after leveraging Instagram and Facebook’s networks for a brief period.

Adam Mosseri, the CEO of Instagram, stated that the company has recently implemented a feature that allows fact-checkers to assess and label false content on threads. Nevertheless, Mosseri refrained from providing specific information regarding the exact timing of the program’s implementation and whether it was restricted to certain geographical regions.

The fact-checking partners for Threads—which organizations are affiliated with Meta—are not clearly specified. We have requested additional information from the company and will revise the story accordingly upon receiving a response.

The upcoming U.S. elections appear to be the main driving force behind the decision. India is currently in the midst of its general elections. However, it is improbable that a social network would implement a fact-checking program specifically during an election cycle rather than initiating the project prior to the elections.

In December, Meta announced its intention to implement the fact-checking program on Threads.

“At present, we align the fact-check ratings from Facebook or Instagram with Threads. However, our objective is to empower fact-checking partners to evaluate and assign ratings to misinformation on the application,” Mosseri stated in a post during that period.

Continue Reading

Apps

Mark Zuckerberg reports that Threads has a total of 150 million users who engage with the app on a monthly basis

blank

Published

on

blank

Threads, Meta’s alternative to Twitter and X, is experiencing consistent and steady growth. During the Q1 2024 earnings call, Mark Zuckerberg stated that the social network currently has over 150 million monthly active members, which is an increase from 130 million in February.

Threads made significant progress in integrating with ActivityPub, the decentralized protocol that powers networks such as Mastodon, during the last quarterly earnings conference. In March, the firm granted U.S.-based users who are 18 years of age or older the ability to link their accounts to the Fediverse, enabling their posts to be seen on other servers.

By June, the business intends to make its API available to a broad range of developers, enabling them to create experiences centered on the social network. Nevertheless, it remains uncertain whether Threads will enable developers to create comprehensive third-party clients.

Meta just introduced their AI chatbot on various platforms like Facebook, Messenger, WhatsApp, and Instagram. Threads was conspicuously omitted from this list, perhaps because of its lack of built-in direct messaging capabilities.

Threads introduced a new test feature on Wednesday that allows users to automatically archive their posts after a certain length of time. Additionally, users have the ability to store or remove specific postings from an archive and make them accessible to the public.

Threads is around nine months old, and Meta has consistently expanded its readership. Nevertheless, Threads cannot be considered a viable substitute for X, as Instagram’s head, Adam Mosseri, explicitly stated in October that Threads will not “amplify news on the platform.” However, Meta’s social network continues to grow in popularity. According to app analytics company Apptopia, Threads now has more daily active users in the U.S. than X, as Business Insider reported earlier this week.

Continue Reading

Trending