Connect with us

Windows

No-plugin Skype coming to Microsoft Edge

blank

Published

on

no-plugin-skype-on-edge-but-not-on-chrome-firefox

Talk about a no-plugin Skype version for Microsoft’s Edge browser had started this Summer, but the plans to introduce a less constrictive and less consuming version of Skype had not materialized. Until today, when the development team behind Skype and Edge announced that the no-plugin Skype would be made available on the Edge browser soon enough.

Windows Insider members can access the new plugin-free version of Skype and test it out on the Edge browser. According to the development team, who today announced that the ORTC API preview of the browser would include Skype audio- and video calling, no0plugin Skype would be going mainstream soon enough.

ORTC or Object RTC is a feature unique to Microsoft Edge right now, as Chrome, Opera and Firefox only work with WebRTC, which Microsoft calls a “flawed standard”. With ORTC, no-plugin Skype calls are made available directly through the browser, which will allow for advanced real-time communication. The team is confident that while at first, only simple calls will be made available, they’ll quickly move onto group video calls and such.

According to Microsoft, users will be able to use no-plugin Skype in the Edge browser by the time we hit next year. The company promised to release the new version of the browser that supports the new Skype features before the year comes to a close, but they did not go into detail about how advanced the first version will be.

Windows Insiders who are already making use of the features are tasked with providing feedback and helping the developers out. With that feedback, the company should be able to make the no-plugin Skype tool into a very useful feature that will become the selling point of Microsoft Edge. Although Mozilla Firefox has similar features built-in, none of them are as good as this is supposed to be. Both Skype and Skype for Business users will be able to take advantage of the easy calling features, as long as they confide in Edge.

As part of the editorial team here at Geekreply, John spends a lot of his time making sure each article is up to snuff. That said, he also occasionally pens articles on the latest in Geek culture. From Gaming to Science, expect the latest news fast from John and team.

Android

Telegram launches a global self-custodial crypto wallet, excluding the US

blank

Published

on

blank

Telegram, with 800 million monthly users, is launching a self-custodial crypto wallet. The move will solidify its presence in the vibrant crypto community that has grown from its chat platform and may attract more people to crypto.

Telegram and TON Foundation announced TON Space, a self-custodial wallet, on Wednesday at Singapore’s Token2049 crypto conference, which draws over 10,000 attendees.

Telegram has a complicated blockchain relationship. After the SEC sued Telegram over a massive initial coin offering, the chat app abandoned its Telegram Open Network (TON) blockchain project in 2020. The Open Network Foundation (TON Foundation), founded by open-source developers and blockchain enthusiasts, supports the development of The Open Network (TON), the blockchain powering a growing number of Telegram applications, including the wallet.

The Open Platform (TOP) and TOP Labs, a venture-building division, created the TON-based wallet.

TON Space will be available to Telegram users worldwide without wallet registration in November. The U.S., which has cracked down on the crypto industry and promoted many crypto apps to geofence users, is currently excluded from the feature.

Continue Reading

Software

According to Microsoft, hackers stole its email signing key. Kind of

blank

Published

on

blank

China-backed hackers stole a digital skeleton key to access US government emails.

A China-backed hacking group stole one of Microsoft’s email keys, allowing near-unfettered access to U.S. government inboxes, due to a series of unfortunate and cascading mistakes. Microsoft revealed how the hackers pulled off the heist in a long-awaited blog post this week. Although one mystery was solved, several crucial details remain unknown.

In July, Microsoft disclosed that Storm-0558 hackers, which it believes are backed by China, “acquired” an email signing key used to secure Outlook.com accounts. The hackers broke into government officials’ Microsoft-hosted personal and enterprise email accounts using that digital skeleton key. The hack targeted unclassified emails of U.S. government officials and diplomats, including Commerce Secretary Gina Raimondo and Ambassador to China Nicholas Burns.

The hackers’ source of that consumer email signing key was unknown until this week, when Microsoft revealed the five issues that led to its leak.

Microsoft reported in its blog that a consumer key signing system crashed in April 2021. The crash created a system snapshot for analysis. This consumer key signing system is “highly isolated and restricted” from the internet to prevent cyberattacks. Microsoft was unaware that the system crash resulted in a snapshot image containing the consumer signing key #1, which they failed to detect in snapshot#2 .

The snapshot image was “subsequently moved from the isolated production network into our debugging environment on the internet connected corporate network” to determine the system crash. Microsoft confirmed its standard debugging process, but credential scanning did not detect the key in snapshot image#3.

After the snapshot image was moved to Microsoft’s corporate network in April 2021, Microsoft said the Storm-0558 hackers were able to “successfully compromise” a Microsoft engineer’s corporate account, which had access to the snapshot image’s debugging environment, which contained the consumer signing key. Microsoft said “we don’t have logs with specific evidence of this exfiltration,” but this was the “most probable mechanism by which the actor acquired the key.”

Microsoft stated that its email systems were not properly validating the consumer signing key#4, allowing access to enterprise and corporate email accounts of various organizations and government departments. The company stated that its email system would accept a request for enterprise email using a security token signed with the consumer key#5.

Mystery solved? Not quite

Microsoft’s admission that the consumer signing key was likely stolen from its systems ends the speculation that it was obtained elsewhere.

How the intruders hacked Microsoft is unknown. Jeff Jones, senior director at Microsoft, told that “token-stealing malware” compromised the engineer’s account but declined to comment.

Phishing and malicious links can spread token-stealing malware that steals session tokens. Session tokens are small files that keep users logged in without having to re-enter a password or two-factor authentication. Thus, stolen session tokens can give an attacker full access without the user’s password or two-factor code.

Last year, a teenage hacking team called Lapsus$ used malware to steal Uber employee passwords and session tokens. CircleCi was compromised in January after its antivirus software missed token-stealing malware on an engineer’s laptop. After hackers broke into LastPass’s cloud storage via a compromised developer’s computer, customers’ password vaults were breached.

How the Microsoft engineer’s account was compromised could help network defenders prevent future incidents. The engineer’s work computer or a personal device Microsoft allowed on its network may have been compromised. The real culprits for the compromise are the network security policies that failed to block the (albeit highly skilled) intruder, so focusing on an engineer seems unfair.

Cybersecurity is difficult even for corporate mega-giants with nearly unlimited cash and resources. Even if they failed, Microsoft engineers considered a wide range of complex threats and cyberattacks when designing protections and defenses for the company’s most sensitive and critical systems. Storm-0558 hacked into Microsoft’s network by chance or knowing it would find the keys to its email kingdom. It’s a reminder that cybercriminals only need to succeed once.

No analogy fits this unique breach or circumstances. It’s possible to admire a bank’s vault security while acknowledging the robbers who stole the loot inside.

It will be some time before the full extent of the espionage campaign is known, and the remaining victims whose emails were accessed are unknown. The Cyber Security Review Board, a group of security experts that analyzes major cybersecurity incidents, will investigate the Microsoft email breach and other issues “relating to cloud-based identity and authentication infrastructure.”

 

Continue Reading

Android

AI-powered BeFake is not a parody of BeReal but an actual app…and it’s backed by a $3M budget

blank

Published

on

blank

Social networking app BeFake raised $3 million in seed funding to develop an AI-enhanced social network that borrows ideas from the successful Gen Z app BeReal. The name of the app is obviously a play on BeReal, which emphasizes genuine photo sharing among friends. Instead of sharing your current activities, BeFake users can use the app’s front and back cameras to take photos, which they can then edit with artificial intelligence (AI) using the app’s presets or their own individualized prompts.

Alias Technologies, an applied AI firm, developed the app with the help of generative media and multi-modal AI systems.

Kristen Garcia Dumont and Tracy Tracy Lane, the executive team behind the gaming giant Machine Zone before it was acquired by AppLovin in 2020, founded Alias in 2021. World War Rising and Final Fantasy XV: A New Empire, two mobile games that Dumont oversaw at Machine Zone and helped bring to market, have combined sales of over $1 billion. Meanwhile, as COO, Lane was in charge of all things related to the platform’s community, moderators, and regulations.

blank

With Alias’ AI technology, users can input text prompts to transform their photos into AI-augmented visuals, and the founders hope to create a parody of the real-time social network BeReal’s push notification-driven posting concept with their app. The goal is to encourage genuine expression of one’s creativity rather than one’s true self.

Dumont claims that the gaming industry has a lot more in common with his own than may at first be apparent.

“We used AI to make money,” she says. To wit: “What is it that a player ought to be offered…?”When to offer a discount, what to discount, how to discount, and how to best monetize that user are all questions that need answers. To continue, Dumont. But we also began to use it to better pair players.

They discovered that when the algorithms functioned properly, players were more engaged and were able to form relationships with one another despite their differences in geography.

The inspiration for BeFake came from the idea of gamers forming relationships online without disclosing their true identities to each other.

They use a completely separate online persona. It was a spark moment, Dumont says, to see the magical connection form because the algorithms got it right.

blank

blank

Other front-back apps like BeReal and Frontback work similarly to BeFake. Users take front and back photos on their phones and then choose a preset or type a prompt to create an AI image.

The app offers style and custom location prompts, such as fantasy imagery or Mount Everest. Otherwise, users can type their own prompts to imagine themselves in different scenarios.

The company uses Stable Diffusion with a custom denoising loop. Its proprietary pipeline components emphasize the app’s social network nature. That means it must work with candids, zoomed-in photos, multi-person photos, etc.

blank

BeFake doesn’t require dozens of selfies to start, unlike other AI apps. Also, it applies AI-powered changes in under 30 seconds, usually less than 10. However, users spend at least 10 minutes per session designing AI.

Augmented photos can be shared with friends, in the main discovery feed where AI creators can build a following, or on other social media. You can also switch between the normal and AI photos, which is fun. Since every photo will be unique, the company thinks its feed will be more interesting than BeReal.

blank

When asked why they chose the name “BeFake,” which makes the app sound like a parody of BeReal rather than a serious attempt to build a standalone social network, Dumont said they wanted to reject the “whole concept where you either need to Facetune yourself or perfectly curate yourself.”

Since users started curating their “real” moments on BeReal, she says it’s fake.

“Hurry downstairs and pretend you have 20 friends. Brush your hair, take a side pic, right? It was unauthentic, she says. “So it’s less about BeReal and much more about this full and total rejection of the authenticity movement, which is inauthentic,” Dumant says.

Since BeFake launched on the App Store and Google Play this month, the company is not sharing downloads or user adoption metrics, but it is seeing triple-digit week-over-week growth.

Subscriptions allow users to post outside the time window or more than once per day by paying for compute time to create AI images on BeFake. The plans cost $2.99/week, $9.99/month, or $99.99/year. However, the company sends a daily push notification alerting users to a 20-minute free AI image making period.

BeFake founders believe their gaming background will help them stay relevant because they learned you must quickly adapt to users’ changing tastes to retain them.

blank

Dumont says, “Part of what we’ve built under the hood is the ability to deploy changes to the app almost on a dime, similar to gaming so we can respond to consumer tastes.”

The moat for most AI apps is not the technology. We have a proprietary pipeline. Other people probably do too. You want to use open-source tools. As open source tools improve, so do you because you can use them, she says. “So don’t be too precious about your engineering pipeline. In AI apps, your moat is your community. We’re focused on building that community, which requires hyper-responsiveness.”

The company is already learning what AI images users like to improve its algorithms.

The 12-person, remotely-distributed company also announced $3 million in seed funding from Khosla Ventures. Next Coast Ventures, Maveron Ventures, Peter Thiel, Joe Lonsdale, and WS Investments also invested. The round closed in April 2022 but was not reported.

 

 

Continue Reading

Trending