ByGoran Spasojevic-May 15, 2018.222 The latest G305 wireless mouse from Logitech comes with a high-quality optical sensor at a $59.99 price. The G305 mouse uses the company’s flagship Hero sensor and wireless engineering ‘ Lightspeed. ‘ Logitech regularly updates its gaming mice list. Precision speed and longevity of the batteries are what gamers are looking for when buying a new unit. The new wireless mouse from the company G305 meets all of those requirements. The new mouse has six programmable buttons, with the regular left and right click and scroll wheel included. The Logitech G305 features an optical sensor Hero. This is the flagship sensor of the organization and something that they bring into their high-end gaming mice. It provides monitoring in 200-12000 Dpi. The company claims this new optical sensor is not only very sensitive but also power-efficient as it can deliver 250 hours of gameplay with one single Aa battery. .223.223 Figure 1 Logitech Photo Courtesy On top of that Logitech G305 comes with a Usb dongle bundled inside the device near the battery. This model also uses the Lightspeed wireless technology from Logitech and that means you will get a report rate of 1ms which is what an average gamer needs to avoid lagging in the multiplayer environment. So if you are in need of reducing the battery consumption fancy looking gaming mouse but you get a high-end technology for a budget price of $59.99.The rest are advised to refrain from opening received video files via email or chatting apps such as WhatsApp. Only playing a specially crafted malicious video on your Android device could be enough to compromise your smartphone or tablet. In this case, the vulnerability exploited carried the “Cve-2019-2107” identifier and hackers already love it, as it is a simple way to allow them to execute arbitrary code on a target device. Not many people would think they could be compromised by simply playing a video so sending videos via email or chat apps is a way to reach a wide audience of potential victims. There are more than 1 billion devices out there that are vulnerable to the specific vulnerability from Android 7.0 to Android 9.0 and if you’re not using a Google Pixel or Android One smartphone that has already received the July 2019 Android Security Update you’re most likely included in the list. The user will have to play the malicious video using the native video player software from Android or a 3rd party video device that uses the Android media system for the exploitation to function. Sadly there is already proof of concept code out there so attackers can catch it already and launch their campaigns. The researcher who published the PoC (Marcin Kozlowski) also gave details on how to conduct Rce (remote code execution) on LineageOs and Samsung phones. Google provides the following explanation for the specific vulnerability in a specially crafted Png picture of their most recent security bulletin. It is important to clarify that if an attacker tries to hack computers for the people by uploading the malicious video to YouTube or other video hosting services, the exploit will not work. The only way to succeed is to ask the victim to play the video on their computer so don’t try to open it if you receive a video file via email or instant messaging apps like the Messenger or WhatsApp. When you really want to see what the video is, or need to open it anyway, you can only do so safely by converting it first and re-encoding the video file using a specialist transcoder tool such as HandBrake. Use Court Rules that Scraping Data from Public Websites Without Permission is Legal
ByBill Toulas-September 10, 2019.225 California court ruled that bots should not be stopped from scraping user data. The judge defends the decision by making those who choose their privacy settings liable for the responsibility. The California District Court has ruled that scrapping a public website without obtaining the website owner’s permission does not constitute a breach of the Computer Fraud and Abuse Act (Cfaa). The plaintiff in this legal battle is “hiQ Labs Inc.” and the defendant is a Microsoft firm called “LinkedIn Corporation.” The latter apparently tried to prevent the former from using automated bots to scrap their user data. The court rules that this prohibition is unconstitutional and argues that it risks hiQ’s existence as an enterprise. The court found that users of LinkedIn maintain certain privacy rights even though they do make their profiles available on the site it ruled in favor of the interests of hiQ. As mentioned by the judge LinkedIn users are offered the option of keeping parts of their profile secret from the general public. On this basis, the available information should be viewed as open and exchanged by anyone without restrictions and without the need for the user or site (LinkedIn) to obtain consent. However, LinkedIn has a “Quicksand” system in place which is capable of detecting non-human activity which is usually an indication of data scraping. The program throttles or even bans the operation that is related to the IP address of the bot, and even places that address for future reference on its blacklist. Quicksand in total blocks 95 million automated attempts to delete data every day. Obviously this does not play well with the bots of hiQ whose business relies on the retrieval of LinkedIn profiles like job title usernames and professional skills. The company sells this data as a batch or analyzes it, and provides informative reports to those involved in such services. The battle between the two organizations began in May 2017 when LinkedIn sent a cease-and-desist letter to hiQ accusing them of violating the User Agreement. We warned hiQ that they would sue them for breaching the Cfaa and Dmca laws if they tried to access LinkedIn’s data again. However, the recent court decision does not vindicate LinkedIn so hiQ must be excluded from the blacklist and free to delete all user data that is available to the public. This will have major consequences for the platform as many other data scraping companies will now seek to be exempt from filtering Quicksand. It’s time for the users to carefully study the LinkedIn privacy settings.ByBill Toulas-September 10, 2019.225 California court ruled that bots should not be stopped from scraping user data. The judge defends the decision by making those who choose their privacy settings liable for the responsibility. The California District Court has ruled that scrapping a public website without obtaining the website owner’s permission does not constitute a breach of the Computer Fraud and Abuse Act (Cfaa). The plaintiff in this legal battle is “hiQ Labs Inc.” and the defendant is a Microsoft firm called “LinkedIn Corporation.” The latter apparently tried to prevent the former from using automated bots to scrap their user data. The court rules that this prohibition is unconstitutional and argues that it risks hiQ’s existence as an enterprise. The court found that users of LinkedIn maintain certain privacy rights even though they do make their profiles available on the site it ruled in favor of the interests of hiQ. As mentioned by the judge LinkedIn users are offered the option of keeping parts of their profile secret from the general public. On this basis, the available information should be viewed as open and exchanged by anyone without restrictions and without the need for the user or site (LinkedIn) to obtain consent. However, LinkedIn has a “Quicksand” system in place which is capable of detecting non-human activity which is usually an indication of data scraping. The program throttles or even bans the operation that is related to the IP address of the bot, and even places that address for future reference on its blacklist. Quicksand in total blocks 95 million automated attempts to delete data every day. Obviously this does not play well with the bots of hiQ whose business relies on the retrieval of LinkedIn profiles like job title usernames and professional skills. The company sells this data as a batch or analyzes it, and provides informative reports to those involved in such services. The battle between the two organizations began in May 2017 when LinkedIn sent a cease-and-desist letter to hiQ accusing them of violating the User Agreement. We warned hiQ that they would sue them for breaching the Cfaa and Dmca laws if they tried to access LinkedIn’s data again. However, the recent court decision does not vindicate LinkedIn so hiQ must be excluded from the blacklist and free to delete all user data that is available to the public. This will have major consequences for the platform as many other data scraping companies will now seek to be exempt from filtering Quicksand. It’s time for the users to carefully study the LinkedIn privacy settings.