Do Not Give Up On a Microsoft Surface Phone

There’s one way to make the inevitable Surface Phone an instant success.

  • Surface Phone Rumors

    Microsoft is doing its best to convince people it is out of the phone business. However, a handful of tech writers and pundits suspect Microsoft will introduce a Surface Phone sometime soon.

    Microsoft recently announced an end for support of old Windows Phones. Everything having to do with the phone, including its useful “find my phone” feature, will be kaput. Get over it and move on, Redmond seems to be saying.

    Don’t roll your eyes, but I think this is all proof that Microsoft has a Surface Phone waiting in the wings.

    First of all, Microsoft has to be prominent in the phone market because that’s where the action is. It has tried and failed several times, first with smartphone games, then with Windows Phone. Third time’s the charm?

    The demise of the current Windows Phone is simply Microsoft’s effort to move on. It cannot afford to have a bunch of Windows Phone users demanding upgrades or replacement phones.

    Microsoft should swap out remaining Windows phones with Surface phones. It tells users that you never lose when you pick a Microsoft product, and it would seed the new phone into the market overnight.

    Somewhere along the line, Microsoft lost both these simple marketing skills. For example, I could never get a Windows Phone review unit from Microsoft. Few others did either. But if the company announced a 1:1 swap for an “upcoming new product,” that would start a buzz. When is the last time you ever heard any real advance buzz for anything Microsoft was doing? The latest thing in the wind is Office 2019 and how it will be the last standalone, cloudless version you will ever be allowed to buy. What kind of buzz is that?


    It’s possible I’m completely off-base. Maybe the company will just give up on the booming mobile market because it cannot compete. A weird choice, but not impossible.

    My current inclination, which helps explain these announcements regarding the Windows Phone, is that Microsoft will pull a rabbit out of a hat and go back to its tradition of “embrace and extend” via the most powerful marketing tool it ever developed: technology licenses.

    In this case, it would mean taking out an Android license and adding special Windows features to the UI, offering the Windows experience plus access to Android apps. With that, you might witness a line outside a Microsoft Store. Wouldn’t that be something?

    Posted in Uncategorized | Leave a comment

    Intel releases more Meltdown/Spectre firmware fixes, Microsoft feints an SP3 patch


    One month ago today, Intel told the world that their Meltdown/Spectre patches were a mess. Their advice read something like, “Ooopsie. Those extremely important BIOS/UEFI firmware updates we released a coupla weeks ago are causing Intel machines to drop like bungee cows. In spite of what we told you then, stop installing them now. And if you installed a bad BIOS/UEFI patch, well golly, contact your PC manufacturer to see if they know how to get you out of the mess.”

    Intel now says it has released really new, really good firmware versions for most of its chips.

    Intel chips covered, and those not covered

    Scanning the official Microcode Revision Guidance February 20, 2018 (pdf), you can see that Coffee Lake, Kaby Lake, Bay Trail and most Skylake chips are covered. On the other hand, Broadwell, Haswell, and Sandy Bridge chips still leave brown skid marks.

    Security Advisory INTEL-SA-00088 has been updated with this squib:

    We have now released new production microcode updates to our OEM customers and partners for Kaby Lake, Coffee Lake, and additional Skylake-based platforms. As before, these updates address the reboot issues last discussed here, and represent the breadth of our 6th, 7th and 8th Generation Intel® Core™ product lines as well as our latest Intel® Core™ X-series processor family. They also include our recently announced Intel® Xeon® Scalable and Intel® Xeon® D processors for datacenter systems.  We continue to release beta microcode updates for other affected products so that customers and partners have the opportunity to conduct extensive testing before we move them into production.

    Intel’s recommendations

    Intel goes on to recommend basically the same stuff they recommended last time, with a specific call-out:

    • We continue to recommend that OEMs, cloud service providers, system manufacturers, software vendors, and end users stop deployment of previously released versions of certain microcode updates addressing variant 2 (CVE-2017-5715), as they may introduce higher-than-expected reboots and other unpredictable system behavior.


    • We also continue to ask that our industry partners focus efforts on evaluating the beta microcode updates.



    • For those concerned about system stability while we finalize these updated solutions, earlier this week we advised that we were working with our OEM partners to provide BIOS updates using previous versions of microcode not exhibiting these issues, but that also removed the mitigations for ‘Spectre’ variant 2 (CVE 2017-5715)



    • Microsoft also provided two resources for users to disable original microcode updates on platforms exhibiting unpredictable behavior:



    • For most users – An automatic update available via the Microsoft® Update Catalog which disables ‘Spectre’ variant 2 (CVE 2017-5715) mitigations without a BIOS update. This update supports Windows 7 (SP1), Windows 8.1, and all versions of Windows 10 – client and server



    • For advanced users – Refer to the following Knowledge Base (KB) articles







    • Both of these options eliminate the risk of reboot or other unpredictable system behavior associated with the original microcode update and retain mitigations for ‘Spectre’ variant 1 and ‘Meltdown’ variant 3 until new microcode can be loaded on the system.


    The “For most users” update is KB 4078130, the surprise Friday evening patch, released on Jan. 26, which I discussed almost a month ago:

    On Friday night, Microsoft released a strange patch called KB 4078130 that “disables mitigation against Spectre, variant 2.” The KB article goes to great lengths describing how Intel’s the bad guy and its microcode patches don’t work right:

    There aren’t any details, but apparently this patch — which isn’t being sent out the Windows Update chute — adds two registry settings that “manually disable mitigation against Spectre Variant 2”

    Rummaging through the lengthy Microsoft IT Pro Guidance page, there’s an important warning:

    Customers who only install the Windows January and February 2018 security updates will not receive the benefit of all known protections against the vulnerabilities. In addition to installing the January and February security updates, a processor microcode, or firmware, update is required. This should be available through your OEM device manufacturer.

    Microsoft firmware update for Surface Pro 3

    In what must be an amazing coincidence, last night Microsoft released a firmware update for the Surface Pro 3. It’s currently available as a manual download (“MSI format”) for Surface Pro 3. I haven’t seen it come down the Windows Update chute. Perhaps Microsoft is beta testing it once again. Per Brandon Records on the Surface blog:

    We’ve released a new driver and firmware update for Surface Pro 3. This update includes new firmware for Surface UEFI which resolves potential security vulnerabilities, including Microsoft security advisory 180002.

    This update is available in MSI format from the Surface Pro 3 Drivers and Firmware page at the Microsoft Download Center.

    Except, golly,  the latest version of the patch on that page (as of 10 am Eastern US time) is marked “Date Published 1/24/2018.” The official Surface Pro 3 update history page lists the last firmware update for the SP3 as being dated Oct. 27, 2017.

    And, golly squared, Microsoft Security Advisory 180002 doesn’t even mention the Surface Pro 3. It hasn’t been updated since Feb. 13. It links to the Surface Guidance to protect against speculative execution side-channel vulnerabilities page, KB 4073065, which doesn’t mention the Surface Pro 3 and hasn’t been updated since Feb. 2.

    You’d have to be incredibly trusting — of both Microsoft and Intel — to manually install any Surface firmware patch at this point. Particularly when you realize that not one single Meltdown or Spectre-related exploit is in the wild. Not one.

    Posted in Uncategorized | Leave a comment

    Apple is probably launching two new iPads soon

    Do you need a new iPad? Of course you don't, but you probably want one, and Apple will likely sate your hunger soon.

    Do you need a new iPad? Of course you don’t, but you probably want one, and Apple will likely sate your hunger soon.

    Rejoice, iPad lovers: New Apple-branded tablets may be coming soon.

    New entries in the Eurasian Economic Commission database, discovered by French blog Consomac and noticed by 9to5Mac, indicate Apple is preparing launch two new iPad models.

    SEE ALSO: Why it makes no sense for Apple to bring iPad apps to Macs

    The filing contains no info about the new iPads except the model identifiers, A1893 and A1954. So what does this information tell us?

    Well, judging by previous findings of this type, it’s quite likely that we’ll see these new iPads soon, perhaps as soon as next month. This is hardly unusual; for example, Apple launched the $329, 9.7-inch iPad in March last year.

    It could also mean that these new devices are just a minor update of the current models. Ever since the iPhone X saw the light of day, there were rumors about the iPad getting a similar treatment: small bezels, no home button, the notch. But this particular device is expected later this year; that said, none of this is official information, and anything is possible.

    This also doesn’t mean there will be a full-fledged Apple event soon. Last year, Apple simply launched the new iPad without an event.

    Posted in Uncategorized | Leave a comment

    This Super Stealth Startup Has Built An Apple Hacker’s Paradise

  • Thomas Fox-Brewster , Forbes Staff I cover crime, privacy and security in digital and physical forms.

    Amanda Gorton

    Amanda Gorton, CEO of Corellium, a company that’s making it a lot easier to go bug hunting in Apple devices.

    Every benevolent hacker dreams of a space replete with software they can manipulate to make it do things it shouldn’t. But oftentimes it’s neither cheap nor easy to acquire and maintain all that tech, especially when you’re trying to break it, risking its very usefulness. And in the world of Apple products, it’s both a financial burden and a technical challenge to gather myriad iDevices and subsequently find vulnerabilities within; if they crash or die, it may mean repeated expensive trips to the Apple Store.

    Now, though, there’s an answer: Corellium. The software can spin up virtual iPhones and iPads, amongst other Apple systems, all running the latest iOS operating system. From there, hackers and software developers can try whatever they want on the device, whether that’s looking for security weaknesses or just testing their apps on different Apple hardware and software. It’s possible to pause, rewind and fast-forward everything that’s done on the device too, whilst Corellium reveals the internal code to help hackers discover what went wrong (or right) when they started tinkering. It won’t matter if the software crashes; you can just create a new virtual Apple device in 10 minutes.

    Notable iOS hackers are already impressed. Mark Dowd, chief of Azimuth (recently revealed by Vice Motherboard to be an iOS exploit supplier for the U.S. government, amongst other clients), said in a tweet that it was ” basically magic.” That’s one reason Azimuth became the first customer of Corellium. Nikias Bassen, another famous jailbreaker who was given early access to the tool, told Forbes: “This is an amazing thing.” He was most impressed by the ability to hunt for bugs in the kernel (the deepest level of an operating system from which all other software are launched) of the latest iOS version without the need for a real device.

    Meet the founders

    Founded in Florida in August 2017, and coming out of stealth on Thursday, the founders include a husband and wife duo. The CEO is Amanda Gorton. A Yale classics graduate, she’s driving the business forward as it recruits new customers, the first being Australian company Azimuth Security, which has a long history in finding weaknesses in iPhones. Gorton now finds herself a rarity: a female CEO in a cybersecurity industry dominated by men.

    Chris Wade, one of the original iPhone jailbreakers and co-creator of iOS emulator iEmu, helped put together the company and the technology, though in the latter he had help from a number of sources. They include the third cofounder, David Wang, formerly of Azimuth and another Yale graduate, who’s also a big name in the Apple jailbreaker community, having been part of the Evasi0n crew that repeatedly found security holes in iOS in the early 2010s. He’d previously previously ported Android and Linux onto the iPhone, so has experience in Corellium’s wheelhouse. Meanwhile, Jay Freeman, the developer of the Cydia app store for jailbroken iPhones, has provided his Cyript tool that makes it possible to probe and modify iOS apps using a mix of Objective C++ and JavaScript, two widely-known programming languages. The original idea behind Cycript was to make hacking on iOS much more accessible, which chimes with what Corellium is all about.

    This isn’t Gorton and Wade’s first rodeo in the iPhone virtualization space. They spun up a similar company, Virtual, in 2014, which quickly sold to Citrix later that year for an undisclosed fee.

    The CHARM offensive

    Virtual did much the same as Corellium, but there are some key differences. The former was only for the older 32-bit Apple devices, whilst Corellium was built to handle the latest 64-bit systems.

    Then there’s the heart of the new technology: the Corellium Hypervisor for ARM (or what the founders have dubbed CHARM). Running across a host of ARM servers, CHARM controls the virtualized iOS devices (the real versions of which run on ARM chips) and ensures they’re getting all the power they need. Whilst those servers don’t have the peripherals of iDevices — like the camera, USB and Wi-Fi — Corellium emulates those. This means there are some limitations, though. For instance, the device can connect to Wi-Fi, but not to a cellular network.

    In a demo for Forbes earlier in February, Gorton loaded up an iPhone 6 in a matter of minutes, a process that mimics an iTunes-style restore of a normal phone. As she toyed with the virtual iPhone, Gorton said the real benefit of the software was its ability to pause and inspect devices for validating bugs or other code issues.


    Corellium software helps developers look at iPhone internals. But it works across almost all iOS devices currently on the market.

    Whilst Apple provides an iPhone simulator, which allows developers to run iOS on PCs based on standard x86 chips, it’s not a faithful representation of how iOS would behave on a real device, according to Wade. And that’s where Corellium sees a big gap in the market.

    “Testing on iOS devices currently is limited in that each physical device is locked to a particular firmware version, as Apple does not let anyone downgrade their devices,” Wang told Forbes. “It’s also a lengthy process to reset the device to a known state after each test. For a security researcher, physical devices are especially limited in how locked down mobile operating systems are. With virtualization, researchers can tinker with any part of the operating system as well as inspect and instrument it in ways that are very helpful. Best of all, they can do it without having to resort to jailbreaking the device.”

    Though the ability to mass test iPhones will likely be the biggest draw to Corellium, the software can spin up other iDevices, including Apple TV and the Apple Watch. It doesn’t yet have the capability to run a virtual iPhone X, but Gorton said that would be coming in Spring.

    Concerns around government use?

    One possible concern about making Apple hacking that much quicker and simpler is that it could be used by governments to develop so-called zero-day exploits, which take advantage of unpatched software vulnerabilities to hack the host computer or smartphone. In some cases, those flaws are never disclosed to vendors, and so general users go unprotected.

    Given the close relationship with Azimuth, is this a worry for Wang? “Honestly, not really. We will of course be selective in who we choose to do business with, but at the end of the day, we provide virtualization services. Yes, they are great for finding vulnerabilities and developing exploits, but so are other virtualization products like VMware. We see this as a tool that is broadly helpful to all developers working on mobile operating systems. It just so happens that the tool fills a particular shortcoming in the security community for mobile devices that desktop and server platforms already have covered.” Wang also revealed that as a result of Corellium tests, the team had already disclosed some problems to Apple.

    Corellium comes out of beta in March and will be private invite only.


    Posted in Uncategorized | Leave a comment

    Apple’s new $349 HomePod leaves strange white stains on wood furniture

    Apple's HomePod (Credit: Apple)

    Apple’s HomePod (Credit: Apple)

    Apple’s new HomePod smart speaker is leaving a strange white stain on wooden surfaces, according to some users.

    The Siri-enabled device was launched recently to rival Amazon’s Echo and Google’s Home offerings. While the smart speaker has garnered some positive reviews, tech websites Wirecutter and Pocket Lint note that the device can stain wood.

    A reviewer for Wirecutter reported that, when placed on an oiled butcher-block countertop and a wooden table, the HomePod left “a defined white ring” in the surface. Pocket Lint placed the speaker on a solid oak kitchen worktop treated with Danish oil. “Within 20 minutes the HomePod had caused a white discoloured ring to appear on the wood that some days later has faded, although still hasn’t completely disappeared,” it explained. “We subsequently tested the HomePod on other materials: the same wood that hadn’t been treated with Danish oil and a regular lacquered desk and haven’t seen the same issues.”


    Some HomePod users on Twitter also reported their devices leaving a mark.

    The HomePod stains were dubbed #RingGate on social media. Is “@Apple #HomePod #RingGate Actually an advertisement of their new #spaceship campus?” quipped Vijaya Malla on Twitter, nodding to Apple’s futuristic new headquarters. “Very Clever of them to add this new feature into their products…. Its not just the Logo on the devices but also the campus on our surfaces.”

    Apple updated its HomePod support page to allay users’ concerns about the stains. “It is not unusual for any speaker with a vibration-damping silicone base to leave mild marks when placed on some wooden surfaces,” it wrote. “The marks can be caused by oils diffusing between the silicone base and the table surface, and will often go away after several days when the speaker is removed from the wooden surface.”


    If moving the speaker doesn’t work, Apple advises wiping the surface gently with a soft damp or dry cloth may remove the marks. “If marks persist, clean the surface with the furniture manufacturer’s recommended cleaning process. If you’re concerned about this, we recommend placing your HomePod on a different surface,” the tech giant added.

    Apple has not yet responded to a request for comment on this story from Fox News.

    Posted in Uncategorized | Leave a comment

    A new bug can crash any Apple device with just one simple character — and Apple’s working to fix it

    iPhone 6S Plus ip6spFlickr/TechStage

    AAPL Apple

    172.99 5.62 (+3.40 %)

    • A character from an Indian language is at the heart of a new bug concerning all of Apple’s operating systems.
    • As soon as the character shows up, whether typed or received as part of a text, applications crash and can even freeze an iPhone’s springboard, possibly sending it in a bootloop.
    • iOS, watchOS, and macOS are all afflicted by it, save for the latest beta version of iOS.

    Apple is not having its best week. Following a deluge of bad reports on its new HomePod speaker — mixed reviews, reports of stained furniture, and even somewhat scarce profits— it’s now under scrutiny for yet another software issue.

    The latest bug, discovered by the Italian blog Mobile World, is focused on a single character of a local Indian language, Telugu, that once typed can cause Apple devices to misbehave, crash, or even end up stuck in a bootloop.

    If a user were to open any conversation in a text-based app like WhatsApp, Twitter, or Facebook Messenger and type the character, the app will crash, and it will keep force closing each time you try to reopen it.

    telugu characterThe Telugu character, which we are not posting as text for obvious reasons. (via Mobile World)

    As The Verge reported, the bug also afflicts other third-party applications, such as Gmail and Outlook for iOS, while others like Skype and Telegram seem to be unaffected.

    If someone else were to send the character as a text, the notification snippet containing the character could also freeze or restart the entire iOS springboard by itself (the springboard is the system application that runs the home screen of iOS devices).

    Mobile World suggests that, in that case, users wait for the device to reboot itself automatically, because forcing it to do so may result in a bootloop.

    Mobile World also says the bug afflicts platforms beyond iOS: watchOS and macOS apps like Notes, Safari, and the App Store all reportedly crash as soon as the infamous character shows up.

    A recent community bug report over at OpenRadar confirmed as much: “Try to insert [the symbol] in any system text renderer like TextField, Label, TextView it has always crashed.”

    The only safe operating system seems to be iOS 11.3, which is only publicly available in beta form. You can watch Mobile World’s full demonstrative video (in Italian) below.

    Apple has since confirmed the issue is fixed in the beta version of iOS 11.3 for iOS, macOS, watchOS, and tvOS, and the company said it’s working on a wider fix to push out for the current version of iOS.

    Posted in Uncategorized | Leave a comment

    Microsoft to add Windows Defender Advanced Threat Protection support for Windows 7 this summer

    Credit: Microsoft© Credit: Microsoft Credit: Microsoft

    Microsoft is adding support for Windows 7 and Windows 8.1 to Windows Defender Advanced Threat Protection (ATP) this summer.

    To date, Windows Defender ATP — Microsoft’s post-breach security service — has been available only for Windows 10 — and via a few partners, in preview as protected endpoints for other non-Windows operating systems.

    Starting this summer, Windows 10 customers will be able to add Windows Defender ATP Detection & Response (EDR) functionality to Windows 7 Service Pack 1 and Windows 8.1. Users will be able to see all detections and events across their Windows flavors in Windows Defender Security Center, the cloud-based console for Windows Defender ATP.

    Microsoft officials, announcing the company’s plans on February 12, said the move to include other older versions of Windows is to help “customers achieve the best security possible on their way to Windows 10.”

    A public preview of EDR support for Windows 7 and 8.1 will be available this Spring, officials said.

    Microsoft also announced today that SentinelOne will be joining the handful of other partners with whom Microsoft has been working to bring end-point support for Windows Defender ATP to other non-Windows platforms, including macOS, Linux, iOS, and Android. Microsoft announced partnerships with Bitdefender, Lookout, and Ziften for Defender ATP cross-platform support last fall.

    Windows Defender ATP is built into Windows 10 Enterprise. Defender ATP is different from Windows Defender, Microsoft’s free antivirus service that’s bundled into various Windows versions. Defender ATP (codenamed “Seville” is a post-breach service, meant to help detect threats that have made it past other defenses, give users means to investigate breaches and offer suggested responses.

    Starting with the Windows 10 Fall Creators Update, Microsoft officials began describing Windows Defender ATP as a suite of tools, which includes Defender Application Guard, Defender Device Guard, and Defender Antivirus.

    Posted in Uncategorized | Leave a comment