Some controversy today as YouTube tech reviewer Marques Brownlee 'Panels' app is getting pretty substantial backlash.

tl;dr Marques Brownlee app, 'Panels', offers high-definition wallpapers from Digital Artists for $49.99/year. People criticized the app for an array of reasons, beside the idea of paying $49.99/year for wallpapers on your cell phone, the app requests tracking information, and contains ads.

Unsurprisingly, and as is tradition, internet nerds quickly began inspecting the app under the metaphorical microscope. Security researcher @I_Am_Jakoby discovered the apps API is wildly insecure. He wrote a simple script which programmatically scrapes every high-definition wallpaper.

Attached image is the script he shared. If you want to experiment with it, just OCR it or something.

Intel gets multibillion-dollar Apollo offer as Qualcomm circles

Apollo Global Management has offered to invest up to $5 billion in Intel, giving the chipmaker a confidence boost in its turnaround strategy and presenting an alternative to a potential takeover by Qualcomm. Intel has been struggling with declining sales and a loss in stock value, but recent deals, including a multibillion-dollar AI semiconductor partnership with Amazon, signal a potential recovery.

Qualcomm's interest in acquiring Intel could lead to one of the biggest-ever tech M&A deals, but it faces regulatory and financial hurdles. Apollo's investment would help Intel maintain independence and continue its transformation.

🔗 Economictimes
🧑‍💻 @agamtechtricks

The Linux kernel with RTL is now fully merged

Last week, September 16, 2024, something very important, at least for us geeks — finally happened: the Linux realtime effort, which was dubbed PREEMPT_RT in its early days and later Real-Time Linux (RTL), finally, finally succeeded! After "only" 20 years, all of the RTL code will soon be in-tree in the upcoming 6.12 Linux kernel.

6.11 was released on 23 Sep 2024, and here's the recent 6.9 patches.

🔗 Kaiwantech
👨‍💻 @agamtechtricks

WordPress.org bans WP Engine, blocks it from accessing its resources

WordPress.org banned hosting provider WP Engine from accessing its resources, citing legal claims and trademark violations. WordPress co-creator Matt Mullenweg criticized WP Engine for trying to control the WordPress experience and not contributing enough to the community. WP Engine customers can no longer update plugins or themes via WordPress.org, raising security concerns.

The conflict began when Mullenweg accused WP Engine of profiteering. WP Engine responded with a cease-and-desist letter, leading to legal disputes between the two, with Automattic alleging trademark infringements. The core issue revolves around licensing and contributions to WordPress.

🔗 TechCrunch | Blog Post
🧑‍💻 @agamtechtricks

IT'S JOEVER: CVE 9.9 (Remote Code Execution) ISSUED FOR LINUX

A vulnerability in Unix printing service CUPS has been found which allows for remote code execution. Considering this issue is with CUPS, it SHOULD also affect other unix/unix-like OSes (Linux, BSD and all that). This exploit works by sending miscreants on UDP Port 631.

For now, here are the potential mitigation steps:
- Keep CUPS up-to-date and check for updates ASAP
- Disable CUPS entirely
- Block port 631

I'd recommend that unless you need printing, all of you get rid of CUPS IF it's installed on your system.

Windows exploits? Nahh that's baby stuff. But YOU KNOW it's serious when Linux gets an exploit (and that too with a rating of 9.9).

Be safe, y'all.

🔗 Read more

👨‍💻 @agamtechtricks

The Tor Project Merges with Tails OS

The Tor Project is merging with Tails, a portable Linux-based OS designed for privacy and anonymity. This merger aims to streamline collaboration, improve sustainability, and enhance outreach programs to counter growing digital threats. Tails, which connects to the internet via Tor by default, will now operate under the Tor Project's structure, pooling resources for greater impact.

The Tor Project and Tails share a long history, both focused on privacy in an era of increasing surveillance.

Running Tails as an independent project for 15 years has been a huge effort, but not for the reasons you might expect. The toughest part wasn't the tech–it was handling critical tasks like fundraising, finances, and HR. After trying to manage those in different ways, I’m really relieved that Tails is now under the Tor Project’s wing. In a way, it feels like coming home."

says intrigeri, Team Lead Tails

🔗 Tor | TechCrunch
🧑‍💻 @agamtechtricks

WhatsApp and Cloudflare Launch Plexi for Enhanced Security

WhatsApp has teamed up with Cloudflare to enhance the security of end-to-end encrypted messages through a new auditing process for Key Transparency. This partnership introduces Plexi, an auditing tool designed to monitor and verify the integrity of public keys used in encryption, ensuring secure user communication.

Plexi functions as an independent auditor, checking the logs of public keys to confirm their accuracy and integrity during transmission. The auditing architecture, illustrated in the attached image, reinforces the trustworthiness of public keys, helping to prevent tampering and maintain secure communication for users.

🔗 WaBetaInfo
🧑‍💻 @agamtechtricks

You probably heard about Epic's latest lawsuit against Google, which alleges they were involved in the decision to make Samsung's Auto Blocker feature be enabled by default in the latest version of One UI.

(Auto Blocker, if you aren't aware, is a feature that, when enabled, blocks sideloading apps from outside the Google Play Store or Samsung Galaxy Store.)

Google is now coming out to say that Epic's lawsuit is a "meritless and dangerous move" and that they did not request Samsung create their Auto Blocker feature. Google goes on to state that "Android device makers are free to innovate and design additional safety features for their devices."

I find the use of the word "create" in Google's statement to be interesting. Epic didn't allege that Google made Samsung create the Auto Blocker feature but rather made them turn it on by default. However, Epic admitted that they don't yet have any proof that there was any collusion. We'll have to see how things go in court.

Edit: And here's Samsung's statement, via The Verge:

Contrary to Epic Game’s assertions, Samsung actively fosters market competition, enhances consumer choice, and conducts its operations fairly.

The features integrated into our devices are designed in accordance with Samsung’s core principles of security, privacy, and user control, and we remain fully committed to safeguarding users’ personal data. Users have the choice to disable Auto Blocker at any time.

We plan to vigorously contest Epic Game’s baseless claims.

KB5043145, the most recent optional update for Windows 11 to date, causes multiple issues for many users. The most serious one is a blue screen of death that makes the PC unbootable. Microsoft has confirmed the bug and is working on a solution.

After upgrading the device to Windows 11 OS Build 22621.4249, a number of users faced the inability to start the computer. The only solution that was of help for them is to uninstall the update from the recovery environment.

Sometimes, the bug makes Windows 11 to start into the BitLocker recover environment, especially after several failed recovery attempts.

Among the mentioned BSOD issues, users also report that the same update may prevent USB ports from working. As most modern peripheral devices connect via USB, this breaks them. Keyboards, mouses, and webcam stop working. The latter issue mainly affects N6005 and N5105 Intel NUCs, and Asus TUF / ROG laptops, and other gaming products from the same vendor.

If you are affected - then uninstall the buggy update: wusa.exe /uninstall /kb:5043145. Run the command from WinRE.