Category: Software

  • GerriScary Vulnerability in Gerrit Threatens Google Project Integrity

    GerriScary Vulnerability in Gerrit Threatens Google Project Integrity

    Key Takeaways

    1. A weakness in Gerrit could allow unauthorized code to enter important software projects without proper approval due to misconfigured permissions and review logic.
    2. Attackers can bypass manual code reviews by using automated systems to inject unauthorized code directly.
    3. At least 18 notable repositories, including Chromium and Dart, were identified as vulnerable to this issue.
    4. Google has updated configurations to fix the vulnerability and advised other users of Gerrit to audit their permission settings.
    5. No confirmed cases of exploitation have been reported, but the incident underscores the need for secure development practices in open-source projects.

    A recently uncovered weakness in Gerrit, the open-source code review tool utilized by Google and several other entities, might have made it possible for unauthorized code to sneak into important software projects without the usual approval steps. Security experts at Tenable found that the issue arose from badly set permissions and incorrect review label logic. In some setups, attackers could take advantage of a feature called “addPatchSet” to alter changes that had already been approved, allowing them to insert harmful code without needing to initiate a re-review.

    Automated Tools Bypass Reviews

    Another report from CybersecurityAsia.net validated that attackers could skip manual review stages entirely and use automated systems to inject unauthorized code without any user involvement.

    Vulnerable Repositories Identified

    At least 18 notable repositories were marked as vulnerable, including those related to Chromium, Dart, Bazel, and other essential infrastructure components. This problem also included a race condition in the automated submission process, which permitted attackers to act within a short time frame before the code was merged.

    As of the time the vulnerability was made public, no confirmed cases of exploitation had been seen in real-world scenarios. Tenable performed responsible testing with harmless code and did not execute a comprehensive end-to-end exploit of the vulnerability.

    Steps Taken by Google

    In response, Google has made configuration updates to address the issue. At the same time, Tenable has alerted other open-source projects that utilize Gerrit to check their configurations, as similar misconfigurations might be present in other places. They recommend that all Gerrit users conduct an audit of permission rules and label persistence policies to maintain code integrity. The underlying misconfigurations might also impact other organizations employing Gerrit, especially where default permission settings and automated code submission processes are utilized. This event highlights the continuing significance of secure development environments within the open-source ecosystem.

    Source:
    Link

    Tags:
  • Elegoo Jupiter 2: New 3D Printer with Smartphone App Launch

    Elegoo Jupiter 2: New 3D Printer with Smartphone App Launch

    Key Takeaways

    1. Elegoo has launched the Matrix app to turn smartphones into remote controls for their 3D printers.
    2. The app allows users to manage printing parameters, start/stop prints, and adjust the printer bed.
    3. Users can monitor print progress in real time and access detailed print logs for troubleshooting.
    4. The Matrix app is available for iOS and Android and currently works with the Saturn 4 Ultra 16K.
    5. Compatibility will expand to Mars 5 Ultra, Saturn 4 Ultra 12K, and Jupiter 2 later in 2025.

    Elegoo has introduced its first application today (June 27, 2025), designed to transform a user’s smartphone into a remote control for the company’s 3D printers.

    Control Options

    The app, named Matrix, is claimed to provide “precision” management over various printing parameters, such as layer settings, exposure durations, and additional configurations. Users can start or stop a print directly through the app, and it also allows for adjusting the printer bed if needed.

    Real-Time Monitoring

    Additionally, the app enables monitoring of the print’s advancement in real time, helping users ensure that the print doesn’t overheat or proceed too slowly. It can even offer a view into the printer, provided it has the necessary internal cameras. The Matrix app includes features for detailed print logs and historical data, which can help with troubleshooting and lead to smoother prints in the future.

    Availability and Compatibility

    Elegoo’s Matrix app is accessible for both iOS and Android devices and is compatible with the Saturn 4 Ultra’s 16K version, which is currently priced at $519.99 for Amazon Prime members.

    This compatibility is expected to expand to include the Mars 5 Ultra and Saturn 4 Ultra 12K in the third quarter of 2025, along with functionality for the Jupiter 2 upon its upcoming release.

    Source:
    Link

  • Apple Launches Core Technology Commission for Non-App Store Sales

    Apple Launches Core Technology Commission for Non-App Store Sales

    Key Takeaways

    1. Apple has created a Core Technology Commission (CTC) that takes 5% of sales for digital products promoted via Web Distribution.
    2. The CTC will be in addition to an existing Core Technology Fee (CTF) of €0.50 per app download for popular apps.
    3. Apple plans to reduce its commission rates to 17% for most developers and 10% for qualifying small businesses and subscription apps during their first year.
    4. Apple claims only “less than 1%” of developers will pay the CTF, with exemptions for certain organizations like educational and non-profit entities.
    5. Tim Sweeney criticized Apple’s new fees as “malicious compliance” with the DMA, claiming they limit developers’ payment options and profitability.

    Apple has recently announced its latest strategies to dodge the hefty €500 million (~$585 million) penalty imposed by the European Commission due to its breach of the Digital Market Act (DMA).

    New Core Technology Commission

    The new plans from the tech giant involve setting up a Core Technology Commission (CTC). This commission will take 5% of the selling price for all digital products or services that are promoted and available through Web Distribution. This new method allows developers to guide customers to pay for apps outside the App Store.

    Additional Fees and Commissions

    The CTC will be applied on top of Apple’s existing Core Technology Fee (CTF), which is a fixed charge of €0.50 (~$0.59) for each app download from those with over 1 million installs per year.

    In an effort to encourage developers to keep their apps and payments within Apple’s iOS and iPadOS Store in the EU, the company plans to lower its well-known commission rates to 17%. For developers who qualify for the App Store Small Business Program or those who offer subscription-based apps, the rate will drop to 10%, but only during the first year of operation.

    Developer Concerns

    Apple claims that “less than 1%” of those affected by the new charges will actually pay the CTF. Moreover, there are several exemptions, such as app developers working with educational institutions, government bodies, or non-profit organizations, who will not be subject to the fee.

    However, Tim Sweeney has taken to X to criticize Apple’s new conditions, labeling them as “malicious compliance” with the DMA, which he argues does not meet the company’s legal responsibilities in either the EU or the US.

    The executive also claims that Apple’s updated policies restrict developers’ options for offering different payment methods, making it hard for them to earn profits on the App Store.

    Source:
    Link

    Tags: ,
  • Philips Hue App Update Enhances Alexa Integration Features

    Philips Hue App Update Enhances Alexa Integration Features

    Key Takeaways

    1. Philips Hue app version 5.45.1 has been released for iOS, following version 5.44.0.
    2. The update allows Amazon Alexa users to manage multiple Philips Hue Bridges per account.
    3. Users must relink the Philips Hue skill in the Alexa app to activate the new multi-Bridge feature.
    4. The update adds support for new Philips products, including the Xamento recessed spotlight and Hue Smart button v3.
    5. The iOS app is available on the Apple App Store; no update timeline for Android users has been provided.

    Philips Hue has rolled out a fresh update to its iOS application. The new version, 5.45.1, comes just weeks after the previous version 5.44.0, which included minor enhancements, bug fixes, and improvements in stability.

    New Features for Alexa Users

    With the 5.45.1 update, there’s a notable enhancement for those who utilize Amazon Alexa. Users can now manage multiple Philips Hue Bridges, a feature that previously allowed only one Hue Bridge per Amazon account. To activate this capability, customers must relink the skill in the Amazon Alexa app. Philips assures that any existing automations and device links will remain intact throughout the relinking.

    Support for New Products

    Additionally, this update introduces compatibility for several of Philips’ latest offerings, including the white variants of the Xamento recessed spotlight and the Adore Bathroom recessed downlight, alongside the Hue Smart button v3 and the Hue Play wall washer, which is currently priced at $219.99 on Amazon. These new products are now fully supported by the Philips Hue Bridge due to a distinct software update.

    You can grab the Philips Hue app version 5.45.1 for iOS via the Apple App Store. It’s uncertain when Android users will receive a similar update; the Google Play Store indicates that the last update for Android was version 5.44.1, which rolled out in June.

    Source:
    Link

    Philips Hue App Update Enhances Alexa Integration Features

     

    Tags: ,
  • Garmin Unveils Major Update for High-End Smartwatches with New Features

    Garmin Unveils Major Update for High-End Smartwatches with New Features

    Key Takeaways

    1. Garmin released a stable update for the Enduro 3, Fenix E, and Fenix 8, priced at $1,099.99 on Amazon.
    2. The latest stable update fixed bugs from previous versions and introduced nearly 100 changes after beta testing.
    3. Garmin has started a new development phase with Beta Version 17.11, skipping a complete version number for significant updates.
    4. Beta Version 17.11 includes 58 changes, with 28 being new features adapted from other Garmin models.
    5. Users must manually download Beta Version 17.11, as it may contain new bugs and is not automatically provided by Garmin.

    Less than a month ago, Garmin released a new stable update for the Enduro 3, Fenix E, and Fenix 8, which currently costs $1,099.99 on Amazon. The last update, System Software 15.32, aimed to fix existing bugs, while the version before that introduced nearly 100 changes to these smartwatches after a thorough beta testing period.

    Garmin’s New Beta Development

    Garmin has now started a new development phase with Beta Version 17.11. Similar to past beta cycles, the company has chosen to skip a complete version number. Therefore, the upcoming v17.xx will represent the next significant software update for the Enduro 3, Fenix E, and Fenix 8 in their stable software lineup.

    New Features and Changes

    According to Garmin, Beta Version 17.11 brings 58 changes compared to System Software 15.32. Among these, 28 are brand new features, some of which have been adapted from the Forerunner 570 and Forerunner 970, such as Triathlon Coach and Multisport activities. Additionally, Garmin has incorporated functionalities like Smart Wake Alarm and Evening Report, which were first seen on the Vivoactive 6.

    It is important to mention that this early beta version might come with new bugs. Because of this, Garmin will not automatically provide Beta Version 17.11. Instead, users will have to download it manually. For more information, please check Garmin’s website and refer to the changelog provided below:

    Source:
    Link

    Tags: ,
  • Extend Your Windows 10 Experience: Microsoft’s Three Options

    Extend Your Windows 10 Experience: Microsoft’s Three Options

    Key Takeaways

    1. Windows 10 support ends on October 14, 2025, prompting users to transition to Windows 11.
    2. Windows 10 remains widely used, with 53% of computers globally still running this version.
    3. Extended Security Updates (ESU) will be available for individual users for $30, allowing an extra year of usage.
    4. Windows Backup can be used for free synchronization of data with the Microsoft cloud.
    5. The Microsoft Rewards program allows users to earn points for activities, which can be used for subscription benefits.

    Since it was introduced, Windows 10 has fulfilled the hopes of its users while providing state-of-the-art features. Yet, this service is set to end on October 14, paving the way for Windows 11. Microsoft has come up with three plans to extend your experience with the current version, ensuring you still get regular updates.

    Impact on Users

    This change will have significant implications for millions. As per StatCounter, Windows 10 remains the most prevalent version globally, with 53% of computers using this software. Moreover, Microsoft faces challenges in encouraging users to shift to Windows 11, particularly given the technical requirements that must be met to run this new software. Essentially, some users may find their computers inadequate for supporting this version.

    Options for Users

    As the deadline of October 14, 2025, draws nearer, the company has opted to provide various solutions for those who are still undecided. Consequently, the special Extended Security Updates (ESU) program, initially designed for businesses, will now be accessible to individual users. Specifically, for a fee of $30, you can gain an additional year of Windows 10 usage. Keep in mind, however, there won’t be any more extensions, and you’ll need to decide when the deadline arrives. For business users, the price is $61 per user.

    Alternative Solutions

    Another helpful option is utilizing Windows Backup. This feature allows you to synchronize your data with the Microsoft cloud, enabling you to access the ESU program without any costs involved.

    Finally, you might want to consider the Microsoft Rewards program. This initiative lets users earn points through activities like searching on Bing, playing Xbox games, or buying software from the official store. In this scenario, subscribing to the program requires just 1,000 reward points.

    In conclusion, the transition to Windows 11 appears unavoidable for all users, even after October 14, 2025. Consequently, millions will need to make a decision to ensure they enjoy enhanced security on a daily basis.

    Source:
    Link

    Tags: , ,
  • Microsoft OneDrive User Locked Out: 30 Years of Data Lost

    Microsoft OneDrive User Locked Out: 30 Years of Data Lost

    Key Takeaways

    1. A Reddit user faced account access issues after moving files to Microsoft OneDrive, resulting in his account being locked without explanation.
    2. Despite sending 18 messages for help, he received mostly generic replies and no resolution from Microsoft’s compliance center.
    3. The user is determined to recover his data, which spans over 30 years, and is seeking alternative support methods.
    4. Many commenters emphasized the importance of not relying solely on cloud storage and highlighted the need for physical backups.
    5. Recommended cost-effective backup options include the Seagate Expansion 8TB external hard drive and the Samsung T7 1TB portable SSD.

    A Reddit user recently shared a story about moving all his important files, like photos and documents, to Microsoft’s cloud service ahead of a planned move. He was worried that his old hard drives might not survive the relocation and would take up precious space. His intention was to later move the data back to new hard drives, but that plan never materialized.

    Account Access Issues

    Instead of being able to access his data, Microsoft unexpectedly locked the user’s OneDrive account, leaving him without access to his files. He tried to resolve the issue through the compliance center, sending a total of 18 messages, but mostly just got generic replies. The user stated that he received no actual help or even an explanation for why his account was suspended. As of today, June 23, 2025, he hasn’t heard anything more from the tech giant.

    Determination to Recover Data

    Determined not to give up, the Reddit user is committed to retrieving his data that spans over 30 years.

    One suggestion from another Redditor was to call the Windows support line and purposely ask to be directed to the wrong department. Once connected, they could then ask to be transferred to someone who could truly help them. Since this can be tricky, another user recommended asking for a callback instead.

    Importance of Physical Backups

    Many comments highlighted the importance of not relying just on cloud storage, whether it’s Microsoft OneDrive, Google Drive, Dropbox, or Apple iCloud Drive. It’s crucial for users to maintain their own physical backups. These backups can be saved on SSDs, traditional HDDs, USB drives, or NAS servers. The main point is that sensitive information needs to be backed up several times.

    A cost-effective backup option is the Seagate Expansion external hard drive with 8TB of storage, which is priced at $149 on Amazon. For those leaning towards an external solid-state drive, the Samsung T7 portable 1TB SSD is currently listed at $99.

    Source:
    Link

  • One-Tap Fuji Recipe Transfers from Phone to Camera Made Easy

    One-Tap Fuji Recipe Transfers from Phone to Camera Made Easy

    Key Takeaways

    1. A solo developer has created a method to send custom film simulations directly to Fujifilm cameras via the Fujistyle app, making the process easier for users.

    2. The new feature is currently in beta testing and has been confirmed to work on multiple Fujifilm camera models, including the X-T5 and X-S20.

    3. The feature will be free for the first month after launch, with potential pricing models being discussed between $10 to $20 for lifetime access.

    4. Users are encouraged to wait for community feedback before using the feature, as it alters camera settings through third-party methods.

    5. High interest in the app exists, and updates can be followed through the developer’s official Instagram page (@fujistyle_app).

    After a long time of trying and failing, a solo developer has created something that many Fujifilm users have been secretly hoping for: a method to send custom film simulations from an app directly to Fuji cameras. This was announced in a Reddit post on r/fujifilm. With this tool, users can quickly send recipes to compatible cameras with just a few taps—no more hassle with dials and menus to manually input values.

    Built into Fujistyle App

    This feature will be integrated into the current Fujistyle app, and beta testing is already in progress. The developer mentioned that they have tested more than 12 different Fujifilm cameras, which includes the X-T5 (currently priced at $2,199 on Amazon), X-S20, and older models like the X-T20. Users in the thread confirmed that the app functions across various XT, XS, and GFX series models. Some comments even suggested that the app should include a voting system for recipes, with hopes for future features like commenting and community uploads.

    Free for the First Month

    At the moment, the developer plans to offer this feature for free for the first month after launch. The pricing details are still being worked out, but they are leaning towards a one-time payment model—something that has been well-received by the Reddit community. Several users proposed pricing tiers ranging from $10 to $20 for lifetime access.

    Safety issues were also discussed. The developer assured that over 12 units have been tested without any problems, but they encourage users to wait and see the feedback from the community before jumping in, especially since this feature alters camera settings through third-party methods.

    High Interest and Future Updates

    Even though the feature isn’t yet available on the App Store, there is already a lot of interest, which is totally understandable. The developer is dedicating all their time to the app, without any outside funding or income, depending entirely on community input and support to guide the project’s direction.

    A beta release will be coming soon. For more updates, follow the developer’s official Instagram page (@fujistyle_app).

    Source:
    Link

    Tags:
  • HarmonyOS 6 Launches with Star Shield Security and AI Features

    HarmonyOS 6 Launches with Star Shield Security and AI Features

    Key Takeaways

    1. Huawei introduced HarmonyOS NEXT, a new version of its operating system built from scratch, without any Android code.
    2. The Harmony Intelligent Agent Framework was unveiled to enhance the AI assistant, Xiaoyi.
    3. HarmonyOS 6 features a new security system called Star Shield, aimed at improving biometric authentication.
    4. Star Shield has already blocked over 8.6 billion unauthorized app permission requests and may enhance online banking security for users in China.
    5. The first public beta of HarmonyOS 6.0 is being launched during HDC 2025, which runs until June 22, 2025.

    Huawei’s 2025 Developer Conference (HDC 2025) kicked off today, June 20, 2025, with a significant reveal: a new version of HarmonyOS NEXT. This software has been designed from scratch to work specifically with Huawei devices, eliminating the need for any Android code.

    New AI Features

    Alongside this, Huawei unveiled its Harmony Intelligent Agent Framework. This is a collection of tools aimed at enhancing the efficiency and functionality of the AI assistant, Xiaoyi. This move is similar to what Apple has been pursuing at its recent WWDC events.

    Enhanced Security

    The latest iteration, HarmonyOS 6, brings a new security system called Star Shield. This architecture is designed to improve biometric authentication by coordinating various on-device hardware, like GPS and cameras. This approach mirrors Apple’s security methods used in iOS.

    Star Shield is a notable addition to the HarmonyOS system, which claims to have prevented more than 8.6 billion unauthorized app permission requests to date. It may also strengthen online banking security for Huawei users, although this might be limited to users in China.

    Beta Release Information

    Additionally, Huawei is launching the first public beta of HarmonyOS 6.0 during HDC 2025, which runs until June 22, 2025, at Songshan Lake in China.

    Source:
    Link

    HarmonyOS 6 Launches with Star Shield Security and AI FeaturesHarmonyOS 6 Launches with Star Shield Security and AI FeaturesHarmonyOS 6 Launches with Star Shield Security and AI FeaturesHarmonyOS 6 Launches with Star Shield Security and AI Features
    Tags: ,
  • Huawei Achieves 100M HarmonyOS Smartphones, Canalys Reports

    Huawei Achieves 100M HarmonyOS Smartphones, Canalys Reports

    Key Takeaways

    1. Huawei has shipped over 100 million HarmonyOS-enabled smartphones since its launch in 2019, with 46 million sold in 2024 alone.
    2. HarmonyOS has expanded beyond smartphones, with 21 million tablets shipped, including 10.5 million in 2024.
    3. The operating system is now part of a diverse ecosystem, including wearables, audio devices, smart home products, and personal computers.
    4. Huawei shipped approximately 4.2 million personal computers in China, including 3.2 million notebooks.
    5. HarmonyOS version 6.0 is anticipated later this year, focusing on AI and distributed architecture, positioning it as a strong alternative to international platforms.

    Huawei’s HarmonyOS software has hit a significant shipping milestone, as reported by Canalys, a research firm. The Chinese technology giant has shipped over 100 million HarmonyOS-enabled smartphones since the platform was introduced in 2019.

    Impressive Sales Figures

    To be precise, the total number reached 103 million smartphones by the end of 2024. Out of this total, Huawei sold 46 million HarmonyOS devices just in 2024. These figures indicate that, despite facing challenges in international markets, Huawei maintains a robust presence domestically, especially in China, where HarmonyOS has become an integral part of the company’s hardware ecosystem.

    Growth Beyond Smartphones

    The expansion of HarmonyOS isn’t just confined to smartphones. Canalys also reports that Huawei has shipped 21 million HarmonyOS tablets so far, with 10.5 million of them sold in 2024 alone. The operating system was initially launched in 2019 and saw widespread adoption on consumer devices by mid-2021. Since then, it has become the default operating system for much of Huawei’s product line.

    A Diverse Ecosystem

    HarmonyOS now goes beyond just phones and tablets, extending into wearables, audio devices, smart home products, and increasingly, personal computers. Canalys points out that Huawei shipped around 4.2 million personal computers in China, with 3.2 million of those being notebooks.

    Looking ahead, Huawei is said to be preparing for the next major version of HarmonyOS. Version 6.0 is anticipated later this year and is likely to incorporate more features focused on AI and distributed architecture. Canalys suggests that these advancements, along with Huawei’s control over both hardware and software, are positioning HarmonyOS as a viable long-term alternative to international platforms, particularly in its home market.

    Source:
    Link

    Huawei Achieves 100M HarmonyOS Smartphones, Canalys Reports

     

    Tags: ,