Category: Software

  • Okta Login Vulnerability Bypasses Password Checks

    Okta Login Vulnerability Bypasses Password Checks

    Okta, a top name in single sign-on services and identity management, announced at the end of October that it had resolved a bug in its system which posed a serious security risk. The flaw allowed accounts with usernames longer than 52 characters to bypass password verification. This meant that malicious users might access these accounts simply by entering the correct username, while providing an incorrect or no password at all. This scenario assumes that the account relies solely on a password for its security.

    Bug Discovery and Fix

    The issue surfaced after an update was released around late July 2024, and it took about three months for the problem to be recognized and addressed. It wasn’t widely known, making it harder to detect. Most usernames are shorter than 52 characters, although some longer usernames, like those combining a person’s first and last name with their company email domain, could exceed this limit. The vulnerability depended on whether multi-factor authentication was enabled and the sequence of events; logins were authenticated using a cached encrypted key from a prior successful login. If a login attempt reached the main Okta authentication server before this cache loaded, it could be blocked.

    Implications of the Vulnerability

    Despite the limited conditions needed for the exploit to work, the potential for disruption wasn’t huge. However, the fact that such a vulnerability occurred at a company like Okta highlights the ongoing security challenges in the digital landscape. In response, Okta urged all users, whether impacted or not, to implement multi-factor authentication alongside their current security measures. Many login platforms require a form of secondary verification when users create and confirm their accounts, which makes incidents like this more of a warning than a disaster for most users.

    UFD Tech | Okta

  • OnePlus 12 Gets Global Stable Update for Android 15 and OxygenOS 15

    OnePlus 12 Gets Global Stable Update for Android 15 and OxygenOS 15

    OnePlus has shared the news of a global launch for OxygenOS 15, now happening a week earlier than expected. The update is currently rolling out in India, North America, Europe, and other global areas for the OnePlus 12 smartphone. A phased rollout is scheduled for the rest of this week.

    Regional Build Versions

    Here are the build versions for various regions:

    • India: CPH2573_15.0.0.206(EX01)
    • North America: CPH2583_15.0.0.205(EX01)
    • Europe/Global: CPH2581_15.0.0.204(EX01)

    Changelog Highlights

    Animations
    The new system graphics engine boosts rendering and animation performance with advanced parallel processing, ensuring smooth visuals even when multitasking or using demanding apps. This parallel processing also applies to widgets, components, and folders, allowing for seamless transitions and smooth animations, even with continuous interruptions.

    Visual Effects
    The Home screen has been redesigned with new icons that offer a harmonious aesthetic with improved proportions and vibrant colors for better visuals. The icons for various system functions have been updated for visual consistency, promoting a unified design throughout the system. Rounded corner designs have been fine-tuned for uniformity, with even, flowing curves across all elements.

    Customization and Themes

    The fresh flux themes present an extensive array of high-quality options, allowing users to customize their experience with system wallpapers and personal photos. Extensive features for customizing the Always-On Display, Lock screen, and Home screen are included. Both flux and classic modes are available for the Always-On Display. The Lock screen allows blending clock colors, glass textures, blurred wallpapers, AI depth effects, and more. The Home screen includes glass patterns and blurred wallpapers as well.

    Fluid Cloud
    The upgraded Fluid Cloud now boasts improved app compatibility, with support for a wider selection of overseas apps like Spotify, Swiggy, and Zomato, facilitating real-time information synchronization in various situations like food ordering and music streaming. The design emphasizes efficient information display, with a central positioning for a well-balanced appearance. Alert interactions allow capsule expansions into detailed cards with a tap, providing quick access to multiple live activities by swiping in the status bar. The new animation system introduces fluid, elastic designs with real-time dynamic blurring effects, making card visuals smoother.

    Editing Features

    The globally reversible photo editing feature retains previous edit settings for smooth subsequent tweaks, ensuring an uninterrupted creative workflow.

    Floating Window and Split View
    New gestures for the Floating Window include swiping down on a notification banner to open a window, swiping down again to enlarge, swiping up to close, and swiping sideways to hide. Resizable Split View windows can be adjusted by dragging the divider or tapping to extend the display area.

    Notification Improvements

    The new Split mode allows separate access to the notification drawer (top-left swipe) and Quick Settings (top-right swipe), with horizontal swipes enabling easy switching. The Quick Settings interface has been revamped for a more visually attractive layout, featuring smoother animations.

    Battery and Charging Enhancements
    A new “Charging limit” feature stops charging at 80% to help prolong battery life and reduce degradation. Additionally, a battery protection reminder will activate this feature if the device stays charging for too long.

    Audio and More
    Holo Audio has been improved for online calls and meetings, providing richer sound experiences. Exclusive Always-On Displays and Lock screen clock styles have been added for a unique look, while a new Home screen clock widget allows for customizable resizing. A classic easter egg has been included in the Calculator, showing up when you type “1+=”, reflecting OnePlus’s “Never Settle” philosophy. New wallpapers are also available to give your device a signature OnePlus style.

    Safety and Privacy Features

    A consolidated hub for personal safety features combines emergency calls, disaster alerts, security checks, and quick access to first aid information. The Private Safe now has categorized views for images, videos, and documents, making data organization easier. A new shortcut on the Home screen for hidden apps offers quick access by tapping the folder and entering your privacy password.

    Wi-Fi Optimization
    The multi-network experience has been enhanced for smoother, more efficient transitions between networks.

    Important Notes

    To maintain the signature fast and smooth experience OnePlus is known for, some AI features are still being tested and will gradually be integrated by the end of this month. For those wanting to revert to a previous version of OxygenOS, OnePlus provides detailed rollback instructions, which involve downloading a specific package and following the steps outlined. Remember, the rollback process will erase all device data, so backing up important information is crucial. For more information, visit the OnePlus Community forum.

    Tags: , ,
  • South Korea Fines Meta $15 Million for User Data Collection

    South Korea Fines Meta $15 Million for User Data Collection

    South Korean authorities, specifically the Personal Information Protection Commission (PIPC), have slapped Meta with a hefty fine of 21.6 billion won, equivalent to about $15 million, due to the unlawful gathering and sharing of user data with advertisers.

    Findings from the Investigation

    According to an Associated Press report, the investigation that lasted four years revealed that Meta had collected sensitive information from nearly 980,000 users without their consent. This data included delicate details like users’ religious beliefs, political opinions, and information about same-sex relationships.

    PIPC highlighted that the data collection occurred between July 2018 and March 2022, with Meta sharing this information with around 4,000 advertisers without any authorization. South Korea’s privacy laws provide strong safeguards for personal data relating to individual beliefs, political opinions, and sexual orientation, and forbid companies from using or processing such information without explicit consent from the user.

    Methods of Data Collection

    The commission noted that Meta obtained this sensitive data through the analysis of user interactions on their platform and the advertisements that users engaged with.

    Lee Eun Jung, the head of the investigation, stated to AP, “Even though Meta gathered this sensitive information for personalized services, their data policy only provided vague references to such usage and did not secure specific consent from the users.”

    Security Concerns

    Moreover, PIPC pointed out that Meta did not incorporate basic security measures on the platform. This negligence allowed hackers to exploit inactive pages to create fake identities and request password resets for other users on Facebook.

    AP, Image Source

    Tags: , ,
  • Xiaomi HyperOS 2: 5 Must-Know Features Before Global Launch

    Xiaomi HyperOS 2: 5 Must-Know Features Before Global Launch

    Xiaomi has launched its latest operating system, HyperOS 2, marking a major advancement in creating an AI-driven ecosystem. Introduced alongside the Xiaomi 15 series, HyperOS 2 transforms how devices connect and enhance user interaction through three main technologies: HyperCore, HyperConnect, and HyperAI. Let’s take a closer look at the top five features that set HyperOS 2 apart in the market.

    HyperCore

    The core of HyperOS 2 is HyperCore, a newly developed kernel by Xiaomi aimed at maximizing performance. With more than 25,000 optimization scenarios, HyperCore significantly cuts CPU idle time by 19%, reduces memory latency, and boosts graphics performance. The microarchitecture scheduler of HyperCore breaks down task cycles right at the chip level, allowing for smoother operation and quicker response times.

    Advanced Memory and Storage

    In addition, Xiaomi has rolled out dynamic memory and Storage 2.0, which can decrease app launch delays by nearly 54.9% on smartphones and 15% on tablets. Gamers will benefit from HyperCore as well, which decreases power usage and frame drops by upwards of 13%, resulting in a seamless gaming experience.

    Smooth User Experience

    These enhancements lead to an incredibly smooth experience for users across devices, featuring quicker load times, reduced lag, and better stability, even when using demanding applications.

    Tags: ,
  • Android 16 Launch Date Leaks: What to Expect and When

    Android 16 Launch Date Leaks: What to Expect and When

    Just a week ago, Google confirmed that Android 16 will be released sooner than expected. While new versions of Android usually come out in the third or fourth quarter of the year, this upcoming OS is slated to launch between April and June 2025.

    Exciting Leak Reveals Launch Date

    For those who are looking forward to the launch, there’s some great news. A recent leak has disclosed the specific launch date for Android 16. This information comes from the trusted source Android Headlines, making it likely accurate.

    Details on the Android 16 Launch

    The report states that Android 16 is set to launch on June 3, 2025. On this day, Google will not only unveil the Android Open Source Project (AOSP) but will also start distributing Over-the-Air (OTA) updates for Pixel devices that are compatible.

    The reason for this quicker launch, as Google has previously mentioned, is to make sure that more smartphones come pre-installed with Android 16. This move will probably help out the upcoming Pixel 10 series, which is anticipated to debut next August.

    Speculations Around the Faster Release

    It’s a bit of a mystery how Google has managed to speed up the release timeline by 2 to 3 months, but it’s definitely positive news for users. An earlier launch means that Pixel devices will receive the latest OS features sooner, and the early AOSP release will enable other smartphone manufacturers to roll out their Android 16 updates more quickly as well.

    Of course, we should keep in mind that this is merely a rumor, albeit an intriguing one. We need to wait for official word from Google to lock down the exact date. Still, given Google’s earlier announcement about a Q2 2025 rollout, a launch in early June seems like a real possibility.

    Stay tuned, Android fans! We’ll provide updates on any official news regarding the Android 16 release. In the meantime, feel free to browse our previous articles about Android 16 and share in the comments what features you’re most looking forward to in the upcoming update.

    Tags: , ,
  • Microsoft Announces $1 Million Prize to Boost Bing Search Engine

    Microsoft Announces $1 Million Prize to Boost Bing Search Engine

    Microsoft is launching an exciting new sweepstake to attract users to its Bing search engine, offering a staggering $1 million in grand prizes. This initiative began on October 8 and targets participants from six regions: the United States, United Kingdom, Canada, France, Germany, and Puerto Rico.

    Enhancing User Engagement

    This new campaign expands on Microsoft’s current Rewards loyalty program, which rewards users with points for engaging with various Microsoft services and products. Upon registering on the sweepstakes website, participants receive five entries immediately and can accumulate up to 200 entries through increased interactions with the platform.

    Additional Prizes and Donations

    Besides the grand prize, Microsoft is also providing two runner-up awards of $10,000 each. In addition, they plan to donate as much as $500,000, shared between the World Wildlife Fund and UNICEF. For every participant who collects over 50 entries, Microsoft will contribute $5 to these charities.

    Competing with Google

    This sweepstake serves as Microsoft’s strategy to enhance Bing’s presence, especially now that OpenAI’s GPT-4 technology powers it, creating a more interactive and chat-like search experience. Despite these advancements, Bing still needs to significantly improve to compete with Google’s dominance in the search engine market.

    Individuals already enrolled in Microsoft Rewards can gain more entries by performing daily searches on Bing or using the Microsoft Edge browser. Typically, the Rewards program offers smaller incentives like Xbox Game Pass subscriptions or store gift cards, making this million-dollar prize a notable upgrade to attract a larger audience.

    A Challenge Ahead

    This promotional sweepstake highlights Microsoft’s determination to rival Google’s supremacy in the search engine arena. Yet, despite the substantial cash incentive, Microsoft may face a tough challenge in persuading users to shift their long-held loyalty to Google.

    Tags: ,
  • Tesla Blocks Door Opening if Bikes or Cars Are in Blind Spot

    Tesla Blocks Door Opening if Bikes or Cars Are in Blind Spot

    With the forthcoming 2024.44 software update currently being tested by Tesla staff, a new safety feature is on its way for users in the United States.

    New Feature Introduction

    This new feature, known as Blind Spot Warning While Parked, is already available in a different version in China. It will soon be accessible to North American Tesla drivers ahead of the major holiday software update. When this blind spot detection function is ready, the Tesla will evaluate the driver’s intention to open a door and exit the vehicle if it detects someone speeding by the rear left corner, an area that can be hard to see in mirrors without additional accessories like the Model Y blind spot mirror.

    Importance of Safety

    Anyone who has ever suddenly opened a car door while biking past parked cars knows just how crucial awareness of blind spots can be. There are numerous incidents where moving cars have damaged the doors of distracted drivers or those who were unable to react in time to someone coming from the blind spot. This is exactly why Tesla plans to launch its Blind Spot Warning While Parked feature in the US soon, which appears to include both audio and visual alerts.

    If a driver attempts to open a door when an object is approaching from the blind spot—like a cyclist or another vehicle—the blind spot warning light will flash, an audio alert will sound, and the door won’t open upon the first button press.

    A Thoughtful Approach

    While it may seem like the system is second-guessing the driver’s actions, in truth, many will likely be thankful for the added safety in moments where a split-second decision could prevent a bike from crashing into the door. Tesla simply recommends waiting for the moving object to pass before pressing the door button again to stop the warnings and open the door.

    Interestingly, the Blind Spot Warning Light mentioned in Tesla’s release notes is only available on its newest models, like the Model 3 Highland refresh and the Cybertruck. The forthcoming Model Y Juniper facelift may also include this feature next to the front speaker, but for now, it’s exclusive to Tesla’s 2024 models.

    At this point, it remains uncertain whether the Blind Spot Warning While Parked feature will be available solely for the Cybertruck and Model 3 refresh or if it will also extend to the Model Y, albeit without the visual alert.

    Tags: ,
  • Xiaomi 14 Global Users Get Android 15 Update with HyperOS 1.1

    Xiaomi 14 Global Users Get Android 15 Update with HyperOS 1.1

    Xiaomi has kicked off the stable Android 15 update for its flagship Xiaomi 14 smartphone in both global and EEA regions. However, there’s an interesting twist to this rollout.

    New Operating System Overlay

    Recently, Xiaomi introduced the Xiaomi 15 series smartphone along with its HyperOS 2 operating system in China. Nevertheless, the brand hasn’t officially released this new OS for the global market yet. So what Xiaomi is doing is providing the Android 15 update layered with HyperOS 1.1.

    Update Details and Distribution

    The update carries the build numbers OS1.1.4.0.VNCEUXM for users in Europe and OS1.1.3.0.VNCMIXM for the global audience. It’s currently being rolled out to a select group of Mi Pilot users who are part of early access programs. This phased rollout allows the company to collect valuable feedback from users and fix any potential problems before a wider release.

    Notable Enhancements in Android 15 for Xiaomi 14

    Home Screen:

    • Improved Folder Icon Visibility: The visibility and clarity of folder icons have been enhanced.
    • Optimized Layout: The issue of too much blank space at the top of the screen has been addressed, leading to a more efficient and visually pleasing layout.
    • Stability Fixes: Changes have been made to prevent the Home screen from unexpectedly stopping.

    Lock Screen:

    • Flickering Issue Resolved: The flickering problem during adjustments to Always-on Display settings has been solved, ensuring a smoother user experience.

    Recents Menu:

    • Better App Card Reordering: The responsiveness and smoothness of app card reordering have been improved, getting rid of any rough animations.

    Other Fixes:

    • Black Screenshot Issue Fixed: The issue of black screenshots in some apps has been tackled, making sure that content is captured accurately.

    The Android 15 update for the Xiaomi 14 can be downloaded via OTA from the Experience Enhanced Beta, with a size of around 127MB for global users and 125MB for those in the EEA.

    Pricing and Availability

    In related news, third-party vendors have started to sell Xiaomi 15 smartphones internationally. Retailers like Giztop have listed the device starting at $749, although the brand still hasn’t confirmed an official launch date for the global market.

    Image 1
    Tags: ,
  • Windows Hello Unveils New Login Design: Fingerprint, Face, Passkey

    Windows Hello Unveils New Login Design: Fingerprint, Face, Passkey

    Microsoft has rolled out a fresh Windows Insider preview version (build 22635.4440), which mainly updates Windows Hello. The firm has crafted new icons that will represent the method of login, whether it be through password, fingerprint sensor, or facial recognition across the system in the future. Furthermore, Microsoft has revamped the Windows Hello login screen in Windows 11 to better inform users about their choices for unlocking their devices.

    Streamlined Passkey System

    In addition, Microsoft has made adjustments to the passkey system in Windows, simplifying the process of switching between various passkeys and devices in this new preview version. For instance, users now have the capability to authenticate their login using a second laptop instead of relying solely on a smartphone. This feature is expected to be very beneficial for the new Administrator Protection feature, which is set to debut in an upcoming update for Windows 11 24H2.

    Enhanced Administrator Protection

    This new functionality permits the authentication of administrator permissions precisely when they are required, rather than granting full administrator access to an entire application. Consequently, the updated passkey system facilitates the use of an administrator’s passkey for authentication, even when the PC is predominantly used by another individual.

    This added layer of administrator rights protection is optional and seems to be primarily aimed at businesses. Moving forward, passkeys will be able to sync across multiple authorized Windows devices via a Microsoft account, improving the convenience of using this password alternative.

    Image 1
    Image 1
    Tags: , ,
  • Garmin Edge 1050 Update: Bug Fixes and New Features Released

    Garmin Edge 1050 Update: Bug Fixes and New Features Released

    Garmin is gearing up to provide a new quarterly update for its bike computer. As of now, the company has not announced when v11.17 will be accessible for the Edge 1050, which is currently priced at $699.99 on Amazon. However, users who have signed up for Garmin’s Beta Program can already test it out.

    Major Changes Expected

    It appears that v11.17 will be a significant upgrade for the Edge 1050, which was launched in June. Although, it’s worth mentioning that many fixes in Public Beta 11.17 are aimed at correcting bugs that were present in Stable Version 10.19 released in September. Specifically, Garmin has implemented five bug fixes targeting issues with Garmin Coach and GroupRide.

    Fixing Connectivity Issues

    Additionally, Public Beta 11.17 is reported to fix problems that could arise when connecting with the inReach Messenger Plus, as well as errors in map track-lines and issues with smartphone connectivity. The new update should also rectify navigation errors, such as mismatched directions and distances, along with a faulty elapsed timer that could happen when pausing an activity.

    More Improvements Included

    Other bug fixes in this update include addressing gaps in recorded messages within activity files and incorrect entries for recovery heart rates that stopped Garmin Connect from showing data accurately. Furthermore, v11.17 aims to stop the Edge 1050 from entering Media Transfer Protocol (MTP) mode when it is off but a bike alarm remains active. To top it all off, Garmin has included some new features in this update, which you can review in the complete changelog listed below:

    Garmin’s

    Tags: ,