Your Tech Story

Tech News

LastPass

LastPass Says Hackers Stole Customer’s Data and Passwords

LastPass has released a doozy of an update regarding a recent data breach. The company now claims that hackers were able to “copy a backup of customer vault data,” meaning they now theoretically have access to all of those passcodes if they can crack the stolen vaults.

LastPass
Image Source: forbes.com

LastPass has acknowledged that hackers stole user password vaults that were encrypted as well as other private information. This is the most recent information provided by the corporation concerning a security incident involving the theft of the platform’s source code, which was initially revealed in August 2022.

Once obtained, source code provides hackers with a better understanding of closed systems and increases a platform’s susceptibility to attacks. By first acquiring source code and technical information from the firm back in August, the hacker was able to gain access to LastPass.

The attacker then used the information they had obtained to hack a LastPass employee, steal their security codes, and access files stored on the company’s cloud storage service.

According to LastPass, it has reset all companywide corporate login credentials in reaction to the breach. Although LastPass does not expressly state this, it is obvious that users must take steps to protect their account information. Users are advised to update any passwords they have on the platform.

The company noted, “We are also performing an exhaustive analysis of every account with signs of any suspicious activity within our cloud storage service, adding additional safeguards within this environment.” There is, however, ample proof that not everyone uses the optimal password procedures. One’s entire data is at risk if they have an easily cracked master password.

Additionally, according to LastPass, the hackers would attempt to access users’ accounts by “phishing attacks, credential stuffing, or other brute force attacks”. Do not click on any links in emails requesting personal information that purport to be from LastPass. It is advised that one immediately change their master password if it is brief, simple to guess, or contains information about you that is readily available online to prevent additional account vulnerability.

The minimum suggested length for master passwords is 12 characters. Additionally, it is advised against using the master password on some other websites. LastPass asserts that users who have safe master passwords need not be concerned, but advises those who have not complied with the suggestions to “consider minimizing risk by changing passwords of websites you have stored.”

Concerned users may want to think about changing any important passwords kept in their vault and turning on two-factor authentication for the relevant online accounts. The CEO of the company, Karim Toubba, claimed in a new blog article that hackers got access to other “credentials and keys which were used to access and decrypt some storage volumes within the cloud-based storage service.”

The IP addresses from which clients were using the LastPass service, as well as corporate names, end-user identities, mailing addresses, email addresses, and phone numbers, were also stolen by hackers. The most alarming fact is that they were also able to “copy a backup of customer vault data from the encrypted storage container.”

Poe

Quora introduces Poe, a way to talk to AI chatbots like ChatGPT

Quora this week launched Poe, a platform that allows individuals to ask questions, get instant answers, and engage in back-and-forth conversation with AI chatbots, indicating its involvement in text-generating AI systems like ChatGPT.

Poe
Image Source: analyticsinsight.net

Short for “Platform for Open Exploration,” Poe — which is invite-only and currently only available on iOS — is “designed to be a place where people can easily interact with a number of different AI agents,” a Quora spokesperson told TechCrunch via text message.

We have learned a lot about building consumer internet products over the last 12 years building and operating Quora. And we are specifically experienced in serving people who are looking for knowledge,” the spokesperson said. “We believe much of what we’ve learned can be applied to this new domain where people are interfacing with large language models.”

Source: techcrunch.com

Poe, then, isn’t an attempt to develop a ChatGPT-like Ai system from the ground up. ChatGPT, which is adept at responding to questions on various topics from literature to coding, has been the source of debate due to its ability to provide responses that sound persuasive but aren’t factually correct.

Stack Overflow, a Q&A coding site, temporarily prohibited users from trying to share content generated by ChatGPT this month, claiming that the AI made it too simple for visitors to create responses and overflow the site with questionable answers.

Microsoft, GitHub, and OpenAI, for example, are being sued in a class action lawsuit for allegedly violating copyrighted material by letting Copilot simply repeat sections of licensed code without credit. Representatives of the art society portal ArtStation, which started enabling AI-generated craft on its platform earlier this year, began extensively rebelling by placing No AI Art images in their portfolios.

Poe’s initial release includes access to many text-generating Ai applications, including ChatGPT. At the moment, OpenAI does not offer a public API for ChatGPT. A Quora spokesperson declined to comment as to whether Quora does indeed have an alliance with OpenAI for Poe or some other form of early access.

Poe functions similarly to a text messenger app but for AI models the users can communicate with the models separately. Poe’s chat interface offers a variety of topics of conversation and use cases, such as posting help, preparing food, solving problems, and nature.

Poe comes with only a few models at launch, but Quora intends to add a way for model providers, such as businesses, to submit their systems for incorporation soon.

For the time being, Quora says it is concentrating on scalability, gathering feedback from beta testers, and addressing any issues that arise.

Activision Merger

COD gamers sue Microsoft to stop the Activision merger

A lawsuit was filed by gamers to prevent Microsoft from Activision Merger, claiming that doing so would decrease consumer choice and impede competition.

A private consumer lawsuit was filed against Microsoft Corp. on Tuesday in a U.S. court, alleging that the technology corporation’s $69 billion offer to buy Activision Blizzard Inc., the company behind the video game “Call of Duty,” will unjustly stifle competition in the sector.

 Activision Merger
Image Source: headtopics.com

About two weeks ago, the U.S. Federal Trade Commission filed a lawsuit with an administrative law judge to prevent Microsoft, the company that owns the Xbox system, from completing the biggest-ever acquisition in the video-gaming industry.

The gamers want to exert pressure on Microsoft in order to stop it from completing “the largest tech deal ever in the video gaming market and absorbing its main rival in the sector, which is similar to many of the FTC’s worries. Prior to filing suit, the FTC stated that it did so to prevent Microsoft from controlling a leading independent game studio.

The organization said that the Activision Merger would hurt competition between competing gaming platforms from Sony Group Corp. and Nintendo Co Ltd.

Ten video game gamers from California, New Mexico, and New Jersey filed the lawsuit. The plaintiffs identify Activision Blizzard as a significant rival that promotes industry-wide innovation and pricing competition in their lawsuit.

Consumers can object to acquisitions like this through the Clayton Antitrust Act, which gives courts the opportunity to consider the anti-competitive harms argued by consumers. The gamers who are suing Microsoft for potentially breaking antitrust laws are extremely concerned that the pricing of their favorite games may soon rise while the quality of those games may decline.

They claim that if the Activision Merger is approved, Microsoft would be in a position to monopolize the greatest talent and the most well-liked games in order to perhaps obtain “far-outsized market power.”

In a statement on Tuesday, a Microsoft spokesman justified the agreement and said that it would boost competition and generate more options for gamers and game creators. Microsoft President Brad Smith stated, “We have complete confidence in our case and welcome the opportunity to present our case in court,” following the FTC’s lawsuit.

Plaintiffs’ attorney Joseph Saveri in San Francisco stated in a statement, “as the video game industry continues to grow and evolve, it’s critical that we protect the market from monopolistic mergers that will harm consumers in the long run.”

The lawsuits offer a distinctive viewpoint to the discussion around Microsoft’s proposed acquisition of Activision, which Microsoft intends to conclude in 2023. They claim in their case that because Microsoft is aware that gamers are unlikely to switch to other games in place of their favorites, they are especially susceptible to price increases.

This means that Microsoft might block access to platforms or services outside of its gaming ecosystem and take popular games—like Call of Duty games, which are played by all plaintiffs.

Twitter CEO

Elon Musk will resign as Twitter CEO once he finds a replacement

Elon Musk, the owner of Twitter, clarified Tuesday evening that he will resign as Twitter CEO, but only after identifying a new leader, specifically addressing for the very first time a Twitter poll he made earlier this week in which thousands of users voted for his overthrow.

Twitter CEO
Image Source: latimes.com

Musk stated in a tweet that he would resign as soon as he finds someone unwise enough to take the job.

Musk also stated that after stepping down as CEO, he will run the software & servers teams at Twitter, implying that he will retain great influence over the business and decisions.

The news comes now after a day of passivity regarding the poll’s outcome. After more than 17 million daily users chose to vote, with 57.5 percent of respondents saying Musk should resign, Musk acknowledged the results only implicitly on Monday. He proposed that future Twitter polls be limited to paid subscribers to Twitter Blue which is the firm’s subscription service.

Musk’s poll asking people whether he should step down as CEO came in the wake of a huge backlash over Twitter’s abrupt dispersion of several journalists who cover him, as well as Twitter’s choice to ban, then unban, links to other social networking sites such as Facebook, Instagram, and Mastodon which is a rapidly growing Twitter rival that has grown in size since October.

Musk’s brief duration as CEO has caused dramatic, sometimes unpredictable changes at one of the world’s most powerful social media firms.

Under his governance, Twitter has laid off most of its employees, ostracised major advertisers, accepted former President Donald Trump back to the site after his suspension following the Jan. 6 Capitol riots, as well as issued internal communications to reporters about Twitter’s operational processes before Musk acquired the company.

Musk forced the company’s existing workers to sign a pledge to become extremely hardcore in their job, and he flagrantly ignored Twitter’s policy against Covid-19 misconceptions.

Twitter launched, and then had to un-launch, a paid verification feature that was immediately exploited by cynical accounts imitating authenticated major brands, sports people, and other prominent people on the platform in a matter of days.

Musk’s proclivity for making massive product changes based on nothing other than informal Twitter poll results has highlighted his impromptu and ad hoc management style. However, many people on Twitter have expressed their displeasure with this approach. Twitter suspended several reporters last week after they reported on Musk’s complete ban of a profile that tracked his jet.

Growing critique of Musk resulted in Sunday’s poll, which served as an impactful, if unscientific, referendum on Musk’s management of the business since his acquisition of Twitter in late October.

OnePlus 11

The OnePlus 11 launch date has been finalized

OnePlus has made the launch date public for its upcoming high-end smartphone. On February 7, the OnePlus 11 will be unveiled alongside a slew of other new products, including the OnePlus Buds Pro 2.

OnePlus 11
Image Source: 91mobiles.com

OnePlus 11 is on its way. OnePlus has officially revealed its plan for the launch of the OnePlus 11, its next-generation flagship phone, following a slew of teasers and rumors. A teaser video showcasing the camera block and Hasselblad branding was posted by OnePlus. OnePlus 11 will be released on February 7. The OnePlus 11 5G and OnePlus Buds Pro 2 will be unveiled at an event called Dubbed Cloud 11 in New Delhi.

The teaser image that accompanied Monday’s revelation is consistent with earlier leaks of renders and depicts a revised camera bump. Separately, company spokeswoman Spenser Blank stated that two features absent from the OnePlus 10T—a Hasselblad-branded camera system and the adored alert slider—will be included on the OnePlus 11.

Read More: 15.5-Inch MacBook Air Expected to unveil in Spring 2023

There aren’t many specifics available at this time. “Witness the Shape of Power” is the headline for the event teaser, which is undoubtedly related to quick charging, one of OnePlus’ key selling points. According to leaks so far, the device will also have a 6.7-inch screen with a 120Hz refresh rate, a Snapdragon 8 Gen 2 CPU, and rapid wired charging up to 100W.

The OnePlus 11 will supersede the OnePlus 10 Pro. It will likely have a premium glass sandwich layout with a metal frame as far as appearance is concerned. The primary camera bump will be the main distinction between the OnePlus 10 Pro and its successor.

It will feature a circular camera bump at the rear with Hasselblad branding in contrast to the OnePlus 10 Pro’s square-like camera configuration. The display is probably going to be more accurate in terms of color and peak brightness than the OnePlus 10 Pro. The smartphone will probably come with a brand-new, enhanced in-display fingerprint sensor as well.

This display is most likely 3D curved, and Corning’s most recent Gorilla glass is anticipated to be used for enhanced protection. The OnePlus 11 should be a wonderful gaming device because the display probably has a better touch reaction rate.

The phone will reportedly have a 5,000 mAh battery and support wired charging up to 100W and wireless charging up to 50W. By limiting the fast charging capabilities to 100W, it appears that the company has discovered the ideal balance between protecting battery health and quick charging.

In order to leverage the market success of its midrange devices in 2022, the company is holding its event in India. As per Counterpoint Research, OnePlus was in 3rd spot in India’s premium smartphone market share, after Apple and Samsung (respectively), thus there is still plenty of space for growth.

The OnePlus 11 is probably going to be sold on Amazon, and it might also be the priciest OnePlus phone ever introduced. The base model of the phone is expected to cost more than Rs 65,000, whereas the top-of-the-line OnePlus 11 with 16GB RAM and 512GB of internal storage may cost more than Rs 80,000.

end-to-end encryption

Google announced end-to-end encryption for Gmail web

To render its emails more difficult to hack, Google is deploying a new update. According to a Google announcement, Gmail will soon support end-to-end encryption in web browsers. The capability, which is presently in beta, enables customers to send and get encrypted emails both inside and outside of their domain, according to a blog post from the company.

end-to-end encryption
Image Source: gizmodo.com.au

The new technology, which Google describes as client-side encryption, will make sure that important information in the body of the email and attachments is unreadable by Google servers. Additionally, it will provide customers access to the encryption keys while allowing the identity service to access them.

Google noted, “Google Workspace already uses the latest cryptographic standards to encrypt all data at rest and in transit between our facilities Client-side encryption helps strengthen the confidentiality of your data while helping to address a broad range of data sovereignty and compliance needs.”

Client-side encryption (CSE) in Google Workspace enables the processing of data encryption in the client’s browser prior to data transmission or cloud-based storage in Drive. The company emphasized will not be able to access users’ encryption keys. It noted, “You can use your own encryption keys to encrypt your organization’s data, in addition to using the default encryption that Google Workspace provides.

Read More: 15.5-Inch MacBook Air Expected to unveil in Spring 2023

With Google Workspace Client-side encryption (CSE), content encryption is handled in the client’s browser before any data is transmitted or stored in Drive’s cloud-based storage. That way, Google servers can’t access your encryption keys and decrypt your data. After you set up CSE, you can choose which users can create client-side encrypted content and share it internally or externally.”

Gmail’s end-to-end encryption will make sure that all email communications sent by users are encrypted by the sender and can only be decoded on the device of the intended receiver.

The emails and attachments transmitted with them cannot be decrypted or read by any organization or third party, including Google’s own email server. The fact that Google already offers client-side encryption on Google Drive, Sheets, Docs, Google Meet, Slides, Google Calendar and Google is noteworthy.

According to Google, customers with Google Workspace Enterprise Plus, Education Plus, or Education Standard are eligible to sign up for the Gmail client-side encryption (CSE) beta program. The beta program is accepting applications through January 2023. Users must submit a Gmail CSE Beta Test Application, which must include details like their email id, test group domain, and Project ID.

Users of Google Workspace Essentials, Business Starter, Business Standard, Business Plus, Enterprise Essentials, Education Fundamentals, Frontline, and Nonprofits, as well as older G Suite Basic and Business customers, will not be able to use the new feature as of now. According to Google, the public release will be made available at a later time in 2023.

Google has made it clear that the new functionality would encrypt both the email content and all attachments, including embedded photos. Google, however, will not encrypt the email’s header, which contains the topic, timestamps, and recipient lists.

Additionally, Google has stated that “in an upcoming release” it will add client-side encryption to its Gmail application for iOS and Android devices.