PSA: If you’ve ever used a Sennheiser headset with your Mac, it is wide open to attack

If you’ve ever used a Sennheiser headset or speakerphone device with your Mac (or Windows PC), the accompanying HeadSetup app has left your machine wide open to attack.

In what has been described as a ‘monumental security blunder,’ the app allows a bad actor to successfully impersonate any secure website on the Internet …

ArsTechnica explains.

To allow Sennheiser headphones and speaker phones to work seamlessly with computers, HeadSetup establishes an encrypted Websocket with a browser. It does this by installing a self-signed TLS certificate in the central place an operating system reserves for storing browser-trusted certificate authority roots. In Windows, this location is called the Trusted Root CA certificate store. On Macs, it’s known as the macOS Trust Store.

The critical HeadSetup vulnerability stems from a self-signed root certificate installed by version 7.3 of the app that kept the private cryptographic key in a format that could be easily extracted. Because the key was identical for all installations of the software, hackers could use the root certificate to generate forged TLS certificates that impersonated any HTTPS website on the Internet. Although the self-signed certificates were blatant forgeries, they will be accepted as authentic on computers that store the poorly secured certificate root. Even worse, a forgery defense known as certificate pinning would do nothing to detect the hack.

Although the app encrypted the key with a passphrase, the passphrase itself (SennheiserCC) was stored in plaintext in a configuration file.

“It took us a few minutes to extract the passphrase from the binary,” Secorvo researcher André Domnick told Ars. From then on, he effectively had control of a certificate authority that any computer that had installed the vulnerable Sennheiser app would trust until 2027, when the root certificate was set to expire. Dominick created a proof-of-concept attack that created a single certificate […] that spoofed Google, Sennheiser, and three of Sennheiser’s competitors.

Even if you later uninstalled the app, the certificate would still be trusted. All Mac users who have ever used the HeadSetup app should manually uninstall the certificate by following Sennheiser’s instructions. (The instructions leave out the first step, which is to ensure you’re in the Finder.)

If you still use the app, you can download the latest version of HeadSet, which should also delete the vulnerable certificate, but the safest option would be to do it manually as above first

[“source=forbes]

Samsung Galaxy Note 9 Beats Galaxy S9+, Ties With HTC U12+ in DxOMark Camera Rankings

Samsung Galaxy Note 9 Beats Galaxy S9+, Ties With HTC U12+ in DxOMark Camera Rankings

Samsung’s Galaxy Note 9 camera received a higher DxOMark score than the Galaxy S9+

Popular camera testing portal DxOMark, has published its review of the Samsung Galaxy Note 9. According to the review, the phablet has been given an overall score of 103, ranking it above the Galaxy S9+. To recall, Samsung had launched its latest flagship last month and it is also available for purchasein India. Meanwhile, folks at DxOMark have managed to test the Galaxy Note 9’s camera performance to show pros and cons about the latest Samsung flagship in terms of optics. The overall score of the Galaxy Note 9 surpassed the marks DxOMark Image Labs gave to the Galaxy S9+ and shared the second place with the HTC U12+.

As per the result of DxOMark’s benchmark tests, the Galaxy Note 9 received a photo score of 107 from the DxOMark team, while its video recording capabilities have got a score of 94. To put that in perspective, overall DxOMark ranking leader Huawei P20 Pro got 114 and 98 respectively. Meanwhile, tied with Galaxy Note 9 at the second place, the HTC U12+ got a photo score of 106 and video score of 95. Meanwhile, Samsung’s Galaxy S9+ got 104 and 91 respectively.

Photo score of any smartphone on DxOMark is calculated by combining various sub-scores across categories like Exposure and Contrast, Color, Autofocus, Texture, Noise, Artifacts, Flash, Zoom, and Bokeh. The DxOMark review says that the Galaxy Note 9’s camera is a “strong performer” for still images. It added that the camera’s autofocus performance is “excellent” and it scored high for balancing detail retention and noise reduction, zoom quality, and realistic Bokeh effects.

The folks at DxOMark claim that the Galaxy Note 9 camera’s performance in bright light is “among the best we’ve tested.” The exposure seems to be good, and dynamic range was said to be “one of the widest we’ve seen”. Additionally, images are said to be bright and vivid with mostly accurate white balance and good colour rendering. There seems to be good noise reduction with a good balance between noise and texture. However, the review claims but the camera has a tendency to smooth fine details a little more than some rivals.

Meanwhile, the secondary camera in the Galaxy Note 9 and its x2 zoom factor work well for long shots, the DxD0Mark tests show. Also, zoom images show good levels of detail, primarily because of optical image stabilisation.

On the video recording front, the DxOMark team says that the Galaxy Note 9 performs well and its strengths include stabilisation and the smartphone’s ability to keep “artifacts and noise under control.” Additionally, autofocus is said to be the “real highlight”, as the camera reacts quickly to changing light conditions. The review states that the colours are bright and vivid and video exposure is generally accurate. Similar to still images, the videos are said to have generally good exposure accuracy, with quick adaption to changing light conditions. While the videos showed good detail and low noise levels, there were “some luminance and chroma noise visible in low-light scenes,” noted DxOMark in the review.

[“Source-gadgets.ndtv”]

Asus ZenFone Max Pro M1, ZenFone 5Z to Be Available With Discounts This Week, via Flipkart

Asus ZenFone Max Pro M1, ZenFone 5Z to Be Available With Discounts This Week, via Flipkart\

Discounts on ZenFone 5Z and ZenFone Max Pro M1 will be available between September 12 and September 14

Asus ZenFone Max Pro M1 and ZenFone 5Z will be available with discounts on Flipkart this week. The Taiwanese manufacturer has partnered with the Indian e-commerce giant to host an Asus Days sale to provide offers on the two Asus smartphones. Notably, the Asus Days sale will start on Wednesday, September 12 and will continue for three days until Friday, September 14. A day ahead of the sale, the company has notified the exact discounts and offers that buyers of the budget handset, ZenFone Max Pro M1, and flagship, ZenFone 5Z, will be able to avail. Here are all the details about the Asus Days sale.

A Rs. 500 discount will be applicable on purchase of the 3GB RAM/ 32GB storage and 4GB RAM/ 64GB storage, models of the ZenFone Max Pro M1. Notably, the discount will also be applicable to the 6GB RAM model that was launched in July this year. Additionally, buyers interested in the company’s flagship ZenFone 5Z, will be eligible for an extra Rs. 3,000 discount on exchanging their old smartphones.

[youtube https://www.youtube.com/watch?v=LIGaJ73rQkY?enablejsapi=1]

The base 3GB RAM variant of the ZenFone Max Pro M1, which is priced at Rs. 10,999, will be available at Rs. 10,499. Meanwhile, the one with 4GB RAM and 64GB storage will cost Rs. 12,499, down from the original retail price tag of Rs. 12,999. Also, the 6GB RAM model of the ZenFone Max Pro M1 will be available at Rs. 14,499 (MRP Rs. 14,999) under the Asus Days sale on Flipkart.

[youtube https://www.youtube.com/watch?v=7f50YYgzGEA?enablejsapi=1]

To recall, the ZenFone 5Z retails at Rs. 29,999 for the base variant with 6GB RAM and 64GB inbuilt storage, Rs. 32,999 for the 6GB RAM/ 128GB storage model, and Rs. 36,999 for the one with 8GB of RAM and 256GB onboard storage. As mentioned, the Asus Days sale will start at 12am on September 12 and will run till midnight on September 14.


Will Asus Zenfone 5Z force OnePlus to slash the price of the OnePlus 6? We discussed that on Orbital, our weekly technology podcast, which you can subscribe to via Apple Podcasts or RSS, download the episode, or just hit the play button below.

0COMMENTS

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and subscribe to our YouTube channel.

[“Source-gadgets.ndtv”]

Lenovo Z5 With Snapdragon 636, Vertical Dual Camera Setup Launched: Price, Specifications, Features

Lenovo Z5 With Snapdragon 636, Vertical Dual Camera Setup Launched: Price, Specifications, Features

Lenovo Z5, the Chinese phone maker’s latest premium smartphone, has been unveiled on Tuesday, alongside the Lenovo A5 and Lenovo K5 Note, at an event held in Beijing. While previous rumours pointed towards an all-display design with no bezels, the smartphone sports a 26.17mm notch on top and a significant 7.69mm bezel on the bottom. Other highlights of the Lenovo Z5 include the latest Qualcomm Snapdragon 636 SoC, a vertical dual rear camera setup with AI capabilities, and an iPhone X-like notch.

Lenovo Z5 price, availability

Lenovo Z5 price in China has been set at CNY 1,399 (roughly Rs. 14,700) for the 6GB RAM/ 64GB storage variant and CNY 1,799 (roughly Rs. 18,900) for the 6GB RAM/ 128GB inbuilt storage. The smartphone is up for pre-orders and shipping is said to begin in China from 10am on June 12.

Lenovo Z5 specifications

The dual-SIM (Nano) Lenovo Z5 runs ZUI 3.9 on top of Android 8.1 Oreo out-of-the-box, and sports a 6.2-inch full-HD+ (1080×2246 pixels) IPS display with a 90 percent screen-to-body ratio, an aspect ratio of 18.7:9 and 2.5D curved glass on top. The handset is fuelled by an octa-core Qualcomm Snapdragon 636 SoC, coupled with 6GB of LPDDR4X RAM. There is a 3300mAh battery under the hood, with support for 15W fast charge.

In the camera department, the Lenovo Z5 comes with a 16-megapixel primary rear camera sensor and an 8-megapixel secondary sensor, both of which are vertically stacked and come with AI capabilities, HDR+, 4K support, f/2.0 aperture, and an LED flash. On the front, the handset bears an 8-megapixel selfie camera with f/2.0 aperture and full-HD video recording. There is 64GB/ 128GB inbuilt storage, expandable via microSD card (up to 256GB).

Connectivity on the Lenovo Z5 includes 4G LTE, dual-band Wi-Fi 802.11ac with hotspot, Bluetooth v5.0, GPS, 3.5mm headphone jack, and USB Type-C. Sensors onboard the Lenovo Z5 include accelerometer, ambient light sensor, electronic compass, gyroscope, fingerprint sensor, and proximity sensor. Dimensions of the smartphone are 153×75.65×7.85mm and weight is about 165 grams

[“Source-timesofindia”]

Garmin Vivoactive 3 Music GPS Smartwatch With Integrated Music Launched

Garmin Vivoactive 3 Music GPS Smartwatch With Integrated Music Launched

Garmin has launched Vivoactive 3 Music, a wearable that takes everything you find in the 2017 model and adds music to the mix. Garmin already has smartwatches that come with GPS and music playback, in its lineup. But for the first time, the features are available on an affordable smartwatch. The Garmin Vivoactive 3 Music essentially comes with space for 500 songs that you can play directly from your watch via Bluetooth headphones. There is no need to carry a smartphone for your music consumption needs.

The Vivoactive 3 Music adds a music player and local storage to the combination fitness tracker and GPS smartwatch. It has been priced at $299.99 (roughly Rs. 20,300), around $50 (roughly Rs. 3,400) more than the Garmin Vivoactive 3. It is already available in the US, and bands of different sizes are available for purchase separately for $29.99 (roughly Rs. 2,000).

Notably, apart from the addition of music, the Vivoactive 3 Music is the same as the Vivoactive 3. This means users will get GPS, a heart rate monitor, contactless payments through Garmin Pay, a swim-safe build, up to 7 days of battery life, and access to the Garmin Connect IQ app store. Garmin says it has introduced several ways to customise with free watch faces, widgets, data fields and apps through the Garmin Connect IQTM store.

Featuring the same functionality and smart connectivity features first introduced on the Vivoactive 3, the Vivoactive 3 Music just adds on-device music storage capabilities. You can download offline music playlists from select music streaming services such as Deezer, iHeartRadio, or you can also transfer music from a PC directly to the smartwatch. Once the music is loaded, you will have to pair the device with a set of compatible Bluetooth headphones.

Coming to other specifications, the Garmin Vivoactive 3 Music sports a 1.2-inch (240×240 pixels) display. In terms of dimensions, the smartwatch measures 43.1×43.1×13.6mm and weighs 39 grams. The company claims that the battery runs for 13 hours in GPS training mode, 5 hours in GPS mode with music playing, and 7 days in smartwatch mode. Connectivity and sensors options include Bluetooth Smart, ANT+, GPS, GLONASS, optical HR, accelerometer, barometer, compass, and thermometer. For water resistance, the watch has Swim and 5 ATM certification.

Western lifestyle may cause blood pressure to rise with age

Close-up of a doctor measuring a patient's blood pressure.

A western lifestyle might be the reason blood pressure tends to rise with age, according to a study of remote tribal communities.

Hypertension is a key risk factor for cardiovascular disease, and in many developed countries, including the UK, the likelihood of developing increases with age. More than a quarter of adults in England have high blood pressure, with recent figures showing the proportion rises to 58% among those aged 65-74.

A study of remote communities in the Venezuelan rainforest has backed the idea that hypertension is not an inherent part of ageing, but a result of longer exposure to risks arising from lifestyle, such as high levels of salt in the diet, lack of exercise and heavy drinking.

Dr Noel Mueller, an assistant professor at Johns Hopkins University, who led the research, said: “The idea that blood pressure rises with age as part of a natural phenomenon is increasingly being dispelled through evidence, including our findings here, which show that in a population that is largely free of exposure to western influences, there is no age-related rise in blood pressure.”

Writing in the Jama Cardiology journal, Mueller and his colleagues report how they contacted two rainforest communities. One, the Yanomami, has had very little contact with the western world. The group has a hunter-gatherer-gardener lifestyle and does not eat much salt.

The other is the nearby Yekwana community, which has experienced some aspects of western life through trade facilitated by an airstrip, including commodities such as processed food and salt, as well as the presence of visitors – including missionaries, medical professionals and miners.

The team took the blood pressure of 72 Yanomami people and 83 from the Yekwana community aged between one to 60. While previous research has highlighted the low blood pressure of the Yanomami, this is the first time children were included in such work.

Yekwana participants showed an increase in blood pressure with age – albeit at a far lower level than seen in the US, for example. However, in the Yanomami community, blood pressure stayed approximately the same.

While infants in both communities had similarly low measurements, the team noted that by the age of 10, Yekwana and Yanomami children showed significant differences in blood pressure, with the divergence increasing with age.

“[That] to us indicates that interventions to prevent the rise in blood pressure and high blood pressure need to start early in life, where we can still have the opportunity to modify some of the exposures that might lead to high blood pressure,” Mueller said.

However, the study is very small – only 11 Yekwana individuals over the age of 40 took part in the research – and the research did not unpick exactly which lifestyle and diet differences might be behind the trends for age and blood pressure.

“It is unclear whether these factors fully explain the results, which may also be partly due to genetic factors,” said Dr James Sheppard, an expert in hypertension at Oxford University who was not involved in the study. He added that another problem was that the research did not measure the participants’ blood pressure as they aged, and participants were relatively young.

Prof Bryan Williams, a specialist in hypertension at University College Hospital in London, said: “[The study] gives us a glimpse at what a normal blood pressure trajectory would be like without the impact of westernisation – many more people would have a normal blood pressure throughout life.”

The hypertension seen older people in western countries such as the UK, he added, was caused by a stiffening of the large arteries. “This most likely represents some genetic predisposition but is powerfully influenced by lifestyle, as suggested by this study. It points once again to the importance of a healthy lifestyle to delay ageing of the arteries and delay the rise in blood pressure with age.”

[“source=ndtv”]