[ gsmarena.com ] Apple Watch total sales expected to reach 15M this year

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

Apple Watch total sales expected to reach 15M this year

Apple is expected to release an LTE version of its Apple Watch by the end of the year and it will undoubtedly boost the wearable’s sales.

As it currently sits Apple has reportedly sold around 10 million Apple Watches since it debuted the smartwatch back in 2015. Supply chain sources expect that Apple will sell close to 5 million units in the fourth quarter of this year, bringing the smartwatch’s total to 15 million.

A third generation Apple Watch with LTE should be faster and bring updated apps along with smartphone-independent communication functionality. This leads analysts to…


[ gsmarena.com ] BlackBerry has fixed Keyone’s ‘display pop out’ issue

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

BlackBerry has fixed Keyone’s ‘display pop out’ issue

As you might remember, the BlackBerry Keyone failed JerryRigEverything’s bend test miserably, with its display popping out immediately. This prompted the company to quickly issue a statement saying they are working to fix the problem.

BlackBerry confirmed in July that the issue has been resolved, and new units will no longer be as fragile. Yesterday Zack Nelson (aka JerryRigEverything) published a new video showing him performing the same bend test.

This time around, the device passed the test with flying colors. Zack even tried blow-drying the glue (so that it heats up, hoping it would…


[ gsmarena.com ] YotaPhone 3 pricing details confirmed

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

YotaPhone 3 pricing details confirmed

The upcoming YotaPhone 3 has already had its specs and renders leaked. In fact, the company itself has dropped some hints about the price tag the device will carry. And now, we have the exact pricing details for the handset.

As per listings on the company’s China website, the YotaPhone 3 with 64GB storage will start at CNY 2,398 ($360). That’s for the white variant – the black one will cost CNY 2,498 (around $375).

The higher-end version that offers 128GB storage will cost CNY 3,098 (around $465) and CNY 3,198 (around $480) for the white and black color models, respectively….


[ gsmarena.com ] ZTE TL99 with QHD display and 20MP camera gets TENAA certified

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

ZTE TL99 with QHD display and 20MP camera gets TENAA certified

A new ZTE smartphone has been certified by China’s TENAA. Listed as TL99, the device is powered by an SoC with quad-core, 2GHz processor, and sports a 5.5-inch display with 1440×2560 pixel resolution.

RAM is 4GB, while internal memory is 64GB. The handset features a 20MP rear camera and an 8MP front shooter. Measuring 154.1×77.6×9.3mm and weighing in at around 200g, the phone runs Android 7.1.1 Nougat, and packs in a 3,140mAh battery. There’s also a rear-mounted fingerprint sensor.

Pricing and availability information for the ZTE TL99 isn’t currently known.

Source | Via


[ krebsonsecurity.com ] Blowing the Whistle on Bad Attribution

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

Blowing the Whistle on Bad Attribution

The New York Times this week published a fascinating story about a young programmer in Ukraine who’d turned himself in to the local police. The Times says the man did so after one of his software tools was identified by the U.S. government as part of the arsenal used by Russian hackers suspected of hacking into the Democratic National Committee (DNC) last year. It’s a good read, as long as you can ignore that the premise of the piece is completely wrong.

The story, “In Ukraine, a Malware Expert Who Could Blow the Whistle on Russian Hacking,” details the plight of a hacker in Kiev better known as “Profexer,” who has reportedly agreed to be a witness for the FBI. From the story:

“Profexer’s posts, already accessible to only a small band of fellow hackers and cybercriminals looking for software tips, blinked out in January — just days after American intelligence agencies publicly identified a program he had written as one tool used in Russian hacking in the United States. American intelligence agencies have determined Russian hackers were behind the electronic break-in of the Democratic National Committee.”

The Times’ reasoning for focusing on the travails of Mr. Profexer comes from the “GRIZZLYSTEPPE” report, a collection of technical indicators or attack “signatures” published in December 2016 by the U.S. government that companies can use to determine whether their networks may be compromised by a number of different Russian cybercrime groups.

The only trouble is nothing in the GRIZZLYSTEPPE report said which of those technical indicators were found in the DNC hack. In fact, Prefexer’s “P.A.S. Web shell” tool — a program designed to insert a digital backdoor that lets attackers control a hacked Web site remotely — was specifically not among the hacking tools found in the DNC break-in.

The P.A.S. Web shell, as previously offered for free on the now-defunct site profexer[dot]name.

The P.A.S. Web shell, as previously offered for free on the now-defunct site profexer[dot]name.

That’s according to Crowdstrike, the company called in to examine the DNC’s servers following the intrusion. In a statement released to KrebsOnSecurity, Crowdstrike said it published the list of malware that it found was used in the DNC hack, and that the Web shell named in the New York Times story was not on that list.

Robert M. Lee is founder of the industrial cybersecurity firm Dragos, Inc. and an expert on the challenges associated with attribution in cybercrime. In a post on his personal blog, Lee challenged The Times on its conclusions.

“The GRIZZLYSTEPPE report has nothing to do with the DNC breach though and was a collection of technical indicators the government compiled from multiple agencies all working different Russian related threat groups,” Lee wrote.

“The threat group that compromised the DNC was Russian but not all Russian groups broke into the DNC,” he continued. “The GRIZZLYSTEPPE report was also highly criticized for its lack of accuracy and lack of a clear message and purpose. I covered it here on my blog but that was also picked up by numerous journalists and covered elsewhere [link added]. In other words, there’s no excuse for not knowing how widely criticized the GRIZZLYSTEPPE report was before citing it as good evidence in a NYT piece.”

Perhaps in response to Lee’s blog post, The Times issued a correction to the story, re-writing the above-quoted and indented paragraph to read:

“It is the first known instance of a living witness emerging from the arid mass of technical detail that has so far shaped the investigation into the election hacking and the heated debate it has stirred. The Ukrainian police declined to divulge the man’s name or other details, other than that he is living in Ukraine and has not been arrested.”

[Side note: Profexer may well have been doxed by this publication just weeks after the GRIZZLYSTEPPE report was released.]

This would not be the first time the GRIZZLYSTEPPE report provided fodder for some too-hasty hacking conclusions by a major newspaper. On December 31 2016, The Washington Post published a breathless story reporting that an electric utility in Vermont had been compromised by Russian hackers who had penetrated the U.S. electric grid.

The Post cited unnamed “U.S. officials” saying the Vermont utility had found a threat signature from the GRIZZLYSTEPPE report inside its networks. Not long after the story ran, the utility in question said it detected the malware signature in a single laptop that was not connected to the grid, and the Post was forced to significantly walk back its story.

Matt Tait, a senior fellow at the Robert Strauss Center for International Security and Law at UT Austin, said indicators of compromise or IOCs like those listed in the GRIZZLYSTEPPE report have limited value in attributing who may be responsible for an online attack.

“It’s a classic problem that these IOCs indicate you may be compromised, but they’re not very good for attribution,” Tait said. “The Grizzly Steppe report is a massive file of signatures, and loads of people have run those, found various things on their network, and then assumed it’s all related to the DNC hack. But there’s absolutely no tie between the DNC hack that in any way involved this P.A.S. Web shell.”

If it’s not always clear how seriously to take conclusions from Uncle Sam about the sources of cybercrime, it certainly doesn’t help when intelligence agencies are still relying on discredited sources of information about the sources of cyberattacks. As Mr. Lee observed at the top of his blog post, the Twitter account for the U.S. Defense Intelligence Agency tweeted on Aug. 14, 2017: “Cyber attacks going on right now #DoDIIS17”.

The DIA tweet included a brief video of the global threat map produced by Norse Corp., a company whose lovely but otherwise misguided efforts at cyber attack attribution have been repeatedly denounced by Lee and other cybersecurity experts. For more on how Norse self-destructed from the inside, see my Jan. 2016 story, Sources: Security Firm Norse Corp. Imploding.


One final note: Wired.com has a lengthy but tremendous new story worth reading called A Guide to Russia’s High Tech Tool Box for Subverting US Democracy. It makes a convincing case that the real, long-term goal of Russian state-sponsored hacking activity is to sow public and popular distrust in the democratic process and to weaken democratic institutions inside countries that support the North Atlantic Treaty Organization (NATO).


[ HK Weather ] August 18, 2017 at 02:15PM / Thunderstorm Warning issued (14:15 HKT 18/08/2017)

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

Hong Kong Weather Summary
#hongkong #weather
August 18, 2017 at 02:15PM
Thunderstorm Warning was issued at 14:15 HKT (18 Aug 2017)


[ gsmarena.com ] Oppo R11 FC Barcelona Edition now available

[ mukeshbalani.com ] “You heard it here first…if you haven’t already heard it elsewhere”…

Oppo R11 FC Barcelona Edition now available

As scheduled, the Oppo R11 FC Barcelona Edition is now available for purchase. The model is listed on the company’s China website for CNY 3,499, which currently translates into around $525.

The listing says the stock is limited, so those interested in purchasing may have to act fast. To refresh, hardware remains the same as other R11 models, just that the coloring scheme and the UI elements are all Barcelona-themed. Oh, and yes, there’s a crest on the back that’s made from 18K gold.

Source | Via