Home Tags Toshiba

Tag: Toshiba

Western Digital dispute with Toshiba heads for arbitration

Western Digital is seeking arbitration, demanding that its consent has to be taken before Toshiba can go ahead with plans to sell a stake in its memory business to raise funds.The storage technology company acquired SanDisk last year and has been ru...

Samsung could displace Intel as the world’s biggest chip company in...

Samsung's revenue is being driven up by increases in NAND and DRAM pricing.

VU#491375: Intel Active Management Technology (AMT) does not properly enforce access...

Technologies based on Intel Active Management Technology may be vulnerable to remote privilege escalation,which may allow a remote,unauthenticated attacker to execute arbitrary code on the system.

3D NAND to make up half of all flash memory production

3D NAND, which stacks layer upon layer of flash cells atop one another like a microscopic skyscraper, will become the prominent technology for all flash memory this year, according to a new report.According to DRAMeXchange's latest forecast, NAND fl...

Foxconn said to offer $27B for Toshiba’s memory chip business

Foxconn, the Taiwanese electronics manufacturer best known as the maker of iPhones and iPads for Apple, is said to be preparing a $27 billion bid to acquire Toshiba's computer chip assets.Toshiba is most commonly recognized for making NAND flash and memory chips, with all of its factories in Japan. However, chip manufacturing in Japan has slipped as rivals in South Korea and China gain in strength.[ The InfoWorld review: QNAP TVS-882T NAS piles on the features. | Get a digest of the day's top tech stories in the InfoWorld Daily newsletter. ]The news of the potential offer was first reported by the Wall Street Journal.

Foxconn is the latest of a number of companies, including SK Hynix and equity investor Silver Lake, interested in acquiring Toshiba's chip assets.To read this article in full or to leave a comment, please click here

Nuclear giant Westinghouse files for bankruptcy after costs skyrocketed

Capital-intensive reactors in the US are $1 billion to $1.3 billion over budget.

VU#600671: PCAUSA Rawether for Windows local privilege escalation

PCAUSA's Rawether framework does not properly validate BPF data,allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets.

This vulnerability may be exploited to perform local privilege escalation on Windows systems.

Toshiba’s in chaos, but not quitting PCs — yet

Toshiba is more than a laptop maker, but the vast Japanese conglomerate shrunk on Tuesday under a wave of bad news.In one day, the company lost its chairman, said it will stop building nuclear power plants, wrote off about $6.2 billion relating to t...

8TB, HGST disks show top reliability, racking up 45 years without...

Two disk models last the full year without a single failure.

TiVo’s “TV Guide” patents are DOA at appeals court

Enlarge / Netflix company headquarters in Los Gatos, California.David Paul Morris/Bloomberg via Getty Images reader comments 10 Share this story A five-year-old patent brawl between Netflix and Rovi (now TiVo) has reached a turning point, with the US Court of Appeals for the Federal Circuit upholding a major lower-court victory by Netflix. The litigation between the two companies began in 2011, when Netflix sued to invalidate a batch of patents on Rovi's digital entertainment guides, for which Rovi had demanded Netflix pay licensing fees. The patents described ways of navigating TV and other video content online.

Even after Netflix lawyers bested Rovi at the International Trade Commission and then pounded all five patents out of existence at district court last year, Rovi said it would push forward with an appeal. Now it's clear that Rovi's strategy to patent digital TV guides has hit a wall. Just a few days after Rovi's lawyers made their oral argument, a panel of judges at the Federal Circuit upheld (PDF) the lower court's decision in its entirety without comment. Rovi's patents covered very basic ways of organizing video content, including one on using "combination categories" like "sports dramas" or "romantic comedies." Another was on bookmarking shows across devices, which Rovi argued was a new idea when it filed its patent. "A novel abstract idea is still an abstract idea," US District Judge Phyllis Hamilton informed the company in her opinion, which has now been upheld. Rovi sued and settled with other companies over its patents, including Amazon, Hulu, Toshiba, Sharp, and China-based Haier. In April, Rovi acquired TiVo, another company that has turned its patents into a revenue stream.
It soon took on TiVo's name.

Executives of the merged company told investors they were going to focus more on licensing IP than building hardware. But even with TiVo's big litigation wins, the company couldn't ultimately stop itself from becoming an afterthought.

The big bets that companies like TiVo and Rovi made on software patents aren't panning out, especially since the Supreme Court's Alice decision has made it substantially easier to invalidate patents that describe basic business processes. Neither TiVo nor Netflix immediately responded to requests for comment on the decision.

Flaws in Wireless Keyboards Let Attackers Snoop on Users

A lack of encryption affects at least eight manufacturers' low-cost wireless keyboards, allowing hackers to remotely "sniff" all the keystrokes of wireless keyboards from up to 250 feet away. Wireless keyboards from eight manufacturers do not encrypt their communications, allowing attackers to easily snoop passwords, credit-card numbers and other valuable information, according to a report published July 26 by security firm Bastille.The attack, which Bastille called KeySniffer, only affects keyboards whose manufacturers used non-standard communications technology to create the wireless pair between the devices and a USB dongle. Keyboards that use Bluetooth are unaffected.Bastille researcher Marc Newlin discovered the issue after reverse-engineering popular wireless keyboards that did not use the Bluetooth communications protocol. He originally analyzed 12 keyboards and found eight that failed to encrypt their data."These eight keyboards were transmitting the keystrokes completely in clear text, so no encryption whatsoever," he said. "And at that point, it became apparent that the attacker could sniff keystrokes from these devices and inject keystrokes into the communications stream because it's unencrypted." In an increasingly popular move among security companies, Bastille branded the vulnerability, complete with a cool name and a bespoke website.

Affected wireless keyboards include those from HP, Toshiba, Kensington, Insignia, Radio Shack, Anker, General Electric and EagleTec, Bastille said. Remote keysniffing attacks have a long history.
In 2005, researchers at the University of California at Berkeley found that a $10 microphone could discern 90 percent of the words typed during a 10-minute recording.

Five years later, another group of researchers released a device that could snoop on the connection between devices using Nordic Semiconductor's wireless chips.In 2010, a team of researchers known as the KeyKeriki group found that certain Microsoft keyboards used a weak XOR encryption scheme to obfuscate the content of traffic between the keyboard and the connected device. Last year, Samy Kamkar—perhaps best known for creating the "Samy" Facebook worm—created another attack, known as KeySweeper, which exploited Microsoft's vulnerability.And earlier this year, Bastille found another issue, dubbed MouseJack, that could allow an attacker to hijack the connection between wireless keyboards or mice and the device with which they are paired.Reverse-engineering the keyboards was the most difficult part of the process. Hacking the peripherals is quite easy, and only requires a transceiver and an antenna—$80 online—and some custom software, Newlin said.
In addition, the way the USB dongles keep the connection with a keyboard alive makes it easy to detect a vulnerable device, he said."A kind of interesting point on this is that the dongles on these keyboards are constantly transmitting packets to make it easy for the keyboard to find the dongle," Newlin said. "And that means an attacker can very, very quickly survey an environment for all the keyboards vulnerable to the type of attack."Bastille notified the keyboard vendors of the issues, but most are not able to be firmware-upgraded and so cannot be patched, the company said.

The firm recommended that users upgrade to a wired keyboard or a Bluetooth device.

It’s 2016 and your passwords can still be sniffed from wireless...

KeySniffer – does what it says on the tin Millions of low-cost wireless keyboards are susceptible to a vulnerability that reveals private data to hackers in clear text. The vulnerability – dubbed KeySniffer – creates a means for hackers to remotely “sniff” all the keystrokes of wireless keyboards from eight manufacturers from distances up to 100 metres away. “When we purchase a wireless keyboard we reasonably expect that the manufacturer has designed and built security into the core of the product,” said Bastille Research Team member Marc Newlin, responsible for the KeySniffer discovery. “Unfortunately, we tested keyboards from 12 manufacturers and were disappointed to find that eight manufacturers (two thirds) were susceptible to the KeySniffer hack.” The keyboard manufacturers affected by KeySniffer include: Hewlett-Packard, Toshiba, Kensington, Insignia, Radio Shack, Anker, General Electric, and EagleTec.
Vulnerable keyboards are always transmitting, whether or not the user is typing.

Consequently, a hacker can scan for vulnerable devices at any time.

A complete list of affected devices can be found here. Wireless keyboards have been the focus of security concerns before.
In 2010, the KeyKeriki team exposed weak XOR encryption in certain Microsoft wireless keyboards. Last year Samy Kamkar’s KeySweeper exploited Microsoft’s vulnerabilities.

Both of those took advantage of shortcomings in Microsoft’s encryption. The KeySniffer discovery is different in that it reveals that manufacturers are actually producing and selling wireless keyboards with no encryption at all.

Bluetooth keyboards and higher-end wireless keyboards from manufacturers including Logitech, Dell, and Lenovo are not susceptible to KeySniffer. Bastille notified affected vendors to provide them the opportunity to address the KeySniffer vulnerability prior to going public on Tuesday. Most, if not all, existing keyboards impacted by KeySniffer cannot be upgraded and will need to be replaced, it warns. Bastille’s discovery of KeySniffer follows month after its discovery of MouseJack, a vulnerability affecting millions of wireless mice. ® Sponsored: Global DDoS threat landscape report