An anonymous reader quotes a report from ZDNet: For years, there's been a known security vulnerability hiding in the GNU C Library (glibc). This library, which is critical for Linux and many other operating systems and programs, had a dynamic memory management security hole that could be used for denial of service (DoS) attacks. Now, the security company, Check Point, has issued an open-source patch, which will make it much more difficult to exploit this memory allocation (malloc) problem. Check Point re-encountered this known problem when it discovered that so-called smart light bulbs could be used to hack into networks by exploiting unprotected single-linked-lists. The double-linked-list version of this problem had been fixed back in 2005 with Safe-Unlinking. But, the single-linked-list version, which is present in the memory primitive functions Fast-Bins and Thread Cache (TCache), remained vulnerable.

Now, the fix is in for this problem. This new built-in security mechanism is called Safe-Linking. It protects malloc by signing its single-linked-list pointers with random numbers derived from Linux's Address Space Layout Randomization (ASLR) functionality. Combined with memory chunk alignment integrity checks, it protects the memory pointers from hijacking attempts and thus the system itself. The patch is now being integrated with the most common standard C library implementation, glibc. Safe-Linking will be released in glibc 2.32 in August 2020. It's already up and running in glibc's popular embedded counterpart: uClibc-NG.

Mike Godwin, the first staff counsel of the Electronic Frontier Foundation, writes in a column: Another thing we clearly got wrong is how large platforms would rise to dominate their markets -- even though they never received the kind of bespoke regulated-monopoly partnership with governments that, generations before, the telephone companies had received. In most of today's democracies, Google dominates search and Facebook dominates social media. In less-democratic nations, counterpart platforms -- like Baidu and Weibo in China or VK in Russia -- dominate their respective markets, but their relationships with the relevant governments are cozier, so their market-dominant status isn't surprising. We didn't see these monopolies and market-dominant players coming, although we should have. Back in the 1990s, we thought that a thousand website flowers would bloom and no single company would be dominant. We know better now, particularly because of the way social media and search engines can built large ecosystems that contain smaller communities -- Facebook's Groups is only the most prominent example. Market-dominant players face temptations that a gaggle of hungry, competitive startups and "long tail" services don't, and we'd have done better in the 1990s if we'd anticipated this kind of consolidation and thought about how we might respond to it as a matter of public policy. We should have -- the concern about monopolies, unfair competition, and market concentration is an old one in most developed countries -- but I have no reflexive reaction either for or against antitrust or other market-regulatory approaches to address this concern, so long as the remedies don't create more problems than they solve.

What's new and more troubling is the revival of the idea, after more than half a century of growing freedom-of-expression protections, that maybe there's just too much free speech. There's a lot to unpack here. In the 1990s, social conservatives wanted more censorship, particularly of sexual content. Progressive activists back then generally wanted less. Today, progressives frequently argue that social media platforms are too tolerant of vile, offensive, hurtful speech, while conservatives commonly insist that the platforms censor too much (or at least censor them too much). Both sides miss obvious points. Those who think there needs to be more top-down censorship from the tech companies imagine that when censorship efforts fail, it means the companies aren't trying hard enough to enforce their content policies. But the reality is that no matter how much money and manpower (plus less-than-perfect "artificial intelligence") Facebook throws at curating hateful or illegal content on its services, and no matter how well-meaning Facebook's intentions are, a user base edging toward 3 billion people is always going to generate hundreds of thousands, and perhaps millions, of false positives every year. On the flip side, those who want to restrict companies' ability to censor content haven't given adequate thought to the consequences of their demands. If Facebook or Twitter became what Sen. Ted Cruz calls a "neutral public forum," for example, they might become 8chan writ large. That's not very likely to make anyone happier with social media.

The Russian government says it has successfully tested a country-wide alternative to the global internet. Details of what the test involved were vague but, according to the Ministry of Communications, ordinary users did not notice any changes. The results will now be presented to President Putin. The BBC reports: The initiative involves restricting the points at which Russia's version of the net connects to its global counterpart, giving the government more control over what its citizens can access. "Sadly, the Russian direction of travel is just another step in the increasing breaking-up of the internet," said Prof Alan Woodward, a computer scientist at the University of Surrey. "That would effectively get ISPs [internet service providers] and telcos to configure the internet within their borders as a gigantic intranet, just like a large corporation does," explained Prof Woodward.

"The Russian government has run into technical challenges in the past when trying to increase online control, such as its largely unsuccessful efforts to block Russians from accessing encrypted messaging app Telegram," Justin Sherman, a cyber-security policy fellow at the New America think tank, told the BBC. "Without more information about this test though, it's hard to assess exactly how far Russia has progressed in the path towards an isolatable domestic internet. "And on the business front, it remains to be seen just how much domestic and foreign pushback Russia will get."

ZDNet reports: In the never ending war between the chip giants, AMD has released a salvo by unveiling what are the world's most powerful desktop processors -- the new 24-core AMD Ryzen Threadripper 3960X and 32-core AMD Ryzen Threadripper 3970X... These 3rd-generation Ryzen Threadripper Processors are built using AMD's 7-nanometer "Zen 2" core architecture, and both chips feature 88 PCIe 4.0 lanes with extraordinary power efficiency.

On the performanced front, AMD claims that the new 32-core Ryzen Threadripper 3970X offers up to 90 percent faster performance over the competition... This performance doesn't mean the chips are power-hungry either, with AMD claiming they deliver up to 66 percent better power efficiency compared to previous generation processors. The new chips do, however, need a new socket. The new socket is called sTRX4, which offers expansion for serious multi-GPU and NVMe arrays, quad channel DDR4, ECC support, and unlocked overclocking.... [T]hey both will be available starting Tuesday, November 19.
Engadget reports: After getting some wins against Intel in the desktop enthusiast processor race, AMD is trying to run up the score with its latest model, the Ryzen 9 3950X. It has 16 cores/32 threads, a 3.5 Ghz base clock with up to 4.7 GHz boost (on two cores) and 105 watt power consumption (TDP), and costs $749, compared to $1,199 for Intel's 12-core i9-9920X. At the same time, AMD claims it outperforms the i9-9920X in gaming and even more so for content creation, where those extra cores can be best exploited.

According to the company, it'll do some Adobe Premiere tasks up to 26 percent quicker than an i9-9920X, and 42 percent faster than an 8-core i9-9900K. Better still, the Ryzen 9 3950X delivers 2.34 times more performance per watt than its Intel counterpart, and consumes 173W of absolute wall power compared to 304W for the i9-9920X. The power figures alone could be decisive for creators who run multiple workstations for 3D animation and rendering...

If $749 is $700 too much, AMD has another option -- the Athlon 3000G. The dual-core processor runs at 3.5Ghz, but AMD said it's "the only unlocked option in its segment," meaning you can push it to around 3.9Ghz. That'll boost its performance ahead of Intel's $73 Pentium G5400, AMD said. The Athlon 3000G will arrive November 19th for $49.

Twitter Chief Executive Officer Jack Dorsey called out his counterpart at Facebook, saying Mark Zuckerberg has a "major gap and flaw" in his argument for free speech on social media. From a report: "We talk a lot about speech and expression and we don't talk about reach enough, and we don't talk about amplification," Dorsey said at the Twitter News Summit in New York. "And reach and amplification was not represented in that speech." Zuckerberg gave a lengthy address at Georgetown University last week in which he explained that Facebook's approach to content -- which favors letting people say whatever they want -- is part of an American tradition of free speech in the marketplace of ideas. He evoked the civil rights movement and other grassroots campaigns that were allowed to spread because of free speech.

Like Twitter, Facebook's algorithm for sorting posts in a person's social media feed gives heavier weight to those that users share and comment on. Often that means the most incendiary or surprising messages find their way to the biggest audience. Other than addressing his algorithm, Zuckerberg didn't talk about the difference between content that naturally goes viral and promoted posts that people pay to send to a bigger audience. "It was a major gap and flaw in the substance he was getting across," Dorsey said.

Three U.S. lawmakers active in tech issues introduced a bill on Tuesday that would require social networks like Facebook to allow users to pack up their data and go elsewhere, they said in a statement. From a report: The senators, Republican Josh Hawley and Democrats Mark Warner and Richard Blumenthal, offered the bill at a time when there is growing concern that Facebook, along with Alphabet's Google, have become so powerful that smaller rivals are unable to lure away their users. The bill currently does not have a counterpart in the U.S. House of Representatives, which it will need to become law. The bill would require communications platforms with more than 100 million monthly active members -- Facebook has more than two billion -- to allow its users to easily move, or port, their data to another network, Warner's office said in a statement. Under the bill the companies would be required to maintain an interface to facilitate interoperability. Or users would be allowed to choose another company to manage a user's account settings, content, and online interactions, the statement said.

MarketWatch just published an interesting analysis by the head of automotive industry consulting at one of America's top business advisory firms. It argues that a strike by the United Auto Workers (UAW) union at General Motors is really about the future of the electric car: UAW members' anxieties and uncertainties are actually shared by General Motors (GM) and most other automakers, which know that it's no longer a question of when internal combustion engine cars will be replaced by electric vehicles, but how quickly the changeover will take place. The shift to electric means a fundamental transformation of what workers will do and how many are needed to do it.

Electric cars have far fewer parts, which means far fewer people are needed to put them together. When one analyst took apart a Chevrolet Bolt and Volkswagen Golf, he found that the Golf had 125 more moving parts than its electric counterpart. What's more, the electric vehicles' parts are often easier to put in place using automated machines. The UAW's own estimates that the move to electrification may cause 35,000 members to lose their jobs may not be the most scientific study ever done, but it's also probably not far off.

GM has attempted to appease the UAW with specific promises, including the construction of an electric battery plant in one of the Ohio cities hit hardest by recent factory closings. But even this tactic has only confirmed the UAW's worst fears: The battery plant won't need as many workers, and GM would prefer to pay them less than what other workers make at plants that require more complicated assembly.
The article concludes that "None of this is anyone's fault. GM is trying to respond to a global trend that it needs to follow in order to stay relevant. The UAW is trying to protect its members."

But he argues that the U.S. is already at risk of falling behind foreign auto-makers, and "it would just make a lot more sense if the people that we need to compete globally were working together as a team, rather than fighting each other."

The White House released a transcript that showed President Trump urged Ukraine's leader to contact Attorney General William Barr about opening an inquiry tied to Joseph R. Biden Jr. Two intelligence officials referred Mr. Trump's activity to the Justice Dept. for a possible criminal inquiry. It declined to open one. The New York Times: President Trump released the transcript on Wednesday of a July 25 call he had with Volodymyr Zelensky, the president of Ukraine, in which he encouraged his Ukrainian counterpart to contact Attorney General William P. Barr about investigating a political rival. Mr. Trump has defiantly denied saying anything inappropriate on the call, but the transcript shows he clearly referred by name to former Vice President Joseph R. Biden Jr., a leading 2020 Democratic presidential candidate, and encouraged Mr. Zelensky to reach out to Mr. Barr. Before the release, he declared on Twitter that Democrats had fallen into his trap, and that the release of the transcript would exonerate him -- and make them look foolish.

The transcript's release and content ensured a day of intense scrutiny. Representative Jerrold Nadler of New York, the chairman of the House Judiciary Committee, marveled that the attorney general has now been pulled in. Republicans stuck to their position that Mr. Trump did not offer Mr. Zelensky any inducements nor did he threaten him, so his demand for a Biden inquiry was not improper. "From a quid pro quo aspect, there's nothing there," said Senator Lindsey Graham, Republican of South Carolina. The release did not go far enough for many Democrats, who have demanded to see the full complaint about Mr. Trump's actions lodged by a whistle-blower, which has not been shared with Congress. On Tuesday, Nancy Pelosi announced formal Trump impeachment inquiry. From a report: "Today, I'm announcing the House of Representatives is moving forward with an official impeachment inquiry. I'm directing our 6 committees to proceed with their investigations under that umbrella ... The president must be held accountable," she said.

Plant-based/meat-free entrees are coming to major fast-food chains including White Castle, KFC, Del Taco, the Cheesecake Factory, and Subway. There's just one problem, argues an opinion piece by a certified nutritionist at NBC News: "these offerings aren't actually any healthier." The Impossible Whopper, for instance, not only has comparable caloric and fat levels as its meat-based counterpart, but it has more salt per serving; the Del Taco options are comparable. White Castle's Impossible Slider has more calories, more fat and more sodium than the meaty original (before you add cheese to either).

In fact, when you start to compare all of these offerings to their meat-based counterparts, you realize it's the same story no matter what brands you're talking about -- you might possibly save a few calories or carbs, but you'll probably get way more salt. Switching from meat-based fast foods to meat-free, then, isn't likely to help your health.
The article acknowledges that plant-based burgers may also be better for the environment, since 14.5% of all global greenhouse gas emissions are estimated to be coming from livestock. (And it also acknowledges plant-based substitutes may be better than red meat for people fighting heart disease or type 2 diabetes.) In addition, both the Beyond Burger and the Impossible Burger do have zero cholesterol -- while a high-cholesterol diet could lead to heart attacks and strokes.

But "If eating more realistic fake meat was about health, the offerings would be far lower in salt content, contain fewer calories and have a bit less dietary fat. None of them do..."

An anonymous reader quotes a report from Gizmodo: Last week, the Washington Post reported that the White House had been briefed on a plan to create an agency called HARPA, a healthcare counterpart to the Pentagon's research and development arm DARPA. Among other initiatives, this new agency would reportedly collect volunteer data from a suite of smart devices, including Apple Watches, Fitbits, Amazon Echos, and Google Homes in order to identify "neurobehavioral signs" of "someone headed toward a violent explosive act." The project would then use artificial intelligence to create a "sensor suite" to flag mental changes that make violence more likely. According to the Post, the HARPA proposal was discussed with senior White House officials as early as June 2017, but has "gained momentum" after the mass shootings in El Paso, Texas, and Dayton, Ohio. The latest version of the plan, reportedly submitted to the Trump administration this month, outlined the biometric project called "SAFE HOME," an acronym for "Stopping Aberrant Fatal Events by Helping Overcome Mental Extremes." A source told the newspaper that every time HARPA has been discussed in the White House "even up to the presidential level, it's been very well-received."

A copy of the plan obtained by the Post characterizes HARPA as pursuing "breakthrough technologies with high specificity and sensitivity for early diagnosis of neuropsychiatric violence" and claims that "a multi-modality solution, along with real-time data analytics, is needed to achieve such an accurate diagnosis." That's a lot of vague buzzwords, but the general idea is clear: collect a wealth of personal data in order to flag mental status changes in individuals and determine whether those changes can predict mass violence. It's an approach that strikes George David Annas, deputy director of the Forensic Psychiatry Fellowship Program at SUNY Upstate Medical University, as ridiculous. "The proposed data collection goes beyond absurdity when they mention the desire to collect FitBit data," Annas told Gizmodo. "I am unaware of any study linking walking too much and committing mass murder. As for the other technologies, what are these people expecting? 'Alexa, tell me the best way to kill a lot of people really quickly'? Really?" "Creating a watchlist of citizens who most likely will never act violently based on their mental health is a very dangerous proposal with major ethical considerations," Emma Fridel, a doctoral candidate at Northeastern University specializing in mass murder, told Gizmodo. "Doing so to predict the unpredictable is utterly absurd."

Brazil's President Jair Bolsonaro has ruled out accepting a G7 offer of aid to fight fires in the Amazon rainforest unless he gets an apology from his French counterpart, Emmanuel Macron. From a report: Hours after leaders of some of the world's wealthiest countries pledged more than $22 million to help combat fires in the Amazon rainforest, Brazil's government angrily rejected the offer, in effect telling the other nations to mind their own business -- only to later lay out potential terms for the aid's acceptance. President Jair Bolsonaro of Brazil expressed his ire in a series of Twitter posts on Monday, and specifically criticized and taunted President Emmanuel Macron of France, who had announced the aid package at the Group of 7 summit meeting. Their comments extended a verbal feud between the two leaders.

But early the next day, Mr. Bolsonaro offered possible terms for the acceptance of the aid package when he spoke to reporters in the capital, Brasilia. He said that if Mr. Macron withdrew "insults made to my person," and what Mr. Bolsonaro interpreted as insinuations that Brazil does not have sovereignty over the Amazon, he would reconsider. "To talk or accept anything from France, even with their very best intentions, he will have to withdraw his words, and then we can talk," Mr. Bolsonaro said. "First he withdraws them, then he makes the offer, and then I'll answer."

Mr. Bolsonaro, who has suggested earlier that Mr. Macron's real motive is to shield France's agriculture from Brazilian competition, had tweeted on Monday that the president "disguises his intentions behind the idea of an 'alliance' of the G7 countries to 'save' the Amazon, as if we were a colony or a no-man's land." His chief of staff, Onyx Lorenzoni, told the Globo broadcast network that the administration would be turning down the offer, and insulted Mr. Macron with a reference to the fire that gutted the Cathedral of Notre-Dame in Paris in April. The Brazilian government later confirmed his comments, Globo reported.

An anonymous reader quotes a report from Motherboard: On Wednesday, a gravitational wave called S190814bv was detected by the U.S.-based Laser Interferometer Gravitational-Wave Observatory (LIGO) and its Italian counterpart Virgo. Based on its known properties, scientists think there is a 99% probability that the source of the wave is a black hole that ate a neutron star. In contrast to black hole mergers, neutron star collisions do produce a lot of light. When a gravitational wave from a neutron star crash was detected in 2017, scientists were able to pinpoint bright emissions from the event -- called an optical counterpart -- in the days that followed the wave detection. This marked the dawn of a technique called "multi-messenger astronomy," in which scientists use multiple types of signals from space to examine astronomical objects.

Ryan Foley, an astronomer at UC Santa Cruz, was part of the team that tracked down that first optical counterpart, a feat that has not yet been repeated. He and his colleagues are currently scanning the skies with telescopes, searching for any light that might have been radiated by the new suspected merger of a black hole and neutron star. If the team were to pick up light from the event within the coming weeks, they would be witnessing the fallout of a black hole spilling a neutron star's guts while devouring it. This would provide a rare glimpse of the exotic properties of these extreme astronomical objects and could shed light on everything from subatomic physics to the expansion rate of the universe. "We've never detected a neutron star and a black hole together," said Foley. "If it turns out to be right, then we've confirmed a new type of star system. It's that fundamental." He added: "If you learn about how neutron stars are built, that can tell you about how atoms are built. This is something that is fundamental to everything in our daily life works."

An anonymous reader quotes a report from The New York Times: When she joined a trial of new tuberculosis drugs, the dying young woman weighed just 57 pounds. Stricken with a deadly strain of the disease, she was mortally terrified. Local nurses told her the Johannesburg hospital to which she must be transferred was very far away -- and infested with vervet monkeys. "I cried the whole way in the ambulance," Tsholofelo Msimango recalled recently. "They said I would live with monkeys and the sisters there were not nice and the food was bad and there was no way I would come back. They told my parents to fix the insurance because I would die." Five years later, Ms. Msimango, 25, is now tuberculosis-free. She is healthy at 103 pounds, and has a young son.

The trial she joined was small -- it enrolled only 109 patients -- but experts are calling the preliminary results groundbreaking. The drug regimen tested on Ms. Msimango has shown a 90 percent success rate against a deadly plague, extensively drug-resistant tuberculosis. On Wednesday, the Food and Drug Administration effectively endorsed the approach, approving the newest of the three drugs used in the regimen. Usually, the World Health Organization adopts approvals made by the F.D.A. or its European counterpart, meaning the treatment could soon come into use worldwide. Typically, patients in South Africa treated with this deadly strain of tuberculosis are required to take up to 40 daily pills for up to two years. "But in the trial Ms. Msimango joined, nicknamed Nix-TB, patients took only five pills a day for six months," the report says. "The pills contain just three drugs: pretomanid, bedaquiline and linezolid. Someday, the whole regimen might come in just one pill, as H.I.V. drugs do, one expert said."

"AMD is unleashing an arsenal of products today," writes Slashdot reader MojoKid.

Hot Hardware writes: The Zen 2-based AMD Ryzen 3000 series is easily one of the most anticipated product launches in the PC space in recent memory. AMD has essentially promised to address virtually all of the perceived shortcomings of the original Zen-based Ryzen processors, with the Ryzen 3000 series, while continuing to aggressively challenge Intel on multiple fronts -- performance, power, price, you name it.
MojoKid summarizes their analysis: In the benchmarks, performance has been improved across the board. The AMD Ryzen 9 3900X and Ryzen 7 3700X offered superior single and multi-thread performance versus their second-gen counterparts, and better latency characteristics, that allowed them to occasionally overtake processors with more cores / threads in a few multi-threaded tests. On a couple of occasions, the 12-core / 24-thread Ryzen 9 3900X even outpaced the 16-core / 32-thread Threadripper 2950X. Performance versus Intel is more of a mixed bag, but the Ryzen 3000 series still looks strong. Single-thread performance is roughly on-par with Intel's Coffee Lake based Core i9-9900K, depending on the workload. Multi-threaded scaling is a dogfight strictly in terms of absolute performance, but because AMD offers more cores per dollar, the Ryzen 3000 series is the clear winner here.

Meanwhile, AMD's Radeon RX 5700 and Radeon RX 5700 XT Navi-powered graphics cards are set to take on NVIDIA's GeForce RTX offerings in the midrange
There's more details in the original submission, and PC World writes that AMD's Radeon RX 5700 and Radeon RX 5700 XT graphics cards "represent a fresh start and a bright future for AMD, brimming with technologies that have never been seen in GPUs before." But they're not the only site offering a detailed analysis.

Forbes tested the chips on five high-workload games (including World of Tanks and Shadow of the Tomb Raider) and shared their results: As usual, things are very title and resolution dependent, but in general, [AMD's] RX 5700 XT proved to be a slightly better option at 1080p with the RTX 2060 Super mostly matching it above this... However, the 2060 Super was cooler-running and much quieter than its AMD counterpart, plus I'd argue it's better-looking too... You also get the option of Ray Tracing and DLSS, but even discounting those, the Nvidia card is a slightly better buy overall.
But CNET argues that AMD's new graphics cards "are very quiet. They are bigger and do require more power than the RTX 2060...but the 2060 Super has increased power requirements as well."

TL:DR: There's a chip war going on.

Ivan Mehta, writing for The Next Web: Last year, Netflix reportedly published a whopping 1,500 hours of original content. And with the launch of streaming services from Apple and Disney, the on-demand video market is getting very competitive. Media houses and companies are already looking towards the next solution for producing content to keep up with the trend: AI avatars. Here's one sample: Last year in November, Chinese state-run media company Xinhua debuted an AI anchor that looked exactly like its real-life counterpart Zhang Zhao. The company said that the avatar speaks both in Mandarin and English. Xinhua said at that time that AI anchors are now officially a part of their team; aiming to provide "authoritative, timely and accurate news" round the clock, through its apps and social channels like WeChat. A report from Tencent news published in February stated that the first batch of AI Anchors has produced more than 3,400 news reports, with a cumulative time of more than 10,000 minutes. It even debuted a female AI anchor named Xin Xiaomeng in February. These numbers indicate that at this rate, AI anchors can outwork their human counterparts very soon.

MojoKid writes: NVIDIA has launched a new family of more budget friendly Turing graphics chips for gaming laptops, called the GeForce GTX 1650, GeForce GTX 1660, and GeForce GTX 1660 Ti. The new GPUs will power roughly 80 different OEM mainstream gaming notebook designs, starting in the $799 price range. Compared to a 4-year-old gaming laptop with a GeForce GTX 960M, NVIDIA says that a modern counterpart equipped with a GeForce GTX 1660 Ti can deliver 4x the performance in today's battle royale-style games like Apex Legends, Fortnite, and PUBG. As for the GeForce GTX 1650, NVIDIA is promising a 2.5x performance advantage compared to the GTX 950M and a 1.7x advantage compared to the previous generation GTX 1050. Gamers should expect consistent 60 fps performance in the above-mentioned gaming titles at 1080p, though the company didn't specifically mention GTX 1660 vs 1060 performance comparisons. According to NVIDIA, every major OEM will be releasing GeForce GTX 16 Series laptops, including well-known brands like ASUS, Dell/Alienware, Acer, Hewlett-Packard, and Lenovo (among others).

Today at its annual AI Day conference in San Francisco, chipmaker Qualcomm revamped the midrange products in its system-on-chip portfolio with faster graphics, more power-efficient cores, and other silicon accouterments. From a report: The Snapdragon 670 gained a counterpart in the Snapdragon 665, and the Snapdragon 700 series has two new SKUs in the long-rumored Snapdragon 730 and a gaming-optimized variant dubbed Snapdragon 730G. "In the last several years, we've had a few different technologies that we've [explored]," said vice president of product management Kedar Kondap during a press briefing. "One is obviously [the] camera. Secondly, AI, and ... gaming ... [We've] focused on ... power, [making] sure we drive very high performance." The 11-nm Snapdragon 665 packs Kryo 260 cores and offers up to 20 percent power savings with the Adreno 610 GPU. The 8-nm Snapdragon 730 has Kryo 470 cores inside.

The surveillance tool dubbed "Exodus" has been ported to the Apple iOS ecosystem. According to Threatpost, the spyware "can exfiltrate contacts, take audio recordings and photos, track location data and more on mobile devices." From the report: Earlier this month, word came that Google had booted a raft of Exodus-laden apps. According to Lookout Security, it turns out that iOS versions had become available outside the App Store, through phishing sites that imitate Italian and Turkmenistani mobile carriers. These are notable in that they abused the Apple Developer Enterprise program. According to Lookout and other research from Security Without Borders, the spyware appears to have been under development for at least five years. It's a three-stage affair, starting with a lightweight dropper that then fetches a large second-stage payload that contains multiple binaries with most of the spy goods housed within them. Finally, a third stage typically uses the Dirty COW exploit (CVE20165195) to obtain root privileges on a targeted device. In delving into the technical details, Lookout saw evidence of a fairly sophisticated operation, suggesting that it may have been initially marketed as a legitimate package for the government or law-enforcement sectors.

In order to spread the iOS app outside of the official App Store, the cybercriminals abused Apple's enterprise provisioning system, which allowed them to sign the apps using legitimate Apple certificates. Lookout's analysis found that the iOS variant is a bit cruder than its Android counterpart, and it lacks the ability to exploit device vulnerabilities. However, the apps were still able to use documented APIs to exfiltrate contacts, photos, videos and user-recorded audio recordings, device information and location data; and, it offered a way to perform remote audio recording, though this required push notifications and user interaction. The good news is that Apple has revoked the affected certificates for this particular crop of apps.

Motorola is releasing three versions of the Moto G7 this year: the G7, the G7 Power, and the G7 Play (a fourth, more powerful G7 Plus model will also be released internationally). These new devices offer slimmer bezels, bigger displays, and larger batteries than their predecessors. The Verge reports: [T]he $299 G7 (not to be confused with LG's G7 ThinQ) is the top-of-the-line model, with a 6.2-inch Gorilla Glass display that features a 2270 x 1080 resolution and a more subtle teardrop notch. The G7 also has more RAM (4GB), and more internal storage (64GB) than its siblings, along with a dual-camera setup on the back that offers a 12-megapixel main lens along with a 5-megapixel depth sensor for a better portrait mode experience (the other G7 phones will have a software-based portrait mode instead). The G7 also supports Motorola's 15W TurboPower charging spec, which promises nine hours of battery life from a 15-minute charge.

The next phone in the lineup, the $249 G7 Power, may not offer the same level of premium upgrades as the G7, but it does offer an intriguing feature that its pricier counterpart doesn't: a massive 5,000mAh battery that Motorola promises should last for up to three days, besting the 3,000mAh battery in the G7 by a considerable amount (it also supports Motorola's TurboPower charging). The G7 Power also features a 6.2-inch display, but at a lower 1520 x 720 resolution and with a larger notch, and only a single 12-megapixel camera on the back. It also drops down to 3GB of RAM and a base storage of 32GB, and is a bit bulkier than the main G7 -- but if sheer battery life is your goal, it seems like the G7 Power will be tough to beat. Lastly, there's the $199 G7 Play, the smallest and cheapest model in the 2019 Moto G lineup. There are more cuts here: a smaller 5.7-inch 1512 x 720 display with an even larger notch than the G7 Power, a cheaper plastic case, and just 2GB of RAM. All three devices will feature Qualcomm's mid-tier Snapdragon 632 processor, Android 9.0 Pie, 8-megapixel front-facing cameras, charge via USB-C, and offer rear-mounted fingerprint sensors. Lastly, the 3.5mm headphone jack is still included on all three models. Motorola is promising a release date sometime in the spring for both the U.S. and Canada.

Zorro shares a report: Silicon Valley researchers are attacking flying bloodsuckers in California's Fresno County. It's the first salvo in an unlikely war for Google parent Alphabet: eradicating mosquito-borne diseases around the world. A white high-top Mercedes van winds its way through the suburban sprawl and strip malls as a swarm of male Aedes aegypti mosquitoes shoot out of a black plastic tube on the passenger-side window. These pests are tiny and, with a wingspan of just a few millimeters, all but invisible. "You hear that little beating sound?" says Kathleen Parkes, a spokesperson for Verily Life Sciences, a unit of Alphabet. She's trailing the van in her car, the windows down. "Like a duh-duh-duh? That's the release of the mosquitoes."

Jacob Crawford, a Verily senior scientist riding with Parkes, begins describing a mosquito-control technique with dazzling potential. These particular vermin, he explains, were bred in the ultra-high-tech surroundings of Verily's automated mosquito rearing system, 200 miles away in South San Francisco. They were infected with Wolbachia, a common bacterium. When those 80,000 lab-bred Wolbachia-infected, male mosquitoes mate with their counterpart females in the wild, the result is stealth annihilation: the offspring never hatch. Better make that 79,999. "One just hit the windshield," says Crawford. Mosquito-borne disease eradication is serious stuff for Alphabet, though it is just one of many of the company's forays into health care and life sciences.