Daily News Roundup: Microsoft Brand Spoofing Is the Worst

Brand spoofing is a type of phishing where the perpetrator pretends to be a well-known brand. Usually, it’s in the form of disguised emails. A recent study revealed that Microsoft is the most spoofed brand by a wide margin.

It’s incredibly easy to forge a sender email address. With just a little bit of time and patience, you can create an email that says it’s coming from Bill Gates, Jeff Bezos, or anyone else you’d like. That very fact makes it tempting for bad actors to do… well bad things.

Frequent attacks include emails claiming your account is locked, and only clicking on a link in the email and providing your username and password will solve the problem. Or along similar lines, a request to confirm payment by providing your credit card number. Usually, the links lead you not to the site it claims to be, but a malware site that may infect your computer and will certainly record your input. You’re handing your user name, password, credit card, etc. directly to the very people you’d never want to have that information.

Security solutions provider FireEye released a report about brand impersonation, and among the brands, they detected as targets of spoofing, Microsoft is the preferred company by far.
The Microsoft brand name itself accounted for 30% of all brand impersonation FireEye identified. It gets for the worse the company, OneDrive is number two at 7%, Microsoft Outlook is number 6 at 4%, LinkedIn and Microsoft Office hit the list as well at 2%. So altogether, Microsoft properties accounted for 45% of all the phishing attacks FireEye discovered. The next closest company was Apple, at just 7%.

FireEye’s report also stated that phishing attacks are on the rise, with an increase of 17% in the first quarter of this year alone. The methods are changing, and the sophistication is growing. And new malicious URLs are even using HTTPS, emphasizing once again that just because the site uses HTTPS doesn’t mean it’s truly safe.

If you receive an email from any company (or anyone claiming to be from a company), asking for information or some confirmation of details, the safest thing to do is skip any links in the email. Open your browser and go straight to the site. Treat the email as malicious until proven otherwise. By following that advice with every email, even from people you know and trust, you’ll avoid a lot of heartache and frustration down the road. [TechRadar]

In Other News:

  • Oppo shows off an under screen camera: Smartphone company Oppo has a new trick to reach the goal of notchless and bezeless phones: hide the camera under the screen. It’s a step up from holepunch cameras as far looks go, but the company warns it needs to overcome issues like haze and glare for the pictures to look good. [The Verge]
  • Vivo’s new tech fully charges your phone in 13 minutes:
    Vivo apparently thinks it takes too long to charge a phone, and we’re inclined to agree. The company introduced Super FlashCharge 120w that it claims can fully charge a phone in just 13 minutes. As you can glean from the name, it delivers 120 watts of power to achieve those results. The unanswered question is how hot your phone gets in the process. [Digital Trends]
  • Don’t click on that Word Doc link: Speaking of malicious emails, security firm WatchGuard revealed a rise in malicious Word Documents sent via email. The method of attack is one patched long ago; attackers seem to be hoping you haven’t updated your system. Update your computer. The same security company stated that Mac malware is also the rise. Good times to be in, right? [ZDNet]
  • Target Wants a Day of Deals too: Move slightly to the side Prime Day. Target also wants to hold a “Deals Day.” For 48 hours. On the same two days as Prime Day. Now you need to watch sites for the ultimate shoehorn deal. [Engadget]
  • Audio Editor Soundtrap offers unlimited storage space: If you use Spotify’s Soundtrap to create music or podcasts, you’ll like this change. The service just increased its storage offering from five projects to unlimited, even on the free tier. A premium tier continues to additional features. Everybody wins! [VentureBeat]
  • Facebook might let you turn off notification dots: If you get annoyed by all the little red dots on groups, watch, etc. in the Facebook app that won’t go away until you tap everything, have we got good news for you. Facebook is looking into turning them off entirely. All we can say is “please please please please please do this Facebook.” [TechCrunch]
  • Apple bought a self-driving company: Drive.ai was a company that intended to bring self-driving car kits to the masses. The idea was supposed to let you retrofit your existing car. All that is past tense because the company ran out of money, and Apple bought it. Layoffs are occurring for some employees, while others will join Apple’s ranks. Can’t wait for a self-driving iCar. [MacRumors]
  • Firefox won’t erase your preferences anymore: Mozilla just patched a pretty crazy and frustrating bug in Firefox. After recent updates, if the browser shut unexpectedly (from powerless or crashes), your preferences would be wiped. Thankfully bookmarks and favorites were spared in the culling. Grab the update now if you like you preferences to stick around. [TechDows]

Bees are incredibly important to our agricultural industry. When it comes to pollinating, they’re responsible for everything from almonds to apples, to avocados.

But the U.S. grows food in mass quantities across large swaths of land, and it’s far more than wild bees could ever handle naturally. So a new industry rose to meet the demand: Beekeeper truckers.

Read the remaining 4 paragraphs

How to Spoof Your Chromebook User Agent for Sites That Don’t Support Chrome OS

Title image of a Chromebook laying closed on a white background

Not all browsers handle websites the same, and if they don’t support your operating system or browser, you could be denied access. Luckily, you can spoof the user agent on Chrome OS to make it look like you use a completely different system.

Websites identify incoming connections by their user agent—a line of text sent in the HTTPS header with the browser name, version, and operating system. The reason they do this is to determine how to render the page specific to your device. One of the more common uses is to differentiate the desktop view from a mobile layout. However, sometimes you might need to spoof the user agent to trick a site that claims it’s incompatible with your browser.

RELATED: What Is a Browser’s User Agent?

How to Change Your User Agent

To get started, open Chrome, click the three dots, and then select More Tools > Developer Tools. Alternatively, you can press Ctrl+Shift+I on the keyboard.

Click the three dots, point to More Tools, then click on Developer Tools

Click “Network Conditions,” located at the bottom of the Developer Tools pane.

Click the Network Conditions tab at the bottom of the Developer Tools pane

If you don’t see this option, click the menu icon, and then select More Tools > Network Conditions to enable it.

Read the remaining 14 paragraphs

How to Find your Mac, iPhone, and iPad’s UUID

Cartoonish iPhone, iPad, Mac, and Macbook drawing.
T. Lesia/Shutterstock.com

Your Mac, iPhone, and iPad all have a Universally Unique Identifier (UUID) assigned. These codes are specific to each device and, similar to a serial number, they are used by developers to identify each one individually. Here’s what you need to know.

What is a UUID?

A UUID is a string of letters and digits that forms a unique pattern. Your Mac, iPhone, and iPad each have one UUID, and no other device shares it. It’s similar to a serial number in that regard, but whereas serial numbers are used to identify your device by Apple and your cellular carrier, developers usually use the UUID instead.

Normally, you wouldn’t need to know (or access) your UUID. But if you’re registering a device as part of the Apple Developer Program so you can install beta software, you’ll need it. App developers might also ask for your device’s UUID so that they can provide builds that will only work on that particular device.

How to Find Your Mac’s UUID

Click the Apple logo in the menu bar, and then click the “About This Mac” option.

Click the Apple Logo. Click About This Mac

Click the “System Report” button.

Cllck System Report

Note the text beside Hardware UUID.

System Report showing UUID

Read the remaining 10 paragraphs

How to Use the Linux lsof Command

Shell prompt on Linux
Fatmawati Achmad Zaenuri/Shutterstock.com

If everything in Linux is a file, there has to be more to it than just files on your hard drive. This tutorial will show you how to use lsof to see all the other devices and processes that are being handled as files.

On Linux, Everything Is a File

The oft-quoted phrase that everything in Linux is a file is sort of true. A file is a collection of bytes. When they are being read into a program or sent to a printer, they appear to generate a stream of bytes. When they are being written to, they accept a stream of bytes.

Many other system components accept or generate streams of bytes, such as keyboards, socket connections, printers, and communication processes. Because they either accept, generate, or accept and generate byte streams, these devices can be handled—at a very low level—as though they were files.

This design concept simplified the implementation of the Unix operating system. It meant that a small set of handlers, tools, and APIs could be created to handle a wide range of different resources.

The data and program files that reside on your hard disk are plain old filesystem files. We can use the ls command to list them and find out some details about them.

How do we find out about all the other processes and devices that are being treated as though they were files? We use the lsof command. This lists the open files in the system. That is, it lists anything that is being handled as though it were a file.

RELATED: What Does “Everything Is a File” Mean in Linux?

The lsof Command

Many of the processes or devices that lsof can report on belong to root or were launched by root, so you will need to use the sudo command with lsof.

And because this listing will be very long, we are going to pipe it through less .

sudo lsof | less

Read the remaining 89 paragraphs

What is a “Qi-Certified” Wireless Charger?

An illustration of a wireless charger with the Qi logo.
Andrey Suslov/Shutterstock, WPA/Qi

If you’ve taken the time to shop for a wireless charger, then you’ve probably bumped into the term “Qi-Certified.” But what the heck is Qi, and why should you use a Qi-Certified wireless charger?

Qi Is Just a Wireless Charging Standard

Qi (pronounced “chee”) is a standard for wireless energy transmission. It’s a format that’s maintained by the Wireless Power Consortium (WPC), and it aims to standardize wireless charging across all devices in the same way that the USB or Bluetooth standards have standardized data transmission across all devices.

But why does wireless charging need to be standardized?

Well, without a standard like Qi, wireless charging would be a serious pain in the ass. Imagine if every smartphone used its own unique cable instead of Micro-USB, USB-C, or Lightning. Without the Qi standard, that’s the nonsense that you’d have to deal with.

We say “basically” because, technically speaking, it’s possible for unstandardized wireless chargers to work with unstandardized phones. But co-mingling power standards with unsupported devices is both ineffective and dangerous.

The Qi Standard Keeps Things Safe and Easy

Wireless chargers rely on magnetic induction or magnetic resonance to transmit energy (Qi uses both). It’s sort of like the magnetic field that surrounds the Earth. Your phone contains a coil that converts this magnetic energy into electrical energy, which then charges the battery. Simple, right?

A girl freaking out while holding an exploding phone. Clearly, she didn't use a Qi-Certified wireless charger.
HomeArt/Shutterstock

That’s why it’s technically possible for unstandardized wireless chargers to work unstandardized receivers in phones. But let’s imagine a world without wireless charging standards. You’d run into three big problems:

  • Overloading Phones: Smartphones have built-in voltage limiters that prevent wired overcharging. But wireless charging relies on a coil, like a coil on an electric stovetop. Without a wireless charging standard, a high powered wireless charger (say, 25 watts) could damage a low-powered wireless phone’s coil (which may have a limited range of 0-5 watts) along with its battery and other internals.
  • Overheating: This is already a common problem for high-voltage (or cheap) wireless chargers. Without proper power management or ventilation, heat will build up and damage your phone. Enough heat can cause a battery to deteriorate, which can also lead to fires.
  • Heat Transfer to Nearby Objects: Without built-in Foreign Object Detection (FOD), a wireless charger may be inclined to push magnetic energy at things that aren’t phones, like pieces of metal or nearby objects. This can cause overheating, fires, or burns.

The Qi wireless charging standard effectively ensures that we’ll never run into these problems. When a phone or charger is Qi-Certified, it’s tested by the Wireless Power Consortium for safety, effectiveness, and compatibility. Qi-Certified devices must operate from 0-30 watts (the Qi standard can go up to 1 kilowatt, but not for phones), pass temperature tests, and comply with Qi FOD standards. They also need to be compatible with all other Qi-Certified devices (phones or chargers), the same way that all Micro-SD cards work with all Micro-SD ports.

RELATED: How Does Wireless Charging Work?

Other Wireless Charging Standards Exist, and They’re Dead

The Powermat (PMA) from 2009. It operates on the PMA charging standard, which has been superseded by Qi.
The 2009 Powermat. It operates on the PMA charging standard, not Qi. Powermat

Read the remaining 13 paragraphs