Author Archives: Lawrence Bonk

Google just patched the fifth zero-day exploit for Chrome this year

Posted on by

Google has released a security update for the Chrome browser to fix a zero-day vulnerability exploit that has been used by threat actors. This is the fifth time this year the company has had to issue a patch for one of these vulnerabilities, as reported by Bleeping Computer.

"Google is aware that an exploit for CVE-2024-4671 exists in the wild," the company said in a short advisory. It did not issue any specifics as to the nature of the real-world attack or the identity of the threat actors. This is common for Google, as it likes to wait until a majority of users have updated the software before announcing specific details.

We do know some stuff about the exploit. It’s being classified as a “high-severity issue” and as a “user after free” vulnerability. These bugs arise when a program references a memory location after it has been deallocated, leading to any number of serious consequences from a crash to a random execution of code. It looks like the CVE-2024-4671 vulnerability is attached to the visuals component that handles rendering and the display of content on the browser.

The exploit was discovered and reported to Google by an anonymous researcher. The fix is available for Mac, Windows and Linux and updates will continue to roll out to users over the coming days and weeks. Chrome updates automatically with security fixes, so users can confirm they are running the latest version of the browser by going to Settings and About Chrome. Users of Chromium-based browsers like Microsoft Edge, Brave, Opera and Vivaldi should also update to a new version as soon as they are available. 

As stated, this is the fifth of this type of flaw addressed by Google this year. I don’t mean “within the last calendar year.” I mean in 2024. Three were discovered back in March at the Pwn2Own hacking contest in Vancouver. This isn’t a record or anything. Google found and fixed five in one month back in 2020.

Zero-day exploits have been a constant thorn in Google’s side. These are a type of cyberattack that take advantage of an unknown or unaddressed security flaw in computer software, hardware or firmware. The company typically pays out big money for bug discoveries, as part of its Vulnerability Rewards Program.

This article originally appeared on Engadget at https://www.engadget.com/google-just-patched-the-fifth-zero-day-exploit-for-chrome-this-year-153723334.html?src=rss

Netflix and Roblox team up for a digital theme park that’s heavy on corporate synergy

Posted on by

Netflix and Roblox have teamed up for a digital theme park with activities pulled from the streamer’s many popular franchises. Netflix Nextworld is an area within Roblox that’s currently in early access. The company says the experience is “all about bringing fans to the entertainment they love.”

To that end, Nextworld features activities based on Stranger Things, One Piece, Cobra Kai and even those Zack Snyder Rebel Moon movies that people seem to hate. There’s also an activity based on the upcoming Jurassic World: Chaos Theory cartoon. The whole thing is arranged like a theme park, with mini-games and easter eggs galore.

Some of these games look pretty fleshed out, like the survival horror title Stranger Things: Escape from Hawkins High and the fighting sim One Piece: East Blue Brawls. Regular people can make some really cool stuff on Roblox, so a company with resources like Netflix should really raise the bar.

There are also a bunch of shorter experiences, like an online version of the game show Is It Cake? in which, well, people try to guess if something is cake. We aren’t sure how that one will work since none of it is cake. It’s just pixels and code. 

Playing these games and exploring the park nets users collectibles and wearables from various shows, which are then used to decorate a private space called a Fan Pod. Some of these collectibles include a Demogorgon plushie head and the iconic One Piece flag. 

The Streamship's Tudum Theater.
Netflix

Finally, there’s something called the Streamship, which is a shared space to watch Netflix content. The company says this “home base within Nextworld” will provide “social features” and include events like “premieres and viewing parties.”

Netflix Nextworld is now in early access and is available on any console that supports Roblox, in addition to mobile and PC/Mac. The streamer does say the theme park will feature plenty of surprises, so let’s hope for a mini-game based on the driving crooner.

This article originally appeared on Engadget at https://www.engadget.com/netflix-and-roblox-team-up-for-a-digital-theme-park-thats-heavy-on-corporate-synergy-171944923.html?src=rss

Ember’s Travel Mug 2+ with Find My support drops to a record-low price

Posted on by

Ember’s highly-esteemed Travel Mug 2+ has dropped to a record-low price of $128, which is a discount of $72. The actual sale price is $160, but there’s a clippable coupon for the remaining $32. This is a pretty great deal for those in the market for a tech-heavy travel mug.

To that end, the Travel Mug 2+ integrates with Apple’s Find My technology, so you’ll always know exactly where your beverage is. It even has a built-in speaker that’ll ping when you’re looking for it. Anything can happen while traveling, so it’s good to have a little peace of mind, particularly because the usual price of this mug is $200.

Otherwise, this is a fantastic mug that keeps beverages hot for up to three hours and boasts a 12-ounce capacity. The battery’s on point, allowing for three hours of use on its own and a full day while resting on the included charging coaster. You also get access to the Ember’s proprietary app for setting the temperature, customizing presets and more. The mug does feature a little touchscreen for this, so the app’s not always necessary.

Ember makes great products, which is why we often recommend the company’s mugs. However, the Travel Mug 2+ isn’t perfect. You can hand wash it, but don’t put it in the dishwasher, unless you want to turn it into an expensive mug-shaped thing that doesn’t actually work. There’s also the price. At $200, it’s very hard to recommend this product because, well, it’s a mug for drinking tea and coffee. It’s easier to recommend at $128, and it makes a great gift, but at the end of the day it’s still just a container for liquids. 

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/embers-travel-mug-2-with-find-my-support-drops-to-a-record-low-price-163054893.html?src=rss

Watch the Google I/O 2024 Developer keynote live

Posted on by

Editor’s note (5/14/24): The main Google I/O keynote has ended, but the Google I/O Developer Keynote is now underway. Watch it below. 

It’s that time of year again. Google’s annual I/O keynote is upon us. This event is likely to be packed with updates and announcements. We’ll be covering all of the news as it happens and you can stream the full event below. The keynote starts at 1PM ET on May 14 and streams are available via YouTube and the company’s hub page.

In terms of what to expect, the rumor mill has been working overtime. There are multiple reports that the event will largely focus on the Android 15 mobile operating system, which seems like a given since I/O is primarily an event for developers and the beta version is already out in the wild.

So let’s talk about the Android 15 beta and what to expect from the full release. The beta includes an updated Privacy Sandbox feature, partial screen sharing to record a certain app or window instead of the whole screen and system-level app archiving to free up space. There’s also improved satellite connectivity, additional in-app camera controls and a new power efficiency mode.

Despite the beta already existing, it’s highly probable that Google will drop some surprise Android 15 announcements. The company has confirmed that satellite messaging is coming to Android, so maybe that’ll be part of this event. Rumors also suggest that Android 15 will boast a redesigned status bar and an easier way to monitor battery health.

An Android phone.
Sam Rutherford/Engadget

Android 15 won’t be the only thing Google discusses during the event. There’s a little acronym called AI you may have heard about and the company has gone all in. It’s a good bet that Google will spend a fair amount of time announcing updates for its Gemini AI, which could eventually replace Assistant entirely.

Back in December, it was reported that Google was working on an AI assistant called Pixie as an exclusive feature for Pixel devices. The branding is certainly on point. We could hear more about that, as it may debut in the Pixel 9 later this year. 

Google’s most popular products could also get AI-focused redesigns, including Search, Chrome, G Suite and Maps. We might get an update as to what the company plans on doing about third-party cookies and maybe it’ll throw some AI at that problem too.

What not to expect? Don’t get your hopes up for a Pixel 9 or refreshed Pixel Fold for this event, as I/O is more for software than hardware. We’ll likely get details on those releases in the fall. However, rules were made to be broken. Last year, we got a Pixel Fold announcement at I/O, so maybe the line between hardware and software is blurring. We’ll find out soon.

This article originally appeared on Engadget at https://www.engadget.com/how-to-watch-googles-io-2024-keynote-160010787.html?src=rss

Marvel’s making an ‘interactive story’ based on the What If…? show for Apple Vision Pro

Posted on by

As a bona-fide hater of actual reality, virtual reality is very appealing to me. However, I’m not that into 100 hour AAA games like Asgard’s Wrath 2 or Half Life: Alyx. I’m into short interactive experiences that can’t be had anywhere else. Good news for me? The Apple Vision Pro is getting a pretty nifty mixed-reality “interactive story” that could herald the evolution of a new type of entertainment that puts people directly in their favorite shows or movies.

Marvel and Industrial Light & Magic, the company George Lucas built, just announced a forthcoming Apple Vision Pro title based on What If…?, the current Disney+ show that just completed its second season. It’ll be an hour-long experience that uses all of the technology embedded within Apple’s pricey headset, including that stellar passthrough.

The story is being kept under wraps, but you won’t play as The Watcher, that much is clear. The promotional copy says players will “learn the mystic arts”, which recalls Dr. Strange to me. The companies also promise that “fans will step into breathtaking environments that place them in new and iconic MCU locations.” Does this mean we’ll be able to virtually order shawarma with Tony Stark and the gang?

Now, I haven’t played a demo of this, but I have played the Vader Immortal series and plenty of similar titles and absolutely love them. It just seems like such a natural evolution of both games and TV to merge them together. Give the player the illusion of freedom but keep it mostly on rails and call it a day.

Director Dave Bushore agrees, calling this title “the next evolution in how we tell our stories” and that it's a “glimpse of what I’ve been waiting for my whole life.” Bushore doesn’t have a lot of directing credits, but was the interactive marketing executive for Iron Man 3, Captain America: The Winter Soldier and Shang-Chi and the Legend of the Ten Rings, among other MCU films. It’s being written by David Dong and Phil McCarty, a duo best known for a short film adaptation of a David Sedaris essay. There are some heavy hitters on the EP side of things, with people who were involved with The Marvels and X-Men ‘97 signing on for the mixed-reality project.

Marvel hasn’t announced any actors returning to reprise their roles, but Jeffrey Wright as The Watcher seems like a given. For the uninitiated, What If…? is an anthology series that examines parallel universes and how things could have shaken out in the MCU if something happened a bit differently. The game/experience will be exclusive to Apple Vision Pro and is coming “soon.”

This isn’t enough to get me to part with $3,500, but come on, it’s a cool sign of things to come. Who wouldn’t want to “play” an episode of The Mandalorian or something like that?

This article originally appeared on Engadget at https://www.engadget.com/marvels-making-an-interactive-story-based-on-the-what-if-show-for-apple-vision-pro-183958714.html?src=rss

Nintendo just revealed a NES speedrunning collection inspired by an ultra-rare 1990 cartridge

Posted on by

Speedrunning video games is a time-honored tradition, and this is especially true when it comes to retro titles. Nintendo is getting in on the trend with a fairly bizarre forthcoming Switch game called Nintendo World Championships: NES Edition, which drops on July 18. It’s all about speedrunning through the classics, like Legend of Zelda, Metroid and Super Mario Bros., among others.

This comes in the form of 150 speedrunning challenges pulled from 13 NES games, which seems mightily familiar to those cool NES Remix releases from the Wii U era. There will be global online leaderboards, to give it a tournament feel, and local 8 player co-op. The game will also include an automatic rewind feature, letting people try and try until they get it right.

If the name Nintendo World Championships sounds familiar, that’s because it's taken from the company’s semi-regular esports tournament. This has been the company’s branding for in-person competitions since 1990, when Nintendo visited 29 cities throughout the country. That first national tournament also spawned an ultra-rare NES cartridge with minigames based on Super Mario Bros., Tetris and Rad Racer. Only a few hundred were made and they currently sell on eBay for, no joke, $175,000. The last time we covered this cartridge, it was selling for $5,000 to $10,000. Retro-flation is real, ya’ll.

Pre-orders for the digital version are available right now on the eShop, but there is a physical edition coming. This version will include 13 art cards, five pins and a physical game cart. It’ll also include a gold commemorative NES cartridge, though it's sadly nonfunctional. Come on Nintendo! Make that thing functional so I can sell it for $175,000 in 30 years. The digital version of Nintendo World Championships: NES Edition costs $30 and the deluxe physical pack costs $60.

This article originally appeared on Engadget at https://www.engadget.com/nintendo-just-revealed-a-nes-speedrunning-collection-inspired-by-an-ultra-rare-1990-cartridge-164607841.html?src=rss

Paramount+ with Showtime annual subscriptions are half off right now

Posted on by

Paramount+ with Showtime annual subscriptions are half off right now, bringing the yearly cost down to $60 down from $120. You have to pay for the year up front, which is never fun, but the offer is available to both new and returning subscribers. That’s not a bad deal, considering you get content from two streaming services that have joined in a blessed union to become one.

Paramount+ is home to all things Star Trek, yet that particular bonus seems to be shrinking all of the time. It’s also home to the surprisingly funny Sonic-adjacent Knuckles TV show, which has a crazy fight scene featuring the 80-year-old, yet still iconic, Stockard Channing. Other notable releases on the streamer include the dad-approved Tulsa King, Jeremy Renner’s Mayor of Kingstown and that Halo adaptation that people compare unfavorably to Fallout. It's one of our favorite streaming services, even if Halo isn't quite up to snuff. 

Showtime has been around for decades and has a diverse lineup of shows, like Yellowjackets, Billions, Dexter, House of Lies and the list goes on and on. It’s also home to Twin Peaks: The Return, my favorite show of the 2010s. The Chi just returned, which is a big deal to fans, and Ewan McGregor’s A Gentleman in Moscow looks decent. It’s Showtime. You know the deal.

This offer ends on July 14, so you have plenty of time to think about if you want to revisit Shameless or check out that Frasier reboot. Just remember to cancel once the year is up, as the subscription will auto-renew at the full price of the plan.

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/paramount-with-showtime-annual-subscriptions-are-half-off-right-now-151032749.html?src=rss

You can now buy a Pixel Tablet without a dock for $400, if that’s your bag

Posted on by

Google has made the 128GB Pixel Tablet available as a standalone device, without the charging dock. It costs $400, as compared to around $500 at most outlets with the dock. This is a great deal on paper, but there’s one elephant-sized caveat. We had some issues with the tablet on its own and were mostly enamored by that dock.

You can’t cast streaming content to the device without the dock, which is one major negative. We also found the camera placement to be slightly awkward, particularly when participating in video calls. The 2,560 x 1,600 LCD panel isn’t as vibrant as an OLED panel, but it gets the job done. All of the specs of this device are “just fine” but, at $400, that’s probably to be expected.

The dock brings some nifty stuff to the table, like a durable stand, fantastic speakers and, of course, charging. However, there are some things that the Pixel Tablet excels at, even without that charging dock. The battery life is superb, lasting well over 21 hours per charge at 50 percent brightness. That’ll handle even the longest international flight. We also found the tablet to be useful as a smart display, particularly if you’ve fully bought into the Google smart home ecosystem.

This price drop is part of a larger announcement that includes a brand new smartphone. The Pixel 8a is a budget-friendly way to get involved with Google’s robust suite of AI tools, like Gemini, Best Take and Audio Magic Eraser.

This article originally appeared on Engadget at https://www.engadget.com/you-can-now-buy-a-pixel-tablet-without-a-dock-for-400-if-thats-your-bag-185329549.html?src=rss

Michelle Yeoh just got cast to lead Amazon’s Blade Runner show

Posted on by

It’s been a while since we’ve had an update on Blade Runner 2099, the sequel series heading to Amazon Prime Video. The cast list is starting to take shape, as Oscar-winner and all-around icon Michelle Yeoh is set to play a lead role, as reported by Variety.

Plot details are being kept under wraps, but Variety has a source that says Yeoh will play a character named Olwen, who has been described as a replicant near the end of her life. That’s pretty much all we know about the story, aside from the fact that it's set 50 years after Denis Villeneuve’s critically acclaimed Blade Runner 2049. This is likely due to the fact that we’ll be nowhere near the level of tech shown in that film when we actually hit the year 2049. The original Blade Runner, after all, was set in 2019.

Franchise creator Ridley Scott is involved in some capacity, but not as showrunner. That duty falls to TV writer Silka Luisa, who recently ran the Apple TV+ adaptation of the book Shining Girls. The show was great, so color me optimistic.

As for Yeoh, what more can be said? She won a long-deserved Oscar for her work in Everything, Everywhere, All at Once and has been involved with classic films like Crouching Tiger, Hidden Dragon, Sunshine and Tomorrow Never Dies, among many others. She spent a few seasons hamming it up on Star Trek: Discovery, and her character is getting a spinoff film that will likely release later this year. The actress also just received the Presidential Medal of Freedom, the nation's highest civilian honor, so this has been a big month. 

This article originally appeared on Engadget at https://www.engadget.com/michelle-yeoh-just-got-cast-to-lead-amazons-blade-runner-show-180312046.html?src=rss

OpenAI says it can detect images made by its own software… mostly

Posted on by

We all think we’re pretty good at identifying images made by AI. It’s the weird alien text in the background. It’s the bizarre inaccuracies that seem to break the laws of physics. Most of all, it’s those gruesome hands and fingers. However, the technology is constantly evolving and it won’t be too long until we won’t be able to tell what’s real or not. Industry leader OpenAI is trying to get ahead of the problem by creating a toolset that detects images created by its own DALL-E 3 generator. The results are a mixed bag.

The tool in action.
OpenAI

The company says it can accurately detect pictures whipped up by DALL-3 98 percent of the time, which is great. There are, though, some fairly big caveats. First of all, the image has to be created by DALL-E and, well, it’s not the only image generator on the block. The internet overfloweth with them. According to data provided by OpenAI, the system only managed to successfully classify five to ten percent of images made by other AI models.

Also, it runs into trouble if the image has been modified in any way. This didn’t seem to be a huge deal in the case of minor modifications, like cropping, compression and changes in saturation. In these cases, the success rate was lower but still within acceptable range at around 95 to 97 percent. Adjusting the hue, however, dropped the success rate down to 82 percent.

Results from the test.
OpenAI

Now here’s where things get really sticky. The toolset struggled when used to classify images that underwent more extensive changes. OpenAI didn’t even publish the success rate in these cases, stating simply that "other modifications, however, can reduce performance.”

This is a bummer because, well, it’s an election year and the vast majority of AI-generated images are going to be modified after the fact so as to better enrage people. In other words, the tool will likely recognize an image of Joe Biden asleep in the Oval Office surrounded by baggies of white powder, but not after the creator slaps on a bunch of angry text and Photoshops in a crying bald eagle or whatever.

At least OpenAI is being transparent regarding the limitations of its detection technology. It’s also giving external testers access to the aforementioned tools to help fix these issues, as reported by The Wall Street Journal. The company, along with bestie Microsoft, has poured $2 million into something called the Societal Resilience Fund, which hopes to expand AI education and literacy.

Unfortunately, the idea of AI mucking up an election is not some faraway concept. It’s happening right now. There have already been AI-generated election ads and disingenuous images used this cycle, and there’s likely much more to come as we slowly, slowly, slowly (slowly) crawl toward November.

This article originally appeared on Engadget at https://www.engadget.com/openai-says-it-can-detect-images-made-by-its-own-software-mostly-170012976.html?src=rss