A popular online resource for paleo recipes and tips was the source of a data leak impacting roughly 70,000 users.
On Thursday, researchers from vpnMentor revealed a misconfigured Amazon AWS S3 bucket as the central point of the data breach, in which the account was used to store the private data and records of users.
Los Angeles-based Paleohacks runs a website containing recipes, meal plans, and articles on the paleolithic lifestyle, including downloadable guides, a forum, and an e-commerce store.
The team, led by Noam Rotem, said that there was a failure to implement “basic data security protocols” on the S3 bucket, and such misconfiguration means that there were no access limits to the public.
The bucket contained roughly 6,000 files containing the records of approximately 69,000 users. According to the researchers, the content spanned from 2015 and 2020 and included personally identifiable information (PII) including full names, email addresses, IP addresses, login timestamps, locations, dates of birth, bios, and profile pictures.
While passwords were hashed, vpnMentor said that some entries also contained password reset tokens for subscription and membership services. These tokens were protected via the BCRYPT hashing algorithm but it could still be possible to abuse the tokens to hijack user accounts.
The unsecured bucket was discovered on February 4. VpnMentor attempted to contact the vendor on February 7, 9, and March 17; however, there was no response. As a result, the team reached out to Amazon as a last resort.
It is not known if any unauthorized individuals have accessed the bucket.
“Our team was able to access Paleohacks’ S3 bucket because it was completely unsecured and unencrypted,” the company says. “If you’re a customer of Paleohacks and are concerned about how this breach might impact you, contact the company directly to determine what steps it’s taking to protect your data.”
Paleohacks has not responded to requests for comment at the time of publication.
Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0
Cisco to acquire Socio Labs for livestreaming large events
Cisco on Wednesday announced its plans to acquire Socio Labs, an event technology platform that it intends to use to make Webex Events a better tool for live, large-scale events. The idea is ot build a platform well-suited for event coordinators organizing “hybrid” events that combine in-person and virtual attendance.
The five year-old Socio Labs, based in Indianapolis, Indiana, started as an in-person event management solution but built a virtual event suite at the onset of the Covid-19 pandemic. It offers tools that help event organizers plan entire events, from registration to post-event analytics.
The acquisition follows Cisco’s December purchase of Slido, and audience engagement tool with capabilities like polling, trivia, Q&A and gamification.
Cisco plans to combine Slido’s and Socio’s capabilities with Webex’s virtual meeting capabilities. With its new capabilities, the platform will enable live streaming, sponsorship, networking and advanced analytics, as well as continuous engagement before, during and after events.
The Socio acquisition is expected to close in Cisco’s Q4. Terms of the deal were not disclosed.
Once the deal closes, the Socio Labs team will join the Webex Customer Experience team. Socio will also remain a standalone tool.
Prior and related coverage:
Best Android app for power users in 2021: Track data usage, test connections, and more
For many, having a solid, stable internet connection is vital. Back in the days of a PC with an Ethernet connection, you just needed t make sure that the cable was plugged in, but with the move from wired to wireless, getting a reliable connection can be trickier. Throw in the different variables that come into play between Wi-Fi and cellular, the problems grow exponentially.
If you’re someone who uses their Android device a lot and puts a lot of data through it over Wi-Fi and cellular every month, then having apps that can help you find the best signal, diagnose problems, test connections speeds using real-world tests, and keep track of how much data you’re using.
Note that these apps are Android. Apple imposes more restrictions on what iOS apps can do, so while there are similar apps for that platform, they are not as powerful. One of the advantages of using Android!
This app tells me everything I need to know — and more — about the cellular connections in my area.
This app is packed with charts and meters and gauges, but the feature that I use the most is the one that monitors and logs signal strength data as I walk or drive through an area. This is a brilliant and truly useful feature when I’m out of the cities and in a more rural area. I know where I need to go back to in order to get the best connection.
Another “feature” of this app I like is the fact that there is a comprehensive online user manual — more apps could do with that feature!
Everything you needed to know about your network, including device discovery, in a single app.
Truly amazing set of features. This is an app I’ve been using for some time now and it never lets me down. It even has features such as DNS lookup, LAN scanning, port scanning, and cellular network information built in.
This is a really powerful tool, with a lot of features and functions. That’s a huge pro, but it’s also a con, in that the app can take some time to get used to. I find myself using this app a lot, but if I’m using a feature I’ve not used for a while, it can take me a few moments to find what I need.
Still, this is a truly powerful tool.
I bought this app mainly because it allowed me to put the data transfer speeds for my connection on the status bar in Android (some of my handsets don’t have this useful feature). However, I kept it because it offers me a deep dive into how I’m using data on a day-by-day basis.
I’m finding the traffic breakdown analysis to be particularly useful.
For people who are not on an unlimited data plan, this is a particularly useful app because it lets you see what’s eating away at your data.
There is a lot of internet speed checkers out there, but nPerf has some features that make it stand above the rest.
Along with giving you accurate speed tests, and allowing you to log how your Wi-Fi and cellular networks are performing, nPerf can also test using real-world conditions such as web browsing and video streaming, offer you a real-world cellular coverage map, and even allow you to map your network coverage while traveling.
I find this handy for scouting out signal strength in new areas I’m traveling to and which networks offer me the best speeds.
Don’t count on an Apple Silicon Mac Pro this WWDC
WWDC (the Apple World Wide Developer’s Conference) is, in theory, a conference devoted to developers. Every so often, Apple has gone off topic and used the WWDC keynote to announce something in its release docket, as it did back in 2015 when it announced Apple Music at WWDC.
The WWDC keynote, however, is most often used to introduce new features and updates to the company’s various operating systems. It’s a way of telling developers what features will be available to incorporate into mobile apps and desktop software applications.
Last year, the headliner was Apple’s Mac transition from Intel-based processors to Apple Silicon. It’s hard to believe that just a year ago, in the weeks before WWDC 2020, Apple Silicon was still just a rumor.
Wow! What a year it’s been (and for once, this has nothing to do with).
In June 2020, at WWDC, Apple announced the move to Apple Silicon. The first new-processor Macs, they said, would be available by the end of the year. Within two years, they promised the entire line would transition. The company also announced the almost immediate availability of a developer Mac mini based on Apple Silicon. Gear based on the new chip, even if limited to developers, was a surprise this early.
In November, Apple announced the M1 processor and the availability of the M1 Mac mini, MacBook Pro, and MacBook Air. With nearly identical architectures and only minor differences (plus the screen and battery on the notebooks), these were all essentially the same machine inside. Pricing was shockingly aggressive and performance, even for emulated code, was shockingly good.
In April 2021, Apple announced new M1-based iMacs (in fruity colors) as well as M1 based iPad Pro models. Tim Cook, in what seemed like almost a throw-away comment, stated that the M1 Macs are already outselling the company’s remaining Intel Macs.
So, a year ago at this time, non-Intel Macs were only a rumor. Then a new processor architecture was announced, a few models were made available, they were priced very aggressively and performed like little rockets, and now, less than a year later, those models, plus new iMacs, are out-selling all the remaining Intel Macs, combined.
Comparing Mac Pro and iMac Pro to the M1
But what about the iMac Pro and the Mac Pro?
Max Tech did a comparison of a roughly $10,000 Intel-based Mac Pro compared to an $899 M1-based Mac mini. While many of the artificial benchmarks showed the Mac Pro besting the M1 Mac mini, the M1 Mac mini actually beat the Mac Pro in Safari, Xcode, and Lightroom editing (which was running under Rosetta 2 emulation).
What made the comparison interesting was that the reviewer said that the Mac mini held its own in actual usage, making it quite a little beast compared to the vastly more expensive Mac Pro.
But will there be an Apple Silicon-based Mac Pro or iMac Pro? To answer that, we need to take a minute to define what makes these Macs “Pro.”
Fundamentally, you’re looking at memory capacity, network speed, processor cores, and graphics processing. The Mac Pro also adds modularity in terms of bays and slots, which allows for specialty PCI cards and accelerator cards. More on that in a minute.
When it comes to RAM, the 2019 Intel Mac Pro allows up to a whopping 1.5TB, while the iMac Pro allows up to 512GB, both vastly more that the 16GB available in the M1 Mac.
Both the Mac Pro and iMac Pro have 10GB Ethernet, but the M1 Mac mini just added that as a $100 option, so we’ll call this even for all three machines.
The Mac Pro can be pushed all the way to 28 cores, the iMac Pro can go to 18 cores, while the M1 Mac mini can only go to eight cores, four of which are called “efficiency cores.”
In terms of graphics processing, it’s a little harder to do a spec vs. spec comparison, but we’ll take a quick run at it. First, the Mac Pro can support up to 12(!) 4K displays, the iMac Pro can support up to four external displays (in addition to the built-in display), and the M1 Mac mini can only support two. Just by way of comparison, my 2018 Intel-based Mac mini has four displays on it.
Graphics card performance and memory is a bit more difficult to manage. The M1’s architecture shares system RAM between graphics and processor and is on-board, making it somewhat more efficient. That said, the total max system RAM for both graphics and processor on the M1 is 16GB, where just the graphics cards alone can go up to 64GB (the iMac Pro tops out at 16GB of video RAM).
Can the M1 scale?
So, here’s the question: Can the M1 scale to Mac Pro levels? To answer that, keep in mind that the M1 is merely a branding tag associated with a particular implementation of the Apple Silicon architecture. Effectively, the M1 is the first version of Apple Silicon to be applied to MacOS machines.
Since Apple Silicon originated as an iPhone and iPad technology, its DNA is in mobile devices — small mobile devices. As such, power management, performance, heat dissipation, and physical size were key drivers. When designing the early Apple-proprietary chips for the iPhone, nobody worried about whether you could plug in cards or drives into that architecture.
The devices being produced by Apple that sport the M1 chip are essentially the same architecture, and this can be evidenced most convincingly in the fact that the iPad Pro and the new Macs all use the same M1 chip.
Unlike the traditional Intel desktop chip architecture, the memory for the M1 is onboard the chip.
I believe that there are two possible reasons why there is only 16GB of RAM (and limited ports) available on the M1: either (a) that was all Apple could fit on the chip given its current production capabilities, or (b) Apple was unable to get reliably high yields on chips with more RAM.
When chips are manufactured, not all chips come out with the same characteristics. It’s like when you bake a batch of cookies; one or two are likely to be uglier, too hard, or too smooshy. Chips are that way, as well. The semiconductor industry uses the term “binning” to describe how chips are divided up by their yield. Sometimes, chips that perform worse are binned as slower chips and sold as slower chips. Chips that perform better are binned as faster chips.
In Apple’s case, it’s possible that the machines sold as 8GB machines contain exactly the same M1 chip as the 16GB machines, but the 8GB machines didn’t yield 16GB of error-free RAM.
The bottom line is I don’t think the M1 can scale into the Mac Pro and iMac Pro performance heights. I also don’t think the M1 was designed to allow more ports, external slots, or additional, off-chip RAM.
But what about future Apple Silicon?
In some ways, this depend on what’s a priority to Apple. The M1 (and all previous Apple Silicon chips) are optimized around a single-board computer (SBC) architecture. They’re not at all designed for expandability.
As such, if you’re looking for a chip architecture that supports a bus designed to run add-on boards, I don’t think you’re going to see it anytime soon.
Instead, you might need to redefine how you think about pro-level machines. After all, Apple has already proven that, core-for-core, Apple Silicon outperforms even Intel Xeon chips. Expect future Apple Silicon chips to add more performance cores.
Apple has proven the benefits of RAM that’s a pool to the entire system, so expect Apple to work towards higher RAM yields. Once the company goes all-in on augmented reality, those machines are going to need more RAM.
Likewise, Apple is going to need extreme graphics performance. The M1 chips have already shown they have substantial graphics chops, although not quite as much as dedicated GPUs. Expect that to improve in Apple Silicon.
We’ve been hearing rumors of an M1X or M2 chip. These could well be the same chips as the M1, but with better high quality yields, or they could be updated implementations. For sure, we’ll see new versions, because Apple has been improving its silicon year-over-year for well over a decade, to a point where Apple’s silicon technology is besting even industry leaders like Intel and AMD in some areas.
Expect to see something like an M-something iMac Pro well before you see a modular M-based Mac Pro. That is, if we ever see a traditional bays-and-bus Mac Pro in Apple Silicon, which is somewhat unlikely given the SBC architectural proclivities of Apple’s current chip design.
As for this WWDC, it would be an ideal opportunity to introduce a second generation chip. Whether that will be announced along with a new machine is still up in the air; but if it were, expect either a Mac mini or iMac form factor, perhaps with the Space Gray “Pro” color so far missing on both M1 model categories.
What do you think? Do you think that Apple will ever create a modular M-based Mac Pro? Or do you think the future for high-performance M-based Macs will harken back to the ill-fated unexpandable “trashcan” SBC Mac Pro of 2013? Let us know in the comments below.
You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV.
Russia must do more to tackle cyber criminals operating from within its borders, says UK
Russia must do more to tackle cyber criminals which are operating from within in its territory, the UK’s Foreign Secretary Dominic Raab has warned.
In a speech at the National Cyber Security Centre’s (NCSC) CYBERUK 21 conference, Dominic Raab called out nation-state backed hacking campaigns by North Korea, Iran, Russia and China, who he accused of of using digital technology “to sabotage and steal, or to control and censor.”.
The UK, alongside the US called out Russia’s involvement in the SolarWinds supply chain hack which led to the compromise of several government agencies, technology firms and cybersecurity companies – but Raab argued that these states also need to take responsibility for cyber criminals operating within their borders.
For example, the Colonial Pipeline ransomware attack – which has disrupted fuel supplies across the US East Coast – was apparently carried out by cyber criminals using DarkSide ransomware-as-a-service – a ransomware group which like many others, is highly suspected to be operating out of Russia.
Some argue that Russia tolerates cyber criminals which attack targets in the West – so long as they stay away from Russian targets. Many of the most notorious ransomware gangs tailor the code of their malware to uninstall itself if it detects that the machine is set to the Russian language or has an IP address in a former Soviet nation.
Ransomware attacks have caused a great deal of disruption around the world – and Raab accused the Kremlin of sitting back as “industrial scale vandals of the 21st century” caused chaos from within its borders.
“When states like Russia have criminals or gangs operating from their territory, they can’t just wave their hands and say nothing to do with them – even when it’s not directly linked to the state, they have a responsibility to prosecute those gangs and those individuals, not to shelter them,” said Raab.
Cyber threats from nation-states, cyber criminals – and everything in between – will keep coming, but the Foreign Secretary said the UK is improving its capabilities when it comes to defending against cyber attacks.
“We’re getting better at detecting, disrupting and deterring our enemies. Acting with partners around the world, we name and shame the perpetrators,” said Raab.
“We did this last month with the SolarWinds attack, exposing the depth and the breadth of cyber activities by the Russian intelligence service, the SVR. And by revealing the tools and techniques malicious cyber actors are using, we can help our citizens and our businesses to see the signs early on and help them protect themselves from threats,” he added.
However, there’s no illusions that defending the UK from cyber threats will be an easy task.
“It’s is going to be a marathon, a war of attrition, but we will keep relentlessly shining a light on these predatory activities,” said Raab.
MORE ON CYBERSECURITY
What Happened To Lufthansa’s Boeing 707 Aircraft?
Launch of Crypto Trading Team by Goldman Sachs
JetBlue Hits Back At Eastern Airlines On Ecuador Flights
Cybersecurity Degrees in Massachusetts — Your Guide to Choosing a School
United Airlines Uses The Crisis To Diversify Latin American Network
Miten tekoälyä käytetään videopeleissä ja mitä tulevaisuudessa on odotettavissa
DOGE Co-founder Reveals the Reasons Behind its Price Rise
“Privacy is a ‘Privilege’ that Users Ought to Cherish”: Elena Nadoliksi
U.S. and the U.K. Published Attack on IT Management Company SolarWinds
Build a cognitive search and a health knowledge graph using AWS AI services
The Spanish fintech Pecunpay strengthens its position as a leader in the issuance of corporate programs
This Dream Job Will Pay You to Gamble in Las Vegas on the Company’s Dime
Nasdaq-Listed Metromile Backs Bitcoin for its Insurance Products
Crypto.com Now Enabling Cosmos’ Inter-Blockchain Communication Functionality for Cross-Chain Transfers
Cybersecurity Degrees in Texas — Your Guide to Choosing a School
What We Know About Tesla’s “Bobcat Project”
Meme Coins Craze Attracting Money Behind Fall of Bitcoin
ONE Gas to Participate in American Gas Association Financial Forum
Ryanair Goes Full Steam Ahead On Portugal Capacity Expansion
PR Newswire6 days ago
Polystyrene Foam Market worth $32.2 billion by 2026 – Exclusive Report by MarketsandMarkets™
Blockchain1 week ago
Munger ‘Anti-Bitcoin’ and Buffett ‘Annoyance’ Towards Crypto Industry
Blockchain1 week ago
Ethereum hits $3,000 for the first time, now larger than Bank of America
Blockchain1 week ago
The Reason for Ethereum’s Recent Rally to ATH According to Changpeng Zhao
Energy1 week ago
Systém GameChange Solar 631 MW Genius Tracker™ bude vztyčen v jižním Texasu
SPACS1 week ago
Deutsche Boerse expects 12 SPACs in Frankfurt in 2021
Aviation1 week ago
American Airlines Passenger Arrested After Alleged Crew Attack
Blockchain7 days ago
Chiliz Price Prediction 2021-2025: $1.76 By the End of 2025
Business Insider1 week ago
SHAREHOLDER ALERT: Pomerantz Law Firm Investigates Claims On Behalf of Investors of BELLUS Health Inc. – BLU
Blockchain1 week ago
Mining Bitcoin: How to Mine Bitcoin
Blockchain1 week ago
Ethereum Market Capital Overtakes Bank of America
Blockchain1 week ago
Bitcoin Gains Bullish Momentum, Signals Another Major Rally