Opt for full disclosure in bid to goad manufacturers into taking flaw seriously
At this year’s Black Hat Conference, Security Research Labs researchers Karsten Nohl and Jakob Lell, warned of a serious flaw in USB devices that they dubbed “BadUSB.” The flaw, which can be used to reprogram otherwise harmless USB devices to wreak havoc by impersonating other USB devices (say a keyboard or a network card), remains unfixed to this day, fully living up to both its name and reputation in the two months since it first came to light. Meanwhile, two other researchers, Adam Caudill and Brandon Wilson, who recently managed to reverse engineer the same firmware as the SR Labs folks, have published the attack code online.
You can now install third-party DD-WRT firmware on certain Trendent AC routers
We don't know if a war is brewing between Trendnet and Linksys, but like the latter's WRT1900AC router, Trendnet today announced open source DD-WRT firmware compatibility for its high performance TEW-818DRU (v1.0), TEW-821DRU (v2.0)l, and TEW-811DRU (v1.0) Wireless-AC routers. This is pretty big news for networking gurus who like to tinker but are other otherwise bound by their router's stock firmware.
It took Asus eight months to address a security flaw in some of its routers
If you own an Asus-brand router, do yourself a favor and check to see if there's a firmware update available. Depending on which model you own, you could be susceptible to an eight-month security flaw that could potentially allow a remote hacker to access your hard drives. A recent firmware release is supposed to plug up the security hole, it's just a shame it took Asus so long to address the issue. So, what happened?
Safety and security updates will remain free to all of HP's server customers
Hewlett-Packard ruffled a few feathers on Friday when Mary McCoy, Vice President of HP Servers - Support Technology Services stated in a blog post that HP would only provide future firmware updates to customers with a valid warranty, Care Pack Service, or support agreement. The policy was to go into effect beginning February 19, 2014, but as that date draws near -- and the rumblings grow louder -- McCoy today took to the blogosphere to explain the decision and clarify HP's stance on safety and security updates.
New firmware update released after previous patch pulled
After keeping users in the dark for quite some time, Microsoft has finally issued the long-awaited Surface Pro 2 update that will address the problems created during a December firmware release. You may remember our coverage as users continued to clamor for a date by which they could receive the update, and now it's finally here.
Earlier this month, Microsoft took a flawed Surface Pro 2 firmware update down after issues were found that drained tablet battery life and affects users' ability to utilize sleep mode. After making the update unavailable, Microsoft informed users that it would be re-relasing the firmware update "after the holidays."
New firmware for Plextor's M5 Pro SSDs provides a free performance boost.
Wouldn't it be awesome if, after buying a new sports car, the dealership called you in for a free tuneup that netted you additional horsepower? Unfortunately, life doesn't always work that way, just don't tell that to Plextor. The former optical drive player that now concentrates its efforts on solid state drives (SSDs) just announced the availability of its 100K Extreme firmware update for its M5 Pro SSD line.
Cisco faced a bit of consumer backlash last week when it pushed out a Firmware update that not only took away much of the advanced control users have come to expect, but actually forced them to agree to a list of anti-porn and anti-piracy clauses. Anyone with automatic updates turned on woke up Thursday to find not only could they not access their router locally, they needed to sign in through Cisco Cloud connect just to access the basics. Cisco has since backpedaled on the incident, and is in full on damage control with a new blog post.
If you weren't quick on the draw earlier this week, you would have missed out on a firmware update for your PlayStation Vita. Sony issued a system software update to version 1.65 on Tuesday and then pulled it down yesterday because of a "technical fault." Don't fret though, there's a new software update -- version 1.66 -- that includes all the previous fixes, plus a handful more.
Way back in May of last year, OCZ announced it was rolling out a new firmware update for its Indilinx SSD controllers, the more-than-a-mouthful "Arowana Flash Translation Layer" update. Vertex Plus owners received the swanky new software in relatively short order, but it took until now -- nearly 10 months later -- for Indilinx Barefoot-controlled SSDs to garner the same attention. They say it's better late than never, though, and initial reports claim that Arowana delivers some solid results.