More Spectre protection comes with some of Intel’s new 9th-gen CPUs, but not all

Intel’s newly announced 9-series CPUs bring a lot of exciting new features to the table, including higher clock speeds and the promise of greater gaming performance. But arguably one of the most important factors is in security. These chips are the first generation of new desktop CPUs to come with hardware fixes for the Spectre and Meltdown bugs which emerged in recent years.

In particular, it’s the new K-series of gaming CPUs that are receiving the fix. Those chips come with changes at the hardware level and should be far more secure against the kind of attacks that Spectre and its ilk have brought to light in recent years. Although they are still based on the same 14nm node that has dominated Intel’s chip designs since 2014, these would be the first ones to come with a fix for these sorts of bugs at the hardware level.

The second set of new 9th-gen chips, the X-series (and Xeon-class chips), don’t have those same security fixes. Because they’re based on the older Skylake-X architecture, Intel is relying solely on software updates to keep them protected against these possible vulnerabilities.

News of the fixes were shared at Intel’s recent desktop press event, where it stated that, “the new desktop processors include protections for the security vulnerabilities commonly referred to as ‘Spectre,’ ‘Meltdown,’ and ‘L1TF.’ These protections include a combination of the hardware design changes we announced earlier this year as well as software and microcode updates.”

The hardware alterations made to the chips protect against Meltdown V3, otherwise known as the rogue data cache load bug. The L1 terminal fault exploit was also shored up with hardware changes. Software and microcode changes protect those same chips against the Spectre V2 branch target injection bug, the Meltdown V3, a rogue system register read, and the variant V4 speculative store bypass flaw.

In the laptop world, Intel has had a similar approach toward making hardware-level fixes. Some, but not all, have implemented hardware protections. Intel has been criticized in the past for the way it has handled these potentially critical flaws and has had a relatively slow move toward patching the vulnerabilities on a hardware level throughout 2018.

Editors’ Recommendations

• Is your PC safe? Foreshadow is the security flaw Intel should have predicted
• Intel’s Whiskey Lake CPUs include hardware fix for Meltdown, Amber Lake does not
• Google Chrome now consumes more memory due to a new Spectre fix
• New Spectre attack lets hackers steal data without having to run local code on PCs
• Security flaw on modern PCs could leave your encrypted data exposed

The Chromebook C423 is a new mid-ranger from Asus

There’s USB-C, a touchscreen display, and up to 10 hours of battery life.

Hot on the heels of HP’s new Chromebook x360 14, Asus is also unveiling a new Chromebook today in the form of the Asus Chromebook C423. The C423 arrived with no fanfare or proper announcement from Asus, but even so, it looks like it could be one of the better mid-range Chromebooks this holiday shopping season.

The C423 measures in at 16.1mm and weighs 1.2kg. There’s an “aluminum-finished” lid to give it a bit of polish and a 180-degree hinge that’s rated for 20,000 open and closes. Asus has packed in a 14-inch 1920 x 1080 NanoEdge touchscreen display with surprisingly thin bezels.

When it comes to ports, you’re looking at two USB-C and two USB-A ports along with a 3.5mm headphone jack, and a microSD card slot. There’s also Wi-Fi 802.11ac and Bluetooth 4.0. Other specs include your choice between an Intel Celeron or Pentium processor, 4 or 8GB of RAM, and an HD webcam.

Exact pricing and availability for the Asus Chromebook C423 are still up in the air, but we’ll update this post accordingly once that info is announced.

See at Asus

Chromebooks

• The best Chromebooks
• Chromebooks in education: Everything you need to know
• Should you buy a Chromebook?
• Chromebook Buyers Guide
• Google Pixelbook review
• Join our Chromebook forums

Can you use multiple monitors with the Raspberry Pi 3 B+?

Best answer: Yes you can use two displays with a Raspberry Pi, but you will need to buy some other components depending on how you want to use those displays. You’ll need an adapter with a DisplayLink chip or a VGA666 Adapter to use it as a true secondary monitor. You should also know in advance: this isn’t easy to set up.

• The following products were found on Amazon:
• Raspberry Pi 3 B+ ($40)
• Cable Creations USB to VGA adapter ($31)
• EP-0073 Gert VGA666 Adapter Board ($14)

An extended desktop solution

The most common reason people want to use two monitors with a Raspberry Pi is to have an extended desktop environment like you would find on a larger, more expensive computer. This is doable with an inexpensive USB to VGA Displaylink adapter and a bit of knowledge about reconfiguring the kernel and X Windows configuration of your operating system.

You’ll need to make sure of two things on the hardware side: that the adapter you have is using a DisplayLink chipset and that the monitor you are using will accept a VGA signal, either through its own VGA port or through the use of an adapter. On the software side, you’ll need to download the Linux kernel sources and build them for the Raspberry Pi. You can do this on the Raspberry Pi itself or another computer running Linux and grabbing the kernel configuration file from the Raspberry Pi itself.

While the hardware is easy to figure out, the software can be more difficult. Luckily, the official Raspberry Pi forum has a thread dedicated to using two displays through a DisplayLink USB adapter that will walk you through the entire process.

A secondary display

You can also use the second display to run applications that drive the GPU directly like media players. This is useful for an application that might use a small LCD as a controller but display video on another screen, such as a programmable sign or kiosk. It’s also a lot simpler to set up because it doesn’t need a new kernel.

You can do this using what’s called a Gert VGA666 Adapter. It’s an open-source circuit board that you can build yourself using this layout at GitHub or buy prebuilt from several sources. It attaches to the Raspberry Pi’s GPIO pins and sends video out through an industry standard VGA 666 (6-bit red, 6-bit green, 6-bit blue) that most any monitor can decipher using the correct cabling.

Once connected, commands to display software that interacts directly with the GPU can be sent to run on the connected display. It too requires some configuration, but you’ll find easy to understand directions at the official Raspberry Pi forum.

Not for the faint of heart

As you can tell, the Raspberry Pi wasn’t really designed to be used with more than one display. Clever folks have found ways to make it happen, but they aren’t ideal and may be more than you’re willing to undertake.

A Raspberry Pi is a great little device for a lot of things — including a miniature desktop PC — but it lacks the power and ports to do everything. Sometimes, you just have to go bigger. Just make sure you know what you’re doing first.

Our pick

CableCreation SuperSpeed USB 3.0 to VGA External Video Card

$31 at Amazon

Supports 1080p through USB 3.0

There are a lot of USB to VGA adapters out there, but this model is known to have a true DisplayLink chipset and work with the Raspberry Pi plus models.

Another pick

EP-0073 Gert VGA666 Adapter Board

$14 at Amazon

Prebuilt convienence

You could download the schematics to build and assemble the circuit board yourself, but sometimes it’s simpler to buy something ready-made. This is one of those times.

Essential

Raspberry Pi 3 B+

$40 at Amazon

Nothing is impossible

The Raspberry Pi 3 B+ supports almost anything, provided you’re willing to take the time to DIY it. That’s another reason we love this little single board computer!

Anker’s portable projector, the Nebula Mars II, is down to $400

Now all you need is a wall to project on.

The Anker Nebula Mars II 720p portable projector is down to $399.99 with code NEBULA10 on Amazon. Since the last deal we shared in July, the projector has been regularly selling for around $500. We have seen it drop to $430 a couple of times now, but this is a price we have only seen it drop to once before.

The Nebula Mars II can create an HD picture up to 1280 x 720 resolution with DLP IntelliBright tech for a clear image. It has two 10W audio drivers for powerful sound. Set the projector down wherever you want it, at any distance or angle, and get an auto focus picture in one second. The projector also has Android 7.1 built in so you can run streaming and media apps like Netflix, YouTube, and more. You’ll need that access because a lot of those services don’t allow themselves to be screen cast from a device to a projector like this. Compared to the original model, the Mars II adds an extra hour of run time, the auto-focus feature mentioned above, and a larger projection size.

See on Amazon

Microsoft unveils Xbox Project xCloud game streaming

Microsoft is making a move into game streaming.

At E3 2018, Microsoft announced that it was working on a game streaming service. Users would be able to play their games no matter if they were on a phone or tablet. Today, the company provided more details about “Project xCloud”. In a post on the Official Microsoft Blog, Kareem Choudhry, Corporate Vice President of Cloud Gaming said the following.

The highlights from this announcement have to be the ability to play on a smartphone or tablet, the fact that developers don’t have to do any additional work, public trials are taking place in 2019, and that it’s going to work with existing 4G networks and support 5G networks in the future.

The future of gaming is a world where you are empowered to play the games you want, with the people you want, whenever you want, wherever you are, and on any device of your choosing. Our vision for the evolution of gaming is similar to music and movies… Project xCloud is about providing gamers… new choices in when and where they play, while giving mobile-only players access to worlds, characters and immersive stories they haven’t been able to experience before… Developers of the more than 3,000 games available on Xbox One today… will be able to deploy and dramatically scale access to their games across all devices on Project xCloud with no additional work… We’ll begin public trials in 2019… Project xCloud will have the capability to make game streaming possible on 4G networks and… push against the outer limits of what’s possible on 5G networks.

The hurried Project xCloud announcement seems to be a result of Google’s Project Stream test with Assassin’s Creed Odyssey. However, Microsoft may have an edge because the company is in a unique position to push out exclusive content created by teams like Playground Games or Ninja Theory. It’s unclear what the future will hold, but it’s definitely an exciting time to be a gamer. Console-quality games are going to become even more accessible in the near future.

Google+ is shutting down for consumers in August 2019

Google’s also putting its foot down on Gmail APIs and access to call/text data.

Google+ has long been the butt of many jokes as a failed social network that refuses to die, but according to a new report from The Wall Street Journal and then an official response from Google itself, it looks like it’s been home to a serious security vulnerability for three years that Google chose to not disclose to the public.

Per WSJ, a “software glitch” allowed user data to be potentially exposed to unwanted eyes from 2015 all the way through March 2018 when Google learned about it.

A memo reviewed by the Journal prepared by Google’s legal and policy staff and shared with senior executives warned that disclosing the incident would likely trigger “immediate regulatory interest” and invite comparisons to Facebook’s leak of user information to data firm Cambridge Analytica. Chief Executive Sundar Pichai was briefed on the plan not to notify users after an internal committee had reached that decision, the people said.

In other words, Google learned about the three-year-long vulnerability and chose not to say anything out of fear that it’d be bad PR.

As for what info was exposed, it’s reported that “full names, email address, birth dates, gender, profile photos, placed lived, occupation, and relationship status” were all up for grabs. Info that was not exposed includes email messages, Google+ timeline posts, direct messages with other users, phone numbers and “any other type of communication data.”

Shortly after this report was published, Google released its full response outlining how it plans on covering its butt and keep data safe under an initiative called “Project Strobe.” The first move? Shut down Google+ for consumers. Per Google:

This review crystallized what we’ve known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption, and has seen limited user interaction with apps. The consumer version of Google+ currently has low usage and engagement: 90 percent of Google+ user sessions are less than five seconds.

To make the closure of the service as seamless as possible, Google says it’ll implement a “wind-down” period over the next 10 months with the goal to have everyone off Google+ and officially pull the plug by the end of August 2019. While Google+ will no longer be a consumer product, new features will be coming soon to turn it into an enterprise-focused platform.

Along with this, Google will also force app developers to provide more detailed explanations of what it intends to do with your Google Account if it’s requesting access to it. Instead of seeing a single screen asking for permission to use your Google account, you’ll now see individual pop-up boxes for each item an app is requesting access to with an explanation of what’s being requested.

Lastly, Google says it’ll be limiting access to its Gmail APIs and be stricter about what apps in the Play Store can access call logs and SMS permissions on Android devices. This should translate to only your default phone and texting apps having access to your call and SMS data.

Google ended its explanation of Project Strobe with the following:

Our goal is to support a wide range of useful apps, while ensuring that everyone is confident that their data is secure. By giving developers more explicit rules of the road, and helping users control your data, we can ensure that we keep doing just that.

Google just dodged a £4.4 billion lawsuit in the United Kingdom

Nieuw lek toont kleurenpalet Google Pixel 3 van dichtbij

Ook Evan Blass van @evleaks doet een duit in het zakje als het gaat om lekken van Google Pixel 3 informatie. Ditmaal worden we getrakteerd op het toekomstige kleurenpalet waarin het nieuwe toestel verkrijgbaar zal zijn; zwart, wit en roze. Nieuw is die informatie echter niet maar dat geldt momenteel over vrijwel alles van het toestel.

De Pixel 3 en Pixel 3 XL maken kans op het slechts bewaarde geheim ooit. Google lijkt ook geen enkele moeite meer te doen om iets te ontkennen, tegen te houden of te ontkrachten. Ze lopen daarmee een risico dat er op dinsdag 9 oktober niets nieuws over het toestel te vertellen valt. Dit nieuwe plaatjes van @evleaks past prima in een lange reeks lekken waar ook wij trouwens onderdeel van zijn door het plaatsen van de allereerste renders.

Nog even kort samenvatten; de Pixel 3 krijgt een 5,5 inch scherm met Full HD+ resolutie zonder notch bovenin maar wel met dubbele selfiecam, de Pixel 3 XL mag rekenen op een 6,3 inch scherm met Quad HD+ resolutie maar dan wel met een enorme notch bovenin. Ook hier een dubbele camera, maar dan wel alleen aan de voorzijde. Achterop past Google nog altijd een enkele camera toe al zal die dankzij de nodige kunstmatige intelligentie wel kunnen rekenen op een portretmodus. Het meeste weten we inmiddels van de grootste van het stel; de 3 XL. Dat toestel werd vroegtijdig op de zwarte markt verkocht en verscheen ook in Hong Kong per ongeluk voor z’n lancering in de winkel. Het minst weten we wat dat betreft over de reguliere Google Pixel 3. Al is dat relatief; Google brengt los van het formaat traditiegetrouw weinig onderscheid aan tussen beide. Dinsdag 9 oktober zullen we het allemaal zeker weten; dan kondigt Google ze allebei officieel aan. Laten we hopen dat er nog een “one more thing” over is gebleven.

Ontvang een e-mail wanneer de Pixel 3 verkrijgbaar is

E-mail

Ontvang een e-mail wanneer de Pixel 3 XL verkrijgbaar is

E-mail

Apple Discontinues Lightning to 30-Pin Adapter

Apple has discontinued its $29 Lightning to 30-pin Adapter and has removed the accessory from its website as of this week.

The Lightning to 30-pin Adapter was first introduced in 2012 after Apple debuted the Lightning connector to replace to 30-pin connector that had been used in iPhones and iPads up to that point.

At the time of the transition, many people were using 30-pin cables for charging purposes for existing devices, prompting Apple to launch the adapter. The adapter was also useful for connecting existing 30-pin accessories to the new Lightning devices.

Lightning connectors are significantly thinner and more compact than 30-pin and the switch over to the more svelte Lightning connector allowed Apple to save space for other components in iPhones and iPads.

Apple’s iPhone 5, fourth-generation iPad, and first-generation iPad mini were some of the first devices to use the new Lightning connector, which has been present in all mobile devices since 2012.

It’s now been six years since Lightning was introduced and there is no longer a need for the Lightning to 30-pin Adapter as a limited number of those cables are still in use in 2018.
Discuss this article in our forums

Google Shuttering Google+ for Consumers After Undisclosed Data Breach

The Google+ social network that Google introduced back in 2011 suffered a major data breach that Google opted not to disclose to the public, reports The Wall Street Journal.

A Google+ software glitch provided outside developers with the ability to access private Google+ profile data from 2015 to March 2018. In the spring of this year, internal investigators discovered the issue and fixed it.

The problem was caused by a bug in a Google+ API designed to let app developers access profile and contact information about the people who signed up to use their apps. Google found that Google+ was also allowing developers to access the data of users who had their profiles set to private. Up to 438 apps had access to customer data.

During a two-week period in late March, Google ran tests to determine the impact of the bug, one of the people said. It found 496,951 users who had shared private profile data with a friend could have had that data accessed by an outside developer, the person said. Some of the individuals whose data was exposed to potential misuse included paying users of G Suite, a set of productivity tools including Google Docs and Drive, the person said. G Suite customers include businesses, schools and governments.

In an internal memo, Google’s legal staff recommended against disclosing the bug because it would invite “immediate regulatory interest” and result in a comparison to Facebook’s Cambridge Analytica scandal.

Data from hundreds of thousands of users was potentially accessible, but Google did not discover misuse of the data by outside developers. Exposed data included names, email addresses, birth dates, gender, profile photos, places lived, occupation, and relationship status.

Phone numbers, email messages, timeline posts, and direct messages were not accessible.

As a result of the breach, Google today announced that it is shutting down Google+ for consumers and introducing new privacy measures. According to Google, it put together a privacy task force called Project Strobe at the beginning of the year to review the company’s APIs.

Buried in a long document describing all of the privacy changes being implemented, Google confirms that a Google+ bug made private Google+ content accessible to developers.

Google explains that it did not opt to disclose information on the breach back in March because there was no evidence of misuse and no action a developer or user could take in response.

The review did highlight the significant challenges in creating and maintaining a successful Google+ that meets consumers’ expectations. Given these challenges and the very low usage of the consumer version of Google+, we decided to sunset the consumer version of Google+.

Google is planning to shut down Google+ over a 10-month period, with the social network set to be sunset next August.

In addition to shutting down Google+, Google is introducing several other privacy improvements. More granular controls will be provided for granting Google Account data to third-party apps, and Google is going to limit the number of apps that have access to consumer Gmail data.

For Android users, Google will limit the apps able to access Call Log and SMS permissions on Android devices, and contact interaction data will no longer be available through the Android Contacts API.

Google’s full list of privacy changes can be found in its new Project Strobe blog post.

Tags: Google, Gmail
Discuss this article in our forums