bug
Latest
Google spent a record sum rewarding researchers for hacking its products
Google is not messing around when it comes to its bug bounty program. Last year it paid out $6.5 million to researchers that reported vulnerabilities -- almost double the $3.4 million paid out in 2018. The largest single award was for $201,337, which was given to Guang Gong of Alpha Labs, who discovered a major exploit on the Pixel 3.
'Destiny 2' is offline as Bungie tries to fix a data-erasing bug (updated)
You might not want to look at your Destiny 2 inventory right now if you're an avid player -- you could be in for a rude shock. Bungie has taken the game offline for "emergency maintenance" after discovering that the latest update appears to have erased players' Glimmer currency, infusion materials (like ascendant shards) and possibly cosmetics currency like Bright Dust. Given that some of these items are particularly hard to get, that's a huge problem -- many hours of gameplay may have been wiped out.
Boeing finds another software flaw that might delay 737 Max's return
Boeing is dealing with another 737 Max software flaw that could prevent the troubled aircraft from returning to the skies, but this time it's not a safety issue. The company has confirmed that it's fixing a flaw preventing the 737 Max's flight control computers from starting up and verifying that they're ready for flight -- in other words, the airliner couldn't even take off. A spokesperson said Boeing was "working with the FAA" on submitting the fix and was informing partners, but didn't say when the updated software would be ready.
Homeland Security wants you to update your Firefox browser right now
The Department of Homeland Security is urging Firefox users to update their browsers. The rare warning was issued earlier this week, after Mozilla released two critical security updates. According to the Cybersecurity and Infrastructure Security Agency (CISA), the exploit could allow hackers to "take control of an affected system."
GoPro Karma drones are unable to fly due to a possible GPS flaw
The new year hasn't started well if you're a GoPro Karma owner. Numerous operators have found themselves unable to fly since the start of 2020, with the robotic aircraft reporting that it has no GPS signal and can't calibrate the compass, even when the controller is working properly. One user claimed to have discovered a workaround by resetting the controller and disabling GPS, but that clearly isn't ideal.
Y2K-type glitch is causing NYC parking meters to reject credit cards
A software glitch is causing parking meters throughout New York City to reject credit and prepaid parking cards, The New York Times reports. The payment software was set to expire on January 1st, and the vendor reportedly failed to update the software before the new year. So, at the stroke of midnight Wednesday, the city rang in a bug reminiscent of those feared around Y2K, which predicted computer systems would crash.
Mazda3 bug activates emergency brake system for no reason
Driver assists can help make our trips much safer, but integrating software decisions into the control of a vehicle could cause serious problems if the system glitches at the wrong time. According to Mazda, "Incorrect programming" in its Smart Braking System (SBS) can make fourth-generation Mazda3 vehicles to falsely detect an object in their path while driving and automatically apply the brakes while driving. The problem affects 35,390 2019 and 2020 model year cars in the US, but Mazda says it is not aware of any injuries or deaths as a result of the defect. If the issue occurs, the driver will notice because their car has suddenly stopped, and also as an alarm sounds and a message is displayed on the in-car warning screen. Some Reddit posters report experiencing situations of the system activating while driving with nothing around, and note that while the system can be disabled, it appears to re-enable itself every time the car starts.
Twitter fixes an Android bug that could have allowed hackers to hijack accounts
Twitter has updated its Android app to fix a security vulnerability that could have allowed someone to see nonpublic information about your account, as well as take control of it to send tweets and direct messages. According to a blog post from the company, taking advantage of the bug involved "a complicated process" of inserting malicious code into the restricted storage areas of the Twitter Android app. The bug may have also allowed malicious individuals to access someone's location information and their protected tweets.
Google resumes Chrome 79 update for Android after fixing data bug
Android users can now update their Chrome browser without having to worry that it would affect their other applications. Google has resumed Chrome 79's rollout for the platform after a bug forced the team to put it on hold. Users reported that the update "wiped" data from third-party apps that use the WebView framework, though the tech giant explained that it didn't actually erase anything -- it just made their information invisible.
Facebook is fixing a bug that turned on phone cameras
Early this month, some Facebook users began to notice a glitch when they were using the iOS app. Users shared on Twitter that when they were watching videos or looking at photos, their cameras were activated behind the Facebook app, CNET reports. Facebook has acknowledged the bug and says it is submitting a fix to Apple today.
‘Red Dead Redemption 2’ PC launch hasn't had the best start
Red Dead Redemption 2 finally launched on PC this week, but much like the escapades of the game's gunslingers, things haven't quite gone according to plan. Players have reported a raft of problems, including issues with the launcher, freezing and recurring crashes.
Twitter is rolling out a fix for the 'auto-scrolling' bug on iOS
Has the Twitter timeline been extra jumpy on your iPhone or iPad? Yesterday Twitter acknowledged the "frustrating" issue, and now an update to address it is rolling out via the App Store. It's unclear if it was supposed to be a seamless addition of new tweets that simply didn't behave properly, but now users should be able to decide whether or not the tweet they're looking at is worth reading without the app deciding it's time to move on. The fixed version is v8.1.5, so if you're still on 8.1, then hang on -- it's coming.
‘Harry Potter: Wizards Unite’ gathered location data while users slept
It's no secret that games like Harry Potter: Wizards Unite and Pokémon Go track their users' locations. But it can be alarming to see just how much data companies like Niantic have. As part of an extensive report on how tech companies are mapping the world, Kotaku revealed that Niantic's Wizards Unite, in particular, gathered a surprising amount of data.
Apple's latest iOS 13 update fixes camera glitch and other issues
Apple already has another iOS 13 update, iOS 13.1.2. The company released the update to the public today. It fixes a bug that affected the progress bar for iCloud Backup, an issue with the Camera and another with the flashlight, glitches with HomePod shortcuts and more.
Chrome update prevents some Macs from rebooting properly (updated)
For the past few days, video editors have been panicking as a data corruption issue struck their Macs (typically 2013 Mac Pros), preventing them from rebooting their systems properly. But what was the cause? Their Avid Media Composer editing suite? MacOS itself? No -- it turns out their browser was likely to blame. Google has acknowledged that a recent Chrome release "may have shipped" with an updater bug that corrupts the file system on Macs that either have System Integrity Protection (SIP) turned off or don't support it in the first place. As Avid Media Composer reportedly needs SIP turned off to get direct access to these Macs' graphics systems (update: it doesn't, read below), Chrome's buggy updater is free to wreak havoc on the file system.
BioWare hopes to fix 'Anthem' by swapping acts for seasonal updates
It's no secret that Anthem has had a lukewarm response. Dodgy game mechanics and various other bugs meant that developer BioWare published a blog post less than a month after its release, sharing its plans to make the game better. Now, the company has revealed more details on its planned improvements, which includes making changes to the way future Anthem content is released.
LastPass patched a bug that could have exposed your passwords
If you use LastPass to manage your passwords, now would be a good time to make sure you're running the latest version, 4.33.0. As Gizmodo reports, LastPass recently patched a bug that could have been used to compromise users' security credentials. The patch should have arrived automatically, but as a precaution, it's worth making sure you're running the September 12th update.
Libra Association opens Bug Bounty program to everyone
Facebook's Calibra digital wallet isn't expected to launch until 2020. But, as you might expect, the organization created to protect the Libra cryptocurrency that will be used with Calibra (and other Libra financial services) is already working to ensure it keeps people's data safe. We're talking about the Libra Association, the independent group in charge of governing Libra, which has announced it is now welcoming all researchers who want to help test the security of its blockchain technology -- in exchange for financial rewards, naturally. The Libra Bug Bounty program was announced at the time when the Libra Association became official in June, but now the nonprofit will be opening it to the public.
Apple re-fixes a bug that let users jailbreak iPhones
Apple fixed a vulnerability that temporarily allowed hackers to jailbreak iPhones. The bug was first fixed in iOS 12.3 but reintroduced in iOS 12.4. Hackers discovered the flaw earlier this month and shared a free public jailbreak just for the fun of it. Today, Apple released iOS 12.4.1, which should take care of the vulnerability once and for all.
Google researchers discovered serious iOS security flaws
Six critical security vulnerabilities that were patched in the iOS 12.4 update released earlier this month were originally discovered by security researchers at Google. Natalie Silvanovich and Samuel Groß, two members of Google's Project Zero bug-hunting team, alerted Apple to the issues. Silvanovich will be laying out the details on several of the bugs and provide a demonstration of exploits in action at the Black Hat security conference set to be held in Las Vegas next week.
