Moment's Anamorphic lens provides epic looks

Moment's Anamorphic lens provides epic looks
When Moment announced an anamorphic lens, it really caught my attention. After all, the film Tangerine was shot on an iPhone 5S using an anamorphic lens from Moondog Labs, so I was excited to try my hand at a more cinematic look. But what is an anamo…
Source: Engadget

Buggy software in popular connected storage drives can let hackers read private data

Buggy software in popular connected storage drives can let hackers read private data

Security researchers have found flaws in four popular connected storage drives that they say could let hackers access a user’s private and sensitive data.

The researchers Paulos Yibelo and Daniel Eshetu said the software running on three of the devices they tested — NetGear Stora, Seagate Home and Medion LifeCloud — can allow an attacker to remotely read, change and delete data without requiring a password.

Yibelo, who shared the research with TechCrunch this week and posted the findings Friday, said that many other devices may be at risk.

The software, Hipserv, built by tech company Axentra, was largely to blame for three of the four flaws they found. Hipserv is Linux-based, and uses several web technologies — including PHP — to power the web interface. But the researchers found that bugs could let them read files on the drive without any authentication. It also meant they could run any command they wanted as “root” — the built-in user account with the highest level of access — making the data on the device vulnerable to prying eyes or destruction.

We contacted Axentra for comment on Thursday but did not hear back by the time of writing.

Neither Netgear nor Seagate commented by our deadline, but we’ll update if that changes. Lenovo, which now owns Medion, did not respond to a request for comment.

The researchers also reported a separate bug affecting WD My Book Live drives, which can allow an attacker to remotely gain root access.

A spokesperson for WD said that the vulnerability report affects devices originally introduced in 2010 and discontinued in 2014, and “no longer covered under our device software support lifecycle.” WD added: “We encourage users who wish to continue operating these legacy products to configure their firewall to prevent remote access to these devices, and to take measures to ensure that only trusted devices on the local network have access to the device.”

In all four vulnerabilities, the researchers said that an attacker only needs to know the IP address of an affected drive. That isn’t so difficult in this day and age, thanks to sites like Shodan, a search engine for publicly available devices and databases, and similar search and indexing services.

Depending on where you look, the number of affected devices varies. Shodan puts the number at 311,705, but ZoomEye puts the figure at closer to 1.8 million devices.

Although the researchers described the bugs in moderate detail, they said they have no plans to release any exploit code to prevent attackers taking advantage of the flaws.

Their advice: If you’re running a cloud drive, “make sure to remove your device from the internet.”


Source: Tech Crunch

Microsoft’s $7.5BN GitHub buy gets green-lit by EU regulators

Microsoft’s .5BN GitHub buy gets green-lit by EU regulators

Microsoft’s planned acquisition of Git-based code sharing and collaboration service, GitHub, has been given an unconditional greenlight from European Union regulators.

The software giant announced its intention to bag GitHub back in June, saying it would shell out $7.5 billion in stock to do so. At the time it also pledged: “GitHub will retain its developer-first ethos and will operate independently to provide an open platform for all developers in all industries.”

The European Commission approved the plan today, saying its assessment had concluded there would be no adverse impact on competition in the relevant markets, owing to the combined entity continuing to face “significant competition”.

In particular, it said it looked at whether Microsoft would have the ability and incentive to further integrate its own devops tools and cloud services with GitHub while limiting integration with third party tools and services.

The Commission decided Microsoft would have no incentive to undermine the GitHub’s openness — saying any attempt to do so would reduce its value for developers, who the Commission judged as willing and able to switch to other platforms.

Microsoft has previously said it expects the acquisition to close before the end of the year.


Source: Tech Crunch

'Rocket League' cross-platform profiles delayed until 2019

'Rocket League' cross-platform profiles delayed until 2019
Rocket League's cross-platform profile system, RocketID, has been pushed back until early next year. Psyonix said that it's working "incredibly hard to ensure that it's as intuitive, stable and polished as possible, before releasing it to the world."…
Source: Engadget

Microsoft’s new expense tracker Spend hits the App Store

Microsoft’s new expense tracker Spend hits the App Store

The team behind mileage-tracking app MileIQ, a company Microsoft acquired a few years ago, is out with a new application. This time, the focus isn’t on tracking miles, but rather expenses. The new app, simply called “Spend,” arrived on the App Store on Thursday, offering automatic expense tracking for work reimbursement purposes or for taxes.

Spend doesn’t appear to be a part of some grand Microsoft plan to take on expense tracking industry giants, like Expensify or SAP-owned Concur, for example. At least, not at this time.

Instead, the app is a Microsoft Garage project, the App Store clarifies.

Microsoft Garage is the company’s internal incubator when employees can test out new ideas to see if they resonate with consumers and business users.

Through the program, a number of interesting projects have gotten their start over the years, like the Cortana-based dictation tool, Dictate; mobile design creation app Sprightly; short-form email app Send; the Word Flow keyboard for smartphones; a Bing-backed alternative to Google News; and dozens more.

The new Spend app, at first glance, looks well-designed and easy to use.

Like most expense trackers, it offers features like the ability to take photos of receipts, expense categorization features, and reporting.

However, what makes Spend interesting is the app’s automated tracking and matching, and its user interface for working with your receipts.

The app begins by automatically tracking all your expenses from a linked credit card or bank account. You can then swipe on the expenses to mark them as personal or business. These expenses are automatically categorized, and you can add extra tags for added organization.

You can also add notes to purchases, split expenses, and customize expense categories, in addition to tags.

And the app can generate expense reports on a weekly, monthly or custom bases, which can be exported at spreadsheets or PDFs. There’s a web dashboard for when you’re using the app at your computer, but Spend doesn’t appear on the MileIQ main website at this time. It does, however, have a support site.

The company says the new app is an early version, and they plan to revise it going forward as they make improvements. Microsoft has been asked for more details on its plans with Spend, and we’ll update if they have more to offer.


Source: Tech Crunch

Apple now offers a USB-C Watch charger

Apple now offers a USB-C Watch charger
The iPhone XR made its entrance today, but that's not the only new product available in the Apple Store. The company also introduced a USB-C charger for the Apple Watch. Up until now, the only official option for charging your Apple Watch was a USB-A…
Source: Engadget

Hiver lets you manage shared email addresses from Gmail

Hiver lets you manage shared email addresses from Gmail

Meet Hiver, a service that lets you collaborate on generic email addresses, such as jobs@yourcompany.com, support@, sales@, etc. Hiver isn’t the only company working on shared inboxes. But compared to Front, everything happens in Gmail directly.

To be fair, Front has been doing a fantastic job when it comes to multiplayer email — and the company has been doing great. Front is a new email client that lets you work together on your inbound emails.

But many teams don’t necessarily want to use a brand new email client. Some people love the Gmail interface so much that they don’t even think about switching to something else.

Hiver is a Google Chrome extension that adds a bunch of feature to your Gmail inbox. In addition to your personal inbox, you can now access shared inboxes with other people in your team. You can then assign an email to one of your coworkers and see what everybody is working on.

If you need help in order to reply to a tedious email, you can write a note in the right column and notify your teammates using @-mentions. All your comments live in this separate column so that you don’t clutter your email thread with forwards and CCs.

Whenever someone starts replying, Hiver shows a collision alert so that customers don’t get two replies. You can also use templates for faster replies, send emails later and share drafts to get another pair of eyes.

More recently, Hiver added automation with simple if/then rules to assign conversations to the right person and categorize your emails automatically.

If you’ve used Front in the past, those features will sound familiar as you can do all of this in Front, and much more. But it turns out that some companies really wanted a “Front for Gmail”.

Hiver just raised a $4 million funding round from Kalaari Capital and Kae Capital. The company is based in India and has 50 employees already. A thousand companies are currently using Hiver, such as Hubspot, Vacasa, Pinterest and Lyft. Most of Hiver’s clients are based in the U.S.

Building a product on top of Gmail creates some limitations. For instance, you’ll have to remain a G Suite customer in order to keep using Hiver. Hiver also works better on desktop. The company has mobile apps, but they are still a bit basic so far.

Hiver uses a software-as-a-service approach. Plans start at $14 per user per month, and you need to pay more for automations, Salesforce integration and more.


Source: Tech Crunch

Making magic with the Harry Potter Kano Coding Kit

Making magic with the Harry Potter Kano Coding Kit
Like so many Harry Potter fans, I've dreamed of attending Hogwarts and learning magic with a wand, cauldron and bulging bag full of quills, ink and parchment. In the absence of real witchcraft and wizardry, I've visited movie sets and played countles…
Source: Engadget