Daily Archives: May 16, 2024

Patent troll hits Microsoft with $242 million US verdict in Cortana lawsuit

Posted on by

Microsoft (MSFT.O) must pay patent owner IPA Technologies $242 million, a federal jury in Delaware said on Friday after determining that Microsoft’s Cortana virtual-assistant software infringed an IPA patent.

The jury agreed with IPA after a week-long trial that Microsoft’s voice-recognition technology violates IPA’s patent rights in computer-communications software.
IPA is a subsidiary of patent-licensing company Wi-LAN, which is jointly owned by Canadian technology company Quarterhill (QTRH.TO)
, opens new tab and two investment firms. It bought the patent and others from SRI International’s Siri Inc, which Apple acquired in 2010 and whose technology it used in its Siri virtual assistant.
“We remain confident that Microsoft never infringed on IPA’s patents and will appeal,” a Microsoft spokesperson said.
Representatives for IPA and Wi-LAN did not immediately respond to a request for comment on the verdict.
IPA filed the lawsuit in 2018, accusing Microsoft of infringing patents related to personal digital assistants and voice-based data navigation.
The case was later narrowed to concern one IPA patent. Microsoft argued that it does not infringe and that the patent is invalid.
IPA has also sued Google and Amazon over its patents. Amazon defeated IPA’s lawsuit in 2021, and the Google case is still ongoing.

Source: Microsoft hit with $242 million US verdict in Cortana patent lawsuit | Reuters

So basically some company that never did anything except buy some rights from somewhere managed to extort a quarter of a billion dollars from MS. What a brilliant system copyright is!

iPhone users report deleted photos reappearing after update – turns out for Apple, delete doesn’t mean delete

Posted on by

Some iPhone users are reportedly seeing photos they had previously deleted resurface on their devices ever since updating to the latest version of iOS.

The user reports originate from Reddit, and it’s not just a couple of Apple users experiencing issues. By our count, 16 people who deleted their photos say they’ve come back. The deleted photos are apparently marked as recently added, making it very obvious which have made a comeback.

One user says that even photos from 2010 reappeared, and that they have “deleted them repeatedly.”

The Register was able to find a handful of instances of X users reporting the same problem.

[…]

The recent complaints were preceded by a different Reddit thread where three users reported the exact same thing happening in the beta version of iOS 17.5.

[…]

Some users previously reported disappearing photos on older versions of iOS 17, and the fix may have resulted in both accidentally and purposefully deleted photos being brought back to life.

If the issue is genuine, it wouldn’t be the first time iCloud has kept its hands on data after it was supposedly deleted, despite Apple’s emphasis on the privacy of its users. Back in 2017, iCloud was patched to fix a glitch where user browser history was retained for up to a year or so.

Source: iPhone users report deleted photos reappearing after update • The Register

MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says

Posted on by

Within approximately 12 seconds, two highly educated brothers allegedly stole $25 million by tampering with the ethereum blockchain in a never-before-seen cryptocurrency scheme, according to an indictment that the US Department of Justice unsealed Wednesday.

In a DOJ press release, US Attorney Damian Williams said the scheme was so sophisticated that it “calls the very integrity of the blockchain into question.”

[…]

The indictment goes into detail explaining that the scheme allegedly worked by exploiting the ethereum blockchain in the moments after a transaction was conducted but before the transaction was added to the blockchain.

These pending transactions, the DOJ explained, must be structured into a proposed block and then validated by a validator before it can be added to the blockchain, which acts as a decentralized ledger keeping track of crypto holdings. It appeared that the brothers tampered with this process by “establishing a series of ethereum validators” through shell companies and foreign exchanges that concealed their identities and masked their efforts to manipulate the blocks and seize ethereum.

To do this, they allegedly deployed “bait transactions” designed to catch the attention of specialized bots often used to help buyers and sellers find lucrative prospects in the ethereum network. When bots snatched up the bait, their validators seemingly exploited a vulnerability in the process commonly used to structure blocks to alter the transaction by reordering the block to their advantage before adding the block to the blockchain.

When victims detected the theft, they tried to request the funds be returned, but the DOJ alleged that the brothers rejected those requests and hid the money instead.

The brothers’ online search history showed that they studied up and “took numerous steps to hide their ill-gotten gains,” the DOJ alleged. These steps included “setting up shell companies and using multiple private cryptocurrency addresses and foreign cryptocurrency exchanges” that specifically did not rely on detailed “know your customer” (KYC) procedures.

[…]

Source: MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says | Ars Technica

Dell hack but who Dell didn’t think it was a big deal now includes customer phone numbers

Posted on by

The person who claimed to have stolen the physical addresses of 49 million Dell customers appears to have taken more data from a different Dell portal, TechCrunch has learned.

The newly compromised data includes names, phone numbers and email addresses of Dell customers. This personal data is contained in customer “service reports,” which also include information on replacement hardware and parts, comments from on-site engineers, dispatch numbers and, in some cases, diagnostic logs uploaded from the customer’s computer.

[…]

The stolen data included customer names and physical addresses, as well as less sensitive data, such as “Dell hardware and order information, including service tag, item description, date of order and related warranty information.”

I am not sure that knowledge of your operating environment, the amount you spend and service tag information constitutes “less sensitive data”. Actually, no, it is not “less sensitive”

Dell downplayed the breach at the time, saying that the spill of customer addresses did not pose “a significant risk to our customers,” and that the stolen information did not include “any highly sensitive customer information,” such as email addresses and phone numbers.

[…]

Source: Threat actor scraped Dell support tickets, including customer phone numbers | TechCrunch