Daily Archives: December 27, 2024

This Nvidia App Setting Is Tanking Your Frame Rate – the rest of the problems it causes cannot be fixed

Posted on by

[…]

following a Dec. 5 driver update that skipped GeForce Experience in favor of the Nvidia App (all future updates will follow its lead). The new app is meant to streamline the grab bag of features Nvidia has accumulated over the years, pairing its driver updating utility with a streamlined gaming overlay and improved tools for easily optimizing graphics or enabling G-Sync and other advanced settings. However, upon installing it, some gamers noticed their games running a bit more slowly.

“We’ve confirmed reports around the web that the Nvidia App using the default settings can impact gaming performance,” writes Tom’s Hardware’s Jarred Walton, “dropping frame rates by up to 15% in some cases.”

In particular, Walton saw performance drops ranging from 2% to 12% across the games he tested, which included Assassin’s Creed Mirage, Baldur’s Gate 3, Black Myth: Wukong, Flight Simulator 2024, and Stalker 2.

[…]

In a statement to Walton, Nvidia confirmed that the issue is specifically with the Game Filters and Photo Mode setting, and that the company is actively looking into a fix. So while you might not be able to play your games with an RTX HDR filter in the meantime, you’ll be able to use the rest of the app, even the overlay, as you would have before.

[…]

The simplest solution, and probably the best one for most people, is to follow Nvidia’s official advice and turn off the Game Filters and Photo Mode setting. To do this, just navigate to Settings > Features > Overlay > Game Filters and Photo Mode and toggle it off. I

Source: This Nvidia App Setting Is Tanking Your Frame Rate | Lifehacker

Which unfortunately is OK because the new app does creates problems with photos / screenshots and screen videos being way too bright, among a raft of other problems.

But you don’t need to log in to this app to get driver updates.

Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets

Posted on by

Digital license plates, already legal to buy in a growing number of states and to drive with nationwide, offer a few perks over their sheet metal predecessors. You can change their display on the fly to frame your plate number with novelty messages, for instance, or to flag that your car has been stolen. Now one security researcher has shown how they can also be hacked to enable a less benign feature: changing a car’s license plate number at will to avoid traffic tickets and tolls—or even pin them on someone else.

Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to “jailbreak” digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold. By removing a sticker on the back of the plate and attaching a cable to its internal connectors, he’s able to rewrite a Reviver plate’s firmware in a matter of minutes. Then, with that custom firmware installed, the jailbroken license plate can receive commands via Bluetooth from a smartphone app to instantly change its display to show any characters or image.

That susceptibility to jailbreaking, Rodriguez points out, could let drivers with the license plates evade any system that depends on license plate numbers for enforcement or surveillance, from tolls to speeding and parking tickets to automatic license plate readers that police use to track criminal suspects. “You can put whatever you want on the screen, which users are not supposed to be able to do,” says Rodriguez. “Imagine you are going through a speed camera or if you are a criminal and you don’t want to get caught.”

Image may contain Electronics Screen Computer Hardware Hardware Monitor Text Symbol White Board and QR Code

One of Reviver’s license plates, jailbroken to show any image IOActive researcher Josep Rodriguez chooses.

Photography: IOActive

Worse still, Rodriguez points out that a jailbroken license plate can be changed not just to an arbitrary number but also to the number of another vehicle—whose driver would then receive the malicious user’s tickets and toll bills. “If you can change the license plate number whenever you want, you can cause some real problems,” Rodriguez says.

All traffic-related mischief aside, Rodriguez also notes that jailbreaking the plates could also allow drivers to use the plates’ features without paying Reviver’s $29.99 monthly subscription fee.

Because the vulnerability that allowed him to rewrite the plates’ firmware exists at the hardware level—in Reviver’s chips themselves—Rodriguez says there’s no way for Reviver to patch the issue with a mere software update. Instead, it would have to replace those chips in each display. That means the company’s license plates are very likely to remain vulnerable despite Rodriguez’s warning—a fact, Rodriguez says, that transport policymakers and law enforcement should be aware of as digital license plates roll out across the country. “It’s a big problem because now you have thousands of licensed plates with this issue, and you would need to change the hardware to fix it,” he says.

Source: Hackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and Tickets | WIRED

Feds Warn SMS Authentication Is Unsafe

Posted on by

Hackers aligned with the Chinese government have infiltrated U.S. telecommunications infrastructure so deeply that it allowed the interception of unencrypted communications on a number of people, according to reports that first emerged in October. The operation, dubbed Salt Typhoon, apparently allowed hackers to listen to phone calls and nab text messages, and the penetration has been so extensive they haven’t even been booted from the telecom networks yet. The Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week on best practices for protecting “highly targeted individuals,” which includes a new warning (PDF) about text messages.

“Do not use SMS as a second factor for authentication. SMS messages are not encrypted—a threat actor with access to a telecommunication provider’s network who intercepts these messages can read them. SMS MFA is not phishing-resistant and is therefore not strong authentication for accounts of highly targeted individuals,” the guidance, which has been posted online, reads. Not every service even allows for multi-factor authentication and sometimes text messages are the only option. But when you have a choice, it’s better to use phishing-resistant methods like passkeys or authenticator apps. CISA prefaces its guidance by insisting it’s only really speaking about high-value targets. The telecommunications hack mentioned above has been called the “worst hack in our nation’s history,” according to Sen. Mark Warner (D-VA).

source: Feds Warn SMS Authentication Is Unsafe