John Lister

A bug in the way Windows handles fonts could leave computers open to a "drive-by attack" - as long as the machine is connected to the Internet. It's among the vulnerabilities fixed in the latest Windows security update. All versions of Windows are ... affected . The bug involves the way Windows deals with embedded fonts. An embedded font means that the document includes the code for the font itself. It's generally used where a document or web page designer wants users to see a specific font that's not widely installed on computers. The bug means an embedded font could be coded in a way ... (view more)

A bill to tackle unwanted "robocalls" looks likely to become law in the US. It would use a range of approaches to tackle misleading or annoying automated calls. Robocalls are automatically-dialed marketing (or scam) phone calls - the same calls made ... by Indian tech support scammers . Using computers to place the call greatly increases the number of homes a company (or scammer) can attempt to phone - and in turn the number of calls the average home is likely to receive. The House of Representatives has now passed the proposed Pallone-Thune Telephone Robocall Abuse Criminal Enforcement and ... (view more)

The FBI has warned users to think carefully when buying and using "smart" televisions. The warning is based on the idea that many people have bought or will buy new televisions either as part of "Black Friday" or in time for Christmas. The warning ... from the FBI's Portland office is based partly on the prospect that people might not have set out to buy smart sets, but that most or all of the TVs on offer currently have such features. (Source: techcrunch.com ) Cameras and Microphones on Some Sets A "smart" television is simply one that has an Internet connection. Previously that's mainly been ... (view more)

Mozilla has removed security tools from Avast and AVG from the Firefox extension store. It says the tools are collecting too much personal data about users. The extensions are third-party tools for the Firefox browser that add extra functionality to ... web browsing. In this case, the advertised purposes include highlighting and blocking malware that could be downloaded, and warning users when a page may be part of a phishing attack. That's where a user is tricked into typing in personal details into what they think is a legitimate site. Mozilla acted after online posts by Wladimir Palant, who ... (view more)

Security researchers say a serious Android bug could let malware pose as a legitimate app and gain unwanted access to a phone's data and functions. The concept of the 'StrandHogg' bug has been known for several years, but now it's being actively ... exploited to target online banking. In simple terms, the bug has two unwanted effects: it can trick users into giving malware sensitive 'permissions' to access the phone, and it can hijack legitimate apps to trick users into handing over login details and sensitive information. Researchers at Promon explain the bug is with a security setting called ... (view more)

Facebook is to let users automatically copy their uploaded photos and videos to Google's photo service. It's part of a "data portability" project between tech giants, but is also a demonstration of how slowly the project itself is moving. The tool ... will mean users can transfer files without needing to download them to their devices, then re-upload them to another service. In particular, Google's Photos service makes it easy to access photos on multiple devices. It also has automatic tagging so that users can quickly find all their photos of a particular location or activity, for example. It's ... (view more)

Mozilla is to block "fingerprinting" tracking in the Firefox browser. It's an alternative tracking technique to cookies and doesn't require any consent from users. Most people know about cookies, which involves sites putting a small file on a ... computer to either identify a user for future visits or track their online activity. In most cases cookies both legally and practically need consent from the user before they can be issued. Fingerprinting is a more creative technique that doesn't require consent and has proven harder to block. It's all based around the fact that a website is able to ... (view more)

A hard drive manufacturer has warned its solid state drives could effectively self-destruct after a little less than four years of total operation. HPE (Hewlett Packard Enterprise) says users need to apply a firmware fix immediately, while it's ... another reminder of the importance of backups. 20 different HPE models are affected, all in the SAS range, which are hard drives typically meant for enterprise. All are solid state drives, which have no moving parts. This makes them more expensive and much faster than traditional hard drives. (Source: hpe.com ) The problem isn't with the actual drives ... (view more)

Microsoft has blocked users of some security software from updating Windows 10. It's also spotted some problems with specific WiFi drivers. The good news is that although the Windows 10 problems are with the well-known Avast and AVG security tools, ... it only affects older versions. Specifically the problem comes if the software is from version 19.5.4444.567 or earlier. (Source: techradar.com ) Since Avast! also owns AVG, the version number is the same for both engines. Automatic Updates On Hold Microsoft hasn't said exactly what the compatibility problems are, but has put a block on automatic ... (view more)

A bogus "Windows Update" distributed by email is, perhaps unsurprisingly, actually ransomware. It shouldn't fool most users but makes it a good time to remind less tech-savvy PC owners of the need to take necessary precautions. The unsolicited ... emails have a subject line of either "Critical Microsoft Windows Update!" or "Install Latest Microsoft Windows Update now!" Those who open the email will then see a message that says (complete with opening typo) "PLease install the latest critical update from Microsoft attached to this email." (Source: trustwave.com ) $500 Ransom Demand It seems a safe ... (view more)