Weekly Tech Recap - № 271 - T2 security vulnerability, Bletchley Park, Doom on the fridge, image description AI, Vivaldia
T2 security vulnerability
Apple’s T2 security chip. © iFixit.
A recently released jailbreak tool is letting anyone exploit a vulnerability on the more recent Macs to bypass Apple’s trusted T2 security chip and gain deep system access. While Apple may be able to slow down potential hackers, the flaw is ultimately unfixable in every Mac that has a T2 inside, since it is embedded in the T2 silicon. The T2, launched in 2017, acts as a trusted mechanism for securing high-value features like encrypted data storage, Touch ID, and Activation Lock. The vulnerability, known as Checkm8, was already present in Apple’s A5 through A11 SoC, and is still being used to jailbreak older models of iPhones with these chips. On the T2 Mac chip, it can be used to run Linux on the T2 and could also be weaponized by malicious hackers to disable macOS security features like System Integrity Protection and Secure Boot. Worse yet, combined with another T2 vulnerability that was publicly disclosed in July, the jailbreak could also potentially be used to obtain FileVault encryption keys and to decrypt user data. But don’t panic yet: an attacker would need physical access to target your device in order to exploit it, as the tool can only run off of another device over USB.
⇨ Ars Technica, Lily Hay Newman, “Apple’s T2 security chip has an unfixable flaw.”
Facebook saves Bletchley Park
Classroom at the Bletchley Park National Museum. CC BY 2.0, Marcin Wichary.
Facebook is donating 1.2 million pounds sterling (CAD2.05 million) to Bletchley Park, the UK computing museum. Bletchley Park’s finances have suffered since the beginning of the crisis, with a revenue shortfall of £2 million due to plummeting visitor numbers. The Park announced it was considering 35 layoffs, constituting a third of its workforce. Facebook’s donation will save some of these jobs, but it’s not clear how many. Facebook said it made the donation in recognition of Bletchley Park’s “ongoing legacy as a birthplace of modern computing.” The Park’s code-breakers and mathematicians not only cracked the Enigma codes used by the Nazis, an achievement that some historians say shortened the length of the war by two to four years, but they also made key theoretical and engineering breakthroughs. These include the creation of Colossus, the world’s first programmable digital computer, and the work of Alan Turing, the English mathematician who is seen as the father of modern computer science and artificial intelligence. At its height, the code-breaking operation at Bletchley Park included some 10,000 employees, with women constituting roughly 75 percent of the workforce.
⇨ The Verge, James Vincent, “Facebook donates £1 million to help save UK’s WWII code-breaking center Bletchley Park.”
Doom for dinner
Family Hub refrigerator. © Samsung.
Using Microsoft’s xCloud service and a little ingenuity, Richard Mallard has managed to get Doom Eternal running on a Samsung smart fridge. The trick was to sideload the Android version of the Xbox Game Pass app onto his fridge. The video of this coup of engineering shows the game working flawlessly and responding to the Xbox controller’s commands. Amusingly, this means Microsoft’s xCloud game streaming service is available on Samsung fridges before it’s launched on an iPad or iPhone. Apple’s policy on applications mean that implementing an xCloud service on iOS is an extremely long and complex process. Despite this problem, Xbox chief Phil Spencer said at a staff meeting at Microsoft that xCloud “absolutely will end up on iOS”, probably in early 2021, thanks to a browser-based solution. The question to ask, then, before purchasing any appliance with a screen is: can it run Doom? The answer is probably yes, depending on how much work you want to put into it. Recently, we saw the original, 1993 version of Doom playing on an electronic pregnancy test and on a microwave oven. We’re willing to bet that Spencer never imagined the refrigerator platform for xCloud.
⇨ The Verge, Tom Warren, “Here’s Doom running on a Samsung fridge thanks to xCloud.”
AI for the seeing impaired
© Microsoft.
Microsoft’s AI researchers have achieved a significant breakthrough with a new image description model which, in certain tests, is more accurate than a human in describing the contents of a photo. This feat will no doubt be applauded by the blind and seeing impaired community, that uses alt-text for images. As the video below shows, the before-and-after descriptions of the same photo are miles apart (“a close-up of a cat” vs. “a grey cat with its eyes closed”). The AI system has been used to update Seeing AI, the company’s assistant app for the visually impaired, and will soon be incorporated into other Microsoft products like Word, Outlook, and PowerPoint. For developers, image description AI will be available as a stand-alone model via Microsoft’s cloud and AI platform Azure.
⇨ YouTube, “Microsoft AI breakthrough in automatic image captioning.”
⇨ The Verge, James Vincent, “Microsoft’s new image-captioning AI will help accessibility in Word, Outlook, and beyond.”
Playing Vivaldi
Vivaldia. © Vivaldi Technologies.
Vivaldi is a great Chromium-based browser that you must really give a try. And the fact that it now comes with a built-in game may just tip you over the edge! The game, called Vivaldia, is a retro side-scroller set in a cyberpunk universe. It is available with version 3.4 of the browser, and can be played both online and offline across Windows, Max, Linux, and Android. You get to it by visiting “vivaldi://game” using Vivaldi’s address bar. Vivaldi’s 3.4 release also comes with a couple of new browser features, including configurable context menus and the option to set pages to reload automatically. You can grab it on desktop by downloading it directly from Vivaldi’s site, or on Android from the Google Play Store.
⇨ YouTube, “Vivaldia: a real 80s Cyberpunk, arcade-style game from Vivaldi browser.”
⇨ The Verge, Jon Porter, “Vivaldi browser gets cyberpunk side-scroller to rival Google Chrome’s dinosaur game.”
