26 July 2018

Extras for bringing the fun at summer festivals


Editor’s note: This post was done in partnership with Wirecutter. When readers choose to buy Wirecutter’s independently chosen editorial picks, Wirecutter and TechCrunch may earn affiliate commissions.

One of the many ways to take full advantage of the summer is by attending long-awaited happenings and events. Summer festivals of all sorts come around every year, and they’re even better with a few friends — plus some extras to make the experience more memorable. No matter the type of event, having gear that allows you to kick back, keeps you hydrated and powered makes any festival day worthwhile.

Photo: Kimber Streams                                                                                                                                                                                  

Inflatable couch: Live Infinitely Inflatable Air Lounger

For music festivals and events that have areas for camping or lounging (while waiting for the band you actually came to see), an inflatable couch will come in handy. The Live Infinitely Inflatable Air Lounger is 7 feet long, so it’s big enough to sit three people, or for one person to stretch out.

It comes with a stake to keep it from blowing away when it’s not in use, stays inflated longer than other couches we tested and folds down into a portable pack. Use its side pockets to store your phone, a water bottle and other belongings while you kick back and soak up the sun.

Instant Printer: Fujifilm Instax Share SP-2

Taking pictures to capture time spent at an exciting festival is a given. Though when attending with family or friends — especially those who you may not see often — having something tangible to take home makes the outing even better.

The Fujifilm Instax Share SP-2 is the instant printer pick in our instant camera guide, and we like that it’s portable and produces old-school Polaroid prints straight from a smartphone or tablet. It works through the Instax Share app and allows for filters and borders to be added to your snapshots. You can print one picture in about 10 seconds, or print multiples of one image for passing out to your group.

Lenses for iPhone Photography: Moment New Tele Lens & Moment New Wide Lens

When you get tired of taking group selfies and want to capture videos and pictures of the main event, a good smartphone lens attachment can help with getting closer to the action. While some smartphone cameras produce good photos, a lens attachment can further expand your phone’s field of view or extend the optical zoom without distorting images.

For photography enthusiasts who are fine attending events without a professional camera, our lens attachment picks for iPhones, the Moment New Tele Lens (for closer, high-quality shots) and the Moment New Wide Lens (for crisp, wide-angle photos) are great alternatives and offer more portability. They’re an improvement on the iPhone camera and are mounted on a case for lens attachments.

Kyle FItzgerald

USB Battery pack: Anker PowerCore 20100

Spending long days at a fair or similar event means your phone will likely run out of juice before you’re ready to go. Bringing along a USB battery pack ensures that you’ll be able to stay powered while you’re having fun — and long after when you need to round up friends or call a ride.

The Anker PowerCore 20100 is small enough to fit in a backpack or purse and it has enough power to charge one smartphone everyday for nearly a week. It also can simultaneously charge two USB devices at full speed and will keep them powered for days before the battery pack itself needs to be recharged.

Photo: Rozette Rago                                                               

Growler: Miir 64 oz. Growler

Since you can’t bring a fan or AC everywhere, it’s almost necessary to have a drink or two on hand when you’re outside in the heat for long periods of time. For events that allow outside beverages, carrying them in a growler is a great way to keep them fresh, cold or hot.

We put eight growlers to the test and the Miir 64 oz. Growler had the best-tasting beer and fizzy drinks. We like the Miir’s design and that it’s easy to drink from, seal and handle. Its lid can be fully detached, which makes cleaning it by hand a bit easier. With a 64 oz. capacity, you’ll have more than enough of your favorite drink to last throughout the day, or to share.

This guide may have been updated by WirecutterWhen readers choose to buy Wirecutter’s independently chosen editorial picks, Wirecutter and Engadget may earn affiliate commissions.


Read Full Article

GitHub and Google reaffirm partnership with Cloud Build CI/CD tool integration


When Microsoft acquired GitHub for $7.5 billion smackeroos in June, it sent some shock waves through the developer community as it is a key code repository. Google certainly took notice, but the two companies continue to work closely together. Today at Google Next, they announced an expansion of their partnership around Google’s new CI/CD tool, Cloud Build, which was unveiled this week at the conference.

Politics aside, the purpose of the integration is to make life easier for developers by reducing the need to switch between tools. If GitHub recognizes a Docker file without a corresponding CI/CD tool, the developer will be prompted to grab one from the GitHub Marketplace with Google Cloud Build offered prominently as one of the suggested tools.

Photo: GitHub

Should the developer choose to install Cloud Build, that’s where the tight integration comes into play. Developers can run Cloud Build against their code directly from GitHub, and the results will appear directly in the GitHub interface. They won’t have to switch applications to make this work together, and that should go a long way toward saving developer time and effort.

Google Cloud Build. Photo: Google

This is part of GitHub’s new “Smart Recommendations,” which will be rolling out to users in the coming months.

Melody Meckfessel, VP of Engineering for Google Cloud says that the two companies have a history and a context and they have always worked extremely well together on an engineer-to-engineer level. “We have been working together from an engineering standpoint for so many years. We both believe in doing the right thing for developers. We believe that success as it relates to cloud adoption comes from collaborating in the ecosystem,” she said.

Given that close relationship, it had to be disappointing on some level when Microsoft acquired GitHub. In fact, Google Cloud head, Diane Greene expressed sadness about the deal in an interview with CNBC earlier this week, but GitHub’s SVP of Technology Jason Warner believes that Microsoft will be a good steward and that the relationship with Google will remain strong.

Warner says the company’s founding principles were about not getting locked in to any particularly platform and he doesn’t see that changing after the acquisition is finalized. “One of the things that was critical in any discussion about an acquisition was that GitHub shall remain an open platform,” Warner explained.

He indicated that today’s announcement is just a starting point, and the two companies intend to build on this integration moving forward. “We worked pretty closely on this together. This announcement is a nod to some of the future oriented partnerships that we will be announcing later in the year,” he said. And that partnership should continue unabated, even after the Microsoft acquisition is finalized later this year.


Read Full Article

Google’s first smart display is finally available


After months of waiting, the first Google smart display is finally available. The company announced a slew of the devices back in January at CES — no doubt as a way of sticking it to Amazon. After all, the Echo Show was a novel enough device in the smart speaker world, but the hardware was always a little lacking.

Google, on the other hand, let hardware partners do the heavy lifting here, and at CES, the company announced devices from Lenovo, JBL and LG. The former was far and away the nicest looking of the bunch — and it’s the first to hit the market, running $200 for the eight-inch version and $250 for the 10-inch (including three months of YouTube Premium). The others are simply listed as “coming soon.”

Google took things a step further at I/O, handing out hardware development kits, so interested manufacturers could build their own. Expect those to start flooding the market in the not-so-distant future, if the Assistant smart speaker market is any indicator.

If you’ve spent any time with the Echo Show or Spot, you pretty much know the deal here: news, music, podcasts, recipes and the like, all with a visual element. Of course, the smart displays have one very key thing Amazon doesn’t: YouTube. Access to the video service has been a major sticking point in the battle between the two companies. After all, it’s one of the best case uses for this sort of hardware.


Read Full Article

3 Ways Your Kodi Box Could Be at Risk From Malware


kodi-tv-box-malware

If you’re a Kodi user who uses a vast array of add-ons, you need to be careful. You could be inadvertently exposing yourself to malware. Cryptojacking, botnets… there has been a long line of malware claims.

We’re going to take a closer look at cryptojacking, explain how to deal with it, then tell you about two other forms Kodi malware you should watch out for.

1. Cryptojacking

Cryptojacking is a relatively new form of malware that’s becoming increasingly common due to the growing value of cryptocurrencies. In addition to Kodi, you can find it on other apps in the Google Play Store.

In simple terms, a cryptojacker secretly runs on a host’s machine and mines cryptocurrencies without their knowledge.

On the upside, cryptojacking is not as dangerous as some other forms of malware; it’s not going to lock your machine and hold you to ransom or try and steal your online banking credentials.

But mining crypto is a resource-intensive task. It can eat through your bandwidth and computer processing power, causing your machine and network to slow to a crawl or even crash entirely.

Anyone who runs Kodi is at risk, but people who install the app on Amazon Fire TV devices are particularly vulnerable.

One strain of cryptojacking malware—called ADB.Miner—spreads through port 5555. The port automatically opens when you enable Developer Options, which is a necessary step for install Kodi on the Fire TV. It’s thought more than 17,000 devices are at risk.

The ADB.Miner malware mines the Monero cryptocurrency.

How to Protect Kodi From Cryptojacking

To protect yourself against cryptojacking on Kodi, you need to use TVAddon’s No-Coin Scan add-on. It’s based on the No-Coin browser extension.

You can find the add-on in the Indigo repo. It’s available through Fusion (fusion.tvaddons.co). Check out our beginner’s guide to Kodi if you’re not sure how to install repos.

Once you’ve installed Indigo, go to Add-ons > Indigo on the Kodi homepage, then scroll down to No-Coin Scan and click on it.

The scan will take a few minutes to complete. When it’s finished, it will either give your system a clean bill of health, or advise you on the correct action to take.

2. Subtitle Malware

In May 2017, researchers at security firm Check Point published a proof of concept video which demonstrated how malware hidden in a subtitle file could attack your computer.

The attack itself occurs when you download the file onto your computer from a subtitle repo. It’s especially troublesome because Kodi typically automates the download process; users often have no idea that the malware is infecting them.

Kodi treats the repos as a trusted source, meaning neither it, nor your anti-virus software, picks up on the malware as it enters your machine.

Check Point noted that VLC, Popcorn Time, and Stremio are also vulnerable to the same attack. It adds that many more media players could also be at risk. As a result, it thinks hundreds of millions of users are vulnerable.

Omri Herscovici, vulnerability research team leader at Check Point, said the fragmented nature of subtitle file formats were to blame:

“The supply chain for subtitles is complex, with over 25 different subtitle formats in use, all with unique features and capabilities. This fragmented ecosystem, along with limited security, means there are multiple vulnerabilities that could be exploited.”

Although Kodi has now closed the loophole, you could be at risk if you’re not running the latest version of the app. Kodi does not update automatically. If you’re running Windows or Mac, check for updates on Kodi’s website. The processes for updating Kodi on Android and updating Kodi on the Amazon Fire Stick are slightly different.

3. DDoS Botnet Attacks

In February 2017, one of the most popular Kodi add-ons in the world was found to be unsafe. Exodus, which at the time had millions of daily users, was an add-on which allowed users to access copyrighted material illegally.

To explain the full story, we need to take a step back for a moment.

Because Exodus was breaking the law, its then-developer wanted to remain anonymous. He was only known by his handle, Lambada. Rival developers copied his work and threatened to expose his true identity, creating a feud.

Instead of backing down, Lambada went on the attack. He added several lines of code to his add-on that automatically contacted a website.

Upon closer investigation, it was found the targeted websites were those of his adversaries. Lambada had created a DDoS botnet which every one of Exodus’ users automatically became a part of. It meant millions of people were inadvertently pinging sites without their knowledge.

Botnets are terrible for users because they can be used to spread malware, reduce your bandwidth, and have an untold number of privacy implications.

It should be noted that Lambada didn’t spread anything malicious. However, keep in mind that Exodus was one of the most well-known Kodi add-ons.

There are lots of murkier Kodi add-ons that can, and do, spread malware and other viruses. Some of the most common culprits are very old add-ons on your system that have changed their developer multiple times and forked versions of popular add-ons.

Are Kodi Video Streams at Risk of Malware?

At the 2018 RSA Conference, Kurtis Minder, CEO of security company GroupSense, gave a talk on the growing threat of malware on Kodi.

He claimed the two major delivery methods for malware were via the Kodi platform and its video streams.

However, his claims regarding video streams are questionable. Bogdan Botezatu, senior e-threat analyst at BitDefender, claimed he had seen such attacks in the wild since 2005’s Trojan.Wimad, that exploited DRM technology on Windows machines.

Hype vs. Reality: How Vulnerable Is Kodi?

All these stories raise the question: Are you really at risk?

Well, despite what some copyright advocates claim, many large security firms agreed that the risk level is quite low. Anti-virus developer Avast says it is yet to see any “Kodi-related malware risks in the wild.” BitDefender said the only significant threat was the previously-discussed subtitle threat.

The threat level is not zero, however. F-Secure noted that “most popular Kodi plugins […] seem clean. But there are at least some plugins that are clearly malicious.”

Of course, malware isn’t the only security threat facing Kodi users. Privacy problems arise from the unencrypted communication between the Kodi app and third-party add-ons, while there are still simmering legal issues if you use Kodi on Amazon Fire TV.

Read the full article: 3 Ways Your Kodi Box Could Be at Risk From Malware


Read Full Article

Facebook finally hands over leave campaign Brexit ads


The UK parliament has provided another telling glimpse behind the curtain of Facebook’s unregulated ad platform by publishing data on scores of pro-Brexit adverts which it distributed to UK voters during the 2016 referendum on European Union membership. The ads were run on behalf of several vote leave campaigns who paid a third company to use Facebook’s ad targeting tools.

The ads were run prior to Facebook having any disclosure rules for political ads. So there was no way for anyone other than each target recipient to know a particular ad existed or who it was being targeted at.

The targeting of the ads was carried out on Facebook’s platform by AggregateIQ, a Canadian data firm that has been linked to Cambridge Analytica/SCL — aka the political consultancy at the center of a massive Facebook data misuse storm, including by Facebook itself, which earlier this year told the UK parliament it had found billing and administration connections between the two.

Aggregate IQ is now under joint investigation by Canadian data watchdogs. But in 2016 the data firm was paid £3.5M by a number of Brexit supporting campaigns to spend on targeted social media advertising using Facebook as the primary conduit.

Facebook was asked by the UK parliament’s DCMS committee to disclose the Brexit ads — as part of its multi-month enquiry investigating fake news and the impact of online disinformation on democratic processes. The company eventually did so, releasing ads run by AIQ for the official Vote Leave campaign, BeLeave/Brexit Central, and DUP Vote Leave.

Several of the Brexit campaigns whose ads have now been made public were also recently found to have broken UK election law by breaching campaign spending limits. Most notably the Electoral Commission found that the youth-focused campaign, BeLeave, had been joint-working with the official Vote Leave campaign — yet the pair had not jointly declared spending thereby enabling the official campaign to overspend by almost half a million pounds. And that overspend went straight to Aggregate IQ to run targeted Facebook ads.

The committee has now published the Brexit ads that Facebook disclosed to it, more than two years after the referendum vote took place. Facebook also provided it with ad impression ranges and some targeting data which it has also published. The committee’s enquiry remains ongoing.

In a letter to the committee, Facebook says it’s unable to disclose ads run by AIQ for another Brexit campaign, Veterans for Britain, saying that campaign “has not permitted us to disclose that information to you”. So the view of the Brexit political ads we’re finally getting is by no means complete. Facebook’s platform also essentially enables anyone to be an advertiser — so it’s entirely possible other Brexit related messages were distributed using its ad tools.

In the case of the Brexit ads run by AIQ specifically, it’s not clear how many ad impressions they racked up in all. But total impressions look very sizable.

While some of what runs to many thousands of distinctly targeted ads which AIQ distributed via Facebook’s platform are listed as only garnering between 0-999 impressions apiece, according to Facebook’s data, others racked up far more views. Commonly listed ranges include 50,000 to 99,999 and 100,000 to 199,999 — with even higher ranges like 2M-4.9M and 5M-9.9M also listed.

One ad that generated ad impressions of between 2M-4.9M was targeted almost exclusively (99%) at English Facebook users — and included the claim that: “EU protectionism has prevented our generation from benefiting from key global trade deals. It is time we unite to give our country the freedom to be a prosperous and competitive nation!”

A spokesperson for the DCMS committee told us it hadn’t had a chance to compiled the thousands of ad impression ranges into a total ad impression range — but had rather published the data as it had received it from Facebook. We’ve also asked the company to prove an estimate on the total ad impressions and will update this story with any response.

The ad creative used by these campaigns has been published as well and — across all of them — the adverts display a mixture of (roundly debunked) claims about suddenly being able to spend ‘£350M a week on the NHS’, rousing calls to ‘take back control’ (including a bunch of ‘hero’ shots of Boris Johnson), coupled with ample fearmongering about EU regulations ‘holding the UK back’ or posing a risk to UK jobs and wages; plus a lot of out-and-out ‘project fear’ messaging — with the official Vote Leave campaign especially deploying direct dogwhistle racism to stir up fear among voters about foreigners coming to the UK if it can’t control its own border or if the EU expands to add more countries…

 

At a glance, the Brexit ad creative is not as ‘out there’ as some of the wilder stuff the Kremlin was pumping onto Facebook’s platform to try to skew the 2016 U.S. election.

But the blatant xenophobia leaves a very bad taste.

In the case of Brexit Central/BeLeave, their ad creative was more subtle in its xenophobia — urging target recipients to back a “fair immigration system” or an “Australian-style points based system” but without making any direct references to any specific non-EU countries.

The youth campaign also created a couple of ads (below) which invoked consumer technology as a reason to back Brexit — with one appealing to users of ride-hailing and another to users of video streaming apps to reject the EU by suggesting its regulations might interfere with access to the services they use.

Ironically enough, it was London’s transport authority that withdrew Uber’s license to operate last year — in a regulatory decision that had absolutely nothing to do with the EU. (Uber has since appealed and got a 15-month reprieve.)

Though, also last year, the EU’s top court judged that a spade is a spade — and Uber is a transport company, not a mere technology platform. Though the ruling has not prevented Uber from continuing to operate and even expand ride-hailing services in Europe. Sure, it has to work more closely with city authorities now, but that means meshing with local priorities rather than seeking to override what local people want.

In a further irony, the EU also took steps to liberalize passenger transport services, back in 2007, issuing a directive that makes it harder for cities authorities to place their own controls on ride-hailing services. Albeit, evidently facts didn’t get a starring role in the vote leave Brexit ads.

As for quotas on streaming services, it’s a curious thing to complain about — especially to a youth-focused audience which you’re also targeting with ads claiming they’ll have better job prospects outside the EU.

The EU has merely suggested online streaming services should provide for and subsidize up to a third of their output of films and TV as being made in Europe.

Which seems unlikely to have a deleterious impact on European creative industries, given platforms would be contributing to the development of local audiovisual production. So — in plainer English — it should mean more money to support more creative jobs in Europe which many young people would probably love to have a crack at…

The publication of the Brexit ads is, above all, a reminder that online political advertising has been allowed to be a blackhole — and at times a cesspit — because cash-rich entities have been able to unaccountably exploit the obscurity of Facebook’s systemically dark ad targeting tools for their own ends, leaving no right of public objection let alone reply for the people as a whole whose lives are affected by political outcomes such as referendums.

Facebook has been making some voluntary changes to offer a degree of political ad disclosure, as it seeks to stave off regulatory rule. Whether its changes — which at best offer partial visibility — will go far enough remains to be seen. And of course they come too late to change the conversation around Brexit.

Which is why, earlier this month, the UK’s data watchdog calling for an ethical pause of political ad ops — saying there’s a risk of democracy being digitally undermined.

“It is important that there is greater and genuine transparency about the use of such techniques to ensure that people have control over their own data and that the law is upheld,” it wrote. “Without a high level of transparency – and therefore trust amongst citizens that their data is being used appropriately – we are at risk of developing a system of voter surveillance by default.”


Read Full Article

Get Started With Ethical Hacking Using Kali Linux and Raspberry Pi


kali-linux-raspi

Ethical hacking is a great way to uncover your inner Mr. Robot. And what better way to build those skills than by using one of the foremost hacking toolkits?

We’re talking Kali Linux on your Raspberry Pi 3! A Raspberry Pi 3 running Kali Linux is surprisingly formidable for hacking. The tiny computer is cheap, powerful, and versatile.

In fact, Kali Linux comes packed with everything you need to expand your ethical hacking skills. Here’s how you load Kali Linux onto your Raspberry Pi 3.

What Is Kali Linux?

Kali Linux is a Debian-based Linux distribution. Kali Linux is primarily used for security research, penetration testing, and security auditing—though it does have more nefarious uses, too.

In that, Kali comes packed with hundreds of specialized security tools that professionals use for digital forensics, research, penetration, malware analysis, reverse engineering, and more.

Kali Linux is a powerful tool in the right hands. But it is also a useful tool for (almost) anyone that wants to understand more about security.

What You’ll Need

To complete this Kali Linux on Raspberry Pi 3 tutorial, you need the following equipment:

  • Raspberry Pi 3 (though builds are available for Raspberry Pi 1, 2, and Zero)
  • 8GB (or larger) Class 10 microSD with full-size SD adapter
  • Ethernet cable
  • HDMI cable
  • 5V 2A microUSB power supply
  • USB keyboard and USB mouse

You need an HDMI cable to connect your Raspberry Pi running Kali Linux to a monitor to check everything sets up properly. The USB keyboard and USB mouse are important for interacting with Kali Linux once installed. When you are completely up and running, it is possible to set up a remote connection to access and use Kali, but for now, an Ethernet connection and regular peripherals are easier to get to grips with.

Need help working through this tutorial? Check out our video below for a complete walkthrough for installing Kali Linux on Raspberry Pi 3:

Step 1: Install Kali Linux on Raspberry Pi 3

Head to the Kali Linux ARM images downloads page and open the RaspberryPi Foundation dropdown. Then select the Kali Linux Raspberry Pi 2 and 3 link (you can torrent the file if you prefer). Locate the Kali Linux folder, open it, then extract the Kali Linux compressed archive (file extension .XZ) into the same folder.

Next, you need to write the Kali Linux image to your microSD card. To do that, you need an image burning tool, such as Etcher, which you’ll find at etcher.io. There are numerous tools for creating bootable drives, but in this instance, I would suggest using Rufus. Head to the Rufus download page, then download and install the image burning utility.

Insert your microSD card into your system. Open Rufus. Select your microSD card drive letter under Device. Browse to the location of the Kali Linux image using the SELECT button. Make sure Quick Format is checked, then hit Start and wait for the data to be written.

Once complete, remove the microSD card and grab your Raspberry Pi 3—it’s time for the next step!

Step 2: Boot Into Kali Linux on Raspberry Pi 3

Insert the microSD card into the Raspberry Pi 3. Insert the HDMI cable and the Ethernet cable, as well as the USB keyboard and USB mouse. Finally, insert the microUSB cable to power up your Raspberry Pi 3.

The boot process shouldn’t take too long, but the screen might flicker and go blank at points. The default login username is root and the password is toor.

Updating Kali Linux

Before delving into the myriad security programs now at your fingertips, you should check for any updates. The operating system should automatically connect to the internet using the Ethernet cable.

Right-click the desktop and select Open a new terminal, then enter the following commands:

apt-get update
apt-get upgrade
apt-get dist-upgrade

These commands update the Kali installation. Unfortunately, the update and upgrade process takes a few minutes to complete, but it is important. If you want to establish remote communication with your Kali Raspberry Pi, move onto the next section of the tutorial.

kali linux terminal upgrade

Step 3: Install OpenSSH for Remote Connections

You don’t want to plug your Kali Linux Raspberry Pi into a monitor every time you want to use it. No, that isn’t entirely practical.

Instead, you can install OpenSSH to allow us to connect and run commands on the device remotely. You can complete this aspect of the tutorial while the Raspberry Pi is connected to your monitor (so you can see what you’re doing).

Enter the following commands in the terminal to install the OpenSSH server:

apt-get install openssh-server
update-rc.d -f ssh remove
update-rc.d -f ssh defaults

Next, you need to remove the default encryption keys. As they are default keys, they represent a vulnerability that is easy to remove. The following commands create a new directory to dump the old keys into while creating a set of new SSH keys in the process.

cd /etc/ssh/
mkdir oldkeys
mv ssh_host* oldkeys
dpkg-reconfigure openssh-server

Now you need to configure the SSH login information. Edit the OpenSSH config file in nano:

nano /etc/ssh/sshd_config

You are looking for one line:

PermitRootLogin without-password

Change this to:

PermitRootLogin yes

Navigate the configuration data file using either the arrow keys or your mouse. Hit Ctrl + O to save any changes, and Ctrl + X to return to the terminal. If the setting is already set to “Yes,” don’t change anything.

Now you can check if the OpenSSH service is up and running using the following command:

sudo service ssh restart
update-rc.d -f ssh enable 2 3 4 5

If the service is not running, start it using the following command:

sudo service ssh start

Now, check the internet configuration of your Kali Linux Raspberry Pi 3 by entering the following command:

ifconfig

Note the IP address of your Raspberry Pi 3—you’ll need this in a moment. If your ifconfig command doesn’t show your Raspberry Pi, run the following command to make sure net services are up and running:

sudo apt-get install net-tools

Then run the ifconfig command and copy down the IP address of the Raspberry Pi.

Step 4: Add Your Custom Message of the Day

When you log in to your Raspberry Pi 3 running Kali Linux using OpenSSH, you will meet a “message of the day” banner. You can edit the message of the day (MOTD) to display a personalized message.

I’ve gone with a very basic welcome message, but you can illustrate your hacker credentials with an Ascii image via this converter. Go ahead, get creative!

When you’re done, use the following command to enter the MOTD customization screen:

nano /etc/motd

Copy and paste your message, then save and exit by hitting Ctrl + O, then Ctrl + X.

Step 5: Test Your SSH Login

Finally, you need to check that your SSH login is up and running. To do this, you need an SSH client. Microsoft added native OpenSSH support to Windows 10 in the Windows 10 April 2018 update, meaning you no longer need a third-party SSH client to connect to an SSH server.

Hit Windows key + I, then head to Apps > Manage optional features. Scroll down the list and check for OpenSSH Client. If it isn’t there, scroll back up and select Add a feature, locate OpenSSH Client and then Install. The installation process only takes a moment.

windows 10 apps and features

Next up, press Windows key + X, then select Command Prompt (Admin) from the power menu. The OpenSSH client is already active, so type the following command using the IP address copied from the Raspberry Pi:

ssh root@[your IP address]

Press Enter, then input your password (still toor unless you changed it). Your MOTD will welcome you into your Kali Linux Raspberry Pi!

Get Started With Ethical Hacking

Now you are up and running with your Kali Linux Raspberry Pi 3, you can start learning more about ethical hacking using the myriad tools available in the operating system.

Just remember that you should only practice hacking on your home network, on devices that you own and can legally attempt to break into. Otherwise, you could become a world famous hacker on the wrong side of the law.

Read the full article: Get Started With Ethical Hacking Using Kali Linux and Raspberry Pi


Read Full Article

IGTV carousel funnels Instagram feed traffic to buried videos


IGTV didn’t get the benefit of being splayed out atop Instagram like Stories did. Instead, the long-form video hub is a bit more distant, located in a standalone app as well as behind a static orange button on the main app’s homescreen. That means users can go right on tapping and scrolling through Instagram without coming across IGTV’s longer videos that range up to an hour.

IGTV has only been out a month and Instagram’s feed has been around for 8 years so it makes sense to try to push views from the app’s core feature to this new one. That’s why Instagram is experimenting with a way to show off a carousel of IGTV videos in its main app’s feed. Spotted by app researcher Jane Manchun Wong, we asked Instagram about it. A spokesperson confirmed it was testing the carousel, and provided this statement: “We’re always testing new and different ways to surface interesting content for people on Instagram.”

The IGTV carousel appears below the Stories tray, pushing down the traditional feed so less of the first photo or video immediately appears on the screen. It shows a preview tile of the IGTV videos with overlaid titles and lengths, plus the creator’s name and profile pic. They look similar to Snapchat’s Discover page and the carousels of “Recent Stories” Instagram began running mid-feed last year.

By teasing IGTV’s actual content rather than just slapping a logo buton atop the screen, Instagram might get more users to check out the feature and standalone app. More views could in turn lure more content from creators. If they don’t see IGTV’s audience as significant, they won’t go to the trouble of shooting long-form vertical video for the platform or editing their landscape Instagram feed and YouTube videos for the format.

Given yesterday’s bloodbath of a Facebook earnings report, there’s more pressure than ever on Instagram to pull its weight. Facebook sunk to its slowest growth rate in history, losing users in Europe and going flat in North America. In fact, it revealed a new “family of apps audience” metric of 2.5 billion people using at least one of Facebook’s apps (Facebook, Instagram, WhatsApp, or Messenger) to distract from the bad news. That stat will let Facebook hide how younger users are abandoning it in favor of Instagram.

The big concern is that vertical videos and Stories are the future of content creation and consumption, but Facebook hasn’t figured out how to monetize these formats as well as its tried-and-true News Feed ads. Concerns about eyeballs shifting away from feeds faster than ad dollars contributed to Facebook’s 20 percent share price drop erasing $120 billion in market cap.

But Facebook’s saving grace, and the reason the stock might bounce back, is that it ruthlessly cloned Snapchat Stories for two years before it was obvious that it had to and now has 1.1 billion daily Stories users across its apps. If Facebook said Stories were the future but it was way behind, it could have been beaten down even worse by Wall Street.

Still, short-form Stories are best paired with short-form Stories ads. If it can make IGTV a hit, it could run longer o unskippable ads that earn it more. So you can expect to see more and more of IGTV in the Instagram feed.


Read Full Article

IGTV carousel funnels Instagram feed traffic to buried videos


IGTV didn’t get the benefit of being splayed out atop Instagram like Stories did. Instead, the long-form video hub is a bit more distant, located in a standalone app as well as behind a static orange button on the main app’s homescreen. That means users can go right on tapping and scrolling through Instagram without coming across IGTV’s longer videos that range up to an hour.

IGTV has only been out a month and Instagram’s feed has been around for 8 years so it makes sense to try to push views from the app’s core feature to this new one. That’s why Instagram is experimenting with a way to show off a carousel of IGTV videos in its main app’s feed. Spotted by app researcher Jane Manchun Wong, we asked Instagram about it. A spokesperson confirmed the existence of the carousel, and provided this statement: “We’re always testing new and different ways to surface interesting content for people on Instagram.”

The IGTV carousel appears below the Stories tray, pushing down the traditional feed so less of the first photo or video immediately appears on the screen. It shows a preview tile of the IGTV videos with overlaid titles and lengths, plus the creator’s name and profile pic. They look similar to Snapchat’s Discover page and the carousels of “Recent Stories” Instagram began running mid-feed last year.

By teasing IGTV’s actual content rather than just slapping a logo buton atop the screen, Instagram might get more users to check out the feature and standalone app. More views could in turn lure more content from creators. If they don’t see IGTV’s audience as significant, they won’t go to the trouble of shooting long-form vertical video for the platform or editing their landscape Instagram feed and YouTube videos for the format.

Given yesterday’s bloodbath of a Facebook earnings report, there’s more pressure than ever on Instagram to pull its weight. Facebook sunk to its slowest growth rate in history, losing users in Europe and going flat in North America. In fact, it revealed a new “family of apps audience” metric of 2.5 billion people using at least one of Facebook’s apps (Facebook, Instagram, WhatsApp, or Messenger) to distract from the bad news. That stat will let Facebook hide how younger users are abandoning it in favor of Instagram.

The big concern is that vertical videos and Stories are the future of content creation and consumption, but Facebook hasn’t figured out how to monetize these formats as well as its tried-and-true News Feed ads. Concerns about eyeballs shifting away from feeds faster than ad dollars contributed to Facebook’s 20 percent share price drop erasing $120 billion in market cap.

But Facebook’s saving grace, and the reason the stock might bounce back, is that it ruthlessly cloned Snapchat Stories for two years before it was obvious that it had to and now has 1.1 billion daily Stories users across its apps. If Facebook said Stories were the future but it was way behind, it could have been beaten down even worse by Wall Street.

Still, short-form Stories are best paired with short-form Stories ads. If it can make IGTV a hit, it could run longer o unskippable ads that earn it more. So you can expect to see more and more of IGTV in the Instagram feed.


Read Full Article

SuperAwesome now offers kids brands an alternative to YouTube


SuperAwesome, the “kidtech” startup valued now at over $100 million, is today launching its own alternative to YouTube’s embedded video player. The technology is aimed at kids publishers – not consumers directly – and is part of the company’s larger platform of kid-safe technology. This includes tools for social engagement, parental controls, advertising, authentication, and more, all specifically designed for companies catering to kids.

The launch comes at a key time in the industry, as YouTube is now the subject of a class-action lawsuit over children’s privacy, and recently had an FTC complaint filed against it by 23 advocacy groups. The complaint says YouTube has been collecting data on children’s viewing patterns for years, in violation of federal law – meaning COPPA, aka the Children’s Online Privacy Protection Act.

The new player provided by SuperAwesome gives kids brands another choice amid all these questions over YouTube and its respect for children’s privacy.

Explains the company, the player does not capture data on children, nor does it breach regulations like COPPA (U.S.) or GDPR-K (E.U.).

The opportunity for SuperAwesome is fairly sizable here. Already, the company counts among its customer base over 190 kids’ brands like Crayola, Topps, Spin Master, Warner Bros., Hasbro, Disney, Roald Dahl, Mattel, Dreamworks, Penguin, and others. These companies use SuperAwesome’s platform and its tools for socially engaging, advertising and connecting with their under-13 audience.

“The demand for [the video player] has come directly from our customers and the player has been in beta testing for a while,” SuperAwesome CEO Dylan Collins tells TechCrunch.

As with its other tools, the kids’ publishers will be able to embed the new player within their own websites and apps, and then manage all their social content – including video – from SuperAwesome’s “PopJam” dashboard.

“To give you a sense of scale, the PopJam Connect platform is enabling tens of millions of kid-safe social engagements every month,” Collins adds.

The platform itself offers a set of basic tools for free, but larger companies pay for premium upgrades on a SaaS (software-as-a-service) basis. Because it’s working with so many big brands, SuperAwesome is now turning a profit. It’s expecting to grow 100 percent this year to reach a revenue run rate of $50 million, it recently said.

And it also just added Tim Weller, chairman of Trustpilot and Taptica, as its Chairman a few months ago, and announced former Upworthy CRO, Ben Zagorski as its North American Chief Revenue Officer.

SuperAwesome’s platform today is addressing an underserved audience: kids brands that need to abide by federal and international regulations around children’s privacy, but have had limited options in terms of technology that helps them do so.

That was the case with video in particular – there hasn’t really been a viable alternative to YouTube’s player that suits kids publishers’ needs.

“There are over 170,000 children going online for the first time every day and the kidtech ecosystem is growing equally quickly to make the broader internet compatible with this new audience,” noted SuperAwesome CTO Joshua Wohle in a statement about the player’s launch. “Many people misinterpreted children’s appearance on the internet as a temporary blip, whereas in reality it is a structural shift that is changing the landscape,” he said.

 

 

 


Read Full Article

How to Fix 5 Common Mac App Store Problems and Issues


mac-appstore-issues

Installing software from the Mac App Store usually only take few clicks. But what happens when something goes wrong?

Whether apps fail to download, you get errors while purchasing apps, or even see a blank App Store page, we’ll show you how to solve common Mac App Store problems.

1. Missing App Store Purchases

Apps you purchase from the Mac App Store collect in the Purchased section. The apps link with your Apple ID, which means that if you own multiple Mac computers, you can install your apps on all of them. The apps are always available to update, and you can reinstall them whenever you want.

The purchases page list all apps in chronological order. You can open or install them right from this page, but sometimes you’ll notice they’ve gone missing. Various reasons can cause this:

  • Apple has removed the app because it’s outdated or doesn’t adhere to app review guidelines.
  • The developer is no longer interested in selling the app.
  • The App Store may automatically hide an app that you don’t install for a long time or has compatibility issues.

When an app gets hidden, you’ll no longer see it on the Purchased screen, and you won’t get update notifications for it. But you can still view these hidden apps with a bit of digging.

Open the App Store, and click Store > View My Account. Sign in to view your account information. Then on the Account Information page, scroll down to the Hidden Items section and click Manage.

account-information-page-of-the-app-store

Now click the Unhide button for each app you want to show again.

With this fix, you’ll be able to restore all the missing apps. Just note that if the app is not available, then clicking on that app will not do anything. Check the developer’s website or social media pages to see if the developer is still active.

manage-hidden-purchases-in-the-app-store

2. Apps Incorrectly Show Up as Installed

The Mac App Store has all the information about your Apple ID. It knows which account you’re using, and tracks your application ownership. Sometimes, you might encounter an issue where the App Store falsely reports that a particular app is installed, and therefore won’t let you download it.

You might also see the misleading message You have updates available for other accounts, even if you use one Apple ID. This type of error can happen for various reasons.

Reason 1: Problem With the Cache Folder

In this case, you must clear the cache folder manually to fix the issue. Before you proceed with these steps, ensure that you’ve backed up your Mac.

Quit the Mac App Store with the Cmd + Q shortcut. Open Terminal and type the following command:

open $TMPDIR../C/com.apple.appstore/

Press Enter and the com.apple.appstore folder will open in Finder. Delete the contents of this folder. Relaunch the Mac App Store. Note that this is a system cache and temporary folder. Do not delete any files or folders here other than this directory.

delete-the-app-store-cache-folder

If you’re facing constant verification errors or incorrect download status issues, use this method to fix the problem.

Reason 2: Beta Apps on Other Drives

This type of problem occurs when you install a beta version of macOS on another partition or external drive. Apps you install on it get indexed by Spotlight. The index that the system creates will make the App Store think that a duplicate copy of the app exists on another drive. It’ll refuse to download or update the app on the primary partition.

Fixing this issue is simple; you must delete the duplicate copy of the app and rebuild the Spotlight index.

Open the Apple Menu and select System Preferences. Choose the Spotlight entry and switch to the Privacy tab.

Click the Plus tab at the bottom of the list. A new Finder window will pop open. Add Macintosh HD (or whatever you named it) to this list and close the System Preferences window. I’d also recommend to log out of your account and sign in again. The indexing will stop for this drive.

rebuild-spotlight-index

Now go back to the Privacy tab and click the Minus sign to remove the Macintosh HD drive. Close the System Preferences window. The system will begin to reindex everything on the disk drive, which will take some time.

Reason 3: App Updates on Other User Accounts

If you use a shared computer with another user account, then you might face a similar problem. Apps you install on other accounts should not pose a problem. But if you delete the user account, the App Store will not know that you have done so and will encounter similar issues.

To fix this issue, follow the steps in the above section to rebuild the Spotlight index.

3. App Updates or Downloads Are Stuck

The App Store provides regular updates to both system and third-party apps. In some cases, the download doesn’t complete and might hang in the middle of the process. You might see a familiar Waiting or Installing—Calculating message just beneath the download progress bar.

To approach this problem, we’ll look at what happens behind the scenes.

Delete the Cache Folder

When the download begins, the App Store creates many temporary files in the cache folder. They include a Spotlight metadata file, incomplete installer file, and a PLIST file with details of the app you’re downloading.

In the first step, you must clear the App Store cache folder as mentioned above. Quit the Mac App Store, then open a Terminal window and type the following command:

open $TMPDIR../C/com.apple.appstore/

Press Enter and the com.apple.appstore folder will open in Finder. Delete everything inside. Next, you must delete the user com.apple.appstore folder. To do so, go to

~/Library/Caches/com.apple.appstore

and delete all the files in the fsCachedData folder.

delete-the-user-app-store-cache-folder

Delete the Contents of the Updates Folder

When an app download completes, the package moves from a temporary cache folder to

MacintoshHD/Library/Updates

If an app gets stuck during the installation or gets corrupted for some reason, then clear the contents of this folder. Otherwise, skip this step.

delete-the-contents-of-the-update-folder

Kill the Culprit App Store Processes

After deleting the contents of the cache folder, you’ll next need to kill the culprit processes from the Activity Monitor. This will ensure that when you re-download the update, the processes will not hang again.

Open the Activity Monitor and set its view to All Processes. Type in store to search for App Store related processes, and force-quit all of these daemon processes:

  • storedownloadd: Handles downloads of apps found in the App Store.
  • storeinstalld: Covers app installation and their updates.
  • storeassetd: Handles all the resources and language files of the App Store.
  • storeaccountd: In charge of authentication, and acts as a bridge with your Apple ID account.

Do not open the App Store yet, because there’s one more step to fix this problem.

kill-the-culprit-store-processes-in-activity-monitor

Delete the Preference File

Go to Finder and press Cmd + Shift + G to open the Go to Folder box. Go to the following folder:

~/Library/Preferences

Here, delete the following files:

  • com.apple.appstore.plist
  • com.apple.storeagent.plist

Now go to

~/Library/Cookies

And delete this file:

  • com.apple.appstore.binarycookies

Once you delete all the preference files, choose Apple Menu > Shut Down. Then press the power button to start your Mac again and the problem should be gone.

4. Blank App Store Page

One of the most notorious problems of the Mac App Store is when it displays the error message Cannot connect to the App Store. This has multiple causes, but you can solve them.

First, you must check your internet connection. Open Apple Menu > System Preferences. Choose the Network item and ensure that there is a green icon next to the network in the left sidebar. If there’s a red icon next to the network, then your internet connection is down.

check-the-internet-connection Mac

Sometime the issue may not be a problem on your end. Check out Apple’s System Status Page. Here, you can see information about the status of Apple’s services, such as iCloud, the App Store, and more.

If a particular service has a red icon next to it, then it’s down.

apple-service-status-page

Should you still see the error message even with green lights, choose Store > Logout and quit the App Store. Relaunch the app and sign in again.

5. Errors While Purchasing Apps

Rarely, you might see a peculiar We could not complete your purchase: Unknown Error message when buying apps. This problem occurs when you update macOS or use multiple Apple IDs.

Open both the App Store and iTunes, and ensure that you use same Apple IDs in both of the apps. If you use two separate Apple ID, then log out of the apps, quit them, and sign in again with a single Apple ID.

If you still see the same error message, then you might have an issue with the iTunes Terms and Conditions. When you do a significant update of macOS, Apple wants you to accept the conditions again. In this case, quit the apps, accept the new Terms and Conditions, and relaunch them. You may need to reboot to prompt the acceptance dialog.

Don’t Forget to Score Big App Store Discounts

Over these years, Apple has tended to ignore the Mac App Store. It’s slow and suffers from many bugs and stability problems. Troubleshooting errors is difficult because when the App Store has problems, it doesn’t crash—it simply refuses to work.

With the launch of macOS Mojave, the App Store will get a huge upgrade. We don’t know whether this will iron out these common errors or not.

After you fix your App Store issues, don’t forget that you can save money on apps from the store. Take a look at these methods to find Mac and iPhone App Store discounts.

Read the full article: How to Fix 5 Common Mac App Store Problems and Issues


Read Full Article

Review: Lenovo’s Google Smart Display is pretty and intelligent


Smart speakers have come a long way over the past few years as Amazon, Google and Apple have delivered pretty noteworthy strides in the IQs of their assistants. Where speakers haven’t advanced as much is in how they offer users choices; Google Assistant can only list out so many options before you get sick of listening, so throwing a screen onto these devices was a pretty inevitable evolution.

At CES earlier this year, Google showcased what it called Smart Displays, basically an answer to Amazon’s Echo Show. Today, Lenovo’s device, the first of the bunch, goes on sale.

The device, to be clear, pretty much just looks like an Android tablet that you plug with Google Assistant on it. What’s interesting is how the device handles visual feedback for audio commands, giving lightweight visual context for some queries and more robust video/photo content for others. Google clearly doesn’t have all of the core tenets of its Smart Display interface philosophy hammered out, and yet for the most part this is a very pleasant product that strikes all of the right notes on design.

[gallery ids="1680847,1680844,1680843,1680845"]

The device comes in two flavors, a $249 10-inch 1080p version and a $199 8-inch 720p version. There aren’t any difference beyond the screen size so it really depends on where you’re keeping it. I’d imagine that people who are putting something like this on their nightstand as a way-too-smart alarm clock might want the smaller version whereas if you have a bit more room in your kitchen or living room the 10-inch version might offer some needed screen real estate. For this review I tested out the 10-inch $249 variant.

While I didn’t have too many qualms with the hardware, it was much easier to pick out things that bothered me about the way Google has approached the Smart Display software. While some tasks were refreshingly thought out, like searching for and progressing through recipe instructions, others, like finding a specific YouTube video were frustratingly difficult.

The Smart Display is fundamentally a Google Home device that can also communicate to you through visuals. It may look like a tablet with a speaker, but you will not find anything resembling a full app on the device, you will not be entering in text via an onscreen keyboard and you will certainly never see a “menu” button. This is a tablet with an identity crisis, a product that can use certain functionality to communicate with you but also wants you to speak with your words and let its AI prowess do the more stringent workof  telling you what you would like.

Asking the device to “open YouTube” will take you to a screen with a list of recommended videos and… nothing else. Fair enough, everything is sparsely simple, but it’s frankly a little annoying to wander through voice commands to navigate to something right in front of you that you know you could tap towards much more quickly. This is one of the key advantages that the Smart Display holds over the Amazon Echo Show so I just feel like they should have been a little bit more heavy-handed in porting a fuller version of the app.

The onscreen content is more often than not just an added perk, for more informational queries it can be useful to see what a person looks like if you’re asking Google who they are, it can be useful to see a 5-day weather forecast rather than having Alexa list all of the days out. For the most part, it seems less than necessary and I rarely found myself actually looking at the screen after I had asked a question.

Google has been doing some work in stringing commands together or adding support for follow-up questions in some contexts, but with a screen that can now show you the device is still listening I wish the company just kept the mic running during certain situations. When you’re progressing through the steps of a recipe, for instance, each time you have to keep repeating “Hey Google, next!” (you can also tap an onscreen button but that’s not always ideal when deep in cooking).

Some of these features could use updates, but there are other things that Google has nailed right out of the box. Routines are great on the Smart Display. Saying,”Hey Google, good morning,” will turns on my lights, tells me about my meetings for the day, showcase the weather and my commute and gives a nice little rundown of the news. This was all possible on my display-less Google Home already, but something about doing this on the Smart Display just feels much more Jarvis-like a la Tony Stark and I feel like I’m living in a fairly cool future, as long as I cut off the news headlines in time.

Let’s take a closer look at the hardware though because Lenovo has actually built a very thoughtful product, and I must say it’s been a little bit since I’ve been wowed by consumer hardware coming from them. More often than not, Lenovo gear seems to occupy that area where it’s mostly quite good but one or two things are off and the whole things just feels second-tier as a result. Their Smart Display, on the other hand, is beautiful and honestly much better looking than any Home product that Google has shipped itself.

Sound-wise, this speaker is also much better than I was expecting for its small footprint. It seems louder and crisper than the standard Google Home falling short of those metrics when compared to the pricier Max though you are also certainly getting less speaker for your money than a comparably-priced (but screen-less) product like the Sonos One. Both JBL and LG also have Smart Display products in the pipeline that seem to place more of an emphasis on powerful sound, but the whole boombox look that they have going on just doesn’t do it for me.

There were a couple of hardware quirks with Lenovo’s Smart Display, but really nothing major. I wasn’t generally getting the greatest viewing angle from the device on my kitchen counter so some sort of hinge on the stand would have been nice to adjust the angle of the screen. The device’s ability to be viewable in both portrait and landscape was interesting but you can really only use it in portrait for Duo calls as Google doesn’t really seem to want the Smart Display to be used in that orientation. The touchscreen was also at times a little less responsive than I would have liked but fared well enough by and large.

Lenovo’s Smart Display is very pretty and offers some great value as well as some interesting ideas from Google. It strangely doesn’t feel like a huge upgrade over its screen-less Google Home variants especially because navigating videos is still a bit harder than it should be, but with pretty decent sound and a few nice visual feedback features there are some very novel ideas present even if they don’t feel entirely fleshed out.


Read Full Article