An anonymous reader writes from a report via Softpedia: "Researcher Jerry Decime revealed details about a security vulnerability that allows an attacker to gain a Man-in-the-Middle position and intercept HTTPS traffic thanks to flaws in the implementation of proxy authentication procedures in various products," reports Softpedia. The flaw can be used to collect user credentials by tricking victims into re-authenticating, sending data to a third-party. Multiple software vendors deploy applications that can handle proxy connections. Until now, Apple, Microsoft, Oracle, and Opera have acknowledged their products are affected. Lenovo said this bug does not impact its software. Other software vendors that are still evaluating the FalseCONNECT bug and may be affected include multiple Linux distros, Cisco, Google, HP, IBM, Juniper, Mozilla, Nokia, OpenBSD, SAP, Sony, and others.

Finally, someone has managed to hack PS Vita, allowing people to install emulators and homebrew software on the handheld gaming console. The jailbreak dubbed HENkaku works on the latest 3.60 Vita firmware. From an article on Geek.com: The exploit allowing full access to the Vita hardware has been created by Team Molecule and named HENkaku. The code injected into the handheld when visiting the website unlocks the hardware and removes the file system from its protective sandbox. It's then possible to access it and the Vita memory card using FTP. The super simple unlock opens up the Vita to homebrew developers who want to create their own games for the system without going through official channels. But it also allows full access to the hardware meaning the ability to overclock the processor, and for PlayStation TV owners it also means all games are whitelisted. That's great news as there are many blocked games known to work perfectly fine on the PSTV.

Tom Warren, writing for The Verge: Microsoft is cutting the price of its Xbox One console to $249. The new price marks the third price cut in less than two months, ahead of the new Xbox One S launch on August 2nd. 500GB versions of the Xbox One are now $249, and this includes bundles with games like Gears of War: Ultimate Edition, Quantum Break, Forza Motorsport 6, Rise of the Tomb Raider, and Rare Replay. Retailers like Best Buy and Amazon will be selling Microsoft's Xbox One console at the new $249 price point immediately, and the software giant says the consoles will be available at $249 "while supplies last." Microsoft's aggressive Xbox One pricing follows a sales gap between its console and Sony's PlayStation 4. Sony has sold more than 40 million PS4s, but it's not clear exactly how many Xbox Ones have been sold as Microsoft hasn't provided sales figures for quite some time. EA previously revealed Microsoft had sold 19 million Xbox One consoles back in January.

In March, Microsoft announced native support for cross-platform play between Xbox One and Windows 10. At the time, the company also added that this support could be extended to "other console and PC networks," something which led people to wonder if truly cross-platform gaming, on any platform, was next. When asked, Sony did say that it was open to the idea. "PlayStation has been supporting cross-platform play between PC on several software titles starting with Final Fantasy 11 on PS2 and PC back in 2002. We would be happy to have the conversation with any publishers or developers who are interested in cross-platform play." But since then, it appears that Sony has had a change of heart, which has resulted in developers asking the company for an update. Kotaku reports: In recent days, the developers behind Rocket League and The Witcher 3 have both called for Sony to break down the walls separating PlayStation Network and Xbox Live and allow cross-platform multiplayer. What's changed in the last few days are developers making an open call for Sony to make good on having that conversation with publishers and developers. In an interview with IGN, Psyonix president Jeremy Dunham explained how the Rocket League developer had already taken care of the technical side of things. "We're literally at the point where all we need is the go-ahead on the Sony side," said Dunham, "and we can, in less than a business day, turn it on and have it up and working no problem. It'd literally take a few hours to propagate throughout the whole world, so really we're just waiting on the permission to do so." In another statement to IGN, CD Projekt RED CEO Marcin Iwinski supported Psyonix.

MojoKid writes from a report via HotHardware: Following rumors of a more powerful console in Sony's not-too-distant future -- one that will be capable of playing games at a 4K resolution -- the Japanese electronics maker last month opted to confirm it is indeed in development. Called PlayStation 4 Neo, the upgraded system will bring better hardware to the console scene to meet the needs of gaming on a television with four times as many pixels as a Full HD 1080p display. What's it going to take to game at 4K in the living room? A leaked internal document outlines some very interesting specs of the new model PS4 console. Assuming the leaked document is up to date with Sony's current plans, the PS4 Neo will use the same Jaguar cores as the original PS4, but clocked 500MHz faster, with 8 cores at 2.1GHz (up from 1.6GHz). The more significant upgrade will be the GPU. According to the slide, the PS4 Neo will use an improved version of AMD's GCN compute units (CUs), with twice the number of CUs at 36 instead of 18. They'll also be clocked faster -- 911MHz versus 800MHz. The net result is a 2.3x improvement in floating point performance.

Reader citadrianne shares a Motherboard article: There are big "no trespassing" signs affixed to most of our electronics. If you own a gaming console, laptop, or computer, it's likely you've seen one of these warnings in the form of a sticker placed over a screw or a seam: "Warranty void if removed." In addition, big manufacturers such as Sony, Microsoft, and Apple explicitly note or imply in their official agreements that their year-long manufacturer warranties -- which entitle you to a replacement or repair if your device is defective -- are void if consumers attempt to repair their gadgets or take them to a third party repair professional. What almost no one knows is that these stickers and clauses are illegal under a federal law passed in 1975 called the Magnuson-Moss Warranty Act . To be clear, federal law says you can open your electronics without voiding the warranty, regardless of what the language of that warranty says.

An anonymous reader quotes a report from Ars Technica: After six years of litigation, Sony is now agreeing to pay the price for its 2010 firmware update that removed support for the Linux operating system in the PlayStation 3. Sony and lawyers representing as many as 10 million console owners reached the deal on Friday. Under the terms of the accord, (PDF) which has not been approved by a California federal judge yet, gamers are eligible to receive $55 if they used Linux on the console. The proposed settlement, which will be vetted by a judge next month, also provides $9 to each console owner that bought a PS3 based on Sony's claims about "Other OS" functionality. Under the plan, gamers eligible for a cash payment are "all persons in the United States who purchased a Fat PS3 model in the United States between November 1, 2006, and April 1, 2010." The accord did not say how much it would cost Sony, but the entertainment company is expected to pay out millions. On March 28, 2010, Sony announced that the update would "disable the 'Install Other OS' feature that was available on the PS3 systems prior to the current slimmer models." This feature, Sony claimed, would be removed "due to security concerns." Sony did not detail those "concerns," but the litigation alleged piracy was behind the decision. A gamer can get the $55, but they "must attest under oath to their purchase of the product and installation of Linux, provide proof of their purchase or serial number and PlayStation Network Sign-in ID, and submit some proof of their use of the Other OS functionality." To get the $9, PS3 owners must submit a claim, at the time they bought their console, they "knew about the Other OS, relied upon the Other OS functionality, and intended to use the Other OS functionality." Alternatively, a gamer "must attest that he or she lost value and/or desired functionality or was otherwise injured as a consequence of Firmware Update 3.21 issued on April 1, 2010," to get $9.

Sony has announced that it is recalling about 1,700 Panasonic lithium-ion battery packs installed in VAIO laptops due to overheating that may pose a fire hazard. No related incidents or injuries have been reported, according to a notice from the U.S Consumer Product Safety Commission. The battery packs made by Panasonic can be found on 18 different VAIO models. LaptopMag reports: The battery packs involved in the recall feature the model number VGP-BPS26 and part numbers 1-853-237-11 and 1-853-237-21. Users affected by the recall should stop using their devices and call Sony toll-free at 1-888-476-6988 or contact the company through online support.The affected models are as follows: SVE15132CXW, SVE1513KCXS, SVE15134CXP, SVE1513MCXB, SVE15134CXS, SVE1513MCXW, SVE15134CXW, SVE1513MPXS, SVE15135CXW, SVE1513RCXB, SVE151390X, SVE1513RCXS, SVE1513APXS, SVE1513RCXW, SVE1513BCXS, SVE1513TCXW, SVE1513JCXW, and SVE171390X.

Pirate Bay co-founder Peter Sunde has run into another setback. The Helsinki District Court has ordered him to pay $395,000 to record labels including Sony, Universal, Warner and EMI, after the music of 60 of their artists has been shared illegally through The Pirate Bay. From a TorrentFreak report:Sunde did not appear in Helsinki to defend himself so the Court handed down a default judgment. He is now ordered to pay the full amount plus costs of around $62,000 (55,000 euros) to the local branch of IFPI. He also faces a fine of one million euros if the content continues to be shared via The Pirate Bay but how he is supposed to do anything about that isn't clear. Sunde and Pirate Bay co-founders Fredrik Neij and Gottfrid Svartholm owe large sums of money to copyright holders following adverse decisions in cases dating back years. None of those judgments have been satisfied and there's no reason to believe this one will be any different.

Razer has announced its second Open Source Virtual Reality (OSVR) headset. Dubbed HDK2, the new headset from the gaming-hardware company is priced at $400. As for the specifications, the HDK2 offers dual OLED display of screen resolution 2,160x1,200 pixels while retaining the 90hz low-latency refresh rate. The original HDK will continue to be available for purchase at $300. On the sidelines, the company announced a $5 million to studios working in this space. AnandTech reports: OSVR has an open framework so it will be able to work with a variety of controllers, and as more control mechanisms become available, it should be able to support them. The HDK system supports several content technologies, including SteamVR, and they plan to announce more content soon. On that note, OSVR is also announcing a $5 million developer fund. Their goal is to ensure unrestricted access of VR content on all hardware. If you are a VR content developer, you can apply to this fund. If approved by the fund, and OSVR support is added to the content, Razer, or other future contributors, will purchase game codes in bulk to help compensate developers for their integration time, and the fund will also assist with marketing and promotional support.Also at E3, Sony announced that its $399 PlayStation VR wil be available to purchase in the U.S. from October 13.

Sony has confirmed it is working on an upgraded version of its PlayStation 4 gaming console (could be paywalled; alternate source). The company says that the upcoming console dubbed Neo is intended to sit alongside and complement the standard PS4. Touted as the "high-end PS4", the gaming console will support ultra-high definition 4K resolution and richer graphics, and will certainly cost more than PlayStation 4's $350 retail price.

The move might upset many PlayStation 4 owners, especially the ones who have purchased the console in the recent months. One of the perks of purchasing a gaming console from Sony and Microsoft is knowing that neither company will launch an upgraded version of their respective console for around six to seven years. Sony realizes that it is playing with fire here, so it assured that all forthcoming games -- including the VR ones -- must support the older version of the console as well. The company says that the new PS4 console won't be unveiled at E3 tradeshow next week, however.

North Korea could be behind the recent string of digital attacks on Asian banks, says Symantec. The cyber security firms notes that the attacks could be traced as far back as October 2015, two months prior to the earliest known incident. As you may recall, hackers stole around $80M from Bangladesh's central bank in March, and a similar attack was seen at a Vietnamese bank earlier this month. Symantec says that it has found evidence that distinctive malware that was used in both the hacks had strong commonalities with the 2014 Sony Picture breaches. Security firm FireEye also investigated the matter. From a Bloomberg report: Investigators are examining possible computer breaches at as many as 12 banks linked to Swift's global payments network that have irregularities similar to those in the theft of $81 million from the Bangladesh central bank, according to a person familiar with the probe. FireEye, the security firm hired by the Bangladesh bank, has been contacted by the other banks, most of which are in Southeast Asia, because of signs that hackers may have breached their networks, the person said. They include banks in the Philippines and New Zealand but not in Western Europe or the United States. There is no indication of whether money was taken.

It's no secret that most Android OEMs could do better when it comes to seeding out updates for their existing devices. A report on Bloomberg earlier this week claimed that Google plans to publicly name and shame the OEMs who are too slow at updating their devices. An HTC executive who didn't want to be identified told Slashdot on Thursday that it is not the right way to approach the problem. But that's only one part of the problem. The other issue is that almost every Android OEM partner -- including Google itself -- only provides support to their devices for 18-24 months. Vlad Savov of The Verge in a column today urges Android OEMs to perhaps charge its users if that is what it takes for them to offer support to their devices for a longer period of time and in a timely manner. He writes: I've been one of the many people dissatisfied with the state of Android software updates, however I can't in good conscience direct my wrath at the people manufacturing the devices. Price and spec competition is so intense right now that there's literally no option to disengage: everyone's been sucked into the whirlpool of razor-thin profit margins, and nobody can afford the luxury of dedicating too many resources to after-sales care. The question that's been bugging me lately is, if we value Android updates as highly as we say we do, why don't we pay for them? The situation can't be fixed by manufacturers -- most of them are barely breaking even -- or by Google, which is doing its best to improve things but ultimately relies on carriers and device makers to get the job done. Carriers will most certainly not be the solution, given how they presently constitute most of the problem (just ask AT&T Galaxy S6 owners) -- so like it or not, the best chance for substantial change comes from us, the users. What I'm proposing is a simple crowdfunding operation. I'm skeptical about this, because I don't think it is in an OEM's best interest to serve its existing users for long -- how else they will convince customers to purchase their new devices? A newer software version is after all one of the ultimate selling points of a new phone. So I don't think an OEM will take up on such an offer. What do you folks think?

An anonymous reader writes: The Raspberry Pi Zero has received its first major hardware upgrade today: a camera connector. The new addition of a camera connector works well with the two new Sony imaging modules announced last month. The board will retain its $5 price, too. Eben Upton, Raspberry Pi founder, said in a blog post that "through dumb luck, the same fine-pitch FPC connector that we use on the Compute Module Development Kit just fits onto the right hand side of the board." The team was able to close the feature gap between the Zero and larger Pi boards by moving the surface components towards the left, and rotating the activity LEDs. The CSI connector on the Zero is 3.5mm smaller than the adapter on the Pi 3, so you will need to invest in a new cable if you've already invested in a camera module for an existing project.

itwbennett writes: Researchers at BAE Systems have found a long chain of coding coincidences linking attempted fraud over the SWIFT network to the 2014 Sony Pictures hack. "The overlaps between these samples provide strong links for the same coder being behind the recent bank heist cases and a wider known campaign stretching back almost a decade," the researchers concluded. But it's still anybody's guess who's behind all these attacks: in Bangladesh, government officials are pointing the finger at SWIFT technicians who worked on the central bank's network last year, while the FBI says that attack was an inside job -- but blames the North Koreans for the Sony hack.
Sunday a bank in Vietnam revealed that it had also identified and blocked a $1.13 million fraud attempt, saying that a third-party service it used to connect to SWIFT's global money transfers system may have been attacked by hackers.

Reader Robotech_Master writes: After a recent Kobo software upgrade, a number of Kobo customers have reported losing e-books from their libraries -- notably, e-books that had been transferred to Kobo from their Sony Reader libraries when Sony left the consumer e-book business. One customer reported missing 460 e-books, and the only way to get them back in her library would be to search and re-add them one at a time! Customers who downloaded their e-books and illegally broke the DRM don't have this problem, of course.From the report: A Kobo representative actually chimed in on the thread, telling MobileRead users that they were following the thread and trying to fix the glitches that had been caused by the recent software changes and restore customers' e-books. It's good that they're paying attention, and that's definitely better than my first go-round with Barnes and Noble support over my own missing e-book. Hopefully they'll get it sorted out soon. That being said, this drives home yet again the point that publisher-imposed DRM has made and is making continued maintenance of e-book libraries from commercial providers a big old mess. About the only way you can be sure you can retain the e-books you pay for is to outright break the law and crack the DRM in order to be able to back them up against your company going out of business and losing the purchases you paid for.

Microsoft announced on Wednesday that it has stopped producing Xbox 360, a gaming console it launched in 2005. According to estimations, the company sold more than 85 million Xbox 360 units worldwide. Quartz has an insightful story today, in which it compares the shipment numbers of Xbox One and the PlayStation 4, the current generation consoles, to conclude that the "golden era" of video-game console sales is over. According to estimations, citing data provided by Nintendo, CNET, GameSpot, and Giant Bomb, the crown for the most popular gaming console goes to the Sony PlayStation 2 (2000) with 155.1 million inventories shipped. Sony PlayStation (1994) saw the movement of 102.49 million units, whereas 101.63 million Nintendo Wii inventories were dispatched. In comparison, Sony has sold 35.9 million units of PlayStation 4 so far, and Microsoft has sold roughly 10 million Xbox One units. From Quartz's report: It does seem, to some degree, that the golden age of home video-game consoles may be over. The previous generation of consoles was the last generation that didn't have to contend for users' time with mobile games. And you could make a strong case that a large portion of the casual gaming audience that Nintendo attracted for the Wii was almost entirely wiped out by mobile gaming. After all, the Wii was released in 2006 -- a year before the iPhone launched. Nintendo's next console, the Wii U, has been the company's worst-selling of all time. The average consumer may now feel more inclined to just pick up their phone and play Candy Crush or Temple Run than to get up and swing a controller around. The home console's saving grace could well be virtual reality. Just about every major tech and video-games company is working on a VR headset -- apart from Nintendo, it seems -- and early reviews of Facebook's Oculus Rift and HTC's Vive headsets have reduced non-gamers to tears. None of the top 10 most popular games consoles of all time have been released in the last 10 years, and VR may well be what turns the slowing console market back around.What's your take on this?

An anonymous reader shares a report on ZDNet: Security researcher Mike Olsen has warned that some products sold through the Amazon marketplace are harboring a dark secret -- malware. Olsen said in a blog post that while scouring Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment. The seller, Urban Security Group, had generally good reviews and was offering a particular Sony setup on sale. After purchasing the kit, Olsen started setting up the surveillance system, logging into the administrator panel to configure it. [...] Upon investigation, Olsen found that the device was talking to a server with hostname Brenz.pl, which is linked to malware distribution. If the device's firmware links to this domain, malware can be downloaded and installed, potentially leading to unlawful surveillance and data theft.Perhaps the company which made the device didn't realize its source code was compromised. While the aforementioned incident should serve as a reminder to people on why they need to be wary of the product they are purchasing, this isolated occurrence doesn't prove in any way that "plenty" of cameras on Amazon are also infected, as the article and the original blog post are subtly trying to imply.

An anonymous reader writes: A Sony employee created a custom PlayStation controller for a 21-year-old gamer with cerebral palsy. "I honestly got choked up reading the letter..." gamer Peter Byrne told 9News. "Mr Nawabi really cared about my situation and did this on his own time to make my experience better." On his old PlayStation 4 controller, Byrne kept inadvertently pausing the game whenever his left hand hit the touchpad. "It killed me to hear how something you used to enjoy thoroughly was being ruined because of our new controller design," Sony's Alex Nawabi wrote back in a letter, including a new controller with the original touchpad re-rerouted to the back. Nawabi spent 10 hours assembling parts from three different controllers, adding "Since I've torn the controller apart to modify it, the warranty is no longer valid... I'm not sure how long this will last." But Nawabi promised that he's already planning to also build one more replacement controller.

Alphabet-owned Nest recently announced that it will be turning off Revolv Hub next month. An anonymous reader shares an article on EFF, a privacy rights group: Nest Labs, a home automation company acquired by Google in 2014, will disable some of its customers' home automation control devices in May. This move is causing quite a stir among people who purchased the $300 Revolv Hub devices -- customers who reasonably expected that the promised "lifetime" of updates would enable the hardware they paid for to actually work, only to discover the manufacturer can turn their device into a useless brick when it so chooses. This is far from the first time that customers' software and electronics have been downgraded by manufacturers. Updates can disable features the customer paid for that have fallen out of favor with the vendor, as when Google disabled privacy settings on Android or Sony took away the ability to run GNU/Linux on a Playstation 3. Manufacturers can even render a device unusable until the customer "agrees" to new terms of use, as Nintendo did with the Wii U. Other software and devices, including some video games, are designed so they simply stop working when they can no longer dial home to a server run by the vendor.