A flaw in Android allows an attacker to record screen activity and system audio

Lollipop, Marshmallow and Nougat involved

The Android operating system is present on billions of devices around the world and, as software, does not escape one of the rules of the test which states that the absence of the faults is a utopia. Researchers at security firm MWR InfoSecurity have exposed a new operating system vulnerability. Back to Google in early January 2017 by the team of researchers, it allows an attacker to abuse an application to get a user to record the activity of his screen without his knowledge. The briefing note also notes the possibility of siphoning the audio from the system.

Vulnerability affects smartphones that run the Lollipop, Marshmallow and Nougat distributions; that is, when these lines are written, more than 75% of the Android devices on the market are concerned. This is due to the MediaProjection framework that launched with Lollipop distribution and whose role is to allow developers to capture the screen activity of a smartphone.

According to researchers at the security firm MWR InfoSecurity, in distributions prior to Lollipop, applications with such features had to either have root privileges or be signed with special keys, which leaves think that they were reserved for original equipment manufacturers. From Lollipop, they are accessible to third-party developers via this framework and the consequence is that they do not need root privileges or application signatures.

Moreover, as noted by the researchers of the security firm, it is not necessary to require permissions via the manifest file of the application. “To use the service, an application only needs to access it through an Intent. Access to the service is granted through the display of a system prompt that warns the user that the application requires permission to capture the screen activity, “write the researchers. In principle, the user is notified of the activity that is problematic except that the researchers of the security firm add that it is possible to superimpose a malicious invitation to that generated by the system. A message well placed and the user of the application is rolled.

“This vulnerability is mainly due to the fact that the affected Android versions are unable to detect that a system prompt has been partially hidden,” the researchers added.

To date, only the Oreo distribution of the Android operating system contains a fix for this problem. Old distributions of the operating system therefore remain vulnerable. However, researchers at the security firm say that this type of attack is not completely silent. According to the latter, an application that accesses this service generates a notification in the dedicated bar for this purpose. Users should pay particular attention to the presence of a screencast icon as shown above. Morality: pay attention to the applications that we download. Fortunately, in this case there is a point of support for vigilance.

Ubuntu 18.04 LTS Will Be Called Bionic Beaver

The release of the next version of the Linux distribution is scheduled for April 26, 2018

Ubuntu 17.10 came with a series of major changes, and especially the move to a new desktop environment and a new display server. In this release, users will be granted GNOME 3.26 as the default desktop environment instead of Unity, following Canonical’s decision to abandon the development of Unity 8. As a consequence of this decision, the Mir display, developed jointly with Unity 8 to replace X.Org, has also fallen. In Ubuntu 17.10, Wayland was delivered by default.

Other changes include the upgrade to version 4.13 of the Linux kernel. There will also be no 32-bit ISO image for Ubuntu Desktop, which will make new installations of Ubuntu Desktop 32-bit impossible. Along with that, there are also the usual incremental improvements, with newer versions of GTK and Qt, and updates to major packages like Firefox and LibreOffice.

In short, this is an important update for which the CEO of Canonical wanted to congratulate the developers who have done all this work, through a blog post. As usual, Mark Shuttleworth also took the opportunity to reveal the code name of the next version of Ubuntu, which will have long-term support.
For the code name of Ubuntu 18.04 LTS, Canonical’s CEO chose “Bionic Beaver” which could literally be translated as “Bionic Beaver”. Beaver is a rodent and bionic is an adjective that refers to having members or parts of one’s body that are artificial, and particularly electromechanical. The beaver was chosen for “his energetic attitude, his industrious nature and his technical prowess” and the bionic adjective was chosen “in honor of the robots running on Ubuntu Core,” says Mark Shuttleworth.

For those who wonder about these choices, it should be noted that they only follow the logic behind the code names of the different versions of Ubuntu. This logic consists in choosing two words starting with the same letter and respecting the alphabetical order from one version to another. The first word of the code name must be an adjective and the second is usually the name of an animal. The version number, meanwhile, indicates the year (the first two digits) and the month (the last two digits) of the release date, knowing that there is an interval of 6 months between each version. Thus, after 16.04 Xenial Xerus, 16.10 Yakkety Yak, 17.04 Zesty Zapus and 17.10 Artful Aardvark, one had to switch to a code name consisting of two words beginning with the second letter of the alphabet, such as Bionic Beaver.

Mark Shuttleworth did not reveal Canonical’s plans for Ubuntu 18.04 LTS, but it looks like his team will be working particularly on the Ubuntu Core system for IoT devices and improving the GNOME experience, among others.

It should also be noted that the publication schedule has been unveiled. The development begins on October 26, and Ubuntu 18.04 LTS Bionic Beaver will follow the same pattern as its predecessors: a six-month development cycle with two Alpha versions and two Beta releases to be released.

According to the publication schedule, the first Alpha is expected on January 4, 2018 and the second should arrive on February 1st. Starting in March, things will be faster. On March 1st, the development team will stop adding new features (features, packages, APIs) and will focus on bug fixes to release the first Beta on March 8th. The last Beta will follow April 5 before the release candidate and the final version respectively on April 19 and 26, 2018.

Microsoft Office 2019 Expected For The Second Quarter Of 2018

Microsoft office 2019

Microsoft took advantage of its Ignite conference in Orlando, Florida, September 25-29, 2017 to provide more details on the next edition of its Office 2019 office suite. The US technology company has revealed that its software should integrate several interesting features that will probably delight business users who spend a lot of time on Excel and PowerPoint.

According to the information reported by the Windows editor, Microsoft Office 2019 should be formalized from next year, probably during the second half of 2018. It is also expected that pre-emptions will be made available to testers during First 6 months of 2018. Office 2019 should include updates to facilitate the use of management tools, voice and security.

There should be no surprises regarding the application pack that comes with Office 2019. Users should have no trouble finding their favorite applications (Word, PowerPoint, Excel, Publisher and others).

Unlike Office 365, which provides access to the latest Office applications and updates as they become available through the cloud, the Office 2019 Office Suite will be primarily intended for customers who do not have permanent Internet access or are not ready to migrate to Microsoft’s cloud solution.

Licenses allowing a more or less limited use of the applications composing the future Microsoft office suite should be offered to users instead of the subscription system used with Office 365. It would seem, moreover, that certain options, such as those proposed by PowerPoint Designer will only work with the subscription version of Office. These features are currently only available on the cloud version of the Microsoft office suite.

The Redmond company has discussed new inking tools that should allow users to work more naturally and the addition of new animations, such as Morph and Zoom, which should complete the presentations made with PowerPoint. The addition of “new formulas and charts that will make data analysis more powerful on Excel” would be another important element that should benefit this new version. Improvements in title and highlighting effects to facilitate the use of a stylus have also been cited.

Microsoft Announces That Skype For Business Will Be Replaced By Teams Which Is Already Integrated With Office 365

Skype Business

“improvements still need to be made”

The company Microsoft has officially announced that it will abandon its application Skype for Enterprise and replace it with its Teams work platform that is integrated with Office 365. But to reassure its users, Microsoft made it clear that both solutions could be used at the same time and on the same machine without creating conflict. This should make it easier for the companies concerned to compare the two working solutions and to decide where to go. Moreover, the two working platforms are compatible with each other.

The American technology company took advantage of the Ignite conference it is organizing in Orlando, Florida from September 25 to 29 to make this announcement. The Windows Editor already allows users of the Office 365 suite to upgrade from the Skype application in their corporate version to Microsoft Teams.

The Redmond company said it plans to add new and improved features to Microsoft Teams so users do not feel lost after migrating to the new work platform. Most of these features were already present in the Skype Enterprise Edition, but so far they were badly needed by Microsoft Teams. For example, introducing incoming and outgoing calls to PSTN numbers, call waiting, call forwarding, voicemail, and other useful features for calls or conferences. .

Microsoft also plans to introduce audio conferencing support on its new enterprise-class work platform. However, this feature should only be proposed as a first step.

For now, it’s unclear exactly when exactly Microsoft will completely replace Skype for Enterprise by Teams, but that will probably not happen until the features mentioned are built into Teams. The Redmond firm also plans to release a new version of Skype for Business Server by the second half of 2018 for its customers still operating PBX systems that are not ready to transition to Teams.