Last week a racist joke originating from a shitty corner of the internet got quickly out of hand, and before long French politicians and Greek news channels—among others—were erroneously reporting that an old photograph of legendary game designer Hideo Kojima was actually a photo of Tetsuya YamagamiThe 41 year-old who assassinated former Japanese Prime Minister Shinzo Abe on Friday.

I say “joke”, but that’s really doing a disservice to things that are even remotely funny, since there was absolutely nothing linking the two men, in terms of appearance or otherwise, other than the fact they were both Japanese.

If you’re just joining this, here’s Zack reporting the news on Friday:

Shortly after today’s assassination, some shitty people in a dank corner of the internet joked that Abe’s suspected killer looked like Kojima. eventually, this reached Twitterwhere far-right French politician Damien Rieu—perhaps not understanding that it was a joke—retweeted images of Kojima with a comment that translates to “The extreme left kills,” helping spread it more. While Rieu did eventually delete the tweetsit seems the damage was already done and might have helped mislead at least one news station in Greece that covered the assassination.

Obviously that’s incredibly dangerous reporting, especially since it concerns someone already in the public eye, so Kojima Productions issued a statement on Friday evening saying:

Kojima Productions strongly condemns the spread of fake news and rumors that convey false information. We do not tolerate such libel and will consider taking legal action in some cases.

Far-right French politician Damien Rieu has since deleted his tweets, and the Greek news channel ANT TV1 has also removed its video featuring the photograph. It’s unknown at time of posting however just how far this information has spread, and how many people saw the original reports from both and have yet to see any of the corrections made.

.

<p>The post Kojima Productions Threatens Legal Action Over ‘Assassin’ Photo first appeared on harchi90.</p>

As has been reported by Gaming on Linuxand chatted about on reddit, the Steam Deck has got a bit of a security problem concerning its pretty badly outdated version of Firefox. Valve has reportedly promised a fix, but it won’t come until the next SteamOS update. That’s less than ideal.

The current version of the popular non-chromium browser is 102.0.1, while SteamOS sports the six-month-old version 96.0.3. You don’t need to be a Def Con hacking conference regular to know that you shouldn’t run around with an out-of-date web browser, particularly one you use to store passwords for, oh, I don’t know, social media websites, banking websites, or even Steam itself. (By the way: Don’t store passwords in your browser. That’s what password managers are for.)

Valve’s last major SteamOS update arrived on May 26, with frequent client updates in the weeks that followed. None updated the January build of Firefox, however. There is also a beta available for the next OS update, but you’ll have to opt into that and it isn’t a finalized build. That beta also does not update Firefox, nor is switching to a beta build of an operating system typically a good way to improve one’s security posture.

Kotaku has reached out to Valve for comment.

While drawing this specific issue out too much might be making a mountain out of a molehill (to be fair, I’m far from a security expert), it does bring up a challenge with SteamOS and Linux gaming in general.

As of the most recent Steam hardware and software survey results, Linux users account for only 1.18% of Steam’s population. A tiny amount for sure, but one that is growing with the rising popularity of the Linux-native Steam Deck. The folks who typically run Linux operating systems are more than capable of keeping them secure, but what happens when the SteamOS population grows to a point that it becomes an attractive target for exploiting vulnerabilities and distributing malware? And with the Steam Deck being advertised to the general public and not just hackers, the “dos and don’ts” of keeping a Linux machine safe are only going to become more important.

If you have a Windows background, the way Linux handles app installs may seem odd, with terms like “Flatpak,” “Snap,” and “repository” flying around. Linux has its own way of doing things, and it’s a little more complex than double-clicking a setup.exe. There’s also no “Linux Defender” at the ready to always ask you “are you sure you want to install this?” Steam Deck’s “Desktop Mode” might look similar to Windows or macOS, and I trust Valve has prioritized security, but adding in the wrong repository by grabbing random commands from the internet to do things as simple as getting Epic Games Store or GOG games to show up in Steam can easily land you in trouble if you aren’t 100% sure of how to keep your machine safe.

For many, the Steam Deck might not just be their first Linux gaming device, but their first experience with Linux period (Android doesn’t count). As Steam Deck and SteamOS continue to gain users, many will be more interested in just getting their games to run properly with the least possible hassle than learning how to safely manage a Linux OS from the ground up. Right now, most “noob Linux gaming questions” are answered by generous, helpful enthusiasts, not bad actors. But it’s not hard to imagine someone with malicious intentions and the knowledge of how to exploit situations like outdated software stepping in to take advantage of users who don’t know, say, the dangers of running random scripts.

Consoles are locked-down gaming environments for many reasons, but security certainly is chief among them. And while Windows security can definitely be compromised, most of us just assume Windows Defender will keep us from complete disaster. And it usually does. Valve may be right by going all in on Linux for the future of gaming, but security challenges are only going to grow as the Steam Deck gains in popularity. Moving forward, Valve would be wise to do its best to keep security considerations at the forefront, and that’s going to demand more timely updates with an eye toward patching potentially critical vulnerabilities as its userbase grows large enough to attract nefarious interests.

.

<p>The post Steam Deck’s Web Browser Badly Needs An Update first appeared on harchi90.</p>

This year’s Steam Summer Sale is over, so say goodbye to all the deals. But say hello to some rad-looking art! With the sale over, an artist at Valve is now free to share all the fake video game key art and covers that she helped create that were hidden inside Steam’s large digital catalog as part of the sale’s scavenger hunt. Sure, the games are fake, but I really want to play most of them.

The art for these non-existent video games was created by Valve developer Claire Hummel. She’s previously worked on games like Half-Life: Alyx and Westworld Awakening VR. And now, with the Steam sale over and its related time-traveling event ended, Hummel shared on Twitter all the cool covers she made for a variety of fake games spanning various genres.

For example, here’s what appears to be a fishing game about failing to catch fish. I’d play that.

And here’s some key art for a game about helping a very important king get to the bathroom. Yeah, I’d play that, too.

According to Hummel, the idea behind the art was to make it look “relatively convincing” so it would blend in with the thousands of other games on Steam. However, the art and game titles are just odd enough that you might notice something “a little weird on second glance.”

The various game names and ideas were created by Erik Wolpaw and Jay Pinkerton, longtime Valve writers. Once Hummel had a fake game name, she went to work making art for it.

“I just tried to match their energy in the final art,” explained Hummel on Twitter. “Super fun trying to make plausibly polished logos in a whole bunch of different styles/genres.”

This process led to some wonderfully strange but also very intriguing fake video games. For example, who wouldn’t want to at least see a trailer for Custard Castle Small Claims Court?

On Twitter, Hummel shared that creating all these fictional video games from the future “ended up being a whole lot of work” but it was still fun to do.

“I hope everyone got a kick out of finding each of these as much as we did making ’em.”

.

<p>The post Valve Made A Load Of Fake Games For Steam Summer Sale first appeared on harchi90.</p>

Just as Google announced it would be adopting virtual cards for shopping through Chrome, Apple is likely also implementing virtual cards in its Safari browser. The news comes from 9to5Macwhich is currently digging through the iOS 16 beta 3, released yesterday morning for developers. According to code the site has seen, Apple has apparently been working to implement virtual cards within Safari to keep your online shopping ventures secure across the board.

Virtual cards are offered by some banks as an option while shopping online so that your actual card and account information isn’t what’s making the rounds when data breaches occur. It also makes it easier for banks and other institutions to cancel a card on a whim. And it’s a more straightforward mechanism for providing one-time use cards.

While Apple Pay does use tokenization for transactions done through the app, those who don’t have access to or haven’t set it up will supposedly be able to use this virtual card method through Safari instead. Safari’s AutoFill will, according to 9to5Mac, Comply with virtual cards by hiding your card number as you shop, even if it’s already stored in the chain.

9to5Mac notes that since the feature is technically still in beta, it’s unclear whether it will only work with certain banks and cards. On its part, Google’s virtual card ability within Chrome will go live later this summer with support for Visa, American Express, and Capital One cards. Mastercard support is also slated to arrive later in the year. It’s not far off to imagine Apple will have similar partnerships when iOS 16 goes live.

While several companies already offer this kind of virtual transaction protection, including stripesome people might not want to go through a third party for the ability.

Apple’s iOS 16 beta is only available for developers, though a public beta is due sometime this month.

.

<p>The post Apple’s Version of Virtual Cards Could Be Coming in iOS 16 first appeared on harchi90.</p>

Few racing games are more therapeutic than Funselektor’s Art of Rally, a minimalist, top-down arcade rally racer with an emphasis on driving feel and pleasant vibes. It’s a singular experience — the kind of racing game that rightfully garnered plenty of attention and praise from novices and experts alike. An interview posted today with the game’s chief developer, Dune Casu, teases into what makes it so special.

Unlike many other modern racing games, Art of Rally is played from a pseudo-top-down perspective, as was more common in the days before polygons and sprite scaling. Personally, as charmed as I am by the game’s visual style and zen-like approach to driving, that’s always been a sticking point for me; I’ve never got on well with top-down racers. However, a fan-made mod for the PC version was actually created to address that, bringing the camera close down to the ground, directly behind the car, like a chase cam in a more traditional racing game.

ace youtuber DustinEden says, it completely transforms the experience. It also causes some graphical and logistical issues, as Art of Rally was never intended to be played from such a vantage point. Those flat-shaded, minimalist assets that previously merged to paint a rich landscape when seen from a distance now seem a little too plain, a little too undercooked this up close. The sense of speed is also heightened, and DustinEden reports a compulsion to brake and lift more frequently out of a fear of losing control.

But the bigger issues actually pertain to pace notes; or rather, the lack of them. In rallying, your co-driver’s warnings of turns and hazards ahead is essential to successful run on a course you’ve never seen before. These notes must also be relayed at precisely the right time, in the right cadence and obviously in a variety of languages ​​for every territory in which the game releases.

Funselektor, however, is a small team that lacks the resources to record pace notes with the level of care they require. By pulling the camera up and back, the player could glean a better sense of what lies ahead without having to rely on verbal warnings. Casu explains this in a little more detail, in his interview with DustinEden, which you really should watch if you’re interested in this sort of stuff, or are a fan of the game.

The interview begins at about the 9:15 mark. Casu starts by explaining how the idea for the top-down camera came from a previous project:

originally with Absolute Drift it was a bit of an accident. It was supposed to be a third-person camera, like Need For Speed or the classic racing games. I was trying to make a main menu, like an interactive 3D main menu, so we just took this camera out and I brought it to this video game meetup, and someone said “oh this is way better, I like it better.” That’s the whole reason we did that.

the camera quickly became the glue that held the entire experience together; Casu recalls she having continually tweaked it “almost up until launch.” Still, he appreciates the chase cam mod presenting another option to the players that want it:

Some people seem to like it! It’s definitely an interesting mod that’s come out, it’s pretty cool to see. People would ask for it to be in the game, a chase camera like that. But then, since it’s a rally game you need pace notes, and the original goal of this game was to have a more minimal rally experience. By having this camera you get to do away with the pace notes. Because pace notes can [require] a lot of skill for a game, especially for localization — we have 12 languages ​​in the game — and getting that for like all the voice acting for everything, and also tuning it so it’s right… I’ve played rally games where the pace notes were a bit off and it forces you to crash. So having it all zoomed out, being able to see everything, that’s like the core of the game.

There are certainly advantages and disadvantages to either camera position, and Funselektor decided this one would be the best option for the type of game they wanted to make — a love letter to rallying presented as a diorama, with a stunning degree of physical depth. Art of Rally is still getting new, free content almost two years on, and Indonesian stages are due to be added in the coming weeks. It’s also available on pretty much every modern platform now, so if you haven’t had the chance to settle in yet, now could be the best time.

.

<p>The post How a New Camera Angle Completely Transforms Art of Rally first appeared on harchi90.</p>

It looks like Mickey Mouse might need a refresher on digital security.

On Thursday morning The Happiest Place on Earth’s Instagram account was briefly taken over by a self-described “super-hacker” who claims to have sought revenge on Disneyland employees who supposedly mocked his “small penis.” The “hacker” possessed all the hallmarks of an unoriginal internet troll.

“WHO’S THE TOUGH GUY NOW JEROME,” the poster, who identified himself as David DO,” wrote according to a screenshot saved by CBS News. The offending posts reportedly began to pop up around 3:50 am Pacific time but appear to have been removed at the time of writing.

In addition to the above posts, which featured the image of a glasses-wearing young man with black hair and dark eyes, CBS Los Angeles notes three additional posts and one Instagram story featuring racial slurs and unhinged tangents. In some of those posts, the hacker reportedly used the n-word, while in others he reportedly claimed to have, “invented COVID and blamed it on Wuhan.” This supposed worldd-class hacker also claimed he was “working on COVID20.”

disneyand did not immediately respond to Gizmodo’s request for comment. Gizmodo reached out to several accounts on Instagram and Twitch that appear to match the image and handle of the poster and but we haven’t heard back.

The troll’s posts seemed limited to Disneyland’s Instagram account, which at the time of writing boasts 8.4 million followers. The most recent post on Disneyland’s account at the time involve a performance of The Lion Kingdated six days old.

If this was, in fact, a “hack” it will likely bring back bad memories for security workers in the Disney orbit. Back in 2019, the then recently launched Disney+ subscription streaming service fell victim to hackers who reportedly acquired users’ credentials and sold them on the dark web.

.

<p>The post Hacker Plasters Disneyland’s Instagram With Racial Slurs first appeared on harchi90.</p>

Android’s reputation as a platform that doesn’t care about user privacy is outdated: If you’re using a modern Android smartphone, you have a lot of control over which app can access your data, and in what contexts. Thanks to new privacy features, you can give an app access to your location for a limited time, for example. If you haven’t thought about app permissions in a while or are prone to giving apps any permission they want, you should do a privacy permissions audit.

Thanks to Google’s push for better privacy controls, most modern Android smartphones come with a dedicated Permissions Manager (starting from Android 12, it’s called Privacy Dashboard), which gives you a single place where you can choose which apps can access things like your call logs , camera, microphone, location, contacts, files, physical activity, and more.

open the “Settings” app on your Android smartphone, and go to privacy > Permission Manager (or Privacy Dashboard). Different manufacturers might use different phrases for this. If you don’t find the options, search for “permissions” in the Settings app.

You’ll see a list of all available permissions. Go through the list and see if anything is out of the ordinary. For example, Facebook asking for constant location access, or an obscure app looking at your call logs. Choose the app and then switch to “don’t allow” Know that some features require these permissions to work: If you return to the app, and notice something you enjoy isn’t working, consider allowing the permission again.

If you don’t want to block the app, you can fine-tune the permissions as well. For example, users running Android 10 and above can choose to share their location with an app only when it’s running. And if you’re running Android 11 and up, you can grant an app temporary access to things like your location, microphone, or camera. Android 12 takes it even further by only giving out approximate location so that no app can find your precise location (of course you shouldn’t use this setting for something like Google Maps, or a ride-sharing app).

Now that you understand how permissions work in newer Android versions, go through the list of apps and revoke access as you see fit (and, if you’re using Android 11, make use of the new temporary permissions features).

.

<p>The post Do This Android App Privacy Audit, I Beg You first appeared on harchi90.</p>

Older Android phones are a known security risk, but recent research from Microsoft’s 365 Defender Research Team shows just how vulnerable the outdated devices are vulnerable to a serious form of malware known as “toll fraud.”

Toll fraud malware hides in normal-looking apps, quietly signing up users for premium subscription services through the user’s phone service. We’re not talking covert Netflix subs, here: Instead, victims are signed up for useless services that can cost hundreds of dollars or more each year.

Microsoft’s research shows devices running Android 9 and older are the most at risk for such attacks, but we’ve seen similar exploits affect newer versions of Android as well. Worse, hackers are constantly changing how these attacks work, allowing malicious apps to circumvent Google Play’s security measures. that means there could be scores of toll fraud apps (along with other types of malware) hiding in the Google Play Store listings right now—which is why it’s important for all Android users to know how to spot the problem before it becomes one.

What is toll fraud?

Microsoft has a comprehensive breakdown of how toll fraud works, but the common attack happens in three stages.

First, the user downloads a seemingly safe app from Google Play or a third-party app distributor. Once the app is installed, it updates itself with new, malicious code that would normally flag Google Play’s security checks.

Once updated, the app performs the second phase of the attack, which includes a few different steps, such as using fake login pages and a Wireless Application Protocol (WAP) to sign you up for the unwanted services. (WAPs are a legitimate tool apps use to sign users up for services through their phone service rather than through a payment card or other billing options, but they’re clearly prone to abuse.)

Since WAPs require a cellular connection, the fraudulent app will often wait for the infected device to use wireless data instead of wifi connections. In some cases, these apps will even force the phone to connect to cellular data, even if a wifi connection is available.

For the last part of the attack, the app intercepts and blocks SMS confirmation—the messages you’d normally receive after signing up to WAP services legitimately—so you won’t know anything is wrong until you check your phone bill and see the unexpected transactions.

How to prevent toll fraud malware attacks

Toll attacks like this happen silently in the background, making them extremely difficult to catch. Microsoft’s research team outlined ways Google can continue to enhance its security features to prevent toll fraud and similar forms of malware, but there are also few ways users can prevent these attacks on their own.

Obviously, the most important thing is to keep your devices updated with the latest versions of Android and all security patches. As we mentioned above, devices running Android 9 and earlier are the most at risk. If possible, update to Android 10 or later and install the latest security patches available to you.

Of course, updating to a newer version of Android isn’t possible for all devices, and buying a new phone to replace your outdated one may not be either. plus, whome seen similar attacks on newer versions of Android, such as the “Joker” malware; it’s also possible (indeed, likely) that new forms of toll fraud could target newer Android phones in the future.

That’s why you should always thoroughly vet an app before downloading. Read reviews (not just the top-rated, but the low ratings, too), research the app online, and only download apps from trusted sources. Similarly, installing a trustworthy anti-malware app may allow you to intercept sketchy apps before they can do anything.

That said, many shady apps do look legit, which is why you still need to watch for red flags after installing an app. Common characteristics of malicious apps and trojans include:

• Seemingly random login pages requesting to link a social media or email account.
• Unnecessary app permissions.
• Requests to install additional software or updates that don’t come through the Google Play store.

That’s not an exhaustive list, but they’re common indicators of an unsafe app. Be sure to check our guides front spotting other types of internet scams and malware for more tips.

[Android Central]

.

<p>The post Avoid These ‘Toll Fraud’ Apps on Android first appeared on harchi90.</p>

no matter what browser you use on your Androidit accumulates junk files over time. Left unchecked, those files can take up anywhere between 100s of megabytes to multiple gigabytes of storage space. it not only slows down your browser, but can also affect the speed of your phone, and the solution is easy: periodically clear the junk files from your browsers.

How to clear the cache from your Android browsers

Each browser has different steps when it comes to clearing cache and junk files. We’ll cover the popular browsers below.

Chrome

Open the browser, tap the three-dotted Menu button, and go to History > Clear Browsing Data.

From here, make sure that the time range option is set to “all time” Next, choose the “Cookies and site data” and “Cached images and files” options. tap “Clear Data” to get rid of all the saved data.

Samsung Internet

If you use a Samsung smartphone, you might use their bundled browser. Open the browser and tap the three-lined Menu in the bottom-right corner. Ghe to Settings > Personal Data > Delete browsing data. Choodie the “Cookies and site data” and “Cached images and files” options. tap “delete data” and confirm from the popup.

Firefox

Tap the three-dotted Menu button in the top-right and go to Settings > Delete browsing data. Choose the “Cookies” and “Cached images and files” options. then tap “Delete browsing data.”

How to clear the cache for any Android app

What if you’re using a niche browser like Brave or Opera? look in the History section in Settingsand you’ll see the option for clearing junk files there.

There’s also a global option for clearing cache that works for any app, including browsers, but we wouldn’t suggest you use this for apps like your bank or password managers, since you’d risk losing important data: open the Settings app on your Android phone, go to Apps & Notifications (or Apps) > App Infoand choose the app you wantthen go to the “Storage and Cache” section and tap “Clear Cache” All the temporary files will be deleted instantly.

.

<p>The post The Simplest Way to Make Your Android Run Faster first appeared on harchi90.</p>

If you use Google Chrome on Windows or Android, you need to update ASAP. there’s a new browser update for each platform that includes patches for newly discovered security vulnerabilities. The bad news: One of these security flaws has a known exploit, meaning your browser and its data are at risk unless you update now.

Google confirmed these updates on its Chrome Release blogs for windows and Android. Windows users will need to update to version 103.0.5060.114, while Android users will see version 103.0.5060.71. The company says these updates patch four security vulnerabilities in Chrome for Windows and three vulnerabilities in Chrome for Android. Oddly, however, Google omitted one of the vulnerabilities from its list:

• [$TBD][1341043] High CVE-2022-2294: Heap buffer overflow in WebRTC. Reported by Jan Vojtesek from the Avast Threat Intelligence team on 2022-07-01
• [$7500][1336869] High CVE-2022-2295: Type Confusion in V8. Reported by avaue and Buff3tts at SSL on 2022-06-16
• [$3000][1327087] High CVE-2022-2296: Use after free in Chrome OS Shell. Reported by Khalil Zhani on 2022-05-19 (Desktop only)

While it’s important to protect yourself from all security bugs possible, it’s really the first of these three that is the most concerning, as Google confirmed in its update log there is a known exploit for CVE-2022-2294 in the wild. When an exploit for a security vulnerability exists, it means at least somebody knows how to take advantage of the bug, if they haven’t done so already. that’s dangeroussince the likely billion of Chrome users on Windows and Android will be at risk until the bug is patched and their devices are updated.

CVE-2022-2294 is a buffer overflow vulnerability. It occurs when a program tries to write more data to a memory location than that location can accept, causing it to overflow into another space. These vulnerabilities are not uncommon, but when they are discovered, malicious users can take advantage of them. If Chrome isn’t fully updated on your PC or Android device, you are at risk.

While Google isn’t publicly aware of exploitations for the other vulnerabilities at this time, it’s likely such exploits will be discovered eventually. The longer you wait to update, the more vulnerabilities there will be to content with.

For some reason, these security flaws don’t seem to affect Mac or iOS users. As such, you won’t see a new Chrome update on these platforms just yet.

How to update Google Chrome on Windows and Android

To protect your browser and your data, update Chrome now. To do sofront Windows, click the three dots in the top-right corner of the browser window, then choose Help > About Google Chrome. Allow Chrome to look for a new update. if one is available, choose “Relaunch” to install the update to your browser.

To update the app on Android, head to the Google Play Store. Search for Google Chrome, then choose “Update” next to the app. If you have automatic updates enabled, the app may update on its own: If you only see an “Open” option, you’re all set.

[How-To Geek]

.

<p>The post Update Chrome ASAP on Android and Windows first appeared on harchi90.</p>