The cookie encryption system that Google introduced to the Chrome browser a few months ago can easily be bypassed, experts have warned.
In fact, a security researcher has recently published a new tool that does just that.
In July 2024, Google released Chrome 127, a new version of the Chrome browser that came with Application-Bound (App-Bound) encryption. The new feature was supposed to serve as a protection mechanism, encrypting cookies using a Windows service running with SYSTEM privileges. The tool was supposed to prevent infostealing malware from grabbing sensitive information stored in the browser, such as login credentials, session cookies, and more.
Higher privileges needded
“Because the App-Bound service is running with system privileges, attackers need to do more than just coax a user into running a malicious app,” Google said at the time. “Now, the malware has to gain system privileges, or inject code into Chrome, something that legitimate software shouldn’t be doing.”
Advertisement
But the success of the new feature was short-lived. In late September, we reported that multiple infostealers were already able to work around the feature, including Lumma Stealer, StealC, and many others.
Google responded by saying that it was expected, and added that it was happy the changed forced a shift in attacker behavior.
“This matches the new behavior we have seen. We continue to work with OS and AV vendors to try and more reliably detect these new types of attacks, as well as continuing to iterate on hardening defenses to improve protection against infostealers for our users.”
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Advertisement
Now, security researcher Alexander Hagenah built and shared a tool on GitHub he called ‘Chrome-App-Bound-Encryption-Decryption’ which does the same as these infostealers, BleepingComputer reports.
“This tool decrypts App-Bound encrypted keys stored in Chrome’s Local State file, using Chrome’s internal COM-based IElevator service,” the project page reads. “The tool provides a way to retrieve and decrypt these keys, which Chrome protects via App-Bound Encryption (ABE) to prevent unauthorized access to secure data like cookies (and potentially passwords and payment information in the future).”
Commenting on all of the above, Google essentially said it was satisfied, since crooks now need higher privileges to pull off the attacks:
“This code [xaitax’s] requires admin privileges, which shows that we’ve successfully elevated the amount of access required to successfully pull off this type of attack,” Google said.
NASA has shared a fascinating animation showing the route taken by the Perseverance rover on Mars since its arrival there in February 2021.
Perseverance is NASA’s most advanced Mars rover to date, and while its general routes are decided by a team at NASA’s Jet Propulsion Laboratory in Southern California, the rover actually moves forward autonomously, checking for hazards and moving around any problematic objects as it goes.
The animation covers the entire 18.7 miles (about 30 kilometers) traveled by Perseverance over the last 44 months, and includes the locations where it’s been collecting samples of Mars rock and soil.
Advertisement
Those samples will be returned to Earth in the coming years so that scientists can study them in laboratory conditions to try to determine whether microbial life ever existed on the red planet.
Most of Perseverance’s travels have taken place inside Jezero Crater, a place once filled with water and which scientists believe has the best chance of containing evidence of ancient life.
In recent months, however, Perseverance has embarked on a challenging climb up the side of the crater and is now tackling its steepest inclines to date.
Because much of the material it’s currently driving over comprises loosely packed dust and sand with a thin, brittle crust, Perseverance has recently been slipping a lot and has covered only about 50% of the distance that it would have managed on a more stable surface. On one occasion, it managed only 20% of the planned route.
Advertisement
“Mars rovers have driven over steeper terrain, and they’ve driven over more slippery terrain, but this is the first time one had to handle both, and on this scale,” said JPL’s Camden Miller, who is a rover planner, or “driver,” on the Perseverance mission. “For every two steps forward Perseverance takes, we were taking at least one step back. The rover planners saw this was trending toward a long, hard slog, so we got together to think up some options.”
The team used a replica rover on Earth to test out some new maneuvers aimed at reducing slippage, and also considered alternative routes featuring different terrain. Assessing the data, the planners settled on altering the route, and Perseverance is continuing on its way at a steady pace.
“That’s the plan right now, but we may have to change things up the road,” Miller said. “No Mars rover mission has tried to climb up a mountain this big, this fast. The science team wants to get to the top of the crater rim as soon as possible because of the scientific opportunities up there. It’s up to us rover planners to figure out a way to get them there.”
Those opportunities include access to rocks from the most ancient crust of Mars that were formed from a wealth of different processes. Rocks there have never been analyzed close up before, and they could potentially include once habitable environments.
Samsung has confirmed it is adding 300 repair locations by 2025. The tech giant’s partnership with Cell Phone Repair by Assurant (CPR) will ensure genuine spares and fast service for Galaxy devices.
Samsung will add 300 repair locations by 2025
Samsung is expanding its customer care network. The South Korean tech giant officially announced that its partnership with Cell Phone Repair (CPR) by Assurant will jointly have over 400 new service locations in 2025.
Samsung is reportedly planning to get these service centers operational before 2024 ends. At the beginning of the current year, CPR had roughly 100 locations certified by Samsung. However, the network is growing rapidly. With the 300 new locations, Samsung will have over 400 service centers in the US.
Speaking about the development, Samsung’s VP of Customer Care, said, “Our commitment to repairing devices the right way gives Galaxy customers confidence that they are receiving the highest-quality care experience for extending the lifespan of their smartphones.”
Advertisement
Samsung’s repair network currently includes over 2,000 Authorized Care centers. The company also operates a fleet of ‘We Come To You’ vans for in-person and doorstep repairs.
How will Samsung Galaxy users benefit from the new service centers?
Samsung has assured that the CPR locations have WISE-certified technicians. This means they have received CTIA’s Wireless Industry Service Excellence certification.
Technicians have reportedly received training to offer fast, quality repairs, using genuine Samsung parts. These skilled personnel would offer most of the repairs in under an hour, boasted Samsung.
The service centers are equipped to repair or replace nearly every component, be it cracked screens or worn-out batteries. These locations will also offer out-of-warranty fixes.
Advertisement
Samsung assures Galaxy users will get certified service backed by a limited warranty for added peace of mind. Specifically speaking, smartphone models from the Samsung Galaxy S9 generation to the latest Samsung Galaxy S24 Ultra would be serviced by CPR.
Late last week, the FBI and Cybersecurity and Infrastructure Security Agency (CISA) they were investigating “the unauthorized access to commercial telecommunications infrastructure by actors affiliated with the People’s Republic of China.” At the same time, The New York Times that phones used by Donald Trump, JD Vance and Kamala Harris’ campaign staff were among the targets, though it was unclear what data the group may have been able to access.
Now, The New York Times has about the extent of the hack, which is reportedly linked to a Chinese group known as “Salt Typhoon.” According to The Times, aides to President Joe Biden, as well as Trump’s family members were also targeted, in addition to diplomats and other government officials. Even more concerning, though, is what the hackers may have been able to access. From the report:
F.B.I. investigators think the hackers may have been able to access unencrypted SMS text messages on the targeted devices, as well as call logs, according to people familiar with the investigation. They said there was also evidence indicating that audio communications were captured, though it was not immediately clear whether that meant voice mail or phone call conversations.
CISA didn’t immediately respond to a request for comment The agency said last week in a joint with the FBI that the investigation was “ongoing” and that the affected companies and other potential victims had been notified. At least 10 companies, including Verizon and AT&T, were impacted, according to The Washington Post. A spokesperson for AT&T declined to comment. Verizon didn’t immediately respond to questions, but The Times the company was “aware that a highly sophisticated nation-state actor has reportedly targeted several U.S. telecommunications providers to gather intelligence.”
The area of land surface affected by drought has trebled since the 1980s, a new report into the effects of climate change has revealed.
Forty-eight per cent of the Earth’s land surface had at least one month of extreme drought last year, according to analysis by the Lancet Countdown on Health and Climate Change – up from an average of 15% during the 1980s.
Almost a third of the world – 30% – experienced extreme drought for three months or longer in 2023. In the 1980s, the average was 5%.
Advertisement
The new study offers some of the most up-to-date global data on drought, marking just how fast it is accelerating.
The threshold for extreme drought is reached after six months of very low rainfall or very high levels of evaporation from plants and soil – or both.
It poses an immediate risk to water and sanitation, food security and public health, and can affect energy supplies, transportation networks and the economy.
The causes of individual droughts are complicated, because there are lots of different factors that affect the availability of water, from natural weather events to the way humans use land.
Advertisement
But climate change is shifting global rainfall patterns, making some regions more prone to drought.
The increase in drought has been particularly severe in South America, the Middle East and the Horn of Africa.
In South America’s Amazon, drought is threatening to change weather patterns.
It kills trees that have a role to play in stimulating rainclouds to form, which disrupts delicately balanced rainfall cycles – creating a feedback loop leading to further drought.
Advertisement
Yet, at the same time as large sections of the land mass have been drying out, extreme rainfall has also increased.
In the past 10 years, 61% of the world saw an increase in extreme rainfall, when compared with a baseline average from 1961-1990.
The link between droughts, floods and global warming is complex. Hot weather increases the evaporation of water from soil which makes periods when there is no rain even drier.
But climate change is also changing rainfall patterns. As the oceans warm, more water evaporates into the air. The air is warming too, which means it can hold more moisture. When that moisture moves over land or converges into a storm, it leads to more intense rain.
The Lancet Countdown report found the health impacts of climate change were reaching record-breaking levels.
Advertisement
Drought exposed 151 million more people to food insecurity last year, compared with the 1990s, which has contributed to malnutrition. Heat-related deaths for over 65s also increased by 167% compared to the 1990s.
Meanwhile, rising temperatures and more rain are causing an increase in mosquito-related viruses. Cases of dengue fever are at an all-time high and dengue, malaria and West Nile virus have spread to places they were never found before.
An increase in dust storms has left millions more people exposed to dangerous air pollution.
“The climate is changing fast,” says Marina Romanello, executive director of the Lancet Countdown.
Advertisement
“It is changing to conditions that we are not used to and that we did not design our systems to work around.”
For the series Life at 50 degrees, BBC World Service visited some of the hottest parts of the world, where demand for water was already high. We found that extreme drought and rainfall had further squeezed access to water.
Since 2020, an extreme and exceptional agricultural drought has gripped northeast Syria and parts of Iraq.
In the past few years, Hasakah, a city of one million people, has run out of clean water.
Advertisement
“Twenty years ago, water used to flow into the Khabor River but this river has been dried for many years because there is no rain,” says Osman Gaddo, the Head of Water Testing, Hasakah City Water Board. “People have no access to fresh water.”
When they can’t get water, people make their own wells by digging into the ground but the groundwater can be polluted, making people ill.
The drinking water in Hasakah comes from a system of wells 25 kilometres away, but these are also drying and the fuel needed to extract water is in short supply.
Clothes go unwashed and families can’t bathe their children properly, meaning skin diseases and diarrhoea are widespread.
Advertisement
“People are ready to kill their neighbour for water,” one resident tells the BBC. “People are going thirsty every day.”
In South Sudan, 77% of the country had at least one month of drought last year and half the country was in extreme drought for at least six months. At the same time, more than 700,000 people have been affected by flooding.
“Things are deteriorating,” says village elder, Nyakuma. “When we go in the water, we get sick. And the food we eat isn’t nutritious enough”.
Nyakuma has caught malaria twice in a matter of months.
Advertisement
Her family lost their entire cattle herd after flooding last year and now survive on government aid along with anything they can forage.
“Eating this is like eating mud,” says Sunday, Nyakuma’s husband, as he searches floodwater for the roots of waterlillies.
During a drought, rivers and lakes dry up and the soil gets scorched, meaning it hardens and loses plant cover. If heavy rain follows, water cannot soak into the ground and instead runs off, causing flash flooding.
“Plants can adapt to extreme drought, to an extent anyway, but flooding really disrupts their physiology,” adds Romanello. “It is really bad for food security and the agricultural sector.”
Advertisement
Unless we can reduce emissions of greenhouse gases and stop the global temperature from rising further, we can expect more drought and more intense rain. 2023 was the hottest year on record.
“At the moment, we are still in a position to just about adapt to the changes in the climate. But it is going to get to a point where we will reach the limit of our capacity. Then we will see a lot of unavoidable impacts,” says Romanello.
“The higher we allow the global temperature to go, the worse things are going to be”.
Lightspeed partnered with GamesBeat, Nasdaq, and leading judges and mentors once again to spotlight the 25 most innovative startups reshaping the gaming and interactive media industry.
For half a century, video games have profoundly shaped consumer behavior and acted as a catalyst for significant technological innovation.
As an ever-increasing time of our lives is spent in immersive virtual worlds, gaming is expected to continue its pivotal role in how we play, work, and connect.
And like every industry, the gaming world is defined by outliers — the few companies that push the boundaries and pave the way for how the next generation of games are made and played.
The gaming industry is in constant flux, so this year’s list emphasizes resilience and adaptation — honoring ideas and strategies that demonstrate a startup’s ability to not only withstand the challenges facing the gaming & interactive media industry but excel in this turbulent environment.
To qualify, entrants had to have been in business no more than five years and have no more than 50 full-time employees. The goal of this list is to highlight startups that have unique and original visions with a strong focus on execution.
Introducing the Top 25
After receiving an overwhelming amount of entries (almost 40% more than last year), Lightspeed investors and GamesBeat editors narrowed the list of entrants to 75.
From there, a star panel of judges — including C-level gaming executives and senior operators across companies like Activision Blizzard, Amazon, TikTok, Riot Games, Tencent, and DeepMind — scored each candidate (with ~10 votes per startup). We then took the average scores across all judges for each company, sorted the list, and arrived at our final 25.
Advertisement
Here are our five best-in-category winners.
Best 3D technology & infrastructure: k-ID
There are nearly a billion kids and teens globally that play games online. Yet, today, children pay the price for publisher shortcomings: trolling, cyberbullying, exploitation, toxicity, harassment, grooming, and other forms of online abuse.
The judges were impressed by k-ID’s bold approach in tackling one of the industry’s most pressing, complex challenges—providing a platform that allows both families and publishers to immediately create safe spaces for kids and teens online. At Lightspeed, we believe innovation should drive meaningful and positive change, and k-ID sets that standard, building infrastructure and technology that prioritizes both entertainment and safety. (Note: k-ID is a Lightspeed portfolio company.)
Best Generative AI & agents: Bitmagic
The barrier to create games has always been high. While there are three billion gamers worldwide, there are only ~200,000 professional game developers.
Bitmagic believes anyone should be able to create games.
Bitmagic caught the judges’ attention for its groundbreaking use of generative AI — it’s the first system in the world that leverages generative AI to transform text prompts into fully interactive, multiplayer 3D games. By eliminating the traditional barriers to game development, we see that Bitmagic can act as a catalyst for game lovers, empowering users of all skill levels to bring their game ideas to life with unprecedented ease.
Advertisement
With its recent availability on Steam Playtest, Bitmagic is well underway to democratize game development.
Best game studios & UGC: Giant Skull
Led by industry veteran Stig Asmussen, the mind behind God of War III and the Star Wars Jedi series, Giant Skull is focused on creating AAA, story-driven action-adventure games.
While their technical and visual achievements blew away our judges, our panel was also impressed by the company’s commitment to sustainability practices, work-life balance, and diversity, opting to employ remote developers all over the world.
Best extended reality (AR & VR): Eggscape
Eggscape impressed the judges with its unique blend of mixed reality (MR) and humor, a rare combination in XR.
Known for their immersive VR experiences like Gloomy Eyes featuring Colin Farrell and Paper Birds featuring Edward Norton, Eggscape is an extended reality game where players navigate vivid 3D levels and interact with fellow gamers in real time, all while expecting the relentless invasion of alien robots.
With Eggverse’s world-building tool that allows you to share creations with your friends, its combination of art direction, innovative gameplay, and social connection makes for a new direction in XR.
Advertisement
Best interactive media platforms: Pok Pok
Gaming, especially for young children, can be overstimulating and addictive. Pok Pok stood out with its calm, creativity-driven approach.
Inspired by Montessori principles, Pok Pok prioritizes open-ended, non-addictive educational games for children ages 2-8. Collaborating with the top minds in education, the interactive platform allows children to explore and learn at their own pace.
The minimalist design and thoughtful execution have earned them an Apple Design Award, and highlight a shift in gaming towards more meaningful, balanced entertainment that resonates with both parents and children.
The 2025 Game Changers
Game Changers Judges on stage at GamesBeat NEXT in SF: Moritz Baier-Lentz, Dean Takahashi, Kylan Gibbs, Mihir Vaidya, and Lisha Li.
Gaming moves fast, and these companies are on the front lines of innovation. We’re thrilled to announce the additional 20 winners and honor them on stage at GamesBeat NEXT Summit tonight followed by a reception at our San Francisco office with our judges and some previous winners:
A special thank you to our judges, leaders, and mentors
Thank you to all of the companies that submitted entries, as well as our panel of judges, who were inspired to give back to the community and brought their expertise and passion when evaluating these companies.
Allen Adham, Co-Founder and fr. Chief Design Officer at Blizzard Entertainment
Anna Sweet, CEO of Bad Robot Games
Ben Feder, Managing Partner of Tirta Ventures
Bonnie Rosen, General Manager of Disney Accelerator
Chris Bell, CEO & Game Director of Gardens Interactive
Danny Lange, Vice President of BI & AI at Google
Dean Takahashi, Lead Writer of GamesBeat
Jim Yang, President of Hoyoverse / miHoYo
Joe Tung, Co-Founder & CEO of Theorycraft Games
Johanna Faries, President of Blizzard Entertainment
John Hanke, Founder & CEO of Niantic
John W. Thompson, Fr. Chairman of Microsoft
Ken Wee, Chief Strategy Officer of Mattel and fr. Chief Strategy Officer of Activision Blizzard
Kylan Gibbs, Co-Founder & CEO of Inworld AI
Leo Olebe, VP of Global Partnerships at Microsoft Xbox
Maria Park, Vice President of Corporate Development at Krafton
Michael Chow, Co-Founder & CEO of The Believer Company
Mihir Vaidya, Chief Strategy Officer of Electronic Arts
Moritz Baier-Lentz, Partner & Head of Gaming at Lightspeed
Riccardo Zacconi, Co-Founder and fr. CEO of King
Songyee Yoon, Fr. President & Chief Strategy Officer of NCsoft
V Pappas, Fr. COO of TikTok
VB Daily
Stay in the know! Get the latest news in your inbox daily
Smartphones and navigation apps have become second nature these days. But for those with blindness and low vision, it’s not quite so convenient. Haptic has been building a non-visual, non-verbal way of telling people where to go, and they’ve decided it’s time to scale up and take it global.
Haptic presented onstage today as part of the Startup Battlefield at TechCrunch Disrupt 2024, showing their progress from concept to prototype to platform. The company got started in 2017 when, after a friend lost their sight in an accident, a group of colleagues began looking into ways someone could navigate without using visual or auditory cues.
Though there are plenty of screen-reading options and spoken directions in apps, these options aren’t always convenient or practical. But as co-founder and head of business Enzo Caruso pointed out, there are other interfaces we could be using. Touch, for instance.
“Why not receive info in a more robust, intuitive, and accessible way? Everyone can understand the sensation of touch. It’s global, it’s worldwide, it’s universal,” he said.
Advertisement
The advance Haptic has made — and patented, Caruso noted — is a way of using vibration and other tactile sensations to communicate the simple, intuitive idea that the user is going in the right direction. Your device will send a steady pulse when you’re on track, then quicken or intensify if you veer off course; they call it a “haptic corridor.” Though it’s hard to imagine, they say it’s intuitive enough to get after just a few seconds.
The advantages of the approach are plentiful: It works in any language, requires no special hardware, and can be used to direct someone down a crowded city sidewalk, an open landscape, or even inside a building (though that part is still in development).
Originally this haptic corridor was communicated through a wearable of their own, but since then the company has embraced the progress made in the market.
“Technology advances while you’re advancing — and smartwatches got better. So, do you want to be in competition with the Googles and Apples out there… or do you want to have them as allies? You can take your SDK from thousands of users to billions of users,” said Caruso.
CEO and co-founder Kevin Yoo explained that this year marked the company’s change in focus from proving out the product to putting it in as many hands as possible. A partnership with the likes of Google or Uber would certainly go a long way toward doing that.
Advertisement
Imagine, he said, not having to even take your phone out of your pocket to walk straight to your Uber at the airport, or finding your way through a crowded venue by the pulse of your smartwatch. Anyone might find that useful, in addition to people with vision impairments for whom it may be an everyday navigation tool.
Here’s one user, James, getting around his neighborhood with the help of the app:
“Google and Apple, telecoms, Uber, governments… all of this is coming together into a common ground,” said Yoo. With the capabilities of today’s smartwatches and phones, combined with a new software focus at Haptic on “hyper-accurate location,” they hope to introduce indoor navigation and integration with other services.
Haptic currently partners with Waymap, Cooley, WID, and Infinite Access, and are in talks with many more. They just landed a million-dollar contract with Aira, an app that allows people with vision impairments to get live assistance from a sighted helper via their phone. The haptic navigation would reduce the need for that assistant to give step-by-step directions, instead just dropping pins on a map or providing other services.
Advertisement
This, and not monetizing their own app, is how they intend to make money, Yoo emphasized: “We have a free app available to the world, live in 31 countries right now… and we have the licensing and integration model — that’s the business.”
The company is mid-raise and hoping to close a funding round that will let them pursue bigger partners (the Ubers and T-Mobiles of the world) in earnest.
You must be logged in to post a comment Login