Thursday, December 12, 2019

A lot of fake phone entered African markets between September to December

Starting from mid September this year there has been entry of fake phones on the market in east and Central Africa. According  to research  I tentatively conducted on the boarders of DRC, Rwanda, Tanzania  and one report finding from a friend  in Burundi, a group of phones with the  "TYPE ALLOCATION CODE" of 35551517.....All the phone with  this TAC are fake. I have been wondering  if BABT(British approval board for telecommunications)  whose identifying number 35 is mostly  used by phones made in China and Middle Eas, is aware of such fake phones using their identification  number!
Chinese companies have gone an extra mile in the production of fake electronic  products. It is worth here to note that, I do not mean that all products from China are fake!  The issue of these fake phones on African markets are as result of a number of pronounced factors! !
One is corruption, most quality controlling organizations in Africa connive with some of the exporting companies to allow such fake products on our markets. This is very dangerous  to the environment. Most of these phone run on fake micro chips especially spreadtrum which cannot operate for a very long time, these phones also are with  weak PCBs, and in most cases such phones usually  do not last for more than 3months without technical issues. Am actually worried for in the next 10years,African governments will again be yearning  for loans to combat environmental hazards resulting from massive dumps  of these fake electronic  products.
There is another problem with chinese electronic  manufacturing companies, they seem to produce few genuine products, and then later flood the markets  with apparent similar but fake products  so as to cut the cost of production. I  think in China, there are other small  companies that seem to copy and imitate other technology  giants, and since they cannot afford market  and production terms and conditions, they simply manufacture cheap products,using cheap resources .
In Uganda, I can extend my appreciation  to UCC for setting  up a link for testing whether ones product is fake!but it is better for UCC to get tough  and force all phone exporting and importing companies to first test all their products.
https://www.ucc.co.ug/imei.php
Now you've  to look at this example... This phone in the picture below has an IMEI of another different phone model which is an itel2090 yet for it is another model

These are phones owned by innocent citizens, they do know!!!  So am warning UCC not  to use this information  to block their IMEIs, actually it is this UCC that should sit with UNBS to solve this and have them out of market ..!!!stop this bribery and help citizens, how do you allow such products on market, do you know the repercussions  behind all these fake products ! For God and my country 

There is another security flaw on Intel processors

Altering Intel’s CPU voltages and frequency directly in the operating system is a feature that many users appreciate as it allows them to use all those software-based utilities that aid in overclocking. Now, this feature may not be as secure as previously anticipated.
Recently a team of cybersecurity experts proved that this particular feature can be exploited by threat actors that can cause substantial damage by aiming to hijack Intel SGX. For those who don’t know, Intel SGX
is an extremely critical and hardware-isolated space on new models of Intel CPUs responsible for encrypting sensitive data for protecting it from being stolen in case the system gets compromised.
The research team comprised of six European members from the University of Birmingham, KU Leuven, and the Graz University of Technology. The attack technique is dubbed Plundervolt and classified as
CVE-2019-11157 .
According to the team’s findings, the attack exploits the modern processor’s frequency and voltage adjustment feature, by controlling it in a way to generate errors in the system’s memory through flipping bits. This attack affects almost all those Intel Core Processors that are SGX-enabled including the Skylake generation .
However, the technique was identified and reported to Intel in June 2019 and now that the company has fixed the issue, the findings have been disclosed to the public.
Yesterday, Intel released the BIOS and microcode updates for addressing the Plundervolt issue and 13 other medium to high vulnerabilities. The updates make locking voltage a part of the default setting in the BIOS. Therefore,, if SGX is disabled or the CPU voltage is locked at the default value, the system will be safe from any threat.
The findings were reported first by ZDNet. The report states that using the Plundervolt vulnerability, threat actors can easily access information such as AES encryption keys stored in the chip’s SGX Enclave. This enclave is not separate from CPU’s memory but is protected by software encryption.
Once its security is breached, attackers can extract data from the enclave at a much faster rate than the previous attacks like Spectre and Meltdown. The attack mechanism is quite similar to the concepts behind CLKscrew and VoltJockey attacks, as it alters SGX bits to create errors and uses them to recreate data via a side-channel observation method.
The attack works on Intel’s 6th, 7th, 8th, 9th, and 10th-Gen Core processors as well as Xeon E3, v5, v6, E-2100 and E-2200, and doesn’t need host access with administrative or root privileges to be launched.
Yet, exploiting the vulnerability would have been tough if not impossible but it would need a combination of attacks and specify particular targets, claim the researchers. It is also noted that the attack cannot be launched in virtual environments, which means Intel’s data center customers are not at risk.

What the hell is wrong with these online currency mining companies

3 of the BitClub Network mining pool have been arrested on fraud charges for operating a Ponzi scheme that has taken a total of $722 Million USD ($1,059,754,488 AUD) from its investors.
In an indictment from the New Jersey district court (), 5 names in total appear on the document, however 2 of the names have been redacted. The 3 persons in question that are named on the document are Matthew Brent Goettsche, Jobadiah Sinclair Weeks and Joseph Frank Abel.
All 3 named persons have been charged with conspiracy to offer and sell unregistered securities, with only Goettsche and Weeks being charged with conspiracy to commit wire fraud. The 2 redacted persons named on the document are still at large so their names with remain under seal until they have been arrested.
Between April 2014 and December 2019, the scammers released false statistics of their hash rates and returns to convince people to buy shares and invest in their BitClub Network mining pool, and offered bonuses for finding more victims to invest into the scam.
The indictment document includes transcripts of the conversations where the scammers discussed in detail and planed the entire operation.
Currently the BitClub promotional website and mining pool websites are still online and operating, which has the potential to scam unwitting persons that stumble across the sites and sign up.

FARDC and Wazalendo claim that many M23 have been neutralized and several villages liberated .

This Saturday 21/12/24 the village of KANYAMBI, a major stronghold of the M23_RDF in the Lubero territory was retaken by the Congolese army ...