Kalakshar US

A new iPhone update patches a flaw that could allow an attacker to turn off a nearly seven-year-old USB security feature. Apple’s release notes for iOS 18.3.1 and iPadOS 18.3.1 say the bug, which allowed the deactivation of USB Restricted Mode, “may have been exploited in an extremely sophisticated attack against specific targeted individuals.”

The release notes describe the now-patched security flaw as allowing “a physical attack,” which suggests the attacker needed the device in hand to exploit it. So, unless your device was hijacked by “extremely sophisticated” attackers, there was nothing to panic about even before Monday’s update.

USB Restricted Mode, introduced in iOS 11.4.1, prevents USB accessories from accessing your device’s data if it hasn’t been unlocked for an hour. The idea is to protect your iPhone or iPad from law enforcement devices like Cellebrite and Graykey. It’s also the reason for the message asking you to unlock your device before connecting it to a Mac or Windows PC.

Aligned with its typical policy, Apple didn’t detail who or what entity used the attack in the wild, only noting that the company is “aware of a report that this issue may have been exploited.” Security researcher Bill Marczak of the University of Toronto’s Citizen Lab reported the flaw. In 2016, while in grad school, he discovered the iPhone’s first known zero-day remote jailbreak, which a cyberwarfare company sold to governments.

You can make sure USB Restricted Mode is activated by heading to Settings > Face ID (or Touch ID) & Passcode. Scroll down to “Accessories” in the list and ensure the toggle is off, which it is by default. Somewhat confusingly, toggling the setting off means the security feature is on because it lists features with allowed access.

As usual, you can install the update by heading to Settings > General > Software Update on your iPhone or iPad.

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/apple-patches-iphone-exploit-that-allowed-for-extremely-sophisticated-attack-214237852.html?src=rss 

Roblox, Discord, OpenAI and Google are launching a nonprofit organization called ROOST, or Robust Open Online Safety Tools, which hopes “to build scalable, interoperable safety infrastructure suited for the AI era.”

The organization plans on providing free, open-source safety tools to public and private organizations to use on their own platforms, with a special focus on child safety to start. The press release announcing ROOST specifically calls out plans to offer “tools to detect, review, and report child sexual abuse material (CSAM).” Partner companies are providing funding for these tools, and the technical expertise to build them, too.

The operating theory of ROOST is that access to generative AI is rapidly changing the online landscape, making the need for “reliable and accessible safety infrastructure” all the more urgent. And rather than expect a smaller company or organization to create their own safety tools from scratch, ROOST wants to provide them, free of charge.

Child online safety has been the issue du jour since the Children and Teen’s Online Privacy Protection Act (COPPA) and Kids Online Safety Act (KOSA) started making their way through Congress, even though both failed to pass in the House. At least some of the companies involved in ROOST, specifically Google and OpenAI, have also already pledged to stop AI tools from being used to generate CSAM. 

The child safety issue is even more pressing for Roblox. As of 2020, two-thirds of all US children between nine and 12 play Roblox, and the platform has historically struggled to address child safety. Bloomberg Businessweek reported that the company had a “pedophile problem” in 2024, which prompted multiple policy changes and new restrictions around children’s DMs. ROOST won’t make all of these problems go away, but should make dealing with them easier for any other organization or company that finds itself in Roblox’s position.

This article originally appeared on Engadget at https://www.engadget.com/big-tech/roblox-discord-openai-and-google-found-new-child-safety-group-194445241.html?src=rss 

Lyft is scrambling to compete as Uber racks up autonomous vehicle (AV) partners. On Monday, Lyft said it partnered with Japanese conglomerate Marubeni to bring robotaxis to Dallas roads as soon as next year before expanding to “thousands of vehicles” in other cities.

It’s the first fruit from Lyft’s Mobileye partnership, announced in November. TechCrunch notes that the Intel-owned Mobileye’s tech is already available in models from (among others) Audi, Ford, GM, Nissan and Volkswagen. Lyft hasn’t yet said which automaker(s) it’s partnering with for the Dallas rollout. But Lyft executive vice president of driver experience Jeremy Bird told TechCrunch that it’s in talks with “every major autonomous carmaker.”

Marubeni, which owns subsidiaries in industries ranging from cereal to fossil fuels (fortunately, not in the same product), owns and manages fleets with over 900,000 vehicles across the globe. The company’s Mobileye-equipped robotaxis will be available for folks in Dallas to hail through the Lyft app after the program launches.

Although the Dallas launch will serve as Lyft’s pilot program for Mobileye AVs, it may not end up being the company’s next robotaxi rollout. Last year, it also partnered with AV company May Mobility and aims to bring robotaxis with its tech to Atlanta sometime in 2025.

The pressure is on Lyft to keep up, as Uber has inked deals with a long list of companies in the AV space, including Avride, Aurora Innovation, Nuro, Waabi and Wayve. Uber and Alphabet’s Waymo also plan to launch AV fleets in Austin and Atlanta early this year. (The waitlist is already open.) Tesla has also said it plans to introduce its first autonomous vehicle service in Austin this June.

This article originally appeared on Engadget at https://www.engadget.com/transportation/lyft-aims-for-a-2026-dallas-launch-of-its-first-mobileye-robotaxis-190137968.html?src=rss