Advertise here
Advertise here

Several

now browsing by tag

 
 

Several Vulnerabilities Found in Common Android IDEs Including Android Studio, IntelliJ IDEA, and Eclipse

When we think of Android vulnerabilities we typically picture a zero-day vulnerability that exploits some process to escalate privileges. This can be anything from tricking your smartphone or tablet into connecting to a malicious WiFi network, or allowing code to be executed on a device from a remote location. However, there’s a new type of Android vulnerability that has recently been discovered. It’s being called ParseDroid and it exploits developer tools including Android Studio, IntelliJ IDEA, Eclipse, APKTool, the Cuckoo-Droid service and more.

ParseDroid isn’t isolated to just Android’s developer tools, though, and these vulnerabilities have been found in multiple Java/Android tools that programmers are using these days. It doesn’t matter if you’re using a downloadable developer tool or one that works in the cloud, Check Point Research has found these vulnerabilities in the most common Android and Java development tools. Once exploited, an attacker is then able to access internal files of the developer’s work machine.

Check Point Research first did some digging into the most popular tool for reverse engineering third party Android apps (APKTool) and found that both its decompiling and building APK features are vulnerable to the attack. After looking at the source code, researchers managed to identify an XML External Entity (XXE) vulnerability that is possible because its configured XML parser of APKTool does not disable external entity references when parsing an XML file.

Once exploited, the vulnerability exposes the whole OS file system of APKTool users. In turn, this potentially allows the attacker to retrieve any file on the victim’s PC by using a malicious “AndroidManifest.xml” file that exploits an XXE vulnerability. Once that vulnerability was discovered, the researchers then looked at popular Android IDEs and found out that by simply loading the malicious “AndroidManifest.xml” file as part of any Android project, the IDEs starts spitting out any file configured by the attacker.

32978_ParseDroid-1024x506 Several Vulnerabilities Found in Common Android IDEs Including Android Studio, IntelliJ IDEA, and Eclipse

Credits: Check Point Research

Check Point Research also demonstrated an attack scenario potentially affecting a large number of Android developers. It works by injecting a malicious AAR (Android Archive Library) containing an XXE payload into online repositories. If a victim clones the repository, then the attacker would then have access to potentially sensitive company property from the victim’s OS file system.

32978_ParseDroid-1024x506 Several Vulnerabilities Found in Common Android IDEs Including Android Studio, IntelliJ IDEA, and Eclipse

Credits: Check Point Research

Finally, the authors described a method through which they can execute remote code on a victim’s machine. This is done by exploiting a configuration file in APKTool called “APKTOOL.YAML.” This file has a section called “unknownFiles” where users can specify file locations that will be placed during the rebuilding of an APK. These files are stored on the victim’s machine in an “Unknown” folder. By editing the path where these files are saved, an attacker can inject any file they want on the victim’s file system since APKTool did not validate the path where unknown files are extracted from an APK.

The files that the attacker injects lead to full Remote Code Execution on the victim’s machine, meaning that an attacker can exploit any victim with APKTool installed by crafting a maliciously made APK and having the victim attempt to decode and then rebuild it.

32978_ParseDroid-1024x506 Several Vulnerabilities Found in Common Android IDEs Including Android Studio, IntelliJ IDEA, and Eclipse

Credits: Check Point Research

Since all of the IDEs and tools mentioned above are cross-platform and generic, the potential for exploiting these vulnerabilities is high. Thankfully, after reaching out to the developers of each of these IDEs and tools, Check Point Research has confirmed that these tools are no longer vulnerable to this kind of attack. If you are running an older version of one of these tools, we recommend you update immediately to secure yourself against a ParseDroid-style attack.


Source: Check Point Research

iPhone chip supplier Dialog is planning for ‘several scenarios’ after admitting Apple could bring design in-house

  • Dialog Semiconductor is a British, listed firm which supplies power management chips to the iPhone and other Apple products.
  • It’s one of the fastest growing chip businesses in Europe – but shares plummeted on Monday after the firm admitted Apple could bring iPhone chip design in-house.
  • Its chief executive said it would still supply chips for to Apple in 2018, but it couldn’t be certain about its 2019 deal with the firm for another few months.
  • The news comes after another UK chip firm, Imagination Technologies, was sold off to a Chinese buyer after Apple pulled its business.

Shares in Dialog Semiconductor, the publicly listed British firm which supplies power management chips for the iPhone and other Apple products, are plunging after its chief executive admitted that Apple could one day bring iPhone chip design in-house.

CEO Jalal Bagherli said Apple probably had the capability to produce its own iPhone chip but said there was no indication that the firm was about to do so. Apple is Dialog’s biggest customer.

Nonetheless, Dialog is planning for “several scenarios,” including Apple totally or partially replacing one chip. Bagherli played down the potential impact, telling analysts and investors on a call: “We are not talking about the entire business, or the entire chips in a phone.”

He added: “Our position remains that we have no material change in our ongoing business relationship with Apple Inc. Specifically … we continue to be included in new design engagements and opportunities in power management.”

He said the firm wouldn’t know until February or March the commercial terms of Apple’s business for 2019. He said Dialog had already begun sharing chip designs for 2019’s iPhone with Apple.

“We expect to remain Apple’s main supplier,” he added. “We feel it’s reasonable to recognise Apple has the resources and capability to design its own [power management chip].

6073c_599dfd0e73cdd08bdf57626231680eb96d56e78e-800x505 iPhone chip supplier Dialog is planning for 'several scenarios' after admitting Apple could bring design in-house

“As far as 2018, I want to be clear that Dialog has no reason to believe its current expectation of business with Apple will be impacted by any such actions.”

It’s unusual for an a supplier to publicly comment on the relationship with Apple, but Bagherli sought “special dispensation” to talk about Dialog’s biggest customer after a Nikkei report suggested the iPhone maker would bring chip design in-house.

The reports sent Dialog’s shares plunging, as investors worried that the firm could meet the same fate as Imagination, the British chip firm which was hurriedly sold off in September after Apple stopped using its technology.

Bagherli pointed to the fact Apple is producing a bigger range of iPhones as a reason to be confident.

“I think it’s fair to say we believe they can design the main [power management chip] for, say, a phone. They would probably have the capability for one. […] You’ve all seen that the range of product is getting broader in terms of the low-end, mid-end, and high-end from before, when there was only one phone. Maybe lower specs could be used for developing countries, there could be a different power management chip. These are the types of things to think about.”

Dialog’s share price stands at €26.92 (£23.76), down more than 30% on a week ago.

But in a follow-up note to the call, Morgan Stanley analysts issued a target price of $55 (€46.44, £40.97).

Analyst Francois A. Meunier wrote: “As Dialog’s statement indicates, Apple has not taken a decision as of yet,and this is not the only instance where Apple has been working on an internally designed chip to keep a supplier progressing well. Dialog management is aware that they need, more than ever, to deliver a chip that is competitive on features, price and timing.”

iPhone chip supplier Dialog is planning for ‘several scenarios’ after admitting Apple could bring design in-house

  • Dialog Semiconductor is a British, listed firm which supplies power management chips to the iPhone and other Apple products.
  • It’s one of the fastest growing chip businesses in Europe – but shares plummeted on Monday after the firm admitted Apple could bring iPhone chip design in-house.
  • Its chief executive said it would still supply chips for to Apple in 2018, but it couldn’t be certain about its 2019 deal with the firm for another few months.
  • The news comes after another UK chip firm, Imagination Technologies, was sold off to a Chinese buyer after Apple pulled its business.

Shares in Dialog Semiconductor, the publicly listed British firm which supplies power management chips for the iPhone and other Apple products, are plunging after its chief executive admitted that Apple could one day bring iPhone chip design in-house.

CEO Jalal Bagherli said Apple probably had the capability to produce its own iPhone chip but said there was no indication that the firm was about to do so. Apple is Dialog’s biggest customer.

Nonetheless, Dialog is planning for “several scenarios,” including Apple totally or partially replacing one chip. Bagherli played down the potential impact, telling analysts and investors on a call: “We are not talking about the entire business, or the entire chips in a phone.”

He added: “Our position remains that we have no material change in our ongoing business relationship with Apple Inc. Specifically … we continue to be included in new design engagements and opportunities in power management.”

He said the firm wouldn’t know until February or March the commercial terms of Apple’s business for 2019. He said Dialog had already begun sharing chip designs for 2019’s iPhone with Apple.

“We expect to remain Apple’s main supplier,” he added. “We feel it’s reasonable to recognise Apple has the resources and capability to design its own [power management chip].

6073c_599dfd0e73cdd08bdf57626231680eb96d56e78e-800x505 iPhone chip supplier Dialog is planning for 'several scenarios' after admitting Apple could bring design in-house

“As far as 2018, I want to be clear that Dialog has no reason to believe its current expectation of business with Apple will be impacted by any such actions.”

It’s unusual for an a supplier to publicly comment on the relationship with Apple, but Bagherli sought “special dispensation” to talk about Dialog’s biggest customer after a Nikkei report suggested the iPhone maker would bring chip design in-house.

The reports sent Dialog’s shares plunging, as investors worried that the firm could meet the same fate as Imagination, the British chip firm which was hurriedly sold off in September after Apple stopped using its technology.

Bagherli pointed to the fact Apple is producing a bigger range of iPhones as a reason to be confident.

“I think it’s fair to say we believe they can design the main [power management chip] for, say, a phone. They would probably have the capability for one. […] You’ve all seen that the range of product is getting broader in terms of the low-end, mid-end, and high-end from before, when there was only one phone. Maybe lower specs could be used for developing countries, there could be a different power management chip. These are the types of things to think about.”

Dialog’s share price stands at €26.92 (£23.76), down more than 30% on a week ago.

But in a follow-up note to the call, Morgan Stanley analysts issued a target price of $55 (€46.44, £40.97).

Analyst Francois A. Meunier wrote: “As Dialog’s statement indicates, Apple has not taken a decision as of yet,and this is not the only instance where Apple has been working on an internally designed chip to keep a supplier progressing well. Dialog management is aware that they need, more than ever, to deliver a chip that is competitive on features, price and timing.”

iPhone chip supplier Dialog is planning for ‘several scenarios’ after admitting Apple could destroy its business

  • Dialog Semiconductor is a British, listed firm which supplies power management chips to the iPhone and other Apple products.
  • It’s one of the fastest growing chip businesses in Europe – but shares plummeted on Monday after the firm admitted Apple could bring iPhone chip design in-house.
  • Its chief executive said it would still supply chips for to Apple in 2018, but it couldn’t be certain about its 2019 deal with the firm for another few months.
  • The news comes after another UK chip firm, Imagination Technologies, was sold off to a Chinese buyer after Apple pulled its business.

Shares in Dialog Semiconductor, the publicly listed British firm which supplies power management chips for the iPhone and other Apple products, are plunging after its chief executive admitted that Apple could one day bring iPhone chip design in-house.

CEO Jalal Bagherli said Apple probably had the capability to produce its own iPhone chip but said there was no indication that the firm was about to do so. Apple is Dialog’s biggest customer.

Nonetheless, Dialog is planning for “several scenarios,” including Apple totally or partially replacing one chip. Bagherli played down the potential impact, telling analysts and investors on a call: “We are not talking about the entire business, or the entire chips in a phone.”

He added: “Our position remains that we have no material change in our ongoing business relationship with Apple Inc. Specifically … we continue to be included in new design engagements and opportunities in power management.”

He said the firm wouldn’t know until February or March the commercial terms of Apple’s business for 2019. He said Dialog had already begun sharing chip designs for 2019’s iPhone with Apple.

“We expect to remain Apple’s main supplier,” he added. “We feel it’s reasonable to recognise Apple has the resources and capability to design its own [power management chip].

bba19_599dfd0e73cdd08bdf57626231680eb96d56e78e-800x505 iPhone chip supplier Dialog is planning for 'several scenarios' after admitting Apple could destroy its business

“As far as 2018, I want to be clear that Dialog has no reason to believe its current expectation of business with Apple will be impacted by any such actions.”

It’s unusual for an a supplier to publicly comment on the relationship with Apple, but Bagherli sought “special dispensation” to talk about Dialog’s biggest customer after a Nikkei report suggested the iPhone maker would bring chip design in-house.

The reports sent Dialog’s shares plunging, as investors worried that the firm could meet the same fate as Imagination, the British chip firm which was hurriedly sold off in September after Apple stopped using its technology.

Bagherli pointed to the fact Apple is producing a bigger range of iPhones as a reason to be confident.

“I think it’s fair to say we believe they can design the main [power management chip] for, say, a phone. They would probably have the capability for one. […] You’ve all seen that the range of product is getting broader in terms of the low-end, mid-end, and high-end from before, when there was only one phone. Maybe lower specs could be used for developing countries, there could be a different power management chip. These are the types of things to think about.”

Dialog’s share price stands at €26.92 (£23.76), down more than 30% on a week ago.

But in a follow-up note to the call, Morgan Stanley analysts issued a target price of $55 (€46.44, £40.97).

Analyst Francois A. Meunier wrote: “As Dialog’s statement indicates, Apple has not taken a decision as of yet,and this is not the only instance where Apple has been working on an internally designed chip to keep a supplier progressing well. Dialog management is aware that they need, more than ever, to deliver a chip that is competitive on features, price and timing.”

Texas health regulators overrun by ‘several hundred’ rats at headquarters

(TEXAS TRIBUNE) On Oct. 17, Brenda Brantley, an employee at Texas’ Health and Human Services Commission, was in her second-floor office at the agency’s Austin headquarters when she received an unexpected visitor.

The beady-eyed infiltrator — a brown rat of the species Rattus norvegicus — scurried down the carpeted hallway before ducking behind a filing cabinet, employee correspondence shows.

The sight was sufficiently disturbing to health commission workers that Hugh Addington, the agency’s director of cross-division coordination, fired off a note to executive leadership, detailing the intruder’s exact movements before it disappeared.

“It could not be located,” Addington lamented in an email obtained by The Texas Tribune under public records law. But the rodent left a clue as to its whereabouts. “There are also droppings nearby in cube 2123,” Addington wrote. 

In subsequent weeks, the Norwegian rat — also known as a street rat or sewer rat — seems to have invited its friends and family over, too. A health commission spokeswoman estimated there are now “several hundred in the building.”

The agency is facing a $60,000 bill to pay private exterminators from Orkin for the quixotic task of trapping and killing the remaining rodents in the building. That’s in addition to pest control work already undertaken by the Texas Facilities Commission.

Employees described to the Tribune seeing trapped rat corpses in office hallways. Some shared harrowing cellphone photos of the furry creatures’ mangled bodies. But perhaps most disturbing, employees said, are the myriad live rat sightings.

“This is really unsettling the staff…” Lesley French, an associate commissioner at the agency, wrote in an email on Oct. 20, in which she forwarded Addington’s note to Enrique Marquez and Kelly Garcia, two other high-ranking employees. (Marquez was later spotted in an Orkin Man costume at the agency’s Halloween celebration.)

Garcia then passed along the email to Hailey Kemp, the agency’s deputy chief of staff, as they planned a meeting on how to deal with the four-legged invaders. “Rats on [floor] 2 are a continued problem,” Garcia wrote, appending a sad-faced emoticon.

Just how serious are the agency’s problems? Orkin exterminators take a bleak view. “Rats prefer to hide, given enough space, so if rats are observed in plain sight, it is likely that a full-blown infestation already exists,” reads a post on the company’s website.

To get rid of them, the agency has taken the unusual step of paying out of its own budget for emergency extermination.

“While we have been trapping and working with [the Texas Facilities Commission], we wanted to take the extra step and hire a contractor to address the situation before winter,” said Christine Mann, a health agency spokeswoman. 

Normally, the facilities commission would handle these sorts of issues for its sister state agencies. The facilities commission has a full-time employee licensed in pest management and, as a backup, a list of private contractors it can call for help. The health commission’s decision to hire its own contractor left the facilities commission nonplussed, emails show.

“We understand that HHSC has a bid of @ $60K for Orkin to do something, but not exactly clear what,” wrote Peter Maass, the Texas Facilities Commission’s deputy executive director of planning and real estate management.

“Also, do not understand why a pest control contractor is being hired directly by HHSC and not routing through TFC,” he wrote.

Then there is the question of where the pests came from. The facilities commission believes the rats “may be largely associated with ongoing renovation/minor construction activities,” Shyra Darr, that agency’s director of strategic planning and policy, wrote in an email. “In general, minor construction and deferred maintenance activities often disrupt and reveal rodent issues in any building.”

Internally, health agency officials have told employees to clean up their desks, especially of food waste. An all-staff email sent on Oct. 23 to Department of State Health Services employees, who face pest control problems of their own, encouraged employees to rat out their colleagues via an anonymous tip line.

“Your call will be kept confidential,” the email stressed.

The Health and Human Services Commission is a massive operation, spanning roughly 60,000 employees and an $80 billion two-year budget. Its duties include administering Medicaid, the public health insurance program that serves roughly 4 million Texans at any given time, and regulating certain health care providers. On the latter point, the agency also inspects various health care facilities to ensure they’re clean enough to protect the sick and elderly patients they serve.

The irony of health care regulators being overrun by rats is not lost on state employees. Mann, the agency spokeswoman, conceded that if a rat infestation were discovered at one of the buildings regulated by the state, such as a nursing home or mental hospital, it “could be cited for unsanitary conditions.”

Pests are nothing new in state government buildings. In 2014, at the Texas School for the Deaf, regulators found living and dead rodents strewn about the building. There were raccoon, squirrel and possum carcasses in crawlspaces, along with rats and rat feces. In that case, the state spent $18,000 on extermination.

But the health commission infestation appears to be in a league of its own. Darr, of the facilities commission, said she was not aware of another state building that had a rat problem as extensive as Brown-Heatly’s.

Seth Hutchinson, organizing coordinator for the Texas State Employees Union, said the structural and pest control problems at state government buildings were the result of decades of under-investment.

“It’s not just HHSC,” he said. “The general state of repair of state buildings is pretty poor.”

State agencies can ask lawmakers for emergency funds from the budget to handle “deferred maintenance” costs. But Mann said the health commission had no plans to ask for pest control funds in the agency’s next legislative appropriations request, expressing confidence that the rat problem would be taken care of by winter’s end.

Go here to read this article in its original form.

© 2017 WFAA-TV

Texas health regulators overrun by ‘several hundred’ rats at headquarters

(TEXAS TRIBUNE) On Oct. 17, Brenda Brantley, an employee at Texas’ Health and Human Services Commission, was in her second-floor office at the agency’s Austin headquarters when she received an unexpected visitor.

The beady-eyed infiltrator — a brown rat of the species Rattus norvegicus — scurried down the carpeted hallway before ducking behind a filing cabinet, employee correspondence shows.

The sight was sufficiently disturbing to health commission workers that Hugh Addington, the agency’s director of cross-division coordination, fired off a note to executive leadership, detailing the intruder’s exact movements before it disappeared.

“It could not be located,” Addington lamented in an email obtained by The Texas Tribune under public records law. But the rodent left a clue as to its whereabouts. “There are also droppings nearby in cube 2123,” Addington wrote. 

In subsequent weeks, the Norwegian rat — also known as a street rat or sewer rat — seems to have invited its friends and family over, too. A health commission spokeswoman estimated there are now “several hundred in the building.”

The agency is facing a $60,000 bill to pay private exterminators from Orkin for the quixotic task of trapping and killing the remaining rodents in the building. That’s in addition to pest control work already undertaken by the Texas Facilities Commission.

Employees described to the Tribune seeing trapped rat corpses in office hallways. Some shared harrowing cellphone photos of the furry creatures’ mangled bodies. But perhaps most disturbing, employees said, are the myriad live rat sightings.

“This is really unsettling the staff…” Lesley French, an associate commissioner at the agency, wrote in an email on Oct. 20, in which she forwarded Addington’s note to Enrique Marquez and Kelly Garcia, two other high-ranking employees. (Marquez was later spotted in an Orkin Man costume at the agency’s Halloween celebration.)

Garcia then passed along the email to Hailey Kemp, the agency’s deputy chief of staff, as they planned a meeting on how to deal with the four-legged invaders. “Rats on [floor] 2 are a continued problem,” Garcia wrote, appending a sad-faced emoticon.

Just how serious are the agency’s problems? Orkin exterminators take a bleak view. “Rats prefer to hide, given enough space, so if rats are observed in plain sight, it is likely that a full-blown infestation already exists,” reads a post on the company’s website.

To get rid of them, the agency has taken the unusual step of paying out of its own budget for emergency extermination.

“While we have been trapping and working with [the Texas Facilities Commission], we wanted to take the extra step and hire a contractor to address the situation before winter,” said Christine Mann, a health agency spokeswoman. 

Normally, the facilities commission would handle these sorts of issues for its sister state agencies. The facilities commission has a full-time employee licensed in pest management and, as a backup, a list of private contractors it can call for help. The health commission’s decision to hire its own contractor left the facilities commission nonplussed, emails show.

“We understand that HHSC has a bid of @ $60K for Orkin to do something, but not exactly clear what,” wrote Peter Maass, the Texas Facilities Commission’s deputy executive director of planning and real estate management.

“Also, do not understand why a pest control contractor is being hired directly by HHSC and not routing through TFC,” he wrote.

Then there is the question of where the pests came from. The facilities commission believes the rats “may be largely associated with ongoing renovation/minor construction activities,” Shyra Darr, that agency’s director of strategic planning and policy, wrote in an email. “In general, minor construction and deferred maintenance activities often disrupt and reveal rodent issues in any building.”

Internally, health agency officials have told employees to clean up their desks, especially of food waste. An all-staff email sent on Oct. 23 to Department of State Health Services employees, who face pest control problems of their own, encouraged employees to rat out their colleagues via an anonymous tip line.

“Your call will be kept confidential,” the email stressed.

The Health and Human Services Commission is a massive operation, spanning roughly 60,000 employees and an $80 billion two-year budget. Its duties include administering Medicaid, the public health insurance program that serves roughly 4 million Texans at any given time, and regulating certain health care providers. On the latter point, the agency also inspects various health care facilities to ensure they’re clean enough to protect the sick and elderly patients they serve.

The irony of health care regulators being overrun by rats is not lost on state employees. Mann, the agency spokeswoman, conceded that if a rat infestation were discovered at one of the buildings regulated by the state, such as a nursing home or mental hospital, it “could be cited for unsanitary conditions.”

Pests are nothing new in state government buildings. In 2014, at the Texas School for the Deaf, regulators found living and dead rodents strewn about the building. There were raccoon, squirrel and possum carcasses in crawlspaces, along with rats and rat feces. In that case, the state spent $18,000 on extermination.

But the health commission infestation appears to be in a league of its own. Darr, of the facilities commission, said she was not aware of another state building that had a rat problem as extensive as Brown-Heatly’s.

Seth Hutchinson, organizing coordinator for the Texas State Employees Union, said the structural and pest control problems at state government buildings were the result of decades of under-investment.

“It’s not just HHSC,” he said. “The general state of repair of state buildings is pretty poor.”

State agencies can ask lawmakers for emergency funds from the budget to handle “deferred maintenance” costs. But Mann said the health commission had no plans to ask for pest control funds in the agency’s next legislative appropriations request, expressing confidence that the rat problem would be taken care of by winter’s end.

Go here to read this article in its original form.

© 2017 WFAA-TV

Texas health regulators overrun by “several hundred” rats at Austin headquarters

On Oct. 17, Brenda Brantley, an employee at Texas’ Health and Human Services Commission, was in her second-floor office at the agency’s Austin headquarters when she received an unexpected visitor.

The beady-eyed infiltrator — a brown rat of the species Rattus norvegicus — scurried down the carpeted hallway before ducking behind a filing cabinet, employee correspondence shows.

The sight was sufficiently disturbing to health commission workers that Hugh Addington, the agency’s director of cross-division coordination, fired off a note to executive leadership, detailing the intruder’s exact movements before it disappeared.

“It could not be located,” Addington lamented in an email obtained by The Texas Tribune under public records law. But the rodent left a clue as to its whereabouts. “There are also droppings nearby in cube 2123,” Addington wrote. 

The Texas Tribune thanks its sponsors. Become one.

In subsequent weeks, the Norwegian rat — also known as a street rat or sewer rat — seems to have invited its friends and family over, too. A health commission spokeswoman estimated there are now “several hundred in the building.”

The agency is facing a $60,000 bill to pay private exterminators from Orkin for the quixotic task of trapping and killing the remaining rodents in the building. That’s in addition to pest control work already undertaken by the Texas Facilities Commission.

Employees described to the Tribune seeing trapped rat corpses in office hallways. Some shared harrowing cellphone photos of the furry creatures’ mangled bodies. But perhaps most disturbing, employees said, are the myriad live rat sightings.

“This is really unsettling the staff…” Lesley French, an associate commissioner at the agency, wrote in an email on Oct. 20, in which she forwarded Addington’s note to Enrique Marquez and Kelly Garcia, two other high-ranking employees. (Marquez was later spotted in an Orkin Man costume at the agency’s Halloween celebration.)

Garcia then passed along the email to Hailey Kemp, the agency’s deputy chief of staff, as they planned a meeting on how to deal with the four-legged invaders. “Rats on [floor] 2 are a continued problem,” Garcia wrote, appending a sad-faced emoticon.

Just how serious are the agency’s problems? Orkin exterminators take a bleak view. “Rats prefer to hide, given enough space, so if rats are observed in plain sight, it is likely that a full-blown infestation already exists,” reads a post on the company’s website.

The Texas Tribune thanks its sponsors. Become one.

To get rid of them, the agency has taken the unusual step of paying out of its own budget for emergency extermination.

“While we have been trapping and working with [the Texas Facilities Commission], we wanted to take the extra step and hire a contractor to address the situation before winter,” said Christine Mann, a health agency spokeswoman. 

Normally, the facilities commission would handle these sorts of issues for its sister state agencies. The facilities commission has a full-time employee licensed in pest management and, as a backup, a list of private contractors it can call for help. The health commission’s decision to hire its own contractor left the facilities commission nonplussed, emails show.

“We understand that HHSC has a bid of @ $60K for Orkin to do something, but not exactly clear what,” wrote Peter Maass, the Texas Facilities Commission’s deputy executive director of planning and real estate management.

“Also, do not understand why a pest control contractor is being hired directly by HHSC and not routing through TFC,” he wrote.

Then there is the question of where the pests came from. The facilities commission believes the rats “may be largely associated with ongoing renovation/minor construction activities,” Shyra Darr, that agency’s director of strategic planning and policy, wrote in an email. “In general, minor construction and deferred maintenance activities often disrupt and reveal rodent issues in any building.”

Internally, health agency officials have told employees to clean up their desks, especially of food waste. An all-staff email sent on Oct. 23 to Department of State Health Services employees, who face pest control problems of their own, encouraged employees to rat out their colleagues via an anonymous tip line.

“Your call will be kept confidential,” the email stressed.

The Texas Tribune thanks its sponsors. Become one.

The Health and Human Services Commission is a massive operation, spanning roughly 60,000 employees and an $80 billion two-year budget. Its duties include administering Medicaid, the public health insurance program that serves roughly 4 million Texans at any given time, and regulating certain health care providers. On the latter point, the agency also inspects various health care facilities to ensure they’re clean enough to protect the sick and elderly patients they serve.

The irony of health care regulators being overrun by rats is not lost on state employees. Mann, the agency spokeswoman, conceded that if a rat infestation were discovered at one of the buildings regulated by the state, such as a nursing home or mental hospital, it “could be cited for unsanitary conditions.”

Pests are nothing new in state government buildings. In 2014, at the Texas School for the Deaf, regulators found living and dead rodents strewn about the building. There were raccoon, squirrel and possum carcasses in crawlspaces, along with rats and rat feces. In that case, the state spent $18,000 on extermination.

But the health commission infestation appears to be in a league of its own. Darr, of the facilities commission, said she was not aware of another state building that had a rat problem as extensive as Brown-Heatly’s.

Seth Hutchinson, organizing coordinator for the Texas State Employees Union, said the structural and pest control problems at state government buildings were the result of decades of under-investment.

“It’s not just HHSC,” he said. “The general state of repair of state buildings is pretty poor.”

State agencies can ask lawmakers for emergency funds from the budget to handle “deferred maintenance” costs. But Mann said the health commission had no plans to ask for pest control funds in the agency’s next legislative appropriations request, expressing confidence that the rat problem would be taken care of by winter’s end.

Read related Tribune coverage:

  • Dozens of experienced senior staff members have left Texas’ health and human services agency, saying morale has sunk under the new executive director, and critics say it’s hampered the state’s ability to aid victims of Hurricane Harvey. [Full story]

Computer donation does double duty: Laptops offer several lessons

‘+

‘+__tnt.truncateStr(oAsset.title,85,’…’)+’

‘+

‘+

Google has updated several apps for the iPhone X, but not the ones you want

Google released updates for its Docs, Sheets, and Slides apps on
Monday, which include optimization for the iPhone X’s screen.

The apps look great on the new iPhone X’s edge-to-edge display.
They use up all the available screen real estate that the iPhone
X has to offer, including the area around the “notch,” which
Apple calls its TrueDepth camera system, and the bottom of the
display, too. 


a6ff8_img20171127125223 Google has updated several apps for the iPhone X, but not the ones you wantAntonio Villas-Boas/Business
Insider

Meanwhile, we’re still waiting for Google apps like Gmail, Maps,
Hangouts, and Calendar to become optimized for the iPhone X. As
of the time of writing, those apps make your $1,000 bezel-less
iPhone X look like a $700 iPhone 8 with bezels:


a6ff8_img20171127125223 Google has updated several apps for the iPhone X, but not the ones you wantAntonio
Villas-Boas/Business Insider

So far, Google has updated a bunch of other apps for the iPhone
X, including Chrome, YouTube, Google Photos, Drive, Assistant,
Earth, Duo (but not Allo), and even Google+ and Translate. That’s
a good list of Google apps, but the lack of optimization for
hugely popular apps like Gmail, Maps, and Calendar is
perplexing. 

It’s not the worst thing in the world, and we’ll likely see
updates for those popular apps sometime soon. When optimization
for the iPhone X’s screen does come along, we’ll likely get more
usable space like we did for the Docs app. For now, though, users
who use those un-optimized apps will be reminded what it feels
like to own an iPhone with bezels. 

We reached out to Google to ask about how it prioritizes updates
for its various iOS apps, but the company did not immediately
respond.

Health department says several rats found at Vancouver McDonald’s

A homeless man posed for photos with his dead wife, along with their newborn and toddler, before dismembering her body in a Kansas City hotel room, according to court records.

The Galaxy S9 will copy the iPhone in several ways, but it’s mostly good news

It’s only mid-November, but we already have plenty of Galaxy S9 rumors to enjoy, which seems to reinforce earlier reports saying Samsung wants to bring the phone to market earlier than expected. Questionable design schematics and benchmarks from untrusted sources, rumors from well-known leakers, and minor Samsung announcements, they all point to the Galaxy S9. And just this morning, we told you about Galaxy S9 benchmarks that just leaked (spoiler: it doesn’t come close to matching the iPhone X).

One of the latest Galaxy S9 reports out there suggests the Galaxy S9 will once again copy the iPhone when it comes to some critical features. But it’s mostly good news.

Weibo leaker Ice Universe says the current Galaxy S9 prototype still has a 3.5mm headphone jack. But he also says the phone will come with a new AKG headset that may be a wireless one.

If any of that is accurate, it suggests that Samsung is at least toying with the idea of killing the ancient sound port, just like Apple and Google did. Keeping it would give the Galaxy S9 a limited advantage over the iPhone and the Pixel in the short term. But the future is wireless, and Samsung would just be prolonging the inevitable.

At the same time, Samsung may be looking to offer its customers an AirPods-like headset that would be a lot cheaper than the IconX headphones because it may ship with the phone. And that’s regardless of whether the Galaxy S9 has a 3.5mm port or not. Google launched its own AirPods rivals, but they’ve gotten terrible reviews so far.

The Galaxy S9 will copy the iPhone in at least one other significant way. It’ll be the first Galaxy S phone to pack a dual lens camera, some 15 to 18 months after Apple launched the iPhone 7 Plus. That’s something we’ve known for a while, given that the Galaxy Note 8 has a dual lens camera as well.

But the same Ice Universe says the camera will have a BBAR coating. That’s short for broad-band anti-reflection, and its purpose is to prevent glare, ghosting, and anti-reflection. In case you were wondering, that’s not something you’ll find on any iPhone, but professional camera lenses do have it

Several States Roll Back ‘Retroactive Medicaid,’ A Buffer For The Poor

81141_tightrope-1-7e9f9c532fce90b4f6aa372b44327e6230d378d4-s1100-c15 Several States Roll Back 'Retroactive Medicaid,' A Buffer For The Poor

If you’re poor, uninsured and have a bad car wreck or fall seriously ill, there’s a chance in most states to enroll for Medicaid after the fact. If you qualify for Medicaid, the program will pay your medical bills going back three months.

This “retroactive eligibility” provides financial protection as patients await approval of their Medicaid applications. It protects hospitals, too, from having to absorb the costs of caring for these patients.

But a growing number of states are rescinding this benefit. On Nov. 1, Iowa joined three states that have eliminated retroactive coverage for some groups of Medicaid patients since the Affordable Care Act passed.

Each state had to secure approval by the federal government to make the change.

Retroactive eligibility has been a feature of Medicaid for decades, reflecting the program’s emphasis on providing a safety net for poor, disabled and other vulnerable people. In contrast to private insurance, determining Medicaid eligibility can be complex and the application process daunting, advocates say. A patient’s medical condition also may keep families from applying promptly for coverage.

All four states — New Hampshire, Indiana and Arkansas, in addition to Iowa — have expanded Medicaid under the federal health law, which allowed states to include in their Medicaid program adults with incomes up to 138 percent of the federal poverty level, or about $16,000 for one person.

81141_tightrope-1-7e9f9c532fce90b4f6aa372b44327e6230d378d4-s1100-c15 Several States Roll Back 'Retroactive Medicaid,' A Buffer For The Poor

In theory, most adults are required to have insurance under the ACA. In practice, each state still has a significant number of uninsured, ranging from 5 to 8 percent of the population.

The retroactive coverage “can compensate for the sorts of errors and lapses that can so easily occur on the part of both the applicant and the government bureaucracy” that delay applications, said Gordon Bonnyman, staff attorney at the Tennessee Justice Center, a public interest law firm that represents low-income and uninsured residents.

State and federal officials say eliminating the retroactive coverage helps encourage people to sign up for and maintain coverage when they’re healthy rather than waiting until they’re sick to enroll.

It also fits into federal officials’ efforts to make Medicaid, the federal-state program that provides health care for low-income adults and children, more like private insurance.

But consumer advocates and health care providers say the shift will saddle patients with hefty medical bills and mean hospitals will be picking up the cost of more uncompensated care when patients can’t pay.

Some worry this could be the start of a trend.

In Iowa, the change applies to just about anyone coming into Medicaid — except for pregnant women and children who are younger than a year old. The change will affect up to 40,000 residents annually and save the program more than $36 million a year.

“We’re making it a lot more likely that Medicaid-eligible members are going to incur significant medical debt,” said Mary Nelle Trefz, health policy associate at the Child Family Policy Center in Des Moines, whose organization opposed the change.

Patients who are undergoing treatment for severe health conditions may neglect to apply immediately for Medicaid; that could leave them financially responsible for days or months of care they received before they submitted their application, even though they may have been eligible for Medicaid all along.

That’s not the only issue, advocates say. Unlike the commercial insurance market where re-enrollment through someone’s employer is routine, Medicaid requires that beneficiaries’ eligibility be reassessed every year.

“People fall through the cracks,” said Andrea Callow, associate director of Medicaid initiatives at Families USA, a consumer advocacy group.

In addition, complications can arise for people who might need Medicaid coverage for long-term care services.

81141_tightrope-1-7e9f9c532fce90b4f6aa372b44327e6230d378d4-s1100-c15 Several States Roll Back 'Retroactive Medicaid,' A Buffer For The Poor

Others argue that a 90-day retroactive eligibility guarantee is counterproductive. “We’re trying to get people to behave more responsibly, not less responsibly,” says Gail Wilensky, an economist who oversaw the Medicaid and Medicare programs in the early 1990s under President George H.W. Bush. “That is not the signal you’re sending” with three months of retroactive eligibility. A 30-day time frame is more reasonable, Wilensky says.

In contrast to the Iowa waiver, the ones in Arkansas, Indiana and New Hamsphire generally apply only to adults who gained coverage under the law’s Medicaid expansion. (Indiana’s waiver also applies to other groups.)

Kentucky has a request pending that, like Iowa’s, would eliminate retroactive Medicaid eligibility except for pregnant women and infants younger than age 1.

Under federal law, officials are permitted to waive some Medicaid coverage rules to give states flexibility to experiment with different approaches to providing services. And retroactive eligibility waivers in Medicaid are hardly new. A few states like Tennessee have had them in place for years.

Tennessee officials eliminated retroactive eligibility for all Medicaid beneficiaries in 1994 when the state significantly expanded coverage under TennCare, as Medicaid is known there. At the time, the state even allowed uninsured people to buy into the program who wouldn’t otherwise qualify based on income, says Bonnyman.

“There was no reason for anybody to be uninsured except undocumented immigrants,” says Bonnyman. “It didn’t seem to have the potential for harm.”

But state officials revamped that program after serious financial problems. Eligibility for TennCare has become more restrictive again.

Other states that waived retroactive coverage for at least some Medicaid groups include Delaware, Maryland, Massachusetts and Utah.

Bonnyman says his group frequently works with Medicaid beneficiaries who have medical bills they can’t afford that accumulated during the months before they applied for Medicaid.

“If you’re a moderate- to low-income working family,” he says, “one or two days in the hospital is enough to ruin you financially.”

Kaiser Health News is an editorially independent news service that is part of the nonpartisan Henry J. Kaiser Family Foundation. Michelle Andrews is on Twitter @mandrews110.

Locked-computer scam takes several expensive turns

………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ………. ……….

ALBUQUERQUE, N.M. — This was not the usual pay-up-now-or-we-kneecap-your-computer type of scam.747d9_ellenmarks_scam Locked-computer scam takes several expensive turns

Yes, it started out that way, but the following tale courtesy a co-worker has some twists in the usual ransomware scam that might serve as a warning. This one involves a computer-photographed check, a Fed-Ex delivery guy and a near-loss of hundreds of dollars.

It began when the co-worker’s father tried to log on to his AOL account in the usual manner. He was quickly interrupted when a message popped up saying his password was rejected and that he should call the phone number on the screen.

Dad, knowing not to trust a phone number given in this way, looked up the number for AOL on his own and called it from his land-line.

Advertisement

Continue reading

Right then, his cell phone rang. It was Robert, who said he was calling at the direction of AOL. When dad explained that he was already talking to AOL on the other line, Robert told him to hang up on that call. Unfortunately, the real AOL representative believed Robert was a legitimate tech and agreed Dad should hang up and sort things out with Robert, according to a police report.

Dad did so, thereby landing feet first into the scam.

“There were two people talking to him at the same time,” my co-worker said. “He was stressed out.”

Next up was the usual: the scammers talked him into letting them take over his computer. They talked him into providing access to his checking account (“We need to make sure no one has hacked into your account,” they told him, with no small degree of irony.)

For good measure, they persuaded him to buy a “special firewall” to protect his online records, and they offered him a deal: instead of paying the full price of $1,600 for the “protection,” he could have a senior discount for a price of only $700.

So Dad wrote out a check and, at Robert’s direction, held it up to his computer’s camera so he could send a picture of it (and so the thieves could get his routing number and home address).

And, the scammer instructed, dad should put the same check in an envelope so a Federal Express agent could pick it up at his house later that day.

Despite all this, there was good news for dad. His son-in-law who was visiting from out of town walked into the room just after the scam unfolded. He got on the phone with the supposed Microsoft tech, yelled at him to get out of dad’s computer and told him he was canceling payment on the check.

Advertisement

Continue reading

The scammer said he would release the computer but instead added a new password requirement and removed “chunks of code” that made the computer hopelessly unusable.

Dad was saved from losing the $700, but he had to get a new computer, a new debit card and checking account and new passwords on everything electronic in his life, including his WiFi. The relatives called police to report the incident.

But here’s the kicker: A Fed-Ex truck actually did pull up later that afternoon, and the driver, dressed in a Fed-Ex uniform, came to the door looking to pick up the $700 check. Of course, dad’s relatives sent him away.

Sgt. Will Dorian, with the Albuquerque Police Department’s Organized Crime Unit, said what the episode shows is that some scammers are getting more sophisticated when it comes to ransomware.

He pointed to the cell phone call, which showed the scammers had done enough research to know how to reach dad when he failed to call the fraudulent phone number that popped up on his computer.

“This was not just a random pop-up,” Dorian said. “They were pretty prepared.”

Ellen Marks is assistant business editor at the Albuquerque Journal. Contact her at emarks@abqjournal.com or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 1-844-255-9210.

 

Several Android Nougat Users Facing Google Drive Sync Issue for Phone Backups; Fix Promised

Several Android users currently running Nougat on their smartphones are complaining about an issue that stops Drive sync for phone backups. There have been multiple complaints about the issue on Google Drive Help forum as well as other platforms like Nexus forum in last few months. Google has finally acknowledged the issue and promised an update this month.

It’s evident that the Google Drive sync issue is not a device specific and is certainly not a Nexus or Pixel issue. On several forums, users have reported the issue on different Android-based devices where the “Back up to Google Drive” option shows ‘Disabled by your admin’. The first report surfaced back in July this year where user tried several temporary fixes including removing exchange account, removing Gmail account, disabling Gmail app, and clearing credentials.

Google Drive Support team responded to one of the users who complained about the issue, and said, “We would like to let you know that we recently given an update from our Android team. The error that you are encountering is actually being displayed by accident for some Android Nougat users. I’d like to assure you that the messaging has no effect on your data being backed up to Google Drive. The status of backup being on or off is correctly captured in the first ‘Backup Reset’ screen, and can be controlled by the user.”

The team also promised an update this month. “For now, you can safely ignore the error message until a fix is rolled out by the Android team which should be around October 2017,” the team added. We can expect Google to roll out the fix to Drive sync issue by end of October and can advise Nougat users facing the issue to keep an eye out.

Broadband internet projects underway in several Franklin County towns

CHARLEMONT, Mass. (WWLP)- No service is a common problem in rural Franklin County towns.

For some residents, DSL is their only option to connect to the internet.

“We could really use some help here, not just Charlemont, but the surrounding hill-towns,” said Melody Wheldon of Charlemont. “It’s tough because everybody does business and their life on the internet now.”

Lt. Governor Karyn Polito toured several Franklin County towns Tuesday to check in on the progress these towns are making to close this connectivity gap. One stop on her tour was Charlemont, a Franklin County town with a population of about 1300. Many residents and businesses in this town have to deal with a lack of internet.

About a dozen Massachusetts communities have limited or no internet access. Charlemont recently received a $960,000 state grant, to build a broadband network.

“This is very important especially for small rural communities that have no internet connection,” said Lt. Gov. Polito.
“This mean better education for the children here, businesses can expand, and provide more opportunity to this area.”

Lt. Gov. Polito told 22News the state has provided 50 million dollars to Massachusetts communities to improve internet access.

Other stops on the tour included Leyden, Colrain, Monroe, and Turners Falls.

Several iPhone 8 and 8 Plus Owners Report Hearing ‘Static Noise’ in Earpiece During Calls

Several MacRumors readers who purchased Apple’s new iPhone 8 Plus have reported hearing intermittent crackling noises while taking calls on the device. MacRumors forum member vask first posted about the issue on Friday and a number of iPhone 8 Plus owners from Australia, the U.S., and across Europe have since contributed to the thread describing similar experiences.

According to iPhone 8 Plus owners, “very annoying” static sounds can sometimes be heard from the handset’s earpiece during regular cellular calls, but the issue doesn’t occur when using headphones or if speaker phone is enabled, which could indicate a software issue rather than a speaker defect. The audible crackling has also been reported when using FaceTime, increasing suspicions that the problem doesn’t lie with network carriers. Forum member Jgpsolo describes the issue like so:

It is a high-pitched crackle like an audio pop that happens in the earpiece top speaker intermittently during calls. Some calls are fine and others crackle. It is not audible on earphones or on speakerphone, only through the earpiece. The caller on the other end doesn’t hear it.

I don’t know whether this is hardware or software related, but one thing that made me think it’s software related is that if you switch on to speakerphone for a few seconds then back to earpiece, the crackles resolve for the duration of the rest of the call. If this was a hardware issue with the earpiece, doing this shouldn’t make a difference.

The problem occurs “with or without WiFi calling, with 4G voice (VoLTE) on or off, with phone noise cancelling enabled or disabled under accessibility, and even with third party VoIP apps (like Acrobits Groundwire), with several different carriers,” according to forum member ManuCH in Switzerland.

Some users have tried performing a hard reset on their iPhone 8 Plus, with mixed results. Apple’s support team has advised some owners to restore their phone to factory settings and set up again via iCloud backup, again with variable results. Other users have even reported the same problem on like-for-like replacement devices after exchanging what they thought were faulty handsets.

Apple is apparently aware of the issue and is currently looking into it. We’ll update this article as soon as we know more.




Advertise here