radar-rss

Leak suggests DJI could trade skies for carpets

A leaked image suggests DJI could be planning to launch a robot vacuumIt could be called the DJI Romo and combine a vacuum and mop It’s early days for rumors but DJI has been entering new markets lately

From e-bikes to power stations, DJI has been dipping its toes into new waters this year – and it could soon make a particularly surprising leap into robot vacuums, according to new rumors.

According to a leaked image from @JasperEllens (picked up by DroneNR and Notebookcheck) the so-called DJI Romo vacuum seemingly exists, in prototype form at least.

Whether the Romo actually makes it to production remains to be seen, but given DJI’s recent record of branching out from making the best drones, it certainly wouldn’t be a huge leap. A robot vacuum would also, on paper, combine a lot of its existing tech.

DJI currently makes robots like the RoboMaster S1, drones with advanced obstacle-avoidance systems like the DJI Mavic 3 Pro, and cameras with advanced Lidar-based autofocus like the DJI Ronin 4D. The only thing that’s really missing from the tech mix is the cleaning powers of the best robot vacuums.

Given this is the only leak we’ve seen so far, the DJI Romo remains highly speculative, but it seems we can expect a combined robot vacuum and mop with features like individual room controls and pet detection.

The only thing we’re pretty confident of ruling out is a flying robot vacuum with propellors (which the leaked image appears to back up). That is unless DJI has quietly absorbed some of the team behind the bonkers Ring Always Home Cam (below), a flying security cam that never saw the light of day.

Why a robot vacuum?

The Ring Always Home Cam (above) never landed officially – and we feel confident in ruling out a flying DJI robot vacuum. (Image credit: Ring)

DJI has never been shy about barging into new markets and disrupting them with its consistently impressive tech – and while the DJI Romo may ultimately be just another of its wild prototypes, it wouldn’t be a huge surprise to see DJI launch a robot vacuum in 2025.

The move towards diversifying its product lineup seems to have coincided with the increasing heat it’s been feeling from US regulators about its flying cameras and the supposed security risks they pose.

A full DJI ban has fortunately never materialized, but the rumblings seem likely to continue under the new Trump administration in 2025 – which means we can expect to see it continue to branch out next year beyond its Avinox Drive System for e-bikes.

Disrupting the robot vacuum market may also seem more appealing since Amazon’s iRobot takeover bit the dust earlier this year, which means there’s no clear dominant player. Our best robot vacuums guide contains a wide mix of brands, from Ecovacs to Narwal (pictured at the top of this page).

Another rumor that’s much closer to DJI’s home turf is that it could soon gate-crash the world of the best 360 cameras with a rival to Insta360 and GoPro. That’s just one of the many rumored DJI launches we’ve seen recently, which have also included an Osmo Mobile 7 phone gimbal, Mavic 4 drone, and a Mic Mini microphone – which now looks likely to be launched on November 26, according to DJI’s own teaser.

That’s quite the roll call of new tech – and who knows, maybe it’ll be crowned in 2025 by a new rival for the likes of Eufy, iRobot, Narwal, and Roborock.

You might also like

Amazon’s iRobot takeover bites the dust – here’s what it means for Roomba vacuumsWhich Roomba should I buy? A simple guide to the different robot vacuum optionsDJI rumors predict another 5 big launches soon – here’s what’s coming

Read More 

ChatGPT Advanced Voice Mode now works in a browser for subscribers.

OpenAI is rolling out ChatGPT Advanced Voice mode in the browserOnly paying subscribers will get access for nowIt’s a vital first step towards browser-based AI agents for ChatGPT

It’s been a busy time for ChatGPT and OpenAI. Hot on the heels of rumors that ChatGPT Advanced Voice mode (the ability to have a free-flowing conversation with the AI) is about to get the ability to ‘see’, and rolling out the ChatGPT Windows app to all free users last week, it has just announced that Advanced Voice mode is now available in the browser-based version of ChatGPT, for paid subscribers only.

So, if you’re a ChatGPT Plus or Teams subscriber, a visit to ChatGPT.com (or the newly purchased Chat.com domain) will soon give you access to the Advanced Voice mode option that has previously only been available only in the app versions of ChatGPT.

ChatGPT Advanced Voice Mode was released in September on mobile and was recently added to the desktop apps. The browser release is described as “rolling out”, so you might not see the Advanced Voice mode when you log in with ChatGPT (we currently don’t have access), but that should change in the coming days.

Free users will eventually get access to Advanced Voice Mode too. In a post on X.com, which also contains a video that shows how ChatGPT Advanced Voice Mode works in a browser, Kevin Weil, CPO of OpenAI said, “We’ll look to roll to free users in the coming weeks.”

AI Operators

ChatGPT Advanced Voice mode is a vital first step towards the rumored ChatGPT Operator Agent, a tool that might change the way we interact with our computers and technology in general.

ChatGPT Operator Agent is an AI Agent that can interact directly with your computer on your behalf. Agents aren’t unique to OpenAI – everybody from Anthropic to Google and Microsoft is also developing autonomous AI agents that can see what’s on your screen and interact with it. You could, for example, get an AI Agent to pay your bills, or book a holiday for you, taking the virtual assistant model to the next level. Voice control in the browser will be a necessary first step for using an AI Agent since the majority of its work will be browser-based.

Don’t expect the announcements from OpenAI to slow down before the end of the year. We’re still expecting ChatGPT search, which launched recently for paid users, to be made available to users on the free tier any day now. It launched with the note, “We’ll roll out to Free users over the coming months.”

You might also like…

I tried ChatGPT Search and now I might never Google again4 things you can do in the ChatGPT Windows app that it does better than CopilotChatGPT o1-preview can solve riddles faster than me and I kind of hate it for it

Read More 

This mobile 3D printing robot can print designs on floors and other flat surfaces.

MobiPrint robot autonomously prints designs directly onto floorsDeveloped for accessibility, inspired by tactile markers for navigationFuture plans include AI for larger, adaptable, on-site printing

Imagine a 3D printer that can print creations exactly where you need them. That’s the idea behind MobiPrint, a mobile 3D printing robot developed by Daniel Campos Zamora at the University of Washington.

This innovative device autonomously navigates a room, printing designs directly onto floors or other surfaces, offering “a new system that combines robotics and 3D printing that could actually go and print in the real world,” as Campos Zamora told IEEE Spectrum.

Unveiled at the ACM Symposium on User Interface Software and Technology, MobiPrint introduces a new level of flexibility to 3D printing. The system consists of a modified Prusa Mini+ 3D printer mounted on a Roborock S5 vacuum robot, using the open source software Valetudo to map its environment autonomously, allowing users to view and control its path locally without cloud dependency.

Park and print

Capable of printing on carpet, hardwood, and vinyl with dimensions up to 180 x 180 x 65 mm, MobiPrint has already been used to produce objects like pet food bowls, signage, and tactile markers, demonstrating its practical versatility.

The inspiration for MobiPrint came from accessibility needs. Campos Zamora’s lab is focused on creating tools to assist visually impaired users. “One of the things that really inspired this project was looking at the tactile surface indicators that help blind and low vision users find their way around a space,” he explained to IEEE Spectrum. By printing these indicators directly on-site, MobiPrint could make navigation easier in indoor spaces that frequently change.

Currently, MobiPrint operates in a “park and print” mode, requiring it to stay stationary while printing, limiting its ability to create larger designs. However, Campos Zamora envisions expanding its functionality to print larger, continuous objects, follow users to print accessibility markers along their path, or even use AI to suggest print locations.

Though the robot may seem unconventional, and it certainly looks rudimentary in its current form, the technology has the potential to make 3D printing more accessible and versatile, directly shaping spaces with designs customized to the user’s needs. You can see it in action in the video below.

You might also like

These are the best 3D printers you can buy right nowFinally! You can now 3D print your own laptopIs this the fastest 3D printer ever made?

Read More 

If you have a model in one of the affected batches, don’t use your charging case, and contact Audio-Technica ASAP.

Audio-Technica’s SQ1TW2 earphones have a battery overheating issueThe problem is with the charging case which can produce smokeThe manufacturer assures us that no one has been harmed by the issue

Audio-Technica has issued a warning for its new SQ1TW2 wireless earphones, with some versions suffering from a fault with the battery which can overheat with alarming consequences.

In an email, Audio-Technica advised TechRadar that one batch of stock of these earphones are affected by a problem which means a “few of the charging cases are faulty due to an overheating battery that can produce smoke.”

If you want to check, the potentially affected models have serial numbers between 2322 and 2426 – you can see the number on the inside of the charging case, as shown in the image below. Also, if your case has no serial number, then it could be hit by the issue, too.

If you have one of the affected models of SQ1TW2 earphones, you should contact Audio-Technica, and the company will arrange a replacement, and for the safe disposal of the faulty product.

As you might guess, you should also not use the charging case with the earphones while you’re waiting for your faulty model to be swapped out.

(Image credit: Audio-Technica)

A precautionary recall

Clearly, this is an unfortunate affair, so be sure to check the serial number if you have bought the SQ1TW2 earphones.

They’re likely to have been a popular budget model, given that they’re the sequel to the original SQ1TW, earphones that we heaped tons of praise on in our five-star review (sporting a sound with a far higher quality than others in its price bracket). The SQ1TW2 was launched in August 2024, at an even cheaper price point than the original earphones, with a more compact nature.

So, this is a rather unsightly blot on an otherwise exciting budget pair of earphones, but of course, the impact is limited to a (hopefully) small number of models, going by the communication from the company. Audio-Technica makes it clear that no one has been harmed by this issue to date, and the recall is a precautionary measure.

Still, it isn’t the first issue it’s had of this nature – a couple of years ago, it issued a product safety notice for its ATH-CK3TW earbuds, due to a similar overheating problem with its charging case. We’ve asked Audio-Technica if it’s going to publish a similar notice for its SQ1TW2 earphones and will update this story if we hear back.

You might also like

Black Friday earbuds deals 2024: the best offers live now including Nothing, Sony, Bose and AirPodsThe best earbuds 2024: wireless and wired buds for all budgetsThe best noise-cancelling earbuds for all budgets

Read More 

New research unveils the risks of paid Android VPNs, from data leaks to weaker encryption and dubious data sharing. Here’s all you need to know.

Not all premium VPN services protect your privacy equally, with over half of the most popular services suffering some form of data leak. At least three apps also shared your personal information “in a way that put user privacy at risk.”

These are the main findings from new research conducted by Top10VPN based on the 30 most popular premium providers for Android devices. These include some of the best VPN apps on the market, such as NordVPN, ExpressVPN, Proton VPN, and Surfshark.

“I don’t want to exaggerate the level of risk. For most users, it is fairly low, but it does depend on your threat model,” Simon Migliano, Head of Research at Top10VPN, told TechRadar, noting Avira Phantom VPN and FastestVPN as the paid Android VPNs to “absolutely” avoid.

Paid Android VPN apps’ privacy fails

As mentioned, Migliano conducted testing on the 30 most popular paid Android VPNs to identify potential safety issues within the apps – you can find the full list of services analyzed here.

These tests focused on different areas, namely DNS and other data leaks, VPN encryption, VPN tunnel stability, risky app permissions, risky use of device hardware features, and data collection and sharing.

The most surprising result for Migliano was that half of the top paid VPNs tested (15) failed to ensure SNI (Server Name Indication) was encrypted for all server connections the apps make. SNI is an extension to the TLS protocol that a client needs to indicate the hostname of the server it’s trying to connect to during the handshake process.

While this leak may be relatively minor for most people, “It’s an oversight that could land someone in trouble with their school or workplace if VPNs aren’t allowed on the network, or even in legal trouble somewhere like Turkey or China, where VPNs are heavily regulated,” he added.

According to Migliano’s data, Surfshark, Private Internet Access (PIA) and PrivadoVPN were some of the apps still overlooking SNI encryption.

At least seven Android VPNs also leaked DNS requests – meaning the device’s request to a Domain Name System server to provide an IP address for a given hostname.

Again, these data leaks aren’t critical and happen only under very specific circumstances, so it won’t be a big issue for most users. That said, Migliano believes that “a properly configured VPN should terminate all existing network connections to prevent this from happening.”

This is why, if private browsing is crucial for you, he suggests avoiding the VPNs impacted by this issue, namely HMA!, Private VPN, Mozilla VPN, Privado, VyprVPN, X-VPN, and Avira Phantom.

FastestVPN was another big no for Migliano on this front. He said: “I could never recommend FastestVPN after it exposed my email address in clear text in the headers of a server request to a geolocation API, which is unforgivable.”

While way better than free VPN apps, data collection and sharing may also be an issue for some providers. Migliano found seven apps out of 30 analyzed to pose a potential privacy risk due to embedded tracking code from advertisers and data brokers. Yet, only two VPNs (VPN Unlimited and Hotspot Shield) were found guilty of actually sharing data in practice, while X-VPN employed poor data-sharing practices.

VPN encryption for paid services was good overall. Yet, while seven apps failed to use the latest version of TLS to establish the VPN tunnel (AES-256), Avira Phantom made use of the deprecated SSLv2 protocol which, Migliano noted, has long been considered insecure.

Read More 

The debate around the use of VPNs in Pakistan intensifies

Pakistan’s top religious body has said that using a VPN service to access blocked content goes against Shariah, the Islamic law.

The statement from the country’s constitutional body for legal advice on Islamic matters described their responsibility to prevent the “spread of evil”, according to the report from the Associated Press.

Pakistan’s residents have increasingly turned to virtual private network (VPN) software as a way to access X which has been blocked since February.

Authorities announced plans to regulate the use of VPNs back in August. While the debate is still ongoing on whether or not commercial VPNs should also be blocked – the Pakistani English-speaking publication Dawn reported – businesses and freelancers have time until November 30, 2024, to register their service and avoid disruptions.

The Pakistan VPN debate

“Using VPNs to access blocked or illegal content is against Islamic and social norms, therefore, their use is not acceptable under Islamic law,” reads the official statement released on Friday, November 15, quoting the Council of Islamic Ideology’s chairman Raghib Naeemi – Voice of America reported.

The statement also notes that any technology used to access “immoral or illegal activities is prohibited according to Islamic principles,” the internet included. Illegal content includes “immoral and porn websites or websites that spread anarchy through disinformation.”

On the same day, also the Ministry of Interior spoke out against VPN usage.

In a letter sent to the Pakistan Telecommunication Authority (PTA), he calls to block all “illegal” VPNs, claiming that terrorists use these tools “to facilitate violent activities and financial transactions in Pakistan.”

The best VPN providers have been recording an increase in usage from citizens in Pakistan this year as people try to keep accessing X and other blocked content online. This is because such security software spoofs a user’s real IP address location to grant access to otherwise geo-restricted content while encrypting internet connection to boost online anonymity.

At times, VPNs have also become a target as authorities seek to prevent people from using these services to bypass government-imposed restrictions.

As Dawn reported, though, VPN usage is still permitted in Pakistan for legitimate purposes. These include banking, foreign missions, corporate enterprises, universities, IT companies, call centers, and freelance professionals.

Authorities are now urging companies and freelance workers operating in the aforementioned sectors to complete the VPN registration with PTA by the end of the month. Failing to do that could mean further service interruptions in the future.

While it isn’t clear yet how the blocking will work in practice, the new legislation aims to curb VPN misuse and security risks. Authorities deemed unregistered VPNs a “security risk” for Pakistan as they can be used to access “sensitive data.”

Yet, at the same time, internet experts also believe that the increase in censorship is the main cause of the decline of the country’s internet, with VPNs remaining the best tool to keep accessing the free web.

Read More 

A free tax-filing app is under consideration from the proposed Department of Government Efficiency.

US President-Elect Donald Trump could be working on a free tax filing appThe initiative forms part of Elon Musk’s DOGE plans for streamliningIntuit and H&R Block shares fell following the news

Shares in tax software giants Intuit and H&R Block have fallen after reports claimed Donald Trump’s administration advisory team could be exploring creating a new, free tax-filing app.

The Washington Post reported that Trump’s proposed Department of Government Efficiency (DOGE), an external advisory body led by Elon Musk, could be considering the app as part of plans to streamline government operations.

The two software companies, which currently dominate the tax-filing market, would face major competition if the US government were to introduce a free alternative.

Trump and Musk considering free tax-filing app

While discussions surrounding the app appear to be in their early stages, the prospect has raised concerns among private tax-preparation firms which make a profit off US citizens filing their taxes.

The IRS currently offers free filing options to eligible taxpayers earning less than $79,000. The agency has also launched Direct File, a pilot program that it’s trialling across 12 states to give 18 million taxpayers free access to online tax-filing services.

The DOGE-backed app would build on these existing efforts, which have been driven under the Biden-Harris administration. It’s unclear whether the app would become available for all US taxpayers.

Intuit spokesperson Tania Mercado commented (via CNBC): “For decades, Intuit has publicly called for simplifying the U.S. tax code so individuals, families, and small businesses can better understand their finances.”

The Federal Trade Commission recently confirmed it would be taking action against H&R Block for “deceptively marketing their products as ‘free’ when they were not free for many consumers,” among other concerns. The proposed settlement would see H&R Block liable to paying out $7 million.

You might also like

We’ve listed the best personal finance softwareLive over the pond? Here’s the best MTD softwareThe IRS is releasing a TurboTax alternative, and you can try it now

Read More 

NordVPN Threat Protection Pro proved its capabilities in malware and phishing protection, yet again. Here’s all you need to know.

Two independent audits officially confirm that NordVPN is way more than just the best VPN app on the market.

Experts at AV-TEST, a German cybersecurity testing firm, recently ranked NordVPN‘s newly launched Threat Protection Pro as the top tool for blocking malicious sites. The feature also received the highest rating in an anti-malware validation conducted by the technical research and product testing organization West Coast Labs (WCL).

While you need to upgrade to a top-tier plan to use NordVPN Threat Protection Pro, you can now save some bucks in the process thanks to its great time-limited Black Friday VPN deal.

Two golden medals for protection

In October, AV-TEST evaluated the capabilities of five well-known VPN providers in detecting different types of malicious links.

These included three specific categories: phishing links, portable executable (PE) URLs (for example, EXE files), and non-portable executable web addresses (for example, HTML and JavaScript files). Experts also looked at how good the VPN services were in avoiding false positives, meaning flagging legitimate links as malicious.

NordVPN Threat Protection Pro managed to successfully detect and block 83.42% of malicious links, leading in all three categories. In contrast, the second-best result captured only less than half (46.96%).

AV-TEST experts used 3,209 links in total, consisting of 1,050 malicious links to PE files, 1,031 links to other malicious (non-PE) file types, and 1,128 links to phishing sites. (Image credit: Nord Security)

WCL’s testing was focused on malware protection. Here, NordVPN achieved a staggering 99.8% detection rate for high-threat malware.

The provider earned the highest AAA rating overall thanks to top marks in other categories, too. These include a smooth buying experience, easy and customizable installation, sleek apps, and reliable customer support.

This isn’t the first time that NordVPN Threat Protection Pro has proved its effectiveness with third-party observers. Back in August, the feature gained the bronze medal out of 35 competitors as a top tool to avoid online shopping scams.

Yet, Domininkas Virbickas, head of development at Threat Protection, explains that the recent ratings complement the evaluations conducted by AV-Comparatives this summer by providing a broader picture of the tool’s capabilities.

He said: “These results validate our consistent commitment to providing comprehensive protection against a wide range of online threats.”

As Virbickas puts it, “The internet is full of scammers.” A simple click on a wrong link is all it takes for attackers to steal your account, money, or identity.

It’s with this in mind that the team at NordVPN decided to give a boost to its tracker blocker tool back in June.

What used to be called Threat Protection Lite – now simply known as Threat Protection – is based on DNS filtering and is still available to all NordVPN customers using Android, iOS, Linux, Windows, macOS, and browser extensions.

By contrast, Threat Protection Pro works at the URL and Javascript levels to help you avoid tracking, phishing, scams, malware, and annoying ads and is exclusive for Standard, Plus, Complete, Ultimate, and Ultra subscribers on Windows and macOS only at the time of writing.

Read More 

Small and medium-sized businesses in the US and Europe are being targeted using Zyxel VPN flaw.

Researchers spot Helldown exploiting Zyxel VPN to breach networksThe flaw was previously undisclosedThe crooks mostly target SMBs in the US and Europe

There appears to be a new ransomware player in town, exploiting vulnerabilities in Zyxel firewalls and IPSec access points to compromise victims, steal their data, and encrypt their systems.

The group is called Helldown, and has been active since summer 2023, a new report from cybersecurity researchers has revealed Sekoia, noting the group most likely uses a previously undisclosed vulnerability in Zyxel’s firewalls for initial access.

Furthermore, the group seems to be exploiting CVE-2024-42057, a command injection bug in IPSec VPN that, in certain scenarios, grants unauthenticated users the ability to run OS commands.

Dozens of victims

When they breach a target network, they steal as many files as they can, and encrypt the system. For encryption, they seem to be using a piece of software developed from the leaked LockBit 3 builder. The researchers said the encryptor was relatively basic, but also probably still under development.

As basic as it is, the encryptor still locked down at least 31 organizations, as that’s the number of victims listed on the group’s data leak site. According to BleepingComputer, between November 7 and today, the number dropped to 28, which could be a hint that some organizations paid the ransom demand. We don’t know who the victims are, or how much money the crooks demanded in return for the decryption key and for keeping the data secure.

Most of the victims seem to be small and medium-sized organizations in the United States and Europe.

If the researchers are indeed right, and Helldown does use flaws in Zyxel and IPSec instances to breach the networks, the best way to defend would be to keep these devices up to date, and limit access to trusted accounts only. CVE-2024-42057 that plagues IPSec was fixed on September 3, and the earliest clean firmware version is 5.39. For Zyxel, since the vulnerability is still undisclosed, it would be wise to keep an eye on upcoming advisories and deploy the patch as soon as it’s published.

Via BleepingComputer

You might also like

Thousands of Oracle NetSuite ERP websites found leaking private customer informationHere’s a list of the best firewalls todayThese are the best endpoint protection tools right now

Read More 

AWS is introducing central management for root credentials to minimize malicious use and the burden on security teams.

AWS is introducing a central management tools to AWS OrganizationsThe tool will allow security teams to manage root user accessRoot sessions are also being introduced for short-term root access

AWS Identity and Access Management is helping businesses boost multi-factor authentication (MFA) adoption and organizational security by introducing a centrally managed security feature.

The tool will help organizations and security teams manage root credentials and root sessions through AWS Organizations.

AWS hopes the tool will help reduce the risk of lateral movement and privilege escalation in the event of a cyberattack, while also making day to day security easier and scalable.

Boosting MFA and account security

AWS has taken several steps recently to enhance account security, initially introducing MFA for management account root users before launching FIDO2 passkey support which resulted in a 100% increase in MFA adoption for AWS Organizations users with more than 750,000 AWS root users enabling the phishing-resistant authentication method.

Now, security teams will also be able to remove long-term root credentials to prevent them from being abused, and will also stop them from being recovered and used maliciously.

“This will improve the security posture of our customers while simultaneously reducing their operational effort,” the blog post stated.

The centralized management tool will also allow security teams to create accounts without root credentials, making them secure-by-default and removing the need for additional security measures. The tool will also assist with compliance-related issues by allowing security teams to closely monitor and remove long-term root credentials.

As an additional preventative measure against the misuse of root credentials, AWS is also introducing ‘root sessions’ that provide short-term access for specific tasks and actions, relying on the principle of least privilege to minimize the possibility of malicious use.

Root sessions will also reduce the burden on security teams by helping them adhere to AWS best practices, and perform privileged root actions from a single central dashboard, rather than having to manually log in to each user account.

Central root account management is available through IAM console, AWS CLI or AWS SDK, with additional details for obtaining root credentials on the AWS blog.

You might also like

Take a look at the best password managersHere is our guide to the best endpoint protectionApple says Mac users are being targeted by dangerous zero-day attacks, so update now

Read More