Technology

Here are hints and answers for the NYT Strands puzzle No. 529 for Thursday, Aug. 14.

Here are some hints and the answers for the NYT Connections puzzle No. 795 for Thursday, Aug. 14.

Here are hints and the answer for today's Wordle for Aug. 14, No. 1,517

An increasing number of cheap true-wireless earbuds deliver surprisingly good performance. Based on my extensive hands-on testing, these are my current top bargain picks that cost less than $100.

AT&T Fiber is our top ISP recommendation in Charlotte. However, there are more options if you want to explore.

Dutch researchers found that not only are stress sensors inaccurate, but they sometimes report the opposite of user experiences.

The vehicles are slated to ship next year.

As people turn to AI for shopping research and recommendations in large numbers, brands will start optimizing for AI tools.

• XZ-Utils backdoor was found over a year ago
• Despite warnings, some Linux images still contain it
• Debian won't budge as the images are "historical artifacts"

At least 35 Linux images hosted on Docker Hub contain dangerous backdoor malware, which could put software developers and their products at risk of takeover, data theft, ransomware, and more.

At least some of the images, however, will remain on the site and will not be removed, since they are outdated anyway and shouldn’t be used.

In March 2024, the open source community was stunned when security researchers spotted “XZ Utils”, a piece of malicious code, in the upstream xz-utils releases 5.6.0 and 5.6.1 (the liblzma.so library) that briefly propagated into some Linux distro packages (not their stable releases). The backdoor was inserted by a developer named ‘Jia Tan’ who, in the two years leading up to that moment, built significant credibility in the community through various contributions.

Debian, Fedora, and others

Now, security researchers at Binarly have said malicious xz-utils packages containing the backdoor were distributed in certain branches of several Linux distributions, including Debian, Fedora and OpenSUSE.

“This had serious implications for the software supply chain, as it became challenging to quickly identify all the places where the backdoored library had been included.” “This had serious implications for the software supply chain, as it became challenging to quickly identify all the places where the backdoored library had been included.”

Binarly's experts are now saying several Docker images, built around the time of the compromise, also contain the backdoor. It says that at first glance, it might not seem alarming since if the distribution packages were backdoored, then any Docker images based on them would be backdoored, as well.

However, the researchers said some of the compromised images are still available on Docker Hub, and were even used in building other images which have also been transitively infected. Binarly said it found “only” 35 images because it focused solely on Debian images:

“The impact on Docker images from Fedora, OpenSUSE, and other distributions that were impacted by the XZ Utils backdoor remains unknown at this time.”

Debian said it wouldn’t be removing the malicious images since they’re outdated anyway and shouldn’t be used. They will be left as “historical artifacts”.

Via BleepingComputer

You might also like

• Latest Ubuntu beta and other Linux distros delayed by xz-utils security issues
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

Humidifiers and air purifiers can both help prevent certain indoor allergies and these are the best options for you.

Dealing with pregnancy insomnia? This is what the experts suggest.

• Epic has made its Easy Anti-Cheat tool compatible with Windows on Arm
• This means online games that use the tool work with Arm-based laptops
• That includes Fortnite, which is going to be one of the first games to implement this support for Snapdragon X (Arm) chips

If you've got a Copilot+ laptop with a Qualcomm Snapdragon X (Arm) processor that you also use for gaming duties, here's some great news: one of the biggest stumbling blocks for gamers on Arm has now been banished.

As Thurrott.com reports, Epic has made good on its promise to make its Easy Anti-Cheat (EAC) tool compatible with Windows on Arm (the version of Microsoft's OS that's installed on Copilot+ PCs with Arm chips, as opposed to AMD or Intel silicon).

The move comes with the new version of the Epic Online Services SDK (for game developers) which now boasts EAC compatibility to offer "secure multiplayer experiences on Arm-based Windows 11 devices", as Epic notes.

EAC is used by some big-name online games to weed out problem players who are using various shady tricks or exploits, and the lack of compatibility with the anti-cheat system meant that those games didn't work at all on Arm-based laptops.

Said games include Epic's Fortnite among other online shooters (Apex Legends, PUBG, and more), as well as the likes of Elden Ring.

Analysis: the ball is now in the developers' court

(Image credit: Epic Games)

Epic previously promised that it was going to make EAC work with Windows on Arm back in March 2025, and what we see here is the necessary work being implemented in the mentioned SDK (software development kit).

However, that isn't the end of this story – not quite. It's now up to game developers to incorporate the support in their titles, and Epic is going to be on the ball itself in that respect when it comes to bringing support to Fortnite.

A Qualcomm spokesperson told Thurrott.com: "Fortnite will be among the first titles to take advantage of this compatibility, bringing one of the world's most popular games to Snapdragon-powered laptops."

At any rate, support is going to filter through gradually to a number of games – hopefully quite swiftly – and this will remove one of the black marks in the 'against' column for Arm-based laptops.

Those devices running Snapdragon X chips can make a good enough effort at running even more demanding games – recall the early days of being impressed at these notebooks running Baldur's Gate 3 in 4K.

Being unable to play Easy Anti-Cheat games on these machines was a notable weakness, and particularly with Fortnite, given that this is a popular choice for laptop gamers (and not a demanding title), it was a shame to see it out of the grasp of those with Arm-based Copilot+ PCs – but that won't be the case for much longer.

You might also like...

• Microsoft promises to crack one of the biggest problems with Windows 11: slow performance
• No, Windows 11 PCs aren't 'up to 2.3x faster' than Windows 10 devices, as Microsoft suggests – here's why that's an outlandish claim
• Microsoft has all but given up on Windows 11 SE – and it looks like the war against Chromebooks has been lost

• Cybercriminals leaked stolen data in a Telegram channel
• Almost 3 million records from more than a million people were leaked
• There are ways to mitigate the risk

Experts have warned the data stolen in the recent Allianz Life ransomware attack has been leaked to the open internet, and have urged affected users to be on their guard.

Sensitive information on the “majority” of the insurance company’s 1.4 million customers, including people’s names, addresses, phone numbers, dates of birth, Tax Identification Numbers, and even social security numbers, was published in a Telegram group created by ShinyHunters, Scattered Spider, and Lapsu$ threat actors.

In total, 2.8 million data records for both individual customers and business partners were grabbed as part of a wider attack on Salesforce instances. Besides Allianz Life, the group also took credit for a number of other, high-profile incidents, including the attack on Internet Archive, Pearson, and Coinbase.

Stay protected

Usually, cybercriminals would demand a ransom payment in exchange for deleting the stolen files and not leaking it on the internet.

So, if these files were published, it is safe to assume Allianz Life has decided not to pay (or the negotiations broke down for other reasons). There is always the possibility that the crooks leaked the files even after getting paid because these are, after all, cybercriminals.

There are numerous ways hackers can abuse sensitive files. They can impersonate their victims, potentially opening bank accounts in their name, apply for loans and credit cards, or rack up debt. They can also commit fake tax returns, gain access to medical treatment or prescription drugs, and even get a job illegally, which might cause problems for the victims during background checks.

Criminals might also use social security numbers to apply for various Social Security benefits, unemployment compensation, or welfare.

The attack is particularly concerning as such records could contain more than enough of sensitive information for hackers to launch highly personalized, successful phishing campaigns, leading to identity theft, wire fraud, and even ransomware attacks.

How to stay safe

If you're concerned you may have been caught up in the incident, don't worry - there are a number of methods to find out. HaveIBeenPwned? is probably the best resource only to check if your details have been affected, offering a run-down of every big cyber incident of the past few years.

And if you save passwords to a Google account, you can use Google's Password Checkup tool to see if any have been compromised, or sign up for one of the password manager options we've rounded up to make sure your logins are protected.

Via BleepingComputer

You might also like

• Allianz Life cyberattack gets worse as company confirms Social Security numbers stolen
• Take a look at our guide to the best authenticator app
• We've rounded up the best firewall tools around right now

Google's AI chatbot can learn from your past conversations. That may be helpful. But you don't have to keep it on.

The Champions League winner takes on the Europa League holder in Italy.

The years of $999 for the Pro reportedly will come to an end.

As readers face diminishing returns and AI summaries on news-related searches, Google offers a way to narrow sources. Here's how to put CNET as one of your top picks.

• The US Federal Court Filing System recently suffered a cyberattack
• Initial reports claim Russia is at least partially to blame
• The attack targeted sealed court files

Russia has allegedly been linked to a worrying recent cyberattack against the US Federal Court Filing System.

Reporting from the New York Times (NYT), which said it spoke to people familiar with the matter, claims there is evidence Russia is at least partially responsible for the attack, which has been a “yearslong” effort to breach the system.

The reports added the searches, “included midlevel criminal cases in the New York City area and several other jurisdictions, with some cases involving people with Russian and Eastern European surnames.”

Hacking sealed files

A cyberattack against the system was most recently confirmed on August 7 by the Administrative Office of the US Courts. However, Politico reported that the system had been under attack by an unknown threat actor since early July.

Furthermore, across the US, chief judges of district courts were told to move cases with overseas ties off the regular document-management system.

An internal memo, seen by NYT and issued to Justice Department officials, clerks and chief judges in federal courts by administrators with the court system stated that, “persistent and sophisticated cyber threat actors have recently compromised sealed records,” continuing with, “This remains an URGENT MATTER that requires immediate action.”

The Federal Court Filing System, like many filing systems, is a sprawling network that is continuously used and updated with new records, and was built on a system first developed in 1996.

As a result, the system is considered to have several serious vulnerabilities, with the system previously being breached in 2020.

There is still currently no known motive for the attack, but it is possible that if Russian intelligence services are involved they could be gathering intelligence on the potential compromise of assets in the US.

The same has been theorized about the telecoms breaches that hit the US in 2024, which were attributed to China. In these attacks, threat actors breached a backdoor used by law enforcement to pursue court-ordered wiretaps.

You might also like

• Take a look at the best Kaspersky alternatives around right now
• These are the best password managers on offer today
• Thousands of Microsoft Exchange servers remain unpatched against major threat

• Kodak might not be able to pay down its debt and survive
• The 137-year-old company has been struggling for years
• It's had a huge impact on photography – and on this author

Travel five hours north of New York City and you can visit the home of Kodak; or more properly, George Eastman's estate in Rochester, the birthplace of Kodak – and what's increasingly looking like its final resting place.

The iconic 137-year-old photography company is now in real danger of shutting down for good – although you'd be forgiven if you thought that happened more than a decade ago when the struggling firm first filed for bankruptcy protection.

As a longtime photographer who got his start shooting on Kodak standard and Kodak Ektachrome film, I considered a trek to the Eastman House akin to the journey to Cooperstown for a baseball fanatic.

George Eastman (left) and Thomas Edison (right). Kodak had a long history of supplying film for movie shoots (Image credit: Lance Ulanoff)

Kodak, some would argue, single-handedly brought photography to the masses, producing simplified box cameras that asked little more of early amateurs other than "You press the button, we do the rest." That campaign helped spark a revolution that was arguably as transformative as the more recent one in smartphone photography.

In the early part of the 20th century, Kodak had numerous popular camera series, including the classic and very boxy Brownie, but it was probably the 70-million-unit-selling Instamatic that put a camera in almost everyone's hands.

(Image credit: Getty Images)

Kodak achieved a 1973 version of a meme when its popular film stock, Kodachrome, inspired a 1973 top-10 hit by Paul Simon, one that seemed to extol the film's virtues:

"Kodachrome
They give us those nice bright colors
Give us the greens of summers
Makes you think all the world's a sunny day, oh yeah".

(Image credit: Shutterstock)

I missed much of Kodak's early history (geez, I'm not that old), but I grew up with a photographer dad who bought Kodak film and paper in bulk and built a darkroom in our Queens, NY, apartment's walk-in closet.

Naturally, I caught the bug, and by college I was building my own bedroom darkroom and buying Kodak film in giant rolls that let me spin my own 35mm canisters (and save on what was typically the $5 cost of a single roll of Kodak film).

Honestly, I think Kodak first stumbled when it failed to respond to Polaroid. The latter company first made its name in the 1960s with instant photography, producing the Land camera line that let you pull out the finished print (you just had to apply a thin coat of polymer to essentially fix and protect the image).

After the Polaroid SX-70 arrived (the first single-lens reflex instant camera), Kodak belatedly delivered its own instant cameras, but they never sold as well. Polaroid, meanwhile, has gone through travails of its own, including bankruptcy in 2001 and resurrection in 2020 with a whole new line of instant cameras.

Kodak's first digital camera (Image credit: Lance Ulanoff)

It's been more than 30 years since the dawn of consumer-grade digital photography, but neither company had much of a response to its arrival, perhaps believing – as many pro photographers did – that digital would never be as good a film.

By the time I visited The George Eastman Museum, Kodak's glory days were long gone. Consumers, the people who drove Kodak's original business, had moved on to the next easy photographic platform: their smartphones. Few people these days travel with dedicated cameras, let alone film-based ones; as photographers like to say, "the best camera is the one you have with you", and more often than not that's your phone

Perhaps Kodak can take comfort in the fact that today there's an even easier way to create lasting memories that requires neither film nor a lens: AI. Instead of aiming a camera at a person or scene, you simply dream up a prompt or feed in an image, press a button, and the AI does the rest.

(Image credit: Getty Images)

Ironically, Kodak's possible demise comes just as Gen Z is showing a fascination with analog film photography, although most acknowledge that this flirtation will be short-lived. There are no one-hour photos around these days, and if you want a roll of film developed you might have to drive an hour away or mail it somewhere. Plus, there's the cost: a roll of Kodak 200 film could run you $10, and developing it might cost an additional $25.

I wish that the reason some people were embracing film again was due to an appreciation of Kodak and what it's done for the art of photography, but something else is at work here, and it mostly has to do with a return to the joy of anticipation (waiting a week to see how your photos turned out) and the simplicity of analog sharing (taking out a stack of photos and sharing them with one friend who can only comment to your face about that outfit).

Kodak might survive this latest round of fiscal bad news, but it's clear that we're never going back to when film was dominant and everyone who sang Kodachrome knew what Paul Simon was talking about.

You might also like

• Best camera for photography 2025: top picks for any budget
• Photography and hiking are my idea of a dream weekend
• These 8 photos made me believe the Polaroid Flip is the best analog instant camera on the market

• Proxy service Decodo has seen a notable rise in proxy usage from the UK
• Brits are increasingly turning to VPNs and proxies to sidestep age verification checks
• User data may be at risk due to an absence of encryption from proxies

Proxy usage in the UK is on the rise amid the country’s controversial age verification checks. Research from proxy service Decodo shows a significant increase in proxy users coming from the UK, as Brits look to bypass invasive age verification requirements and protect their privacy.

Like a Virtual Private Network (VPN), a proxy acts as an intermediary between a user’s device and the internet. Both VPNs and proxies route a user’s internet traffic through an external server and hide their original IP address, helping access restricted content and retain online anonymity.

Proxies are undoubtedly a useful tool, particularly for businesses looking to carry out market research. Yet, the average internet user may not be fully aware of the differences between the best VPN and a proxy services, and how using a proxy could be putting their data at risk.

An 88% increase in proxy traffic from the UK

(Image credit: Decodo)

The UK’s age verification requirements fall under the Online Safety Act and have impacted not only adult sites but even social media platforms, including Reddit, X, and Bluesky.

Websites and platforms must now have age verification measures in place to prevent minors from accessing potentially harmful content. Age verification methods include facial age estimation, credit card age checks, and photo-ID matching.

Age verification is not without concerns, however, particularly for its impact on data security and user privacy. Indeed, a petition to repeal the Online Safety Act has attracted over half a million signatures to date.

Decodo, the best proxy site we’ve reviewed, has revealed a 65% increase in proxy users coming from the UK, as well as an 88% increase in proxy traffic from the country.

"More organizations in the UK are investing time in understanding the tools that power secure and efficient online operations," said Gabriele Verbickaitė, Product Marketing Manager at Decodo. "Most companies test out different solutions, providers, and do their research on proxies and VPNs, and they’re also making more informed, strategic choices."

Unlike VPNs, proxies aren’t primarily for privacy

Though proxies can be an invaluable tool for businesses and individuals alike, it’s important to understand how they differ from VPNs, particularly as it relates to privacy.

The primary concern with proxies concerning the UK’s age verification checks is that, unlike VPNs, they don’t encrypt your internet traffic. This means that your data – including the websites you visit – can still be seen by snoopers, including your ISP.

Privacy advocates have serious doubts as to whether the websites and services implementing the new measures can properly secure customer data from breaches. It appears to be a valid concern considering the numerous high-profile data breaches in recent months.

VPNs reroute your internet traffic through a secure end-to-end encrypted tunnel that connects your device to a VPN server. (Image credit: Shutterstock)

The most secure VPN providers route all of your outgoing and incoming internet traffic through an encrypted tunnel, preventing it from being seen by prying eyes. This makes a VPN the safest choice for the average user looking to browse the internet privately.

Thanks to encryption and the way they reroute traffic, VPNs are also more difficult to detect and block than proxies, making them a superior option for navigating geographic restrictions and internet censorship.

The UK body regulator Ofcom has, however, discouraged their use to avoid age verification requirements.

Despite this, there’s been a significant spike in VPN signups in recent weeks. It’s then clear that proxies are also benefiting from the UK’s increased desire for online privacy.

You might also like

• Could VPNs be banned? UK government to look "very closely" into their usage following spike after age verification row
• Wikipedia loses UK Online Safety Act legal challenge, but it may still be safe from age checks
• The 10 biggest sites you didn't realise are impacted by age verification