Technology

Looking for a different day?

A new NYT Connections puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: NYT Connections hints and answers for Sunday, August 31 (game #812).

Good morning! Let's play Connections, the NYT's clever word game that challenges you to group answers in various categories. It can be tough, so read on if you need Connections hints.

What should you do once you've finished? Why, play some more word games of course. I've also got daily Strands hints and answers and Quordle hints and answers articles if you need help for those too, while Marc's Wordle today page covers the original viral word game.

SPOILER WARNING: Information about NYT Connections today is below, so don't read on if you don't want to know the answers.

NYT Connections today (game #813) - today's words

(Image credit: New York Times)

Today's NYT Connections words are…

• PRESIDENT
• MOTHER
• BISHOP
• BIRD
• CLERGY MEMBER
• PREMIERE
• M.L.B. PLAYER
• POPE
• SAINT
• VALENTINE
• INTRODUCTION
• N.F.L. PLAYER
• LORDE
• LAUNCH
• BURNS
• SAINT PATRICK
• DEBUT

NYT Connections today (game #813) - hint #1 - group hints

What are some clues for today's NYT Connections groups?

• YELLOW: When it begins
• GREEN: National day 
• BLUE: Wordsmiths
• PURPLE: Linked by a word associated with red

Need more clues?

We're firmly in spoiler territory now, but read on if you want to know what the four theme answers are for today's NYT Connections puzzles…

NYT Connections today (game #813) - hint #2 - group answers

What are the answers for today's NYT Connections groups?

• YELLOW: FIRST APPEARANCE 
• GREEN: ONES CELEBRATED WITH HOLIDAYS 
• BLUE: FAMOUS POETS 
• PURPLE: WHAT "CARDINAL" MIGHT REFER TO 

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Connections today (game #813) - the answers

(Image credit: New York Times)

The answers to today's Connections, game #813, are…

• YELLOW: FIRST APPEARANCE DEBUT, INTRODUCTION, LAUNCH, PREMIERE
• GREEN: ONES CELEBRATED WITH HOLIDAYS MOTHER, PRESIDENT, SAINT PATRICK, SAINT VALENTINE
• BLUE: FAMOUS POETS BISHOP, BURNS, LORDE, POPE
• PURPLE: WHAT "CARDINAL" MIGHT REFER TO BIRD, CLERGY MEMBER, M.L.B. PLAYER, N.F.L. PLAYER

• My rating: Hard
• My score: Fail

Congratulations to anyone who completed today’s Connections. A round for me which bordered on the impossible.

In part, my difficulty with today’s game fell down to two areas of ignorance – American sports and poetry. I’m sure I wasn’t the only person who thought we were looking for a connection to the New Zealand singer LORDE as opposed to the poet Audre Lorde. But this wasn’t too much of an issue, as I was unaware of BISHOP and POPE too.

After comfortably getting the yellow group I struggled to make headway and fell into the obvious trap of trying to put together a group connected by religion and then leadership.

I did manage to put together ONES CELEBRATED WITH HOLIDAYS, but with one mistake left and completely clueless I crashed out after letting a shuffle do the guessing for me.

Yesterday's NYT Connections answers (Sunday, August 31, game #812)

• YELLOW: CRITICIZE HARSHLY BASH, BLAST, FLAME, ROAST
• GREEN: COMMON COMPONENTS OF BOARD GAMES BOARD, CARDS, DICE, PIECES
• BLUE: HETERONYMS AXES, BASS, COORDINATE, DOES
• PURPLE :___STICKS CHOP, DRUM, FIDDLE, FISH

What is NYT Connections?

NYT Connections is one of several increasingly popular word games made by the New York Times. It challenges you to find groups of four items that share something in common, and each group has a different difficulty level: green is easy, yellow a little harder, blue often quite tough and purple usually very difficult.

On the plus side, you don't technically need to solve the final one, as you'll be able to answer that one by a process of elimination. What's more, you can make up to four mistakes, which gives you a little bit of breathing room.

It's a little more involved than something like Wordle, however, and there are plenty of opportunities for the game to trip you up with tricks. For instance, watch out for homophones and other word games that could disguise the answers.

It's playable for free via the NYT Games site on desktop or mobile.

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Sunday's puzzle instead then click here: NYT Strands hints and answers for Sunday, August 31 (game #546).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #547) - hint #1 - today's themeWhat is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Be my guest

NYT Strands today (game #547) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• COME
• SEEM
• MITRE
• STEER
• HIVE
• BRAVE

NYT Strands today (game #547) - hint #3 - spangram lettersHow many letters are in today's spangram?

• Spangram has 11 letters

NYT Strands today (game #547) - hint #4 - spangram positionWhat are two sides of the board that today's spangram touches?

First side: left, 5th row

Last side: right, 5th row

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #547) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #547, are…

• GREET
• SERVE
• INVITE
• EMBRACE
• RECEIVE
• WELCOME
• SPANGRAM: HOSPITALITY

• My rating: Hard
• My score: Perfect

The theme automatically triggered thoughts of Angela Lansbury and company singing “Be our guest, be our guest/Put our service to the test” from Beauty and the Beast. 

Although today’s Strands wasn’t about pressed napkins, or dancing teacups, it was in a similar area.

My first two words – GREET and SERVICE – were easy to find, but everything else was quite tricky, including the arching spangram HOSPITALITY. And despite it being my final word it still took me a while to put together RECEIVE. 

Yesterday's NYT Strands answers (Sunday, August 31, game #546)

• PAIL
• TUMBLING
• FETCH
• WATER
• AFTER
• CROWN
• BROKE
• SPANGRAM: JACK AND JILL

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

The two title rivals face off for the first time this season at Anfield.

• Malicious prompts remain invisible until image downscaling reveals hidden instructions
• The attack works by exploiting how AI resamples uploaded images
• Bicubic interpolation can expose black text from specially crafted images

As AI tools become more integrated into daily work, the security risks attached to them are also evolving in new directions.

Researchers at Trail of Bits have demonstrated a method where malicious prompts are hidden inside images and then revealed during processing by large language models.

The technique takes advantage of how AI platforms downscale images for efficiency, exposing patterns that are invisible in their original form but legible to the algorithm once resized.

Hidden instructions in downscaled images

The idea builds on a 2020 paper from TU Braunschweig in Germany, which suggested that image scaling could be used as an attack surface for machine learning.

Trail of Bits showed how crafted images could manipulate systems, including Gemini CLI, Vertex AI Studio, Google Assistant on Android, and Gemini’s web interface.

In one case, Google Calendar data was siphoned to an external email address without user approval, highlighting the real-world potential of the threat.

The attack leverages interpolation methods like nearest neighbor, bilinear, or bicubic resampling.

When an image is intentionally prepared, downscaling introduces aliasing artifacts that reveal concealed text.

In a demonstration, dark areas shifted during bicubic resampling to display hidden black text, which the LLM then interpreted as user input.

From the user’s perspective, nothing unusual appears to happen. Yet behind the scenes, the model follows the embedded instructions along with legitimate prompts.

To illustrate the risk, Trail of Bits created “Anamorpher,” an open-source tool that generates such images for different scaling methods.

This shows that while the approach is specialized, it could be repeated by others if defenses are lacking.

The attack raises questions about trust in multimodal AI systems because many platforms now rely on them for routine work, and a simple image upload could potentially trigger unintended data access.

The danger of identity theft arises if private or sensitive information is exfiltrated in this way.

Because these models often link with calendars, communications platforms, or workflow tools, the risk extends into broader contexts.

To mitigate this, users need to restrict input dimensions, preview downscaled results, and require explicit confirmation for sensitive tool calls.

Traditional defenses like firewalls are not built to identify this form of manipulation, leaving a gap that attackers may eventually exploit.

The researchers stress that only layered security suites and stronger design patterns can reliably limit such risks.

“The strongest defense, however, is to implement secure design patterns and systematic defenses that mitigate impactful prompt injection beyond multimodal prompt injection,” the researchers said.

You might also like

• These are the best AI video editors right now
• We've also rounded up the best AI writers available
• Vicious malware found in Android apps with over 19 million installs

• KPMG's TaxBot development consumed months of drafting a 100-page prompt
• Partner-written tax advice had been scattered across countless laptops
• KPMG Workbench hosts multiple LLM models from competing vendors

When large language models began attracting global attention in late 2022, KPMG’s digital leaders immediately recognized potential benefits but also major risks.

Chief digital officer John Munnelly admitted that first experiments with ChatGPT produced “really scary” results, including the discovery of sensitive financial data sitting unsecured on internal servers.

That incident caused the firm to suspend experiments, restrict access to public AI tools, and reassess the dangers that uncontrolled deployment might introduce.

Building a private AI platform

KPMG subsequently began constructing a closed environment for AI work, supported by software licenses that allowed access to OpenAI and Microsoft systems.

This move gave the consultancy a chance to design applications within safer boundaries, eventually leading to a platform called KPMG Workbench.

The system combined retrieval-augmented generation, multiple LLM options, and agent hosting capabilities.

Rather than depending on a single vendor, the firm deliberately spread usage across OpenAI, Google, Microsoft, Anthropic, and Meta.

Throughout 2023, extensive effort was devoted to training employees on how to write prompts effectively and interact with AI writer systems.

By 2024, the Australian arm of KPMG initiated projects to build specialized agents. Among them was the so-called TaxBot, a tool designed to prepare tax advice.

Munnelly explained that development began by gathering partner-written advice that had been “stored all over the place,” often scattered on laptops.

That information, combined with Australia’s tax code, was placed into a RAG model to produce automated drafts. TaxBot, however, was not trivial to construct.

According to Munnelly, its creation required a 100-page prompt, drafted over months by a dedicated team, and ultimately fed into Workbench.

The result is a system that requests several inputs, seeks guidance from human experts, and then generates a 25-page document for client review.

Munnelly claimed the agent now performs tasks that once took two weeks in a single day, a change he described as “very efficient.”

He suggested that quick turnaround is particularly important for clients engaged in time-sensitive deals such as mergers.

Yet he also emphasized that only licensed tax agents are permitted to operate the tool, acknowledging that output without professional oversight is not suitable for general users.

Beyond efficiency, KPMG argues that the introduction of agents has boosted staff satisfaction, since repetitive tasks can be avoided.

Additionally, some clients have expressed interest in acquiring similar agents, generating revenue streams KPMG did not originally anticipate. Nevertheless, the firm concedes that measuring precise benefits remains difficult.

Via The Register

You might also like

• Top password managers are vulnerable to password stealing clickjacking attacks
• Check out the best AI phones on the market
• Here is our list of the best AI website builders on the web

Did you hear that? We found the best online hearing tests to help you check and monitor your hearing health from home.

AI is being trained to please users and, in doing so, is becoming indifferent to the truth.

Here are the updated parental controls anyone with children should know about.

• More Galaxy S26 Edge battery details have leaked
• The phone could stick with lithium-ion tech
• A larger 4,200 mAh capacity has been predicted

Now that the Samsung Galaxy S25 Edge is out, we can start thinking about what the Galaxy S26 Edge is going to offer – but it seems that one of the rumored new features supposedly arriving with the phone will now be pushed back to a later model.

Certification documents relating to the phone seen by SamMobile confirm that the 2026 handset is going to stick with the traditional lithium-ion battery technology that has been powering smartphones for the last few decades.

Earlier this year there had been talk that Samsung would make the jump to the superior silicon-carbon battery technology with the Galaxy S26 series, which offers bigger capacities (and more time between charges) in batteries of the same size.

Now it seems as though that isn't going to happen – at least for the Samsung Galaxy S26 Edge, where the extra capacity would've been very welcome. As we put it in our Galaxy S25 Edge review, the battery life on the device "isn't great".

Onwards and upwards

We may not see a Plus model next year (Image credit: Philip Berne / Future)

However, the same regulatory certification does point to a different kind of battery upgrade: the Galaxy S26 Edge is apparently going to come with a 4,200 mAh capacity battery, compared to the 3,900 mAh capacity of the current model, as previously rumored.

That should mean some extra time between charges, and hopefully Samsung can put together some additional hardware and software optimizations that mean battery life won't be something to worry about on the Galaxy S26 Edge.

There have also been rumors that the Galaxy S26 Edge could effectively be replacing the Samsung Galaxy S25 Plus model, so there would be no Plus model in 2026 – and three flagships rather than four for the Galaxy S26 series.

The Samsung Galaxy S26 series should be launching in January 2026, if Samsung sticks to its usual schedule. Before that though, we're expecting to see a new Galaxy S25 FE phone and some Galaxy Tab S11 tablets announced next Thursday.

You might also like

• We've got another big Samsung Galaxy tri-fold phone leak
• The best Samsung phones you can buy right now
• How the the iPhone 17 Air could beat the Galaxy S25 Edge

Graham Potter's hapless Hammers head to the City Ground hoping to avoid another drubbing.

Pep Guardiola's men look to bounce back from last weekend's defeat against Spurs.

It feels like only yesterday that the internet was abuzz with the news that Xiaomi – best known for its smartphones, watches and wearables – smashed the electric production car record at Germany’s infamous Nurburgring.

The SU7 Ultra beat the formidable Porsche Taycan Turbo GT and the $2.5m Rimac Nevera, as well as shaming the Tesla Model S Plaid, itself a car that embarrassed many dedicated performance brands when it set a blistering time back in 2021.

Now Yangwang has performed a similar feat, breaking an EV top speed record by hitting an eye-watering 293.54mph at the ATP test track in Germany.

It beat previous records held by the Aspark Owl and the Rimac Nevera. Yup, another blow to the brand whose CEO is now head honcho at Bugatti.

The fact that the Xiaomi SU7 bettered a Porsche Taycan Turbo GT on its very first lap around the Nurburgring is mildly embarrassing

The Yangwang U9, which is just one model from the high-performance sub brand of BYD, is particularly impressive given its ground-breaking electric powertrain. The Track Edition that set the record features four motors, each of which develops a staggering 744bhp.

Total output tickles almost 3,000bhp, while the clever torque vectoring system ensures the majority of this grunt can be delivered to the road by monitoring and adjusting torque to each wheel more than 100 times a second.

There’s also a DiSus-X Intelligent Body Control System, which automatically adjusts the suspension system for maximum grip and reduction of pitch and roll. The same tech enables the standard road-going car to leap over potholes.

(Image credit: Yangwang/BYD)

What’s more, Yangwang says it is pioneering a 1200V ultra-high-voltage vehicle platform in this car, one that has been optimized to handle the sort of extreme battery discharge scenarios experienced during a high-speed record attempt.

China clearly has a stranglehold on battery technology and is currently leagues ahead of western automakers in both the chemistry and production capabilities

Right now, an 800V system is considered cutting-edge and is enough to see batteries brimmed in under five minutes from the most powerful charging stations. Yangwang didn’t go into any details, but we expect this U9 Track Edition can slurp juice from a MegaWatt charging station at astonishing rates.

There is also no word on what the bespoke Track Edition would cost a private buyer, but the ‘standard car’, complete with some 1,300bhp, went on sale in 2024 priced at 1.68 million Yuan (or around $236,000 / £193,000 / AU$400,000).

To put that into perspective, that is more than the current Ferrari F80, which cost almost $4 million if you were lucky enough to get invited to buy one.

Shifting perceptions

(Image credit: Porsche)

Despite the impressive feats demonstrated by both Xiaomi and Yangwang, the general sentiment among US and European performance car enthusiasts is that the threat is largely overhyped, that it’s "easy to make electric cars go fast in a straight line" or that nobody is going to spend their hard-earned cash on something badged Yangwang.

While it is true that brand value remains arguably one of the most important factors when it comes to the world of luxury and performance cars (Ferrari’s profits hit $2.67 billion last year), the age of electrification is changing all of that and the Italian marque might not experience the same success when it launches its debut EV this year.

I lost count of the number of times the phrase 'Temu Ferrari' was banded around the comments sections

Porsche said this week that it has scrapped its Cellforce high-performance battery division, which was set up to produce the sort of next-generation cells that would power upcoming electric hyper cars, such as the previously-teased Mission X concept.

The German sports car-maker said that a "global lack of volumes" means that it is not financially viable to proceed with its plans to develop its own batteries. It has also slowed its transition to purely electric vehicles, as customer demand has been relatively weak.

Performance that doesn't cost the earth

(Image credit: Xiaomi)

China clearly has a stranglehold on battery technology and is currently leagues ahead of western automakers in both the chemistry and production capabilities, but it is also proving that it now has the technical knowhow to produce brutally capable electric performance cars.

The fact that the Xiaomi SU7 bettered a Porsche Taycan Turbo GT on its very first lap around the Nurburgring is mildly embarrassing, especially for a brand that has been building and racing cars for over 75 years.

Chinese brands are already busy making the electric vehicle more affordable for the masses, but it is also on a mission to democratize performance

Similarly, Yangwang looks like it has the technological prowess to produce a version of the U9 that could crack the 300mph max speed barrier – something that was achieved by the physics-defying, $4million+ Bugatti Chiron Super Sport just last year.

Put simply, China is busy smashing electric vehicle records and many are still adamant that the brands are somehow substandard or cheaper replicas. I lost count of the number of times the phrase 'Temu Ferrari' was banded around the comments sections of various news coverage.

Chinese brands are already busy making the electric vehicle more affordable for the masses, but it is also on a mission to democratize performance. A fact that has many of the most revered brands heading back to the drawing board.

In China, both the Yangwang U9 and Xiaomi SU7 have proven to be huge sales successes for the two brands, as the domestic market naturally pivots towards the latest technological advances.

It's still yet to be seen whether the rest of the world even wants high performance EVs of this nature – but if it does, China will be there to offer them at a fraction of the price.

You might also like

• BYD's monster U8 SUV could come to Europe, complete with 1,184bhp and an ability to float
• The world's fastest EV just got even faster – Rimac Nevera R hits mind-melting performance mark
• Volkswagen wants you to pay a Netflix-style subscription to unlock extra EV power – and that could be a slippery slope

It probably hasn't escaped your attention that Windows 10 support expires on October 14, 2025. Given that, there's precious little time left before those who remain on the operating system without taking any action will be left with no security updates. Those patches are vital protection for your system, and without them, an unsupported version of Windows is open to new vulnerabilities and potentially being compromised.

If you want to stick with Windows 10 – maybe you dislike Windows 11, or your PC is unable to run it – then there are actually a few options for getting additional support for an extra year. This will carry you through to October 2026, giving you more breathing room to decide on the next step for your Windows 10 PC.

These options can be accessed via the Extended Security Updates (ESU) program that Microsoft revealed late last year, which is being offered to consumers for the first time. (Previously, this scheme was for businesses only.)

You'll have three choices – one of which is completely free, though it has a small catch – so let's go over those next before addressing the issue of how you actually sign up for the ESU scheme (which is causing confusion for some people).

(Image credit: Shutterstock - Wachiwit)ESU Option 1: Free updates via syncing PC settings

This is the route I'll be taking, and I imagine it'll be the preferred option for a lot of Windows 10 users. This way, you don't need to pay anything at all for the extra year of support: Microsoft just asks that you sync your PC settings to OneDrive (via the Windows Backup app).

Note that you don't have to back up all your PC's data, only the settings. I've seen some confusion about this online, with people not keen on 'giving Microsoft all their data' - you aren't doing this, rest assured. You do have to share your PC settings, though, and you will, of course, need to be signed up for a Microsoft account.

ESU Option 2: Use Microsoft Rewards

If you've accumulated Microsoft Rewards points, which are accrued by using Bing or other Microsoft services, or spending at the Microsoft Store, you can use these to pay for the ESU scheme. It'll cost you 1,000 Microsoft Rewards points.

ESU Option 3: Pay $30

If you don't have Microsoft Rewards points and absolutely refuse to sync anything with Microsoft, then the only remaining option is to pay for the extra year of extended support. It'll cost $30 or the equivalent in your local currency. Note that even if you pay for extended support, you'll still need a Microsoft account.

(Image credit: Shutterstock/fizkes)I can't see the ESU scheme anywhere - how do I sign up?

You sign up for the ESU program by clicking a link in the Windows Update panel. Just search for 'Windows Update' in the taskbar search box (or Settings), and when you're in the panel, you might see an option to 'Enroll now' for Extended Security Updates on the right-hand side of the screen.

Notice I said that you might see it, because here's the thing: Microsoft has only begun rolling out this option right now. As Microsoft recently clarified, it's a slow-paced rollout, meaning a lot of folks can't see it yet, myself included (at the time of writing). However, rest assured that it's coming; you'll just have to be patient.

Microsoft has promised that the ESU enrollment wizard will appear on all Windows 10 PCs before the support deadline expires in mid-October. So most likely, you'll see it on your PC in September at some point (possibly after that month's update). Just keep checking back in Windows Update and it'll turn up eventually, or it should do, barring any weirdness or bugginess on Microsoft's part (which can't ever be fully ruled out).

Whatever you do - don't do nothing

Make sure you know what you want to do in terms of getting extended updates, and keep checking back to sign up for the ESU program. Whatever you do, don't just stay on Windows 10 after October 2025 with no updates provided, because as time ticks on, you'll increasingly be running a greater risk. The more months that pass by, the more security holes that may be revealed and remain unpatched, possibly opening the door for your Windows 10 PC to be hacked in some way.

If you don't get extended updates for Windows 10 sorted, or don't like any of the options, and don't want to upgrade to Windows 11, then look at moving to another platform. A Windows-like flavor of Linux might be your best bet.

You might also like

• Latest Windows 11 update packs a great new feature - but I hope I never have to use it
• Microsoft promises to crack one of the biggest problems with Windows 11: slow performance
• Can't reset your Windows 11 or 10 PC? Microsoft rushes out fix after breaking vital recovery features

Here are hints and the answers for the NYT Connections: Sports Edition puzzle for Aug. 31, No. 342

Here are the answers for The New York Times Mini Crossword for Aug. 31.

• The iconic floppy disk is reborn as a storage case for today's terabyte-packing SD cards
• From 1.44MB past to terabyte present, the new design bridges eras creatively
• Fun artwork references glitch aesthetics and retro computing

Floppy disks are unquestionably a relic from the past, although they still keep resurfacing in unusual places - most recently, surfacing in the American prison service, and an enterprising YouTuber set out to build a floppy disk from scratch.

If you're of a certain age, you'll no doubt still remember the feeling of sliding a floppy disk into a computer, hearing that quiet click, and waiting as files loaded bit by bit. That memory will come rushing back with the Floppy Disk-Inspired SD Card Packaging, a design concept created by Indian industrial designer Ayushmaan Singh Jodha for SanDisk.

It takes the iconic 3.5-inch floppy and reimagines it as a different kind of storage device - as a case for today’s SD cards.

(Image credit: Ayushmaan Singh Jodha )From megabytes to terabytes

Where a floppy once held 1.44MB, this design protects cards that now carry gigabytes or even terabytes.

The idea bridges eras of technology in a fun way, but with a serious practical purpose.

SD cards can easily get lost, slipping out of pockets during a shoot, hiding beneath clutter in a busy studio, or disappearing into the depths of a travel bag. I’ve lost a good number of them over the years.

The floppy case provides a larger, sturdier object to hold onto, making it easier to keep track of the tiny cards that store important work.

The packaging keeps the same square profile and iconic shutter, transforming an obsolete form into a fresh, modern tool.

The design showcases artwork that references early computer culture, glitchy error screens, and retro sci-fi themes. The idea is turn the cases into collectible pieces that creatives may want to keep on display, not tucked away in drawers.

The sliding shutter reveals the hidden compartment where the SD card is stored, adding a small sense of interaction to an otherwise simple task.

Is it truly practical? No, but it’s fun and something I’d love to own.

Via Yanko Design

You might also like

• These are the largest SD cards you can buy right now
• The German navy is stamping out floppy disks for good
• From floppy disks to fax machines: 5 obsolete piece of tech that do not want to die in 2025

Here are hints and answers for the NYT Strands puzzle for Aug. 31, No. 546.

Here are some hints and the answers for the NYT Connections puzzle for Aug. 31, #812.

Here are hints and the answer for today's Wordle for Aug. 31, No. 1,534.

• 5G phones can be silently downgraded to insecure 4G, leaving the device exposed
• The exploit works without setting up expensive and complex fake towers
• Tested smartphones include flagship models from Samsung, Google, Huawei, and OnePlus

In late 2023, researchers uncovered a set of flaws in 5G modem firmware from major chipmakers, including MediaTek and Qualcomm, collectively named 5Ghoul.

A group of academics at the Singapore University of Technology and Design (SUTD) has now shown how 5G phones can be tricked into falling back to 4G networks through a method that avoids the need for a fake base station.

Instead, it targets a vulnerable stage of communication between phone and tower, where critical messages remain unencrypted.

How the toolkit works in practice

The SNI5GECT toolkit, short for “Sniffing 5G Inject,” makes use of the tiny time window at the start of a connection attempt.

It targets the pre-authentication phase, when the data passing between the tower and the phone remains unencrypted.

Because of this gap, attackers can intercept and inject messages without needing to know the phone’s private credentials.

During this stage, the system can capture identifiers sent from the tower and use them to read and modify messages.

With such access, the attacker can force a modem crash, map a device fingerprint, or trigger a switch from 5G to 4G.

Since 4G carries long-known flaws, the forced downgrade leaves the target open to older tracking or location attacks.

The tests revealed a success rate between 70% and 90% when attempted from around twenty meters away, suggesting the method works in realistic conditions.

The academics tested the framework on several smartphones, including popular models from Samsung, Google, Huawei, and OnePlus.

In these cases, the researchers were able to intercept both uplink and downlink traffic with notable accuracy.

Importantly, the method avoids the complexity of setting up a rogue base station, something that has long limited practical attacks on mobile networks.

The Global System for Mobile Communications Association (GSMA) has since confirmed the issue and assigned it the identifier CVD-2024-0096, marking it as a downgrade risk.

The claim from the team is that their toolkit is not meant for criminal use but for further research into wireless security.

They argue it could help with the development of packet-level detection and new forms of 5G protection.

Still, the ability to crash devices or silently downgrade them raises questions about the resilience of current networks.

While no clear reports exist of real-world abuse so far, the method is public and the software is open source, so the risk remains that skilled actors could adapt it.

Unfortunately, users have few direct options to block such low-level exploits, though broader digital hygiene may help limit downstream risks.

However, running updated antivirus software, securing credentials with a password manager, and enabling an authenticator app for accounts can reduce the impact of secondary attacks that might follow from a network downgrade.

Via The Hacker News

You might also like

• Many bosses don't believe their workers have good enough security awareness
• The best antivirus software can keep your devices protected
• Surf the web at speed with the best browser