Feed aggregator

Looking for a different day?

A new NYT Strands puzzle appears at midnight each day for your time zone – which means that some people are always playing 'today's game' while others are playing 'yesterday's'. If you're looking for Monday's puzzle instead then click here: NYT Strands hints and answers for Monday, July 14 (game #498).

Strands is the NYT's latest word game after the likes of Wordle, Spelling Bee and Connections – and it's great fun. It can be difficult, though, so read on for my Strands hints.

Want more word-based fun? Then check out my NYT Connections today and Quordle today pages for hints and answers for those games, and Marc's Wordle today page for the original viral word game.

SPOILER WARNING: Information about NYT Strands today is below, so don't read on if you don't want to know the answers.

NYT Strands today (game #499) - hint #1 - today's themeWhat is the theme of today's NYT Strands?

• Today's NYT Strands theme is… Come one, come all!

NYT Strands today (game #499) - hint #2 - clue words

Play any of these words to unlock the in-game hints system.

• DRONE
• SEEN
• FUSS
• VOTE
• VOICES
• STUN

NYT Strands today (game #499) - hint #3 - spangram lettersHow many letters are in today's spangram?

• Spangram has 11 letters

NYT Strands today (game #499) - hint #4 - spangram positionWhat are two sides of the board that today's spangram touches?

First side: top, 3rd column

Last side: bottom, 4th column

Right, the answers are below, so DO NOT SCROLL ANY FURTHER IF YOU DON'T WANT TO SEE THEM.

NYT Strands today (game #499) - the answers

(Image credit: New York Times)

The answers to today's Strands, game #499, are…

• GAMES
  MUSIC
• RIDES
• LIVESTOCK
• VENDORS
• PRIZES
• SPANGRAM: COUNTY FAIRS

• My rating: Hard
• My score: 2 hints

The phrase “come one, come all” is not one I am familiar with at all. It sounds like the sort of thing people would whisper to each other in Handmaid’s Tale – but I can see how it would work as a rallying cry for COUNTY FAIRS.

Not knowing what I was looking for and finding only non-game words it took two hints before I started making headway – GAMES and MUSIC didn't narrow things down, but RIDES confirmed that we were looking for some kind of fair.

Getting the top to bottom LIVESTOCK revealed the spangram and from here on I was virtually home. No PRIZES for me today, hope you deserve a rosette at least.

How did you do today? Let me know in the comments below.

Yesterday's NYT Strands answers (Monday, July 14, game #498)

• TEACHER
• MAYOR
• JANITOR
• LIBRARIAN
• FIREFIGHTER
• SPANGRAM: COMMUNITY

What is NYT Strands?

Strands is the NYT's not-so-new-any-more word game, following Wordle and Connections. It's now a fully fledged member of the NYT's games stable that has been running for a year and which can be played on the NYT Games site on desktop or mobile.

I've got a full guide to how to play NYT Strands, complete with tips for solving it, so check that out if you're struggling to beat it each day.

Poor Elmo. The adorable, perpetually 3-year-old Sesame Street character loves us, but someone clearly does not love the furry red guy back. Hackers took over his popular X (formerly Twitter) account on Sunday and posted some decidedly un-Elmo-like content. It's surprising for a character and platform that are focused on teaching us likely missed a basic rule of social media: always set up Two-Factor Authentication.

All the deeply offensive posts have since been removed from Elmo's account, which has over 684,000 followers, and while Sesame Street has publicly commented on the hack, Elmo's account has been silent for the last 48 hours.

To think, this probably all could've been avoided if Sesame Workshop, which runs the account, had learned one simple lesson.

T is for Two-Factor Authentication.

If you have a Blue check (or any color official check) on your X account, you're likely a target. Elmo's account is verified, though we think it should be a red check. For a time, it was hard to identify verified accounts because X CEO Elon Musk removed them in 2023, demanding that anyone who wanted one pay $8 a month. He relented a year later, and accounts like Elmo's got their checks back. It was good news, except for the fact that hackers instantly knew again exactly who to target.

Tied up in verification was Two Factor Authentication, or rather, how you could verify. X ended SMS (text-based) verification for non-paying members and instead favors codes and security keys.

But I digress. It helps to explain two-factor authentication (also known as 2-factor-auth and 2FA) in a way that Elmo can understand.

Elmo likes to learn

Elmo. Elmo, look at me. Please stop playing with that puppy and look at me.

Yes, yes, I know, "Elmo loves me." Please, listen.

You know that X account that you love using so much, the one where you offer hugs and ask us all to come outside and play?

I know, right, it used to be called "Twitter." No, I do not know why they changed the name.

Let's focus.

Your X account has your name, and you use it by signing in, right?

Yes, Elmo, you've done a very good job with that. I see you on the account every day, so you clearly know how to sign in. That's very good, Elmo.

But, Elmo, your account is missing something.

No, wait, Elmo, do not go running off to look for it. It's not something you dropped.

You need to make it harder to log in. You need to add something called "Two-factor authentication."

Harder is sometimes a scary word, but not this time, and, yes, "authentication" is a big word. I can help.

The ABCs of security

It's simple, Elmo, when you sign into your account, you will also need your phone with you to generate a code.

Yes, Elmo, I do see your phone. It's very nice. I know you don't use it all the time. You're good about that.

Two-factor authentication simply means, Elmo, that when you sign in, there is a second step (or factor) you need to accomplish before you can use your account again.

First, you should enable Two Factor Authentication on your X account. This does mean you'll need the email you used to create the account. Ask the adults at Sesame Workshop to find it. They will also need to enter the password and then verify the use of a secondary login method.

Now, Elmo, here's where it gets a little complicated. Once this is set up, after you sign in – Elmo, stop playing with Tango for a second and look at me – Twitter will ask you for a code.

I use, and I think you could too, Google's Authenticator
App. Once this is set up, after you try to log in (you or a trusted adult, Elmo), you'll be asked for a code. You simply open the Google Authenticator app and grab the code that is shown for X, and then enter it in X.

After that, Elmo, you're done.

Yes, yes, Elmo, it is exciting. No, I don't think it's fun, but it's fine if you do.

Give 2FA a hug

Okay, I think Elmo gets it.

Hopefully you do. The technology here is simple: a hacker can't sign into your account without that secondary verification system. They need that code, which is only coming to the app and the phone in your hand.

I promise that hackers will try, and you may get emails about their attempts, but they will likely fail because hackers do not have that code and cannot complete the login. Also, 2FA isn't just for X; it's a valuable security tool for any online account, including email, banking, and work accounts.

One more thing for you and, oh, Elmo, come back here for a second. Everyone should change their passwords every six months. This makes it difficult for hackers who have hoovered up your information in a data breach to use old passwords to access your accounts.

I know, Elmo, you love us. We love you, too.

You might also like

• Twitter makes SMS two-factor authentication exclusive to Twitter Blue users
• Netflix is picking up Sesame Street and doing something HBO should've done all along
• Your Netflix home page is getting its biggest update ever, and yes, it includes generative AI

• Tizen 9.0 is rolling out to 2024 Samsung TVs
• European owners are already receiving the update
• Availability for 2023 TVs is still unknown

One of our favorite things about Samsung's best TVs in 2025 is the upgraded Tizen operating system, which we think is the best version it's offered so far. So Tizen 90's recent arrival on 2024-model TVs is a very welcome upgrade.

My colleague James Davidson went into great detail about Tizen 9.0 here, praising the updated Gaming Hub, the apparently LG-inspired Quick Menu and the redesigned home screen.

It isn't quite the best smart TV platform – we reckon LG's webOS still has the edge, and the update removes the HGiG Game HDR option, which is used for some livestreaming – but it's really good, and will be welcome on older sets.

Which Samsung TVs are getting the Tizen 9.0 upgrade?

According to FlatpanelsHD, owners in Europe started getting the firmware version 2106.0 this month, July 2025. That takes their operating system from Tizen 8.0 to Tizen 9.0.

That's the good news. The bad news is that it's going to be a slow rollout, with Samsung adding additional TVs to the upgrade program fairly gradually – and that means it could be some months before all compatible TVs are upgraded. If your TV isn't one of the flagship models that could mean waiting a bit for the firmware to become available.

There's also uncertainty over 2023-model TVs, as Samsung hasn't yet committed to a timescale for upgrading those models. However, Samsung has promised seven years of updates to all models from 2023 and later, so it's not a question of if those TVs will get the update; it's just a matter of when.

You might also like

• The best TV, chosen by our reviewers for all budgets
• The best OLED TVs for all budgets, as reviewed by our experts
• I review TVs for a living, and here are the 3 best TVs you can buy right now

• Nvidia's Smooth Motion tech is inbound for all RTX 4000 GPUs
• Previously this frame rate-boosting feature was only for RTX 5000 cards
• It's still in beta for RTX 4000 models, but it shouldn't be long before the full release

Nvidia is providing its Smooth Motion tech for boosting frame rates across all PC games to RTX 4000 graphics cards in a new driver.

This is great news for gamers with those GPUs – previously Smooth Motion was only an option for RTX 5000 models – but the catch is that for now, this is still in testing with Nvidia's beta driver.

It shouldn't be too long before the tech makes its way through to a release driver, though.

This development was picked up on X by Huang514613, who pointed to a post on the Guru3D forums, as flagged by VideoCardz (with the tech site verifying that the new beta does indeed carry the feature, and briefly testing it out).

Smooth Motion is essentially the equivalent of frame generation (FG) – adding in extra frames to boost the frames per second count, and make the game run artificially smoother – but it works at the driver level (doubling the frame rate).

What that means is that it can work with any DX11 or DX12 game (in theory) across the board, whereas with frame generation (and DLSS 4), developers must code their game to make use of the tech. That obviously limits the usefulness of the latter considerably.

(Image credit: Future / John Loeffler)Analysis: smooth operator – but be patient

Smooth Motion is a big deal because it means that a pile of older PC games, which are never going to be updated for frame generation at this point, can get the benefit of a similar feature.

The catch is that word 'similar', and Smooth Motion won't offer results which are as good as frame generation in terms of image quality (or the frame rate boost). Still, for games that don't have DLSS or FG support, this is clearly a lot better than nothing.

As you may be aware, Smooth Motion is Nvidia's equivalent of AMD's Fluid Motion Frames (which came way before Team Green's take, and was recently improved).

With any luck, Nvidia will bring this feature to RTX GPUs that predate the RTX 4000 lineup in the future.

I'd be wary of trying to get this working on the mentioned beta driver, by the way, as there are reports of crashes or even total PC lock-ups being caused by those experimenting with the tech (which must be enabled via the Nvidia Profile Inspector tool).

If you have an RTX 4000 graphics card, just be happy that Smooth Motion is on the way, and wait for the official release in the finished driver – it shouldn't be too far off at this point.

Early results are (generally) promising for Smooth Motion on RTX 4000 GPUs, by the way, going by reports from the more intrepid gamers who've gone ahead and tested this tech while it was in beta.

You might also like...

• Nobody wants 8GB GPUs from Nvidia and AMD – and this retailer just made that clear
• The best Nvidia graphics card in 2025
• Where to buy AMD Radeon RX 9070 XT and RX 9070: the best retailers in the US and UK to check for stock

Full spoilers immediately follow for 2025's Superman film.

Superman is doing more than simply making us believe that a man can fly.

With a $200 million+ haul at the global box office on opening weekend, plus the critical and commercial acclaim it's received, James Gunn's Superman movie has made us believe in DC comic book movies again. The DC Universe's (DCU) first film – find out how to watch the DC movies in order while you're here – also gave us a wildly entertaining, eye-popping, and heartfelt story filled with household names and unfamiliar characters alike.

It's also where I think Superman succeeds best. From Mister Terrific and The Engineer, the DCU Chapter One movie spotlights numerous underappreciated DC comic book characters who deserve their time to shine in Gunn and Peter Sarfran's rebooted cinematic franchise. However, it's another metahuman – one who'll be recognizable to some viewers, but not others – that Superman really does right by, even though she's only on camera for 30 seconds or so: Supergirl.

Milly Alcock will play Kara Zor-El/Supergirl in the DCU (Image credit: James Gunn/Twitter)

She only briefly cameos, but Milly Alcock's Supergirl – real name Kara Zor-El – is everything I wanted from a live-action adaptation of Superman's cousin.

I'm not throwing shade at Meg Donnelly, who was one of the final contenders for the role of Supergirl before losing out to Alcock in January 2024, by saying that, either. I'm sure Donnelly would've been a great Supergirl, but there's just something about Alcock's albeit brisk time on the screen that captures the rebellious, reckless side of Clark Kent/Kal-El's relative that we've seen really seen in the comics.

Take her crashing through the wrong part of The Fortress of Solitude because she's drunk (yes, she's slightly inebriated, but she's not an alcoholic or a frat girl, as some have incorrectly disparaged Gunn and company for) and then blaming Supes for moving the door in an apparent redesign of his secret headquarters. Or, how about her lack of concern for how Kal-El is or what he's been up to, and only returning to Earth to collect her disobedient pet Krypto?

Then there's the enjoyment she gets from being thrown about by Krypto – a far cry from how Supes handled similar situations throughout the film. Oh, and let's not forget that she's humorously rude to Clark – she calls him "b***h" after sarcastically thanking him for babysitting Krypto – before she flies off to a whereabouts unknown.

A post shared by SCREEN THRILL| Movies & TV (@screenthrill)

A photo posted by on

Combine the above with her authentic Supergirl costume, plus the beige-colored coat she wears in 'Supergirl: Woman of Tomorrow' – the eight-issue comic series run that her forthcoming solo film is heavily inspired by – and Alcock's Kara could be the most fully-formed version of the character we've seen yet. Indeed, couple the above with the strong sense of justice and caring nature she's displayed in prior big- and small-screen re-imaginings, make me even more confident that those involved in Supergirl will knock it out of the park.

Of course, it's hard to read too much into Alcock's cameo and determine if she can carry a tentpole movie.

Supergirl: Woman of Tomorrow, whose title was recently shortened to simply Supergirl, will not only be the Kryptonian's first standalone film in over 40 years, but it's also the first flick Alcock is the lead star of. The pressure is certainly on, then, to ensure Alcock was the right pick for the role, and that Gunn and Safran made the correct call to prioritize a Supergirl movie over a solo Batman or Wonder Woman DCU flick, both of which are in early development.

We got our first look at the DCU's Kara Zor-El, albeit from the back, in March (Image credit: James Gunn/Instagram)

The DCU is off to a good start with Superman, but it'll need other projects like Supergirl, Peacemaker season 2, Lanterns, and Clayface to similarly perform well. If they do, the DCU will be worth investing in. If, for whatever reason, Supergirl struggles, though, we could have a post-Avengers: Endgame situation that's seen Marvel fans have love one project but dislike the next.

Those two slight concerns notwithstanding, I'm confident Supergirl will be a big hit and Alcock's performance will be a big reason why. She's already commanded the screen in season 1 of House of the Dragon, while her natural, unquestionable talent has been on full display in the aforementioned HBO Max show and recently Netflix TV Original Sirens. So, there's no reason why Alcock can't deliver a similarly fantastic display in The Girl of Steel's next cinematic outing. If anything, her solitary scene in Superman confirms she will.

Supergirl flies into theaters worldwide on June 26, 2026. For more on one of next year's most anticipated new movies, read my ultimate guide on Supergirl's next big-screen outing.

You might also like

• First image for Supergirl shows Milly Alcock's Kara Zor-El in a place that'll be very familiar to DC comic book fans
• James Gunn reveals why Jason Momoa's Lobo is a vital part of Supergirl's story – and confirms who'll play the DCU movie's villain
• When might James Gunn's Superman movie be available to watch on HBO Max?

• The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for two days
• The variant harvested extensive information and allowed for RCE
• The malware affected only manual downloads and composer installations

Gravity Forms, a popular WordPress add-on with at least a million users, was victim of a supply chain attack in which threat actors tried to deploy malware to its users and take over their websites.

Security researchers from PatchStack discovered someone managed to infiltrate Gravity Forms’ website, and compromise the plug-in installation file hosted there.

On July 10 and 11, users could download Gravity Forms versions 2.9.11.1 and 2.9.12, which came with malicious files that collected extensive site metadata, and malware that allowed for remote code execution (RCE) attacks.

Risky manual downloads

The malware also blocked any attempts to update the add-on, contacted an external server to deploy additional payloads, and created an admin account that granted attackers full control over the compromised website.

Gravity Forms is a premium WordPress plugin enabling users to build different forms using a drag-and-drop interface. It integrates with a wide range of third-party services, making it popular for contact forms, surveys, payment forms, and more.

After being notified about the attack, RocketGenius, the company that develops Gravity Forms, investigated further, and determined that the malware affected only manual downloads and composer installations of the plugin.

"The Gravity API service that handles licensing, automatic updates, and the installation of add-ons initiated from within the Gravity Forms plugin was never compromised. All package updates managed through that service are unaffected,” RocketGenius explained.

Therefore, all users who downloaded Gravity Forms directly from RocketGenius’ website on either July 10 or 11, should delete the plug-in and reinstall it with a clean version. Furthermore, admins should analyze their websites for any signs of compromise.

The first clean version of the add-on is 2.9.13, which is now available for download.

Via BleepingComputer

You might also like

• A popular WordPress theme has been hijacked by malware - here's what we know
• Take a look at our guide to the best website builders around
• We've rounded up the best password managers

It’s good news for those of us binging the hit Netflix documentary series Trainwreck like there’s no tomorrow – new installment Balloon Boy hits screens on July 15. The new unbelievable story made national headlines back in 2009, but has flown under the radar ever since.

Since 2022, Trainwreck has brought multiple disturbing stories back into the public eye, with Woodstock ‘99, The Astroworld Tragedy and The Cult of American Apparel being among them. Of course, we can’t leave the infamous Poop Cruise out, either. Think less serious true crime series and more fly-on-the-wall stuffed with personality here.

Trainwreck documentary The Real Project X is still storming Netflix’s top 10 chart since being released on July 8 but Balloon Boy is a surefire bet to leave you open-mouthed, even if you’re familiar with the case details.

Netflix’s next Trainwreck documentary Balloon Boy has to be seen to be believed

Unlike deranged parties or people having to poop in red biohazard bags on their four-day trip to Mexico, Balloon Boy is a heart-stopping drama from beginning to end. Given the nickname by the press, Balloon Boy actually refers to six-year-old Falcon, who was allegedly trapped in a homemade gas balloon resembling a flying saucer when it was released above Fort Collins, Colorado. Parents Richard and Mayumi Heene told the authorities while the balloon was on its 90-minute flight, reaching heights of 7,000 feet.

By the time anyone could get to the balloon, it had landed a few miles away from Denver International Airport, and there was no Falcon to be seen. When the balloon was being tracked in the air, an object supposedly fell during its flight, prompting everyone watching to think the worst. A search was quickly underway with international media flocking to cover the alleged tragedy.

Here’s the twist – Falcon was never in the balloon at all. Instead, he’d been hiding in the attic of the family’s house the entire time, revealing during a Larry King Live interview that his parents had told him they’d done it “for show”. News of the publicity stunt soon went viral, with local sheriffs confirming the Heenes would face felony charges for the hoax. Richard Heene pleaded guilty to attempting to influence a public servant and was sentenced to 90 days in jail and ordered to pay $36,000 in restitution, with Mayumi Heene sentenced to 20 days of weekend jail.

So why do we need to see the Netflix series if the story was so well reported at the time? For one reason: Balloon Boy is the first time we’re getting an in-depth look at the full story from the family’s point of view. We’re getting sit-down interviews with them all, including the now grown up Falcon, who still seems pleased that he was once at the centre of a national news storm as a little boy.

Was it all an intention ploy, or did a family joke just get way out of hand? Based on the news reports, you could argue both ways, but I can’t wait to get the inside story straight from the source. If you’re wondering what to stream this week, make it this as it has the potential to be one of the best Netflix shows.

You might also like

• Squid Game: The Challenge season 3 is a win for Netflix, but one unhinged game from the K-drama can’t be replicated
• Virgin River season 8 gets early renewal from Netflix, and this season 6 cliffhanger could be a sneaky red herring
• New Netflix movies: every original film you can watch on the best streaming service in July 2025

Our series on identity theft protection apps will evaluate the features, pricing options, competition, and also the overall value of using each app. However, these are not full hands-on reviews since evaluating identity theft protection apps is almost impossible. It would require several months of testing, purposefully hacking accounts to see if the protection app works, handing over personally identifiable information, performing multiple credit checks, and risking exposure of the reviewer’s personally identifiable information.

It happens suddenly, catching you off guard like a thief in the night. Picture this chilling scenario: you stroll into the local bank, casually swiping your card at the ATM to deposit a check, and your heart sinks as the screen flashes an error — your account is inaccessible. An anxious pit forms in your stomach as you pull out your phone and scroll through your Twitter feed. To your horror, you see that someone has hijacked your account, spewing links to malicious sites to your unsuspecting followers. Panic sets in as you realize the magnitude of the situation.

Determined to regain control, you rush to your bank, where you find a comfortable chair in the office of your banker, hoping for answers. But instead, she delivers the crushing news: your loan application has been denied because your credit score is in shambles. The sense of violation and confusion is overwhelming; where do you even begin to untangle the mess of identity theft?

Identity theft is one of those unfortunate realities of modern life, an experience that makes your stomach drop and anxiety soar. However, there is a silver lining amidst this dark cloud: a reliable name in the insurance industry — yes, that Allstate with the comforting “Good Hands” ads — offers a comprehensive identity theft protection app that shines with remarkably unique features.

Allstate Identity Protection stands out with its proactive approach, providing you with real-time alerts for social media monitoring. If your account is hacked, you receive an immediate notification, enabling you to act swiftly before a small breach becomes a full-blown crisis. With a safety net of up to $500,000 in insurance protection, you can navigate the murky waters of identity theft with a bit of peace of mind (though some competitors offer up to $1 million).

But what sets Allstate apart is its coverage of not just your credit cards or checking accounts, but also your student loans and retirement accounts. This all-encompassing protection shows that they understand the multifaceted nature of modern finances. While it may not boast the most powerful features compared to other identity theft solutions, the value for the price makes it an enticing option. In fact, you'd find it a worthy investment even at a higher monthly fee, granting you the confidence to reclaim your identity and restore your peace of mind. In a world where cyber threats loom large, having Allstate by your side is like having a trusted guardian, ready to protect what matters most: your good name.

(Image credit: Allstate)Allstate Identity Protection: Plans and pricing

Allstate Identity Protection, which is offered and serviced by InfoArmor, Inc.—a subsidiary of The Allstate Corporation—provides a comprehensive suite of identity protection plans designed to safeguard your personal information and assist in the recovery process in the event of identity theft. With an understanding that each individual and family has unique needs, Allstate Identity Protection offers both individual and family plans available across several tiers, each tailored with distinct features and pricing to cater to a variety of requirements.

Among the options available, the Essentials Plan is an excellent starting point for individuals and families looking to secure their identities. Typically priced at about $9.99 per month for individuals and $18.99 per month for families, this plan features essential identity monitoring services along with financial fraud protection. Customers benefit from one-bureau credit monitoring and access to 24/7 full-service remediation support, ensuring help is always available when needed. Additionally, the plan includes lost wallet assistance and significant reimbursement coverage, offering up to $1 million in identity theft expense reimbursement and up to $50,000 in stolen funds reimbursement.

For those seeking enhanced protection, the Premier Plan offers a step up with a monthly cost of around $17.99 for individuals and $34.99 for families. This tier builds upon the Essentials Plan by adding features such as financial account transaction monitoring and social media monitoring, which are crucial in today’s digital landscape. Furthermore, users benefit from stolen tax refund advances and increased coverage for stolen funds reimbursement, which can go up to $500,000, giving families added peace of mind.

The most robust option available is the Blue Plan, usually priced around $19 per month for individuals and $36 per month for families. This comprehensive plan includes family digital safety tools and a cybersecurity toolkit featuring antivirus software and a virtual private network (VPN). Additional benefits include robocall and ad blockers, three-bureau credit monitoring with credit lock/freeze assistance, and an amplified stolen funds reimbursement of up to $1 million, as well as up to $1 million coverage for stolen 401(k) funds. Such extensive features make the Blue Plan an exemplary choice for those who demand maximum protection.

All plans share common features designed to provide proactive monitoring and support. Customers receive dedicated 24/7 remediation specialists who can assist with identity theft issues, along with identity theft expense reimbursement and privacy management tools to help individuals maintain control over their personal information.

It's important to keep in mind that discounts may be available for Sam's Club members, and potential price increases may occur after the first year of service. Additionally, these identity protection plans are often offered as employer benefits, making it convenient for employees to access these essential services.

For the most current and accurate information regarding features and pricing, it is always recommended to visit the official Allstate Identity Protection website, where you can find detailed descriptions of each plan and make an informed decision that best suits your identity protection needs.

(Image credit: Allstate)Allstate Identity Protection: Interface

We hope you have a strong appreciation for the color blue, as Allstate Identity Protection prominently features a deep, calming shade of blue on both their website and mobile app. This color choice not only enhances brand recognition but also conveys a sense of trustworthiness and security, which is crucial in the realm of identity protection.

The interface adopts a no-frills approach, reminiscent of TurboTax, prioritizing straightforward navigation over elaborate design. Users will find essential categories such as credit monitoring, Dark Web monitoring, and alerts for financial transactions clearly laid out, making it easy to access the most important features.

The mobile app places a significant emphasis on alerts, actively engaging users with questions about potentially suspicious transactions. This proactive stance is beneficial, but it could be improved. For those unfamiliar with identity protection, the app might benefit from more guided experiences. In contrast, we believe that incorporating wizards and status indicators, similar to those offered by Norton LifeLock, would provide a smoother experience. Such features can help users navigate the complexities of identity protection with ease, offering step-by-step guidance and a clearer understanding of their security status, particularly for beginners.

Overall, while Allstate Identity Protection has a solid foundation, enhancing the user experience with more intuitive design elements and interactive tutorials could make it an even more valuable tool for safeguarding personal identity.

(Image credit: Allstate)Allstate Identity Protection: Features

The comprehensive identity protection platform, Allstate Identity Protection, provides a carefully designed suite of tools for safeguarding families and individuals against evolving identity theft and cybercrime threats. The sophisticated nature of modern fraud techniques makes having a trustworthy identity protection service essential for everyone.

The key benefit of this feature includes Identity Monitoring, which thoroughly examines multiple sources across the dark web along with public databases for your Social Security numbers, driver’s licenses, and financial account information. Through this proactive system, you receive instant alerts when your sensitive information appears anywhere without authorization. Your swift action, enabled by this system, becomes crucial to stop fraud attempts from becoming serious security threats.

The security framework of Allstate Identity Protection includes Financial Transaction Monitoring and Credit Monitoring, which provide constant oversight of bank accounts, credit cards, and credit reports through its higher-tier plans that cover all three major credit bureaus. Such monitoring features enable you to detect quickly any suspicious transactions or unauthorized account openings that indicate potential financial fraud. Through its careful approach, you can easily track your financial condition.

The restoration process for identity theft victims receives full support from Allstate Identity Protection through its Full-Service Identity Restoration service. If identity theft strikes you the company provides a dedicated Privacy Advocate to oversee the complete restoration process. The process involves working with creditors to freeze your credit and resolve any fraudulent accounts that have been opened. The expert management of identity theft recovery processes through the dedicated Privacy Advocate helps you avoid excessive emotional strain while simplifying the recovery process.

The financial security of Allstate customers is strengthened through Identity Theft Expense Reimbursement, which offers coverage exceeding $1 million based on plan selection and Stolen Funds Reimbursement benefits. These essential features protect your out-of-pocket expenses from identity theft incidents by covering legal fees and lost wages during the resolution process and financial losses from stolen funds. Such extensive financial protection ensures you will recover better from identity theft incidents.

The digital environment requires cybersecurity tools, which higher-tier plans provide as essential features that include Virtual Private Networks (VPNs), password managers, antivirus protection, and browsing safety tools. The security resources operate to defend your devices and online actions from malware attacks, phishing attempts, and data breaches, which helps decrease the chances of your information being stolen.

The Family Digital Safety features of Allstate provide web filtering, screen time management, and location tracking tools for family protection. The features prove most beneficial to parents who want to build safer digital spaces for their kids. Parents can use the system to detect cyberbullying and block inappropriate content while having better control over their children's digital activities. Many plans include Senior Family Coverage, which provides specialized support through an Elder Fraud Center because older adults face higher scam vulnerability.

Through Allstate Digital Footprint, you gain the power to see where your personal data exists across the web and how different companies use this information. The available transparency allows you to handle your privacy settings effectively, which enables you to regain control over your online presence while reducing data exploitation risks.

Allstate Identity Protection provides users with multi-layered security through its combination of monitoring and cybersecurity tools, along with expert restoration services and complete financial reimbursement to protect against identity and cyber threats in the modern world. Through Allstate, you gain peace of mind because your personal information now holds greater value than ever.

Allstate Identity Protection: The competition

Allstate Identity Protection operates within a highly competitive landscape, characterized by several strong contenders vying for market share through the provision of robust identity theft protection and comprehensive cybersecurity services. Among the most notable competitors is LifeLock, a subsidiary of NortonLifeLock. LifeLock is well-regarded for its extensive monitoring capabilities, which span across major credit bureaus, the dark web, and various personal data sources. It boasts high insurance coverage limits for stolen funds, often making it a preferred choice for consumers seeking peace of mind. Additionally, LifeLock offers expert restoration services to assist users in rectifying identity theft issues. However, potential customers should consider the pricing structure, which can become steep following introductory offers, making it essential for users to evaluate the long-term cost against the benefits provided.

Another significant player in the identity protection arena is Aura. Aura has carved out a niche for itself with a holistic, all-in-one approach to security. In addition to identity and credit monitoring, it frequently includes features such as a virtual private network (VPN), password manager, and antivirus software, delivering comprehensive protection for digital assets. A standout feature of Aura is its family plans, which can accommodate multiple adults and offer unlimited coverage for children at competitive prices, providing significant value compared to some rivals. Aura also features substantial identity theft insurance, enhancing its appeal for families and individuals alike.

IdentityForce, a company under TransUnion, is another formidable competitor, especially recognized for its advanced fraud monitoring capabilities and dedicated attention to social media risk. Their services encompass exhaustive credit monitoring across all major bureaus, along with comprehensive restoration services that help clients restore their identities. IdentityForce also places a strong emphasis on alerts and proactive measures to minimize risks, making it a wise choice for consumers who lead an increasingly digital lifestyle.

IDShield, often associated with LegalShield, distinguishes itself by offering unlimited consultations with identity theft experts and focusing on legal support in the event of identity theft. This service is particularly appealing for individuals seeking legal guidance and resolution options should their identity be compromised. IDShield is praised for its transparent pricing model and a strong emphasis on social media scanning, ensuring that clients receive vigilant protection across various digital platforms.

Other noteworthy contenders include Experian IdentityWorks. Leveraging its status as a major credit bureau, Experian provides robust credit monitoring features, giving users an added layer of assurance regarding their credit health. Identity Guard utilizes advanced artificial intelligence to deliver enhanced monitoring and alerts, hoping to proactively safeguard users against burgeoning identity theft threats.

In addition, less prominent but still viable options like ID Watchdog Premium cater to those affected by pre-existing identity theft issues, providing specialized assistance in remediation. Zander Insurance is highlighted for its affordability, providing essential identity protection services without breaking the bank.

Allstate Identity Protection: Final verdict

If your primary objective is to find the best identity theft protection app available, regardless of price, then Allstate Identity Protection may not be your top contender. However, when you consider the overall value it provides—especially with added features like social media monitoring and Dark Web oversight, along with comprehensive identity theft insurance—Allstate Identity Protection presents a compelling option.

While it might not eclipse the capabilities of industry leaders like Norton LifeLock or IdentityForce in terms of sheer strength and breadth of features, it still offers a well-rounded package that can effectively safeguard your personal information. Its focus on monitoring social media platforms allows for timely notifications in case of any suspicious activity, while its Dark Web monitoring can alert you to any potential threats lurking online. This holistic approach to identity protection is indeed noteworthy.

Moreover, Allstate Identity Protection includes identity theft insurance coverage, which adds an extra layer of security and peace of mind for users. Even if you ultimately opt for one of the more robust services, trying out Allstate Identity Protection could provide valuable insights into whether you need this type of coverage and what specific features matter most to you.

In summary, while Allstate Identity Protection may not have the power or extensive capabilities of some of its competitors, it remains an attractive option, particularly given its feature set at this price point. It’s a practical choice for individuals who value proactive monitoring and comprehensive support without breaking the bank.

We've also highlighted the best identity theft protection

In today’s fast-paced digital world, keeping your personal data safe has become super important. With information constantly being shared and stored, it’s essential to take steps to protect your sensitive info. Thankfully, some pretty cool tools have popped up to help with this.

One of the standout options is data removal services, which are great for getting your personal information off the radar of data brokers—those companies that scoop up personal info and sell it without you even knowing. These services can give you peace of mind, knowing that your data is less accessible to anyone who shouldn’t have it.

Surfshark, known for its VPN services, also has a neat offering called Incogni. This service helps you remove your data from data brokers—a task that would take forever if you tried to do it yourself, given how many databases are out there.

• Sign up to Incogni

Incogni: What is it?

In addition to using basic cybersecurity tools like a VPN and antivirus software, adding a data removal service to your digital safety toolkit can give you more comprehensive protection. These services do a great job of tracking down and eliminating your personal data from various places. You might be surprised to learn how many companies have your information, and data removal services help you take control of your privacy.

The whole process usually involves searching for your data across different data broker platforms, figuring out what companies have it, and then asking them to remove it. Data removal services make this a lot easier and quicker since they automate much of the work. With their expertise, you can be confident that your data is getting scrubbed from as many sources as possible.

It’s worth mentioning that while data removal services are effective, they can’t completely wipe your info from the internet. Once your data is out there, it can be tough to get rid of it entirely. However, these services help reduce how exposed your data is, making it harder for unauthorized people to access it.

By taking action to safeguard your data, you're stepping up your identity theft protection and lowering the chances of financial fraud and other online threats. Data removal services are a powerful way to protect your privacy and personal info, helping you manage your digital footprint.

And it doesn’t stop at just removing your data; the ongoing battle is making sure it doesn't come back. Incogni continues to scan various databases to look for your name and personal details. When it finds your info, it steps in to get it removed, so it stays off these platforms.

• How we test, review and rate on TechRadar

(Image credit: Incogni)Incogni: Pricing and plans

Incogni offers a variety of pricing options for its data removal service, catering to both individuals and families who seek different levels of privacy protection. For individuals, the service provides a **Standard plan** that can be purchased either monthly or annually. The monthly Standard plan is typically priced around $16.58, but for those looking to save, the annual plan brings the effective monthly cost down to approximately $8.29, billed as $99.48 per year.

For users requiring a more comprehensive level of data removal, Incogni has an **Unlimited plan**. This plan is primarily available as an annual subscription for about $14.99 per month, totaling $179.88 annually. The Unlimited plan allows for custom removal requests from sites that may not be covered by the standard service, offering an enhanced layer of privacy.

On the family side, Incogni provides specific plans designed to accommodate multiple users. The **Family Standard plan** covers up to five individuals and is priced at around $32.98 monthly, or approximately $16.49 per month when billed annually (totaling $197.88 per year). For families seeking the most extensive coverage, the **Family Unlimited plan** is available, offering custom removal requests for all members at a cost of approximately $29.99 per month, billed as $359.88 annually.

All plans generally include automated removals from over 270 data brokers, 24/7 support, and come with a 30-day money-back guarantee, ensuring users can try the service risk-free. Additionally, Incogni can be obtained as part of the Surfshark One+ bundle, which may provide even more cost-effective pricing when combined with other cybersecurity tools. Whether you are an individual or part of a family, Incogni has flexible options to help protect your privacy online.

• The best VPN service in 2025

(Image credit: Incogni)Incogni: Basic features

Continuously gathering information about individuals, data brokers scour the internet, social media, and public sources like property record databases or alumni databases for names with addresses or graduates from specific institutions.

Data brokers gather and compile personal information to create individual profiles, aiming to sell this information for various purposes. While some data collection serves legitimate purposes, such as credit checks, this practice also raises concerns about the potential misuse of this data. Nefarious actors, such as hackers, may exploit this vulnerability and compromise sensitive information, posing significant risks to individuals.

Incogni is a cutting-edge privacy protection service that empowers individuals to take control of their personal data and safeguard their online privacy. At the core of Incogni's service is an exhaustive list of data broker databases. These data brokers collect and aggregate vast amounts of personal information from various sources, including public records, social media platforms, and online activities.

Incogni's comprehensive database of data brokers ensures that individuals can identify all entities that possess their personal information. This is a crucial first step in the process of data removal, as it allows individuals to target their efforts and focus on the specific data brokers that hold their information.

Recognizing the overwhelming task of manually navigating the complex and time-consuming process of data removal, Incogni provides a user-friendly data removal tool. This tool is designed to streamline the data removal process by automating many of the steps involved. With Incogni's tool, individuals can easily identify the data brokers that have their information, initiate the data removal process, and track the progress of their requests.

Incogni's data removal tool is designed to be intuitive and accessible, even for individuals who are not particularly tech-savvy. The tool guides users through the process step-by-step, providing clear instructions and prompts. It also offers personalized recommendations based on the specific data brokers that have the user's information.

By leveraging Incogni's exhaustive database of data brokers and user-friendly data removal tool, individuals can save hundreds of hours of work that would typically be required to remove their information from these databases manually. Incogni empowers individuals to take control of their personal data, protect their privacy, and minimize the risk of identity theft and other online threats.

To delve in deeper, Icogni uses laws such as the California Consumer Privacy Act of 2018 (CCPA) and the General Data Protection Regulation (GDPR), an EU law also from 2018, along with other privacy laws that apply to the location in question to compel data brokers to act.

Incogni initiates the data removal process immediately upon joining, sending out requests on day one. Within a week, they begin receiving responses. During the first month, the majority of these removal requests are processed. Subsequently, they periodically review and follow up on outstanding requests to ensure the complete removal of data.

Users enjoy the convenience of receiving weekly updates, a feature that distinguishes this service from others that provide less frequent updates, such as monthly or quarterly intervals.

• The best web browser in 2024

(Image credit: Incogni)Incogni: Using Incogni

Using Incogni proved to be a user-friendly and straightforward process. Upon creating an account, the service promptly initiates a comprehensive scan across the web to identify your personal data. Subsequently, it presents you with a clear overview of data removal requests being initiated on your behalf.

The online dashboard is straightforward, displaying essential information such as the total number of requests. While the service collaborates with 180 data brokers, this number, while significant, falls short of its competitors' extensive networks.

Upon registering with most data removal services, the initial excitement wanes as the process unfolds. Incogni, like many others, requires users to patiently wait while it scans the web, sends data removal requests, and awaits responses. While waiting, the company does provide insights into the types of data held by each broker.

It's essential to acknowledge that data brokers may operate at a slower pace, which can make Incogni (and other data removal services) appear sluggish. However, there is no need for concern, as the process is ongoing, and positive results should be evident within a few weeks or months.

• 4 ways oversharing on social media puts your privacy at risk

(Image credit: Incogni)Incogni: Support

While Incogni provides direct and self-help support options, we believe that enhancing both services would greatly improve the user experience.

On the direct side of things, we did not seem to be able to find a phone number, fax, snail mail address, or online chat box. Rather, there is an option for direct communication via an email address, support@incogni.com, and it is indicated that users should expect a response in 24 hours. Alternatively, there is a support portal for those that prefer that method.

On the website, there is a blog with some general information. We also located a Knowledge Base, which can be searched to get to various topics. We also found some opt out guides, such as how to remove your information from numerous people search finders. However, you don’t need to sign up for anything to take advantage of using the op out guide.

• Best firewall software of 2024

Incogni: The competition

Incogni operates in a competitive landscape of data removal services, all aimed at helping individuals reclaim their digital privacy by removing personal information from data broker websites. Here’s an overview of some of its main competitors and what distinguishes them:

DeleteMe: Often regarded as one of Incogni's strongest rivals, DeleteMe has been in the data removal industry since 2010. Its key differentiator is a hybrid approach that combines automated processes with human agents to handle removal requests. While DeleteMe advertises coverage of over 750 data brokers (including many custom requests), Incogni generally covers more brokers automatically. Additionally, DeleteMe offers privacy tools like email and phone masking, but Incogni tends to be more affordable, particularly with its annual plans. Incogni also provides unlimited custom removals with its higher-tier plan, while DeleteMe limits custom requests.

OneRep: OneRep primarily focuses on people-search sites and has developed a robust methodology for scanning these platforms to locate specific profiles and verify removals. While Incogni offers broader international coverage, OneRep is currently limited to U.S. residents. OneRep provides a free scan and a 5-day free trial, which Incogni does not offer, although Incogni does have a 30-day money-back guarantee. There have been concerns raised about OneRep's data handling practices and the founder's past connections to data broker sites.

Optery: Optery distinguishes itself with extensive coverage of data brokers, often listing hundreds more than Incogni. It provides greater transparency by auto-generating links and screenshots of where your data is exposed, which Incogni does not do for all removals. Optery also has a free plan that performs an initial scan, while Incogni does not offer this feature. However, Incogni typically covers more non-public data brokers, such as those in marketing, recruitment, and risk mitigation, whereas Optery focuses more on publicly searchable people-search sites.

Aura: Aura is another strong competitor, often bundled with identity protection services. It offers data removal services at very affordable prices, sometimes starting at a lower cost than Incogni, and includes extras like a VPN and antivirus. However, Aura may not provide as much detail on individual removal requests compared to Incogni.

Privacy Bee: Privacy Bee provides comprehensive data removal with extensive data broker coverage and features like dark web monitoring and the ability to blur your house on public maps (available with higher-tier plans). Despite its large coverage, Incogni is generally more affordable and fully automated, while Privacy Bee may require some user input. Privacy Bee primarily targets U.S. customers, whereas Incogni has a wider international reach.

In summary, while Incogni excels in its automated processes, broad data broker coverage (including many non-public brokers), and affordability, its competitors often differentiate themselves through human oversight in removals, more transparent reporting of discovered data, additional privacy tools, or a greater focus on specific types of data brokers (such as people-search sites). The best choice often depends on an individual's specific needs, budget, and desired level of involvement in the data removal process.

• Best broadband deals right now

(Image credit: Incogni)Incogni: Final verdict

Incogni offers a compelling and robust service for individuals looking to take control of their online privacy. With an annual subscription that includes a significant discount, users can enjoy substantial savings while gaining access to comprehensive privacy protection. The platform not only provides weekly updates on data removal efforts, ensuring that users are informed about the progress made on their behalf, but it also comes with a reassuring 30-day money-back guarantee, allowing potential customers to explore the service risk-free.

One of the standout features of Incogni is its effective data removal capabilities. The service is designed to help users eliminate their personal information from various data broker sites, which is crucial for those wishing to enhance their online anonymity. In an age where data privacy concerns are at an all-time high, such features can significantly reduce the risk of identity theft and unwanted solicitations.

However, it's worth noting that Incogni does not offer a free trial, which might deter some potential customers from exploring its features. Additionally, while the support infrastructure is functional, there is room for improvement in terms of responsiveness and the resources available to users seeking assistance.

Overall, despite some minor drawbacks, Incogni proves to be an effective and competitively priced solution for anyone who prioritizes their data privacy. For those serious about safeguarding their personal information, Incogni is definitely worth considering.

Sign up to Incogni

• AI job losses are inevitable, but new innovations will curb the effects, Nvidia CEO Jensen Huang says
• Huang has been warned by senators before an upcoming trip to China
• US tech should 'set the global standard' Huang argues

It’s long been prophesied AI will lead to mass unemployment, with several CEOs and tech leaders warning AI will wipe out millions of jobs, and firms such as Microsoft laying off thousands of workers whilst bringing in new AI productivity tools.

Now, Jensen Huang, CEO of chip manufacturer and AI firm Nvidia, offered his (slightly stale) perspective. In an interview with CNN, Huang essentially passes job protection responsibilities over to business leaders, claiming; “If the world runs out of ideas, then productivity gains translates to job loss.”

“Everybody’s jobs will be affected. Some jobs will be lost. Many jobs will be created and what I hope is that the productivity gains that we see in all the industries will lift society,” Huang said.

Bipartisan warnings

Huang’s authority on AI is significant too, thanks to Nvidia's power in the market. The company's GPUs remain one of the most influential tech products in the world, and are largely powering AI development across the world - including in China, which is spooking some US politicians.

Huang recently received a warning written by Republican Senator Jim Banks and Democratic Senator Elizabeth Warren, Reuters reports, which advised against meeting with Chinese companies, arguing this could, “legitimize companies that cooperate closely with the Chinese military or involve discussing exploitable gaps in U.S. export controls”.

A Nvidia spokesperson saidUS technology will ‘set the global standard’ and that ‘America wins’ - with China being one of the largest software markets in the world, adding that AI software "should run best on the U.S. technology stack, encouraging nations worldwide to choose America”.

That being said, Huang has recently argued Chinese military branches will avoid using US technology because of the associated risk; “it could be, of course, limited at any time” he argued, “they simply can’t rely on it”.

He added how Chinese military services, which are already developing powerful tools, “don’t need Nvidia’s chips, certainly, or American tech stacks in order to build their military.”

This comes in response to growing concerns that Chinese companies and military agencies will use US tech to enhance capabilities.

Increasingly harsh restrictions have limited China’s access to top AI technologies, aimed at curbing China’s tech and AI advancement - but concerns remain about the threat to US national security should China use US companies to develop its capabilities.

You might also like

• Take a look at our picks for the best AI tools around
• Check out our choice for best antivirus software
• China has spent billions of dollars building far too many data centers for AI and compute

• Huawei has won a contract to provide digital storage for the Spanish Government
• The Chinese tech giant will store and classify court-ordered wiretaps
• This contrasts other western states that now largely avoid Huawei, and Chinese tech

Any Spanish government wiretaps carried out by law enforcement agencies will soon be managed by Chinese telecom giant Huawei thanks to a recently-won contract.

The €12.3 million contract was awarded to Huawei after a standard public procurement procedure - and the contract includes digital storage of judicially-ordered wiretaps, reports The Objective.

Huawei will supply its own high performance storage servers, OceanStor 6800 V5 for the project, which will store and classify intercepted communications and data collected through state agencies.

Mixed messages

Sectors of the National Police in Spain have grown uneasy with Huawei’s involvement in sensitive systems, with sources expressing concern over strategic inconsistencies regarding China and the state’s access to data and a potential threat to national security.

Huawei points out that no backdoor has ever been identified within its telecommunications equipment, and the company asserts that it would not answer CCP requests for intelligence, nor would its equipment be used to spy (unless you count government wiretapping contracts).

Spain’s PM Pedro Sánchez has been one of the least combative towards Huawei’s presence, with Spain remaining a close partner within the EU for the company - holding several contracts with public administrations.

Interestingly enough though, the recent procurement comes in contrast to Spain’s de facto banishment of the Chinese telecom giant from all critical infrastructure, having reduced Huawei’s presence in the 5G cores of the largest three Spanish operators to 0%, according to Euronews.

European and American governments have been increasingly distancing themselves from Chinese technology firms in recent months, primarily citing national security concerns and the threat of exfiltrated data.

An ongoing trade war between the US and China has seen firms on both sides cut off from the opposing market, with market leaders like chipmaker Nvidia saying US tariffs mean it faces a multi-billion dollar hit.

You might also like

• Take a look at our picks for the best malware removal software around
• Check out our choice for the best antivirus software
• Spyware combing for data 'of use to China' hidden inside religious and cultural apps

I can't click away from this hands-on experience of Macintosh design history.

• Iran's Information Technology Organization is seeking new cloud computing providers
• Bidders will be evaluated, graded and then tanked for suitability
• Other regions are also modernizing tech stacks

The Iranian government is apparently seeking cloud computing suppliers as it bids to rebuild its tech stack.

The nation has announced plans to evaluate, grade and rank cloud providers to determine which would be the best suit for hosting key government services, with plans to form a panel of at least three qualified cloud operators deemed fit for purpose.

The Information Technology Organization of Iran (ITOI) is now set to assess potential cloud providers based on three different standards – ISO 27017 (cloud security controls), ISO 27018 (protection of personally identifiable information), and NIST SP 900-145, which relates to US cloud computing definition.

Iran is welcoming bids for its next big cloud provider

Iran's adoption of NIST standards might be surprising given the country's ongoing tensions with the US, but its recognition of these well-regarded standards is good news for the security of citizens' data.

ITOI is now inviting providers offering IaaS, PaaS or SaaS, as well as private, public, hybrid or community cloud models.

Services like security, monitoring, support and cloud migration are also being welcomed under the new scheme, with successful candidates to be awarded a cloud service rating certificate, ultimately leading them to be listed as authorized providers that could be in for a chance of major Iranian government contracts.

However, the process might not be so simple for the Iran – many countries have made it illegal to do business with Iran, or have imposed major restrictions.

Nevertheless, Iran's efforts to modernize its tech stack reflects an ongoing trend across the world, with many other regions looking to diversify. European countries are beginning to seek local or open-source alternatives to the likes of Microsoft, while the US government continues to drive forward a scheme designed to save considerable cash on IT contracts via centralized, mass purchasing.

Via The Register

You might also like

• We've listed the best free office software
• Google Cloud set to offer US Government some major discounts
• Support your workers by giving them access to the best productivity tools

The EU is America's biggest business partner and the world's largest trading bloc. The U.S. decision will have repercussions for governments, companies and consumers on both sides of the Atlantic.

(Image credit: Omar Havana)

• Security researchers from University of Toronto warn on Rowhammer flaw
• Older GPUs seem to be vulnerable
• Nvidia urges users to update as soon as possible

Nvidia is urging users to apply mitigations it provided against so-called Rowhammer attacks after new research confirmed their potential to cause serious and stealthy hardware-level compromises.

Rowhammer is an exploit of a vulnerability in dynamic RAM (DRAM), where repeatedly accessing (or "hammering") a row of memory can cause bit flips in adjacent rows. As a result, threat actors could bypass security boundaries, triggering privilege escalations, data tampering, or even denial-of-service states.

Although this is a hardware-level issue, software-based techniques can trigger and weaponize the flaw remotely.

Newer GPUs are safe

Although known for more than a decade, Rowhammer attacks have first been exploited in 2018, and even then - very rarely and in limited capacity - mostly due to their complexity and hardware dependencies.

However security researchers Chris (Shaopeng) Lin, Joyce Qu, and Gururaj Saileshwar, from the University of Toronto recently published new research demonstrating the practical use of the flaw:

"We ran GPUHammer on an NVIDIA RTX A6000 (48 GB GDDR6) across four DRAM banks and observed 8 distinct single-bit flips, and bit-flips across all tested banks," the researchers said. "The minimum activation count (TRH) to induce a flip was ~12K, consistent with prior DDR4 findings."

"Using these flips, we performed the first ML accuracy degradation attack using Rowhammer on a GPU."

The “ML accuracy degradation attack” means Rowhammer was used to degrade machine-learning model accuracy, from the usual 80% down to a depressing 1%, using a single bit flip.

Nvidia has urged users to activate the System Level Error-Correcting Code mitigation, which protects against Rowhammer on GDDR6 devices. The mitigation works by adding redundant bits and correcting single-bit errors, maintaining data reliability and accuracy.

The list of affected GPUs is rather extensive, and besides the RTX A6000, includes multiple Blackwell, Volta, and Turing products.

The full list can be found on this link - but newer GPUs come with built-in protection, Nvidia said.

Via BleepingComputer

You might also like

• Modern memory chips increasingly vulnerable to this physical hacking technique
• Take a look at our guide to the best authenticator app
• We've rounded up the best password managers

The Justice Department's Office of the Inspector General found widespread abuse of shackles in federal prisons. One prisoner was held in restraints so tight that he had to have a limb amputated.

Review: The Fujifilm X-E5 follows the winning formula of its X100VI compact camera but adds the flexibility of interchangeable lenses -- and it might just be the ultimate travel companion.

Trump will meet with NATO's secretary-general to discuss the Russia-Ukraine war as his frustrations grow over the conflict. And, the president says the European Union and Mexico will face 30% tariffs.

(Image credit: STR)

Climate change is increasing the risk of dangerous floods. But people often balk at the cost of flood insurance, especially since many doubt they need protection.

(Image credit: Ronaldo Schemidt)

Shockbyte has been around since March 2013 and has grown from strength to strength in this time. Below, you'll find our full overview of how good Shockbyte is. Its mission statement has been to offer “premium services at unbeatable prices'' and it mostly meets those ambitious goals.

The Australian-based company is now one of the longest-running Minecraft server hosting providers. It's best known for its Minecraft offerings which is what we reviewed here, but it also provides servers for games like Project Zomboid, ARK: Survival Evolved, Rust, and many more.

It offers many server locations scattered around the world, including North America, Europe, and Asia, so there's something for everyone here. It also provides 24/7 customer support as standard, 100% uptime, full FTP access, and support for seemingly every mod you can think of. Shockbyte sounds pretty irresistible on paper. With an eye on whether it could be one of the best Minecraft hosting providers, here’s how we found the Shockbyte experience from setup to playing on the server.

Shockbyte has 12 different Minecraft-themed plans to choose from (Image credit: Shockbyte)Plans and pricing

Shockbyte offers 12 different plans, plus a custom plan if you have specific needs. All the plans offer 24/7 customer support, 100% uptime, full FTP access, DDoS protection, and full mod support. Where plans differ is how much RAM they offer as well as the number of player slots. There’s good variety here with the option to upgrade any time as needed. To help customers know what to buy starting out, Shockbyte also has a few recommended plans for certain needs such as best for modding or the latest version.

The cheapest plan is the Dirt plan with 1GB RAM and 8 player slots at $4 per month. That ramps up to the Titan plan at $64 per month with 16GB of RAM and unlimited player slots with a 300 recommendation. Discounts are available for committing to quarterly, six monthly, or annual plans.

Such a discount means the Dirt plan drops to just $24 for the year which works out as excellent value for teaming up with your mates on a private server. All servers use NVMe SSDs with unlimited disk space and bandwidth. Deciding which plan to buy mostly comes down to how many players you expect to play at once and RAM considerations.

Shockbyte offers a 72 hour refund policy so there’s just enough time to test things out if you’ve made a mistake with your needs. Payment is accepted via credit or debit card along with PayPal and Paymentwall methods. While signing up, you can choose to add on a preferred location, purchase a dedicated IP, and arrange server management options, all for a fee. That means the price can increase a fair bit depending on what you need with features like a dedicated IP costing $5 per month while server management costs $15 per month. While the cost can ramp up, at least it’s fairly clearly laid out so you always know what you’re paying for and why.

(Image credit: Minecraft)Ease of use

Starting out with a Minecraft server with Shockbyte is pretty speedy. Once you wrap up the purchasing process, you’re given two username/password combos. One is for the client side of things while the other is for the control panel. Access to the latter can then be shared with other users who you want to have control over things, although you’ll need to get in touch with support to get it set up.

The opening part of the control panel has you able to choose the server type you want. A near never ending choice of Bedrock or Java server types are available with recommendations highlighted.

On the left hand side is the more complex set of options as well as the best ways to monitor your server. Chat and console are fairly self explanatory with the latter a good way of dipping in to check all is well.

Dive into the Files section and that’s where things get a little more complicated. The Config Files section offers server settings such as if you want to set up whitelisting, change the game mode or difficulty, as well as disable or limit various settings. It’s clearly laid out with drop-down boxes allowing you to quickly change things. The responsiveness is fast with the majority of actions not requiring a server restart although Shockbyte recommends doing so once a day.

(Image credit: Shockbyte)

If you want to add any modpacks or plugins, the Shockbyte interface is simple to use. There are a lot of plugins to choose from while you can use full FTP access to add anything that hasn’t already been thought of. Again, adding from the plugin list is straightforward and takes moments. It’s all designed in a way that makes the process as simple as possible, even if you don’t have prior server admin experience.

For those users who do have more advanced experience, there’s an appropriately titled Advanced tab too. Here, you can set up commands, scheduled tasks, add additional ports, startup parameters and MySQL databases. It’s reasonably comprehensive stuff that means Shockbyte is fairly good at catering for both novice users that simply want the basics right up to those who know exactly what they’re doing.

You can set up your Minecraft server using Shockbyte's custom control panel (Image credit: Shockbyte)Speed and experience

Shockbyte offers servers across Europe, North America, Singapore and Australia, with the latter two requiring an additional payment each month. The Minecraft server I used was based in Europe, much like myself, and I found the ping to be pretty reliable. A steady 30-35 ping meant no issues with lag and that continued while adding players to the server.

As promised by Shockbyte, there was no downtime either with the Minecraft server always ready to go. It’s a reliable force for regular players.

During my time playing on the server and gathering together some friends, the experience didn’t dip in quality. Daily restarts and not cramming the server with mods and plugins is sure to help here but as a general, standard Minecraft experience, it works well out of the virtual box. That’s also where the level of ease involved in adding or removing mods, as well as simply restarting the server certainly helps keep things ticking along healthily.

(Image credit: Minecraft)Support

Support is two-fold with a ticketing system and extensive tutorials. The tutorials are the true standout here. It feels like there’s a YouTube video for literally everything you could possibly need while setting up a Minecraft server. A full playlist is available or you can dip in for individual queries. Each tutorial is clearly laid out and no longer than it has to be. Whether you simply need guidance on which server type to choose from or you want to set spawns, manage whitelists, or learn how scheduled tasks can benefit you, it’s covered here with no padded out filler.

It’s a truly useful resource with things backed up by a Knowledge Base which answers many queries, followed by direct support. When I contacted support by sending off a ticket, I was impressed to get a response within an hour. The follow up, however, took a fair while longer. Cynically, paying helps. It’s possible to pay $3 to bump your ticket to the front of the queue which feels a little unsavoury but on the other hand, Shockbyte is pretty cheap elsewhere.

Talking of payments, it’s also possible to pay $15 per month for the company to manage your server including controlling and setting up mods and plugins. With the many tutorials available, it’s hardly necessary for most people but it could be useful when starting out.

Shockyte's knowledgebase has plenty of helpful tutorials and the company's YouTube channel also provides a wealth of videos to help you get started (Image credit: Shockbyte)Final verdict

Shockbyte is an excellent value way to snap up a Minecraft server that isn’t much hassle to set up and maintain. Ideally suited for novices but also anyone who wants to keep costs down, you can get straight on with setting up your Minecraft server pretty quickly, right down to installing some mods or plugins without having to delve too deeply.

Where things falter is a bit, is the added costs and occasional support quibbles. A little inconsistent with speed isn’t a dealbreaker for everyone when it comes to needing assistance from support and the YouTube videos certainly help, but if you run into a major problem, feeling obliged to pay an extra $3 will grate.

Similarly, added costs for features like a dedicated IP or server management are transparent but something to be aware of when totting up the actual price you’ll be paying.

Neither of these issues will affect everyone though and for the most part, Shockbyte works well. Its 100% uptime and speedy servers mean you and your mates will easily be able to join in at any time without any problems. It fits nicely into that ‘it just works’ mentality that everyone appreciates about technology. It also makes the process far more accessible than server management ever was in the past.