12 C
New York
Thursday, March 20, 2025
Home Blog Page 3779

Over-the-Air Updates, a Comparability – CleanTechnica

codesanitize
-
0
Over-the-Air Updates, a Comparability – CleanTechnica


Join day by day information updates from CleanTechnica on electronic mail. Or comply with us on Google Information!

When is a automotive not only a automotive? When it’s an EV with over-the-air updates. Electrical autos usually are not simply transport from A to B, they’re related computer systems on wheels. As new electrical autos enter the Australian market, customers want to pay attention to extra than simply drivetrain guarantee, but additionally connectivity and ease of updates. Is your automotive “future proof?” I believed it is likely to be price trying on the three high promoting EVs at present available on the market in Australia — Tesla, BYD, and MG.

Connectivity and over-the-air (OTA) updates have gotten as vital as air con and entry to music. A few of us can bear in mind when most automobiles didn’t have AC or a radio!

I purchased my Tesla Mannequin 3 with the concept that I might preserve it until I finished driving. We had beforehand owned 3 automobiles on the identical time, an computerized Hyundai Sonata, a guide 4-speed Hyundai Accent, and my toy automotive, a 1964 Wolseley (George). I discovered it traumatic to alter between the automobiles and was joyful to scale back to 1 automotive in retirement. Then, I found over-the-air updates! After a few of these annoying interruptions, I really feel like I’m driving a special automotive yet again.

Over-the-Air Updates, a Comparability – CleanTechnica
George didn’t get over-the-air updates. Picture courtesy of Majella Waterworth.

A lot of the updates, which obtain when the automotive is parked within the storage or our driveway, solely make minor changes — changes to issues we didn’t know we had. Others make important enhancements. Like an early replace to our battery administration software program which elevated out vary from 320 km to 340 km. Appeared like plenty of vary 5 years in the past.

Majella is enamoured with the infotainment updates supplying karaoke to sing together with the grandkids and Spotify to allow them to take heed to songs now we have by no means heard earlier than by artists we didn’t know existed. They get sick of Abba and the Beatles. Our newest replace has even given us entry to native climate info on the display and mum or dad controls for many who have younger drivers. Now not an issue for us. We will additionally see non-Tesla chargers after we navigate to elements unknown.

She likes the truth that visitors lights now present up within the improved animation on the correct aspect of the display. The enlarged fonts make it simpler for previous eyes to learn. She finds it annoying when a display icon disappears into the menu — just like the tyre info. The regen info has moved additionally, and is tougher to learn. It migrated from the highest of the display to the aspect of the display.

As I don’t personal or drive Australia’s second highest promoting electrical automobile model, BYD, I reached out to one in every of my correspondents for his take.

Over the Air Updates
BYD now has OTA updates. Picture courtesy of Majella Waterworth.

“Over-the-air updates are an attention-grabbing a part of the possession of the BYD merchandise. Within the early phases these updates have been managed and accomplished at chosen service centres, with among the MyCar service centres additionally in a position to full the updates. Because the model has grown, so too has the help provided by BYD with ‘Over the Air’ updates accessible for proprietor set up.

“BYD will notify house owners of the upcoming replace after which it’s a easy matter of ready in your automobile to be issued with the replace discover, giving entry to the replace. Updates are rolled out progressively, which means generally you need to be affected person and wait your flip. When the replace is prepared in your automobile, simple to comply with directions are displayed on the knowledge display once you begin the automotive.

“Comfort is the important thing right here, so if it’s not an acceptable time to finish the obtain, the choice to delay and re-schedule the obtain makes the method obtainable at a time to swimsuit the proprietor. These directions will present the replace identifier in addition to a short description of what’s going to be included, time required for the replace to obtain, and easy to comply with directions. Updates could also be accomplished at residence or while the automotive is securely parked. So long as there’s a sound Wi-Fi connection and ample time, you’re good to go.

“There have been loads of studies on social media platforms concerning updates, and a few house owners have skilled just a few minor points with the downloads. Nonetheless, the updates are an environment friendly and handy means to deal with minor points. Often a perform you want could also be changed with one which isn’t fairly the identical as you have been used to. One in all these is the pedestrian warning sound. That perform was silenced however has since (or will quickly be) re-activated in a menu choice in one other replace.

“BYD does take heed to buyer issues with their autos, and the place attainable, will deal with these (the place justified) via over the air updates. It does take time to deal with these issues and to develop and check the updates earlier than releasing to the house owners. No level resolving one difficulty and creating one other within the course of. If an proprietor has ongoing points with or from an replace, they need to contact their native BYD Service Centre.”

Over the Air Updates
MG doesn’t have OTA, but! Picture courtesy of Majella Waterworth.

My pal who drives an MG4 loves the automotive, however finds the vendor backup for updates fairly irritating. He has to take his automobile to the vendor in a regional Queensland metropolis the place he lives. Nonetheless, there aren’t any notifications re: updates. He tells me that on the Fb MG teams there was “fairly the dialogue” about updates, with blended views on sellers’ talents and curiosity in offering them. He tells me that he has heard of a latest replace concerning one-pedal driving, safe-distance driving, and navigation. It’s proposed that this replace be finished on the 40,000 km “first service.” He expects that there will likely be many updates ready for his automotive by then — in about a few years!

One other Tesla driver took his daughter’s MG4 in for its replace and repair. He needed to drive 150 km to a different metropolis to take it again to the dealership and wait all day. The MG was not plugged in throughout the replace course of and on the time of choose up didn’t have sufficient cost to get him residence. He needed to keep in a single day in Gladstone. “The inconvenience of going to a vendor is the principle difficulty plus lack of notification,” he tells me.

One other diver in regional Queensland has simply bought a Volvo EX30 in Brisbane. “He can get OTA updates. Good factor. as the closest Volvo vendor could be very distant … I needed to encourage him to activate one pedal driving!”

In search of additional responses, I reached out to the EV group through the Australian Electrical Automobile Queensland Fb web page. “I can inform you about Kona. None.” The 2019 Ioniq proprietor agreed. A 2024 Hyundai Kona proprietor chipped in: “We have now had a few OTA updates already within the first month for the 2024 Kona over the 4G SIM.”

From an skilled Polestar driver through electronic mail: “Polestar consists of 4yrs (I feel) of 4g connectivity with the automotive in Australia so the OTAs are delivered over the cellular community (some individuals do join their automobiles to residence wifi when parked however personally I don’t suppose it makes a lot of a distinction). There isn’t a value for the OTA updates. It downloads within the background, often once you go for a good drive. You get the ‘offended cloud’ icon within the notification space of the display. When you get that, you select when to put in it. You possibly can select instantly (which is able to then set up once you park up and lock the automotive — you’re suggested to not use the automotive for 90 minutes), or since an improve late final yr, you may schedule it. I often schedule for in a single day, 2am or one thing.”

Over the Air Updates
OTA notification on Polestar display. Picture courtesy of Wayne Moore.

“Generally when a brand new replace is launched, it is just obtainable via a dealership go to initially. I feel that is their approach of monitoring the early updaters earlier than releasing it to the lots. This particularly occurs with a significant model launch.

“You possibly can view the software program replace change log right here. For those who have a look at the log, you may see some important updates, together with delivering Apple CarPlay, updates to cruise management and Pilot Help performance, enhancements to warmth pump effectivity, updates to pre-conditioning together with switching on the steering wheel heater when the temp will get under 10°C (I used to be glad of this one not too long ago, even in QLD), enhancements to controlling charging (scheduling, setting the present restrict from the app, and many others.), effectivity enhancements, and making driving at low speeds smoother.

“Usually, the Polestar group is at all times eager to see updates. They get introduced and often are already obtainable on the dealerships (as a lot as Polestar has dealerships) and Volvo, then we’re often ready for the primary OTAs to land.”

Due to this huge vary of choices throughout automobile manufacturers, first time EV patrons have to ask the correct questions after they buy their automotive. And hope the salespeople have the correct info. As our EVs get incrementally higher each few months, the longer term is trying vivid, electrical, and related.

Have a tip for CleanTechnica? Wish to promote? Wish to recommend a visitor for our CleanTech Speak podcast? Contact us right here.

Newest CleanTechnica.TV Movies

Commercial



 

CleanTechnica makes use of affiliate hyperlinks. See our coverage right here.

CleanTechnica’s Remark Coverage



File add API server in Vapor 4

codesanitize
-
0
File add API server in Vapor 4


Discover ways to construct a quite simple file add API server utilizing Vapor 4 and URLSession add process on the consumer facet.

A easy file add server written in Swift

For this easy file add tutorial we’ll solely use the Vapor Swift bundle as a dependency. 📦

// swift-tools-version:5.3
import PackageDescription

let bundle = Bundle(
    identify: "myProject",
    platforms: [
       .macOS(.v10_15)
    ],
    dependencies: [
        .package(url: "https://github.com/vapor/vapor", from: "4.35.0"),
    ],
    targets: [
        .target(
            name: "App",
            dependencies: [
                .product(name: "Vapor", package: "vapor"),
            ],
            swiftSettings: [
                .unsafeFlags(["-cross-module-optimization"], .when(configuration: .launch))
            ]
        ),
        .goal(identify: "Run", dependencies: [.target(name: "App")]),
        .testTarget(identify: "AppTests", dependencies: [
            .target(name: "App"),
            .product(name: "XCTVapor", package: "vapor"),
        ])
    ]
)

You possibly can setup the mission with the required information utilizing the Vapor toolbox, alternatively you may create the whole lot by hand utilizing the Swift Bundle Supervisor, lengthy story quick, we simply want a starter Vapor mission with out further dependencies. Now in the event you open the Bundle.swift file utilizing Xcode, we will setup our routes by altering the configure.swift file.

import Vapor

public func configure(_ app: Utility) throws {

    /// allow file middleware
    app.middleware.use(FileMiddleware(publicDirectory: app.listing.publicDirectory))

    /// set max physique measurement
    app.routes.defaultMaxBodySize = "10mb"

    /// setup the add handler
    app.publish("add") { req -> EventLoopFuture in
        let key = attempt req.question.get(String.self, at: "key")
        let path = req.utility.listing.publicDirectory + key
        return req.physique.acquire()
            .unwrap(or: Abort(.noContent))
            .flatMap { req.fileio.writeFile($0, at: path) }
            .map { key }
    }
}

First we use the FileMiddleware, this can enable us to server information utilizing the Public listing inside our mission folder. In case you don’t have a listing named Public, please create one, because the file add server will want that. Don’t neglect to offer correct file system permissions if needed, in any other case we received’t be capable to write our knowledge contained in the listing. 📁

The following factor that we set is the default most physique measurement. This property can restrict the quantity of knowledge that our server can settle for, you don’t actually wish to use this methodology for giant information as a result of uploaded information will probably be saved within the system reminiscence earlier than we write them to the disk.

If you wish to add giant information to the server it is best to think about streaming the file as an alternative of gathering the file knowledge from the HTTP physique. The streaming setup would require a bit extra work, nevertheless it’s not that sophisticated, if you’re all in favour of that answer, it is best to learn the Information API and the physique streaming part utilizing official Vapor docs website.

This time we simply desire a useless easy file add API endpoint, that collects the incoming knowledge utilizing the HTTP physique right into a byte buffer object, then we merely write this buffer utilizing the fileio to the disk, utilizing the given key from the URL question parameters. If the whole lot was executed with out errors, we will return the important thing for the uploaded file.

File add duties utilizing the URLSession API
The Basis frameworks provides us a pleasant API layer for frequent networking duties. We will use the URLSession uploadTask methodology to ship a brand new URLRequest with a knowledge object to a given server, however IMHO this API is sort of unusual, as a result of the URLRequest object already has a httpBody property, however you need to explicitly go a “from: Knowledge?” argument once you assemble the duty. However why? 🤔

import Basis

extension URLSession {

    func uploadTask(with request: URLRequest, completionHandler: @escaping (Knowledge?, URLResponse?, Error?) -> Void) -> URLSessionUploadTask {
        uploadTask(with: request, from: request.httpBody, completionHandler: completionHandler)
    }
}

Anyway, I made just a little extension methodology, so after I create the URLRequest I can set the httpBody property of it and safely go it earlier than the completion block and use the contents because the from parameter. Very unusual API design alternative from Apple… 🤐

We will put this little snippet right into a easy executable Swift bundle (or after all we will create a whole utility) to check our add server. In our case I’ll place the whole lot right into a foremost.swift file.

import Basis
import Dispatch

extension URLSession {

    func uploadTask(with request: URLRequest, completionHandler: @escaping (Knowledge?, URLResponse?, Error?) -> Void) -> URLSessionUploadTask {
        uploadTask(with: request, from: request.httpBody, completionHandler: completionHandler)
    }
}


let fileData = attempt Knowledge(contentsOf: URL(fileURLWithPath: "/Customers/[user]]/[file].png"))
var request = URLRequest(url: URL(string: "http://localhost:8080/add?key=(UUID().uuidString).png")!)
request.httpMethod = "POST"
request.httpBody = fileData

let process = URLSession.shared.uploadTask(with: request) { knowledge, response, error in
    guard error == nil else {
        fatalError(error!.localizedDescription)
    }
    guard let response = response as? HTTPURLResponse else {
        fatalError("Invalid response")
    }
    guard response.statusCode == 200 else {
        fatalError("HTTP standing error: (response.statusCode)")
    }
    guard let knowledge = knowledge, let outcome = String(knowledge: knowledge, encoding: .utf8) else {
        fatalError("Invalid or lacking HTTP knowledge")
    }
    print(outcome)
    exit(0)
}

process.resume()
dispatchMain()

The above instance makes use of the Dispatch framework to attend till the asynchronous file add finishes. It is best to change the situation (and the extension) of the file if needed earlier than you run this script. Since we outlined the add route as a POST endpoint, we have now to set the httpMethod property to match this, additionally we retailer the file knowledge within the httpBody variable earlier than we create our process. The add URL ought to comprise a key, that the server can use as a reputation for the file. You possibly can add extra properties after all or use header values to test if the person has correct authorization to carry out the add operation. Then we name the add process extension methodology on the shared URLSession property. The good factor about uploadTask is you can run them on the background if wanted, that is fairly helpful if it involves iOS improvement. 📱

Contained in the completion handler we have now to test for a couple of issues. To start with if there was an error, the add will need to have failed, so we name the fatalError methodology to interrupt execution. If the response was not a legitimate HTTP response, or the standing code was not okay (200) we additionally cease. Lastly we wish to retrieve the important thing from the response physique so we test the info object and convert it to a UTF8 string if doable. Now we will use the important thing mixed with the area of the server to entry the uploaded file, this time I simply printed out the outcome, however hey, that is only a demo, in an actual world utility you may wish to return a JSON response with further knowledge. 😅

Vanilla JavaScript file uploader

Yet one more factor… you should utilize Leaf and a few Vanilla JavaScript to add information utilizing the newly created add endpoint. Truly it’s very easy to implement a brand new endpoint and render a Leaf template that does the magic. You’ll want some primary HTML and some traces of JS code to submit the contents of the file as an array buffer. It is a primary instance.



  
    
    
    File add
  
  
      
      
File add API server in Vapor 4

As you may see it’s a normal XHR request mixed with the FileReader JavaScript API. We use the FileReader to transform our enter to a binary knowledge, this fashion our server can write it to the file system within the anticipated format. Most often individuals are utilizing a multipart-encoded type to entry information on the server, however when you need to work with an API you can even switch uncooked file knowledge. If you wish to be taught extra about XHR requests and AJAX calls, it is best to learn my earlier article.

I even have a publish about completely different file add strategies utilizing normal HTML kinds and a Vapor 4 server as a backend. I hope you’ll discover the fitting answer that you just want to your utility. 👍

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

codesanitize
-
0
Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group


Aug 19, 2024Ravie LakshmananCybercrime / Community Safety

Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group

Cybersecurity researchers have found new infrastructure linked to a financially motivated menace actor often called FIN7.

The 2 clusters of potential FIN7 exercise “point out communications inbound to FIN7 infrastructure from IP addresses assigned to Put up Ltd (Russia) and SmartApe (Estonia), respectively,” Crew Cymru mentioned in a report printed this week as a part of a joint investigation with Silent Push and Stark Industries Options.

Cybersecurity

The findings construct on a latest report from Silent Push, which discovered a number of Stark Industries IP addresses which can be solely devoted to internet hosting FIN7 infrastructure.

The newest evaluation signifies that the hosts linked to the e-crime group had been seemingly procured from one in every of Stark’s resellers.

“Reseller applications are widespread within the internet hosting business; lots of the largest VPS (digital non-public server) suppliers provide such providers,” the cybersecurity firm mentioned. “Clients procuring infrastructure by way of resellers usually should observe the phrases of service outlined by the ‘mother or father’ entity.”

FIN7 Cybercrime Group

What’s extra, Crew Cymru mentioned it was capable of establish extra infrastructure linked to FIN7 exercise, together with 4 IP addresses assigned to Put up Ltd, a broadband supplier working in Southern Russia and three IP addresses assigned to SmartApe, a cloud internet hosting supplier working from Estonia.

The primary cluster has been noticed conducting outbound communications with at the very least 15 Stark-assigned hosts beforehand found by Silent Push (e.g., 86.104.72[.]16) over the previous 30 days. Likewise, the second cluster from Estonia has been recognized as speaking with at least 16 Stark-assigned hosts.

Cybersecurity

“As well as, 12 of the hosts recognized within the Put up Ltd cluster had been additionally noticed within the SmartApe cluster,” Crew Cymru famous. The providers have since been suspended by Stark following accountable disclosure.

“Reviewing metadata for these communications confirmed them to be established connections. This evaluation relies on an analysis of noticed TCP flags and sampled knowledge switch volumes.”

Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we submit.



Vulnerability in Microsoft apps allowed hackers to spy on Mac customers

codesanitize
-
0
Vulnerability in Microsoft apps allowed hackers to spy on Mac customers


Microsoft updates Outlook for Mac with Profiles feature

A vulnerability present in Microsoft apps for macOS allowed hackers to spy on Mac customers. Safety researchers from Cisco Talos reported in a weblog publish how the vulnerability might be exploited by attackers and what Microsoft has been doing to repair the exploits.

Hackers can use Microsoft apps to entry Mac customers’ cameras and microphones

Cisco Talos, a cybersecurity group specializing in malware and system prevention, shared particulars on how a vulnerability in apps like Microsoft Outlook and Groups could lead on attackers to entry a Mac’s microphone and digicam with out the person’s consent. The assault relies on injecting malicious libraries into Microsoft apps to realize their entitlements and user-granted permissions.

Apple’s macOS has a framework referred to as Transparency Consent and Management (TCC), which manages app permissions to entry issues like location companies, digicam, microphone, library images, and different information.

Every app wants an entitlement to request permissions from TCC. Apps with out these entitlements received’t even ask for permissions, and consequently received’t have entry to the digicam and different elements of the pc. Nonetheless, the exploit allowed malicious software program to make use of the permissions granted to Microsoft apps.

“We recognized eight vulnerabilities in varied Microsoft purposes for macOS, by means of which an attacker might bypass the working system’s permission mannequin through the use of present app permissions with out prompting the person for any extra verification,” the researchers clarify.

For instance, a hacker might create malicious software program to file audio from the microphone and even take images with none person interplay. “All apps, aside from Excel, have the flexibility to file audio, some may even entry the digicam,” the group provides.

macOS Sequoia Gatekeeper

Microsoft is engaged on a repair – but it surely doesn’t appear to be a precedence

In response to Cisco Talos, Microsoft considers this exploit to be “low danger” because it depends on loading unsigned libraries to assist third-party plugins.

After the exploits have been reported, Microsoft up to date the Microsoft Groups and OneNote apps for macOS with adjustments to how these apps deal with the library validation entitlement. Nonetheless, Excel, PowerPoint, Phrase, and Outlook are nonetheless weak to the exploit.

The researchers query why Microsoft had the necessity to disable library validation, particularly when extra libraries usually are not anticipated to be loaded. “Through the use of this entitlement, Microsoft is circumventing the safeguards supplied by the hardened runtime, probably exposing its customers to pointless dangers.”

On the identical time, the researchers word that Apple might additionally implement adjustments to the TCC to make the system safer. The group means that the system ought to immediate customers when loading third-party plugins into apps that have already got granted permissions.

Extra particulars concerning the exploit may be discovered on the Cisco Talos weblog.

Learn additionally

FTC: We use earnings incomes auto affiliate hyperlinks. Extra.

UK Prime Minister Keir Starmer and Prince William deepfaked in funding rip-off marketing campaign

codesanitize
-
0
UK Prime Minister Keir Starmer and Prince William deepfaked in funding rip-off marketing campaign


Scammers are as soon as once more utilizing deepfake know-how to dupe unwary web Fb and Instagram customers into making unwise cryptocurrency investments.

AI-generated movies selling fraudulent cryptocurrency buying and selling platform Fast Edge have used deepfake footage of British Prime Minister Sir Keir Starmer and His Royal Highness Prince William to succeed in an estimated 890,000 folks by way of Meta’s social media platforms.

In a single instance, deepfake video footage of Sir Keir Starmer assured viewers that “this isn’t a rip-off”, whereas claiming that they had been chosen to earn a “life-changing” amount of cash:

“Your life is about to alter. I’m Keir Starmer, Prime Minister of the UK and chief of the Labour Celebration. I’ve been ready for you. At the moment is your fortunate day. I do not understand how you discovered this web page, however you will not remorse it.”

In one other model, the pretend model of the Prime Minister introduced the “Nationwide Make investments Platform” by way of which customers may begin buying and selling and generate income across the clock.

One other model of the rip-off included a deepfake of Prince William, expressing the Royal Household’s endorsement of the scheme:

“Good afternoon, honoured residents of the UK. I’m happy to announce that I, Prince William, and all the Royal Household totally help Prime Minister Keir Starmer’s initiative and his new platform.”

Researchers at Fenimore Harper say that over 250 adverts utilizing deepfakes of Sir Keir Starmer have appeared on Meta’s platforms because the election on July 4 2024, with an advert spend by the scammers of £21,053.

Utilizing Meta’s personal AI mannequin, Llama 3.1 70B, the researchers say they have been in a position to establish the fraudulent adverts immediately – elevating questions as to why Meta itself has been unable to cut back the variety of rip-off adverts about Keir Starmer, which threat outnumbering genuine ones.

The adverts declare that Fast Edge is a part of a brand new platform endorsed by the UK Prime Minister to assist customers earn life-changing sums of cash.  If customers clicked by way of to the positioning they have been taken to a touchdown web page which requested them to enter their private particulars.

Later, candidates can be hounded by scammers, who inspired them to make deposits into the pretend cryptocurrency buying and selling platform, and to speculate much more when proven a pretend portfolio purporting to indicate that nice monetary features had been made.

Even after being scammed, some victims continued to consider that Sir Keir Starmer had personally endorsed the platform.

Meta says that its techniques detected and eliminated a lot of the fraudulent adverts earlier than the researchers’ report was printed, and reiterated that it had insurance policies in place in opposition to adverts that misuse the pictures of public figures for misleading functions.

Earlier this 12 months, researchers from the identical staff found greater than 100 deepfake video adverts on Fb posing as footage of the UK’s then Prime Minister Rishi Sunak, pointing to a pretend BBC Information webpage selling an funding rip-off.

The researchers consider that regardless of protestations from Meta, disinformation on Fb and Instagram “is getting worse, not higher”

1...3,7783,7793,780...3,835Page 3,779 of 3,835

ABOUT US

Welcome to CodeSanitize, your number one source for all things coding and technology. We’re dedicated to providing you the very best of software development tutorials, tips, and resources, with a focus on clarity, practical examples, and up-to-date content.

© Copyright 2024 - codesanitize.com. All rights reserved