Security-Portal.cz je internetový portál zaměřený na počítačovou bezpečnost, hacking, anonymitu, počítačové sítě, programování, šifrování, exploity, Linux a BSD systémy. Provozuje spoustu zajímavých služeb a podporuje příznivce v zajímavých projektech.

Kategorie

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks

Bleeping Computer - 19 Listopad, 2024 - 22:18
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. [...]
Kategorie: Hacking & Security

CMA gives Google’s $2B Anthropic investment the green light

Computerworld.com [Hacking News] - 19 Listopad, 2024 - 22:03

It took the UK’s Competition and Markets Authority (CMA) less than a month to decide that there is no need to proceed further with a merger investigation after Google’s purchase of a $2 billion stake in Anthropic.

In a statement released on Oct. 24, the CMA indicated that it had obtained “sufficient information” to launch a preliminary investigation into the investment by Google, which was first announced last year and involved an initial sum of $500 million, with the remainder to be invested at a later date.

The regulator was then scheduled to announce on Dec. 19 whether or not a more detailed phase 2 probe would take place, a move that ended up being fast forwarded.

Scott Bickley, advisory fellow at Info-Tech Research Group, said when the initial investigation was announced that the probe sounded like a “precautionary investigation across the board to me, primarily due to the fact that the CMA just recently approved Amazon’s Anthropic investment and partnership.”

Last March, Amazon announced it was investing $2.75 billion in Anthropic, bringing its total investment in the AI startup to $4 billion.

As part of this partnership, Anthropic said it would use Amazon Web Services (AWS) as its main cloud provider for key operations, including AI safety research and the development of foundation models. Anthropic will also use AWS Trainium and Inferentia chips for building, training, and deploying future models.

The CMA ruling on that investment was released on Sept. 27, and stated that the regulator does not believe that a “relevant merger situation has been created.”

Phil Brunkard, executive counselor at Info-Tech Research Group, UK, said last month that “both Google and Amazon are trying to compete with OpenAI, but it’s interesting that the CMA is focusing on Google when Amazon was just cleared, which raises some questions about consistency.”

While investigations do create some uncertainty, he said, “Amazon’s clearance hints that Google could have a similar outcome. It seems the CMA is just being thorough, but these investments will likely continue.”

Brunkard said Tuesday he was not surprised by the ruling issued by the CMA, a non-ministerial department in the UK government that oversees business activities and flags potentially unfair competition.

“As I had mentioned previously, the CMA appeared to have been conducting a thorough review, and the latest report confirms they were satisfied after assessing their criteria,” he said, adding, “it’s essential that the CMA continues this consistent approach to ensure a fair and competitive marketplace.”

This kind of oversight, said Brunkard, is “especially important in the exponentially evolving AI sector, where investments from tech giants like Google and Amazon have the potential to shape the market significantly.”

The CMA first launched an initial review into the market for AI systems in May 2023, and in a statement announced it would focus in on three key areas: how the competitive markets for foundation models and their use could evolve; the opportunities and risks these scenarios could bring for competition and consumer protection; and what guiding principles should be introduced to support competition and protect consumers as AI models develop.

The organization said that the review is in line with the UK government’s aim to support “open, competitive markets.”

Kategorie: Hacking & Security

Business Internet Security: Everything You Need to Consider

Computerworld.com [Hacking News] - 19 Listopad, 2024 - 21:34

Cyber-attacks can cost companies millions of dollars in lost revenue, legal fees, and recovery efforts. A security breach can severely tarnish a company’s reputation and customer trust, making comprehensive internet security crucial for your small business.

Investing in effective cybersecurity measures, especially regarding business internet and email security, acts as a shield against potential threats. These internet security solutions will protect your sensitive data and maintain the trust and safety of your clients and partners.

Business Internet Security Checklist

Building a robust internet security strategy for your business may seem complex. To help you prioritize your cybersecurity threats and build a strong security solution, we’ve created an extensive checklist.

1. Secure Your Network Infrastructure

The foundation of good internet security relies on a strong, secure network infrastructure. Your network is like your office; strong walls, locked doors, and vigilant guards keep it secure.

Firewall Protection: Your First Line of Defense

Firewalls act as a barrier between your network and the outside world, blocking unauthorized access and malicious traffic. Think of it as your business’s security guard, carefully checking everyone who tries to enter. Firewalls can filter incoming and outgoing network traffic, enforcing your security rules through threat detection.

Network Segmentation for Damage Control

Imagine dividing your office into sections with different security clearances—that’s what network segmentation does. By separating your network into smaller, isolated segments, you limit the reach of any potential breach.

Even if one part of your network is compromised, the others remain safe, containing the damage and preventing a complete shutdown. Network segmentation is one of the most important security features a business can implement, even if you run a small business.

2. Strengthen Your Devices and Access Points

Each device on your business’s network, from computers to mobile phones, represents a potential point of entry for hackers. Treat connected devices as a door to your Wi-Fi networks, ensuring each one is secure enough to protect the entire structure.

Robust Passwords and Multi-Factor Authentication (MFA)

Using weak or easily guessable passwords is like leaving your office unlocked, allowing online threats to gain access. It’s an open invitation for trouble. Implement a strong password policy requiring employees to use complex passwords.

You should encourage use of a password manager and implement multi-factor authentication (MFA) on all accounts to add another layer of protection. Strong passwords are one of the easiest ways to strengthen your business cybersecurity.

Regular Software Updates

Software updates often include vital security patches that address identified vulnerabilities. Delaying updates on your security software is like ignoring a leaky roof; if left unattended, it will only get worse. Patch management and regularly updating all software on all your devices, including antivirus software and operating systems, will minimize the risk of exploitation.

Schedule updates and educate your employees about the importance of keeping their systems current. Regularly updating your software is one of the best free security solutions for your business.

Endpoint Detection and Response (EDR) Solutions

EDR solutions are your network’s security team that continuously monitors for suspicious activity. They then respond to this activity in real-time. Consider implementing an EDR solution that proactively detects, isolates, and responds to threats on individual devices within your network.

3. Safeguarding Your Data

Your business’s data—customer information, financial records, and intellectual property—is invaluable. Protecting your business data should be a top priority.

Data Encryption

Imagine losing access to all your essential documents; that’s the chaos data loss can cause. Having secure backups of your crucial data ensures business continuity, even if a cyber incident occurs.

Implement a secure data backup and recovery plan that includes regular backups, offsite storage, and disaster recovery testing. It is also vital to make sure your internet connection is secure before backing up data to the cloud.

Implement a Data Loss Prevention (DLP) Strategy

A robust DLP strategy helps detect, monitor, and prevent the unauthorized use or transmission of sensitive data. This strategy acts as a safeguard against both accidental data leaks and intentional theft.

4. Educating Your Workforce

Your employees play a critical role in maintaining strong business internet security. Equip them with the knowledge and tools they need to act as an added layer of defense through security awareness training workshops. Human error causes many data leaks and security risks.

Cybersecurity Training

Conduct regular and comprehensive cybersecurity training for all employees. Training should focus on common cyber threats like malicious sites, phishing scams, and social engineering attacks. It is also important to educate employees about security awareness and best practices for online security, especially on public networks.

Password Management

Encouraging the use of strong and unique passwords for all business accounts, such as Microsoft Exchange, is key to fortifying your first line of defense. Implement a business-wide password manager for secure storage and effortless access for your employees.

Establish Clear Communication Channels

Establishing clear communication protocols for reporting security incidents and concerns helps you address issues more rapidly and effectively. This will help mitigate potential damage. Encourage employees to use these communication channels if they have accessed any inappropriate or malicious websites on company devices.

Your Business’s Cybersecurity Journey Starts Now

With cyber threats continuing to evolve and become more sophisticated, businesses can never be complacent about internet security and protecting their private network and data.

Taking proactive steps toward securing your digital infrastructure and safeguarding sensitive data is a critical business decision. Prioritizing robust internet security measures safeguards your small business and ensures you’re well-equipped to face whatever kind of threat may come your way.

While implementing these security measures may seem daunting, partnering with the right internet service provider like Optimum can give you a head start on your cybersecurity journey.
Want Internet service with cybersecurity built in? Try Optimum Business Internet.

Frequently Asked Questions About Business Internet Security How can we protect IoT devices from becoming the entry point for security vulnerabilities into a network?

IoT devices can be particularly vulnerable to security breaches, but several measures can help protect your network:

  • Change default passwords immediately and use strong, unique passwords for each device
  • Regularly update IoT device firmware to patch security vulnerabilities
  • Implement network segmentation to isolate IoT devices on a separate network from critical business systems
  • Disable unnecessary features and ports that could be exploited
  • Monitor IoT device activity for unusual patterns that might indicate a breach
  • Use a dedicated firewall for IoT devices to control their internet access
Which security measure limits the access of outsiders to the internal network of a business?

Firewalls are the primary security measure that controls external access to your internal network. They act as a barrier between your trusted internal network and untrusted external networks, like the internet. Firewalls monitor and control incoming and outgoing network traffic based on predetermined security rules, effectively limiting unauthorized access while allowing legitimate business communications to continue.

Who in a business should be responsible for cybersecurity?

While a designated IT security team or professional may lead cybersecurity efforts, security is everyone’s responsibility. Here’s how responsibility can be distributed:

  • Leadership: Set security policies and allocate resources
  • IT Department: Implement and maintain security measures
  • Department Managers: Ensure compliance within their teams
  • Employees: Follow security protocols and report suspicious activity
  • External Partners: Comply with security requirements when accessing company resources

However, if you don’t have the benefit of a dedicated IT department, you can turn to Optimum for help and support.

What can we do to stay on top of cybersecurity threats?

Keeping strong cybersecurity is all about staying alert and taking proactive steps. Organizations should consider signing up for threat intelligence feeds to stay updated on new vulnerabilities and regularly assess their security to spot potential issues.

Having an ongoing routine of software updates and security patches, along with ongoing employee training on security awareness, can help build a strong cybersecurity foundation. Many organizations also find it helpful to team up with cybersecurity experts who can offer advice on new threats and suggest the best security practices.

Learn more about what Optimum can do for your business.

Kategorie: Hacking & Security

Study: Chat GPT is better than doctors at diagnosing illness

Computerworld.com [Hacking News] - 19 Listopad, 2024 - 21:34

A new research study indicates that Open AI’s chatbot Chat GPT-4 is better at diagnosing diseases than human doctors, according to The New York Times.

Fifty doctors, a mix of attending physicians and residents, participated in the study; diagnoses were based on evaluations of medical patient cases. All in all, Chat GPT-4 got a 90% score for the diagnoses it delivered; the doctors on their own got average scores of 74%.

The doctors also reportedly performed worse than the chatbot when they were allowed to use Chat GPT-4 in their work. Physicians who used the tool performed only marginally better — getting scores of 76% — than physicians who did not use a chatbot at all.

The reason for that, the study said, was that the doctors rarely allowed themselves to be convinced by the chatbot if it noticed something that did not agree with the doctor’s own diagnosis. Many doctors also didn’t know how to use the chatbot’s skills to their full potential.

Kategorie: Hacking & Security

Ford rejects breach allegations, says customer data not impacted

Bleeping Computer - 19 Listopad, 2024 - 21:09
Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...]
Kategorie: Hacking & Security

Ford investigates alleged breach following customer data leak

Bleeping Computer - 19 Listopad, 2024 - 21:09
Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...]
Kategorie: Hacking & Security

Ford investgates alleged breach following customer data leak

Bleeping Computer - 19 Listopad, 2024 - 21:09
Ford is investigating allegations that it suffered a data breach after a threat actor claimed to leak 44,000 customer records on a hacking forum. [...]
Kategorie: Hacking & Security

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

Bleeping Computer - 19 Listopad, 2024 - 20:56
Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. [...]
Kategorie: Hacking & Security

D-Link urges users to retire VPN routers impacted by unfixed RCE flaw

Bleeping Computer - 19 Listopad, 2024 - 18:58
D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices. [...]
Kategorie: Hacking & Security

Microsoft now testing hotpatch on Windows 11 24H2 and Windows 365

Bleeping Computer - 19 Listopad, 2024 - 18:37
​Microsoft announced today that hotpatching is now also available in preview on Windows 365 and Windows 11 Enterprise 24H2 client devices. [...]
Kategorie: Hacking & Security

Foxconn takes another big step toward AI iPhone manufacturing

Computerworld.com [Hacking News] - 19 Listopad, 2024 - 18:27

Apple’s main manufacturing partner, Foxconn, has announced it is working with Nvidia to build digital twins that it says will reshape the future of manufacturing and supply chain management.

Nvidia and Foxconn last year announced plans to use Nvidia’s Omniverse platform to create 3D digital twin tech with which to plan and simulate automated production lines. The scheme was first put into effect at Foxconn’s Hsinchu factory in Taiwan and will be scaled out to Foxconn factories worldwide. 

What happens in Hsinchu…

Apple’s connection with the Hsinchu facility isn’t particularly overt, but it certainly exists. There’s an Apple Store currently hiring in the city, and Apple also has an R&D facility there. In 2020, Apple confirmed plans to build a new plant in Hsinchu Science Park to supplement the operations it already had in place.

As far as we know, Apple’s Hsinchu-based R&D teams are working on next-generation monitor technologies such as low-temperature polysilicon displays and metal-oxide-semiconductor screens, along with quantum film image sensors, according to earlier reports. (Who knows, it’s not impossible that new tech used in the latest MacBook Pro displays might have been developed there.) 

While a bit of a long shot, some of Apple’s server development team might also be based there, given the company is developing its own servers to support its Private Cloud Compute systems for Apple Intelligence. It was recently reported that Apple has asked Foxconn to make AI servers based on Apple Silicon in Taiwan, and given the proximity of the Hsinchu digital twins project, it is hard to ignore the overt opportunity for additional cooperation between the firms.

When it comes to manufacturing, Apple has a pressing challenge to scale up the capacity to build iPhones at factories outside China. Some of this work is already taking place in India where the company is rapidly ramping up production, but it is possible Apple wants some manufacturing taking place elsewhere, such as in Mexico. 

Foxconn’s move to build heavily automated production facilities could help Apple with those efforts.

Industry 4.0 and the Apple supply chain

I see the latest news with Nvidia as part of a continuum. Foxconn has already built a growing network of eight Industry 4.0  lights-out factories in Taiwan, China, and Mexico. In China, the steady move toward additional automation means Foxconn has been able to reduce its workforce by more than a third while maintaining production levels. 

Foxconn’s entire Shenzhen, China, Guanlan factory operates without lighting as it is automated and controlled by a cloud-based AI. The vision of that latter project is that it will become possible to simply tell the cloud AI what products need to be made and how they are to be manufactured, and the system will adjust itself to automatically churn those products out. 

There’s a ways to go before that becomes possible, but it sounds like Foxconn will use Nvidia’s tools to track existing manufacturing processes so they can be more easily replicated at factories situated elsewhere. 

“Through this technology, Foxconn can replicate and establish production lines across diverse geographical locations with unprecedented speed and precision,” the company said. “This capability enables Foxconn to swiftly deploy high-quality production facilities with unified standards in strategic markets worldwide, significantly enhancing the company’s competitiveness and adaptability in the global landscape.”

Digital twin tech is also very good at identifying bottlenecks and inefficiencies in existing production processes, while the ability to more easily take manufacturing lines to new nations also help build resilience into manufacturing systems. “When facing supply chain disruptions or sudden market demands, Foxconn can quickly simulate manufacturing process changes and adjust production strategies to flexibly allocate resources across different regions for itself and its clients, ensuring production continuity and stability,” Foxconn says.

Resilience and flexibility

To some extent, the writing has always been on the wall. Supply chains globally buckled during the height of the CoVID-19 pandemic, and Apple’s decision to widen its manufacturing base to new nations was a direct response to this. Apple — and quite clearly, Foxconn — now understand the need to build resilience into the supply chain, and one way to do that is to turn to using heavily automated manufacturing systems that can be easily set up and made productive in new locations. This seems to be the game in play here, particularly in the wake of Apple’s purchase of Darwin AI earlier this year.

The other part of that game reflects the challenge of staffing manufacturing operations at the scale Apple demands. Hundreds of thousands of people globally are now involved in building Apple hardware, and the job is skilled enough that recruiting all those workers can pose problems for the company. This is likely why in June it was revealed that Apple intends to replace 50% of iPhone related assembly line workers in the next few years. That ambition logically requires the kind of productivity enhancements Foxconn and Nvidia are working on now, so logically it makes sense that Apple’s production processes are part of the plan.  

Designed by Apple, built by robots

Achieving this is not going to be easy. But where Apple goes, others inevitably follow, which itself means that future employment is going to become even further deindustrialized at about the same time as AI itself leads to mass scale changes in working practices elsewhere. It’s hard to see where this is going, but the other side of that story is that iPhone manufacturing will itself become a movable feast.

“Designed by Apple, built by robots,” some might say.

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe

Kategorie: Hacking & Security

Helldown ransomware exploits Zyxel VPN flaw to breach networks

Bleeping Computer - 19 Listopad, 2024 - 18:00
The new 'Helldown' ransomware operation is believed to target vulnerabilities in Zyxel firewalls to breach corporate networks, allowing them to steal data and encrypt devices. [...]
Kategorie: Hacking & Security

Microsoft brings automated ‘agents’ to M365 Copilot

Computerworld.com [Hacking News] - 19 Listopad, 2024 - 17:57

Microsoft has introduced a new tool in Microsoft 365 Copilot to automate repetitive tasks, part of a drive to make the generative AI (genAI) assistant more useful to users.

Copilot Actions, announced at Microsoft’s Ignite conference Tuesday, features a simple trigger-and-action interface that Microsoft hopes will make the workflow automations accessible to a wide range of workers. 

The company offered up a few examples for Copilot Actions in a blog post. It can be set to create an automatic summary of important action points at the end of the workday, gather inputs from a team for a weekly newsletter, or summarize recent interactions with a client ahead of a meeting. The feature is now in private preview.

[ Related: Microsoft Ignite 2024 news and insights ]

A Gartner survey of digital workers indicated that 51% have customized and built their own workflows, apps and automations, “so the demand is certainly there for business users (aka citizen developers) to build their own AI agents,” said Jason Wong, vice president analyst at Gartner.

Microsoft’s low-code and no-code tools, including Power Apps and Power Automate, have already “paved the way for Copilot Studio for citizen development,” Wong said. “However, Copilot Studio is still an immature product, and organizations have only started to upskill their employees to understand how to build generative AI powered apps or agents.”

Other new features announced at Ignite include an update to Copilot Pages, the recently-launched document editor tool connected to M365 Copilot. Microsoft will add “rich artifacts” to Copilot Pages, which lets users share a wider variety of information generated in Copilot, such as blocks of code or flow charts, and share them to a Pages document. 

Copilot Pages is due to be generally available in early 2025, Microsoft said.

Copilot in Teams will soon be able to analyze visual content shared on-screen during a video call, and users can ask the assistant for a quick summary of files shared in Teams Chat. Both features will be in public preview early next year.

There’s also an “interpreter” function coming to Teams that Microsoft claims will translate meeting participants’ speech in real-time during a video call. Available in public preview in early 2025, Microsoft said it will also be possible simulate a user’s voice in the translated audio.

The feature, currently in private preview, is one of several examples of AI agents coming to M365 Copilot and M365 apps. 

Microsoft also announced AI “agents” for M365 Copilot — including the general availability of the previously announced agent builder functionality in SharePoint; the latter essentially lets users created a tailored chatbot to respond to queries related to a specific set of files stored in the content management application. To help manage and secure data accessed by M365 Copilot, Microsoft will make the SharePoint Advanced Management add-on (which previously cost $3 per user a month) available at no extra cost starting early next year. 

There’s an Employee Self-Service Agent for BizChat —  the chat interface for M365 Copilot –— whereemployees can ask HR and IT-related questions, such as requesting a new laptop. The agent, now in a private preview, can be customized in Microsoft’s Copilot Studio app.   

There’s an agent to automate project management processes in Microsoft’s Planner app (in public preview now), with plans in place to open up access to third-party agents from the likes of ServiceNow in the coming months.

Microsoft has struggled to convince Microsoft 365 customers that it’s worth investing in its various genAI tools, many of which launched last year. The latest updates provide an opportunity to show the business value of the genAI assistant, which costs $30 per user each month.  

While Microsoft’s “Wave 2” of M365 Copilot features announced in September can be viewed as an attempt to win over undecided buyers, Wong said the new agentic capabilities announced at Ignite are “really more for their current M365 Copilot customers to extend the business value of generative AI beyond individual productivity to show greater ROI.

“Copilot customers [don’t] just want content creation and summarization,” he said. “They want Copilot to replace manual work, impact team workflows and drive process improvements.”

Kategorie: Hacking & Security

Botnet fueling residential proxies disrupted in cybercrime crackdown

Bleeping Computer - 19 Listopad, 2024 - 16:34
The Ngioweb botnet, which supplies most of the 35,000 bots in the cybercriminal NSOCKS proxy service, is being disrupted as security companies block traffic to and from the two networks. [...]
Kategorie: Hacking & Security

New Windows 11 recovery tool to let admins remotely fix unbootable devices

Bleeping Computer - 19 Listopad, 2024 - 16:09
Microsoft is working on a new Windows "Quick Machine Recovery" feature that will allow IT administrators to use Windows Update "targeted fixes" to remotely fix systems rendered unbootable. [...]
Kategorie: Hacking & Security

A beautiful machine: one week with an M4 Pro MacBook Pro

Computerworld.com [Hacking News] - 19 Listopad, 2024 - 15:46

The new MacBook Pro is everything you expect: faster, better and more capable than before. While you can say that about every new Mac, the move to Apple Silicon means Apple can introduce vastly improved systems almost every year — something that was not always possible before.

I tested a beautiful Space Black MacBook Pro with the new M4 Pro chip and 48GB memory (which I would treasure if it belonged to me). The 3-nanometer chip it uses has 14 cores, consisting of 10 performance and four efficiency cores; it has a 2TB drive; a Liquid Retina XDR nanotexture display; and it costs $3,349.

What you already know

You already know everything you need to know about the all-new M4-series MacBook Pro systems. You know what they look like, that they are considerably faster, deliver extensive battery life, and are packed with more memory than Apple has pre-installed in Macs before. These AI PCs, of course, will run Apple Intelligence and any third-party generative AI systems you want to throw at them and are capable of handling incredibly intensive tasks. (When they do, they do not become hot enough you can fry an egg on them.)

You also know they run macOS, and (as virtual machines) run Windows really well if you also install Parallels. They also run most popular flavors of Linux in VM. They’re the most stable and inherently secure PC’s you can get, and if you are running a fleet of them you also know they’re less expensive to run in terms of tech support and other costs of ownership.

That’s the reputation these new Macs carry, and every single claim is true; it is why these Macs almost always win the PC group tests.

Test scores

I ran a few tests.

Geekbench 6
  • Open CL: 69,201
  • Single Core: 3,964
  • Multi Core: 22,952

There are multiple scores for these systems (Mac16,8) now available on Geekbench. These all confirm this kind of power.

Cinebench

I ran the Multi Core test using CinebenchR23. CPU results yielded 22,056 points for multi-core performance and 2,188 for single-core. The Mac utterly dominated single-core testing and comfortably took third in multi-core tests, eclipsing most AMD and Intel chips. 

Blender

Blender has its own benchmarks, which it has aggregated from users of its software. These give the equivalent Mac a median score of 2,547.97, which basically means Blender performance will be only slightly slower than what you can expect from a much more expensive Apple system running an M2 Ultra chip. 

Valley

I even tested the Mac using Valley. That test forces the Mac to render a selection of graphically intensive moving images, which makes it a neat way to put the GPU through its paces. This is no longer a fair test, however, as Valley isn’t optimized for Apple Silicon and relies on Apple’s Rosetta technology to work.  Despite which, the Mac flew, reaching an average 127.9 fps without switching on the fan. 

Apple wins the race

This level of performance — and annual improvements in that performance — could never have been achieved before the introduction of Apple’s M-series chips. Apple Silicon stands far ahead of the pack of Intel Core Ultra 200 chips or AMD Ryzen AI 9HX 370s (catchy name) — even the widely praised Qualcomm Snapdragon X Elite. 

Really, truly, Apple now leads in the processor wars. Dollar-for-dollar, and most especially, watt-for-watt, you can absolutely expect Macs running these M4 Pro chips to handle pretty everything you throw at them — in a portable Apple supercomputer you can use on battery and trundle to your next destination tucked away under your arm. Capable of delivering 8.6 teraflops of performance, it’s the computer most in the AI development industry are using; they need this level of performance and know Apple’s Macs deliver.

Apple What are they for?

What all the performance data really means is that these Macs are more powerful than the superpowered Mac Studio or Mac Pro desktop models introduced in 2023. Want to edit a movie using pro apps like Adobe Premier or Apple’s Final Cut Pro? These machines are for you. It doesn’t stop at editing — they’re solid performers for color grading, motion graphics creation, CAD applications, RAW image editing, data modeling, structural engineering, advanced statistical analysis, even building, compiling, and testing new AI models. 

That performance also means that if you must run some legacy apps using Windows, you can — and you might find that even in emulation mode, the Mac runs Microsoft’s OS faster than most PCs. If you’re a gamer, you’ll be happy; World of Warcraft: The War Within performs 16.7 times faster than it did on an Intel-based MacBook Pro, Apple said. And these computationally intensive tasks can be done wherever you happen to be, thanks to the battery life of 24 hours. 

What about the display?

The test system I used had a nano-texture display to reduce glare and reflections. This is great for using the Mac outdoors in sunlight, and while the technology does make for a slight reduction in contrast if you look closely, this is more than offset by the image clarity. If you intend to use your new Mac when out and about, the $150 extra for nano-texture is a good investment.

When it comes to image clarity and color accuracy, you get a display capable of outputting color at the same degree of accuracy as reference systems users paid $40,000 or more for just five years ago. That’s the beauty of the Liquid Retina XDR display, which also means you can look at the display side on and still discern what it is showing. Apple has also switched to a Quantum Dot film in the display, which is a layer of phosphorescent crystals situated between the backlight and the display’s color filter that help make color more vibrant, accurate, and bright.

Otherwise, you can expect industry-leading 1600 nits of peak brightness and 1000 nits of sustained brightness for HDR and SDR content. The Mac is smart in other ways, too, and can adjust brightness all the way down to 1 nit in low-light situations. Put all of this together and what you get is a professional display in a professional notebook, which matters if your work requires staring at that display all day.

Want to use an external display? You can. While I was only able to test this with one external display, the MacBook Pro with an M4 Pro chip can drive up to two external displays in addition to the built-in display

Battery life

“Oh,” you exclaim, “but the bright display and powerful processor must eat away battery life.” While it depends on what you do, that isn’t necessarily so. Apple promises this MacBook Pro can handle up to 22 hours of video streaming and up to 14 hours of wireless web browsing.

In my experience, Apple’s battery life claims easily stand up – the only way you’ll really see battery life drop fast is if you want your Mac to start rendering large video files or preparing massive data sets for export. Oddly enough, the best way I found to easily test this was to set Valley’s test onto an endless loop. After eight hours, my beautiful Space Black Mac was still happily chugging away.

I humbly suggest that means unless you’re really pushing those processor cycles, your Mac will carry on doing whatever it is you need for a return journey between London and New York, even if you forget to bring your power cable with you. Oh, and one more thing, if you unplug your Mac, you’ll see no reduction in performance. 

Speaking to friends

Of course, if you’re staying across the ocean you might want to speak with your colleagues, family, or friends. The good news there is that the 12-megapixel webcam (1080p HD) brings Apple’s on-board camera a little further into the 21st Century.

The follow up good news is that it’s the AI Apple created in support of that camera that really does that job. Contrast will be good, even when you are backlit by a window; Center Stage will keep you in the frame without getting in the way; and Desk View gives people you speak with a good perspective on what your fingers are doing.

Of course, a good camera for video conferencing is one thing, but you also need good sound; again, Apple’s deep investments in digital sound tech is easy to hear in these Macs. The six-speaker system delivers a beautiful wide stereo sound, which means whether you’re listening to music, watching a Dolby Atmos movie, or listening to someone who loves the sound of their own voice blaring on during an endless weekly meeting, you’ll be cocooned in a cloud of sound. And if you want to output sound to a bigger system, you’ve even got a headphone port.

Summing up

Power users will be thrilled that these Macs support up to 128GB of high-bandwidth memory, which will make a big difference to 3D and AI professionals. It’s also true that users shifting video assets between multiple codecs will find they can do that while still handling tasks like color and effects processing — and if you’re trying to open a large file, the speed of the SSD is as “Pro” as everything else in this machine.

These really are pro machines, with an illuminated keyboard, outstanding built-in microphones, the productivity-boosting tools in Apple Intelligence, and the now iconic (thin and light) MacBook Pro design. You even get a polishing cloth! 

The only snag? You might not need one.

These are astonishingly portable, amazingly powerful computers that look great and sound better. However, most of us aren’t doing the computational equivalent of joining the queue to climb Everest or investigating vast data sets toward building a vaccine against cancer. Instead, we’re playing some games, surfing the internet, shifting our identities to BlueSky from Twitter, and writing a couple of word processing documents. 

Think of it this way: I’m writing this using a beautiful MacBook Pro that I can only ever aspire to.

This computer is born for speed, bred for performance, and hungry to handle some really demanding tasks. But perhaps you only really need a MacBook Air. The way I see it, if Apple were a horse breeder, then M4 Pro MacBook Pros are outstanding thoroughbreds absolutely born for world-class performance and speed, while the MacBook Air is a slightly slower but also desirable long distance runner.

I think almost every Mac user will continue to aspire to owning a thoroughbred. These Macs deliver everything we expect and cement Apple’s reputation as the world’s best racehorse breeder. No one else is consistently churning out such champions today.

You can follow me on social media! Join me on BlueSky,  LinkedInMastodon, and MeWe

Also by Jonny Evans:

>
Kategorie: Hacking & Security

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

The Hacker News - 19 Listopad, 2024 - 15:01
The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. "At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers and IoT devices," the Black Lotus Labs team at
Kategorie: Hacking & Security

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

The Hacker News - 19 Listopad, 2024 - 15:01
The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. "At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers and IoT devices," the Black Lotus Labs team at Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

The Hacker News - 19 Listopad, 2024 - 15:00
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The
Kategorie: Hacking & Security

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

The Hacker News - 19 Listopad, 2024 - 15:00
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report shared with The Ravie Lakshmananhttp://www.blogger.com/profile/[email protected]
Kategorie: Hacking & Security
Syndikovat obsah