behavior Archives

Tech Optimizer

June 3, 2025

I tested Bitdefender and McAfee in an antivirus software showdown, and here’s what I found

Bitdefender and McAfee are two leading antivirus software options known for robust malware protection and additional security features. Bitdefender achieves 98% effectiveness in real-time threat detection, while McAfee uses machine learning for threat identification but may produce false positives. Bitdefender offers a basic firewall, not available for macOS, whereas McAfee provides a more advanced firewall with device monitoring. Bitdefender has a standalone Digital Identity Protection service, while McAfee offers comprehensive identity theft protections in its Premium subscription. Bitdefender includes a VPN with a 200MB daily data cap, while McAfee provides unlimited VPN access but with fewer countries and features. Both offer password managers, but Bitdefender lacks two-factor authentication, while McAfee's True Key includes multi-factor authentication. Bitdefender’s parental controls are basic, while McAfee’s Safe Family includes location tracking. Bitdefender is known for lightweight performance, but recent tests suggest McAfee may have better system optimization. Both have user-friendly interfaces, with Bitdefender organizing features into tabs and McAfee offering a simpler design. In terms of protection, Bitdefender has a 98.7% detection rate, while McAfee excels online with 99.6% but struggles offline. Bitdefender's pricing starts at .99 for the first year, while McAfee's Basic plan starts at .99. Overall, Bitdefender is more budget-friendly, while McAfee offers advanced identity theft protection.

AppWizard

June 3, 2025

Facebook, Yandex Apps Secretly Track Users Via Hidden Ports, Research Claims

Recent findings from IMDEA Networks Institute indicate that Facebook and Instagram apps have been tracking Android users' web browsing activities without consent, bypassing privacy controls and functioning even in incognito mode. This tracking affects millions of websites using Meta's tracking code. Yandex has employed similar tracking techniques since 2017, creating a cross-platform surveillance network. The tracking exploits Android’s permission system by establishing background services that listen on network ports, allowing the apps to capture browsing data and associate it with users' accounts. Meta's pixel is present on about 5.8 million websites, while Yandex Metrica is on around 3 million sites, potentially impacting billions of users. Approximately 78% of sites with Meta’s pixel and 84% of Yandex's sites attempted localhost communications without user consent. This tracking method operates at the operating system level, unaffected by cookie clearing, incognito modes, or privacy settings. Researchers have demonstrated that malicious apps could exploit this technique to gather users' browsing histories. Many website operators were unaware of these localhost communications, leading to confusion and complaints. In response, major browser vendors are implementing measures to block these tracking methods. Meta ceased this tracking on June 3rd, coinciding with the research's public release. The research highlights a significant security gap in mobile platforms regarding localhost communications, emphasizing the need for stricter policies and vetting processes.

Tech Optimizer

June 3, 2025

I learned these 6 antivirus myths for PCs are completely wrong

Antivirus software on Windows was once essential due to security vulnerabilities, but built-in protection in Windows 8 and later versions often suffices for everyday use. Modern third-party antivirus applications are designed to be efficient and have minimal impact on system performance. All operating systems, including macOS, Linux, iOS, and Android, are susceptible to malware, contrary to the belief that only Windows needs antivirus protection. Manual virus scans are no longer necessary as modern solutions provide real-time monitoring. Antivirus software should be part of a broader security strategy that includes regular updates and secure online practices. Relying solely on cautious behavior is insufficient, as threats can emerge from various sources. Using antivirus software is still recommended, and users can complement built-in security features with third-party solutions.

AppWizard

June 3, 2025

This Android loophole could have let your apps spy on your web browsing

Meta and Yandex have exploited a loophole in the Android operating system, allowing them to link web browsing data with app identities, bypassing privacy measures like incognito mode. This was revealed by researchers from the Local Mess project, who found that tracking scripts (Meta Pixel and Yandex Metrica) embedded in millions of websites transmit data from web browsers to apps such as Facebook, Instagram, and Yandex Maps through local network connections. Meta began using this technique in late 2024, while Yandex has been doing so since 2017. The loophole allows browser data to be sent to localhost, enabling apps to access it without user notification. In response, Meta has paused the feature and is working with Google to address the issue, which Google acknowledges violates Play Store policies. Some browsers are blocking this tracking, but researchers warn that solutions may be temporary without stricter restrictions on app access to local ports. The study indicates that most sites using these trackers start data collection immediately upon visiting, often before consent is requested. To prevent this tracking, users are advised to uninstall the affected applications.

Winsage

June 3, 2025

Windows 11 market share stalls ahead of Windows 10 cutoff

User adoption of Windows 11 is slowing, with its market share decreasing from a peak of 43.72 percent in May to 43.22 percent in early June 2025. In contrast, Windows 10's market share has increased to 53.19 percent. Expert Kieren Jessop from Canalys notes that while the figures may seem concerning, they align with forecasts, and a monthly increase in Windows 11 adoption of 0.5 to 1.5 percent is anticipated through October. Canalys projects an 8.1 percent growth in commercial shipments of Windows-only devices in the US for 2025, but a decline in consumer shipments is expected, with a -2.5 percent decrease in the US and a -0.7 percent decrease globally.

AppWizard

June 3, 2025

Meta and Yandex are de-anonymizing Android users’ web browsing identifiers

Recent developments in browser technology have raised concerns about user privacy and data tracking by companies like Meta and Yandex. In response, several Android browsers are enhancing user privacy by blocking abusive JavaScript linked to web trackers. DuckDuckGo has implemented measures to block domains and IP addresses associated with trackers, preventing the transmission of identifiers to Meta and restricting access to Yandex Metrica. Following feedback, DuckDuckGo's developers updated their blacklist to include missing addresses. The Brave browser uses extensive blocklists to prevent identifier sharing and blocks requests to localhost without user consent. Vivaldi forwards identifiers to local Android ports by default but allows users to adjust settings to block trackers. Researchers warn that these solutions may not be foolproof and emphasize the ongoing challenge of maintaining effective blocklists. Chrome and most other Chromium-based browsers execute JavaScript as intended by Meta and Yandex, while Firefox has faced challenges with SDP munging and has not yet announced plans to address this behavior.

Winsage

June 2, 2025

Make USB-C great again: Microsoft requires full functionality of all PC ports for Windows 11 certificate

Microsoft has announced an update to its Windows Hardware Compatibility Program (WHCP) for Windows 11, introducing a new standard for USB-C ports. All certified devices must support data transfer, charging, and video output through their USB-C ports. Laptops with 40 Gbps USB ports will be required to support USB4 and Thunderbolt 3. The updates are effective for devices shipping with the Windows 11 24H2 update and will mandate the use of certified chips from USB-IF, along with Microsoft's own USB controller driver. These changes aim to eliminate inconsistencies in USB-C functionality across devices, providing users with reliable port performance by 2025.

Tech Optimizer

June 2, 2025

Streamline code conversion and testing from Microsoft SQL Server and Oracle to PostgreSQL with Amazon Bedrock

Organizations are transitioning from legacy database systems like Microsoft SQL Server and Oracle to open-source alternatives such as PostgreSQL to reduce costs and enhance scalability. This migration process involves several steps, including schema conversion, business logic transformation, data migration, application changes, and performance tuning. Amazon Bedrock aids this process by automating schema and code conversion, data transformation, identifying code compatibility issues, and generating test cases for validation. The migration challenges include adapting database objects to PostgreSQL's syntax, converting stored procedures and functions, executing ETL processes for data accuracy, modifying application code, and optimizing performance. Amazon Bedrock utilizes generative AI to simplify these tasks, significantly reducing manual effort and errors. An example of code conversion from Microsoft SQL Server to PostgreSQL is provided, illustrating how to convert a stored procedure into a PostgreSQL function while generating corresponding test cases. The process involves using the Amazon Bedrock chat interface to submit prompts for conversion and validation. To support the migration, table creation scripts for the Employees and SalaryUpdateLog tables are included, along with test data that covers various employee scenarios. This data allows for comprehensive testing of the converted function, ensuring it correctly applies salary updates based on specified criteria.

AppWizard

June 2, 2025

Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

On May 30, 2025, CERT Polska disclosed three security vulnerabilities affecting preinstalled Android applications on Ulefone and Krüger&Matz smartphones: CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917. - CVE-2024-13915: The com.pri.factorytest application allows any app to invoke the FactoryResetService, enabling unauthorized factory resets due to improper export controls (CWE-926). - CVE-2024-13916: The com.pri.applock application exposes a public method that allows malicious apps to steal the user’s PIN, representing an exposure of sensitive system information (CWE-497). - CVE-2024-13917: The exported activity in com.pri.applock allows privilege escalation by enabling malicious apps to inject intents with system-level privileges if they have access to the compromised PIN (CWE-926). Users of affected devices are advised to seek firmware updates or mitigations from their vendors.

Tech Optimizer

June 1, 2025

Supercharging vector search performance and relevance with pgvector 0.8.0 on Amazon Aurora PostgreSQL

The Amazon Aurora PostgreSQL-Compatible Edition has integrated support for pgvector 0.8.0, enhancing vector search capabilities significantly. This version achieves up to 9x faster query processing and delivers 100x more relevant search results compared to previous iterations. Key improvements in pgvector 0.8.0 include: - Up to 5.7x improvement in query performance for specific patterns. - Introduction of the iterative_scan feature, enhancing recall for filter queries requiring approximate nearest neighbor (ANN) index searches. - Improved cost estimation for more efficient query planning, allowing the selection of traditional indexes for complex filtered searches. - Flexible performance tuning with two modes for iterative_scan: relaxed_order and strict_order. Previous versions faced challenges with overfiltering, where combining vector similarity search with traditional SQL filters resulted in fewer results than expected. The HNSW indexing algorithm accelerates vector similarity searches by creating a multi-layered graph structure for efficient navigation. Iterative index scans in pgvector 0.8.0 improve query reliability and performance by applying filters during the scanning process, reducing false negatives and enhancing performance. The configuration options for iterative scanning include off, strict_order, and relaxed_order, with relaxed_order providing the best balance between performance and accuracy. In performance tests, pgvector 0.8.0 demonstrated substantial improvements across various query patterns, with significant enhancements in result completeness and recall. The database can now efficiently handle enterprise-scale applications, such as e-commerce and recommendation systems, with high performance and result quality even as product catalogs expand. Best practices for deploying pgvector 0.8.0 include using HNSW with recommended parameters, creating additional indexes on commonly filtered metadata columns, and tuning query parameters based on specific use cases. Operational best practices involve using Graviton4-based instances for optimal performance, monitoring and tuning slow vector queries, and considering partitioning for very large tables.