37% of Android phones have hidden monitoring hazards; Xiaomi sues bloggers for a claim of 1 million and is rejected; PHP 8.1.0 is released | SiFu Weekly

40s News Express

• Vulnerabilities in MediaTek chip firmware exposed: 37% of Android phones have hidden dangers of monitoring users
• The founder of Renren Film and Television Subtitling Group was sentenced, the official Wei said: App can be deleted, it is impossible to restart
• Tencent responds to "Tencent Cloud database leak" rumors: rumors
• Apple abuses nondisclosure agreements to suppress employees
• There are more than 4,400 applications for Metaverse related trademarks
• The next generation AMD CPU or will have 12 CCDs
• Firefox password manager will stop supporting in December
• The iPhone 13 series no longer supports China Telecom's 2G/3G network
• Microsoft Windows 11 does not support Apple chips
• Xiaomi sues digital bloggers for 1 million claims and is dismissed
• IntelliJ IDEA 2021.3 RC released
• Django 4.0 RC1 released
• VirtualBox 6.1.30 released
• PHP 8.1.0 is officially released
• Python 3.9.9 released

Industry Information

Vulnerabilities in MediaTek chip firmware exposed: 37% of Android phones have hidden dangers of monitoring users

Security vendor Check Point stated that the company obtained the controls of MediaTek chip from a Redmi Note 9 5G phone running Android 11 and equipped with Dimensity 800U chip, and found a security vulnerability in the system-on-chip audio processing firmware designed by MediaTek. , Malicious applications can secretly turn the user’s phone into a monitoring tool. Check Point estimates that 37% of smartphones worldwide have this vulnerability. MediaTek believes that these security vulnerabilities have not been exploited by hackers, and have released patches to mobile phone manufacturers.

The founder of Renren Film and Television Subtitling Group was sentenced, the official Wei said: App can be deleted, it is impossible to restart

On November 22, the Shanghai Third Intermediate People’s Court opened a trial to the defendant Liang Yongping who was prosecuted by the Third Branch of the Shanghai People’s Procuratorate on suspicion of copyright infringement, and made a first-instance verdict and sentenced the defendant for copyright infringement. Liang Yongping was imprisoned for three years and six months, and was fined RMB 1.5 million; the illegal gains were recovered, and his property used for crimes was seized and confiscated.

Regarding the arrest of the founder, Renren Film and Television Official Wei @人人电影传说Share stated, "I still admit it, Renren Film and Television can no longer be restored or restarted. The body of the App can be deleted. We can't solve it. Copyright issues."

Renren Film and Television also stated that the wages of the programmers involved in the case were paid based on their development technology. In Renren Film and Television for more than ten years, many programmers have participated in the development of websites, software for making subtitles, and later apps. This is also income from advertising. The main purpose, but I didn't expect that it would eventually provoke them to commit crimes.

Tencent responds to "Tencent Cloud database leak" rumors: rumors

In the screenshots of related groups, there are such things as “Tencent Cloud Database Leaked”, “The Cyberspace Administration of China has pulled a list of Tencent Cloud’s major customers and is making phone calls one by one for verification.” Tencent officials have responded to rumors such as "retreat" as rumors. At the same time, Tencent stated that the company is continuing to upgrade various measures to protect the rights and interests of users and cooperate with the regulatory authorities to conduct normal compliance inspections.

Apple abuses nondisclosure agreements to suppress employees

A former employee sued Apple, the lawsuit was related to a non-disclosure agreement. Inspired by this prosecution, Washington State is drafting a draft aimed at restricting companies from abusing non-disclosure agreements in office harassment and discrimination claims. Similar legislation has also appeared in California. Washington State Senator Karen Keiser and Representative Liz Berry are drafting the bill.

There are more than 4,400 applications for Metaverse related trademarks

The concept of the near-yen universe continues to be hot. Including Hailan Home, Shuanghui Group, Weilai Automobile and other companies applied for the registration of trademarks such as "Hailan Home Yuan Universe", "Original Universe" and "Wei Lai Yuan Universe". As of November 17, the number of "Meta Universe" related trademark applications exceeded 4,400, of which more than 3,000 are currently in the status of "waiting for substantive examination." More than 700 companies have applied for Metaverse-related trademarks, covering all areas of clothing, food, housing and transportation.

The next generation AMD CPU or will have 12 CCDs

The latest patch of the Linux kernel shows that the next generation of Gen AMD ZEN processors will have up to 12 CCDs (core-complex die). The patch clearly stated that the newer AMD series 19h models 10H-1FH and A0H-AFH can support up to 12 CCDs. The k10temp Linux driver currently used to monitor the temperature of AMD processors can handle up to 8 CCDs.

Firefox Password Manager will stop supporting in December

Firefox browser development company Mozilla recently announced that it will end support for the Firefox Lockwise application on Android and iOS starting on December 13, 2021. At that time, users cannot download and install Firefox Lockwise from the App Store or Google Play Store. iOS version 1.8.1 and Android version 4.0.3 will be the last version of Firefox Lockwise. It is worth noting that although the application can continue to work on the user's device, it no longer receives support and security updates.

The iPhone 13 series no longer supports China Telecom's 2G/3G network

Apple’s official website shows that the iPhone 13 series does not support China Telecom’s 2G/3G network, while China Mobile and China Unicom will not be affected. According to people familiar with the matter, China Telecom requires that from 2020, all 5G terminals are not allowed to have CDMA frequency bands and standards, and at the same time, VoLTE switches are not allowed. If CDMA frequency bands and standards have been reported, the time schedule needs to be clearly removed, and the final network access card and model number The approval certificate does not allow CDMA frequency bands and standards.

Microsoft Windows 11 does not support Apple chips

According to foreign media reports, Microsoft refuses to provide Windows 11 systems for Apple M1 series chip computers based on Arm architecture because it has signed a secret exclusive agreement with Qualcomm. Windows systems based on Arm architecture are only available on devices equipped with Qualcomm chips. Now, the only way to run Windows on the M1 mac is to use a virtual machine.

Xiaomi sues digital bloggers for 1 million claims and is dismissed

Recently, the first-instance verdict on the reputation rights dispute between Xiaomi and the blogger "Dragon Er Pro" was made public. According to the Qicha App, the plaintiff, Xiaomi, claimed that the defendant had repeatedly maliciously published false content, such as content related to the burning of Xiaomi TV and poor mobile phone performance, and claimed for 1 million yuan. The court held that the content posted by the blogger was not subjectively negligent and did not constitute an infringement of the reputation of Xiaomi Technology Company. However, the blogger should objectively display different views when publishing articles in the future. The verdict was that Xiaomi’s litigation request was rejected.

The latest technology trends

IntelliJ IDEA 2021.3 RC released

IntelliJ IDEA 2021.3 RC is now released.

main update content

• Support remote development (Beta), this function allows software engineers to connect to the remote computer running the IDE backend, and process the project at that end as if they were on the local machine;
• Troubleshoot IDE problems, view new and faster ways to diagnose and fix IDE problems;
• Kotlin debugger update;
• Two notable updates have been made for debugging Kotlin code: Smart Step Into action and inline stack frame

Django 4.0 RC1 released

The first RC version of Django 4.0 has been released. According to the official announcement, if no major errors that cannot be resolved are found in the next two weeks, the official version will be launched around December 6.

main update content

• The default time zone implements zoneinfo;
• Support Python 3.8, 3.9 and 3.10;
• The Django 3.2.x series is the last version that supports Python 3.6 and 3.7;
• The new password hash function scrypt is introduced, but OpenSSL 1.1 + is not enabled by default because of the need for more memory.

VirtualBox 6.1.30 released

VirtualBox 6.1.30 is officially released, VirtualBox is a powerful virtual machine software.

main update content

• Fixed the regression problem of version 6.1.28, that is, when using Hyper-V mode on Windows 10, the virtual machine cannot be started;
• Fixed the problem that the wizard cannot be completed for the first time after browsing the external mirror;
• Fixed a crash when browsing external mirrors from the first run wizard on macOS Big Sur;
• Fixed the problem of not being able to save the screenshots taken in a folder with a local name on Windows.

PHP 8.1.0 is officially released

PHP 8.1.0 has been released, and this version brings many improvements and new features.

main update content

• Use enumerations instead of a set of constants and verify them immediately;
• Read-only properties cannot be changed after initialization, and PHP now supports unpacking arrays with string keys

In addition, PHP 8.1 has some changes in performance:

• Fast class name resolution (avoid lowercase and hash lookup);
• timelib and ext/date performance improvements;
• SPL file system iterator improvements, etc.

Python 3.9.9 released

The Python 3.9.9 hotfix update was released last week. This version is the eighth maintenance version of the 3.9 series. Compared to 3.9.8, there are only three other bug fixes in this version.

This update fixes an argparse error, which caused a regression when processing the default parameters of the sub-parser, making the leaf-level parameters take precedence over the root-level parameters; in importlib.metadata, fix the distribution discovery of empty paths (distribution discovery). )Wait.