More stories

  • in

    The default TV setting you should turn off immediately – and why experts recommend it

    Kerry Wan/ZDNETFor many people, motion smoothing on TVs is only appropriate for gaming and watching live sports; enthusiasts typically prefer turning off the feature to watch anything else because it can detract from the filmmaker’s original intent, making on-screen images seem artificial or hyper-realistic. This is what’s called the “soap opera effect.” Also: How to disable ACR on your TV (and why doing so makes such a big difference)It’s a perfectly descriptive metaphor that probably requires no explanation. You can see it all too well: the cinematic film should not look like a daytime soap; you shouldn’t feel like you’re on the set with the actors. But it is appealing to feel like you’re in the stadium watching your team with thousands of fans. The soap opera effect makes sense for live sporting event broadcasts. More

  • in

    Got a new password manager? Don’t leave your old logins exposed in the cloud – do this next

    delmonte1977/Getty Images Every modern web browser has tools for tracking the passwords you use with secure online services. Those features are often turned on by default, which means you probably have a random collection of passwords saved in the cloud along with your bookmarks and settings for your default browser. Also: The best password managers: Expert […] More

  • in

    Kali Linux gets a UI refresh, new tools, and an updated car hacking toolset

    Kali Linux can be daunting because of all the challenging tools. Jack WallenZDNETKali Linux is a widely respected Linux distribution geared toward testing and auditing systems and networks, and the latest release has added more hacking tools, updates, and even a UI refresh.First, the CAN Arsenal was renamed CARsenal, so its purpose is obvious. Not only has CARsenal received a UI update, but there are some new tools added into the mix, such as hlcand (a modified version of slcand for ELM327 usage), VIN Info (for decoding VIN identifiers), CaringCaribou (for providing Linstener, Dump Fizzer, Send, UDS, and XCP modules), and ICSim (provides a simulator for VCAN and for testing the CARsenal toolset without having to use specialized hardware).Also: I found a Linux distro that combines the best parts of other operating systems (and it works)The Kali desktop menu also received a nice refresh by way of organization that better aligns it with the MITRE ATT&CK framework. By doing this, both red (offensive) and blue (defensive) teams are better able to find the tools they need to do their jobs. Kali Linux uses the GNOME desktop, which has been updated to version 48 and includes all the new features found in that release (such as notification stacking, digital wellbeing, improved performance, and HDR support). Along with the GNOME update is a new GNOME VPN IP extension that shows the IP address of your current VPN connection in the top panel and, with a single click, copies the IP address to your clipboard. More

  • in

    Mac Mini won’t power on? Apple will fix it for you – for free

    Michael Gariffo/ZDNETApple has revealed that a small percentage of Mac Mini computers won’t power on. If you’re one of the unlucky owners, don’t worry, as a free fix is afoot. Which models are affected?Published on Friday, a new Apple support article, as spotted by MacRumors, offers the key details. The power issue affects 2023 Mac Mini machines with an M2 chip manufactured from June 16, 2024, to November 23, 2024. Though the company didn’t explain how or why the problem popped up, it did provide the necessary details for getting a malfunctioning system repaired. Also: Why I recommend the M4 Mac Mini to both creatives and business professionals – especially at this price More

  • in

    The cloud broke Thursday and it’ll happen again – how to protect your business before then

    Akaradech Pramoonsin/Getty Images After a rocky Thursday afternoon on the internet, both Google and Cloudflare services appear to be operating normally as of Friday morning. When trouble started, the question wasn’t what’s wrong with what cloud service; it was, what service isn’t down? Also: The best cloud storage services of 2025: Expert tested What happened on […] More

  • in

    Patch your Windows PC now before bootkit malware takes it over – here’s how

    Elyse Betters Picaro / ZDNETWindows users who don’t always install the updates rolled out by Microsoft each month for Patch Tuesday will want to install the ones for June. That’s because the latest round of patches fixes a flaw that could allow an attacker to control your PC through bootkit malware.Designated as CVE-2025-3052, the Secure Boot bypass flaw is a serious one, according to Binarly security researcher Alex Matrosov, who discovered the vulnerability. In a Binarly blog post published Tuesday, he described the problem as a memory corruption issue that exploits Microsoft’s Secure Boot. Also: Massive data breach exposes 184 million passwords for Google, Microsoft, Facebook, and more”Attackers can exploit this vulnerability to run unsigned code during the boot process, effectively bypassing Secure Boot and compromising the system’s chain of trust,” Matrosov said. “Because the attacker’s code executes before the operating system even loads, it opens the door for attackers to install bootkits and undermine OS-level security defenses.” Crafty and dangerous malwareBootkit malware is especially crafty and dangerous. By running before your PC boots up, it’s able to skirt past your usual security protection and evade detection. Plus, such malware can allow attackers to control your PC, infect it with additional malware, or even access your confidential information. The irony here is that Microsoft implemented Secure Boot on Windows PCs specifically to prevent malware from loading during the boot-up process. This security feature has been available on PCs that use Unified Extensible Firmware Interface (UEFI) firmware as a more modern replacement for the older BIOS firmware. Also: Apple, Google, and Microsoft offer free password managers – but should you use them?In this case, however, the flaw lets an attacker bypass Secure Boot by signing a vulnerable UEFI application with Microsoft’s third-party certificates, essentially giving it carte blanche to run. Though the flaw itself has not been exploited in the wild, the vulnerable application has been around since late 2022, and was uploaded to the VirusTotal security site, which is where Matrosov discovered it. More

  • in

    How to remove your personal info from Google Search – it’s quick and easy

    How long does Google take to approve removal requests? When you submit a removal request, Google will send a confirmation email and inform you when the URL is no longer visible in Search. In many cases, this happens within a few minutes to a few days. Also: The best secure browsers for privacy in 2025: Expert testedWhen I tried Google’s removal tool for myself, I found the process simple. I searched for my name, found a site that listed my information, and submitted a removal request. My request was approved four minutes later. “Within a few hours,” Google’s follow-up email explained, “the URL for this result will no longer be visible”. More

  • in

    How to turn on Android’s Private DNS Mode – and why your security depends on it

    Kerry Wan/ZDNETNearly everything you do on your desktop, laptop, phone, and tablet begins with a Domain Name System (DNS) query. Essentially, DNS turns domain names (such as ZDNET.com) into an IP address so web browsers and apps know where to get the information you want. Also: Your Android phone is getting 4 big upgrades for free, thanks to Android 16Without DNS, you’d have to type 34.149.132.124 every time you wanted to go to ZDNET.com or 74.125.21.102 to go to Google.com. Even by simply running a Google search, DNS is at work. The problem is that standard DNS isn’t encrypted, meaning all your queries are sent over the network as plain text.Why is non-encrypted DNS a problem?Let’s say you’re on a public network  — like a coffee shop — and you start searching for things on your Android device. Or maybe you have to access a CMS or another work tool, and you don’t want the public to know the address you’re typing. If someone else is on the same network and has the skills, they could intercept your non-encrypted search queries (or the URLs you visit) and know exactly what you’re looking for.That’s where Private DNS Mode comes into play. Once you enable this feature, all of your DNS queries are encrypted, so bad actors won’t be able to view them (even if they capture those packets). In other words, Private DNS Mode should be an absolute must for anyone who values their privacy and security.Also: I test dozens of Android phones every year: Here’s how the best models stack upBut how do you enable Private DNS Mode on Android? It’s actually pretty simple. Let me show you how.How to enable Private DNS mode on AndroidWhat you’ll need: The only thing you need to enable Private DNS Mode is an Android device running at least Version 9 of the operating system (released in 2018). I’m using a Pixel 9 Pro; pretty much every modern Android phone is capable of enabling Private DNS. More