Check out this $800 rotating VR chair for Meta Quest

by with No Comment Tech

Image Credits: Roto VR

VR locomotion is a hard problem that has produced all sorts of interesting peripherals, from the Virtuix Omni treadmill to the 3DRudder footboard. There’s been a ceiling on success for these sorts of devices, owing to things like price, size and limited adoption of VR headsets.

London-based Roto VR is delivering its own solution to the problem of moving in VR in the form of a $799 spinning gaming chair. It’s the first of its kind to boast a “Made for Meta” seal of approval.

The system is designed to address issues around 360-degree viewing in the VR space. Roto also claims that the system helps address the very real (trust me) issue of virtual reality motion sickness. Presumably since the motion of the chair is synced with what your eyes see, you’re less likely to get the kind of nausea that stems from a brain-body disconnect.

The Roto VR Explorer looks like a fairly standard wheeled swivel chair, aside from the tiered back support and a massive base that looks a bit like a compass. In this case, the footrest serves as the needle. The system sports haptic feedback for an added sense of immersion, and Roto will be offering modular accessories to go with some of the 400-odd games the system is compatible with.

Screenshot
Image Credits: Roto VR

Roto was founded nearly a decade ago. Per the company’s LinkedIn page:

Founded in 2015 by UK based tech entrepreneur Elliott Myers, the team at Roto VR is composed of executive leaders in the field of gaming, technology and engineering, with decades of experience in the field. Roto VR is committed to innovating in the field of VR, elevating the experience through advanced and affordable technology designed to bring virtual worlds to life like never before.

The VR Explorer is up for preorder today, with an expected shipping window of October 2024.

Check out this $800 rotating VR chair for Meta Quest

by with No Comment Tech

Image Credits: Roto VR

VR locomotion is a hard problem that has produced all sort of interesting peripherals, from the Virtuix Omni treadmill to the 3DRudder footboard. There’s been a ceiling on success for these sorts of devices, owing to things like price, size and limited adoption of VR headsets.

London-based Roto VR is delivering its own solution to the problem of moving in VR in the form of a $799 spinning gaming chair. It’s the first of its kind to boast a “Made for Meta” seal of approval.

The system is designed to address issues around 360-degree viewing in the VR space. Roto also claims that the system helps address the very real (trust me) issue of virtual reality motion sickness. Presumably since the motion of the chair is synced with what your eyes see, you’re less likely to get the kind of nausea that stems from a brain-body disconnect.

The Roto VR Explorer looks like a fairly standard wheeled swivel chair, aside from the tiered back support and a massive base that looks a bit like a compass. In this case, the footrest rest serves as the needle. The system sports haptic feedback for an added since of immersion, and Roto will be offering modular accessories to go with some of the 400-odd games the system is compatible with.

Screenshot
Image Credits: Roto VR

Roto was founded nearly a decade ago. Per the company’s LinkedIn page:

Founded in 2015 by UK based tech entrepreneur Elliott Myers, the team at Roto VR is composed of executive leaders in the field of gaming, technology and engineering, with decades of experience in the field. Roto VR is committed to innovating in the field of VR, elevating the experience through advanced and affordable technology designed to bring virtual worlds to life like never before.

The VR Explorer is up for preorder today, with an expected shipping window of October 2024.

Zero-day flaw in Check Point VPNs is 'extremely easy' to exploit

by with No Comment Tech

a photo of a single open door in a panel of closed doors

Image Credits: Westend61 / Getty Images

Cybersecurity company Check Point says attackers are exploiting a zero-day vulnerability in its enterprise VPN products to break into the corporate networks of its customers. 

The technology maker hasn’t said yet who is responsible for the cyberattacks or how many of its customers are affected by intrusions linked to the vulnerability, which security researchers say is “extremely easy” to exploit.

In a blog post this week, Check Point said the vulnerability in its Quantum network security devices allows for a remote attacker to obtain sensitive credentials from an affected device, which can grant the attackers access to the victim’s wider network. Check Point said attackers began exploiting the bug around April 30. A zero day bug is when a vendor has no time to fix the bug before it is exploited.

The company urged customers to install patches to remediate the flaw.

Check Point has over 100,000 customers, according to its website. A spokesperson for Check Point did not return a request for comment asking how many of its customers are affected by the exploitation.

Check Point is the latest security company in recent months to disclose a security vulnerability in its security products, the very technologies that are designed to protect companies from cyberattacks and digital intrusions.

These network security devices sit on the edge of a company’s network and serve as digital gatekeepers for which users are allowed in, but have a tendency to contain security flaws that can in some cases easily skirt their security defenses and lead to compromise of the customer’s network.

Several other enterprise and security vendors, including Ivanti, ConnectWise, and Palo Alto Networks, have in recent months rushed to fix flaws in their enterprise-grade security products that malicious attackers have exploited to compromise customer networks to steal data. All of the bugs in question are high severity in nature, in large part due to how easy they were to exploit.

In the case of Check Point’s vulnerability, security research firm watchTowr Labs said in its analysis of the vulnerability that the bug was “extremely easy” to exploit once it had been located.

The bug, which watchTowr Labs described as a path-traversal vulnerability, means it’s possible for an attacker to remotely trick an affected Check Point device into returning files that should have been protected and off-limits, such as the passwords for accessing the root-level operating system of the device.

“This is much more powerful than the vendor advisory seems to imply,” said watchTowr Labs researcher Aliz Hammond.

U.S. cybersecurity agency CISA said it added the Check Point vulnerability to its public catalog of known-exploited vulnerabilities. In brief remarks, the government cyber agency said that the vulnerability in question is often used by malicious cyber actors, and that these kinds of flaws pose “significant risks to the federal enterprise.”

Daily commuters of Delhi Metro are seen coming out of Metro station, on a raised walkway

India will fact-check online posts about government matters

by with No Comment Tech

Daily commuters of Delhi Metro are seen coming out of Metro station, on a raised walkway

Image Credits: Mayank Makhija / NurPhoto / Getty Images

Updated at 1.30pm IST, March 21: India’s Supreme Court has put the gazette notification on hold until petitions challenging it have been resolved.

In India, a government-run agency will now monitor and undertake fact-checking for government related matters on social media even as tech giants expressed grave concerns about it last year.

The Ministry of Electronics and IT on Wednesday wrote in a gazette notification that it is amending the IT Rules 2021 to cement into law the proposal to make the fact checking unit of Press Information Bureau the dedicated arbiter of truth for New Delhi matters.

Tech companies as well as other firms that serve more than 5 million users in India will be required to “make reasonable efforts” to not display, store, transmit or otherwise share information that deceives or misleads users about matters pertaining to the government, the IT ministry said.

India’s move comes just weeks ahead of the general elections in the country.

“In exercise of the powers conferred by sub-clause (v) of clause (b) of sub-rule (1) of rule 3 of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, the Central Government hereby notifies the Fact Check Unit under the Press Information Bureau of the Ministry of Information and Broadcasting as the fact check unit of the Central Government for the purposes of the said sub-clause, in respect of any business of the Central Government,” the gazette notification said.

The Ministry of Information and Broadcast established the fact-checking unit of Press Information Bureau in 2019 with the aim to dispel misinformation about government matters. The unit, however, has been criticized for falsely labeling information critical to the government as misleading.

Relying on a government agency such as the Press Information Bureau as the sole source to fact-check government business without giving it a clear definition or providing clear checks and balances “may lead to misuse during implementation of the law, which will profoundly infringe on press freedom,” Asia Internet Coalition, an industry group that represents Meta, Amazon, Google and Apple, cautioned last year.

The Editors Guild of India and comedian Kunal Kamra recently legally challenged New Delhi from moving ahead with the proposal. In a petition, Kamra cautioned that New Delhi’s move could create an environment that forces social media firms to welcome “a regime of self- interested censorship.”

Rajeev Chandrasekhar, Indian minister of state for IT, assured last year that the then-proposal wasn’t designed to censor journalism.

an illustration of a passport

Hackers are threatening to leak World-Check, a huge sanctions and financial crimes watchlist

by with No Comment Tech

an illustration of a passport

Image Credits: Bryce Durbin / TechCrunch

A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime.

The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online.

World-Check is a screening database used for “know your customer” checks (or KYC), allowing companies to determine if prospective customers are high risk or potential criminals, such as people with links to money laundering or who are under government sanctions. The hackers told TechCrunch that they stole the data from a Singapore-based firm with access to the World-Check database, but did not name the firm.

A portion of the stolen data, which the hackers shared with TechCrunch, includes individuals who were sanctioned as recently as this year.

Simon Henrick, a spokesperson for the London Stock Exchange Group, which maintains the database, told TechCrunch: “This was not a security breach of LSEG/our systems. The incident involves a third party’s data set, which includes a copy of the World-Check data file. This was illegally obtained from the third party’s system. We are liaising with the affected third party, to ensure our data is protected and ensuring that any appropriate authorities are notified.”

LSEG did not name the third-party company, but did not dispute the amount of data stolen.

The portion of stolen data seen by TechCrunch contains records on thousands of people, including current and former government officials, diplomats, and private companies whose leaders are considered “politically exposed people,” who are at a higher risk of involvement in corruption or bribery. The list also contains individuals accused of involvement in organized crime, suspected terrorists, intelligence operatives and a European spyware vendor.

The data varies by record. The database contains names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers, and more.

World-Check is currently owned by the London Stock Exchange Group following a $27 billion deal to buy financial data provider Refinitiv in 2021. LSEG collects information from public sources, including sanctions lists, government sources and news outlets, then provides the database as a subscription to companies for conducting customer due diligence.

But privately run databases, like World-Check, are known to contain errors that can affect entirely innocent people with no nexus or connection to crime but whose information is stored in these databases.

In 2016, an older copy of the World-Check database leaked online following a security lapse at a third-party company with access to the data, including a former advisor to the U.K. government that World-Check had applied a “terrorism” label to his name. Banking giant HSBC shut down bank accounts belonging to several prominent British Muslims after the World-Check database branded them with “terrorism” tags.

A spokesperson for the U.K.’s data protection authority, the Information Commissioner’s Office, did not immediately comment on the breach.

To contact this reporter, get in touch on Signal and WhatsApp at +1 646-755-8849, or by email. You can also send files and documents via SecureDrop.