posted 14 days ago on slashdot
Hamsterdan notes that Apple has posted an update to its investigation into the recently celebrity photo leak, which was attributed to a breach of iCloud. Apple says the leak was not due to any flaw in iCloud or Find My iPhone, but rather the result of "a targeted attack on user names, passwords and security questions." Despite this, Wired reports that hackers on an anonymous web board have been openly discussing a piece of software designed for use by law enforcement. Whether it was involved in the celebrity attacks or not, it's currently being used to impersonate a user's device in order to download iCloud backups. "For Apple, the use of government forensic tools by criminal hackers raises questions about how cooperative it may be with Elcomsoft. The Russian company’s tool, as Zdziarski describes it, doesn't depend on any 'backdoor' agreement with Apple and instead required Elcomsoft to fully reverse engineer Apple’s protocol for communicating between iCloud and its iOS devices. But Zdziarski argues that Apple could still have done more to make that reverse engineering more difficult or impossible." Meanwhile, Nik Cubrilovic has waded into the data leak subculture that led to this incident and provides insight into the tech and the thinking behind it.

Read More...
posted 14 days ago on slashdot
Czech37 writes SELinux lead Dan Walsh wrote last month that Docker "containers do not contain" and that the host system isn't completely protected. Today, Walsh details the steps that Docker, Red Hat, and the open source community are taking to make Docker more secure: "Basically, we want to put in as many security barriers to break out as possible. If a privileged process can break out of one containment tool, we want to block them with the next. With Docker, we are want to take advantage of as many security components of Linux as possible. If "Docker" isn't a familiar word, the project's website is informative; the very short version is that it's a Linux-based "open platform for developers and sysadmins to build, ship, and run distributed applications"; Wikipedia has a good explanation, too.

Read More...
posted 14 days ago on slashdot
Bennett Haselton writes: I would be in favor of a regulation requiring cell phone stores to have replacement phones on hand, for any phone model covered by a customer's insurance policy. Then customers who have insurance protection on their phones could get the damaged phones replaced instantly, and the replacement phones that are normally mailed out by overnight mail to customers under their protection plan, could instead be mailed to the stores to replace the one they just gave out to the customer. Read on for the rest of Bennett's thoughts

Read More...
posted 14 days ago on slashdot
Randy Davis sends analysis of Amazon's acquisition of Twitch.tv, a move that indicates higher ambitions than simply another avenue for putting products in front of consumers. The Daily Herald think this is a sign Amazon is bulking up for a fight with cable companies, strengthening is bargaining position for getting (and maintaining) access to subscribers. "There are very few places in the U.S. where these four giant carriers allow independent networks carrying traffic from the data centers run by Amazon (and future Twitch.tv successors) to put that data on the carriers' controlled networks." A related article at the NY Times argues Amazon is "betting on content," not wanting to fall behind the surge of new media productions from companies like Netflix. "There is a huge land grab for nontraditional models of programming. DreamWorks Animation bought AwesomenessTV, a popular YouTube channel, last year, and in March, Disney snatched up Maker Studios, a video supplier for YouTube, while Peter Chernin, formerly president of News Corporation, has invested in Crunchyroll, a streaming hub of anime. All of these deals are about content, but they are also a hedge, a way of exploring other production protocols that don’t involve prominent stars, agents and expensive producers." A different piece at The Motley Fool takes the acquisition as confirmation Amazon is developing its own ad network.

Read More...
posted 14 days ago on slashdot
jfruh writes A U.S. appeals court cleared Yelp of charges of extortion related to its interaction with several small businesses who claim Yelp demanded that they pay for advertising or face negative reviews. While Yelp says it never altered a business rating for money, the court's finding was instead based on a strict reading of the U.S. extortion law, classifying Yelp's behavior as, at most, "hard bargaining." Interestingly, the EFF supported Yelp here, arguing that "Section 230 of the Communications Decency Act (CDA) protects online service providers from liability and lawsuits over user-generated content, except in very narrow circumstances where the providers created or developed content themselves. In its amicus brief, EFF argued that mere conjecture about contributing content – like there was in this case – is not enough to allow a lawsuit to go forward."

Read More...
posted 14 days ago on slashdot
An anonymous reader writes The Google Quantum AI Team has announced that they're bringing in a team from the University of California at Santa Barbara to build quantum information processors within the company. "With an integrated hardware group the Quantum AI team will now be able to implement and test new designs for quantum optimization and inference processors based on recent theoretical insights as well as our learnings from the D-Wave quantum annealing architecture." Google will continue to work with D-Wave, but the UC Santa Barbara group brings its own areas of expertise with superconducting qubit arrays.

Read More...
posted 14 days ago on slashdot
An anonymous reader writes "Moon+ Pro Reader, FBReader, Kindle, you name it--many popular Android e-book apps can run on a smartphone available for $20 and shipping. The trick is to respect the device's limits and keep down the number of apps you install. This fun isn't for eager multitaskers. On the bright side, the $20 phone can do Acapela TTS, includes a 4GB memory card and works with cards of up to 32GB--easily enough for scads of pre-loaded books. Plus, the WiFi is great. And the screen of 3.2 inches isn't that much smaller than the 3.5 inchers on the older iPads. What could cell phone e-reading mean in the many "book deserts" of the U.S.? And how about the U.K. where miserly pols are closing libraries even though the Guardian says "a third of UK children do not own a single book and three-quarters claim never to read outside school"? The smartphone post on the LibraryCity site tells how librarians and others could start "cell phone book clubs" to promote the discovery and absorption of books as well as smarter use of technology."

Read More...
posted 15 days ago on slashdot
Trachman writes: Popular Science magazine recently published an article about a network of cell towers owned not by telecommunication companies but by unknown third parties. Many of them are built around U.S. military bases. "Interceptors vary widely in expense and sophistication – but in a nutshell, they are radio-equipped computers with software that can use arcane cellular network protocols and defeat the onboard encryption. ... Some interceptors are limited, only able to passively listen to either outgoing or incoming calls. But full-featured devices like the VME Dominator, available only to government agencies, can not only capture calls and texts, but even actively control the phone, sending out spoof texts, for example."

Read More...
posted 15 days ago on slashdot
Rambo Tribble writes: In an apparent move to push those using older browsers to update, Google is reported to be serving outdated search pages to said browsers. The older pages lack features available on the newer versions, and this policy compounds with the limits announced in 2011 on Gmail support for older web clients. As a Google engineer put it, "We're continually making improvements to Search, so we can only provide limited support for some outdated browsers." The BBC offers a fairly comprehensive analysis.

Read More...
posted 15 days ago on slashdot
snydeq writes: Ultimately, the schism over systemd could lead to a separation of desktop and server distros, or Linux server admins moving to FreeBSD, writes Deep End's Paul Venezia. "Although there are those who think the systemd debate has been decided in favor of systemd, the exceedingly loud protests on message boards, forums, and the posts I wrote over the past two weeks would indicate otherwise. I've seen many declarations of victory for systemd, now that Red Hat has forced it into the enterprise with the release of RHEL 7. I don't think it's that easy. ... Go ahead, kids, spackle over all of that unsightly runlevel stuff. Paint over init and cron, pam and login. Put all of that into PID1 along with dbus. Make it all pretty and whisper sweet nothings about how it's all taken care of and you won't have to read a manual or learn any silly command-line stuff. Tune your distribution for desktop workloads. Go reinvent Windows."

Read More...
posted 15 days ago on slashdot
criticalmass24 sends news that multiple banks are indicating Home Depot stores are the source of a new batch of stolen credit cards and debit cards that hit the black market today. "There are signs that the perpetrators of this apparent breach may be the same group of Russian and Ukrainian hackers responsible for the data breaches at Target, Sally Beauty and P.F. Chang’s, among others. The banks contacted by this reporter all purchased their customers’ cards from the same underground store – rescator[dot]cc — which on Sept. 2 moved two massive new batches of stolen cards onto the market." Home Depot is aware of the situation, and says they're investigating. The banks say this breach may have begun as early as April or May of this year and may extend to all 2,200 of Home Depot's U.S. stores.

Read More...
posted 15 days ago on slashdot
nerdyalien writes: At some point, haven't all web developers spent an unjustifiable number of hours trying to optimize a desktop site for mobile devices? Responsive web design provides a solution: "develop once, works in every device." However, still it downloads multi-MB images and re-sizes them based on device screen resolution. Retrieving optimized images from the server, based on device (desktop, tablet, phone) and the device's internet connection (fiber, broadband, mobile), has always been an open problem. Recently, a number of freelance developers are tackling this with a new HTML element, , which informs the web browser to download optimized images from the server. The tag will be featured in Chrome and Firefox later this year. Will this finally deliver us faster web browsing on mobile devices and an easier web development experience?

Read More...
posted 15 days ago on slashdot
An anonymous reader writes: At the upcoming NATO meeting, according to the NY Times, the 28 member states are expected to ratify "a far-reaching change in the organization's mission of collective defense: For the first time, a cyberattack on any of the 28 NATO nations could be declared an attack on all of them, much like a ground invasion or an airborne bombing." A former NATO ambassador describes NATO's technological capability as "pretty basic" and suggests any counter-cyberattacks would likely be lodged by member states (meaning the U.S. and maybe Britain). He opines, "It's a measure of how far we've come on this issue that there's now a consensus that a cyberattack could be as devastating as any other kind of attack, maybe even more so." Helpfully, the agreement avoids defining what sort of "cyberattack" would warrant an armed response. The Times describes the agreement as "deliberately unclear."

Read More...
posted 15 days ago on slashdot
New submitter Shadow99_1 writes I used to do a lot of video editing (a few years ago, at an earlier job) and at that time I used Adobe Premiere. Now a few years later I'm looking to start doing some video editing for my own personal use, but I have a limited budget that pretty well excludes even thinking about buying a copy of Adobe Premiere. So I ask slashdot: What is the state of free (as in beer or as in open source) video editing tools? In my case... I support a windows environment at work and so it's primarily what I use at home. I am also using a camcorder that uses flash cards to record onto, so for me I need a platform that supports reading flash cards. So that is my focus but feel free to discuss video editing on all platforms. I've been looking forward to the Kickstarted upgrade to OpenShot; based on the project's latest update, early versions of an installer should start appearing soon. Video editing is a big endeavor, though, and ambitious announcements and slipped schedules both seem to be the norm: an open-source version of Lightworks was announced back in 2010. Some lighter open-source options include Pitivi (raising funds to get to version 1.0) and Kdenlive, also in active development (most recent release was in mid-May). Pitiviti's site links to a sobering illustration about many of the shorter- and longer-lived projects in this area.

Read More...
posted 15 days ago on slashdot
An anonymous reader writes Following the blocking of Uber in Berlin, DE, the district court of Frankfurt/Main has issued a restraining order for Uber services all over Germany (German original). The district court is alleging "uncompetitive behavior" (Unlauteres Wettbewerbsverhalten) on Uber's part, and has proclaimed that not following the restraining order will result in a fine of €250.000 or imprisonment. This ruling is related to the German "Personenbeförderungsgesetz" and is outlining that no legal entity (person, enterprise) is allowed to transfer passengers without having passed the relevant tests and having the appropriate insurance coverage.

Read More...
posted 15 days ago on slashdot
theodp (442580) writes "Under the leadership of Code.org, explained the ACM, it joined CSTA, NCWIT, NSF, Microsoft and Google in an effort "to reshape the U.S. education system," including passing a federal law making Computer Science a "core subject" in schools. If you're curious about whose money helped fuel the effort, Code.org's Donors page now lists those who gave $25,000+ to $3,000,000+ to the K-12 CS cause (the nonprofit plans to raise $20-30 million for 2015-16 operations). Microsoft is at the top of the list as a Platinum Supporter ($3,000,000+), while Bill Gates is Gold ($1,000,000+), and Steve Ballmer is Silver ($500,000+). Interestingly, six of Code.org's ten biggest donors are also Founders of Mark Zuckerberg's FWD.us tech immigration reform PAC."

Read More...
posted 15 days ago on slashdot
An anonymous reader writes A 23-year-old teacher at a Cambridge, Md. middle school has been placed on leave and—in the words of a local news report — "taken in for an emergency medical evaluation" for publishing, under a pseudonym, a novel about a school shooting. The novelist, Patrick McLaw, an eighth-grade language-arts teacher at the Mace's Lane Middle School, was placed on leave by the Dorchester County Board of Education, and is being investigated by the Dorchester County Sheriff's Office, according to news reports from Maryland's Eastern Shore. The novel, by the way, is set 900 years in the future."

Read More...
posted 15 days ago on slashdot
mrspoonsi writes One of the great mysteries of the App Store is why certain apps get rejected and why others don't. Apple has let a surprising number of ripoffs and clones through the store's iron gates, yet some developers face rejection for seemingly innocent apps. "Before you develop your app, it's important to become familiar with the technical, content, and design criteria that we use to review all apps," explains Apple on a new webpage called "Common App Rejections." Rejections include: Apple and our customers place a high value on simple, refined, creative, well thought through interfaces. They take more work but are worth it. Apple sets a high bar. If your user interface is complex or less than very good, it may be rejected; Apps that contain false, fraudulent or misleading representations or use names or icons similar to other Apps will be rejected.

Read More...
posted 15 days ago on slashdot
Vigile (99919) writes AMD looks to continue addressing the mainstream PC enthusiast and gamer with a set of releases into two different component categories. First, today marks the launch of the Radeon R9 285 graphics card, a $250 option based on a brand new piece of silicon dubbed Tonga. This GPU has nearly identical performance to the R9 280 that came before it, but includes support for XDMA PCIe CrossFire, TrueAudio DSP technology and is FreeSync capable (AMD's response to NVIDIA G-Sync). On the CPU side AMD has refreshed its FX product line with three new models (FX-8370, FX-8370e and FX-8320e) with lower TDPs and supposedly better efficiency. The problem of course is that while Intel is already sampling 14nm parts these Vishera-based CPUs continue to be manufactured on GlobalFoundries' 32nm process. The result is less than expected performance boosts and efficiency gains.

Read More...
posted 15 days ago on slashdot
An anonymous reader writes: The NY Times reports on a new study (abstract) showing that low-carb diets have better health benefits than low-fat diets in a test without calorie restrictions. "By the end of the yearlong trial, people in the low-carbohydrate group had lost about eight pounds more on average than those in the low-fat group. They had significantly greater reductions in body fat than the low-fat group, and improvements in lean muscle mass — even though neither group changed their levels of physical activity. While the low-fat group did lose weight, they appeared to lose more muscle than fat. They actually lost lean muscle mass, which is a bad thing,' Dr. Mozaffarian said. 'Your balance of lean mass versus fat mass is much more important than weight. And that's a very important finding that shows why the low-carb, high-fat group did so metabolically well.' ... In the end, people in the low-carbohydrate group saw markers of inflammation and triglycerides — a type of fat that circulates in the blood — plunge. Their HDL, the so-called good cholesterol, rose more sharply than it did for people in the low-fat group. Blood pressure, total cholesterol and LDL, the so-called bad cholesterol, stayed about the same for people in each group."

Read More...
posted 15 days ago on slashdot
An anonymous reader writes with news of a study that suggests an engraving in Gorham's Cave in Gibraltar was made by Neanderthals more than 39,000 years ago. Belying their reputation as the dumb cousins of early modern humans, Neanderthals created cave art, an activity regarded as a major cognitive step in the evolution of humankind, scientists reported on Monday in a paper describing the first discovery of artwork by this extinct species. The discovery is "a major contribution to the redefinition of our perception of Neanderthal culture," said prehistorian William Rendu of the French National Centre for Scientific Research, who was not involved in the work. "It is a new and even stronger evidence of the Neanderthal capacity for developing complex symbolic thought" and "abstract expression," abilities long believed exclusive to early modern humans.

Read More...
posted 16 days ago on slashdot
mdsolar writes with news about further delays to Finland's Olkiluoto 3 nuclear reactor. "Areva-Siemens, the consortium building Finland's biggest nuclear reactor, said on Monday the start date of the much delayed project will be pushed back to late 2018 — almost a decade later than originally planned. Areva-Siemens blamed disagreements with its client Teollisuuden Voima (TVO) over the plant's automation system, the latest blow for a project that has been hit by repeated delays, soaring costs and disputes. "The delays are because the planning of the plant has taken needlessly long," Jouni Silvennoinen, TVO's project head, told Reuters on Monday. "We haven't examined the supplier's detailed schedules yet, but our preliminary view is that we could do better (than 2018)."

Read More...
posted 16 days ago on slashdot
An anonymous reader writes: A few days ago we talked over some of the difficulties faced by makers of autonomous car software, like dealing with weather, construction, and parking garages. Today, the NY Times has a similar article about delivery drones, examining the safety and regulatory problems that must be solved in addition to getting the basic technology ready. "[R]researchers at NASA are working on ways to manage that menagerie of low-flying aircraft. At NASA's Moffett Field, about four miles from Google's headquarters in Mountain View, Calif., the agency has been developing a drone traffic management program that would in effect be a separate air traffic control system for things that fly low to the ground — around 400 to 500 feet for most drones. Much like the air traffic control system for conventional aircraft, the program would monitor the skies for weather and traffic. Wind is a particular hazard, because drones weigh so little compared with regular planes." Beyond that, the sheer scale of infrastructure necessary to get drone delivery up and running in cities across the U.S. is staggering. Commercial drones aren't going to have much range, particularly when carrying something heavy. They'll be noisy, and the products they're transporting will still need to be relatively close by. What other issues do Amazon, DHL, Google, and other need to solve?

Read More...
posted 16 days ago on slashdot
An anonymous reader writes "Back in August, groups of Russian hackers assembled the biggest list of compromised login credentials ever seen: 1.2 billion accounts. Now, domain registrar Namecheap reports the hackers have begun using the list to try and access accounts. "Overnight, our intrusion detection systems alerted us to a much higher than normal load against our login systems. ... The group behind this is using the stored usernames and passwords to simulate a web browser login through fake browser software. This software simulates the actual login process a user would use if they are using Firefox/Safari/Chrome to access their Namecheap account. The hackers are going through their username/password list and trying each and every one to try and get into Namecheap user accounts." They report that most login attempts are failing, but some are succeeding. Now is a good time to check that none of your important accounts share passwords."

Read More...
posted 16 days ago on slashdot
An anonymous reader writes: Rumors of back door access to Skype have plagued the communication software for the better part of a decade. Even if it's not true, Skype is owned by Microsoft, which is beholden to data requests from law enforcement. Because of these issues, a group of developers started work on Tox, which aims to rebuild the functionality of Skype with an emphasis on privacy. "The main thing the Tox team is trying to do, besides provide encryption, is create a tool that requires no central servers whatsoever—not even ones that you would host yourself. It relies on the same technology that BitTorrent uses to provide direct connections between users, so there's no central hub to snoop on or take down."

Read More...