All the News that Matters

• Fedora 29: kernel-headers Security Update
  `bbLinuxSecurity.com`/bb: The v4.19.15 stable update contains important fixes across the tree

• Fedora 29: kernel Security Update
  `bbLinuxSecurity.com`/bb: The v4.19.15 stable update contains important fixes across the tree

• Fedora 28: kernel-headers Security Update
  `bbLinuxSecurity.com`/bb: The v4.19.15 stable update contains important fixes across the tree

• CentOS: CESA-2019-0059: Important CentOS 7 libvncserver
  `bbLinuxSecurity.com`/bb: Upstream details at : https://access.redhat.com/errata/RHSA-2019:0059

• Ubuntu 3861-2: PolicyKit vulnerability
  `bbLinuxSecurity.com`/bb: PolicyKit could allow unintended access.

• RedHat: RHSA-2019-0085:01 Moderate: pyOpenSSL security and bug fix update
  `bbLinuxSecurity.com`/bb: An update for pyOpenSSL is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• RedHat: RHSA-2019-0082:01 Moderate: python-django security update
  `bbLinuxSecurity.com`/bb: An update for python-django is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• RedHat: RHSA-2019-0081:01 Moderate: openvswitch security and bug fix update
  `bbLinuxSecurity.com`/bb: An update for openvswitch is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• RedHat: RHSA-2019-0094:01 Moderate: redis security update
  `bbLinuxSecurity.com`/bb: An update for redis is now available for Red Hat OpenStack Platform 13.0 (Queens). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• RedHat: RHSA-2019-0053:01 Moderate: openvswitch security and bug fix update
  `bbLinuxSecurity.com`/bb: An update for openvswitch is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• RedHat: RHSA-2019-0052:01 Moderate: redis security update
  `bbLinuxSecurity.com`/bb: An update for redis is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• RedHat: RHSA-2019-0054:01 Moderate: ansible security update
  `bbLinuxSecurity.com`/bb: An update for ansible is now available for Red Hat OpenStack Platform 10.0 (Newton). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

• What’s New in MX Linux 18 Continuum
  MX Linux 18 codename Continuum has been released, this release features Xfce 4.12 as default environment include xfce4 component, based on Debian 9.6 scratch and powered by Linux Kernel 4.19 series, which means that it offers support for the latest hardware components available on the market.

• MongoDB "open-source" Server Side Public License rejected
  Red Hat won[he]#039[/he]t use MongoDB in Red Hat Enterprise Linux or Fedora thanks to MongoDB[he]#039[/he]s new Server Side Public License.

• SUSE Server for Arm Becomes Generally Available
  The SUSE server (SLES) for Arm processors is now available directly from SUSE with a new price structure that counts cores and sockets.

• Bash Shell Utility Reaches 5.0 Milestone
  As we look forward to the release of Linux Kernel 5.0 in the coming weeks, we can enjoy another venerable open source technology reaching the 5.0 milestone: the Bash shell utility. The GNU Project has launched the public version 5.0 of GNU/Linux’s default command language interpreter.

• Why teachers should get out of their comfort zones and into the open
  Through several years of hard work and many iterations, my fellow teachers and I were eventually able to develop a comprehensive, school-wide project-based learning model, where students worked in collaborative teams on projects that made real connections between required curriculum and community-based applications. Doing so gave these students the ability to develop skills they can use for a lifetime...

• How To Install and Configure Redmine on CentOS 7
  Redmine is one of the most popular open source project management and issue tracking software tools. It is cross-platform and cross-database and built on top of the Ruby on Rails framework. In this tutorial we will cover the steps needed to install and configure the latest version of Redmine on an CentOS 7 server using MariaDB as a database back-end and Passenger + Nginx as a Ruby application server.

• Ten Years After - Opening Worlds
  There are still people in the technology field today that consider Linux a "hobbiest" toy. Can a serious student get through 6 years of college with just Linux? Some can, and some cannot. We'll take a look at the latter here.

• Data Types & Data Modelling In MySQL - MySQL Series Part 2
  In this article, we will be learning about the various data types in MySQL and also how data modeling is done. I am assuming you have a working instance of MySQL on your computer. If not, you can read the step by step installation instructions.

• The Evil-Twin Framework: A tool for testing WiFi security
  The increasing number of devices that connect over-the-air to the internet over-the-air and the wide availability of WiFi access points provide many opportunities for attackers to exploit users. By tricking users to connect to rogue access points, hackers gain full control over the users' network connection, which allows them to sniff and alter traffic, redirect users to malicious sites, and launch other attacks over the network..read more

• How to Install Redmine Project Management Software on Ubuntu 18.04 LTS
  Redmine is a free, open source and web-based project management web application that allows users to manage multiple projects and associated subprojects. In this tutorial, we will install Redmine with Apache web server on Ubuntu 18.04 LTS.

• Understanding Load Average on Linux
  Load average is a measurement of the amount of work versus free CPU cycles available on a system processor. In this article I’ll define the term, demonstrate how Linux calculates this value, then provide insight into how to interpret system load.

• Faucet: An open source SDN controller for high-speed production networks
  Thanks to open source software, we can now take control over and modify the behavior of almost every component in an IT system. We can modify everything from the networking stack in the kernel all the way down to web server code in user space to make improvements or implement new features.The final hurdle to having complete control over our hardware and software stack is the physical network hardware. These devices are usually built from the open source tools we love, but they are presented as black boxes that can't easily be modified by network operators.read more

• Deepin Linux 15.9 Released with Support for Touchscreen Gestures, Faster Updates
  Deepin 15.9 was released today two months after the Deepin 15.8 update, adding yet another layer of improvements and performance optimizations, but also a couple of new features for fans of this Linux-based operating system.

• Bash Functions
  A Bash function is essentially a set of commands that can be called numerous times. The purpose of a function is to help you make your bash scripts more readable, and to avoid writing the same code over and over again.

• Using Linux containers to analyze the impact of climate change and soil on New Zealand crops
  New Zealand's economy is dependent on agriculture, a sector that is highly sensitive to climate change. This makes it critical to develop analysis capabilities to assess its impact and investigate possible mitigation and adaptation options. That analysis can be done with tools such as agricultural systems models. In simple terms, it involves creating a model to quantify how a specific crop behaves under certain conditions then simulating altering a few variables to see how that behavior changes.read more

• ffsend: Secure File Share From The Command Line (Firefox Send Client)
  With ffsend you can easily and securely share files from the command line, by making use of a Send, a Firefox test pilot project. Firefox Send is a file sharing experiment by Mozilla, which allows sending encrypted files to other users.

• Bash's Built-in printf Function
  Even if you're already familiar with the printf command, if you got your information via "man printf" you may be missing a couple of useful features that are provided by bash's built-in version of the standard printf(1) command.

• Comparing 3 open source databases: PostgreSQL, MariaDB, and SQLite
  In the world of modern enterprise technologies, open source software has firmly established itself as one of the biggest forces to reckon with. After all, some of the biggest technology developments have emerged because of the open source movement.read more

• Getting started with Emacs Detailed Guide
  This detailed guide will give you enough information to start using Emacs, and enough extra to make you want more.

• Essential System Tools: Krusader – KDE file manager
  This is the latest in our series of articles highlighting essential system tools. These are small, indispensable utilities, useful for system administrators as well as regular users of Linux based systems. The series examines both graphical and text based open source utilities. For this article, we’ll look at Krusader, a free and open source graphical file manager.

• LG Will Launch a Phone With a Second Screen Attachment
  An anonymous reader quotes a report from CNET: LG's next smartphone may have you seeing double. And no, it's not because of a foldable display. The company will launch a smartphone, whose name hasn't been finalized, that will have an option for a second-screen attachment, according to a person familiar with the situation. The attachment, which the person describes as a sort of case with a screen, could potentially double the total screen size of the device. It's one of multiple phones launching at the Mobile World Congress trade show next month, the person said. While the company is mulling the G8 name, it's unclear whether the multiple-screen phone will carry the name of its flagship line. There was some confusion over LG launching a foldable smartphone thanks to a report by Korean-language outlet Naver. But this phone won't fold.
          
  
  Read more of this story at Slashdot.
  

• Elon Musk Wants To Put An AI Hardware Chip In Your Skull
  "iTMunch reports that Elon Musk apparently believes that the human race can only be "saved" by implanting chips into our skulls that make us half human, half artificial intelligence," writes Slashdot reader dryriver. From the report: Elon Musk's main goal, he explains, is to wire a chip into your skull. This chip would give you the digital intelligence needed to progress beyond the limits of our biological intelligence. This would mean a full incorporation of artificial intelligence into our bodies and minds. He argues that without taking this drastic measure, humanity is doomed. There are a lot of ethical questions raised on the topic of what humanity according to Elon Musk exactly is, but he seems undeterred. "My faith in humanity has been a little shaken this year," Musk continues, "but I'm still pro-humanity." The seamless conjunction of humans and computers gives us humans a shot at becoming completely "symbiotic" with artificial intelligence, according to Elon Musk. He argues that humans as a species are all already practically attached to our phones. In a way, this makes us almost cyborg-like. The only difference is that we haven't managed to expand our intelligence to that level. This means that we are not as smart as we could be. The data link that currently exists between the information that we get from our phones or computers is not as fast as it could be. "It will enable anyone who wants to have superhuman cognition," Musk said. "Anyone who wants." As for how much smarter humans will become with these AI chips, Musk writes: "How much smarter are you with a phone or computer or without? You're vastly smarter, actually," Musk said. "You can answer any question pretty much instantly. You can remember flawlessly. Your phone can remember videos (and) pictures perfectly. Your phone is already an extension of you. You're already a cyborg. Most people don't realize you're already a cyborg. It's just that the data rate [...] it's slow, very slow. It's like a tiny straw of information flow between your biological self and your digital self. We need to make that tiny straw like a giant river, a huge, high-bandwidth interface."
          
  
  Read more of this story at Slashdot.
  

• Collection 1 Data Breach Exposes More Than 772 Million Email Addresses
  A collection of almost 773 million unique email addresses and just under 22 million unique passwords were exposed on cloud service MEGA. Security researcher Troy Hunt said the collection of data, dubbed Collection #1, totaled over 12,000 separate files and more than 87GB of data. ZDNet reports: "What I can say is that my own personal data is in there and it's accurate; right email address and a password I used many years ago," Hunt wrote. "In short, if you're in this breach, one or more passwords you've previously used are floating around for others to see." Some passwords, including his own, have been "dehashed", that is converted back to plain text. Hunt said he gained the information after multiple people reached out to him with concerns over the data on MEGA, with the Collection #1 dump also being discussed on a hacking forum. "The post on the forum referenced 'a collection of 2000+ dehashed databases and Combos stored by topic' and provided a directory listing of 2,890 of the files," Hunt wrote.  The collection has since been removed. You can visit Hunt's Have I Been Pwned service to see if you are affected by this breach.
          
  
  Read more of this story at Slashdot.
  

• Fasting Can Improve Overall Health By Causing Circadian Clocks In the Liver and Skeletal Muscle To Rewire Their Metabolism, Study Finds
  An anonymous reader quotes a report from ScienceDaily: In a University of California, Irvine-led study, researchers found evidence that fasting affects circadian clocks in the liver and skeletal muscle, causing them to rewire their metabolism, which can ultimately lead to improved health and protection against aging-associated diseases. The study was published recently in Cell Reports. The research was conducted using mice, which were subjected to 24-hour periods of fasting. While fasting, researchers noted the mice exhibited a reduction in oxygen consumption (VO2), respiratory exchange ratio (RER), and energy expenditure, all of which were completely abolished by refeeding, which parallels results observed in humans.   "The reorganization of gene regulation by fasting could prime the genome to a more permissive state to anticipate upcoming food intake and thereby drive a new rhythmic cycle of gene expression. In other words, fasting is able to essentially reprogram a variety of cellular responses. Therefore, optimal fasting in a timed manner would be strategic to positively affect cellular functions and ultimately benefiting health and protecting against aging-associated diseases." This study opens new avenues of investigation that could ultimately lead to the development of nutritional strategies to improve health in humans.
          
  
  Read more of this story at Slashdot.
  

• Key West Moves To Ban Sunscreens That Could Damage Reefs
  Yesterday, the Key West City Commission unanimously voted to ban the sale of sunscreens that contain two ingredients -- oxybenzone and octinoxate -- that a growing body of scientific evidence says harm coral reefs. The measure must now be reviewed again by the commission before it becomes law. The second vote is scheduled for February 5th. Miami Herald reports: Environmental researchers have published studies showing how these two ingredients, which accumulate in the water from bathers or from wastewater discharges, can damage coral reefs through bleaching and harming the corals' DNA. In some instances, the corals can die. A Feburary 2016 study in the Archives of Environmental Contamination and Toxicology examining the impact of oxybenzone in corals in Hawaii and the U.S. Virgin Islands concluded that the sunscreen ingredient "poses a hazard to coral reef conservation and threatens the resiliency of coral reefs to climate change.''   Last year, Hawaii banned the sale or distribution of any sunscreens containing oxybenzone and octinoxate, a measure that will go into effect on Jan. 1, 2021. It was the first state in the nation to implement such a ban. In Florida, the website for the South Florida Reef Ambassador Initiative, which falls under the state's Department of Environmental Protection, tells divers to "Avoid sunscreens with Oxybenzone and Avobenzone. The benzones are compounds that are lethal to coral reproduction in very small amounts." Experts who have studied the issue say sunscreens with zinc oxide or titanium dioxide, which are minerals, also block ultraviolet rays. They create a barrier on the skin that deflect the sun's rays .
          
  
  Read more of this story at Slashdot.
  

• Researchers Report Breakthrough In Ice-Repelling Materials
  "Researchers from the University of Houston have reported a new theory in physics called stress localization, which they used to tune and predict the properties of new materials," reports Phys.Org. "Based on those predictions, the researchers reported in Materials Horizons that they have created a durable silicone polymer coating capable of repelling ice from any surface." The new research has huge implications for aircraft, power transmission lines, and more. From the report: Hadi Ghasemi, Bill D. Cook Assistant Professor of mechanical engineering at UH and corresponding author for the work, said the findings suggest a way to take trial and error out of the search for new materials, in keeping with the movement of materials science toward a physics-driven approach. "You put in the properties you want, and the principle will tell you what material you need to synthesize," he said, noting that the concept can also be used to predict materials with superb antibacterial or other desirable properties.   The new material uses elastic energy localization where ice meets the material, triggering cracks at the interface that slough off the ice. Ghasemi said it requires minimal force to cause the cracks; the flow of air over the surface of an airplane acts as a trigger, for example. The material, which is applied as a spray, can be used on any surface, and Ghasemi said testing showed it is not only mechanically durable and unaffected by ultraviolet rays -- important for aircraft which face constant sun exposure -- but also does not change the aircraft's aerodynamic performance. Testing indicates it will last for more than 10 years, with no need to reapply, he said.
          
  
  Read more of this story at Slashdot.
  

• Fortnite Bugs Gave Hackers Access To Millions of Player Accounts, Researchers Say
  Researchers at cybersecurity firm Check Point say three vulnerabilities chained together could have allowed hackers to take control of any of Fortnite's 200 million players. "The flaws, if exploited, would have stolen the account access token set on the gamer's device once they entered their password," reports TechCrunch. "Once stolen, that token could be used to impersonate the gamer and log in as if they were the account holder, without needing their password." From the report: The researchers say that the flaw lies in how Epic Games, the maker of Fortnite, handles login requests. Researchers said they could send any user a crafted link that appears to come from Epic Games' own domain and steal an access token needed to break into an account.   Here's how it works: The user clicks on a link, which points to an epicgames.com subdomain, which the hacker embeds a link to malicious code on their own server by exploiting a cross-site weakness in the subdomain. Once the malicious script loads, unbeknownst to the Fortnite player, it steals their account token and sends it back to the hacker. "If the victim user is not logged into the game, he or she would have to log in first," a researcher said. "Once that person is logged in, the account can be stolen." Epic Games has since fixed the vulnerability.
          
  
  Read more of this story at Slashdot.
  

• Marco Rubio Introduces Privacy Bill To Create Federal Regulations On Data Collection
  An anonymous reader quotes a report from Fortune: Senator Marco Rubio (R-Fla.) introduced a bill Wednesday aimed at creating federal standards of privacy protection for major internet companies like Facebook, Amazon, and Google. The bill, titled the American Data Dissemination Act, requires the Federal Trade Commission to make suggestions for regulation based on the Privacy Act of 1974. Congress would then have to pass legislation within two years, or the FTC will gain the power to write the rules itself (under current laws, the FTC can only enforce existing rules). While Rubio's bill is intended to reign in the data collection and dissemination of companies like Facebook, Amazon, Apple, Google, and Netflix, it also requires any final legislation to protect small businesses from being stifled by new rules. The caveat comes when one considers states' rights to create their own privacy laws. Under Rubio's legislation, any national regulations would preempt state laws -- even if the state's are more strict. "While we may have disagreements on the best path forward, no one believes a privacy law that only bolsters the largest companies with the resources to comply and stifles our start-up marketplace is the right approach," Rubio wrote in an op-ed for The Hill, announcing his bill.
          
  
  Read more of this story at Slashdot.
  

• Federal Prosecutors Are Investigating Huawei For Allegedly Stealing Trade Secrets, Says Report
  According to The Wall Street Journal, federal prosecutors have launched a criminal investigation to see if Huawei allegedly stole trade secrets from U.S. companies. The probe is reportedly built out of civil lawsuits against the telecommunications firm. The Hill reports: People familiar with the probe told the Journal that it is at an advanced stage and that an indictment could soon be coming. Huawei has long faced scrutiny from both lawmakers and national security officials, who have labeled the firm as a national security threat over its ties to the Chinese government. The company has denied that characterization, and China this week called for other countries to end âoethe groundless fabrications and unreasonable restrictionsâ on Huawei and other firms.
          
  
  Read more of this story at Slashdot.
  

• New Satellite Network Will Make It Impossible For a Commercial Airplane To Vanish
  pgmrdlm quotes a report from CBS News: For the first time, a new network of satellites will soon be able to track all commercial airplanes in real time, anywhere on the planet. Currently, planes are largely tracked by radar on the ground, which doesn't work over much of the world's oceans. The final 10 satellites were launched Friday to wrap up the $3 billion effort to replace 66 aging communication satellites, reports CBS News' Kris Van Cleave, who got an early look at the new technology. On any given day, 43,000 planes are in the sky in America alone. When these planes take off, they are tracked by radar and are equipped with a GPS transponder. All commercial flights operating in the U.S. and Europe have to have them by 2020. It's that transponder that talks to these new satellites, making it possible to know exactly where more than 10,000 flights currently flying are.
          
  
  Read more of this story at Slashdot.
  

• Google Play Starts Manually Whitelisting SMS, Phone Apps
  An anonymous reader quotes a report from Ars Technica: Google is implementing major new Play Store rules for how Android's "SMS" and "Call Log" permissions are used. New Play Store rules will only allow certain types of apps to request phone call logs and SMS permissions, and any apps that don't fit into Google's predetermined use cases will be removed from the Play Store. The policy was first announced in October, and the policy kicks in and the ban hammer starts falling on non-compliant apps this week.   Google says the decision to police these permissions was made to protect user privacy. SMS and phone permissions can give an app access to a user's contacts and everyone they've ever called, in addition to allowing the app to contact premium phone numbers that can charge money directly to the user's cellular bill. Despite the power of these permissions, a surprising number of apps ask for SMS or phone access because they have other, more benign use cases. So to clean up the Play Store, Google's current plan seems to be to (1) build more limited, replacement APIs for these benign use cases that don't offer access to so much user data and (2) kick everyone off the Play Store who is still using the wide-ranging SMS and phone permissions for these more limited use cases. Google provides a help page that helps explain the new rules and offer workarounds for some use cases.
          
  
  Read more of this story at Slashdot.
  

• YouTube Cracks Down on 'Harmful and Dangerous' Challenges and Pranks
  YouTube has set stricter guidelines for "harmful and dangerous" prank and challenge videos. From a report: "We've always had policies to make sure what's funny doesn't cross the line into also being harmful or dangerous," reads the YouTube guidelines. "Our Community Guidelines prohibit content that encourages dangerous activities that are likely to result in serious harm, and today clarifying what this means for dangerous challenges and pranks." YouTube's guidelines now further detail which of these popular videos push the line, including challenges such as the Tide Pod challenge and the Fire challenge -- anything "that can cause death and/or have caused death in some instances."   As for pranks, videos that make the victims believe they're in serious danger or cause severe emotional distress to children (further clarified with examples like faking the death of a parent) are no longer acceptable on the platform. Creators who host these types of videos on their channels will receive a grace period of two months to clean up their channel.
          
  
  Read more of this story at Slashdot.
  

• Federal Prosecutors Pursuing Criminal Case Against Huawei for Alleged Theft of Trade Secrets: Report
  Federal prosecutors are pursuing a criminal investigation of China's Huawei for allegedly stealing trade secrets from U.S. business partners, including the technology behind a robotic device that T-Mobile used to test smartphones, WSJ reported Wednesday. From a report: The investigation grew in part out of civil lawsuits against Huawei, including one in which a Seattle jury found Huawei liable for misappropriating robotic technology from T-Mobile's Bellevue, Wash., lab, the people familiar with the matter said. The probe is at an advanced stage and could lead to an indictment soon, they said. The link to the source article may be paywalled; here's an alternative source.
          
  
  Read more of this story at Slashdot.
  

• Happy 18th Birthday, Wikipedia
  This week, Wikipedia celebrates its 18th birthday. If the massive crowdsourced encyclopedia project were human, then in most countries, it would just now be considered a legal adult. But in truth, the free online encyclopedia has long played the role of the Internet's good grown-up.  From a story: Wikipedia has grown enormously since its inception: It now boasts 5.7 million articles in English and pulled in 92 billion page views last year. The site has also undergone a major reputation change. If you ask Siri, Alexa or Google Home a general-knowledge question, it will likely pull the response from Wikipedia. The online encyclopedia has been cited in more than 400 judicial opinions, according to a 2010 paper in the Yale Journal of Law & Technology.   Many professors are ditching the traditional writing assignment and instead asking students to expand or create a Wikipedia article on the topic. And YouTube Chief Executive Susan Wojcicki announced a plan last March to pair misleading conspiracy videos with links to corresponding articles from Wikipedia. Facebook has also released a feature using Wikipedia's content to provide users more information about the publication source for articles in their feed.
          
  
  Read more of this story at Slashdot.
  

• Microsoft is Separating Cortana From Search in Windows 10
  Microsoft is making some big changes to Cortana in Windows 10. The company intends to decouple search and Cortana in the Windows 10 taskbar, allowing voice queries to be handled separately to typing in a search box to find documents and files. From a report: This change will be implemented in the next major Windows 10 update, currently scheduled for April. Windows 10 will direct you towards an built-in search experience for text queries, while Cortana will exist for voice queries instead of them both bundled together. "This will enable each experience to innovate independently to best serve their target audiences and use cases," explains Dona Sarkar, Microsoft's Windows Insider chief. "This change is one of several we've made throughout this release to improve your experience in this space, including updating the search landing page design, enhancing your search results, and integrating Microsoft To-Do with Cortana."
          
  
  Read more of this story at Slashdot.
  

Engadget"Engadget RSS Feed"

• Facebook purges more than 500 Russian-led disinformation pages
  
  "Coordinated Inauthentic Behavior" is such an anodyne way of describing weaponizing information to poison attitudes and democracies. That's the euphemism that Facebook is employing to talk about its latest purge of accounts and pages that may be part of a Russian disinformation campaign. More than 500 pages and accounts have recently been removed, according to a report by Facebook's cybersecurity policy chief.
  
  In a blog post, Nathaniel Gleicher says that the problematic pages came from Russia, and operated in the Baltics, Central Asia, the Caucasus, the Ukraine, as well as in Europe. The accounts were made up to look like individual politicians, or general-interest websites covering news, sports, weather and politics.
  
  Facebook included statistics for one Russian network of 364 pages and 75 profiles, which spent around $135,000 on Facebook Ads. These ads ran from October 2013 through January 2019, and the network created 190 events, of which 1,200 people expressed interest in attending. It's not clear if any of them actually took place, but the creation of fake events is a tactic that's been seen several times before.
  
  A second network of 107 pages and 41 Instagram accounts, identified by US law enforcement, was directly targeted to the Ukraine. Facebook didn't go into details, but said that it found "technical overlap" with other fake news and opinion hacking tactics it found during the US midterms. This behavior is consistent with the actions of Russia's so-called troll-farm, the Internet Research Agency.
  
  This network had grown an audience of around 180,000 followers on Facebook, with another 55,000 people following the Instagram pages. Similarly, Facebook received $25,000 in ad spending from this network, with ads running from January 2018 through to that December.
  
  According to Facebook, the people behind the larger of the two networks were tied to, or employees of, Russian "news" outlet Sputnik. Like RT, Sputnik is funded directly by the Russian government, and both are perceived as being a propaganda or information warfare vehicle for the Kremlin. Both are of interest to law enforcement agencies, and have been targeted by Twitter and Google in the past.
  
  In 2017, Google pledged to down-rank both Sputnik and RT in its news platform to prevent what it saw as disinformation from spreading. That same year, Twitter announced that it would no longer take advertising money from RT and Sputnik, although it did not suspend their accounts. In addition, Twitter said that it would donate the $1.9 million in fees it had received to charity. Facebook has not yet commented on what it plans to do with the $160,000 it received in fees.
  
  Source: Facebook Newsroom
  

• The Morning After: Larger Hadron Collider and return of RAZR
  
  Hey, good morning! You look fabulous.
  
  Are you ready for another RAZR? Motorola probably hopes so, but in the meantime we're taking Tesla's latest driving assist for a road trip and trying on some self-tightening basketball shoes.
  
  
  
  What year is it?Motorola's next RAZR revival could be a $1,500 foldable phone
  
  A closer look at Nike's Adapt BB auto-lacing basketball shoes
  
  Tesla's Navigate on Autopilot was my CES road-trip companion
  
  CERN plans to build a collider four times bigger than the LHC
  
  LG rumor suggests its foldable smartphone actually has a 'second screen'
  
  CNET cites anonymous sources indicating that we'll see a new mobile device from LG at Mobile World Congress 2019 that supports an optional "second screen" attachment, described as a sort of case with a screen.
  But wait, there's more... Microsoft pledges $500 million to help Seattle's housing crisis Netflix is still a bargain, even after the latest price hike Ford is developing a fully electric F-150 A 'Fortnite' security flaw could have exposed players' accounts EA's open-world 'Star Wars' game is no more Netflix sets international release for George R. R. Martin's 'Nightflyers' Tesla releases a plug-in EV charger you can take with you LSU's bendable concrete could fix America's crumbling infrastructure CES 2019: OMRON's redesigned ping-pong robot no longer holds back
  
  The Morning After is a new daily newsletter from Engadget designed to help you fight off FOMO. Who knows what you'll miss if you don't Subscribe.
  
  Craving even more? Like us on Facebook or Follow us on Twitter.
  
  Have a suggestion on how we can improve The Morning After? Send us a note.
  

• Facebook makes its image compression tech available to all
  
  Most applications need to compress the photos you upload, because better cameras also mean bigger image files. The larger the file is, the more data you use and the longer the upload takes. Facebook is helping smaller developers address the need for image compression by releasing the technology it developed for faster image uploads as an open source tool. It's called Spectrum, and it can be integrated into iOS and Android projects, so you'll likely come across it on non-Facebook apps whichever platform you use.
  
  Now, Facebook isn't exactly known for fantastic image compression -- if you regularly upload photos through its mobile app, you might even consider its optimization powers kinda lousy. It might do a better job than what some developers can come up with, though, and can provide the function for those who'd rather not write custom programs. Facebook says Spectrum has "improved reliability and quality of image uploads across [its] apps" and says the tool can reduce file sizes for up to 15 percent while maintaining their quality. The open source project is now available on GitHub.
  
  Source: Spectrum
  

• Tesla's referral perks are going away
  
  Tesla is ending its customer referrals scheme that gives free electric charging to its EV buyers, among other perks. In a tweet, Elon Musk announced the program will end on February 1st, stating in a subsequent reply that it's "adding too much cost to the cars, especially Model 3." Asked if Tesla was replacing it with another program, Musk responded: "no, the whole referral incentive system will end."
  
  The program started life in 2015 with the aim of boosting word-of-mouth around Tesla's vehicles. In its current form, it lets Tesla owners "give five friends six months of free Supercharging with the purchase of a new Model S, Model X or Model 3" using referral codes. An additional three months of free Supercharging is included "if they order without ever having taken a test drive." Other benefits span free chargers, toys for kids, deals on solar panels, and the option to launch your photo into deep space orbit. Tesla also scrapped its lifetime free Supercharging offer last September.
  
  According to January 17, 2019No, the whole referral incentive system will end
  — Elon Musk (@elonmusk) January 17, 2019Yes, ending on Feb 1. It's adding too much cost to the cars, especially Model 3.
  — Elon Musk (@elonmusk) January 17, 2019
  Source: Elon Musk (Twitter)
  

• Microsoft pledges $500 million to help Seattle's housing crisis
  
  Microsoft is putting its massive balance sheet to good use by pledging $500 million to help address the housing crisis in the greater Seattle area. According to compromised on a tax proposal meant to raise funds for affordable housing and homeless residents. If you'll recall, the city wanted to tax big companies $500 per employee per year, but it had to settle for half that amount after pushback from Amazon. Based on what its consultant found out, the region has "counterintuitively done less to build middle-income housing than low-income housing, especially in the suburbs." That's why the tech giant is splitting its pledge into three.
  
  Microsoft is lending $225 million to developers to subsidize the preservation and construction of middle-income housing meant for households making between $62,000 and $124,000 per year. The offer will initially be available in Redmond and nearby cities Bellevue, Kirkland, Issaquah, Renton and Sammamish. Meanwhile, it's earmarking $250 million for low-income housing development across the King County region meant for households making $48,150 for two persons. Microsoft expects to make very little profit from the loans, and anything it earns will be reinvested back into the project. The remaining $25 million will be given as philanthropic grants to organizations working to address homelessness in the area.
  
  Microsoft President Brad Smith and CFO Amy Hood wrote in a blog post:
  
  "If we're going to make progress, we'll all need to work together as a community. We recognize that Microsoft is in a unique position to put the size of its balance sheet behind this effort... Ultimately, a healthy business needs to be part of a healthy community. And a healthy community must have housing that is within the economic reach of every part of the community, including the many dedicated people that provide the vital services on which we all rely."
  
  The company knows it can't just throw money at the problem to make it go away, though -- it's not even entirely sure how much $500 million can help. In an effort to make a bigger impact, Microsoft also plans to encourage policy changes for the development of affordable housing in state legislative sessions.
  
  
  Source: Microsoft, The New York Times, The Seattle Times
  

• 'Sea of Thieves' will take up less space after pending update
  
  There is good news and bad news for Sea of Thieves players regarding the game's next update. The bad news is you'll have to download and reinstall the entire game. The good news is, as a result of some behind the scenes improvements made by developer Rare, the game installation size will be cut by nearly half on all platforms.
  
  The update will arrive on February 6th and will be larger than the standard update -- understandably so, seeing as you'll have to reinstall the entire game. However, once the installation is complete, the developers feel confident that they will be able to better optimize updates in the future and keep the amount of hard drive space required for the ever-growing game down to a reasonable size.
  
  According to the developers, the update will bring down the installation size for the game across the board. The Xbox One version of the game will drop from 35GB to 10GB, Xbox One X will go from 47GB to 25GB and PC will shrink from 47GB to 27GB. Once the update has finished downloading, it should install automatically so you can jump back into the game.
  
  Source: Microsoft
  

• Ford is developing a fully electric F-series pickup truck
  
  Ford is taking steps to future-proof its business by developing not just a hybrid, but a fully electric pickup truck. Jim Farley, Ford president of global markets, has announced at an event in Detroit that the automaker is electrifying the F-series. The company has been working on a hybrid version of the F-150 since 2015, but this is a completely different project. Unfortunately, Farley didn't confirm which particular model is going to get the EV treatment.
  
  It wouldn't come as a surprise if Ford is also making a pure electric version of the F-150, though, seeing as it is one of the most recognizable and best-selling American vehicles. The iconic pickup accounts for around a third of the automaker's sales in the US and has a long history behind it, dating back to 1975. It's the perfect model for this project, which feels like a natural development following Ford's investments in the EV market.
  
  By developing an electric pickup, Ford is hoping that it'll be able to keep up with rivals that are also creating their own. A startup called Rivian unveiled its own take on the category in 2018, and even the vastly more popular Tesla is planning to conjure up an electric pickup truck of its own within the next few years.
  
  Via: Autoblog
  
  Source: Detroit Free Press
  

• Android Q may include a dark theme and desktop mode
  
  Many Android users still don't have Pie yet, but details are already emerging for its follow-up. XDA says it has obtained a very early build of Android Q (Quiche? Queso?) that hints at Google's plans. For one, there's a system-wide dark theme. This might be particularly helpful if you're trying to save power on an OLED-equipped phone or just don't want to blind yourself at night. There's a developer option to force the dark mode on apps that don't support it, hinting that it may take a while before every app honors the feature.
  
  You'll also find a developer option that would "force experimental desktop mode on secondary displays," which might refer to a Samsung DeX-style view. Don't count on it reaching the finished version (it wouldn't even work when XDA enabled it), but Google appears to be considering the idea at a minimum.
  
  Most other elements in this build are minor (such as wallpaper for all devices with always-on displays). There is an important change to privacy, though. Much as with iOS, you can limit permissions for location and other sensitive features so that it runs only while an app is in the foreground. You wouldn't have to worry about an app gathering data behind your back, or a GPS app chewing up your battery when you aren't using it. A revamp of the overall permissions section would give you a quick glimpse of the features your apps are using.
  
  You'll probably have to be patient before you can try Android Q yourself, regardless of how many elements survive the development gauntlet. Google didn't release the Android P public preview until May of 2018, and the completed version waited until August. This is more of a tentative glance at the future than a definitive peek.
  
  Source: XDA-Developers
  

• Collection 1 data breach covers more than 772 million email addresses
  
  If you're signed up for one of the many services that alerts you to data breaches when they're discovered (if you're not, you probably should be) then you likely have an email waiting for you. Troy Hunt runs Have I Been Pwned where he makes it his business to dig up these files as they're being passed around by hackers, and has alerted the world to "Collection #1," which claims to combine usernames and passwords from thousands of databases.
  
  That includes some where the password data may have been stored encrypted, so if someone has managed to crack open a site where you had an account registered, it's likely they have your info and know what password you were using. If you've logged into a customer support portal or some random forum with your email address and used the same password you use for your main email account, Netflix, Facebook or other accounts, then it could be trivially easy for someone to have that and use it to log in as you.
  Now emailing 768,253 individuals who subscribed for notifications and another 39,923 who are monitoring domains...
  — Troy Hunt (@troyhunt) January 16, 2019
  Unfortunately, for reasons Hunt explains in his blog post, it's impossible to see what account or password may have been included via his site, which is why you should probably be using a password manager (if you have a truly unique password, you can see if it's ever been exposed in one of the breaches on this page). That would make it easy to maintain unique passwords wherever you have accounts, and easily change them if there's a breach.
  
  So to recap -- sign up for Have I Been Pwned, it's free and can alert you to breaches quickly. Use unique passwords, which could be easier to do if you use a password manager like 1Password or LastPass, or even if you just write them down and store them securely, in addition to multifactor authentication where available. You can't stop your information from popping up in breaches like this, but taking those steps can lower the risk of impact before your personal Facebook page starts offering deep discounts on Ray-Bans or someone in Latvia is adding to your Spotify playlists.
  
  Source: HIBP
  

• LG smartphone rumor suggests a 'second screen' add-on
  
  Samsung has already teased its future of "Infinity Flex" foldable devices that blur the line between phone and tablet, and while we'd heard LG would show off something similar at CES last week, it didn't. Now Royole, and as Google has already committed to supporting Android devices with changing screen sizes, we'd expect to see more companies give it a try. The odd configuration could also explain some of the recent trademarks that surfaced from LG including Foldi and Duplex.
  
  CNET isn't clear on whether or not this adjustable device will be the mainstream G8 device, or perhaps a separate device like LG's previous G Flex series, but it will be something to keep an eye on as MWC's opening approaches on February 25th. We're expecting to hear more about Samsung's flexible plans and the Galaxy S10 on February 20th, and we wouldn't be surprised if LG also makes a pre-show splash with new mobile hardware.
  
  
  
  Source: CNET
  

• Sprint lets you chat with customer service reps through iMessage
  
  Apple's Business Chat, which lets you chat with companies through iMessage, was announced in 2017, though adoption has been somewhat slow. From today, however, Sprint customers can connect with customer service reps directly using the Messages app on their iPhone or iPad.
  
  When you visit the Contact Us page on Sprint's website, or look up the company on Safari, Search, Apple Maps or Siri, you can connect with an agent by tapping on the Messages icon. If you have the My Sprint Mobile app installed, Business Chat can tap into it to help authenticate your account. One of the advantages of Business Chat, beyond having to keep a browser tab open for your conversation or stay on the phone, is that you can continue speaking to reps at a later time if it's more convenient for you.
  
  
  
  Business Chat is still in beta, and you can use it on devices running iOS 11.3 or higher. Sprint joins a number of companies that support it, including T-Mobile, DirectTV Now, Dish, Vodafone, Wells Fargo, West Elm and Salesforce.
  
  Source: Sprint
  

• 'Westworld Mobile' game pulled following Bethesda lawsuit
  
  It's now clearer just how Behaviour Interactive and Warner Bros. resolved that Bethesda lawsuit over pulled Westworld Mobile from app stores and disabled in-app purchases for the management game. You can still play for now, but it'll shut down altogether on April 16th.
  
  The two sides had previously claimed there was an "amicable" end to the lawsuit. On the surface, though, it appears that Bethesda ultimately held all the cards in this situation. Behaviour wasn't just another developer hopping on a popular trend, as you often see in the mobile gaming world -- it built Fallout Shelter, and Bethesda accused it of simply recycling material to develop Westworld. Whether or not the claims are true, Behaviour faced an uphill (and potentially costly) legal battle to defend its title.
  pic.twitter.com/y7NS7QeSlX
  — Westworld Mobile (@WestworldMobile) January 15, 2019
  Via: VentureBeat
  
  Source: Westworld Mobile (Twitter)
  

• SpaceX isn't moving Starship development to southern Texas (update)
  
  SpaceX's decision to construct its Starship test vehicle in Texas may have just been the harbinger of things to come. The LA Times has claimed that development and assembly of Starship and its Super Heavy booster system will take place in southern Texas, not the Port of Los Angeles. It'll maintain existing design, manufacturing, launch and recovery operations in the area (plus Vandenberg Air Force Base), but that's only a partial consolation when existing projects like the Falcon 9 rocket have a limited lifespan.
  
  The company explained its move as a bid to "streamline operations," according to the Times although it didn't elaborate on what that meant.
  
  SpaceX is no stranger to Texas. It set up a rocket test facility for the Falcon 9 in McGregor, and it's in the midst of constructing a southern Texas launch site in Brownsville that will be used for both Starship testing and commercial flights. It might just be a question of concentrating work in the area that Starship will effectively call home, at least for the foreseeable future.
  
  Update 1/16 7:55PM ET: Elon Musk says the LA Times' "source info is incorrect." SpaceX is building Starship prototypes in Texas, but the development of both the spacecraft and its accompanying Raptor engines remains in Hawthorne, California. We've updated the article accordingly.
  
  Via: TechCrunch
  
  Source: LA Times
  

• MasterCard won't let companies automatically bill you after free trials
  
  We've all made the mistake of starting a free trial and forgetting to cancel it before the billing period kicks in. Now, MasterCard will protect against this. The company announced a new policy that will require merchants to get authorization from you before hitting you with recurring charges for subscriptions. It will also require companies to provide you with monthly updates with pricing and clear instructions on how to cancel if you need it.
  
  Here's how MasterCard's new protections will work: Sign up for a free trial and provide your MasterCard card number for your payment information. When that free trial comes to an end, the merchant will be required to send you a text or email notifying you that you will have to pay to continue the subscription. That message has to include the subscription cost, payment date and merchant name presented clearly so you know exactly who you are dealing with. The message will also have to include instructions on how to cancel in case you decide you're better off without it.
  
  Even if you opt to give the merchant permission to charge you so you can continue using its service, the company has to provide you with monthly receipts that show you the monthly cost. That should make it easier to track price changes in your subscription so you don't get hit by unexpected price jumps (looking at you, Netflix). Those monthly receipts will also have to include a guide on canceling the subscription.
  
  Via: The Verge
  
  Source: MasterCard
  

• US bills would ban exports to Chinese telecoms that violate sanctions
  
  American politicians want to crack down further on Chinese telecoms like Huawei and ZTE. Members of both the House of Representatives and the Senate have introduced bills that would order the President to impose export bans on Chinese telecoms found to violate US export and sanctions laws. Companies like Huawei and ZTE are a "growing threat to American national security," according to co-sponsor Rep. Mike Gallagher, and they should face the same punishment that ZTE faced before its reprieves.
  
  The politicians aren't shy about the reasons behind the move. This is partly in response to the arrest of Huawei CFO Meng Wanzhou in Canada over US allegations she helped her company violate US trade sanctions against Iran. This would potentially force the President to ban Huawei's US-based equipment exports, limiting its ability to do business around the world. It wouldn't be as severe a blow as it was for ZTE, since Huawei designs its own mobile processors, but it could have a noticeable effect.
  
  Huawei has repeatedly denied allegations of both violating sanctions and of spying on behalf of the Chinese government. There also hasn't been public evidence that Huawei equipment is spying on the US or other countries. However, those denials might not matter should the bills eventually become law -- if the US determined there was a violation, that could be all she wrote. There's no guarantee they will become law, mind you. The President was the main proponent of reversing the export ban on ZTE, and he might not sign bills that would force him to impose bans going forward.
  
  Via: Reuters
  
  Source: Senator Tom Cotton, Rep. Mike Gallagher
  

• Microsoft splits Cortana from search in Windows 10
  
  Microsoft is splitting up search and voice assistant Cortana in Windows 10, giving each their own spot on the taskbar in the latest build for Windows Insiders testers. The change should go live for everyone in the next major update to Windows 10, which is planned for April. The move, according to Microsoft, should improve both functions as it "will enable each experience to innovate independently to best serve their target audiences and use cases."
  
  The search box will be solely for text queries, while Cortana will of course handle voice queries. Microsoft has placed more focus on improving search lately. It merged the function across Windows 10, Bing, Office and Edge, and released a more powerful search tool in the Office app.
  
  Elsewhere in the latest preview build, you'll be able to install font files simply by dragging them onto the fonts settings page, while Microsoft is changing how the Start menu works. It will run on its own process, so if it's affected by any problems, they should have a smaller impact on other parts of your system.
  
  Via: The Verge
  
  Source: Microsoft
  

• GoPro improves Fusion VR camera resolution via software update
  
  It's not often a camera gets a resolution upgrade purely through software, but GoPro appears to have managed just that. The company has released beta firmware that lets its Fusion VR camera capture 5.6K spherical video at 24 frames per second. That's not a huge bump over the original 5.2K, but it could still be noticeable in the confines of a VR helmet. GoPro manages the feat by capturing footage at 5.8K and stitching it together to produce the finished video.
  
  The firmware also supports time lapses in this mode, and there's now RAW photo support for both time lapses and night modes when the intervals are set to 5 seconds or longer. Corresponding updates to the Fusion Studio software on your PC should also deliver improved image quality, easier importing and better hooks into Adobe's 2019 versions of Premiere and After Effects.
  
  Besides serving as a treat for Fusion owners, the beta sends a message: GoPro is still committed to its VR video camera. That isn't completely surprising when company chief Nick Woodman casually confirmed a Fusion 2 camera during a press party at CES, but the firmware serves as tangible proof -- it's not just dabbling in 360-degree content.
  
  Source: GoPro
  

• Netflix announces ‘Space Force’ comedy series starring Steve Carell
  
  If you've missed The Office and Steve Carell's Michael Scott, Netflix's latest series announcement may be a bit of welcome news. In a video, which you can see below, Netflix has revealed a new workplace comedy called Space Force, which will center on the (fictional) folks tasked with getting President Trump's Space Force up and running.
  In an overlay, the video notes how, last year, the Trump administration announced Space Force as a future sixth military branch. "The goal of the new branch is 'to defend satellites from attack' and 'perform other space-related tasks.' Or something," it continues, adding that the series will feature "the men and women who have to figure it out."
  
  Carell co-created and will also star in the series. Greg Daniels, known for his work behind the US version of The Office and Parks and Recreation, among other popular titles like King of the Hill, created the series alongside Carell. Though Carell is also slated to star in Apple's upcoming Reese Witherspoon- and Jennifer Aniston-led morning TV show drama, Deadline reports that he still appears to be attached to both projects.
  
  
  
  Source: Netflix
  

• US reportedly investigates Huawei for allegedly stealing trade secrets
  
  Huawei and the US government have been at odds for months now, and it looks like things are about to get far more severe. was arrested in Canada at the behest of the US government; the charge is that she violated sanctions against Iran. While there has been significant conflict between the Chinese company and the US government in recent months, relationships have been frosty ever since 2012, when the US called it a national security threat. Since then the government has essentially blocked companies from using Huawei's networking equipment, and US government employees were recently banned from using Huawei smartphones.
  
  Huawei has long denied the claims that it is spying on behalf of the Chinese government, says it operates independently of the government and that it follows the law in all countries where it operates. But if the Justice Department brings formal charges, we should finally know a bit more about what evidence the US has about Huawei's supposed wrongdoings and its ties to the Chinese government.
  
  Source: The Wall Street Journal
  

• Marco Rubio proposes a totally uninspiring data privacy bill
  
  Senator Marco Rubio (R-FL) announced Wednesday a new privacy bill aimed at protecting personal data of American consumers from being sucked up indiscriminately by tech giants, according to competing privacy bills have. Instead of giving the FTC the authority to create regulations, it requires Congress to write the rules and asks the agency to enforce what they come up with. Only if Congress fails to successfully pass a law within two years of the ADDA going into effect would the FTC have the power to write rules on its own. The ADDA would also require exemptions for smaller companies to operate outside of rules that might hurt their business.
  
  While Rubio's bill -- which doesn't have any cosponsors -- take some baby steps toward improving data privacy laws, it also would effectively override any state laws that might have stricter rules that tech giants and telecom companies have to follow. With California's Consumer Privacy Act set to go into effect in 2020 and a number of state-based net neutrality laws on the books, the ADDA may be viewed as a way to undermine those more stringent rules with watered down national laws.
  
  Via: The Verge
  
  Source: Axios
  

• Netflix is still a bargain, even after the latest price hike
  
  On Tuesday morning, Netflix reported that it will be raising prices for all of its customers in what is widely regarded as the biggest price hike in the company's history. The lowest tier will go from $8 to $9, while the $11 and $14 tiers will now be $13 and $16 respectively. In the wake of the news, many customers took to social media (as well as our comments section) to voice their disappointment, declaring they would be unsubscribing from the service. I, on the other hand, am more than happy to pay an extra $1 or $2 a month, for a service I think is still very much at the top of its game.
  
  Let's begin with the cost. For $9 to $14 a month, Netflix offers a metric ton of programming that covers almost every conceivable genre. Action Comedies? Netflix has it. Romantic Thrillers? Got it. Classic Foreign Movies? Yep. There are roughly 75,000 micro-genres in Netflix's database, and though Netflix hasn't publicly released numbers, a study in February 2018 suggested it has well over 5,000 movies and TV shows, with that number fluctuating over time. Sure, you can probably get a lot of shows to watch with a cable subscription too, but that's at least $50 a month, which is way more than what Netflix costs.
  
  If Netflix was just a place to watch already-aired TV shows like Parks & Recreation and The Good Place, it would already be worth it in my book. But Netflix is so much more than that these days. It's no longer just a spicy extra in one's entertainment diet; for many it's essential viewing. Black Mirror, Disney, which has pulled (or will likely pull) its content, like Star Wars, Marvel and Pixar over to its very own streaming service, making Netflix a less attractive option than before.
  
  Add all of that together, and there's a very real chance that consumers are suffering a case of subscriber burnout. If you're a cord cutter hungry for content, you likely subscribe to nearly all of the above services already, which means your monthly entertainment bill reaches or exceeds that aforementioned $50 cable subscription, and suddenly that extra $2 a month might seem like a lot. Or, there's the danger that more consumers might start sharing passwords, thus diluting Netflix's customer base.
  
  But when you look at what Netflix offers in comparison to the rest, it's not really a contest. Hulu, Amazon Prime and CBS All Access only have a handful of attractions, and each cost nearly the same price as Netflix. Hulu without ads is $12 a month, Prime is around $9 (though it also buys you unlimited two-day shipping among other perks) and CBS without ads is around $10 a month. Netflix, on the other hand, offers a plethora of content that would put most cable networks to shame.
  
  There are just so many shows of all stripes on Netflix -- anime, stand-up specials, documentaries, cooking shows, home design shows, sitcoms, dramas -- that it's impossible to watch them all. If I had to cancel some of those aforementioned subscriptions to save some money, Netflix would be the last one I would drop; it offers the most bang for the buck for me. Of course, there's certainly a chance that Netflix will raise its prices even more -- and with ever-expanding show costs, it might very well have to -- but even then, I would likely still pay up.
  

• Tinder test lets you share Spotify clips with matches
  
  Tinder is experimenting with allowing daters to share music via Spotify right inside their conversations. The feature, first spotted by the blog linking their Spotify account to Tinder.
  
  According to screenshots of the test feature, users will share tunes by tapping a green music icon located next to the text bar when messaging someone. Tap it and you'll be able to search for and select a song to send to your match. Before you assume Tinder will let you send your crush a mixtape right in the app, you might want to pump the brakes a bit. The feature only lets you share 30-second clips rather than full songs.
  
  Tinder hasn't offered any details regarding the availability of the feature going forward, though it is expected that it will eventually leave the testing stage and be publicly available to users. Tinder has added a number of integrations to its platform in the last couple of years, including stickers from Bitmoji and GIFs from Giphy.
  
  Via: TechCrunch
  
  Source: MSPowerUser
  

• Iridium's 'truly global' satellite internet connects aircraft and ships
  
  Wondering what Iridium would be doing with those Next satellites that SpaceX just finished launching? You now have an idea. Iridium has formally debuted Certus, a "truly global" satellite broadband service that promises to keep aircraft, ships and other vehicles (including self-driving vehicles) connected even in the remotest places. It's far from fast at 352Kbps for both downloads and uploads, but that's enough to keep crews online and provide reasonably high-quality voice services.
  
  The initial focus is on land and sea services, with aviation coming later in 2019 after Iridium receives the certification it needs to go ahead. Partners like Gogo and Thales are already waiting in the wings. Speeds, meanwhile, won't be quite so pokey in the future. Iridium plans to bump up users to 352Kbps/704Kbps service through a firmware update when it's available.
  
  You aren't going to subscribe to Certus yourself, as it's meant more for companies and governments. However, Iridium said it's the "first new capability" from the Iridium Next program. As it is, you could still notice the difference. This might provide basic in-cabin internet access in situations where it was never an option, and could enable autonomous ships or other transportation that doesn't strictly need a crew. There are even plans for smaller receivers that could provide always-on data to drones and tracking systems on endangered animals.
  
  Source: Iridium (1), (2)
  

• Stop & Shop is bringing autonomous food stands to Boston
  
  Forget self-driving grocery delivery cars -- Stop & Shop wants robotic vehicles to bring a chunk of the store to your door. It's launching autonomous grocery vehicles in the greater Boston area that will let you shop for produce, meal kits and "convenience items" (think bread and eggs) just outside your home. You just have to hail one of the Robomart-made cars through a mobile app, unlock the vehicle when it arrives, and pick your food -- a combination of computer vision and RFID tagging automatically flags your purchases. It's not quite Amazon Go on wheels, but it's close.
  
  Boston-based service will be ready sometime in the spring as part of an "engagement" with Robomart. Stop & Shop didn't say how much the service would cost.
  
  The approach could be more practical than straightforward delivery for some. Instead of having to commit to a purchase before the vehicle has even left the store, you can browse on your own terms (albeit from a narrow selection) without having to travel beyond your home. Of course, this is helpful for grocery stores as well. In addition to providing an extra form of revenue, it could expand a store's reach to cover people who can't realistically visit, whether it's due to travel times, physical abilities, or just the lack of a personal car.
  
  
  Source: Globe Newswire
  

• A 'Fortnite' security flaw could have exposed players' accounts
  
  Fortnite fans who are able to log in and play without any issues (other than being eliminated before so much as building a ramp) might thank their lucky stars Epic Games has resolved a security issue. Check Point security researchers found vulnerabilities on Epic's site that could have let hackers access accounts.
  
  By exploiting an unsecured Unreal Tournament stats page from 2004, researchers were able to listen to Fortnite squad members speaking with each other and could have bought V-Bucks virtual currency using players' stored credit card details. The researchers found the problem in November. Epic has since resolved it and taken down the offending page.
  
  
  
  The researchers were able to redirect access tokens (a type of authentication which keeps you logged into a service) from Epic's servers to Check Points' own, meaning they could access accounts without requiring passwords. You could have been affected even if you used a Facebook, Google, PlayStation, Nintendo or Xbox account instead of your Epic username and password to log in. Hackers used a similar method to steal 29 million Facebook users' data last year.
  
  It's not the first significant security issue Epic has faced with the game. Soon after Fortnite arrived on Android, it emerged Epic's installer for such devices had a flaw that could have fooled players into installing a malware-packed fake version of the ultra-popular title.
  
  Via: CNET
  
  Source: Check Point
  

• Ditching Out-of-Date Documentation Infrastructure
      by Zack Brown   
  Long ago, the Linux kernel started using 00-Index files to list the contents of each documentation directory. This was intended to explain what each of those files documented. Henrik Austad recently pointed out that those files have been out of date for a very long time and were probably not used by anyone anymore. This is nothing new. Henrik said in his post that this had been discussed already for years, "and they have since then grown further out of date, so perhaps it is time to just throw them out."
  
  He counted hundreds of instances where the 00-index file was out of date or not present when it should have been. He posted a patch to rip them all unceremoniously out of the kernel.
  
  Joe Perches was very pleased with this. He pointed out that .rst files (the kernel's native documentation format) had largely taken over the original purpose of those 00-index files. He said the oo-index files were even misleading by now.
  
  Jonathan Corbet was more reserved. He felt Henrik should distribute the patch among a wider audience and see if it got any resistance. He added:
  
  I've not yet decided whether I think this is a good idea or not. We certainly don't need those files for stuff that's in the RST doctree, that's what the index.rst files are for. But I suspect some people might complain about losing them for the rest of the content. I do get patches from people updating them, so some folks do indeed look at them.
  
  Henrik told Jonathan he was happy to update the 00-index files if that would be preferable. But he didn't want to do that if the right answer was just to get rid of them.
  
  Meanwhile, Josh Triplett saw no reason to keep the 00-index files around at all. He remarked, "I was *briefly* tempted, reading through the files, to suggest ensuring that the one-line descriptions from the 00-INDEX files end up in the documents themselves, but the more I think about it, I don't think even that is worth anyone's time to do."
  
  Paul Moore also voiced his support for removing the 00-index files, at least the ones for NetLabel, which was his area of interest.
  
  The discussion ended there. It's nice that even for apparently obvious patches, the developers still take the time to consider various perspectives and try to retain any value from the old thing to the new. It's especially nice to see this sort of attention given to documentation patches, which tend to get left out in the cold when it comes to coding projects.
  
  Note: if you're mentioned above and want to post a response above the comment section, send a message with your response text to ljeditor@linuxjournal.com.
      Go to Full Article          

• Keep Smart Assistants from Spying on You with Alias, Security Advisory for Old scp Clients, Major Metasploit Framework Release, Mozilla Working on a New Browser for Android and VirtualBox 6.0.2 Is Out
  
  News briefs for January 16, 2019.
  
  A new open-source hardware project called Alias will keep Amazon and  Google smart assistants from spying on you. According to the project's GitHub page, "Alias is a teachable 'parasite' that is designed to give users more control over their smart assistants, both when it comes to customisation and privacy. Through a simple app the user can train Alias to react on a custom wake-word/sound, and once trained, Alias can take control over your home assistant by activating it for you."
  
  A security advisory from Harry Sintonen was issued this week concerning the scp clients in OpenSSH, PuTTY and more. LWN quotes the advisory: "Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output."
  
  A new major release of the open-source Metasploit Framework is now available. According to the Rapid7 blog post, version 5.0 of the penetration-testing tool is the first milestone update since version 4.0 came out in 2011. Along with a new release cadence, "Metasploit's new database and automation APIs, evasion modules and libraries, expanded language support, improved performance, and ease-of-use lay the groundwork for better teamwork capabilities, tool integration, and exploitation at scale."
  
  Mozilla is working on a new Android browser called Fenix. According to ZDNet, this "new non-Firefox browser for Android is apparently targeted at younger people, with Mozilla developers on GitHub tagging the description, 'Fenix is not your parents' Android browser'." In addition, mockups suggest that Fenix developers are "currently toying with the idea of putting the URL bar and home button down at the bottom of user interface."
  
  VirtualBox 6.0.2 was released yesterday, the first maintenance release of the 6.0 series. This release fixed a conflict between Debian and oracle build desktop files, fixed building drivers on SLES 12.4, fixed building shared folder driver with older kernels and much more. See the changelog for all the details.
        News  Security  Metasploit  Mozilla  Android  Fenix  VirtualBox  Privacy  Alias                   

• Bash's Built-in printf Function
      by Mitch Frazier   
   
  
  Even if you're already familiar with the printf command, if you got your information via "man printf" you may be missing a couple of useful features that are provided by bash's built-in version of the standard printf(1) command.
      Go to Full Article          

• Where There's No Distance or Gravity
      by Doc Searls   
  The more digital we become, the less human we remain.
  
  I had been in Los Angeles only a few times in my life before the October day in 1987 when I drove down from our home in the Bay Area with my teenage son to visit family. The air was unusually clear as we started our drive back north, and soon the San Gabriel Mountains���Los Angeles' own Alps (you can ski there!)—loomed over the region like a crenelated battlement, as if protecting its inhabitants from cultures and climates that might invade from the north. So, on impulse, I decided to drive up to Mount Wilson, the only crest in the range with a paved road to the top.
  
  I could see from the maps I had already studied that the drive was an easy one. Our destination also was easily spotted from below: a long, almost flat ridge topped by the white domes of Mount Wilson Observatory (where Hubble observed the universe expanding) and a bristle of towers radiating nearly all the area's FM and TV signals. The site was legendary among broadcast engineering geeks, and I had longed to visit it ever since I was a ham radio operator as a boy in New Jersey.
  
  After checking out the observatory and the towers, my son and I stood on a promontory next to a parking lot and surveyed the vast spread of civilization below. Soon four visiting golfers from New York came over and started asking me questions about what was where.
  
  I answered like a veteran docent, pointing out the Rose Bowl, Palos Verdes Peninsula, Santa Catalina and other Channel Islands, the Hollywood Hills, the San Fernando Valley, the Jet Propulsion Laboratory, Santa Anita Park and more. When they asked where the Whittier Narrows earthquake had happened a few days before, I pointed at the Puente Hills, off to the southeast, and filled them in on what I knew about the geology there as well.
  
  After a few minutes of this, they asked me how long I had lived there. I said all this stuff was almost as new to me as it was to them. "Then how do you know so much about it?", they asked. I told them I had studied maps of the area and refreshed my knowledge over lunch just before driving up there. They were flabbergasted. "Really?", one guy said. "You study maps?"
  
  Indeed, I did. I had maps of all kinds and sizes at home, and the door pockets of my car bulged with AAA maps of everywhere I might drive in California. I also added local and regional Southern California maps to my mobile inventory before driving down.
      Go to Full Article          

• Participate in Fedora Test Day Today, Netrunner Announces Netrunner 19.01 Blackbird, Security Patch for GNOME Bluetooth Tools in Ubuntu 18.04, New Giant Board SBC from Groboard and Linspire Posts Development Roadmap for 2019-2020
  
  News briefs for January 15, 2019.
  
  Today is Fedora Test Day for kernel 4.20. To participate, you just need to be able to download the test materials (which include some large files) and read and follow directions. See the wiki page for more information on how to participate.
  
  Netrunner yesterday announced the release of Netrunner 19.01 Blackbird. This desktop distro is based on Debian Testing, and updates with this version include KDE Plasma 5.14.3, KDE Frameworks 5.51, KDE Applications 18.08, Qt 5.11.3 and many more. It also sports a new look and feel called "Netrunner Black" among other changes. You can get the Netrunner 19.01 ISO from here.
  
  Canonical yesterday released a security patch for the GNOME Bluetooth tools to address a security vulnerability with Ubuntu 18.04. Softpedia News reports that security researcher Chris Marchesi discovered the vulnerability in the BlueZ Linux Bluetooth stack, "which made it incorrectly handle disabling Bluetooth visibility, allowing a remote attacker to possibly pair to Bluetooth devices." All Ubuntu 18.04 LTS users should update immediately to the gnome-bluetooth 3.28.0-2ubuntu0.1 and libgnome-bluetooth13 3.28.0-2ubuntu0.1 packages from the official repos. See the wiki for detailed instructions.
  
  Groboards has launched a new "tiny, Adafruit Feather form-factor 'Giant Board' SBC that runs Linux on Microchip's SiP implementation of its Cortex-A5-based SAMA5D SoC and offers 128MB RAM, micro-USB, microSD and I/O including ADC and PWM", Linux Gizmos reports. There's no pricing or availability information yet, but see the OSH Park blog and the Groboards site for specs and more info.
  
  Linspire recently posted its development roadmap for Linspire and Freespire releases for 2019 and 2020. The Linspire CE 8.0 Office 365 Edition is planned for February 21, 2019, with Linspire Server on April 14, 2019. Freespire 4.5 is planned for May 5, 2019 and Freespire 5.0 is scheduled for November 15, 2019.
        News  Fedora  Netrunner  Distributions  Canonical  Security  GNOME  Ubuntu  SBCs  Linspire  Freespire                   

• Linux Thursday - Jan 13, 2019 - Lingering Cough Edition
  
  Please support Linux Journal by subscribing or becoming a patron.
                                       

• Purism Announces Version 4 of Its Laptops, KDE Frameworks 5.54.0 Now Available, Debian 10 Default Theme Chosen, Linux Kernel 5.0-rc2 Is Out and Mozilla to Disable Flash in Firefox 69
  
  News briefs for January 14, 2019.
  
  Purism announced the fourth version of its Librem laptops today. The Librem 13 and 15 will be "now be upgraded with a 7th Gen Intel Core i7-7500U Processor with integrated HD Graphics that still works with coreboot. In addition, the Librem 15 display will be upgraded to 4K resolution. Upgraded models are available now for purchase whether you pick Librem 13: the road warrior or Librem 15: the desktop replacement." Note that the base cost will remain the same despite these updates (the Librem 15 is $1599, and the Librem 13 is $1399).
  
  KDE announced the release of KDE Frameworks 5.54.0. This release is part of a series of planned releases for the 80 addon libraries for Qt that make up KDE Frameworks. See the announcement for the full list of changes/fixes and download links.
  
  The Debian team announced that "futurePrototype" by Alex Makas will be the default theme for Debian 10 "Buster". The theme was selected via survey from 11 submitted themes; 3,646 people participated in the voting.
  
  Linux kernel 5.0-rc2 is out. Linus wrote, "Were there some missing commits that missed the merge window? Yes. But no more than usual. Things look pretty normal." For the full message, see the LKML.
  
  Mozilla plans to disable Adobe Flash Player in Firefox 69, which should launch in September 2019. According to Softpedia, "The next step for Mozilla is then to remove support for Flash Player entirely, so starting with early 2020, consumer versions of Firefox would no longer work with Adobe's plugin."
        News  Purism  Librem  Laptops  KDE  KDE Frameworks  Debian  kernel  Mozilla  Firefox  Flash                   

• Python Testing with pytest: Fixtures and Coverage
      by Reuven M. Lerner   
  Improve your Python testing even more.
  
  In my last two articles, I introduced pytest, a library for testing Python code (see "Testing Your Code with Python's pytest" Part I and Part II). pytest has become quite popular, in no small part because it's so easy to write tests and integrate those tests into your software development process. I've become a big fan, mostly because after years of saying I should get better about testing my software, pytest finally has made it possible.
  
  So in this article, I review two features of pytest that I haven't had a chance to cover yet: fixtures and code coverage, which will (I hope) convince you that pytest is worth exploring and incorporating into your work.
   Fixtures
  When you're writing tests, you're rarely going to write just one or two. Rather, you're going to write an entire "test suite", with each test aiming to check a different path through your code. In many cases, this means you'll have a few tests with similar characteristics, something that pytest handles with "parametrized tests".
  
  But in other cases, things are a bit more complex. You'll want to have some objects available to all of your tests. Those objects might contain data you want to share across tests, or they might involve the network or filesystem. These are often known as "fixtures" in the testing world, and they take a variety of different forms.
  
  In pytest, you define fixtures using a combination of the pytest.fixture decorator, along with a function definition. For example, say you have a file that returns a list of lines from a file, in which each line is reversed:
    def reverse_lines(f):  return [one_line.rstrip()[::-1] + '\n'  for one_line in f]  
  Note that in order to avoid the newline character from being placed at the start of the line, you remove it from the string before reversing and then add a '\n' in each returned string. Also note that although it probably would be a good idea to use a generator expression rather than a list comprehension, I'm trying to keep things relatively simple here.
  
  If you're going to test this function, you'll need to pass it a file-like object. In my last article, I showed how you could use a StringIO object for such a thing, and that remains the case. But rather than defining global variables in your test file, you can create a fixture that'll provide your test with the appropriate object at the right time.
  
  Here's how that looks in pytest:
      Go to Full Article          

• Weekend Reading: All Things Bash
      by Carlie Fairchild   
  Bash is a shell and command language. It is distributed widely as the default login shell for most Linux distributions. We've rounded up some of the most popular Bash-related articles for your weekend reading.
  
   
  
  Writing More Compact Bash Code
  
  By Mitch Frazier
  
  In most programming languages, non-scripting ones at least, you want to avoid uninitialized variables. In bash, using uninitialized variables can often simplify your code.
  
   
  
  Normalizing Filenames and Data with Bash
  
  By Dave Taylor
  
  URLify: convert letter sequences into safe URLs with hex equivalents.
  
   
  
  Roman Numerals and Bash
  
  By Dave Taylor
  
  Fun with retro-coding a Roman numeral converter—Dave heads back to his college years and solves homework anew! 
  
  Also read Dave's followup article, More Roman Numerals and Bash.
  
   
  
  Create Dynamic Wallpaper with a Bash Script
  
  By Patrick Wheelan
  
  Harness the power of bash and learn how to scrape websites for exciting new images every morning.
  
   
  
  Developing Console Applications with Bash
  
  By Andy Carlson
  
  Bring the power of the Linux command line into your application development process.
  
   
  
  Parsing an RSS News Feed with a Bash Script
  
  By Jim Hall
  
  I can automate an hourly job to retrieve a copy of an RSS feed, parse it, and save the news items to a local file that the website can incorporate. That reduces complexity on the website, with only a little extra work by parsing the RSS news feed with a Bash script.
  
   
  
  Hacking a Safe with Bash
  
  By Adam Kosmin
  
  Being a minimalist, I have little interest in dealing with GUI applications that slow down my work flow or application-specific solutions (such as browser password vaults) that are applicable only toward a subset of my sensitive data. Working with text files affords greater flexibility over how my data is structured and provides the ability to leverage standard tools I can expect to find most anywhere.
  
   
  
  Graph Any Data with Cacti!
  
  By Shawn Powers
      Go to Full Article          

• Episode 12: Vendor Lock-in
  Download ogg format 
  Links mentioned:
  
  Lessons in Vendor Lock-in: Shaving
  
  Lessons in Vendor Lock-in: Messaging