Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

King of Glory Lutheran Church

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

  • Red Hat: 2014:0415-01: libyaml: Important Advisory
    LinuxSecurity.com: Updated libyaml packages that fix two security issues are now available for Red Hat Common for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having [More...]


  • Red Hat: 2014:0413-02: java-1.7.0-oracle: Critical Advisory
    LinuxSecurity.com: Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Critical [More...]


  • Red Hat: 2014:0414-01: java-1.6.0-sun: Important Advisory
    LinuxSecurity.com: Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having [More...]


  • Red Hat: 2014:0412-01: java-1.7.0-oracle: Critical Advisory
    LinuxSecurity.com: Updated java-1.7.0-oracle packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical [More...]


  • Mandriva: 2014:079: json-c
    LinuxSecurity.com: Updated json-c packages fix security vulnerabilities:Florian Weimer reported that the printbuf APIs used in the json-clibrary used ints for counting buffer lengths, which is inappropriatefor 32bit architectures. These functions need to be changed to using[More...]



  • Mandriva: 2014:078: asterisk
    LinuxSecurity.com: Multiple vulnerabilities has been discovered and corrected in asterisk:Sending a HTTP request that is handled by Asterisk with a large numberof Cookie headers could overflow the stack. You could even exhaustmemory if you sent an unlimited number of headers in the request[More...]







  • Ars Technica: Tor network’s ranks of relay servers cut because of Heartbleed bug
    Ars Technica reportson the impact that the "Heartbleed" bug in OpenSSL has had for the Toranonymizing network. "The Tor Project team has been moving toprovide patches for all of the components, and most of the corenetwork was quickly secured. However, a significant percentage of the relay servers, many of which serve countries with heavy Internet censorship, have remained unpatched. These systems are operated by volunteers and may run unattended."


  • Friday's security updates
    Debian has updated openssl(multiple vulnerabilities), qemu (codeexecution), and qemu-kvm (code execution).
    Mageia has updated apache-mod_security (rules bypass), cups-filters (M4: code execution), openjpeg (code execution), php (denial of service), and rsync (M4: denial of service).
    Oracle has updated kernel (2.6.39 - OL5;OL6: privilege escalation) and kernel (3.8.13 - OL6: privilege escalation).
    SUSE has updated jakarta-commons-fileupload (SLES11 SP3: denial of service).


  • Debian 6.0 to get long-term support
    The Debian project has announced that the security support period for the6.0 ("squeeze") release has been extended by nearly two years; it now runsout in February 2016. At the end, squeeze will have received a full fiveyears of security support. "squeeze-lts is only going to support i386 and amd64. If you're running a different architecture you need to upgrade to Debian 7 (wheezy). Also there are going to be a few packages which will not be supported in squeeze-lts (e.g. a few web-based applications which cannot be supported for five years). There will be a tool to detect such unsupported packages."


  • ISC releases BIND 10 1.2, renames it, and turns it over to community
    Internet Systems Consortium, the non-profit behind the BIND DNS server, has released version 1.2 of BIND 10, which is the last release it will make of the "applications framework for Internet infrastructure, such as DNS". That completes ISC's development effort on BIND 10, so it has renamed the project to Bundy and turned it over to the community for updates and maintenance. "'BIND 10 is an excellent software system,' said Scott Mann, ISC's VicePresident of Engineering, 'and a huge step forward in open-sourceinfrastructure software. Unfortunately, we do not have the resources tocontinue development on both projects, and BIND 9 is much more widely used.''The BIND 10 software is open-source,' Scott added, 'so we are making itavailable for anyone who wants to continue its development. The sourcewill be available from GitHub under the name Bundy, to mitigate theconfusion between it and ISC's BIND 9 (a completely separate system).The name 'BIND' is associated with ISC; we have changed its name as areminder that ISC is no longer involved with the project.'"


  • Ubuntu 14.04 LTS (Trusty Tahr) released
    Ubuntu has announced the release of its latest long-term supportdistribution: Ubuntu 14.04 LTS (aka "Trusty Tahr"). The release noteshave all the details. It comes in a multitude of configurations, for desktops,servers, the cloud, phones, and tablets; also in many flavors: Kubuntu, Edubuntu, Xubuntu, Lubuntu, Ubuntu GNOME, UbuntuKylin, and Ubuntu Studio."Ubuntu 14.04 LTS is the first long-term support release with supportfor the new "arm64" architecture for 64-bit ARM systems, as well as the"ppc64el" architecture for little-endian 64-bit POWER systems. Thisrelease also includes several subtle but welcome improvements to Unity,AppArmor, and a host of other great software."


  • Plant Breeders Release First 'Open Source Seeds' (NPR)
    NPR has a look at the cross-pollination of open source software and agriculture, resulting in the release of the first "Open Source Seeds". The new Open Source Seed Initiative was formed to put seeds, and, more importantly, their genetic material, into a protected commons, so they will be available in perpetuity."At an event on the campus of the University of Wisconsin, Madison, backers of the new Open Source Seed Initiative will pass out 29 new varieties of 14 different crops, including carrots, kale, broccoli and quinoa. Anyone receiving the seeds must pledge not to restrict their use by means of patents, licenses or any other kind of intellectual property. In fact, any future plant that's derived from these open source seeds also has to remain freely available as well."(Thanks to Rich Brown.)


  • QEMU 2.0.0 released
    The QEMU team has announcedthe release of version 2.0.0 of the QEMU "open source machineemulator and virtualizer". New features in the release includesupport for KVM on AArch64 (64-bit ARM) systems, support for all 64-bitARMV8 instructions (other than the optional CRC and crypto extensions),support for the Allwinner A10-based cubieboard, CPU hotplug for Q35 x86systems, better Windows guest performance when doing many floating-point orSIMD operations, live snapshot merging, new management interfaces for CPUand virtio-rng hotplug, direct access to NFSv3 shares using libnfs, andlots more. Detailed information about all of the changes can be found inthe changelog.


  • Security updates for Thursday
    Debian has announced thatregular security updates for Debian 6.0 ("squeeze") will cease on May 31.But there will be long-term support for most of the packages in squeeze onjust the i386and amd64 architectures until February 2016.
    Fedora has updated cacti (F20; F19:multiple vulnerabilities), json-c (F20: twodenial of service flaws), and openstack-keystone (F20: access restriction bypass).
    Mandriva has updated json-c(BS1.0: two denial of service flaws).
    Oracle has updated java-1.6.0-openjdk (OL6; OL5:multiple vulnerabilities, most unspecified) and java-1.7.0-openjdk(OL6; OL5:multiple vulnerabilities, most unspecified).
    Red Hat has updated java-1.6.0-sun (many vulnerabilities, lotsunspecified), java-1.7.0-oracle (RHEL; RHELSupplementary: multiple vulnerabilities, most unspecified), and libyaml (RHEL6: two code execution flaws).
    Scientific Linux has updated java-1.6.0-openjdk (multiple vulnerabilities,most unspecified) and java-1.7.0-openjdk(SL5: multiple vulnerabilities, most unspecified).
    SUSE has updated flash-player(SLE11SP3: multiple vulnerabilities) and kernel (SLERTE11SP3; SLE10SP4: multiple vulnerabilities).



  • Security advisories for Wednesday
    CentOS has updated java-1.6.0-openjdk (C6; C5: multiple vulnerabilities) and java-1.7.0-openjdk (C6; C5: multiple vulnerabilities).
    Debian has updated chromium-browser (multiple vulnerabilities) and virtualbox (code execution).
    Fedora has updated cups-filters(F20: command execution), ImageMagick (F20:code execution), jbigkit (F20: codeexecution), libinfinity (F20; F19: unspecified vulnerability),mingw-openjpeg (F20; F19: code execution), mingw-openssl (F19: information disclosure),oath-toolkit (F20: replays one timepasswords), php (F20; F19: denial of service), squid (F19: denial of service), v8 (F20: multiple vulnerabilities), and wordpress (F20: multiple vulnerabilities).
    Mageia has updated asterisk (MG4; MG3:multiple vulnerabilities), cups-filters(MG4: multiple vulnerabilities), elfutils(MG3&4: code execution), fail2ban(MG3&4: denial of service), jbigkit(MG3&4: code execution), json-c(MG3&4: denial of service), and tigervnc (MG3&4: code execution).
    Mandriva has updated asterisk (two vulnerabilities).
    openSUSE has updated curl (11.4: multiple vulnerabilities).
    Red Hat has updated java-1.6.0-openjdk (RHEL5&6: multiple vulnerabilities) and java-1.7.0-openjdk (RHEL6; RHEL5: multiple vulnerabilities).
    Scientific Linux has updated java-1.7.0-openjdk (SL6: multiple vulnerabilities).
    SUSE has updated kernel(SLE11 SP3: multiple vulnerabilities) and strongswan (SLE11, SLE10 LTSS: authentication bypass).


  • Schaller: Preparing the ground for the Fedora Workstation
    Here is along piece from Christian Schaller describing the planning for theupcoming Fedora Workstation product. "So when we are planning theFedora Workstation we are not just looking at what features we can developfor individual libraries or applications like GTK+, Firefox or LibreOffice,but we are looking at what we want the system as a whole to look like. Andmaybe most important we try our hardest to look at things from afeature/usecase viewpoint first as opposed to a specific technologyviewpoint."


  • [$] Avoiding memory-allocation deadlocks
    There is a saying that you need to spend money to make money, thoughthis apparent paradox is easily resolved with a start-up loan and thediscipline of balancing expenses against income. A similar logicapplies to the management of memory in an operating system kernel suchas Linux: sometimes you need to allocate memory to free memory. Here, too, discipline is needed, though the typical consequences of notbeing sufficiently careful is not bankruptcy but rather a deadlock.The history of how the Linux kernel developed itsbalance between saving and spending is interesting as amicrocosm of how Linux development proceeds.
    Click below (subscribers only) for the full article by Neil Brown.


  • Security updates for Tuesday
    Debian has updated strongswan (authentication bypass).
    Fedora has updated mingw-openssl(F20: information disclosure), mod_security (F20; F19:rules bypass), php-ZendFramework (F20; F19:multiple vulnerabilities), php-ZendFramework2 (F20; F19:multiple vulnerabilities), and systemd(F20: code execution).
    openSUSE has updated couchdb(13.1, 12.3: denial of service) and jakarta-commons-fileupload (13.1; 12.3: denial of service).
    Ubuntu has updated curl (all:information disclosure) and python-imaging(all: two tmpfile flaws).


  • Lucas Nussbaum reelected as Debian project leader
    The results of the 2014 Debian project leader election are in; incumbentLucas Nussbaum fended off challenger Neil McGovern to win a second one-yearterm in this position. See the DPL election pagefor details on how the voting went.


  • Cinnamon 2.2 released
    Version2.2 of the Cinnamon desktop environment is out. New features include alot of improvements to the settings dialogs, tweaks to the "hot corners"and heads-up display mechanisms, better high-resolution display support,and more.






  • OpenSSL and Linux: A Tale of Two Open-Source Projects
    The Heartbleed bug has cast a bright and not entirely flattering light on the open-source movement’s incentive model. When a crucial and ubiquitous piece of security code like OpenSSL — left vulnerable for two years by the Heartbleed flaw — can be accessed by all the world’s programming muscle, but only has one full-time developer and generates less than $2,000 in donations a year, clearly something is amiss. But then there’s Linux.



  • Heartbleed: Security experts reality-check the 3 most hysterical fears
    Heartbleed has dominated tech headlines for a week now. News outlets, citizen bloggers, and even late-night TV hosts have jumped on the story, each amping up the alarm a little more than the last one. But while it's true Heartbleed is a critical flaw with widespread implications, several security experts we've spoken with believe the sky-is-falling tone of the reporting is a bit melodramatic.


  • Kubuntu 14.04 Screenshot Tour
    Welcome to Kubuntu 14.04 LTS, a brand new long-term supported version with the latest KDE software to enjoy. Long-term support means that bug fixes and security updates will be added for the next 5 years, so you can be safe to use it until 2019. New releases of important KDE software will also be available from the Kubuntu Updates and Kubuntu Backports PPAs.


  • Microsoft Abandons Windows 8.1: Take Immediate Action Or Be Cut Off Like Windows XP
    Microsoft MSFT -0.97% has been on a roll lately. Office for iOS (and soon Android), free Windows licenses for small devices, universal Windows and Windows Phone apps, Siri rival Cortana, even a promise to eventually return the start menu before Windows 9. But when it comes to Windows 8, it seems the company has a permanently loaded pistol aimed squarely at its feet.So it fits that just one week on from the launch of ‘Windows 8.1 Update 1’ (the smart upgrade mouse and keyboard users have long awaited) stupidity would strike once again.


  • Ubuntu 14.04 ships with tablet support and improved touch
    Canonical released Ubuntu 14.04 LTS, with five-year support, enhanced touchscreen support, and the first stable build of Ubuntu for Tablets. Back in November 2011 when Canonical CEO Mark Shuttleworth announced Ubuntu would support apps that ran on smartphones and tablets, as well as desktop PCs, Ubuntu 14.04 was heralded as the “convergence” release that would […]




  • Heartbleed: Security experts reality-check the 3 most hysterical fears
    Everything's been hacked! Change all your passwords but not yet! Security experts cut through the Heartbleed hype. But while it's true Heartbleed is a critical flaw with widespread implications, several security experts we've spoken with believe the sky-is-falling tone of the reporting is a bit melodramatic.




  • Ubuntu GNOME 14.04 Screenshot Tour
    The Ubuntu GNOME team is proud and happy to announce the release of Ubuntu GNOME 14.04 LTS. Ubuntu GNOME is an official flavour of Ubuntu, featuring the GNOME desktop environment. Ubuntu GNOME is a mostly pure GNOME desktop experience built from the Ubuntu repositories. This is our very first long-term support (LTS) version. Features: Most of GNOME 3.10 is now included, the few missing bits of 3.10 are available in PPA.



  • OpenStack Icehouse brings new features for the enterprise
    Deploying an open source enterprise cloud just got a little bit easier yesterday with the release of the newest version of the OpenStack platform: Icehouse. To quote an email from OpenStack release manager Thierry Carrez announcing the release, "During this cycle we added a[he]nbsp[/he]new integrated component (Trove), completed more than 350 feature[he]nbsp[/he]blueprints, and fixed almost 3000 reported bugs in integrated projects[he]nbsp[/he]alone!"


  • Xubuntu 14.04 Screenshot Tour
    The Xubuntu team is pleased to announce the immediate release of Xubuntu 14.04. Xubuntu 14.04 is an LTS (Long-Term Support) release and will be supported for 3 years.



  • IPSEC/L2TP VPN on Ubuntu 14.04 with OpenSwan, xl2tpd and ppp
    This is a guide on setting up an IPSEC/L2TP vpn server with Ubuntu 14.04 using Openswan as the IPsec server, xl2tpd as the l2tp provider and ppp or local users / PAM for authentication. It has a detailed explanation with every step. We choose the IPSEC/L2TP protocol stack because of recent vulnerabilities found in pptpd VPNs and because it is supported on all major operating systems by default. More than ever, your freedom and privacy when online is under threat. Governments and ISPs want to control what you can and can't see while keeping a record of everything you do, and even the shady-looking guy lurking around your coffee shop or the airport gate can grab your bank details easier than you may think. A self hosted VPN lets you surf the web the way it was intended: anonymously and without oversight.


Linux Insider

  • Adobe's Open Source Tightrope Walk
    Open source software continues to gain momentum -- but what is not growing is an open desire among individual software developers to port their commercial Windows wares to Linux. Open source support is not a mere in or out decision. Some software makers shape their business models to take advantage of open source support for some products but not others.


  • uGet Gives Great Downloads
    The latest version of the uGet Download Manager rekindled my interest in grabbing files without relying on a Web browser. uGet version 1.10.4. was released last month. Written in C, it uses GTK+3 for its user interface, and it is packed full with improvements. It is very reliable and stable, with 11 years of growth behind it. The uGet website has received a makeover to better support users.


  • Google Mounts $100K Project Ara Dev Challenge
    Google announced a $100,000 developers' challenge prize on Wednesday, the second day of its Project Ara modular phone developers' conference. The top two runners-up will get all-expenses paid trips for two or three people to the next Ara devcon -- there will be a few more held this year -- and guaranteed hardware for the project, said Project Ara lead Paul Eremenko.


  • Fun and Angst With Google Glass
    Google Glass, which has been the focus of considerable controversy, went on sale Tuesday -- for one day only -- at $1,500, with Android KitKat and new features that include improved battery life, photo bundles, photo replies and voice command sorting.  However, one feature -- video calling -- has been eliminated because fewer than 10 percent of Explorer beta users employed it.


  • Linux and the Post-XP Cry for Help
    Well the Linux landscape shifted dramatically last week, and not just because of the discovery of the Heartbleed bug. No indeed, there's another key reason this little planet of ours isn't the same as it was a week ago, and that's none other than Windows XP's long-anticipated end of life. "As of April 8, 2014, support and updates for Windows XP are no longer available," wrote Microsoft.


  • Mozilla in the Eye of the Storm
    The uproar that erupted over Mozilla Foundation cofounder Brendan Eich's appointment as CEO of its subsidiary Mozilla Corp. and resulted in his stepping down perhaps was symptomatic of the troubles the foundation is going through, in that opposition to his taking the post had both political and technological dimensions. Politically, the firestorm was over Eich's anti-gay marriage stance.


  • Desperately Seeking Linux Programmers
    Help Wanted: computer programmers needed to code and maintain Linux systems. The Linux operating system and Linux servers are so widely used today that not enough Linux-trained coders and system techs exist. Software developers and enterprise IT departments have jobs but no takers. To fill this shortage, the Linux Foundation has partnered with edX to offer a free online course.


  • CAELinux Is the Ideal Distro for Designing Scientists
    CAELinux is a perfect example of the power of open source to tailor the Linux OS to users' specialized needs. This computer-assisted engineering distro clearly is not for the vast majority of Linux users, but it certainly has all the features you would expect in any mature Linux OS -- and then some. The extra ingredients make CAELinux a unique Linux distro for engineers and scientists.


  • SDF Cofounder Chris Davis: Bad Guys Will Need a New M.O.
    In the war against malware, a new strategy is taking shape. The good guys are preparing to demolish the bad guys' most effective weapons: rogue websites. The Secure Domain Foundation will tackle the identification and prevention of Internet cybercrime through a series of steps designed to interfere with the way cybergangs operate online. SDF made its debut last month at ICANN 49 in Singapore.


  • FOSS Community Hustles to Fix Gaping Heartbleed Flaw
    A flaw in OpenSSL that has been around since 2011, the Heartbleed Bug, lets hackers steal information protected by the SSL/TLS encryption used to secure the Internet. Codenomics, which co-discovered the flaw at about the same time as Google's Neel Mehta, tested some of its own services and found it could steal "the secret keys used for our X.509 certificates, user names and passwords" and more.


  • Lessons Learned from Mozilla's Edgy Eich Episode
    It seems fair to say that we here in the Linux blogosphere are no strangers to difficult topics, but over the past few weeks FOSS fans have been struggling with what may be one of the trickiest yet. It is, of course, the matter of Brendan Eich. Cofounder of Mozilla, creator of JavaScript, Mozilla CTO for years and then CEO for just 10 days, Eich's term at the helm was cut short as a result of a firestorm of protest.


  • Eich Falls on Sword for Mozilla
    Mozilla Foundation cofounder Brendan Eich -- whose recent appointment as CEO of subsidiary Mozilla Corp. sparked an uproar -- on Thursday stepped down from the post in a bid to keep the company viable. Foundation cofounder and CEO Mitchell Baker painted the move as a return to the foundation's core principles, noting that Eich made the decision "for Mozilla and our community."



  • Preventative Treatment For Heartbleed On Healthcare.gov
    As the San Francisco Chronicle reports, "People who have accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the confounding Heartbleed Internet security flaw." Take note, though; the article goes on to immediately point out this does not mean that the HealthCare.gov site has been compromised: "Senior administration officials said there is no indication that the HealthCare.gov site has been compromised and the action is being taken out of an abundance of caution. The government's Heartbleed review is ongoing, the officials said, and users of other websites may also be told to change their passwords in the coming days, including those with accounts on the popular WhiteHouse.gov petitions page." Also at The Verge


    Read more of this story at Slashdot.







  • New 'Google' For the Dark Web Makes Buying Dope and Guns Easy
    First time accepted submitter turkeydance (1266624) writes "The dark web just got a little less dark with the launch of a new search engine that lets you easily find illicit drugs and other contraband online. Grams, which launched last week and is patterned after Google, is accessible only through the Tor anonymizing browser (the address for Grams is: grams7enufi7jmdl.onion) but fills a niche for anyone seeking quick access to sites selling drugs, guns, stolen credit card numbers, counterfeit cash and fake IDs — sites that previously only could be found by users who knew the exact URL for the site."


    Read more of this story at Slashdot.







  • 3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger
    Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.


    Read more of this story at Slashdot.







  • Ask Slashdot: Hungry Students, How Common?
    Gud (78635) points to this story in the Washington Post about students having trouble with paying for both food and school. "I recall a number of these experiences from my time as grad student. I remember choosing between eating, living in bad neighborhoods, putting gas in the car, etc. Me and my fellow students still refer to ourselves as the 'starving grad students.' Today we laugh about these experiences because we all got good jobs that lifted us out of poverty, but not everyone is that fortunate. I wonder how many students are having hard time concentrating on their studies due to worrying where the next meal comes from. In the article I found the attitude of collage admins to the idea of meal plan point sharing, telling as how little they care about anything else but soak students & parents for fees and pester them later on with requests for donations. Last year I did the college tour for my first child, after reading the article, some of the comments I heard on that tour started making more sense. Like 'During exams you go to the dining hall in the morning, eat and study all day for one swipe' or 'One student is doing study on what happens when you live only on Ramen noodles!' How common is 'food insecurity in college or high school'? What tricks can you share with current students?"


    Read more of this story at Slashdot.







  • Google's New Camera App Simulates Shallow Depth of Field
    New submitter katiewilliam (3621675) writes with a story at Hardware Zone about a new feature that Google's working on for Android phones' built-in cameras: the illusion of shallow depth of field in phone snapshots, which typically err on the side of too much in focus, rather than too little. Excerpting: "The Google Research Blog [note: here's a direct link] revealed that there's quite a fair bit of algorithms running to achieve this effect; to put it in a nutshell, computer vision algorithms create a 3D model of the world based on the shots you have taken, and estimate the depth to every point in the scene."


    Read more of this story at Slashdot.







  • Beer Price Crisis On the Horizon
    Rambo Tribble (1273454) writes "The aficionados of beer and distilled spirits could be in for a major price-shock, if proposals by the Food and Drug Administration come to pass. Currently, breweries are allowed to sell unprocessed brewing by-products to feed farm animals. Farmers prize the nutritious, low-cost feed. But, new rules proposed by the FDA could force brewers to implement costly processing facilities or dump the by-products as waste. As one brewer put it, "Beer prices would go up for everybody to cover the cost of the equipment and installation.""


    Read more of this story at Slashdot.







  • Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions
    wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."


    Read more of this story at Slashdot.







  • Russia Writes Off 90 Percent of North Korea Debt
    jones_supa (887896) writes "In Russia, the State Duma (lower house) on Friday ratified a 2012 agreement to write off the bulk of North Korea's debt. It said the total debt stood at $10.96 billion as of Sept. 17, 2012. Russia sees this lucrative in advancing the plans to build a gas pipe and railroad through North to South Korea. The rest of the debt, $1.09 billion, would be redeemed during the next 20 years, to be paid in equal installments every six months. The outstanding debt owed by North Korea will be managed by Russia's state development bank, Vnesheconombank. Moscow has been trying to diversify its energy sales to Asia away from Europe, which, in its turn, wants to cut its dependence on oil and gas from the erstwhile Cold War foe. Russia's state-owned top natural producer Gazprom is dreaming shipping 10 billion cubic meters of gas annually through the Koreas. Russia has written off debts to a number of impoverished Soviet-era allies, including Cuba. North Korea's struggling communist economy is just 2 percent of the size of neighboring South's."


    Read more of this story at Slashdot.







  • The Design Flaw That Almost Wiped Out an NYC Skyscraper
    Hugh Pickens DOT Com (2995471) writes "Joel Werner writes in Slate that when Citicorp Center was built in 1977 it was, at 59 stories, the seventh-tallest building in the world but no one figured out until after it was built that although the chief structural engineer, William LeMessurier, had properly accounted for perpendicular winds, the building was particularly vulnerable to quartering winds — in part due to cost-saving changes made to the original plan by the contractor. "According to LeMessurier, in 1978 an undergraduate architecture student contacted him with a bold claim about LeMessurier's building: that Citicorp Center could blow over in the wind," writes Werner. "LeMessurier realized that a major storm could cause a blackout and render the tuned mass damper inoperable. Without the tuned mass damper, LeMessurier calculated that a storm powerful enough to take out the building hit New York every 16 years." In other words, for every year Citicorp Center was standing, there was about a 1-in-16 chance that it would collapse." (Read on for more.)


    Read more of this story at Slashdot.







  • Declassified Papers Hint US Uranium May Have Ended Up In Israeli Arms
    Lasrick (2629253) writes "Victor Gilinsky and Roger J. Mattson update their story on the NUMEC affair to take into account the recent release of hundreds of classified documents that shed additional light on the story. In the 1960s, the Nuclear Materials and Equipment Corporation (NUMEC) was found to be missing about a 100 pounds of bomb-grade uranium. Based on available evidence, Gilinsky and Mattson are convinced that the material ended up in Israel nuclear bombs. The newly release documents add more to the story, and Gilinsky and Mattson are calling on President Obama to declassify the remainder of the file."


    Read more of this story at Slashdot.







  • For $20, Build a VR Headset For Your Smartphone
    An anonymous reader writes "Not everyone can drop a few hundred dollars on a VR headset, but that doesn't mean they can't experience VR! For those with the time and a bit of handiwork skill, this DIY guide from guest writer Ohaple will show you how to make a smartphone-based VR headset for as little as $20. Along the way, you'll learn the hardware and software basics of a VR headset." This project screams for a ready-made commercial version; does anyone know of existing purpose-built headgear? As one of the comments on the linked tutorial says, Poppy seems close, but lacks an LED for tracking.


    Read more of this story at Slashdot.







  • Microsoft Plans $1 Billion Server Farm In Iowa
    1sockchuck (826398) writes "Microsoft will invest $1.1 billion to build a massive new server farm in Iowa, not far from an existing data center in West Des Moines. The 1.2 million square foot campus will be one of the biggest in the history of the data center industry. It further enhances Iowa's status as the data center capital of the Midwest, with Google and Facebook also operating huge server farms in the state."


    Read more of this story at Slashdot.







  • DARPA Developing the Ultimate Auto-Pilot Software
    coondoggie (973519) writes "Call it the ultimate auto-pilot — an automated system that can help take care of all phases of aircraft flight-even perhaps helping pilots overcome system failures in-flight. The Defense Advanced Research Projects Agency (DARPA) will in May detail a new program called Aircrew Labor In-Cockpit Automation System (ALIAS) that would build upon what the agency called the considerable advances that have been made in aircraft automation systems over the past 50 years, as well as the advances made in remotely piloted aircraft automation, to help reduce pilot workload, augment mission performance and improve aircraft safety."


    Read more of this story at Slashdot.









  • Bookies Predict the Future of Tech
    First time accepted submitter machineghost (622031) writes "It's one thing to make predictions about the future of tech; that happens all the time on Slashdot. But it's quite a different thing to put money on the line to back up those predictions, which is exactly what this British bookie has done. Think you know whether Google Glass will beat the iPhone, or whether we'll be ready to go to Mars and back by 2020? Now's your chance to capitalize on those predictions!" Or you could, y'know, invest money in at least some of them, and thereby increase their chances of succeeding.


    Read more of this story at Slashdot.







  • Minerva CEO Details His High-Tech Plan To Disrupt Universities
    waderoush (1271548) writes "In April 2012, former Snapfish CEO Ben Nelson provoked both praise and skepticism by announcing that he'd raised $25 million from venture firm Benchmark to start the Minerva Project, a new kind of university where students will live together but all class seminars will take place over a Google Hangouts-style video conferencing system. Two years later, there are answers – or the beginnings of answers – to many of the questions observers have raised about the project, on everything from the way the seminars will be organized to how much tuition the San Francisco-based university will charge and how it's gaining accreditation. And in an interview published today, Nelson share more details about how Minerva plans to use technology to improve teaching quality. 'If a student wants football and Greek life and not doing any work for class, they have every single Ivy League university to choose from,' Nelson says. 'That is not what we provide. Similarly, there are faculty who want to do research and get in front of a lecture hall and regurgitate the same lecture they've been giving for 20 years. We have a different model,' based on extensive faculty review of video recordings of the seminars, to make sure students are picking up key concepts. Last month Minerva admitted 45 students to its founding class, and in September it expects to welcome 19 of them to its Nob Hill residence hall."


    Read more of this story at Slashdot.







  • Peoria Mayor Sends Police To Track Down Twitter Parodist
    New submitter rotorbudd (1242864) writes with an article at Reason about Jim Ardis, mayor of Peoria, Illinois, who ordered police to track down whoever was responsible for a parody Twitter account mocking him."Guess the good Mayor has never heard of the Streisand Effect. 'The original Twitter account had a total of 50 followers. The new account has over 200.'"


    Read more of this story at Slashdot.







  • California Utility May Replace IT Workers with H-1B Workers
    dcblogs writes: "Southern California Edison is preparing to offshore IT jobs, the second major U.S. utility in the last year to do so. It will be cutting its staff, but it hasn't said by how much. The utility is using at least two offshore outsourcing firms, according to government records. SCE's management culture may be particularly primed for firing its IT workers. Following a workplace shooting in SCE's IT offices in 2011, the utility conducted an independent audit of its organizational and management culture. One observation in this report, which was completed a year later, was that 'employees perceive managers to be more concerned about how they 'look' from above, and less concerned about how they are viewed by their subordinates. This fosters an unhealthy culture and climate by sending a message to employees that it is more important to focus on how things look from the top than how they actually are down below.'"


    Read more of this story at Slashdot.







  • How Nest and FitBit Might Spy On You For Cash
    Nerval's Lobster writes: "Forbes offers up a comforting little story about how Nest and FitBit are planning on turning user data in a multi-billion-dollar business. 'Smart-thermostat maker Nest Labs (which is being acquired by Google for $3.2 billion) has quietly built a side business managing the energy consumption of a slice of its customers on behalf of electric companies,' reads the article. 'In wearables, health tracker Fitbit is selling companies the tracking bracelets and analytics services to better manage their health care budgets, and its rival Jawbone may be preparing to do the same.' As many a wit has said over the years: If you're not paying, you're the product. But if Forbes is right, wearable-electronics companies may have discovered a sweeter deal: paying customers on one side, and companies paying for those customers' data on the other. Will most consumers actually care, though?"


    Read more of this story at Slashdot.







  • Americans Uncomfortable With Possibility of Ubiquitous Drones, Designer Babies
    alphadogg writes: "Americans are optimistic about scientific inventions on the horizon, though are cautious about future uses of DNA, robots, drones and always-on implants, according to the latest Pew Research Center survey on future technology (PDF). Asked about the likelihood of certain advances 50 years from now, survey respondents were most sure that lab-grown custom organs for transplant will happen (81%). Only 19% expect humans will be able to control the weather by then. When asked how they felt about possible near-term advances, 65% thought robot caregivers for the elderly is a bad idea, 63% didn't want to see personal drones in U.S. airspace, and 66% thought parents altering the DNA of prospective children was a bad idea."


    Read more of this story at Slashdot.







  • MediaGoblin and FSF Successfully Raise Funds For Federation, Privacy Features
    paroneayea writes: "GNU MediaGoblin and the Free Software Foundation have jointly run a campaign for privacy and federation on the web. The campaign is in its last day but has already passed the first two funding milestones, and is hoping to raise more with the possibility of bringing in multiple dedicated resources to the project. The project has also released a full financial transparency report so donors can know how they can expect their money to be used!"


    Read more of this story at Slashdot.







  • VA Supreme Court: Michael Mann Needn't Turn Over All His Email
    RoccamOccam sends news that the Virginia Supreme Court has ruled that Michael Mann, a climate scientist notable for his work on the "hockey stick" graph, does not have to turn over the entirety of his papers and emails under Freedom of Information laws. Roughly 1,000 documents were turned over in response to the request, but another 12,000 remain, which lawyers for the University of Virginia say are "of a proprietary nature," and thus entitled to an exemption. The VA Supreme Court ruled (PDF), "the higher education research exemption's desired effect is to avoid competitive harm not limited to financial matters," and said the application of "proprietary" was correct in this case. Mann said he hopes the ruling "can serve as a precedent in other states confronting this same assault on public universities and their faculty."


    Read more of this story at Slashdot.







  • Ask Slashdot: What Tech Products Were Built To Last?
    itwbennett writes: "When you think about tech products these days, you probably think 'refresh cycle' more than 'built to last.' But there are plenty of tech products that put up with hard, daily use year after year. Here's a few to get you started: Logitech MX510 mouse, Brother black & white laser printer, Casio G-Shock watch, Alvin Draf-Tec Retrac mechanical pencil, Sony Dream Machine alarm clock. What's your longest-lasting, hardest-working device?"


    Read more of this story at Slashdot.







  • Samsung's Position On Tizen May Hurt Developer Recruitment
    CowboyRobot sends in an article about how Samsung's constantly shifting plans for its smartwatches are making it hard for developers to commit to building apps. Quoting: "Samsung's first smartwatch, released in October last year, ran a modified version of Google's Android platform. The device had access to about 80 apps at launch, all of which were managed by a central smartphone app. Samsung offered developers an SDK for the Galaxy Gear so they could create more apps. Developers obliged. Then Samsung changed direction. Samsung announced a new series of smartwatches in February: the Gear 2, Gear 2 Neo, and Gear Fit. Unlike the first device, these three run Samsung’s Tizen platform. ... This week, Samsung made things even more interesting. Speaking to Reuters, Yoon Han-kil, senior vice president of Samsung’s product strategy team, said the company is working on a watch that will use Google’s Android Wear platform. In other words, Samsung will bring three different watches to market with three different operating systems in under a year."


    Read more of this story at Slashdot.







  • LOHAN and the amazing technicolor spaceplane
    Our Vulture 2 livery is wrapped, and it's les noix du mutt
    Picture special Cue the traditional portentous drumroll and fanfare of trumpets as we reveal today the finished livery of our Vulture 2 spaceplane – a provocative combination of paint job and vinyl wrap which is, frankly, the mutt's nuts.…


  • R.I.P. LADEE: Probe smashes into lunar surface at 3,600mph
    Swan dive signs off successful science mission
    Pics NASA has confirmed that the Lunar Atmosphere and Dust Environment Explorer (LADEE) spacecraft, which has spent the last 100 days orbiting the Moon, has shuffled off its mortal coil in a spectacular swan dive into the lunar regolith between 9:30pm and 10:22pm PDT on Thursday.…


  • Judge halts spread of zombie Nortel patents to Texas in Google trial
    Epic Rockstar patent war to be waged in California
    Google has won a victory in its battle against patent troll Rockstar, with a US District Court judge having denied Rockstar's request to try the case in the troll-friendly Eastern District of Texas, rather than in California.…



  • True optical zoom coming to HTC smartphone cameras
    Time to ditch that heavy DSLR? Maybe in a year, year and a half
    An HTC spokesman says that smartphone camera technology is advancing at such a rate that it may soon catch up to "real" cameras in one critical feature that separates pro shooters from snap shooters: optical zoom.…




  • Leaked photos may indicate slimmer next-generation iPad
    Will iPad Air evolve into iPad Helium?
    Photos have surfaced that purport to show Apple's next iPad having a bonded LCD and front-panel glass display, allowing it to be even thinner than the current 7.5mm (0.29-inch) thick iPad Air – or perhaps the same thickness, but with a larger battery.…


  • Reddit users discover iOS malware threat
    'Unflod Baby Panda' looks to snatch Apple IDs
    Users on a mobile phone hacking subreddit are being credited with the discovery of a malware infection targeting iOS users.…


  • Edward Snowden on his Putin TV appearance: 'Why all the criticism?'
    Denies Q&A cameo was meant to slam US, big-up Russia
    Fugitive whistleblower Edward Snowden has written an op-ed column in the Guardian justifying his decision to go on live TV to question Russian President Vladimir Putin about his country's policies on mass surveillance.…


  • Number crunching suggests Yahoo! US is worth less than nothing
    China and Japan holdings worth more than entire company
    It has been 18 months since former Google golden girl Marissa Mayer took over the helm at Yahoo! and outwardly things look pretty good, but the latest financial analysis shows the Purple Palace might actually be worth less than zero.…


  • Ex–Apple CEO John Sculley: Ousting Steve Jobs 'was a mistake'
    Twenty-nine years later, post-Pepsi exec has flat-forehead moment
    Ex–Apple CEO John Sculley, who engineered Steve Jobs' removal from managing the company's Macintosh division in May 1985 – a move that eventually led Jobs to resign that September – now thinks it may not have been such a good idea.…


  • Spanish village called 'Kill the Jews' mulls rebranding exercise
    Not exactly attractive to the Israeli tourist demographic
    Residents in the Spanish village of Castrillo* Matajudíos (Castrillo Kill the Jews) will vote on Saturday on whether it's time to change the name of their small hamlet in the province of Burgos to something a little less offensive.…



  • Arts and crafts store Michaels says 3 million credit cards exposed in breach
    Meanwhile, Target investigators prepare for long process in nabbing hackers
    As the officials investigating the Target data breach are settling in for what they believe will be a long and complex process of catching the hackers behind the heist, another US retailer is admitting that it lost millions of customer payment card details.…







  • AMD posts $1.4bn in sales, beats Wall Street moneymen's predictions
    Ah, but it's that pesky GAAP v. non-GAAP spread again: net loss of $20m or gain of $12m?
    Updated AMD has announced its financial results for its first fiscal quarter, and the chip designer handily beat analysts' expectations in both revenues and the all-important – to the Wall Street moneymen, at least – earning per share (EPS).…


  • Nokia halts sales of Lumia 2520 Win RT tablet over zap-happy charger
    Crummy cables pose risk of electric shock
    Nokia's Lumia 2520 is one of the few tablets to ship with Windows RT besides Microsoft's own Surface line, but the Finnish firm has now suspended sales of its ARM-based Windows fondleslab in Europe due to issues with its charger.…





  • Samsung, GlobalFoundries ink exclusive, multi-year 14nm FinFET deal
    Customers can 'save literally hundreds of millions of dollars in design costs,' they claim
    Samsung and GlobalFoundries have announced a collaborative agreement that will enable 14-nanometer FinFET chippery to be manufactured at Samsung's fabs in Hwaseong, South Korea and Austin, Texas, as well as at GlobalFoundries' fab in Saratoga, New York.…
















  • Inside the Hekaton: SQL Server 2014's database engine deconstructed
    Nadella's database sqares the circle of cheap memory vs speed
    It's 1996 and Mission:Impossible has just arrived on the cinema screens. RAM is $10 per megabyte and falling. Against this backdrop, Microsoft has quietly commenced its own seemingly impossible mission, a complete re-write of a little known database which will be released two years into the future, and will be known as SQL Server 7.…



  • AWS bins elastic compute units, adopts virtual CPUs
    Customers tired of wrapping their heads around odd computing power metric
    Gartner analyst Kyle Hilgendorf has spotted something very interesting: Amazon Web Services seems to have stopped rating cloud servers based on EC2 compute units (ECUs), its proprietary metric of computing power.…


  • MIT boffins moot tsunami-proof floating nuke power plants
    What could go wrong with that?
    Boffins at MIT have mooted a new concept for nuclear power plants which would see the entire facility towed several miles out to sea and moored in a similar way to offshore oil and gas platforms.…


  • Leaked pics show EMBIGGENED iPhone 6 screen
    Fat-fingered fanbois rejoice over Chinternet snaps
    Fruity toy maker Apple’s next iPhone looks like it will definitely have a significantly bigger screen, if you believe the latest images to have found their way onto the Chinternet.…



  • Oz winemaker/cloud says DEY buy cheaper than vendors' SDS
    Door left open to future productisation
    CloudCentral, the Australian cloud-cum-wine company that this week acquired the intellectual property of software-defined storage (SDS) startup DEY, says the transaction was a cheaper way to build its own SDS than buying it from a vendor.…






Linux.com offline for now


  • AMD Is Disabling DPM Support For RV770 GPUs
    For the many owners of "RV770" hardware out there with the once popular Radeon HD 4850 and HD 4870 graphics cards, AMD open-source developers are now proposing the dynamic power management (re-clocking) support be disabled by default to deal with open bugs...



  • ReactOS Working On A Community Windows OS
    A few months after ReactOS announced plans for a Cloud OS, the open-source project aiming for binary compatibility with Microsoft Windows platforms, is now trying to spin a community edition of its operating system...


  • How Much Video RAM Is Needed For Catalyst R3 Graphics?
    For those wondering how much video memory you should allocate from your system RAM for the Radeon R3 Graphics with the new AM1 APUs, we have up some new Linux OpenGL benchmarks of the AMD Athlon 5350 performance with varying amounts of video memory available.


  • Ubuntu 12.04 LTS vs. 14.04 LTS Cloud Benchmarks
    Our latest Ubuntu 14.04 LTS benchmarks up this morning to complement our preliminary Ubuntu 14.04 LTS server benchmarks and desktop benchmarks are of the past two Ubuntu Long Term Support releases running within DigitalOcean's public cloud.





  • Getting Hit By The Variable Performance Of The Public Cloud
    With yesterday's official release of Ubuntu 14.04 LTS I set out to do some benchmarks of Ubuntu 12.04 LTS vs. 14.04 LTS in the public cloud. Unfortunately, that testing was drawn out due to the variable performance out of instances/droplets in the public cloud that are even of the same instance type...



  • Git 2.0 Test Releases Begin With Many Changes
    Junio Hamano has made for an exciting weekend with the announcement of Git 2.0.0-rc0, the first test release of the upcoming Git 2.0 release that will have features breaking backward compatibility with Git 1.x...



  • 13-Way Low-End GPU Comparison With AMD's AM1 Athlon
    For those looking at purchasing hardware for a low-cost socketed Kabini APU system build following our many AMD AM1 Platform tests under Linux that found the low-end hardware to play well with the open-source operating system, one of the motherboards worth considering is the ASUS AM1I-A.


  • The Improv ARM Board Still Isn't Shipping; Riding A Dead Horse?
    Announced last year was an open-source ARM development board running Mer with an aim of supporting X.Org and Wayland based environments and would be powerful enough to run KDE's Plasma Active environment. The Improv is now three months past its original ship-date and there's no indication of the low-end dual-core Cortex-A7 + 1GB RAM hardware shipping anytime soon...


  • Debian To Maintain 6.0 Squeeze As An LTS Release
    Regular security support for Debian 6.0 "Squeeze" was set to end after next month, but now the Debian developers have decided to provide security support for this 2011 Debian Linux release until February 2016 -- marking five years since the original Debian 6.0 release...


  • Wasteland 2 Is Finally Released For Linux Gamers
    The Wasteland 2 post-apocalyptic role-playing game is now out for Linux by inXile Entertainment. The Kickstarter-backed game is still in beta for the Linux version just surfaced via Steam on Linux...



  • ASUS AM1I-A: A Mini-ITX Board For Socketed Kabini APUs
    For those looking at purchasing hardware for a low-cost socketed Kabini APU system build following our many AMD AM1 Platform tests under Linux that found the low-end hardware to play well with the open-source operating system, one of the motherboards worth considering is the ASUS AM1I-A.




  • Ubuntu 12.04.4 vs. 13.10 vs. 14.04 LTS Desktop Benchmarks
    With Ubuntu 14.04 LTS being released today, here's some fresh benchmarks comparing the Ubuntu 14.04 64-bit performance against Ubuntu 13.10 and Ubuntu 12.04.4 LTS. In this article are desktop and gaming benchmarks comparing these versions of Ubuntu Linux.


  • QEMU 2.0 Released With ARM, x86 Enhancements
    QEMU 2.0 has officially shipped. The QEMU 2.0 release has been under development for many months and has numerous new features for this processor emulator commonly used in conjunction with Linux KVM or Xen...



  • AMD OpenCL Performance With AM1 Kabini APUs
    For those curious how AMD's AM1 APUs are running with OpenCL workloads given the company's focus on HSA, here's a wide-range of OpenCL benchmarks from the four Athlon and Sempron AM1 APUs currently on the market while running Ubuntu 14.04 LTS.


  • Intel Haswell Graphics Benchmarks From Linux 3.15
    After yesterday delivering some early Linux 3.15 benchmarks using an Intel Core i7 and AMD Radeon graphics, here's some brief and RC1-stage tests looking at Intel "Haswell" HD Graphics 4600 with the new kernel...




  • Mini-Box M350: A Simple, Affordable Mini-ITX Case
    If you are looking for a very compact enclosure that can handle a mini-ITX motherboard and up to two 2.5-inch hard drives while measuring in at just 192 x 210 x 62 mm, the Mini-Box M350 might be the performance case for your needs.


  • Fedora Workstation Is Making Me Quite Excited
    With the ongoing rework happening within the Fedora camp, there's emerging Fedora Workstation, Fedora Cloud, and Fedora Server "product" working groups. The work happening within Fedora Workstation is quite exciting and rejuvenating the project...





  • A Quick Look At GCC 4.9 vs. LLVM Clang 3.5
    Following my most recent GCC 4.9 benchmarks for the open-source compiler that should be officially released next week, I ran some benchmarks of the GCC compiler results against LLVM's Clang 3.5 compiler in its latest SVN state. Here's the data for those curious how the very latest compiler code is comparing between GCC and LLVM/Clang.


  • Trying Out Radeon R9 290 Graphics On Open-Source
    One of the more commonly occurring test requests at Phoronix lately has been about testing the open-source RadeonSI Gallium3D driver with the Radeon R9 290 "Hawaii" graphics cards. Sadly, there's a reason why the R9 290 hardware isn't tested on the open driver much under Linux...




Engadget



  • Rufus Cuff wants to dominate the wearable market and your forearm


    We told you to put on your disappointment pants for the Galaxy Gear 2, but for the Rufus Cuff we suggest rolling up your absurdity sleeves. Seriously, given its three-inch screen you might just have to. This wearable boasts a built-in mic, a camera, a speaker, web browser, voice control, GPS and full access to the Google Play store -- if the Cuff sounds like a smartphone that straps to your wrist, well, that's basically what it is. It connects to your Android or iPhone via Bluetooth for mobile data, making calls and sending texts, but it's running a full version of Google's mobile OS and can hook on to WiFi if you're in a cellular dead-zone or if your phone's battery runs out.

    While the gizmo doesn't exactly look practical (we're pretty sure that it won't play nice with the cuffs of a slim-cut oxford), as of this writing it's has raised over $150,000 of its $200,000 IndieGoGo goal, with a handful of days to go. If you dig the idea of strapping one of these monstrosities on your wrist, all it takes is a $249 pledge.



    Filed under: Wearables, Mobile

    Comments

    Source: IndieGoGo



  • Play: The frantic, fun and infuriating Trials Fusion

    Some games are so challenging, frustrating and physically draining that your controller could easily explode against the nearest wall at any second. the next few months, but that doesn't excuse its absence at launch. Until that arrives, though, you'll have to rely on the level creator and community-generated tracks to hold your attention outside of the main game.
    Anyway, enough from us. It's halfway through the bank holiday already, and you won't make any impact on the leaderboards enjoying the sun with family and friends. Clock's ticking...
    Trials Fusion is out now for PS4, Xbox 360, Xbox One and Windows PCs.

    Filed under: Gaming

    Comments



  • AllCast's screen-mirroring magic arrives on Amazon's Fire TV App Store


    Been putting off sideloading AllCast's SDK to your brand new Amazon Fire TV? Well, friend, your procrastination has paid off. Now, all you have to do to install the casting and screen-mirroring app is download it straight from the Amazon App Store. So long as you also have AllCast installed on an Android device, you can beam photos, videos and music from your phone or tablet to Amazon's set-top box. Plus, you can use the app to view images and videos saved on Google+ and Dropbox. If you don't plan to pick up a Fire TV (waiting for the second one, eh?), you can still use AllCast with a number of other devices, including Chromecast, Xbox One, Roku, Apple TV and a smattering of smart TVs.

    Filed under: Household, HD, Amazon

    Comments

    Source: Koushik Dutta (Google+), Amazon


  • EFF and Sunlight Foundation come together to build Contact-Congress


    If you've never contacted your congress person then you might not realize how difficult our politicians have made it to get a hold of them. There are 535 members of the House and Senate all whom have some arcane contact form on their websites that obscure their direct email address. It's inconvenient for a single person to write a letter to all their elected representatives. But for organizations looking drive letter writing campaigns it's a nightmare. Individuals wont want to visit three separate sites as part of a push to pass or block a piece of legislation. And while there are services out there that can automate part of the work by routing messages to the right email addresses, they charge thousands of dollars a year for access to their tools and databases.

    The Electronic Frontier Foundation and The Sunlight Foundation saw the need for a better solution and asked the open source community for help. After just a couple of days of marathon coding, the advocacy groups had their answer: Contact-Congress. The idea is to allow easy mass messaging of members of congress through a simple form. The core of the system is a database of email addresses and contact forms that have been hacked together from the various sites for elected officials. And that database is open to be used in other ways, beyond simply sending out form letters from an angry electorate.

    But, Contact-Congress isn't really the end game. In fact, it's not even the final product -- it's merely the open-source backbone of what will eventually be numerous projects. The Sunlight Foundation will be folding parts of this new project into OpenCongress, it's public website loaded with information about members of the House and Senate. Voters will be able to visit the site, see their congressman's voting record and from the same page send them an email telling them why they think it was the wrong decision.

    The EFF will offer two tools: Action Center, their own messaging service that will be built around its pet projects, and Congress-Forms, a sort of middleman for those that want access to the Contact-Congress database without having to do too much tinkering in the source code. There may even be an API in the near future that developers could easily tap into from their existing apps. Though, if you really do want to poke around at its insides, you can download the open source software from Github right now.

    Filed under: Misc, Internet

    Comments

    Source: Motherboard, VentureBeat


  • Irish school children are building worlds for the Oculus Rift

    If games, wildlife documentaries and virtual strolls in the park aren't enough to validate virtual reality for you, try this one: educational motivation. School children in Ireland have been using a open source version of Second Life to learn coding, 3D modeling and to create virtual spaces of recent field trips. Their most recent project: recreating the monastery of Clonmacnoise and exploring it with an Oculus Rift. Technically the Rift isn't part of the classroom's normal operations -- the founder of the MissionV virtual reality platform the school is visiting brought it with him on a recent visit -- but it did give the students a new perspective on the world they had built. "Whoa," one student exclaimed, looking at the classroom's recreation of Clonmacnoise's McCarthy Tower. "That is humongous."

    "The children spent two weeks building the model and were intimately familiar with the layout of the site and buildings as the appeared on the PC monitor," MissionV founder and CEO James Corbett explained. "But the full realization of the scale and perspective of what they built only dawned on them when they were immersed in this reality." Having a virtual presence in the model actually changed how the children learned about it -- and the promise of being able to play in the world they built was bound to be a heck of a motivator, too. It's still too early to say if VR will become a common tool in education, but it's still a blast to watch these kids romp around in a world of their own making. Check it out in the video below.

    Filed under: Gaming

    Comments

    Source: MissionV, Technology.ie


  • Beats Music update lets you subscribe from inside the iOS app

    Odds are that you weren't riveted by Beats Music when it first arrived, but the streaming service has just delivered a pair of big updates that may give you a good excuse to tune in. For the iOS app, the biggest improvement is visible when you're signing up -- you can now subscribe from within the software rather than heading to the web. The move makes it that much easier to keep the music flowing after your trial is over, and may just help Beats grow its fledgling customer base.
    Not that Beats is neglecting its Android app by any means; you get a "brand spanking new widget" for your home screen if you're running Google's mobile platform. Both the Android and iOS releases also share some common improvements, including the ability to find Facebook friends who use Beats, better social network linking and thousands of new tracks in the Sentence playlist generator. There's no guarantee that either refresh will have you rethinking that Rdio or Spotify subscription, but it's hard to knock upgrades that make it easy to start listening.
    Filed under: Cellphones, Internet, Software, Mobile

    Comments

    Via: Recode, Droid-Life

    Source: App Store, Google Play



  • Nike reportedly killing the Fuelband to focus on fitness software


    Just days after Nike announced the launch of its Fuel Lab location in San Francisco to enhance partnerships with other digital services for athletes, there's a report that it's fired much of the team behind its FuelBand wristwear. CNET reports that, according to a person familiar with the matter, as many as 55 people from its 70-member hardware team are being laid off, and plans for another version of the FuelBand to follow the SE have been shelved. All of this comes just as the wearables market is heating up, with products already arriving from Samsung, LG, Motorola, Pebble and more, while activity tracking integrated with phones is also becoming more popular. At the same time, not all of Nike's tech initiatives have worked out, and Nike+ has largely disappeared from its shoes in the last year.

    A Nike spokesman confirmed to CNET a "small number of layoffs" as its "Digital Sports priorities evolve." (Update: In a statement, Nike says it "will continue to improve the Nike+ FuelBand App, launch new METALUXE colors, and we will sell and support the Nike+ FuelBand SE for the foreseeable future.")Given Nike's close relationship with Apple (Tim Cook is a member of Nike's board), one could wonder if the prospect of an upcoming wearable from Cupertino had a hand in swinging the apparel company's focus towards "simpler data-powered experiences" -- or they just spent all the money on tonight's sweet 3D projector intro to the Jordan Brand High School All-Star Game.



    Wearables

    Comments

    Source: CNET



  • Labels claim Pandora owes money for streaming old songs, probably won't get it

    Pandora can't catch a break, it seems. Just weeks after the streaming radio service escaped paying higher royalties to songwriters, record companies and musicians have sued it in a New York court for allegedly violating state copyright laws by refusing to pay for older song recordings. The labels argue that Pandora is subject to state rules on compensation whenever it streams tunes recorded before February 15th, 1972, when federal law took over; right now, it's only paying for those newer works. The suing parties claim that Pandora is both depriving artists of income and wielding an "unfair advantage" over on-demand competitors like Rdio and Spotify, which have no choice but to negotiate royalties for classic tracks.

    Pandora says it's looking at the claims, and it hasn't provided a formal response so far. However, you shouldn't assume that it will fight the lawsuit tooth and nail -- the legal action may not do as much damage as you'd think.

    As Santa Clara University law professor Tyler Ochoa tells us, the labels are likely suing in New York because it's one of the few states with existing case law that addresses royalty issues like this. While some other states have their own relevant copyright rules, the music companies wouldn't have a good precedent to work with in these territories. They would be "starting from scratch" and face a greater chance of losing, Ochoa says. As such, you shouldn't count on seeing a state-by-state litigation campaign. Even a New York victory isn't guaranteed, since the local law doesn't offer perfect clarity on how to handle radio-like internet services.

    The record companies may also collect relatively little cash if they do win. As this isn't a federal suit, Pandora might only have to shell out for songs that New York-based customers play. Any retroactive payments would be limited to the past three years, and there would be questions as to why the music outlets didn't push for compensation much sooner. Pandora could theoretically avoid any new royalties by blocking New York customers from streaming pre-1972 songs, although it may not want to risk a backlash from angry listeners.

    To Ochoa, these factors make it "pretty likely" that the lawsuit will end in a settlement. There's enough uncertainty that neither side would get much value from duking it out in the courtroom. The odds are that Pandora won't take a serious blow, and that the labels will only have limited success in getting money for their golden oldies.

    [Image credit: Dustin Gaffke, Flickr]

    Filed under: Internet

    Comments

    Via: New York Times

    Source: RIAA


  • DARPA envisions a smarter, safer autopilot

    Autonomous aircraft serve their purpose, but there's no question that pilotless passenger flights are a long way off, if they ever become a reality. Still, there's obviously room for improvement when it comes to on-board systems that assist pilots in their duties. The Defense Advanced Research Projects Agency (DARPA) is in the process of creating an advanced autopilot system called ALIAS (yes, another acronym). The Aircrew Labor In-Cockpit Automation System (there you go) would control military aircraft in all stages of flight, from takeoff to landing -- even during a system failure. Pilots would interact with the system using a touchscreen and voice control, supervising a flight instead of commanding it. Of course, we'll see this technology make its way to military planes long before it's adopted by airlines, but ALIAS could play a key role in keeping us all safe at 30,000 feet.

    Filed under: Transportation, Software

    Comments

    Source: DARPA


  • Tubecore wants you to hack and mod its beautiful, modular speaker

    Let's be honest: Wireless speakers are a dime a dozen. The options are seemingly endless, and new ones arrive on an almost daily basis. Companies have begun to push the boundaries of design as of late, making options that are an aesthetic step above the larger outfits. Tubecore's Duo certainly does that, but it's also so much more.

    It may be easy to gloss over the Duo spec sheet and skip right over to the Moto X-esque customization page, however it's there that the real standout features lie. What's immediately clear from the first glance is the vacuum tube-driven preamp. It's a 48v Class A unit that relies on that pair of tubes to deliver "vintage studio hi-fi." The folks at Tubecore say that this allows you to beam audio from any source and get a taste of analog high-fidelity listening. A 24-bit DAC (Digital to Analog Converter) lends a hand there with the help of the standard-issue Raspberry Pi, and the signal is filtered six times to remove any excess noise that might be picked up by the system's components.

    All of that leads to uncompressed audio from all input sources in a package that's built to be hacked, moded and upgraded based on the needs and preferences of the user. "Because Duo is high-powered, it's definitely more expensive to manufacture, but the quality is uncompromising," says Tubecore President Jason Perkail.


    But the thing looks great, and its industrial design is more than skin deep. Perkail told me that the Duo's cabinet was designed in a fashion similar to an electric guitar, with a heavy dose of inspiration from the analog API Legacy 4x4 console in Ben Folds' Studio A. In fact, it's built in a similar fashion to a six-string and this construction is what gives the speaker a full 10Hz-20kHz range.
    "Because DUO is high-powered it's definitely more expensive to manufacture, but the quality is uncompromising."
    What's more, the controls are simple. There's a single 4-inch aluminum dial that mimics classic hi-fi knobs up top to wrangle volume, inputs and system preferences powered by an embedded Arduino MC. In terms of connectivity, there's Bluetooth for wireless streaming with WiFi, line-in, RIAA-equalized phono in and the onboard computer's USB ports. This will allow you to connect nearly everything to the speaker from a TV to mobile devices and computers -- easily fitting in as part of a home entertainment system. As you might expect, Android and iOS apps will accompany the Duo and will work alongside Estimote Beacons to track users as they move around the house, blanketing the same experience in configurable zones throughout.

    If the aforementioned customization is what you're after, that's certainly a hook here too. There are 10 standard grill covers and 27 custom grill covers (for an additional $19) -- all of which are magnetic -- for adding a splash of color to the wooden speaker. For those looking to dig deeper with the modular add-ons, three tube upgrades range from $25 to $75, and the option to swap out that Raspberry Pi for a UDOO Quad tacks on $110. All of those bits are tacked on to the $649 base price, which is currently discounted for those willing to opt in early to an attractive $479 pre-order rate.

    Filed under: Home Entertainment, Portable Audio/Video

    Comments

    Source: Tubecore


  • AT&T adds more data and a hotspot option to prepaid GoPhone plans


    AT&T is adding more data to its GoPhone prepaid smartphone plans without raising monthly fees in the process. If you're currently paying $60 a month for 2GB, your allotment will jump to 2.5 gigs, while those on the $40, 250MB plan will now get 500MB per month. More data is only part of the value proposition for GoPhone customers, though; the new 2.5GB plan will now offer the ability to use your phone as a WiFi hotspot.
    Additionally, the carrier is adding a new $45 plan that includes 1GB of data and unlimited talk -- but note that this is only available at Walmart. While these updates are good news for current GoPhone subscribers, they're not quite as competitive as T-Mobile's pay-in-advance plans, which start at $30 a month with unlimited (read: 5GB) data and 100 minutes of talk. That said, $60 a month for 2.5GB and hotspot functionality is a nice step up on AT&T's part.
    Filed under: Cellphones, Networking, Mobile

    Comments

    Source: AT&T


  • This enormous gas tank is now a wondrous, isolating work of art (video)

    Once it stored enormous quantities of blast furnace and coal gas, but these days the Gasometer Oberhausen is a 385 foot tall cylindrical art gallery. Since the early 90s, the gargantuan storage tank has been host to more than a dozen art exhibitions, and its latest display puts its own absurd size front and center. 320° Licht plays on the gallery's tar-black walls, projecting optical illusions that make the surface appear to warp and bend. "This experience is based on the vastness of the Gasometer," explains project sound designer Jonas Wiese. "We tried to work with that expression to make the space bigger and smaller, to deform it and change its surface over and over while not exaggerating and overwriting the original effect of the room." According to the installation's creators, that effect is dwarfing. Viewers are left feeling small, even lost.

    The emotionally taxing light show is powered by 21 Epson projectors, which collectively paint the tank's interior to a captivating, animated display. The display is part of The Appearance of Beauty exhibition in Oberhausen Germany, which runs until late December. Can't afford to fly out to Deutschland? No worries, the gallery has created a preview video - check it out below.

    Filed under: Misc

    Comments

    Source: Gasometer Oberhausen, VICE



  • HTC hires marketing exec who led Samsung to smartphone dominance


    It's no secret, HTC has an image problem. Despite consistently creating some of our favorite phones, it's failed to reach the heights of popularity of manufacturers like Samsung. That could soon change. In what is almost certainly not a coincidence, HTC has hired Samsung's former Chief Marketing Officer, Paul Golden. The Verge confirmed the rumor, first picked up by Bloomberg, earlier this afternoon. Golden, who "created and launched the highly successful Galaxy brand for Samsung," according to his LinkedIn profile, was reportedly hired on as a consultant to Chairwoman Cher Wang.


    Among other achievements, Golden attributes his work on the Galaxy brand with "a 4X increase in market share (from 4.5% to 21.0%) in the strategically critical smartphone segment." HTC has repeatedly pointed back to marketing as one of its weakest points. In 2013, CEO Peter Chou pointed to weak marketing as the reason for poor financial performance, and, as Bloomberg point out, Wang reiterated that issue on April 8th, saying, "We just have to communicate well with our customers. I believe if we can communicate better, we will do better."

    With Robert Downey Jr. holding down the cats and Golden's ability to bolster the next big thing, perhaps it's finally HTC's time to shine.

    Filed under: Cellphones, Mobile, Samsung, HTC

    Comments

    Via: Slashgear, Engadget Spanish

    Source: Bloomberg,


  • Watch SpaceX's second attempt at launching a reusable rocket (update: launched!)


    After many "Grasshopper" tests, SpaceX's first real try at launching a reusable rocket will attempt flight again in just a few minutes -- watch the live stream here or embedded after the break. Scrubbed due to a helium leak a couple of days ago, the Falcon 9 rocket is once again facing gloomy skies, but according to launch control, everything is a go. Weather permitting, the launch is scheduled for 3:25PM ET. The Falcon 9-reusable rockets have already undergone their own testing, and you can see the latest video after the break.. Also important is what's onboard the Dragon cargo ship this rocket is launching. Headed to the ISS, it's bringing new supplies and a pair of extra-large, bendable legs for our friend Robonaut 2.

    Update: We have liftoff. Now that the rocket is aloft, while the capsule will head to the ISS, its first stage will attempt to reenter the atmosphere, and position itself for landing somewhere over the Atlantic Ocean, before falling over into the water. This is still just a test run, but it will help scientists sort out any issues before they attempt a reentry and landing on... land in the future. The live video stream is ending, and it sounds like we'll have to monitor the @SpaceX Twitter account for updates on the landing attempt. There is a NASA post-launch press conference going on with Elon Musk participating by phone, check it out live here.



    F9 & Dragon vertical on the pad for today's launch to the ISS. Weather still a concern--liftoff targeting 3:25pm ET pic.twitter.com/4wRhrtjlbN
    - SpaceX (@SpaceX) April 18, 2014
    Liftoff!!!`
    - SpaceX (@SpaceX) April 18, 2014


    Filed under: Transportation

    Comments

    Source: SpaceX


  • Camera deals of the week: 4.18.14

    Snatching up a new camera can be a considerable investment, especially if you're after a unit that combines stellar images with a host of features. Fret not friends: We're here to help. Just beyond the break, you'll find a handful of photo gadgets that are all available at attractive discounts for the time being.

    If there are other cameras, lenses and the like you have your eye on that we haven't included here -- join us and add them to your "Want" list. Every time there's a price cut in the future, you'll get an email alert!
    Canon EOS 7D (body-only)

    Price: $879
    Regular Price: $1,500
    Engadget Global Score: 86
    Buy: http://gdgt.api.pgpartner.com/rd.php?pg=~~10&r=991&m=739295014&mt=3~6~1712.95~879.00~1331.65[[Profiles/gdgt_deals_on_engadget~y~~~~~&q=n&rdgt=1397841099&dl=1&source=xmlapi&request_id=d08f4e29a9f738cfb62d68f4f801ab86&ret=1397841099&k=eb049a68af68800d712638c43ae34980|42nd Street Photo]]

    If you're after a mid-range DSLR for that photo hobby, Canon's EOS 7D is available at a handsome discount right now. Sure, you'll have to shell out some extra cash for a lens, but you'll likely want to nab up a couple of those anyway. The current price tag is the lowest we've seen in the last three months, according to our price history tool.
    Nikon D600 (body-only)

    Price: $1,429
    Regular Price: $1,899
    Engadget Global Score: 86
    Buy: http://gdgt.api.pgpartner.com/rd.php?pg=~~10&r=991&z=28201&m=1054342345&mt=1~2~2099.99~1429.00~1764.49[[Profiles/gdgt_deals_on_engadget~y~~~~~&q=n&rdgt=1397841673&dl=1&source=xmlapi&request_id=dce12f6f10c18ff9dfb315a6adb7bd2e&ret=1397841673&k=6a20e0985e75ee4f8710d4d5da2bfc4e|42nd Street Photo]]

    For those looking to invest a bit more in their snapshooting exploits, the full-frame Nikon D600 also has received a significant price drop. While it does require a bigger investment, the pro-grade features of this camera are going at a rate on par with the 90-day low.
    Fuji X-Pro1 (body-only)

    Price: $799
    Regular Price: $1,300
    Engadget Score: 82
    Buy: http://gdgt.api.pgpartner.com/rd.php?pg=~~10&r=991&m=959486610&mt=3~4~1699.00~799.00~1224.00[[Profiles/gdgt_deals_on_engadget~y~~~~~&q=n&rdgt=1397842429&dl=1&source=xmlapi&request_id=f4cb3b71fb977375af0ef674618c32d2&ret=1397842429&k=dac4ac6b4c0740755198e3b8c06b39c3|42nd Street Photo]]

    It's no secret that Fuji's dapper retro stylings have caught our eye a time or two. And now, you can get in on the classic designs with the X-Pro1. This all-black model's current discount brings the price down to the lowest our price history tool has seen over the past three months.
    Samsung NX300

    Price: $576
    Regular Price: $800
    Engadget Score: 89
    Buy: Amazon

    There's a hint of classic styling to Samsung's NX300, too -- for those looking to make a more modest investment, and it's one that includes some requisite glass (an 18-55mm lens, to be exact). The black version of the WiFi-equipped mirrorless offering is seeing the best rate, so you'll have to pay extra if you'd prefer either the brown or white options.

    Filed under: Cameras

    Comments


  • Facebook Paper got its first big update today, but is anyone using it?

    Here's a shocker: Facebook's first major update to Paper, its socially augmented news-reading app, makes it more social. Specifically, the app's 1.1 update now allows users to comment on posts using photos, as well as added birthday and event notifications and tacked on an unread-message counter to help users keep track of Group activity. Facebook hasn't fiddled with the user interface much, but content from Bloomberg, Mashable, Popular Science and six other news sources has been gussied up with new, custom article covers. Oh, and the company says it's made the app run a little faster, too. It's not a game-changing update, but anything's better than forgetting your spouse's birthday -- assuming Facebook's main app didn't already remind you. Has Paper found its way to your home screen? We're running a quick poll: Skip past the break to drop in a vote or leave us a note.
    Internet

    Comments

    Source: Paper, iTunes


  • The Open Source Initiative hopes public awareness is Heartbleed's 'silver lining'


    ​Looking for a positive take to cut though all the negative press that Heartbleed has been getting? Then the Open Source Initiative (OSI) has one. The news has been full of stories about the exploit in OpenSSL (itself, an open-source project) that has caused a wave of panic around the internet. With much of the public not understanding what open-source is (it's complex, but mostly involves freedom to redistribute, and access to the code it's built on), and the fact that all this can be caused by a few lines of edited text, the integrity of open-source software has understandably come under scrutiny. We spoke with a representative from the OSI, and they gave us the positive spin we'd all been looking for.

    "It's actually incredibly beneficial to the community that this has been raised as such an important issue. A lot of folk rely upon open-source software to get through their daily business lives, but they may not be aware that they are relying upon it," Leslie Hawthorn, a member of the OSI board, told us in an interview.
    Hearbleed's made a large number of people aware of what open-source is for the first time.
    Hearbleed's made a large number of people aware of what open-source is for the first time. The OSI hopes that this awareness will help users realize they can contribute by filing bug reports, ultimately leading to safer software. That will certainly help, but with the Heartbleed vulnerability having gone unnoticed for over two years, would it not have been subject to more than enough eyes to catch it sooner? The OSI concedes that this is more specific to the OpenSSL project itself. "It's been widely reported that the OpenSSL folks didn't have the same kinds of financial or human resource contributions that many open-source projects do," Hawthorn said.


    This is perhaps compounded by a general public relations issue between the devoted volunteers behind such projects, and the public that uses them. If you go to the OpenSSL project's webpage, for example, you won't see any big banners, blog posts about what to do or links to resources that the public can use to understand Heartbleed. Instead, there's just one discreet "newsflash" link pointing to a jargon-laden plain text file. Hawthorn admits that this is a typical "engineering" response. Essentially, it says: Here's what's wrong; go update your systems. Of course, for the vast majority of bugs, this likely works; after all, when was the last time you headed over to OpenSSL.org to check what's new? And this brings us back to the question of open versus closed (paid for) software.
    "It's been widely reported that the OpenSSL folks didn't have the same kinds of financial or human resource contributions that many open-source projects do," Leslie Hawthorn says.
    Hawthorn tells us the OSI thinks that there's a balance between the two models, but ultimately (as you'd expect) still sings the virtues of open source's "many eyes, [potentially] fewer resources" setup. Lars Eilebrecht -- co-founder and member of the Apache Software Foundation that powers a great many of the internet's web servers -- is more reserved about the situation. "Making something open source doesn't automatically make it more secure, but it provides the basis for better security. In addition, open-source projects typically have a very good turnaround time for critical security fixes, e.g., hours vs. days or weeks [for close-source projects]." Eilebrecht points to a recent case where Akamai (which sells a service that uses a custom version of OpenSSL) claimed it patched its software up to be secure.

    Usually, this is something paying customers just have to trust. In the wake of Heartbleed, however, a researcher investigated Akamai's product after the update, and found it was actually still vulnerable. This kind of scrutiny is routine for both camps, but usually involving more eyes in the world of open-source software, its proponents argue. Eilebrecht sums the complex situation up neatly when he says, "Unfortunately, the OpenSSL bug has shown that a security bug can hide in plain sight for a very long time despite all the peer reviews of the OpenSSL code." He reminds us, "At the end, what matters is the number of qualified people peer-reviewing a piece of code to increase the confidence and trust that there are no security vulnerabilities."

    Filed under: Internet

    Comments


  • FCC sets up the 'incentive auction' that will lead to better wireless internet for everyone


    Last week at the NAB (National Association of Broadcasters) show, FCC head Tom Wheeler pushed broadcasters to loosen their grip on spectrum that the agency plans to auction off to give wireless internet room to grow. Now, he's laid out a draft of the rules for the auction before it takes place next year. The upcoming incentive auction will be a three stage process that, once completed, should open up more wireless spectrum for high-speed services like WiFi. WiFi operates on "unlicensed spectrum" that's open for anyone to use, and similar networks or devices could take advantage of any new frequencies the FCC opens up, while reducing interference with existing networks. That's good and bad however, since they'd fill the space in between networks, it could be harder to build up something like WiFi.


    So far not everyone has been happy with the possible rules for this redistribution. That includes the broadcasters themselves, whose participation will have to happen voluntarily, and the companies expected to bid for access, namely AT&T who has warned that it might skip the process based on the FCC's restrictions on how much spectrum it can buy. Wheeler's guidelines haven't mentioned those limits, so it will be interesting to see how that develops. According to his blog post, extending the amount of spectrum is key for offering wireless broadband service in both rural areas and urban areas where building penetration is a problem. Now that the rules are here, everyone from your local TV broadcaster to wireless carriers to cash heavy dreamers like Google and Dish Network can look them over and voice their opinions before the commission votes on them May 15th.

    "Getting the Incentive Auction right will revolutionalize how spectrum is allocated". More fr Chairman @TomWheelerFCC http://t.co/uYUEdC8kfI
    - The FCC (@FCC) April 18, 2014Image Credit (top): Shutterstock / nito
    Filed under: Home Entertainment, Wireless, HD, Mobile, Verizon, Sprint, AT&T, T-Mobile

    Comments

    Source: Tom Wheeler


  • Greed and the Wright Brothers
    The Wright brothers' critical insight was the importance of "lateral stability" - that is, wingtip-to-wingtip stability - to flight. And their great innovation was something they called "wing warping," in which they used a series of pulleys that caused the wingtips on one side of the airplane to go up when the wingtips on the other side were pulled down. That allowed the Wrights' airplane to make banked turns and to correct itself when it flew into a gust of wind.  But when the Wrights applied for a patent, they didn't seek one that just covered wing warping; their patent covered any means to achieve lateral stability. There is no question what the Wrights sought: nothing less than a monopoly on the airplane business - every airplane ever manufactured, they believed, owed them a royalty. As Wilbur Wright, who was both the more domineering and the more inventive of the two brothers, put it in a letter: "It is our view that morally the world owes its almost universal system of lateral control entirely to us. It is also our opinion that legally it owes it to us."  Even though Wrights' competitor Curtiss developed an entirely different system to achieve lateral stability (the ailerons airplanes use to this day), the Wright brothers still believed Curtiss owed them money for it. The legal standoff that ensued in the US airplane industry at the time halted all innovation, so much so that when the WWI broke out, the US government had to step in to force airplane manufacturers to cross-license their patents.  Sadly, by this time, US airplanes weren't good enough for combat.  It seems nobody learns from history.


  • Judge confirms link between Apple and patent troll Rockstar
    Rockstar, the massive patent troll in which Apple is a majority shareholder, sued Google for patent infringement. Of course, Rockstar filed suit in the Eastern District of Texas, the usual venue for patent trolls. Because of Apple's involvement, Google motioned to have the suit take place in California instead, where it stands a much greater chance of winning. Judge Claudia Wilken sides with Google. She states in the ruling:  Google and Apple's rivalry in the smartphone industry is well-documented. Apple's founder stated that he viewed Android as a "rip off" of iPhone features and intended to "destroy" Android by launching a "thermonuclear war." Defendants' litigation strategy of suing Google customers is consistent with Apple's particular business interest... This 'scare the customer and run' tactic advances Apple's interest in interfering with Google's Android business.  Every now and then, someone just gets it. Judge Wilken looked beyond the constructed sham companies and legal cobwebs - such as Rockstar setting up a sham company in Delaware with zero California contacts and transferring all patents-in-suit to that company a day before it sued Google.  The world needs more judges like this. In addition - it seems like Jobs' remarks about Android are catching up to the company. Delightful.


  • FreeBSD quarterly status report
    The first quarter of 2014 was, again, a hectic and productive time for FreeBSD. The Ports team released their landmark first quarterly stable branch. FreeBSD continues to grow on the ARM architecture, now running on an ARM-based ChromeBook. SMP is now possible on multi-core ARM systems. bhyve, the native FreeBSD hypervisor, continues to improve. An integral test suite is taking shape, and the Jenkins Continuous Integration system has been implemented. FreeBSD patches to GCC are being forward-ported, and LLDB, the Clang/LLVM debugger is being ported. Desktop use has also seen improvements, with work on Gnome, KDE, Xfce, KMS video drivers, X.org, and vt, the new console driver which supports KMS and Unicode. Linux and Wine binary compatibility layers have been improved. UEFI booting support has been merged to head.  I always love how to-the-point the various BSDs are. Please, never change.


  • Ubuntu 14.04 LTS released
    Ubuntu 14.04 LTS is the first long-term support release with support for the new "arm64" architecture for 64-bit ARM systems, as well as the "ppc64el" architecture for little-endian 64-bit POWER systems. This release also includes several subtle but welcome improvements to Unity, AppArmor, and a host of other great software.  Is it just me, or do releases of major Linux distributions simply not create much excitement anymore? I remember a time when these releases were hotly anticipated and much debated. These days, they go by and nobody really seems to care. Is this a reflection of shifting focus in the industry - towards mobile - or because the interest in desktop Linux in general has waned considerably?


  • Samsung promises Tizen handsets again
    Yoon said Samsung was working to introduce at least two smartphones running on its own Tizen operating system, a major step in the market leader's bid to break out of the Android universe.  Sure.


  • In 2001, Nokia developed its M510 internet tablet
    As it turns out, Nokia developed an internet tablet all the way back in 2001. It was called the Nokia M510, several thousand units were made, and it was functional. Sadly, market research showed that consumers were not yet ready for a device like this, and so the project was cancelled. It had a 800x600 display, ran EPOC (Symbian), and sported wifi. The stories are in Finnish, and since I don't speak Finnish, I had to rely on Google Translate (as a translator, this made me feel dirty).  Now that Nokia's devices division is essentially dead, it wouldn't surprise me to see more of these stories to come out. There must be some truly outrageous stuff locked away at Nokia.


  • Windows Phone 8.1 released
    Microsoft released Windows Phone 8.1 to those who enrolled in the developer preview program (i.e., everyone).   Ars' Peter Bright in his review of 8.1:  The result feels a whole lot more mature and a whole lot more capable than its predecessor. The 0.1 version bump, chosen to align the phone platform with its desktop sibling, belies the true nature of this upgrade. It is substantial, and makes Windows Phone tremendously better.  We might still wish that there were a few more apps, and that developers spoke of the platform in the same breath as iOS and Android, but even in spite of this, Windows Phone 8.1 is a polished, fun, clever, and personal smartphone platform that's just about everyone can enjoy. It's a magnificent smartphone platform.  I've been using it since earlier today, and the notification centre (finally) alone is more than enough to make this a fantastic update. Sadly, my HTC 8X does not seem to be supported by Cortana - other 8X owners are reporting the same, as do 8X owners on Twitter - which makes me worry a little about Cortana, perhaps, being an exclusive feature for Nokia phones, or it having some other restrictive limitations. That, honestly, would be a shame.  Update: Here's an 8X with Cortana working just fine, so the original worries clearly aren't necessary.


  • How the iPhone changed Android
    From a 2006 (pre-iPhone) Android specification document:  Touchscreens will not be supported: the Product was designed with the presence of discrete physical buttons as an assumption.  However, there is nothing fundamental in the Product's architecture that prevents the support of touchscreens in the future.  The same document, but a few versions later, from 2007 (post-iPhone):  A touchscreen for finger-based navigation - including multi-touch capabilites - is required.   The impact of the iPhone on Android in two documents. Google knew the iPhone would change the market, while Microsoft, Nokia, and BlackBerry did not. That's why Android is now the most popular smartphone platform, while the mentioned three are essentially irrelevant.


  • NSA said to exploit Heartbleed bug for intelligence for years
    The U.S. National Security Agency knew for at least two years about a flaw in the way that many websites send sensitive information, now dubbed the Heartbleed bug, and regularly used it to gather critical intelligence, two people familiar with the matter said.  The NSA's decision to keep the bug secret in pursuit of national security interests threatens to renew the rancorous debate over the role of the government’s top computer experts.  I'm so surprised.  Update: NSA denies.


  • The state of in-car UX
    There's certainly some hope on the horizon with Apple and Google, though just how good these systems will be remains to be seen. One thing is clear, though: the current state of all in-car experiences is incredibly bad. For those manufacturers looking to go it alone, I don't expect much.  In-car software is absolutely horrifying and crazy complex. A good friend of mine regularly drives brand new and super-expensive cars (in the hundreds of thousands of euros category), and even in those cars, the user interfaces are just terrible. There's a lot of room for improvement and disruption here.


  • Sailfish OS 1.0.5.16 released
    And the updates keep on coming.  Two-way sync of Exchange contacts. Over-the-air (OTA) provisioning: Receive mobile data and MMS access point settings from your operator over-the-air Share and receive pictures and contacts via MMS (experimental) EXIF data is now stored in photos taken with camera. Save GPS coordinates in captured photos [Settings->Apps->Camera] Set default account to be used for sending emails [Settings->Apps->Email] Swipe to close gesture available as a setting and disabled by default for new users [Settings->System->Shortcuts] Visual interaction hints in events view, browser, camera, email, phone and messages apps Keyboard sounds [Settings->System->Sounds and feedback->Touch screen tones]  The update also fixes the Heartbleed security issue.


  • An exploration of ARM TrustZone technology
    Behind the term TrustZone lies a security technology that is almost omnipresent in ARM-based devices, ranging from low-cost development boards to most mobile phones. Yet, there hardly exists a public body of knowledge around it. This prompted the Genode developers to investigate. Today, they published their findings in the form of a comprehensive article and an demonstration video.   In contrast to TPMs, which were designed as fixed-function devices with a predefined feature set, TrustZone represented a much more flexible approach by leveraging the CPU as a freely programmable trusted platform module. To do that, ARM introduced a special CPU mode called "secure mode" in addition to the regular normal mode, thereby establishing the notions of a "secure world" and a "normal world". The distinction between both worlds is completely orthogonal to the normal ring protection between user-level and kernel-level code and hidden from the operating system running in the normal world. Furthermore, it is not limited to the CPU but propagated over the system bus to peripheral devices and memory controllers. This way, ARM-based platforms become effectively kind of a split personality. When secure mode is active, the software running on the CPU has a different view on the whole system than software running in non-secure mode.  The Genode team is nothing short of amazing. Not only are they developing unique software, they're also doing stuff like this. Much respect for these women and men.


  • Expanding Google's security services for Android
    Building on Verify apps, which already protects people when they're installing apps outside of Google Play at the time of installation, we're rolling out a new enhancement which will now continually check devices to make sure that all apps are behaving in a safe manner, even after installation. In the last year, the foundation of this service - Verify apps - has been used more than 4 billion times to check apps at the time of install. This enhancement will take that protection even further, using Android's powerful app scanning system developed by the Android security and Safe Browsing teams.  Available for Android 2.3 and up with Google Play - so effectively for every proper Android device out there.


  • Google releases Project Ara MDK
    Google has released the Module Developers Kit for Project Ara.  The Module Developers Kit (MDK) defines the Ara platform for module developers and provides reference implementations for various design features. The Ara platform consists of an on-device packet-switched data network based on the MIPI UniPro protocol stack, a flexible power bus, and an elegant industrial design that mechanically unites the modules with an endoskeleton. Throughout 2014, the Project Ara team will be working on a series of alpha and beta MDK releases. We welcome developer input to the MDK: either through the Ara Module Developers mailing list/forum or at one of the series of Developers Conferences.  These phones will be crazy flexible in their design - and they look pretty good too. I don't know if it'll be a small niche or a runaway success, but I definitely appreciate them for trying to do something different.


  • Stock Android ported to Nokia X
    Interested in the Nokia X, but not the horrible Frankendroid Nokia cooked up? Good news - stock Android has been ported to the Nokia X. Everything works, it's stable - but it is, like Nokia Frankendroid, only Android 4.1.2.  There are better Android phones for the money, but it's still great that the Nokia X gets a taste of proper Android (via!).



  • Image Manipulation with ImageMagick
        
    I've spent a lot of time in my column talking about text processing and analysis, with the basic assumption that if you're using the command line, you're focused on text.
       


  • Non-Linux FOSS: Angry IP
        
    The de facto standard for port scanning always has been the venerable Nmap program. The command-line tool is indeed very powerful, but I've only ever seen it work with Linux, and every time I use it, I need to read the man page to figure out the command flags. 
       


  • Encrypting Your Cat Photos
        
    The truth is, I really don't have anything on my hard drive that I would be upset over someone seeing. I have some cat photos. I have a few text files with ideas for future books and/or short stories, and a couple half-written starts to NaNoWriMo novels. It would be easy to say that there's no point encrypting my hard drive, because I have nothing to hide.
       


  • Numerical Python
        
    For the past few months, I've been covering different software packages for scientific computations. For my next several articles, I'm going to be focusing on using Python to come up with your own algorithms for your scientific problems.
       


  • Speed Test for Nerds
        
    Most people with Internet access in their houses have visited a speed-test Web site to make sure they're getting somewhere close to the speed they're overpaying for. I'm paying more than $100 a month for my business-class connection from Charter, so on a regular basis, I make sure I'm getting the advertised speed.
       


  • DNSSEC Part II: the Implementation
        
    This article is the second in a series on DNSSEC. In the first one, I gave a general overview of DNSSEC concepts to lay the foundation for this article, which discusses how to enable DNSSEC for a zone using BIND.
       


  • Pro Video Editing with Pitivi
        
    Several decent video editors are available on the Linux platform. Kdenlive, OpenShot, Cinelerra and Pitivi are those that come to mind as "big players" in an admittedly small market. I've used them all through the years, with varying levels of success.
       


  • Android Candy: Control-Z for Your Phone!
        
    I never have a Twitter app crash in the middle of a Tweet. That wouldn't be too terrible to deal with. No, for me, it seems my e-mail application decides to crash after I've spent 20 minutes thumbing out a reply while sitting in a crowded airport. If you've ever lost a love letter, term paper, shopping list or world-class Facebook post, Type Machine is the perfect app for you. 
       




  • More Secure SSH Connections
        
    If you need remote access to a machine, you'll probably use SSH, and for a good reason. The secure shell protocol uses modern cryptography methods to provide privacy and confidentiality, even over an unsecured, unsafe network, such as the Internet.
       


  • Split Testing
        
    It's nice to have many people visit your Web site. It's even better when people don't just come to your site, but also enjoy your content. But, best of all is when visitors to your site do what you would like them to do—sign up for your newsletter, register for your SaaS application or buy one of your products. 
       


  • LVM, Demystified
        
    I've been a sysadmin for a long time, and part of being a sysadmin is doing more than is humanly possible. Sometimes that means writing wicked cool scripts, sometimes it means working late, and sometimes it means learning to say no. Unfortunately, it also sometimes means cutting corners. I confess, I've been "that guy" more than once. A good example is SELinux.
       



  • A Shining Ruby in Production Environments
        
    Even the most beautiful Rails application can lose its elegance if not deployed correctly. Like other Ruby frameworks or languages, such as Sinatra, Rails is based on the Rack interface. This article  provides a basic introduction to Rack hosting and Rack-based application deployments. 
       




  • Extended File Attributes Rock!
    Worldwide, data is growing at a tremendous rate. However, one recent study has pointed out that the size of files is not necessarily growing at the same rate; meaning the number of files is growing rapidly. How do we manage all of this data and files? While the answer to that question is complex, one place we can start is with Extended File Attributes. Continue reading ’


  • Checksumming Files to Find Bit-Rot
    In a previous article extended file attributes were presented. These are additional bits of metadata that are tied to the file and can be used in a variety of ways. One of these ways is to add checksums to the file so that corrupted data can be detected. Let's take a look at how we can do this including some simple Python examples. Continue reading ’



  • What’s an inode?
    As you might have noticed, we love talking about file systems. In these discussions the term "inode" is often thrown about. But what is an inode and how does it relate to a file system? Glad you asked. Continue reading ’




  • Emailing HPC
    Email is not unlike MPI. The similarities may help non-geeks understand parallel computers a little better. Continue reading ’



  • iotop: Per Process I/O Usage
    Based on a reader comment, we take iotop for a spin to see if it can be used for monitoring the IO usage of individual processes on a system. The result? It has some interesting capability that we haven't found in other tools. Continue reading ’





  • SandForce 1222 SSD Testing, Part 3: Detailed Throughput Analysis
    Our last two articles have presented an initial performance examination of a consumer SandForce based SSD from a throughput and IOPS perspective. In this article we dive deeper into the throughput performance of the drive, along with a comparison to an Intel X-25E SSD. I think you will be surprised at what is discovered. Continue reading ’


  • Putting Drupal to Work
    Drupal is a simple but powerful CMS. However, you'll probably want to configure it. Learn how to tweak Drupal's settings to your liking. Continue reading ’


  • SandForce 1222 SSD Testing – Part 2: Initial IOPS Results
    SandForce has developed a very interesting and unique SSD controller that uses real-time data compression. This affects data throughput and SSD longevity. In this article, we perform an initial examination of the IOPS performance of a SandForce 1222-based SSD. The results can be pretty amazing. Continue reading ’


  • Drupal at Warp Speed
    Need to setup Drupal CMS but don't have the time to learn how? Try this 30 minute quick start guide. Continue reading ’


  • Chasing The Number
    The Top500 list is a valuable measure of HPC progress, but the race it has spawned maybe over for many organizations Continue reading ’


  • Stick a Fork in Flock: Why it Failed
    This probably won't come as a surprise to many, but the "social Web browser" has thrown in the towel. Don't cry for the Flock team - they're flying the coop for Zynga to go make Facebook games or something. But Flock's loyal fans are out in the cold. Why'd Flock fail? There's a few lessons to be learned. Continue reading ’


Page last modified on October 08, 2013, at 02:08 PM