All the News that Matters

• Slackware: 2017-266-01: libxml2 Security Update
  LinuxSecurity.com: New libxml2 packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.

• Slackware: 2017-266-02: python Security Update
  LinuxSecurity.com: New python packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.

• Fedora 25: mpg123 Security Update
  LinuxSecurity.com: Update to upstream release 1.25.6

• Fedora 25: drupal7-views Security Update
  LinuxSecurity.com: * [7.x-3.18](https://www.drupal.org/project/views/releases/7.x-3.18) * [7.x-3.17](https://www.drupal.org/project/views/releases/7.x-3.17) * [Moderately Critical - Access Bypass - DRUPAL-SA- CONTRIB-2017-068](https://www.drupal.org/node/2902604)

• Fedora 25: krb5 Security Update
  LinuxSecurity.com: - Prevent applications from accidentally implementing CVE-2017-11462 (double free if sec_context is copied). - fc26+: Add ccselect hostrealm module for ccache selection based on service hostname.

• Fedora 26: httpd Security Update
  LinuxSecurity.com: This is a release fixing a security fix applied upstream, known as "optionsbleed" in popular parlance. It is relevant for hosted and co-located instances of Fedora (and why wouldn't you?).

• Fedora 26: gnome-shell Security Update
  LinuxSecurity.com: Fix crash on fast status icon remapping

• Fedora 26: drupal7-views Security Update
  LinuxSecurity.com: * [7.x-3.18](https://www.drupal.org/project/views/releases/7.x-3.18) * [7.x-3.17](https://www.drupal.org/project/views/releases/7.x-3.17) * [Moderately Critical - Access Bypass - DRUPAL-SA- CONTRIB-2017-068](https://www.drupal.org/node/2902604)

• SuSE: 2017:2552-1: important: spice
  LinuxSecurity.com: An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available. An update that fixes one vulnerability is now available.

• Fedora 25: kernel Security Update
  LinuxSecurity.com: The 4.12.13 stable kernel update contains a number of important fixes across the tree. ---- The 4.12.12 stable kernel update contains a number of important fixes across the tree.

• Fedora 26: mingw-LibRaw Security Update
  LinuxSecurity.com: Update to version 0.18.4, see https://github.com/LibRaw/LibRaw/blob/0.18-stable/Changelog.txt for details. ---- Update to version 0.18.3, see https://www.libraw.org/news/libraw-0-18-3 for details.

• Ubuntu 3428-1: Emacs vulnerability
  LinuxSecurity.com: Emacs could be made to run programs as your login if it opened a specially crafted file.

• Minimal Linux Live now supports ZLIB and JDK 9
  Minimal Linux Live is a set of Linux shell scripts which automatically build minimalistic Live Linux OS with basic network support via DHCP. The generated operating system is based on Linux kernel, GNU C library and BusyBox. All necessary sources are automatically downloaded and all build operations are fully encapsulated in the shell scripts.

• 4 must-have writing apps for Nextcloud
  If writing is part of your job or your everyday routine, you might find the�Nextcloud�open source file sync and share application�a very useful tool. First, it provides you with free, secure, and easily accessible cloud file storage.read more

• Joomla patches eight-year-old critical CMS bug
  Joomla has patched a critical bug which could be used to steal account information and fully compromise website domains. This week, the content management system (CMS) provider issued a security advisory detailing the flaw, which is found in the LDAP authentication plugin.

• Add-on board expands i.MX6 UL SBC
  MYIR released an add-on board for its Linux-driven, i.MX6 UL-based MYS-6ULX SBC that adds a second LAN port, plus CAN, RS485, camera, audio, and RTC. In April, MYIR released a Linux-powered MYS-6ULX single board computer, which was notable for being available in two different versions using NXP’s low power, Cortex-A7 i.MX6 UltraLite (UL) or the more affordable, and almost identical i.MX6 ULL SoC.

• Vivaldi 1.12 Web Browser Debuts with Highly Requested Features, Improvements
  Vivaldi, the Chromium-based web browser designed with the power user in mind, has been recently updated to version 1.12, a release that introduces highly requested features and a whole lot of under-the-hood improvements.

• MongoDB Projects $100M from IPO
  The backbone of MongoDB Inc is its NoSQL database, released as an open source project in 2009 and which began seeing considerable adoption almost immediately. Three years after the release it made a ninth place showing on The Wall Street Journal's "The Next Big Thing 2012" list and by 2014 the DB was already driving the back ends at Craigslist, eBay, SourceForge, Viacom, the New York Times and others.

• V. Anton Spraul's Think Like a Programmer, Python Edition
  What is programming? Sure, it consists of syntax and the assembly of code,but it is essentially a means to solve problems. To study programming,then, is to study the art of problem solving, and a new book from V.Anton Spraul, Think Like a Programmer, Python Edition, is a guide tosharpening skills in both spheres.

• KDE Plasma 5.11 Desktop Will Be Coming to Kubuntu 17.10 Soon After Its Release
  KDE kicked off the development of the KDE Plasma 5.11 desktop environment a few months ago, and they've already published the Beta release, allowing users to get a first glimpse of what's coming in the final release next month.

• Intellectual Ventures, GNU/Linux/Android/FOSS Patents, and the Ascent of European Patent Trolls
  The existing status of GNU/Linux in a world full of patent trolls, which not only target OEMs from Asia -- typically in the US -- but are also dragging them into Europe, aided by the EPO's 'patent bubble'

• Open source licensing: What every technologist should know
  If you’re a software developer today, you know how to use open source software, but do you know how and why open source licensing started? A little background will help you understand how and why the licenses work the way they do.read more

• How to Create a Bootable Windows 10 USB in Linux
  This tutorial shows you how to create a bootable Windows 10 USB in Linux with a GUI tool called WoeUSB.

• Join the Magazine team
  The recent�Flock�conference of Fedora contributors included a Fedora Magazine�workshop. Current editorial board members�Ryan Lerch,�Justin W. Flory, and�Paul W. Frields�covered how to join and get started as an author. Here are some highlights of the workshop and discussion that took place.... Continue Reading →

• How to Install and Configure Askbot with Nginx on CentOS 7
  Askbot is an open source software for creating Q&A forums based on Python Django Framework. It's basically a Q&A system like StackOverflow, Yahoo Answers, and others. In this tutorial, we will show you how to install Askbot Python Django application using uWSGI and Nginx web server on CentOS 7 system.

• Linux panel PC offers IP69K protection against jet spray
  TechNexion has launched a 10.1 inch, 1280 x 800 capacitive touch panel PC that runs Linux or Android on an i.MX6, and offers IP69K protection. TechNexion, which has long been a provider of COMs and SBCs based on Freescale/NXP i.MX SoCs, also sells a line of Linux- and Android-friendly i.MX6, i.MX6UL, and i.MX7 based panel […]

• How to enable HTTP2 on WHM/cPanel with EasyApache 4
  In this tutorial we are going to provide you with step-by-step instructions on how to enable HTTP2 on a CentOS 7 VPS with WHM/cPanel and EasyApache 4 installed on it.

• Manjaro Linux Discontinues 32-bit Support
  Manjaro has joined the long list of Linux distributions dropping support for older hardware.

• Kaby Lake computers include Linux-ready beast with 9x GbE ports
  Aaeon’s unveiled two rugged embedded PCs that run Intel’s 6th or 7th Gen CPUs. The Linux-friendly “BOXER-6640M” stands out with 9x GbE and 8x USB 3.0 ports. Aaeon’s BOXER-6640M and Boxer-6640 build on the same fanless design, ruggedization features, and support for 6th Gen Skylake and 7th Gen Kaby Lake processors as its recent Boxer-6639. […]

• Canonical Teams Up with Microsoft to Enable New Azure Tailored Ubuntu Kernel
  In a joint collaboration with Microsoft's Azure team, Canonical managed to enable a new Azure tailored Ubuntu kernel in the Ubuntu Cloud Images for Ubuntu 16.04 LTS on Azure starting today, September 21, 2017.

• cmus – A Small, Fast And Powerful Console Music Player For Linux
  Is it possible to listen music in Linux terminal? Yes because nothing is impossible in Linux.

• Tracking Protection for Firefox for iOS Plus Multi-Tasking in Focus for Android New Today
  Across the industry, September is always an exciting month in mobile, and the same is true here at Mozilla. Today, we’re launching the newest Firefox for iOS alongside an update ....

• Memorial Set For 'Pi Day' Creator
  "Three-point-one-four was more than a number to museum curator Larry Shaw," writes the San Francisco Chronicle. Long-time Slashdot reader linuxwrangler writes: In 1988 at a retreat for San Francisco Exploratorium staff, Larry Shaw proposed linking the digits of pi, which begins 3.14, with the date March 14. Initially the "holiday" was only celebrated by museum staff but it didn't take long for the idea to spread and Pi Day was born. For 38 years, Mr. Shaw donned a red cap emblazoned with the magic digits and led a parade of museum goers, each of them holding a sign bearing one of the digits of pi. Shaw died August 19 at age 78 and a memorial is planned for Sunday September 24. The memorial will be held in Mill Valley, California, the Chronicle reports, adding that "pie will be served."
          
  
  Read more of this story at Slashdot.
  

• IBM Open Sources 'WebSphere Liberty' For Java Microservices and Cloud-Native Apps
  An anonymous reader quotes TechRepublic: On Wednesday, IBM revealed the Open Liberty project, open sourcing its WebSphere Liberty code on GitHub to support Java microservices and cloud-native apps. The company created Liberty five years ago to help developers more quickly and easily create applications using agile and DevOps principles, according to an IBM developerWorks blog post from Ian Robinson, WebSphere Foundation chief architect at IBM... Developers can also choose to move to the commercial versions of WebSphere Liberty at any time, he noted, which include technical support and more specialized features... "We hope Open Liberty will help more developers turn their ideas into full-fledged, enterprise ready apps," Robinson wrote. "We also hope it will broaden the WebSphere family to include more ideas and innovations to benefit the broader Java community of developers at organizations big and small."   IBM argues that Open Liberty, along with the OpenJ9 VM they open sourced last week, "provides the full Java stack from IBM with a fully open licensing model."  Interestingly, Slashdot ran a story asking "IBM WebSphere SE To Be Opened?" -- back in 2000.
          
  
  Read more of this story at Slashdot.
  

• Would a T-Mobile-Sprint Merger Hurt Consumers?
  Following a report from Reuters claiming T-Mobile is close to agreeing on a deal to merge with Sprint, an anonymous Slashdot reader shares a report from DSLReports arguing how such a merger would remain "a very bad deal for consumers": The Sprint-T-Mobile merger could prove problematic for not only wireless prices, but the recent resurgence in unlimited data plans. While wireless carriers still often engage in theatrical non-price competition more often than not, the government's decision to block AT&T's acquisition of T-Mobile several years ago helped spur an unprecedented period of competition in wireless (something large ISPs and their policy armies like to ignore). The end result was a brasher and more competitive T-Mobile, who lead the way on a wave of improvements in the sector culminating most recently in the return of simpler, easier unlimited data plans. The government's decision to block Sprint from acquiring T-Mobile helped keep that competition intact, something large ISPs and their policy folk would similarly like you to forget. As a result, T-Mobile has added more customers per quarter than any other wireless carrier for several years running, as the resulting competition put an end to numerous, nasty industry tactics including overcharging for international roaming, to obnoxious fees and long-term contracts. And while the new, combined company will likely still be run by current popular T-Mobile CEO John Legere, the very act of eliminating one of only four major players in the wireless market will indisputably reduce the incentive to more seriously compete on price, and could help reverse the progress the sector has seen in recent years. It's well within reason that this reduced competition could also bring back metered plans and put an end to unlimited data.
          
  
  Read more of this story at Slashdot.
  

• Apple: iPhones Are Too 'Complex' To Allow Unauthorized Repair
  Jason Koebler writes: Apple's top environmental officer made the company's most extensive statements about the repairability of Apple hardware on Tuesday: "Our first thought is, 'You don't need to repair this.' When you do, we want the repair to be fairly priced and accessible to you," Lisa Jackson, Apple's vice president of policy and social initiatives said at TechCrunch Disrupt in San Francisco. "To think about these very complex products and say the answer to all our problems is that you should have anybody to repair and have access to the parts is not looking at the whole problem." Apple has lobbied against "Fair Repair" bills in 11 states that would require the company to make its repair guides available and to sell replacement parts to the general public. Instead, it has focused on an "authorized service provider" model that allows the company to control the price and availability of repair.
          
  
  Read more of this story at Slashdot.
  

• Super-Accurate GPS Chips Coming To Smartphones In 2018
  schwit1 writes about a new mass-market Broadcom chip designed for the next generation of smartphones: It'll know where you are to within 30 centimeters (11.8 inches), rather than five meters. At least that's the claim chip maker Broadcom is making. It says that some of its next-generation smartphone chips will use new global positioning satellite signals to boost accuracy. In a detailed report on the announcement and how the new signals work, IEEE Spectrum says that the new chips, which are expected to appear in some phones as soon as next year, will also use half the power of today's chips and even work in cities where tower blocks often interfere with existing systems. All told, it sounds like a massive change for those who rely on their phones to find their way.
          
  
  Read more of this story at Slashdot.
  

• New Antibody Attacks 99% of HIV Strains
  An anonymous reader quotes a report from BBC: Scientists have engineered an antibody that attacks 99% of HIV strains and can prevent infection in primates. It is built to attack three critical parts of the virus -- making it harder for HIV to resist its effects. The work is a collaboration between the US National Institutes of Health and the pharmaceutical company Sanofi. Our bodies struggle to fight HIV because of the virus' incredible ability to mutate and change its appearance. These varieties of HIV -- or strains -- in a single patient are comparable to those of influenza during a worldwide flu season. So the immune system finds itself in a fight against an insurmountable number of strains of HIV. But after years of infection, a small number of patients develop powerful weapons called "broadly neutralizing antibodies" that attack something fundamental to HIV and can kill large swathes of HIV strains. Researchers have been trying to use broadly neutralizing antibodies as a way to treat HIV, or prevent infection in the first place. The study, published in the journal Science, combines three such antibodies into an even more powerful "tri-specific antibody." The experiments conducted on 24 monkeys showed none of those given the tri-specific antibody developed an infection when they were later injected with the virus. "We're getting 99% coverage, and getting coverage at very low concentrations of the antibody," said Dr Gary Nabel, the chief scientific officer at Sanofi and one of the report authors.
          
  
  Read more of this story at Slashdot.
  

• Hackers Using iCloud's Find My iPhone Feature To Remotely Lock Macs, Demand Ransom Payments
  AmiMoJo shares a report from Mac Rumors: Over the last day or two, several Mac users appear to have been locked out of their machines after hackers signed into their iCloud accounts and initiated a remote lock using Find My iPhone. With access to an iCloud user's username and password, Find My iPhone on iCloud.com can be used to "lock" a Mac with a passcode even with two-factor authentication turned on, and that's what's going on here. Affected users who have had their iCloud accounts hacked are receiving messages demanding money for the passcode to unlock a locked Mac device. The usernames and passwords of the iCloud accounts affected by this "hack" were likely found through various site data breaches and have not been acquired through a breach of Apple's servers. Impacted users likely used the same email addresses, account names, and passwords for multiple accounts, allowing people with malicious intent to figure out their iCloud details.
          
  
  Read more of this story at Slashdot.
  

• Court Rules That Imported Solar Panels Are Bad For US Manufacturing
  The International Trade Commission has ruled that American companies are being hurt by cheap solar panels from overseas, providing an opportunity for President Donald Trump to tax imports from countries like China. The Verge reports: Today's unanimous decision ruled that the companies SolarWorld Americans and Suniva were struggling financially not because of their own poor management, but because they couldn't compete with cheap panels from countries like China, Mexico, and South Korea. Suniva is now suggesting import duties of 40 cents a watt for solar cells, and a floor price of 78 cents a watt for panels. (Right now, the average floor price, worldwide, for panels is about 32 cents.) The Solar Energy Industries Association warned that implementing these suggestions could end up doubling the price of solar, thus destroying demand and causing Americans to lose their jobs.
          
  
  Read more of this story at Slashdot.
  

• Microsoft and Canonical Make Custom Linux Kernel
  Billly Gates writes: Microsoft and Canonical's relationship is getting closer besides Ubuntu for Windows. Azure will soon be offering more customized Ubuntu containers with a MS optimized kernel. Uname -r will show 4.11.0-1011-azure for Ubuntu cloud based 16.04 LTS. If you want the non MS kernel you can still use it on Azure by typing: $ sudo apt install linux-virtual linux-cloud-tools-virtual $ sudo apt purge linux*azure $ sudo reboot The article mentions several benefits over the generic Linux kernel for Azure
          
  
  Read more of this story at Slashdot.
  

• Google Experiment Tests Top 5 Browsers, Finds Safari Riddled With Security Bugs
  An anonymous reader writes from a report via Bleeping Computer: The Project Zero team at Google has created a new tool for testing browser DOM engines and has unleashed it on today's top five browsers, finding most bugs in Apple's Safari. Results showed that Safari had by far the worst DOM engine, with 17 new bugs discovered after Fratric's test. Second was Edge with 6, then IE and Firefox with 4, and last was Chrome with only 2 new issues. The tests were carried out with a new fuzzing tool created by Google engineers named Domato, also open-sourced on GitHub. This is the third fuzzing tool Google creates and releases into open-source after OSS-Fuzz and syzkaller. Researchers focused on testing DOM engines for vulnerabilities because they expect them to be the next target for browser exploitation after Flash reaches end-of-life in 2020.
          
  
  Read more of this story at Slashdot.
  

• Verizon Backtracks Slightly In Plan To Kick Customers Off Network
  An anonymous reader quotes a report from Ars Technica: Verizon Wireless is giving a reprieve to some rural customers who are scheduled to be booted off their service plans, but only in cases when customers have no other options for cellular service. Verizon recently notified 8,500 customers in 13 states that they will be disconnected on October 17 because they used roaming data on another network. But these customers weren't doing anything wrong -- they are being served by rural networks that were set up for the purpose of extending Verizon's reach into rural areas. Today, Verizon said it is extending the deadline to switch providers to December 1. The company is also letting some customers stay on the network -- although they must switch to a new service plan. "If there is no alternative provider in your area, you can switch to the S (2GB), M (4GB), 5GB single-line, or L (8GB) Verizon plan, but you must do so by December 1," Verizon said in a statement released today. These plans range from $35 to $70 a month, plus $20 "line fees" for each line. The 8,500 customers who received disconnection letters have a total of 19,000 lines. Verizon sells unlimited plans in most of the country but said only those limited options would be available to these customers. Verizon also reiterated its promise that first responders will be able to keep their Verizon service even though some public safety officials received disconnection notices. "We have become aware of a very small number of affected customers who may be using their personal phones in their roles as first responders and another small group who may not have another option for wireless service," Verizon said. "After listening to these folks, we are committed to resolving these issues in the best interest of the customers and their communities. We're committed to ensuring first responders in these areas keep their Verizon service."
          
  
  Read more of this story at Slashdot.
  

• Walmart Wants To Deliver Groceries Straight To Your Fridge
  New submitter Rick Schumann writes: Walmart has a new marketing idea: "Going to the store? No one has time for that anymore," Walmart says. They want to partner with a company called August Home, who makes smart locks, so a delivery service can literally deliver groceries right into your refrigerator -- while you watch remotely on your phone. Great, time-saving idea, or super-creepy invasion of your privacy? You decide. Here's how the company says it would work:   1. Place an order on Walmart.com for groceries or other goods.  2. A driver for Deliv -- a same-day delivery service -- retrieves items when the order is ready, and brings them to the customer's home. 3. If no one answers, the delivery person can use a one-time passcode that's been pre-authorized by the customer to open the home's smart lock. 4. The customer receives a smartphone notification when the delivery is occurring, and can choose to watch it all play out in real-time on home security cameras through a dedicated app. 5. Delivery person leaves packages in the foyer, then brings the groceries to the kitchen, unloads them into the fridge, and leaves. 6. Customer receives notification that the door has locked behind them.
          
  
  Read more of this story at Slashdot.
  

• Adobe Security Team Accidentally Posts Private PGP Key On Blog
  A member of Adobe's Product Security Incident Response Team (PSIRT) accidentally posted the PGP keys for PSIRT's email account -- both the public and the private keys. According to Ars Technica, "the keys have since been taken down, and a new public key has been posted in its stead." From the report: The faux pas was spotted at 1:49pm ET by security researcher Juho Nurminen. Nurminen was able to confirm that the key was associated with the psirt@adobe.com e-mail account. To be fair to Adobe, PGP security is harder than it should be. What obviously happened is that a PSIRT team member exported a text file from PSIRT's shared webmail account using Mailvelope, the Chrome and Firefox browser extension, to add to the team's blog. But instead of clicking on the "public" button, the person responsible clicked on "all" and exported both keys into a text file. Then, without realizing the error, the text file was cut/pasted directly to Adobe's PSIRT blog.
          
  
  Read more of this story at Slashdot.
  

• Passwords For 540,000 Car Tracking Devices Leaked Online
  An anonymous reader quotes a report from The Hacker News: Login credentials of more than half a million records belonging to vehicle tracking device company SVR Tracking have leaked online, potentially exposing the personal data and vehicle details of drivers and businesses using its service. Just two days ago, Viacom was found exposing the keys to its kingdom on an unsecured Amazon S3 server, and this data breach is yet another example of storing sensitive data on a misconfigured cloud server. The Kromtech Security Center was first to discover a wide-open, public-facing misconfigured Amazon Web Server (AWS) S3 cloud storage bucket containing a cache belonging to SVR that was left publicly accessible for an unknown period. Stands for Stolen Vehicle Records, the SVR Tracking service allows its customers to track their vehicles in real time by attaching a physical tracking device to vehicles in a discreet location, so their customers can monitor and recover them in case their vehicles are stolen. The leaked cache contained details of roughly 540,000 SVR accounts, including email addresses and passwords, as well as users' vehicle data, like VIN (vehicle identification number), IMEI numbers of GPS devices. The leaked database also exposed 339 logs that contained photographs and data about vehicle status and maintenance records, along with a document with information on the 427 dealerships that use SVR's tracking services.
          
  
  Read more of this story at Slashdot.
  

• Oracle Announces Java SE 9 and Java EE 8
  rastos1 writes: Oracle has announced the general availability of Java SE 9 (JDK 9), Java Platform Enterprise Edition 8 (Java EE 8) and the Java EE 8 Software Development Kit (SDK). JDK 9 is a production-ready implementation of the Java SE 9 Platform Specification, which was recently approved together with Java EE 8 in the Java Community Process (JCP). Java SE 9 provides more than 150 new features, including a new module system and improvements that bring more scalability, improved security, better performance management and easier development to the world's most popular programming platform.
          
  
  Read more of this story at Slashdot.
  

Linux.com offline for now

Engadget

• Recommended Reading: Behind the scenes of 'Blade Runner 2049'
  
  Wired wants to make sure you're properly prepared for that viewing. Step behind the scenes of Blade Runner 2049 for a look at the sci-fi, dystopia and darkness.
  
  The Evolution of 'NBA 2K' Is Pretty Incredible When You Stop and Think About It
  Kofie Yeboah, SB Nation
  
  Sports games have come a long way, and NBA 2K18 is more proof of that. SB Nation offers a look at just how far the franchise has come.
  
  Inside the Second Coming of Nest
  Steven Levy, Wired
  
  Nest revealed its home security gear this week and Wired has the inside look at the company's quest to lock down your home with easy-to-use tech.
  
  The Life, Death and Resurrection of Teddy Ruxpin
  Bridget Carey, CNET
  
  Whether you had a Teddy Ruxpin as a kid or not, this piece from CNET is solid read on one of America's most beloved toys.
  
  Bored With Your Fitbit? These Cancer Researchers Aren't
  Megan Molteni, Wired
  
  A Fitbit device as a cancer research tool? Yep! Wired has the story of why the company's tech is the preferred choice for doctors and scientists.
  

• Moleskine’s smart planner requires too much effort to use
  
  As a tech reporter, I sometimes find my reliance on physical planners and paper notebooks embarrassing. But there's something about the act of writing my appointments down that makes them feel more official. As my friends will tell you, though, all too often I double- or even triple-book myself because I've forgotten to transfer my plans to my phone's calendar, which is what reminds me of upcoming meetings. So when I heard about Moleskine's latest product, I was intrigued. The company's new smart planner builds on its existing connected writing set by letting you jot down appointments and have those meetings show up in your online calendar. But, as I found out after a few days of testing, the effort required to get the system up and running ultimately isn't worth it.
  
  Before you can even set up the pen, the app asks that you agree to Moleskine's privacy policy and terms and conditions. You have to check several boxes on each page before you can proceed to the next one, and there's no way to skip any of this. Normally, this wouldn't be an issue; we agree to terms and conditions all the time. What bothered me was that on the last page, you must check the box that says you agree to Moleskine sending you promotional or informational material if you want to move forward. This is usually optional; making it mandatory is an oppressive move on Moleskine's part.
  
  A company spokesperson told Engadget that its privacy policy states that you may be asked in the future to provide an email address and password to access the app. "This is completely optional, so you're not required to enter an email or password to use the app or product," the company said. If you do provide an email, Moleskine said, it would send promotional emails from respective channels, and it won't if you don't supply your contact info. For the purpose of this hands-on, I checked the box, crossed my fingers and moved on.
  
  
  
  I was intrigued by the premise of the connected planner at first. Using the smart pen, you write down your appointments on the physical planner and the system will send them to the digital calendar of your choice (iCal, Google or Outlook). The planner also has plain lined pages on the right, where you can jot down ideas or to-do lists, which then sync to the app.
  
  Linking the pen to the Moleskine app was relatively easy: I held down a button until a light on the device turned blue, then placed the pen next to my iPhone. The app found my pen after a few seconds. Once I started writing in the planner, the app detected the new book, it jumped to the page where my pen was, and my scribbles appeared on my phone in real time. Just as with the existing smart writing set, you can use the pen to tap on the envelope icon on the top right of each page to send a PDF copy to yourself or your friends.
  
  
  
  To get the planner to sync with your digital calendar, though, you have to make sure to follow these steps. Go into the Moleskine app's settings, then select "Authentication Center." Pick the calendar you prefer and give the app permission to sync. Each time you want to write anything in the planner or notebook, you have to make sure the pen is switched on, or nothing will sync. So if your pen is out of power, too bad; nothing you write will be saved to the app. Moleskine says the pen will last through up to 13 hours of "average use" and about seven hours of nonstop writing (hope they don't mean that literally).
  
  After I finally got the planner to link to my iCal, I activated the pen and wrote down a few dummy meetings. There are three ways to create an appointment: start your entry with the time of your meeting, and the app will save a one-hour block to your calendar; specify a start and end time, and the app will set aside a slot for that duration; or, if you don't use any times at all, the app will save your entry as an all-day event. That all sounds nifty in theory, but because the system is so bad at recognizing my handwriting, it kept reading my 2s and 1s as Zs and Ls. This made it save 2pm and 1pm appointments as all-day events. It also failed to recognize my cursive or block writing, and labelled several of my meetings with gibberish. I had to be extremely careful when writing my entries before it would work.
  
  
  
  When it did recognize what I wrote, though, the Moleskine app accurately set up appointments in my calendar. But for now, the software still feels too unreliable to justify buying the planner (a $30 add-on) specifically for the digital benefits. I also find the purchasing option unnecessarily complicated. To use the smart planner, you need the smart pen, which is available only with the $199 writing set for now. That means you'll have to get the regular notebook no matter what, which I find unnecessary, since you have lined notebook pages in the planner anyway. But Moleskine says customers of its paper products tend to buy both notebooks and planners, and the company believes they'll want to get both of the connected versions as well.
  
  I happen to not be a Moleskine customer, so I don't know if that's true. There also aren't very many alternatives available -- Livescribe's and Evernote's options are either partnerships with Moleskine to begin with or, in the case of the latter, discontinued. The reusable Rocketbook appears to be a cheaper option with features similar to those of the smart notebook, but it doesn't have the premium quality of a Moleskine and doesn't offer scheduling tools. All told, Moleskine's smart planner is a compelling concept that I'd embrace -- if only it were more reliable and didn't require so much effort.
  

• The Morning After: Weekend Edition
  
  Hey, good morning! You look fabulous.
  
  Welcome to the weekend -- and be careful with your new iPhone 8.
  
  
  
  The flip side.Imagination Technologies agrees to �550 million sale
  
  
  
  Apple launched its first iPhone containing a custom-designed GPU this week, and at the same time, its former graphics chip partner agrees to a sale. Imagination Technologies saw its value dive after losing Apple as a customer for its PowerVR graphics hardware, so now a Chinese fund is buying the company for $743 million.
  
  
  
  Really.Nintendo rolls out two-step authentication for online accounts
  
  
  
  Nintendo has been slow to catch up with online features and services, but now Nintendo Account owners can use two-factor authentication. Paired with a third party app like Google's Authenticator, it adds an additional layer of security, and you should probably turn it on ASAP.
  
  
  
  FYI.The iPhone 8's glass back costs way more to repair than the front
  
  
  
  Be careful with that new iPhone 8. A number of Apple employees have told Apple Watch Series 3 first look
  
  
  
  Chris Velazco survives a day using just the Apple Watch Series 3's built-in LTE connection.
  
  
  
  iThings assemble.Apple refresh recap
  
  
  
  Need a reminder on Apple's other big updates? We've got everything you need to know about iOS 11, the iPhones 8, and a quick look at the Apple TV 4K.
  
  
  
  Hits, misses and leaks.The Engadget Podcast Ep 43
  
  
  
  This week Dana Wollman and Chris Velazco are discussing all of the new hardware from Apple, plus Google's Pixel plans (and what we've learned from leaks).
  But wait, there's more... 'Star Trek: Discovery' premiere on Sunday night How Kevin Durant's attempt to clap back at trolls backfired Pirate Bay 'borrows' visitor CPUs to mine virtual coins Bad Password: Why Equifax's error wasn't hiring someone with a music degree Uber's new CEO says the company is paying for its bad rep Hackers slipped malware into popular PC software CCleaner
  The Morning After is a new daily newsletter from Engadget designed to help you fight off FOMO. Who knows what you'll miss if you don't subscribe.
  

• Apple's former GPU maker Imagination agrees to £550 million sale
  
  Losing Apple as a customer can be rough for a supplier, as Imagination Technologies found out. In April, the UK chipmaker announced that the folks in Cupertino planned to develop their own mobile GPUs and would no longer rely on its PowerVR tech for iPhones and iPads. The A11 Bionic chip inside Apple's new iPhone 8 series and upcoming iPhone X is the company's first-ever self-designed GPU. While still in dispute with Apple over the breakup plans, Imagination lost over 70 percent of its value and put itself up for sale. Now, it has found a buyer in Canyon Bridge Capital Partners, a China-backed fund.
  
  Recently, Donald Trump used his presidential power to block the fund from completing a $1.3 billion buyout of a US chipmaker, Lattice Semiconductor, over security concerns. Canyon Bridge is snapping up Imagination (minus its MIPS arm, which is being sold to other investors for $65 million) for �550 million ($743 million) in a move that it says will not cut staff or move the company's headquarters.
  
  Source: Imagination Technologies
  

• YouTube’s 'Creators for Change’ premiere at Tribeca's TV Festival
  
  You can find almost anything on YouTube these days, but with the "Creators for Change" program, the site had a specific goal in mind: Show how its platform could be used for social good. Tonight at the first ever Tribeca TV Festival, YouTube premiered the first three videos from the initiative, touching on topics like racism, growing up Muslim in America and xenophobia in the United Kingdom. And while they weren't significantly different than other socially aware YouTube videos, they're a sign that Google is getting just a tad more woke.
  
  
  
  The event kicked off with a music video for Australian hip hop artist L-Fresh the Lion's song Raci$t/ Our World, which is sort of a modern spin on We Are the World. It's undoubtedly confrontational at first, but the video's big takeaway is that humanity could learn to live together in diverse cities like Sydney.
  
  "Hip-hop has never been afraid about touching on heavy concepts," L-Fresh said during a Q&A panel following the screening. "In general it sparks a conversation, it plants a seed in someone to hopefully make them think a bit different."
  
  
  
  Tasneem "Tazzy" Phe's visual essay, I Wanted Nothing to do with This Country, describes her experience growing up as a Muslim kid in America. Upon entering high school, she was faced with the constant reminder of just how different she was than everyone else. And that feeling didn't change when she visited Pakistan with her family, either. Through her video, she tries to convey the difficulty of feeling like a stranger in both of her worlds. While her channel typically focuses on comedy videos, she says she was able to branch out with this more dramatic project thanks to the Creators for Change program.
  
  
  
  The evening wrapped up with director Sam Saffold's short film, A Welcoming Place. It focuses on a young man who visits his father's old home, only to find a strange couple living there. And of course, something is just a bit odd about them. The short feels similar to a classic Twilight Zone episode — it's both an exploration of grief, as well as xenophobia.
  
  Saffold, who comes from a mixed-race background, says he's always wanted to explore how difficult it is to navigate questions of identity and culture in England. When moderator Todrick Hall wondered what it was like being a director when a platform like YouTube lets anyone easily broadcast their work, Saffold described himself as both intimidated and invigorated by the competition.
  
  YouTube committed $1 million for the Creators for Change initiative, which was meant to help cover equipment and production costs for the 27 ambassadors, each of whom received a $25,000 grant. These first three films are just the start — the company also unveiled six other videos today. If they're successful, I wouldn't be surprised if Google expands the program even further next year. After all, we could all use more artists trying to change the world for the better.
  

• Intel's Project Alloy VR headset is dead
  
  Intel won't be releasing its Project Alloy VR headset platform anytime this year -- in fact, it won't be releasing the technology at all. The tech giant has officially killed the initiative, which aimed to provide partner companies an open reference design for their own standalone VR devices. Intel was supposed to launch the platform this year, but according to RoadtoVR, it has decided to abandon the project this summer due to lack of partner interest.
  
  The company didn't elaborate on why there's a lack of interest, but it could be because manufacturers, including Asus, Acer and Dell, chose to focus their resources on building Microsoft Mixed Reality headsets. Kim Pallister, Intel's Virtual Reality Center of Excellence director, has also revealed another possible reason in his interview with PC World. He said the company realized that a standalone headset "isn't necessarily the optimum form factor" and can't compete with the performance of PC-powered devices.
  
  Instead of going forward with Project Alloy, Intel will focus on developing a WiGig link to enable wireless PC-powered VR headsets, as well as on making other VR-related technologies. It told RoadtoVR in a statement:
  
  "Intel has made the decision to wind down its Project Alloy reference design, however we will continue to invest in the development of technologies to power next-generation AR/VR experiences. This includes: Movidius for visual processing, Intel RealSense™ depth sensing and six degrees of freedom (6DoF) solutions, and other enabling technologies including Intel WiGig, Thunderbolt, and Intel Optane™. All of these Intel technology solutions are supported by a robust portfolio of software capabilities, and we're building out a VR support ecosystem, from software design kits to reference designs, to spur innovation that's enabling rich and immersive content. Project Alloy served as a great proof of concept for Intel and the industry – showing what's possible in a high-performance, immersive and untethered VR experience. What we've learned through Project Alloy will inform future efforts."
  
  The company has also been shifted its focus to VR content recently. Just this March, it snapped up Replay Technologies, which is known for creating 360-degree video replays for the NBA.
  
  Source: RoadtoVR, PCWorld
  

• Nintendo rolls out two-step authentication for online accounts
  
  Nintendo now supports two-factor verification to its Nintendo Accounts. This adds another layer of security by requiring codes generated from the Google Authenticator app, though it comes years later than most other gaming platforms.
  
  
  
  Sony added two-factor to the PlayStation Network a year ago using codes texted to a user over SMS. Steam let users require verification over email for years, but introduced its standalone Mobile Authenticator system back in 2015. Microsoft scoffs at these latecomers, as it added two-step authentication to Microsoft Accounts back in 2014. Blizzard has had secondary authenticators for years, most prominently in its mobile verification dongles it's had since before 2009. But better late security than no security, Nintendo fans.
  
  Source: Gamasutra
  

• Uber's new chief says the company is paying for its bad rep
  
  New company chief Dara Khosrowshahi has sent out an email to his employees about London, and it shows that the company might truly be under a different kind of leadership now. One that doesn't sound like it'll encourage "hustlin'" and overlook bad behavior, such as obtaining rape victims' medical records through questionable means. Khosrowshahi told his employees and drivers in the internal email that while it's easy to think London's decision not to renew Uber's taxi license is unfair, "the truth is that there is a high cost to bad reputation."
  
  He admitted that it really matters what people think of the company. So, going forward, he said it's critical "to act with integrity in everything" the company does and to learn how to be better partner to every city where it's active. By doing so, he hopes to show that Uber isn't just a "really great product, but a really great company that is meaningfully contributing to society."
  
  In its announcement, Transport for London said it didn't reissue Uber's license because its policies for reporting criminal offenses, as well as the way it obtains medical records and does driver checks didn't meet its standards. The agency was also wary of Greyball, which the company used to evade known authorities by showing them fake rides or none at all. Uber denies ever using Greyball in London, but it doesn't matter: as Khosrowshahi said, the company will have to deal with the reputation it built for itself.
  internal email from Dara to employees, re: London, below pic.twitter.com/e4Py7LwCQO
  — ಠ_ಠ (@MikeIsaac) September 22, 2017Dear London: we r far from perfect but we have 40k licensed drivers and 3.5mm Londoners depending on us. Pls work w/us to make things right
  — dara khosrowshahi (@dkhos) September 22, 2017
  Source: Mike Isaac (Twitter)
  

• Climbkhana: Ken Block explains Pikes Peak assault in latest Gymkhana video
  
  By Carter Jung
  
  Climbkhana is clever. And no, not because it's a portmanteau. Rather it's how Ken Block and his merry band of Hoonigan Media Machine misfits took something the internet clearly loves, hooning, and paired it with a picturesque mountain tied to one of the oldest motorsport events in America, the Pikes Peak International Hill Climb.
  
  More than that, tire-shredding drifts and thick clouds of smoke from the Hoonicorn V2 — a 1,400-horsepower 1965 Ford Mustang converted to all-wheel drive, harkens back to the glory days of Pikes Peak. A time when car and driver would test their mettle racing up a precarious ribbon of dirt to 14,115 feet of elevation.
  
  The new YouTube.
  
  Ahead of the debut, we talked with head Hoonigan Ken Block and Brian Scotto, co-director of Climbkhana and longtime Gymkhana collaborator.
  
  
  
  
  AUTOBLOG: With this video, you've strayed from the Gymkhana naming convention, opting for Climbkhana. There's also the recent Terrakhana video. Is there meaning behind the shift?
  
  BLOCK: Climbkhana and Terrakhana were both names that we all — Brian, myself and our team — came up with for these projects. The goal was to make it clear that while they're related in the sense that it's myself driving and incorporating Gymkhana-style moves, they're new ideas.
  
  AB: Ken, your first exposure to Pikes Peak was watching the hill climb on TV as a youth. When did you decide to film your own four-wheeled exploits on the mountain?
  
  BLOCK: We had been talking about doing Climbkhana at Pikes Peak when someone from the hill climb organization reached out to us. The timing aligned perfectly, and we were all on the same page about doing something cool to showcase the mountain in a way that wasn't the standard hill climb footage. We wanted to be respectful to the event, pay a bit of respect to Climb Dance, and create something that was still very much in line with what people expect from my videos.
  
  AB: Did you ever compete in the annual Pikes Peak International Hill Climb?
  
  BLOCK: I raced at Pikes back in 2005 in a Group N rally car! Although by the time I got to the top, it was a very underwhelming experience due to the lack of power thanks to the elevation.
  
  AB: Brian, a segue, how did you get involved with the Gymkhana films?
  
  SCOTTO: I've been on this ride since day one. The first Gymkhana film actually grew from an article that ran in 0-60 Magazine — which I was the editor of — about the sport of gymkhana, featuring Ken. I consulted on the first and second Gymkhana films, but by the time we released the third, I was full-time working for Ken. I stepped into the role of creative director and then eventually graduated to director, but I sort of still do both jobs.
  
  Now, Ken is my business partner at Hoonigan, and for some reason trusts me to carry on his creation.
  
  AB: It's incredibly challenging to close down Pikes Peak — the highway is a public toll road. It's why, for the hill climb, practice is held in segments at dawn over the week leading into race day. How were you able to convince the authorities to give you access to the mountain?
  
  SCOTTO: Luckily, the team at Pikes Peak International Hill Climb had come to us, and were instrumental in navigating this project through the parks department. But we still had to work around the mountain's schedule. We shot super early during the mornings and did controlled traffic stops to get other shots pulled off after 7:30 a.m. when the mountain opened to the public. It was no easy task. But everyone from the mountain was amazing to work with, they really seemed to appreciate what the world of motorsports did for Pikes Peak.
  
  AB: Past Gymkhana films were in production for a scant five days. Climbkhana took more than 13 months. What were some of the challenges you faced?
  
  BLOCK: It definitely took us longer than I would have liked to finish! The first time we went, we had some fairly serious engine problems and were unable to get everything we wanted. We went back two months later and were still having engine issues and ran into severe weather issues. Rain, snow, lightning and sunshine all within an hour at times. Some truly wild stuff! Finally, we sorted out the motor and went back this past August and had two solid days of good weather to finish everything up.
  
  AB: How much did having Jeff Zwart co-direct help with production?
  
  SCOTTO: Jeff Zwart is a legend. As a kid, photos he shot decorated the walls of my room, so I was honored to not only work alongside him and share directing duties, but to have him so excited to be a part of the project and join the Hoonigan Media Machine crew. Without Zwart's extensive knowledge of the road, it would have taken us three times as long to plot it all out.
  
  Not only has he raced there a zillion times, he has also shot a bunch of car commercials there, so he knew it from both sides. Zwart also brought a different look to the film — we have never used camera cars before. Not using them has always been a big part of our formula, but Zwart and I were able to find a way to make them work while staying true to our signature style.
  
  AB: When it comes to driving, is it pre-planned and storyboarded from previous scouting trips or more seat-of-the-pants?
  
  BLOCK: There's always a scouting trip prior, and then we'll do a recon pass before we start to film. For normal Gymkhana stuff, I can normally walk through the scene, but with Climbkhana, since it was the road and extended distances, I used my Focus RS to run through the sections before hopping into the Hoonicorn to film.
  
  
  
  AB: You mentioned the film before, how many times did you and the crew watch Jean Louis Mourey's Climb Dance before going into production?
  
  BLOCK: Maybe twice? But, I have seen it many times and I know a lot of the scenes by heart. It's very inspirational. And, it has a lot of the basic makings of how we make our videos since most of the footage was shot during the various practices of the two drivers before the race, Ari Vatanen and Robby Unser.
  
  SCOTTO: I'm sure I've seen that film a hundred times in my life. Before we started doing the Gymkhana series, it was really the only film of its kind that was more than the typical motorsports coverage. Mourey elevated the way racing could be depicted. There's a lot of commonality in Climb Dance and our work. Many people think that it was shot during the race, but the film was actually shot just like Climbkhana, in the wee hours of the day, during practice and private testing. Oh, and I probably watched the iconic Ari Vatanen sun block shot 30 times on the day we filmed that homage moment to get everything just right.
  
  AB: With the hill climb having recently celebrated its 101st anniversary and Pikes Peak being one of the most scenic motorsports settings in the world, there has been a lot of content to come out of the mountain. What was your take going into it?
  
  BLOCK: I saw the road and mountain for what it was: one of the most amazing races in the world on one of the most amazing mountain roads. So, our vision was to help showcase what an amazing and challenging road it is, but to show it in a new way.
  
  Since the road has been completely paved, everyone who races up Pikes Peak is now locked into tarmac racing lines. No one gets sideways anymore like the old gravel days, which is when I started watching the race. With Climbkhana, I wanted to show a more fun, sideways and playful way of getting to the summit.
  
  AB: In previous Gymkhana films, you had a sandbox to play in, from an old airfield to what seemed like the entirety of Los Angeles. With Climbkhana, you were limited to the paved sections of the mountain. How did that affect the film?
  
  BLOCK: It made it a bit more dangerous at certain points since my runoff was a sheer drop at times! It also restricted what we could do since there are only so many open areas, or unique spots like the ranger station and the parking lot next to it to play with. We can only show so many hairpins in a video like this, so we had to get creative with the various spots and storylines we could create on the mountain.
  
  AB: What was the most challenging stunt in Climbkhana?
  
  BLOCK: There's one turn in the upper part of the W's where I wanted to drop a wheel and spray some rocks out over the drop while still smoking the front tires on the pavement. Not easy! And the consequences were bad if I went wide, it's the same spot the Mitsubishi Lancer Evolution went off a few years ago. I nailed it on my second run, but the commitment level was really high and the margin for error was pretty small, so I'd say that was by far the most challenging part.
  
  
  
  AB: What shot are you the most proud of?
  
  SCOTTO: That's a tough one. The shot of KB almost dying, with two wheels deep in the dirt, inches from disaster as his front wheels clawed at the tarmac to escape the long way down might be one of the greatest moments I have ever been apart of. I was standing behind our main camera for that shot, and didn't breathe the entire time.
  
  AB: While the plumey tire smoke almost doubles as roost, what would you each trade to go back and shoot Climbkhana when Pikes Peak was still all gravel?
  
  BLOCK: Most of my early race career was built on gravel rally experience, and my early memories of Pikes was of it all gravel. So, it would be a dream to actually drive it that way. Especially with a high-horsepower AWD rally car. So, as far as a trade? That's a tough question. Not my left nut, that's for sure. But it does have that sort of value, though [laughter]!
  
  SCOTTO: Early on, something we discussed was that by making a Gymkhana film, it was the only way anyone would be able to drive the mountain in the same fashion as the glory days of Michelle Mouton, Ari Vatanen, Bobby Unser, Walter Rohl, Rod Millen and so on. So I'm not so sure I'd trade anything. That said, the rally fan in me wishes the mountain was still gravel for racing's sake. The faster records are cool, but nothing will beat the sideways, roosted slides with no guardrails and heaps of consequence.
  
  AB: Ken, as someone who currently competes in the FIA World Rallycross Championship, how much does your skills hooning in videos complement what you do in a race?
  
  BLOCK: All of the stuff you see in my videos is a direct translation from the things I would do on a rally stage or during a rallycross race. But, sideways is slow so are we are constantly fighting to keep the car straight when racing in the World Rallycross Championship. The Gymkhana videos are always fun for me to get that sideways stuff out of my system.
  
  When Gymkhana first dropped back in 2008, it was during the early YouTube days. Do you remember what your initial expectations were?
  
  BLOCK: I had none, really. I originally filmed it for fun and had it hosted on my personal webpage. It took off and was costing me around $10k a month to host it there! Once that happened, I knew I had something pretty special, and it's grown a lot from there.
  
  
  
  AB: Besides excessive hosting fees, how much has the success of the Gymkhana franchise affected both of your careers?
  
  BLOCK: I think the success of the franchise has certainly helped in terms of extra visibility as a driver and for my team and partners. It allows me to be a bit more multi-faceted than most guys on the circuit and it assisted in getting more sponsorship, which is a huge help when building out race budgets to compete around the world.
  
  SCOTTO: Gymkhana changed the direction of my career. I went from being a magazine editor to a director. Not sure if that would have happened without this series. But then again, the entire world of media was shifting at the time, and we were all trying to figure out what the next thing was. Who knew it was making videos about sliding cars!
  
  AB: As creators, where do you both find inspiration for your projects?
  
  BLOCK: I find my inspiration all around me. At the end of the day, my team and I love to create cool content that we like and want to see. Through the process of brainstorming and general banter, we get inspired to come up with our ideas for the next video.
  
  SCOTTO: Like Ken, everything around me inspires in one way or another. But if I was forced to pick one, I'd say it comes from my 7-year-old imagination. I think about the stuff that I wanted to see cars do when I played with Hot Wheels, then question what is actually possible.
  
  AB: Say Ford came to you guys with the opportunity to film without any budget limitations, what would you each want to do next?
  
  BLOCK: No budget restrictions? I guess the moon?
  
  SCOTTO: I'd start with a much-needed nap. Maybe a vacation. Then we'd build our own world to hoon.
  

• Fitness app company settles with FTC for nearly $1 million
  
  If you're going to create a mobile app that offers monetary rewards for meeting fitness goals, you should probably make sure you back your promises up. The Pact fitness app offers users a way to incentivize workouts by charging a fee when users miss their fitness goals. If goals are met, the app also promises to pay a share of the punishment fees with successful members. According to the FTC, who filed a complaint against the developer Thursday, tens of thousands of Pact users have been charged the penalty, even when they met their goals or canceled the service. The Commission also said that none of the users received a payout, either. The developer has now settled the case with the FTC for more than $940,000.
  
  
  
  "Consumers who used this app expected the defendants to pay them rewards when they achieved their health-related goals, and to charge them only when they did not," said the Bureau of Consumer Protection's Tom Pahl in a statement. "Unfortunately, even when consumers held up their end of the deal, Pact failed to make good on its promises." The FTC also claims that Pact didn't adequately tell its members how to cancel the service and stop recurring charges.
  
  The FTC claimed that Pact, Inc. engaged in unfair and deceptive practices that violated the FTC Act and the Restore Online Shopper's Confidence Act, or ROSCA, which prohibits charging consumers without it being clearly disclosed. The settlement makes it so that the defendants cannot continue to charge their customers without a "clearly and conspicuously" disclosure. Pact customers who were wrongfully charged will get more than $940,000 in refunds, as part of a $1.5 million settlement overall (the discrepancy in final amount and the refund amount has been suspended). The company must notify customers and complete payments within 30 days of the settlement order.
  
  Via: Ars Technica
  
  Source: FTC
  

• Lenovo’s leaked 25th-anniversary ThinkPad sports a familiar look
  
  The latest ThinkPad that Lenovo brought to CES back in January had a notably sleeker, more modern appearance than the line's traditional boxy black look. But it kept a couple features, like the red TrackPoint nub and 45-degree ThinkPad logo, that have become trademarks of the beloved brand since it debuted under IBM back in October 1992. But WinFuture reports that a leak revealed Lenovo is releasing a 25th-anniversary retro version that mimics the look of the first ThinkPad laptops that reached consumers.
  
  According to the leak, the allegedly-named ThinkPad 25 has visual touches from its ancestor (like a multicolored logo and blue 'Enter' key) but will otherwise be based on the ThinkPad 470 series. Its tech specs are pretty standard for midline laptops: A 14-inch IPS display, Intel Core i7 processor, 16GB of RAM, 512GB of SSD storage and a NVIDIA GTE 940MX GPU. It has all your modern ports, too: A Thunderbolt-rated USB-C, three standard USB, an SD slot, HDMI and even an Ethernet port. Rounding out its modern tech is a fingerprint scanner and infrared webcam for facial recognition.
  
  As The Verge points out, this anniversary edition looks a lot like the retro-classic ThinkPad concept that Lenovo VP of design David Hill mentioned a couple years ago. Given that the initial consumer-facing ThinkPads were introduced 25 years ago next month, this model might be announced in October, assuming the info is accurate.
  
  Via: The Verge
  
  Source: WinFuture
  

• Apple extends iTunes movie rentals to 48 hours
  
  It used to be that when you rented a movie from Apple's iTunes service, you'd have 24 hours to finish watching it. You could start streaming the rental within 30 days of purchase, of course. Just a couple of weeks after Apple made 4K an affordable option, the company has doubled the rental time to 48 hours. This is perfect for those of us with young kids who want to watch a movie over (and over and over) or busy schedules that don't let us get to our movies right away. The timer starts even if you're watching the film offline, too.
  
  While the new 48-hour rental period is available in the US, we've reached out to Apple to see if it will be the same in other countries and regions that support iTunes movie rentals and will update this post when we hear back.
  
  Movies can be rented via iTunes on iPhone, iPad, iPod touch, Apple TV and a Mac or PC with the latest version of iTunes. Once you hit the Rent button, you can then tap Rent and Watch Later (on Apple TV) or Not Now (on iOS devices). The option is called Watch Later on Mac or PC. You can download the movies to watch offline, too, with a tap on the little cloud and down arrow button. You're not restricted to the device you rent on, either; you can watch on any supported device that you've logged into with your iTunes account.
  
  Via: TechCrunch
  
  Source: Apple
  

• Tesla might build convenience stores at its charging stations
  
  Tesla plans to roll out more electric supercharging stations this year, especially in big cities, which should double the size of its network. But even with more places to juice up your Tesla, it still takes far longer to refill an EV than gassing up a fossil fuel-powered car. But the electric vehicle maker is considering adding small convenience stores to the stations so you can relax and refuel yourself while you wait.
  
  As Grub Street noted, earlier this week at FSTEC, the food tech conference, Tesla's CTO JB Straubel mentioned that folks are already spending time waiting for their cars to charge -- why not make their stay a little more comfortable? "People are coming and spending 20 to 30 minutes at these stops," waiting for their Teslas to suck up electric power, Restaurant Business quoted Straubel saying at the conference. "They want to eat, they want to have a cup of coffee, they want to use the bathroom."
  
  Straubel reportedly showed the audience mock-ups of service stop designs, which had begun to resemble traditional convenience stores. Not that Tesla will get into the business itself -- instead, it would seek partners to run them. Straubel noted that the company has already been working with restaurants, and "That can only start scaling up."
  
  Via: The Verge
  
  Source: Restaurant Business
  

• Verizon will give rural customers more time to find new providers
  
  Recently, Verizon sent letters to around 8,500 customers living in rural areas that informed them their service would be cut off as of October 17th. Verizon claimed that those customers were using enough data while roaming outside of the Verizon network that the company's costs exceeded the fees being paid by the users. Well, there was, understandably, quite a bit of backlash over the letters and Verizon has now walked back both its deadline and its hard cutoff.
  
  In a statement, Verizon said, "Since that notification, we have become aware of a very small number of affected customers who may be using their personal phones in their roles as first responders and another small group who may not have another option for wireless service." Because of this, Verizon has extended its disconnection date to December 1st, giving customers a little more time to find a new carrier. For those without any other wireless providers in the area, they'll now have the option to switch to the 2GB, 4GB or 6GB plans -- which cost $35, $50 and $70 per month respectively -- or the 5GB single line plan priced at $55 per month. The December 1st deadline also applies to switching Verizon plans.
  
  The options still aren't great for those being forced into them, but at least these customers have slightly more time to make a decision.
  

• Target expands next-day delivery service to eight more cities
  
  Target continues to try and outcompete digital retailer and competitor, Amazon. The red bullseye-logo company has been testing its own Prime Pantry-like delivery service for a few months now, offering faster times than Amazon. Dubbed Restock, Target's offering expanded to customers Denver and Dallas last month. Now the next-day delivery system is growing, with new availability in Atlanta, Chicago, Los Angeles, New York, Philadelphia, San Francisco, St. Louis and the Washington, DC and Baltimore areas.
  
  If you live in one of these cities, you can visit the Target Restock website and order from more than 15,000 items to refill your home with, from cereal to paper towels, beauty products to cleaning supplies. You can add as much as you want, up to 45 pounds as measured by the online capacity tracker. If you order by 2 pm on a weekday, you'll get your items delivered to your door the next day for only $5. Amazon's Prime Pantry has the same weight limit but will run you $6.
  
  According to Target, the most popular items in current Restock areas are on-the-go snacks, beverages, cereal, paper towels and mac and cheese. "Guests need to keep daily essentials stocked, but finding time to buy them is tough — and it can be even more of a challenge when you're talking about large, bulky items," said Target's Dawn Block in a statement. The service is live in 10 markets now, and will arrive in San Francisco mid-October. The company says the service will then reach 70 million people, or about one-fifth of the US population.
  
  Restock is just another way Target is leveraging its brick-and-mortar stores to its own advantage, like the new Beacon-powered in-store mapping system for its mobile app.
  
  Via: TechCrunch
  
  Source: Target
  

• Mercedes-Benz spends $1 billion to make EVs at Alabama plant
  
  Like most auto makers these days, Mercedes-Benz is investing in electric vehicles in a big way. The Daimler-owned company is fast-tracking all of its models to an electric futureby 2022. It has also been showing off a slate of EV models, like the Generation EQ concept car, slated for production in 2019, an art deco-inspired, 20-foot-long Cabriolet and an adorably small Smart Vision EQ. It's looking at infrastructure, too, giving money to help support quick-charging tech made by Israeli startup StoreDot. Now Mercedes-Benz' parent company, Daimler AG, has plans to invest an $1billion in an Alabama factory to make sure it can make fully electric vehicles and battery packs here in the US.
  
  Daimler says it will add 600 more jobs with the new investment, while also building a nearby facility to produce EV batteries in 2018. The expansion comes just a few days after the company announced it would be pouring $1.3 billion into the same Tuscaloosa, Alabama plant to support the manufacture of SUVs, creating 300 additional jobs for that program.
  
  "With production locations for EVs and batteries in Europe, China and now the U.S., our global network is ready for the era of electric vehicles," Mercedes-Benz board member Markus Schaefer said in a statement. "Thanks to our plant modernization in Tuscaloosa, we will be able to quickly ramp up U.S. production of EQ models..."
  
  Via: The Verge
  
  Source: Automotive News
  

• The iPhone 8’s glass back costs way more to repair than the front
  
  Over the last couple of weeks, the price of AppleCare+ has gone up for Plus model iPhones and screen repair for the 6s and newer models has gotten $20 more expensive. However, while screen replacements for phones under AppleCare+ warranty are still $29, that's not the case for replacing the back glass of the iPhone 8 and 8 Plus, according to AppleInsider.
  
  A number of Apple employees have told AppleInsider that the back glass isn't covered under screen repair and is instead qualified as "other damage," the fee for which is $99. This is likely because removing the glass back is markedly more difficult than swapping out a screen. Unlike the front glass, the back glass is glued in really well, requiring much more effort to remove. AppleCare+ allows for two incidents of accidental damage, after which your repair price jumps up to $349 for the iPhone 8 and $399 for the Plus for anything other than a screen repair.
  
  So be careful with that iPhone 8. Between higher AppleCare+ costs and higher damage repair fees, that new phone could turn out to be much pricier than you bargained for.
  
  Source: AppleInsider
  

• HTC gives Vive developers all app revenue for the rest of 2017
  
  Now that HTC is all-in on Vive headsets and letting Google deal with its Pixel smartphone business, it has to deal with another reality: The public still isn't exactly sold on VR. To keep sales momentum going, it has announced a promotion aimed at attracting Vive app developers and keeping existing ones happy. Rather than taking its usual 30 percent cut, HTC will give 100 percent of app revenue to developers for the entire fourth quarter of 2017, starting in October.
  
  The developer promotion will end on December 31st, HTC says. It's hard to say how much revenue apps could generate during that time, as HTC keeps such info under wraps. It's no doubt hoping that developers will lower their prices a bit, in turn driving hardware sales. "The holiday is the most important time for developers, and we want to show our appreciation for them," HTC Viveport VR's Rikard Steiber told outsold by the PlayStation VR, probably because Sony's PS4 brand is much better known by the gaming public. As such, Sony has arguably the best VR games for its platforms as developers go where the money is.
  
  
  HTC is banking on the social experience of VR Arcades (credit: �HLenie)
  HTC will also share more hourly revenue with VR arcade operators, giving them 70 percent instead of 50 percent as before. The company's Viveport Arcade system, its licensing platform enabling titles to be played in public spaces, is in trial with 700 titles and 50 operators around the globe.
  
  The Taiwanese firm also unveiled the Viveport Scene SDK that lets developers create new effects to entice potential buyers to try out apps or games. Developers can also build "VR Previews," or movies that run on Vive headsets to show customers what a game is like to play.
  
  HTC recently launched a monthly $6.99 subscription service, and unveiled a new standalone headset that works via the cloud rather than a PC (in China only for now). Now that it has an extra billion in the bank, it's trying a lot of things to push the Vive platform out to more consumers, and the next year or two will crucial for the Vive and VR in general.
  
  Source: Venture Beat
  

• Apple Watch Series 3 first look: So far, no LTE problems
  
  The Apple Watch Series 3 started shipping today, and our definitive review is still in the works. In the meantime, we wanted to give you a taste of what life is like with the company's first LTE-connected watch, so when we got it in for review, we said eff it: let's use nothing but the Watch all day. I was going to respond to every text, email and Slack message from my wrist, use it for listening to music on the subway and talk into it as much as I would with my iPhone. To be fair, Apple doesn't seem like a huge advocate of this idea -- it treats the Series 3 as an occasional substitute for an iPhone rather than a day-to-day replacement. That said, this is the first Apple Watch with cellular connectivity. How could we not try this?
  
  Ditching the phone takes a little time, though; you'll need an iPhone to complete the initial setup, which, thankfully, seemed much faster than on previous models. Well, until it came time to set up the cellular connection, anyway. I'm an AT&T customer, so this meant the Watch app kicked me into a browser window where I had to enable the carrier's $10-a-month NumberSync feature. For whatever reason, the process seemed to fail the first time, but a subsequent attempt let me pick up where I left off after logging in again. At last, with NumberSync ready and LTE ostensibly ready to go, I took a moment to behold the Watch itself.
  
  
  
  At its launch event, Apple said the crystal housing for the heart rate sensor is just "two sheets of paper" thicker than last year's Series 2. The difference is subtle -- the crystal pressed into my wrist a little more noticeably than before, but not enough to get worked up over. The weight hasn't changed much, which is pretty impressive, considering the stuff Apple had to squeeze inside to make the cellular connections work.
  
  The more I thought about it, the less sense the cellular Series 3's red dot makes. I'm told it serves no technical purpose; it's just there to add a fun little splash of color, and serve as a reminder that this watch can indeed make phone calls. Whether or not Apple intended it, the visual metaphor is apt: The dot looks like the red notification indicator that pops up on-screen, a subtle, persistent suggestion that the Series 3 is always connected to the rest of your world. That said, the dot straight-up clashes with certain Watch bands. Yeesh.
  
  
  After that, it was time to actually use the thing. I killed Bluetooth on the iPhone and waited for about 10 seconds until the Watch transitioned to... WiFi. Oops. I'd need to be outside for the rest of this process. It took about 35 seconds for the Watch to acquire an LTE signal, and when messages started rolling in, I was honestly a little surprised by how easily I could manage them all. Unlike other reviewers, I haven't noticed any hiccups in network performance so far, but I'll keep my eyes peeled.
  
  The constant throbbing of notifications rolling in gets old quickly, but so far, the excellent voice recognition was tremendous in helping me get back to everyone. I've always liked the idea of "scribbling" out letters with my finger to respond to incoming messages, but the process of figuring out what letter you've drawn takes just a tick more time. Voice recognition is the way to go, even if I looked like sort of a doofus using it.
  
  Ditto for talking into the Watch, but at least it sounded pretty good, or so said the people I was chatting with. Of the four friends I called using the Watch, three of them had no idea I was talking into my wrist. Still, as far as the built-in speaker goes, you're going to want a decent set of Bluetooth earbuds to get the best audio quality on your end. I should also mention that I didn't notice the widely reported issue where the Series 3 tries to latch on to open WiFi networks it shouldn't. That's probably because I'm kind of anal about what WiFi network settings I actually keep saved on MacBook and iPhone; I generally clear out everything but my home and work configurations. I'm going to be a little more lax about this, though, and see what happens from there. Moving on.
  
  
  
  Using Siri was also a pleasant surprise -- it typically gets a bad rap, but my experience so far has been great. It very quickly got to the point where I could ditch the precise pronunciation I reserve for virtual assistants and just talk like myself. There was one moment when I was walking around downtown Manhattan and Siri failed to connect, but she's otherwise turning out to be the Series 3's MVP. The other contender for that title is the updated chipset inside; it makes the Series 3 much more capable. Switching between apps (accessible using the flat side button) was the smoothest experience I've had yet on an Apple Watch.
  
  I kept up with work for about four hours, and while my co-workers could probably tell I wasn't quite as responsive as usual, I was still managing to get things done. It was getting pretty late at this point, so I decided to wind down my night with a leisurely run along the East River, using the GPS to track my route. The Watch seemed to do a fine job here, except that it basically obliterated what was left of my battery life. After six hours, the Watch was down to 10 percent and dipped into Power Reserve mode.
  
  So far, the Series 3 has been a mixed bag. The big performance gains mean it's much more pleasant to actually use, but most people don't need what amounts to a second, more limited phone lashed to their wrists. I'm going to keep testing the Series 3 for a few more days, so stay tuned for our full review.
  

• Some brave soul volunteered for a completely robotic dental surgery
  
  A robot just implanted two 3D-printed teeth into a woman's mouth all on its own. The procedure took place recently in China and the researchers who developed it hope it can help the country's dentist shortage problem, reports the South China Morning Post.
  
  Prior to the surgery, the robot was oriented to the patient's head and mouth and researchers then programmed the device with all of the necessary information for it to complete the procedure. That included the angles and depth required for accurate placement of the implants. After testing the programmed movements, the operation was carried out. It took about an hour and though medical staff were present during the procedure, none of them assisted the robot while it worked. Afterwards, the staff determined that the robot had implanted the teeth with high precision.
  
  Due to a dentist shortage, South China Morning Post reports that while around 400 million people need dental implants in the country, only about one million are done each year. Further, when people turn to less qualified individuals in order to get needed dental work done, they often end up with additional problems. Robots stand to increase service rates and complete operations with fewer errors.
  
  I'm not sure what's scarier -- a human dentist or a robot dentist. But you can check out the video below for some shots of the robot in action.
  
  
  
  Via: MIT Technology Review
  
  Source: South China Morning Post
  

• Google Daydream's web-browsing features surface in Chrome
  
  At Google's I/O developer conference in May, the company announced that it was working on a VR version of Chrome that could work in Daydream. Well, Chrome development team member Fran�ois Beaufort announced on Google+ today that the first set of features are now ready for you to test out.
  
  Through Chrome 61, users can now browse and interact with websites in VR. Just open up a website on Chrome and then slip your phone into a Daydream View headset and you'll be able use any website as well as take advantage of immersive viewing with sites supporting WebVR.
  
  With these first steps, Google joins Samsung and Oculus in offering VR web browsing. Oculus' Carmel VR browser is currently in developer preview, while Samsung's Internet for Gear VR browser has been around for a little while now. But Beaufort says this is just the start for Chrome. In his post, Beaufort said, "This is just the beginning for web browsing in VR so stay tuned, there's more to come!"
  
  Source: François Beaufort
  

• Why Equifax’s error wasn’t hiring someone with a music degree
  
  In the wake of the Equifax breach, a significant number of people lost their minds this week upon discovering that one of its newly deposed security executives has a degree in music composition. Despite 14 years of experience as a security professional in other companies, Susan Mauldin was mocked and dragged online for being a "diversity hire" who is "unqualified" for the job.
  
  All those people are about to be proved so, very, very wrong in an in-depth report from internet infrastructure organization Packet Clearing House in collaboration with professor Coye Cheshire at the U.C. Berkeley School of Information. Their findings show data concluding that most infosec professionals don't hold a degree in a computer-science-related field. What's more, the report shows that degrees are the least-important feature of a competent practitioner and degree programs are the least-useful places to learn security skills.
  
  Portions of the report prior to its November publication, titled "A Fragmented Whole: Cooperation and Learning in the Practice of Information Security" were shared with Engadget. It combines surveys, interviews and ethnographic research.
  
  The project's lead researcher, Ashwin Mathew, told us via email, "There are many things for which we should fault Equifax, which other coverage has already pointed to, such as insufficient staffing and bad practices."
  
  He added:
  
  The CISO not having a CS degree is a distraction at best from the underlying problems -- and it is incredibly problematic the fact that the CISO is a woman who is called upon to defend her qualifications in a field dominated by white men, many of whom do not have CS degrees or infosec certifications.
  
  The question of Ms. Mauldin's fitness for the position became a lens for many -- mostly dudes -- through which to focus their anger at Equifax for probably ruining millions of people's lives with a single missed patch. And as far as we've been told, that's what it came down to: A flaw in Apache Struts that should've been fixed in March led to its major breach the same month, which we only found out about on September 7th.
  
  That's not all, of course. Right when we were learning about the theft of sensitive information belonging to at least 200 million U.S. consumers, as well as information on some Canadians and up to 400,000 British residents, we found out that Equifax execs sold off stocks before the breach was made public. Shares of Equifax plummeted 35 percent since the disclosure of its breach. Those shady Equifax stock sales are now the focus of a criminal probe by the FBI in conjunction with U.S. prosecutors in Atlanta.
  
  
  
  In addition to the FBI, attorneys general in various states have announced formal investigations. Collectively, U.S. senators "want copies of all Equifax penetration test and audit reports by outside cybersecurity firms," according to broken, Equifax itself sent the public to the wrong website that was a fake phishing site set up by a white-hat hacker and the company quietly disappeared its apps from both the Apple App and Google Play Stores.
  
  But when the male-dominated discussions about infosec heard about Ms. Mauldin's degree in music, it was decided that she was a suitable target for their rage, with some well-deserved anger at Equifax as the catalyst. The hate was visible on Twitter, Reddit and Slashdot and put into press by MarketWatch's Brett Arends (a history major himself). He wrote,
  
  When Congress hauls in Equifax CEO Richard Smith to grill him, it can start by asking why he put someone with degrees in music in charge of the company's data security.
  
  And then they might also ask him if anyone at the company has been involved in efforts to cover up Susan Mauldin's lack of educational qualifications since the data breach became public.
  
  This thinking begins to look unqualified, and worse, in light of the Berkeley report. Lead researcher Mathew told us, "I spoke with CISOs and senior engineers at large Silicon Valley firms who both did and didn't have degrees."
  
  He explained that among those who even had degrees, those with degrees outside of computer science outnumbered those with a degree in CS. "For many of the positions which they hired for (including their own), degrees are not a consideration," he said. "Degrees are, in general, important only as a marker of character."
  
  What's more, Mathew confided, "As several interviewees told me, having a degree shows a certain level of persistence and fortitude when evaluating junior positions, with the degree indicating that a candidate was willing to sit through several years of coursework -- but the subject of the degree is irrelevant. Many of the online services which we take for granted are secured by people who do not have degrees or whose degrees are not in CS."
  
  Insofar as what the report will tell us about what all those people in infosec actually have degrees in, Mr. Mathew told Engadget:
  
  "Respondents indicated a diverse array of fields of study from "hard" sciences like biology, chemistry and physics, to agriculture, languages, journalism, sociology and so on."
  
  I hope we find out what happened with the Equifax breach, but I'm not holding my breath. Maybe Ms. Mauldin and her forcibly retired colleague were part of a decision-making chain that deprioritized a single patch, or maybe they're just scapegoats. Or maybe they were the ones who hired penetration-testing teams to audit the company but couldn't get their superiors to take the audit's finding seriously -- a situation that happens so often it's insane.
  
  After all, according to her now-private LinkedIn page, Mauldin was the senior director of information security audits and compliance for Hewlett Packard from 2002-2007.
  
  Short of literally punching a baby, it's hard to imagine what else Equifax has done wrong. The sky seems to be the limit here, and Ms. Mauldin was a part of it. So the only thing that's certain is that things aren't going to get better for anyone involved with Equifax, past or present. Especially all of us, who are involuntarily Equifax victims.
  
  Either way, we should all be looking forward to "A Fragmented Whole: Cooperation and Learning in the Practice of Information Security." It'll be announced, and findable, on the front page of The Center for Long-Term Cybersecurity in early November.
  

• 'PUBG’ studio isn't happy about ‘Fortnite: Battle Royale’
  
  Epic Games' cartoony horde game Fortnite is still in early release, but the studio recently announced that a free-to-play version of the game would come out for free next week... and it looks a lot like another really popular game. Fortnite: Battle Royale's gameplay doesn't just closely resemble PlayerUnknown's Battlegrounds: Epic admitted it inspired their new title while promoting its game. Bluehole, the studio behind PUBG, is none too happy, and even stated in a press release that it's considering 'further action.'
  
  There's no ignoring the similarities between the titles: Like PUBG, which launched back in March, Battle Royale drops dozens of players into a huge map filled with randomly-dropped items where they kill-or-be-killed until someone wins. They're not identical, as the core Fortnite gameplay of creating bases and traps makes the jump over to Battle Royale. Bluehole's game is built on Unreal engine 4, which Epic created and is using to power Fortnite and its Battle Royale spinoff.
  
  "We've had an ongoing relationship with Epic Games throughout PUBG's development as they are the creators of UE4, the engine we licensed for the game," Bluehole's Chang Han Kim said in the press release. "After listening to the growing feedback from our community and reviewing the gameplay for ourselves, we are concerned that Fortnite may be replicating the experience for which PUBG is known."
  
  They're also upset that Epic is using PUBG's name in its press materials, including the announcement trailer (below):
  
  
  
  "We have also noticed that Epic Games references PUBG in the promotion of Fortnite to their community and in communications with the press," Chang Han Kim said in the press release. "This was never discussed with us and we don't feel that it's right."
  
  Not that the PUBG team thinks it won't have competition in the space. In a Reddit AMA from a couple days ago, Bluehole creative director and the game's conceptual originator, Brendan "PlayerUnknown" Greene, mentioned that "Other companies will of course enter the marketplace, but I would just hope they put their own spin on the game-mode and not just make a carbon copy!"
  
  What makes Battle Royale seem to ape PUBG is its deviation from the tower defense gameplay of its source title Fortnite. Waypoint's Janine Hawkins, who has been playing Epic's game since it launched in Early Access back in July, noted how its protective playstyle contrasts with that of its spinoff's survival deathmatch, describing the difference as 'tend-and-befriend vs. fight-or-flight.' It's convenient that Epic repurposed its game to capitalize on the genre that has been around for years, yet which PUBG has singelhandedly made wildly popular as it rose to the top of Steam's player charts.
  
  Chang Han Kim closed the press release with: "The PUBG community has and continues to provide evidence of the many similarities as we contemplate further action."
  
  Hours after the ominously-worded press release went out, other game developers cheekily responded as game developers do.
  Hotline Miami Battle Royale has been canceled.
  — Devolver Digital (@devolverdigital) September 22, 2017

• Amazon may deliver Chipotle and Five Guys right to your front door
  
  Amazon's been getting into the food game for awhile now. After all, they've introduced Amazon Fresh and drive-through grocery pickup. And oh yeah, they acquired Whole Foods earlier this year. Clearly Amazon is serious about the food business; they've established their presence on the grocery side, but what about the restaurant/takeout side? While they've had the Amazon Restaurants delivery for awhile, it hasn't exactly taken off. A new partnership with a company called Olo might help with that.
  
  Olo is a digital platform that allows customers to order and pay for delivery and takeout food online. They focus on large restaurant brands and chains, with over 200 restaurants on their list that have a total of around 40,000 US locations. Their clients include Chipotle, Cold Stone Creamery, Five Guys and Jamba Juice. The value for Amazon here is that this partnership gives them potential access to the many different chain restaurants in Olo's client base.
  
  This agreement will allow Olo to continue handling the menu and ordering side of the equation, while Amazon Restaurants will take care of delivery. The real question is whether Olo's customer base will want to work with Amazon. So far, the Italian chain Buca di Beppo is the only client cited in the press release that will be offering delivery through Amazon Restaurants. It remains to be seen whether this will pay off for Amazon, but it seems like a smart and relatively row-risk move for the online retail giant.
  
  Via: Bloomberg
  
  Source: Business Wire
  

• How Kevin Durant’s attempt to clap back at trolls backfired
  
  What does an NBA champion and Finals MVP have in common with Taylor Swift? In the case of the Golden State Warriors' Kevin Durant, it's that internet trolls love calling them snakes. Swift earned that label last year after a feud with Kim Kardashian and husband, Kanye West; for Durant, that scorn came after he decided to leave the Oklahoma City Thunder to join a main Western Conference rival, the Warriors. Since that day, July 4th, 2016, his mentions have been overtaken by angry basketball fans calling him a cupcake, coward, sellout, traitor and, yes, a snake. That's right, a cupcake and a snake.
  
  Durant has claimed that these negative interactions on Twitter and Instagram don't bother him, but the evidence suggests otherwise. Earlier this week, a user sent him a tweet saying, "man I respect the hell outta you but give me one legitimate reason for leaving okc other than getting a championship." Through his @KDTrey5 account, Durant replied, "he didn't like the organization or playing for Billy Donovan. His roster wasn't that good it was just him and russ [Russell Westbrook]." In a separate tweet, he continued, "imagine taking russ off that team, see how bad they were. Kd can't win a championship with those cats."
  KD has secret accounts that he uses to defend himself and forgot to switch to them when he was replying to this guy I'm actually speechless pic.twitter.com/9245gnpa3c
  — 🐗 1-1 / ✭ 1-1 (@harrisonmc15) September 18, 2017
  Given Durant's history of not shrinking from confrontations with bitter OKC fans who can't get over the fact he became a free agent to go to the Warriors, his response wasn't particularly newsworthy. What was surprising was how we defended himself in the third person. And although he hasn't confirmed the existence of a burner Twitter account, all signs point toward that being the case. After all, this is a guy who once responded "your mother" when someone asked if he was softer than the football program at the University of Texas. Why, then, would he refer to himself as KD? Twitter users started wondering the same, and it wasn't long before Durant's third-person tweets went viral.
  
  Was he hacked? Have we reached peak Kevin Durant? Did someone from his entourage take it upon themselves to stand up for him? Or did he simply have another account that he used to defend himself from time to time? As it turns out, Durant revealed at the TechCrunch Disrupt conference this week that it was indeed he who sent those tweets bashing his former team -- but he didn't explicitly say if he did that thinking he was using another account. "I use Twitter to engage with the fans," he said. "But I happened to take it a little too far, that's what happens sometimes when I get into these basketball debates. What I really love is to just play basketball, and I went a little too far."
  
  Apparently, he's so embarrassed that he hasn't been able to sleep or eat since posting those tweets, so you know he definitely regrets not switching to his presumed ghost Twitter account. The thing is, Durant is already one of the most-hated men in the NBA, and this latest gaffe won't help. Some of his peers have already started mercilessly mocking him on social media, making comical comments and creating hashtags like #burnertwitter. Thanks, Joel Embiid.
  
  This is hardly the first time Durant has been roasted he's endured regular backlash over the past year on Instagram and Twitter, platforms where he frequently engages with NBA fans. And by "engages," I mean he's not afraid to share his opinion with the world -- even if, as mentioned earlier, sometimes it leads to "yo momma" jokes. Last month, another user sent him a tweet saying, "Never have someone like @KDTrey5 on ya team because they'll switch up on you when they think times are rough." Durant replied: "Cool, ill give u 30 if you don't want me on your team chump." Then there's this one:
  you must be a piece of 💩 if a dog chooses to live in the streets instead of your house
  — Kevin Durant (@KDTrey5) July 24, 2017
  By now, the list of sour words used to describe Warriors-era Durant is so long and well-documented that his sponsor Nike actually designed a sneaker that reflects his meme status. Seriously, it's called the KD 10 Finals, and it features a sole with text of all the bad things he was called during his first season in the Bay Area. "Cupcake," "soft," "sellout," "snake," "pathetic," "can't beat 'em, join 'em," they're all part of the shoe. The name-calling didn't just come from the disappointed OKC faithful either, but also fans of other teams and even his ex-teammates. And it all seems to have caught up to him this week.
  
  "I don't regret clapping back at anybody or talking to my fans on Twitter," he said at Disrupt, where he was on a panel discussing his investments in the tech industry. "I do regret using my former coach's name, and my former organization that I played for. That was childish, that was idiotic, all those type of words. I regret doing that, and I apologized to them for doing that." Durant says he will now "scale back" his social-media usage and instead plans to focus more on playing basketball: "I want to move on from that. I was really upset with myself. I definitely want to move on and keep playing basketball. But I still want to interact with my fans as well."
  I do regret using my former coach's name, and my former organization that I played for. That was childish, that was idiotic, all those type of words. I regret doing that, and I apologized to them for doing that.
  
  As for Durant's secret Twitter account, no one has been able to find it, meaning we may never know how many more times he had his own back. That's a shame, really, because if it does exist there's probably some clever stuff that we'll forever miss out on. Either way, Durant's actions showed that the adverse reaction from fans has, in fact, affected him. Otherwise, why would he be out there with a fake Twitter account, defending himself from trolls?
  
  Still, he's lucky his situation is sports banter more than anything, not serious online abuse likeother famous people have had to deal with in the past. Maybe Kanye West, Solange and Ed Sheeran have found the perfect formula to live a stress-free life: Vanish from social media, even if it's only temporary.
  

• V. Anton Spraul's Think Like a Programmer, Python Edition
      
  What is programming? Sure, it consists of syntax and the assembly of code, but it is essentially a means to solve problems. To study programming, then, is to study the art of problem solving, and a new book from V. Anton Spraul, Think Like a Programmer, Python Edition, is a guide to sharpening skills in both spheres.
     

• Do you use Ansible?
  A quick question today about automation... Do you use Ansible?              Yes    No                

• Manifold Makes Managing Cloud Developer Services Easy
      
  We love it here when superheroes drop their cloak of invisibility, emerge from stealth mode and reveal themselves to the world. Of course we do—it's the geek in us! Manifold has just done exactly that, emerged from stealth mode and is claiming to be the easiest way to find, buy and manage essential developer services. 
     

• Sysadmin 101: Leveling Up
      
  This is the fourth in a series of articles on systems administrator fundamentals. These days, DevOps has made even the job title "systems administrator" seems a bit archaic like the "systems analyst" title it replaced.
     

• YouTube on the Big Screen
      
  For years I've been jealous of folks with iOS devices who could just send their phone screens to their Apple TV devices. It seems like the Android screen-mirroring protocols never work right for me. My Sony Xperia has multiple types of screen mirroring, and none of them seem to work on my smart TVs or Roku devices. 
     

• Key Considerations for Software Updates for Embedded Linux and IoT
      
  The Mirai botnet attack that enslaved poorly secured connected embedded devices is yet another tangible example of the importance of security before bringing your embedded devices online. A new strain of Mirai has caused network outages to about a million Deutsche Telekom customers due to poorly secured routers.
     

• Paragon Software Group's Paragon ExtFS for Mac
      
  Ever more Mac aficionados are discovering the virtues of Linux, especially when their older hardware can experience a renaissance. One annoying barrier to dual-boot nirvana is filesystem incompatibility, whereby the Linux side can access the Mac side, but Apple's macOS doesn't support Linux drives at all—not even in read-only mode.  
     

• Caldwell Partners' Cyber Advisory Board Service
      
  For many enterprises, cyber risk is the top business risk. Meanwhile, there is simply not a sufficiently large talent pool of cyber-risk professionals to satisfy the ever-growing demand.
     

• Solving Physics Problems on Linux
      
  Several years ago, I wrote an article on using Elmer to solve complicated physics problems. Elmer has progressed quite a bit since then, so I thought it would be worth taking a fresh look at this simulation software. 
     

• I'll Gladly Pay You Tuesday for a Hamburger Today
      
  My day job pays me on the 15th and last day of every month, unless those days land on a weekend, in which case I get paid the Friday before. With those rules, creating a Google Calendar event is shockingly difficult. In fact, it's not possible to create a recurring event with those rules using Google's GUI scheduling tool. 
     

• Watermarking Images--from the Command Line
      
  Us geeks mostly think of the command line as the best place for text manipulation. It's a natural with cat, grep and shell scripts. But although you can't necessarily view your results from within a typical terminal window, it turns out to be pretty darn easy to analyze and manipulate images from within a shell script. 
     

• Chasing Carrots' Pressure Overdrive
      
  A "funky, four-wheeled shoot 'em up" is how independent game-developer Chasing Carrots describes its newest game release Pressure Overdrive for Linux, Mac OS, Windows and Xbox.
     

• Non-Linux FOSS: Mac2Imgur
      
  I love to share images with people quickly. They could be cat photos or screenshots. Usually I post those silly images to Twitter and Facebook using Buffer, but occasionally, I just want to send a quick image to a single person. (This is usually when I'm trying to show my computer via screenshot.) 
     

• Heirloom Software: the Past as Adventure
      
  Through the years, I've spent what might seem to some people an inordinate amount of time cleaning up and preserving ancient software. My Retrocomputing Museum page archives any number of computer languages and games that might seem utterly obsolete. 
     

• SUSE Linux Enterprise Server for SAP Applications
      
  Saving customers time, effort and budget as they implement SAP landscapes, including on-premises and now on-demand, are the core selling points for SUSE Linux Enterprise Server for SAP Applications.
  
  The latest release of the SAP-focused SUSE Linux server is also now available as the operating system for SAP solutions on Google Cloud Platform (GCP).