Recent Changes - Search:

Linux is free.
Life is good.

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All/All+Images) (Single Column)

  • Red Hat: 2016:2093-01: bind: Important Advisory An update for bind is now available for Red Hat Enterprise Linux 5 and Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact [More...]

  • Red Hat: 2016:2094-01: bind97: Important Advisory An update for bind97 is now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, [More...]

  • Red Hat: 2016:2088-01: java-1.8.0-oracle: Critical Advisory An update for java-1.8.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact [More...]

  • [$] Dirty COW and clean commit messages
    We live in an era of celebrity vulnerabilities; at the moment, anunpleasant kernel bug called "Dirty COW" (or CVE-2016-5195) is taking itsturn on the runway. This one is more disconcerting than many due to itsomnipresence and the ease with which it can be exploited. But there isalso some unhappiness in the wider community about how this vulnerabilityhas been handled by the kernel development community. It may well be timefor the kernel project to rethink its approach to serioussecurity problems.

  • Friday's security updates
    Debian-LTS has updated bind9 (denial of service).
    Fedora has updated libgit2 (F23:two vulnerabilities).
    Mageia has updated kernel (threevulnerabilities), libtiff (multiplevulnerabilities, two from 2015), and openslp (code execution).
    openSUSE has updated dbus-1(13.2: code execution), ghostscript-library(42.1: three vulnerabilities, one from 2013), roundcubemail (42.1: two vulnerabilities), andsquidGuard (42.1: cross-site scripting from2015).
    Red Hat has updated bind(RHEL6&5: denial of service) and bind97(RHEL5: denial of service).
    Scientific Linux has updated bind(SL6&5: denial of service) and bind97 (SL5: denial of service).
    Ubuntu has updated bind9 (12.04: denial of service).

  • Ranking the Web With Radical Transparency ( interviews Sylvain Zimmer, founder of the Common Search project, which is an effort to create an open web search engine. "Being transparent means that you can actually understand why our top search result came first, and why the second had a lower ranking. This is why people will be able to trust us and be sure we aren't manipulating results. However for this to work, it needs to apply not only to the results themselves but to the whole organization. This is what we mean by 'radical transparency.' Being a nonprofit doesn't automatically clear us of any ulterior motives, we need to go much further.As a community, we will be able to work on the ranking algorithm collaboratively and in the open, because the code is open source and the data is publicly available. We think that this means the trust in the fairness of the results will actually grow with the size of the community."

  • Security advisories for Thursday
    CentOS has updated java-1.8.0-openjdk (C7; C6: multiple vulnerabilities).
    Debian has updated kernel (multiple vulnerabilities,one from 2015).
    Debian-LTS has updated kernel(multiple vulnerabilities, one from 2015) and libxvmc (code execution).
    Fedora has updated glibc-arm-linux-gnu (F23: denial of service)and perl-DBD-MySQL (F23: denial of service).
    Oracle has updated java-1.8.0-openjdk (OL7; OL6: multiple vulnerabilities).
    Red Hat has updated java-1.6.0-sun (multiple vulnerabilities), java-1.7.0-oracle (multiple vulnerabilities), and java-1.8.0-oracle (RHEL7&6: multiple vulnerabilities).
    Scientific Linux has updated java-1.8.0-openjdk (SL7&6: multiple vulnerabilities).
    SUSE has updated quagga (SLE11:code execution).
    Ubuntu has updated kernel (12.04; 14.04;16.04; 16.10: privilege escalation), linux-lts-trusty (12.04: privilege escalation), linux-lts-xenial (14.04: privilege escalation), linux-raspi2 (16.04: privilege escalation), linux-snapdragon (16.04: privilege escalation), and linux-ti-omap4 (12.04: privilege escalation).

  • An important set of stable kernel updates
    The4.8.3,4.7.9,and 4.4.26 stable kernel updates have beenreleased. There's nothing in the announcements to indicate this, but theyall contain a fix for CVE-2016-5195, a bug that can allow local attackersto overwrite files they should not have write access to. So the "all usersmust upgrade" message seems more than usually applicable this time around.

  • Security advisories for Wednesday
    Debian has updated quagga (stack overrun) and tor (denial of service).
    Debian-LTS has updated dwarfutils (multiple vulnerabilities), guile-2.0 (two vulnerabilities), libass (two vulnerabilities), libgd2 (two vulnerabilities), libxv (insufficient validation), and tor (denial of service).
    Fedora has updated epiphany (F24:unspecified), ghostscript (F24; F23: multiple vulnerabilities), glibc-arm-linux-gnu (F24: denial of service),guile (F24: two vulnerabilities), libgit2 (F24: two vulnerabilities), openssh (F23: null pointer dereference), qemu (F24: multiple vulnerabilities), and webkitgtk4 (F24: unspecified).
    Mageia has updated asterisk(denial of service), flash-player-plugin(multiple vulnerabilities), kernel (multiple vulnerabilities), and mailman (password disclosure).
    Red Hat has updated java-1.8.0-openjdk (RHEL6, 7: multiplevulnerabilities), kernel (RHEL6.7:use-after-free), and mariadb-galera(RHOSP8: SQL injection/privilege escalation).

  • Live kernel patches for Ubuntu
    Canonical has announced the availability of a live kernel patch service forthe 16.04 LTS release."It’s the best way to ensurethat machines are safe at the kernel level, while guaranteeing uptime,especially for container hosts where a single machine may be runningthousands of different workloads."Up to three systems can be patched for free; theservice requires a fee thereafter. There is a long FAQ about the servicein thisblog post; it appears to be based on the mainline live-patchingfunctionality with some Canonical add-ons.

  • Kügler: Plasma’s road ahead
    Sebastian Kügler reports onKDE's Plasma team meeting. "We took this opportunity to also lookand plan ahead a bit further into the future. In what areas are we lacking,where do we want or need to improve? Where do we want to take Plasma in thenext two years?" Specific topics include release schedule changes,UI and theming improvements, feature backlog, Wayland, mobile, andmore. (Thanks to Paul Wise)

  • Tuesday's security updates
    Debian-LTS has updated libarchive (three vulnerabilities), libxrandr (insufficient validation), libxrender (insufficient validation), and quagga (stack overrun).
    openSUSE has updated ffmpeg (Leap42.1; SPH for SLE12: multiplevulnerabilities) and kcoreaddons (Leap42.1, 13.2; SPH for SLE12: HTML injection).
    Red Hat has updated atomic-openshift (RHOSCP: authenticationbypass), kernel (RHEL6.5: privilegeescalation), and openssl (RHEL6.7: multiplevulnerabilities).

  • [$] Graphics world domination may be closer than it appears
    The mainline kernel has support for a wide range of hardware. One placewhere support has traditionally been lacking, though, is graphicsadapters. As a result, a great many people are still using proprietary,out-of-tree GPU drivers. Daniel Vetter went before the crowd at Kernel Recipes 2016 to saythat the situation is not as bad as some think; indeed, he said, in thisarea as well as others, world domination is proceeding according to plan.

  • Secure Your Containers with this One Weird Trick (RHEL Blog)
    Over on the Red Hat Enterprise Linux Blog, Dan Walsh writes about using Linux capabilities to help secure Docker containers. "Let’s look at the default list of capabilities available to privileged processes in a docker container:chown, dac_override, fowner, fsetid, kill, setgid, setuid, setpcap, net_bind_service, net_raw, sys_chroot, mknod, audit_write, setfcap.In the OCI/runc spec they are even more drastic only retaining, audit_write, kill, and net_bind_service and users can use ocitools to add additional capabilities. As you can imagine, I like the approach of adding capabilities you need rather than having to remember to remove capabilities you don’t." He then goes through the capabilities listed describing what they govern and when they might need to be turned on for a container application.

  • Security advisories for Monday
    Arch Linux has updated guile (two vulnerabilities).
    Debian has updated libgd2 (denial of service).
    Debian-LTS has updated icedove (multiple vulnerabilities), libarchive (file overwrite), libdbd-mysql-perl (denial of service), and mpg123 (denial of service).
    Fedora has updated chromium (F24:multiple vulnerabilities).
    Gentoo has updated oracle-jdk-bin (multiple vulnerabilities).
    openSUSE has updated thunderbird(13.1: multiple vulnerabilities) and tiff(13.1: denial of service).
    Oracle has updated openssl (OL5: multiple vulnerabilities).
    Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities).

  • How to install Wordpress with Nginx, MariaDB and HHVM on Ubuntu 16.04 LTS
    This tutorial describes the steps to install WordPress with Nginx, MariaDB and HHVM on Ubuntu 16.04 Server. HHVM (Hip Hop Virtual Machine) is a just-in-time compiler developed by Facebook to run applications that are written in PHP and Hack language. HHVM is faster than the traditional PHP engine from ZEND and is used by Facebook to serve billions of web requests per day.

  • Five Cool Alternative? Open Source Linux Shells
    We are going to look at some of the available Linux shells out there that users have access to free of charge since they are open source, they come in a number of different licenses and this mainly depends on the software creator but in essence one doesn’t have to pay to use the system; so that a major plus in whichever way we look at it.

  • Getting started with Inkscape on Fedora
    Inkscape is a popular, full-featured, free and open source vector graphics editor available in the official Fedora repositories. It’s specifically tailored for creating vector graphics in the SVG format. Inkscape is great for creating and manipulating pictures and illustrations. It’s also... Continue Reading →

  • Ubuntu MATE, Not Just a Whim
    I've stated for years how much I dislike Ubuntu's Unity interface. Yes,it's become more polished through the years, but it's just not an interface thatthinks the same way I do. That's likely because I'm old and inflexible,but nevertheless, I've done everything I could to avoid using Unity, whichusually means switching to Xubuntu.

  • A look inside the 'blinky flashy' world of wearables and open hardware
    While looking at the this year's All Things Open event schedule, a talk on wearables and open hardware caught my eye: The world of the blinky flashy. Naturally, I dug deeper to learn what it was all about.Though Gina Linkins and Jen Krieger of Red Hat would like to leave a few surprises for the lucky folks who attend their talk, they told me they can promise at least the following:read more

  • Microsoft CEO Offers SQL Server for Linux Update
    Microsoft’s (MSFT) forthcoming SQL Server for Linux is more than a one-product development. The effort also is very important to Microsoft’s advanced analytics development, according to CEO Satya Nadella.

  • MySQL and database programming for beginners
    Dave Stokes has been using MySQL for more than 15 years and has served as its community manager since 2010. At All Things Open this year, he'll give a talk about database programming for newbies with MySQL.In this interview, he previews his talk and shares a few helpful resources, required skills, and common problems MySQL beginners run more

  • What is deep learning, and why should you care about it?
    Whether it's Google's headline-grabbing DeepMind AlphaGo victory, or Apple's weaving of "using deep neural network technology" into iOS 10, deep learning and artificial intelligence are all the rage these days, promising to take applications to new heights in how they interact with us mere more

  • Tips for contributing to a complex and large project like OpenStack
    Becoming a QA Engineer for OpenStack was a career shift for Emily Wilson who has a background in research microbiology. But there's an odd similarity between the two careers—they both involve figuring out what makes complicated systems work and where the weak points are.

  • Compact module runs Ubuntu on quad-core G-Series Steppe Eagle
    Arbor has launched an Ubuntu-ready COM Express Compact Type 6 module with a quad-core G-Series Steppe Eagle SoC, plus DDI, USB, SATA, and PCIe connectivity. The Arbor Technology EmETXe-a58M0 adopts the 95 x 95mm COM Express Compact Type 6 form factor, which it used for last year’s 5th Gen Intel Core based EmETXe-i88U0 module. The […]

  • FCAIC in the House
    The who in the where? On 3 October I officially1 started my new role as the Fedora Community Action and Impact Coordinator2 (abbreviated to FCAIC, pronounced “F-cake”). The job is like many other roles called “Community Manager” or “Community Lead.”... Continue Reading →

  • Docker: Making the Internet Programmable
    Docker, and containers in general, are hot technologies that have been getting quite a bit of attention over the past few years. Even Solomon Hykes, Founder, CTO, and Chief Product Officer at Docker started his keynote with the assumption that people attending LinuxCon Europe know that Docker does containers, so instead of focusing on what Docker does, Hykes used his time to talk about Docker’s purpose saying, “It really boils down to one small sentence. We're trying to make the Internet programmable.”

  • “Most serious” Linux privilege-escalation bug ever is under active exploit
    A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible.While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously.

  • Top 8 Linux Distributions Of 2016
    There are quite a number of linux distribution out there and new ones are being added as the days go by. This means picking a distro amongst the lot becomes quite a difficulty. Luckily for you, I have hand-picked the best linux distributions in 2016 for you. These are the top distributions targeting very different uses and users and I bet at least one is going to appeal to you. So let’s get started.

Linux Insider

  • Red Hat and Ericsson Forge 5G, IoT Open Source Alliance
    Red Hat and Ericsson on Wednesday announced an alliance meant to speed adoption of open source solutions in the information and communications technology space. The alliance will help promote a range of fully open source and production-ready cloud solutions, spanning OpenStack, software defined-networking and software-defined infrastructure, the companies said.

  • Meet Maui 1, the Slick New Hawaiian Netrunner
    Maui 1, which launched this summer, is one of the latest newcomers in the continuously changing list of Linux distributions. Maui Linux, with its new Hawaii desktop environment, is a replacement and rebranding of the discontinued Netrunner project. Its developers are attempting to continue the Kubuntu-based heritage, while adopting some of the latest technologies impacting other Linux distros.

  • Fedora 25 Beta Resets the Linux Performance Bar
    Red Hat has released the beta version of Fedora 25, an open source Linux operating system maintained by the Fedora Project community. The beta release sharpens cloud and developer features, making this Linux distro more attractive to enterprise users. Fedora Linux is the community version of Red Hat Enterprise Linux, or RHEL. Fedora 25 comes in three editions: Cloud, Server and Workstation.

  • Cyanogen's Android Alternative Goes Modular
    Cyanogen on Tuesday announced that it was going modular. Future releases of its open source Android alternative will not support a full stack of the Android OS. The new modular setup will bring a slew of benefits to phone makers and developers, according to Cyanogen. "The new partnership program offers smartphone manufacturers greater freedom and opportunity," noted Cyanogen CEO Lior Tal.

  • Google's New Fonts Chip Away at Written Language Barriers
    Project Noto, one of Google's most ambitious undertakings ever, has reached a milestone: Noto now supports 800 languages and 100 writing scripts. Google and Monotype launched the open source initiative to create a typeface family that supports all the languages in the world, even rarely used languages. Both serif and sans serif letters with up to eight weights are supported.

  • Torvalds Blows Stack Over Buggy New Kernel
    Linux creator Linus Torvalds this week apologized for including in the just-released Linux 4.8 kernel a bug fix that crashed it. The bug the dev was trying to fix has existed since Linux 3.15, "but the fix is clearly worse than the bug ... since that original bug has never killed my machine," Torvalds wrote. Kernel work, like brain surgery, is not foolproof, noted tech analyst Al Hilwa.

  • Apricity: Slip Into Something More Comfortable
    Apricity OS is a great, two-pronged Linux distro that recently reached a milestone that will ensure its continued success. Apricity's first public beta, which was GNOME-only, was released more than a year ago. A choice of either the GNOME or Cinnamon desktops later became available in the monthly development snapshot releases. Rolling releases provided a pleasant computing experience.

  • GE, Bosch Combine Resources to Bolster IoT
    GE and Bosch Software Innovations have partnered to jump-start the development of an open source Internet of Things platform. Open source will encourage greater interoperability and application development, the companies said. Both firms have sought help from the Eclipse Foundation to speed up the process. The companies will create a core IoT stack comprised of open source software.

  • Black Panther OS Is No Cool Cat
    The Black Panther OS is a bare-bones Linux distribution built around the KDE desktop. The KDE environment itself is not a minimal component, but how it is integrated within Black Panther gives you an almost-nothing-there installation until you painstakingly install system tools and applications, literally piece by piece. Black Panther OS, originally forked from Mandriva Linux, is now under independent development in Hungary.

  • Lenovo Courts Devs WIth Moto Z Source Code Release
    Lenovo, which owns Motorola, last week released the kernel source code for the Moto Z Droid smartphone. The move follows this summer's posting of the Moto Z Droid Moto Mods Development Kit and Moto Mods on Github. This is the first kernel source code made available for the Moto Z device family. Its release seems to be another step in Lenovo's attempt to get devs to build an ecosystem around it.

  • Opera's Free VPN Takes On Internet Privacy Challenge
    Opera earlier this week released a new version of its browser, Opera 40, which comes with a free virtual private network service built in. The official rollout follows five months of user experimentation with a beta version. After evaluating beta users' feedback, the company brought on additional servers, added options for global or private browsing, and created iOS and Android versions.

  • Parsix Normalizes GNOME
    Parsix is a feature-rich distro that will delight GNOME desktop users looking for a well-tweaked user experience. It offers a well-oiled, single track Linux desktop operating system. It has no distractions from multiple desktop options. It provides one of the best integrations of the latest GNOME desktop available. Parsix has been around since at least 2007. Along the way, it built a reputation for dependability.

  • Udacity Fuels Autonomous Vehicle Engineering Dreams
    Online education company Udacity on Tuesday introduced a new "nanodegree" program in self-driving auto engineering. President Sebastian Thrun made the announcement. The goal is to build a crowdsourced, open source self-driving car, he said. Students will learn the skills and techniques used by self-driving car teams at the most innovative companies in the world, Udacity has promised.

  •'s Braid Aims to Weave Together Neural Network Components
    Startup on Monday introduced Braid, an open source tool available for free to companies developing neural networks. Braid is a flexible, customizable, modular meta-framework that works with operating systems for deep learning, according to the company. It is designed for rapid development and to support arbitrary network designs. It is simple and scalable, said.

  • Cub Linux Is a Worthy Chromixium Offspring
    Cub Linux, an improved rebranding of the innovative Chromixium Linux distro, combines the look, feel and functionality of Google's Chrome OS with traditional Linux performance. Cub Linux provides a complete Chromebook experience on the hardware of your choice. The innovation is quite impressive. Cub Linux also runs software from the Ubuntu distro ecosystem. Linux is all about exercising options.

  • Google's Russian Android Appeal Falls Flat
    A Russian appeals court has rejected Google's appeal of a $6.75 million fine regulators imposed for anticompetitive behavior -- that is, for forcing mobile device vendors to put Google Play apps on the main screens of devices using the Android operating system. The Ninth Arbitration Appeal Court handed down its ruling last month, confirming the decision of Russia's Federal Antimonopoly Service.

  • FairWare Hackers May Take Ransoms, Keep Stolen Files
    The latest ransomware intrusion that targets Linux servers, dubbed "FairWare," may be a classic server hack designed to bilk money from victims with no intent to return stolen files after payment in bitcoins is made. The attack reportedly targets a Linux server, deletes the Web folder, and then demands a ransom payment of two bitcoins for return of the stolen files.

  • The Peppermint Twist Is Still Cool
    The Peppermint operating system is built around a concept not found in most Linux distros. It is a hybrid combination of traditional Linux desktop applications and cloud-based infrastructure. Peppermint 7 is a lightweight distribution based on Ubuntu 16.04. The key to its process of linking full desktop functionality to cloud apps is an in-house developed application dubbed "Ice."

  • 25 Years of Linux: What a Long, Strange Trip It's Been
    Happy Birthday Linux! You're 25! When Linux was born on Aug. 25, 1991, it was little more than a hobby for 21-year old Linus Torvald. Today the Linux community is estimated to be upwards of 86 million users strong. It has become the backbone of large enterprises, and it is installed in government systems and embedded in devices worldwide. It has grown into a major mainstream computing platform.

  • Latest Slackware Version Doesn't Cut Newbies any Slack
    Slackware is one of those Linux distros often described as being difficult to use. The Slackware Project version 14.2 released on July 1 does little to change that view -- at least, as far as installing it is concerned. Its KDE desktop is probably the most contemporary trait. Other than an update under the hood, it offers little that's new in terms of usability and few new features.

  • The Linux Foundation Gives PNDA a Home
    The Linux Foundation on Tuesday added PNDA -- the Platform for Network Data Analytics -- to its project menagerie. PNDA provides an open source, scalable platform for next-generation network analytics. It integrates data from multiple sources on a network and works with Apache Spark to crunch the numbers in order to find useful patterns in the data more effectively.

  • Governor Cuomo Bans Airbnb From Listing Short-Term Rentals In New York
    An anonymous reader quotes a report from New York Post: Gov. Cuomo on Friday bowed to pressure from the hotel industry and signed into law one of the nation's toughest restrictions on Airbnb -- including hefty fines of up to $7,500 for people who rent out space in their apartments. Backers of the punitive measure -- which applies to rentals of less than 30 days when the owner or tenant is not preset -- say many property owners use Airbnb and similar sites to offer residential apartments as short-term rentals to visitors, hurting the hotel business while taking residential units off the Big Apple's high-priced housing market. Enforcement, however, will be a huge challenge, as thousands of short-term apartment rentals are listed in the city despite a 2010 law that prohibits rentals of less than 30 days when the owner or tenant is not present. Violators could be turned in by neighbors or landlords opposed to the practice, or the state could monitor the site to look for potential violations. But beyond that how the law would be enforced was not immediately clear. The new law won't apply to rentals in single-family homes, row houses or apartment spare rooms if the resident is present. But will apply to co-ops and condos. Airbnb mounted a last-ditch effort to kill the measure, proposing alternative regulations that the company argued would address concerns about short-term rentals without big fines. Tenants who violate current state law and list their apartments for rentals of less than 30 days would face fines of $1,000 for the first offense, $5,000 for the second and $7,500 for a third. An investigation of Airbnb rentals from 2010 to 2014 by the state attorney general's office found that 72 percent of the units in New York City were illegal, with commercial operators constituting 6 percent of the hosts and supplying 36 percent of the rentals. As of August, Airbnb had 45,000 city listings and another 13,000 across the state.

    Read more of this story at Slashdot.

  • Facebook Employees Tried To Remove Trump Posts As Hate Speech
    An anonymous reader quotes a report from USA Today: Facebook employees pushed to remove some of Republican presidential candidate Donald Trump's Facebook posts -- such as one proposing the ban of Muslims from entering the U.S. -- from the service as hate speech that violated the giant social network's policies, the Wall Street Journal reported Friday. The decision not to remove the Trump posts was made by Facebook CEO Mark Zuckerberg, the newspaper reported. Employees complained that Facebook was changing the rules for Trump and some who review content on Facebook threatened to quit. "When we review reports of content that may violate our policies, we take context into consideration. That context can include the value of political discourse," Facebook said in an emailed statement. "Many people are voicing opinions about this particular content and it has become an important part of the conversation around who the next U.S. president will be. For those reasons, we are carefully reviewing each report and surrounding context relating to this content on a case by case basis." Senior members of Facebook's policy team posted more details on its policy on Friday: "In the weeks ahead, we're going to begin allowing more items that people find newsworthy, significant, or important to the public interest -- even if they might otherwise violate our standards."

    Read more of this story at Slashdot.

  • Prosecutors Say NSA Contractor Could Flee To Foreign Power
    An anonymous reader quotes a report from ABC News: The NSA contractor accused of stealing a gargantuan amount of sensitive and classified data from the U.S. government was studying Russian before he was arrested and would be a "prime target" for foreign spies should he be released on bail, prosecutors argued ahead of a court hearing for Harold Martin, III, today. The government said it is "readily apparent to every foreign counterintelligence professional and nongovernmental actor that the Defendant has access to highly classified information, whether in his head, in still-hidden physical locations, or stored in cyberspace -- and he has demonstrated absolutely no interest in protecting it. This makes the Defendant a prime target, and his release would seriously endanger the safety of the country and potentially even the Defendant himself." Prosecutors noted that Martin purportedly communicated online "with others in languages other than English, including in Russian" and that he had downloaded information on the Russian language just a couple months before he was arrested in August. Martin's attorneys, however, said in their own court filing Thursday that there is still no evidence he "intended to betray his country" and argued that he was not a flight risk. All the talk of foreign spies and potential getaway plans, the defense said, were "fantastical scenarios." Martin's defense team said in part: "The government concocts fantastical scenarios in which Mr. Martin -- who, by the government's own admission, does not possess a valid passport -- would attempt to flee the country. Mr. Martin's wife is here in Maryland. His home is here in Maryland. He hash served this country honorably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. There is no evidence he intended to betray his country. The government simply does not meet its burden of showing that no conditions of release would reasonably assure Mr. Martin's future appearance in court. For these reasons, and additional reasons to be discussed at the detention hearing, Mr. Martin should be released on conditions pending trial."

    Read more of this story at Slashdot.

  • 43 Million Weebly and 22 Million Foursquare Accounts Stolen
    LeakedSource is reporting that the web design platform Weebly was hacked in February, affecting more than 43 million accounts. They have also reported a smaller hack involving 22.5 million Foursquare accounts, which were compromised in December 2013. TechCrunch: "We do not believe that any customer website has been improperly accessed," Weebly said in the notice to users. The company also said that it does not store credit card information, making fraudulent charges unlikely. LeakedSource said it received the Weebly database from an anonymous source and notified Weebly of the breach. In addition to the customer notification emails, LeakedSource claims that password resets are being issued -- but, if you're a Weebly user and you don't receive a password reset, you probably want to change your password anyway. Meanwhile, LeakedSource also identified data from Foursquare, claiming that 22.5 million accounts were compromised in December 2013. The social media company disputes the findings, claiming that email addresses were simply cross-referenced with publicly available data from Foursquare. The data includes emails, usernames and Facebook and Twitter IDs, which could have been scraped from Foursquare's API or search.

    Read more of this story at Slashdot.

  • Amid Major Internet Outages, Affected Websites Have Lessons To Learn
    Earlier today, Dyn, an internet infrastructure company, was hit by several DDoS attacks, which interestingly affected several popular websites including The New York Times, Reddit, Spotify, and Twitter that were directly or indirectly using Dyn's services. The attack is mostly visible across the US eastern seaboard with rest of the world noticing a few things broken here and there. Dyn says it's currently investigating a second round of DDoS attacks, though the severity of the outage is understandably less now. In the meantime, the Homeland Security said that it is aware of the attack and is investigating "all potential causes." Much of who is behind these attacks is unknown for now, and it is unlikely that we will know all the details until at least a few days. The attacks however have revealed how unprepared many websites are when their primary DNS provider goes down. ZDNet adds: The elephant in the room is that this probably shouldn't have happened. At very least there's a lot to learn already about the frailty of the internet DNS system, and the lack of failsafes and backups for websites and tech companies that rely on outsourced DNS service providers. "It's also a reminder of one risk of relying on multi-tenant service providers, be they DNS, or a variety of many other managed cloud service providers," said Steve Grobman, chief technology officer at Intel Security. Grobman warned that because this attack worked, it can be exploited again. "Given how much of our connected world must increasingly rely upon such cloud service providers, we should expect more such disruptions," he said. "We must place a premium of service providers that can present backup, failover, and enhance security capabilities allowing them to sustain and deflect such attacks." And that's key, because even though Dyn is under attack, it's the sites and services that rely on its infrastructure who should rethink their own "in case of emergency" failsafes. It may only be the east coast affected but lost traffic means lost revenue. Carl Levine, senior technical evangelist for NS1, another major managed DNS provider, said that the size and scale of recent attacks "has far exceeded what the industry thought was the upper end of the spectrum." "Large companies need to constantly upgrade their flood defenses. Some approaches that worked just a few years ago are now basically useless," said Kevin Curran, senior member with IEEE.We also recommend reading security reporter Brian Krebs's take on this.

    Read more of this story at Slashdot.

  • Schiaparelli Mars Lander May Have Exploded On Impact, European Agency Says
    Instead of drifting gently onto Mars' surface, the Schiaparelli Mars lander hit the planet hard -- and possibly exploded, the European Space Agency said today. NPR adds: The NASA images, taken on Oct. 20, show two recent changes to the landscape on Mars' surface -- one dark blotch, and one white speck -- which are being interpreted as Schiaparelli's parachute and its crash site. With the warning that analysis is still ongoing, here are the details the ESA is sharing Friday: "Estimates are that Schiaparelli dropped from a height of between 2 and 4 kilometers, therefore impacting at a considerable speed, greater than 300 km/h [186 mph]. The relatively large size of the feature would then arise from disturbed surface material. It is also possible that the lander exploded on impact, as its thruster propellant tanks were likely still full." That sequence of events followed the lander's largely trouble-free approach to the Martian surface, a trip that was being widely watched on Wednesday, when the craft lost contact with the ESA and its Mars mothership, the Trace Gas Orbiter, just before its touchdown.

    Read more of this story at Slashdot.

  • Most 'Genuine' Apple Chargers and Cables Sold on Amazon Are Fake, Apple Says
    Apple says it bought Apple chargers and cables labeled as genuine on and found that nearly 90 percent of them to be counterfeit. The revelation comes in a federal lawsuit the company filed against a New Jersey company over what Apple says are fake products that were sold on Amazon. Engadget reports: When Apple got in touch with Amazon about the issue, the website told the former that it got most of its chargers from Mobile Star LLC. The iPhone-maker stressed that since counterfeit cables and chargers don't go through consumer safety testing and could be poorly designed, they're prone to overheating and catching fire. They might even electrocute users. Tim Cook and co. are now asking the court to issue an injunction against the defendant. They also want the court to order the seizure and destruction of all the fake chargers in addition to asking for damage

    Read more of this story at Slashdot.

  • Stephen Hawking: AI Will Be Either the Best or the Worst Thing To Humanity
    At the opening of the new Leverhulme Centre for the Future of Intelligence (LCFI) at Cambridge University, Stephen Hawking offered his insight into the positive and negative implications of creating a true AI. He said, via BetaNews:We spend a great deal of time studying history, which, let's face it, is mostly the history of stupidity. So it's a welcome change that people are studying instead the future of intelligence. The potential benefits of creating intelligence are huge... With the tools of this new technological revolution, we will be able to undo some of the damage done to the natural world by the last one -- industrialization. And surely we will aim to fully eradicate disease and poverty. Every aspect of our lives will be transformed. In short, success in creating AI, could be the biggest event in the history of our civilization. But it could also be the last, unless we learn how to avoid the risks. Alongside the benefits, AI will also bring dangers, like powerful autonomous weapons, or new ways for the few to oppress the many. It will bring great disruption to our economy. AI will be either the best, or the worst thing ever to happen to humanity. We do not yet know which.

    Read more of this story at Slashdot.

  • Several Sites Including Twitter, GitHub, Spotify, PayPal, NYTimes Suffering Outage -- Dyn DNS Under DDoS Attack [Update]
    Several popular websites and services are down right now for many users. The affected sites include Twitter, SoundCloud, Spotify, and PayPal among others. The cause appears to be a sweeping outage of DNS provider Dyn -- which in turn is under DDoS attack, according to an official blog post. From a TechCrunch report:Other sites experiencing issues include Box, Boston Globe, New York Times, Github, Airbnb, Reddit, Freshbooks, Heroku and Vox Media properties. Users accessing these sites might have more or less success depending on where they're located, as some European and Asian users seem not to be encountering these issues. Last month, Bruce Schneier warned that someone was learning how to take down the internet. Update: 10/21 14:41 GMT by M : Dyn says that it has resolved the issue and sites should function normally. Update: 10/21 17:04 GMT by M : Department of Homeland Security says it is aware of the first DDoS attack on Dyn today and "investigating all potential causes." Dyn says it is still under DDoS attack. News outlet The Next Web says it is also facing issues. Any website that uses Dyn's service -- directly or indirectly -- is facing the issue. Motherboard has more details. Update: 10/21 17:57 GMT by M : It seems even PlayStation Network is also hit. EA Sports Games said it is aware of the issues in live-play. Dyn says it is facing a second round of DDoS attacks. Update: 10/21 18:45 GMT by M : U.S. government probing whether east coast internet attack was a 'criminal act' - official. Editor's note: the story is being updated as we learn more. The front page was updated to move this story up. Are you also facing issues? Share your experience in the comments section below.

    Read more of this story at Slashdot.

  • UK Government Proposes Minimum 10Mbps Broadband For Poor
    An anonymous reader writes: The UK's Local Government Association (LGA) is proposing a social tariff to ensure that minimum broadband access of at least 10 Mbps is available to all UK citizens at an affordable price. Last November, Parliament announced that it would begin work on a Universal Service Obligation (USO), which would grant all citizens the right to request broadband service with a minimum 10Mbps. At the time, Prime Minister David Cameron said, "Access to the Internet shouldn't be a luxury; it should be a right -- absolutely fundamental to life in 21st century Britain." Research by Ofcom in 2014 showed "marked relationships between socio-economic deprivation and [poor] broadband availability in cities". Similar results have been found in rural areas, which means that the demand for increasing broadband service to a minimum level may be high among people with lower incomes.

    Read more of this story at Slashdot.

  • 'Most Serious' Linux Privilege-Escalation Bug Ever Is Under Active Exploit
    Reader operator_error shares an ArsTechnica report: A serious vulnerability that has been present for nine years in virtually all versions of the Linux operating system is under active exploit, according to researchers who are advising users to install a patch as soon as possible. While CVE-2016-5195, as the bug is cataloged, amounts to a mere privilege-escalation vulnerability rather than a more serious code-execution vulnerability, there are several reasons many researchers are taking it extremely seriously. For one thing, it's not hard to develop exploits that work reliably. For another, the flaw is located in a section of the Linux kernel that's a part of virtually every distribution of the open-source OS released for almost a decade. What's more, researchers have discovered attack code that indicates the vulnerability is being actively and maliciously exploited in the wild. "It's probably the most serious Linux local privilege escalation ever," Dan Rosenberg, a senior researcher at Azimuth Security, told Ars. "The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time." The underlying bug was patched this week by the maintainers of the official Linux kernel. Downstream distributors are in the process of releasing updates that incorporate the fix. Red Hat has classified the vulnerability as "important."

    Read more of this story at Slashdot.

  • Macs End Up Costing 3 Times Less Than Windows PCs Because of Fewer Tech Support Expense, Says IBM's IT Guy
    An anonymous reader shares a report on Yahoo (edited): Last year, Fletcher Previn became a cult figure of sorts in the world of enterprise IT. As IBM's VP of Workplace as a Service, Previn is the guy responsible for turning IBM (the company that invented the PC) into an Apple Mac house. Previn gave a great presentation at last year's Jamf tech conference where he said Macs were less expensive to support than Windows. Only 5% of IBM's Mac employees needed help desk support versus 40% of PC users. At that time, some 30,000 IBM employees were using Macs. Today 90,000 of them are, he said. And IBM ultimately plans to distribute 150,000 to 200,000 Macs to workers, meaning about half of IBM's approximately 370,000 employees will have Macs. Previn's team is responsible for all the company's PCs, not just the Macs. All told IBM's IT department supports about 604,000 laptops between employees and its 100,000+ contractors. Most of them are Windows machines -- 442,000 -- while 90,000 are Macs and 72,000 are Linux PCs. IBM is adding about 1,300 Macs a week, Previn said.

    Read more of this story at Slashdot.

  • Steve Ballmer Says Microsoft Tried To Buy Facebook For $24 Billion
    Former Microsoft CEO Steve Ballmer told CNBC on Friday that his company tried to buy Facebook when it was "itsy-bitsy" for $24 billion. BusinessInsider adds: Facebook fielded a lot of offers in its early days. When CNBC on Friday asked Ballmer how much Microsoft offered back then, he said, "Oh I think $24 billion when the company was itsy-bitsy and he said no. And I respect that." Zuckerberg clearly made the right choice. He currently has a net worth of $57 billion and Facebook's market cap is $374 billion.

    Read more of this story at Slashdot.

  • Microsoft Shares Hit All-Time High As Company Strengthens Its Cloud Grip
    Marco della Cava, reporting for USA Today: Microsoft shares surged 5% in early trading Friday, and passed a high set in 1999, helped by enthusiasm for progress in its cloud business. The stock was at up at $60.11, breezing past the $58.72 mark set in December 1999. Friday's rally follows Microsoft's latest quarterly report, out late Thursday, that beat analyst expectations for adjusted sales and profit and showcased a doubling of growth in its Azure cloud business, while reflecting continued strain from consumers' pivot away from PCs and traditional software purchases.Microsoft reported its Q1 2017 earnings yesterday, noting a revenue of $20.5 billion, which was higher than Wall Street's expectations. Company's Intellgent Cloud revenue was up 8 percent, whereas Azure revenue observed 116 percent growth year-on-year.

    Read more of this story at Slashdot.

  • HackerOne CEO: Every Computer System is Subject To Vulnerabilities
    An anonymous reader writes: Every computer system in the world is vulnerable to hackers and criminals, according to Marten Mickos, CEO of HackerOne. That's nothing new with major data breaches at Yahoo and the federal government. But not to worry, teams of ethical hackers could be an answer to the growing cybersecurity concerns. "There are far more ethical hackers, white hat hackers, in the world than criminals," Mickos told CNBC's "Squawk Alley" on Thursday. "So when you just invite the good guys to help you, you will always be safe. It's like a neighborhood watch. You're asking the good guys around you to help you see what's wrong with your system and help you fix it." Mickos has assembled 70,000 white hat hackers in his venture-backed company HackerOne. He explains the intent of white hat hackers is to hack for good and not for exploitation.

    Read more of this story at Slashdot.

  • DNS devastation: Top websites whacked offline as Dyn dies again
    Twitter, Amazon, AirBnB, Github and many others hit in DDoS attack on infrastructure
    An extraordinary, focused attack on DNS provider Dyn continues to disrupt internet services for hundreds of companies, including online giants Twitter, Amazon, AirBnB, Spotify and others.…

  • EMC moves into Dell house: Where'd I put the spoons?
    Check the Org chart, will you
    Comment We've learnt how the EMC organisation has been fitted into its new Dell house, at least at a top exec and product level, and here is an org chart set to show what we believe we know.…

  • Hewlett Packard Enterprise gives UK boss control of Ireland
    No, not the whole country, just the whole country operation
    After three decades at or near the top of HPE’s Irish ops - latterly the standalone Enterprise organisation - Martin Murphy is to leave the business by the end of February, El Reg can confirm.…

  • Today is the 211th anniversary of the Battle of Trafalgar
    Toast the Immortal Memory of Admiral Lord Nelson, shipmates
    Today marks the 211th anniversary of the Battle of Trafalgar, in which Admiral Horatio Nelson gave the combined naval might of France and Spain a bloody good kicking.…

  • Computacenter Q3 numbers lifted by weak British Pound
    'Hurrah for the Euro and our services biz in Germany' cheers reseller titan
    The weak British pound worked in Computacenter’s favour during its calendar Q3, as the conversion of Euros generated by ops in mainland Europe helped to lift group revenues and offset “softness” in the UK.…

  • Hapless Network Rail contractors KO broadband in Uxbridge
    30 cables cut and countless masts out of action
    Hapless Network Rail contractors drove a pile through 30 cable ducts, cutting phone, broadband services and many cell towers in the Uxbridge, Middlesex - potentially knocking services out until next week.…

  • Sky’s CEO drops MVNO bombshell at results conference
    Firm's sure to use its sports lure to bring in the punters
    At the announcement of its results this week, Sky said that it was planning MVNO services based on the O2 network, which is run in the UK by Telefonica. Faultline has been forecasting a move by Sky into cellular for the past four years and is surprised that it has taken this long for the move to emerge.…

  • Puppet shows its hand: All your software is belong to us
    In the future code is going to be managed and deployed by other code
    Special report In an episode of Seinfeld from 1996, George is shocked when he discovers his former boss, Mr Wilhelm, has joined a cult, the Sunshine Carpet Cleaners.…

  • Slack whacks global account hijack holes
    For a while there your Slack account could be hijacked with just a username
    Hipster collaboration platform Slack has shuttered an access control bypass that allowed users to hijack any account.…

  • Spam scum ping global blacklists to wreck rep
    Email pests seek clean machines for better hit rates.
    Malware authors are consulting IP blacklists designed to help fight spam in a bid to avoid detection and increase inbox hit rates.…

  • IBM throws ISP under a bus for Australia's #Censusfail
    Big Blue claims ISP allowed DDoS. ISP says IBM rejected DDoS advice and services
    IBM has blamed a supplier for causing the failure of Australia's online census, which went offline on the very night millions of households were required to describe their disposition.…

  • Dirty COW explained: Get a moooo-ve on and patch Linux root hole
    Widespread flaw can be easily exploited to hijack PCs, servers, gizmos, phones
    Code dive Patch your Linux-powered systems, phones and gadgets as soon as possible, if you can, to kill off a kernel-level flaw affecting nearly every distro of the open-source operating system.…

  • Google pays $100k to anti-malware crusader Giovanni Vigna
    Prolific malware murderer bags Mountain View's Security, Privacy and Anti-Abuse award
    Anti-malware machine and head of the Shellphish DARPA Grand Challenge bronze-medallist team has won US$100,000 from Google for security research efforts.…

  • DIY website builder Weebly was secured feebly
    43m credentials lifted, plus 58m more at Modern Business Solutions and 22m from FourSquare
    Another day, another three major breaches: this time at do it yourself website builder Weebly, which has been revealed as secured feebly, as were FourSquare and Modern Business Solutions.…

  • Boffins exploit Intel CPU weakness to run rings around code defenses
    Branch buffer shortcoming allows hackers to reliably install malware on systems
    US researchers have pinpointed a vulnerability in Intel chips – and possibly other processor families – that clears the way for circumventing a popular operating-system-level security control.…

  • EU legal eagle: Euro court should review Intel's €1.6bn fine
    Chipzilla market share WAS overstated, claims Advocate General
    An EU High Court Advocate General has recommended a review of the case that saw Intel slapped with a record fine after it was found to have coerced OEMs to avoid using rival companies' x86 CPUs.… offline for now

  • Radeon vs. Nouveau Open-Source Drivers On Mesa Git + Linux 4.9
    With Mesa Git and Linux 4.9 I have done AMDGPU vs. Radeon, AMD OpenGL vs. Vulkan benchmarks, and other tests while in this article is our first side-by-side comparison of AMD Radeon GPUs on their open-source driver against NVIDIA GPUs on Nouveau when using Linux 4.9 Git and Mesa Git as of this week.

  • Linux 4.9 Is Showing A Performance Boost On More Systems
    Earlier this week I posted some benchmarks of a Core i7 6800K Broadwell-E system seeing performance boosts under Linux 4.9 and it turns out it's looking more widespread than just affecting a niche system or two. When testing a more traditional Intel Haswell desktop, Linux 4.9 Git is seeing more wins over Linux 4.8 and 4.7 kernels...

  • Intel Haswell OpenGL & Vulkan Testing With Mesa Git
    It's been a while since last running any major Linux graphics tests with Intel Haswell era hardware, but in preparing for a big Linux 3.x/4.x kernel comparison with a Core i7 Haswell, I ran some fresh graphics benchmarks with OpenGL and Vulkan.

  • Stable Linux Kernel Updates Roll Out To Address "Dirty COW" CVE
    The supported Linux 4.8/4.7/4.4 kernel series have seen stable point releases today to address a new CVE security issue nicknamed "Dirty COW" that is a local privilege escalation issue and could allow attackers to overwrite files to which they don't own write access...

  • Mad Max Appears To Work Fine With RadeonSI Gallium3D
    This morning's release of the Mad Max game for Linux lists only NVIDIA graphics as supported, but it does turn out at least for newer AMD GPUs using the RadeonSI Gallium3D driver things should work -- well, assuming you are using the latest open-source driver code...

  • SDL 2.0.5 Released With Many Improvements
    SDL 2.0.5 is now available as the latest version of this library used by many cross-platform games and is part of the Steam Runtime. SDL 2.0.5 brings many new features and improvements...

  • Mad Max Launches For Linux
    Feral Interactive's port of Mad Max to Linux (and macOS) is now officially out and can be found on Steam...

  • Fedora 26 Anaconda Installer Likely To Get Blivet-GUI
    The Anaconda installer is never done evolving... The Anaconda installer will be updated, again, with Fedora 26 but hopefully won't see the major fallout during one of its earlier reworks when it was in very bad shape. This time around they are just looking to add Blivet-GUI...

  • Mesa Hasn't Been Branched Yet Due To LLVM Issues
    The Mesa 12.1/13.0 release dragged out a bit to allow the RADV Radeon Vulkan driver to be merged and then some Gallium3D Nine fixes, which have landed. The branching / feature freeze didn't happen last week though as planned, but Emil Velikov the release manager has now provided an update...

  • Intel OpenGL vs. Vulkan Linux Benchmarks - Mesa Git + Linux 4.9
    With having delivered a number of RADV Radeon Vulkan benchmarks recently, time to turn the tables to see how the Intel Vulkan driver stack is comparing to its i965 classic Mesa DRI driver. Dota 2 benchmarks up today under Ubuntu 16.10 while using Mesa 12.10-dev and Linux 4.9...

  • Raspberry Pi Finally Well Supported By Fedora With 25 Beta
    While Fedora has always supported ARM/AArch64 hardware well, they've missed out on the whole Raspberry Pi craze even as the ARMv7 hardware has been shipping for a while and there are plenty of Pi-focused Linux distributions out there. With Fedora 25, there's finally going to be good support for the Raspberry Pi 2 and 3 devices...

  • Canonical Rolls Out Its Own Kernel Livepatching Service For Ubuntu
    Canonical has formally moved forward with its enterprise kernel livepatching service, which it's making free to the Ubuntu community -- assuming you have three Ubuntu installations or less. Like the other approaches, this is about applying in real-time critical security fixes to the kernel without rebooting...


  • The Public Access Weekly: Upgrade ya

    So... since the entire Internet is apparently one big Fail meme today, let's just jump right in shall we? This week, we're rolling out some of the Public Access upgrades that we've been working on which is pretty exciting.
    The first of these changes is the landing page that Public Access members see when signing in. Starting today, that landing page will display our rules and guidelines for Public Access members and posts. All Public Access members will be expected to abide by these rules. (What happens if you don't? That is also detailed on the page!) We want to be sure that we're being clear and transparent with members about what the rules are, so we're putting them right up front and center.

    The next change regards publishing posts -- Starting Monday, there will be two types of membership to Public Access: A full membership, and what we're casually referring to as a 'trial' membership. There is one major difference between the two types of membership and that is that full members can publish articles to Public Access at any time, while trial members will need to submit their stories for approval by an editor.

    All new members to Public Access will, be default, given a trial membership. Once a member has published three stories without requiring significant editorial corrections, they will be upgraded to a full membership. Also, and this is important, those who have full memberships and violate our rules can be changed to a trial membership at any time. We've updated all the resource pages to include information about creating your post as a trial member, but as always, you can email us if you have any questions!
    Lastly, as I mentioned last week, we're updating the way your article template pages look so starting Tuesday the page where you actually write and create your posts will be streamlined, with larger fields and features and a new color scheme. However, all the commands and functions are still in pretty much the exact same places so you shouldn't experience any problems.
    Looking for something to read? Check out:One of the featured stories on the Public Access homepage this week comes to us courtesy of Victor Iryniuk, who has written his first post on the reasons why his 5th generation Kindle is still his very favorite gadget. This piece explores what this version of the Kindle did right (doing one thing, and doing it great), and the advancements in e-readers that have detracted from the devices core purpose.

    Meanwhile, over in the science/space genre, Lindsey Patterson has written a great post on the why Boeing will beat Elon Musk in the race to Mars which includes background on the Mercury Program, the Gemini Program and how SpaceX and Boeing differ in their knowledge and experience.

    Discussions about gender equality and tech often overlook the women who are doing spectacular work in the field, and Kamakshi Venugopal's story about female entrepreneurs in India who are pushing the start-up scene to new heights highlights the stories of five women who are the founders and CEOs of E-commerce, coupon and local service websites.Looking for something to write about? Mull over:Big news came out of the Nintendo camp this week with the announcement of the Switchconsole, which is powered by an Nvidia Tegra processor and purports to allow users to bring a tablet element to their gaming via detachable controllers. Is this a great innovation for Nintendo? Are you excited about it? And is there a place for portable gaming consoles in a world of smartphone gaming?

    When Twitter laid off former AngelHack CEO Gregory Gopman this week, he responded with a Facebook post claiming the motivation was his 2013 rant against the homeless population of San Francisco. While Twitter has not confirmed or denied the reasons for Gopmans exit from the company, the news did bring up some interesting conversations in the comments. Should the things you post online haunt you forever? How does one come back from the negative attention that follows a viral social media post? And do you censor what you put online for fear of it harming your abilities to find work? How so?

    We reviewed the Google designed Pixel and Pixel XL this week, and found it to be a great smartphone that looks a little dull. Have you gotten your hands on a Pixel or Pixel XL yet? If so, what do you think of the device? Does it live up to your expectations? What is your favorite -- and least favorite -- aspect of it? And do you think it can fill the hole left by Samsung's Galaxy Note 7?

  • Why the Internet fell apart today

    If you were on the internet on Friday morning, congrats! You were one of a lucky few who maintained their connectivity in the face of a massive, nationwide DDoS attack against part of the Domain Name System (DNS), a crucial piece of digital infrastructure which, when offline, cripples our ability to access the internet. But despite its importance, the DNS is often overlooked -- much like the rest of the behind the scene mechanisms that make the internet work. So before you go resetting your router to see if that clears things up (hint: it won't), let's take a quick look at what the DNS does and how it managed to break so spectacularly earlier today.

    In the early days of the networking, routing data between two computers might require that you know the target machine's IP address, a 12-digit string of numbers like Even in the early 1980's when the "internet" was still the DoD's ARPANET project and consisted of just 320 interconnected computers, trying remembering all 320 IP addresses would be like trying to memorize the address and occupant of every house in your neighborhood.

    So, the internet's architects developed the DNS, a giant, decentralized database that translates domain names to IP addresses much in the same way that telephone operators used to manually route calls through their switchboards. So when you type "" (aka the top-level domain or TLD) into your browser, the DNS company that hosts that domain converts "" into the 12-digit IP address and routes your request accordingly, starting with the TLD, so that your computer knows where to look for the website data it's trying to load. What's more, the DNS automatically updates these registries so if Engadget ever switches hosting companies and its IP address changes, typing "" into a browser will still work.

    The DNS is a hierarchical system. At the very highest level, you've got the "root servers". There are 13 of them in all and they handle requests for information about TLDs. So if you type "," it won't be able to find the exact listing in its zone files -- simple text documents that map domain names to their respective IP addresses -- but it will return a record of the ".com" TLD and shunt the request to the next server down, the TLD server.

    TLD server then looks for "" in in its zone file. As before, the TLD server won't find the full "" listing but it will find record of "". With that information in hand, the request is kicked down to the domain-level servers.

    By the time that a request reaches a Domain-level server, it's only one step away from being fully routed to its destination website. These servers are essentially "the guy who knows the guy" you're looking for. Domain servers look at the record for, determine that the domain should be www -- as opposed to ftp, for example -- and then looks up the site's IP address in their zone files before completing the routing operation.

    Normally this all happens on the backend and the process is completely seamless from the user's perspective. However, hackers can (and just did) attack the companies that run these DNS services. When a service is knocked offline, every site hosted on that DNS goes down as well, unless you know that site's specific IP address of course.

    This is is what US authorities believe happened Friday morning. A group of unknown cyber-attackers launched a huge Dedicated Denial of Service (DDoS) attack -- in which small streams of data are funneled to create an unrelenting tide of traffic that overwhelms a site's servers -- against Dyn, a major DNS service. They shut Dyn down for hours. This, in turn, caused a swath of sites that Dyn works for -- including Twitter, Spotify, the New York Times, Reddit, Yelp, Box, Pinterest and Paypal -- to go dark on Friday morning until the company was able to recover.

    Unfortunately, defending against DDoS attacks and the botnets that are used to launch them, is not a particularly easy task. The most common solution, according to CISCO, are firewalls, which act as the network's watchdog, inspecting data packets and determining their source. If a firewall detects suspicious network activity it will alert the rest of the system. Networks may also incorporate load balancers -- systems that spread network traffic out over multiple servers so that no one unit is overwhelmed. Remotely triggered blackholes (RTBH), instead, reroute and drop malicious traffic before it can even enter the network in the first place. Or, if you're savvy like Pornhub, you'll simply host your network on multiple registered DNS servers so that even if one goes down, traffic will simply be rerouted to a different service.

    That said, there's no such thing as a perfectly secure network. DDoS attacks like these will continue to occasionally occur for the foreseeable future. But with proper network design and implementation, we'll be able to mitigate their debilitating effects.

  • The looming spectre of cyberwar with Russia

    In the world of cyber (as in security), the question of the week seems to be, "are we going to cyberwar with Russia?"

    White House Press Secretary Josh Earnest thinks so. A week after President Obama singled out Russia as being responsible for cyberattacks on targets including the Democratic National Committee, Earnest said in a briefing that the administration would be serving a "proportional" response to Putin and the gang.

    That response would be reciprocation for the very public (and not particularly sophisticated) hacking we've seen targeting the Democratic side of this particular presidential election. This includes the DNC hacks, the Guccifer 2.0 clowning around, the targeted feeding of docs to WikiLeaks. And, if we're going to include all the hacker toolsets, the unprecedented use of bots to influence opinion on social media in favor of the Republican candidate.
    I'd totally hack Trump... if he lost a little weight

    Donald Trump is now an outspoken WikiLeaks fan. This professionally combines the pussy-grabber with a man in exile because he's been accused of rape; an exile whose ambassador has been accused of multiple sexual assaults ... creating a he-man-woman-hater's club trifecta for the ages.

    No one's hacked Trump or the RNC and spilled the beans -- yet, anyway. Which is weird considering how crappy bits and pieces of Trump's security have been shown to be, and how abysmal government organizations are proving to be at cyber defense.

    As for Trump, he left his own site wide open, and his email servers are riddled with security holes. Maybe he's been lucky, or someone on his team hired some good hackers to protect him.

    But based on the cyberlaw of cyberaverages, I think one of two things are most likely: Either he's been hacked and the crew is sitting on docs, or hacking him and/or the RNC requires nation-state level resources... and no nation is motivated to hack him. Maybe because to other nations he's only a four. Alright, maybe a five if he had some State Department briefings on a server somewhere... and lost a little weight.

    The people who like to equate zero days to missiles and suggestions of 'stockpiles of cyber bombs' must be pretty psyched we're on the cusp of a cyberwar. And we are. Vice President Joe Biden added his voice to the cyber-saber-rattling when he told press "We're sending a message. We have the capacity to do it." Biden singled out Putin when he added, "He'll know it. And it will be at the time of our choosing. And under the circumstances that have the greatest impact."
    Cyber World War One?
    So I guess we're going to have that "Cyber Pearl Harbor" that septuagenarian politicians have been using as a boogeyman for the past ten years, after all. But what does that even mean?

    A number of pundits think cyberwar against Russia will come in the form of embarrassing Putin, his government and ruling class. Not to mention the Russian hackers who work for the government. Britain's doing cyberwar too, but seems to be keeping far more quiet about it than we are. Law-and-war analysis blog Lawfare posits that there's nothing new to be hacked. Because of this, they conclude, all cyberwar can do is reveal of information the US has already purloined in hacks our spies have done over time.

    Talk about zero points for creativity! The law and war pundits might not be looking at the world around us, but most of us who are worried about what cyberwar might mean certainly are -- and we're more than a little worried about acts of war and the cybers. I mean, not only do we all watch films and TV, we're painfully aware that major breaches are commonplace, that industrial control systems are not in the best of shape, and that the internet of things is definitely not our passive and always-helpful friend.

    Perhaps we'll find out that DDoS is the new D-Day. I don't know about you, and I'm not friends with any anti-hacking hippies, but I'd really rather that my country not have to ask Russia, "shall we play a game?"

    I think that to most people, this kind of war is going to be even harder to conceive than any in history: The American public will literally not understand what it looks like. As a result it will feel far less real, there will be misinterpretation a go-go, and public accountability has left the building. There will be no draft, no foxholes and no bombs, no shrapnel, no Purple Hearts, no boots on the ground, and to the outside observer, no noise, no honor, and no cost.

    There won't be any cyberwar protests, anti-cyberwar songs or movements, or hippies hoping we'll just give cyber peace a chance. Nor will there be any ticker-tape parades for triumphant returning heroes of the cyberwar. Hell, there won't even be a clear victor.

    Images: AP Photo/Evan Vucci (Trump); AP Photo/Markus Schreiber (Putin)

  • Blame the Internet of Things for today's web blackout

    Today's nation-wide internet outage was enabled thanks to a Mirai botnet that hacked into connected home devices, according to security intelligence company Flashpoint. The distributed denial of service attack targeted Dyn, a large domain name server, and took down Twitter, Spotify, Reddit, The New York Times, Pinterest, PayPal and other major websites.

    "Flashpoint has observed Mirai attack commands issued against Dyn infrastructure," Flashpoint writes. "Analysts are still investigating the potential impact of this activity and it is not yet clear if other botnets are involved."

    Mirai is not a new hacking tool. A massive Mirai attack took down the site of popular security researcher Brian Krebs in late September, peaking at a nearly unprecedented 620 Gbps. Mirai takes advantage of weak security protocols on IoT devices -- in the Krebs case, 145,000 devices were infiltrated, including security cameras and DVRs in homes and offices around the world.

    The author of the Mirai malware made its code open-source, and security experts have been warning of a possible large-scale attack since this information came to light.

    For its part, Dyn is attempting to stem Friday's attack on its servers. At 3:30PM ET, the company announced the attack had entered its third wave.

    "We are actively in the third flank of this attack," Chief Strategy Officer Kyle Owen said, according to Dyn announced at 6:15PM ET.

  • Introducing 'The Morning After'

    Look, we get it. Sometimes it's hard to keep up on all the latest happenings in the world of tech. That's why Engadget has a newsletter that delivers the top stories of the day directly to your inbox. Sure, it's functional, but honestly, it doesn't live up to our standards. So, Saturday morning will see the launch of our new and improved newsletter: The Morning After.

    The Morning After doesn't just give you the headlines -- it distills the biggest stories of the previous day down to their most essential parts, and delivers them with the wit and insight you've come to expect from Engadget. But we don't just want to tell you what you missed, we want to tell you what to look out for too. Is there a big liveblog coming up or major tech conference to get excited about? We'll give you a heads-up. Plus, every Saturday morning you'll get the weekend edition, complete with a letter from the editor.

    If you're already subscribed to the Engadget newsletter, then you don't need to change a thing. Starting Saturday morning The Morning After will replace it in your inbox. But if you're not a subscriber, now is a good time to change that.

  • New York passes law making it illegal to list short-term rentals on Airbnb (update)
    New York governor Andrew Cuomo just signed a bill into law that will make it much harder for Airbnb to operate in the state. New York already prohibits rentals of less than 30 days in a multi-unit building if the tenant is not present -- a situation that many Airbnb listings advertise. This new law makes even listing an advertisement for such a situation illegal itself, a tool that some think the state will use to go after Airbnb directly.
    Those who violate this new law, which the state assembly and senate voted on in June, will be subject to some heavy fines: $1,000 for your first violation, $5,000 for the second, and $7,500 for the third. According to Business Insider, Airbnb will immediately file a lawsuit against New York City and the state attorney general; the suit will claim the new law violates the First Amendment and the Communications Decency Act.

    "In typical fashion, Albany back-room dealing rewarded a special interest -- the price-gouging hotel industry -- and ignored the voices of tens of thousands of New Yorkers,"Josh Meltzer, head of New York Public Policy for Airbnb, said in a statement crack down on hosts with multiple listings in New York and San Francisco. It was an effort to reduce illegal hotel situations and keep people from buying up and then renting multiple listings to turn a big profit. It also felt like an effort to help sway NY's politicians onto their side, but that obviously hasn't worked yet.

    How this will end up remains to be seen, but it sounds like Airbnb's going to have a tough time -- the existing law that was already on the books seems like it'll make fighting this new legislation much tougher. We've reached out to Airbnb and will update this post with any comment we receive.

    Update: It was a matter of "when," not "if." Airbnb has announced it's suing the city of New York, Attorney General Eric Schneiderman and Mayor Bill DeBlasio for violations of the Communications Decency Act, New York State Assembly, Business Insider, New York Daily News, TechCrunch

  • Evidence ties Russia to Podesta and Powell email hacks

    Back in March, Hillary Clinton's campaign chairman John Podesta received a frantic-sounding email about his account security and clicked a shortened link that appeared to be from Google. Instead, it redirected to a spoof page that gave hackers access to his password. Half a year later, WikiLeaks started publicly releasing thousands of his emails on October 9th, a month after the seemingly unrelated leak of Gen. Colin Powell's personal messages. Security firms, journalists and a hive of independent researchers have spent the interim analyzing the digital break-ins and have arrived at the probable culprit behind these and several other hacks: Russia. But definitively attributing it to the country's intelligence services is difficult, if not impossible.

    When WikiLeaks began publishing thousands of emails from DNC accounts back in July, it only took a few days for the FBI to start investigating Russia's involvement in the hack. On October 7th, the US government made the rare decision to publicly blame Russia for directing "the recent compromises of e-mails from US persons and institutions." The DHS declined to state how they came to that conclusion, notes Motherboard, though they probably have data we can't see.

    That left the media and researchers to connect many dots, but a pair of extensive pieces published yesterday by according to Esquire.

    SecureWorks built a target portfolio to see who Fancy Bear was working for. Lo and behold, the addresses attacked included a host of military, political, and government leaders in Ukraine, Georgia and other former Soviet states. They also sent spear-phishing emails to NATO military attaches, diplomatic and military personnel from the US and Europe, and critics of the Russian government from around the world. The pieces started to fit together as the firm identified more similarities between the previous hacks and those targeting Podesta, other members of Clinton's campaign staff and the DNC. Namely, the malware and server infrastructure supporting it are unique, acting like calling cards for Fancy Bear, according to SecureWorks' Senior Security Researcher Tom Finney.

    "The link to Fancy Bear is very firm, germane to the structures they used before. We track these groups by the toolsets they use, the malware they use, because they tend to have bespoke sets of malware that's only used by one group. That tends to be quite discrete, so you can say that if this malware is being used, it's being used by this group," said Finney.

    From March to May, SecureWorks saw that Fancy Bear was sending more spear-phishing emails to people in the US. Because Bit.Ly tracks when their URLs are clicked, the firm was able to see that of the 108 email addresses targeted at the Clinton campaign from March to May, 20 of the erroneous links had been opened; And of the 16 targeted at the DNC, 4 people had clicked, as Buzzfeed reported last week.

    SecureWorks released this information in a June 16th report, stating with "moderate confidence" that Fancy Bear's attacks were likely directed by Russia. Most of the group's targets in the previous year were individuals that were enemies of, or people of interest to, the Russian government.

    "The 5,000 emails was quite a big data set," said Finney. "Added together, we can't really think of who else would be satisfied by the kind of information targeted by this group. So that's why we think it's Russia."

    But they weren't the only ones paying attention. Fellow firm CrowdStrike released its own report on July 15th after the DNC called on them to investigate a breach in their security. Within a week, WikiLeaks publicly released 19,000 DNC emails that they had acquired.

    A hacker entity identifying itself as Guccifer 2.0 claimed credit as a lone hacker. But CrowdStrike identified both the Fancy Bear and Cozy Bear hacker groups' presences on the DNC's network, recognizing their tradecraft and tactics used to evade detection. While Cozy Bear was content to target whole departments and quietly collect data for years once inside, it was Fancy Bear's more aggressive research and intrusion activity that tipped off security experts. Thanks to metadata in the released documents and Russian-language settings, security experts dismissed Guccifer 2.0's claim to be a Romanian national, rather theorizing it to have been a hollow account created by Fancy Bear or those acting with it as a distraction.

    Fancy Bear's failure to keep its Bit.Ly accounts private gave SecureWorks insight into the group's targets -- which is how researchers identified the link Colin Powell clicked on that lead to his email getting hacked. This helped them confirm other compromises, like that of Clinton campaign staffer William Rinehart, as The Smoking Gun reported in August. Other groups have been targeted by similarly-constructed links, like points out Motherboard.

    A third group known as the Shadow Brokers, as detailed by Thomas Rid in Esquire, took documents hacking tools from the NSA itself via its elite cyber infiltration unit, Tailored Access Operations. The group either compromised a computer that TAO used to stage its own attacks or acquired the assets the old-fashioned way using a mole. The Shadow Brokers published these tools on Github and elsewhere, and security researchers confirmed their authenticity.

    Meanwhile, Cozy Bear had been using some two hundred Microsoft OneNote cloud storage accounts to "exfiltrate" data back to Moscow, according to Rid. Microsoft provided information to US digital spies to help them confidently identify the DNC hackers as Russian.

    These data points, combined with the nigh-unprecedented move by the DHS of openly blaming Russia for these and other hacks, strongly suggests that their government orchestrated a multi-armed campaign to gather documents germane to the US presidential election. But when making those stolen emails publicly available on WikiLeaks impacts public opinion, as Rid describes in Esquire, the campaign looks less like espionage and more like an attempt to influence the outcome of the election.

    In the digital intrusion trade, hackers are known to plant diversions to misdirect security. These "false flags" might even be patterned after tactics known to be used by other countries' teams. A presentation by Kaspersky Lab at this year's Virus Bulletin security conference pointed out how effective this misdirection can be. According to a summary of the talk by Summit Route's Scott Piper:

    "In one case, of an assumed Russian [advanced persistent threat] actor, it identified researcher systems running the first stage malware, so it sent down Chinese APT to the researchers as the second stage to throw them off, while sending down their real second stage to the actual victims.

    In a similar case, when Turla (also Russian APT) worried they'd been detected, as they were pulling out their malware, they sent down a rare Chinese malware named Quarian for the IR team to investigate. This both gave them time to cover their own tracks, while at the same time burning China's toolset."

    Ergo, there's a chance that security experts and journalists could wrongly attribute cyber attacks, even with good evidence. Remember the Sony megahack, where the US government first didn't blame North Korea, then they did, and the security community couldn't decisively agree?

    Hence SecureWorks' "moderate confidence" that Russia is behind these hacks, a level which generally means that "the information is credibly sourced and plausible but not of sufficient quality or corroborated sufficiently to warrant a higher level of confidence." In that middleground, they can't definitively say that it was Russia, but they can illustrate how ludicrously difficult it would be to frame them by creating a Fancy Bear operation and targeting so many individuals over a year and a half, said SecureWorks' Finney.

    "I base my assessment on the evidence. I go back to the overwhelming evidence, I think, of the targeting of this particular group. So we have 5,000 email accounts that were targeted. That's very difficult to make a false flag operation, to target 5,000 email accounts to make it look like the Russians," said Finney.

    SecureWorks doesn't have the means or resources of an intelligence agency to definitively prove that Russia was behind the hacks in a criminal case, said Finney. For their business, they examine circumstantial evidence to arrive at conclusions. That's the benefit for security firms of doing so much research in order to attribute blame: Now that they know with confidence the attackers' motivations and tactics, SecureWorks can make recommendations to shore up their clients' security. Against a spear-phishing campaign like this where attackers dupe targets into giving up email passwords, said Finney, clients can increase their protection by taking steps as simple as turning on two-step authentication.

    Via: The Daily Dot

    Source: Motherboard, Esquire

  • NASA finds likely crash site for ESA's ExoMars probe

    Just as we expected, NASA's Mars Reconnaissance Orbiter (MRO) has detected the potential crash site for the European Space Agency's missing ExoMars Schiaperelli probe. The MRO located a bright spot and dark patch on the Martian surface near the probe's planned landing area, which NASA believes to be the remnants of the probe's parachute and lander module, respectively. While we've only got a fairly low-resolution image so far, we should know more next week when the MRO passes over the area again with a higher resolution camera.

    The ESA's ExoMars mission, which aims to search for trace signs of life on the red planet, reached Mars' orbit on Wednesday following a seven-month journey. After separating itself from its partner ship, the Trace Gas Orbiter, Schiaperelli began transmitting data about the planet's electric fields as it made its way through the atmosphere. The ESA initially couldn't confirm if the probe had landed successfully, and later said that it lost contact right before its expected landing.

    Jan Woerner, the ESA's director general, still considers the mission an overall success, despite losing contact with the probe. "This means we will obtain information from a close analysis of the data that Schiaparelli was built for, notably on the performance of elements such as the heat shield, parachute, radar, thrusters and so on," he wrote on his blog. "This information can subsequently be used to improve the design of the 2020 Exomars mission, since in that mission the survival of the descent module will be of real scientific relevance."

    Via: BBC

    Source: NASA

  • Facebook will allow 'newsworthy' graphic content in timelines
    Facebook rightly came under fire for censoring the iconic, Pulitzer-winning "napalm girl" photo THe Terror of War not that long ago. Now, the social network is altering its course as a direct result. "In the weeks ahead, we're going to begin allowing more items that people find newsworthy, significant, or important to the public interest -- even if they might otherwise violate our standards," VP of Global Public Policy for the site Joel Kaplan writes.
    The thing is, Zuckerberg and Co. don't know exactly how they'll do it without stepping on anyone's toes in regards to local cultural norms. Kaplan says that the service is going to tap its community and partners to figure it out in regards to tools and rule enforcement. Specifically: experts (gurus are all on vacation, apparently), publishers, journalists, photographers, law enforcement officials and safety advocates. Why start relying on humans instead of algorithms now, though? Oh, right.

    Via: TechCrunch

    Source: Facebook

  • Watch HP's Elite X3 Windows Phone simulate a desktop

    After spending plenty of time with HP's Elite X3 Windows Phone, it's hard not to be impressed by the company's ambition. It's just too bad the execution isn't so great. The Elite X3 builds on Microsoft's Continuum feature, which gives phones pseudo-desktop interfaces on larger monitors, with Workspace, a virtual environment that lets you run full Windows apps. Together with a Desk Dock and Lap Dock, HP intends for the X3 to serve as both a laptop and desktop replacement. But while Workspace is a decent fix for Continuum's issues, I don't think it's enough to make the X3 a viable option for most workers.

  • US investigating Friday's internet blackout as 'criminal act'

    This morning, several sites were shut down due to a distributed denial of service (DDoS) attack on Dyn, a large domain name server. Sites affected include Twitter, Spotify, the New York Times, Reddit, Yelp, Box, Pinterest, Paypal and potentially a lot more. It seems as if this attack was focused on the east coast. Now Reuters is reporting that the US government is investigating it to see if it was a "criminal act."

    The news outlet reports that it's not clear yet on who's responsible and the Department of Homeland Security has said that it's "investigating all potential causes." According to Dyn, it resolved one attack earlier this morning, but there was a second attack a few hours later. As of this writing, some sites like Twitter and Spotify appear to be back up, but there are still sporadic outages that result in broken images and links.

    Update: According to Krebs, security firm Flashpoint is now reporting that a Mirai-based botnet is involved in the attack on Dyn. Mirai is a malware that specifically targets IoT devices like routers, DVRs and cameras, turning them into bots that then report to a central server that could then send out mass DDoS attacks like we saw today.

  • WSJ: Time Warner's latest suitor is AT&T (update)

    AT&T's next step to telecom dominance? Buying Time Warner, it seems. Before the next episode of Westworld airs, theoretically, AT&T could own HBO, CNN, Hulu, DC Entertainment and Warner Bros. Pictures among others, according to Apple and Fox have both been heavily rumored, for example. And considering that Time Warner turned down $80 billion from the latter, it gives us an idea that the asking price is going to be northward of that.

    Consolidation in the media landscape (oh hi, Verizon) is increasingly commonplace as companies look to bolster their bottom line with bigger customer numbers over individual profits. After all, that cable subscription's going to get a lot cheaper when people start cutting the cord en masse in order to try winning you back. Just look at the price of monthly landline service as a parallel.

    But last year's $49 billion acquisition of DirecTV has left the coffers a bit dry, and its last investors report stated that the company only had about $5 billion in free cash. If the deal goes through, it's going to leave the company pretty deep in the red. Or AT&T manage to raise the GDP of a small somehow just to afford the purchase price. But hey, corporations are good with math, right? The beancounters will make this work. Somehow.
    Update: It looks like AT&T will shell out around $86 billion for Time Warner Inc, according to CNBC

    Source: Wall Street Journal, Bloomberg

  • Toyota's hydrogen buses can work as emergency generators

    Toyota will start selling fuel cell (FC) buses in 2017, with the aim of selling up to 100 in the Tokyo area ahead of the 2020 Olympic games. The company is using a beefed up version of the fuel system it developed for the Toyota Murai, with 10 high pressure tanks holding 600 liters of highly compressed H2. That gives it 235 kWh or power, about three times that of a Tesla Model S, meaning it "can be used as a power source in the event of disasters," the company said in a press release.

    Toyota has been working on CO2-free fuel-cell buses for a while now with its Hino bus and truck division. The company is bullish on hydrogen fuel cell vehicles, even though they're less efficient than EVs if the hydrogen is generated using water and electricity. Hydrogen made by reforming methane creates CO2 pollution, though less overall than if gasoline- or diesel-powered vehicles are used. That's assuming the methane, a potent greenhouse gas, doesn't leak -- and it often does.
    Toru Hanai/Reuters

    Toshiba recently unveiled Japan's largest water electrolysis hydrogen production plant (above) that uses power from the electrical grid. Unfortunately the nation still gets most of its electricity from fossil fuels, not renewable or nuclear energy. And the bulk of hydrogen is still produced by methane reforming, a polluting process made worse by the fact that Japan imports its methane. However, the nation plans to produce more hydrogen by electrolysis over the next decade as part of Prime Minister Shinzo Abe's push to a hydrogen future. For more on fuel cells and hydrogen vehicles, check Engadget's explainer.

    Source: Toyota

  • With the Switch, Nintendo could make controllers great again

    There was no more exciting time to be a peripheral fan than 1999. For me, someone who loved the custom controls of the arcades, the Dreamcast was a fantasy. Its Visual Memory Unit (VMU) was a memory card with a screen that slotted into the controller -- and a micro-console in its own right. Games like Power Stone and Seaman let you load mini-games onto the VMU to play on the go, but more interesting was its dual-screen potential.

    The VMU could display information, like your health in Resident Evil or plays in NFL 2K, right on your controller. These features were ahead of their time -- it wasn't until the Wii U GamePad came along that we saw a company go all in on dual-screen gaming. (The DS and its successors don't really perform the same task.) But the VMU was only the beginning of Sega's plan to expand the Dreamcast.

    There was the Dreamcast Gun, a wired light gun that let you slide a VMU or Jump Pack (for rumble support) into the top. There was the microphone attachment that slotted in underneath the VMU in your controller, to let you talk to the weird fish-with-a-face virtual pet in Seaman.

    Then there were the standalone peripherals. Who can forget the Sega Fishing Controller, which, as well as making Sega Bass Fishing incredible, also acted as a Wii-like motion controller in Virtua Tennis and Soul Calibur? Not to mention Typing of the Dead's keyboard, Samba De Amigo's maracas and Virtual On's twin sticks.

    For context, the Dreamcast was on sale for just a year and a half in the West, and less than a year longer in the rest of the world. The number of accessories, the number of innovative ideas realized in that time, is just ridiculous.

    With Sega's hardware days long behind it, Nintendo took up some of the slack. The Wii had add-ons for the Wiimote, including an analog nunchuck, a MotionPlus sensor pack and a "Classic Controller." There were also peripherals that integrated a Wiimote slot into their design -- namely a steering wheel and a gun -- as well the standalone Balance Board for Wii Fit. Oh, and somewhat serendipitously, there was a maracas shell for the Wiimote to play Samba de Amigo.

    That innovation in peripherals all but died with the Wii U, though. The GamePad was certainly innovative in itself, but its all-in-one nature killed any chance for peripherals that weren't Amiibos. But there's a chance that peripherals could return in a big way with Nintendo's latest console, the Switch. A portable tablet with slide-on "Joy-Con" controllers, it takes the modular spirit of the VMU and applies it to the system as a whole. And a Switch concept by one artist, posted on Twitter and Polygon

    Source: Ryan Salamanda (Twitter)

  • The best smart hub

    By Jon Chase

    This post was done in partnership with The Wirecutter, a buyer's guide to the best technology. When readers choose to buy The Wirecutter's independently chosen editorial picks, they may earn affiliate commissions that support their work. Read the full article here.

    After researching more than 20 smart hubs—the brains that let all of your smart-home devices work together—and living with a half-dozen of them for a few months while putting them through their paces with an array of smart locks, thermostats, room sensors, switches, lights, and more, we think that the Samsung SmartThings Hub is the best hub for most people who want to buy right now. It's competitively priced, is compatible with a large number of third-party devices, and supports most of the major wireless protocols relied on by smart devices.

    We think it's important to note, however, that we struggle to fully throw our support behind any one model without substantial reservations. The SmartThings hub is the most evolved among a number of well-rounded products out already. Still, to date, we don't believe that any one smart hub is an unqualified, home-run purchase that would satisfy most people—our baseline standard.
    Who this is for
    A smart hub is essential for anyone who wants to use a single centralized app to control their wirelessly connected lights, thermostats, smoke alarms, motion detectors, sound systems, or any other smart-home devices and appliances. A smart hub acts as the middleman in a system, facilitating communications between all your various devices and enabling control of them too. It can also automate your devices so they work with each other without any interaction from you. You can easily set up simple scenarios such as having the system automatically turn on the lights whenever you unlock your front door; a more complex system and a little work can let you set up the hub to use inputs from various sensors and switches and adjust devices in your house accordingly. The DIY hubs we tested for our guide are a fraction of the cost of the top-shelf home-automation systems that are custom-installed by the pros, though to get anywhere near the same level of functionality and polish takes a little effort.

    Setting up and using a smart hub requires a functional level of tech know-how, at a minimum the ability to use a smartphone or tablet and apps, as well as familiarity with pairing Bluetooth devices and/or logging your various devices onto your Wi-Fi network. Complicated setups may require a bit of patience, a few hours of perusing online help forums, or a call or two to tech support.
    How we picked and tested
    Because connected products have so many different competing technologies among them, we searched for hubs that offered compatibility with as many products and standards as reasonably possible, yet remained easy to set up and use. We also nixed hubs that required buying into a very expensive ecosystem to get started or require custom or professional installation. After cutting down our list, we consulted veterans in the field, including representatives from Apple, Nest, Insteon, Lutron, and the Z-Wave Alliance, as well as a number of editorial resources and customer testimonials.

    To discover what these hubs are capable of, we pulled together a collection of test smart devices (from several manufacturers) that we think would be desirable for a typical household, including light bulbs, outlet switches, thermostats, door and window sensors, cameras, water sensors, and door locks. Our test regimen for each hub included downloading, installing, and registering an app, connecting the hub to our home network, going through the setup procedure, and then pairing each hub with as many devices as possible among our range of test accessories.

    When performing our tests, we paid close attention to how friendly and intuitive the setup process was when setting up the hub and, in particular, when linking devices together to create scenes or macro actions. Compatibility with wireless protocols was a key concern, as well as whether a hub needed to be directly connected to our home router or could be located remotely—a major issue if you have a large home or one with spotty wireless issues. Almost as important as the physical components of a hub is the companion app you use to control it, so we spent most of our time using apps to set up devices, link them together, create scenes, and tweak notifications settings, wherever possible.
    Our pick
    Our winner, the Samsung SmartThings Hub. Photo: Jon Chase

    The Samsung SmartThings Hub is the most evolved among a number of well-rounded products already on the market. It's competitively priced, is compatible with a wide range of third-party devices, and supports most of the major smart-home wireless protocols, including Bluetooth, Wi-Fi, ZigBee and Z-Wave. The companion controller app can be confounding, but within its many submenus and sections is a wealth of capability and, with some planning, the right smart accessories and devices, and patience—lots of patience—you can create a rich home-automation scheme that can hum along without requiring you to monitor it constantly. In the right hands, the SmartThings hub can steer the ship of a comprehensive DIY smart-home setup.

    Setting up the SmartThings hub is straightforward, as it was with most of the hubs we tested. The SmartThings companion app, which is required for setting up and controlling the hub, takes a lot more work to understand. Compared with more streamlined app offerings, the SmartThings app is positively full of icons, buttons, submenus, and subsections. Though you could certainly get by using only a fraction of the functions offered, we recommend digging in a bit to get an idea of what SmartThings is capable of—and also why it may be a little too much for some potential users.
    The Wink hub supports most of the popular wireless protocols and doesn't need to be plugged into a router. Photo: Jon Chase

    The Wink Hub supports most popular wireless protocols, including Wi-Fi, Bluetooth, Lutron Clear Connect, ZigBee, and Z-Wave Plus. For individual control of a device or even a few, it's a great bargain, but for automation of several devices we believe the SmartThings hub remains a better option. The Wink does have a few advantages though. You can connect it to your home network via Wi-Fi instead of a cable, allowing you to place the hub anywhere in your home you like, which is especially helpful if reception is an issue. And the ability to pair some devices by scanning a barcode is far easier than the SmartThings hub's often multistep approach.

    In our tests we had no trouble pairing the Wink hub with a few smart locks (in fact, it was our test hub for our smart locks guide), as well as a Connected Cree LED bulb, a Nest thermostat, a Nest Cam, and an Amazon Echo. Controlling any of them and setting up notifications is straightforward via the Wink's companion app, which is far easier to decode and use than the SmartThings app. One foible though is the method for creating automation schemes, dubbed "robots." It's an obtuse system of creating logic schemes for actions that tips the Wink into more-advanced-user territory. We also found that the Wink tended to suffer a greater lag time between when we triggered an action to when it occurred, which is a common complaint.

    An updated Wink hub, which the company is calling Wink Hub 2, will launch at the end of October. It does everything the original Wink does, but adds Ethernet, Bluetooth Low Energy (BTE), a faster processor, and support for locally controlled automation routines.
    HomeKit, Nest, and Echo
    Amazon, Apple, and Google have each staked a claim in the smart home as well. Google snapped up smart-thermostat pioneer Nest a few years ago, and later acquired Dropcam. Despite ending support for Nest's own hub, the Revolv, Google remains involved in (and hopefully committed to) home products, and maintains a Works with Nest program that provides standards for third-party products to maintain compatibility with the Nest. Apple has its Works with Apple HomeKit program for products that meet hardware and software standards and that will, in theory, interact with other enabled devices as well as Apple devices seamlessly, including voice control via Apple's Siri. And Amazon moved strongly into smart-home voice control with its Internet-connected Echo speaker and its newer variants, the Tap and Dot.

    For more about the options for HomeKit, Echo, and Nest and what to look forward to in smart-home technology, check out our full guide.

    This guide may have been updated by The Wirecutter. To see the current recommendation, please go here.

    Note from The Sweethome: When readers choose to buy our independently chosen editorial picks, we may earn affiliate commissions that support our work.

  • 'City of the Shroud' is an RPG with a truly player-driven story

    Adventure and role-playing games have always focused on telling stories, and that tradition has permeated into almost every other genre. Whether with linear plots or with branching, adaptive tales, developers are putting story everywhere. And just as the technology powering games is evolving, so too are the narratives within them. One game, however, is pushing forward into entirely new territory: City of the Shroud.

    Partially funded by a small-scale Kickstarter campaign earlier this year, City of the Shroud is being developed by Abyssal Arts, a small team strewn across the US and UK, with some assistance from Japan. It's a hard game to categorize. It's an RPG, yes, but it blends tactical elements from X-Com, The Banner Saga and Final Fantasy Tactics with a real-time combat system that borrows from classic fighting games.

    There are no "turns" in City of the Shroud; instead, combatants all generate action points in real time that can be used whenever you like to either move or strike an opponent. Attacks themselves are performed using an upgradable combo wheel, which is a little like Street Fighter. As in Capcom's famous series, you use the wheel's "d-pad" to input commands (down, left, up, etc. ...) for special attacks, and you can put them together (if you have enough action points) to pull off combos. There are multiple classes of character, each with their own moves, strengths and weaknesses, to combine however you please. Controlling them at the same time makes for challenging battles.

    Between the frantic bouts of combat, the game presents itself much like a visual novel -- you'll converse with the residents of Iskendrun, the titular shrouded city. It's isolated, and on the brink of civil war, with potential leaders squabbling for control. Something bad is coming, though, and someone in the city knows about it. As the archetypal hero, you'll have to work out whom you can trust, choose whom to ally yourself with and whom to fight. But you are just one hero, in a city of thousands.

    While City of the Shroud's world, its inhabitants and the broad plot line have all been devised already, where the story goes will depend on players. Throughout the game, they'll be making decisions in the visual novel side of the game, aligning with different factions, supporting and betraying whomever they please. After the first chapter, though, those decisions begin to affect the world as a whole. Abyssal Arts is collecting gameplay data from each player, pooling it together and then reshaping the political landscape of Iskendrun around it.

    "We wanted to give your decisions consequence, [and] we wanted the choices of the players and what was going on in your game to have consequence for everyone else," Keaton White, the game's director, explained. White has AAA experience in the industry, having spent four years in Japan at Capcom as a production manager, working on the Dead Rising series and the upcoming action RPG Deep Down. He's now based in Brighton, England, where he founded Abyssal Arts. Together with author Moira Katson, whose self-published works have hit the top of Amazon's Sci-Fi/Fantasy charts three times in three years, and programmer Ryan Becker, White created City of the Shroud.

    "We wanted to give your decisions consequence, we wanted the choices of the players and what was going on in your game to have consequence for everyone else."

    Iskendrun can be divided into five factions, and the leaders of each are the main characters driving the story forward. At the start of the first chapter, each player aligns with one of those groups, and begins to uncover the story from that perspective. The decisions they make throughout the game -- including, at one point, whether to defect to another faction -- will directly influence their experience, as you'd expect, but after the chapter is done is when things will get really interesting.

    After an undetermined amount of time -- likely around two months -- Abyssal Arts will close what's referred to internally as "the influence period." The chapter will still be playable, but decisions won't influence the plot, and the team will begin to pore over the data. They're playing their cards close to their chest with regard to which decisions will influence the story. "It's not always going to be obvious that you're at a feedback point," explained Katson. "Little choices and comments you make may weaken your leader's standing with allies or in the city as a whole." There will be huge decisions to make, and those might be more conspicuous, "but then there will also be smaller decisions that shade the tone of how I write certain events."
    It's not always going to be obvious that you're at a feedback point. Little choices and comments you make may weaken your leader's standing with allies or in the city as a whole.
    Moira Katson

    Of course, Katson already knows the meat of the story. "We know the antagonist, we know the events that are coming down the pipeline," Katson affirmed. But at the core of the story is a complex political landscape, and the strength and aims of each faction within will dramatically change how the city responds to these events. The city, as it were, is a "living organism," whose reflexes are attuned to the actions of the players within. "Characters will get pushed to extremes in various ways" depending on what decisions gamers make, Katson continued, and "will end up possibly siding with people that they would've gladly have pushed off a cliff before."

    The experience of scripting a game, especially one as unique as City of the Shroud, is a world away from writing a novel. Aside from requiring vast amounts of writing in a very short time, it also requires the writer to let go of the story and allow others to shape it.

    Abyssal Arts ran a small beta pilot earlier this year, with a different main character and much shorter chapters than the final game will have. "It was incredible watching that," Katson explained. "When you're writing a novel, you have no idea what people are thinking in the middle of it." Here, though, she was able to see whom people trusted, whom people sided with, just as the story was beginning.
    Character art for the "Duelist" class.

    The test run allowed the team to tweak the way they introduced characters. One early problem they found was that gamers, perhaps conditioned from a lifetime of simpler, objective-based stories, were all making the same, dull decisions. "Our players are too practical, and sensible," Katson explained. "We have all of these fun characters, and sure, they're charming sociopaths, but they are charming, y'know? Players just did not trust them and did not want to ally with them."

    This isn't a novel, though. If the team feels that people aren't understanding a character fully, they can change that. Got an inherently untrustworthy character that people blindly trust? Throw some more clues their way. "I would say it's different writing this, not just because of the medium, but because I have that feedback," Katson said.

    "Feedback" seems to be key here. Or maybe "feedback loop" is more apt. Based on what players do, Katson will continue developing the city, pushing the story forward, only for players to react again and send things in another direction. Throughout it all, one recurring character in the game will talk about the city as a whole whenever you meet him. Every time, he'll relay the current state of play based on real-time data -- which factions are strongest, which are growing in influence and which are shrinking. Small touches like this, it's hoped, will give a sense of Iskendrun as a living entity.

    In addition to creating a real-time experience for gamers, Abyssal Arts needs to make sure the game stays interesting. Each chapter is going to be "alive," as it were, for only a couple of months or so. The team needs to factor in players coming late to the party, or those who want to replay the game from another faction after the fact. "We don't want this to just be a compelling story because you're influencing it," White said. "We want to make sure the story itself is compelling enough -- that you can watch choices ripple through this world. It needs to remain this very multifaceted world."

    City of the Shroud is very, very ambitious -- especially as it's the first game from a small studio. It'll be released on PC and Mac in four chapters (you only pay once; the other chapters will come free) over the course of a year. "We wanted to strike a balance between keeping updates at a regular pace and what we can handle as a team," said Keaton. That means managing a game release, bugs, balancing and community management all while writing what needs to be a captivating, dynamic story. And that's without factoring in server management: aside from the story mode, players can face off against each other in online battles, something that'll require upkeep and tweaking of its own. It's a gargantuan task.

    This project could completely fail. Any title with such lofty aspirations runs that risk. But from a couple of hours playing through an early beta provided by the developers, it's clear there's a solid game here already. Battles are exciting, and unlike anything I've played through before. The characters are interesting, and the dialog is (unsurprisingly, given the author involved) well written and engaging. It's not exactly beautiful right now -- animation is a little choppy, and the UI is full of placeholders -- but that's to be expected at this point in development.

    The first chapter of City of the Shroud should come at some point before the middle of next year. And after that, the real work begins.

  • Google searches for 'nasty' hit all-time high after Trump's comment
    At the conclusion of the third presidential debate in which Donald Trump failed to show American he has the temperament or knowledge to lead the country, the embattled Republican candidate hissed "such a nasty woman" at his opponent Hillary Clinton. The internet reacted predictably: with outrage and streaming of Janet Jackson's 30-year-old hit "Nasty." But Spotify wasn't the only place that felt a "nasty" effect: Google says that searches for "nasty" have spiked more than 10 times over their normal level since last Thursday. Furthermore, Google says that "nasty" searches have reached an all-time high on the search engine worldwide. What exactly people were looking for remains unclear; it could have been more people looking for Janet Jackson's classic track, or it could have been people searching for news article relating to Trump's comment. Whatever people may be looking for, it seems Trump has given birth to yet another meme that'll come to define his campaign. In a crazy election cycle, he may have finally had his "binders full of women" moment.

  • Artificial intelligence won't save the internet from porn

    "I shall not today attempt further to define the kinds of material I understand to be embraced within that shorthand description ["hard-core pornography"], and perhaps I could never succeed in intelligibly doing so. But I know it when I see it, and the motion picture involved in this case is not that." -- United States Supreme Court Justice Potter Stewart

    In 1964, the Supreme Court overturned an obscenity conviction against Nico Jacobellis, a Cleveland theater manager accused of distributing obscene material. The film in question was Louis Malle's "The Lovers," starring Jeanne Moreau as a French housewife who, bored with her media-mogul husband and her polo-playing sidepiece, packs up and leaves after a hot night with a younger man. And by "hot," I mean a lot of artful blocking, heavy breathing and one fleeting nipple -- basically, nothing you can't see on cable TV.

    In six simple words, Justice Stewart encapsulated the near-impossible act of creating a single definition of pornography: "I know it when I see it".

    Attitudes toward sex have changed significantly since 1964. Soon after Jacobellis faced the Supreme Court, the United States experienced a sexual revolution followed by the porn boom of the 1970s and, more recently, the advent of the internet. Today, anyone with an internet connection can be knee-deep in creampies and pearl necklaces in a matter of seconds. We've come a long way, but one thing remains the same: We're still nowhere close to a universal definition of pornography or obscenity.

    Jean Moreau and Jean-Marc Bory in the not-so-sexy scene from "The Lovers" at the heart of Jacobellis v. Ohio (Image Credit: Getty Images)

    But unfettered access to all things smutty, dirty and questionably filthy has created a surge in censorship tools that, in theory, use algorithms and advanced artificial intelligence programs to identify porn and weed it out. Last year, Twitter acquired Madbits, a small AI startup that, according to a deep learning AI porn filter and there are no doubt similar projects underway at other internet companies.

    Big players have been sinking big money into cleaning up the internet for decades. The trouble is, censorship is a slippery slope, and obscenity is inherently subjective. If we can't agree on what constitutes pornography, we can't effectively teach our computers to "know it when they see it." No matter the sophistication of the technology or the apparent margin of error, porn filters still depend on humans to teach them what is and isn't NSFW.
    Sometimes a naked child is more than a naked child.
    In the early days of the world wide web, US libraries and schools implemented filters based on rudimentary keyword searches in order to remain in compliance with the Child Internet Protection Act. The act attempts, as the name suggests, to protect children from the darker side of the internet, specifically "pictures that are: (a) obscene; (b) child pornography; or (c) harmful to minors (for computers that are accessed by minors)."

    But that's not exactly how it played out.

    A 2006 report on internet filtering from NYU's Brennan Center for Justice referred to early keyword filters and their AI successors as "powerful, often irrational, censorship tools."

    "Filters force the complex and infinitely variable phenomenon known as human expression into deceptively simple categories," the report continued. "They reduce the value and meaning of expression to isolated words and phrases. An inevitable consequence is that they frustrate and restrict research into health, science, politics, the arts, and many other areas."

    The report found that popular filters inexplicably blocked sites belonging to Boing Boing, GLAAD, photographer Robert Mapplethorpe and Super Bowl XXX, among others, and often reflected the political and social prejudices of their creators. While Yahoo and Google's AI-powered filters have replaced keyword searches with sophisticated image recognition, they still rely on humans to teach them what is and isn't safe for work. And as Facebook recently discovered, images are no less divisive than words.

    (Image Credit: ASSOCIATED PRESS)

    The social network faced widespread backlash in early September when it took down the photo above for violating its community standards. The Pulitzer Prize-winning image from 1972 shows a naked 9-year-old girl running away from a napalm attack during the Vietnam War. Facebook originally took the photo down for violating its community standards, saying, "While we recognize that this photo is iconic, it's difficult to create a distinction between allowing a photograph of a nude child in one instance and not others."

    But as the nursing photos and information about mammograms. More recently it learned a lesson about the fine line between pornography and art, when it deleted and later reinstated a video of a black woman who painted her naked body white on Facebook Live to draw attention to police brutality and the Black Lives Matter movement.

    The real world too, is rife with examples of the debate about what is art and what is porn. In 1990, the Contemporary Arts Center in Cincinnati and its director were accused and acquitted of obscenity charges for an exhibition of Robert Mapplethorpe's photography.

    It was the first time such charges were brought against a museum in the US, and the photos in questions -- depictions of gay S&M -- were at the center of a national debate headed by the Republican Party. The prosecution argued that the exhibition, funded by the National Endowment for the Arts, constituted pornography while the defense defined it as art. That case proved that sometimes a man with a bullwhip hanging out of his ass is more than a man with a bullwhip hanging out of his ass. It also proved that our access to art, no matter how controversial, isn't always guaranteed.

    Our personal prejudices continue to undermine our access to information and freedom of expression, despite advances in internet filtering. We may never agree on what NSFW really means, but without a universal definition, our machines will simply act as conduits for our own opinions. Not one of us can claim to know it when we see it, and no amount of code can change that.

  • NASA's Juno probe napped through its latest Jupiter flyby
    NASA's Jupiter probe was supposed gather data when it did a close flyby of the gas giant a few days ago. Alas, it suddenly switched off all its scientific instruments as it unexpectedly entered safe mode due to some engine troubles. Thankfully, it was a temporary setback: Juno is now back and ready to do science the next time it's scheduled to soar close to the planet (December 11th).
    Even though it wasn't able to gather data this time around, the information it beamed back from its August 27th flyby continues to keep its ground team busy. For instance, thanks to the info gathered by Juno's Microwave Radiometer instrument (MWR), they discovered that Jupiter's bands aren't just skin-deep. They found that those bands extend "as far down as [their] instruments can see, but seem to change with each layer." To note, the radiometer can see 215 to 250 miles below the planet's cloudy facade. This discovery came from the same set of data which revealed that the planet's auroras are much bigger and more powerful than ours here on Earth.

    The photos Juno sent back are also keeping citizen scientists busy. Since JunoCam has no image processing personnel, NASA is relying on the public to help them generate images from the camera's raw data. One particular submission (below) seem to have caught people's attention: its creator made a smiley emoji using a photo of Jupiter's south pole.

    JunoCam imaging scientist Candy Hansen said:

    "The amateurs are giving us a different perspective on how to process images. They are experimenting with different color enhancements, different highlights or annotations than we would normally expect. They are identifying storms tracked from Earth to connect our images to the historical record. This is citizen science at its best."

    [Image credit: Randy Ahn © CC NC SA]

    Source: NASA

  • 'Enemy of the State' gets a timely TV series sequel
    Jerry Bruckheimer has announced that he's developing a TV sequel to his 1998 hit movie Enemy of the State. The series will be filmed with a view to airing on ABC and will be set 20 years after the original that starred Will Smith and Gene Hackman. Of course, back then, the notion of ubiquitous government surveillance that could examine every part of our lives seemed totally far-fetched. The film itself concerned a reckless NSA official who planned to erode traditional notions of privacy in modern day America. Yeah, about that.
    In the intervening eighteen years, the US has proven to be exceptionally adept at building a wall-to-wall surveillance system that's far more powerful than its fictional counterpart. Agents don't even need to come into your house masquerading as repair people to use cameras to spy on you given the existence of the smartphone. The UK government has informally banned smartwatches from high-profile meetings out of concern that foreign powers could use them to eavesdrop. In a post-Snowden world, it seems almost quaint that people could attempt to rally against the police state that exists as the new normal.

    Footage from a simpler, gentler time.

    Speaking of which, the new series will focus on an NSA agent who is alleged to have leaked classified intelligence to the public. Maybe this person can be called Bedward Bowden or maybe Edward Manning or Chelsea Snowden, something like that. They'll be working with an "idealistic female attorney" who teams up with a "hawkish FBI agent" to defeat a global conspiracy that threatens to expose "dark secrets." It's that last bit that seems the most fantastical, since in the real world, the dark secrets that Snowden exposed were pretty much ignored. After all, the NSA was cleared of abuses of power by an oversight committee and Section 702 of FISA remains in force and unchanged, at least until 2017.

    Back in 1998, Enemy of the State was closer to sci-fi, but now we're at a point where it's a crushing reality that we all live with. Although, as with shows like Mr. Robot, there's plenty of ways to make a show about arcane government surveillance engaging enough for a mainstream audience.

    Source: The Hollywood Reporter

  • Some of the biggest sites on the internet were shut down this morning (update: down again)
    Happy Friday! If you've had trouble this morning accessing your favorite internet outlet, you're not alone. Dyn, one of the internet's biggest domain name servers (DNS) got hit with a distributed denial of service (DDoS) attack this morning, making it quite difficult to reach some of the biggest sites and services on the web. Twitter, Spotify, the New York Times, Reddit, Yelp, Box, Pinterest and Paypal are just a handful of the sites under siege this morning.
    Most of the outages appear to have centered on the east coast, though a few other regions of the US also saw issues. Dyn says that services have been restored to normal, although you might see some lingering weirdness for a little bit. Here's hoping Dyn truly has this DDoS under control so we can make it through the rest of the week without the internet collapsing on us again.

    Update, 12:25PM ET: It looks like this attack has been renewed. Twitter is down entirely, and other affected sites are responding much slower than normal (or not at all) right now. We'll keep an eye on this and update as things develop.

    Update, 4:20PM ET: Looks like we're down again, folks -- the third wave of the attack is underway, according to Dyn. And the US government is looking into today's outages to see if it was a criminal attack.
    BREAKING: Internet infrastructure company Dyn says third denial-of-service attack is underway, some sites disrupted
    — CNBC Now (@CNBCnow) October 21, 2016
    Via: Gizmodo

    Source: Dyn

  • ICYMI: Orbital space junk is putting us in jeopardy

    Today on In Case You Missed It: The US Air Force is moving its Space Surveillance Telescope to Australia to track space junk littering geosynchronous orbit. That's the orbit 22,000 miles away from our planet where satellites mirror the Earth's rotation so that they don't appear to move.

    The Department of Justice story about facial recognition is here, while that darling sneezing baby (who eschews costumes) is here. If you enjoy the cartoon humor that is an engine giving up on a job, that's here. As always, please share any interesting tech or science videos you find by using the #ICYMI hashtag on Twitter for @mskerryd.

  • Nintendo unveils its new console: Nintendo Switch
    Nintendo just unveiled its new gaming console - it's called the Nintendo Switch, and it allows you to play both on your TV and while on the go, with the same console and controllers. The introduction video shows very well what the console can do, and I have to admit - it looks pretty awesome.  As both a console and a portable device, the Nintendo Switch will use cartridges known as Game Cards. The portability is one of the system's most important features; Nintendo's trailer showed people using the Switch in handheld mode on a plane, in a car and on a city rooftop. Nintendo said that people can bring multiple Switch units into the same place for "local multiplayer face-to-face competition."  No information on pricing yet, but it should be available March 2017. It's powered by Nvidia hardware, but that's about all we know about its capabilities. I'm quite curious to see if the device takes a performance hit once you undock it and use it on the go.

  • * "Pixel, iPhone 7, and grading on a curve" *
    iMore's Rene Ritchie, linked by Daring Fireball's John Gruber:  So, everyone who'd been criticizing Apple and iPhone design immediately called Google out for aping it?  Not so much.  Except, every Pixel review did call Google out for this.  Surely they drew the line at Google's 2016 flagship missing optical image stabilization - not just in the regular-size, but in the Plus XL model as well - stereo speakers, and water resistance - things that were pointed to last year as indicators Apple was falling behind?  Turns out, not deal-breakers either.  Except, every Pixel review did call Google out for this. Here's a quick cut/paste image job I did yesterday, highlighting how Pixel reviews did, in fact, call out Google and the Pixel for the things Ritchie claims they are not calling them out for.  It's almost like the Pixel is being graded on a curve.  When you're as deeply enveloped in the Apple bubble as people like Rene Ritchie and John Gruber, reality inside the bubble starts folding in on itself. You sit deep inside your bubble, and when you look outwards, the curves and bends of the bubble's surface twist and turn reality outside of the bubble into ever more grotesque and malformed versions of it.  Ever since the unveiling of the Pixel up to and including the reviews published yesterday, everybody in the technology media has been pointing out the exact same things Ritchie claims are not being pointed out. The amount of mental gymnastics and selective perception one must undertake - one could call such exercises flat-out lies - to claim that the major technology media is "against Apple" or "grading [the Pixel] on a curve" is so humongous that I honestly didn't think it was realistically and humanly possible.  And I say this as someone who once got a flood of really nasty and angry emails because OSNews had not yet separated the FreeBSD category and its icon from the generic BSD category, so FreeBSD and Dragonfly BSD people alike were furious at me for putting a Dragonfly BSD story in the generic BSD category because it had a FreeBSD icon. I've been around the block when it comes to the kind of reality-warping, deeply idiotic bullshit the technology world can conjure up over absolutely nothing.  When I was 17, I went on a trip to Rome, the most beautiful city in the world. As I stood atop the dome of St. Peter's Basilica, looking down upon the countless tourists swarming St. Peter's Square, I realised how easy it would be to lose touch with the people down there if you spent most of your time up here.  The bubble is no different. Read more on this exclusive OSNews article...

  • Android 7.1 Developer Preview released for Nexus devices
    A couple of weeks ago we announced that a developer preview of Android 7.1 Nougat was on the way. You can get started with this new release today by downloading the SDK and tools. To get the 7.1 release on your eligible device, enroll your device in the Android Beta program. If your device is already enrolled, you'll receive the update automatically.  I got the update on my Nexus 6P late last night, and it installed without any issues.

  • Facebook used the controversial surveillance tool it blocked
    When it was revealed last week that police used a social media monitoring program to track protestors, it inspired outrage, and major tech companies immediately cut off API access for the tool. But at least one of those companies had prior opportunity to know what the tool, Geofeedia, was capable of. According to three former Geofeedia employees who spoke with The Verge, Facebook itself used the tool for corporate security. Facebook, according to two of the sources, even used Geofeedia to catch an intruder in Mark Zuckerberg's office.  Social media companies like Facebook are weird - and incredibly pervasive. Someone I know - I'm not going to be too specific here - once proudly said he/she does not want Facebook to know where he/she lives, so he/she did not fill in that field in his/her Facebook account. I smiled internally and thought to myself "Facebook knows you are at a specific address between the hours of 18:00 and 8:30 every workday and during the weekend - I'm pretty sure Facebook knows where you live".  Comfort levels with social media and technology companies usually come down to fooling ourselves.

  • Windows 10 Redstone 2: everything we know (so far)
    Microsoft is now hard at work developing the next major update for Windows 10. Codenamed 'Redstone 2', this next update is rumored to launch in the Spring of 2017 and will focus on productivity improvements for the desktop, and will bring much-needed features and enhancements to Windows 10 Mobile users.

  • "Shame on Y Combinator"
    Marco Arment:  Y Combinator is extremely influential in tech startups and startup culture.  Peter Thiel, an investor who often participates in Y Combinator, is donating $1.25 million to Donald Trump's political efforts, which has incited outrage among the tech community with many calling for Y Combinator to sever ties with Thiel.  Y Combinator has apparently decided not to. President Sam Altman defended this position in a blog post, framed as a Clinton endorsement, that begins with a partial overview of how reprehensible and dangerous Trump is, but ends with a defense of continuing Thiel's involvement in Y Combinator that's effectively framed as a free-speech or tolerance issue.  I completely agree with Arment.  One thing doesn't sit entirely right with me about this, though. Y Combinator is getting a decent amount of flack for this, and rightly so - a sexual assaulter like Trump should be in prison, not in the White House. However, where's all the outrage about Tim Cook organising fundraisers for Donald Trump's political party? Why is that fact almost silently swept under the rug and brushed aside, but Y Combinator gets skewered for doing the same thing? Why is Tim Cook supporting Donald Trump okay, but Y Combinator not cutting ties with someone supporting Donald Trump not okay?  Is it, perhaps, because Apple and Tim Cook get graded on a curve, to use a phrase popular in the Apple blogosphere?  It's almost as inconsistent as iOS. I guess that runs deeper than I thought.

  • Google Pixel reviews
    The Google Pixel reviews are coming in, and they are quite positive.  The Verge's Dieter Bohn:   This is Google's first phone, and for a first effort it is remarkably good. By almost every metric I can think of - speed, power, camera, smart assistant, you name it - it matches or exceeds the best phones available on the market today. And though the design is far from groundbreaking, it's certainly approachable. The whole package is pretty incredible, and if you're not put off by the premium price, you'll be very happy with this premium phone. I prefer the XL, which isn't huge and seems to get notably better battery life   Walt Mossberg, also for The Verge:   If you're an Android fan, willing to buy a premium phone, the Pixel is your answer. To repeat: it’s simply the best Android phone I've tested. If you're an iPhone user thinking of switching, the Pixel will seem physically familiar, but you'll have to overcome the sticky links you've developed with fellow iPhone users, things like iMessage (which Google can't match yet) and iCloud Photo Sharing (which Google is trying to copy). You'll also have to do without the comfort of your neighborhood Genius Bar.  But my main message, dear readers, is this: Google has come out of the gate with a top-flight phone and suddenly, there’s no longer an Apple-Samsung duopoly in premium handsets.   Joanna Stern for The Wall Street Journal:   Android people, please step forward. Good news! Your next phone-buying decision just got a heck of a lot easier. The Google Pixel is now the best Android smartphone you can buy. The other leading contender was disqualified due to spontaneous combustion.   iPhone people, it's your turn. Ask yourself: Why do I have an iPhone? Is it because of its software, services and privacy policies? Or is it because it's a very good phone for things like Google Maps, Gmail, Spotify and Facebook Messenger? If you've answered yes to the latter, the Pixel may be for you, too.   Lastly, the Android Central review:   The Google Pixel XL is my new daily driver. As for the smaller Pixel, I know it's going to take a lot to tear Daniel Bader away from this compact Android powerhouse. Both are excellent smartphones which we can wholeheartedly recommend, even with their sky-high price tags. The question of whether a smartphone can be worth $700 to $1,000 in 2016 is a debate altogether. But if any phone is worth that amount of cash, the Pixels are. Just as that same argument can be made for the iPhone 7 or Galaxy S7.   Interesting how all the American reviewers mention iMessage so often as a barrier to switching. Living in a country where WhatsApp has a 100% market share and iMessage is entirely unused, it's just an annoying junk app to me.

  • KDE 1 're-released' for current Fedora
    The KDE Restoration Project was a personal pet project which was born around last QtCon, and I took as a letter of love for the project that basically formed my professional life.  What you're seeing here is the last KDE 1 release running on a modern system from 2016!  This is amazing.

  • Past, present, and future of League of Legends studio Riot Games
    It's the tale of an extremely difficult, user-unfriendly game reaching untold heights of success. It's the story of a company that has remained committed to listening to and interacting with its fans even as it at has grown exponentially. More than anything, it's the story of two best friends who liked playing video games and decided one day to make their own.  Riot is celebrating its 10th anniversary this year, but to really know how one of the world's biggest development studios got started, you need to go back to Los Angeles in the early aughts. You need to find two University of Southern California business students who formed a bond unrelated to their studies.  More than a hundred million people play League of Legends every month now. For a game as uninviting and complex as this, that's an absolutely astonishing number of people. It's also quite amazing to compare the early years of League to today, and see just how much the game has changed over the years. I don't think many people realise just how different today's League is to that of only a few years ago.  I play League pretty much every day, as a great way to unwind after a day's work. I'm not always happy with every single change Riot implements - anyone remember the tank meta? - but when push comes to shove, I think the company is doing quite a good job of keeping League fresh with interesting new content, gameplay changes, and balance adjustments. They failed spectacularly in the area of communication these past few years, but they seem to have turned that ship around in the second half of this year, with more openness and better communication about the state of the game, their choices, and their reasoning - and, of course, they are finally fulfilling some long-standing player requests and their own promises.

  • How Apple scaled back its titanic plan to take on Detroit
    Apple Inc. has drastically scaled back its automotive ambitions, leading to hundreds of job cuts and a new direction that, for now, no longer includes building its own car, according to people familiar with the project.  Hundreds of members of the car team, which comprises about 1000 people, have been reassigned, let go, or have left of their own volition in recent months, the people said, asking not to be identified because the moves aren't public.  I never quite understood why Apple was building a car when you look at the state of their software and their hardware (except for the iPhone's hardware). Fix that stuff first, before designing and building something that can actually quite easily kill people.

  • Mossberg: Why does Siri seem so dumb?
    Yes, Siri can usually place a call or send a text. It can tell you sports standings, Yelp restaurant reviews and movie times - features Apple added years ago. And it must be said that all of its competitors have their own limitations and also make mistakes.  But in its current incarnation, Siri is too limited and unreliable to be an effective weapon for Apple in the coming AI wars. It seems stagnant. Apple didn't become great by just following the data on what customers are doing today. It became great by delighting customers with feats they didn't expect. The AI revolution will demand that.  'Stagnant'?  Seems to be the default state of Apple's software these days.

  • Canonical releases Ubuntu 16.10
    Ubuntu, the platform used in the majority of cloud deployments worldwide, today released version 16.10 with hybrid cloud operations, bare-metal cloud performance, the ability to lift-and-shift 80% of Linux VMs to machine containers, Kubernetes for world-leading process-container coordination, full container support in OpenStack, and telco-grade networking latency enhancements.  ...this isn't really about the desktop anymore, is it?

  • Verizon, Google promise zero update delays for Verizon Pixel
    Last week, I ragged on the Verizon models of the Google Pixel, so in the interest of fairness - here's Verizon and Google responding to the criticism levelled at the usual role carriers in the US play in delaying updates and adding tons of crapware. Verizon told Ars:  First and foremost, all operating system and security updates to the Pixel devices will happen in partnership with Google. In other words, when Google releases an update, Verizon phones will receive the same update at the same time (much like iOS updates). Verizon will not stand in the way of any major updates and users will get all updates at the same time as Google.  Also, the Verizon version of the Google Pixel is carrier unlocked, so you can use it where ever you like. Finally, we have three apps pre-installed on the phone Go90, My Verizon (which is your account management tool) and Verizon Messages (your messaging app). As you noted, all three can easily be uninstalled by the user.  Google further confirmed that that updates will not be held back by Verizon. Google told Ars:  OS updates and monthly security patches will be updated on all Pixel devices (Verizon and non-Verizon versions) simultaneously.  That's excellent news.

  • Android 7.1 Developer Preview hits later this month
    Today, we're taking the wraps off of Android 7.1 Nougat, the latest version of the platform. You probably saw a sneak peek of it at last week's event. It's an incremental update based on Android 7.0 but includes new features for consumers and developers - from platform Daydream VR support and A/B system updates to app shortcuts and image keyboard support.  The first developer preview will hit later this month.

  • Samsung definitively kills off Note 7
    Samsung Electronics Co. is ending production of its problematic Galaxy Note 7 smartphones, taking the drastic step of killing off a smartphone that became a major headache for the South Korean electronics maker.  After halting sales of the new versions of the large-screen smartphone that failed to fix exploding batteries, Samsung finally pulled the plug on a key product that was supposed to compete with Apple Inc.'s iPhones and other high-end smartphones during the U.S. holiday shopping season.  Production will stop, Samsung said in a statement Tuesday.  The only right decision.

  • Ubuntu MATE, Not Just a Whim
    I've stated for years how much I dislike Ubuntu's Unity interface. Yes, it's become more polished through the years, but it's just not an interface that thinks the same way I do. That's likely because I'm old and inflexible, but nevertheless, I've done everything I could to avoid using Unity, which usually means switching to Xubuntu.

  • Non-Linux FOSS: Screenshotting for Fun and Profit!
    I do a lot of my day-job work on a Windows computer. Part of this involves taking screenshots for training purposes. For years, I've used the built-in "Snipping Tool" that comes with Windows, but I've always hated it. 

  • Nasdaq Selects Drupal 8
    Dries Buytaert announced today that Nasdaq Corporate Solutions has selected Drupal 8 and will work with Acquia to create its Investor Relations Website Platform. In the words of Angela Byron, a.k.a "Webchick", "This is a big freakin' deal."

  • Canonical Ltd.'s Ubuntu Core
    Canonical Ltd.'s "Snappy" Ubuntu Core, a stripped-down version of Ubuntu designed for autonomous machines, devices and other internet-connected digital things, has gained significant traction in the chipset/semiconductor market recently.  

  • Build Your Own Raspberry Pi Camera
    During the past few years, my BirdCam setup has evolved significantly. As I mention in the UpFront section of this issue, I hope to get the stream transferred to a YouTube Live stream at some point, so I can watch the feathery show on my television. And although watching the birds is the end goal, I'm constantly on a mission to improve the quality and flexibility of my setup. 

  • Netlist, Inc.'s HybriDIMM Storage Class Memory
    The metachallenge in today's data-saturated world is turning Big Data into actionable insight. A straight line to faster insights can be found in Netlist, Inc.'s new HybriDIMM Storage Class Memory (SCM), which the company describes as the industry's first standards-based, plug-and-play SCM solution.  

  • Android Candy: More Life Gamification
    You might remember a couple months ago my mention of Habitica, which is a gamification of your daily to-do list. One of my friends on Twitter mentioned an app he uses on Android called Wokamon, which ties in with your FitBit (or any of several other "step-counter" devices).

  • LinkedIn's {py}gradle
    To facilitate better building of Android apps, the technical team at LinkedIn has developed {py}gradle, a new powerful, flexible and reusable Python packaging system. Now available to the Open Source community, {py}gradle wraps Python code into the Gradle build automation tool so that developers can build Android apps more easily.

  • Senet IoT Foundry
    Startup companies and even large enterprises may not be able to harness the full range of skills required to deliver vertically complete IoT solutions to their customers.

  • The Peculiar Case of Email in the Cloud
    Most of the time when I start a project, or spin up a virtual server, it's done in my own basement "server farm". Not too many years ago, if I wanted those services to be public, I'd simply port-forward from my static IP into my personal machines. Or, perhaps I'd set up a name-based virtual host as a reverse proxy if I needed to expose a Web app.

  • Linux Journal October 2016
         Out with the New, and in with the Newer! 
    There was a show a few years back called, "Extreme Makeover: Home Edition". The premise of the show was to find families who needed their house

  • Extended File Attributes Rock!
    Worldwide, data is growing at a tremendous rate. However, one recent study has pointed out that the size of files is not necessarily growing at the same rate; meaning the number of files is growing rapidly. How do we manage all of this data and files? While the answer to that question is complex, one place we can start is with Extended File Attributes. Continue reading ’

  • Checksumming Files to Find Bit-Rot
    In a previous article extended file attributes were presented. These are additional bits of metadata that are tied to the file and can be used in a variety of ways. One of these ways is to add checksums to the file so that corrupted data can be detected. Let's take a look at how we can do this including some simple Python examples. Continue reading ’

  • What’s an inode?
    As you might have noticed, we love talking about file systems. In these discussions the term "inode" is often thrown about. But what is an inode and how does it relate to a file system? Glad you asked. Continue reading ’

  • Emailing HPC
    Email is not unlike MPI. The similarities may help non-geeks understand parallel computers a little better. Continue reading ’

  • iotop: Per Process I/O Usage
    Based on a reader comment, we take iotop for a spin to see if it can be used for monitoring the IO usage of individual processes on a system. The result? It has some interesting capability that we haven't found in other tools. Continue reading ’

  • SandForce 1222 SSD Testing, Part 3: Detailed Throughput Analysis
    Our last two articles have presented an initial performance examination of a consumer SandForce based SSD from a throughput and IOPS perspective. In this article we dive deeper into the throughput performance of the drive, along with a comparison to an Intel X-25E SSD. I think you will be surprised at what is discovered. Continue reading ’

  • Putting Drupal to Work
    Drupal is a simple but powerful CMS. However, you'll probably want to configure it. Learn how to tweak Drupal's settings to your liking. Continue reading ’

  • SandForce 1222 SSD Testing – Part 2: Initial IOPS Results
    SandForce has developed a very interesting and unique SSD controller that uses real-time data compression. This affects data throughput and SSD longevity. In this article, we perform an initial examination of the IOPS performance of a SandForce 1222-based SSD. The results can be pretty amazing. Continue reading ’

  • Drupal at Warp Speed
    Need to setup Drupal CMS but don't have the time to learn how? Try this 30 minute quick start guide. Continue reading ’

  • Chasing The Number
    The Top500 list is a valuable measure of HPC progress, but the race it has spawned maybe over for many organizations Continue reading ’

  • Stick a Fork in Flock: Why it Failed
    This probably won't come as a surprise to many, but the "social Web browser" has thrown in the towel. Don't cry for the Flock team - they're flying the coop for Zynga to go make Facebook games or something. But Flock's loyal fans are out in the cold. Why'd Flock fail? There's a few lessons to be learned. Continue reading ’

Page last modified on October 08, 2013, at 02:08 PM