Forgot your password?
typodupeerror

Become a fan of Slashdot on Facebook

OS X

If You're Connected, Apple Collects Your Data 160

Posted by timothy
from the so-they-can-notify-next-of-kin dept.
fyngyrz (762201) writes It would seem that no matter how you configure Yosemite, Apple is listening. Keeping in mind that this is only what's been discovered so far, and given what's known to be going on, it's not unthinkable that more is as well. Should users just sit back and accept this as the new normal? It will be interesting to see if these discoveries result in an outcry, or not. Is it worse than the data collection recently reported in a test version of Windows?
GUI

Apple Doesn't Design For Yesterday 290

Posted by timothy
from the new-one-looks-nice-to-me dept.
HughPickens.com writes Erik Karjaluoto writes that he recently installed OS X Yosemite and his initial reaction was "This got hit by the ugly stick." But Karjaluoto says that Apple's decision to make a wholesale shift from Lucida to Helvetica defies his expectations and wondered why Apple would make a change that impedes legibility, requires more screen space, and makes the GUI appear fuzzy? The Answer: Tomorrow.

Microsoft's approach with Windows, and backward compatibility in general, is commendable. "Users can install new versions of this OS on old machines, sometimes built on a mishmash of components, and still have it work well. This is a remarkable feat of engineering. It also comes with limitations — as it forces Microsoft to operate in the past." But Apple doesn't share this focus on interoperability or legacy. "They restrict hardware options, so they can build around a smaller number of specs. Old hardware is often left behind (turn on a first-generation iPad, and witness the sluggishness). Meanwhile, dying conventions are proactively euthanized," says Karjaluoto. "When Macs no longer shipped with floppy drives, many felt baffled. This same experience occurred when a disk (CD/DVD) reader no longer came standard." In spite of the grumblings of many, Karjaluoto doesn't recall many such changes that we didn't later look upon as the right choice.
Graphics

Direct3D 9.0 Support On Track For Linux's Gallium3D Drivers 47

Posted by timothy
from the one-way-or-another dept.
An anonymous reader writes Twelve years after Microsoft debuted DirectX 9.0, open-source developers are getting ready to possibly land Direct3D 9.0 support within the open-source Linux Mesa/Gallium3D code-base. The "Gallium3D Nine" state tracker allows accelerating D3D9 natively by Gallium3D drivers and there's patches for Wine so that Windows games can utilize this state tracker without having to go through Wine's costly D3D-to-OGL translator. The Gallium3D D3D9 code has been in development since last year and is now reaching a point where it's under review for mainline Mesa. The uses for this Direct3D 9 state tracker will likely be very limited outside of using it for Wine gaming.
Government

South Korean ID System To Be Rebuilt From Scratch After Massive Leaks 59

Posted by Soulskill
from the maybe-think-it-through-this-time dept.
AmiMoJo writes: South Korea's national identity card system may need a complete overhaul following huge data thefts dating back to 2004. The government is considering issuing new ID numbers to every citizen over age 17, costing billions of dollars. The ID numbers and personal details of an estimated 80% of the country's 50 million people have been stolen from banks and other targets. Some 20 million people, including President Park Geun-hye, have been victims of a data theft. Citizens are unable to change their credentials, which are used in many different sectors, making them an attractive target for hackers.
Intel

Android On Intel x86 Tablet Performance Explored: Things Are Improving 97

Posted by Soulskill
from the won't-run-crysis dept.
MojoKid writes: For the past few years, Intel has promised that its various low-power Atom-based processors would usher in a wave of low-cost Android and Windows mobile products that could compete with ARM-based solutions. And for years, we've seen no more than a trickle of hardware, often with limited availability. Now, that's finally beginning to change. Intel's Bay Trail and Merrifield SoCs are starting to show up more in full-featured, sub-$200 devices from major brands. One of the most interesting questions for would-be x86 buyers in the Android tablet space is whether to go with a Merrifield or Bay Trail Atom-based device. Merrifield is a dual-core chip without Hyper-Threading. Bay Trail is a quad-core variant and a graphics engine derived from Intel's Ivy Bridge Core series CPUs. That GPU is the other significant difference between the two SoCs. With Bay Trail, Intel is still employing their own graphics solution, while Merrifield pairs a dual-core CPU with a PowerVR G6400 graphics core. So, what's the experience of using a tablet running Android on x86 like these days? Pretty much like using an ARM-based Android tablet currently, and surprisingly good for any tablet in the $199 or less bracket. In fact, some of the low cost Intel/Android solutions out there currently from the likes of Acer, Dell, Asus, and Lenovo, all compete performance-wise pretty well versus the current generation of mainstream ARM-based Android tablets.
Internet Explorer

Microsoft's JavaScript Engine Gets Two-Tiered Compilation 46

Posted by Soulskill
from the under-the-hood dept.
jones_supa writes: The Internet Explorer team at Microsoft recently detailed changes to the JavaScript engine coming in Windows 10. A significant change is the addition of a new tier in the Just-in-Time (JIT) compiler. In Windows 10, the Chakra JS engine now includes a second JIT compiler that bridges the gap between slow, interpreted code and fast, optimized code. It uses this middle-tier compiler, called Simple JIT, as a "good enough" layer that can move execution away from the interpreter quicker than the Full JIT can. Microsoft claims that the changes will allow certain workloads to "run up to 30% faster". The move to a two-tiered JIT compiler structure mirrors what other browsers have done. SpiderMonkey, the JavaScript engine in Firefox, has an interpreter and two compilers: Baseline and IonMonkey. In Google Chrome, the V8 JavaScript engine is also a two-tiered system. It does not use an interpreter, but compiles on a discrete background thread.
Microsoft

Microsoft Partners With Docker 104

Posted by samzenpus
from the team-up dept.
rjmarvin writes Docker is teaming up with Microsoft to bring its open container technology to the next release of Windows Server. Docker Engine will work with the next release of Windows Server and images will be available in Docker Hub, which will also integrate directly into Microsoft Azure. The partnership moves Docker beyond Linux for the first time with new multi-container application capabilities for cloud and enterprise developers.
DRM

Mozilla Teams Up With Humble Bundle To Offer Eight Plugin-Free Games 67

Posted by samzenpus
from the stay-inside-and-play dept.
An anonymous reader writes Mozilla and Humble Bundle announced a new package that features award-winning indie best-sellers for which gamers can choose how much they want to pay. Naturally called the Humble Mozilla Bundle, the package consists of eight games that have been ported to the Web. The first five games (Super Hexagon, AaaaaAAaaaAAAaaAAAAaAAAAA!!! for the Awesome, Osmos, Zen Bound 2, and Dustforce DX) can cost you whatever you want. The next two (Voxatron and FTL: Faster Than Light) can be had if you beat the average price for the bundle. You can pay $8 or more to receive all of the above, plus the last game, Democracy 3. Previously, all of these indie games were available only on PC or mobile. Now they all work in browsers on Windows, Mac, and Linux without having to install any plugins.
Microsoft

Data From Windows 10 Feedback Tool Exposes Problem Areas 137

Posted by Soulskill
from the self-awareness-kernel-keeps-uninstalling-morality-drivers dept.
jones_supa writes: Two weeks in, and already a million people have tried out Windows 10 Technical Preview, reports Microsoft, along with a nice stack of other stats and feedback. Only 36% of installations are occurring inside a virtual machine. 68% of Windows 10 Technical Preview users are launching more than seven apps per day, with somewhere around 25% of testers using Windows 10 as their daily driver (26 app launches or more per day). With the help of Windows 10's built-in feedback tool, thousands of testers have made it very clear that Microsoft's new OS still has lots of irksome bugs and misses many much-needed features. ExtremeTech has posted an interesting list of the most popular gripes received, them mostly being various GUI endurances. What has your experience been with the Technical Preview?
Firefox

Firefox 33 Arrives With OpenH264 Support 113

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: Mozilla today officially launched Firefox 33 for Windows, Mac, Linux, and Android. Additions include OpenH264 support as well as the ability to send video content from webpages to a second screen. Firefox 33 for the desktop is available for download now on Firefox.com, and all existing users should be able to upgrade to it automatically. As always, the Android version is trickling out slowly on Google Play. Full changelogs are available here: desktop and Android."
Windows

Windows Flaw Allowed Hackers To Spy On NATO, Ukraine, Others 97

Posted by Soulskill
from the hand-in-the-cookie-jar dept.
An anonymous reader writes: Reuters reports that a cybersecurity firm has found evidence that a bug in Microsoft's Windows operating system has allowed hackers located in Russia to spy on computers used by NATO, Ukraine, the European Union, and others for the past five years. Before disclosing the flaw, the firm alerted Microsoft, who plans to roll out a fix on Tuesday. "While technical indicators do not indicate whether the hackers have ties to the Russian government, Hulquist said he believed they were supported by a nation state because they were engaging in espionage, not cyber crime. For example, in December 2013, NATO was targeted with a malicious document on European diplomacy. Several regional governments in the Ukraine and an academic working on Russian issues in the United States were sent tainted emails that claimed to contain a list of pro-Russian extremist activities, according to iSight."
Networking

Ask Slashdot: VPN Setup To Improve Latency Over Multiple Connections? 174

Posted by timothy
from the so-you-favor-internet-fast-lanes dept.
blogologue writes I've been playing Battlefield for some time now, and having a good ping there is important for a good gaming experience. Now I'm in the situation where I have mobile internet access from two telecom companies, and neither of those connections are stable enough to play games on, the odd ping in hundreds of milliseconds throws everything off. How can I setup a Windows client (my PC) and a Linux server (in a datacenter, connected to the internet) so that the same TCP and UDP traffic goes over both links, and the fastest packet on either link 'wins' and the other is discarded?
Security

How Poor Punctuation Can Break Windows 94

Posted by timothy
from the no-os-is-immune-to-error-or-malice dept.
An anonymous reader writes with a report at Ars Technica about how a small bug can lead to a security problem. In this case, the problem is that quotation marks — or the lack of them — can be significant. From the Ars article: "The scenario... requires a 'standard' user with access rights to create a directory to a fileserver and an administrator executing a vulnerable script," Frank Lycops and Raf Cox, security researchers with The Security Factory, said in an e-mail interview. "This allows the attacker to gain the privileges of the user running the script, thus becoming an administrator." While the attack falls short of the severity of the Shellshock family of Linux shell vulnerabilities, the two researchers stressed that it's a good example of how untrusted input can be used to execute commands on a system. The researchers identified at least one popular script with the vulnerability. When the script attempts to set the starting directory for system administration work, it inadvertently runs the command appended to the malicious directory's name as well. ... The solution is to use proper coding practices—in this case, the judicious use of quotation marks. Quotation marks are used in the shell environment to make sure that the data inside the quotes is not interpreted by the program as a command.
Windows

Windows Users, Get Ready For a Bigger-Than-Usual Patch Tuesday 63

Posted by timothy
from the why-I-tell-my-mom-no-windows dept.
dibdublin (981416) writes with a report from The Register: October is stacking up to be a bumper Patch Tuesday update with nine bulletins lined up for delivery — three rated critical. Cloud security firm Qualys estimates two of the lesser "important" bulletins are just as bad however, as they would also allow malicious code injection onto vulnerable systems. Top of the critical list is an update for Internet Explorer that affects all currently supported versions 6 to 11, on all operating system including Windows RT. Vulnerabilities discovered in most versions of Windows Server, Windows 7 and 8, and the .NET framework are covered in the other pair of critical bulletins.
Security

The Malware of the Future May Come Bearing Real Gifts 103

Posted by samzenpus
from the not-so-bad dept.
An anonymous reader writes "Research by Prof. Giovanni Vigna of the University of California leads him to believe that the malware of the future will come in a friendly form, be genuinely useful and may not reveal its intentions for a protracted period of time. Prof. Vigna, speaking at IP Expo in London, outlined a fearful future of 'mimicry' in evolved strains of malware. In the current stage of the war between malware and security researchers, the emphasis is almost entirely on the attempt to convince increasingly intelligent — and increasingly suspicious — malware that it is operating in a bare-metal environment when it is in fact in a sandbox or VM environment. For the malware, the stakes are tremendously high — if it has reached the point of OS-level execution without its hash being indexed and red-flagged by online security databases, it cannot afford to reveal its intentions in a test environment. This article outlines the extraordinary game of cat-and-mouse being played between researchers and hackers, and how future malware exploits are likely to abandon a rush for the buffer overflow in favor of 'the long game' — and to make themselves useful in the process.
Chrome

Chrome 38 Released: New APIs and 159 Security Fixes 55

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: In addition to updating Chrome for iOS, Google has released Chrome 38 for Windows, Mac, and Linux. While Chrome 38 beta brought a slew of new features, the stable release is pretty much just a massive security update. This means that, with Chrome 38, Google isn't adding any features to the stable channel (full changelog). That said, Chrome 38 does address 159 security issues (including 113 "relatively minor ones"). Google spent $75,633.70 in bug bounties for this release.
Security

Infected ATMs Give Away Millions of Dollars Without Credit Cards 83

Posted by Soulskill
from the i'll-order-a-dozen dept.
An anonymous reader writes: Kaspersky Lab performed a forensic investigation into cybercriminal attacks targeting multiple ATMs around the world. During the course of this investigation, researchers discovered the Tyupkin malware used to infect ATMs and allow attackers to remove money via direct manipulation, stealing millions of dollars. The criminals work in two stages. First, they gain physical access to the ATMs and insert a bootable CD to install the Tyupkin malware. After they reboot the system, the infected ATM is now under their control and the malware runs in an infinite loop waiting for a command. To make the scam harder to spot, the Tyupkin malware only accepts commands at specific times on Sunday and Monday nights. During those hours, the attackers are able to steal money from the infected machine.
Medicine

Professor Kevin Fu Answers Your Questions About Medical Device Security 21

Posted by samzenpus
from the listen-up dept.
Almost a year ago you had a chance to ask professor Kevin Fu about medical device security. A number of events (including the collapse of his house) conspired to delay the answering of those questions. Professor Fu has finally found respite from calamity, coincidentally at a time when the FDA has issued guidance on the security of medical devices. Below you'll find his answers to your old but not forgotten questions.
Microsoft

Test Version Windows 10 Includes Keylogger 367

Posted by samzenpus
from the all-the-better-to-track-you-with dept.
wabrandsma writes From WinBeta: "One of the more interesting bits of data the company is collecting is text entered. Some are calling this a keylogger within the Windows 10 Technical Preview, which isn't good news. Taking a closer look at the Privacy Policy for the Windows Insider Program, it looks like Microsoft may be collecting a lot more feedback from you behind the scenes. Microsoft collects information about you, your devices, applications and networks, and your use of those devices, applications and networks. Examples of data we collect include your name, email address, preferences and interests; browsing, search and file history; phone call and SMS data; device configuration and sensor data; and application usage." This isn't the only thing Microsoft is collecting from Insider Program participants. According to the Privacy Policy, the company is collecting things like text inputted into the operating system, the details of any/all files on your system, voice input and program information.
Microsoft

Samsung Paid Microsoft $1 Billion Last Year In Android Royalties 93

Posted by Soulskill
from the let's-release-this-on-a-Friday dept.
An anonymous reader writes: According to recently unsealed court filings, Samsung Electronics paid Microsoft more than $1 billion in annual fees to use patented Microsoft technology in Samsung's Android phones. The patent treasures include methods for displaying multiple windows in a Web browser. "Samsung originally signed its patent deal with Microsoft in 2011, ahead of its impressive dominance of Android shipments, but late last year Samsung decided it was tired of paying on time, or paying interest when a late payment was finally made. Microsoft has taken Samsung to court over the issues, and the Korean company insists it wants to walk away from the original deal because of Microsoft’s purchase of Nokia’s phone business. Samsung claims the acquisition invalidates the cross-licensing IP agreement, but Microsoft doesnt agree and wants the company to pay $6.9 million in unpaid interest from last year."

What the scientists have in their briefcases is terrifying. -- Nikita Khruschev

Working...