Coisiche found a disturbing article from The Register about the U.K.'s new "Snoopers' Charter" law that has implications for tech companies around the world: Among the many unpleasant things in the Investigatory Powers Act that was officially signed into law this week, one that has not gained as much attention is the apparent ability for the U.K. government to undermine encryption and demand surveillance backdoors... As per the final wording of the law, comms providers on the receiving end of a "technical capacity notice" will be obliged to do various things on demand for government snoops -- such as disclosing details of any system upgrades and removing "electronic protection" on encrypted communications. Thus, by "technical capability," the government really means backdoors and deliberate security weaknesses so citizens' encrypted online activities can be intercepted, deciphered and monitored... At the end of the day, will the U.K. security services be able to read your email, your messages, your posts and private tweets, and your communications if they believe you pose a threat to national security? Yes, they will.
The bill added the Secretaries of State as a required signatory to the "technical capacity" notices, which "introduces a minor choke-point and a degree of accountability." But the article argues the law ultimately anticipates the breaking of encryption, and without customer notification. "The U.K. government can certainly insist that a company not based in the U.K. carry out its orders -- that situation is specifically included in the new law -- but as to whether it can realistically impose such a requirement, well, that will come down to how far those companies are willing to push back and how much they are willing to walk away from the U.K. market."

Need a new set of generic attack detection rules for your web application firewall? Try the new OWASP ModSecurity Core Rule Set version 3.0.0! Long-time Slashdot reader dune73 writes: The OWASP CRS is a widely-used Open Source set of generic rules designed to protect users against threats like the OWASP Top 10. The rule set is most often deployed in conjunction with an existing Web Application Firewall like ModSecurity. Four years in the making, this release comes with dozens of new features including reduced false positives (by over 90% in the default setup), improved detection of SQLi, XSS, RCE and PHP injections, the introduction of a Paranoia Mode which allows assigning a certain security level to a site, and better documentation that takes the pain out of ModSecurity.
There's rumors this new rule set is even being made into a movie

An anonymous reader writes: "After spending six months in development, the NetBSD 7.0.2 release is now available for those running NetBSD 7.0 or NetBSD 7.0.1," reports Softpedia, "but also for those who are still using an older version of the BSD-based operating system and haven't managed to upgrade their systems, bringing them a collection of security patches and recent software updates." Release engineer Soren Jacobsen wrote that "It represents a selected subset of fixes deemed important for security or stability reasons. If you are running an earlier release of NetBSD, we strongly suggest updating to 7.0.2."

The security fixes eliminate a race condition in mail.local(8), and also update OpenSSL, ntp and BIND. In addition, "there are various MIPS pmap improvements, a patch for an NFS (Network File System) crash, as well as a crash that occurred when attempting to mount an FSS snapshot as read and write. NetBSD 7.0.2 also fixes an issue with the UFS1 file system when it was created outside the operating system." Download NetBSD 7.0.2 at one of these mirror sites.

Alongside the two new MacBook Pros, Apple also unveiled a refresh for its popular MacBook Air lineup. The company is calling this: the MacBook Pro, same branding as the other two MacBook Pros. It's a lower-end version of the new MacBook Pros, with no "Touch Bar" (or the Touch ID) and is powered by a slightly slower processor. Starting at $1,499, this MacBook Pro model is slightly cheaper too, though. From an ArsTechnica report:Apple said it will continue selling the existing 13" MacBook Air, but the company made a point of comparing that model to this new lower-end Pro, putting it somewhere between the Air and the other Pros in the lineup. The new 13" MacBook Pro starts at $1,499 and will begin shipping today. The new higher-end Pros will start at $1,799 for the 13" model and $2,399 for the 15" model while shipping in two to three weeks. If you don't select any hardware upgrades, the low-end 13" Pro has a sixth-generation Intel Core i5 processor with dual cores clocked at 2.0GHz, Intel Iris Graphics 540, 8GB memory, and 256GB SSD. It is available in space grey and silver, and it can cost up to $2,599 if you select the highest CPU, memory, and storage upgrades. Those available upgrades include a 2.4GHz Core i7 processor, 16GB of memory, and 512GB or 1TB of SSD storage. The new 13" laptop has a 2560x1600 Retina display, two Thunderbolt 3/USB-C ports, and a headphone jack. It has the same Force Touch trackpad and redesigned keyboard as the higher-end models despite not integrating the Touch Bar and Touch ID.

prisoninmate writes: The Linux 4.7 kernel branch officially reached end of life, and it has already been marked as EOL on the kernel.org website, which means that the Linux kernel 4.7.10 maintenance update is the last one that will be released for this branch. It also means that you need to either update your system to the Linux 4.7.10 kernel release or move to a more recent kernel branch, such as Linux 4.8. In related news, Linux kernel 4.8.4 is now the latest stable and most advanced kernel version, which is already available for users of the Solus and Arch Linux operating systems, and it's coming soon to other GNU/Linux distributions powered by a kernel from the Linux 4.8 series. Users are urged to update their systems as soon as possible.

Google is bringing bleeding-edge Canary channel for Chrome to Android. Through Canary channel, the company introduces early versions of Chrome upgrades to the early adopter and developers, and seeks feedback. Prior to this, Canary channel was available for the desktop version of Chrome. Alex Mineer, APK Administrator & Bug Basher said, "Just like the Canary channel for other platforms, new versions are built from the most recent code available and often contain a variety of new features, enhancements, and bug fixes. These builds are shipped automatically with no manual testing, which means that the build can be unstable and may even stop working entirely for days at a time. However, the goal is for Canary to remain usable at all times, and the Chrome team prioritizes fixing major issues as quickly as possible."

MojoKid writes from a report via HotHardware: Apparently Apple has been working on some unique upgrades to its MacBook line, and not just underneath the hood. One of the bigger feature upgrades could actually be in the keyboard. As previously rumored, the new MacBook Pro is likely to sport a secondary touchscreen display at the top of the keyboard. It will sit in place of where the Function keys used to reside and display different graphics and icons, depending on the program that's up and running. However, according to an anonymous reddit user named "Foxconninsider," Apple's also planning to launch a new version of its Magic Keyboard -- one that takes advantage of E-Ink technology. Similar technology was developed by a start-up company named Sonder, the same company Apple is in the process of acquiring. What the tipster describes is each key having its own E Ink display. That means individual keys and/or entire rows can change based on whatever app is loaded. In any event, we should know more soon -- Apple's expected to announce new MacBook products later this month.

An anonymous reader quotes a report from TechCrunch: Cyanogen, a startup behind its own, alternative version of the Android operating system, now has a new CEO. In the wake of reports that the company exaggerated its success in terms of active users, layoffs, and difficulties scaling, Cyanogen's co-founder and CEO Kirt McMaster will be transitioning into an "Executive Chairman" role, while Lior Tal, previously COO, will now assume the CEO position. In addition, Steve Kondik, Cyanogen's co-founder and CTO, will be taking on a new role as Chief Science Officer, the company announced. He will report Stephen Lawler, the company's SVP of Engineering. Today's blog post from new CEO Tal also somewhat acknowledged the company's struggles, and announced plans to shift in its business model with the launch of a new Cyanogen Modular OS program. "in recent years, Android and the mobile ecosystem changed," wrote Tal. "Android has become extremely fragmented causing serious security vulnerabilities and few or no incentives to device manufacturers to deliver software upgrades and/or security patches," he said. "Increased demand for lower-priced smartphones, coupled with the specifications arms race, has left manufacturers focused on scale and efficiency while compromising investment in software and services. Innovation cannot happen in a vacuum, which is what we have today," Tal added. The company will be moving away from its former model which involved it shipping the full-stack of the operating system, the company says. Its new program will instead allows manufacturers to introduce their own, customizable smartphones that use different parts of the Cyanogen OS via dynamic modules and MODs, while still using the ROM of their choice. That means they could still run stock Android on their devices, then pick and choose the pieces of Cyanogen's technology they want to also add. The full Cyanogen OS is still available and being sold, but is no longer the main focus. In July, Cyanogen Inc. laid off 20 percent of its workforce and sent a letter from McMaster to employees admitting that, despite shipping millions of devices with its OS, was "not scaling fast enough nor in an efficient manner."

The latest updates to Ubuntu 16.10 Yakkety Yak add a Unity8 desktop session to the Ubuntu login screen. OMGUbuntu adds: Added to the Ubuntu meta package, the new Unity 8 desktop session will be available to try on all new installs and upgrades of Ubuntu 16.10, but only as an alternate login session to Unity 7. Unity 8 is not -- repeat: not -- going to be the default session in this release. Shipping it as a preview session is a great idea. It means to try Unity 8 on Ubuntu 16.10 you won't need to install a set of packages, or faff around with special set-up, or add a PPA. When at the Unity Greeter (aka the login screen) just click the session selector button, followed by 'Unity 8,' and then proceed to login as normal.

prisoninmate writes: Softpedia reports that there's a new project on GitHub, called alwsl, which promises to let you install the Arch Linux operating system on Windows 10's new WSL (Windows Subsystem for Linux) feature, which allows users to run native Linux command-line tools directly on the Windows operating system alongside their modern desktop and apps. For example, Canonical and Microsoft brought Bash on Ubuntu on Windows using the new WSL functionality. For now, the alwsl project, which is developed by a group of German developers that call themselves "Turbo Developers," offers a .bat file that you can use to install Arch Linux on a WSL (Windows Subsystem for Linux) host, but the software is in developer preview stage. The first stable release, alwsl 1.0 will be able not only to install Arch Linux on the Windows Subsystem for Linux host in Windows 10 editions that support it, but also to create and manage users and snapshots. Also, it looks like it will get rolling upgrades just like a normal Arch Linux installation gets. The final release is expected to launch on December 2016, and you can monitor its development progress on GitHub.

Slashdot reader prisoninmate brings news from Softpedia: Today, Linus Torvalds proudly announced the release and availability for download of the Linux 4.8 kernel branch, which is now the latest stable and most advanced one. Linux kernel 4.8 has been in development for the past two months, during which it received no less than eight Release Candidate testing versions that early adopters were able to compile and install on their GNU/Linux operating system to test various hardware components or simply report bugs...

A lot of things have been fixed since last week's RC8 milestone, among which we can mention lots of updated drivers, in particular for GPU, networking, and Non-Volatile Dual In-line Memory Module (NVDIMM), a bunch of improvements to the ARM, MIPS, SPARC, and x86 hardware architectures, updates to the networking stack, as well as to a few filesystem, and some minor changes to cgroup and vm.
The kernel now supports the Raspberry Pi 3 SoC as well as the Microsoft Surface 3 touchscreen.

At its Global SSD Summit, Samsung shared its vision of the current state of SSD market and also outlined the future trends. The company noted that SSDs are steadily displacing HDDs in more applications, but NVMe is shaping up to be the dark horse that may put the venerable HDD to rest. From an article on Tom's Hardware: Samsung loves Google, and not just because it probably buys plenty of its SSDs. Samsung outlined its rather intense focus on Google Analytics for marketing purposes last year, and this year it pointed out that recent Google searches for "SSD upgrades" outweighed searches for "CPU upgrades." The historical trend indicates that this wasn't always the case (of course), but with 40 million searches for SSD upgrades this year, it is clear that SSDs are on the move. Performance stagnation in the CPU market is probably to blame here, as well, and we routinely advise readers to spend their hard-earned dollars on GPU and SSD upgrades before the CPU. The cellphone industry has long served as the prime example of an explosive growth market; it grew 19.1% in the last five years alone. SSDs, by contrast, grew 54%, and the steady downward pricing slope is a key factor. The all-important price-per-GB fell from $1.17 in 2012 to a mere $0.36 in 2016 (69% reduction). This is an average value, you can find SSDs for even less on the retail market. The SSD market grew 6x (to 130,000,000) from 2012 to 2016. Samsung's NAND shipments benefit from both the smartphone and SSD industries, and the company presented a chart that highlighted the changing NAND shipment mix. A higher percentage of flash heads into the SSD and Mobile segments every year as the percentage of UFD (USB Flash Drive), cards, and "others" decline.

An anonymous Slashdot reader quotes ZDNet: Microsoft rolled out this week the seventh Cumulative Update of fixes to Windows 10 Anniversary Update since the Anniversary version of Windows 10 began going to customers on August 2...causing installation issues for some users. I don't know how many are affected -- it's definitely nowhere near "all" -- but reports are coming in on Twitter and in Microsoft support forums from those who can't install the update, resulting (at least for some) in an endless loop of repeated attempts...

But a few of those affected have pointed out that when Microsoft first delivered this update to its "Release Preview" ring of Insider testers at the start of this week, some testers reported the installation failure/reboot issue. Despite those reports, Microsoft still pushed this update out to those not in the Insider program... Unsurprisingly, this issue is triggering a round of "What's the point of Insider testing?" questions. It looks to some like Microsoft is just ignoring Insider feedback...
Paul Thurrott reports that the problems are "widespread... Microsoft is pushing the idea that you should always patch your machine on the day the update is released as they often release security patches that fix vulnerabilities. But, until the company can get a handle on their quality control issues...it feels like every time you run Windows update you are rolling the dice."

It's been 18 months since the original Mintbox Mini launched, and this week saw the release of the new Mintbox Mini Pro (which costs just $100 more). BrianFagioli quotes BetaNews: That extra money gets you a faster processor, more powerful graphics, double the storage, twice the RAM, improved Wi-Fi, Bluetooth, and an additional Ethernet port... This diminutive desktop is the same size as the previously-released Mintbox... Thankfully, it retains the same cute appearance and Linux Mint branding.
Their article calls it a "beautiful little computer that comes pre-loaded with Linux Mint 18 Cinnamon (64-bit)," and the Linux Mint blog promises this fanless device offers "better passive cooling thanks to an all-metal black housing" -- and comes with six different USB ports.

You asked, he answered!

Raspberry Pi founder and CEO Eben Upton has responded to questions submitted by Slashdot readers. Read on for his answers.

Slashdot reader prisoninmate quotes an article on Softpedia: it looks like the Linux kernel maintainers decided that there's no need to maintain the Linux kernel 3.14 LTS series anymore, so earlier today, September 11, 2016, they decided to release that last maintenance update, version 3.14.79, and mark the series as EOL (End of Life). Famous Linux kernel maintainer Greg Kroah-Hartman was the one to make the big announcement, and he's urging users who want to still run a long-term supported kernel version to move to the Linux 4.4 LTS series, which is currently the most advanced LTS branch, or use the latest stable release, Linux kernel 4.7.3...

Linux kernel 3.14.79 is a very small update that changes a total of 12 files, with 45 insertions and 17 deletions, thus fixing a bug in the EXT4 file system, a networking issue related to the Reliable Datagram Sockets (RDS) protocol, and updating a few HID, s390, SCSI, networking drivers.

Sony isn't done with the PlayStation 4. The company today revealed the PS4 Slim, a thinner version of its latest console that's been lurking around the rumor mill for months now. The Slim lands on September 15th for $300. The PS4 Slim features all the guts of a standard PS4 plus a few cosmetic and convenience upgrades, including a lightbar at the top, more space between the front-facing USB ports and the removal of the optical port, Engadget reports. From the report:The console is about 30 percent smaller than the standard PS4, which came out in 2013, and it plays all existing PS4 games.
The company also launched a more powerful version of the PlayStation 4: the PS4 Pro, which offers support for 4K. It is priced at $399, and goes on sale November 10. The Verge reports: The PS4 Pro can output 4K and HDR video, which is powered by an upgraded GPU. Sony also boosted the clock rate for the new PS4 Pro. It will also come with a 1TB hard drive. "PS4 Pro is not intended to blur the line between console generations," Mark Cerny, the chief architect for the PS4, said on stage. "Instead, the vision is to take the PS4 experience to extraordinary new levels."

MojoKid quotes a report from HotHardware: Samsung just wrapped up an event at the IFA expo in Berlin, where the company unveiled two new Gear S3 branded smartwatches. The new Samsung Gear S3 Classic and Gear S3 Frontier leverage many of the design elements from last-year's Gear S2 -- like their Tizen OS, rotating control dial, round display, and fast wireless charging. However, other aspects of the Gear S3 have received significant upgrades. Although they are internally similar, there are a few external differences between the Gear S3 Classic and Frontier. The Gear S3 Classic is the sleeker, more streamlined version of the two. The Classic has a polished finish, with round buttons at the 2 and 4 o'clock positions and no addition protrusions on its chassis. The Gear S3 Frontier is more rugged and has a darker, brushed finish, with flat, rectangular textured buttons and protrusions on either side of the body to shield the buttons from accidental presses. Both the Gear S3 Classic and Frontier are also outfitted with Gorilla Glass SR to protect their circular, Super AMOLED displays, and they're both compatible with industry standard 22mm watch bands too. They are also IP68 rated, so they're able to withstand dust and dirt, and water resistant for up to 30 minutes under 1.5 meters of water. Depending on how heavily these devices are used, Samsung claims they can last roughly 3 -- 4 days on a single charge. They also have support for NFC (compatible with Samsung Pay), Wi-Fi, Bluetooth, and have built-in heart rate monitors, altimeter/barometer, and GPS as well.

You asked, he answered!

Ruby on Rails Creator and founder/CTO of Basecamp, David Heinemeier Hansson has responded to questions submitted by Slashdot readers. Read on for his answers.

Karl Bode, writing for DSLReports: As we noted last week, cable is effectively demolishing phone companies when it comes to new broadband subscriber additions, and Comcast still says the company has plenty of room to grow. Comcast and Charter alone added 500,000 net broadband subscribers last quarter, while the nation's biggest telcos collectively lost 360,783 broadband users during the same period. With AT&T and Verizon backing away from unwanted DSL users, and Windstream Frontier and CenturyLink only eyeing piecemeal upgrades, the bloodshed is far from over. Speaking this week at the Nomura 2016 Media, Telecom & Internet Conference, Comcast VP Marcien Jenckes stated that the company has plenty of unhappy DSL customers left to nab. In fact, Comcast says the company still has around 6 million DSL subscribers in its territory, many of which are likely frustrated by outdated speeds.