Forgot your password?
typodupeerror

Catch up on stories from the past week (and beyond) at the Slashdot story archive

Encryption

Snowden Used the Linux Distro Designed For Internet Anonymity 152

Posted by Soulskill
from the NSA-can't-make-heads-or-something-of-it dept.
Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"
Mozilla

Mozilla Appoints Former Marketing Head Interim CEO 202

Posted by Unknown Lamer
from the but-chris-beard-hates-kittens dept.
itwbennett (1594911) writes "Following the contentious and ultimately failed appointment of Brendan Eich as CEO last month, the Mozilla Corporation has appointed Chris Beard to the board of directors and made him interim CEO. Beard starting working as chief marketing officer for Mozilla in 2004, and oversaw the launch of its current browser, Firefox, in 2005. Beard also managed the launches of Firefox on Android and the Firefox OS for mobile phones." See the official announcement. Quoting: "We began exploring the idea of Chris joining the Board of Directors some months ago. Chris has been a Mozillian longer than most. He’s been actively involved with Mozilla since before we shipped Firefox 1.0, he’s guided and directed many of our innovative projects, and his vision and sense of Mozilla is equal to anyone’s. I have relied on his judgement and advice for nearly a decade. This is an excellent time for Chris to bring his understanding of Mozilla to the Board."
Businesses

Apple's Spotty Record of Giving Back To the Tech Industry 265

Posted by samzenpus
from the giving-back dept.
chicksdaddy (814965) writes "Given Apple's status as the world's most valuable company and its enormous cash hoard, the refusal to offer even meager support to open source and industry groups is puzzling. From the article: 'Apple bundles software from the Apache Software Foundation with its OS X operating system, but does not financially support the Apache Software Foundation (ASF) in any way. That is in contrast to Google and Microsoft, Apple's two chief competitors, which are both Platinum sponsors of ASF — signifying a contribution of $100,000 annually to the Foundation. Sponsorships range as low as $5,000 a year (Bronze), said Sally Khudairi, ASF's Director of Marketing and Public Relations. The ASF is vendor-neutral and all code contributions to the Foundation are done on an individual basis. Apple employees are frequent, individual contributors to Apache. However, their employer is not, Khudairi noted. The company has been a sponsor of ApacheCon, a for-profit conference that runs separately from the Foundation — but not in the last 10 years. "We were told they didn't have the budget," she said of efforts to get Apple's support for ApacheCon in 2004, a year in which the company reported net income of $276 million on revenue of $8.28 billion.'"
Businesses

Ask Slashdot: How To Start With Linux In the Workplace? 448

Posted by timothy
from the sounds-like-mint-works-for-you dept.
An anonymous reader writes "Recently my boss has asked me about the advantages of Linux as a desktop operating system and if it would be a good idea to install it instead of upgrading to Windows 7 or 8. About ten boxes here are still running Windows XP and would be too old to upgrade to any newer version of Windows. He knows that i am using Linux at work on quite outdated hardware (would have gotten a new PC but never requested new hardware — Linux Mint x64 runs quite well on it) and i always managed to get my stuff done with it. I explained to him that there are no licensing issues with Linux, there is no anti-virus software to deal with and that Linux is generally a bit more efficient on old hardware than operating systems from Microsoft. The boss seems interested." But that's not quite the end; read on for this reader's question.
Encryption

Theo De Raadt's Small Rant On OpenSSL 301

Posted by timothy
from the heartbleed-of-the-matter dept.
New submitter raides (881987) writes "Theo De Raadt has been on a better roll as of late. Since his rant about FreeBSD playing catch up, he has something to say about OpenSSL. It is worth the 5 second read because it is how a few thousand of us feel about the whole thing and the stupidity that caused this panic." Update: 04/10 15:20 GMT by U L : Reader badger.foo pointed out Ted Unangst (the Ted in the mailing list post) wrote two posts on the issue: "heartbleed vs malloc.conf and "analysis of openssl freelist reuse" for those seeking more detail.
Windows

Meet the Diehards Who Refuse To Move On From Windows XP 641

Posted by timothy
from the come-the-revolution dept.
Hugh Pickens DOT Com (2995471) writes "Nearly every longtime Windows user looks back on Windows XP with a certain fondness, but the party's over according to Microsoft. 'It's time to move on,' says Tom Murphy, Microsoft's director of communications for Windows. 'XP was designed for a different era.' But Ian Paul writes in PC World that many people around the world refuse to give up on XP. But why? What's so great about an operating system that was invented before the age of Dropbox and Facebook, an OS that's almost as old as the original Google search engine? Bob Appel, a retiree based in Toronto, says he uses 12 PCs in a personal Dropbox-like network—10 of which are running XP. 'I use a third-party firewall, a free virus checker, and run Housecall periodically,' says Appel. 'My Firefox browser uses Keyscrambler, HTTPS Anywhere, Ghostery, and Disconnect. I also have a VPN account (PIA) when traveling. For suspicious email attachments, I deploy private proprietary bioware (me!) to analyze before opening. All the "experts" say I am crazy. Thing is, I stopped the security updates in XP years ago after a bad update trashed my system, and yet I have never been infected, although online for hours each day. So, crazy though I be, I am sticking with XP.'" (Read more, below.)
Book Reviews

Book Review: Mobile HTML5 37

Posted by samzenpus
from the read-all-about-it dept.
Michael Ross (599789) writes "Web designers and developers nowadays are familiar with the critical decision they face each time before building an application intended for mobile devices: whether to target a particular device operating system (e.g., iOS) and create the app using the language dictated by the OS (e.g., Objective-C), or try to build an operating system-agnostic app that runs on any device equipped with a modern web browser (primarily using HTML5, CSS3, and JavaScript), or try to do a combination of both (using a library such as PhoneGap). The second option offers many advantages, and is the approach explored in the book Mobile HTML5, authored by Estelle Weyl, an experienced front-end developer." Keep reading for the rest of Michael's review.
IBM

Fifty Years Ago IBM 'Bet the Company' On the 360 Series Mainframe 169

Posted by timothy
from the y'-tell-the-kids-that-today dept.
Hugh Pickens DOT Com (2995471) writes "Those of us of a certain age remember well the breakthrough that the IBM 360 series mainframes represented when it was unveiled fifty years ago on 7 April 1964. Now Mark Ward reports at BBC that the first System 360 mainframe marked a break with all general purpose computers that came before because it was possible to upgrade the processors but still keep using the same code and peripherals from earlier models. "Before System 360 arrived, businesses bought a computer, wrote programs for it and then when it got too old or slow they threw it away and started again from scratch," says Barry Heptonstall. IBM bet the company when they developed the 360 series. At the time IBM had a huge array of conflicting and incompatible lines of computers, and this was the case with the computer industry in general at the time, it was largely a custom or small scale design and production industry, but IBM was such a large company and the problems of this was getting obvious: When upgrading from one of the smaller series of IBM computers to a larger one, the effort in doing that transition was so big so you might as well go for a competing product from the "BUNCH" (Burroughs, Univac, NCR, CDC and Honeywell). Fred Brooks managed the development of IBM's System/360 family of computers and the OS/360 software support package and based his software classic "The Mythical Man-Month" on his observation that "adding manpower to a late software project makes it later." The S/360 was also the first computer to use microcode to implement many of its machine instructions, as opposed to having all of its machine instructions hard-wired into its circuitry. Despite their age, mainframes are still in wide use today and are behind many of the big information systems that keep the modern world humming handling such things as airline reservations, cash machine withdrawals and credit card payments. "We don't see mainframes as legacy technology," says Charlie Ewen. "They are resilient, robust and are very cost-effective for some of the work we do.""
Microsoft

Should Microsoft Be Required To Extend Support For Windows XP? 645

Posted by timothy
from the here-you-hold-the-thumbscrews dept.
An anonymous reader writes "If Windows XP were a photocopier, Microsoft would have a duty to deal with competitors who sought to provide aftermarket support. A new article in the Michigan Law Review argues that Microsoft should be held to the same duty, and should be legally obligated to help competitors who wish to continue to provide security updates for the aging operating system, even if that means allowing them to access and use Windows XP's sourcecode."
Debian

Not Just Apple: GnuTLS Bug Means Security Flaw For Major Linux Distros 144

Posted by timothy
from the holes-to-plug dept.
According to an article at Ars Technica, a major security bug faces Linux users, akin to the one recently found in Apple's iOS (and which Apple has since fixed). Says the article:"The bug is the result of commands in a section of the GnuTLS code that verify the authenticity of TLS certificates, which are often known simply as X509 certificates. The coding error, which may have been present in the code since 2005, causes critical verification checks to be terminated, drawing ironic parallels to the extremely critical 'goto fail' flaw that for months put users of Apple's iOS and OS X operating systems at risk of surreptitious eavesdropping attacks. Apple developers have since patched the bug." And while Apple can readily fix a bug in its own software, at least for users who keep up on patches, "Linux" refers to a broad range of systems and vendors, rather than a single company, and the affected systems include some of the biggest names in the Linux world, like Red Hat, Debian, and Ubuntu.
Hardware

An SSD for Your Current Computer May Save the Cost of a New One (Video) 353

Posted by Roblimo
from the breaking-the-i/o-speed-barrier dept.
Obviously, the first performance enhancement you do on any computer you own is max out the RAM. RAM has gotten cheap, and adding more of it to almost any computer will make it faster without requiring any other modification (or any great skill). The next thing you need to do, says Larry O'Connor, the founder and CEO of Other World Computing (OWC), is move from a "platter" hard drive to a Solid State Drive (SSD). Larry's horse in this race is that his company sells SSDs, mostly for Macs. But he's a real evangelist about SSDs and computer mods in general, even if you buy them from NewEgg, Amazon or another vendor.

A big (vendor-neutral) thing Larry points out is that just because you have a Terabyte drive in your computer now doesn't mean you need a Terabyte SSD, which can easily cost $500. Rather, he says, all you need is a large enough SSD to contain your OS and software and whatever data you're working with at the moment, so you might be able to get by with a 120 GB SSD that costs well under $100. Clone your current main drive, stick in the new SSD, and if your need more storage, get another hard drive (or use your old one). Simple. Efficient. And a lot cheaper than buying a new computer, whether we're talking about home, business or even enterprise use. (Alternate video link.)
Bug

Ask Slashdot: How To Handle Unfixed Linux Accessibility Bugs? 266

Posted by timothy
from the linux-on-the-desktop dept.
dotancohen (1015143) writes "It is commonly said that open source software is preferable because if you need something changed, you can change it yourself. Well, I am not an Xorg developer and I cannot maintain a separate Xorg fork. Xorg version 1.13.1 introduced a bug which breaks the "Sticky Keys" accessibility option. Thus, handicapped users who rely on the feature cannot use Xorg-based systems with the affected versions and are stuck on older software versions. Though all pre-bug Linux distros are soon scheduled for retirement, there seems to be no fix in sight. Should disabled users stick with outdated, vulnerable, and unsupported Linux distros or should we move to OS-X / Windows?

The prospect of changing my OS, applications, and practices due to such an ostensibly small issue is frightening. Note that we are not discussing 'I don't like change' but rather 'this unintentional change is incompatible with my physical disability.' Thus this is not a case of every change breaks someone's workflow."
Microsoft

Microsoft Launches Office For iPad: Includes Word, Excel, and PowerPoint 184

Posted by samzenpus
from the to-a-tablet-near-you dept.
An anonymous reader writes "At an event in San Francisco today, Microsoft Office General Manager Julia White unveiled Office for iPad, featuring Word, Excel, and PowerPoint. The new suite, which supports viewing but not editing for free, will go live in Apple's App Store at 11:00AM PDT (2:00PM EST). Word, Excel, and PowerPoint for iPad feature a ribbon interface just like the one featured in Office for Windows and OS X. The trio of apps are much more powerful on the tablet than the smartphone, but naturally aren't comparable to the desktop versions."
Android

Russian Officials Dump iPads For Samsung Tablets Over Spy Fears 198

Posted by timothy
from the putin-actually-invented-it dept.
wiredmikey writes: "Russian government officials have swapped their iPads for Samsung tablets to ensure tighter security, the telecoms minister told news agencies on Wednesday. Journalists spotted that ministers at a cabinet meeting were no longer using Apple tablets, and minister Nikolai Nikiforov confirmed the changeover "took place not so long ago." He said the ministers' new Samsungs were "specially protected devices that can be used to work with confidential information." This isn't the first time Russian powers have had concerns over mobile. In August 2012, Russia unveiled a prototype tablet with its own "almost Android" mobile OS that has the remarkably familiar feel of an Android but with bolstered encryption. In an even more paranoid move, this past July a Russian state service in charge of safeguarding Kremlin communications was looking to purchase an array of old-fashioned typewriters to prevent leaks from computer hardware."
Microsoft

Microsoft Posts Source Code For MS-DOS and Word For Windows 224

Posted by Soulskill
from the historical-sources dept.
An anonymous reader writes "Microsoft, along with the Computer History Museum, has posted the source code for MS-DOS 1.1 and 2.0, and Word for Windows 1.1a. It's been a long time coming — DOS 2.0 was released for IBM PCs in 1983, and Word for Windows 1.1a came out in 1990. The museum, with Microsoft's consent, has made the code available for non-commercial use. They've also explained some of the history of this software's development: '[In August, 1980], IBM had already contracted with Microsoft to provide a BASIC interpreter for the PC, so they asked them to investigate also providing the operating system. Microsoft proposed licensing "86-DOS", which had been written by Tim Paterson at Seattle Computer Products (SCP) for their 8086-based computer kit because the 16-bit version of CP/M was late. When SCP signed the licensing deal [7] with Microsoft, they didn't know for sure who the computer manufacturer was. Paterson said "We all had our suspicions that it was IBM that Microsoft was dealing with, but we didn't know for sure." [1] He left SCP to work for Microsoft in 1981. "The first day on the job I walk through the door and 'Hey! It's IBM.'" Microsoft originally licensed 86-DOS in December 1980 for a flat fee of $25,000. By the next summer they recognized the importance of owning it and being able to license it to other companies making IBM-PC clones, so they purchased all rights for an additional $50,000.'"
Android

One Billion Android Devices Open To Privilege Escalation 117

Posted by timothy
from the that's-beeeeeellion dept.
msm1267 (2804139) writes "The first deep look into the security of the Android patch installation process, specifically its Package Management Service (PMS), has revealed a weakness that puts potentially every Android device at risk for privilege escalation attacks. Researchers from Indiana University and Microsoft published a paper that describes a new set of Android vulnerabilities they call Pileup flaws, and also introduces a new scanner called SecUP that detects malicious apps already on a device lying in wait for elevated privileges. The vulnerability occurs in the way PMS handles updates to the myriad flavors of Android in circulation today. The researchers say PMS improperly vets apps on lower versions of Android that request OS or app privileges that may not exist on the older Android version, but are granted automatically once the system is updated.

The researchers said they found a half-dozen different Pileup flaws within Android's Package Management Service, and confirmed those vulnerabilities are present in all Android Open Source Project versions and more than 3,500 customized versions of Android developed by handset makers and carriers; more than one billion Android devices are likely impacted, they said."
Handily enough, the original paper is not paywalled.
Linux Business

Linux May Succeed Windows XP As OS of Choice For ATMs 367

Posted by Soulskill
from the cash-from-a-penguin dept.
Dega704 sends this news from ComputerWorld: "Some financial services companies are looking to migrate their ATM fleets from Windows to Linux in a bid to have better control over hardware and software upgrade cycles. Pushing them in that direction apparently is Microsoft's decision to end support for Windows XP on April 8, said David Tente, executive director, USA, of the ATM Industry Association. 'There is some heartburn in the industry' over Microsoft's end-of-support decision, Tente said. ATM operators would like to be able to synchronize their hardware and software upgrade cycles. But that's hard to do with Microsoft dictating the software upgrade timetable. As a result, 'some are looking at the possibility of using a non-Microsoft operating system to synch up their hardware and software upgrades,' Tente said."
Intel

Intel Announced 8-Core CPUs And Iris Pro Graphics for Desktop Chips 173

Posted by Unknown Lamer
from the face-meltingly-fast dept.
MojoKid (1002251) writes "Intel used the backdrop of the Game Developers Conference in San Francisco to make a handful of interesting announcements that run the gamut from low-power technologies to ultra-high-end desktop chips. In addition to outing a number of upcoming processors—from an Anniversary Edition Pentium to a monster 8-core Haswell-E — Intel also announced a new technology dubbed Ready Mode. Intel's Ready Mode essentially allows a 4th Gen Core processor to enter a low C7 power state, while the OS and other system components remain connected and ready for action. Intel demoed the technology, and along with compatible third party applications and utilities, showed how Ready Mode can allow a mobile device to automatically sync to a PC to download and store photos. The PC could also remain in a low power state and stream media, server up files remotely, or receive VOIP calls. Also, in a move that's sure to get enthusiasts excited, Intel revealed details regarding Haswell-E. Similar to Ivy Bridge-E and Sandy Bridge-E, Haswell-E is the 'extreme' variant of the company's Haswell microarchitecture. Haswell-E Core i7-based processors will be outfitted with up to eight processor cores, which will remain largely unchanged from current Haswell-based chips. However, the new CPU will connect to high-speed DDR4 memory and will be paired to the upcoming Intel X99 chipset. Other details were scarce, but you can bet that Haswell-E will be Intel's fastest desktop processor to date when it arrives sometime in the second half of 2014. Intel also gave a quick nod to their upcoming 14nm Broadwell CPU architecture, a follow-on to Haswell. Broadwell will be the first Intel desktop processor to feature integrated Iris Pro Graphics and will also be compatible with Intel Series 9 chipsets."
Games

Unreal Engine 4 Launching With Full Source Code 149

Posted by Soulskill
from the see-the-man-behind-the-curtain dept.
jones_supa writes "Today Epic launched Unreal Engine 4 for game developers. Supported platforms are Windows, OS X, iOS and Android, with desktop Linux coming later. The monetization scheme is unique: anyone can get access to literally everything for a $19/month fee. Epic wants to build a business model that succeeds when UE4 developers succeed. Therefore, part of the deal is that anyone can ship a commercial product with UE4 by paying 5% of their gross revenue resulting from sales to users. This gets them the Unreal Editor in ready-to-run form, and the engine's complete C++ source code hosted on GitHub for collaborative development."

FORTRAN is for pipe stress freaks and crystallography weenies.

Working...