Linux fréttir

AT&T wants to bin 100,000 routers, replace them with white boxes

TheRegister - 1 hour 51 min ago
Carrier tries to speed networking innovation with 'Disaggregated Network Operating System'

AT&T has launched an audacious attempt to push the networking industry towards software-defined networking and white-box hardware.…

Categories: Linux fréttir

Marvell and Cavium do the deed, vow to breed infra-monster

TheRegister - 2 hours 46 min ago
Six billion bucks does the trick, now let's see what kind of kit they build together

The rumours were right: Marvell has formally announced it will buy Cavium, for around six billion US dollars, and plans to emerge as an “Infrastructure Solutions Powerhouse”.…

Categories: Linux fréttir

More than half of GitHub is duplicate code, researchers find

TheRegister - 3 hours 52 min ago
Boffins beware: random samples are therefore useless for research

Given that code sharing is a big part of the GitHub mission, it should come at no surprise that the platform stores a lot of duplicated code: 70 per cent, a study has found.…

Categories: Linux fréttir

Over 400 of the World's Most Popular Websites Record Your Every Keystroke

Slashdot - 4 hours 19 min ago
An anonymous reader quotes a report from Motherboard: The idea of websites tracking users isn't new, but research from Princeton University released last week indicates that online tracking is far more invasive than most users understand. In the first installment of a series titled "No Boundaries," three researchers from Princeton's Center for Information Technology Policy (CITP) explain how third-party scripts that run on many of the world's most popular websites track your every keystroke and then send that information to a third-party server. Some highly-trafficked sites run software that records every time you click and every word you type. If you go to a website, begin to fill out a form, and then abandon it, every letter you entered in is still recorded, according to the researchers' findings. If you accidentally paste something into a form that was copied to your clipboard, it's also recorded. These scripts, or bits of code that websites run, are called "session replay" scripts. Session replay scripts are used by companies to gain insight into how their customers are using their sites and to identify confusing webpages. But the scripts don't just aggregate general statistics, they record and are capable of playing back individual browsing sessions. The scripts don't run on every page, but are often placed on pages where users input sensitive information, like passwords and medical conditions. Most troubling is that the information session replay scripts collect can't "reasonably be expected to be kept anonymous," according to the researchers.

Read more of this story at Slashdot.

Categories: Linux fréttir

Windows 8 broke Microsoft's memory randomisation

TheRegister - 4 hours 47 min ago
The problem's still there in Windows 10, so prepare for code re-use attacks

A Carnegie-Mellon CERT researcher has discovered the Microsoft broke some use-cases for its Address Space Layout Randomisation (ASLR), designed to block code-reuse attacks.…

Categories: Linux fréttir

UCLA Researchers Use Solar To Create and Store Hydrogen

Slashdot - 5 hours 44 min ago
UCLA researchers have designed a device that can use solar energy to inexpensively and efficiently create and store energy, which could be used to power electronic devices, and to create hydrogen fuel for eco-friendly cars. Phys.Org reports: The device could make hydrogen cars affordable for many more consumers because it produces hydrogen using nickel, iron and cobalt -- elements that are much more abundant and less expensive than the platinum and other precious metals that are currently used to produce hydrogen fuel. Traditional hydrogen fuel cells and supercapacitors have two electrodes: one positive and one negative. The device developed at UCLA has a third electrode that acts as both a supercapacitor, which stores energy, and as a device for splitting water into hydrogen and oxygen, a process called water electrolysis. All three electrodes connect to a single solar cell that serves as the device's power source, and the electrical energy harvested by the solar cell can be stored in one of two ways: electrochemically in the supercapacitor or chemically as hydrogen. The device also is a step forward because it produces hydrogen fuel in an environmentally friendly way. Currently, about 95 percent of hydrogen production worldwide comes from converting fossil fuels such as natural gas into hydrogen -- a process that releases large quantities of carbon dioxide into the air, said Maher El-Kady, a UCLA postdoctoral researcher and a co-author of the research. The technology is described in the journal Energy Storage Materials.

Read more of this story at Slashdot.

Categories: Linux fréttir

Amazon launches Secret Region – so secret it's endorsed by the CIA

TheRegister - 5 hours 45 min ago
The rest of us just get a 0.04% improvement in EC2 reliability, to a guaranteed 99.99%

Amazon Web Services has launched a Secret Region – which we know about because the CIA has endorsed it.…

Categories: Linux fréttir

Uber Expands Driverless-Car Push With Deal For 24,000 Volvos

Slashdot - 6 hours 24 min ago
Uber agreed to buy 24,000 sport utility vehicles from Volvo to form a fleet of driverless autos. According to Bloomberg, "The XC90s, priced from $46,900 at U.S. dealers, will be delivered from 2019 to 2021 in the first commercial purchase by a ride-hailing provider." Uber will add its own sensors and software to permit pilot-less driving. From the report: Uber's order steps up efforts to replace human drivers, the biggest cost in its on-demand taxi service. The autonomous fleet is small compared with the more than 2 million people who drive for Uber but reflects dedication to the company's strategy of developing self-driving cars. "This new agreement puts us on a path toward mass-produced, self-driving vehicles at scale," Jeff Miller, Uber's head of auto alliances, told Bloomberg News. "The more people working on the problem, we'll get there faster and with better, safer, more reliable systems."

Read more of this story at Slashdot.

Categories: Linux fréttir

AT&T insists it's not sweating US govt block of Time-Warner gobble

TheRegister - 6 hours 51 min ago
'We don't care, in fact look at this letter about how little we care. Really. Please look at it'

AT&T says it is not worried about the possibility of a US government lawsuit derailing its attempts to acquire Time Warner.…

Categories: Linux fréttir

iMac Pro Will Have An A10 Fusion Coprocessor For 'Hey, Siri' Support and More Secure Booting, Says Report

Slashdot - 7 hours 4 min ago
According to Apple firmware gurus Steven Troughton-Smith and Guilherme Rambo, the upcoming iMac Pro will feature an A10 Fusion coprocessor to enable two interesting new features. "The first is the ability for the iMac Pro to feature always-on 'Hey, Siri' voice command support, similar to what's currently available on more recent iPhone devices," reports The Verge. "[T]he bigger implication of the A10 Fusion is for a less user-facing function, with Apple likely to use the coprocessor to enable SecureBoot on the iMac Pro." From the report: In more practical terms, it means that Apple will be using the A10 Fusion chip to handle the initial boot process and confirm that software checks out, before passing things off to the regular x86 Intel processor in your Mac. It's not something that will likely change how you use your computer too much, like the addition of "Hey, Siri" support will, but it's a move toward Apple experimenting with an increased level of control over its software going forward.

Read more of this story at Slashdot.

Categories: Linux fréttir

Google Is Working On Fuchsia OS Support For Apple's Swift Programming Language

Slashdot - 7 hours 44 min ago
An anonymous reader shares a report from Android Police: Google's in-development operating system, named "Fuchsia," first appeared over a year ago. It's quite different from Android and Chrome OS, as it runs on top of the real-time "Magenta" kernel instead of Linux. According to recent code commits, Google is working on Fuchsia OS support for the Swift programming language. If you're not familiar with it, Swift is a programming language developed by Apple, which can be used to create iOS/macOS/tvOS/watchOS applications (it can also compile to Linux). Apple calls it "Objective-C without the C," and on the company's own platforms, it can be mixed with existing C/Objective-C/C++ code (similar to how apps on Android can use both Kotlin and Java in the same codebase). We already know that Fuchsia will support apps written in Dart, a C-like language developed by Google, but it looks like Swift could also be supported. On Swift's GitHub repository, a pull request was created by a Google employee that adds Fuchsia OS support to the compiler. At the time of writing, there are discussions about splitting it into several smaller pull requests to make reviewing the code changes easier.

Read more of this story at Slashdot.

Categories: Linux fréttir

Intel patches critical holes in secret hidden Management Engine in desktop, server chips

TheRegister - Mon, 2017-11-20 23:53
Bugs can be exploited to extract info, insert rootkits

Developing... Intel on Monday admitted that its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) are vulnerable to multiple security flaws, based on the findings of external security experts.…

Categories: Linux fréttir

Cops jam a warrant into Apple to make it cough up Texas mass killer's iPhone, iCloud files

TheRegister - Mon, 2017-11-20 23:30
Here we go again…

Texas Rangers have obtained a search warrant for the contents of a blood-splattered iPhone SE belonging to gunman Devin Kelley who killed 26 people in a murder-suicide at a church.…

Categories: Linux fréttir

Why Hackers Reuse Malware

Slashdot - Mon, 2017-11-20 23:20
Orome1 shares a report from Help Net Security: Software developers love to reuse code wherever possible, and hackers are no exception. While we often think of different malware strains as separate entities, the reality is that most new malware recycles large chunks of source code from existing malware with some changes and additions (possibly taken from other publicly released vulnerabilities and tools). This approach makes sense. Why reinvent the wheel when another author already created a working solution? While code reuse in malware can make signature-based detection methods more effective in certain cases, more often than not it frees up time for attackers to do additional work on detection avoidance and attack efficacy -- which can create a more dangerous final product. There are multiple reasons why hackers reuse code when developing their own malware. First, it saves time. By copying code wherever possible, malware authors have more time to focus on other areas, like detection avoidance and attribution masking. In some cases, there may be only one way to successfully accomplish a task, such as exploiting a vulnerability. In these instances, code reuse is a no-brainer. Hacker also tend to reuse effective tactics such as social engineering, malicious macros and spear phishing whenever possible simply because they have a high rate of success.

Read more of this story at Slashdot.

Categories: Linux fréttir

Uber slapped with $9m fine for letting dodgy drivers pick up punters

TheRegister - Mon, 2017-11-20 22:43
Super Cali goes – oh no, wait, this is Colorado

Colorado watchdogs today hit Uber subsidiary Rasier with an $8.9m fine for allowing drivers with felony convictions and/or major moving violations to pick up folks using the ride-hailing app.…

Categories: Linux fréttir

US Sues To Block AT&T Purchase of Time Warner

Slashdot - Mon, 2017-11-20 22:40
The U.S. Department of Justice is suing AT&T to block its $85.4 billion acquisition of Time Warner. "The legal challenge was expected after AT&T rejected a demand by the Justice Department earlier this month to divest its DirecTV unit or Time Warner's Turner Broadcasting -- which contains news network CNN -- in order to win antitrust approval," reports Reuters. From the report: AT&T's chief executive said then that he would defend the deal in court to win approval, and the company criticized the Justice Department's case on Monday. The lawsuit is "a radical and inexplicable departure from decades of antitrust precedent," said AT&T lawyer David McAtee, arguing that so-called vertical mergers, between companies that are not direct competitors, are routinely approved. "We see no legitimate reason for our merger to be treated differently," he said, adding that AT&T is confident a judge will reject the Justice Department's case.

Read more of this story at Slashdot.

Categories: Linux fréttir

An Ethereum Startup Just Vanished After People Invested $374K

Slashdot - Mon, 2017-11-20 22:00
An anonymous reader quotes a report from Motherboard: A startup on the Ethereum platform vanished from the internet on Sunday after raising $374,000 USD from investors in an Initial Coin Offering (ICO) fundraiser. Confido is a startup that pitched itself as a blockchain-based app for making payments and tracking shipments. It sold digital tokens to investors over the Ethereum blockchain in an ICO that ran from November 6 to 8. During the token sale, Confido sold people bespoke digital tokens that represent their investment in exchange for ether, Ethereum's digital currency. But on Sunday, the company unceremoniously deleted its Twitter account and took down its website. A company representative posted a brief comment to the company's now-private subforum on Reddit, citing legal problems that prevent the Confido team from continuing their work. The same message was also posted to Medium but quickly deleted. "Right now, we are in a tight spot, as we are having legal trouble caused by a contract we signed," the message stated (a cached version of the Medium post is viewable). "It is likely that we will be able to find a solution to rectify the situation. However, we cannot assure you with 100% certainty that we will get through this." The message was apparently written by Confido's founder, one Joost van Doorn, who seems to have no internet presence besides a now-removed LinkedIn profile. Even the Confido representative on Reddit doesn't seem to know what's going on, though, posting hours after the initial message, "Look I have absolutely no idea what has happened here. The removal of all of our social media platforms and website has come as a complete surprise to me." Confido tokens had a market cap of $10 million last week, before the company disappeared, but now the tokens are worthless. And investors are crying foul.

Read more of this story at Slashdot.

Categories: Linux fréttir

Open-source defenders turn on each other in 'bizarre' trademark fight sparked by GPL fall out

TheRegister - Mon, 2017-11-20 21:23
Tempest in a teapot scalds FOSS world

Special report Two organizations founded to help and support developers of free and open-source software have locked horns in public, betraying a long-running quarrel rumbling mostly behind the scenes.…

Categories: Linux fréttir

Amazon Launches a Cloud Service For US Intelligence Agencies

Slashdot - Mon, 2017-11-20 21:20
Amazon Web Services on Monday introduced cloud service for the CIA and other members of the U.S. intelligence community. From a report: The launch of the so-called AWS Secret Region comes six years after AWS introduced GovCloud, its first data center region for public sector customers. AWS has since announced plans to expand GovCloud. The new Secret Region signals interest in using AWS from specific parts of the U.S. government. In 2013 news outlets reported on a $600 million contract between AWS and the CIA. That event singlehandledly helped Amazon in its effort to sign up large companies to use its cloud, whose core services have been available since 2006.

Read more of this story at Slashdot.

Categories: Linux fréttir

Apple Could Have Brought a Big iPhone X Feature To Older iPhone But Didn't, Developer Says

Slashdot - Mon, 2017-11-20 20:40
Steven Troughton-Smith, a prominent iOS developer best known for combing new software codes for references for upcoming features, over the weekend indicated that portrait mode lighting effects, a major feature in the current iPhone generation -- iPhone 8 Plus, and iPhone X, could technically be added to iPhone 7 Plus from last year. The feature works like this: you take a picture, go to the photos app on your new iPhone and play with the "Lighting" effects. He writes: So yeah you just need to hexedit the metadata in the HEIC. Not quite sure where, I copied a whole section from an iPhone X Portrait Mode photo and it worked. Original photo taken on 7 Plus on iOS 11. Someone could automate this. Just to add insult to injury, if you AirDrop that photo back to the iPhone 7 Plus now it shows the Portrait Lighting UI, and lets you change mode. So Portrait Lighting is 100% an artificial software limitation. 7 Plus photos can have it, 7 Plus can do it.

Read more of this story at Slashdot.

Categories: Linux fréttir

Pages

Subscribe to netserv.is aggregator - Linux fréttir