Linux fréttir

To fight phishing, Google last year announced it would require users to enable JavaScript during Google Account sign-in so that it could run attack-detecting risk assessments, and this week, the company said it'll begin to block all sign-ins from embedded browser frameworks like Chromium Embedded Framework starting in June. From a report: For the uninitiated, embedded browser frameworks enable developers to add basic web browsing functionality to their apps, and to use web languages like HTML, CSS, and JavaScript to create those apps' interface (or portions of it). They're typically cross-platform -- Chromium Embedded Framework runs on Linux, Windows, and macOS -- and they support a range of language bindings. With the change, Google is specifically targeting man in the middle (MITM) attacks, which it says are particularly difficult to spot from automation platforms like embedded browser frameworks.

Read more of this story at Slashdot.

A "computer glitch" may have been behind the fast-spreading fire that ravaged Notre Dame, Associated Press reported Friday, citing the cathedral's rector. From the report: Speaking during a meeting of local business owners, rector Patrick Chauvet did not elaborate on the exact nature of the glitch, adding that "we may find out what happened in two or three months." On Thursday, Paris police investigators said they think an electrical short-circuit most likely caused the fire. French newspaper Le Parisien has reported that a fire alarm went off at Notre Dame shortly after 6 p.m. Monday but a computer bug showed the fire's location in the wrong place. The paper reported the flames may have started at the bottom of the cathedral's giant spire and may have been caused by an electrical problem in an elevator. Chauvet said there were fire alarms throughout the building, which he described as "well protected."

Read more of this story at Slashdot.

Microsoft has introduced a new open source programming language called Bosque that aspires to be simple and easy to understand by embracing algebraic operations and shunning techniques that create complexity. From a report: Bosque was inspired by the syntax and types of TypeScript and the semantics of ML and Node/JavaScript. It's the brainchild of Microsoft computer scientist Mark Marron, who describes the language as an effort to move beyond the structured programming model that became popular in the 1970s. The structured programming paradigm, in which flow control is managed with loops, conditionals, and subroutines, became popular after a 1968 paper titled "Go To Statement Considered Harmful" by computer scientist Edsger Dijkstra. Marron believes we can do better by getting rid of sources of complexity like loops, mutable state, and reference equality. The result is Bosque, which represents a programming paradigm that Marron, in a paper he wrote, calls "regularized programming."

Read more of this story at Slashdot.

Records for potentially tens of thousands of patients seeking treatment at several addiction rehabilitation centers were exposed in an unsecured online database, an independent researcher revealed Friday. From a report: The 4.91 million documents included patients' names, as well as details of the treatments they received, according to Justin Paine, the researcher. Each patient had multiple records in the database, and Paine estimates that the records may cover about 145,000 patients. Paine notified the main treatment center, as well as the website hosting company, when he discovered the database. The data has since been made unavailable to the public. Paine found the data by typing keywords into the Shodan search engine that indexes servers and other devices that connect to the internet. "Given the stigma that surrounds addiction this is almost certainly not information the patients want easily accessible," Paine said in a blog post that he shared with CNET ahead of publication. Paine hunts for unsecured databases in his free time. His day job is head of trust and safety at web security company Cloudflare. The find is the latest example of a widespread problem: Any organization can easily store customer data on cloud-based services now, but few have the expertise to set them up securely. As a result, countless unsecured databases sit online and can be found by anyone with a few search skills. Many of those databases are full of sensitive personal data.

Read more of this story at Slashdot.

An anonymous reader shares a report: Last year, Microsoft announced when it would be killing app updates and distribution in the Windows Store for Windows Phone 8.x and Windows 8.x. At the time, the blog post stated that Windows Phone 8.x devices would stop receiving app updates after July 1, 2019, while Windows 8.x devices would get app updates through July 1, 2023. However, it seems as though plans have changed a little bit, as the blog post has quietly been updated earlier this month. Microsoft has changed the wording in the post to state that Windows 8 devices will stop getting updates for their apps at the same time as Windows Phone 8.x, that is, July 1 of this year. Windows 8.1 devices will continue to receive updates through the previously announced date in 2023.

Read more of this story at Slashdot.

Suren Enfiajyan writes: HDD shipments are continuing to decline. This is about all major HDD vendors with WDC with the most decline yearly -- 26.1% against 11.3% (Toshiba) and 14.4% (Seagate). Desktop HDD shipments are said to have fallen to just 24.5 million units, a drop of nearly 4 million units from the previous quarter. Laptop HDD shipments dropped more than 6 million units to hit the 37 million mark. Enterprise HDDs are said to have rebounded by nearly 1 million units, however, to around 11.5 million hard drives purchased in the quarter. Business customers essentially picked up the slack left by consumers. These shipments were likely affected by many factors. But there's also the simple fact that most people want SSDs instead of HDDs for most of their devices. Nobody wants to wait for their system to boot, their files to load, or their apps to finish routine tasks.

Read more of this story at Slashdot.

Panama disease, an infection that ravages banana plants, has been sweeping across Asia, Australia, the Middle East and Africa. The impact has been devastating. From a report: In the Philippines alone, losses have totalled US$400m. And the disease threatens not only the livelihoods of everyone in this US$44 billion industry but also the 400m people in developing countries who depend on bananas for a substantial proportion of their calorie intake. However, there may be hope. In an attempt to save the banana and the industry that produces it, scientists are in a race to create a new plant resistant to Panama disease. But perhaps this crisis is a warning that we are growing our food in an unsustainable way and we will need to look to more radical changes for a permanent solution.

Read more of this story at Slashdot.

An anonymous reader shares a report: The $14 billion network of levees and floodwalls that was built to protect greater New Orleans after Hurricane Katrina was a seemingly invincible bulwark against flooding. But now, 11 months after the Army Corps of Engineers completed one of the largest public works projects in world history, the agency says the system will stop providing adequate protection in as little as four years because of rising sea levels and shrinking levees. The growing vulnerability of the New Orleans area is forcing the Army Corps to begin assessing repair work, including raising hundreds of miles of levees and floodwalls that form a meandering earth and concrete fortress around the city and its adjacent suburbs. "These systems that maybe were protecting us before are no longer going to be able to protect us without adjustments," said Emily Vuxton, policy director of the Coalition to Restore Coastal Louisiana, an environmental group. She said repair costs could be "hundreds of millions" of dollars, with 75% paid by federal taxpayers. "I think this work is necessary. We have to protect the population of New Orleans," Vuxton said. The protection system was built over a decade and finished last May when the Army Corps completed a final component that involves pumps.

Read more of this story at Slashdot.

An anonymous reader quotes a report from the BBC: U.S. scientists say they used HIV to make a gene therapy that cured eight infants of severe combined immunodeficiency, or "bubble boy" disease. The babies, born with little to no immune protection, now have fully functional immune systems. Untreated babies with this disorder have to live in completely sterile conditions and tend to die as infants. The gene therapy involved collecting the babies' bone marrow and correcting the genetic defect in their DNA soon after their birth. The "correct" gene -- used to fix the defect -- was inserted into an altered version of one of HIV, the virus that causes AIDS. Researchers said most of the babies were discharged from the hospital within one month. Dr Ewilina Mamcarz of St Jude, an author of the study, said in a statement: "These patients are toddlers now, who are responding to vaccinations and have immune systems to make all immune cells they need for protection from infections as they explore the world and live normal lives. This is a first for patients with SCID-X1 (the most common type of SCID)." The study was published in the New England Journal of Medicine.

Read more of this story at Slashdot.

Oh and remove the guard bands, would you Ofcom?

Ofcom is amenable to technical tweaks that mobile operators have requested to 5G rules, launching a consultation yesterday.…

Isssh nothing to be proud of, hic, hic. Shame again pleesh

The top ten per cent of Australia’s boozy population downs more than half of the alcohol consumed in the country, according to new research – and the Brits are even worse.…

The consumer version of Blackberry Messenger is shutting down May 31. CNET reports: Emtek, the company BlackBerry partnered with in 2016 to run the consumer version of the messaging app, said in a blog post Thursday that the technology industry is "very fluid" and despite "substantial efforts," users have moved on to other platforms. "We poured our hearts into making this a reality, and we are proud of what we have built to date," Emtek said. Mark Wilson, BlackBerry's chief marketing officer, said that though the company is disappointed, BBM users won't be without a secure messaging platform. They can now go to the Google Play store to download BBMe, the enterprise version of the app that BlackBerry continues to run. The app will be free the first year. Then a 6-month subscription will cost $2.49. BlackBerry is working on an iOS app.

Read more of this story at Slashdot.

Are you... Are you sure that we make this machine, sir?

On Call Roll up, roll up, to the best part of your day, nay, your week – On Call, where Reg readers share Eureka moments and gleeful memories in tech support.…

It's not hard, we just need some coding tweaks to make sure Privacy Badger stays sane

In an effort to discourage Google from breaking or hobbling content blocking and privacy Chrome Extensions, the Electronic Frontier Foundation on Wednesday presented the Chocolate Factory with a modest wish list [PDF] to guide the company's ongoing API revision.…

Let's go back... way back

The last few months have seen a big increase in malware attacks using PDF email attachments, according to security firm SonicWall.…

Iwastheone shares a report from MIT News: NASA's Transiting Exoplanet Survey Satellite, TESS, has discovered its first Earth-sized exoplanet. The planet, named HD 21749c, is the smallest world outside our solar system that TESS has identified yet. In a paper published today in the journal Astrophysical Journal Letters, an MIT-led team of astronomers reports that the new planet orbits the star HD 21749 -- a very nearby star, just 52 light years from Earth. The star also hosts a second planet -- HD 21749b -- a warm "sub-Neptune" with a longer, 36-day orbit, which the team reported previously and now details further in the current paper. The new Earth-sized planet is likely a rocky though uninhabitable world, as it circles its star in just 7.8 days -- a relatively tight orbit that would generate surface temperatures on the planet of up to 800 degrees Fahrenheit. The discovery of this Earth-sized world is nevertheless exciting, as it demonstrates TESS' ability to pick out small planets around nearby stars. In the near future, the TESS team expects the probe should reveal even colder planets, with conditions more suitable for hosting life. Slashdot reader RockDoctor shares a link to the paper at Arxiv, adding: The 'b' object in the system (the largest perturbation on the star's light) is estimated at 2.61*Radius_earth, and 22.7*Mass_earth for a surface gravity of 3.332*littleG_Earth. If it has a "surface" in any recognizable sense rather than gradual transitions between gas mixtures, liquid mixtures, and the digested remains of any "metals" (lithium or higher, as the astronomers say). The 'c' object is more poorly constrained. The authors give a radius (0.892*Radius_earth, derived from the depth of the eclipses), but only put an upper limit on the mass at The TESS mission has a Science Requirement "of providing 50 transiting planets smaller than 4*Radius_earth with measured masses," and the 'b' planet fits that criterion, but the 'c' planet does not, yet, have a well-enough constrained mass. Keep on catching planets!

Read more of this story at Slashdot.

In an incident reminiscent of the Shadow Brokers leak that exposed the NSA's hacking tools, someone has now published similar hacking tools belonging to one of Iran's elite cyber-espionage units, known as APT34, Oilrig, or HelixKitten. From a report: The hacking tools are nowhere near as sophisticated as the NSA tools leaked in 2017, but they are dangerous nevertheless. The tools have been leaked since mid-March on a Telegram channel by an individual using the Lab Dookhtegan pseudonym. Besides hacking tools, Dookhtegan also published what appears to be data from some of APT34's hacked victims, mostly comprising of username and password combos that appear to have been collected through phishing pages. ZDNet was previously aware of some of these tools and victim data after this reporter received a tip in mid-March. In a Twitter DM, a Twitter user shared some of the same files that were discovered today on Telegram, and we believe that this Twitter user is the Telegram Lab Dookhtegan persona.

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: It's just as you suspected; the information age has changed the general attention span. A recently published study from researchers at the Technical University of Denmark suggests the collective global attention span is narrowing due to the amount of information that is presented to the public. Released on Monday in the scientific journal Nature Communications, the study shows people now have more things to focus on -- but often focus on things for short periods of time. The researchers studied several modes of media attention, gathered from several different sources, including (but not limited to): the past 40 years in movie ticket sales; Google books for 100 years; and more modernly, 2013 to 2016 Twitter data; 2010 to 2018 Google Trends; 2010 to 2015 Reddit trends; and 2012 to 2017 Wikipedia attention time. The researchers then created a mathematical model to predict three factors: the "hotness" of the topic, its progression throughout time in the public sphere and the desire for a new topic, said Dr Philipp Hovel, an applied mathematics professor of University College Cork in Ireland. The empirical data found periods where topics would sharply capture widespread attention and promptly lose it just as quickly, except in the cases of publications like Wikipedia and scientific journals. For example, a 2013 Twitter global trend would last for an average of 17.5 hours, contrasted with a 2016 Twitter trend, which would last for only 11.9 hours.

Read more of this story at Slashdot.

Amazon announced today that it will close its marketplace in China in the coming months, meaning Amazon customers in the country will no longer be able to buy goods from Chinese merchants. "Amazon did not explain why it was withdrawing its marketplace service, saying only it will instead focus on selling goods shipped from other countries into China," reports CNN. From the report: "We are notifying sellers we will no longer operate a marketplace on Amazon.cn, and we will no longer be providing seller services on Amazon.cn effective July 18," the company said in a statement. Amazon's platform competes for Chinese sellers with Tmall, owned by the country's e-commerce leader Alibaba. Users logging onto Amazon's Chinese site after July 18 will see products sold from its global store, the company said. "Over the past few years, we have been evolving our China online retail business to increasingly emphasize cross-border sales, and in return we've seen very strong response from Chinese customers," Amazon said. It will retain its other operations in China, such as cloud computing services. It will also continue to sell its Kindle e-readers and content in the country. "Amazon's commitment to China remains strong. We have built a solid foundation here in a number of successful businesses and we will continue to invest and grow in China," the company added.

Read more of this story at Slashdot.

Senate Majority Leader Mitch McConnell announced a new bill today that would block all tobacco and vape purchases for Americans under 21 years old, citing widespread public health risks. Surprisingly, vaping companies don't appear to be too concerned, as Juul's CEO Kevin Burns issued this statement supporting the measure: "JUUL Labs is committed to eliminating combustible cigarettes, the number one cause of preventable death in the world and to accomplish that goal, we must restrict youth usage of vapor products. Tobacco 21 laws fight one of the largest contributors to this problem -- sharing by legal-age peers -- and they have been shown to dramatically reduce youth usage rates." The Verge says it all has to do with Big Vape's image: Over the past year, Juul has come under the FDA's fire for its massive popularity among young people. So supporting a higher minimum age could help its image and take some of the regulatory pressure off. From an industry perspective, the move is fairly low risk since the product is already embedded in the population, and people under age 21 may already be addicted, says Kathleen Hoke, a law professor at the University of Maryland. "We can change this age to 21 but we're going to have to work extraordinarily hard at the state and local level to actually get cigarettes or vape products or chew out of the hands of the 18 to 20 year olds," she says. [T]he bill's success will depend on how it's crafted. Rob Crane, professor of family medicine at The Ohio State University and president of the Preventing Tobacco Addiction Foundation, is skeptical that it will really hold tobacco retailers responsible for selling to people who are underage. From the more than 450 cities and counties that have passed Tobacco 21 laws, "what we have found that does work is when you make local health departments under civil law do the enforcement," he says. "For a rogue retailer that keeps on selling, there's a risk of license suspension." But if the law winds up penalizing convenience store clerks who sell vapes and tobacco products to kids, the retailer who's profiting gets off scot-free, he says. In the end, Crane is skeptical of the motivations behind the bill, no matter what form it takes. "This is all a PR move to keep Juul out of the hot seat from the FDA."

Read more of this story at Slashdot.