Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Security

SwiftKey Bug Leaked Email Addresses, Phone Numbers To Strangers (theverge.com) 28

An anonymous reader writes: After many users reported receiving predictions meant for other users, such as email addresses and phone numbers, SwiftKey has suspended part of its service. The service responsible for the bug was SwiftKey's cloud sync service. The Verge reports that one user, an English speaker, was getting someone else's German suggestions, while someone received NSFW porn search suggestions. The Telegraph also reports, "One SwiftKey user, who works in the legal profession and ask to remain anonymous, found out their details had been compromised when a stranger emailed them to say that a brand new phone had suggested their email address when logging into an account online. 'A few days ago, I received an email from a complete stranger asking if I had recently purchased and returned a particular model of mobile phone, adding that not one but two of my email addresses (one personal and one work address) were saved on the phone she had just bought as brand-new,' said the user." SwiftKey released an official statement today about the issue but said that it "did not pose a security issue."
Communications

Ask Slashdot: How Transparent Should Companies Be When Operational Technology Failures Happen? 91

New submitter supernova87a writes: Last week, Southwest Airlines had an epic crash of IT systems across their entire business when "a router failure caused the airlines' systems to crash [...] and all backups failed, causing flight delays and cancellations nationwide and costing the company probably $10 million in lost bookings alone." Huge numbers of passengers, crew, and airplanes were stranded as not only reservations systems, but scheduling, dispatch, and other critical operational systems had to be rebooted over the course of 12 hours. Passenger delays, which directly attributable to this incident, continued to trickle down all the way from Wednesday to Sunday as the airline recovered. Aside from the technical issues of what happened, what should a public-facing company's obligation be to discuss what happened in full detail? Would publicly talking about the sequence of events before and after failure help restore faith in their operations? Perhaps not aiming for Google's level of admirable disclosure (as in this 18-minute cloud computing outage where a full post-mortem was given), should companies aim to discuss more openly what happened and how they recovered from system failures?
Businesses

Microsoft To Lay Off Another 2,850 People In the Next 12 Months (businessinsider.com) 159

An anonymous reader writes from a report via Business Insider: Microsoft is planning to lay off 2,850 more employees in the next 12 months or so, according to Microsoft's full 10-K report it filed with the Securities and Exchange Commission. Part of the document reads: "In addition to the elimination of 1,850 positions that were announced in May 2016, approximately 2,850 roles globally will be reduced during the year as an extension of the earlier plan, and these actions are expected to be completed by the end of fiscal year 2017." Business Insider reports: "The first 1,850 layoffs mentioned here were mainly from Microsoft's struggling smartphone business, including 1,350 employees in Finland working at what was once Nokia world headquarters. These layoffs also included people in Microsoft's salesforce, which was recently reorganized and saw the departure of COO Kevin Turner. In total, Microsoft laid off 7,400 employees in its last fiscal year, which ended on June 30th, 2016. The new layoffs are a continuation of the same plan, and include the sales group as well as others. About 900 people affected by the new layoffs were already informed during the sales reorganization, according to a person familiar with Microsoft's plans."
Software

Tesla Model S In Fatal Autopilot Crash Was Going 74 MPH In a 65 Zone, NTSB Says (latimes.com) 601

An anonymous reader quotes a report from Los Angeles Times: The Tesla car involved in a fatal crash in Florida this spring was in Autopilot mode and going about 10 miles faster than the speed limit, according to safety regulators, who also released a picture of the mangled vehicle. Earlier reports had stated the Tesla Model S struck a big rig while traveling on a divided highway in central Florida, and speculated that the Tesla Autopilot system had failed to intervene in time to prevent the collision. The National Transportation Safety Board released a preliminary report Tuesday that confirms some details of the May 7 collision, along with a photo that shows the car with its windshield flattened and most of its roof sheared off. The federal agency also included a photo of the big rig, circling an area on the right side of the tractor-trailer that showed the light damage the truck received from the collision. The 2015 Model S was moving at 74 mph, above the posted 65 mph speed limit, when it struck a 53-foot trailer being pulled by a Freightliner Cascadia truck. Tesla's semi-autonomous Autopilot driving feature was engaged, the report says.
Android

Motorola Confirms That It Will Not Commit To Monthly Security Patches (arstechnica.com) 162

If you are planning to purchase the Moto Z or a Moto G4 smartphone, be prepared to not see security updates rolling out to your phone every month -- and in a timely fashion. After Ars Technica called out Motorola's security policy as "unacceptable" and "insecure," in a recent review, the company tried to handle the PR disaster, but later folded. In a statement to the publication, the company said: Motorola understands that keeping phones up to date with Android security patches is important to our customers. We strive to push security patches as quickly as possible. However, because of the amount of testing and approvals that are necessary to deploy them, it's difficult to do this on a monthly basis for all our devices. It is often most efficient for us to bundle security updates in a scheduled Maintenance Release (MR) or OS upgrade. As we previously stated, Moto Z Droid Edition will receive Android Security Bulletins. Moto G4 will also receive them.Monthy security updates -- or the lack thereof -- remains one of the concerning issues that plagues the vast majority of Android devices. Unless it's a high-end smartphone, it is often rare to see the smartphone OEM keep the device's software updated for more than a year. Even with a flagship phone, the software update -- and corresponding security patches -- are typically guaranteed for only 18 to 24 months. Reports suggest that Google has been taking this issue seriously, and at some point, it was considering publicly shaming its partners that didn't roll out security updates to their respective devices fast enough.
Microsoft

Windows 10 Anniversary Update: the Best New Features (theverge.com) 372

A year after the release of Windows 10, Microsoft is gearing up for Anniversary Update, the first major update to the company's desktop operating system. Ahead of the public release of Anniversary Update on August 2, Microsoft provided media outlets with the Anniversary Update, and their first impressions and reviews are out. The Verge has listed the big changes Windows 10 Anniversary ships with. From the article: Windows Ink: Windows Ink is without a doubt the best part of the Anniversary Update. It's essentially a central location to find built-in or third-party apps that work with your stylus. You can use the new sticky notes to note down reminders, and they'll even transform into true reminders as Cortana understands what you write.
Microsoft Edge extensions: If you're a fan of Chrome extensions, then you'll be glad to hear that they're heading to Microsoft's Edge browser. The Anniversary Update brings support for extensions, and it's now up to third-party developers to fill the Windows Store with their add-ons.
Cortana improvements: Microsoft's digital assistant, Cortana, debuted on Windows 10 last year, and the software maker is bringing it to the lock screen with the Anniversary Update. You'll be able to ask it to make a note, play music, set a reminder, and lots more without ever logging in. Cortana is also getting a little more intelligent, with the ability to schedule appointments in Outlook or options to send friends a document you were working on a week ago.
Dark theme and UI tweaks: You can switch on what I call even darker mode in settings, and it will switch built-in apps that typically use a white background over to black.
Other improvements include things like Windows 10's ability to set your time zone automatically, and opening up of Windows Hello, the biometric feature to apps and websites. Additionally, the Xbox One is getting Windows apps. The Verge adds, "It feels like a promise that was made years ago, but it's finally coming true with the Anniversary Update. As Windows 10 now powers the Xbox One, Microsoft will start rolling out an update to its console to provide support for Cortana on Xbox One and the new universal apps." Microsoft is also adding Bash, the Linux command line to Windows with the new update. It's an optional feature and users will need to enable it to use it. Users will also be able to "project to PC," a feature that will allow one to easily find a PC to project to from a phone or another PC. There's also a new Skype app, and syncing of notifications between PC and phone is getting better.
Going by the reviews, it appears Windows 10 Anniversary Update is substantially more stable, and has interesting new features. You can read the first impressions of it on ZDNet, and review on PCWorld.
Open Source

Linux Kernel 4.7 Officially Released (iu.edu) 60

An anonymous Slashdot reader writes: The Linux 4.7 kernel made its official debut today with Linus Torvalds announcing, "after a slight delay due to my travels, I'm back, and 4.7 is out. Despite it being two weeks since rc7, the final patch wasn't all that big, and much of it is trivial one- and few-liners." Linux 4.7 ships with open-source AMD Polaris (RX 480) support, Intel Kabylake graphics improvements, new ARM platform/board support, Xbox One Elite Controller support, and a variety of other new features.
Slashdot reader prisoninmate quotes a report from Softpedia: The biggest new features of Linux kernel 4.7 are support for the recently announced Radeon RX 480 GPUs (Graphic Processing Units) from AMD, which, of course, has been implemented directly into the AMDGPU video driver, a brand-new security module, called LoadPin, that makes sure the modules loaded by the kernel all originate from the same file system, and support for generating virtual USB Device Controllers in USB/IP. Furthermore, Linux kernel 4.7 is the first one to ensure the production-ready status of the sync_file fencing mechanism used in the Android mobile operating system, allow Berkeley Packet Filter (BPF) programs to attach to tracepoints, as well as to introduce the long-anticipated "schedutil" frequency governor to the cpufreq dynamic frequency scaling subsystem, which promises to be faster and more accurate than existing ones.
Linus's announcement includes the shortlog, calling this release "fairly calm," though "There's a couple of network drivers that got a bit more loving."
Security

Can Iris-Scanning ID Systems Tell the Difference Between a Live and Dead Eye? (ieee.org) 93

the_newsbeagle writes: Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. You may have seen such systems at a border crossing recently or at a high-security facility, and the Indian government is currently collecting iris scans from all its 1.2 billion citizens to enroll them in a national ID system. But such scanners can sometimes be spoofed by a high-quality paper printout or an image stuck on a contact lens.

Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death, despite the decay that occurs. This means an eye could theoretically be plucked from someone's head and presented to an iris scanner. The same researcher who conducted that post-mortem study is also looking for solutions, and is working on iris scanners that can detect the "liveness" of an eye. His best method so far relies on the unique way each person's pupil responds to a flash of light, although he notes some problems with this approach.

Android

Turn Your Android Phone Into a Laptop For $99 With the Superbook (techinsider.io) 125

An anonymous Slashdot reader writes: A company called Andromium is attempting to harness the processing power of your Android smartphone and turn it into a full fledged computer. The 'Superbook' consists of a 11.6-inch laptop shell, which you connect to your phone via a USB Micro-B or Type-C cable, and run the Andromium OS application (currently in beta, but available in the Play Store)... The leader of the project and Company co-founder Gordon Zheng, previously worked at Google and pitched the idea to them... They refused so he quit his job and founded Andromium Inc.

In December 2014 the company had introduced their first product which was a dock which used the MHL standard to output to external monitor. That campaign failed, however their newest creation, the Superbook smashed their Kickstarter goal in just over 20 minutes.

And within their first 38 hours, they'd crowdfunded $500,000. In an intriguing side note, Andromium "says it'll open its SDK so developers can tailor their apps for Andromium, too, though how much support that gets remains to be seen," reports Tech Insider. But more importantly, "Andromium says its prototypes are finished, and that it hopes to ship the Superbook to backers by February 2017."
Businesses

Cyanogen Inc. Reportedly Fires OS Development Arm, Switches To Apps (arstechnica.com) 124

An anonymous reader writes: Android Police is reporting that the Android software company Cyanogen Inc. will be laying off 20 percent of its workforce, and will transition from OS development to applications. The Android Police report says "roughly 30 out of the 136 people Cyanogen Inc. employs" are being cut, and that the layoffs "most heavily impact the open source arm" of the company. Android Police goes on to say that CyanogenMod development by Cyanogen Inc "may be eliminated entirely." Ars Technica notes the differences between each "Cyanogen" branding. Specifically, CyanogenMod is a "free, open source, OS heavily based on Android and compatible with hundreds of devices," while Cyanogen Inc. is "a for-profit company that aims to sell Cyanogen OS to OEMs." It appears that many of the core CyanogenMod developers will no longer be paid to work on CyanogenMod, though the community is still free to develop the software." Android Police details the firing process in their report: "Layoffs reportedly came after a long executive retreat for the company's leaders and were conducted with no advanced notice. Employees who were not let go were told not to show up to work today. Those who did show up were the unlucky ones: they had generic human resources meetings rather ominously added to their calendars last night. So, everyone who arrived at Cyanogen Inc. in Seattle this morning did so to lose their job (aside from those conducting the layoffs)." Early last year, Microsoft invested in a roughly $70 million round of equity financing for the then-startup Cyanogen Inc. Not too long before that, Google tried to acquire Cyanogen Inc., but the company turned down Google's offer to seek funding from investors and major tech companies at a valuation of around $1 billion. Cyanogen Inc. CEO Kirt McMaster once said the company was "attempting to take Android away from Google" and that it was "putting a bullet through Google's head."

UPDATE 7/25/16: Cyanogen CEO and cofounder Kirt McMaster took to Twitter to dispel some of the rumors, tweeting: "Cyanogen NOT pivoting to apps. We are an OS company and our mission of creating an OPEN ANDROID stands. FALSE reporting was outstanding."
Chrome

Google Gets Rid Of App Launcher In Chrome 52, Browser's Mac Client Gets Material Design (9to5mac.com) 67

Google has finally removed App Launcher that it bundles with the Chrome browser for Windows and Mac with the release of Chrome v52. The Mac client, in addition, now embraces Google's Material Design approach, and comes with new icons and flatter and transparent interface. 9to5Mac documents more changes on Chrome for Mac and Windows: Besides a new flatter, sharper, and transparent design, Material is also a "huge engineering feat," especially for Chrome OS and Windows. Chrome is "now rendered fully programmatically including iconography, effectively removing the ~1200 png assets we were maintaining before," Google noted. "It also allows us to deliver a better rendering for a wide range of PPI configuration."
Apple

Smartwatch Shipments Fall For the First Time; Apple Only Company In Top 5 To Decline (venturebeat.com) 129

Emil Protalinski, reporting for VentureBeat: The smartwatch market has hit its first bump, and it's all Apple's fault. Vendors shipped a total of 3.5 million smartphones worldwide last quarter. This Q2 2016 figure is down 32 percent from the 5.1 million units shipped in Q2 2016, marking the first decline on record. It's important to note that smartwatches are just a subcategory of the larger wearable market. As such, these figures don't count basic bands sold by companies like Fitbit. Apple is thus the undisputed leader, even after the losses it saw in Q2 2016, and it could easily see a return to growth with the release of Watch OS 2.0. Apple's market share decreased 25 percentage points (from 72 percent to 47 percent) and it shipped less than half the smartwatches (1.6 million). But the company still holds almost half the market, with every other vendor shipping fewer than a million units.
Microsoft

Skype Finalizes Its Move To the Cloud; To Kill Older Clients -- Remains Tight Lipped About Privacy (arstechnica.com) 74

When it was first created, Skype network was built as a decentralized peer-to-peer system. PCs that had enough processing muscle and bandwidth acted as "supernodes," and coordinated connections between other machines on the network. This p2p system was generally perceived as being relatively private, a belief that has since been debunked. There were several technical challenges, which led Microsoft to move most of Skype's operations to the cloud. Ars Technica is reporting that the company has finalized the switch. From the article: Microsoft has developed a more conventional client-server network, with clients that act as pure clients and dedicated cloud servers. The company is starting to transition to this network exclusively. This transition means that old peer-to-peer Skype clients will cease to work. Clients for the new network will be available for Windows XP and up, OS X Yosemite and up, iOS 8 and up, and Android 4.03 and up. However, certain embedded clients -- in particular, those integrated into smart TVs and available for the PlayStation 3 -- are being deprecated, with no replacement. Microsoft says that since those clients are little used and since almost every user of those platforms has other Skype-capable devices available, it is no longer worth continuing to support them.The issue, as the report points out, is that Microsoft is strangely not talking about privacy and security concerns. The article adds: The Ed Snowden leaks raised substantial questions about the privacy of services such as Skype and have caused an increasing interest in platforms that offer end-to-end encryption. The ability to intercept or wiretap Skype came as a shock to many, especially given Skype's traditionally peer-to-peer infrastructure. Accordingly, we've seen similar services such as iMessage, WhatsApp, and even Facebook Messenger, start introducing end-to-end encryption. The abandonment of Skype's peer-to-peer system can only raise suspicions here.Matthew Green, who teaches cryptography at Johns Hopkins, said: "The surprising thing here is not that Microsoft can intercept Skype calls (duh) but that they won't just admit it."
Patents

Amazon Patents Way To Turn Lampposts, Church Steeples Into Drone Perches (consumerist.com) 87

An anonymous reader writes from a report via The Consumerist: Amazon has received a patent that shows what drones may be doing when they're not flying throughout the sky delivering packages: sitting on lampposts and church steeples. "Amazon was recently awarded a patent for docking and recharging stations that would be built on tall, existing structures like lampposts, cell towers, or church steeples," reports The Consumerist. "Once the drone is done making a delivery, it would be able to land on the station, recharge and refuel, as well as pick up additional packages." A "central control system" would then be able to control each docking station and connect the docked drone(s) with a local or regional packaged handling center or central facility. Based on weather or package data, the drones may be commanded accordingly. The patent says the system will not only provide directions based to the drone, but will have the ability to redirect the unmanned aerial vehicle based on the most favorable conditions, such as a route with less wind. The patent describes a system in which the drone delivers a package to the platform that then moves the item via a "vacuum tube, dumbwaiter, elevator, or conveyor to the ground level." From there, the package could be transferred to an Amazon Locker or a local delivery person. The docking stations could also act as cell towers that "provide local free or fee-based Wi-Fi services. This can enable cities to provide free Wi-Fi in public parks, buildings, and other public areas without bearing the burden of installing some, or all, of the necessary infrastructure."
Robotics

MIT's Ori Robotic Modular Furniture Is Designed To Make Small Places Feel More Roomy (archpaper.com) 68

An anonymous reader writes: MIT's Media Lab has produced Ori, a range of robotic, modular furniture designed to make small places feel more roomy. The Architect's Newspaper reports: "With its name coming from the Japanese word 'origami,' the furniture system combines robotics, architecture, and design to let interiors double-up as bedrooms, living rooms, dining rooms, and offices. Teaming up with Swiss product designer Yves Behar, founder and CEO of Ori and research scientist at MIT Hasier Larrea has his eyes set on fundamentally altering the 'experience and economics of the urban built environment.' Speaking in a press release, Larrea added that 'Ori's systems make possible the effortless and magical transformation of interior spaces, providing the totally new experience of having our interior space intelligently conform to our activities, rather than our activities being forced to conform to our interior space.' A movable mainframe, containing a variety of concealable furniture and storage, is the core concept in Ori's modular and mechatronic furniture. Using the wall mounted control panel, the module can move across the floor and deploy different pieces of furniture. This can all be done remotely through the Ori app as well." Ori is not on the market yet, but inquiries can be made via Ori's website.
Government

Library of Congress Hit With a Denial-Of-Service Attack (fedscoop.com) 23

An anonymous reader writes: The Library of Congress (LOC) announced via Twitter Monday that they were the target of a denial-of-service attack. The attack was detected on July 17 and has caused other websites hosted by the LOC, including the U.S. Copyright Office, to go down. In addition, employees of the Library of Congress were unable to access their work email accounts and to visit internal websites. The outages continue to affect some online properties managed by the library. "In June 2015, the Government Accountability Office, or GAO, published a limited distribution report -- undisclosed publicly though it was sourced in a 2015 GAO testimony to the Committee on House Administration -- highlighting digital security deficiencies apparent at the Library of Congress, including poor software patch management and firewall protections," reports FedScoop.
Android

Slashdot Asks: Do You Install Preview Version Of An OS On Your Primary Device? 151

On Monday, Google released a new -- and also the final -- version of the Android N Developer Preview. Android Nougat, which is the latest version of Google's mobile operating system comes with a range of new features and improvements, including a notification panel redesign and additions to Doze power saving. The fifth preview, which is releasing today offers a "near-final" look at Android 7. Interestingly, Apple also released the public beta versions of iOS 10, and macOS Sierra to users earlier this month. Microsoft continues to offer preview builds of Windows 10 OS to enthusiasts.

We were wondering how many of you choose to live on beta version of an operating system on your primary devices. Does anyone here wait for the final version of an operating system to release before making the switch? Also, what does the setup of your office/work computer look like? Anyone who is still on an older version of an operating system because of reliability and compatibility concerns?
Chrome

Slashdot Asks: What's Your Computer Set-Up Look Like? 326

I thought it'd be fun to ask Slashdot readers one of the same questions we asked Larry Wall: What's your computer set-up look like? Slashdot reader LichtSpektren had asked: Can you give us a glimpse into what your main work computer looks like? What's the hardware and OS, your preferred editor and browser, and any crucial software you want to give a shout-out to?
Larry Wall is running Linux Mint (Cinnamon edition), and he surfs the web with Firefox (and Chrome on his phone) -- "but I'm not a browser wonk. Maybe I'll have more opinions on that after our JS backend is done for Perl 6..." And for a text editor, he's currently ensconced in the vi/vim camp, though "I've used lots of them, so I have no strong religious feelings."

So leave your answers in the comments. What's your OS, hardware, preferred editor, browser, "and any crucial software you want to give a shout-out to?" What does your computer set-up look like?
Facebook

Google, Tesla, and Facebook Attract 'Hordes of Tech Tourists' To Their Headquarters (siliconvalley.com) 80

An anonymous Slashdot reader writes: "We just came from Oracle, then we go to HP, Google; we're going to do Tesla, Intel, eBay and Yahoo. And Apple, I forgot Apple..." says one San Francisco resident, describing a tour he's providing for his friend from Tokyo. In fact, Silicon Valley's iconic tech companies have discovered tourists are now dropping in on their headquarters. "It was nice to walk between the buildings, take some pictures and see the employees enjoy their lunch break," wrote one visitor to Google's campus, before complaining that Google hadn't also provided them with bathroom access. "We got told not to use the Google bikes as they are for employees only, which was a bit of a shame," another visitor complained.

"Hundreds of people a day visit the Facebook sign and Google's Android sculpture garden in Mountain View," reports the Bay Area Newsgroup, "with many stopping at other tech giants as well, snapping photos and shooting video..." In fact, Tesla, Apple, Facebook, and Google have all now installed stores where tourists can purchase branded merchandise. (Google sells figurines of their Android mascot for $15). "What you're seeing are people on a pilgrimage..." said Stanford communications professor Fred Turner. "Folks are looking for a physical place behind the kind of dematerialized experience that they have online."

Intel has its own museum, and the Los Altos garage where Steve Jobs started Apple has even been designated a historic site. Are there any other historic tech sites that should be preserved to inspire future generations of tourists?

Slashdot Top Deals