CodeWeavers To Release CrossOver For Android To Run Windows Programs 63

An anonymous reader writes: For the better part of three years there has been talk about running Wine on Android to bring Windows x86 programs to Android phones/tablets, and it's going to become a reality. CodeWeavers is planning to release CrossOver For Android before the end of the year. This will allow native Windows binaries to run on Android, but will be limited to Android-x86 due to struggles in emulating x86 Windows code on ARM. The tech preview will be free and once published the open-source patches will be published for Wine.

On-Chip Liquid Cooling Permits Smaller Devices With No Heatsinks Or Fans 44

An anonymous reader writes: DARPA-funded research into on-chip liquid cooling has resulted in a field-programmable gate array (FPGA) liquid-cooled device that can operate at 24 degrees Celsius, versus 60 degrees Celsius for an equivalent air-cooled device. The cooling fluid resides only nanometers from the heat it must address, and operates so efficiently as to offer potential to stack CPUs and GPUs using copper columns, as well as dispensing with heat-sinks and fan systems. With those components removed, the system can facilitate far more compact designs than are currently feasible.

Advertising Malware Affects Non-Jailbroken iOS Devices 69

An anonymous reader writes: Malware called YiSpecter is infecting iOS devices belonging to Chinese and Taiwanese users, and is the first piece of malware that successfully targets both jailbroken and non-jailbroken devices, Palo Alto Networks researchers warn. What's more, the techniques it uses for hiding are making it difficult to squash the infection. YiSpecter's malicious apps were signed with three iOS enterprise certificates issued by Apple so that they can be installed as enterprise apps on non-jailbroken iOS devices via in-house distribution. Through this kind of distribution, an iOS app can bypass Apple's strict code review procedures and can invoke iOS private APIs to perform sensitive operations.

TiVo's Latest Offering Detects and Skips Ads, Adds 4K Capability 84

As described by The Verge, the newest generation of TiVo is in some ways a step backward: it comes with fewer tuners than some earlier models, and less storage as well. However, two big features that distinguish the company's new Bolt DVR may entice users anyhow: it adds 4K recording, and (probably of use to more people, given the scarcity of 4K content, not to mention its file size) also can recognize and skip commercials, a feature that users have sorely missed as a mainstream feature in standalone DVRs for quite a while. (And it's possible that broadcasters will come up with a way to kill the commercial-skip function as they did with Dish's AutoHop.)

OpenIndiana Hipster 2015.10: Keeping an Open-Source Solaris Going 141

An anonymous reader writes: It's been five years since Oracle killed off OpenSolaris while the community of developers are letting it live on with the new OpenIndiana "Hipster" 15.10 release. OpenIndiana 15.10 improves its Python-based text installer as it looks to drop its GUI installer, switches out the Oracle JDK/JRE for OpenJDK, and updates its vast package set. However, there are still a number of outdated packages on the system like Firefox 24 and X.Org Server 1.14 while the default office suite is a broken OpenOffice build, due to various obstacles in maintaining open-source software support for Solaris while being challenged by limited contributors. Download links are available via the release notes. There's also a page for getting involved if wishing to improve the state of open-source Solaris.

DHS Detains Mayor of Stockton, CA, Forces Him To Hand Over His Passwords 392

schwit1 writes: Anthony Silva, the mayor of Stockton, California, recently went to China for a mayor's conference. On his return to San Francisco airport he was detained by Homeland Security, and then had his two laptops and his mobile phone confiscated. They refused to show him any sort of warrant (of course) and then refused to let him leave until he agreed to hand over his password.
GNU is Not Unix

FLIF: Free Lossless Image Format 307

nickweller sends a link to an informational post about FLIF, the Free, Lossless Image Format. It claims to outperform PNG, lossless WebP, and other popular formats on any kind of image. "On photographs, PNG performs poorly while WebP, BPG and JPEG 2000 compress well (see plot on the left). On medical images, PNG and WebP perform relatively poorly while BPG and JPEG 2000 work well (see middle plot). On geographical maps, BPG and JPEG 2000 perform (extremely) poorly while while PNG and WebP work well (see plot on the right). In each of these three examples, FLIF performs well — even better than any of the others." FLIF uses progressive decoding to provide fully-formed lossy images from partial downloads in bandwidth-constrained situations. Best of all, FLIF is free software, released under the GNU GPLv3.

NASA Targets Venus, Asteroids With Potential Missions 47

coondoggie writes: NASA this week picked five possible contenders for a relatively low-cost robotic mission to space. The five candidates from a batch of 27 –include Venus, near-Earth object and asteroid operations – will ultimately be whittled down to one or two that will cost approximately $500 million, not including launch vehicle or post-launch operations, NASA stated. The DAVINCI probe would "study the chemical composition of Venus' atmosphere during a 63-minute descent. It would answer scientific questions that have been considered high priorities for many years, such as whether there are volcanoes active today on the surface of Venus and how the surface interacts with the atmosphere of the planet." A longer-range spacecraft called Lucy would "perform the first reconnaissance of the Jupiter Trojan asteroids, objects thought to hold vital clues to deciphering the history of the solar system."

500 Million Users At Risk of Compromise Via Unpatched WinRAR Bug 129

An anonymous reader writes: A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers to compromise a machine on which the software is installed. "The issue is located in the 'Text and Icon' function of the 'Text to display in SFX window' module," Vulnerability Lab explained in a post on on the Full Disclosure mailing list. "Remote attackers are able to generate own compressed archives with malicious payloads to execute system specific codes for compromise."

(Over-)Measuring the Working Man 165 writes: Tyler Cowen writes in MIT Technology Review that the improved measurement of worker performance through information technology is beginning to allow employers to measure value fairly precisely and as we get better at measuring who produces what, the pay gap between those who make more and those who make less grows. Insofar as workers type at a computer, everything they do is logged, recorded, and measured. Surveillance of workers continues to increase, and statistical analysis of large data sets makes it increasingly easy to evaluate individual productivity, even if the employer has a fairly noisy data set about what is going on in the workplace. Consider journalism. In the "good old days," no one knew how many people were reading an article, or an individual columnist. Today a digital media company knows exactly how many people are reading which articles for how long, and also whether they click through to other links. The result is that many journalists turn out to be not so valuable at all. Their wages fall or they lose their jobs, while the superstar journalists attract more Web traffic and become their own global brands.

According to Cowen, the upside is that measuring value tends to boost productivity, as has been the case since the very beginning of management science. We're simply able to do it much better now, and so employers can assign the most productive workers to the most suitable tasks. The downsides are several. Individuals don't in fact enjoy being evaluated all the time, especially when the results are not always stellar: for most people, one piece of negative feedback outweighs five pieces of positive feedback.
United States

Raytheon Wins US Civilian Cyber Contract Worth $1 Billion 62

Tokolosh writes: Raytheon is a company well-known in military-industrial and political circles, but not so much for software, networking and cybersecurity. That has not stopped the DHS awarding it a $1 billion, five year contract to help more than 100 civilian agencies manage their computer security. Raytheon said DHS selected it to be the prime contractor and systems integrator for the agency's Network Security Deployment (NSD) division, and its National Cybersecurity Protection System (NCPS). The contract runs for five years, but some orders could be extended for up to an additional 24 months, it said. Dave Wajsgras, president of Raytheon Intelligence, Information and Services, said the company had invested over $3.5 billion in recent years to expand its cybersecurity capabilities. He said cybersecurity incidents had increased an average of 66 percent a year worldwide between 2009 and 2014. As you might expect, Raytheon spends heavily on political contributions and lobbying.

Google AdSense Click Fraud Made Possible By Uncloaking Advertisers' Sites 50

An anonymous reader writes: A Spanish researcher claims to have uncovered a vulnerability in the security procedures of Google's AdSense program which would allow a third party to manipulate clicks on Google's syndicated ad service by 'de-cloaking' the obfuscated advertiser URLs that Google AdSense placements provide as links. He has also provided downloadable PHP files to show the exploit in action.

How Can NASA's Road To Mars Be Made More Affordable? 211

MarkWhittington writes: The Houston Chronicle's Eric Berger published a piece that touched on one of the most vexing issues surrounding NASA's "road to Mars," that being that of cost. How does one design a deep space exploration program that "the nation can afford," to coin a phrase uttered by the old NASA hand interviewed for the article? The phrase is somewhat misleading since one of the truisms of federal budgeting is that the nation can afford quite a bit. A more accurate phrase might be, "that the nation is willing to spend."

Stop Taking All the Fun Out of Science 246 writes: Heidi Stevens writes in the Chicago Tribune that according to NASA astronaut Mae Jemison schools treat science like the class where fun goes to die. "Kids come out of the chute liking science. They ask, 'How come? Why? What's this?' They pick up stuff to examine it. We might not call that science, but it's discovering the world around us," says Jemison. "Once we get them in school, we turn science from discovery and hands-on to something you're supposed to do through rote memorization." But science doesn't have to be that way says Jemison. Especially in the elementary school years. "When you have teachers saying, 'I don't have enough time for hands-on activities,' we need to rethink the way we do education," says Jemison. "The drills we do, where you're telling kids to memorize things, don't actually work. What works is engaging them and letting them do things and discover things." Jemison has teamed up with Bayer to advance science literacy across the United States by emphasizing the importance of hands-on, inquiry-based learning opportunities in public schools. Bayer announced recently that it will provide 1 million hands-on science experiences for kids by 2020. "Science is around us everywhere," says Jemison. Farming is science. Cooking is science. Even styling hair involves science. "When we go to the hairdresser, we want her to know something about pH balance," says Jemison with a laugh. "Boy, do we ever want her to know something about pH balance!"

Misusing Ethernet To Kill Computer Infrastructure Dead 303

Some attacks on computers and networks are subtle; think Stuxnet. An anonymous reader writes with a report at Net Security of researcher Grigorios Fragkos's much more direct approach to compromising a network: zap the hardware from an unattended ethernet port with a jolt of electricity. Fragkos, noticing that many networks include links to scattered and unattended ethernet ports, started wondering whether those ports could be used to disrupt the active parts of the network. Turns out they can, and not just the ports they connect to directly: with some experimentation, he came up with a easily carried network zapping device powerful enough to send a spark to other attached devices, too, but not so powerful -- at least in his testing -- to set the building on fire. As he explains: I set up a network switch, and over a 5 meters Ethernet cable I connected an old working laptop. Over a 3 meters cable I connected a network HDD and over a 100 meters cable I connected my “deathray” device. I decided to switch on the device and apply current for exactly 2 seconds. The result was scary and interesting as well. The network switch was burned instantly with a little “tsaf” noise. There was also a buzzing noise coming from the devices plugged-in to the network switch, for a less than a second. There was a tiny flash from the network HDD and the laptop stopped working. It is not the cheapest thing in the world to test this, as it took all of my old hardware I had in my attic to run these experiments. I believe the threat from such a high-voltage attack against a computer infrastructure is real and should be dealt with.

Nintendo Joins Khronos Group 46

jones_supa writes: Gamasutra reports that Nintendo has quietly joined Khronos Group, the consortium managing the OpenGL and Vulkan graphics APIs. The news was brought to Gamasutra's attention by a NeoGaf post, which notes that Nintendo's name was added to the list of Khronos Group contributing members earlier this month. As a Khronos Group contributor Nintendo has full voting rights and is empowered to participate in the group's API development, but it doesn't have a seat on the Khronos Group board and can't participate in the final ratification process of new API specifications.

Number of XcodeGhost-Infected iOS Apps Rises 169

An anonymous reader writes: As the list of apps infected with the XcodeGhost malware keeps expanding, Apple, Amazon and Baidu are doing their best to purge their online properties of affected apps, malicious Xcode installers, and C&C servers used by the attackers to gather the stolen information and control the infected apps/devices. China-based jailbreaking Pangu Team claims that the number of infected app is higher than 3,400, and have offered for download a free app that apparently detects the Trojanized apps.

South Korea's "Smart Sheriff" Nanny App Puts Children At Risk 54

Starting in April, the South Korean government required that cellphones sold to anyone below the age of 19 be equipped with approved monitoring software that would allow the user's parents to monitor their phone use, report their location, and more. Now, however, researchers have discovered that one of the most popular of the approved apps, called Smart Sheriff, may not actually be very smart to have on one's phone. Researchers from Citizen Lab and Cure53, at the request of the Open Technology Fund, have analyzed the code of Smart Sheriff, and found that it actually endangers, rather than protects, the users. Reports the Associated Press, in a story carried by the Houston Chronicle: Children's phone numbers, birth dates, web browsing history and other personal data were being sent across the Internet unencrypted, making them easy to intercept. Authentication weaknesses meant Smart Sheriff could easily be hijacked, turned off or tricked into sending bogus alerts to parents. Even worse, they found that many weaknesses could be exploited at scale, meaning that thousands or even all of the app's 380,000 users could be compromised at once.
Linux Business

Thanks To Valve, More Than 1,500 Games Are Now On Linux 281

An anonymous reader writes: The Steam Store crossed the threshold this morning of having 1,500 games natively available for Linux. Timberman, a 0.99$ video game was the 1,500th title, but while there are a lot of indie games available for Linux, in the past three years have been a number of high profile AAA Linux games too. What games (old or new, free or paid) would you like to see available for Linux systems?

AMD Confirms Vulkan Driver For Linux, But To Start Off As Closed-Source 47

An anonymous reader writes: AMD has finally revealed some basic details concerning their support of Vulkan on Linux. AMD has a Vulkan driver but it will begin its life as closed-source, reports Phoronix. In time the AMD Vulkan driver will transition to being open-source. This Vulkan driver is built to interface with their new AMDGPU kernel DRM driver that's part of their long talked about AMD open-source strategy for Linux. This closed-then-open Vulkan driver will be competing with Valve's Intel Vulkan driver that will be open from day one.