80292643
submission
colinneagle writes:
One month after promising to release the JavaScript engine of its Edge browser, Microsoft has proven good for its word and then some. Not only is it releasing the code, it's planning a Linux port. The company uploaded the code to GitHub and announced its plans via a blog post by Gaurav Seth, principal PM manager for Chakra, which is what they're calling the JavaScript engine.
"Today, we are excited to share with you that we've just made the sources for ChakraCore available under the MIT License at the ChakraCore GitHub repository," he wrote. "Going forward, we'll be developing the key components of Chakra in the open."
With the release, you can build ChakraCore on Windows 7 SP1 or above with Visual Studio 2013 or 2015 with C++ support installed, Seth said. Of course, Edge is more than just the Chakra engine, but this could result in a back port to Windows 7. He also said Microsoft is committed to bringing it to other platforms, starting with Linux, and invited developers to "help us in the pursuit either by letting us know which other platforms they'd like to see ChakraCore supported on, or even by helping port it to the platform of their choice."
79405993
submission
colinneagle writes:
If you have a PS4 and want to run homebrew content, then you might be happy to know developer CTurt claimed, “PS4 is now officially jailbroken.” Over the weekend, CTurt took to Twitter to make the announcement. He did not use a jail vulnerability, he explained in a tweet. Instead, he used a FreeBSD kernel exploit.
Besides posting “an open source PlayStation 4 SDK” on GitHub, CTurt analyzed PS4’s security twice and explained PS4 hacking. CTurt updated the open source PS4 SDK yesterday; he previously explained that Sony’s proprietary Orbis OS is based on FREEBSD. In the past he released the PS4-playground, which included PS4 tools and experiments using the Webkit exploit for PS4 firmware version 1.76. To put that in context, Sony released version 3.0 in September. However, CTurt claimed the hack could be made to work on newer firmware versions.
Other PS4 hackers are reportedly also working on a kernel exploit, yet as Wololo pointed out, it is unlikely there might be more than proof-of-concept videos as the developers continue to tweak the exploit. Otherwise, Sony will do as it has in the past and release a new firmware version. In October 2014, developers nas and Proxima studied the PSVita Webkit exploit, applied it to the PS4, and then released the PS4 proof-of-concept. Shortly thereafter. Sony pushed out new firmware as a patch.
79061481
submission
colinneagle writes:
AMD has just issued a fix to its graphics driver that was causing GPU fans to lock at 20% max speed, which in turn caused the GPU to overheat and, in some cases, kill the card. Even though it's listed as a beta, if you are using the Crimson graphics driver, you want to upgrade now. Earlier this month AMD launched a whole new driver and video card application called Crimson, designed as a replacement for the old Catalyst driver and app.
According to a Reddit community forum, Radeon users found that the Crimson drivers were locking their fans at a low speed, thus the card overheated and died. At 20%, the fan is still pretty quiet, so the user has no idea there is a problem until their video card dies.
The community came up with a fix, illustrated in an image that shows the Crimson app and what steps to take. The only caveat is that you have to redo the steps every time you reboot.
79030645
submission
colinneagle writes:
With the release of Build 10586, or Threshold 2, DiagTrack — the Diagnostics Tracking Service, one of the main culprits in telemetry and other user activity gathering in Windows 10 — disappeared, and there was much rejoicing. However, the white hat hackers at Tweakhound (and confirmed by BetaNews) have discovered that Microsoft merely renamed it to the Connected User Experiences and Telemetry service, which throws people off, along with all the utilities to turn off these services, like DoNotSpy10.
Even sneakier, when you install Threshold 2, Windows 10 resets user preferences, so everything you turned off is back on without telling you about it.
Fortunately, the service can still be manually disabled, and no doubt the anti-spying apps will be updated to reflect this.
78448033
submission
colinneagle writes:
Global management consultants McKinsey and Company said in a recent report that many of the tasks that a CEO performs could be taken over by machines.
Those redundant tasks include "analyzing reports and data to inform operational decisions; preparing staff assignments; and reviewing status reports," the report says.
This potential for automation in the executive suite is in contrast to "lower-wage occupations such as home health aides, landscapers, and maintenance workers," the report says. Those jobs aren't as suitable for automation, according to the report. The technology has not advanced enough.
78269029
submission
colinneagle writes:
There are some technologies that just refuse to die, kept alive and kicking by a small but very devoted and enthusiastic cluster of users. The Amiga is one such example, still running more than 20 years after the last Amiga rolled off the lines.
Also still kicking is OS/2, IBM's last stab at a competing operating system to Windows, which the company abandoned in 1996 after its fourth and final major release, known as OS/2 Warp. An organization called Arca Noae not only continues development of the OS but also offers support to companies still using OS/2.
According to TechRepublic, which was at the show, the new distribution of that OS is codenamed Blue Lion, which will feature both new functionality as well as upgrades to the existing OS. The focus will be on running a full OS/2 implementation on bare metal, not just in virtual machines, according to Arca Noae. Blue Lion will add modern ACPI versions, USB 1.1 and 2.0, AHCI support for Serial ATA disks like SSDs, and a myriad of new drivers. New features include a completely reworked installation process that will allow for installation from USB drives, the ability to check for updates over the Internet while doing the installation, and improving SMP support. The developers are also working on network installation.
74313611
submission
colinneagle writes:
Two recent reports tell the story of one enterprising Canadian who takes advantage of a loophole to provide substantially cheaper wireless cell service for a one-time $100 payment.
How exactly he does it appears to be unclear, but it involves pricing discrepancies in Canada, where lower-populated provinces like Manitoba and Saskatchewan see much cheaper cell service. Basically, the scheme involves signing up for an account in one of these regions, where Canadian wireless service provider Koodo offers a 5GB monthly data plan for $48, then selling the account to people who live in more populated regions of the country, where the same plan typically costs at least $90.
This loophole has apparently been around for a while, with both of the aforementioned articles pointing to a forum conversation started in 2008 on a site called RedFlagDeals.com. This post showed a $55 monthly plan (available for $49.50 if you sign up with your own device) that offers unlimited calling, texting, and 5GB of data. The forum's moderators, however, posted an update five years after the discussion was started warning that "any discussion regarding getting this deal outside of Manitoba or Saskatchewan will no longer be allowed."
One article also says other people offer similar services on Craigslist.
73957555
submission
colinneagle writes:
When one Chinese technology vendor, Qihoo, launched a new Wi-Fi router with a safety setting for "pregnant women," a rival vendor took offense to the implication that their routers might be dangerous. Xiamo, which also sells Wi-Fi routers, took to its page on Chinese social media site Weibo to denounce Qihoo's pregnant women mode as a "marketing tactic," and clarify that "Wi-Fi usage is safe."
Zhou Hongyi, chief executive and president of Qihoo, acknowledged in a statement to the South China Morning Post that there is no evidence supporting claims that Wi-Fi routers pose a risk for birth defects. But he said the company is appealing to consumers' beliefs, whether they are supported by science or not.
"We are targeting people who are afraid of radiation," Hongyi said. "We aren't scientists. We haven't done many experiments to prove how much damage the radiation from Wi-Fi can cause. We leave the right of choice to our customers."
73320493
submission
colinneagle writes:
Last week, a new strain of ransomware called Locker was activated after having been sitting silently on infected PCs. Security firm KnowBe4 called Locker a "sleeper" campaign that, when the malware's creator "woke it up," encrypted the infected devices' files and charged roughly $24 in exchange for the decryption keys. This week, an internet user claiming to be the creator of Locker publicly apologized for the campaign and appears to have released the decryption keys for all the devices that fell victim to it, KnowBe4 reported in an alert issued today. Locker's creator released this message in a PasteBin post, along with a link to a file hosted on Mega.co containing the decryption keys. The malware creator also said that an automatic decryption process for all devices that were affected by Locker will begin June 2nd.
However, the post did not mention anything about providing a refund to victims who paid the 0.1 bitcoin (equal to $22.88 at the time this was posted and about $24 last week) required for the decryption keys since last week.
KnowBe4 CEO Stu Sjouwerman says the files released do not appear to be malicious after brief analysis, and that "it does contain a large quantity of RSA keys and Bitcoin addresses." But he warned those interested to only open these files "at your own risk until further analyses are performed." Sjouwerman speculated that the malware creator may have been spooked by attention from law enforcement or Eastern European organized crime syndicates that are behind most ransomware campaigns.
72626375
submission
colinneagle writes:
A small team of engineers and artists that make up Next Thing Co. launched a Kickstarter campaign today for Chip, their $9 single-board computer that boasts Wi-Fi, Bluetooth, and a larger processor than Raspberry Pi's most powerful models.
The tiny device runs a 1 GHz R8 ARM processor, and comes with 512MB of RAM and 4GB of storage. In comparison, the Raspberry Pi B and B+ models feature a 900 MHz quad-core ARM Cortex 7 processor. The Chip comes with a built-in composite output to connect to monitors and supports adapters for VGA or HDMI. It runs Debian Linux and comes preloaded with the Scratch programming language for those who might be new to coding.
Most noteworthy, though, is the Pocket Chip – a small device with a crude-looking screen and hard-key keyboard that plugs into the Chip and makes for portable computing. It may not be an iPhone killer, but it's an impressively inexpensive mobile form factor.
72529171
submission
colinneagle writes:
A report from maritime cybersecurity firm CyberKeel claims that spot spot checks at 50 different maritime sites revealed that 37% of the servers running Microsoft were still vulnerable because they had not been patched.
But what's most interesting is what happens when hackers can breach security in shipping environments, including one case in which "drug gangs were able to smuggle entire container loads of cocaine through Antwerp, one of Belgium's largest ports, after its hackers breached the port's IT network," said Rear Adm. Marshall Lytle, assistant commandant responsible for USCG Cyber Command.
72172501
submission
colinneagle writes:
The RSA Conference is usually full of theoretical hacks, but one that was disclosed this week seems like a godsend to Apple haters.
Researchers Yair Amit and Adi Sharabani, who both work for the mobile security firm Skycure, disclosed a new iOS hack which can cause targeted iPhones or iPads to enter a perpetual reboot loop, effectively rendering the devices all but useless. The researchers noted that the security flaw exists in iOS 8 and can be triggered via manipulated SSL certificates sent to a device over a Wi-Fi network. What's more, a previous iOS bug disclosed by Skycure, dubbed WiFiGate, enables attackers to create their own Wi-Fi network and "force external devices to automatically connect to it." Taken together, attackers can effectively create what is referred to as a "No iOS Zone."
The research firm adds that even when a victim knows that an errant Wi-Fi connection is wreaking havoc on their device, they can't exit out of the reboot loop to even turn it off. A video demonstration of what the hack looks like on an affected device is available at Network World.
71754853
submission
colinneagle writes:
A 14-year-old middle school student in Holiday, Florida, was arrested this week and charged with "an offense against a computer system and unauthorized access," which is a felony. The student reportedly used an administrator password to log into a teacher's computer and change the background image to a photo of two men kissing.
The student also revealed his secrets after he was caught – the password was the teacher's last name, and the teacher had typed it in in full view of the students. The student said many other students used these administrators' passwords (their teachers' last names) so they can screen-share and video chat with other students.
The student was briefly held in a nearby detention center, and the county Sheriff warned that other teenagers caught doing the same thing will "face the same consequences."
71753659
submission
DW100 writes:
ICANN, the body in charge with overseeing the management and rollout of new top level domains such as .porn, .adult and .sucks, has asked the FTC to investigate whether the registry running .sucks is acting illegally, after concerns raised by ICANN's own in-house legal team it is selling the domains to brand owners in a 'predatory' manner.
71752347
submission
An anonymous reader writes:
The Electronic Communications Privacy Act was written in 1986. It's incredibly outdated, yet it still governs many internet-related rights for U.S. citizens. Microsoft has now challenged Congress to update the legislation for how online communications work in 2015. The company is currently embroiled in a legal battle with the government over a court order to release emails stored in a foreign country to U.S. authorities. In a new legal brief (PDF), Microsoft says, "For an argument that purports to rest on the 'explicit text of the statute,’ the Government rewrites an awful lot of it. Congress never intended to reach, nor even anticipated, private communications stored in a foreign country when it enacted [the ECPA]." In an accompanying blog post, Microsoft general counsel Brad Smith wrote, "Until U.S. law is rewritten, we believe that the court in our case should honor well-established precedents that limit the government’s reach from extending beyond U.S. borders. ... To the contrary, it is clear Congress’s intent was to ensure that your digital information is afforded the same legal protections as your physical documents and correspondence, a principle we at Microsoft believe should be preserved."
