Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

Submission + - Increasingly Popular Update Technique For iOS Apps Puts Users At Risk (

itwbennett writes: An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through Apple's normal review process, potentially opening the door to abuse and security risks for users. An implementation of this technique, which is a variation of hot patching, comes from an open-source project called JSPatch. After adding the JSPatch engine to their application, developers can configure the app to always load JavaScript code from a remote server they control. This code is then interpreted by the JSPatch engine and converted into Objective-C. 'JSPatch is a boon to iOS developers,' security researchers from FireEye said in a blog post. 'In the right hands, it can be used to quickly and effectively deploy patches and code updates. But in a non-utopian world like ours, we need to assume that bad actors will leverage this technology for unintended purposes.'

Submission + - Apple – losing out on talent and in need of a killer new device (

mspohr writes: The Guardian has an interesting analysis of Apple today. It states: "Despite its huge value, Silicon Valley developers are turned off by ‘secretive, controlling’ culture and its engineering is no longer seen as cutting edge"
Developers and programmers are turned off by the controlling culture, it seems and want to work elsewhere. "Tellingly, Apple is no longer seen as the best place for engineers to work, according to several Silicon Valley talent recruiters. It’s a trend that has been happening slowly for years – and now, in this latest tech boom, has become more acute."
"Or as Elon Musk recently put the hiring situation a little more harshly: Apple is the “Tesla graveyard”.
“If you don’t make it at Tesla, you go work at Apple,” Musk recently told a German newspaper."
"The biggest issue for programmers seems to be a high-stress culture and cult of secrecy, which contrasts sharply with office trends toward gentler management and more playful workdays" “Apple’s not an engineering culture,”
“Tim Cook’s done an amazing job running the company, but [Steve Jobs] was the guy everyone wanted to follow into battle.”
Apples P/E is only 10... is it in decline?

Comment Re:iBook . (Score 1) 148

If you charge a fee for any book or other work you generate using this software (a âoeWorkâ), you may only sell or distribute such Work through Apple (e.g., through the iBookstore) and such distribution will be subject to a separate agreement with Apple.

Originally it was not worded to only be iBooks.

Submission + - How a mobile app firm found the XcodeGhost in the machine (

SpacemanukBEJY.53u writes: A Denver-based mobile app development company, Possible Mobile, had a tough time figuring out why Apple recently rejected its app from the App Store. After a lot of head scratching, it eventually found the XcodeGhost malware hidden in an unlikely place — a third-party framework that it had wrapped into its own app. Their experience shows that the efforts of malware writers can have far-ranging effects on the mobile app component supply chain.

Submission + - Ransomware Found Targeting Linux Servers, MySQL, Git, Subversion, etc.

An anonymous reader writes: A new ransomware was discovered that targets Linux servers only, looking to encrypt only files that are related to Web hosting, Web servers, MySQL, Subversion, Git, and other technologies used in Web development and HTTP servers. Weirdly, despite targeting business environments, the ransomware only asks for 1 Bitcoin, compared to other ransomware.

Submission + - Intel Skylake-U For Notebooks Shows Solid Gains Especially In Graphics (

MojoKid writes: Intel's 6th Generation Skylake family of Core processors has been available for some time now for desktops. However, the mobile variant of Skylake is perhaps Intel's most potent incarnation of the new architecture that's power-optimized on 14nm technology with a beefier graphics engine for notebooks. In late Q3, Intel started rolling out Skylake-U versions of the chip in a 15 Watt TDP flavor. This is the power envelope that most "ultrabooks" are built with and it's likely to be Intel's highest volume SKU of the processor. The Lenovo Yoga 900 tested here was configured with an Intel Core i7-6500U dual-core processor that also supports Intel HyperThreading for 4 logical processing threads available. Its base frequency is 2.5GHz, but the chip will Turbo Boost to 3GHz and down clocks way down to 500MHz when idle. The chip also has 4MB of shared L3 cache and 512K of L2 and 128K of data cache, total. In the benchmarks, the new Skylake-U mobile chip is about 5 — 10 faster than Intel's previous generation Broadwell platform in CPU-intensive tasks and 20+ percent faster in graphics and gaming, at the same power envelope, likely with better battery life, depending on the device.

Submission + - Vulnerability In Java Commons Library Leads to Hundreds of Insecure Applications (

An anonymous reader writes: What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.

The most underrated, underhyped vulnerability of 2015 has recently come to my attention, and I’m about to bring it to yours. No one gave it a fancy name, there were no press releases, nobody called Mandiant to come put out the fires. In fact, even though proof of concept code was released OVER 9 MONTHS AGO, none of the products mentioned in the title of the blog post have been patched, along with many more. In fact no patch is available for the Java library containing the vulnerability. In addition to any commercial products that are vulnerable, this also affects many custom applications.

For full details see the original blog post at

Submission + - Leaked Info on Comcast Data Caps (

An anonymous reader writes: I saw this on Reddit yesterday and thought to share here. A customer service rep from Comcast leaked info on the upcoming data cap expansion in the Southeastern US. The info also shows the script customer service reps are told to use if subscribers call to complain about these new usage caps.

Quoting the post:
Last night an anonymous comcast customer service employee on /b/ leaked these documents in the hopes that they would get out. Unfortunately the thread 404'd a few minutes after I downloaded these. All credit for this info goes to them whoever they are.

This info is from the internal "Einstein" database that is used by Comcast customer service reps.

The images leaked by the customer service rep:

Submission + - documents expose the inner workings of Obama's drone wars

An anonymous reader writes: A little over 2-years-ago Edward Snowden leaked a giant batch of NSA documents, Chelsea Manning handed Wikileaks a pile of government secrets in 2010, and now another source has leaked an equally impressive cache of papers focusing on Obama's drone program. The Intercept published the documents covering the U.S.A.'s use of drones to kill targets. Perhaps most eye-opening is the disclosure that as much as 90% of attacks over a five month period hit the wrong targets. According to The Intercept: "When the Obama administration has discussed drone strikes publicly, it has offered assurances that such operations are a more precise alternative to boots on the ground and are authorized only when an 'imminent' threat is present and there is 'near certainty' that the intended target will be eliminated. Those terms, however, appear to have been bluntly redefined to bear almost no resemblance to their commonly understood meanings."

Submission + - Browser Performance Tests Show Edge Fastest But Trails Standards Compliance (

MojoKid writes: The Internet and web browsers are an ever changing congruous mass of standards and design. Browser development is a delicate balance between features, security, compatibility and performance. However, although each browser has its own catchy name, some of them share a common web engine. Regardless, if you are in a business environment that's rolling out Windows 10, and the only browsers you have access to are Microsoft Edge or IE — go with Edge. It's the better browser of the two by far (security not withstanding). If you do have a choice, then there might better options to consider, depending on your use case. The performance differences between browsers currently are less significant than one might think. If you exclude IE, most browsers perform within 10-20% of each other, depending on the test. For web standards compliance like HTML5, Blink browsers (Chrome, Opera and Vivaldi) still have the upper-hand, even beating the rather vocal and former web-standards champion, Mozilla. Edge seems to trail all others in this area even though it's often the fastest in various tests.

Slashdot Top Deals