Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Submission Summary: 1 pending, 295 declined, 273 accepted (569 total, 47.98% accepted)

+ - Microsoft Opens Vulnerability Bounty Program for Spartan Browser

Submitted by jones_supa
jones_supa writes: As it did in the past when it tried to make Internet Explorer more secure, Microsoft has launched a new bug bounty program for Spartan browser, the default application of Windows 10 for surfing the information highway. A typical remote code execution flaw can bring between $1,500 and $15,000, and for the top payment you also need to provide a functioning exploit. The company says that it could pay even more than that, if you convince the jury on the entry quality and complexity. Sandbox escape vulnerabilities with Enhanced Protected Mode enabled, important or higher severity vulnerabilities in Spartan or its engine, and ASLR info disclosure vulnerabilities are also eligible. If you want to accept the challenge, Microsoft provides more information on how to participate.

+ - Ubuntu 15.04 Released, First Version to Feature SystemD->

Submitted by jones_supa
jones_supa writes: The final release of Ubuntu 15.04 is now available. Only modest set of improvements are rolling out with this spring's Ubuntu. While this means the OS can't rival the heavy changelogs of releases past, the adage "don’t fix what isn't broke" is clearly one that 15.04 plays to. The headline change is SystemD being featured first time in a stable Ubuntu release, which replaces the inhouse UpStart init system. The Unity desktop version 7.3 receives a handful of small refinements, most of which aim to either fix bugs or correct earlier missteps (for example, application menus can now be set to be always visible). The Linux version is 3.19.3 further patched by Canonical. As usual, the distro comes with fresh versions of various familiar applications.
Link to Original Source

+ - Early Windows 10 Technical Preview Builds Begin Expiring

Submitted by jones_supa
jones_supa writes: As we approach the final release of Windows 10, builds of the Technical Preview already begin to expire. A Microsoft Support Engineer recently posted a list of builds and the dates that each one of them will stop booting. According to the engineer, you will start getting warnings around two weeks before the license expires. If this happens, your computer will begin restarting automatically every three hours. Two weeks later, your computer will finally cease to boot, at which point a full reinstall is required. If you are currently running these builds and haven't updated, you can download the ISO for the fresh build 10049, which will keep you in the green for the coming six months.

+ - Qt Creator 3.4.0 Released

Submitted by jones_supa
jones_supa writes: Qt Creator 3.4.0 has been released with many new features. Qt Creator is a C/C++ IDE with specialized tools for developing Qt applications, and it works great for general-purpose projects as well. The new version comes with a C++ refactoring option to move function definitions out of a class declaration, auto-completion for signals and slots in Qt5-style connects, experimental Qt Test and Qt Quick Tests support in the Professional and Enterprise edition, support for 64-bit Android toolchains, and various other improvements. More details on the new version can be found in the official announcement and the changelog.

+ - Microsoft Announces Device Guard for Windows 10->

Submitted by jones_supa
jones_supa writes: Microsoft is making big efforts to increase the security of Windows 10 and turn the new operating system into a robust working environment, so several new features will be available in this regard when it comes out. Redmond is adding yet another feature called Device Guard that would give organizations full control over the apps that are allowed to be launched on a device running Windows 10. The administrator is in control of what sources Device Guard considers trustworthy and it comes also with tools that can make it easy to locally sign Universal or Win32 apps that may not have been originally signed by the software vendor.
Link to Original Source

+ - AMD Releases New "amdgpu" Graphics Driver For Linux->

Submitted by jones_supa
jones_supa writes: The AMD Linux driver team is announcing a new open source GPU driver for Linux. The amdgpu driver targets the newer line-up of AMD ASICs, and is a partial replacement for the previous open source radeon driver, which will continue providing support for older chips. A number of software components remain shared between the two drivers. Most of the team's focus has been on providing good support for Carrizo architecture, so there are some gaps in Tonga and Iceland support (notably power management), but those gaps are said to be filled in eventually.
Link to Original Source

+ - KDE Plasma 5.3 Beta Brings Lot of Improvements

Submitted by jones_supa
jones_supa writes: The KDE project today announced the release of KDE Plasma 5.3 beta. It brings better power management, improved Bluetooth support, improved widgets, Wayland support, new media center, and nearly 350 bugfixes. The power management improvements include settings that can be independently configured per activity, there is a new energy usage monitor available in KInfoCenter, and a battery applet identifies applications that hog power. Bluetooth applet brings added support for blocking and unblocking devices. New touchpad module has been added as well. The combined window manager and compositor KWin is now able to start a nested XWayland server, which acts as a bridge between the old X11 and the new Wayland world.

+ - Remote Code Execution Vulnerability Found in Windows HTTP Stack

Submitted by jones_supa
jones_supa writes: A remote code execution vulnerability exists in the Windows HTTP stack that is caused when HTTP.SYS parses specially crafted HTTP requests. An attacker who has successfully exploited this vulnerability could execute arbitrary code under the SYSTEM context. The vulnerability is exploited by sending a specially crafted HTTP request to the affected system. Details of the bug are withheld, but exploit code is floating around. Microsoft describes the issue in security bulletin MS15-034. An update (KB3042553) is already available for all supported editions of Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2. As a workaround Microsoft offers disabling IIS kernel caching.

+ - PrivateInternetAccess Becomes Main Sponsor of Linux Mint->

Submitted by jones_supa
jones_supa writes: PrivateInternetAccess (PIA), one of the world's leading VPN providers, has made an agreement with Linux Mint to become the distro's main sponsor. PIA's production hardware encompasses 3,180 servers in 16 countries. The company claims that they never log data, and they advertise some of the lowest subscription prices available. About Mint, PIA says: "Many of our in-house developers and marketing staff utilize Linux Mint as a desktop. It is great because everything just works. We're big fans of open source and sponsor quite a bit of projects as well as other types of organizations that fight for privacies, civil liberties, etc. Since some of us were already using Linux Mint, it made sense!" Among other open source projects, PIA also sponsors Freenode and GNOME.
Link to Original Source

+ - Linux Getting Extensive x86 Assembly Code Refresh 1

Submitted by jones_supa
jones_supa writes: A massive x86 assembly code spring cleaning has been done in a pull request that is to end up in Linux 4.1. The developers have tried testing the code on many different x86 boxes, but there's risk of regression when exposing the code to many more systems in the days and weeks ahead. That being said, the list of improvements is excellent. There are over 100 separate cleanups, restructuring changes, speedups and fixes in the x86 system call, IRQ, trap and other entry code, part of a heroic effort to deobfuscate a decade old spaghetti assembly code and its C code dependencies.

+ - LG Split Screen Software Compromises System Security->

Submitted by jones_supa
jones_supa writes: The Korean electronics company LG ships a split screen tool with their ultra wide displays. It allows to slice the Windows desktop into multiple segments, which is actually a nice feature. However, installing the software seriously compromises security of the particular workstation. The developers required administrator access for the software, but apparently they hacked their way out. The installer silently disables User Account Control, and enables a policy to start all applications as Administrator. In the article there is also a video presentation of the setup procedure. It is safe to say that no one should be running this software in its current form.
Link to Original Source

+ - Being Overweight Reduces Dementia Risk->

Submitted by jones_supa
jones_supa writes: Being overweight cuts the risk of dementia, according to the largest and most precise investigation into the relationship. The researchers were surprised by the findings, which run contrary to current health advice. The team at Oxon Epidemiology and the London School of Hygiene and Tropical Medicine analysed medical records from 2 million people aged 55 on average, for up to two decades. Their most conservative analysis showed underweight people had a 39% greater risk of dementia compared with being a normal healthy weight. But those who were overweight had an 18% reduction in dementia, and the figure was 24% reduction for the obese. Any explanation for the protective effect is distinctly lacking. There are some ideas that vitamin D and E deficiencies contribute to dementia and they may be less common in those eating more. Be it any way, let's still not forget that heart disease, stroke, diabetes, some cancers and other diseases are all linked to a bigger waistline. Maybe being slightly overweight is the optimum to strike, if the recent study is to be followed.
Link to Original Source

+ - Valve Offering Free Games To Larger Amount of Developers

Submitted by jones_supa
jones_supa writes: Last year, Valve made it possible for Debian developers to get free subscription to all Valve games. In the dri-devel mailing list, Daniel Stone informs that now the game company is expanding the offer to Mesa developers as well. If you have 25 or more commits to Mesa in the past 5 years, read the post for instructions on how to get VIP access to the Valve catalogue.

+ - "Let's Encrypt" Project Strives To Make Encryption Simple

Submitted by jones_supa
jones_supa writes: As part of an effort to make encryption a standard component of every application, Linux Foundation has launched its Let's Encrypt project (announcement) along with its intention to provide access to a free certificate management service. Jim Zemlin, executive director for the Linux Foundation, says that the goal for the project is nothing less than universal adoption of encryption to disrupt a multi-billion dollar cracker economy. While there may never be such a thing as perfect security, Zemlin says it's just too easy to steal data that is not encrypted. In its current form, encryption is difficult to implement and a lot of cost and overhead is associated with managing encryption keys. Zemlin claims that the Let's Encrypt project will reduce the effort it takes to encrypt data in an application down to two simple commands. The project is being hosted by the Linux Foundation, but the actual project is being managed by the Internet Security Research Group (ISRG). This work is sponsored by Akamai, Cisco, EFF, Mozilla, IdenTrust, and Automattic, which all are Linux Foundation patrons. Visit Let's Encrypt official website to get involved.

+ - Sony Computer Entertainment Open To PlayStation 4 Feedback

Submitted by jones_supa
jones_supa writes: Sony Computer Entertainment CEO Shuhei Yoshida has appointed Toshimasa Aoki to take into account user feedback on the PlayStation 4. Sony is looking for open feedback on the PS4 on what features they should include in the future as part of the core functionality. Already there are a flood of ideas being suggested, though not all are necessarily reasonable or system software requests. If you have a groundbreaking feature that must be included in the next update for the PS4, then tweet @toshimasa_aoki to have it taken into consideration. If your idea is reasonable, there is a chance to get it investigated and eventually even implemented.

In 1750 Issac Newton became discouraged when he fell up a flight of stairs.

Working...