Medicine

Amazon Is Headed For the Prescription-Drug Market, Analysts Say (bloomberg.com) 40

An anonymous reader quotes a report from Bloomberg: Amazon.com Inc. is almost certain to enter the business of selling prescription drugs by 2019, said two analysts at Leerink Partners, posing a direct threat to the U.S.'s biggest brick-and-mortar drugstore chains. "It's a matter of when, not if," Leerink Partners analyst David Larsen said in a report to clients late Thursday. "We expect an announcement within the next 1-2 years." Amazon has a long standing interest in prescription drugs, an industry with multiple middlemen, long supply chains and opaque pricing. In the 1990s, it invested in startup Drugstore.com and Amazon Chief Executive Officer Jeff Bezos sat on the board. Walgreens eventually purchased the site and shuttered it last year to focus on its own branded website Walgreens.com. Leerink's calls with industry experts suggest that Amazon "is in active discussions" with mid-size pharmacy benefit managers and possibly larger player such as Prime Therapeutics, Larsen's colleague, Ana Gupte, wrote in a separate report Friday. On Friday, CNBC reported that Amazon could make a decision about selling prescription drugs online before Thanksgiving.
Television

Columnist Mocks The Case Against Cord-Cutting As 'Too Many Choices' (techhive.com) 314

An anonymous reader quote TechHive: The cord-cutting naysayers are trotting out a new argument in favor of cable, and it's even more absurd than the old ones: Having too many high-quality, standalone streaming services, they say, is actually bad for consumers, who are apparently helpless at using technology or making sound purchase decisions... The New York Post's Johnny Oleksinski concluded that all those sneering hipsters who've had the nerve to ditch cable are about to get their comeuppance -- in the form of additional services to choose from... By now, anyone who's actually cut the cable cord should be screaming out in unison: No one's making you subscribe to all these services! You can pick the ones you care about most, rotate between services, or occupy your screen time with a growing number of other digital distractions...

I will concede that if you want to use multiple streaming services, trying to sift through them all can be confusing. But even this concern is blown entirely out of proportion by naysaying pundits, who seem to ignore solutions that already exist. Roku, Amazon Fire TV, and Apple TV all offer universal search across services like Netflix and Hulu, while features like Roku Feed and the Apple TV TV app demonstrate how system-wide browsing is getting easier. Besides, using a handful of apps to get what you want isn't that burdensome -- especially for the growing audience of people who've been raised on smartphones... consumers are smarter than they're getting credit for. That's why cable subscriptions continue to plunge, even as these bogus stories keep popping up like clockwork.

Google

Google Maps Lets You Record Your Parking Location, Time Left At the Meter (techcrunch.com) 50

Google Maps has received a neat feature that will help users remember where they parked. "This appears as a new menu option when you tap the blue dot, and will place a 'P' icon on the map so you can find your way back to your spot," reports Ars Technica. From the report: Google had already introduced its own proactive parking saving feature via Google Now, but it had worked by tapping into your phone's sensors and making a determination that you had most likely parked at a given spot. Sometimes, you might see this information appear when it was unwarranted, however -- like if you got off a bus or exited a taxi, Google says. The new feature in Google Maps requires a manual entry, but this is actually a bit of an advantage over the guessing done by Google Now, because it allows you to input more information about your spot. Like Apple Maps, you can add notes about where you parked -- something that's helpful for jotting down cross streets or which floor of a garage you're on, for example. But Google Maps also supports adding multiple photos of your parking location -- a common way people often note the parking space number in the garage, and then, via a separate shot, the floor, row, aisle and/or color code for the garage level itself. In addition, Google's parking location saver will let you enter in how much time you have left at the spot. This is handy if you're in a temporary parking area (e.g. "two hour parking"), or at metered space. The time left is displayed on the map, and when it's due to expire, Google Maps will alert you via push notification.
Java

Muni System Hacker Hit Others By Scanning For Year-Old Java Vulnerability (arstechnica.com) 30

An anonymous reader quotes a report from Ars Technica: The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server. That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan. In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers." That description of the ransomware attack is not consistent with some of the evidence of previous ransomware attacks by those behind the SFMTA incident -- which Rose said primarily affected about 900 desktop computers throughout the agency. Based on communications uncovered from the ransomware operator behind the Muni attack published by security reporter Brian Krebs, an SFMTA Web-facing server was likely compromised by what is referred to as a "deserialization" attack after it was identified by a vulnerability scan. A security researcher told Krebs that he had been able to gain access to the mailbox used in the malware attack on the Russian e-mail and search provider Yandex by guessing its owner's security question, and he provided details from the mailbox and another linked mailbox on Yandex. Based on details found in e-mails for the accounts, the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks.
Communications

NASA X-Ray Tech Could Enable Superfast Communication In Deep Space (space.com) 58

An anonymous reader quotes a report from Space.com: New technology could use X-rays to transmit data at high rates over vast distances in outer space, as well as enable communications with hypersonic vehicles during re-entry, when radio communications are impossible, NASA scientists say. The technology would combine multiple NASA projects currently in progress to demonstrate the feasibility of X-ray communications from outside the International Space Station. The radio waves used by mobile phones, Wi-Fi and, of course, radios, are one kind of light. Other forms of light can carry data as well; for instance, fiber-optic telecommunications rely on pulses of visible and near-infrared light. The effort to use another type of light, X-rays, for communication started with research on NASA's proposed Black Hole Imager. That mission is designed to analyze the edges of the supermassive black holes that previous research suggested exist at the centers of most, if not all, large galaxies. One potential strategy to enable the Black Hole Imager was to develop a constellation of precisely aligned spacecraft to collect X-rays emitted from the edges of those black holes. Keith Gendreau, an astrophysicist at NASA's Goddard Space Flight Center in Greenbelt, Maryland, thought of developing X-ray emitters that these spacecraft could use as navigational beacons to make sure they stayed in position relative to one another. The system would keep them aligned down to a precision of just 1 micron, or about one-hundredth the average width of a human hair. Gendreau then reasoned that by modulating or varying the strength or frequency of these X-ray transmissions on and off many times per second, these navigational beacons could also serve as a communication system. Such X-ray communication, or XCOM, might, in theory, permit gigabit-per-second data rates throughout the solar system, he said. One advantage that XCOM has compared to laser communication in deep space is that X-rays have shorter wavelengths than the visible or infrared light typically used in laser communication. Moreover, X-rays can penetrate obstacles that impede radio communication.
Operating Systems

Canonical Releases Snapcraft 2.14 For Ubuntu With New Rust Plugin, Improvements (softpedia.com) 44

Marius Nestor, reporting for Softpedia News: Canonical, through Sergio Schvezov, has had the great pleasure of announcing the release and general availability of Snapcraft 2.14 Snap creator tool for the Ubuntu 16.04 LTS (Xenial Xerus) operating system. Coming hot on the heels of Snapcraft 2.13, the new 2.14 maintenance update is here to introduce a bunch of new plugins, namely rust, godeps, and dump. You can find more information about each one by running the "snapcraft help " command in a terminal window. Also new in the Snapcraft 2.14 release is support for alternate relocation mechanisms in the "make" plugin (for example, you can use DESTDIR alternatives), as well as many improvements to the "go" plugin, such as support for local sources, which are now preferred instead of fetching new ones, and proper handling of the source entry. The list of improvements implemented in Snapcraft 2.14 continues with support for building a kernel Snaps for multiple hardware architectures using a single snapcraft.yaml file, support for "oneshot" daemons, better wiki parser source management, as well as proper setting of "shebangs" and support for requirement files in the "python" plugin.
Open Source

Dangerous 7-Zip Vulnerabilities Flow To Top Security, Software Tools (theregister.co.uk) 109

mask.of.sanity quotes a report from The Register: Some of the world's biggest security and software vendors will be rushing to patch holes in implementations of the popular 7-Zip compression tool to stop attackers gaining full control of customer machines. Marcin Noga, Cisco security researcher, found and reported the holes to the platform, which could allow attackers to compromise updated machines, giving attackers the same access rights as logged-in users. FireEye and MalwareBytes are two of many products that use 7-Zip. "An out-of-bounds read vulnerability exists in the way 7-Zip handles Universal Disk Format files ... [which] can be triggered by any entry that contains a malformed Long Allocation Descriptor," Colleague of The Register Jaeson Schultz said. The flaws were fixed in 7-Zip 16.00, which was released Tuesday.
Databases

PostgreSQL 9.5 Does UPSERT Right (thenewstack.io) 105

joabj writes: For years, PostgreSQL users would ask when their favorite open source database system would get the UPSERT operator, which can either insert an entry or update it if a previous version already existed. Other RDMS have long offered this feature. Bruce Momjian, one of the chief contributors to PostgreSQL, admits to being embarrassed that it wasn't supported. Well, PostgreSQL 9.5, now generally available, finally offers a version of UPSERT and users may be glad the dev team took their time with it. Implementations of UPSERT on other database systems were "handled very badly," sometimes leading to unexpected error messages Momjian said. Turns out it is very difficult to implement on multi-user systems. "What is nice about our implementation is that it never generates an unexpected error. You can have multiple people doing this, and there is very little performance impact," Momjian said. Because it can work on multiple tables at once, it can even be used to merge one table into another.
Databases

PostgreSQL Getting Parallel Query 83

New submitter iamvego writes: A major feature PostgreSQL users have requested for some time now is to have the query planner "parallelize" a query. Now, thanks to Robert Haas and Amit Kapila, this has now materialized in the 9.6 branch. Robert Haas writes in his blog entry that so far it only supports splitting up a sequential scan between multiple workers, but should hopefully be extended to work with multiple partitions before the final release, and much more beside in future releases.
Programming

Ask Slashdot: How Can My Code Help? 47

An anonymous reader writes: The story will probably be familiar. My non-profit organization had a particular need (we want to communicate with government officials by offering anecdotes and stories of how we help their constituents), and while I created a solution, the time constraints and lack of experience, training and natural ability show. I'd like to do more with the code, both in terms of letting others have it for their needs and also because I'm sure talented coders could more quickly and efficiently solve some of the existing problems with my code. But how do I make that happen? What do I do with it?

I have every intention of continuing to work on it. I enjoyed the learning opportunity, and I've already identified a number of things I want to improve upon, but I recognize that even as crude as my code is, if it solved my issue it might help others too.

Do I just put it on Github or SourceForge and hope that someone else will have that magic formula of my use case and skill level (because someone more talented would probably make their own code easily enough, while someone less talented may not realize how doable the solution can be)? Do I try to find an existing project and see if I can shoe-horn my efforts in somewhere? Do I keep it to myself until some unspecified point in time that I realize it's right for sharing?
Read on for further background information on this question.
Bug

Multiple Vulnerabilities Exposed In Pocket 88

vivaoporto writes: Clint Ruoho reports on gnu.gl blog the process of discovery, exploitation and reporting of multiple vulnerabilities in Pocket, the third party web-based service chosen by Mozilla (with some backslash) as the default way to save articles for future reading in Firefox. The vulnerabilities, exploitable by an attacker with only a browser, the Pocket mobile app and access to a server in Amazon EC2 costing 2 cents an hour, would give an attacker unrestricted root access to the server hosting the application.

The entry point was exploiting the service's main functionality itself — adding a server internal address in the "read it later" user list — to retrieve sensitive server information like the /etc/passwd file, its internal IP and the ssh private key needed to connect to it without a password. With this information it would be possible to SSH into the machine from another instance purchased in the same cloud service giving the security researcher unrestricted access. All the vulnerabilities were reported by the researcher to Pocket, and the disclosure was voluntarily delayed for 21 days from the initial report to allow Pocket time to remediate the issues identified. Pocket does not provide monetary compensation for any identified or possible vulnerability.
Programming

2014 Underhanded C Contest Winners Announced 27

Rei writes with a bit of news from earlier this week: It's that time of year again — the results of the 2014 Underhanded C Contest have been announced. Techniques used for secretly alerting a user to a NSA request include (among others) misleadingly long loop execution, replacing user #defines with system ones, K&R style function declarations to avoid type checking, and using system #includes to covertly change structure packing. The winning entry exploits a system-provided function that is implemented as a poorly protected macro, tricking it into executing a piece of code given as an argument multiple times.
Classic Games (Games)

MAME Changing License To Fully Libre One 56

jones_supa writes: The source code of MAME (Multiple Arcade Machine Emulator) has long been freely available, but it's never been completely libre. Instead, it's been available under a modified BSD license that prohibits, among other things, commercial use of the code. MAME engineer Miodrag Milanovic explains that such a license was put in place to deter "misuse of MAME in illegal ways," but it also kept legitimate commercial entities doing business with the software. Examples of such could be museums that charge entry fees from using MAME in their exhibits, or copyright holders rereleasing vintage games encapsulated inside MAME. Now the project wants to go fully open. Milanovic continues: "Our aim is to help legal license owners in distributing their games based on MAME platform, and to make MAME become a learning tool for developers working on development boards." As of yet, there are no specific details about the new license.
China

China Confirms New Generation of ICBM 224

Taco Cowboy (5327) writes with news of the Chinese military's latest toy, an ICBM capable of delivering multiple warheads across the Pacific. From the article: The DF-41 is designed to have a range of 12,000 kilometers (7,500 miles), according to a report by Jane's Strategic Weapon Systems, putting it among the world's longest-range missiles. ... It is "possibly capable of carrying multiple independently targetable re-entry vehicles", the U.S. Defense Department said in a report in June, referring to a payload of several nuclear warheads. It also quoted a Chinese military analyst as saying: "As the U.S. continues to strengthen its missile defense system, developing third generation nuclear weapons capable of carrying multiple warheads is the trend." China's previous longest range missile was the DF-5A, which can carry a single warhead as far as 12,000 km, according to Jane's.
Microsoft

3 Reasons Why Microsoft Needs 3 Surface Tablets 266

CowboyRobot writes "It's looking like Microsoft is planning to replace its underachieving Surface tablet with two new products, but it may need three to finally have success with the Surface. Three tablets would provide an entry point and an upgrade path. Multiple Surface RT models would help Windows RT survive OEM skepticism. Microsoft needs device fanfare to accompany Windows 8.1, and to coincide with enterprise hardware upgrades. If the company releases one of the models before the end of the year, the device would arrive in time not only for the holiday season, but also to cash in on user interest in Windows 8.1, which will be released later this fall. Surface devices released next year, meanwhile, could capitalize on enterprise hardware upgrades, which are expected to pick up as Windows XP's April 8, 2014 end-of-service date nears."
Books

Book Review: Creating Mobile Apps With JQuery Mobile 91

sagecreek writes "You can judge this book, at least in part, by the lengthy tagline on its cover: 'Learn to make practical, unique, real-world sites that span a variety of industries and technologies with the world's most popular mobile development library.' jQuery might not be your favorite framework on the long, long list of JavaScript possibilities. But Shane Gliser unabashedly describes himself as a jQuery 'fanboy...if it's officially jQuery, I love it.' Gliser is an experienced mobile developer and blogger who operates Roughly Brilliant Digital Studios. He also has some background in mobile UX (user experience), and both qualities show in this smoothly written, well-illustrated, 234-page how-to book that focuses on jQuery Mobile, a 'touch-optimized' web framework for smartphones and tablets." Read below for the rest of sagecreek's review.
The Military

India's ICBM Will Carry Multiple Nuclear Warheads 351

An anonymous reader writes "India is equipping its longest range nuclear-capable missile, the Agni-V, with Multiple Independently Targetable Re-entry Vehicles (MIRVs), The Diplomat reports. A MIRVed Intercontinental Ballistic Missile (ICBM) carries multiple nuclear warheads on a single missile, which it dispenses towards numerous or a single target after the final stage of the ICBM boosts off. MIRVed missiles destabilized the Cold War nuclear balance and are likely to do so again: 'Because they give nations greater confidence in being able to destroy an adversary's hardened missile silo sites in a first strike by launching multiple, lower yield warheads at the sites.'"
Businesses

Two Changes To Quirky Could Change The World 103

"Quirky.com has generated a lot of buzz," writes frequent contributor Bennett Haselton, "but it's hard to see how it could ever be more than a novelty unless they change two key features of their process. Fortunately, they already have all the infrastructure in place for bringing inventions to fruition, so that with these two changes, Quirky really could deliver on their early promise to change the way products get invented." Read on for Bennett's thoughts — which seem more sensible than quirky.

Slashdot Top Deals