Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:Chasing the wrong people (Score 1) 74

I agree with your assessment in how things should be made more simplified in that the updates should come from Google. There's a problem, however, in that to my knowledge the drivers are tightly coupled with the kernel. They do this for both performance and because that is the way the Linux kernel is. You run into the same issues on desktop Linux systems where installing NVidia drivers requires a patch and shim to load a binary blob.

Comment Re:Not the first time... (Score 1) 212

When an app is removed from the App store, it continues to function where it's installed. (Apple so far has not disabled nor remotely removed any app from anyone's devices). if you sync with iTunes, iTunes will capture the app and save a copy locally.

They removed this functionality. https://imazing.com/why-did-ap...

Submission + - Increasingly Popular Update Technique For iOS Apps Puts Users At Risk (csoonline.com)

itwbennett writes: An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through Apple's normal review process, potentially opening the door to abuse and security risks for users. An implementation of this technique, which is a variation of hot patching, comes from an open-source project called JSPatch. After adding the JSPatch engine to their application, developers can configure the app to always load JavaScript code from a remote server they control. This code is then interpreted by the JSPatch engine and converted into Objective-C. 'JSPatch is a boon to iOS developers,' security researchers from FireEye said in a blog post. 'In the right hands, it can be used to quickly and effectively deploy patches and code updates. But in a non-utopian world like ours, we need to assume that bad actors will leverage this technology for unintended purposes.'

Submission + - Apple – losing out on talent and in need of a killer new device (theguardian.com)

mspohr writes: The Guardian has an interesting analysis of Apple today. It states: "Despite its huge value, Silicon Valley developers are turned off by ‘secretive, controlling’ culture and its engineering is no longer seen as cutting edge"
Developers and programmers are turned off by the controlling culture, it seems and want to work elsewhere. "Tellingly, Apple is no longer seen as the best place for engineers to work, according to several Silicon Valley talent recruiters. It’s a trend that has been happening slowly for years – and now, in this latest tech boom, has become more acute."
"Or as Elon Musk recently put the hiring situation a little more harshly: Apple is the “Tesla graveyard”.
“If you don’t make it at Tesla, you go work at Apple,” Musk recently told a German newspaper."
"The biggest issue for programmers seems to be a high-stress culture and cult of secrecy, which contrasts sharply with office trends toward gentler management and more playful workdays" “Apple’s not an engineering culture,”
“Tim Cook’s done an amazing job running the company, but [Steve Jobs] was the guy everyone wanted to follow into battle.”
Apples P/E is only 10... is it in decline?

Comment Re:iBook . (Score 1) 148

If you charge a fee for any book or other work you generate using this software (a âoeWorkâ), you may only sell or distribute such Work through Apple (e.g., through the iBookstore) and such distribution will be subject to a separate agreement with Apple.

Originally it was not worded to only be iBooks.

Submission + - How a mobile app firm found the XcodeGhost in the machine (computerworld.com)

SpacemanukBEJY.53u writes: A Denver-based mobile app development company, Possible Mobile, had a tough time figuring out why Apple recently rejected its app from the App Store. After a lot of head scratching, it eventually found the XcodeGhost malware hidden in an unlikely place — a third-party framework that it had wrapped into its own app. Their experience shows that the efforts of malware writers can have far-ranging effects on the mobile app component supply chain.

Submission + - Ransomware Found Targeting Linux Servers, MySQL, Git, Subversion, etc.

An anonymous reader writes: A new ransomware was discovered that targets Linux servers only, looking to encrypt only files that are related to Web hosting, Web servers, MySQL, Subversion, Git, and other technologies used in Web development and HTTP servers. Weirdly, despite targeting business environments, the ransomware only asks for 1 Bitcoin, compared to other ransomware.

Submission + - Intel Skylake-U For Notebooks Shows Solid Gains Especially In Graphics (hothardware.com)

MojoKid writes: Intel's 6th Generation Skylake family of Core processors has been available for some time now for desktops. However, the mobile variant of Skylake is perhaps Intel's most potent incarnation of the new architecture that's power-optimized on 14nm technology with a beefier graphics engine for notebooks. In late Q3, Intel started rolling out Skylake-U versions of the chip in a 15 Watt TDP flavor. This is the power envelope that most "ultrabooks" are built with and it's likely to be Intel's highest volume SKU of the processor. The Lenovo Yoga 900 tested here was configured with an Intel Core i7-6500U dual-core processor that also supports Intel HyperThreading for 4 logical processing threads available. Its base frequency is 2.5GHz, but the chip will Turbo Boost to 3GHz and down clocks way down to 500MHz when idle. The chip also has 4MB of shared L3 cache and 512K of L2 and 128K of data cache, total. In the benchmarks, the new Skylake-U mobile chip is about 5 — 10 faster than Intel's previous generation Broadwell platform in CPU-intensive tasks and 20+ percent faster in graphics and gaming, at the same power envelope, likely with better battery life, depending on the device.

Submission + - Vulnerability In Java Commons Library Leads to Hundreds of Insecure Applications (foxglovesecurity.com)

An anonymous reader writes: What Do WebLogic, WebSphere, JBoss, Jenkins, OpenNMS, and Your Application Have in Common? This Vulnerability.

The most underrated, underhyped vulnerability of 2015 has recently come to my attention, and I’m about to bring it to yours. No one gave it a fancy name, there were no press releases, nobody called Mandiant to come put out the fires. In fact, even though proof of concept code was released OVER 9 MONTHS AGO, none of the products mentioned in the title of the blog post have been patched, along with many more. In fact no patch is available for the Java library containing the vulnerability. In addition to any commercial products that are vulnerable, this also affects many custom applications.

For full details see the original blog post at http://foxglovesecurity.com/20...

Submission + - Leaked Info on Comcast Data Caps (reddit.com)

An anonymous reader writes: I saw this on Reddit yesterday and thought to share here. A customer service rep from Comcast leaked info on the upcoming data cap expansion in the Southeastern US. The info also shows the script customer service reps are told to use if subscribers call to complain about these new usage caps.

Quoting the post:
Last night an anonymous comcast customer service employee on /b/ leaked these documents in the hopes that they would get out. Unfortunately the thread 404'd a few minutes after I downloaded these. All credit for this info goes to them whoever they are.

This info is from the internal "Einstein" database that is used by Comcast customer service reps.

The images leaked by the customer service rep:
http://i.imgur.com/Dblpw3h.jpg
http://i.imgur.com/GIkvxCG.jpg
http://i.imgur.com/quf68FC.jpg
http://i.imgur.com/kJkK4HJ.jpg
http://i.imgur.com/hqzaNvd.jpg
http://i.imgur.com/NiJBbG4.jpg

Slashdot Top Deals

"Catch a wave and you're sitting on top of the world." - The Beach Boys

Working...