"Today, we are excited to share with you that we've just made the sources for ChakraCore available under the MIT License at the ChakraCore GitHub repository," he wrote. "Going forward, we'll be developing the key components of Chakra in the open."
With the release, you can build ChakraCore on Windows 7 SP1 or above with Visual Studio 2013 or 2015 with C++ support installed, Seth said. Of course, Edge is more than just the Chakra engine, but this could result in a back port to Windows 7. He also said Microsoft is committed to bringing it to other platforms, starting with Linux, and invited developers to "help us in the pursuit either by letting us know which other platforms they'd like to see ChakraCore supported on, or even by helping port it to the platform of their choice."
colinneagle writes: If you have a PS4 and want to run homebrew content, then you might be happy to know developer CTurt claimed, “PS4 is now officially jailbroken.” Over the weekend, CTurt took to Twitter to make the announcement. He did not use a jail vulnerability, he explained in a tweet. Instead, he used a FreeBSD kernel exploit.
Besides posting “an open source PlayStation 4 SDK” on GitHub, CTurt analyzed PS4’s security twice and explained PS4 hacking. CTurt updated the open source PS4 SDK yesterday; he previously explained that Sony’s proprietary Orbis OS is based on FREEBSD. In the past he released the PS4-playground, which included PS4 tools and experiments using the Webkit exploit for PS4 firmware version 1.76. To put that in context, Sony released version 3.0 in September. However, CTurt claimed the hack could be made to work on newer firmware versions.
Other PS4 hackers are reportedly also working on a kernel exploit, yet as Wololo pointed out, it is unlikely there might be more than proof-of-concept videos as the developers continue to tweak the exploit. Otherwise, Sony will do as it has in the past and release a new firmware version. In October 2014, developers nas and Proxima studied the PSVita Webkit exploit, applied it to the PS4, and then released the PS4 proof-of-concept. Shortly thereafter. Sony pushed out new firmware as a patch.
colinneagle writes: AMD has just issued a fix to its graphics driver that was causing GPU fans to lock at 20% max speed, which in turn caused the GPU to overheat and, in some cases, kill the card. Even though it's listed as a beta, if you are using the Crimson graphics driver, you want to upgrade now. Earlier this month AMD launched a whole new driver and video card application called Crimson, designed as a replacement for the old Catalyst driver and app.
According to a Reddit community forum, Radeon users found that the Crimson drivers were locking their fans at a low speed, thus the card overheated and died. At 20%, the fan is still pretty quiet, so the user has no idea there is a problem until their video card dies.
The community came up with a fix, illustrated in an image that shows the Crimson app and what steps to take. The only caveat is that you have to redo the steps every time you reboot.
colinneagle writes: With the release of Build 10586, or Threshold 2, DiagTrack — the Diagnostics Tracking Service, one of the main culprits in telemetry and other user activity gathering in Windows 10 — disappeared, and there was much rejoicing. However, the white hat hackers at Tweakhound (and confirmed by BetaNews) have discovered that Microsoft merely renamed it to the Connected User Experiences and Telemetry service, which throws people off, along with all the utilities to turn off these services, like DoNotSpy10.
Even sneakier, when you install Threshold 2, Windows 10 resets user preferences, so everything you turned off is back on without telling you about it.
Fortunately, the service can still be manually disabled, and no doubt the anti-spying apps will be updated to reflect this.
colinneagle writes: Global management consultants McKinsey and Company said in a recent report that many of the tasks that a CEO performs could be taken over by machines.
Those redundant tasks include "analyzing reports and data to inform operational decisions; preparing staff assignments; and reviewing status reports," the report says.
This potential for automation in the executive suite is in contrast to "lower-wage occupations such as home health aides, landscapers, and maintenance workers," the report says. Those jobs aren't as suitable for automation, according to the report. The technology has not advanced enough.
colinneagle writes: There are some technologies that just refuse to die, kept alive and kicking by a small but very devoted and enthusiastic cluster of users. The Amiga is one such example, still running more than 20 years after the last Amiga rolled off the lines.
Also still kicking is OS/2, IBM's last stab at a competing operating system to Windows, which the company abandoned in 1996 after its fourth and final major release, known as OS/2 Warp. An organization called Arca Noae not only continues development of the OS but also offers support to companies still using OS/2.
According to TechRepublic, which was at the show, the new distribution of that OS is codenamed Blue Lion, which will feature both new functionality as well as upgrades to the existing OS. The focus will be on running a full OS/2 implementation on bare metal, not just in virtual machines, according to Arca Noae. Blue Lion will add modern ACPI versions, USB 1.1 and 2.0, AHCI support for Serial ATA disks like SSDs, and a myriad of new drivers. New features include a completely reworked installation process that will allow for installation from USB drives, the ability to check for updates over the Internet while doing the installation, and improving SMP support. The developers are also working on network installation.
colinneagle writes: Two recent reports tell the story of one enterprising Canadian who takes advantage of a loophole to provide substantially cheaper wireless cell service for a one-time $100 payment.
How exactly he does it appears to be unclear, but it involves pricing discrepancies in Canada, where lower-populated provinces like Manitoba and Saskatchewan see much cheaper cell service. Basically, the scheme involves signing up for an account in one of these regions, where Canadian wireless service provider Koodo offers a 5GB monthly data plan for $48, then selling the account to people who live in more populated regions of the country, where the same plan typically costs at least $90.
This loophole has apparently been around for a while, with both of the aforementioned articles pointing to a forum conversation started in 2008 on a site called RedFlagDeals.com. This post showed a $55 monthly plan (available for $49.50 if you sign up with your own device) that offers unlimited calling, texting, and 5GB of data. The forum's moderators, however, posted an update five years after the discussion was started warning that "any discussion regarding getting this deal outside of Manitoba or Saskatchewan will no longer be allowed."
One article also says other people offer similar services on Craigslist.
colinneagle writes: When one Chinese technology vendor, Qihoo, launched a new Wi-Fi router with a safety setting for "pregnant women," a rival vendor took offense to the implication that their routers might be dangerous. Xiamo, which also sells Wi-Fi routers, took to its page on Chinese social media site Weibo to denounce Qihoo's pregnant women mode as a "marketing tactic," and clarify that "Wi-Fi usage is safe."
Zhou Hongyi, chief executive and president of Qihoo, acknowledged in a statement to the South China Morning Post that there is no evidence supporting claims that Wi-Fi routers pose a risk for birth defects. But he said the company is appealing to consumers' beliefs, whether they are supported by science or not.
"We are targeting people who are afraid of radiation," Hongyi said. "We aren't scientists. We haven't done many experiments to prove how much damage the radiation from Wi-Fi can cause. We leave the right of choice to our customers."
colinneagle writes: Last week, a new strain of ransomware called Locker was activated after having been sitting silently on infected PCs. Security firm KnowBe4 called Locker a "sleeper" campaign that, when the malware's creator "woke it up," encrypted the infected devices' files and charged roughly $24 in exchange for the decryption keys. This week, an internet user claiming to be the creator of Locker publicly apologized for the campaign and appears to have released the decryption keys for all the devices that fell victim to it, KnowBe4 reported in an alert issued today. Locker's creator released this message in a PasteBin post, along with a link to a file hosted on Mega.co containing the decryption keys. The malware creator also said that an automatic decryption process for all devices that were affected by Locker will begin June 2nd.
However, the post did not mention anything about providing a refund to victims who paid the 0.1 bitcoin (equal to $22.88 at the time this was posted and about $24 last week) required for the decryption keys since last week.
KnowBe4 CEO Stu Sjouwerman says the files released do not appear to be malicious after brief analysis, and that "it does contain a large quantity of RSA keys and Bitcoin addresses." But he warned those interested to only open these files "at your own risk until further analyses are performed." Sjouwerman speculated that the malware creator may have been spooked by attention from law enforcement or Eastern European organized crime syndicates that are behind most ransomware campaigns.
colinneagle writes: A small team of engineers and artists that make up Next Thing Co. launched a Kickstarter campaign today for Chip, their $9 single-board computer that boasts Wi-Fi, Bluetooth, and a larger processor than Raspberry Pi's most powerful models.
The tiny device runs a 1 GHz R8 ARM processor, and comes with 512MB of RAM and 4GB of storage. In comparison, the Raspberry Pi B and B+ models feature a 900 MHz quad-core ARM Cortex 7 processor. The Chip comes with a built-in composite output to connect to monitors and supports adapters for VGA or HDMI. It runs Debian Linux and comes preloaded with the Scratch programming language for those who might be new to coding.
Most noteworthy, though, is the Pocket Chip – a small device with a crude-looking screen and hard-key keyboard that plugs into the Chip and makes for portable computing. It may not be an iPhone killer, but it's an impressively inexpensive mobile form factor.
colinneagle writes: A report from maritime cybersecurity firm CyberKeel claims that spot spot checks at 50 different maritime sites revealed that 37% of the servers running Microsoft were still vulnerable because they had not been patched.
But what's most interesting is what happens when hackers can breach security in shipping environments, including one case in which "drug gangs were able to smuggle entire container loads of cocaine through Antwerp, one of Belgium's largest ports, after its hackers breached the port's IT network," said Rear Adm. Marshall Lytle, assistant commandant responsible for USCG Cyber Command.
colinneagle writes: The RSA Conference is usually full of theoretical hacks, but one that was disclosed this week seems like a godsend to Apple haters.
Researchers Yair Amit and Adi Sharabani, who both work for the mobile security firm Skycure, disclosed a new iOS hack which can cause targeted iPhones or iPads to enter a perpetual reboot loop, effectively rendering the devices all but useless. The researchers noted that the security flaw exists in iOS 8 and can be triggered via manipulated SSL certificates sent to a device over a Wi-Fi network. What's more, a previous iOS bug disclosed by Skycure, dubbed WiFiGate, enables attackers to create their own Wi-Fi network and "force external devices to automatically connect to it." Taken together, attackers can effectively create what is referred to as a "No iOS Zone."
The research firm adds that even when a victim knows that an errant Wi-Fi connection is wreaking havoc on their device, they can't exit out of the reboot loop to even turn it off. A video demonstration of what the hack looks like on an affected device is available at Network World.
colinneagle writes: A 14-year-old middle school student in Holiday, Florida, was arrested this week and charged with "an offense against a computer system and unauthorized access," which is a felony. The student reportedly used an administrator password to log into a teacher's computer and change the background image to a photo of two men kissing.
The student also revealed his secrets after he was caught – the password was the teacher's last name, and the teacher had typed it in in full view of the students. The student said many other students used these administrators' passwords (their teachers' last names) so they can screen-share and video chat with other students.
The student was briefly held in a nearby detention center, and the county Sheriff warned that other teenagers caught doing the same thing will "face the same consequences."
colinneagle writes: A few weeks back, it was rumored that web content giants Microsoft, Google, and Amazon might sue the maker of Adblock Plus, the Firefox/Chrome plugin that blocks ad content on web pages. Instead, they are bribing the company.
According to a new report from the Financial Times (registration required), Microsoft, Google, Amazon and content delivery provider Taboola have been quietly paying Eyeo, the German company that developed Adblock Plus, to let their links slip through Adblock Plus's filters.
Eyeo has what it calls "acceptable ads," which can be whitelisted and bypass its program filters. This tends to be for smaller companies with "non-intrusive" ads, according to Eyeo's site. Microsoft and the other companies are hardly small, and people often want to block them. In fact, this is not new. Taboola, which counts MailOnline, Business Insider, and NBC News as customers, was added to the Adblock Plus whitelist last November to serve ads in the form of "sponsored content" at the bottom of news articles.
colinneagle writes: Blogger Andy Patrizio writes about the new web browser Vivaldi from the former CEO of Opera Software Jon Stephenson von Tetzchner:
But it also has some nice new features, such as thumbnails of the websites you have open and stacking tabs at the top. This way, instead of a whole bunch of tabs across the top, you can group related ones, much like the way you can make folders on an iPhone by dropping one app on top of another. You can also pull down the menu bar and, instead of tabs, the whole site is rendered in a small box at the top, so you can see the site, not just its name. The new browser also comes packed with a "Notes" feature that allows users to mark down notes about a site. So you can leave a note to yourself about why you came to a particular site in the first place, or something you want to remember about it. There's also a "speed dial" feature that allows users to quickly access sites from one place, and you can make multiple speed dials for different groups of sites."
The article includes a chart showing benchmarks comparing Vivaldi to Chrome and IE.