Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - ForgeRock Seem to be Distancing Themselves from Open Source (forgerock.org) 1

Guy Paddock writes: As recently reported on Hacker News, ForgeRock — the company who develops OpenAM, OpenDJ, and OpenIDM — has cut off public access to the latest CDDL code for their projects.

Based on revision history, ForgeRock quietly updated "How to Build" pages in Confluence on November 14th, 2016 to point to different, "public" repositories that only have source code from the last major version of each of their products. Then, in the early morning of November 29th, ForgeRock sealed off both source code and pull request access to all of the original repositories. Only the repositories containing the older, major release code are now available for public consumption.

The open source community is now left to speculate what role, if any, they will play in helping to shape the future of ForgeRock products. This may also have repercussions for small-shop deployments who rely on the open source edition for bug fixes and security updates.

To date, the company has made no formal press release or public statement about their plans, but rumblings in user forums have prompted Aaron Kozak, the Digital Marketing Coordinator for ForgeRock, to weight in.

Mr. Kozak responded to users' concerns by stating, "We apologise for any inconvenience our recent changes may have caused. We are preparing for the next major release of the ForgeRock Identity Platform and as part of this process, we are no longer providing public access to our nightly builds and source code for the upcoming platform release. Open source downloads are still available via https://backstage.forgerock.co...."

When asked whether access to the latest code (the "trunk") would be restored after the upcoming releases, Kozak did not speculate, and offered only a statement that, "I’m sure that more details will be made available with the new release in the near future, but unfortunately I do not have any more information at this time."

Submission + - Virginia spent over half a million on cell surveillance that mostly doesn't work (muckrock.com)

v3rgEz writes: In 2014, the Virginia State Police spent $585,265 on a specially modified Suburban outfitted with the latest and greatest in cell phone surveillance: The DRT 1183C, affectionately known as the DRTbox. But according to logs uncovered by public records website MuckRock, the pricey ride was only used 12 times — and only worked 7 of those times. Read the full DRTbox documents at MuckRock.

Submission + - An Emacs Lisp JIT Compiler Released (github.com)

kruhft writes: An Emacs Lisp JIT compiler has been released showing a 25% speedup improvement with the benchmarked raytracer. Using libjit, it 'compiles down the spine' of the bytecode vectors, moving the overhead of the interpreter loop into the hardware execution unit. Work in progress, but a good start on speeding up emacs overall. Thoughts?

Submission + - Chrome 55 Now Blocks Flash, Uses HTML5 by Default (bleepingcomputer.com)

An anonymous reader writes: Chrome 55, released earlier this week, now blocks all Adobe Flash content by default, according to a plan set in motion by Google engineers earlier this year, in May. While some of the initial implementation details of the "HTML5 By Default" plan changed since then, Flash has been phased out in favor of HTML5 as the primary technology for playing multimedia content in Chrome.

Google's plan is to turn off Flash and use HTML5 for all sites. Where HTML5 isn't supported, Chrome will prompt users and ask them if they want to run Flash to view multimedia content. The user's option would be remembered for subsequent visits, but to avoid overprompting, Chrome 55 will use a system called Site Engagement (chrome://site-engagement).

Submission + - Create a manual or automatic Apple Mail backup folder with Mail Backup X for Mac (blogspot.com)

Applemailarchiver writes: Create a manual or automatic Apple Mail backup folder with the easy-to-use Mail Backup X for Mac
If you are a Mac user with an Apple Mail account, securing your emails has just gotten easier than ever before. The Mail Backup X is a new tool designed to recover, backup, view and archive Apple Mail emails. It features a free trial version that you can use to test this app. The Mail Backup X is able to back up and archive emails from different email applications as long as they support IMAP email protocols. Some of the mail clients that support these protocols apart from Apple Mail include Office 365 for Mac, Postbox, Thunderbird, Gmail, Yahoo and Outlook Windows, among others. This tool also supports the secure backup of all Apple Mail emails in a USB device. All you have to do is set-up the USB device for backup the first time. In all your USB future backups, the Mail Backup X will be able to automatically detect this Apple Mail backup folder and start an automatic backup of your Apple Mail emails.

Submission + - Firefox Zero-Day Can Be Used To Unmask Tor Browser Users (computerworld.com)

An anonymous reader writes: A Firefox zero-day being used in the wild to target Tor users is using code that is nearly identical to what the FBI used in 2013 to unmask Tor-users. A Tor browser user notified the Tor mailing list of the newly discovered exploit, posting the exploit code to the mailing list via a Sigaint darknet email address. A short time later, Roger Dingledine, co-founder of the Tor Project Team, confirmed that the Firefox team had been notified, had “found the bug” and were “working on a patch.” On Monday, Mozilla released a security update to close off a different critical vulnerability in Firefox. Dan Guido, CEO of TrailofBits, noted on Twitter, that “it’s a garden variety use-after-free, not a heap overflow” and it’s “not an advanced exploit.” He added that the vulnerability is also present on the Mac OS, “but the exploit does not include support for targeting any operating system but Windows.” Security researcher Joshua Yabut told Ars Technica that the exploit code is “100% effective for remote code execution on Windows systems.” “The shellcode used is almost exactly the shellcode of the 2013 one,” tweeted a security researcher going by TheWack0lian. He added, “When I first noticed the old shellcode was so similar, I had to double-check the dates to make sure I wasn't looking at a 3-year-old post.” He’s referring to the 2013 payload used by the FBI to deanonymize Tor-users visiting a child porn site. The attack allowed the FBI to tag Tor browser users who believed they were anonymous while visiting a “hidden” child porn site on Freedom Hosting; the exploit code forced the browser to send information such as MAC address, hostname and IP address to a third-party server with a public IP address; the feds could use that data to obtain users’ identities via their ISPs.

Submission + - What's the best Linux Laptop?

sconeu writes: This came up in the "Which laptop could replace a Macbook Pro?" story. It was rightfully marked off-topic there, but I thought it might make an interesting discussion.

I'm currently looking into replacing my 10 year old Toshiba Satellite with a newer laptop. I'm looking to run some flavor of Linux (probably KDE based UI, but not mandatory) while using a VM to run Win 7 (for stuff needed for work).

For me, personally, battery life and weight are more important than raw power. I'm not going to be running games on this.

I've been considering an XPS 13 Developer Edition, or something from System76, ZaReason or Emperor Linux.

What laptop do you use? Do you have any suggestions?

Submission + - Google successfully uses machine learning to detect diabetic retinopathy (betanews.com)

BrianFagioli writes: Diabetic eye disease is caused by retinopathy. Affected diabetics can have small tears inside the eye, causing bleeding. Over time, they can lose vision, and ultimately, they can go blind. Luckily, Google has been trying to use machine learning to detect diabetic retinopathy. Guess what? The search giant has seen much success. Not only are the computers able to detect the disease at the same level as ophthalmologists, but Google is actually slightly better!

Submission + - Neutralize ME firmware on SandyBridge and IvyBridge platforms (hardenedlinux.org)

An anonymous reader writes: 'First introduced in Intel’s 965 Express Chipset Family, the Intel Management Engine (ME) is a separate computing environment physically located in the (G)MCH chip (for Core 2 family CPUs which is separate from the northbridge), or PCH chip replacing ICH(for Core i3/i5/i7 which is integrated with northbridge).'

Submission + - Morgan Stanley: Pixel Phone Will Generate Google Almost $4 Billion Next Year (9to5google.com)

An anonymous reader writes: With initial Pixel pre-orders exceeding expectations and promising activation numbers from Verizon, Google is on track to sell three million phones with revenues of $2 billion in 2016. The Morgan Stanley estimate comes as the Pixel reportedly captured 10% of the premium smartphone market in India. Unsurprisingly, the 128GB Pixel XL has the largest gross profit margin at 25%, while the cheapest 32GB Pixel is at 22%. Morgan Stanley also estimates that, compared to the iPhone, the Pixel will be half as profitable. Morgan Stanley expects Google to sell 5-6 million Pixel and Pixel XL devices in 2017 to the tune of $3.8 billion in revenue. Google is also expected to make money from increased usage of services like Android Pay and mobile search. Google’s big gains were possibly due in part to Samsung’s Note 7 debacle, with the company’s marketshare falling to 23%. Apple captured the number one position at 66%. Additionally, Google benefitted from running a number of promotions, including cashback and exchange programs. The company also heavily advertised in newspapers, with billboards, and for the first time displays in large retail stores.

Submission + - SQL Server on Linux (microsoft.com)

mj1ab writes: Earlier in the year Microsoft announced that the next version of SQL Server would run on Linux. The first CTP (Community Technology Preview) of SQL Server v.Next is now available: SQL Server v.Next—SQL Server on Linux. It seems to work as expected on a 64-bit Ubuntu 16.04 VM, but SQL Server Management Studio reports the OS as NT 6.2 (Windows Server 2012) and the data paths as C:\var\opt\mssql\data\. I guess it has a long way to go before the final release.

Submission + - China passes law requiring full access to customer data (deepdotweb.com) 1

AnonymousCube writes: As if there wasn't enough reason to want tech companies to stay out of China, the Chinese government has passed a new cybersecurity law requiring companies to give them full access to customer information.

Companies are also required to give government investigators complete access to their data if there is suspected wrong-doing, and Internet operators must cooperate in any national security or crime-related investigation.

Note that China has an extremely flexible definition of "national security".
Additionally computer equipment will need to undergo mandatory certification, that could involve giving up source code, encryption keys, or even proprietary intellectual data, as Microsoft has been doing for some time.

Slashdot Top Deals

Doubt isn't the opposite of faith; it is an element of faith. - Paul Tillich, German theologian and historian

Working...