Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Microsoft

Microsoft: Windows 7 Does Not Meet the Demands of Modern Technology; Recommends Windows 10 (neowin.net) 436

In a blog post, Microsoft says that continued usage of Windows 7 increases maintenance and operating costs for businesses. Furthermore, time is needlessly wasted on combating malware attacks that could have been avoided by upgrading to Windows 10. A report on Neowin adds: Microsoft also says that many hardware manufacturers do not provide drivers for Windows 7 any longer, and many developers and companies refrain from releasing programs on the outdated operating system. Markus Nitschke, Head of Windows at Microsoft Germany, had the following to say about Windows 7: "Today, it [Windows 7] does not meet the requirements of modern technology, nor the high security requirements of IT departments. As early as in Windows XP, we saw that companies should take early steps to avoid future risks or costs. With Windows 10, we offer our customers the highest level of security and functionality at the cutting edge.
Google

Google Reveals Its Servers All Contain Custom Security Silicon (theregister.co.uk) 109

Google has published an Infrastructure Security Design Overview that explains how it secures the cloud it uses for its own operations and for public cloud services. From a report on The Register: The document outlines six layers of security and reveals some interesting factoids about the Alphabet subsidiary's operations, none more so than the disclosure that: "We also design custom chips, including a hardware security chip that is currently being deployed on both servers and peripherals. These chips allow us to securely identify and authenticate legitimate Google devices at the hardware level." That silicon works alongside cryptographic signatures employed "over low-level components like the BIOS, bootloader, kernel, and base operating system image." "These signatures can be validated during each boot or update," the document says, adding that "the components are all Google-controlled, built, and hardened. With each new generation of hardware we strive to continually improve security: for example, depending on the generation of server design, we root the trust of the boot chain in either a lockable firmware chip, a microcontroller running Google-written security code, or the above mentioned Google-designed security chip."

Submission + - Hackers Lovin' It As McDonald's Site Vulnerable To Phishing Attack

Mickeycaskill writes: McDonalds’ main website is putting customer data including names, addresses, contact details and passwords at risk as a flaw is leaving it vulnerable to phishing attacks, according to Dutch software engineer Tijme Gommers.

A reflected server cross-site-scripting vulnerability means it is possible for hackers to steal and decrypt the passwords and personal information of users who sign up for the McDonald’s newsletter.

Gommers says he tried to contact McDonald’s several times, but decided to ignore the customary 30-day grace period and disclose the vulnerability after failing to receive a reply from the company.
China

China Orders App Stores To Join Register (bbc.com) 22

China's internet regulator has ordered mobile app stores to register themselves with it immediately. The Cyberspace Administration of China (CAC) said the move would help "promote the healthy and orderly development of the mobile internet." From a report on BBC: Most smartphones in the country run Android, but Google does not operate its Play Store locally, meaning users go elsewhere to add software. A report last year linked this to the spread of malware. Cheetah Mobile Security -- a Beijing-based firm -- reported that more than 1.4 million Chinese users' mobile devices had been struck by infections as of January 2016, making it the worst afflicted nation. India and Indonesia were in second and third place. This follows previous efforts to censor what appears online, including a recent demand that Apple remove the New York Times from the Chinese version of its iOS App Store. The US newspaper was the first to report the watchdog's move outside of China itself. Because of the Play store's absence, Android users in China typically go to stores operated by local tech giants including Tencent, Xiaomi, Baidu and Huawei.
AI

Microsoft CEO Satya Nadella Warns Against 'Hubris' Amid AI Growth (bloomberg.com) 126

Microsoft and its competitors should eschew artificial intelligence systems that replace people instead of maximizing their time, CEO Satya Nadella said in an interview on Monday. From the report: "The fundamental need of every person is to be able to use their time more effectively, not to say, 'let us replace you'," Nadella said in an interview at the DLD conference in Munich. "This year and the next will be the key to democratizing AI. The most exciting thing to me is not just our own promise of AI as exhibited by these products, but to take that capability and put it in the hands of every developer and every organization. [...] There's a thin line between hubris and confidence," Nadella said. "Always there is risk of hubris coming back, missing trends. The only long-term indicator of success is, âhow good is your internal culture?'" "What I've learned if anything in three years as CEO is, it's not about celebrating one product," he said. "That, to me, is the sign of a company that's built to last. In tech it's even more harsh."

Submission + - Ask Slashdot: Distributed file sharing 1

DeathToBill writes: I'm a software engineer, and so also the guy who knows stuff about IT, in a company with five employees. All five are based in different cities on two continents. So far, we've used Dropbox for file sharing. The main drawbacks are the cost (£108 per year per user) for still-limited storage space, not-terribly-good collaborative editing, limited version history and very coarse permissions (top-level folder controls only). I'm looking into other solutions, but am finding it difficult to get a feel for how well different solutions actually work. We really like Google Docs' collaborative editing, but we'd like to still be able to use MS Office as users are familiar with it. As well as documents, spreadsheets and presentations, we also need to be able to share engineering outputs such as CAD drawings, schematics, PCB layouts and so on. Most of our work happens on Windows, but a couple of us (mostly me) switch back and forward to Ubuntu for some jobs, so a Linux client would be very useful (even if Office documents aren't editable there). We need some sort of permission control, preferably reasonably find-grained but easy enough for non-technical people to set permissions. At the moment we're getting by with a few GB, but that's becoming a struggle. Most of our users are usually connected, but offline access is occasionally important. We're currently using hosted services, but are happy to host our own if it makes it better or cheaper. What does Slashdot recommend? Is there something great out there that solves all of these?
SuSE

Windows 10 Gets A New Linux: openSUSE (fossbytes.com) 183

An anonymous reader writes: "Running Linux binaries natively on Windows... that sounds awesome indeed," writes Hannes Kuhnemund, the senior product manager for SUSE Linux Enterprise. He's written a blog post describing how to run openSUSE Leap 42.2 and SUSE Linux Enterprise Server 12 SP2 on Windows 10, according to Fossbytes, which reports that currently users have two options -- openSUSE Leap 42.2 and SUSE Linux Enterprise Server 12 SP2. Currently it's Ubuntu that's enabled by default in the Windows Subsystem for Linux, although there's already a project on GitHub that also lets you install Arch Linux. "It's quite unfortunate that Microsoft enabled the wrong Linux (that's my personal opinion) by default within the Windows Subsystem for Linux (WSL)," writes Kuhnemund, "and it is time to change it to the real stuff.
Power

Researchers Create A Lithium-Ion Battery With Built-In Flame Retardant (engadget.com) 62

An anonymous reader quotes Engadget: One big problem with lithium-ion batteries is that they have the tendency to catch fire and blow up all kinds of gadgets like toys and phones. To solve that issue, a group of researchers from Stanford University created lithium-ion batteries with built-in fire extinguishers. They added a component called "triphenyl phosphate" to the plastic fibers of the part that keeps negative and positive electrodes separate. Triphenyl phosphate is a compound commonly used as a flame retardant for various electronics. If the battery's temperature reaches 150 degrees Celsius, the plastic fibers melt and release the chemical. Based on the researchers' tests, the method can stop batteries from burning up within 0.4 seconds.
Microsoft

Microsoft's Security Bulletins Will End In February (computerworld.com) 34

Remember how Microsoft switched to cumulative updates? Now Computerworld points out that that's bringing another change. An anonymous reader quotes their report: Microsoft next month will stop issuing detailed security bulletins, which for nearly 20 years have provided individual users and IT professionals information about vulnerabilities and their patches... A searchable database of support documents will replace the bulletins; that database has been available, albeit in preview, since November on the portal Microsoft dubbed the "Security Updates Guide," or SUG. The documents stored in the database are specific to a vulnerability on an edition of Windows, or a version of another Microsoft product. They can be sorted and filtered by the affected software, the patch's release date, its CVE identifier, and the numerical label of the KB, or "knowledge base" support document.
Redmond Magazine reports that Microsoft still plans to continue to issue its security advisories, and to issue "out-of-band" security update releases as necessary.
Ubuntu

Windows 10 Upgrade Bug Disabled Cntrl-C In Bash (infoworld.com) 273

An anonymous reader quotes InfoWorld: A massive set of changes to the Windows Subsystem for Linux (WSL) was rolled into Windows Insider build 15002... If this is any hint, Microsoft's goal is nothing short of making it a credible alternative to other Linux distributions... Some of the fixes also implement functionality that wasn't available before to Linux apps in WSL, such as support for kernel memory overcommit and previously omitted network stack options. Other changes enhance integration between WSL and the rest of Windows...

[O]ne major issue in build 15002 is that Ctrl-C in a Bash session no longer works. Microsoft provided an uncommon level of detail for how this bug crept in, saying it had to do with synchronization between the Windows and Bash development teams. The next Insider build should have a fix. But for people doing serious work with Linux command-line apps, not having Ctrl-C is a little like driving a car when only the front brakes work.

Programming

Meet Lux, A New Lisp-like Language (javaworld.com) 184

Drawing on Haskell, Clojure, and ML, the new Lux language first targeted the Java Virtual Machine, but will be a universal, cross-platform language. An anonymous reader quotes JavaWorld: Currently in an 0.5 beta release, Lux claims that while it implements features common to Lisp-like languages, such as macros, they're more flexible and powerful in Lux... [W]hereas Clojure is dynamically typed, as many Lisp-like languages have been, Lux is statically typed to reduce bugs and enhance performance. Lux also lets programmers create new types programmatically, which provides some of the flexibility found in dynamically typed languages. The functional language Haskell has type classes, but Lux is intended to be less constraining. Getting around any constraints can be done natively to the language, not via hacks in the type system.
There's a a 16-chapter book about the language on GitHub.
Privacy

Hackers Corrupt Data For Cloud-Based Medical Marijuana System (bostonglobe.com) 139

Long-time Slashdot reader t0qer writes: I'm the IT director at a medical marijuana dispensary. Last week the point of sales system we were using was hacked... What scares me about this breach is, I have about 30,000 patients in my database alone. If this company has 1,000 more customers like me, even half of that is still 15 million people on a list of people that "Smoke pot"...
" No patient, consumer, or client data was ever extracted or viewed," the company's data directory has said. "The forensic analysis proves that. The data was encrypted -- so it couldn't have been viewed -- and it was never extracted, so nobody has it and could attempt decryption." They're saying it was a "targeted" attack meant to corrupt the data rather than retrieve it, and they're "reconstructing historical data" from backups, though their web site adds that their backup sites were also targeted.

"In response to this attack, all client sites have been migrated to a new, more secure environment," the company's CEO announced on YouTube Saturday, adding that "Keeping our client's data secure has always been our top priority." Last week one industry publication had reported that the outage "has sent 1,000 marijuana retailers in 23 states scrambling to handle everything from sales and inventory management to regulatory compliance issues."
Open Source

Will The Death of the PC Bring 'An End To Openness'? (infoworld.com) 477

Slashdot reader snydeq shared "11 Predictions For the Future of Programming" by InfoWorld's contributing editor -- and one prediction was particularly dire: The passing of the PC isn't only the slow death of a particular form factor. It;s the dying of a particularly open and welcoming marketplace... Consoles are tightly locked down. No one gets into that marketplace without an investment of capital. The app stores are a bit more open, but they're still walled gardens that limit what we can do. Sure, they are still open to programmers who jump through the right hoops but anyone who makes a false move can be tossed...

For now, most of the people reading this probably have a decent desktop that can compile and run code, but that's slowly changing. Fewer people have the opportunity to write code and share it. For all of the talk about the need to teach the next generation to program, there are fewer practical vectors for open code to be distributed.

Debian

Debian 8.7 Released (debian.org) 118

Debian 8.7 has been released. An anonymous reader quotes Debian.org: This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems. Security advisories were already published separately and are referenced where available. Please note that this update does not constitute a new version of Debian 8 but only updates some of the packages included.

There is no need to throw away old "jessie" CDs or DVDs but only to update via an up-to-date Debian mirror after an installation, to cause any out of date packages to be updated. Those who frequently install updates from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update.

86 packages have been updated -- including some fixes for systemd. ("Rework logic to determine when we decide to add automatic deps for mounts; various ordering fixes for ifupdown; systemctl: Fix argument handling when invoked as shutdown...")
Space

SpaceX Returns To Flight, And Nails Another Drone Landing (cnn.com) 128

Applehu Akbar writes: SpaceX successfully launched a 10-satellite Iridium NEXT package, and then landed on a drone ship — this time from Vandenburg AFB in California. The launch had been delayed several days by this week's record rainfall and flooding.
CNN has video of the launch, and points out its obvious significance. "Because rockets are worth tens of millions of dollars, and they have historically been discarded after launch, mastering the landing is key to making space travel more affordable... Saturday's launch marks the seventh time SpaceX has successfully landed a rocket."

Slashdot Top Deals

The nation that controls magnetism controls the universe. -- Chester Gould/Dick Tracy

Working...