OpenIndiana Hipster 2015.10: Keeping an Open-Source Solaris Going 95

An anonymous reader writes: It's been five years since Oracle killed off OpenSolaris while the community of developers are letting it live on with the new OpenIndiana "Hipster" 15.10 release. OpenIndiana 15.10 improves its Python-based text installer as it looks to drop its GUI installer, switches out the Oracle JDK/JRE for OpenJDK, and updates its vast package set. However, there are still a number of outdated packages on the system like Firefox 24 and X.Org Server 1.14 while the default office suite is a broken OpenOffice build, due to various obstacles in maintaining open-source software support for Solaris while being challenged by limited contributors. Download links are available via the OpenIndiana.org release notes. There's also a page for getting involved if wishing to improve the state of open-source Solaris.

Office 2016 Proving Unstable With Apple's El Capitan 133

An anonymous reader writes: Users of Microsoft Office on the Mac are reporting widespread instabilities and conflicts after upgrading to the latest version of the Apple desktop operating system, El Capitan. The first indications that El Capitan and Office 2016 were not working well together came in a now epic thread at Microsoft Community. Many users have surmised that new restrictions in file permissions in El Capitan caused the problems initially, though nearly all agree that Office's Outlook email client is the critical point of failure in the current round of application crashes and loss of functionality.

Motorola Marketed the Moto E 2015 On Promise of Updates, Stops After 219 Days 119

An anonymous reader writes: Over the past few years, Motorola has emerged as one of the best manufacturers for low-to-mid-range Android phones. Unlike many other major manufacturers, they keep their version of Android close to stock in order to keep OS updates flowing more easily. When they began marketing the Moto E 2015, updates were one of the features they trumpeted the loudest. But after the company published a list of devices that will continue to get updates, Android Police found the Moto E to be conspicuously absent. The phone launched on February 25, a mere 219 days ago. According to an official Motorola marketing video from launch day, "...we won't forget about you, and we'll make sure your Moto E stays up to date after you buy it."

Stagefright 2.0 Vulnerabilities Affect 1 Billion Android Devices 123

msm1267 writes: Security researcher Joshua Drake today disclosed two more flaws in Stagefright, one that dates back to the first version of Android, and a second dependent vulnerability that was introduced in Android 5.0. The bugs affect more than one billion Android devices, essentially all of them in circulation. One of the vulnerabilities was found in a core Android library called libutils; it has been in the Android OS since it was first released and before there were even Android mobile devices. The second vulnerability was introduced into libstagefright in Android 5.0; it calls into libutils in a vulnerable way. An attacker would use a specially crafted MP3 or MP4 file in this case to exploit the vulnerabilities. Google has released patches into the Android Open Source Project tree, but public patches are not yet available.

Reports: Telstra Customers Suffering Crippling Speeds To Any Apple Service 50

An anonymous reader writes: It appears a large number of customers of Telstra (one of Australia's largest telcos) have been suffering crippling speeds while attempting to connect to any Apple Service for the better part of four days. Reports indicate this is affecting Apple Music, Apple App Stores (on both iOS and OSX) and are stopping many Telstra customers from getting access to app updates and the much anticipated El Capitan release of OS X. Mobile phone customers as well as home broadband customers seem to be affected at this stage with a large number of posts both on Twitter and the Whirlpool Broadband Forum. It appears one Twitter user has also fully summarised all the issues in a single post including many of the Twitter posts as well.

New Attack Bypasses Mac OS X Gatekeeper 66

msm1267 writes: Mac OS X's Gatekeeper security service is supposed to protect Apple computers from executing code that's not signed by Apple or downloaded from its App Store. A researcher, however, has built an exploit that uses a signed binary to execute malicious code. Patrick Wardle, a longtime Apple hacker, said Gatekeeper performs only an initial check on an application to determine whether it came from an untrusted source and should not be executed. Using a signed binary that passes the initial check and then loads a malicious library or app from the same or relative directory, however, will get an advanced attacker onto an OS X machine. Wardle disclosed his research and proof of concept to Apple, which said it is working on a patch, and may push out a short-term mitigation in the meantime.

Google Shows Off 2 New Nexus Phones, a New Pixel, and More 208

Two of the products officially unveiled at Google's much-anticipated (at least much-hyped) release announcement were widely and correctly predicted: a pair of new Nexus phones. The flagship is the all-metal Huawei 6P, with a 5.7" AMOLED display (2,560x1,440), 3GB of RAM, and a Snapdragon 810 chip. The Huawei overshadows the nonetheless respectable second offering, the LG-made Nexus 5X, which makes concessions in the form of less RAM (2GB instead of the 6P's 3), smaller battery (2700mAh, instead of 3450) and a lesser Snapdragon chip inside (808, rather than 810). Both phones, though, come with USB-C and with a big upgrade for a line of phones not generally praised for its cameras: a large-pixel 12.3-megapixel Sony camera sensor. Much less predicted: Google announced a new bearer for the Pixel name, after its line of high-end Chromebooks; today's entrant is a tablet, not running Chrome, and it's running Android rather than Chrome OS. The Pixel C tablet will debut sometime later this year; google touts it as "the first Android tablet built end-to-end by Google." Also on the agenda today, news that Android 6 will start hitting Nexus devices next week.

Ask Slashdot: Make Windows Update Install Only Security Updates Automatically? 288

An anonymous reader writes: After the news earlier this month about Microsoft forcing the Windows 10 upgrade on people who don't want it, my sizeable extended family has been coming to me for a solution. They don't want to be guinea pigs this early in the Windows 10 release cycle, but it looks like Microsoft may not be giving them a choice. My reading of Woody Leonhard's advice is that the only way to ensure the upgrade doesn't happen is to disable Windows Update, but that seems extreme. I want my family to install security updates, but I don't relish the idea of explaining to them how to install just those and hide the less-desireable updates.

The ideal solution would be to have only security updates install automatically, but it looks like it's easier said than done. I've looked at third-party tools like Autopatcher and Portable Update, but a security-only option doesn't seem to be very standard. From what I've read, Microsoft doesn't even package security updates separately, sometimes mixing merely Important and Recommended updates in the downloaded CAB file. I wish I could get them off Windows, but it's not an option. They use Windows at work or school, and don't want to go through the process of learning another OS. Maybe the current situation with Windows 10 will convince them eventually, but they need something now. I would really like to come up with a solution before the next Patch Tuesday on October 13. Do any of the more knowledgeable Slashdotters out there have any advice?

How To Clean the Cruft Left By a Windows 10 Upgrade 204

MojoKid writes: Microsoft may have given you a free Windows 10 upgrade but it's not without some left over file clutter that some folks don't realize is left on a system after migration. It's not rocket science but there are a few key strategies to tidy up the file bloat an OS migration can sometimes leave behind and to further optimize an upgraded Windows 10 installation. The ability to roll back to your Windows 7 or 8.1 installation within 30 days is a very easily overlooked feature of the Windows 10 upgrade process. The feature is a lifesaver if you encounter issues, such as missing or incompatible drivers, and need to quickly recover without starting from scratch. This ability doesn't come without consequences, though. In order to offer this feature, Windows 10 is essentially keeping another completely separate Windows installation on your PC. This will need to go, once you've determined that you are sticking with Windows 10 and everything seems happy enough. These files are scattered throughout your system and include a number of hidden directories, with the bulk of them located in Windows.old and the hidden $Windows.~BT and $Windows.~WS directories.

FTC Begins Investigating Google For Antitrust Violations Over "Home Screen Advantage" 151

The New York Times reports that the regulators of the Federal Trade Commission have a new target at Google: Android. Specifically, according to "two people involved in the [preliminary] inquiry," the FTC is looking askance at how Google treats its other software products and services (like Maps) in relation to the mobile OS. While Android itself can be bundled on phones, tablets, and other devices without charge, Google insists on a trade-off when it comes to its own services, like its app store, Google Play: to include access to those services, without which a typical Android device is far less valuable, hardware manufacturers must also include Google's designated apps (Gmail, Google Maps, and the Google search engine interface). Says the article: In recent months, a number of mobile application makers have complained to the Justice Department that this requirement — the “home-screen advantage” — makes it all but impossible for them to compete in a world where people are spending less time on desktop computers and more time on mobile phones. ... Since then, the F.T.C. has worked out an agreement with the Justice Department to investigate the claims, the people involved in the inquiry said.

Ask Slashdot: Recommendations For a Reliable Linux Laptop? 236

An anonymous reader writes: I will be looking for a new laptop soon and I'm mostly interested in high reliability and Linux friendliness. I have been using an MSI laptop (with Windows 7) for the last five years as my main workhorse and did not have a single, even minor problem with the hardware nor the OS. It turned out to be a slam-dunk, although I didn't do any particular research before buying it, so I was just lucky. I would like to be more careful this time around, so this is a hardware question: What laptop do you recommend for high reliability with Linux? I will also appreciate any advice on what to avoid and any unfortunate horror stories; I guess we can all learn from those. Anti-recommendations are probably just as valuable, a lesson I learned when an HP laptop I bought (low-end, I admit) turned out to be notoriously fickle when it comes to Linux support. Since our anonymous submitter doesn't specify his budget, it would be good if you specify the price for any specific laptops you recommend.

Ask Slashdot: What To Do About Android Malware? 191

An anonymous reader writes: What's your approach to detecting and dealing with Android malware? I have a fairly new, fairly fancy phone running Android Lollipop, the recently degraded performance of which leads me to believe that it's infected with malware. That, and a friend who noticed a lot of strange activity coming from my phone's IP — sorry, I don't have the logs, but he pointed out that there were pings coming from my phone to a lot of sketchy addresses — which pretty much seals the deal. There have been lots of stories lately about Android malware that remind me of the old saw about weather: everyone talks about it, but no one does anything about it. However, that can't be completely true, and before I reach a phone crisis, I'd like to get some sane, sage advice about diagnosing malware, and disposing of it, or at least mitigating its damage. When it comes to diagnosing, I don't know what software to trust. I've heard positive things from friends (and seen both positive reviews and terrible negative ones, raising even more meta questions about trust) about Malwarebytes, so I installed their mobile version. This dutifully scans my system, and reports no errors and malware. Which doesn't mean there isn't any, though I'd be happy to find out that I'm just being paranoid. The OS is stock (Motorola Nexus 6) and kept up to date. I have only very conventional apps, all downloaded from Google's Play store, and believe it or not I don't visit any dodgy websites on my phone, at least not intentionally. So: what's the most reliable way to get an accurate view of whether I am dealing with malware at all, and hopefully to eradicate it? Good malware hides well, I know, but is there any tool on the side of the righteous that is currently best at rooting it out? If I find a specific form of malware on my phone, how can I remove it?
Linux Business

Thanks To Valve, More Than 1,500 Games Are Now On Linux 281

An anonymous reader writes: The Steam Store crossed the threshold this morning of having 1,500 games natively available for Linux. Timberman, a 0.99$ video game was the 1,500th title, but while there are a lot of indie games available for Linux, in the past three years have been a number of high profile AAA Linux games too. What games (old or new, free or paid) would you like to see available for Linux systems?

Ask Slashdot: How Do You Organize Your Virtual Desktops? 125

hyphenistic writes: As a programmer I find myself switching between multiple projects on a daily basis. Virtual desktops have been a big help in grouping my related programs together. I try to have a virtual desktop open for each project I'm working on. Although I've used Linux in the past my currently preferred desktop OS is Windows 10. For the most part I have found the new virtual desktops to be easy to use. My primary issue (regardless of OS) is that I really don't want my virtual desktops to interact with each other. In the past I have accomplished this with a separate login for each project but that brings the hassle of managing multiple sets of OS and application preferences. Can someone suggest a better method for organizing my virtual desktops?

Microsoft Has Built a Linux Distro 282

jbernardo writes: Microsoft has built a Linux distro, and is using it for their Azure data centers. From their blog post: "It is a cross-platform modular operating system for data center networking built on Linux." Apparently, the existing SDN (Software Defined Network) implementations didn't fit Microsoft's plans for the ACS (Azure Cloud Switch), so they decided to roll their own infrastructure. No explanation why they settled on Linux, though — could it be that there is no Windows variant that would fit the bill? In other news, Lucifer has been heard complaining of the sudden cold.

Bug In iOS, OS X Allows AirDrop To Write Files Anywhere On File System 94

Trailrunner7 writes: There is a major vulnerability in a library in iOS and OS X that allows an attacker to overwrite arbitrary files on a target device and, when used in conjunction with other techniques, install a signed app that the device will trust without prompting the user with a warning dialog. Mark Dowd, the security researcher who discovered it, said he's been able to exploit the flaw over AirDrop, the feature in OS X and iOS that enables users to send files directly to other devices. If a user has AirDrop set to allow connections from anyone—not just her contacts—an attacker could exploit the vulnerability on a default locked iOS device. In fact, an attacker can exploit the vulnerability even if the victim doesn't agree to accept the file sent over AirDrop.
Open Source

Ask Slashdot: Synchronizing Sound With Video, Using Open Source? 103

An anonymous reader writes: I have a decent video camera, but it lacks a terminal for using an external mic. However, I have a comparatively good audio recorder. What I'd like to do is "automagically" synchronize sound recorded on the audio recorder with video taken on the video camera, using Free / Open Source software on Linux, so I can dump in the files from each, hit "Go," and in the end I get my video, synched with the separately recorded audio, in some sane file format. This seems simple, but maybe it isn't: the 800-pound gorilla in the room is PluralEyes, which evidently lots of people pay $200 for --and which doesn't have a Linux version. Partly this is that I'm cheap, partly it's that I like open source software for being open source, and partly it's that I already use Linux as my usual desktop, and resent needing to switch OS to do what seems intuitively to be a simple task. (It seems like something VLC would do, considering its Swiss-Army-Knife approach, but after pulling down all the menus I could find, I don't think that's the case.) I don't see this feature in any of the Open Source video editing programs, so as a fallback question for anyone who's using LiVES, KDEnlive, or other free/Free option, do you have a useful workflow for synching up externally recorded sound? I'd be happy even to find a simple solution that's merely gratis rather than Free, as long as it runs on Ubuntu.
Operating Systems

Microsoft Is Downloading Windows 10 Without Asking 867

New submitter christhedj writes with a story at The Inquirer, according to which: Microsoft, having learned nothing from Apple and the U2 album, have started downloading Windows 10 as part of Patch Tuesday for Windows 7 and 8 users. For people on a 32GB flash drive tablet, that's a big chunk of space taken up with something that they didn't ask for. Microsoft admits to doing this, but users are not happy. Way to look needy, Microsoft.

Microsoft, Dell Aim To Sell Surfaces To Businesses 74

jfruh writes: Microsoft became an OS and PC behemoth in part by relentless focus on business sales, and is partnering with old friend Dell to try to recreate that success, trying to woo companies into buying Surface Pros loaded with Windows 10. It may seem topsy-turvey that Dell would be selling someone else's hardware, but Dell is offering ancillary services, including warranties, on the Microsoft hardware.