Android

Google May Adopt Apple's Swift Programming Language For Android, Says Report (thenextweb.com) 172

An anonymous reader writes: Google has plans to make Apple's Swift object-oriented language a "first-class" language for Android, reports The Next Web. The publication, citing sources, adds that Google doesn't mean to replace the current first-class language for Android -- Java -- at least, "initially." Google sees an "upside" in using Swift, which Apple made open source last year. But a ton of things need to fall into place for this to work. From the report, "All told, Google would have to effectively recreate its efforts with Java -- for Swift. If the company is motivated enough, it's very possible to do so without compromising on its open source values or ruffling any developer feathers along the way." The company is also discussing internally about making Kotlin as a first-class language for Android. "Unlike Swift, Kotlin works with Android Studio, Google's IDE for Android development. Unfortunately, sources tell The Next Web that Google's current mindset is that Kotlin is a bit too slow when compiling."
Cloud

Blizzard Shuts Down Popular Fan-run 'Pirate' Server For Classic WoW (arstechnica.com) 266

An anonymous reader writes: Blizzard is threatening legal action against the popular "pirate" servers for World of Warcraft. The Nostalrius servers have been operating for nearly a year, running version 1.12 of the original World of Warcraft as it existed in 2006. Admins say that 800K registered accounts and 150K active players were working through quest progressions reproduced to precisely match the game of a decade ago. Nostalrius' team says its French hosting provider has been issued a formal letter asking it to shut down the servers or face a potential copyright infringement lawsuit as hosting private servers is explicitly against Blizzard's Terms of Use. Blizzard says the rule "isn't an issue because of 'lost' subscription fees from players choosing these illegitimate servers over the real WoW servers -- it simply boils down to the fact that private servers are illegal, and that's that." Nostalrius' servers will be shut down on April 10, but the team says it "will still be publicly providing everything needed in order to setup your own 'Nostalrius' if you are willing to."
Cloud

OpenStack Mitaka Aimed at Simplifying Cloud Operations (eweek.com) 20

darthcamaro writes: The 13th release of OpenStack, codenamed Mitaka is now generally available with updates across all major projects. Among the biggest new capabilities in OpenStack Mitaka however isn't a new project or a new feature in a single existing project, but rather the official debut of the OpenStack Client, which creates for the first time a unified command line interface to control the cloud.

According to eWEEK: "The OpenStack client is a command line client that unifies access across all the main projects," Jonathan Bryce, executive director of the OpenStack Foundation, told eWEEK. So if an administrator wants to create a user, a block storage device or a virtual server, or attach to a network, all those functions are now enabled in the single tool that is the OpenStack client. The OpenStack client provides a standardized set of commands, whereas previously, each project had its own command line client, Bryce said. He added that the OpenStack client can be run locally or in the cloud, and can be configured to control multiple OpenStack clouds.

Communications

Outdated and Vulnerable WordPress, Drupal Versions Contributed To Panama Papers Breach (wptavern.com) 155

An anonymous reader quotes a report from WordPress Tavern: Authorities have not yet identified the hacker behind the Panama Papers breach, nor have they isolated the exact attack vector. It is clear that Mossack Fonseca, the Panamanian law firm that protected the assets of the rich and powerful by setting up shell companies, had employed a dangerously loose policy towards web security and communications. The firm ran its unencrypted emails through an outdated (2009) version of Microsoft's Outlook Web Access. Outdated open source software running the frontend of the firm's websites is also now suspected to have provided a vector for the compromise. Forbes has identified outdated WordPress and Drupal installations as security holes that may have led to the data leak. [WordPress Tavern Editor Sarah Gooding] found that the firm's WordPress-powered site is currently running on version 4.1 (released in December 2014), based on its version of autosave.js, which is identical to the autosave.js file shipped in 4.1. The main site is also loading a number of outdated scripts and plugins. Its active theme is a three-year-old version of Twenty Eleven (1.5), which oddly resides in a directory labeled for /twentyten/. The Mossack Fonseca client portal changelog.txt file is public, showing that its Drupal installation hasn't been updated for three years. Since the release of version 7.23, the software has received 25 security updates, which means that the version it is running includes highly critical known vulnerabilities that could have given the hacker access to the server.
AI

Computer Created A 'New Rembrandt' After Analyzing Paintings (bbc.com) 115

TechnoidNash quotes a report from Techie News: Rembrandt van Rijn was one of the most influential classical painters, and the world lost his amazing talent when he died nearly four centuries ago. And yet his newest masterpiece was unveiled only yesterday. How? By scanning and analyzing Rembrandt's works, a computer was able to create a new painting in near-perfect mimicry of Rembrandt's style. It has been named, appropriately, "The Next Rembrandt." The computer used machine-learning algorithms to create the portrait, which was then 3D-printed to give it the same texture as an oil painting. "The Next Rembrant," was a collaboration between Microsoft, ING, Delft University of Technology and two Dutch art museums -- Mauritshuis and Rembrandthuis.
Android

Magic Kinder Android App Lets Strangers Send Images, Videos To Your Kids (softpedia.com) 30

An anonymous reader writes: The scenario which all parents hate seems to have materialized in the form of an Android app [called Magic Kinder] that lets strangers send texts, images, and videos to kids. All of this is facilitated by a simple app design and lack of encryption, which allows attackers to manipulate HTTP requests and send any content they like to any of the app's users. Currently, because the app developer did not respond, the issues are still present in the app. Fortunately, the app hasn't been installed on more than 11,000 devices.
Ubuntu

Ubuntu Budgie Could Be The New Flavor of Ubuntu Linux (softpedia.com) 116

prisoninmate writes: Budgie-Remix maintainer David Mohammed informs Softpedia about the progress made with the upcoming operating system, whose ultimate goal is to become an official Ubuntu Linux flavor, possibly under the name of Ubuntu Budgie. Even Canonical founder Mark Shuttleworth said in a Google+ comment last month that it will definitely support if there is a community around the packaging. Since their initial report, it looks like the developer managed to get in contact with the Ubuntu MATE project leader Martin Wimpress, who urged him to target Ubuntu 16.10 for an official status of his soon-to-be-named Ubuntu flavor built on top of the Budgie desktop environment created by the team of developers from Solus Project.
Censorship

China Censors Online Discussion About Panama Papers (bbc.com) 109

An anonymous reader quotes a report from BBC: China appears to be censoring social media posts on the Panama Papers document leak which has named several members of China's elite, including President Xi Jinping's brother-in-law. Hundreds of posts on networks such as Sina Weibo and Wechat on the topic have been deleted since Monday morning. According to the International Consortium of Investigative Journalists (ICIJ), the Panama Papers show that Mr. Deng acquired two offshore companies in 2009, at a time when Mr. Xi was rising in politics. State media appeared to black out the news. But many on microblogging network Sina Weibo and mobile chat network Wechat were discussing the topic on Monday morning, sharing Chinese translations of details of the story, including information on Mr. Deng. A hashtag created on the topic quickly trended. Checks by the BBC found that by the end of the day many of those posts had disappeared, with at least 481 discussions deleted from the hashtag's Weibo topic page, and other posts shared on Wechat also deleted. The website Freeweibo.com, which actively tracks censorship on Weibo, listed "Panama" as the second-most censored term on the network.
Cloud

Toyota Teams With Microsoft On Connected Cars (usatoday.com) 116

An anonymous reader quotes a report from USA TODAY: Toyota announced an enhanced relationship with Microsoft on Monday aimed at delivering "connected car" services to drivers in ways they probably never could have imagined. Already, drivers ask the infotainment system in their cars for restaurant recommendations, but many locations often would require that a driver turn around. But with Toyota Connected, the system might be modified to only recommend restaurants on the highway ahead -- and then only the kinds of food that the driver usually prefers. Road information can be delivered to drivers based on driving patterns -- knowing the routes they usually take. Auto insurance could be priced more accurately because the system could report on a driver's actual miles and routes traveled. Medical-related sensors could also be built into the car, like heartbeat monitors or sensors on the steering wheel. Some of the services could be offered to customers wirelessly by being beamed directly into their cars, but Lobenstein said that customer privacy considerations will be paramount. Toyota Connected hopes to have its first products within a year. Toyota Connected, as it's called, is built on Microsoft's Azure cloud computing platform. Toyota plans to invest $5.5 million in the new venture, even though much of the technology will be based on their current research and development for smart automobiles.
Government

TSA Paid $1.4 Million For Randomizer App That Chooses Left Or Right (geek.com) 334

An anonymous reader writes: For those of you who have traveled through U.S. airports in recent years, you may have noticed the Transport Security Administration (TSA) use a Randomizer app to randomly search travelers in the Pre-Check lane. The app randomly chooses whether travelers go left or right in the Pre-Check lane so they can't predict which lane each person is assigned to and can't figure out how to avoid the random checks. Developer Kevin Burke submitted a Freedom of Information Act request asking for details about the app. The documents he received reveals the TSA purchased the Randomizer iPad app for $336,413.59. That's $336,413.59 for an app, which is incredibly simple to make as most programming languages of choice have a randomizing function available to use. What may be even more intriguing is that the contract for the TSA Randomizer app was won by IBM. The total amount paid for the project is actually $1.4 million, but the cost is not broken down in Burke's documents. It's possible IBM supplied all the iPads and training in addition to the app itself.
Databases

Turkish Citizenship Database Allegedly Leaked Online (businessinsider.com) 44

An anonymous reader quotes a report from Business Insider: The entire Turkish citizenship database has allegedly been hacked and leaked online. A website with purportedly leaked details of 49,611,709 Turkish citizens is online and allegedly gives the following details of each citizen -- including the Turkish President Tayyip Erdogan: National Identifier (TC Kimlik No), First Name, Last Name, Mother's First Name, Father's First Name, Gender, City of Birth, Date of Birth, ID Registration City and District, and Full Address. The apparent hack seems to be politically motivated. The website reads: "Who would have imagined that backwards ideologies, cronyism and rising religious extremism in Turkey would lead to a crumbling and vulnerable technical infrastructure?" The hack amounts to about 6.6GB worth of uncompressed files, which may make it one of the biggest data leaks of its kind in history. While The Register has also reported on the leak, some claim the leak has correct information but is just a decrypted version of data that was leaked over a couple of months ago. Specifically, the info contains data of Turkish citizens who voted in 2009 elections.
Microsoft

Head of Oracle Linux Moves To Microsoft (zdnet.com) 95

An anonymous reader writes: Wim Coekaerts, formerly Oracle's Senior VP of Linux and Virtualization Engineering, has left Oracle for Microsoft. Many of you may know of Coekaerts as "Mr. Linux" as he delivered the first Linux products, transitioned Oracle's programming staff from Windows to Linux desktops, and turned Oracle into a Linux distributor with the launch of its Red Hat Enterprise Linux (RHEL) clone, Oracle Linux. Mike Neil, Microsoft's Corporate Vice President of the Enterprise Cloud, told ZDNet, "Wim Coekaerts has joined Microsoft as Corp VP of Open Source in our Enterprise Cloud Group. As we continue to deepen our commitment to open source, Wim will focus on deepening our engagement, contributions and innovation to the open-source community."
Red Hat Software

Red Hat Expands Red Hat Developer Program With No-Cost Red Hat Enterprise Linux (betanews.com) 50

An anonymous reader shares a report on BetaNews: Red Hat -- fresh from celebrating a historic $2 billion in annual revenue -- releases a developer-focused gift to the world. The Red Hat Enterprise Linux Developer Suite is totally free, including an RHEL license and valuable developer tools, like the JBoss Middleware portfolio. This is through the Red Hat Developer Program. If you want to take advantage of this amazing offer, you can sign up through the company's website Red Hat seems a bit late to the party. Many argue that the company should've made its update-only subscription for individuals free from the beginning -- especially considering it isn't a major source of revenue for the company. Exciting time for developers, nonetheless.
Bug

Steam Hacker Says More Vulnerabilities Will Be Found (arstechnica.com) 37

An anonymous reader shares an article on Ars Technica: The teenager who grabbed headlines earlier this week for hacking a fake game listing on to Valve's Steam store says there are "definitely" more vulnerabilities to be found in the popular game distribution service. But he won't be the one to find them, thanks to what he sees as Valve "giv[ing] so little of a shit about people's [security] findings." Ruby Nealon, a 16-year-old university student from England, says that probing various corporate servers for vulnerabilities has been a hobby of his since the age of 11. His efforts came to the attention of Valve (and the wider world) after an HTML-based hack let him post a game called "Watch paint dry" on Steam without Valve's approval over the weekend."It looks like their website hasn't been updated for years," Nealon told Ars. "Compared to even other smaller Web startups, they're really lacking. This stuff was like the lowest of the lowest hanging fruit."
Java

PHP, Python and Google Go Fail To Detect Revoked TLS Certificates (softpedia.com) 64

An anonymous reader writes: Four years after the release of a groundbreaking study on the state of SSL/TLS certificates in non-browser applications (APIs [to be exact]), some programming languages fail to provide developers with the appropriate tools to validate certificates. Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems. According to the results, all tested programming languages (PHP, Python, Go), in various configurations, failed to detect HTTPS connections that used revoked SSL/TLS certificates. This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection. "PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library. If the certificate was compromised and revoked by the owner, you will never know about it," noted Sucuri's Peter Kankowski.
Bitcoin

Bitcoin Could Consume As Much Electricity As Denmark By 2020 (boingboing.net) 170

JustAnotherOldGuy writes: The numbers are very back-of-the-envelope and assume a worst case: widespread adoption of Bitcoin and not much improvement in Bitcoin mining activity, along with long replacement cycles for older, less efficient mining rigs. But even the best case [scenario] has Bitcoin consuming a shocking amount of electricity. [As mentioned in a report from Motherboard,] "The results show that in an optimistic scenario, the increase in electricity consumption of the Bitcoin network compared to now is not shocking, from around 350 MW to around 417 MW, but still on the order of one small power station. If things play out a little less favorably, however, the Bitcoin network may draw over 14 Gigawatts of electricity by 2020, equivalent to the total power generation capacity of a small country, like Denmark for example.
Software

Apple Releases iOS 9.3.1 With Fix For Unresponsive Links 36

An anonymous reader writes: Apple, on Thursday, rolled out a minor update to iPhone, iPad, and iPod devices. The update, dubbed iOS 9.3.1, brings with it a fix for a software glitch that caused many apps -- including Safari, and Chrome -- to freeze and crash when trying to open a link. The issue was related to Universal Link, a feature Apple first introduced with iOS 9. Many reported that some apps including Booking.com were abusing this capability, causing the Universal Link database to overload.
Microsoft

Microsoft Makes Xamarin Free In Visual Studio, Will Open Source Core Xamarin Tech (venturebeat.com) 143

An anonymous reader cites a report on VentureBeat: Microsoft today announced that Xamarin is now available for free for every Visual Studio user. This includes all editions of Visual Studio, including the free Visual Studio Community Edition, Visual Studio Professional, and Visual Studio Enterprise. Furthermore, Xamarin Studio for OS X is being made available for free as a community edition and Visual Studio Enterprise subscribers will get access to Xamarin's enterprise capabilities at no additional cost. The company also promised to open source Xamarin's SDK, including its runtime, libraries, and command line tools, as part of the .NET Foundation 'in the coming months.' Plenty of developers will find this announcement exciting. Xamarin being free is a big deal.
Advertising

Using Adblock Plus to Block Ads is Legal, Rules German Court -- For the Fifth Time (arstechnica.co.uk) 237

An anonymous reader quotes a report from Ars Technica: Using Adblock Plus to block ads on websites is legal, a German regional court has ruled. The suit, brought by the company behind the leading German newspaper Suddeutsche Zeitung, is the fifth such case to be decided in favor of the makers of the software, who are based in Germany. The court in Munich also ruled that the "Acceptable Ads initiative," a scheme that requires larger companies to pay for their ads to be whitelisted by Adblock Plus, is acceptable under German law. "To the contrary, said the court, users have the right to block those or any ads, because no such contract exists," Adblock Plus's Ben Williams writes. "Additionally, the judge ruled that by offering publishers a way to serve ads that ad-blocking users will accept, the Acceptable Ad initiative provides them an avenue to monetize their content, and therefore is favorable, not disadvantageous, to them." Previously, Adblock Plus's parent company Eyeo has won court cases against the German publishing giant Axel Springer, Germany television companies Pro 7/Sat 1 and RTL Interactive, and against the companies operating the Zeit Online and Handelsblatt websites.
Microsoft

Microsoft Extends Its Windows Hello Login Security Features To Apps and the Web (techcrunch.com) 47

An anonymous reader quotes a report from TechCrunch regarding the beloved Windows Hello login security features: Microsoft is bringing to Windows apps (and even the web) some of the convenience and security of being able to use the same tech it uses to keep enterprise laptops safe. The idea here is to let you use the same technology that powers "Windows Hello" -- the login security feature of Windows 10 that supports fingerprint scanners, facial recognition and even iris scanners -- to log into other services, as well. This feature probably wouldn't be all that interesting if it only worked for Windows apps, but the company is also extending it to web apps. For now, this feature apparently only works with Microsoft's own Edge browser, but the company says it is compatible with the FIDO 2.0 standard and can theoretically work with any browser.

Slashdot Top Deals