An anonymous reader writes: Four years after the release of a groundbreaking study on the state of SSL/TLS certificates in non-browser applications (APIs [to be exact]), some programming languages fail to provide developers with the appropriate tools to validate certificates. Using three simple test scripts connected to a list of known vulnerable HTTPS servers, researchers logged their results to see which programming languages detected any problems. According to the results, all tested programming languages (PHP, Python, Go), in various configurations, failed to detect HTTPS connections that used revoked SSL/TLS certificates. This is a problem for HTTPS-protected APIs since users aren't visually warned, like in browsers, that they're on an insecure connection. "PHP, Python, and Google Go perform no revocation checks by default, neither does the cURL library. If the certificate was compromised and revoked by the owner, you will never know about it," noted Sucuri's Peter Kankowski.

JustAnotherOldGuy writes: The numbers are very back-of-the-envelope and assume a worst case: widespread adoption of Bitcoin and not much improvement in Bitcoin mining activity, along with long replacement cycles for older, less efficient mining rigs. But even the best case [scenario] has Bitcoin consuming a shocking amount of electricity. [As mentioned in a report from Motherboard,] "The results show that in an optimistic scenario, the increase in electricity consumption of the Bitcoin network compared to now is not shocking, from around 350 MW to around 417 MW, but still on the order of one small power station. If things play out a little less favorably, however, the Bitcoin network may draw over 14 Gigawatts of electricity by 2020, equivalent to the total power generation capacity of a small country, like Denmark for example.

An anonymous reader writes: Apple, on Thursday, rolled out a minor update to iPhone, iPad, and iPod devices. The update, dubbed iOS 9.3.1, brings with it a fix for a software glitch that caused many apps -- including Safari, and Chrome -- to freeze and crash when trying to open a link. The issue was related to Universal Link, a feature Apple first introduced with iOS 9. Many reported that some apps including Booking.com were abusing this capability, causing the Universal Link database to overload.

An anonymous reader cites a report on VentureBeat: Microsoft today announced that Xamarin is now available for free for every Visual Studio user. This includes all editions of Visual Studio, including the free Visual Studio Community Edition, Visual Studio Professional, and Visual Studio Enterprise. Furthermore, Xamarin Studio for OS X is being made available for free as a community edition and Visual Studio Enterprise subscribers will get access to Xamarin's enterprise capabilities at no additional cost. The company also promised to open source Xamarin's SDK, including its runtime, libraries, and command line tools, as part of the .NET Foundation 'in the coming months.' Plenty of developers will find this announcement exciting. Xamarin being free is a big deal.

An anonymous reader quotes a report from Ars Technica: Using Adblock Plus to block ads on websites is legal, a German regional court has ruled. The suit, brought by the company behind the leading German newspaper Suddeutsche Zeitung, is the fifth such case to be decided in favor of the makers of the software, who are based in Germany. The court in Munich also ruled that the "Acceptable Ads initiative," a scheme that requires larger companies to pay for their ads to be whitelisted by Adblock Plus, is acceptable under German law. "To the contrary, said the court, users have the right to block those or any ads, because no such contract exists," Adblock Plus's Ben Williams writes. "Additionally, the judge ruled that by offering publishers a way to serve ads that ad-blocking users will accept, the Acceptable Ad initiative provides them an avenue to monetize their content, and therefore is favorable, not disadvantageous, to them." Previously, Adblock Plus's parent company Eyeo has won court cases against the German publishing giant Axel Springer, Germany television companies Pro 7/Sat 1 and RTL Interactive, and against the companies operating the Zeit Online and Handelsblatt websites.

An anonymous reader quotes a report from TechCrunch regarding the beloved Windows Hello login security features: Microsoft is bringing to Windows apps (and even the web) some of the convenience and security of being able to use the same tech it uses to keep enterprise laptops safe. The idea here is to let you use the same technology that powers "Windows Hello" -- the login security feature of Windows 10 that supports fingerprint scanners, facial recognition and even iris scanners -- to log into other services, as well. This feature probably wouldn't be all that interesting if it only worked for Windows apps, but the company is also extending it to web apps. For now, this feature apparently only works with Microsoft's own Edge browser, but the company says it is compatible with the FIDO 2.0 standard and can theoretically work with any browser.

An anonymous reader writes: Microsoft has announced updates to its portfolio of machine learning tools at its Build conference in San Francisco. Previously, they had fallen under the Project Oxford name, but now they are being rebranded to Microsoft Cognitive Services. According to Microsoft senior program manager Cornelia Carapcea, there are now 22 APIs available in Cognitive Services. There are also prices for the new services, along with APIs made available from Microsoft's Bing search division. Developers can try out these services for free.

An anonymous reader writes: As promised, Microsoft started shipping its $3,000 HoloLens development kits today. In addition to sharing that bots are coming to the new platform, the company also released a HoloLens emulator, which lets developers test holographic apps on their PC without the need for a physical HoloLens. You can download the emulator now directly from here. Thinking about building a holographic app? HoloToolkit on GitHub is a collection of scripts and components that may help accelerate your development.

Dave Knott writes: Today, Microsoft made good on a nearly three-year-old promise, unlocking the ability for all retail Xbox One consoles to become development kits. This mode will allow anyone to build, test and experiment with Universal Windows Program (UWP) development. Converting a console to Dev Mode requires no special equipment or fees, though to fully access the abilities, a user will need to create a Dev Center account. After setting up Dev Mode, a user simply pairs their Xbox One with Visual Studio, which sees the console as a Windows 10 machine to which it can deploy content directly through a wired connection. While this feature eases self-publishing on Xbox One, a developer will still have to go through Microsoft's concept approval, which usually takes about two weeks, before the game is eligible to be published on Xbox One. The big change here is that while traditionally Microsoft had to give a hopeful developer a dev kit, now a developer can just switch over their own retail console.

An anonymous reader shares a report on VentureBeat: Microsoft today is introducing the Bot Framework, a new tool in preview to help developers build their own chatbots for their applications. Using this, anyone can create a text program that they can chat with. A BotBuilder software-development kit (SDK) is available on GitHub under an open-source MIT license. These bots can be implemented into a variety of applications, including Slack or Telegram or even email. "Bots are like new applications," Microsoft chief executive Satya Nadella said. "And digital assistants are meta apps, or like the new browsers. And intelligence is infused into all of your interactions. That's the rich platform that we have." Microsoft will want to tread carefully.

Sarah Perez reports for TechCrunch: Apple today announced it's expanding its efforts in the area of web development, with the launch of a new version of its Safari web browser, designed specifically for developers. Called Safari Technology Preview, the company says this browser will allow developers to get an early look at upcoming web technologies in OS X and iOS, including things like the latest layout technologies, visual effects, and other developer tools. The idea is to allow developers to more easily get their hands on these technologies and be able to experiment, then offer feedback to Apple earlier on so the company can make the necessary improvements. AnandTech's Brandon Chester elaborates: It's available from Apple's developer website, and updates will come every two weeks via the Mac App Store. This makes the list of changes and additions easily accessible with each update, and because the builds are signed by Apple there's full support for iCloud integration. [...] One important thing to note about the Safari Technology Preview is that, while the app is available from Apple's developer site, you don't need to be a registered developer paying the yearly iOS and OS X publishing fee to access it. Since the target audience consists mainly of programmers building websites and web applications, it doesn't make sense to limit it to developers building native apps for iOS and OS X.

An anonymous reader writes: Linux turns 25 this year(!!). To mark the event, IEEE Spectrum has a piece on the history of Linux and why it succeeded where others failed. In an accompanying question and answer with Linus Torvalds, Torvalds explains the combination of youthful chutzpah, openness to other's ideas, and a willingness to unwind technical decisions that he thinks were critical to the OS's development: "I credit the fact that I didn't know what the hell I was setting myself up for for a lot of the success of Linux. [...] The thing about bad technical decisions is that you can always undo them. [...] I'd rather make a decision that turns out to be wrong later than waffle about possible alternatives for too long."

An anonymous reader writes: A security researcher found two bypasses in Valve's game review process that eventually allowed him to publish Steam Trading Cards and a full game on the Steam Store called "Watch Paint Dry" (reference to this case from last month involving the British film censors). The game was supposed to be an April Fools' Day prank, but the researcher forgot to set a release date, and [the game] was published on the Steam Store last weekend. Valve has fixed the security bypass in the meantime. These bypasses were extremely dangerous since they allowed anyone to publish games on the Store (possibly containing malware) without a Valve employee ever taking a look at them, or knowing they went through the review process.

Reader lxrocks writes: Many users are experiencing an issue with their iPhone and iPad wherein trying to open a link on Safari, Mail, Chrome or any other app causes it to freeze and crash. The issue renders any type of search with Safari as useless as none of the links returned will open. The wide-spread issue -- for which there's no known workaround just yet -- seems to be affecting users on both iOS 9.2 and iOS 9.3. Apple has acknowledged the issue and says it will release a fix "soon." There's no official word on what's causing the issue, but a popular theory with developers is that the glitch has something to do with Universal Links, a feature Apple first introduced with iOS 9. It appears some apps, such as Booking.com, are abusing this capability, causing the Universal Link database to overload.

Like many of you, I use IFTTT. It's one of the handiest tools on the internet to get your work done. Want a text alert for weather? Want a notification on your Android smartphone whenever someone you follow publishes a blog post? IFTTT can do all sorts of such things. It is able to do so because it works with different companies and utilizes APIs of their services. Many of these companies are happy to have IFTTT trying to enhance the experience of their customers. Many don't necessarily want -- or can allow -- IFTTT to do that. Pinboard, a social bookmarking website, falls in the latter category. Maciej Ceglowski, CEO of Pinboard in a blog post explained why that is the case: Imagine if your sewer pipe started demanding that you make major changes in your diet. Now imagine that it got a lawyer and started asking you to sign things. You would feel surprised. This is the position I find myself in today with IFTTT, a form of Internet plumbing that has been connecting peaceably to my backend for the past five years, but which has recently started sending scary emails. [...] Because many of you rely on IFTTT, and because [their request] makes it sound like I'm the asshole, I feel I should explain myself. In a nutshell: 1. IFTTT wants me to do their job for them for free. 2. They have really squirrely terms of service. In the blog post, Ceglowski further explains his concerns with IFTTT. He says IFTTT wants ownership of all right, title, and interest. "Pinboard is in some ways already a direct competitor to IFTTT. The site offers built-in Twitter integration, analogous to IFTTT's twitter-Pinboard recipe. I don't know what rights I would be assigning here, but this is not the way I want to find out." You should read the blog post, it's very insightful and sheds light on things that many of us might not have considered otherwise. Jason Snell has offered his take on this as well, he writes: If IFTTT sticks with this philosophy, it will rapidly become a lot less useful and interesting as a service.

schwit1 writes: The launch control software NASA is writing from scratch for its Space Launch System (SLS) rocket is way behind schedule and way over budget. According to ABC News, "Development of this new launch control software is now projected to exceed $207 million, 77 percent above 2012 projections. The software won't be ready until fall 2017, instead of this summer as planned, and important capabilities like automatic failure detection, are being deferred, the audit noted. The system is vital, needed to control pumps, motors, valves and other ground equipment during countdowns and launches, and to monitor data before and during liftoff. NASA decided to write its own computer code to "glue together" existing software products a decade ago -- while space shuttles still were flying and commercial shippers had yet to service the space station. Both delivery companies, SpaceX and Orbital ATK, rely on commercial software, the audit noted."

In other words, even though NASA could have simply purchased already available software that other launch companies were using successfully, the agency decided to write its own. And that decision really didn't come before the arrival of these commercial companies, because when it was made a decade ago that was exactly the time that SpaceX was beginning to build its rocket. This is simply more proof that SLS is nothing more than a pork-laden waste of money designed not to explore space but to generate non-productive jobs in congressional districts.

An anonymous reader quotes a report from eWeek: Surface Hub, originally slated to ship last September and later missing its January 2016 release deadline, is finally being delivered to Microsoft's business customers, announced Brian Hall, general manager of Microsoft Devices Marketing, on Friday. The touch-enabled Windows 10-powered device, available in a 55-inch and a massive 84-inch model, features built-in cameras, a microphone array, Bluetooth, WiFi, motion sensors and near-field communications (NFC). It runs Skype for Business, Office and OneNote, providing an integrated collaboration experience, and at least with the 84-inch model, an expansive canvas for interactive presentations and virtual meetings. With the Surface Hub, Microsoft is making an aggressive push into the conferencing and collaboration market currently dominated by Cisco, Citrix and Polycom. "I couldn't be more proud to announce this milestone for our team, customers, and partners. We can't wait to see what people, teams and businesses will do with Surface Hub," said Hall in a March 25 announcement.

An anonymous reader quotes a report from Gizmag: One of the most hotly contested bits of real estate today is one you can't see. As we move into an increasingly wireless-connected world, staking out a piece of the crowded electromagnetic spectrum becomes more important. DARPA is hoping to help solve this issue with its latest Grand Challenge, which calls for the use of machine-learning technologies to enable devices to share bandwidth. The Spectrum Collaboration Challenge (SC2) is based on the idea that wireless devices would work better if they cooperated with one another rather than fought for bandwidth. Since not all devices are active at all times, the agency says, it should be possible through the use of artificial intelligence machine-learning algorithms to allow them to figure out how to share the spectrum with a minimum of conflict. DARPA announced the competition in front of 8000 engineers on Wednesday at the International Wireless Communications Expo (IWCE) in Las Vegas. SC2 will run from 2017 through 2020 with teams competing to create radios that can collaborate most effectively with other radios. The competition will end with a live event and the prize is $2 million.

An anonymous reader quotes a report from PCWorld: Quantum computers are based on atomic-scale quantum bits, or qubits, that can represent both 0 and 1 simultaneously. Realizing that potential, however, depends on the ability to build working quantum circuits. The quantum version of the classic Fredkin gate exchanges two qubits depending on the value of the third. It could be a key component of quantum circuitry, but because of the complexity involved, no one has ever managed to build one in the real world -- until now. Whereas the Fredkin gate typically requires a circuit of five logic operations, researchers from Griffith University and the University of Queensland used the quantum entanglement of particles of light to implement the controlled-SWAP operation directly. Essentially, the scientists demonstrated how to build large quantum circuits directly, without having to use numerous small logic gates. That, in turn, puts real quantum computers within closer reach.

angry tapir quotes a report from Computerworld: Oracle is seeking as much as $9.3 billion in damages in a long-running copyright lawsuit against Google over its use of Java in Android, court filings show. Oracle sued Google six years ago, claiming the search giant needs a license to use parts of the Java platform in Google's market-leading mobile OS. The two companies first went to trial in 2012, but the jury was split on whether or not Google's use of Java was protected by "fair use." Now they're headed back to the courtroom for a new trial scheduled to begin May 9, where Oracle's Larry Ellison and Google's Eric Schmidt will be present. Currently, the sum Oracle is asking for is about 10 times as much as when the two companies went to trial in 2012.