An anonymous reader writes from an article on Ars Technica: When former Secretary of State Hillary Clinton was pushing to get a waiver allowing her to use a BlackBerry like President Barack Obama back in 2009, the National Security Agency had a very short list of devices approved for classified communications. The General Dynamics' Sectera Edge and L3 Communications' Guardian were the two devices built for the Secure Mobile Environment Portable Electronic Device (SME PED) program. They were the only devices anyone in government without an explicit security waver (like the one the president got, along with his souped-up BlackBerry 8830) could use until as recently as last year to get mobile access to top secret encrypted calls and secure e-mail. At the time Clinton was asking for a phone, only the Sectera Edge was available (the Guardian was running behind in development) and it required multiple server-side and phone-side e-mail additions, desktop synchronization software, and other supporting products. The "Executive Kit" version of the Edge, priced for government purchase at $4,750, included: Type 1 Sectera Edge (GSM or CDMA) device plus: Executive Carry Case, Leather Holster Travel Charger, Red/Black USB Cables, Vehicle Charger, Earbud, Stylus 10-pack, microSD Card with User Manual, Spare Battery, Privacy Shield 4-pack, Antivirus Software, Apriva Email Client and Perpetual Rights fee and Office Suite for Windows CE.

Reader Trailrunner7 writes: The Federal Trade Commission is warning dozens of developers about some code they've included in their apps that can surreptitiously listen to unique audio signals from TVs in the background and build detailed profiles of what consumers are watching. The technology, produced by a company called SilverPush, is used to track users across devices and the FTC warned the developers that if they don't disclose the use of the code to consumers, they could be violating the FTC Act. The commission sent the letter to 12 app developers whose apps are in the Google Play Store, and warned them that not disclosing the use of SilverPush's Unique Audio Beacon could be a problem. "For example, the code is configured to access the device's microphone to collect audio information even when the application is not in use. Moreover, your application requires permission to access the mobile device's microphone prior to install, despite no evident functionality in the application that would require such access," the letter says.

An anonymous reader writes: For many years, the open source software community has made the distinction between "free as in freedom" (the software can be used or modified as the user sees fit) and "free as in beer" (the software is available at no cost). Some have added a third type of free: "free as in puppy". Like a puppy, adopting open source software has ongoing cost. What many people don't consider is that developing open source software has a cost, too. Many developers purchase extra hardware for testing or pay for code hosting, a website, etc. A pending bill in the New York Senate aims to help offset those costs. The bill, sponsored by Senator Daniel Squadron (D-26th) and co-sponsored by Senator Ruth Hassell-Thompson (D-36th), would provide a tax credit of 20% of "expenses associated with the development of open source and free software", up to an annual maximum of $200. Based on a 2006 report by the Center for American Progress, this bill appears to be the first of its kind introduced to a state legislature. I'd rather they require that any software developed at taxpayer expense be released as open source.

An anonymous reader writes from an article on CBSNews: Newly released emails show a 2009 request to issue a secure government smartphone to then-Secretary of State Hillary Clinton was denied by the National Security Agency. Clinton's desire for a secure "BlackBerry-like" device, like the one provided to President Barack Obama, is recounted in a series of February 2009 exchanges between high-level officials at the State Department and NSA. Clinton was sworn in as secretary the prior month, and had become "hooked" on reading and answering emails on a BlackBerry she used during the 2008 presidential race. "We began examining options for (Secretary Clinton) with respect to secure 'BlackBerry-like' communications," wrote Donald R. Reid, the department's assistant director for security infrastructure. "The current state of the art is not too user friendly, has no infrastructure, and is very expensive." Reid wrote that each time they asked the NSA what solution they had worked up to provide a mobile device to Obama, "we were politely told to shut up and color."

An anonymous reader writes: Alphabet's Google has quietly scored a major coup in its campaign to become an enterprise cloud computing powerhouse, landing Apple as a customer for the Google Cloud Platform, multiple sources with knowledge of the matter told CRN this week. Previously, Apple had acknowledge using Amazon Web Services (AWS) and Microsoft Azure's rival cloud computing platforms in addition to its own data centers. None of the services would have access to iCloud users' records. "The iCloud information is not at risk of being breached or otherwise observed by the ultimate owners of the platforms it resides on because of the very heavy encryption and partitioning technologies used," commended Chris Green, a tech expert at the consultancy Lewis. CRN has mentioned the agreement between the two companies was done late last year.

the_newsbeagle writes: We don't often get insider accounts of hacks against major institutions like hospitals because they immediately go into damage control mode. But at a SXSW talk, a couple of experts told tales out of school. The experts, [John Halamka, CIO of the Boston hospital Beth Israel Deaconness, and Kevin Fu, a University of Michigan engineering professor, recounted incidents in which hackers downloaded patient X-rays to China, took down entire networks, fooled Harvard doctors, and more.

itwbennett writes: A study from George Mason University, which estimates danger from consumer drones, suggests that rules around private drone use could be relaxed without endangering general aviation. [Researcher] Eli Dourado [coupled] data on bird strikes with aircraft, with an estimate of the number of birds in airspace and the average weight per species of bird, and concluded that "a two-kilogram drone would cause an injury once every 187 million years of continuous operation."
Dourado admits there are some limitations to his estimate. While drones are crafted with plastic and metal, birds are generally softer and more likely to get squished on impact with an aircraft. However, birds are likely to be flying in flocks, where the danger of having several sucked into the engines is greater. US Airways flight 1549 was a prime example of this as the aircraft encountered numerous bird strikes which took out its engines, causing it to land in New York's Hudson River. In addition, the research doesn't include the possibility of someone maliciously trying to hit an aircraft.

An anonymous reader writes from an article on TechCrunch: Microsoft just announced that game developers can now create cross-platform multiplayer modes that work with other consoles and operating systems. So it means that the next Call of Duty or FIFA could feature a multiplayer mode that works with both Xbox and Playstation gamers. It just depends on developers now. Microsoft has historically restricted cross-platform play as the Xbox Live was the first successful multiplayer network for consoles. And yet, Microsoft is now lagging behind the Playstation 4 with its Xbox One. By opening up cross-platform multiplayer, Microsoft could convince late adopters to buy an Xbox One even though their friends have a PlayStation 4. It's also a way to make sure that there are enough plays for less popular games. It's unclear how developers are supposed to deal with duplicated PlayStation Network and Xbox Live screen names.

Microsoft has found a new use of its insanely popular title Minecraft. The company on Monday announced Project AIX, a platform that will let computer scientists experiment with artificial intelligence in its cube-stacking game. For instance, Microsoft says, they can manipulate a character and learn from its actions. Microsoft says that Minecraft, a game it acquired in 2014, is more sophisticated than existing AI research simulations. "You can do survival mode, you can do build battles with your friends, you can do courses, you can implement our own games. This is really exciting for artificial intelligence because it allows us to create games that stretch beyond current abilities said Katja Hofmann, one of the researchers behind AIX. The company initially launched the project for its own testing, but says it will make it available as open source to all in July.

jones_supa writes: The Obama administration is seeking public comments on its open source policy. They have released for public comment a draft Federal Source Code policy to support improved access to custom software code. From the policy document: "This policy requires that, among other things: (1) new custom code whose development is paid for by the Federal Government be made available for reuse across Federal agencies; and (2) a portion of that new custom code be released to the public as Open Source Software (OSS)." Tony Scott, Federal CIO of the US government, mentioned one of the strengths of open source – cost saving. Scott wrote on the White House blog that the U.S. government "can save taxpayer dollars by avoiding duplicative custom software purchases and promote innovation and collaboration across Federal agencies."

An anonymous reader points us to an opinion piece by Apple blogger Rene Ritchie on the dim prospects for indie app developers, in the face of mass-market, big-name competition. From his piece: Big apps get all the attention these days, just like big movie, music, or book releases and indies get what little is left, when there's even a little left. The App Store is big business, and that's how big business works. [...] Apple could use its considerable power and influence to help shape the App Store economy into one more hospitable to indie developers. After all, those are the apps I love and the ones that dominate my home screens. But the truth is, even if Apple gave indie developers everything they wanted, it wouldn't matter much over the long term. It may help a few for a while, and a very few for a while longer, but the app economy and apps themselves are evolving. Brent Simmons has offered his opinion on the matter. He writes, The Mac has for a long time been overlooked -- first because Windows was so huge, and then web apps, and now iOS. For my entire career people have said that the Mac is a bad bet, that it's dumb to write Mac apps. [...] There was never a golden age for indie iOS developers. It was easier earlier on, but it was never golden. (Yes, some people made money, and some are today. I don't mean that there were zero successes.) And there's a good chance that many of the people you currently think of as thriving iOS indie developers are making money in other ways: contracting, podcast ads, Mac apps, etc.

jones_supa writes: The GNU free software project is introducing a new neural network computation package called Gneural Network. The GNU project has been impressed by the work of Google, IBM, AlphaGo and Watson on the field of artificial intelligence. However, the GNU project sees that the fact that only companies and labs have access to this technology can represent a threat: "First of all, we cannot know how money driven companies are going to use this novel technology. Second, this monopoly slows down Progress and Technology." This is why the author, Jean Michel Sellier, decided to create Gneural Network and release it under the GNU GPL license. In the current release (version number humbly set to 0.0.1), it is a very simple feedforward network which can learn very simple tasks such as curve fitting, but the development team plans to deliver more advanced features very soon. They are already spending efforts to implement a network of LSTM (long short term memory) neurons for recurrent networks and deep learning. Learning reinforcement techniques are also planned.

An anonymous reader points us to a fascinating piece at The Economist that tries to explain the elements that drive people to work so hard: Working effectively at a good job builds up our identity and esteem in the eyes of others. We cheer each other on, we share in (and quietly regret) the successes of our friends, we lose touch with people beyond our network. Spending our leisure time with other professional strivers buttresses the notion that hard work is part of the good life and that the sacrifices it entails are those that a decent person makes. This is what a class with a strong sense of identity does: it effortlessly recasts the group's distinguishing vices as virtues. This reminds me of an article by Om Malik, veteran reporter and founder of the GigaOm news outlet, who wrote this when announcing his retirement. From his piece: "I relate to Jeter's desire to find life outside of work. Living a 24-hour news life has come at a personal cost. I still wake in middle of the night to check the stream to see if something is breaking, worrying whether I missed some news. It is a unique type of addiction that only a few can understand, and it is time for me to opt out of this non-stop news life."

An anonymous reader allegedly quoting an email from Code.org, claims that the database of the non-profit organization has been breached: Some personal data was accessed on our web site by a firm exploiting a client-side vulnerability. Your email address and your location, if you provided it, were compromised and may have been read. The exploit was limited to engineers and others who volunteered to help in classrooms. No student or teacher accounts were impacted, nor passwords or additional information. The exploit did not give hackers access to any of our servers. Earlier this week, a volunteer engineer told us he received an unsolicited recruiting email from a technical freelancing firm in Singapore. We determined the firm was able to retrieve the volunteer's private email address by exploiting a client-side vulnerability on our volunteer map. We've since had 6 similar cases reported. We've fixed the problem, and all private data was secured against future attacks late Friday. We also inspected and secured the rest of our site from similar vulnerabilities. Code.org has confirmed to Slashdot that it has indeed suffered a breach. The non-profit separately wrote in a blog post that a Singapore-based recruiting firm had exploited a vulnerability on its website to send emails to Code.org members. Following is an email sent by the recruiting firm to Hadi Partovi, CEO, Code.org. "Sorry about this... our intention was we thought it'd be good to get them more opportunities to improve their own Computer Science skills beyond the opportunities available in their geographical boundaries / location. We've told our team to stop this with immediate effect. No one should be receiving anymore e-mails from us from this point onwards. You have my word that we will delete their email addresses from our mailing lists. They should not receive anymore emails from us."

An anonymous reader writes: A faulty security patch has left Java users vulnerable to attacks in the past two years, researchers from Polish security firm Security Explorations are claiming. The issue in question is CVE-2013-5838, which was discovered and patched in October 2013. Two years later, going back over their researcher, the same security researchers have now discovered that Oracle had not only misclassified its impact but also botched the fix. In a Full Disclosureexposé, the researcher says that changing four characters in the company's original proof-of-concept code allowed them to exploit the flaw, despite Oracle's patch.

mmoorebz writes: Netflix is known as a place to binge watch television, but behind the scenes, there's a lot that goes on before everyone's favorite show can be streamed. The first step to deploying an application or service is building. Netflix created Nebula, a set of plugins for the Gradle build system, that "help with the heavy-lifting around building applications," said the engineers. Once the code has been built and tested locally using Nebula, the team pushes the updated source code to a Git repository. Every deployment at Neflix begins with the creation of an Amazon Machine Image, and to generate them from source, Netflix created what it calls "the Bakery." It exposes an API that facilitates the creation of AMIs globally, according to the blog. When it comes time to deploy and after the "baking" is complete, teams will use Spinnaker to manage multi-region deployments, canary releases, and red/black deployments. Netflix is continuing to look at the developer experience and determine how it can improve.

jones_supa writes: id Software is well known for publicly releasing the source code of its old first-person-shooter games. Now Croteam is joining the club by releasing the source code of the engine of the very first Serious Sam game. It's the very same engine that the company used for Serious Sam Classic: The First Encounter and The Second Encounter. Croteam's Vyacheslav Nikitenko, who worked on the source code and prepared Serious Engine v.1.10 for this release, had this to say: "Historically, this version of Serious Engine is very important for Croteam and for me personally. I created several mods for Serious Sam back in the day, before even starting the work on the source code, and it was a great tool for learning. And it's even better today! Obviously, Serious Engine v1.10 won't produce top-notch graphics, but the source code is very well commented, easy to modify, and there are lots of user generated mods out there. This version has everything you need to build your own game – or just experiment. If you're looking to get started, just download the files from GitHub and head over to SeriousZone, it has a great community and lots of tutorials." Happy hacking! (And here's a video with some game play that shows what this engine can do.)

HughPickens.com writes: David Streitfeld writes in the NYT that cities do not usually cheer the downfall or even the diminishment of the hometown industry, but the relationship between San Francisco and the tech community has grown increasingly tense as the consequences for people who do not make their living from technology become increasingly unpleasant. "It's practically a ubiquitous sentiment here: People would like a little of the air to come out of the tech economy," says Aaron Peskin. "They're like people in a heat wave waiting for the monsoon." Signs of distress are plentiful. The Fraternite Notre Dame's soup kitchen was facing eviction after a rent increase of nearly 60 percent. Two eviction-defense groups were evicted in favor of a start-up that intended to lease the space to other start-ups. The real estate site Redfin published a widely read blog post that said the number of teachers in San Francisco who could afford a house was exactly zero. "All the renters I know are living in fear," says Derrick Tynan-Connolly. "If your landlord dies, if your landlord sells the building, if you get evicted under the Ellis Act" — a controversial law that allows landlords to reclaim a building by taking it off the rental market — "and you have to move, you're gone. There's no way you can afford to stay in San Francisco."

An anonymous reader writes: For the last 17 years, the American not-for-profit MITRE Corporation has been editing and maintaining the list of Common Vulnerabilities and Exposures (CVEs). According to a number of researchers, MITRE has lately been doing a lousy job when it comes to assigning these numbers, forcing researchers to do without them or to delay public disclosure of vulnerabilities indefinitely. The problem is getting worse by the day, and the situation has spurred Kurt Seifried, a "Red Hat Product Security Cloud guy" and a CVE Editorial Board member, to create a complementary system for numbering vulnerabilities.

whoever57 writes: A California jury in one of the cases between Synopsys and Atoptech found copyright infringement in Atoptech's use of the "Primetime commands". These companies compete in the field of EDA ("Electronic Design Automation") software: software that is used by semiconductor companies to design ICs. The Primetime commands are merely an interface. Atoptech has their own implementation of the functionality that these commands [provide]. This can be seen as similar to the Oracle vs. Google lawsuit, in which an appeals court has found that providing a similar interface (via header files) can constitute copyright infringement. Naturally, there will be appeals in this case.