Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Google

Oracle Says Trial Wasn't Fair, It Should Have Known About Google Play For Chrome (arstechnica.com) 182

Two and a half months after a federal jury concluded that Google's Android operating system does not infringe Oracle-owned copyrights because its re-implementation of 37 Java APIs is protected by "fair use," Oracle's attorney says her client missed a crucial detail in the trial, adding that this detail could change everything. ArsTechnica reports: Oracle lawyers argued in federal court today that their copyright trial loss against Google should be thrown out because they were denied key evidence in discovery. Oracle attorney Annette Hurst said that the launch of Google Play on Chrome OS, which happened in the middle of the trial, showed that Google was trying to break into the market for Java SE on desktops. In her view, that move dramatically changes the amount of market harm that Oracle experienced, and the evidence should have been shared with the jury. "This is a game-changer," Hurst told U.S. District Judge William Alsup, who oversaw the trial. "The whole foundation for their case is gone. [Android] isn't 'transformative'; it's on desktops and laptops." Google argued that its use of Java APIs was "fair use" for several reasons, including the fact that Android, which was built for smartphones, didn't compete with Java SE, which is used on desktops and laptops. During the post-trial hearing today, Hurst argued that it's clear that Google intends to use Android smartphones as a "leading wedge" and has plans to "suck in the entire Java SE market. [...] Android is doing this using Java code," said Hurst. "That's outrageous, under copyright law. This verdict is tainted by the jury's inability to hear this evidence. Viewing the smartphone in isolation is a Google-gerrymandered story."In the meanwhile, Google attorney said Oracle was aware of Google's intentions of porting Android to laptops and desktops, and that if Oracle wanted to use this piece of information, it could have.
Intel

Intel Unveils Project Alloy 'Merged Reality' Wireless Headset (hothardware.com) 43

MojoKid writes: Intel CEO Bryan Krzanich took to the stage at the Moscone Center in San Francisco today to kick off this year's Intel Developers Forum. Kyrzanich unveiled a number of new projects and products including a product code-named "Project Alloy." The device is an un-tethered, merged reality Head Mounted Device (HMD) that combines compute, graphics, multiple RealSense modules, various sensors, and batteries into a self-contained headset that offers a full six degrees of freedom. Unlike the Oculus Rift and HTC Vive, Project Alloy does not need to be wired to a PC or other device and it does not require externally mounted sensors to define a virtual space. Instead, it uses RealSense cameras to map the actual physical world you're in while wearing the HMD. The RealSense cameras also allow the device to bring real-world objects into the virtual world, or vice versa. The cameras and sensors used in Project Alloy offer full depth sensing, so obstacles can be mapped, and people and objects within camera range -- like your hand, for example -- can be brought into the virtual world and accurately tracked. During a live, on-stage demo performed by Intel's Craig Raymond, Craig's hand was tracked and all five digits, complete with accurate bones and joint locations, were brought into the the VR/AR experience. Project Alloy will be supported by Microsoft's Windows Holographics Shell framework.
Businesses

Twitch Acquires Curse, Its Sites, Tools For Gamers, and Databases (venturebeat.com) 25

An anonymous reader writes from a report via VentureBeat: The Amazon-owned, game-streaming site Twitch has announced today that it has acquired Curse, a company that creates programs like voice clients, databases, and mod managers for PC games for some 30 million users. Twitch did not disclose how much they paid for Curse. VentureBeat reports: "Twitch has more than 100 million users a month, and it has helped to popularize new trends gaming like esports and the rise of influencers and personalities who create fanbases that watch them (and donate money to them) while they play. Curse has over 30 million users a month across its website, social media channels, and desktop applications. The company hosts popular websites for hit PC games like Hearthpwn for Hearthstone: Heroes of Warcraft and MMO Champion for World of Warcraft. Outside of its site, Twitch hasn't made many services for gamers. It could use this acquisition to extend a reach into that field."
Security

Windows UAC Bypass Permits Code Execution (threatpost.com) 79

msm1267 writes from a report via Threatpost: A Windows UAC bypass has been publicly disclosed that not only bypasses the security feature meant to prevent unauthorized installs, but can be used to run code on compromised machines without leaving a trace on the hard disk. The bypass relies on Event Viewer (eventvwr.exe), a native Windows feature used to view event logs locally or remotely. Researcher Matt Nelson said he figured out a way to use eventvwr to hijack a registry process, start Powershell and execute commands on Windows machines; he collaborated with fellow researcher Matt Graeber on a proof-of-concept exploit, which was tested against Windows 7 and 10. A report published today by Nelson said it would work against any version of the OS that implements UAC. An attacker would already need to be on the machine to use this technique, Nelson said. The attack allows an admin user to execute code in a high-integrity context without requiring the user to approve the administrative action via the UAC pop-up. Microsoft, the researcher said, does not consider UAC bypasses a security boundary worthy of a bulletin and patch. It's unclear how Microsoft will address this issue.
Intel

Intel's Joule is Its Most Powerful Dev Kit Yet (engadget.com) 55

Devindra Hardawar, writing for Engadget: We've seen plenty of unique dev kits from Intel, including the SD card-sized Edison, but not one as powerful as this. Intel announced Joule today, a tiny maker board that will allow developers to test RealSense-powered concepts and, hopefully, bring the to the market faster than before. The company says the tiny, low-powered Joule would be ideal for testing concepts in robotics, AR, VR, industrial IoT and a slew of other industries. And it also looks like it could be an interesting way for students to dabble in RealSense's depth-sensing technology in schools. There will be two Joule kits to choose from: the 550x, which includes a 1.5GHz quad-core Atom T5500 processor, 3GB of RAM and 8GB of storage; and the 570x, which packs in a 1.7Ghz quad-core Atom T5700 CPU (with burst speeds up to 2.4GHz), 4GB of RAM and 16GB of storage. Both models include "laptop-class" 802.11AC wireless, Intel graphics with 4K capture and display support, and a Linux-based OS.
Bug

FalseCONNECT Vulnerability Affects Software From Apple, Microsoft, Oracle, More (softpedia.com) 32

An anonymous reader writes from a report via Softpedia: "Researcher Jerry Decime revealed details about a security vulnerability that allows an attacker to gain a Man-in-the-Middle position and intercept HTTPS traffic thanks to flaws in the implementation of proxy authentication procedures in various products," reports Softpedia. The flaw can be used to collect user credentials by tricking victims into re-authenticating, sending data to a third-party. Multiple software vendors deploy applications that can handle proxy connections. Until now, Apple, Microsoft, Oracle, and Opera have acknowledged their products are affected. Lenovo said this bug does not impact its software. Other software vendors that are still evaluating the FalseCONNECT bug and may be affected include multiple Linux distros, Cisco, Google, HP, IBM, Juniper, Mozilla, Nokia, OpenBSD, SAP, Sony, and others.
Programming

Ask Slashdot: What Are Some Bad Programming Ideas That Work? (infoworld.com) 674

snydeq writes: Cheaper, faster, better side effects -- sometimes a bad idea in programming is better than just good enough, writes InfoWorld's Peter Wayner: "Some ideas, schemes, or architectures may truly stink, but they may also be the best choice for your project. They may be cheaper or faster, or maybe it's too hard to do things the right way. In other words, sometimes bad is simply good enough. There are also occasions when a bad idea comes with a silver lining. It may not be the best approach, but it has such good side-effects that it's the way to go. If we're stuck going down a suboptimal path to programming hell, we might as well make the most of whatever gems may be buried there." What bad programming ideas have you found useful enough to make work in your projects? Don't be shy or ashamed, we all want to hear your responses!
Australia

Internal 'Set Of Blunders' Crashed Australia's Census Site (cso.com.au) 92

Slashdot reader River Tam explains the crash of Australia's online census site, citing the account of a security researcher who says IBM and the Australian Bureau of Statistics "were offered DDoS prevention services from their upstream provider...and said they didn't need it." From an article on CSO: The ABS and IBM gambled on a plan to ask its upstream network provider to block traffic from outside Australia in the event that a denial-of-service attack was detected... Offshore traffic to the site was blocked in line with the plan, however, another attack, for which the ABS had no contingency to repel, was directed at it from within Australia. The attack crippled the firewall and the census site's operators opted to restart it and fall back to a secondary firewall. However, they forgot to check that it had the same configuration as the primary firewall. That crippled the census site.

In an unfortunate confluence of events, IBM's security warning systems started flagging some unusual activity, which indicated that information on the ABS servers was heading offshore. The site's operators, thinking the DDoS activity was a distraction, interpreted the alarms as a successful hack...these were little more than benign system logs and the technical staff monitoring the situation poorly understood it. Amid the confusion they naturally erred on the side of caution, [and] decided to pull the plug on the site...

Education

Billionaire Launches Free Code College in California (arstechnica.com) 187

Xavier Niel is the billionaire founder of France's second-largest ISP. In February he bought a former campus from DeVry University, and tried building something better. Slashdot reader bheerssen writes: 42 US is a free coding school near Facebook's headquarters in Fremont, California. The courses are boot camp like experiences that do not offer traditional degrees, but hope to provide programming skills and experience to students for free.
Ars Technica calls it "a radical education experiment" -- even the dorms are free -- and the school's COO describes their ambition to become a place "where individuals from all different kinds of backgrounds, all different kinds of financial backgrounds, can come and have access to this kind of education so that then we can have new kinds of ideas." Students between the ages of 18 and 30 are screened through an online logic test, according to the article, then tossed into a month-long "sink or swim" program that begins with C. "Students spend 12 or more hours per day, six to seven days per week. If they do well, students are invited back to a three- to five-year program with increasing levels of specialty."
AI

Has The NSF Automated Coding with ExCAPE? (adtmag.com) 140

The National Science Foundation is developing a way to create working code using "automated program synthesis," a new technology called ExCAPE "that provides human operators with automated assistance.... By removing the need for would-be programmers to learn esoteric programming languages, the method has the potential to significantly expand the number of people engaged in programming in a variety of disciplines, from personalized education to robotics." Rajeev Alur, who leads a team of researchers from America's nine top computer science programs, says that currently software development "remains a tedious and error-prone activity." Slashdot reader the_insult_dog writes: While its lofty goals of broadly remaking the art of programming might not be realized, the research has already made some advances and resulted in several tools already in use in areas such as commercial software production and education...
For example, the NSF created a new tool (which they've recently patented) called NetEgg, which generates code for controlling software-defined networks, as well as Automata Tutor and AutoProf, which provide automated feedback to computer science students.
Transportation

One In Five Vehicle Software Vulnerabilities Are 'Hair On Fire' Critical (securityledger.com) 85

Long-time Slashdot reader chicksdaddy quotes a report from Security Ledger: One of every five software vulnerabilities discovered in vehicles in the last three years are rated "critical" and are unlikely to be resolved through after the fact security fixes, according to an analysis by the firm IOActive. "These are the high priority 'hair on fire' vulnerabilities that are easily discovered and exploited and can cause major impacts to the system or component," the firm said in its report...

The bulk of vulnerabilities that were identified stemmed from a failure by automakers and suppliers to follow security best practices including designing in security or applying secure development lifecycle (SDL) practices to software creation... The result is that vehicle cybersecurity vulnerabilities are not solvable using "bolt-on" solutions, IOActive concluded...

The article argues we're years away from standards or regulations, while describing auto-makers as "wedded to the notion that keeping the details of their systems secret will ensure security."
Microsoft

Microsoft's Bill Gates Is Richest Tech Billionaire With $78 Billion Fortune (gulfnews.com) 102

An anonymous reader quotes a report from GulfNews: The "100 Richest Tech Billionaires In The World 2016" list has been topped by Microsoft founder Bill Gates with an estimated fortune of $78 billion. The titans on Forbes' second annual list of the world's richest in technology are worth a combined $892 billion, six percent more than a year ago. Just over half of the 100 richest in tech are from the U.S., including eight of the top 10 richest on the list. Forbes said the second richest person in tech Amazon founder and CEO Jeff Bezos is also the biggest gainer on the list this year and has an estimated $66.2 billion fortune, an increase of $18.4 billion since this list was released last year. That puts him ahead of Oracle chairman Larry Ellison, who comes in on the fourth spot. Ellison was also beaten by Facebook founder and CEO Mark Zuckerberg, who climbed from fourth to third place thanks to a 30 percent jump in the value of Facebook's stock; he is now also California's richest person, another title that previously belonged to Ellison.
Databases

Linux Trojan Mines For Cryptocurrency Using Misconfigured Redis Servers (softpedia.com) 62

An anonymous reader writes: In another installment of "Linux has malware too," security researchers have discovered a new trojan that targets Linux servers running Redis, where the trojan installs a cryptocurrency miner. The odd fact about this trojan is that it includes a wormable feature that allows it to spread on its own. The trojan, named Linux.Lady, will look for Redis servers that don't have an admin account password, access the database, and then download itself on the new target. The trojan mines for the Monero crypto-currency, the same one used by another worm called PhotoMiner, which targets vulnerable FTP servers. According to a recent Risk Based Security report from last month, there are over 30,000 Redis servers available online without a password, of which 6,000 have already been compromised by various threat actors.
IT

IFTTT Enables 3rd-Party Devs To Integrate the Service Into their Products (techhive.com) 18

IFTTT (short for If this then that) has made a name for itself as a platform for people to easily automate tasks between various apps. The company announced on Wednesday that it is now allowing developing partners to embed those IFTTT recipes directly in their own third-party apps. TechHive adds: This should enable IFTTT to expand its user base beyond the 1.4 million enthusiasts who are already using the service. Smart-home device users who own products such as the Ring video doorbell, LIFX smart bulbs, the Foobot indoor air monitor, and the Garagio smart garage-door operator will gain the capability to use IFTTT recipes directly from their product's apps starting Wednesday. You'll still need to sign up for an IFTTT account if you don't have one, but you'll be able to do that without leaving the third-party device's app. "It lets them tell the story now," said CEO Linden Tibbett. "A good analogy is to think of how PayPal handles payment... We want to be that standard for asking and granting access from one service to another."
Earth

6 Million Americans Exposed To High Levels of Chemicals In Drinking Water, Says Study (businessinsider.com) 166

An anonymous reader quotes a report from Business Insider: A new study out Tuesday in the journal Environmental Science and Technology Letters looked at a national database that monitors chemical levels in drinking water and found that 6 million people were being exposed to levels of a certain chemical that exceed what the Environmental Protection Agency considers healthy. The chemicals, known as poly- and perfluoroalkyl substances, or PFASs, are synthetic and resistant to water and oil, which is why they're used in things like pizza boxes and firefighting foam. They're built to withstand the environment. But PFASs also accumulate in people and animals and have been observationally linked to an increased risk of health problems including cancer. And they can't be easily avoided, like with a water filter, for example. You can view the chart to see the tested areas of the U.S. where PFASs exceed 70 ng/L, which is what's considered a healthy lifetime exposure.

Slashdot Top Deals