Android

Android O Is Officially Launching August 21 (techcrunch.com) 67

Android O is set to arrive on August 21, with a livestreamed unveiling event timed for 2:40 PM ET in NYC -- which is roughly when the maximum solar eclipse is set to occur for New York. TechCrunch reports: Android O will get a full reveal at that time, which seems like kind of a weird time to do it since a lot of people will be watching the NASA eclipse livestream that Google is also promoting, or staring at the sky (with the caveat, hopefully, that they have procured proper glasses for safe viewing). Google says that Android O will have some "super (sweet) new powers," most of which we know all about thanks to pre-release builds and the Android O teaser Google provided at its annual I/O developer event this past May. WE know, for instance, that the notification panel has been changed significantly, and there's new optimization software to improve battery life on all devices. While Android O's name has yet to be confirmed, the official consumer name is speculated to be "Oreo." Prolific leaker Evan Blass posted a picture of an Oreo to Twitter on Friday following the announcement of the reveal date and event.
Android

The Verge's Essential Phone Review: An Arcane Artifact From an Unrealized Future (theverge.com) 50

An anonymous reader shares Dieter Bohn's review of the Essential Phone: Even though it was announced less than three months ago at the Code Conference, there's already enough mythology surrounding the Essential Phone to fill a book. It comes from a brand-new billion-dollar startup led by the person who helped create Android itself, Andy Rubin. That origin binds it up with the history of all smartphones in a way that doesn't usually apply to your run-of-the-mill device. The phone was also delayed a bit, a sign that this tiny company hasn't yet quite figured out how to punch above its weight class -- which it's certainly trying to do. Although it runs standard Android, it's meant to act as a vanguard for Essential's new ecosystem of smart home devices and services connected by the mysterious Ambient OS. Even if we trust that Rubin's futuristic vision for a connected home will come to pass, it's not going to happen overnight. Instead, all we really have right now is that future's harbinger, a well-designed Android phone that I've been testing for the past week. Available unlocked or at Sprint, the $699 Essential Phone is an ambitious device. It has a unique way to connect modular accessories, starting with a 360-degree camera. It has a bold take on how to make a big, edge-to-edge screen paired with top-flight materials such as ceramic and titanium. And it has a dual camera system that is meant to compete with other flagship devices without adding any thickness to the phone. That would be a lot for even a massive company like Samsung or Apple to try to do with a single phone. For a tiny company like Essential, the question is simply this: is it trying to do too much? In conclusion, Bohn writes: "The Essential Phone is doing so much right: elegant design, big screen, long battery life, and clean software. And on top of all that, it has ambitions to do even more with those modules. If you asked Android users what they wanted in the abstract, I suspect a great many of them would describe this exact device. But while the camera is pretty good, it doesn't live up to the high bar the rest of the phone market has set. Sometimes artifacts are better to behold than they are to use."
Privacy

Info on 1.8M Chicago Voters Was Publicly Accessible, But Now Removed From Cloud Service (chicagotribune.com) 27

A file containing the names, addresses, dates of birth and other information about Chicago's 1.8 million registered voters was published online and publicly accessible for an unknown period of time, the Chicago Board of Election Commissioners said this week. From a report: The acknowledgment came days after a data security researcher alerted officials to the existence of the unsecured files. The researcher found the files while conducting a search of items uploaded to Amazon Web Services, a cloud system that allows users to rent storage space and share files with certain people or the general public. The files had been uploaded by Election Systems & Software, a contractor that helps maintain Chicago's electronic poll books. Election Systems said in a statement that the files "did not include any ballot information or vote totals and were not in any way connected to Chicago's voting or tabulation systems." The company said it had "promptly secured" the files on Saturday evening and had launched "a full investigation, with the assistance of a third-party firm, to perform thorough forensic analyses of the AWS server." State and local officials were notified of the existence of the files Saturday by cybersecurity expert Chris Vickery, who works at the Mountain View, Calif. firm UpGuard.
Security

Secret Chips in Replacement Parts Can Completely Hijack Your Phone's Security (arstechnica.com) 62

Dan Goodin, writing for ArsTechnica: People with cracked touch screens or similar smartphone maladies have a new headache to consider: the possibility the replacement parts installed by repair shops contain secret hardware that completely hijacks the security of the device. The concern arises from research that shows how replacement screens -- one put into a Huawei Nexus 6P and the other into an LG G Pad 7.0 -- can be used to surreptitiously log keyboard input and patterns, install malicious apps, and take pictures and e-mail them to the attacker. The booby-trapped screens also exploited operating system vulnerabilities that bypassed key security protections built into the phones. The malicious parts cost less than $10 and could easily be mass-produced. Most chilling of all, to most people, the booby-trapped parts could be indistinguishable from legitimate ones, a trait that could leave many service technicians unaware of the maliciousness. There would be no sign of tampering unless someone with a background in hardware disassembled the repaired phone and inspected it. The research, in a paper presented this week (PDF) at the 2017 Usenix Workshop on Offensive Technologies, highlights an often overlooked disparity in smartphone security. The software drivers included in both the iOS and Android operating systems are closely guarded by the device manufacturers, and therefore exist within a "trust boundary."
Google

Google Researchers Made An Algorithm To Delete Watermarks From Photos (venturebeat.com) 61

"Researchers at Google have found a vulnerability in the way watermarks are used by stock imagery sites like Adobe Stock that makes it possible to remove the opaque stamp used to protect copyright," writes Khari Johnson via VentureBeat. "The consistent nature in which the watermarks are placed on photos can be exploited using an algorithm trained to recognize and automatically remove watermarks." From the report: Changing the position or opacity of a watermark do not impact the algorithm's ability to remove watermarks from images with copyright protection. Randomization, the researchers say, is required to keep images from being stolen. In results presented at the Computer Vision and Pattern Recognition conference last month, subtle modifications to each watermark can make it harder to remove watermarks. With these warped watermarks, attempts to get rid of watermarks with an algorithm or photo editing software leaves noticeable marks, rendering an image useless. "As often done with vulnerabilities discovered in operating systems, applications or protocols, we want to disclose this vulnerability and propose solutions in order to help the photography and stock image communities adapt and better protect its copyrighted content and creations," research scientists Tali Dekel and Michael Rubenstein wrote in a blog post today. "From our experiments much of the world's stock imagery is currently susceptible to this circumvention." You can learn more about the different types of randomization that can be done to combat watermark removal and see more example images in Google's blog post. The full report and research is available via the project's GitHub page.
Operating Systems

PlayStation 4 Update 5.0 Officially Revealed (gamespot.com) 33

After the PlayStation 4's 5.0 update was leaked last week, Sony decided to officially reveal what's coming in the update. GameSpot highlights the new features in their report: Some of the enhancements center around streaming using the PS4's built-in broadcasting capabilities. PS4 Pro users will be able to stream in 1080p and 60 FPS, provided their connection is strong enough, and PSVR users will be able to see new messages and comments coming through while broadcasting. PSVR is also adding 5.1ch and 7.1ch virtual surround sound support. Next up, the PS4's Friends List is being updated with greater management tools, such as the ability to set up separate lists of friends. You'll be able to create a list of all the people you play Destiny with and send them all an invite, for example. This feature replaces the old Favorite Groups tab. In another move to help reduce the amount of time spent in menus, the Quick Menu is being updated to have more options. For example, you'll be able to check on download progress and see new party invites. You can also leave a party from within that menu and see your current Spotify playlist. Notifications are also being improved when watching films and TV, as you can now disable message and other notification pop-ups while watching media. You can also change how much of a message is displayed, as well as its color, when playing or watching any form of content.

Finally, Parental Control features are being overhauled in favor of what Sony calls "Family on PSN." This replaces the old Master/Sub account system; instead, one user is deemed the Family Manager, and they can set up other accounts and appoint them as a Parent/Guardian, Adult, or Child. Parents or Guardians can restrict Child accounts in their "use of online features and communication with other players, set restrictions for games, restrict the use of the internet browser, and set spending limits for PlayStation Store." Note that Sony says the first time any North American user tries to set up an Adult account, they will be charged $0.50 "to verify that you are an adult."

Education

Chatbot Helps Students Choose Courses (bbc.com) 20

An anonymous reader shares a report: Leeds Beckett University has launched a chatbot to help prospective students find the right course. It follows the publication of A-level results in England, Wales and Northern Ireland. Using Facebook Messenger's chatbot technology, students would be able to "assess their suitability" for different courses, the university said. But if they would prefer to speak to a human, "phone lines will continue to be open throughout the clearing process." The university's head of digital experience and engagement, Dougal Scaife, said: "We know that our prospective students already use lots of messaging software for communicating with their friends, such as Snapchat, WhatsApp, as well as texting, so developing a chatbot was a natural evolution in order to engage with our prospective students in a medium that is ubiquitous, familiar, and comfortable for them."
Desktops (Apple)

In Defense of the Popular Framework Electron (dev.to) 132

Electron, a popular framework that allows developers to write code once and seamlessly deploy it across multiple platforms, has been a topic of conversation lately among developers and users alike. Many have criticised Electron-powered apps to be "too memory intensive." A developer, who admittedly uses a high-end computer, shares his perspective: I can speak for myself when I say Electron runs like a dream. On a typical day, I'll have about three Atom windows open, a multi-team Slack up and running, as well as actively using and debugging my own Electron-based app Standard Notes. [...] So, how does it feel to run this bloat train of death every day? Well, it feels like nothing. I don't notice it. My laptop doesn't get hot. I don't hear the fan. I experience no lags in any application. [...] But aside from how it makes end-users feel, there is an arguably more important perspective to be had: how it makes software companies feel. For context, the project I work in is an open-source cross-platform notes app that's available on most platforms, including web, Mac, Windows, Linux, iOS, and Android. All the desktop applications are based off the main web codebase, and are bundled using Electron, while the iOS and Android app use their own native codebases respectively, one in Swift and the other in Kotlin. And as a new company without a lot of resources, this setup has just barely allowed us to enter the marketplace. Three codebases is two too many codebases to maintain. Every time we make a change, we have to make it in three different places, violating the most sacred tenet of computer science of keeping it DRY. As a one-person team deploying on all these platforms, even the most minor change will take at minimum three development days, one for each codebase. This includes debugging, fixing, testing, bundling, deploying, and distributing every single codebase. This is by no means an easy task.
Google

Ask Slashdot: Female Engineers, Could You Please Share Your Thoughts On the Google Memo 685

Reader joshtops writes: The widely circulated memo written by software engineer James Damore has become the talking point across companies in Silicon Valley, and elsewhere. In an interesting take, The Economist on Tuesday argued with the scientific or otherwise assumptions made by Damore. I was wondering what female engineers -- or females in other STEM beats -- think of the memo.
Microsoft

We're Not Walking Away From Continuum, Says HP (theregister.co.uk) 44

An anonymous reader shares a report: While Windows roadmaps purportedly leaked to a blog last week appear to have a big hole in them where mobile should be, HP Inc tells us it has been assured by Redmond there are no plans to drop Continuum. HP is the sole major mobile vendor committed to the Windows Mobile Edition of Windows 10 and bet big on Continuum, the multimode "use-your-phone-as-a-PC" feature on which some of HP's ambitions rest. El Reg was impressed by HP's plans to build an ecosystem around the multi-mode capabilities of the HP Elite x3 phone, which doubles up as a PC replacement. (Or tries to.) Launching in over 50 markets, the ecosystem includes a streaming apps service HP Workplace to fill in the app gap, and even a "lap dock." HP pitched it at field workers and verticals. The only thing letting Inc-ers down was the quality of the software from Microsoft. Spring came and went without the expected improvements to Continuum. Unauthorised briefings last week suggest the Windows Mobile branch of Windows 10 is now an orphan.
Businesses

Gates Makes Largest Donation Since 2000 With $4.6 Billion Pledge (bloomberg.com) 159

From a report: Bill Gates made his largest gift since the turn of the century, giving away Microsoft shares that accounted for 5 percent of his fortune, the world's biggest. The billionaire donated 64 million of the software maker's shares valued at $4.6 billion on June 6, according to a Securities & Exchange Commission filing released Monday. While the recipient of the gift wasn't specified, Gates has made the majority of his donations to the Bill & Melinda Gates Foundation, the charity he and his wife use to direct their philanthropic efforts. It's the largest gift of Microsoft shares that Gates has made since 2000. The 61-year-old gave away $16 billion worth of Microsoft shares in 1999 and $5.1 billion a year later, according to calculations by Bloomberg.
Google

Google Hires Former Star Apple Engineer Chris Lattner For Its AI Team (bloomberg.com) 49

An anonymous reader shares a report: Chris Lattner, a legend in the world of Apple software, has joined another rival of the iPhone maker: Alphabet's Google, where he will work on artificial intelligence. Lattner announced the news on Twitter on Monday, saying he will start next week. His arrival at Mountain View, California-based Google comes after a brief stint as head of the automated driving program at Tesla, which he left in June. Lattner made a name for himself during a decade-plus career at Apple, where he created the popular programming language Swift. Lattner said he is joining Google Brain, the search giant's research unit. There he will work on a different software language: TensorFlow, Google's system designed to simplify the programming steps for AI, according to a person with knowledge of the matter.
The Courts

Researcher Who Stopped WannaCry Pleads Not Guilty to Creating Banking Malware (vice.com) 71

Lorenzo Franceschi-Bicchierai, reporting for Motherboard: Monday, the well-known security researcher who became famous after helping to stop the destructive WannaCry ransomware outbreak pleaded "not guilty" to creating software that would later become banking malware. Marcus Hutchins -- better known by his online nickname MalwareTech -- was arrested in early August in Las Vegas after the hacking conference Def Con. The US government accuses Hutchins of writing software in 2014 that would later become the banking malware Kronos. After getting out on bail and traveling to Milwaukee, he stood in front a judge on Monday for his arraignment. Prosecutors also allege he helped a still unknown co-defendant market and sell Kronos. Hutchins's lawyer Brian Klein declared in a packed courtroom in Milwaukee that Hutchins was "not guilty" of six charges related to the alleged creation and distribution of malware. Hutchins will be allowed to travel to Los Angeles, where he will live while he awaits trial. He will also be represented by Marcia Hoffman, formerly of the Electronic Frontier Foundation. Under the terms of his release, Hutchins will be tracked by GPS but will be allowed full internet access so he can continue to work as a security researcher; the only restriction is he will no longer be allowed to access the WannaCry "sinkhole" he used to stop the outbreak of ransomware.
Firefox

'See the Future Firefox Right Now' (cnet.com) 292

"Mozilla is prepping a new version of Firefox in an effort to rally in the race for browser supremacy," writes CNET's Matt Elliott, who decided to test drive a new nightly build of Firefox 57 which "promises fast speeds and a new look." An anonymous reader quotes their report: Firefox 57 has added a screenshot button in the top-right corner... It highlights different elements on a page as you mouse over them, or you can just click-and-drag the old-school way to take a screenshot of a portion of a page. Screenshots are saved within Firefox. Click the scissors button and then click the little My Shots window to open a new tab of all of your saved screenshots. From here you can download them or share them... The bookmark and Pocket buttons have been moved from the right of the URL bar to inside it, but the Page Actions button is new. Click it and you'll get a small menu to Copy URL, Email Link and Send to Device. The Page Actions menu also has bookmark and Pocket buttons, which seems redundant at first but then I realized you can remove those items from the URL bar by right-clicking them. You can't remove the new, triple-dot Page Actions button...

As with any prerelease software, Firefox Nightly 57 is meant for developers and will likely exhibit strange and unstable behavior from time to time. Also, there is no guarantee that the final release will look like what you see in the current version of Nightly. For example, I have read reports that the search box next to Firefox's URL bar may be on the chopping block. It's part of the design of the current Nightly build but I wouldn't be surprised if it gets dropped between now and November since most web users have grown accustomed to entering their search queries right in the URL bar. Just as you can with the current version of Firefox, however, you can customize which elements are displayed at the top of Firefox Nightly 57, including the search box.

ISS

SpaceX Will Deliver The First Supercomputer To The ISS (hpe.com) 98

Slashdot reader #16,185, Esther Schindler writes: "By NASA's rules, not just any computer can go into space. Their components must be radiation hardened, especially the CPUs," reports HPE Insights. "Otherwise, they tend to fail due to the effects of ionizing radiation. The customized processors undergo years of design work and then more years of testing before they are certified for spaceflight." As a result, the ISS runs the station using two sets of three Command and Control Multiplexer DeMultiplexer computers whose processors are 20MHz Intel 80386SX CPUs, right out of 1988. "The traditional way to radiation-harden a spacecraft computer is to add redundancy to its circuits or by using insulating substrates instead of the usual semiconductor wafers on chips. That's expensive and time consuming. HPE scientists believe that simply slowing down a system in adverse conditions can avoid glitches and keep the computer running."

So, assuming the August 15 SpaceX Falcon 9 rocket launch goes well, there will be a supercomputer headed into space -- using off-the-shelf hardware. Let's see if the idea pans out. "We may discover a set of parameters with which a supercomputer can successfully run for at least a year without errors," says Dr. Mark R. Fernandez, the mission's co-principal investigator for software and SGI's HPC technology officer. "Alternately, one or more components of the system will fail, in which case we will then do the typical failure analysis on Earth. That will let us learn what to change to make the systems more reliable in the future."

The article points out that the New Horizons spacecraft that just flew past Pluto has a 12MHz Mongoose-V CPU, based on the MIPS R3000 CPU. "You may remember its much faster ancestor: the chip that took you on adventures in the original Sony PlayStation, circa 1994."
Debian

OpenSource.com Test-Drives Linux Distros From 1993 To 2003 (opensource.com) 79

An anonymous reader quotes OpenSource.com: A unique trait of open source is that it's never truly EOL (End of Life). The disc images mostly remain online, and their licenses don't expire, so going back and installing an old version of Linux in a virtual machine and getting a precise picture of what progress Linux has made over the years is relatively simple... Whether you're new to Linux, or whether you're such an old hand that most of these screenshots have been more biographical than historical, it's good to be able to look back at how one of the largest open source projects in the world has developed. More importantly, it's exciting to think of where Linux is headed and how we can all be a part of that, starting now, and for years to come.
The article looks at seven distros -- Slackware 1.01 (1993), Debian 0.91 (1994), Jurix/S.u.S.E. (1996), SUSE 5.1 (1998), Red Hat 6.0 (1999), Mandrake 8.0 (2001), and Fedora 1 (2003). Click through for some of the highlights.
The Internet

'I'm a Teapot' Error Code Saved From Extinction By Public Outcry (gizmodo.com.au) 111

An anonymous reader quotes Gizmodo: An anonymous reader quotes Gizmodo: It started back in 1998 as an April Fool's Day gag. Written up by Larry Masinter of the Internet Engineering Task Force (IETF), error code 418 -- "I'm a teapot" -- was nothing more than a poke at the "many bad HTTP extensions that had been proposed". Despite its existence as a joke, a number of major software projects, including Node.js, ASP.NET and Google's Go language, implemented it as an Easter egg. A recent attempt to excise the fictitious code from these projects ended up doing the opposite, cementing it as a "reserved" error by the IETF...

Australian programmer Mark Nottingham flagged the code's removal as an "issue" for Google's Go language, the Node.js Javascript runtime and Microsoft's ASP.NET... Nottingham's argument was that 418 was "polluting [the] core protocol" of these projects... It didn't take long for a "Save 418" website to go live and through the efforts of interested internet historians (and jokers), all three of the aforementioned projects have decided to keep the code as it is, though Google will "revisit" the situation with the next major version of Go.

The Save 418 site argued that "the application of such an status code is boundless. Its utility, quite simply, is astonishingly unparalleled. It's a reminder that the underlying processes of computers are still made by humans. It'd be a real shame to see 418 go."
Oracle

Oracle Fiddles With Major Database Release Cycle Numbers (theregister.co.uk) 69

An anonymous reader shares a report: Big Red has changed its database release cycle, scrapping names that see decimal points and numbers added on for an indeterminate amount of time, instead plumping for annual releases numbered by the year. So what would have been Oracle Database 12.2.0.2 will now be Oracle Database 18; 12.2.0.3 will come out a year later, and be Oracle Database 19. The approach puts Oracle only about 20 years behind Microsoft in adopting a year-based naming convention (Microsoft still uses years to number Windows Server, even though it stopped for desktop versions when it released XP). [...] Well, Big Red will surely be using the revamp as a way to boost sales of database licences -- a crucial part of its business -- which have been in decline for two years running. In fiscal 2016, Oracle reported a 12 per cent drop in annual sales of new software licences, and its most recent results for fiscal 2017 revealed a further 5 per cent drop. And, for all that Oracle has shouted about its cloudy success of late, it isn't yet a major money-maker for the biz. New software license sales make up a quarter of overall revenue, while support for that software makes up a further 45 per cent. In part, the new numbering will be a handy marketing ploy. Rather than playing with the decimal points, a release with a new whole number could be an attempt to give the impression of agility in the face of younger, fresher competitors. Meanwhile, fewer patches and releases on each system also allows Oracle to know more quickly, and more accurately, what security features each customer has. The annual numbering system is also a very simple way of telling you your system is old.
China

China Working On 'Repression Network' Which Lets Cameras Identify Cars With Unprecedented Accuracy (thesun.co.uk) 80

schwit1 shares a report from The Sun: Researchers at a Chinese university have revealed the results of an investigation aimed at creating a "repression network" which can identify cars from "customized paintings, decorations or even scratches" rather than by scanning its number plate. A team from Peking University said the technology they have developed to perform this task could also be used to recognize the faces of human beings. Essentially, it works by learning from what it sees, allowing it to differentiate between cars (or humans) by spotting small differences between them. "The growing explosion in the use of surveillance cameras in public security highlights the importance of vehicle search from large-scale image databases," the researcher wrote. "Precise vehicle search, aiming at finding out all instances for a given query vehicle image, is a challenging task as different vehicles will look very similar to each other if they share same visual attributes." They added: "We can extend our framework [software] into wider applications like face and person retrieval [identification] as well."
Security

Scientists Create DNA-Based Exploit of a Computer System (technologyreview.com) 43

Archeron writes: It seems that scientists at University of Washington in Seattle have managed to encode malware into genomic data, allowing them to gain full access to a computer being used to analyze the data. While this may be a highly contrived attack scenario, it does ask the question whether we pay sufficient attention to data-driven exploits, especially where the data is instrument-derived. What other systems could be vulnerable to a tampered raw data source? Perhaps audio and RF analysis systems? MIT Technology Review reports: "To carry out the hack, researchers led by Tadayoshi Kohno and Luis Ceze encoded malicious software in a short stretch of DNA they purchased online. They then used it to gain 'full control' over a computer that tried to process the genetic data after it was read by a DNA sequencing machine. The researchers warn that hackers could one day use faked blood or spit samples to gain access to university computers, steal information from police forensics labs, or infect genome files shared by scientists. To make the malware, the team translated a simple computer command into a short stretch of 176 DNA letters, denoted as A, G, C, and T. After ordering copies of the DNA from a vendor for $89, they fed the strands to a sequencing machine, which read off the gene letters, storing them as binary digits, 0s and 1s. Yaniv Erlich, a geneticist and programmer who is chief scientific officer of MyHertige.com, a genealogy website, says the attack took advantage of a spill-over effect, when data that exceeds a storage buffer can be interpreted as a computer command. In this case, the command contacted a server controlled by Kohno's team, from which they took control of a computer in their lab they were using to analyze the DNA file." You can read their paper here.

Slashdot Top Deals