Intel

OpenBSD Releases Meltdown Patch (theregister.co.uk) 44

OpenBSD's Meltdown patch has landed, in the form of a Version 11 code update that separates user memory pages from the kernel's -- pretty much the same approach as was taken in the Linux kernel. From a report: A few days after the Meltdown/Spectre bugs emerged in January, OpenBSD's Phillip Guenther responded to user concerns with a post saying the operating system's developers were working out what to do. Now he's revealed the approach used to fix the free OS: "When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the thread's real kernel stack, then copies over the necessary bits from the trampoline stack. On return to userspace the opposite occurs: recreate the iretq frame on the trampoline stack, switch stack, switch page tables, and return to userspace." That explanation is somewhat obscure to non-developers, but there's a more readable discussion of what the project's developers had in mind from January, here.
Bug

Botched npm Update Crashes Linux Systems, Forces Users to Reinstall (bleepingcomputer.com) 253

Catalin Cimpanu, reporting for BleepingComputer: A bug in npm (Node Package Manager), the most widely used JavaScript package manager, will change ownership of crucial Linux system folders, such as /etc, /usr, /boot. Changing ownership of these files either crashes the system, various local apps, or prevents the system from booting, according to reports from users who installed npm v5.7.0. -- the buggy npm update. Users who installed this update -- mostly developers and software engineers -- will likely have to reinstall their system from scratch or restore from a previous system image.
Software

The Swype Smartphone Keyboard Is Dead 94

XDA Developers is reporting that one of the pioneers in swipe-gestures in mobile keyboard apps, Swype, is dead. Swype's owner, Nuance Communications, has confirmed that they are discontinuing Swype for Android and iOS. From the report: In a post made on Reddit earlier today, a user claims that they reached out to Nuance support with an issue and received the following message: "However, we are sad to announce that Swype+Dragon for Android has faced end of development. Here is a statement from Swype Product Team: 'Nuance will no longer be updating the Swype+Dragon keyboard for Android. We're sorry to leave the direct-to-consumer keyboard business, but this change is necessary to allow us to concentrate on developing our AI solutions for sale directly to businesses.' We hope you enjoyed using Swype, we sure enjoyed working with the Swype community."

Curious, we went looking online and discovered a Zendesk article from Nuance that announced the iOS version of the app would be discontinued as well. In order to confirm this, we also reached out to Nuance PR and they confirmed that development of Swype+Dragon for Android has indeed been discontinued.
Chrome

Chrome Extension Brings 'View Image' Button Back (9to5google.com) 80

Google recently removed the convenient "view image" button from its search results as a result of a lawsuit with stock-photo agency Getty. Thankfully, one day later, a developer created an extension that brings it back. 9to5Google reports: It's unfortunate to see that button gone, but an easy to use Chrome extension brings it back. Simply install the extension from the Chrome Web Store, and then any time you view an image on Google Image Search, you'll be able to open that source image. You can see the functionality in action in the video below. The only difference we can see with this extension versus the original functionality is that instead of opening the image on the same page, it opens it in a new tab. The extension is free, and it will work with Chrome for Windows, Mac, Chrome OS, or anywhere else the full version of Chrome can be used. 9to5Google has a separate post with step-by-step instructions to get the Google Images "view image" button back.
Software

Ask Slashdot: Could Linux Ever Become Fully Compatible With Windows and Mac Software? 356

dryriver writes: Linux has been around for a long time now. A lot of work has gone into it; it has evolved nicely and it dominates in the server space. Computer literate people with some tech skills also like to use it as their desktop OS. It's free and open source. It's not vendor-locked, full of crapware or tied to any walled garden. It's fast and efficient. But most "everyday computer users" or "casual computer buyers" still feel they have to choose either a Windows PC or an Apple device as the platform they will do their computing on. This binary choice exists largely because of very specific commercial list of programs and games available for these OSs that is not available for Linux.

Here is the question: Could Linux ever be made to become fully compatible with all Windows and Mac software? What I mean is a Linux distro that lets you successfully install/run/play just about anything significant that says "for Windows 10" or "for OSX" under Linux, without any sort of configuring or crazy emulation orgies being needed? Macs and PCs run on the exact same Intel/AMD/Nvidia hardware as Linux. Same mobos, same CPUs and GPUs, same RAM and storage devices. Could Linux ever be made to behave sufficiently like those two OSs so that a computer buyer could "go Linux" without any negative consequences like not being able to run essential Windows/Mac software at all? Or is Linux being able to behave like Windows and OSX simply not technically doable because Windows and OSX are just too damn complex to mimic successfully?
Crime

Electronics-Recycling Innovator Faces Prison For Extending Computers' Lives 288

schwit1 shares a report from Los Angeles Times: Prosecutors said 33-year-old [Eric Lundgren, an electronic-waste recycling innovator] ripped off Microsoft by manufacturing 28,000 counterfeit discs with the company's Windows operating system on them. He was convicted of conspiracy and copyright infringement, which brought a 15-month prison sentence and a $50,000 fine. In a rare move though, a federal appeals court has granted an emergency stay of the sentence, giving Lundgren another chance to make his argument that the whole thing was a misunderstanding. Lundgren does not deny that he made the discs or that he hoped to sell them. But he says this was no profit-making scheme. By his account, he just wanted to make it easier to extend the usefulness of secondhand computers -- keeping more of them out of the trash.

The case centers on "restore discs," which can be used only on computers that already have the licensed Windows software and can be downloaded free from the computer's manufacturer, in this case Dell. The discs are routinely provided to buyers of new computers to enable them to reinstall their operating systems if the computers' hardware fails or must be wiped clean. But they often are lost by the time used computers find their way to a refurbisher. Lundgren said he thought electronics companies wanted the reuse of computers to be difficult so that people would buy new ones. He thought that producing and selling restore discs to computer refurbishers -- saving them the hassle of downloading the software and burning new discs -- would encourage more secondhand sales. In his view, the new owners were entitled to the software, and this just made it easier. The government, and Microsoft, did not see it that way. Federal prosecutors in Florida obtained a 21-count indictment against Lundgren and his business partner, and Microsoft filed a letter seeking $420,000 in restitution for lost sales. Lundgren claims that the assistant U.S. attorney on the case told him, "Microsoft wants your head on a platter and I'm going to give it to them."
Microsoft

Windows 10 Compatibility Issues Forcing US Air Force To Scrap a Significant Number of Computers (betanews.com) 151

The US Department of Defense has decreed that the Air Force must complete its migration to Windows 10 by March 31 2018. From a report: Failure to do so will result in any systems not running Microsoft's latest operating system being denied access to the Air Force Network. However, because Windows 10 is not compatible with many of the Air Force's existing systems, a significant number of computers will need to be replaced in order to hit the deadline.
Windows

Windows 10 Is Adding an Ultimate Performance Mode For Pros (engadget.com) 151

An anonymous reader quotes a report from Engadget: When you're creating 3D models or otherwise running intensive tasks, you want to wring every ounce of performance out of your PC as possible. It's a good thing, then, that Microsoft has released a Windows 10 preview build in the Fast ring that includes a new Ultimate Performance mode if you're running Pro for Workstations. As the name implies, this is a step up for people for whom even the High Performance mode isn't enough -- it throws power management out the window to eliminate "micro-latencies" and boost raw speed. You can set it yourself, but PC makers will have the option of shipping systems with the feature turned on. Ultimate Performance isn't currently available for laptops or tablets, but Microsoft suggests that could change.
Debian

Best Linux Distribution (linuxjournal.com) 215

Linux Journal: We started things off with Best Linux Distribution, and nearly 10,000 readers voted. The winner was Debian, with many commenting "As for servers, Debian is still the best" or similar. One to watch that is rising in the polls is Manjaro (7 percent), which is independently based on the Arch Linux. Manjaro is a favorite for Linux newcomers and is known for its user-friendliness and accessibility. And, now for the top three LJ winners: Debian (33 percent), openSUSE (12 percent), and Fedora (11 percent).
IOS

Apple's Software 'Problem' and 'Fixing' It (learningbyshipping.com) 99

According to media reports, Apple is planning to postpone some new features for iOS and macOS this year to focus on improving reliability, stability and performance of the existing versions. Steven Sinofsky, a former President of the Windows Division, shared his insights into the significance of this development: Several important points are conflated in the broad discussion about Apple and software: Quality, pace of change, features "versus" quality, and innovation. Scanning the landscape, it is important to recognize that in total the work Apple has been doing across hardware, software, services, and even AI/ML, in total -- is breathtaking and unprecedented in scope, scale, and quality. Few companies have done so much for so long with such a high level of consistency. This all goes back to the bet on the NeXT code base and move to Intel for Mac OS plus the iPod, which began the journey to where we are today.

[...] What is lost in all of this recent discussion is the nuance between features, schedule, and quality. It is like having a discussion with a financial advisor over income, risk, and growth. You don't just show up and say you want all three and get a "sure." On the other hand, this is precisely what Apple did so reliably over 20 years. But behind the scenes there is a constant discussion over balancing these three legs of the tripod. You have to have all of them but you "can't" but you have to. This is why they get paid big $.

[...] A massive project like an OS (+h/w +cloud) is like a large investment portfolio and some things will work (in market) and others won't, some things are designed to return right away, some are safe bets, some are long term investments. And some mistakes... Customers don't care about any of that and that's ok. They just look for what they care about. Each evaluates through their own lens. Apple's brilliance is in focusing mostly on two audiences -- Send-users and developers -- tending to de-emphasize the whole "techie" crowd, even IT. When you look at a feature like FaceID and trace it backwards all the way to keychain -- see how much long term thought can go into a feature and how much good work can go unnoticed (or even "fail") for years before surfacing as a big advantage. That's a long term POV AND focus. This approach is rather unique compared to other tech companies that tend to develop new things almost independent of everything else. So new things show up and look bolted on the side of what already exists. (Sure Apple can do that to, but not usually). All the while while things are being built the team is just a dev team and trying to come up with a reliable schedule and fix bug. This is just software development.

AI

Amazon Is Designing Custom AI Chips For Alexa (theverge.com) 70

According to a report (paywalled) from The Information, Amazon is designing a custom artificial intelligence chip that would power future Echo devices and improve the quality and response time of its Alexa voice assistant. "The move closely followers rivals Apple and Google, both of which have already developed and deployed custom AI hardware at various scales," reports The Verge. From the report: While Amazon is unlikely to physically produce the chips, given its lack of both fabrication experience and a manufacturing presence in China, the news does pose a risk to the businesses of companies like Nvidia and Intel. Both companies have shifted large portions of their chipmaking expertise to AI and the future of the burgeoning field, and both make money by designing and manufacturing chips for companies like Apple, Amazon, and others. Amazon, which seeks to stay competitive in the smart home hardware market and in the realm of consumer-facing AI products, has nearly 450 people with chip expertise on staff, reports The Information, thanks to key hires and acquisitions the e-commerce giant has made in the last few years. The plan is for Amazon to develop its own AI chips so Alexa-powered products in its ever-expanding Echo line can do more on-device processing, instead of having to communicate with the cloud, a process that increases response rate times.
Bug

Skype Can't Fix a Nasty Security Bug Without a Massive Code Rewrite (zdnet.com) 151

ZDNet reports of a security flaw in Skype's updater process that "can allow an attacker to gain system-level privileges to a vulnerable computer." If the bug is exploited, it "can escalate a local unprivileged user to the full 'system' level rights -- granting them access to every corner of the operating system." What's worse is that Microsoft, which owns Skype, won't fix the flaw because it would require the updater to go through "a large code revision." Instead, Microsoft is putting all its resources on building an altogether new client. From the report: Security researcher Stefan Kanthak found that the Skype update installer could be exploited with a DLL hijacking technique, which allows an attacker to trick an application into drawing malicious code instead of the correct library. An attacker can download a malicious DLL into a user-accessible temporary folder and rename it to an existing DLL that can be modified by an unprivileged user, like UXTheme.dll. The bug works because the malicious DLL is found first when the app searches for the DLL it needs. Once installed, Skype uses its own built-in updater to keep the software up to date. When that updater runs, it uses another executable file to run the update, which is vulnerable to the hijacking. The attack reads on the clunky side, but Kanthak told ZDNet in an email that the attack could be easily weaponized. He explained, providing two command line examples, how a script or malware could remotely transfer a malicious DLL into that temporary folder.
Google

The Insane Amount of Backward Compatibility in Google Maps (tnhh.net) 73

Huan Truong, a software developer, writes in a blog post: There is always an unlikely app that consistently works on all of my devices, regardless of their OS and how old they are: Google Maps. Google Maps still works today on Android 1.0, the earliest version available (Maps actually still works with some of the beta versions before that). I believe Maps was only a prototype app in Android 1.0. If I recall correctly, Google didn't have any official real device to run Android 1.0. That was back all the way in 2007. But then, you say, Android is Google's OS for Pete's sake. How about iOS? Google Maps for iOS, version 1.0, released late 2012, still works just fine. That was the first version of Google Maps ever released as a standalone app after Apple ditched Google's map solution on iOS. But wait... there is more. There is native iOS Maps on iOS 6, which was released in early 2012, and it still works. But that's only 6 years ago. Let's go hardcore. How about Google Maps on Java phones (the dumb bricks that run Java "midlets" or whatever the ancient Greeks call it)? It works too. [...] The Palm OS didn't even have screenshot functionality. But lo and behold, Google Maps worked.
Google

Google's Next Android Overhaul Will Embrace iPhone's 'Notch' (bloomberg.com) 179

Google is working on a "dramatic redesign" of its Android operating system, Bloomberg reported on Monday. The company has stuck with a single look for its mobile operating system (OS) for quite some time now, but it's now reportedly looking at Apple for inspiration. The new version of Android -- which Bloomberg says is called "Pistachio Ice Cream" internally -- will apparently be designed with the space for a cutout at the top, much like the iPhone X and its so-called "notch." From the report: The operating system refresh, Android P, will emphasize Google's Assistant, a digital helper that competes with Apple's Siri and Amazon.com's Alexa. Developers will be able to integrate Google's voice-based technology inside of their apps. The company has also weighed integrating the search bar on the Android home screen with its assistant, although neither of these changes are finalized for introduction this year, according to one of the people familiar with the situation.
Software

'Razer Doesn't Care About Linux' (gnome.org) 377

An anonymous reader shares a blog post: Razer is a vendor that makes high-end gaming hardware, including laptops, keyboards and mice. I opened a ticket with Razor a few days ago asking them if they wanted to support the LVFS project by uploading firmware and sharing the firmware update protocol used. I offered to upstream any example code they could share under a free license, or to write the code from scratch given enough specifications to do so. This is something I've done for other vendors, and doesn't take long as most vendor firmware updaters all do the same kind of thing; there are only so many ways to send a few kb of data to USB devices. The fwupd project provides high-level code for accessing USB devices, so yet-another-update-protocol is no big deal. I explained all about the LVFS, and the benefits it provided to a userbase that is normally happy to vote using their wallet to get hardware that's supported on the OS of their choice. I just received this note on the ticket, which was escalated appropriately: "I have discussed your offer with the dedicated team and we are thankful for your enthusiasm and for your good idea. I am afraid I have also to let you know that at this moment in time our support for software is only focused on Windows and Mac." The post, written by Richard -- who has long been a maintainer of GNOME Software, PackageKit, GNOME Packagekit, points out that Razer executive Min-Liang Tan last year invited Linux enthusiasts to suggest ideas to help the company make the best notebook that supports Linux.
Android

Chinese Phone Maker Xiaomi Deletes a Public MIUI vs Android One Twitter Poll After Voting Didn't Go Its Way (betanews.com) 61

Chinese smartphone maker Xiaomi, which sells handsets at razor thin margins, is increasingly dominating in its home market and emerging places such as India and Indonesia. To make money, the company relies on a range of homegrown software features in its Android-based MIUI operating system. In a surprising move earlier this week, the company asked its Twitter followers to choose between MIUI and Android One (which runs pure Android OS). Things didn't go as it had planned. From a report: Presumably the company was rather hoping that Twitter users would vote for its own MIUI which it could then rub in Google's face -- but the poll actually went against Xiaomi. Rather than leave the results of the vote up for anyone to see, the company decided to simply delete it and pretend it never happened. Take a look at the Xiaomi account on Twitter, and you'll see no hint that any such poll has ever taken place. But over on Reddit, there's a thread which was started by someone posting a link to the poll. In the comments, one Redditor noticed after a period of voting that: "So far it's 53-47 for android one."
Software

Researchers Are Developing An Algorithm That Makes Smartphones Child-Proof (technologyreview.com) 67

An anonymous reader quotes a report from MIT Technology Review: Researchers at the University of South Carolina and China's Zhejiang University have created an algorithm that can spot whether your kid is accidentally trying to, say, order from Amazon without your knowing. There are already plenty of activity-monitoring apps that aim to control what kids do on phones, but parents need to add them and turn them on, and they could be disabled by tech-savvy children. The researchers figured that automated age-range detection would make it easier for parents to hand their phones over to curious children without worrying that the kids will stumble upon an inappropriate website or get into a work e-mail account.

The researchers built a simple app and asked a group of kids between the ages of three and 11 -- and a group of adults between 22 and 60 -- to use it. The app had participants unlock an Android phone and then play a numbers-based game on it, so that the researchers could record a variety of taps and swipes. They also tracked things like the amount of pressure applied by a user's finger and the area it encompassed. The researchers used the resulting data to train an age-detecting algorithm that they say is 84 percent accurate with just one swipe on the screen -- a figure that goes up to 97 percent after eight swipes.

Software

Ask Slashdot: What Is Missing In Tech Today? 357

dryriver writes: There is so much tech and gadget news pouring out of the internet every day that one might think "everything tech that is needed already exists." But of course, people thought precisely that at various points in human history, and then completely new tools, technologies, processes, designs, devices and innovations came along soon after and changed everything. Sometimes the opposite also happens: tech that was really good for its day and used to exist is suddenly no longer available. For example, many people miss the very usable Psion palmtop computers with their foldout QWERTY keyboards, touchscreens, and styluses; or would have liked the Commodore Amiga with its innovative custom chips and OS to continue existing and evolving; or would have liked to be able to keep using software like Softimage XSI or Adobe Director, which were suddenly discontinued.

So here is the question: what tech, in your particular profession, industry, personal area of interest, or scientific or academic field, is currently "missing?" This can be tech that is needed but does not exist yet, either hardware or software, or some kind of mechanical device or process. It could also be tech that was available in the past, but was EOL'd or "End Of Lifed" and never came back in an updated or evolved form. Bonus question: if what you feel is "missing" could quite feasibly be engineered, produced, and sold today at a profit, what do you think is the reason it isn't available?
Nintendo

Hackers Manage To Run Linux On a Nintendo Switch (techcrunch.com) 119

Romain Dillet reports via TechCrunch: Hacker group fail0verflow shared a photo of a Nintendo Switch running Debian, a distribution of Linux. The group claims that Nintendo can't fix the vulnerability with future firmware patches. According to fail0verflow, there's a flaw in the boot ROM in Nvidia's Tegra X1 system-on-a-chip. When your console starts, it reads and executes a piece of code stored in a read-only memory (hence the name ROM). This code contains instructions about the booting process. It means that the boot ROM is stored on the chip when Nvidia manufactures it and it can't be altered in any way after that. Even if Nintendo issues a software update, this software update won't affect the boot ROM. And as the console loads the boot ROM immediately after pressing the power button, there's no way to bypass it. The only way to fix it would be to manufacture new Nvidia Tegra X1 chips. So it's possible that Nintendo asks Nvidia to fix the issue so that new consoles don't have this vulnerability.
IOS

Key iPhone Source Code Gets Posted On GitHub (vice.com) 188

Jason Koebler shares a report from Motherboard: An anonymous person posted what experts say is the source code for a core component of the iPhone's operating system on GitHub, which could pave the way for hackers and security researchers to find vulnerabilities in iOS and make iPhone jailbreaks easier to achieve. The code is for "iBoot," which is the part of iOS that is responsible for ensuring a trusted boot of the operating system. It's the program that loads iOS, the very first process that runs when you turn on your iPhone. The code says it's for iOS 9, an older version of the operating system, but portions of it are likely to still be used in iOS 11. Bugs in the boot process are the most valuable ones if reported to Apple through its bounty program, which values them at a max payment of $200,000. "This is the biggest leak in history," Jonathan Levin, the author of a series of books on iOS and Mac OSX internals, told Motherboard in an online chat. "It's a huge deal." Levin, along with a second security researcher familiar with iOS, says the code appears to be the real iBoot code because it aligns with the code he reverse engineered himself.

Slashdot Top Deals