Open Source

CFQ In Linux Gets BFQ Characteristics 55

jones_supa writes: Paolo Valente from University of Modena has submitted a Linux kernel patchset which replaces CFQ (Completely Fair Queueing) I/O scheduler with the last version of BFQ (Budget Fair Queuing, a proportional-share scheduler). This patchset first brings CFQ back to its state at the time when BFQ was forked from CFQ. Paolo explains: "Basically, this reduces CFQ to its engine, by removing every heuristic and improvement that has nothing to do with any heuristic or improvement in BFQ, and every heuristic and improvement whose goal is achieved in a different way in BFQ. Then, the second part of the patchset starts by replacing CFQ's engine with BFQ's engine, and goes on by adding current BFQ improvements and extra heuristics." He provides a link to the thread in which it is agreed on this idea, and a direct link to the e-mail describing the steps.
Bug

Have Your iPhone 6 Repaired, Only To Get It Bricked By Apple (theguardian.com) 326

New submitter Nemosoft Unv. writes: In case you had a problem with the fingerprint sensor or some other small defect on your iPhone 6 and had it repaired by a non-official (read: cheaper) shop, you may be in for a nasty surprise: error 53. What happens is that during an OS update or re-install the software checks the internal hardware and if it detects a non-Apple component, it will display an error 53 and brick your phone. Any photos or other data held on the handset is lost – and irretrievable. Thousands of people have flocked to forums to express their dismay at this. What's more insiduous is that the error may only appear weeks or months after the repair. Incredibly, Apple says this cannot be fixed by any hard- or software update, while it is clearly their software that causes the problem in the first place. And then you thought FTDI was being nasty ...
Security

Anti-Malware Maker Files Lawsuit Over Bad Review (csoonline.com) 146

itwbennett writes: In a lawsuit filed January 8, 2016, Enigma Software, maker of anti-malware software SpyHunter, accuses self-help portal Bleeping Computer of making 'false, disparaging, and defamatory statements.' At issue: a bad review posted by a user in September, 2014. The lawsuit also accuses Bleeping Computer of profiting from driving traffic to competitor Malwarebytes via affiliate links: 'Bleeping has a direct financial interest in driving traffic and sales to Malwarebytes and driving traffic and sales away from ESG.' Perhaps not helping matters, one of the first donations to a fund set up by Bleeping Computer to help with legal costs came from Malwarebytes.
Piracy

Torrents Time Lets Anyone Launch Their Own Web Version of Popcorn Time 130

An anonymous reader writes: Popcorn Time, an app for streaming video torrents, just got its own web version: Popcorn Time Online. Unlike other attempts to bring Popcorn Time into the browser, this one is powered by a tool called Torrents Time, which delivers the movies and TV shows via an embedded torrent client. Oh, and the developers have released the code so that anyone can create their own version. If Popcorn Time is Hollywood's worst nightmare, Torrents Time is trying to make sure Hollywood can't wake up.
Microsoft

Microsoft To Acquire SwiftKey Predictive Keyboard Technology Company For $250M (hothardware.com) 114

MojoKid writes: SwiftKey has been one of the more popular predictive keyboard offerings in the mobile space since it was first released in beta form on the Android market back in 2010. What made SwiftKey so appealing was its intelligent predictive texting technology. SwiftKey isn't a simple keyboard replacement. Rather, the software uses a combination of artificial intelligence technologies that give it the ability to learn usage patterns and predict the next word the user most likely intends to type. SwiftKey refines its predictions, learning over time by analyzing data from SMS, Facebook, and Twitter messages, then offering predictions based on the text being entered at the time. It is estimated that SwiftKey is installed on upwards of 500 million mobile devices. According to reports, Microsoft is apparently buying the UK-based company for a cool $250 Million. What Microsoft intends to do with SwiftKey is not clear just yet, but the company has been purchasing mobile apps at a good clip as of late.
Communications

Big Satellite Systems, Simulated On Your Desktop (sf.net) 44

An anonymous reader writes: Big systems of hundreds of satellites are under development to provide wireless Internet globally, with Richard Branson's OneWeb and Thales' LeoSat aiming at consumers and business markets respectively. It's like reliving the late 1990s, when Bill Gates' Teledesic and Motorola's Celestri were trying to do the same thing before merging their efforts and then giving up. And now you can simulate OneWeb and LeoSat for yourself, and compare them to older systems, in the new release of the vintage SaVi satellite simulation package, which was created in the 1990s during the first time around. Bear in mind Karl Marx's dictum of history: the first time is tragedy, and the second time is farce. Do these new systems stand a chance?
Operating Systems

GNU Hurd Begins Supporting Sound, Still Working On 64-bit & USB Support (phoronix.com) 312

An anonymous reader writes: GNU developer Samuel Thibault presented at this weekend's FOSDEM conference about the current state of GNU Hurd. He shared that over the past year they've started working on experimental sound support as their big new feature. They also have x86 64-bit support to the point that the kernel can boot, but not much beyond that stage yet. USB and other functionality remains a work-in-progress. Those curious about this GNU kernel project can find more details via the presentation media.
Security

NSA Hacker Chief Explains How To Keep Him Out of Your System (wired.com) 70

An anonymous reader writes: Rob Joyce, the nation's hacker-in-chief, took up the ironic task of telling a roomful of computer security professionals and academics how to keep people like him and his elite corps out of their systems. Joyce himself did little to shine a light on the TAO's classified operations. His talk was mostly a compendium of best security practices. But he did drop a few of the not-so-secret secrets of the NSA's success, with many people responding to his comments on Twitter.
Communications

U.S. Forces Viewed Encrypted Israeli Drone Feeds (theintercept.com) 49

iceco2 links to The Intercept's report that the U.S. and UK intelligence forces have been (or at least were) intercepting positional data as well as imagery from Israeli drones and fighters, through a joint program dubbed "Anarchist," based on the island of Cyprus. Among the captured images that the Intercept has published, based on data provided by Edward Snowden, are ones that appear to show weaponized drones, something that the U.S. military is well-known for using, but that the IDF does not publicly acknowledge as part of its own arsenal. Notes iceco2: U.S. spying on allies is nothing new. It is surprising to see the ease with which encrypted Israeli communications were intercepted. As always, it wasn't the crypto which was broken -- just the lousy method it was applied. Ars Technica explains that open-source software, including ImageMagick was central to the analysis of the captured data.
Open Source

Linux Kernel 2.6.32 LTS Reaches End of Life In February 2016 (softpedia.com) 116

An anonymous reader writes: The oldest long-term supported Linux kernel branch finally reaches end of life next month, but before going into the deepest darkest corners of the Internet, it just dropped one more maintenance release, Linux kernel 2.6.32.70 LTS. Willy Tarreau dropped the news about the release of Linux kernel 2.6.32.70 LTS on January 29, 2016, informing all us that this will most likely be the last maintenance release in the series, as starting with February 2016 it will no longer be supported with security patches and bugfixes. Linux 2.6 first came out in December, 2003, and 2.6.16 (the first long-term release) in March 2006.
GUI

Project Neon Will Bring Users Up-to-Date KDE Packages (cio.com) 42

sfcrazy writes: [Kubuntu founder Jonathan Riddell] is going to announce a new project at FOSDEM that brings the KDE experience to users. There is Fedora that offers latest from Gnome, but there is no such distro that offers the same level of integration with KDE software; yes, there is openSUSE but it offers KDE as an option. So Kubuntu based KDE Neon is a project to give KDE users and contributors a way to get KDE's desktop software while it's still fresh. It'll be providing packages of the latest KDE software so users can install it and stay up to date on a stable base.
Bug

Sensitive Information Can Be Revealed From Tor Hidden Services On Apache (dailydot.com) 37

Patrick O'Neill writes: A common configuration mistake in Apache, the most popular Web server software in the world, can allow anyone to look behind the curtains on a hidden server to see everything from total traffic to active HTTP requests. When an hidden service reveals the HTTP requests, it's revealing every file—a Web page, picture, movie, .zip, anything at all—that's fetched by the server. Tor's developers were aware of the issue as early as last year but decided against sending out an advisory. The problem is common enough that even Tor's own developers have made the exact same mistake. Until October 2015, the machine that welcomed new users to the Tor network and checked if they were running up-to-date software allowed anyone to look at total traffic and watch all the requests.
IOS

iOS App Update Technique Puts Users At Risk (csoonline.com) 67

itwbennett writes: An increasing number of iOS application developers use a technique that allows them to remotely modify the code in their apps without going through Apple's normal review process, potentially opening the door to abuse and security risks for users. An implementation of this technique, which is a variation of hot patching, comes from an open-source project called JSPatch. After adding the JSPatch engine to their application, developers can configure the app to always load JavaScript code from a remote server they control. This code is then interpreted by the JSPatch engine and converted into Objective-C. 'JSPatch is a boon to iOS developers,' security researchers from FireEye said in a blog post. 'In the right hands, it can be used to quickly and effectively deploy patches and code updates. But in a non-utopian world like ours, we need to assume that bad actors will leverage this technology for unintended purposes.'
Government

Cable Lobby Steams Up Over FCC Set-Top Box Competition Plan (arstechnica.com) 167

An anonymous reader writes: Cable TV industry lobby groups expressed their displeasure with a Federal Communications Commission plan to bring competition to the set-top box market, which could help consumers watch TV on different devices and thus avoid paying cable box rental fees.

FCC Chairman Tom Wheeler proposed new rules that would force pay-TV companies to give third parties access to TV content, letting hardware makers build better set-top boxes. Customers would be able to watch all the TV channels they're already paying cable companies for, but on a device that they don't have to rent from them. The rules could also bring TV to tablets and other devices without need for a rented set-top box. The system would essentially replace CableCard with a software-based equivalent.

Security

Attackers Use Microsoft Office To Push BlackEnergy Malware (csoonline.com) 51

itwbennett writes: Researchers at SentinelOne reverse engineered the latest variant of the BlackEnergy 3 rootkit (the same malware used in recent attacks against Ukraine's critical infrastructure) and found indicators that suggest it is being used by insiders and that it is the byproduct of a nation-sponsored campaign. 'BlackEnergy 3 exploits an Office 2013 vulnerability that was patched some time ago, so it only works if the target machine isn't patched or an employee (either deliberately or after being tricked into it) executes the malicious Excel document,' writes CSO's Steve Ragan.
Government

Satellite Failure Behind GPS Timing Anomaly (itnews.com.au) 62

Bismillah writes: The recent 13-microsecond timing anomaly was caused by a satellite failure triggering a "software issue", the USAF 50th Space Wing has confirmed. Such an error is large enough to cause navigation errors of up to 4 km. Luckily, no issues with GPS guided munition were reported. Reader donaggie03 adds a link to the official explanation from Rick Hamilton, Executive Secretariat of the Civil Global Positioning System Service Interface Committee. From Hamilton's email: Further investigation revealed an issue in the Global Positioning System ground software which only affected the time on legacy L-band signals. This change occurred when the oldest vehicle, SVN 23, was removed from the constellation. While the core navigation systems were working normally, the coordinated universal time timing signal was off by 13 microseconds which exceeded the design specifications. The issue was resolved at 6:10 a.m. MST, however global users may have experienced GPS timing issues for several hours.
Education

Ask Slashdot: Learning Robotics Without Hardware? 78

An anonymous reader writes: I live in a Third World country with a more or less open Internet access. I'm thinking of learning robotics. I can access Github and other free software repositories, and I can read or watch online tutorials in English. My only problem is that we don't really have the money to buy robotics hardware. We can afford an Arduino or Raspberry Pi board but not the mechanical attachments. So is there any chance for me to learn robotics even if I don't have the hardware? Is it possible to program a robot using pure software simulation?
Communications

OSINT Analysis of Militia Communications, Equipment and Frequencies (wordpress.com) 336

An anonymous reader writes: On January 2, 2016, the headquarters of the Malheur National Wildlife Refuge in Oregon, United States, were occupied by armed members of rump militias in one of the longest-running law enforcement standoff in American history. The Radiomasterreport blog, using publicly available information, wrote an OSINT Analysis of Militia Communications, Radio Equipment and Frequencies. The research results has astonishing conclusions: far-right patriot militas openly carrying +3000$ AR15 rifles and US military body armour also use cheap 30$ unsecure chinese Baofeng walkie talkie radios with no encryption whatsoever. Any simple ham radio operator , police scanner owner, or even some folks with a Software Defined Radio can receive those militia communications.
Education

Interview: Ask CEO Anant Agarwal About edX and the Future of Online Education 54

Anant Agarwal is a professor of Electrical Engineering and Computer Science at MIT and the CEO of edX. A massive open online course platform founded by MIT and Harvard, edX offers numerous courses on a wide variety of subjects. As of 2014 edX had more than 4 million students taking more than 500 courses online. The organization has developed open-source software called Open edX that powers edX courses and is freely available online. Mr. Agarwal has agreed to take some time out of his schedule and answer your questions about edX and the future of learning. As usual, ask as many as you'd like, but please, one question per post.
Programming

Ask Slashdot: How To Work On Source Code Without Having the Source Code? 233

occamboy writes: Perhaps the ultimate conundrum!

I've taken over a software project in an extremely specialized area that needs remediation in months, so it'll be tough to build an internal team quickly enough. The good news is that there are outside software engineering groups that have exactly the right experience and good reputations. The bad news is that my management is worried about letting source code out of the building. Seems to me that unless I convince the suits otherwise, my options are to:

1) have all contractors work on our premises — a pain for everyone, and they might not want to do it at all

2) have them remote in to virtual desktops running on our premises — much of our software is sub-millisecond-response real-time systems on headless hardware, so they'll need to at least run executables locally, and giving access to executables but not sources seems like it will have challenges. And if the desktop environment goes down, more than a dozen people are frozen waiting for a fix. Also, I'd imagine that if a remote person really wanted the sources, they could video the sources as they scrolls by.

I'll bet there are n better ways to do this, and I'm hoping that there are some smart Slashdotters who'll let me know what they are; please help!

Slashdot Top Deals