The long-awaited modern OS/2 distribution from Arca Noae was released Monday. martiniturbide writes: ArcaOS 5.0 is an OEM distribution of IBM's discontinued OS/2 Warp operating system. ArcaOS offers a new set of drivers for ACPI, network, USB, video and mouse to run OS/2 in newer hardware. It also includes a new OS installer and open source software like Samba, Libc libraries, SDL, Qt, Firefox and OpenOffice... It's available in two editions, Personal ($129 with an introductory price of $99 for the first 90 days [and six months of support and maintenance updates]) and Commercial ($239 with one year of support and maintenance).

The OS/2 community has been called upon to report supported hardware, open source any OS/2 software, make public as much OS/2 documentation as possible and post the important platform links. OS2World insists that open source has helped OS/2 in the past years and it is time to look under the hood to try to clone internal components like Control Program, Presentation Manager, SOM and Workplace Shell.
By Tuesday Arca Noae was reporting "excessive traffic on the server which is impacting our ordering and delivery process," though the actual downloads of the OS were unaffected, the server load issues were soon mitigated, and they thanked OS/2 enthusiasts for a "truly overwhelming response."

HandBrake team, writing on their forum: Anyone who has downloaded HandBrake on Mac between [02/May/2017 14:30 UTC] and [06/May/2017 11:00 UTC] needs to verify the SHA1 / 256 sum of the file before running it. Anyone who has installed HandBrake for Mac needs to verify their system is not infected with a Trojan. You have 50/50 chance if you've downloaded HandBrake during this period. If you see a process called "Activity_agent" in the OSX Activity Monitor application. You are infected. HandBrake is a popular, open-source video conversion tool. The team hasn't issued any advisory for Windows users.

The state of California is looking into taxing its thriving rocket industry. The Franchise Tax Board has issued a proposed regulation for public comment that would require companies that launch spacecraft to pay a tax based upon "mileage" traveled by that spacecraft from California. Ars Technica reports: The proposal says that California-based companies that launch spacecraft will have to pay a tax based upon "mileage" traveled by that spacecraft from California. (No, we're not exactly sure what this means, either). The proposed regulations were first reported by the San Francisco Chronicle, and Thomas Lo Grossman, a tax attorney at the Franchise Tax Board, told the newspaper that the rules are designed to mirror the ways taxes are levied on terrestrial transportation and logistics firms operating in California, like trucking or train companies. The tax board is seeking public input from now until June 16, when it is expected to vote on the proposed tax. The federal government already has its own taxes for commercial space companies, and until now no other state has proposed taxing commercial spaceflight. In fact most other states, including places like Florida, Texas, and Georgia, offer launch providers tax incentives to move business into their areas.

An anonymous reader shares a report: Women, blacks and Latinos are far more likely to quit jobs in tech than white or Asian men, according to a new report by the Kapor Center for Social Impact. The Oakland nonprofit commissioned an online survey by the Harris Poll, which asked 2,006 people who voluntarily left tech jobs in the past three years about why they quit. It found women were twice as likely to leave as men (alternative link), while black and Latino tech workers were 3.5 times likelier to quit than white or Asian colleagues. The most common reason they gave for their departures was workplace mistreatment.

An anonymous reader shares a report: Joseph Thomas thought he had it made when he landed a $170,000 job as a software engineer at Uber's San Francisco headquarters last year. [...] But his time at Uber turned into a personal tragedy, one that will compel the ride-hailing company to answer questions before a judge about its aggressive work culture. Always adept with computers, Joseph Thomas worked his way up the ladder at tech jobs in his native Atlanta, then at LinkedIn in Mountain View, where he was a senior site reliability engineer. He turned down an offer from Apple to go to Uber, because he felt he could grow more with the younger company and was excited about the chance to profit from stock options when it went public. But at Uber, Thomas struggled in a way he'd never experienced in over a decade in technology. He worked long hours. He told his father and his wife that he felt immense pressure and stress at work, and was scared he'd lose his job. [...] One day in late August, Zecole (the wife) came home from dropping their boys off at school. Joseph was sitting in his car in the garage. She got into the passenger seat to talk to him. Then she saw the blood. Joseph had shot himself. [...] Uber declined to comment on the legal dispute and said Thomas never complained to the company of extreme stress or racial discrimination.

An anonymous reader quotes MIT Technology Review: A group of Australian marine scientists believe that altering clouds might offer one of the best hopes for saving the Great Barrier Reef. For the last six months, researchers at the Sydney Institute of Marine Science and the University of Sydney School of Geosciences have been meeting regularly to explore the possibility of making low-lying clouds off the northeastern coast of Australia more reflective in order to cool the waters surrounding the world's biggest coral reef system...

Last year, as El Nino events cranked up ocean temperatures, at least 20% of the reef died and more than 90% of it was damaged. The Australian researchers took a hard look at a number of potential ways to preserve the reefs. But at this point, making clouds more reflective looks like the most feasible way to protect an ecosystem that stretches across more than 130,000 square miles, says Daniel Harrison, a postdoctoral research associate with the Ocean Technology Group at the University of Sydney. Cloud brightening is the only thing we've identified that's scalable, sensible, and relatively environmentally benign," he says... Next month, he plans to start computer climate modeling to explore whether cloud brightening could make a big enough temperature difference to help.
They're collaborating with Silicon Valley's Marine Cloud Brightening Project, which has spent the last seven years "developing a nozzle that they believe can spray salt particles of just the right size and quantity to alter the clouds. They're attempting to raise several million dollars to build full-scale sprayers." The article describes them as "one of several research groups that have started to explore whether cloud brightening, generally discussed as a potential tool to alter the climate as a whole, could be applied in more targeted ways."

An anonymous reader quotes Help Net Security: Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been introduced through the use of code from popular but insufficiently reviewed tutorials. The researchers identified popular tutorials by inputting search terms such as "mysql tutorial", "php search form", "javascript echo user input", etc. into Google Search. The first five results for each query were then manually reviewed and evaluated for SQLi and XSS vulnerabilities by following the Open Web Application Security Project's Guidelines. This resulted in the discovery of 9 tutorials containing vulnerable code (6 with SQLi, 3 with XSS).
The researchers then checked for the code in GitHub repositories, and concluded that "there is a substantial, if not causal, link between insecure tutorials and web application vulnerabilities." Their paper is titled "Leveraging Flawed Tutorials for Seeding Large-Scale Web Vulnerability Discovery."

"Any way you look at it, from kick-starting the Internet to launching the personal computer revolution, Bob Taylor was a key architect of our modern world," says a historian at Stanford's Silicon Valley Archives. An anonymous reader quotes the New York Times: The Internet, like many inventions, was the work of many inventors. But perhaps no one deserves more credit for that world-changing technological leap than Mr. Taylor. The seminal moment of his work came in 1966. He had just taken a new position at the Pentagon -- director of the Information Processing Techniques Office, part of the Advanced Research Projects Agency, known as Arpa -- and on his first day on the job it became immediately obvious to him what the office lacked and what it needed. At the time, Arpa was funding three separate computer research projects and using three separate computer terminals to communicate with them. Mr. Taylor said, No, we need a single computer research network, to connect each project with the others, to enable each to communicate with the others... His idea led to the Arpanet, the forerunner of the Internet.

A half-decade later, at Xerox's storied Palo Alto Research Center, Mr. Taylor was instrumental in another technological breakthrough: funding the design of the Alto computer, which is widely viewed as the forerunner of the modern personal computer. Mr. Taylor even had a vital role in the invention of the computer mouse. In 1961, at the dawn of the Space Age, he was about a year into his job as a project manager at NASA in Washington when he learned about the work of a young computer scientist at Stanford Research Institute, later called SRI International... Mr. Taylor decided to pump more money into the work, and the financial infusion led directly to Engelbart's invention of the mouse, a computer control technology that would be instrumental in the design of both Macintosh and Microsoft Windows-based computers.
Taylor had become fascinated with human-computer interactions in the 1950s during his graduate work at the University of Texas at Austin, and was "appalled" that performing data calculations required submitting his punch cards to a technician running the school's mainframe computers. Years later, it was Taylor's group at PARC that Steve Jobs visited in 1979, which inspired the "desktop" metaphor for the Macintosh's graphical user interface. And Charles Simonyi eventually left PARC to join Microsoft, where he developed the Office suite of applications.

Taylor died Thursday at his home in Woodside, California, from complications of Parkinson's disease, at the age of 85.

"Back in the days, Cisco fixed the vulnerability, but we are not sure about all other router vendors and models because there are too many of them," writes the DefenseCode team. Orome1 quotes a new report from Help Net Security: Back in January 2013, researchers from application security services firm DefenseCode unearthed a remote root access vulnerability in the default installation of some Cisco Linksys (now Belkin) routers. The flaw was actually found in Broadcom's UPnP implementation used in popular routers, and ultimately the researchers extended the list of vulnerable routers to encompass devices manufactured by the likes of ASUS, D-Link, Zyxel, US Robotics, TP-Link, Netgear, and others. Since there were millions of vulnerable devices out there, the researchers refrained from publishing the exploit they created for the flaw, but now, four years later, they've released their full research again, and this time they've also revealed the exploit. The researchers pointed out that most users don't update their router's firmware -- meaning many routers may still be vulnerable.

DeathByLlama writes: The single board computer market, broken wide-open just a few years ago by the Raspberry Pi Foundation, continues to flourish today as FriendELEC releases their $40 NanoPi K2 board. This SBC packs a 1.5 GHz 64-bit quad core Amlogic S905 processor, and paired with 2GB of DDR3 RAM and the Mali-450MP GPU, it is able to stream 4K at 60 FPS. Add in gigabit ethernet, onboard Wi-Fi, Bluetooth, IR (and a remote!), eMMC compatibility, a familiar GPIO header, and a $40 price tag, and you end up with some stiff competition for other market leaders like Hardkernel's ODROID-C2 and Raspberry Pi's flagship Pi 3. The release is clearly in early phases with Ubuntu images and house-sold eMMC modules still on their way. It's amazing to see such strong competition in this market -- and with so many sub-$100, incredibly capable SBC options, which will choose?

An anonymous reader writes: Slashdot previously covered the story of Larry Garfield, a Drupal developer who was allegedly banned from the community for his BDSM/Gorean lifestyle, after he was outed by a colleague with a grudge. Now, dozens of core Drupal developers, committers, and funders have banded together in an open letter to Dries Buytaert, the CTO of Acquia, Drupal trademark owner, and Benevolent Dictator for Life (BDFL) of the Drupal project. Among other things, they demand that Larry Garfield be reinstated, threatening to abandon the project if their demands are not met. Here's an excerpt from the letter: "If you will not fight for us and restore our faith in the professionalism of the Drupal community, then a number of us will be permanently leaving the Drupal community, ceasing all contributions to the official, Drupal-branded branch of the codebase, and ceasing participation in all Drupal communities. This is not our first choice, but we cannot and will not participate in a community that encourages abusers to totally destroy people's careers for personal or ideological reasons."

A team of scientists at Newcastle University in the UK managed to reveal a user's phone PIN code using its gyroscope data. "In one test, the team cracked a passcode with 70 percent accuracy," reports Digital Trends. "By the fifth attempt, the accuracy had gone up to 100 percent." From the report: It takes a lot of data, to be sure. The Guardian notes users had to type 50 known PINs five times before the researchers' algorithm learned how they held a phone when typing each particular number. But it highlights the danger of malicious apps that gain access to a device's sensors without requesting permission. The risk extends beyond PIN codes. In total, the team identified 25 different smartphone sensors which could expose compromising user information. Worse still, only a small number -- such as the camera and GPS -- ask the user's permission before granting access to that data. It's precise enough to track behavior. Using an "orientation" and "emotion trace" data, the researchers were able to determine what part of a web page a user was clicking on and what they were typing. The paper has been published in International Journal of Information Security.

An anonymous reader shares a report: Does your wallet contain an airline-branded credit card? If so, your daily Starbucks visits, iTunes selections and dining habits serve a critical role in keeping the U.S. airline industry fat and happy. For carriers such as American Airlines, riding Citigroup Inc. plastic, or Delta, on American Express Co., these programs are a cash cow, a golden goose -- or any other fiscal livestock you care to conjure. Each mile fetches an airline anywhere from 1.5 cents to 2.5 cents, and the big banks amass those miles by the billions (alternative source), doling them out to cardholders each month. For the banks, people who pay annual fees for those cards in order to accumulate miles are the closest thing to a sure bet. These consumers typically have higher-than-average incomes and spend more on their cards, generating merchant fees for the banks. They also tend to maintain high credit scores, which means they pay their bills on time and banks experience fewer defaults. The airline-miles business, formally known as loyalty programs, has become a high-margin enterprise that's grown in size and value amid airline consolidation, with carriers keen to expand credit card rolls and see loyalty members spend more.

"Linux and open-source software have had to contend with intellectual property legal challenges for years," writes ZDNet. "Now, Google has started a new effort to bring peace to potential Android IP sore points: PAX... a royalty-free, community-patent cross-license." PAX is starting with nine members: Google, Samsung Electronics, LG Electronics, HTC, Foxconn Technology Group, Coolpad, BQ, HMD Global, and Allview. These companies own more than 230,000 global patents. PAX's purpose is to create a "community-driven [patent] clearinghouse, developed together with our Android partners, [that] ensures that innovation and consumer choice -- not patent threats -- will continue to be key drivers of our Android ecosystem. PAX is free to join and open to anyone."
Slashdot reader Andy Updegroved writes: The question is why? The announcement and the related website are extremely brief, and although everyone is invited to get a copy of the cross license, Google reserves the right to decide first whether your motives are pure and you can keep a secret. And so far, the only members of the "PAX Community" listed are existing Google business partners. Is Google aware of some new patent tempest brewing just over the horizon, about to burst into public view? And will any other company names and logos be added to the PAX Community Web page? We'll just have to stay tuned to find out.
Andy Updegrove tells ZDNet it does involve "formal cross-licenses between participants, and therefore enforceable rights, but not an infrastructure to do more (at least insofar as one can tell from the initial announcement)."

Kagato quotes a report from St. Paul Pioneer Press: In a surprise move, the Minnesota Senate on Wednesday voted to bar internet service providers from selling their users' personal data without express written consent. The move was a reaction to a Tuesday vote in Congress to lift a ban on that practice imposed in 2016 by the Federal Communication Commission. Sen. Ron Latz, DFL-St. Louis Park, offered the amendment onto the Senate's economic development budget bill, saying it was urgently needed to protect Minnesotans' privacy after the congressional vote. Latz's amendment was challenged under Senate rules on the grounds that it would impose a cost on a state agency and thus needed to go through committee rather than be added on the floor. Republican Sen. Warren Limmer, of Maple Grove, broke with his party to overturn the Senate president's ruling and allow the internet privacy amendment to continue by a single vote. Once the amendment cleared this procedural hurdle, it was overwhelmingly added to the bill on a 66-1 vote. The lone critic, Sen. David Osmek, R-Mound, said Latz's amendment needed more study and review before being adopted. The Register reports that Illinois has also fought back against Tuesday's vote by approving two new privacy measures. "On Thursday, the state's Cybersecurity, Data Analytics and IT Committee approved two new privacy measures," reports The Register. "One would allow state residents to demand what data companies such as Comcast, Verizon, Google and Facebook is sharing about them. The other would require consent before an app can track users' locations."

An anonymous reader writes: It started with the Boston marathon bombing, four years ago. University of Washington professor Kate Starbird was sifting through thousands of tweets sent in the aftermath and noticed something strange. Too strange for a university professor to take seriously. "There was a significant volume of social-media traffic that blamed the Navy SEALs for the bombing," Starbird told me the other day in her office. "It was real tinfoil-hat stuff. So we ignored it." Same thing after the mass shooting that killed nine at Umpqua Community College in Oregon: a burst of social-media activity calling the massacre a fake, a stage play by "crisis actors" for political purposes. "After every mass shooting, dozens of them, there would be these strange clusters of activity," Starbird says. "It was so fringe we kind of laughed at it. "That was a terrible mistake. We should have been studying it." Starbird argues in a new paper, set to be presented at a computational social-science conference in May, that these "strange clusters" of wild conspiracy talk, when mapped, point to an emerging alternative media ecosystem on the web of surprising power and reach. There are dozens of conspiracy-propagating websites such as beforeitsnews.com, nodisinfo.com and veteranstoday.com. Starbird cataloged 81 of them, linked through a huge community of interest connected by shared followers on Twitter, with many of the tweets replicated by automated bots. Starbird is in the UW's Department of Human Centered Design & Engineering -- the study of the ways people and technology interact. Her team analyzed 58 million tweets sent after mass shootings during a 10-month period. They searched for terms such as "false flag" and "crisis actor," web slang meaning a shooting is not what the government or the traditional media is reporting it to be. Then she analyzed the content of each site to try to answer the question: Just what is this alternative media ecosystem saying? Starbird is publishing her paper as a sort of warning. The information networks we've built are almost perfectly designed to exploit psychological vulnerabilities to rumor. "Your brain tells you 'Hey, I got this from three different sources,'" Starbird says. "But you don't realize it all traces back to the same place, and might have even reached you via bots posing as real people. If we think of this as a virus, I wouldn't know how to vaccinate for it." The report goes on to say that "Starbird says she's concluded, provocatively, that we may be headed toward 'the menace of unreality -- which is that nobody believes anything anymore.'"

An anonymous reader shares a report: For years, Apple's App Store, the place where people download apps for games and social networking services on their iPhones, has generated far more revenue worldwide than its Android competitors. This year, things are changing: The App Store will fall second to the amount of revenue generated by Android app distributors, predicts analytics firm App Annie. In 2017, the App Store will generate $40 billion in revenue, while Android app stores run by Google and other parties will generate $41 billion, App Annie said. That gap is expected to widen in 2021, with Android app stores generating $78 billion in revenue and Apple's App Store at $60 billion in revenue, according to App Annie's report released on Wednesday. The surge in revenue for Android comes from a growing number of consumers in China who are buying Android phones and are willing to pay for apps. In 2021, App Annie expects there to be eight Android smartphone users to every single iPhone user in China.

An anonymous Slashdot reader writes: Last week the Drupal community erupted in anger after its leader, Dries Buytaert, asked Larry Garfield, a prominent Drupal contributor and long-time member of the Drupal and PHP communities, "to leave the Drupal project." Buytaert claims he did this "because it came to my attention that he holds views that are in opposition with the values of the Drupal project." A huge furor has erupted in response -- not least because the reason clearly has much to do with Garfield's unconventional sex life. [Garfield is into BDSM, and is a member of the Gorean community, "a community who are interested in, and/or participate in, elaborate sexual subjugation fantasies, in which men are inherently superior to women."] Buytaert made his post (which is now offline) in response after Larry went public, outing himself to public opinion. Buytaert retorted (excerpt available via TechCrunch): "when a highly-visible community member's private views become public, controversial, and disruptive for the project, I must consider the impact [...] all people are created equally. [sic] I cannot in good faith support someone who actively promotes a philosophy that is contrary to this [...] any association with Larry's belief system is inconsistent with our project's goals [...] I recused myself from the Drupal Association's decision [to dismiss Garfield from his conference role] [...] Many have rightfully stated that I haven't made a clear case for the decision [...] I did not make the decision based on the information or beliefs conveyed in Larry's blog post." TechCrunch columnist Jon Evans goes on to "unpack" the questions that naturally arise from these "Code of Conduct conflicts."

Two major style manuals are now allowing the singular use of "they" in certain circumstances. While this is a victory for common sense, the paths taken are unusual in the evolution of usage. From a report on Columbia Journal Review: Both manuals, the Associated Press Stylebook and the Chicago Manual of Style, emphasize that "they" cannot be used with abandon. Even so, it's the middle of the end for the insistence that "they" can be only a plural pronoun. To recap: In English, there is no gender-neutral pronoun for a single person. In French, for example, the pronoun on can stand in for "he" or "she." English has no such equivalent; "it" is our singular pronoun, so devoid of gender that calling a person "it" is often considered insulting. We could use "one," but that is a very impersonal pronoun. Consider this sentence, for instance. "Everyone needs to be sure to tighten ____ safety belt before approaching the cliff." The article adds: For hundreds of years, anyone writing formally would default to "he." Advances in women's rights led to the clumsy "he or she." Many writers alternate "he" or "she." This twisting and turning is because what's known as "the epicene they" has been considered incorrect. [...] But that's not the "they" the style guides have let loose. Simply, the singular "they" will be allowed if someone prefers that pronoun.

An anonymous reader writes: Commuters in Singapore might soon be able to ride a flying taxi home at the end of the day," writes the New York Post. "The country's Minister of Transport is in negotiations with tech companies to start trials on taxi drones that can pick up passengers, says a story by Singapore's Business Times. The driverless pods, which resemble the speeding hover bikes in Return of the Jedi, would stop for passengers based on an 'e-hail' similar to what Uber uses, the report says." Flying taxis have already been prototyped, including the Hoversurf Scorpion and the Volocopter VC200, while Dubai plans to begin testing Ehang 184 self-driving flying taxi drones in July.

Though Singapore is a small country with a relatively small workforce, the head of their ministry of transportation "noted the availability and affordability of data and the rise of artificial intelligence are already upending the transport sector globally," reports the Singapore Business Times. To that end, Singapore is also considering on-demand buses that optimize their routes, but also driverless buses. "It has signed a partnership agreement with a party to build and put such buses through a trial, and will be signing another agreement quite soon."