Slashdot Mirror

Apple on Wednesday announced its 2018 flagship phones: the 5.8-inch iPhone Xs and 6.5-inch iPhone Xs Max. From a report: As the direct sequel to the iPhone X, the iPhone Xs retains its predecessor's marquee features: a stainless steel frame and 5.8-inch, edge-to-edge Super Retina display, interrupted by a depth-sensing Face ID camera inside a black "notch." The new model promises the best liquid resistance in any iPhone, with a screen that's now HDR10 and Dolby Vision-certified.

As expected, Apple also introduced a larger version of the iPhone Xs called the iPhone Xs Max. While the iPhone Xs packs a 5.8-inch OLED screen into a footprint roughly the size of its former 4.7-inch iPhone 6, 6s, 7, and 8 models, the Max version includes a 6.5-inch screen within a chassis sized like the 5.5-inch-screened iPhone 6 Plus and its successors. [...]

The iPhone Xs has a 2436 by 1125 screen, while the Xs Max has a 2688 by 1242 screen, the largest ever in an iPhone. Apple's calling it "Max" because it's bigger than the iPhones' past Plus-sized displays. Apple also says that the new phones have wider stereo sound fields than before.

[...] The handsets are powered by A12 Bionic, a 6-core, 7nm CPU with 2 performance cores that deliver up to 15 percent speeds and 40 percent lower power, with 4 efficiency cores running at up to 50 percent lower power. Apple is touting a 50 percent GPU performance improvement over the A11 Bionic, as well. It also has a second-generation Neural Engine, and can process 5 trillion operations per second, up from 600 billion the year before. Both the new iPhones sport a dual-camera system:12MP wide-angle+12MP telephoto. The new iPhones can accommodate up to 512 GB of internal storage. The base models of iPhone Xs and iPhone Xs Max start at $999 and $1,099 respectively. More on this here. On the sidelines, Apple said it was inching closer to selling its two-billionth iOS device.

The company also announced the iPhone Xr, the cheapest among the three handsets announced today, that sports a 6.1-inch LCD display (instead of OLED screen) and does not offer 3D Touch functionality. Its base model starts at $749. All of these handsets go on sale later this month.

Apple on Wednesday announced its 2018 flagship phones: the 5.8-inch iPhone Xs and 6.5-inch iPhone Xs Max. From a report: As the direct sequel to the iPhone X, the iPhone Xs retains its predecessor's marquee features: a stainless steel frame and 5.8-inch, edge-to-edge Super Retina display, interrupted by a depth-sensing Face ID camera inside a black "notch." The new model promises the best liquid resistance in any iPhone, with a screen that's now HDR10 and Dolby Vision-certified.

As expected, Apple also introduced a larger version of the iPhone Xs called the iPhone Xs Max. While the iPhone Xs packs a 5.8-inch OLED screen into a footprint roughly the size of its former 4.7-inch iPhone 6, 6s, 7, and 8 models, the Max version includes a 6.5-inch screen within a chassis sized like the 5.5-inch-screened iPhone 6 Plus and its successors. [...]

The iPhone Xs has a 2436 by 1125 screen, while the Xs Max has a 2688 by 1242 screen, the largest ever in an iPhone. Apple's calling it "Max" because it's bigger than the iPhones' past Plus-sized displays. Apple also says that the new phones have wider stereo sound fields than before.

[...] The handsets are powered by A12 Bionic, a 6-core, 7nm CPU with 2 performance cores that deliver up to 15 percent speeds and 40 percent lower power, with 4 efficiency cores running at up to 50 percent lower power. Apple is touting a 50 percent GPU performance improvement over the A11 Bionic, as well. It also has a second-generation Neural Engine, and can process 5 trillion operations per second, up from 600 billion the year before. Both the new iPhones sport a dual-camera system:12MP wide-angle+12MP telephoto. The new iPhones can accommodate up to 512 GB of internal storage. The base models of iPhone Xs and iPhone Xs Max start at $999 and $1,099 respectively. More on this here. On the sidelines, Apple said it was inching closer to selling its two-billionth iOS device.

The company also announced the iPhone Xr, the cheapest among the three handsets announced today, that sports a 6.1-inch LCD display (instead of OLED screen) and does not offer 3D Touch functionality. Its base model starts at $749. All of these handsets go on sale later this month.

An anonymous reader shares a report: If you open Edge and search for "Chrome" or "Firefox" using Bing, Edge's default search engine, you'll be presented with a massive banner informing you that "Microsoft Edge is the faster, safer browser on Windows 10 and is already installed on your PC." Four boxes below then show you how Edge lets you browse longer, and faster, offers built-in protection and built-in assistance. If that doesn't stop you, then Microsoft has a new, much nastier trick up its sleeve -- when you go to install Firefox or Chrome it intercepts the action and pops up a window promoting Edge with the same line about how its browser is faster and safer. It then gives you a blue button to click to open Edge, or a grey one you can click to install the browser you actually want to use. Oh, and this window will keep appearing, unless you go into Settings and stop Windows 10 from offering you app "recommendations."
UPDATE (9/15/18): "After massive backlash by users against this move, Microsoft has finally decided to eliminate the warning message," reports Neowin.

Further reading: Creator of Opera Says Google Deliberately Undermined His New Vivaldi Web Browser.

Mark Wilson shares a report from BetaNews: Acknowledging that we are now very much in the streaming age, BitTorrent has launched the first version of Torrent Web. The aim of the browser-based tool is to make torrenting as simple as possible and -- most importantly -- support torrent streaming. It remains to be seen how many people are willing to switch from a dedicated app to a browser-based torrenting experience, but the promise that you can "play while you download, no more staring at progress bars" is certainly alluring. Files are streamable near-instantly as they download, but they are also saved locally in the way you're used to. uTorrent Web is available for Chrome, Firefox, Internet Explorer, Microsoft Edge and Opera and the release finds BitTorrent partnering with Adaware to check torrents for signs of malware, and even download torrents without having to visit websites. Warning: the installer includes (optional) bundleware in the form of Adaware Internet Security and the Opera web browser.

BrianFagioli writes: Surprisingly, TiVo still offered dial-up access to some of its users, allowing them to download program guide information. Sadly, this week, the company started alerting those users that it will be discontinuing dial-up connectivity later this month -- the end of an era. TiVo sent the following email message Tuesday evening. "TiVo will be discontinuing our dial-up service on September 30, 2018. According to our records you may still have one or more TiVo devices connecting to the TiVo Service via dial-up. Your TiVo box will still be able to receive program guide data from the TiVo service via dial-up modem until September 30, 2018. Following September 30, 2018, your current subscription plan will remain active even if you are not using the TiVo Service. If you would like to continue using the TiVo Service, we have outlined several options for you below." Comically, the company suggests two alternatives -- use Ethernet or buy a Wi-Fi adapter. Look, while those are technically accurate options, if someone is still using dial-up connectivity with their TiVo in 2018, they probably don't have broadband access.

A new study from email security company Mimecast shows that malicious links in emails are being missed by many security systems. From a report: Mimecast examined more than 142 million emails that had passed through organizations' email security vendors. The latest results reveal 203,000 malicious links within 10,072,682 emails were deemed safe by other security systems -- a ratio of one unstopped malicious link for every 50 emails inspected. The report also finds an 80 percent increase impersonation attacks in comparison to last quarters' figures. Additionally, 19,086,877 pieces of spam, 13,176 emails containing dangerous file types, and 15,656 malware attachments were all missed by these incumbent security providers and delivered to users' inboxes.

While we know that Linux app support is coming to a range of Chromebooks from Lenovo, Acer, Dell and others, a post on the Chromium Gerrit reveals that devices running Linux 3.14 or older will miss out. BetaNews: Chrome OS is able to run Linux apps through the use of containers which help to keep the rest of the operating system safe from harm. As container support requires features that are only found in more recent versions of the Linux kernel, it means that many Chromebooks -- whose kernels are usually not updated -- will not be able to run Linux apps.

Here's the full list of Chromebooks that won't be getting the Linux love: AOpen Chromebase Mini (Feb 2017; tiger, veyron_pinky), AOpen Chromebox Mini (Feb 2017; fievel, veyron_pinky), ASUS Chromebook C201 (May 2015; speedy, veyron_pinky), Acer C670 Chromebook 11 (Feb 2015; paine, auron), Acer Chromebase 24 (Apr 2016; buddy, auron), Acer Chromebook 15 (Apr 2015; yuna, auron), Acer Chromebox CXI2 (May 2015; rikku, jecht), Asus Chromebit CS10 (Nov 2015; mickey, veyron_pinky), Asus Chromebook Flip C100PA (Jul 2015; minnie, veyron_pinky), Asus Chromebox CN62 (Aug 2015; guado, jecht), Dell Chromebook 13 7310 (Aug 2015; lulu, auron), Google Chromebook Pixel (Mar 2015; samus), Lenovo ThinkCentre Chromebook (May 2015; tidus, jecht), Toshiba Chromebookk 2 (Sep 2015; gandof, auron).

Long-time Slashdot reader tdailey spotted a new version of Pale Moon, a customised version of Firefox optimized for speed and efficiency. Beta News reports it's the first major update since November of 2016:

There are virtually no visual or obvious changes in this new major build, but the under-the-hood changes are both extensive and necessary.... Despite all the updates, Moonchild is keen to stress certain things haven't changed -- unlike Firefox, for example, Pale Moon continues to support NPAPI plugins, complete themes and a fully customizable user interface. There is also no DRM built into the browser, although third-party plugins such as Silverlight are supported. It will also continue to work with certain "legacy" plugins of the type abandoned by Firefox.
Pale Moon strips out what one reviewer calls "little-used components" of Firefox, including parental controls and accessbility features, as well as crash reports and support for Internet Explorer's ActiveX and ActiveX scripting technology.

"Proving that open source leads to great development, Pale Moon takes the already decent Firefox web browser and makes it even better and a faster."

BrianFagioli writes: Debian is one of the most important open source projects ever. The Debian Linux operating system is extremely popular in its own right, but also, it is used as the base for countless other distributions. Ubuntu, for instance -- one of the most-used distros -- is Debian-based. Even Linux Mint, which is based on Ubuntu, also has a Debian edition. Not to mention, Raspbian -- the official Raspberry Pi OS -- which is based on Debian too.

Today, Debian is celebrating a very important milestone -- a 25th birthday! Yes, it is seriously that old -- its development was announced on August 16, 1993. When the late Ian Murdock announced 25 years ago in comp.os.linux.development, the imminent completion of a brand-new Linux release, [...] the Debian Linux Release', nobody would have expected the 'Debian Linux Release' would become what's nowadays known as the Debian Project, one of the largest and most influential free software projects. "Its primary product is Debian, a free operating system (OS) for your computer, as well as for plenty of other systems which enhance your life. From the inner workings of your nearby airport to your car entertainment system, and from cloud servers hosting your favorite websites to the IoT devices that communicate with them, Debian can power it all," says Ana Guerrero Lopez of Debian. Further reading: Slackware, Oldest Actively Maintained GNU/Linux Distribution, Turns 25.

Mark Wilson quotes a report from BetaNews: The arrival of Fortnite on Android has not only been eagerly awaited, but also steeped in controversy. In addition to making the game a Samsung exclusive (for a few days, anyway), Epic Games decided to bypass Google Play and host APK downloads on its own servers. But this isn't going to stop people looking for Fortnite in the Play Store. Google is well aware of this, and that there is the potential for fake, scam apps to appear, tricking users into downloading something malicious. As such, the company is taking action, and is showing a warning to anyone who searches for Fortnite in Google Play. Conduct a search for Fortnite in Google's app store and you'll be greeted by a message that reads "Fortnite Battle Royale by Epic Games, Inc is not available on Google Play." Searchers are also advised that Fortnite rival PlayerUnknown's Battlegrounds (PUBG) is available to download.

A major virus infection forced the closure of Taiwan Semiconductor Manufacturing Company (TSMC) factories last weekend..." writes Slashdot reader Mark Wilson, noting that it's the largest semiconductor manufacturer in the world, selling chips to Apple, Nvidia, AMD, Qualcomm, and Broadcom, and "responsible for producing iPhone processors."

Now Network World reports: The infection struck on Friday, August 3, and affected a number of unpatched Windows 7 computer systems and fab tools over two days. TSMC said it was all back to normal by Monday, August 6. TSMC did not say it was WannaCry, aka WannaCrypt, in its updates, but reportedly blamed WannaCry in follow-up conference calls with the press.... The company said this incident would cause shipment delays and additional costs estimated at 3 percent of third quarter revenue. The company had previously forecast revenues of $8.45 billion to $8.55 billion for its September quarter. A 3 percent loss would mean $250 million, though actual losses may come out lower than that. Still, that's a painful hit. TSMC also said no customer data was compromised....

TSMC isn't directly to blame here; someone [an infected production tool provided by an unidentified vendor] brought WannaCry into their offices and behind their firewall, but TSMC is still culpable because it left systems unpatched more than a year after WannaCry hit.

A large majority of organizations are struggling to implement security into their DevOps processes, despite saying they want to do so, according to a new report. From a report: The study commissioned by application security specialist Checkmarx looks at the biggest barriers to securing software today depending on where organizations sit on the DevOps maturity curve. The report finds 96 percent of respondents believe it is 'desirable' or 'highly desirable' for developers to be properly trained on how to produce secure code.

As developers take responsibility for the security of their software, respondents believe it is more important to educate developers and empower them than it is to educate other stakeholders in the organization like ops specialists and security specialists. However, 41 percent agree that defining clear ownership and responsibility in relation to software security remains a big challenge, and just 11 percent say they have adequately addressed the need for developer education. Software security is a boardroom issue according to 57 percent of respondents, it's a matter of business risk.

Piriform, the maker of CCleaner, has pulled v5.45 of its suite from the website after users expressed concerns over the privacy changes in the application, the company, which was acquired by Avast last year, said. In v5.45, the company made it impossible to disable "active monitoring", and the privacy settings had been removed for free customers. Additionally, as BetaNews reported earlier this week, Avast also made it impossible for users to quit the software. Addressing these concerns, Avast said, "Today we have removed v5.45 and reverted to v5.44 as the main download for CCleaner while we work on a new version with several key improvements." The company added: We're currently working on separating out cleaning functionality from analytics reporting and offering more user control options which will be remembered when CCleaner is closed. We're also creating a factsheet to share which will outline the data we collect, for which purposes and how it is processed. [...] As stated before, we'll split cleaning alerts (which don't send any data) from UI trend data (which is anonymous and only there to measure the user experience) and provide a separate setting for each in the user preferences. Some of these features run as a separate process from the UI: we'll restore visibility of this in the notifications area, and you'll be able to close it down from that icon menu as before. We understand the importance of this to you all. This work is our number 1 priority and we are taking the time to get it right in the next release. There are numerous changes required, so that does mean it will take weeks, not days. While we work on this, we have removed version 5.45 and reinstated version 5.44. According to stats shared by the company, CCleaner has been downloaded over two billion times. In a week, it is estimated to see five million downloads.

Piriform, the maker of CCleaner, has pulled v5.45 of its suite from the website after users expressed concerns over the privacy changes in the application, the company, which was acquired by Avast last year, said. In v5.45, the company made it impossible to disable "active monitoring", and the privacy settings had been removed for free customers. Additionally, as BetaNews reported earlier this week, Avast also made it impossible for users to quit the software. Addressing these concerns, Avast said, "Today we have removed v5.45 and reverted to v5.44 as the main download for CCleaner while we work on a new version with several key improvements." The company added: We're currently working on separating out cleaning functionality from analytics reporting and offering more user control options which will be remembered when CCleaner is closed. We're also creating a factsheet to share which will outline the data we collect, for which purposes and how it is processed. [...] As stated before, we'll split cleaning alerts (which don't send any data) from UI trend data (which is anonymous and only there to measure the user experience) and provide a separate setting for each in the user preferences. Some of these features run as a separate process from the UI: we'll restore visibility of this in the notifications area, and you'll be able to close it down from that icon menu as before. We understand the importance of this to you all. This work is our number 1 priority and we are taking the time to get it right in the next release. There are numerous changes required, so that does mean it will take weeks, not days. While we work on this, we have removed version 5.45 and reinstated version 5.44. According to stats shared by the company, CCleaner has been downloaded over two billion times. In a week, it is estimated to see five million downloads.

An anonymous reader writes: NetMarketShare reports on the state of the desktop operating system market on the first day of each month. [...] In July, [the market share of] Windows 10 went from 35.71 percent to 36.58 percent, an increase of 0.87 percentage points. That's down from the 0.97 percentage points it grew in June, but shows that the OS is still packing on share at a steady rate. In July, Windows 7 lost 0.51 percentage points and now sits on 41.23 percent, just 4.65 percentage points ahead of the newer OS.

Lubuntu, a popular Ubuntu flavor, has gained traction over the years for supporting older hardware. As Brian Fagioli writes at BetaNews, one of the focuses of the Lubuntu developers is to support aging computers. However, that is about to change. He adds: When Lubunu 18.10 is released in October 2018, it will ditch LXDE for the newer LXQt. Despite it also being a desktop environment that is easy on resources, the Lubuntu developers are planning to drop their focus on old hardware after the transition. "[...] Our main focus is shifting from providing a distribution for old hardware to a functional yet modular distribution focused on getting out of the way and letting users use their computer. In essence, this is leveraging something we have always done with Lubuntu; providing an operating system which users can use to revive their old computers, but bringing this to the age of modern computing," says Simon Quigley of Lubuntu team.

BrianFagioli shares a report from BetaNews: Microsoft seems eager to get programmers on the quantum bandwagon, as today, it launched the open-source Quantum Katas on GitHub. What exactly is it? It is essentially a project deigned to teach Q# programming for free. "For those who want to explore quantum computing and learn the Q# programming language at their own pace, we have created the Quantum Katas -- an open-source project containing a series of programming exercises that provide immediate feedback as you progress," says The Microsoft Quantum Team. "Coding katas are great tools for learning a programming language. They rely on several simple learning principles: active learning, incremental complexity growth, and feedback."

The team further says, "The Microsoft Quantum Katas are a series of self-paced tutorials aimed at teaching elements of quantum computing and Q# programming at the same time. Each kata offers a sequence of tasks on a certain quantum computing topic, progressing from simple to challenging. Each task requires you to fill in some code; the first task might require just one line, and the last one might require a sizable fragment of code. A testing framework validates your solutions, providing real-time feedback." You can view the project on GitHub here.

Canonical announced on Friday that Microsoft's PowerShell Core is now available on Linux platform as a Snap. From a report: If you aren't familiar, a Snap is essentially a packaged version of a program that can be easily installed on many Linux distributions. Many see it as the future of Linux, as it has the potential to reduce fragmentation. "Built on the .NET Framework, PowerShell is an open source task-based command-line shell and scripting language with the goal of being the ubiquitous language for managing hybrid cloud assets. It is designed specifically for system administrators and power-users to rapidly automate the administration of multiple operating systems and the processes related to the applications that run on those operating systems," says Canonical.

BrianFagioli shares a report from BetaNews: System76 has long been a Linux computer seller, but recently, it has transitioned into a Linux computer maker. What's the difference, you ask? Well, currently, the company doesn't really make its own computers. System76's laptops, for instance, are made by other manufacturers, which it re-brands as its own. No, System76 doesn't just slap its name on other company's laptops and ship them out the door. Actually, it works closely with the manufacturers, tweaks firmware, and verifies that both Ubuntu and its Ubuntu-based Pop!_OS will work well on the hardware. System76 then offers top-notch support too. In other words, the company isn't just selling a computer, but an experience too. Unfortunately, when you rely on other computer manufacturers, you don't fully control the experience. Ultimately, System76 cannot achieve its true vision without building its own laptops. And so, that is exactly what it is going to do! Yes, System76 will be building and selling the computers right here in the USA (Denver, Colorado to be exact). I mean, when your company supports open source ideology and takes pride in being "Made in America," how can you go wrong?

Many folks in the Linux community are excited to see the fruits of System76's labor, and today, we get a small peek. No, the company isn't sharing any of its computer designs, but it is showing off its new manufacturing facility. In a new blog post by System76 customer service all-star Emma, she shares several photos of the new factory. [T]he space is absolutely massive! It seems System76 has very lofty goals. Exactly when these new computers both designed and manufactured by System76 will become available for purchase is anyone's guess. Quite frankly, based on the System76's blog post, it seems they are still at very early stages. With that said, it will be interesting to see what is born inside that factory in Colorado. The Linux community is anxiously awaiting something special.

BrianFagioli writes: Today, Samsung announces yet another milestone, this time with its low-powered memory. You see, Samsung has created what it calls the "industry's first 10-nanometer (nm) class 8-gigabit (Gb) LPDDR5 DRAM." The company promises significant power reduction -- up to 30 percent over LPDDR4X DRAM. This should be important for the upcoming 5G explosion. "The 8Gb LPDDR5 boasts a data rate of up to 6,400 megabits per second (Mb/s), which is 1.5 times as fast as the mobile DRAM chips used in current flagship mobile devices (LPDDR4X, 4266Mb/s). With the increased transfer rate, the new LPDDR5 can send 51.2 gigabytes (GB) of data, or approximately 14 full-HD video files (3.7GB each), in a second," says Samsung.

The Galaxy-maker further says, "The 10nm-class LPDDR5 DRAM will be available in two bandwidths -- 6,400Mb/s at a 1.1 operating voltage (V) and 5,500Mb/s at 1.05V -- making it the most versatile mobile memory solution for next-generation smartphones and automotive systems."

A study by analysts Vanson Bourne for self service automation specialist SnapLogic looks at the data priorities and investment plans of IT decision makers, along with what's holding them back from maximizing value. From a report: Among the findings are that 80 percent of those surveyed report that outdated technology holds their organization back from taking advantage of new data-driven opportunities. Also that trust and quality issues slow progress, with only 29 percent of respondents having complete trust in the quality of their organization's data. Nearly three-quarters (74 percent) say they face unprecedented volumes of data but struggle to generate useful insights from it, estimating that they use only about half (51 percent) of the data they collect or generate. What's more, respondents estimate that less than half (48 percent) of all business decisions are based on data.

The team behind Gentoo Linux has revealed the reasons for the recent hack of its GitHub organization account. The short version: shoddy security. From a report: It seems that the hackers were able to gain access to the GitHub organization account by using the password of one of the organization administrators. By the team's own admission, poor security meant that the password was easy to guess. As the Register points out, "only luck limited the damage," but the Gentoo Linux team is keen to let it be known that it has learned a lot from the incident. In an entry on the Gentoo Linux wiki, there is a fairly detailed breakdown of what happened, how it happened, and what is being done to prevent it from happening again. The wiki entry summarizes the hack attack as follows: "An unknown entity gained control of an admin account for the Gentoo GitHub Organization and removed all access to the organization (and its repositories) from Gentoo developers. They then proceeded to make various changes to content. Gentoo Developers & Infrastructure escalated to GitHub support and the Gentoo Organization was frozen by GitHub staff. Gentoo has regained control of the Gentoo GitHub Organization and has reverted the bad commits and defaced content."

BrianFagioli writes: People sometimes forget that when the first-ever iPhone launched in 2007, there was no App Store. Believe it or not, Apple's smartphone was limited to the apps with which it came. In fact, Steve Jobs famously didn't want third-party apps on the iPhone at all. Ultimately, the App Store was added in 2008 despite Jobs' initial push against it. This move changed the computer industry forever.

This month, the Apple App Store reaches an impressive milestone -- its 10th Birthday. This day is important for three groups -- Apple (of course), but more importantly, consumers and developers. Apple has made billions of dollars from the App Store, but third party developers have as well -- the company has literally transformed some devs into millionaires. Consumers have benefited from high-quality applications too.

Regardless of your feelings about Apple, the world owes it a collective thank you for its App Store. It inspired other companies, such as Google with Android and Microsoft with Windows 8/10, to adopt the same app concepts. It really did change everything.

Linux Mint, the maker of popular Linux distro, announced on Friday the general availability of a new version of their operating system. Called Linux Mint 19 "Tara", the new version offers a range of new features, improvements, and a promise that it would stick around for a while. Writing for BetaNews, Brian Fagioli: The most significant aspect of Linux Mint 19 is the new Ubuntu 18.04 LTS base. Tara will receive updates until 2023 -- very impressive. The kernel is at 4.15, and all three desktop environments are being updated too. Mate is now at version 1.2, Cinnamon gets bumped up to 3.8, and Xfce is updated to 4.12.

In Linux Mint 19, the star of the show is Timeshift, said, Clement Lefebvre, Linux Mint Project Leader. Although it was introduced in Linux Mint 18.3 and backported to all Linux Mint releases, it is now at the center of Linux Mint's update strategy and communication, he added. Thanks to Timeshift you can go back in time and restore your computer to the last functional system snapshot. If anything breaks, you can go back to the previous snapshot and it's as if the problem never happened.

Mark Wilson writes: When it comes to messaging tools, people have started to show greater interest in whether encryption is used for security, and the same for websites -- but not so much with email. Thanks to the work of the Electronic Frontier Foundation, however, email security is being placed at the top of the agenda. The privacy group today announces STARTTLS Everywhere, its new initiative to improve the security of the email ecosystem. STARTTLS is an addition to SMTP, and while it does not add end-to-end encryption, it does provide hop-to-hop encryption, which is very much a step in the right direction. In a blog post, EFF elaborates SMARTTLS for the uninitiated, and outlines how it worked around some of the tech's underlying challenges: There are two primary security models for email transmission: end-to-end, and hop-to-hop. Solutions like PGP and S/MIME were developed as end-to-end solutions for encrypted email, which ensure that only the intended recipient can decrypt and read a particular message. Unlike PGP and S/MIME, STARTTLS provides hop-to-hop encryption (TLS for email), not end-to-end. Without requiring configuration on the end-user's part, a mailserver with STARTTLS support can protect email from passive network eavesdroppers. For instance, network observers gobbling up worldwide information from Internet backbone access points (like the NSA or other governments) won't be able to see the contents of messages, and will need more targeted, low-volume methods. In addition, if you are using PGP or S/MIME to encrypt your emails, STARTTLS prevents metadata leakage (like the "Subject" line, which is often not encrypted by either standard) and can negotiate forward secrecy for your emails.

Apple has been hit with an AUS $9 million ($6.7 million) fine for misleading customers in Australia. More than two years ago Apple started to "brick" iPhones that had been fixed at non-authorized third-party repairers, generating an Error 53. From a report: Apple admitted to intentionally preventing certain repaired iPhones and iPads from working for security reasons, but later apologized and issued a fix. However, the Australian Competition and Consumer Commission (ACCC) sued Apple for "misleading or deceptive conduct," and now an Australian court has hit the iPhone-maker with a multi-million dollar fine.

An anonymous reader shares a report: Although many businesses have begun moving to DevOps-style processes, eight out of 10 respondents to a new survey say they still have separate teams for managing infrastructure/operations and development. The study by managed cloud specialist 2nd Watch of more than 1,000 IT professionals indicates that a majority of companies have yet to fully commit to the DevOps process. 78 percent of respondents say that separate teams are still managing infrastructure/operations and application development. Some organizations surveyed are using infrastructure-as-code tools, automation or even CI/CD pipelines, but those techniques alone do not define DevOps.

Brian Fagioli, writing for BetaNews: Samsung announces its latest such laptop -- the premium, yet affordable, Chromebook Plus (V2). This is a refresh of the first-gen "Plus" model. It can run Android apps and doubles as a convertible tablet, making it very versatile. Best of all, you won't have to wait long to get it -- it will go on sale very soon. "The Samsung Chromebook Plus (V2) puts productivity and entertainment at consumers' fingertips and at the tip of the built-in pen. At 2.91 pounds, its thin design makes it easy to slip into a bag and carry all day -- or use throughout the day with its extended battery life. Flipping its 12.2-inch FHD 1920x1080 resolution screen transforms it from notebook to tablet to sketchbook -- and back -- with two cameras for making it easier to stay connected with friends and sharing with the world. Plus, Chrome OS helps users get more done by providing access to millions of Android apps on Google Play," says Samsung. The Chromebook Plus, powered by Intel Celeron Processor 3965Y and 4GB of RAM, goes on sale later this month at $499.

Mark Wilson shares a report from BetaNews: Another week, another cyberattack. This time around, it's the Dixons Carphone group which says it has fallen victim to not one but two major breaches. The bank card details of 5.9 million customers have been accessed by hackers in the first breach. In the second, the personal records of 1.2 million people have been exposed. Dixons Carphone says that it is investigating an attack on its card processing system at Currys PC World and Dixons Travel in which there was an attempt to compromise 5.9 million cards. The company stressed that the vast majority -- 5.8 million -- of these cards were protected by chip and PIN, and that the data accessed did not include PINS, CVVs or any other authentication data that could be used to make payments or identify the card owners. The report goes on to mention that 105,000 non-EU issued payment cards, which were not chip and PIN protected, were also affected. The company says it will be contacting those customers affected by the breaches.

An anonymous reader shares a report: Microsoft has announced that starting next month it will no longer be participating in the technical support forums for Windows 7, 8.1, 8.1 RT and numerous other products. On the software front, the company says that it will also no longer provide support for Microsoft Security Essentials, Internet Explorer 10, Office 2010 and 2013 as of July. It is not just software that is affected. Microsoft is also stopping support for Surface Pro, Surface Pro 2, Surface RT, Surface 2, Microsoft Band and Zune. Some forums will be locked, preventing users from helping each other as well.

The Key2 smartphone, which BlackBerry unveiled earlier this week, is the "most secure Android smartphone," the Canadian company claims. Brian Fagioli, writing for BetaNews: While BlackBerry no longer makes smartphones, it does license its name to a company called TCL which makes Android devices that carry the branding -- and sometimes, a physical keyboard. It isn't just slapping the BlackBerry name on a random low-quality Android phone, however. Actually, these TCL devices have been fairly well received thanks to an adherence to traditional BlackBerry designs. Today, TCL unveils its latest such smartphone, called "KEY2," and it looks quite nice. In fact, the company says it is "the most secure Android smartphone."

Yahoo Messenger is to be discontinued in just over a month. Yahoo owner Oath has announced that it is killing off its famous Messenger service on July 17. From a report: After this date, chatting will no longer be available, and users have just six months to download their chat histories. At the moment, there is no direct replacement for Yahoo Messenger, but users are being advised that they can request an invite for the beta version of the invite-only group messaging app Yahoo Squirrel. In an FAQ about the announcement, Yahoo addresses why the decision to shutter the service was taken. "We know we have many loyal fans who have used Yahoo Messenger since its beginning as one of the first chat apps of its kind. As the communications landscape continues to change over, we're focusing on building and introducing new, exciting communications tools that better fit consumer needs."

Mark Wycislik-Wilson, writing for BetaNews: In his weekly message to the Linux community on Sunday, Linus Torvalds announced the release of Linux 4.17. The release comes a couple of months after the first release candidate, and in his message Torvalds also talks about version 5.0 of the Linux kernel. Having previously said that Linux kernel v5.0 "should be meaningless," he said that this next major numerical milestone will come around "in the not too distance future." For now, though, it's version 4.17 -- or Merciless Moray, if you prefer -- that's of interest. Linux kernel 4.17 is not a major release, and Torvalds announced it without much fanfare. "So this last week was pretty calm, even if the pattern of most of the stuff coming in on a Friday made it feel less so as the weekend approached. And while I would have liked even less changes, I really didn't get the feeling that another week would help the release in any way, so here we are, with 4.17 released."

Mark Wilson writes: Facebook has announced plans to kill off the Trending feature of its newsfeed. The social network says that this is to "make way for future news experiences." Over the years, Facebook has experimented endlessly with the presentation of news, and has faced criticism for failing to weed out "fake news" and also accusations of liberal bias. Now the company wants to find new ways to help people find news that matters to them, ensuring that it comes from reliable sources.

Ian Barker, writing for BetaNews: A large majority of people say they are concerned about their online privacy, but this is not reflected in their actions according to a new study. The survey from Blue Fountain Media reveals that 90 percent of respondents are very concerned about their internet privacy and 48 percent wish 'more was being done about it.' Yet despite this 60 percent of those polled happily download apps without reading terms and conditions, and close to 20 percent still download apps even when they have read the terms and don't like them. A third of those polled say they would delete an app that tracks their whereabouts, but 50 percent say whether they would do so depends how much they like the app. Interestingly less than 10 percent believe an app that tracks their location is actually useful to them.

Today sees the release of iOS 11.4 and with it Apple is adding AirPlay 2. From a report: This brings some important changes to HomePod, including the stereo pairing option that was missing at launch. AirPlay 2 also adds multi-room audio to HomePod, bringing Apple's smartspeaker in line with Amazon Echo and Google Home. Other new features of iOS 11.4 include the ability to access iMessages via iCloud on any Apple device. The lack of stereo pairing and multi-room audio was seen by many as a failing of HomePod, but Apple has now addressed this. The company says that when two speakers are paired, they are capable of "delivering room-filling sound that is more spacious than a traditional stereo pair."

Mark Wycislik-Wilson, writing for BetaNews: Looking to better compete with the likes of Apple Music and Spotify, Pandora has launched a new Premium Family package. The new package offers unlimited access to all of Pandora's premium features for up to six people. The price is just $15 per month, but there's a 60-day free trial available so you can try it out for size first. Pandora explains that the new package offers "all of the features of Pandora Premium to up to six unique Pandora accounts simultaneously" and costs $14.99 USD monthly or $164.89 annually. As noted by Phone Arena, there are no limits on the number of tracks that can be streamed, there are no ads, and subscribers are free to download music for offline listening.

Brian Fagioli, writing for BetaNews: This week, The GNOME Foundation made a shocking revelation: a mystery donor has pledged $1 million dollars. We don't know who is promising the money -- it could be a rich man or woman, but more likely -- and this is pure speculation -- it is probably a company that benefits from GNOME, such as Red Hat or Canonical.

"An anonymous donor has pledged to donate up to $1,000,000 over the next two years, some of which will be matching funds. The GNOME Foundation is grateful for this donation and plans on using these funds to increase staff to streamline operations and to grow its support of the GNOME Project and the surrounding ecosystem. While the GNOME Foundation has maintained its position as a proponent of the GNOME Project, growth has been limited. With these funds, the GNOME Foundation will be able to expand and lead in the free software space," says The GNOME Foundation.

Mark Wilson writes: Following on from a trial in Australia, Facebook is rolling out anti-revenge porn measures to the UK. In order that it can protect British users from failing victim to revenge porn, the social network is asking them to send in naked photos of themselves. The basic premise of the idea is: send us nudes, and we'll stop others from seeing them .

An anonymous reader shares a report: A new report from cloud security specialist Carbon Black, based on responses from CISOs at 40 major financial institutions -- including six of the top 10 global banks -- seeks to better understand the attack landscape. Among the findings are that 90 percent of financial institutions report being the subject of a ransomware attack in 2017. In addition one in 10 respondents report encountering destructive attacks unrelated to ransomware, such as application attacks and fileless malware. These potentially enable cybercriminals to move freely and laterally within an organization's network and often go completely overlooked until it's too late.

The mayor of New York City, Bill de Blasio, has announced the formation of a new task force to examine the fairness of the algorithms used in the city's automated systems. From a report: The Automated Decision Systems Task Force will review algorithms that are in use to determine that they are free from bias. Representatives from the Department of Social Services, the NYC Police Department, the Department of Transportation, the Mayor's Office of Criminal Justice, the Administration for Children's Services, and the Department of Education will be involved, and the aim is to produce a report by December 2019. However, it may be some time before the task force has any sort of effect. While a report is planned for the end of next year, it will merely recommend "procedures for reviewing and assessing City algorithmic tools to ensure equity and opportunity" -- it will be a while before any recommendation might be assessed and implemented.

Korora, a Fedora-based Linux distro, halted its development this month, BetaNews' Brian Fagioli spotted Wednesday. The announcement would irk many, as Korora consistently received positive feedback from critics and users alike. News outlet ZDNet once described Korora as "Fedora++", while Slashdot readers, too, spoke highly of the distro.

At the same time, the announcement should come as little surprise to anyone who has been tracking Korora's work. In a blog post, Korora team wrote: Korora for the forseeable future is not going to be able to march in cadence with the Fedora releases. In addition to that, for the immediate future there will be no updates to the Korora distribution. Our team is infinitesimal (currently 1 developer and 2 community managers) compared to many other distributions, we don't have the luxury of being able to dedicate the amount of time we would like to spend on the project and still satisfy our real life obligations. So we are taking a little sabbatical to avoid complete burn out and rejuvenate ourselves and our passion for Korora/Fedora and wider open source efforts. The team had expressed similar concerns earlier this year: For the past few years Korora has released a new version in line with each Fedora version. That means that approximately twice a year we prepare, test and create 5 different ISO versions. This is as well as, among other things, developing new projects, supporting existing releases and planning the future versions. As each team member has different skills some tasks, such as development, can only be done by one person. All this is done in our spare time along side our job, family and personal responsibilities. For a very small team, currently 3 people plus the occasional input from others, this is a lot of work. It means that often Korora has to take a back seat when real life intrudes. This isn't the first time Korora had to abruptly pause its development. In 2007, Christopher Smart, who kickstarted Korora (at the time based on Gentoo Linux), had discontinued the project -- only to revive it three years later.

Korora, a Fedora-based Linux distro, halted its development this month, BetaNews' Brian Fagioli spotted Wednesday. The announcement would irk many, as Korora consistently received positive feedback from critics and users alike. News outlet ZDNet once described Korora as "Fedora++", while Slashdot readers, too, spoke highly of the distro.

At the same time, the announcement should come as little surprise to anyone who has been tracking Korora's work. In a blog post, Korora team wrote: Korora for the forseeable future is not going to be able to march in cadence with the Fedora releases. In addition to that, for the immediate future there will be no updates to the Korora distribution. Our team is infinitesimal (currently 1 developer and 2 community managers) compared to many other distributions, we don't have the luxury of being able to dedicate the amount of time we would like to spend on the project and still satisfy our real life obligations. So we are taking a little sabbatical to avoid complete burn out and rejuvenate ourselves and our passion for Korora/Fedora and wider open source efforts. The team had expressed similar concerns earlier this year: For the past few years Korora has released a new version in line with each Fedora version. That means that approximately twice a year we prepare, test and create 5 different ISO versions. This is as well as, among other things, developing new projects, supporting existing releases and planning the future versions. As each team member has different skills some tasks, such as development, can only be done by one person. All this is done in our spare time along side our job, family and personal responsibilities. For a very small team, currently 3 people plus the occasional input from others, this is a lot of work. It means that often Korora has to take a back seat when real life intrudes. This isn't the first time Korora had to abruptly pause its development. In 2007, Christopher Smart, who kickstarted Korora (at the time based on Gentoo Linux), had discontinued the project -- only to revive it three years later.

Last week, an app on the Ubuntu Snap Store caused a stir when it was found to be riddled with a script that is programmed to mine cryptocurrency, a phenomenon whose traces has been found in several popular application stores in the recent months. Canonical promptly pulled the app from the store, but offered little explanation at the time. On Tuesday, Ubuntu-maker addressed the matter in detail. From a report: The big question is whether or not this is really malware. Canonical also pondered this and says the following. "The first question worth asking, in this case, is whether the publisher was in fact doing anything wrong, considering that mining cryptocurrency is not illegal or unethical by itself. That perspective was indeed taken by the publisher in question here, who informed us that the goal was to monetize software published under licenses that allow it, unaware of the social or technical consequences," the company wrote in a blog post.

"The publisher offered to stop doing that once contacted. Of course, it is misleading if there is no indication of the secondary purpose of the application. That's in fact why the application was taken down in the store. There are no rules against mining cryptocurrencies, but misleading users is a problem," it added.

Unfortunately, Canonical concedes that it simply doesn't have the resources to review all code submitted to the Snap Store. Instead, it puts the onus on the user to do their due diligence by investigating the developer before deciding to trust them.

Last week, an app on the Ubuntu Snap Store caused a stir when it was found to be riddled with a script that is programmed to mine cryptocurrency, a phenomenon whose traces has been found in several popular application stores in the recent months. Canonical promptly pulled the app from the store, but offered little explanation at the time. On Tuesday, Ubuntu-maker addressed the matter in detail. From a report: The big question is whether or not this is really malware. Canonical also pondered this and says the following. "The first question worth asking, in this case, is whether the publisher was in fact doing anything wrong, considering that mining cryptocurrency is not illegal or unethical by itself. That perspective was indeed taken by the publisher in question here, who informed us that the goal was to monetize software published under licenses that allow it, unaware of the social or technical consequences," the company wrote in a blog post.

"The publisher offered to stop doing that once contacted. Of course, it is misleading if there is no indication of the secondary purpose of the application. That's in fact why the application was taken down in the store. There are no rules against mining cryptocurrencies, but misleading users is a problem," it added.

Unfortunately, Canonical concedes that it simply doesn't have the resources to review all code submitted to the Snap Store. Instead, it puts the onus on the user to do their due diligence by investigating the developer before deciding to trust them.

An anonymous reader shares a report: Last week, System76 started to share details about its refreshed Linux-powered Oryx Pro laptop. It would be thinner and more powerful, while adding twice the battery life of its predecessor. Unfortunately, we did not yet know exactly what the laptop looked like. Today, we finally have official images. The new Oryx Pro is quite breathtaking, as it is a true Pro machine -- with the USB Type-A, Ethernet, and HDMI ports you expect -- while being just 19mm thin. It has the horsepower that power-users need, thanks to its 8th Gen Intel Core i7 processor and NVIDIA GeForce GTX 10-Series GPU.

With a name like 'SiliVaccine' you could be forgiven it's something your doctor would give you if you were worried about turning into a clown. But in fact this is North Korea's home grown antivirus product. From a report: Check Point Software has obtained and analyzed a rare copy of the software and discovered key components of its source code to be identical to a 10-year old copy of Trend Micro's AV software. Analysis has also uncovered that SiliVaccine is designed to allow a specific malware signature to pass undetected to users, and an update patch for the software contained JAKU malware, which has been used to target and track specific individuals in South Korea and Japan. Check Point believes this could have been used to target journalists who write about North Korean affairs.

Following an official beta release, Fedora 28 has been released today. From a report: Fedora 28 has many new features, but one in particular will surely excite desktop/workstation users -- GNOME 3.28, which introduces Thunderbolt 3 support and improved laptop battery life. Fedora has long used GNOME as the default desktop environment, and best of all, it is mostly a stock affair -- no silly tweaks enabled by default. In other words, you get a very pure GNOME experience, making Fedora Workstation the preferred OS for many hardcore fans of the DE. "GNOME 3.28 adds the capability to favorite files, folders, and contacts for easier organization and access. Additionally, the new application Usage is included to help users more easily diagnose and resolve performance and capacity issues," says The Fedora Project.

Remember that popular browser extension that let you sync your bookmarks on multiple devices? Launched in 2006 by Foxmarks (a company created by EFF co-founder Mitch Kapor), it was saved from death in 2010 when it was acquired by the password-management service LastPass. But now BetaNews reports: If you're a user of Xmarks, there's some bad news for you -- the service is closing down... The bookmark syncing tool, which is available as an addon for Chrome, Firefox, Internet Explorer and Safari, is to be shuttered on May 1... Emails have also been sent out to registered users notifying them of the impending closure.

"On May 1, 2018, we will be shutting down Xmarks... After this date, your bookmarks should remain available in any previously accessed browser, but they will no longer sync and your Xmarks account will be deactivated... After careful consideration and evaluation, we have decided to discontinue the Xmarks solution so that we can continue to focus on offering the best possible password vaulting to our community."
It was apparently especially popular with long-time Slashdot reader vm, who writes "I have held on to my Xmarks account over the years because I can always get to them despite changes in operating systems, browsers, employers, etc.

"What do other folks use that may also have a mobile option?"

An anonymous reader shares a report: Microsoft developers working on Windows 8 created a puzzle and embedded it in the wallpapers used for internal builds of the operating system. The team knew that the images would leak out to the public -- and probably the internal builds of Windows -- so they decided to have some fun with it. Over the course of numerous builds, the puzzle was developed -- but only one person ever solved it! Over the weekend, Jensen Harris -- a former group program manager of Microsoft Office and Microsoft director leading the team working on the redesign of Windows 8 -- took to Twitter to come clean about the secret puzzle. He explained that it was common for internal test builds of Windows to have wallpapers that were not intended for public release, but said that messages tended to be included to discourage leaking: "Traditionally, these wallpapers included text embedded in them threatening to throw people in jail if they leaked the build, blah blah, substantial penalty for early withdrawal, not all coins go up in value (some go down!), etc. etc. We wanted to try a more elegant tact. So early in Windows 8, we created a wallpaper that was a combination of the text the lawyers wanted us to use with an attempt to appeal to people's better nature...thus the "shhh... let's not leak our hard work" series of wallpapers was born."