Slashdot Mirror

An anonymous reader writes: AVG, the Czech antivirus company, has announced a new privacy policy in which it boldly and openly admits it will collect user details and sell them to online advertisers for the purpose of continuing to fund its freemium-based products. This new privacy policy is slated to come into effect starting October 15. The policy says: We collect non-personal data to make money from our free offerings so we can keep them free, including: Advertising ID associated with your device; Browsing and search history, including meta data; Internet service provider or mobile network you use to connect to our products, and Information regarding other applications you may have on your device and how they are used.

jones_supa writes: Windows RT devices, such as the Surface RT and the Surface 2, won't get an upgrade to Windows 10, but instead Microsoft has been working on a platform update that brings the original Start Menu which the company introduced in the first Windows 10 builds. This means that it is technologically based on DirectUI, instead of an XAML-based menu which shipped with the RTM PC version of Windows 10. Aside from the Start Menu, the update is expected to include some minor tweaks and performance improvements as well.

An anonymous reader writes: Researchers have created an app that follows the micro-movements of your smartwatch and is able to detect what keys you're pressing with your left hand, and guess what words you may be typing on a keyboard. The app developed for the Motion Leaks (MoLe) project only works on a Samsung Gear Live smartwatch, but researchers say that in theory, a similar app could be developed for other smartwatch makes and models.

An anonymous reader writes: The French government is deciding whether to allow PayPal, Visa, MasterCard, and other payments processors the right to refrain from executing transactions to pirate sites if copyright holders (MPAA, RIAA, PSR for Music) file a complaint. All pirate sites will be added to a blacklist, controlled by copyright holders, and not by a French court. A similar unofficial agreement between copyright holders and payment processors is actively being enforced in countries like the U.S. and the U.K.

An anonymous reader writes: Akamai is detailing the activities of DD4BC, a cyber-extortionist group that has launched distributed denial-of-service (DDoS) attacks against numerous organizations and demanded Bitcoin payments to stop the attacks. The group is sending ransom emails requiring payments of 25 to 100 Bitcoin, which is about $6,000 — $24,000 (€5,350 — €21,400). Social media shaming is also part of the deal, threatening to expose the DDOS on Twitter if payment is not made.

An anonymous reader writes: Security researchers from G DATA have published research (PDF) into Android phones produced in China, which found that a large number of devices ship with pre-installed malware and spyware. Affected models include the Xiaomi MI3, Huawei G510, Lenovo S860, Alps A24, Alps 809T, Alps H9001, Alps 2206, Alps PrimuxZeta, Alps N3, Alps ZP100, Alps 709, Alps GQ2002, Alps N9389, Android P8, ConCorde SmartPhone6500, DJC touchtalk, ITOUCH, NoName S806i, SESONN N9500, SESONN P8, Xido X1111, Star N9500, Star N8000 and IceFox Razor. The researchers do not believe the manufacturers are responsible for the malware; rather, they suspect middlemen within distribution channels. "According to G DATA, the contamination of these smartphones is done by hiding malware as add-on code in legitimate apps. Since users don't usually interact with the malware and the add-on runs in the app's background, unless using a mobile antivirus solution, these infections are rarely discovered."

An anonymous reader writes: Shifu is a banking trojan that's currently attacking 14 Japanese banks. Once it has infected a victim's machine, it will install a special module that keeps other banking-related trojans at bay. If this module sees suspicious, malware-looking content (unsigned executables) from unsecure HTTP connections, it tries to stop them. If it fails, it renames them to "infected.exx" and sends them to its C&C server. If the file is designed to autorun, Shifu will spoof an operating system "Out of memory" message.

prisoninmate writes: A discussion between GNOME developers and users during the annual GUADEC conference lead to potential code names for the desktop environment, starting with the upcoming September release, GNOME 3.18, which might be dubbed Gothenburg. They decided to codename the September releases after the city where the GUADEC conference took place, as explained above, and the March releases after the city where the GNOME.Asia Summit will take place.

prisoninmate writes: It has been 24 long years since the first ever release of the Linux project on August 25, 1991, which is the core component of any GNU/Linux distribution. With this occasion we want to remind everyone that Linux is everywhere, even if you don't see it. You use Linux when you search on Google, when you use your phone, when buy metro tickets, actually the whole Internet is powered by Linux. Happy Birthday, Linux!

An anonymous reader writes: Some smaller pirate sites have become concerned about Windows 10 system phoning home too many hints regarding that the users are accessing their site. Therefore, the pirate administrators have started blocking Windows 10 users from accessing the BitTorrent trackers that the sites host. The first ones to hit the alarm button were iTS, which have posted a statement and started redirecting Windows 10 users to a YouTube video called Windows 10 is a Tool to Spy on Everything You Do. Additionally, according to TorrentFreak, two other similar dark web torrent trackers are also considering following suit. "As we all know, Microsoft recently released Windows 10. You as a member should know, that we as a site are thinking about banning the OS from FSC," said one of the FSC staff. Likewise, in a message to their users, a BB admin said something similar: "We have also found [Windows 10] will be gathering information on users' P2P use to be shared with anti piracy group."

New submitter Neavey writes: Sounds too good to be true, but Morphisec, an Israeli startup, claims to have built an unhackable version of Windows. Its not yet publicly available, a red flag if ever I saw one, but internal testing has had a 100% success rate: "In a statement for BI, Dudu Mimran, the co-founder of the company, describes this new OS version as the Windows that 'Microsoft should be doing,' explaining that, while the platform was initially designed for government use, it can be actually installed by any enterprise that wants to make sure that no hack is possible. Basically, this operating can block any zero-day attack, the founder says, thanks to the operating system randomizing all memory, which means that the hacker cannot target the computer memory and compromise the data stored on the drives." What things memory randomization does not fix, left as an exercise for the reader.

prisoninmate writes with news that certain complaints about the KDE Plasma 5 desktop environment may not be KDE's fault at all: Apparently, KDE Plasma 5 runs just fine, and the issue is related to a serious Intel Graphics Driver Stack bug. The good news is that a workaround for the bug is already available, and it requires you to modify the /etc/X11/xorg.conf.d/20-intel.conf file from your Linux kernel-based operating system, by switching back to the older UXA acceleration method instead of the default SNA method used in many distros.

jones_supa writes: Despite some criticism, it turns out that the design of the Windows 10 Start Menu isn't bad at all, as a designer organization has recently decided to give Microsoft its own Digital Design 2015 award for the feature. In a description on their website, IDSA (Industry Designers Society of America) explains that the design of the new menu makes it easy to access files across platforms, as it comes brings together PCs, tablets, and phones. More, the Start Screen and the Start Menu look similar, so it's easy to adapt to the interface that suits best to your device. There are plenty of Start Menu customization options and if you have a look in the Settings screen, you will find plenty of choices to tweak the default look and feel. Live tiles can be removed completely as well.

jones_supa writes: Lennart Poettering, the creator of the controversial init system and service manager for Linux-based operating systems has announced the first systemd conference. The systemd.conf will take place November 5-7, in Berlin, Germany. systemd developers and hackers, DevOps professionals, and Linux distribution packagers will be able to attend various workshops, as well as to collaborate with their fellow developers and plan the future of the project. Attendees will also be able to participate in an extended hackfest event, as well as numerous presentations held by important names in the systemd project, including Poettering himself.

jones_supa writes: Windows 10 will launch in less than a week and it is supposed to work flawlessly on devices already powered by Windows 7 and Windows 8.1, as Microsoft struggled to keep system requirements unchanged to make sure that everything runs smoothly. Device drivers all the way back to Windows Vista platform (WDDM 1.0) are supported. Softpedia performed a practical test to see how Windows 10 can run on a 7-year-old Acer Aspire One netbook powered by Intel Atom N450 processor clocked at 1.66 GHz, 1 GB of RAM, and a 320 GB mechanical hard disk. The result is surprising to say the least, as installation not only went impressively fast, but the operating system itself also works fast.

jones_supa writes: Windows 7 has quickly started increasing its market share of desktop operating systems, nearing 61%. If you're wondering why this is happening when Windows 10 is almost here, the reason is this: Windows 10 will be available as a free upgrade for those running Windows 7 and 8, and the new OS will have the exact same hardware requirements as its predecessor, so the majority of PCs should be able to run it just as well. Because Windows 7 was launched in 2009, a license is more affordable than for Windows 8, so many users are switching to this version to take advantage of the Windows 10 free upgrade offer.

prisoninmate writes: The Debian Project has announced the immediate availability of the first maintenance release of Debian GNU/Linux 8 (Jessie). As expected, Debian GNU/Linux 8.1 comes with a new Linux kernel, version 3.16.7-ctk11, which fixes the well-known EXT4 data corruption issue caused by delayed and unwritten extents, blacklists queued TRIM on Samsung 850 Pro SSDs, adds support for XHCI on APM Mustang USB, and updates Crucial/Micron blacklist in libata.

jones_supa writes: Linux-based Chromebooks have experienced a huge growth in sales during the last couple of years, so much that Microsoft is getting nervous. The company is working with partners to bring cheaper devices to the market, and part of this plan is Windows 10 with Bing, a special version of the new operating system that would only be addressed to original equipment manufacturers. This low-price basic version of Windows comes with hardcoded Bing branding, although the search engine can be changed by the user. Microsoft wants Windows 10 to be installed on as many devices as possible, and the company's roadmap expects 1 billion PCs, tablets, and smartphones to be running it until 2017. The build for Raspberry Pi 2 is still in the works as well.

New submitter prisoninmate writes: The Linux Foundation's LinuxLTSI (Long-Term Support Initiative) group has confirmed on Twitter that the next LTS version of the Linux kernel will be 4.1. The information has also been confirmed by Greg Kroah-Hartman, a renowned kernel developer who is currently maintaining several kernel branches, including a few LTS ones. When Linux kernel 4.1 is released, it will become the LTS version of 2015 and the most advanced long-term support release. This is significant because the LTSI releases are (or will be) everywhere, in a "Linux is everywhere" sense. As the initiative's page puts it, "The LTSI tree is expected to be a usable base for the majority of embedded systems, as well as the base for ecosystem players (e.g., semiconductor vendors, set-vendors, software component vendors, distributors, and system/application framework providers). ... The goal is to reduce the number of private trees currently in use in the CE industry and encourage more collaboration and sharing of development resources."

jones_supa writes: The Linux Mint team has just announced that Cinnamon 2.6 desktop environment is considered stable and ready to download. It is a big update. The load times have been greatly improved and unnecessary calculations in the window management part are dropped, leading to a 40% reduction in the number of CPU wakes per second. Other improvements include a screensaver that does more than just lock the screen, panels that can be removed or added individually, a much better System Settings panel that should make things much clearer, a cool new effect for windows, and a brand new plugin manager for Nemo. Linux Mint users will receive the new Cinnamon as an update by the end of the month.

jones_supa writes: Microsoft has revealed that its new Edge web browser will come with support for Dolby Audio in order to offer high-class audio when visiting websites. "It allows websites to match the compelling visuals of H.264 video with equally compelling multi-channel audio. It works well with AVC/H.264 video and also with our previously announced HLS and MPEG DASH Type 1 streaming features, which both support integrated playback of an HLS or DASH manifest," Microsoft explains in a blog post. Windows 10 will also ship with a Dolby Digital Plus codec.

jones_supa writes: Back in February, users decried the new icon look in Windows 10. In response to that feedback, Microsoft has implemented a new icon pack in build 10125, which was leaked early but expected to arrive soon for Technical Preview testers. Screenshots show what the final version of the OS could look like when it goes live this summer. The new icons go all-in on a flat approach, following the same design cues as the rest of the operating system, but the "pixel art" style has been abandoned. Once again, Softpedia asked for user experiences, and this time the comments have been mostly positive.

jones_supa writes: Back in February, users decried the new icon look in Windows 10. In response to that feedback, Microsoft has implemented a new icon pack in build 10125, which was leaked early but expected to arrive soon for Technical Preview testers. Screenshots show what the final version of the OS could look like when it goes live this summer. The new icons go all-in on a flat approach, following the same design cues as the rest of the operating system, but the "pixel art" style has been abandoned. Once again, Softpedia asked for user experiences, and this time the comments have been mostly positive.

jones_supa writes: It's no secret that Internet Explorer has always been criticized for its poor security, so with the Edge web browser (previously known as Spartan), Microsoft is trying to tackle this problem more effectively and make sure that users consider it at least as good as Chrome and Firefox. In a blog post, Microsoft details the security enhancements available in Edge, pointing out that most of the changes it made to the new browser make it much more secure than Internet Explorer. There is more protection against trickery, app containers are used as the sandbox mechanism, and protection against memory corruption is better. Old, insecure plugin interfaces are not supported at all: VML, VBScript, Toolbars, BHOs, and ActiveX are all nuked from the orbit.

jones_supa writes: After Debian adopted systemd, many other Linux distributions based on that operating system made the switch as well. Ubuntu has already rolled out systemd in 15.04, but Linux Mint is providing dual options for users. The Ubuntu transition was surprisingly painless, and no one really put up a fight, but the Linux Mint team chose the middle ground. The Mint developers consider that the project needs to still wait for systemd to become more stable and mature, before it will be the default and only option.

jones_supa writes: Jerry Nixon, a Microsoft developer evangelist, said at the Ignite conference in Chicago that Windows 10 "is the last version of Windows, so we're always working on Windows 10." Saying that is only half true. In fact, Microsoft will start working on large updates instead of stand-alone Windows releases, so the company would switch from a model that previously brought us new versions of Windows every three years, to a simpler one that's likely to bring big updates every two months. The company will also change the naming system for Windows, so instead of Windows $(version), the new operating system would be simply called Windows.

jones_supa writes: Canonical released Ubuntu 15.04 a couple of weeks ago, and it seems that this release has been a success. The community is mostly reporting a nice experience, which is important since this is the first Ubuntu release that uses systemd instead of upstart. At Slashdot, people have been very nervous about systemd, and last year it was even asked to say something nice about it. To be fair, Ubuntu 15.04 hasn't changed all that much. Some minor visual changes have been implemented, along with a couple of new features, but the operating system has remained pretty much the same. Most importantly it is stable, fast, and it lacks the usual problems accompanied by new releases.

jones_supa writes: As it did in the past when it tried to make Internet Explorer more secure, Microsoft has launched a new bug bounty program for Spartan browser, the default application of Windows 10 for surfing the information highway. A typical remote code execution flaw can bring between $1,500 and $15,000, and for the top payment you also need to provide a functioning exploit. The company says that it could pay even more than that, if you convince the jury on the entry quality and complexity. Sandbox escape vulnerabilities with Enhanced Protected Mode enabled, important or higher severity vulnerabilities in Spartan or its engine, and ASLR info disclosure vulnerabilities are also eligible. If you want to accept the challenge, Microsoft provides more information on how to participate.

jones_supa writes: Some of you have probably used the Feedback app of Windows 10 Technical Preview, which has enabled us to submit feature requests and bug reports directly to Microsoft in order to improve the operating system as the company approaches the final release. While Microsoft tries to make some of the requests available, it also depends on the number of votes that each submission gets. Softpedia takes a look at the top 5 requests right now: make Feedback app available in final Windows, too; improve network connections management; allow task view drag windows between desktops; give Cortana the ability to open programs; and bring back resize options for Start Menu.

jones_supa writes Video game developer Visceral Games has confirmed the actual resolution that the coming Battlefield Hardline will run on when it is launched on the Xbox One and on the PlayStation 4. An official message from the Twitter account of the studio explains that gamers will get a 720p resolution on the Microsoft console and Sony platform gamers will get the game running in 900p. 60 frames per second is promised for both consoles, but many fans are still expressing their disappointment that neither of the two versions will be able to properly deliver the native 1080p resolution of the consoles. When development started, Visceral Games and publisher Electronic Arts said they were aiming to use the power of the modern consoles to push the game engine as far as it would go, but they clearly couldn't fit that target without cutting corners. This is similar to what happened with Titanfall, which renders into an 1408x792 framebuffer on Xbox One.

jones_supa writes NVIDIA has fixed a long-standing issue in the Ubuntu Unity desktop by patching Compiz. When opening the window of a new application, it would go black or become transparent on NVIDIA hardware. There have been bug reports dating back to Ubuntu 12.10 times. The problem was caused by Compiz, which had some leftover code from a port. An NVIDIA developer posted on Launchpad and said the NVIDIA team has been looking at this issue, and they also proposed a patch. "Our interpretation of the specification is that creating two GLX pixmaps pointing at the same drawable is not allowed, because it can lead to poorly defined behavior if the properties of both GLX drawables don't match. Our driver prevents this, but Compiz appears to try to do this," wrote NVIDIA's Arthur Huillet. The Compiz patch has been accepted upstream.

jones_supa writes A lot of people got upset about the flat looks of Modern UI presented in Windows 8. Recent builds of Windows 10 Technical Preview have now started replacing the shell icons, and to some people they are just too much to bear. Basically, Microsoft opted to change the icons in search of a fresh and modern look, but there are plenty of people out there who claim that all these new icons are actually very ugly and the company would better stick to the previous design. To find out what people think about these icons, Softpedia asked its readers to tell their opinion and the messages received in the last couple of days pretty much speak for themselves. There are only few testers who think that these icons look good, but the majority wants Microsoft to change them before the final version of the operating system comes out.

jones_supa (887896) writes "Canonical, through John Zannos, VP Cloud Alliances, has proudly announced that the first ever Microsoft Azure hosted service will be powered by Ubuntu Linux. This piece of news comes from the Strata + Hadoop World Conference, which takes place this week in California. The fact of the matter is that the news came from Microsoft who announced the preview of Azure HDInsight (an Apache Hadoop-based hosted service) on Ubuntu clusters yesterday at the said event. This is definitely great news for Canonical, as their operating system is getting recognized for being extremely reliable when handling Big Data. Ubuntu is now the leading cloud and scale-out Linux-based operating system."

jones_supa writes: Soon after the poor state of the GnuPG was unveiled, the online community has rallied to help Werner Koch. He wanted to hire a full-time programmer to work on the project alongside him and to ensure that he's not living on the brink of bankruptcy all the time. Immediately after the article was published, it was revealed that he got a one-time grant of $60,000 from the Linux Foundation's Core Infrastructure Initiative. Also, the community donated over $150,000, and Facebook and Stripe have each pledged to provide $50,000 per year. All in all, it looks like Werner Koch won't be worried about funding for quite some time. The problem remains: it's very likely that other projects just as important as this one are probably facing the same kind of issues, but it would be nice to hear about them before they get in trouble, and not after.

jones_supa writes There has been quite a debate around the Linux version of The Witcher 2: Assassins of Kings and the fact that it wasn't really a port. A special kind of wrapper was used to make the Windows version of the game run on Linux systems, similar to Wine. The performance on Linux systems took a hit and users felt betrayed because they thought that they would get a native port. However, after the game stopped launching properly at some point, the reason was actually found to be a Linux regression. Linus quickly took care of the issue on an unofficial Witcher 2 issue tracker on GitHub: "It looks like LDT_empty is buggy on 64-bit kernels. I suspect that the behavior was inconsistent before the tightening change and that it's now broken as a result. I'll write a patch. Serves me right for not digging all the way down the mess of macros." This one goes to the bin "don't break userspace". Linus also reminds of QA: "And maybe this is an excuse for somebody in the x86 maintainer team to try a few games on steam. They *are* likely good tests of odd behavior.."

jones_supa writes A patch was proposed to the Linux Kernel Mailing List to drop support for the old EISA bus. However a user chimed in: "Well, I'd like to keep my x86 box up and alive, to support EISA FDDI equipment I maintain if nothing else — which in particular means the current head version of Linux, not some ancient branch." Linus Torvalds was friendly about the case: "So if we actually have a user, and it works, then no, we're not removing EISA support. It's not like it hurts us or is in some way fundamentally broken, like the old i386 code was (i386 kernel page fault semantics really were broken, and the lack of some instructions made it more painful to maintain than needed — not like EISA at all, which is just a pure add-on on the side)." In addition to Intel 80386, recent years have also seen MCA bus support being removed from the kernel. Linux generally strives to keep support even for crusty hardware if there provably is still user(s) of the particular gear.

jones_supa writes Windows Media Player is going to become a more useful media player for those who want to play geeky file formats. Microsoft has earlier confirmed that Windows 10 will come with native support for Matroska Video, but the company now talks about also adding FLAC support. Microsoft's Gabriel Aul posted a teaser screenshot in Twitter showing support for this particular format. It can be expected to arrive in a future update for people running the Windows 10 Technical Preview. Not many GUI changes seem to be happening around Media Player, but work is done under the hood.

An anonymous reader writes: In early 2013, Canonical showed the world Ubuntu Touch, a version of Ubuntu developed specifically for smartphones. Now, the mobile operating system has finally reached "release to manufacturing" status. (Here's the release announcement.) The first phone running Ubuntu Touch, the Meizu MX4, will start shipping in December. "Details are scarce on its hardware, but a leak from iGeek suggests the Pro variant may have a Samsung Exynos 5430 processor, 4GB of RAM, and a 2560x1536 resolution screen. ... This more powerful hardware is good news if true, and it bodes well for Ubuntu's vision of computing convergence." Softpedia has a preview of the RTM version of the OS. They say performance has improved significantly, even on old phones, and that the UI has been polished into a much better state.

walterbyrd writes: Fresh on the heels of the entire Munich and Linux debacle, another story involving Microsoft and free software has popped up across the world, in Chile. A prolific magazine from the South American country says that the powerful Microsoft lobby managed to turn around a law that would allow the authorities to use free software. "An independent member of the Chilean Parliament, Vlado Mirosevic, pushed a bill that would allow the state to consider free software when the authorities needed to purchase or renew licenses. ... A while later, the same member of the Parliament, Daniel Farcas, proposed another bill that actually nullified the effects of the previous one that had just been adopted. To make things even more interesting, some of the people who voted in favor of the first law also voted in favor of the second one. ... The new bill is even more egregious, because it aggressively pushes for the adoption of proprietary software. Companies that choose to use proprietary software will receive certain tax breaks, which makes it very hard for free software to get adopted."

New submitter jvp (27996) writes "Adobe's authentication system for its Creative Cloud as well as its website services is down, and has been since Wednesday (14 May) afternoon. What this means: If you're a Creative Cloud subscriber, you can't log into your account via the desktop application. Online services such as the fonts are not available. Applications (eg: Photoshop, Premiere, etc) will continue to work. Softpedia has a nice article on it, but their time frames are off quite a bit." As of this writing, a message on the Adobe Creative Cloud page says "Creative Cloud is currently undergoing maintenance. Please check back later. Thank you for your patience." Even though I've come to like some remote-hosted software, like gmail, I don't think I'd want tools for manipulating local media tied even loosely to the uptime of a remote computer (or network connection).

jones_supa writes "Valve has recently released Portal 2 on Steam for Linux and opened a GitHub entry to gather all the bugs from the community. When one of the Valve developers closed a bug related to Portal 2 recommending that the users disable a security feature, the Linux community reacted. A crash is caused by the game's interaction with SELinux, the Linux kernel subsystem that deals with access control security policies. Portal 2 uses the third-party Miles Sound System MP3 decoder which, in turn, uses execheap, a feature that is normally disabled by SELinux. Like its name suggests, execheap allows a program to map a part of the memory so that it is both writable and executable. This could be a problem if someone chose to use that particular memory section for buffer overflow attacks; that would eventually permit the hacker to gain access to the system by running code. In the end, Valve developer David W. took responsibility of the problem: 'I apologize for the mis-communication: Some underlying infrastructure our games rely on is incompatible with SELinux. We are hoping to correct this. Of course closing this bug isn't appropriate and I am re-opening it.' This is more of an upstream problem for Valve. It's not something that they can fix directly, and most likely they will have to talk with the Miles developers and try to repair the problem from that direction."

Bill Dimm writes "An article on Softpedia claims that Linux distributions using NetworkManager are storing Wi-Fi passwords in plain text in /etc by default. The article recommends encrypting the full disk or removing NetworkManager and using a different tool like netctl. Some of the article comments claim the article is FUD. Is this a real problem?"

Slashdot contributor Bennett Haselton writes "A recent webinar for newsletter publishers suggested that if you want your emails not to be blocked as 'spam,' you paradoxically have to engage in some practices that contribute to the erosion of users' privacy, including some tactics similar to what many spammers are doing. The consequences aren't disastrous, but besides being a loss for privacy, it's another piece of evidence that free-market forces do not necessarily lead to spam filters that are optimal for end users." Read on for the rest of Bennett's thoughts.

Lest you think that spam filters only rarely make mistakes any more, recall the instance in which after I mailed out a group of 10 proxy websites to my own mailing list, the British "anti-spam" outfit Spamhaus blacklisted two of the domains, which caused the registrar (Afilias) to disable all 10 of the domains en masse, so that the sites simply disappeared from the Web. (This happened even though our mailing list is 100% closed-loop confirmed-opt-in; users have to reply to a confirmation message in order to join the list, so the actual emails were not "spam.") It took several days to find out what happened and restore the domains, during which Spamhaus and Afilias refused to answer any of my inquiries, and have to this day not reached out or explained what they're doing to avoid similar screw-ups in the future. And this was just the latest in a long line of headaches caused by spam filters including filters at Hotmail, AOL, Yahoo, and Gmail, which had regularly categorized our emails as "spam" and caused users to miss them.

So when the email deliverability company WhatCounts announced their October 16th webinar on how to avoid having your mails blocked as spam, I watched in real time with some interest. The webinar (which you can view here), was presented by Brad Gurley, the "Director of Deliverability" for WhatCounts, who has worked in the email "deliverability" industry for 10 years. While email deliverability services is one of the products that WhatCounts charges for, the presentation didn't contain any blatant plugs for their own services, so I'm taking the contents at face value. Even if any statements in the webinar happened to be incorrect, it's still safe to assume that the presentation represents mainstream thinking in the email deliverability industry, which will determine what recommendations are made to email senders.

I hasten to add that WhatCounts should not be blamed for any of the recommendations that they made that I'm counting as "eroding privacy"; their job was to answer the question, "What is the best way to make sure my emails don't get blocked as spam?", and they answered it. The fault, if any, should lie with the spam filters which encourage these practices. Furthermore, I'm only saying that the practices encouraged in the webinar are eroding user privacy, not violating it. (If you ask every new subscriber for their name and geographic location, I would call that an "erosion" of privacy if it normalizes the practice of collecting more user data than you need, but it's not a privacy violation as long as the user willingly gives it to you.)

The webinar begins with some recommendations that are actually good netiquette, such as cleaning subscriber lists regularly (removing bouncing addresses), and displaying a prominent "unsubscribe" link for users who want to leave. If you run a newsletter, and good netiquette isn't a compelling enough reason to put an "unsubscribe" link near the top, here is a direct quote from the webinar:

"The Unsubscribe link should be prominently placed within the message body. Unsubscribe links that are hidden or hard-to-find will generate spam complaints from unhappy users who want to unsubscribe. Placing the link in the preheader has been shown to reduce spam complaints in many cases."

That's one reason that every message that I send to my own newsletter, contains this text at the top:
[You are receiving this because you subscribed to the Circumventor distribution list. To unsubscribe from this list, click here: http://www.peacefire.org/circumventor/cv-unsub.html or reply with the word "unsubscribe" in the subject.] (I give people the option of replying with the word "unsubscribe", even though that creates some hassle for me to process those requests manually, because many of our users are on censored networks and cannot access the unsubscribe link on the peacefire.org website.)

But, on to the less-stellar news: the presentation also says that the key to getting users to keep opening your emails -- and hence to signal to the email providers like Hotmail and Yahoo that your mails are not "spam" — is "engagement." Gurley suggests that senders "tailor mailings to segments of subscribers based on demographic data," including segmenting users based on city or zip code. Nothing sounds wrong with that, except that to "tailor" the mailings based on demographic data, you have to have that demographic data -- i.e. ask users for their age, sex, location, income bracket, or other information at the time that they join the list.

As I said, I don't consider this a violation of privacy if the user gives their information voluntarily, it's just an erosion of privacy, because it normalizes the process of asking users for extra data when there's no clear reason why it's necessary. In the late 1990s, you could join most companies' email lists without providing any more information than an email address; if you were asked for more information, it was for an obvious reason (such as filling out a profile on match.com, or ordering a product to be shipped). The less information about users was stored all in one place, the less opportunity there would be for the company to abuse it, or to be bought out by some other company that would abuse it, or for someone to hack into their servers and steal the information outright.

Our mailing list in particular serves a segment of the population who are particularly privacy-conscious -- they're using our proxy sites to circumvent Internet blocking software, so in almost all cases, just the simple act of being our mailing list could get them in some amount of trouble with somebody (although the severity would vary). So by design, we collect the minimum amount of information -- the email address -- necessary to send new proxy sites to the users. The more information that we asked for, the less likely the user might be to sign up in the first place.

Again, companies are within their right to ask for this information, but I don't think the rest of us newsletter publishers should be penalized for not asking for it.

The presentation goes on to say that email providers such as Hotmail and Yahoo judge whether an email is "spam" based on what proportion of the time users open an email from that sender. As Gurley says, "Give people a reason to open your email and keep opening it." The trouble is that this penalizes email notifications where you can fit all of the relevant content into the subject line -- many of my emails say something like "new Circumventor: badbadger.info", and for most users, that's all they need to see. Some subscribers have specifically said that they always want to see the new proxy site name in the subject line, because they're on a network where they are blocked from accessing their full email inbox, but they can use other webpages to see the subject lines of recently received emails. (For example, Yahoo Mail users might be on network where Yahoo Mail is blocked, but if you're signed in to yahoo.com you can see the subject lines of your last few emails on the www.yahoo.com front page.) If I'm being penalized by spam filters because user's don't open my emails, then obviously that's incentivizing me to do the users a disservice, by putting the proxy site name only in the message body.

(This might be an issue that is highly specific to my particular mailing list, because most people don't run email newsletters where they can fit all of the relevant content into the subject lines. However it's easy to think of other web applications that have a need for subject-only notifications -- Google Calendar sends me an email whenever one of my calendar events is coming up -- and those shouldn't be penalized just because the user never opens them.)

Finally, the presentation suggests that senders unsubscribe any user who hasn't opened the last 50 emails you sent them. This might set off mild alarm bells with tech-savvy readers, who know that the only way to tell if a reader has opened your message, is to embed images into the messages -- and if your newsletter content doesn't lend itself to images, you have to plant a surreptitious "web bug" image into the email, a tiny image that serves no purpose except that if you open the message and the image loads, it tells the sender that the message has been read. (For this reason, if you open an email message that does contain images, most email clients will not display them unless you click "Show images" or something similar -- because otherwise, if images always loaded automatically, spammers could use web bugs to tell who was opening their emails. So in fact, if a user opens your message and doesn't click "Show images", you generally can't tell that they opened your email.)

Again, I would consider web bugs to be an erosion of privacy more than a violation of it, on the order of asking for the user's zip code at the time they join their newsletter -- in both cases, the reason being that you are collecting more information than is strictly necessary for the operation of your mailing list. (In the case of web bugs, the "information" you're collecting is whether the user opened your message or not.)

Some people feel more strongly about it. A recent message posted on MIT's "liberationtech" mailing list had this to say about "web bugs", to a person who was asking about why his newsletter was being blocked:

You do not appear to use web bugs in your mailing list messages. A wise choice: web bugs are malware, they're invasive and abusive, and they actively degrade the security of recipients...which is a pretty crappy way to treat one's audience.

I think this is over the top -- all that a web bug does, is tell the sender whether you opened their message -- but, whether this opinion is valid or not, some people out there feel that way, and using web bugs in your email might piss them off.

Although before you cut loose the users who haven't opened your last 50 emails, Gurley's presentation also suggests trying to win them back with one last message with a "teaser" subject line like "We're saying goodbye...", or "Are we not going to talk to you any more?", or "Are we breaking up?". I hate subject lines like that, whether from spammers or from people I've signed up to get mail from. (Although now that I think about it, I doubt I'm really that mad about the 1 second of my time that they wasted; I think I just resent the fact that even just for that 1 second, they actually had me fooled, and I thought it really was a message from a friend.)

But again, we can't kill the messenger: Brad Gurley's job was to do a presentation on how to get your emails past the spam filters at the major email providers, and if using "come-on" subject lines works, because it gets more users to open your messages, then that's part of the answer. (Remember, this presentation was aimed at opt-in email senders, not spammers.)

So, I don't know that I can do anything differently with my list as a result of the presentation. I think it would be too off-putting to users to ask for their age and zip code, and in any case it wouldn't do any good for all the users who have already signed up. I probably couldn't use web bugs even if I wanted to, because the web bugs would have to load the image from a website, and if the user opened the email from a network where Web access was censored, the network's filter might block the website that the web bug loaded the image from. And for a list with many members who are still in high school, and whose parents might read their email over their shoulder, I don't feel like trying to get their attention by sending them an email with the subject "Are we breaking up?"

The more important takeaway here, though, is that there's no reason to expect the free market to deliver spam filters that are optimal from the user's point of view. In a world where users had perfect information, if Hotmail told their users, "We're going to start flagging the newsletters in your inbox as 'junk mail' unless the sender asks for your zip code when you sign up, and uses teasing subject lines to get you to open the message, and uses web bugs to verify whether you've opened it," their users would likely say, "Screw you, I'm going to Gmail!" (Which many of their users have apparently said anyway.) If this doesn't happen, it's because the vast majority of users don't have enough information for the market in spam filters to function effectively. And thus there's nothing to stop Hotmail and Yahoo from imposing arbitrary conditions on senders through their spam filters, which will lead to more legitimate senders resorting to "come-on" subject lines and web bugs -- ironically, looking more like the spammers they're trying to differentiate themselves from.

RemyBR writes "Softpedia points to a Nvidia Developer Zone forum post revealing that the company has removed a specific Linux feature as of the v310 drivers due to the Windows platform. A BaseMosaic user on Ubuntu 12.04 noticed a change in the number of displays that can be used simultaneously after upgrading from the v295 drivers to v310. Another user, apparently working for Nvidia, gave a very troubling answer: 'For feature parity between Windows and Linux we set BaseMosaic to 3 screens.'"

dryriver writes "People fantasizing about a Beatles comeback tour might yet see their dream come true, all thanks to Dr. Michael Zuk. This dentist is the proud owner of one of John Lennon's teeth, and hopes to use it to clone the musician. By the looks of it, Dr. Michael Zuk came in possession of the tooth in 2011. At that time, he purchased the molar at an auction organized in the United Kingdom, and paid about $30,000 (€22,424) for it. According to The Inquisitr, the dentist is now working alongside scientists in the United States, who are helping him figure out a way to extract DNA from the tooth without damaging it in the process. This DNA would serve to bring back John Lennon. Apparently, Dr. Michael Zuk hopes that his project will snowball into a scientific and pop-cultural revolution. 'To potentially say I had a small part in bringing back one of Rock's greatest stars would be mind-blowing. I am nervous and excited at the possibility that we will be able to fully sequence John Lennon's DNA, very soon I hope,' the dentist reportedly commented on the importance of his work."

jones_supa writes "Steam users worldwide are getting more than they expected this Christmas, courtesy of Valve. Increasingly annoyed reports are piling up on a Steam Community thread about an ominous 'No Connection' error. Depending on your luck, this means you can either start the client in offline mode and play only single-player games with anything related to the Steamworks cloud features disabled, or you cannot start Steam at all and consequently access anything in your library. However, store related functionality seems unaffected, in case this blunder made you feel like purchasing some more games you may or may not be able to play these holidays." Update: 12/25 17:45 GMT by T : The connection problems were fixed; did you hit the loading errors before they were resolved?

An anonymous reader writes "Windows 7 was expected to have Service Pack 2 issued roughly 3 years from its introduction (late 2009). People, including myself, have been asking 'Where is it?' and the answer apparently is, 'It isn't, and will never be' which lends itself to the giant pain of installing Windows 7, then Service Pack 1, and hundreds of smaller hotfix patches. Why Microsoft? No go to Service Pack 2 for Windows 7!"

Hugh Pickens writes writes "Softpedia reports that Global Link Security Solutions are offering a product that doesn't actually do anything to alert an owner of a break-in to their home or business, but it displays "one hell of a laser show in an attempt to scare potential crooks into thinking that they have no chance of breaking in without triggering the alarm." According to the security firm, LaserScan has four lines of protection: a number of lasers that move along the walls and floors (video), an LED which indicates that there's a "link" to a satellite, a beeping alert, and a sticker placed on the front door. Although the company claims that none of their current customers has reported break-ins since the system has been installed, security guru Bruce Schneier highlights that the product only works if the product isn't very widely known."

howhardcanitbetocrea writes "WHMCS has had 500,000 records leaked, credit cards included, by hackers calling themselves UGNazis. Apparently UGNazis succeeded in obtaining login details from the billing software's host by using social engineering. UGNazis accuse WHMCS of knowingly offering services to fraudsters. After almost 24 hours UGNazis still seem to have control of WHMCS twitter account @whmcs and is regularly updating their exploits. These tweets are also feeding into WHMCS software."

PC Magazine reports that the "-oid" family of emulators from developer Yong Zhang (better known as yongzh) has been pulled from Google's Android Market. These include Nesoid, Snesoid, and Gameboid. From the article: "So what got Zhang the boot? Or, rather, who? Neither Zhang nor Google have commented on the primary source of the complaints against the developer's emulator apps. While most speculate that one of the Big Three are behind the purge–Nintendo, Sony, or Microsoft–there's also speculation that Zhang allegedly violated the open source licenses for projects that parts of his programs were derived from." A piece at Android Police has further mention and some more background on the legal position of emulator software.