Slashdot Mirror

Esther Schindler writes: They're trying, honest they are. In 2016 alone, writes Steven Vaughan-Nichols, Microsoft announced SQL Server on Linux; integrated Eclipse and Visual Studio, launched an open-source network stack on Debian Linux; and it's adding Ubuntu Linux to its Azure Stack hybrid-cloud offering. That's all well and good, he says, but it's not enough. There's one thing Microsoft could do to gain real open-source trust: Stop forcing companies to pay for its bogus Android patents. But, there's too much money at stake, writes sjvn, for this to ever happen. For instance, in its last quarter, volume licensing and patents, accounted for approximately 9% of Microsoft's total revenue.

An anonymous reader writes: ZDNet reports, "The Australian Department of Foreign Affairs does not believe a United Nations panel's ruling that Julian Assange is being "arbitrarily detained" is legally binding. Nor has it made any representations to the British or Swedish governments about the ruling. Department official Jon Philp told a Senate Estimates hearing in Canberra that no representations have been made to Sweden about Assange's case since December 2011. "He is receiving due process under those legal systems," he said. The 44-year-old Australian is likely to remain holed-up in the Ecuadorian Embassy in London after the UK and Swedish governments rejected the UN's ruling in early February."

jones_supa writes: Gordon F. Kelly of Forbes whipped up a frenzy over Windows 10 when a Voat user found out in a little experiment that the operating system phones home thousands of times a day. ZDNet's Ed Bott has written a follow-up where he points out how the experiment should not be taken too dramatically. 602 connection attempts were to 192.168.1.255 using UDP port 137, which means local NetBIOS broadcasts. Another 630 were DNS requests. Next up was 1,619 dropped connection attempts to address 94.245.121.253, which is a Microsoft Teredo server. The list goes on with NTP, random HTTP requests, and various cloud hosts which probably are reached by UWP apps. He summarizes by saying that a lot of connections are not at all about telemetry. However, what kind of telemetry and data-mined information Windows specifically sends still remains largely a mystery; hopefully curious people will do analysis on the operating system and network traffic sent by it.

rudy_wayne writes: Former Mozilla CEO Brendan Eich has launched a new Chromium-based browser called Brave. "Brave blocks everything: initial signaling/analytics scripts that start the programmatic advertising 'dirty pipe', impression-tracking pixels, and ad-click confirmation signals," Eich wrote on the Brave site. Former Mozilla CTO Andreas Gal said in a blog post that "the web is broken," with current browser vendors unwilling to tackle the dilemma of blocking ads, while looking at alternative mechanisms for funding content. Gal said it was ironic Brave was a for-profit operation that can make money from reducing advertising.

Joe_Dragon sends news from Microsoft about how the company will support Windows now and in the future. The company says PCs built with Intel's Skylake chip, and other new architectures in the future, will require the latest version of Windows for support. This doesn't take effect right away; Windows 7 and 8.1 will be supported on older chips until their planned end-of-life dates, in 2020 and 2023 respectively. They'll also be supported on a list of current Skylake devices for the next 18 months. After that, only the latest version of Windows will support integration between the operating system and new CPU features. "For example, Windows 10 will be the only supported Windows platform on Intel's upcoming 'Kaby Lake' silicon, Qualcomm's upcoming '8996' silicon, and AMD's upcoming 'Bristol Ridge' silicon." Microsoft also mentioned that for new supported systems, the company will "ensure all drivers will be on Windows Update with published BIOS/UEFI upgrading tools." The submitter adds, "Putting BIOS/UEFI updates in to the Windows 10 auto- / forced-update system may open Microsoft to paying $600-$1,000+ to replace broken laptops. If Windows tries to update BIOS/UEFI at a bad/risky time (like during power instability in a big storm), it could lead to an update loop or worse."

An anonymous reader writes: Today Microsoft announced partnerships with several companies to bring Windows 10, Office 365, and Azure to cars. Volvo is having their Call Universal App integrate with Windows 10 smartphones and Microsoft Band 2 watches to let drivers interact with their cars. Harman, a company that builds infotainment systems, will allow drivers to access Office 365 services (while parked or while the car is driving itself). IAV, a similar company, will let users stream Windows 10 Continuum from their smartphone directly to a vehicle's dashboard. Finally, Nissan's LEAF and Infiniti models in Europe will run their telematics system on Azure. "The common thread between these announcements is that Microsoft is pitching Azure as an enabling platform, tossing in analytics and focusing on its core productivity strengths. Aside from the Microsoft Band 2 partnership with Volvo, Microsoft is taking an enterprise behind-the-scenes approach to the auto industry."

New submitter rafaelj writes: Apparently, Tim Berners Lee was not aware of the real impact on internet freedom in Brazil when he supported the Marco Civil to pass in the Brazilian congress last year. Using the Brazilian Civil "Rights" Framework, a minor Brazilian court ordered WhatsApp service to be suspended in the whole country after WhatsApp refused to provide user's data. The order was happily accomplished by the Brazilian mobile phone companies as they have been lobbying to convince the government to regulate the service in Brazil since their profits are decreasing steadily after Brazilians started using WhastsApp instead of (tolled) SMS and phone calls. Brazil has the most expensive cell phone rates on the planet. Adds readers André Costa: The ban is a result of WhatsApp failing to comply with two previous court orders, on July 23 and August 7. Even though [the ban] affects millions of users, the service of course remains accessible through Wi-Fi. The plaintiff's identity is being kept secret. The news has already spread worldwide). The ban on WhatsApp resulted in more than 1.5 million users joining its competitor Telegram.

An anonymous reader writes: The VTech hack just got a little worse. Reports say that in addition to the 4.8 million records with parents' names, home addresses, passwords and the identities of 227k kids, the hackers also have hundreds of gigabytes worth of pictures and chat logs belonging to children. ZDNet reports: "Tens of thousands of pictures — many blank or duplicates — were thought to have been taken from from Kid Connect, an app that allows parents to use a smartphone app to talk to their children through a VTech tablet. Motherboard was able to verify a portion of the images, and the chat logs, which date as far back as late-2014. Details about the intrusion are not fully known yet. The hacker, who for now remains nameless, told Motherboard that the Hong Kong-based company 'left other sensitive data exposed on its servers.'"

AmiMoJo writes: When Microsoft released Windows 10 version 1511 earlier this month, the company also updated the installer files it delivers via a free, downloadable media creation tool (MCT). That upgrade option worked as advertised for more than a week. This weekend, however, the new files have been pulled and the media creation tool available for download from that page instead installs the July 2015 (build 10240) release. A Microsoft spokesperson confirmed they wish people install the older version and get the 1551 update via Windows Update. The more recent release is still available via an unpublished link (EXE download).

StewBeans writes: Much has been discussed about the potential security risks of an Internet of Things future in which billions of devices and machines are all talking to each other automatically. But the IoT market is exploding at a breakneck pace, leaving all companies scrambling to figure out the security piece of the puzzle now, before it's too late. In fact, some experts believe this issue will be what separates the winners from the losers, as security concerns either stop companies from getting into the IoT market, or delay existing IoT projects and leave the door open to swifter competition. That's likely why, according to CIO Magazine's annual survey, CIOs are spending a third of their time on security. Adam Dennison from CIO said, "If IT leaders want to embrace the sexy, new technologies they are hearing about today—the SMAC stack, third platform, Internet of Things, etc—security is going to be upfront and at the center of the discussion."

An anonymous reader writes: Former NSA whistleblowers contend that the agency shut down a program that could have "absolutely prevented" some of the worst terror attacks in memory. According to the ZDNet story: "Weeks prior to the September 11 terrorist attacks, a test-bed program dubbed ThinThread was shut down in favor of a more expensive, privacy-invasive program that too would see its eventual demise some three years later -- not before wasting billions of Americans' tax dollars. Four whistleblowers, including a congressional senior staffer, came out against the intelligence community they had served, after ThinThread. designed to modernize the agency's intelligence gathering effort, was cancelled. Speaking at the premier of a new documentary film A Good American in New York, which chronicles the rise and demise of the program, the whistleblowers spoke in support of the program, led by former NSA technical director William Binney."

Nigel Dessau has written a book titled Become a 21st Century Executive: Breaking Away from the Pack. One thing he mentions both in his book and in conversation is that you should harness conflict in the workplace rather than try to stop it. And the first name that came to mind was Linus Torvalds, and how kernel developer Sarah Sharp recently quit the kernel development team loudly and publicly because of Linus's 'Brutal' Communications Style. And now the Washington Post has put out an article under the headline, Net of Insecurity: The Kernel of the Argument, which is about Linus's management style and his recent conflicts with almost every Internet security maven within reach of his online writing. Meanwhile, at ZDNet, Steven J. Vaughan-Nichols calls the Post article "re-bundled old FUD about Linux and the internet's security."

Nigel likes Linus (as do most people who've met him in person) and points out that Linus can get away with being somewhat prickly because he's a genius. The same could be said about the late Steve Jobs and a number of other interesting leaders in the computer business. And Nigel's book and this interview also talk about something that may be more important in the long run than this year's small spate of Linux publicity, namely mentoring and how it can help millennials become productive workers in knowledge fields -- which a whole bunch of them need to start doing PDQ because all the baby boomers everybody loves to hate are either retired already or will be retired before long.

New submitter mlts writes: As of now, I just leave E-mail in a 'received-2015' subfolder on my provider's server, adding a new folder yearly. With the rise of E-mail account intrusions (where even though I'm likely not a primary target, but it is a concern), what is a secure, but yet accessible way to archive E-mail? I'm far less worried about the FBI/NSA/Illuminati, as I am about having stuff divulged to all and sundry if a mass breach happens. A few alternative I've considered: 1) Running my own physical IMAP server. The server would run on a hypervisor (likely ESXi), have Dovecot limited to the VPN I use, and use other sane techniques to limit access. 2) Archive the E-mail files through a cloud provider, with a client encryption utility (EncFS, BoxCryptor, etc.) In this case, E-mail would be stored in a different file a week. 3) Move it to local storage on a virtual machine, and if access is needed, use LogMeIn or another remote access item to fire up Thunderbird to access it. What would be a recommended way to secure E-mail that sits around, for the long haul, but still have it accessible? Even if you're not specifically worried about it, keeping older email around on a provider's server opens you up to warrantless access by U.S. law enforcement officials.

An anonymous reader writes: In the wake of NSA leaks debacle, New Zealand's Inspector General of Security and Intelligence has developed a process to enable whistleblowers to act safely. "The Edward Snowden disclosures demonstrate how critical it is to have a clear path, with appropriate protections, for disclosing information about suspected wrongdoing (PDF) within an intelligence and security agency," Cheryl Gwyn says. The Inspector General's powers were boosted after it was discovered New Zealand's Government Communications Security Bureau had been spying illegally on Kim Dotcom and others. "Edward Snowden has consistently said it was impossible for him to make internal disclosures about what he believed was wrongdoing due to the lack of whistleblower protections he faced in the U.S."

An anonymous reader writes: Avast, a security and antivirus company based in Prague, says they refuse to share their source code, and that the U.S. government hasn't even asked them. This is not necessarily the case for the rest of the industry. Over the summer we learned from a report at The Intercept that GCHQ and the NSA had a project to subvert security software so they could use vulnerabilities and exploits to their own advantage. Antivirus firms McAfee and Symantec were notably absent from the list of targets, and Symantec later confirmed over email that they "permitted source code review in controlled environments to meet government requirements." In addition to raising questions about whether a security product can be trusted under such circumstances, it also causes political problems: "Giving assurances to one country, and receiving government certification, can harm a security company in another. China, a known cyber-adversary of the US, accused Symantec last year of including backdoors that could allow outside access -- though it did not specifically say how -- and banned the product from the country."

New submitter d4nimal writes: Intel today announced that it is killing the MX Logic/McAfee/Intel Security spam protection service (PDF). The last date of service is January, 2017. This comes on the heels of numerous outages and a general rise in user and admin dissatisfaction. Intel purchased the service as part of its McAfee acquisition in 2010. MX Logic was bought by McAfee less than a year earlier.

An anonymous reader writes: A few weeks ago, Google announced its new Nexus phones — the 5X built by LG, and the 6P built by Huawei. The phones are starting to ship, and reviews for both devices have landed. So far, they're largely positive. Ars Technica calls them the Android phones to beat, though criticizes them for having fairly large bezels and no wireless charging. Android Police says the 6P's form factor is an improvement over the Nexus 6, being slightly narrower and taller. Meanwhile, most publications report that the 5X does a good job at carrying on the legacy of the excellent Nexus 5. It's their lower end phone, and most reviews mention that it feels that way in the hand — but battery life is reportedly excellent. The Nexus 6P's battery is capable, but doesn't last as long. Fortunately, the worries about overheating with its Snapdragon 810 chip seem overblown.

An anonymous reader writes with news that CloudFlare chief executive Matthew Prince recently spoke about how Amazon's ban on "monster erotica" helped shape his position on censorship. ZDNet reports: "I worry about Jeff Bezos' bizarre obsession with dinosaur sex," said Prince, towards the end of a long conversation in our New York newsroom. "I don't think I've ever heard a chief executive -- hell, I don't think I've ever heard anyone say anything like that before," I said. Prince was referring to how the bookseller and online retail giant banned so-called "monster erotica," a genre of fan-fiction revolving around fantasy-based fictional encounters with mythical or extinct creatures (including dinosaurs), which was for a time sold on its online bookstore. Amazon, according to reports, pulled hundreds of the self-published books it sold -- as well as some content that fetishized incest and rape -- despite "vague" guidelines by the retailer. "You can make a rational argument that if you're writing books fantasizing about having sex with animals or children, maybe that promotes a certain kind of behavior. But there's no risk of someone abusing a dinosaur," he said.

An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."

An anonymous reader writes: To help mitigate the cyber-security risks in connected automobiles Intel has established the Automotive Security Review Board (ASRB). Intel says: "The board will encompass top security industry talent across the globe with particular areas of expertise in cyber-physical systems. The ASRB researchers will perform ongoing security tests and audits intended to codify best practices and design recommendations for advanced cybersecurity solutions and products to benefit the automobile industry and drivers. Intel also published the first version of its automotive cybersecurity best practices white paper, which the company will continue to update based on ASRB findings."

itwbennett writes: On Thursday, ZDNet reported that Uber ride data had leaked into Google search results. Zach Minors confirms in this article that a "site-specific Google search for trip.uber.com produced dozens of links to Uber rides that have been completed and cancelled, in countries around the world including the U.S., England, Russia, France and Mexico. Each link leads to a Web site with a map showing the ride's route, with the pickup and destination tagged with markers. A card on the page also shows the first name of the rider and driver, along the driver's photo, make and model of the car, and license plate number." However, what appeared to be a privacy red flag was not a "data leak," according to an Uber spokeswoman: "We have found that all these links have been deliberately shared publicly by riders. Protection of user data is critically important to us and we are always looking for ways to make it even more secure."

An anonymous reader writes: According to a new report by Cloud Market, Ubuntu is more than twice as popular on Amazon EC2 as all other operating systems combined. Given that Amazon Web Services has 57% of the public cloud market, Ubuntu is clearly the most popular OS for cloud systems. This is further bolstered by a recent OpenStack survey, which found that more than half of respondents used Ubuntu for cloud-based production environments. Centos was a distant second at 29%, and RHEL came in third at 11%. "In addition to AWS, Ubuntu has been available on HP Cloud, and Microsoft Azure since 2013. It's also now available on Google Cloud Platform, Fujitsu, and Joyent." The article concludes, "People still see Ubuntu as primarily a desktop operating system. It's not — and hasn't been for some time."

According to The Verge, anyone who buys a new Android phone may benefit from an interesting change in their phone's default apps: namely, fewer pieces of included bloatware. However, the affected apps might not be the ones that a user concerned with bloatware might care most about (like carrier-specific apps), but are rather some of the standard Google-provided ones (Google+, Google Play Games, Google Play Books and Google Newsstand). These apps will still be available at the Google Play Store, just not required for a handset maker to get Google's blessing. (Also at ZDNet.)

Mozilla announced yesterday a few high-level changes to the way Firefox and Firefox extensions will be developed; among them, the introduction of "a new extension API, called WebExtensions—largely compatible with the model used by Chrome and Opera—to make it easier to develop extensions across multiple browsers." (Liliputing has a nice breakdown of the changes.) ZDNet reports that at the same time, "Mozilla will be deprecating XPCOM and XUL, the foundations of its extension system, and many Firefox developers are ticked off at these moves."

An anonymous reader writes: Between 2011 and 2014, the municipality of Pesaro, Italy, trained up its 500 employees to use OpenOffice. However, last year the organization decided to switch back to Microsoft and use its cloud productivity suite Office 365. According to a report from Netics Observatory (Google translation of Italian original), the city administration will be able to save up to 80% of the software's total cost of ownership by going back. The savings are largely due to the significant and unexpected deployment costs. In particular, having to repaginate and tweak a number of documents due to a lack of compatibility between the proprietary and the open source systems translated into a considerable waste of time and productivity. The management estimates that every day roughly 300 employees had to spend up to 15 minutes each sorting out such issues.

theodp writes: Plans for Rupert Murdoch & Co. to teach your children to code just hit a bump in the road. Murdoch's News Corp. last week announced it plans to exit the education business as it announced a $371 million write-down of the investment in its Amplify education unit, which aimed to reinvent education via digital tools, tablets and curriculum reinforced with snazzy graphics. The news may help to explain why Amplify MOOC, the entity that offered online AP Computer Science A to high school students, was re-dubbed Edhesive ("online education that sticks") a couple of months ago. Tech-backed Code.org, whose $1+ million "Gold Supporters" include the James and Kathryn Murdoch-led Quadrivium Foundation, announced a partnership with Edhesive to bring CS to schools in June, around the same time Edhesive LLC was formed.

florin writes: Oracle chief security officer Mary Ann Davidson published a most curious rant on the company's corporate blog yesterday, addressing and reprimanding some pesky customers that just will not stop bothering her. As Mary put it: "Recently, I have seen a large-ish uptick in customers reverse engineering our code to attempt to find security vulnerabilities in it." She goes on to describe how the company deals with such shameful activities, namely that "We send a letter to the sinning customer, and a different letter to the sinning consultant-acting-on-customer's behalf — reminding them of the terms of the Oracle license agreement that preclude reverse engineering, So Please Stop It Already."

Later on, in a section intended to highlight how great a job Oracle itself was doing at finding vulnerabilities, the CSO accidentally revealed that customers are in fact contributing a rather significant 1 out of every 10 vulnerabilities: "Ah, well, we find 87 percent of security vulnerabilities ourselves, security researchers find about 3 percent and the rest are found by customers." Unsurprisingly, this revealing insight into the company's regard for its customers was removed later. But not before being saved for posterity.

The OpenDaylight Project works on Software Defined Networking. Their website says, "Software Defined Networking (SDN) separates the control plane from the data plane within the network, allowing the intelligence and state of the network to be managed centrally while abstracting the complexity of the underlying physical network." Another quote: it's the "largest software-defined networking Open Source project to date." The project started in 2013. It now has an impressive group of corporate networking heavyweights as sponsors and about 460 developers working on it. Their latest release, Lithium, came out earlier this month, and development efforts are accelerating, not slowing down, because as cloud use becomes more prevalent, so does SDN, which is an obvious "hand-in-glove" fit for virtualized computing.

Today's interview is with OpenDaylight Project Executive Director Nicolas "Neela" Jacques, who has held this position since the project was not much more than a gleam in (parent) Linux Foundation's eye. This is one of the more important Linux Foundation collaborative software projects, even if it's not as well known to the public as some of the foundation's other efforts, including -- of course -- GNU/Linux itself.

An anonymous reader writes: Microsoft CEO Satya Nadella says the company is committed to bringing Windows to as many computer form factors as possible — even if they have to do it themselves. He says their plan is to build out new devices with the same mindset that created the Surface line. The Surface Pro tablets (and the regular Surface tablets, now that Windows RT has been retired) have been a rare bright spot among Microsoft's mobile stumbles. Nadella seems to want Windows to become almost hardware agnostic, and he thinks the universal apps plan for Windows 10 is the way to do it.

He says, "Universal Windows apps are going to be written because you want to have those apps used on the desktop. The reason why anybody would want to write universal apps is not because of our three percent share in phones. It's because a billion consumers are going to have a Start Menu, which is going to have your app. You start the journey there and take them to multiple places. Their app can go to the phone. They can go to HoloLens. They can go to Xbox. ... And by the way, when we hook them on that, we have a phone app. This strategy is path dependent, which is a term I use that means where you start is not where you end up. And therein lies a lot of the nuance. The fundamental truth for developers is they will build if there are users. And in our case the truth is we have users on desktop."

An anonymous reader notes that a project to develop an anonymizing Wi-Fi device has been canceled under mysterious circumstances. The device, called Proxyham, was unveiled a couple weeks ago by Rhino Security Labs. They said it would use low-frequency radio channels to connect a computer to public Wi-Fi hotspots up to 2.5 miles away, thus obscuring a user's actual location. But a few days ago the company announced it would be halting development and canceling a talk about it at Def Con, which would have been followed with a release of schematics and source code. They apologized, but appear to be unable to say anything further.

"In fact, all [the speaker] can say is that the talk is canceled, the ProxyHam source code and documentation will never be made public, and the ProxyHam units developed for Las Vegas have been destroyed. The banner at the top of the Rhino Security website promoting ProxyHam has gone away too. It's almost as if someone were trying to pretend the tool never existed." The CSO article speculates that a government agency killed the project and issued a gag order about it. A post at Hackaday calls this idea absurd and discusses the hardware needed to build a Proxyham. They say using it would be "a violation of the Computer Fraud & Abuse Act, and using encryption over radio violates FCC regulations. That’s illegal, it will get you a few federal charges — but so will blowing up a mailbox with some firecrackers." They add, "What you’re seeing is just the annual network security circus and it’s nothing but a show."

New submitter TheHawke writes with this story from ZDNet about the exodus of software developers from Greece. "In the last three years, almost 80 percent of my friends, mostly developers, left Greece," software developer Panagiotis Kefalidis told ZDNet. "When I left for North America, my mother was not happy, but... it is what it is." It's not just the software developers quitting either. The Greek Finance Minister Yanis Varoufakis also resigned. A portion of his resignation announcement reads: "Soon after the announcement of the referendum results, I was made aware of a certain preference by some Eurogroup participants, and assorted ‘partners’, for my ‘absence’ from its meetings; an idea that the Prime Minister judged to be potentially helpful to him in reaching an agreement. For this reason I am leaving the Ministry of Finance today."

The Korea Times reports that Samsung researchers have published in Nature Communications the results of research (here's the abstract) that could lead to vastly greater storage capacity for lithium-ion batteries. The researchers, by growing graphene on silicon anodes, were able to preserve the shape of the anodes, an outcome which has formerly eluded battery designers: silicon tends to deform over numerous charging cycles. From the linked abstract: Here we report direct graphene growth over silicon nanoparticles without silicon carbide formation. The graphene layers anchored onto the silicon surface accommodate the volume expansion of silicon via a sliding process between adjacent graphene layers. When paired with a commercial lithium cobalt oxide cathode, the silicon carbide-free graphene coating allows the full cell to reach volumetric energy densities of 972 and 700Whl1 at first and 200th cycle, respectively, 1.8 and 1.5 times higher than those of current commercial lithium-ion batteries. Also at ZDNet.

Ammalgam writes: Microsoft seems to be really driven to pushing over a billion people to the new Windows 10 platform as soon as humanly possible. In the latest push to make this happen, the company has basically decided that (somewhat off the record), pirates can come in the side door and it really doesn't matter what the state of their Windows license is, they can get Windows 10 for free. To get deep into the weeds on how this is happening, you have to read Ed Bott's excellent article on ZDNET – "With a nod and a wink, Microsoft gives away Windows 10 to anyone who asks." However, on Windows10update.com, Onuora Amobi asks whether the cost benefit analysis has been done and if this deluge of new members will have a detrimental effect on the Windows Insider Program.

An anonymous reader writes: iOS 9 will reportedly carry ad blocking capabilities for it's Safari browser when it is released later this year. The feature wasn't rolled out with the usual fanfare one might expect, and flew under the radar. ZDNet reports: "It's not immediately clear why the new ad-blocking privacy feature was included in iOS 9, due out later this year. After all, the iPhone and iPad maker has its own advertising network -- even if its success was limited (which is putting it nicely). What's clear is that allowing ad-blockers in iOS 9 could deliver a serious blow to Google, the biggest rival to Apple in the mobile space, because advertising remains a massive portion of the search giant's income."

On May 29, Steven J. Vaughan Nichols (known far and wide as SJVN) wrote an article for ZDNet headlined, Now more than ever, the Internet belongs to cord-cutters. A few days before that, he wrote another one headlined, Mary Meeker's Internet report: User growth slowing, but disruption full speed ahead. And last December he wrote one titled, Reports show it's becoming a cord cutter's world. SJVN obviously sees a trend here. So do a lot of other people, including cable TV and local TV executives who are biting their nails and asking themselves, "Whatever shall we do?" So far, says SJVN, the answers they've come up with are not encouraging.

NOTE from Roblimo: We're trying something different with this video, namely keeping it down to about 4 minutes but running a text transcript that covers our 20+ minute conversation with SJVN. Is this is a good idea? Please let us know.

On May 29, Steven J. Vaughan Nichols (known far and wide as SJVN) wrote an article for ZDNet headlined, Now more than ever, the Internet belongs to cord-cutters. A few days before that, he wrote another one headlined, Mary Meeker's Internet report: User growth slowing, but disruption full speed ahead. And last December he wrote one titled, Reports show it's becoming a cord cutter's world. SJVN obviously sees a trend here. So do a lot of other people, including cable TV and local TV executives who are biting their nails and asking themselves, "Whatever shall we do?" So far, says SJVN, the answers they've come up with are not encouraging.

NOTE from Roblimo: We're trying something different with this video, namely keeping it down to about 4 minutes but running a text transcript that covers our 20+ minute conversation with SJVN. Is this is a good idea? Please let us know.

On May 29, Steven J. Vaughan Nichols (known far and wide as SJVN) wrote an article for ZDNet headlined, Now more than ever, the Internet belongs to cord-cutters. A few days before that, he wrote another one headlined, Mary Meeker's Internet report: User growth slowing, but disruption full speed ahead. And last December he wrote one titled, Reports show it's becoming a cord cutter's world. SJVN obviously sees a trend here. So do a lot of other people, including cable TV and local TV executives who are biting their nails and asking themselves, "Whatever shall we do?" So far, says SJVN, the answers they've come up with are not encouraging.

NOTE from Roblimo: We're trying something different with this video, namely keeping it down to about 4 minutes but running a text transcript that covers our 20+ minute conversation with SJVN. Is this is a good idea? Please let us know.

An anonymous reader sends a report about a new vulnerability found in open source virtualization software QEMU, which is run on hardware in datacenters around the world (CVE-2015-3456). "The cause is a widely-ignored, legacy virtual floppy disk controller that, if sent specially crafted code, can crash the entire hypervisor. That can allow a hacker to break out of their own virtual machine to access other machines — including those owned by other people or companies." The vulnerable code is used in Xen, KVM, and VirtualBox, while VMware, Hyper-V, and Bochs are unaffected. "Dan Kaminsky, a veteran security expert and researcher, said in an email that the bug went unnoticed for more than a decade because almost nobody looked at the legacy disk drive system, which happens to be in almost every virtualization software." The vulnerability has been dubbed "Venom," for "Virtualized Environment Neglected Operations Manipulation."

An anonymous reader writes: A new group, Transparency Toolkit, has mined LinkedIn to reveal and analyze the resumes of over 27,000 people in the U.S. intelligence community. In the process, Transparency Toolkit said it found previously unknown secret codewords and references to surveillance technologies and projects. "'Transparency Toolkit uses open data to watch the watchers and hold the powerful to account,' the group's website says. 'We build free software to collect and analyze open data from a variety of sources. Then we work with investigative journalists and human rights organizations to turn that into useful, actionable knowledge. Currently, our primary focuses are investigating surveillance and human rights abuses.'"

ZDNet reports that after a recent executive order from President Obama "said to have made it illegal to donate to Edward Snowden's fund," anonymous donations to the fund have soared -- at least ones as anonymous as Bitcoin makes possible. From the article: A new executive order signed into law this week by the president has one online community up in arms, after its loose wording effectively ruled out donating to Edward Snowden and others. In a post on Reddit's Bitcoin subreddit, members pledged to donate to the whistleblower's relief fund, despite the wording of the new executive order suggesting that doing so was illegal. In the new executive order, signed into law on Wednesday, US President Barack Obama declared cyber-threats aimed at the US a "national emergency." The order threatens sanctions against those (including US residents) who engage in cyberattacks and espionage activities that threaten US interests at home and abroad. The wording of the order specifically addresses any person whose "property and interests in property are blocked pursuant to this order who might have a constitutional presence in the United States." Redditors were quick to assume (likely correctly) that this includes Edward Snowden, who for more than a year-and-a-half has lived in Russia, evading US justice.

An anonymous reader writes An update to a number of Panda antivirus programs Wednesday mistakenly flagged core files as malware, putting them in quarantine. In doing so, the antivirus system ceased working. Panda's free antivirus, retail 2015 service, and its enterprise cloud-based antimalware service are all affected. The company took to Twitter to warn users: "Please, don't reboot PCs. We'll keep you posted." In an advisory, Panda said the erroneous signature file was "repaired immediately," but warned under certain conditions it is possible for the "incident to persist."

As the dust settles from Apple's press conference yesterday, there have been a broad variety of reactions around the web. Robinson Meyer at The Atlantic says Apple's $10,000 watch demonstrates the company has lost its soul. "The prices grate. And they grate not because they’re so expensive, but because they’re gratuitously expensive. ... To many commentators, this is unsurprising. It’s good business sense, really. Apple has made its world-devouring profits by ratcheting up profit margins on iPhones. There is no better target for these massive margins than the super-rich. But high margins do not a luxury brand make." Others suspect the high-end watches are targeted more at rich people in China.

As for the less expensive watches, perhaps they're around not so much to become a new major sales category for Apple, but rather to drive more iPhone sales. Meanwhile, the redesigned MacBook may signify a bigger change for the laptop industry than people realize: "We don’t need all those other ports, Apple says. We are living in a wireless world now, where we can connect most of our peripherals without cords." The new MacBook has also fueled speculation that Apple could be working on a more powerful tablet, something that could compete with Microsoft's Surface Pro line.

An anonymous reader writes New documents from Edward Snowden indicate New Zealand undertook "full take" interception of communications from Pacific nations and forwarded the data to the NSA. The data, collected by New Zealand's Government Communications Security Bureau, was then fed into the NSA's XKeyscore search engine to allow analysts to trawl for intelligence. The New Zealand link helped flesh out the NSA's ambitions to intercept communications globally.

An anonymous reader writes: ZDNet reports that the latest changes to the Linux kernel include the ability to apply patches without requiring a reboot. From the article: "Red Hat and SUSE both started working on their own purely open-source means of giving Linux the ability to keep running even while critical patches were being installed. Red Hat's program was named kpatch, while SUSE' is named kGraft. ... At the Linux Plumbers Conference in October 2014, the two groups got together and started work on a way to patch Linux without rebooting that combines the best of both programs. Essentially, what they ended up doing was putting both kpatch and kGraft in the 4.0 Linux kernel." Note: "Simply having the code in there is just the start. Your Linux distribution will have to support it with patches that can make use of it."

MojoKid writes: It's long been a pet peeve of many end users that Microsoft has made it such a challenge to procure a legitimate ISO image of its various operating systems. It seems like the company should have no problem offering them in an easy-to-find spot on its website, because after all, it's not like they can be taken utilized without a legal key. Sometimes, people simply lose the disc or ISO they had, and so it shouldn't be such a challenge to get a replacement. Fortunately, with a new feature on the Microsoft site, you are now able to get that replacement Windows 7 ISO. However, it's behind a bit of protection. You'll need to provide your legal product code, and then the language, in order to go through to the download page. If you've somehow lost your key but are still using the OS that it's tied to, you can retrieve it through a few different third party tools. However, it does seem like not all valid keys work properly just yet, since some users are reporting valid keys throwing errors or not enabling a download for some reason.

An anonymous reader writes China is backing away from U.S. tech brands for state purchases after NSA revelations, according to Reuters. This confirms what many U.S. technology companies have been saying for the past year: the activities by the NSA are harming their businesses in crucial growth markets, including China. From the article: "A new report confirmed key brands, including Cisco, Apple, Intel, and McAfee -- among others -- have been dropped from the Chinese government's list of authorized brands, a Reuters report said Wednesday. The number of approved foreign technology brands fell by a third, based on an analysis of the procurement list. Less than half of those companies with security products remain on the list."

Ellie K writes As of 23 March 2015, Google will remove blogs on its Blogger platform that don't conform to its new anti-adult policies. This is an abrupt reversal of policy. Until today, Google allowed "images or videos that contain nudity or sexual activity," and stated that "Censoring this content is contrary to a service that bases itself on freedom of expression." The linked article quotes the message which has been sent to Blogger users thus: (...) In the coming weeks, we'll no longer allow blogs that contain sexually explicit or graphic nude images or video. We'll still allow nudity presented in artistic, educational, documentary, or scientific contexts, or presented where there are other substantial benefits to the public from not taking action on the content. The new policy will go into effect on the 23rd of March 2015. After this policy goes into effect, Google will restrict access to any blog identified as being in violation of our revised policy. No content will be deleted, but only blog authors and those with whom they have expressly shared the blog will be able to see the content we've made private.

An anonymous reader writes It looks like Lenovo has been installing adware onto new consumer computers from the company that activates when taken out of the box for the first time. The adware, named Superfish, is reportedly installed on a number of Lenovo's consumer laptops out of the box. The software injects third-party ads on Google searches and websites without the user's permission. Another anonymous reader points to this Techspot article, noting that that it doesn't mention the SSL aspect, but this Lenovo Forum Post, with screen caps, is indicating it may be a man-in-the-middle attack to hijack an SSL connection too. It's too early to tell if this is a hoax or not, but there are multiple forum posts about the Superfish bug being installed on new systems. Another good reason to have your own fresh install disk, and to just drop the drivers onto a USB stick. Also at ZDnet.

Advocatus Diaboli writes The money and time required to develop the Equation Group malware, the technological breakthroughs the operation accomplished, and the interdictions performed against targets leave little doubt that the operation was sponsored by a nation-state with nearly unlimited resources to dedicate to the project. The countries that were and weren't targeted, the ties to Stuxnet and Flame, and the Grok artifact found inside the Equation Group keylogger strongly support the theory the NSA or a related US agency is the responsible party, but so far Kaspersky has declined to name a culprit. NSA officials didn't respond to an e-mail seeking comment for this story. What is safe to say is that the unearthing of the Equation Group is a seminal finding in the fields of computer and national security, as important, or possibly more so, than the revelations about Stuxnet.

Ellie K writes Bitcoin exchange MyCoin has vanished — leaving $387 million in investor funds unaccounted for. MyCoin is a Hong Kong-based virtual currency trading exchange. Bitcoin exchanges are no stranger to controversy. Mt. Gox closed in February 2014, filing for bankruptcy and leaving investors approximately $500 million out of pocket. Others were 'cyberattacked' including Flexcoin, Poloniex and Bitcurex.