Samsung Decides Not To Patch Kernel Vulnerabilities In Some S4 Smartphones 114

An anonymous reader writes: QuarksLAB, a security research company, has stumbled upon two kernel vulnerabilities for Samsung Galaxy S4 devices, which Samsung has decided to patch only for recent devices running Android Lollipop, but not Jelly Bean or KitKat. The two vulnerabilities (kernel memory disclosure and kernel memory corruption) were discovered in February 2014 and reported to Samsung in August 2014, affecting the samsung_extdisp driver of Samsung S4 (GT-I9500) devices. Bugs break ASLR and lead to denial of service (DoS) state or even elevating attacker privileges.
The Courts

A Broke Fan Owes $5,400 For Pokemon-Themed Party Posters 194

Jason Koebler writes: A fan has been ordered by a Washington judge to pay the Pokémon Company International $5,400 for copyright infringement after attempting to throw a Pokemon-themed party earlier this summer. Even though he canceled the free event, the Pokemon Company successfully sued Ramar Larkin Jones, for using an image of Pikachu to promote the Unofficial PAX Pokemon Kickoff Party.

Ask Slashdot: Is the Gap Between Data Access Speeds Widening Or Narrowing? 84

New submitter DidgetMaster writes: Everyone knows that CPU registers are much faster than level1, level2, and level3 caches. Likewise, those caches are much faster than RAM; and RAM in turn is much faster than disk (even SSD). But the past 30 years have seen tremendous improvements in data access speeds at all these levels. RAM today is much, much faster than RAM 10, 20, or 30 years ago. Disk accesses are also tremendously faster than previously as steady improvements in hard drive technology and the even more impressive gains in flash memory have occurred. Is the 'gap' between the fastest RAM and the fastest disks bigger or smaller now than the gap was 10 or 20 years ago? Are the gaps between all the various levels getting bigger or smaller? Anyone know of a definitive source that tracks these gaps over time?

How Steve Jobs Outsmarted Carly Fiorina 294

HughPickens.com writes: Carly Fiorina likes to boast about her friendship with Apple founder Steve Jobs but Fortune Magazine reports that it turns out Carly may have outfoxed of by Apple's late leader. In January 2004, Steve Jobs and Carly Fiorina cut a deal where HP could slap its name on Apple's wildly successful iPod and sell it through HP retail channels but HP still managed to botch things up. The MP3 player worked just like a regular iPod, but it had HP's logo on the back and in return HP agreed to continue pre-loading iTunes onto its PCs. According to Steven Levy soon after the deal with HP was inked, Apple upgraded the iPod, making HP's version outdated and because of Fiorina's deal HP was banned from selling its own music player until August 2006. "This was a highly strategic move to block HP/Compaq from installing Windows Media Store on their PCs," says one Apple source. "We wanted iTunes Music store to be a definitive winner. Steve only did this deal because of that."

In short, Fiorina's "good friend" Steve Jobs blithely mugged her and HP's shareholders. By getting Fiorina to adopt the iPod as HP's music player, Jobs had effectively gotten his software installed on millions of computers for free, stifled his main competitor, and gotten a company that prided itself on invention to declare that Apple was a superior inventor.

Office 2016 Proving Unstable With Apple's El Capitan 128

An anonymous reader writes: Users of Microsoft Office on the Mac are reporting widespread instabilities and conflicts after upgrading to the latest version of the Apple desktop operating system, El Capitan. The first indications that El Capitan and Office 2016 were not working well together came in a now epic thread at Microsoft Community. Many users have surmised that new restrictions in file permissions in El Capitan caused the problems initially, though nearly all agree that Office's Outlook email client is the critical point of failure in the current round of application crashes and loss of functionality.

Motorola Marketed the Moto E 2015 On Promise of Updates, Stops After 219 Days 118

An anonymous reader writes: Over the past few years, Motorola has emerged as one of the best manufacturers for low-to-mid-range Android phones. Unlike many other major manufacturers, they keep their version of Android close to stock in order to keep OS updates flowing more easily. When they began marketing the Moto E 2015, updates were one of the features they trumpeted the loudest. But after the company published a list of devices that will continue to get updates, Android Police found the Moto E to be conspicuously absent. The phone launched on February 25, a mere 219 days ago. According to an official Motorola marketing video from launch day, "...we won't forget about you, and we'll make sure your Moto E stays up to date after you buy it."

SolarCity Says It Has Produced the World's Highest Efficiency Solar Panel 170

Lucas123 writes: SolarCity, one of the country's leading solar panel makers and installers, today said it has been able to create a product that has a 22.04% efficiency rating, topping its closest competitor SunPower, by about one percent. While the percentages may appear small, SolarCity said the new panels, which will go into pilot production later this month, will produce 30% to 40% more energy with the same footprint as its current panels, and they will cost no more to make.

Sprint To Begin Layoffs, Cut $2.5 Billion In Expenses 55

An anonymous reader writes: Sprint's struggles to remain a major carrier continue. Just a few days after announcing that it is dropping out of a major low-band spectrum auction, the company now says it must cut between $2 billion and $2.5 billion in costs over the next six months. The cuts will need to be aggressive — according to the Wall Street Journal (paywalled), Sprint "had $7.5 billion in operating expenses during the three months ended June 30," even as it cut $1.5 billion over the past year. The only good news for Sprint is that its subscriber base is still slowly growing, though not quickly enough to keep pace with T-Mobile, let alone Verizon or AT&T.

Vigilante Malware Protects Routers Against Other Security Threats 75

Mickeycaskill writes: Researchers at Symantec have documented a piece of malware that infects routers and other connected devices, but instead of harming them, improves their security. Affected routers connect to a peer-to-peer network with other compromised devices, to distribute threat updates. 'Linux.Wifatch' makes no attempt to conceal itself and even left messages for users, urging them to change their passwords and update their firmware. Symantec estimates 'tens of thousands' of devices are affected and warns that despite Wifatch's seemingly philanthropic intentions, it should be treated with caution.

"It should be made clear that Linux.Wifatch is a piece of code that infects a device without user consent and in that regard is the same as any other piece of malware," said Symantec. "It should also be pointed out that Wifatch contains a number of general-purpose back doors that can be used by the author to carry out potentially malicious actions." There is one simple solution to rid yourself of the malware though: reset your device

$50 Fire Tablet With High-capacity SDXC Slot Doesn't See E-books On the SD Card 138

Robotech_Master writes: For all that the $50 Fire tablet has a 128 GB capable SDXC card slot that outclasses every other tablet in its price range, and it evolved out of Amazon's flagship e-book reader, it strangely lacks the ability to index e-books on that card. This seems like a strange oversight, given that every other media app on the tablet uses that card for downloading and storage, and its 5 GB usable internal memory isn't a lot for people who have a large library of picture-heavy e-books—especially if they want to install other apps, too.

This Machine Produces the Largest Humanmade Waves In the World 63

sciencehabit writes: A new experimental facility at Deltares, a research institute in the Netherlands, has begun producing the largest humanmade waves in the world. Like kids building sandcastles below the tideline on the beach, scientists will let the walls of water crash on dikes of different designs and other structures—sometimes until they're destroyed. The Delta Flume, to be inaugurated on 5 October, is a 300-meter-long water-filled trough that is 9.5 meters high and 5 meters wide. At one end sits a gigantic metal plate called a wave board; four pistons move it back and forth to whip up the kind of waves that the sea can unleash.

EPA Gave Volkswagen a Free Pass On Emissions Ten Years Ago Due To Lack of Budget 202

An anonymous reader writes: A new report suggests that continuing cuts to the Environmental Protection Agency's budget contributed to Volkswagen being able to cheat on its emissions tests. When the test scripts were developed the department — which can still only conduct 'spot tests' on 20% of all qualifying vehicles — was forced to concentrate on heavy machinery and truck manufacturers, which at the time had a far higher incidence of attempting to cheat on vehicle standards tests. Discounting inflation the EPA's 2015 budget is on a par with its 2002 budget (PDF), and has been cut by 21% since 2010.

Moon Express Signs Launch Contract For Possible First Private Lunar Landing 69

MarkWhittington writes: According to a story in Space.com, Moon Express, one of the leading contestants in the Google Lunar X Prize competition, has made a giant leap toward its goal of being the first private group to land on the moon. The company has signed a contract with Rocket Lab, a new launch company based in New Zealand, for five launches of its upcoming Electron rocket. The first two launches will take place in 2017 and will be attempts to land the MX-1 lander on the lunar surface in time to win the prize by the current deadline by the end of that year.

DARPA Is Looking For Analog Approaches To Cyber Monitoring 41

chicksdaddy writes: Frustrated by adversaries continued success at circumventing or defeating cyber defense and monitoring technologies, DARPA is looking to fund new approaches, including the monitoring of analog emissions from connected devices, including embedded systems, industrial control systems and Internet of Things endpoints, Security Ledger reports.

DARPA is putting $36m to fund the Leveraging the Analog Domain for Security (LADS) Program (PDF). The agency is looking for proposals for "enhanced cyber defense through analysis of involuntary analog emissions," including things like "electromagnetic emissions, acoustic emanations, power fluctuations and thermal output variations." At the root of the program is frustration and a lack of confidence in digital monitoring and protection technologies developed for general purpose computing devices like desktops, laptops and servers.

The information security community's focus on "defense in-depth" approaches to cyber defense are ill suited for embedded systems because of cost, complexity or resource limitations. Even if that were possible, DARPA notes that "attackers have repeatedly demonstrated the ability to pierce protection boundaries, exploiting the fact that any security logic ultimately executes within the same computing unit as the rest of the (compromised) device software and the attacker's code."
GNU is Not Unix

FLIF: Free Lossless Image Format 293

nickweller sends a link to an informational post about FLIF, the Free, Lossless Image Format. It claims to outperform PNG, lossless WebP, and other popular formats on any kind of image. "On photographs, PNG performs poorly while WebP, BPG and JPEG 2000 compress well (see plot on the left). On medical images, PNG and WebP perform relatively poorly while BPG and JPEG 2000 work well (see middle plot). On geographical maps, BPG and JPEG 2000 perform (extremely) poorly while while PNG and WebP work well (see plot on the right). In each of these three examples, FLIF performs well — even better than any of the others." FLIF uses progressive decoding to provide fully-formed lossy images from partial downloads in bandwidth-constrained situations. Best of all, FLIF is free software, released under the GNU GPLv3.