Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Software

Tesla Model S In Fatal Autopilot Crash Was Going 74 MPH In a 65 Zone, NTSB Says (latimes.com) 171

An anonymous reader quotes a report from Los Angeles Times: The Tesla car involved in a fatal crash in Florida this spring was in Autopilot mode and going about 10 miles faster than the speed limit, according to safety regulators, who also released a picture of the mangled vehicle. Earlier reports had stated the Tesla Model S struck a big rig while traveling on a divided highway in central Florida, and speculated that the Tesla Autopilot system had failed to intervene in time to prevent the collision. The National Transportation Safety Board released a preliminary report Tuesday that confirms some details of the May 7 collision, along with a photo that shows the car with its windshield flattened and most of its roof sheared off. The federal agency also included a photo of the big rig, circling an area on the right side of the tractor-trailer that showed the light damage the truck received from the collision. The 2015 Model S was moving at 74 mph, above the posted 65 mph speed limit, when it struck a 53-foot trailer being pulled by a Freightliner Cascadia truck. Tesla's semi-autonomous Autopilot driving feature was engaged, the report says.
Facebook

Facebook Open Sources 360 Surround Camera With Ikea-Style Instructions (techcrunch.com) 25

Reader joshtops writes: Facebook needs you to fill its News Feed, Oculus Rift, and Gear VR with 360 content. So today it put all the hardware and software designs of its Surround 360 camera on Github after announcing the plan in April. Thanks to cheeky instruction manual inspired by Ikea's manuals, you can learn how to buy the parts, assemble the camera, load the image-stitching software, and start shooting 360 content. Essentially 17 cameras on a UFO-looking stick, the 360 Surround camera can be built for about $30,000 in parts. The 4-megapixel lenses can shoot 4K, 6K, or 8K 360 video, and fisheye lenses on the top and bottom remove the blindspots. Facebook forced a random engineer to try to build the 360 Surround from the open source instructions, and found it took about four hours.FastCompany has more details.
Android

Motorola Confirms That It Will Not Commit To Monthly Security Patches (arstechnica.com) 109

If you are planning to purchase the Moto Z or a Moto G4 smartphone, be prepared to not see security updates rolling out to your phone every month -- and in a timely fashion. After Ars Technica called out Motorola's security policy as "unacceptable" and "insecure," in a recent review, the company tried to handle the PR disaster, but later folded. In a statement to the publication, the company said: Motorola understands that keeping phones up to date with Android security patches is important to our customers. We strive to push security patches as quickly as possible. However, because of the amount of testing and approvals that are necessary to deploy them, it's difficult to do this on a monthly basis for all our devices. It is often most efficient for us to bundle security updates in a scheduled Maintenance Release (MR) or OS upgrade. As we previously stated, Moto Z Droid Edition will receive Android Security Bulletins. Moto G4 will also receive them.Monthy security updates -- or the lack thereof -- remains one of the concerning issues that plagues the vast majority of Android devices. Unless it's a high-end smartphone, it is often rare to see the smartphone OEM keep the device's software updated for more than a year. Even with a flagship phone, the software update -- and corresponding security patches -- are typically guaranteed for only 18 to 24 months. Reports suggest that Google has been taking this issue seriously, and at some point, it was considering publicly shaming its partners that didn't roll out security updates to their respective devices fast enough.
Blackberry

BlackBerry Says Its New Android Smartphone DTEK 50 Is the 'World's Most Secure' (theverge.com) 90

BlackBerry, which once assumed the tentpole position in the mobile market, announced on Tuesday the BlackBerry DTEK 50, its second smartphone powered by Google's Android operating system. The Canadean company is marketing the DTEK as the 'world's most secure' phone. It is priced at $300, and will go on sale in select markets on August 8. The Verge adds:The DTEK50 has a 5.2-inch, 1080p display, Qualcomm Snapdragon 617 processor, 3GB RAM, 13-megapixel camera, and 2,610mAh battery. The 8-megapixel front camera also includes a flash for taking selfies. It runs Android 6.0 Marshmallow with BlackBerry's software features, such as the Hub. The software is similar to the software on the Priv released last year. The security features are highlighted right in the device's name, as it has BlackBerry's DTEK software that protects users from malware and other security problems often seen on Android smartphones. The DTEK app lets users quickly get an overview of their device's security and take action on any potential issues. BlackBerry says that it has modified Android with its own technology originally developed for the BB10 platform to make it more secure. The company is also committing to rapid updates to deliver security patches shortly after they are released.
Microsoft

Steam On Windows 10 Will Get 'Progressively Worse': Gears of War Developer (ndtv.com) 361

Microsoft's Universal Windows Platform, or UWP, approach isn't sitting well with many game developers. Four months after criticising UWP ecosystem for being a walled-garden, curtailing "users' freedom to install full-featured PC software, and subverting the rights of developers and publishers to maintain a direct relationship with their customers," Tim Sweeney, co-founder of Epic Games, the studio behind the Gears of War and Unreal franchises has once again lashed out at the Redmond-based company. He alleges that Microsoft plans to make Steam -- the world's largest PC gaming platform, "progressively worse and more broken." in a move to bolster people's reliance on the Windows Store. From a Gadgets 360 report: "Slowly, over the next five years, they will force-patch Windows 10 to make Steam progressively worse and more broken. They'll never completely break it, but will continue to break it until, in five years, people are so fed up that Steam is buggy that the Windows Store seem like an ideal alternative. That's exactly what they did to their previous competitors in other areas. Now they're doing it to Steam. It's only just starting to become visible. Microsoft might not be competent enough to succeed with their plan but they are certainly trying," Sweeney said. He adds the outcome of this would be forcing every app and game to be sold through the Windows Store alone. "If they can succeed in doing that then it's a small leap to forcing all apps and games to be distributed through the Windows store. Once we reach that point, the PC has become a closed platform. It won't be that one day they flip a switch that will break your Steam library -- what they're trying to do is a series of sneaky manoeuvres. They make it more and more inconvenient to use the old apps, and, simultaneously, they try to become the only source for the new ones," he claims.
Earth

Feds To Deploy Anti-Drone Software Near Wildfires (thehill.com) 160

An anonymous reader quotes a report from The Hill: Federal officials are launching a new "geofencing" program to alert drone pilots when they're flying too close to wildfire prevention operations. The Department of Interior said Monday it would deploy software warnings to pilots when their drones pose a risk to the aircraft used by emergency responders fighting wildfires. The agency said there have been 15 instances of drones interfering with firefighter operations this year, including several leading to grounded aircraft. Drone-related incidents doubled between 2014 and 2015, the agency said. Officials built the new warning system with the drone industry, and the agency said manufacturers could eventually use it to build drones that automatically steer away from wildfire locations. The program is in its pilot phase, the agency said; officials hope to have a full public release in time for next year's wildfire season. "No responsible drone operator wants to endanger the lives of the men and women who work to protect them and we believe this program, which uses the global positioning system to create a virtual barrier, will move us one step closer to eliminating this problem for wildfire managers," Mark Bathrick, the director of the Interior Department's Office of Aviation Service, said in a statement.
Communications

NIST Prepares To Ban SMS-Based Two-Factor Authentication (softpedia.com) 145

An anonymous reader writes: "The U.S. National Institute for Standards and Technology (NIST) has released the latest draft version of the Digital Authentication Guideline that contains language hinting at a future ban of SMS-based Two-Factor Authentication (2FA)," reports Softpedia. The NIST DAG draft argues that SMS-based two-factor authentication is an insecure process because the phone may not always be in possession of the phone number, and because in the case of VoIP connections, SMS messages may be intercepted and not delivered to the phone. The guideline recommends the usage of tokens and software cryptographic authenticators instead. Even biometrics authentication is considered safe, under one condition: "Biometrics SHALL be used with another authentication factor (something you know or something you have)," the guideline's draft reads. The NIST DAG draft reads in part: "If the out of band verification is to be made using a SMS message on a public mobile telephone network, the verifier SHALL verify that the pre-registered telephone number being used is actually associated with a mobile network and not with a VoIP (or other software-based) service. It then sends the SMS message to the pre-registered telephone number. Changing the pre-registered telephone number SHALL NOT be possible without two-factor authentication at the time of the change. OOB using SMS is deprecated, and will no longer be allowed in future releases of this guidance."
Microsoft

Windows 10 Anniversary Update: the Best New Features (theverge.com) 333

A year after the release of Windows 10, Microsoft is gearing up for Anniversary Update, the first major update to the company's desktop operating system. Ahead of the public release of Anniversary Update on August 2, Microsoft provided media outlets with the Anniversary Update, and their first impressions and reviews are out. The Verge has listed the big changes Windows 10 Anniversary ships with. From the article: Windows Ink: Windows Ink is without a doubt the best part of the Anniversary Update. It's essentially a central location to find built-in or third-party apps that work with your stylus. You can use the new sticky notes to note down reminders, and they'll even transform into true reminders as Cortana understands what you write.
Microsoft Edge extensions: If you're a fan of Chrome extensions, then you'll be glad to hear that they're heading to Microsoft's Edge browser. The Anniversary Update brings support for extensions, and it's now up to third-party developers to fill the Windows Store with their add-ons.
Cortana improvements: Microsoft's digital assistant, Cortana, debuted on Windows 10 last year, and the software maker is bringing it to the lock screen with the Anniversary Update. You'll be able to ask it to make a note, play music, set a reminder, and lots more without ever logging in. Cortana is also getting a little more intelligent, with the ability to schedule appointments in Outlook or options to send friends a document you were working on a week ago.
Dark theme and UI tweaks: You can switch on what I call even darker mode in settings, and it will switch built-in apps that typically use a white background over to black.
Other improvements include things like Windows 10's ability to set your time zone automatically, and opening up of Windows Hello, the biometric feature to apps and websites. Additionally, the Xbox One is getting Windows apps. The Verge adds, "It feels like a promise that was made years ago, but it's finally coming true with the Anniversary Update. As Windows 10 now powers the Xbox One, Microsoft will start rolling out an update to its console to provide support for Cortana on Xbox One and the new universal apps." Microsoft is also adding Bash, the Linux command line to Windows with the new update. It's an optional feature and users will need to enable it to use it. Users will also be able to "project to PC," a feature that will allow one to easily find a PC to project to from a phone or another PC. There's also a new Skype app, and syncing of notifications between PC and phone is getting better.
Going by the reviews, it appears Windows 10 Anniversary Update is substantially more stable, and has interesting new features. You can read the first impressions of it on ZDNet, and review on PCWorld.
Microsoft

Microsoft Cuts Xbox One Price To $249 - Would You Buy or Recommend One? (theverge.com) 137

Tom Warren, writing for The Verge: Microsoft is cutting the price of its Xbox One console to $249. The new price marks the third price cut in less than two months, ahead of the new Xbox One S launch on August 2nd. 500GB versions of the Xbox One are now $249, and this includes bundles with games like Gears of War: Ultimate Edition, Quantum Break, Forza Motorsport 6, Rise of the Tomb Raider, and Rare Replay. Retailers like Best Buy and Amazon will be selling Microsoft's Xbox One console at the new $249 price point immediately, and the software giant says the consoles will be available at $249 "while supplies last." Microsoft's aggressive Xbox One pricing follows a sales gap between its console and Sony's PlayStation 4. Sony has sold more than 40 million PS4s, but it's not clear exactly how many Xbox Ones have been sold as Microsoft hasn't provided sales figures for quite some time. EA previously revealed Microsoft had sold 19 million Xbox One consoles back in January.
Microsoft

Microsoft Can't Shield User Data From Government, Says Government (bloomberg.com) 189

Microsoft is now arguing in court that their customers have a right to know when the government is reading their e-mail. But "The U.S. said federal law allows it to obtain electronic communications without a warrant or without disclosure of a specific warrant if it would endanger an individual or an investigation," according to Bloomberg. An anonymous reader quotes their report: The software giant's lawsuit alleging that customers have a constitutional right to know if the government has searched or seized their property should be thrown out, the government said in a court filing... The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail... The Justice Department's reply Friday underscores the government's willingness to fight back against tech companies it sees obstructing national security and law enforcement investigations...

Secrecy orders on government warrants for access to private e-mail accounts generally prohibit Microsoft from telling customers about the requests for lengthy or even unlimited periods, the company said when it sued. At the time, federal courts had issued almost 2,600 secrecy orders to Microsoft alone, and more than two-thirds had no fixed end date, cases the company can never tell customers about, even after an investigation is completed.

Biotech

Kurzweil Argues Technology Improves The World, Compares DNA to Code (geekwire.com) 202

Futurist Ray Kurzweil told a Seattle conference specific ways in which technology is already improving our lives. For example, while there's a general perception that the world's getting worse, "What's actually happening is our information about what's wrong in the world is getting better. A century ago, there would be a battle that wiped out the next village, you'd never even hear about it." An anonymous Slashdot reader quotes two of Kurzweil's other interesting insights: "We're only crowded because we've crowded ourselves into cities. Try taking a train trip across the United States, or Europe or Asia or anywhere in the world. Ninety-nine percent of the land is not used... we don't want to use it because you don't want to be out in the boondocks if you don't have people to work and play with. That's already changing now that we have some level of virtual communication..."

[And on the potential of human genomics] "It's not just collecting what is basically the object code of life that is expanding exponentially. Our ability to understand it, to reverse-engineer it, to simulate it, and most importantly to reprogram this outdated software is also expanding exponentially. Genes are software programs. It's not a metaphor. They are sequences of data. But they evolved many years ago, many tens of thousands of years ago..."

First Person Shooters (Games)

Valve Threatens Counter Strike Gambling Sites (hngn.com) 37

An anonymous Slashdot reader quotes a report from HNGN: Game maker Valve is threatening to shut down sites dedicated to gambling with add-ons to its popular Counter Strike game. On Thursday the company sent cease and desist letters to 23 sites, demanding that gambling operations be stopped, and that the sites had 10 days to comply. The row revolves around the software overlays that change the appearance of the characters people play in Counter Strike: Global Offensive (CSGO) and the weapons and other virtual items. Last week the company reiterated that its user agreements ban external sites from asking users to connect their Steam accounts in order to trade items for real money. The company added that it would use "all available remedies" against sites that did not stop players using virtual goods to gamble.
Bloomberg reports that in June a class action lawsuit was filed against Valve "for its role in the multibillion-dollar gambling economy that has fueled the game's popularity" -- by a man who had been gambling on the site since 2014. This was followed in July by a second class action lawsuit by a mother on behalf of her son, reports ESPN. "The case alleges that the Valve knowingly allows and profits from teenagers participating in illegal, unregulated and underage gambling of in-game cosmetic weapon skins through third-party sites."
Security

'High-Risk Vulnerabilities' In Oracle File-Processing SDKs Affect Major Third-Party Products (csoonline.com) 11

itwbennett writes: "Seventeen high-risk vulnerabilities out of the 276 flaws fixed by Oracle Tuesday affect products from third-party software vendors," writes Lucian Constantin on CSOonline. The vulnerabilities, which were found by researchers from Cisco's Talos team, are in the Oracle Outside In Technology (OIT), a collection of SDKs that are used in third-party products, including Microsoft Exchange, Novell Groupwise, IBM WebSphere Portal, Google Search Appliance, Avira AntiVir for Exchange, Raytheon SureView, Guidance Encase and Veritas Enterprise Vault.

"It's not clear how many of those products are also affected by the newly patched seventeen flaws, because some of them might not use all of the vulnerable SDKs or might include other limiting factors," writes Constantin. But the Cisco researchers confirmed that Microsoft Exchange servers (version 2013 and earlier) are affected if they have WebReady Document Viewing enabled. In a blog post the researchers describe how an attacker could exploit these vulnerabilities.

TL;DR version: "Attackers can exploit the flaws to execute rogue code on systems by sending specifically crafted content to applications using the vulnerable OIT SDKs."
Advertising

Google Tests Ads That Load Faster and Use Less Power (bbc.co.uk) 117

Slashdot reader Big Hairy Ian quotes a report from the BBC: Google says it has found a way to make ads load faster on web pages viewed on smartphones and tablets. The company said the ads would also be less taxing on the handsets' processors, meaning their batteries should last longer. The technique is based on work it has already done to make news publishers' articles load more quickly. But it is still in development, and one expert said Google still had questions to answer. The California-based company's online advertising revenue totalled $67.4 billion last year...
The technique limits the scope of JavaScript, and "provides its own activity measurement tools, which are said to be much more efficient," according to article. A Google software engineer explains that this technique "only animates things that are visible on the screen," and throttles animation to fewer frames per second for weaker devices -- or disables the animations altogether. "This ensures that every device gets the best experience it can deliver and makes sure that ads cannot have a negative impact on important aspects of the user experience such as scrolling."
Security

Microsoft Rewrites Wassenaar Arms Control Pact To Protect The Infosec Industry (theregister.co.uk) 20

The Wassenaar Arrangement "is threatening to choke the cyber-security industry, according to a consortium of cyber-security companies...supported by Microsoft among others," reports SC Magazine. "'Because the regulation is so overly broad, it would require cyber responders and security researchers to obtain an export license prior to exchanging essential information to remediate a newly identified network vulnerability, even when that vulnerability is capable of being exploited for purposes of surveillance,' wrote Alan Cohn from the CRC on a Microsoft blog." Reporter Darren Pauli contacted Slashdot with this report: If the Wassenaar Arrangement carries through under its current state, it will force Microsoft to submit some 3800 applications for arms export every year, company assistant general counsel Cristin Goodwin says... The Wassenaar Arrangement caught all corners of the security industry off guard, but its full potentially-devastating effects will only be realised in coming months and years... Goodwin and [Symantec director of government affairs] Fletcher are calling on the industry to lobby their agencies to overhaul the dual-use software definition of the Arrangement ahead of a closed-door meeting in September where changes can be proposed.
Communications

Tinder Scam Promises Account Verification, But Actually Sells Porn (csoonline.com) 29

itwbennett writes: Tinder users should be on the lookout for Tinder profiles asking them to get "verified" and then sending them a link to a site called "Tinder Safe Dating." The service asks for credit card information, saying this will verify the user's age. Once payment information has been captured, the user is then signed up for a free trial of porn, which will end up costing $118.76 per month unless the service is cancelled. In Tinder's safety guidelines, the company warns users to avoid messages that contain links to third-party websites or ask money for an address.
Classic Games (Games)

Sega Announces Two New Sonic Games That Seek To Recapture The Glory Days (gamespot.com) 45

An anonymous reader writes: In celebration of Sonic the Hedgehog's 25th anniversary, Sega has announced two new Sonic games at Comic-Con in San Diego. The first game is called Sonic Mania and it's a 2D platformer that features visuals and gameplay reminiscent of the classic Genesis games. "It revamps zones and acts from Sonic the Hedgehog, Sonic the Hedgehog 2, Sonic CD, Sonic the Hedgehog 3, and Sonic and Knuckles, in addition to introducing new ones into the fold," writes Mat Paget from GameSpot. The second game has no title [besides "Project Sonic 2017"], but it does have a holiday 2017 release date for PS4, Xbox One, and Nintendo NX consoles. It reportedly features both classic and modern versions of Sonic, similar to 2011's Sonic Generations. Sega made two additional announcements. "Mobile game Sonic Dash has passed 200 million downloads and will receive a special in-game event that adds the Green Hill Zone and Classic Sonic as a playable character," reports GameSpot. "The event only lasts a week, but players can unlock both the classic level and character for use after the event." The second additional announcement is that the animated Sonic Boom series will be renewed for a second season. "Sonic Mania was born out of our fans' love of the classic Sonic 2D platform games,â said Sonic Team head Takashi Iizuka. "This type of collaboration is a first for Sega and we hope everyone will be both surprised and delighted by this title. Sonic Mania has been a passion project for the entire team and we look forward to sharing more details about it later this year. Having the game actually playable at the event itself tonight was testament to the dedication of the team behind it.â
Businesses

Cyanogen Inc. Reportedly Fires OS Development Arm, Switches To Apps (arstechnica.com) 122

An anonymous reader writes: Android Police is reporting that the Android software company Cyanogen Inc. will be laying off 20 percent of its workforce, and will transition from OS development to applications. The Android Police report says "roughly 30 out of the 136 people Cyanogen Inc. employs" are being cut, and that the layoffs "most heavily impact the open source arm" of the company. Android Police goes on to say that CyanogenMod development by Cyanogen Inc "may be eliminated entirely." Ars Technica notes the differences between each "Cyanogen" branding. Specifically, CyanogenMod is a "free, open source, OS heavily based on Android and compatible with hundreds of devices," while Cyanogen Inc. is "a for-profit company that aims to sell Cyanogen OS to OEMs." It appears that many of the core CyanogenMod developers will no longer be paid to work on CyanogenMod, though the community is still free to develop the software." Android Police details the firing process in their report: "Layoffs reportedly came after a long executive retreat for the company's leaders and were conducted with no advanced notice. Employees who were not let go were told not to show up to work today. Those who did show up were the unlucky ones: they had generic human resources meetings rather ominously added to their calendars last night. So, everyone who arrived at Cyanogen Inc. in Seattle this morning did so to lose their job (aside from those conducting the layoffs)." Early last year, Microsoft invested in a roughly $70 million round of equity financing for the then-startup Cyanogen Inc. Not too long before that, Google tried to acquire Cyanogen Inc., but the company turned down Google's offer to seek funding from investors and major tech companies at a valuation of around $1 billion. Cyanogen Inc. CEO Kirt McMaster once said the company was "attempting to take Android away from Google" and that it was "putting a bullet through Google's head."

UPDATE 7/25/16: Cyanogen CEO and cofounder Kirt McMaster took to Twitter to dispel some of the rumors, tweeting: "Cyanogen NOT pivoting to apps. We are an OS company and our mission of creating an OPEN ANDROID stands. FALSE reporting was outstanding."
Security

Auto Industry Publishes Its First Set of Cybersecurity Best Practices (securityledger.com) 38

chicksdaddy quotes a report from Security Ledger: The Automotive industry's main group for coordinating policy on information security and "cyber" threats has published a "Best Practices" document, giving individual automakers guidance on implementing cybersecurity in their vehicles for the first time. The Automotive Information Sharing and Analysis Center (ISAC) released the Automotive Cybersecurity Best Practices document on July 21st, saying the guidelines are for auto manufacturers as well as their suppliers. The Best Practices cover organizational and technical aspects of vehicle cybersecurity, including governance, risk management, security by design, threat detection, incident response, training, and collaboration with appropriate third parties. Taken together, they move the auto industry closer to standards pioneered decades ago and embraced by companies like Microsoft. They call on automakers to design software to be secure from the ground up and to take a sober look at risks to connected vehicles as part of the design process. Automakers are urged to test for and respond to software vulnerabilities, to develop methods for assessing and fixing security vulnerabilities, to create training programs, promote cybersecurity awareness for both information technology and vehicle specific risks, and educate employees about security awareness. The document comes after a Kelly Blue Book survey that found that 62% of drivers think "connected cars will be hacked," and that 42% say they "want cars to be more connected."
Businesses

VW Has Emissions-Cheating Fix Ready, Says Report (pressherald.com) 64

An anonymous reader writes from a report via Portland Press Herald: Volkswagen plans to fix the engines that were rigged to cheat on emissions tests by updating computer software and installing a larger catalytic converter to trap harmful nitrogen oxide, according to two dealers who were briefed by executives on the matter. The dealers said that limited details of the plan were made public last week at a regional dealer meeting in Newark, New Jersey, by Volkswagen of America Chief Operating Officer Mark McNabb. Portland Press Herald reports: "One dealer said the group was told that early testing of a small sample of repaired cars showed that the fix made 'no discernible difference' in the cars' mileage, horsepower or torque. Both dealers said they were told that more testing was needed and that the plans still had to be approved by the U.S. Environmental Protection Agency and the California Air Resources Board. One of the dealers said the so-called 'Generation 1' diesels -- about 325,000 VW Jettas, Golfs, Passats and Beetles from the 2009 to 2014 model years – would get new software and bigger catalytic converters in January or February of next year. About 90,000 'Generation 2' Passats already have sufficient emissions systems and would get only a software update early next year. Another 67,000 'Generation 3' 2015 models would get software in October and would get additional hardware a year later, the dealer said. Dealers also were told that they'd be reimbursed by VW for sales losses due to the scandal, and that new vehicles are coming." Last month, Volkswagen agreed to a record $14.7 billion settlement over the emissions cheating.

Slashdot Top Deals