Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Apple's New MacBook Pro Requires a $25 Dongle To Charge Your iOS Device ( 147

An anonymous reader quotes a report from Network World: As Phil Schiller explained during today's event, Apple's new MacBook Pros feature four Thunderbolt 3 USB Type-C ports, and conveniently, each of these can be used to charge the machine. Now, USB-C is incredibly versatile, and Apple will use the advanced port for power charging, HDMI and much more. However, with USB-C the only game in town, you might reasonably be wondering: How in the world do I connect my iPhone to my sleek new MacBook Pro? The frustrating answer is that you won't be able to do so out of the box. Instead, you'll have to buy a dongle. This is especially frustrating because many people use their notebooks for a) charging purposes when an outlet isn't necessarily handy and b) for transferring photos and other data. Now, you might reasonably state that you can just rely upon the cloud for items like data transfer, but there's no getting around the fact that Apple's efforts in the cloud still leave much to be desired. How much will it cost to connect your iPhone to your brand new MacBook Pro? Well, Apple sells a USB-C to Lightning cable on its website for $25. While this is undoubtedly frustrating, we can't say that it's entirely unexpected given Apple gave us a preview of its preference for USB-C when it released its 12-in. MacBook last year. Still, it's a funky design choice for a decidedly Pro-oriented device where the last thing a prospective consumer would want to do is spend some extra cash for a dongle after spending upwards of $2,399. Lastly, while we're on the topic of ports, it's worth noting that the new MacBook Pros also do away with the beloved MagSafe connector.

Samsung Sales, Profits Dive on Note 7 Recall ( 35

Samsung's smartphone division struggled to breakeven between July and September as sales plunged due to the recall of its high-end Note 7. The smartphone giant said quarterly sales in its IT and Mobile Communications division were down 15 percent on the same period last year to 22.5 trillion Korean won (US$19.8 billion) while operating profit crashed 95 percent to 100 billion won. From a PCWorld report: Problems with the Note 7 starting hitting sales shortly after it went on sale in mid-August. By early September, reports that several units had caught on fire prompted Samsung to begin a costly recall and replacement program. When it became clear that the replacements had the same problem, Samsung pulled the phone for good. Perhaps remarkably, Samsung said it saw no significant effect during the quarter on sales of its two other high-end handsets, the Galaxy S7 and S7 Edge, but it conceded that "regaining consumer confidence" will be a key objective in the months ahead. And for the current quarter, which includes the key year-end sales period, Samsung said it expects profit in the smartphone divison to bounce back to normal levels due to solid sales of the two flagship phones and increasing sales of mid-level Galaxy A- and J-series handsets. "As for 2017, the company anticipates a turnaround with the launch of new flagship smartphones," it said in a statement. "Next year will also see expansion of Samsung Pay rollouts and cloud-related services as well as the introduction of artificial intelligence related offerings."

Nuclear Plants Leak Critical Alerts In Unencrypted Pager Messages ( 75

mdsolar quotes a report from Ars Technica: A surprisingly large number of critical infrastructure participants -- including chemical manufacturers, nuclear and electric plants, defense contractors, building operators and chip makers -- rely on unsecured wireless pagers to automate their industrial control systems. According to a new report, this practice opens them to malicious hacks and espionage. Earlier this year, researchers from security firm Trend Micro collected more than 54 million pages over a four-month span using low-cost hardware. In some cases, the messages alerted recipients to unsafe conditions affecting mission-critical infrastructure as they were detected. A heating, venting, and air-conditioning system, for instance, used an e-mail-to-pager gateway to alert a hospital to a potentially dangerous level of sewage water. Meanwhile, a supervisory and control data acquisition system belonging to one of the world's biggest chemical companies sent a page containing a complete "stack dump" of one of its devices. Other unencrypted alerts sent by or to "several nuclear plants scattered among different states" included:

-Reduced pumping flow rate
-Water leak, steam leak, radiant coolant service leak, electrohydraulic control oil leak
-Fire accidents in an unrestricted area and in an administration building
-Loss of redundancy
-People requiring off-site medical attention
-A control rod losing its position indication due to a data fault
-Nuclear contamination without personal damage
Trend Micro researchers wrote in their report titled "Leaking Beeps: Unencrypted Pager Messages in Industrial Environments": "We were surprised to see unencrypted pages coming from industrial sectors like nuclear power plants, substations, power generation plants, chemical plants, defense contractors, semiconductor and commercial manufacturers, and HVAC. These unencrypted pager messages are a valuable source of passive intelligence, the gathering of information that is unintentionally leaked by networked or connected organizations. Taken together, threat actors can do heavy reconnaissance on targets by making sense of the acquired information through paging messages. Though we are not well-versed with the terms and information used in some of the sectors in our research, we were able to determine what the pages mean, including how attackers would make use of them in an elaborate targeted attack or how industry competitors would take advantage of such information. The power generation sector is overseen by regulating bodies like the North American Electric Reliability Corporation (NERC). The NERC can impose significant fines on companies that violate critical infrastructure protection requirements, such as ensuring that communications are encrypted. Other similar regulations also exist for the chemical manufacturing sector."

The Phone Hackers At Cellebrite Have Had Their Firmware Leaked Online ( 29

An anonymous reader quotes a report from Motherboard: Cellebrite, an Israeli company that specializes in digital forensics, has dominated the market in helping law enforcement access mobile phones. But one apparent reseller of the company's products is publicly distributing copies of Cellebrite firmware and software for anyone to download. Although Cellebrite keeps it most sensitive capabilities in-house, the leak may still give researchers, or competitors, a chance to figure out how Cellebrite breaks into and analyzes phones by reverse-engineering the files. The apparent reseller distributing the files is McSira Professional Solutions, which, according to its website, "is pleased to serve police, military and security agencies in the E.U. And [sic] in other parts of the world." McSira is hosting software for various versions of Cellebrite's Universal Forensic Extraction Device (UFED), hardware that investigators can use to bypass the security mechanisms of phones, and then extract data from them. McSira allows anyone to download firmware for the UFED Touch, and a PC version called UFED 4PC. It is also hosting pieces of Cellebrite forensic software, such as the UFED Cloud Analyzer. This allows investigators to further scrutinize seized data. McSira is likely offering downloads so customers can update their hardware to the latest version with as little fuss as possible. But it may be possible for researchers to take those files, reverse-engineer them, and gain insight into how Cellebrite's tools work. That may include what sort of exploits Cellebrite uses to bypass the security mechanisms of mobile phones, and weaknesses in the implementation of consumer phones that could be fixed, according to one researcher who has started to examine the files, but was not authorised by his employer to speak to the press about this issue.

Rowhammer Attack Can Now Root Android Devices ( 100

An anonymous reader writes from a report via Softpedia: Researchers have discovered a method to use the Rowhammer RAM attack for rooting Android devices. For their research paper, called Drammer: Deterministic Rowhammer Attacks on Mobile Platforms, researchers tested and found multiple smartphone models to be vulnerable to their attack. The list includes LG Nexus (4, 5, 5X), LG G4, Motorola Moto G (2013 and 2014), One Plus One, HTC Desire 510, Lenovo K3 Note, Xiaomi Mi 4i, and Samsung Galaxy (S4, S5, and S6) devices. Researchers estimate that millions of Android users might be vulnerable. The research team says the Drammer attack has far more wide-reaching implications than just Android, being able to exploit any device running on ARM chips. In the past, researchers have tested the Rowhammer attack against DDR3 and DDR4 memory cards, weaponized it via JavaScript, took over PCs via Microsoft Edge, and hijacked Linux virtual machines. There's an app to test if your phone is vulnerable to this attack. "Rowhammer is an unintended side effect in dynamic random-access memory (DRAM) that causes memory cells to leak their charges and interact electrically between themselves, possibly altering the contents of nearby memory rows that were not addressed in the original memory access," according to Wikipedia. "This circumvention of the isolation between DRAM memory cells results from the high cell density in modern DRAM, and can be triggered by specially crafted memory access patterns that rapidly activate the same memory rows numerous times."

Microsoft Raises UK Cloud, Software Prices 22% After Brexit-Fuelled Pound Drop ( 214

Reader Mickeycaskill writes: Microsoft is to substantially increase its prices for software and cloud services prices offered in British pounds in order to accommodate the sharp drop in the currency against the US dollar in recent weeks. Beginning in January 2017 on-premises enterprise software prices will go up by 13 percent and most enterprise cloud prices will increase by 22 percent, bringing them into line with euro prices. Microsoft said it isn't planning to change its prices for consumer software and cloud services. The value of the pound has fallen by about 18 percent since the EU referendum on 23 June.

A British Supercomputer Can Predict Winter Weather a Year In Advance ( 176

The national weather service of the U.K. claims it can now predict the weather up to a year in advance. An anonymous reader quotes The Stack: The development has been made possible thanks to supercomputer technology granted by the UK Government in 2014. The £97 million high-performance computing facility has allowed researchers to increase the resolution of climate models and to test the retrospective skill of forecasts over a 35-year period starting from 1980... The forecasters claim that new supercomputer-powered techniques have helped them develop a system to accurately predict North Atlantic Oscillation -- the climatic phenomenon which heavily impacts winters in the U.K.
The researchers apparently tested their supercomputer on 36 years worth of data, and reported proudly that they could predict winter weather a year in advance -- with 62% accuracy.

Quantum Researchers Achieve 10-Fold Boost In Superposition Stability ( 86

An anonymous reader quotes The Stack: A team of Australian researchers has developed a qubit offering ten times the stability of existing technologies. The computer scientists claim that the new innovation could significantly increase the reliability of quantum computing calculations... The new technology, developed at the University of New South Wales, has been named a 'dressed' quantum bit as it combines a single atom with an electromagnetic field. This process allows the qubit to remain in a superposition state for ten times longer than has previously been achieved. The researchers argue that this extra time in superposition could boost the performance stability of quantum computing calculations... Previously fragile and short-lived, retaining a state of superposition has been one of the major barriers to the development of quantum computing. The ability to remain in two states simultaneously is the key to scaling and strengthening the technology further.
Do you ever wonder what the world will look like when everyone has their own personal quantum computer?

Canonical Names Ubuntu Linux 17.04 'Zesty Zapus' ( 65

"Linux distributions and silly names go together like peanut butter and jelly," notes BetaNews. BrianFagioli writes: One of the most well-known Linux distributions to use funny names is Ubuntu. It famously uses the convention of an adjective and a lesser-known animal, each starting with the same letter... For example, Ubuntu 16.10 uses the letter "Y" -- "Yakkety Yak". The next version of the operating system will use the letter "Z" [and] Canonical has chosen "Zesty Zapus"... It is apparently a type of jumping mouse...

"As we come to the end of the alphabet, I want to thank everyone who makes this fun. Your passion and focus and intellect, and occasionally your sharp differences, all make it a privilege to be part of this body incorporate. Right now, Ubuntu is moving even faster to the centre of the cloud and edge operations. From AWS to the zaniest new devices, Ubuntu helps people get things done faster, cleaner, and more efficiently, thanks to you...", says Mark Shuttleworth, CEO, Canonical... "we are a tiny band in a market of giants, but our focus on delivering free software freely together with enterprise support, services and solutions appears to be opening doors, and minds, everywhere. So, in honour of the valiantly tiny leaping long-tailed over the obstacles of life, our next release which will be Ubuntu 17.04, is hereby code named the Zesty Zapus".

My favorite was Xenial Xerus.

Will Tesla Install Home Solar Panels To Charge Cars? ( 81

Earlier this week, Tesla signed a non-binding agreement to buy solar cells from a new Panasonic factory in Buffalo, New York -- but it's part of a much bigger maneuver. An anonymous Slashdot reader writes: "If all goes to plan, Tesla will be supplying customers with the solar panels that generate electricity that could then be used to charge the battery in their Tesla car or the battery in the Tesla Powerwall home energy storage system," reports the Christian Science Monitor. The Wall Street Journal reports that Musk's SolarCity "will sell, finance and install the panels."

But the Buffalo News suggests the deal is really "aimed squarely at skeptical shareholders" who may be leary of a proposed merger between Tesla and SolarCity," which one analyst calculates will require nearly $6 billion in extra capital. Panasonic could help shoulder the costs of the Buffalo factory, while also putting a more experienced manufacturer in charge of producing high-efficiency solar modules.

The Stack reports some shareholders have actually filed a lawsuit against the merger.

Chemical-Releasing Bike Lock Causes Vomiting To Deter Thieves ( 283

An anonymous reader quotes a report from BBC: The "Skunklock" is a U-shaped steel bicycle lock with a pressurized, stinking gas inside. The gas escapes in a cloud if someone attempts to cut the lock. The company claims its "noxious chemical" is so disgusting it "induces vomit in the majority of cases." Even better, it claims, the gas causes "shortness of breathing" and impaired eyesight. The idea, which tries to make stealing a bike as unpleasant as possible, is raising money for production on crowdfunding site Indiegogo. "Our formula irreversibly ruins the clothes worn by the thief or any of the protection they may be wearing," the company claims on its crowdfunding page. Since stolen bikes sell for a fraction of their true cost, replacing clothing or equipment could make the theft more trouble than it's worth. Skunklock says it has tested its foul gas, and it even penetrates high-end gas masks -- though most thieves are unlikely to go to such lengths. But the company said that the compressed gas is perfectly safe -- and can only be released "by trying to cut through it with an angle grinder." If the chemical countermeasure is released, it is a one-time only use, and the lock, which costs over $100, will have to be replaced. But the hope is that the unpleasant experience will cause them to abandon the attempted theft, leaving the bicycle behind.

Amid Major Internet Outages, Affected Websites Have Lessons To Learn ( 135

Earlier today, Dyn, an internet infrastructure company, was hit by several DDoS attacks, which interestingly affected several popular websites including The New York Times, Reddit, Spotify, and Twitter that were directly or indirectly using Dyn's services. The attack is mostly visible across the US eastern seaboard with rest of the world noticing a few things broken here and there. Dyn says it's currently investigating a second round of DDoS attacks, though the severity of the outage is understandably less now. In the meantime, the Homeland Security said that it is aware of the attack and is investigating "all potential causes." Much of who is behind these attacks is unknown for now, and it is unlikely that we will know all the details until at least a few days. The attacks however have revealed how unprepared many websites are when their primary DNS provider goes down. ZDNet adds: The elephant in the room is that this probably shouldn't have happened. At very least there's a lot to learn already about the frailty of the internet DNS system, and the lack of failsafes and backups for websites and tech companies that rely on outsourced DNS service providers. "It's also a reminder of one risk of relying on multi-tenant service providers, be they DNS, or a variety of many other managed cloud service providers," said Steve Grobman, chief technology officer at Intel Security. Grobman warned that because this attack worked, it can be exploited again. "Given how much of our connected world must increasingly rely upon such cloud service providers, we should expect more such disruptions," he said. "We must place a premium of service providers that can present backup, failover, and enhance security capabilities allowing them to sustain and deflect such attacks." And that's key, because even though Dyn is under attack, it's the sites and services that rely on its infrastructure who should rethink their own "in case of emergency" failsafes. It may only be the east coast affected but lost traffic means lost revenue. Carl Levine, senior technical evangelist for NS1, another major managed DNS provider, said that the size and scale of recent attacks "has far exceeded what the industry thought was the upper end of the spectrum." "Large companies need to constantly upgrade their flood defenses. Some approaches that worked just a few years ago are now basically useless," said Kevin Curran, senior member with IEEE.We also recommend reading security reporter Brian Krebs's take on this.
United Kingdom

UK Government Proposes Minimum 10Mbps Broadband For Poor ( 79

An anonymous reader writes: The UK's Local Government Association (LGA) is proposing a social tariff to ensure that minimum broadband access of at least 10 Mbps is available to all UK citizens at an affordable price. Last November, Parliament announced that it would begin work on a Universal Service Obligation (USO), which would grant all citizens the right to request broadband service with a minimum 10Mbps. At the time, Prime Minister David Cameron said, "Access to the Internet shouldn't be a luxury; it should be a right -- absolutely fundamental to life in 21st century Britain." Research by Ofcom in 2014 showed "marked relationships between socio-economic deprivation and [poor] broadband availability in cities". Similar results have been found in rural areas, which means that the demand for increasing broadband service to a minimum level may be high among people with lower incomes.

Microsoft Shares Hit All-Time High As Company Strengthens Its Cloud Grip ( 43

Marco della Cava, reporting for USA Today: Microsoft shares surged 5% in early trading Friday, and passed a high set in 1999, helped by enthusiasm for progress in its cloud business. The stock was at up at $60.11, breezing past the $58.72 mark set in December 1999. Friday's rally follows Microsoft's latest quarterly report, out late Thursday, that beat analyst expectations for adjusted sales and profit and showcased a doubling of growth in its Azure cloud business, while reflecting continued strain from consumers' pivot away from PCs and traditional software purchases.Microsoft reported its Q1 2017 earnings yesterday, noting a revenue of $20.5 billion, which was higher than Wall Street's expectations. Company's Intellgent Cloud revenue was up 8 percent, whereas Azure revenue observed 116 percent growth year-on-year.

Windows is the Most Open Platform There is, Says Satya Nadella ( 286

On Tuesday in a conversation with Gartner analysts, Satya Nadella talked about the future of AI, the cloud, Windows, and what his company plans to do with LinkedIn. But the most notable remark from Nadella was when he said this, "Windows is the most open platform there is." ZDNet adds: It came in the context of Nadella talking about Microsoft's mission to unite the three big constituencies in the technology world. "That's the approach we've always taken," said Nadella, "bringing users, IT, and developers together... When you bring them together, that's where the magic happens." He reminded the audience of several thousand technology leaders that Microsoft began by making tools, then it made apps, and now it makes platforms. Or, it buys them.

Hackers Steal Credit Card Data From Visitors of US Senate GOP Committee Website ( 28

pdclarry writes: While all of the recent news has been about hacking the Democratic National Committee, apparently the Republicans have also been hacked over many months (since March 2016). This was not about politics, however; it was to steal credit card numbers. Brian Krebs reports: "a report this past week out of The Netherlands suggests Russian hackers have for the past six months been siphoning credit card data from visitors to the web storefront of the National Republican Senatorial Committee (NRSC). [...] If you purchased a 'Never Hillary' poster or donated funds to the NRSC through its website between March 2016 and the first week of this month [October 2016], there's an excellent chance that your payment card data was siphoned by malware and is now for sale in the cybercrime underground." Krebs says his information comes from Dutch researcher Willem De Groot, co-founder and head of security at Dutch e-commerce site The Republicans were not alone; theirs was just one of 5,900 e-commerce sites hacked by the same Russian actors. You can view De Groot's analysis of the malware planted on the NRSC's site and other services here. Krebs adds: "The NRSC did not respond to multiple requests for comment, but a cached copy of the site's source code from October 5, 2016 indicates the malicious code was on the site at the time (load this link, click 'view source' and then Ctrl-F for '')."

UK Police Begins Deployment of 22,000 Police Body Cameras ( 65

An anonymous reader writes: London's Metropolitan Police Service has begun a roll-out of 22,000 Body Worn Video (BWV) cameras to officers over the city's 32 boroughs after ten years of country-wide trials. The device, which records video only when the officer decides, has a 130-degree field of view and a 30-second buffer which permits police to begin recording even after an event has started. The makers of the camera also provide an Android/iOS app which can allow a remote viewer to connect to an officer's camera, effectively turning police operatives into walking CCTVs. Academic research has suggested that use of BWV cams can reduce complaints against officers by 93%, and the Met contends that the new technology, whose cloud-based systems erases unwanted videos after 31 days, is particularly effective in domestic violence cases.
The Almighty Buck

2016 Has Been an Ugly Year For Tech Layoffs, and It's Going To Get Worse, Says Analyst ( 272

IEEE Spectrum writer Tekla Perry writes: Early this year, analyst Trip Chowdhry from Global Equities Research predicted that the tech world was going to see big layoffs in 2016 -- some 330,000 in all at major tech companies. At the time, these numbers seemed way over the top. Then IBM started slashing jobs in March -- and continued to wield the ax over and over as the year progressed. Yahoo began layoffs of some 15 percent of its employees in February. Intel announced in April that it would lay off 12,000 this year. So, was Chowdhry right? "Yes," he told me when I asked him this week. "The layoffs I predicted have been occurring." And worse, he says, these laid-off workers are never again going to find tech jobs: "They will always remain unemployed," at least in tech, he said. "Their skills will be obsolete." Some of these layoffs are due to a sea change in the industry, as it transforms to the world of mobile and cloud. But some are signs of a bubble about to pop. It's all going to get worse in 2017, he predicts, because that's when the tech bubble will burst. Chowdhry, someone who has never been reluctant to go out on a limb, is predicting that'll happen in March.

Most Businesses Haven't Inspected Cloud Services For Malware ( 34

Ian Barker, reporting for BetaNews: Echoing the findings we reported earlier that companies leave cloud protection to third-parties, a new study from cloud security company Netskope reveals most companies don't scan their cloud services for malware either. The study conducted with the Ponemon Institute shows 48 percent of companies surveyed don't inspect the cloud for malware and 12 percent are unsure if they do or not. Of those that do inspect 57 percent of respondents say they found malware. It also shows that while 49 percent of business applications are now stored in the cloud, fewer than half of them (45 percent) are known, officially sanctioned or approved by IT.

Dropbox, Google Drive, GitHub and Microsoft OneDrive Cloud Services Blocked In Turkey ( 75

An anonymous reader quotes the censorship-monitoring site Turkey Blocks: Turkey has blocked access to Dropbox, Microsoft OneDrive and partially restricted Google Drive cloud file sharing services following the leak of a set of private emails allegedly belonging to Minister Albayrak by hacktivist group RedHack. Both Google Drive and Dropbox services were issuing SSL errors, indicating intercepted traffic at the national or ISP level. Microsoft OneDrive was also subsequently blocked off throughout Turkey.
The emails reportedly document Turkey's use of pro-government trolls on Twitter -- though ironically, it's Twitter that's now being used to document the censorship. (GitHub was also blocked last night, according to a status update from the group.) Google Drive was even displaying an official notice from the Turkish government's Information and Communication Technologies Authority describing their block as an "administration measure" -- although another Twitter update this morning says Google Drive is now back online after Google complied with the government's takedown order.

Slashdot Top Deals