Feed aggregator

More people infected by recent WCry worm can unlock PCs without paying ransom

Ars Technica - Fri, 19/05/2017 - 17:20

Enlarge (credit: Ed Westcott / American Museum of Science and Energy)

New hope glimmered on Friday for people hit by last week's virulent ransomware worm after researchers showed that a broader range of PCs infected by WCry can be unlocked without owners making the $300 to $600 payment demand.

A new publicly available tool is able to decrypt infected PCs running Windows XP and 7, and 2003, and one of the researchers behind the decryptor said it likely works for other Windows versions, including Vista, Server 2008, and 2008 R2. The tool, known as wanakiwi, builds off a key discovery implemented in a different tool released Thursday. Dubbed Wannakey, the previous tool provided the means to extract key material from infected Windows XP PCs but required a separate app to transform those bits into the secret key required to decrypt files.

Matt Suiche, cofounder of security firm Comae Technologies, helped develop and test wanakiwi and reports that it works. Europol the European Union's law-enforcement agency, has also validated the tool. Suiche has published technical details here, and provided the following screenshot of the tool in action:

Read 6 remaining paragraphs | Comments

Clint Adams: Help the Aged

Planet Debian - Fri, 19/05/2017 - 17:10

I keep meeting girls from Walnut Creek who don’t know about the CDROM.

Posted on 2017-05-19 Tags: ranticore

BostonGlobe.com disables articles when your browser’s in private mode

Ars Technica - Fri, 19/05/2017 - 17:02

BostonGlobe.com has a new message for visitors using private mode.

The Boston Globe website is closing off a hole in its paywall by preventing visitors who aren't logged in from reading articles in a browser's private mode.

"You're using a browser set to private or incognito mode" is the message given to BostonGlobe.com visitors who click on articles in private mode. "To continue reading articles in this mode, please log in to your Globe account." People who aren't already Globe subscribers are urged to subscribe.

Like other news sites, the Globe limits the number of articles people can read without a subscription. Until the recent change, Globe website visitors could read more articles for free by switching to private or incognito mode. (You can still get a new supply of free articles by clearing the Globe's cookies from your browser.)

Read 11 remaining paragraphs | Comments

Oculus cofounder bristles at being “disqualified” for Trump support

Ars Technica - Fri, 19/05/2017 - 16:40

A picture of Luckey from a time when he probably had a better opinion of the media.

Oculus cofounder Palmer Luckey hasn't exactly been eager to talk to the media since leaving Facebook nearly two months ago (a cosplay-focused Japanese interview notwithstanding). In fact, Luckey hasn't said much about the controversy surrounding his political giving since a short statement posted last September.

In Twitter posts yesterday, though, Luckey seemed to express exasperation at the public pressure he felt following publicized donations to Nimble America, a pro-Trump group that sold itself on "shitposting," "meme magic," and donations to Trump's inauguration effort.

"I don't think someone should be disqualified from being the 'face of a medium' for supporting the President of the US, no matter the party," Luckey wrote in response to a poster who pushed back against "politics [that] support the oppression of people based on sexuality, race, religion or gender."

Read 5 remaining paragraphs | Comments

IBM tells thousands of remote employees to come back to office or find new jobs

Ars Technica - Fri, 19/05/2017 - 16:28

Enlarge / IBM's deadline for remote employees to decide if they're willing to relocate to keep their jobs has arrived. (credit: Coolcaesar/Wikimedia)

IBM, one of the earliest companies to embrace the concept of employees working en masse from home or small satellite offices, has informed thousands of employees that it's time to return to the mothership—or find a new job. As The Wall Street Journal reports, this week is the deadline for remote employees—who make up as much as 40 percent of IBM's workforce—to decide whether to move or leave.

IBM once heralded the savings and productivity gains it won from its "Mobility Initiative." The company has also made untold millions over the past two decades selling software and consulting services, such as its Sametime instant messaging and voice products, to companies looking to support far-flung workforces.

Earlier this month, IBM touted research from IBM's Smarter Workforce Institute that found "remote workers... were highly engaged, more likely to consider their workplaces as innovative, happier about their job prospects and less stressed than their more traditional, office-bound colleagues."

Read 2 remaining paragraphs | Comments

Security updates for Friday

LWN.net - Fri, 19/05/2017 - 16:14
Security updates have been issued by Debian (deluge, jbig2dec, mysql-connector-java, and nss), Fedora (jasper), Mageia (mhonarc and radicale), openSUSE (smb4k), SUSE (kdelibs4 and rpcbind), and Ubuntu (jasper and openjdk-7).

PC gamers might have to wait longer for Destiny 2

Ars Technica - Fri, 19/05/2017 - 16:00

Enlarge / Destiny 2's first multiplayer map includes a ton of tight city-styled corridors.

Activision has been shouting from the rooftops for months now that Destiny 2 will be available starting September 8. Now, the publisher has clarified that this release date only applies to the console version of the game. PC users will likely have to wait a bit longer to play the highly anticipated massively multiplayer shooter.

"We're not committed to a PC date yet, but at Bungie we're totally committed to making a PC build as great as we can," Destiny 2 Director Luke Smith told PC Gamer following the first gameplay reveal for the title. "Our partnership with Blizzard and being on Battle.net, we want to make sure that this version of the game has the time it needs to bake in the oven so it's a delicious piece of bread when it comes out."

Blizzard was also squishy about PC release specifics in a FAQ regarding the game's release on Battle.net (which is supposedly actually called the Blizzard app now, even though no one calls it that). "We’re excited to work with Bungie to bring the PC version of Destiny 2 to every region Blizzard currently operates in," the FAQ reads. "Bungie is actively working through the global details. We look forward to sharing additional information later this year."

Read 4 remaining paragraphs | Comments

Destiny 2 PC premiere impressions: Strike harder at 4K/60 FPS

Ars Technica - Fri, 19/05/2017 - 15:50

Enlarge / Hot tip: Don't get as close to the new Gladiator enemy as I did. (credit: Bungie)

LOS ANGELES—Bungie knows how to deliver a first-person shooter that immediately looks and feels solid. The game developer's prowess with accessible, sexy blasting has never been in doubt. But two big questions remain as the company's highly anticipated sequel, Destiny 2, nears its September 9 launch: How much better will the sequel feel over a long span of time as it tries to hook fans for multiple years? And what should we expect from the series' Windows PC premiere?

A few hours with the game was too brief to answer the first question, though a fantastic "Strike" mission got my hopes up. My hours of play were certainly long enough to wholeheartedly sell me on Destiny 2's PC build. Sadly, Bungie and Activision have saddled this superior PC version—one that enjoys tight mouse-and-keyboard controls and higher frame rates—with quite the asterisk: a PC-specific delay.

A terrible wait for the good stuff

Ars Technica plays Destiny 2's Inverted Spire co-op Strike mission. NOTE: This was played and captured on a PlayStation 4 Pro. PC game capture was not allowed at the event. Also, NOTE: Sorry for my so-so performance. I played way better on keyboard-and-mouse, I swear. (video link)

Read 30 remaining paragraphs | Comments

Tabby’s star is dimming again, and astronomers are excited

Ars Technica - Fri, 19/05/2017 - 15:25

Enlarge / Image of the star KIC 8462852 at infrared (left) and ultraviolet (right) wavelengths. (credit: Infrared: IPAC/NASA; Ultraviolet: STScI (NASA))

For the last few years, a distant star in the constellation Cygnus, known officially as KIC 8462852 and unofficially as Tabby's star or the WTF star, has intrigued astronomers due to its irregular but significant dimming. Astronomers have struggled to find a natural explanation for why the star dims so much, 20 percent, before returning to its regular brightness.

These observations have led to various hypotheses, including the exotic notion of some kind of alien megastructure passing between the star and Earth-based telescopes. Now the enigmatic star has been observed to be dropping in flux again, and astronomers have put out a call for telescopes around the world to measure light coming from the system.

#TabbysStar IS DIPPING! OBSERVE!! @NASAKepler @LCO_Global @keckobservatory @AAVSO @nexssinfo @NASA @NASAHubble @Astro_Wright @BerkeleySETI

— Tabetha Boyajian (@tsboyajian) May 19, 2017

As of Friday morning, it appeared that the light curve coming from the star had only just begun to dip, offering observatories a chance to observe most of dimming cycle.

Read 2 remaining paragraphs | Comments

Microsoft’s renewed embrace of developers, developers, developers, developers

Ars Technica - Fri, 19/05/2017 - 15:15

Microsoft's love for developers is well-known and has been enthusiastically expressed over the years. Windows' strength as a development platform—the abundance of custom, line-of-business applications, games, Office integrations—has given the company an entrenched position in the corporate world, ubiquity in Western homes, and extensive reach into the server room.

In the past, Microsoft's focus on developers had a certain myopic quality. One manifestation of this that was close to my heart was the development of the company's C and C++ compiler—or perhaps I should say, non-development. Microsoft's compiler did not support the C99 standard (and still does not today, though it's better than it used to be), and for a dark period through the 2000s, it made only half-hearted attempts to support the full C++98 and C++03 standards. The failure to support these standards meant that many open source software libraries were becoming difficult or impossible to compile with Microsoft's own compiler, making Windows at best a second-class citizen.

I asked Microsoft about this many times, wondering why the company didn't appear to care that it was making Windows irrelevant to these groups. The response was always unsatisfactory: the existing body of Windows developers wasn't demanding these features, and hence they were unimportant. Never mind that there was a wider community of developers out there that Microsoft was making unwelcome on its platform.

Read 27 remaining paragraphs | Comments

Plot twist: Cheesy soap opera script is deceptive drug ad, doctors warn

Ars Technica - Fri, 19/05/2017 - 14:53

Enlarge / General Hospital's Anna Devane gets diagnosed with a rare form of blood cancer. (credit: Itslorigh, General Hospital)

This year on General Hospital, central character Anna Devane is stricken with a rare and life-threatening type of blood cancer. Gasp! OK, this may not be shocking; dramatic, unlikely, and always tragic events are the norm on soap operas. But this one is a little different.

Prior to the tear-jerking diagnosis, the ABC daytime drama—the longest running soap opera in the US—made a deal with a pharmaceutical company to come up with her fate. And the company, Incyte Corporation, just so happens to make the only targeted therapy for fictional Anna’s very real form of cancer. This did not sit well with two doctors.

In an opinion piece published this week in JAMA, Sham Mailankody of Memorial Sloan Kettering Cancer Center and Vinay Prasad of Oregon Health & Science University systematically question the intent of the promotion. The piece ends with a call to arms to medical policy makers and regulators to try to stamp out these "creative" promotions.

Read 7 remaining paragraphs | Comments

New Surface Pro: No USB-C port, minor design refresh revealed in leaked images

Ars Technica - Fri, 19/05/2017 - 14:06

Evleaks

Images of the next Surface Pro leaked out yesterday—and it seems Surface chief Panos Panay wasn't lying when he said "there's no such thing as the Surface Pro 5": Microsoft's next lappable tablet will simply be called Surface Pro without a descriptive numeral.

The Surface Pro images leaked by @evleaks show a device that is slimmer and has slightly more rounded edges than the Surface Pro 4, but otherwise it seems mostly unchanged. Just like the new Surface Laptop, there's still no USB-C connector. The leaked images suggest there will be some new keyboard and pen colours, though.

Read 4 remaining paragraphs | Comments

Michael Prokop: Debian stretch: changes in util-linux #newinstretch

Planet Debian - Fri, 19/05/2017 - 09:42

We’re coming closer to the Debian/stretch stable release and similar to what we had with #newinwheezy and #newinjessie it’s time for #newinstretch!

Hideki Yamane already started the game by blogging about GitHub’s Icon font, fonts-octicons and Arturo Borrero Gonzalez wrote a nice article about nftables in Debian/stretch.

One package that isn’t new but its tools are used by many of us is util-linux, providing many essential system utilities. We have util-linux v2.25.2 in Debian/jessie and in Debian/stretch there will be util-linux >=v2.29.2. There are many new options available and we also have a few new tools available.

Tools that have been taken over from other packages
  • last: used to be shipped via sysvinit-utils in Debian/jessie
  • lastb: used to be shipped via sysvinit-utils in Debian/jessie
  • mesg: used to be shipped via sysvinit-utils in Debian/jessie
  • mountpoint: used to be shipped via initscripts in Debian/jessie
  • sulogin: used to be shipped via sysvinit-utils in Debian/jessie
New tools
  • lsipc: show information on IPC facilities, e.g.:
  • root@ff2713f55b36:/# lsipc RESOURCE DESCRIPTION LIMIT USED USE% MSGMNI Number of message queues 32000 0 0.00% MSGMAX Max size of message (bytes) 8192 - - MSGMNB Default max size of queue (bytes) 16384 - - SHMMNI Shared memory segments 4096 0 0.00% SHMALL Shared memory pages 18446744073692774399 0 0.00% SHMMAX Max size of shared memory segment (bytes) 18446744073692774399 - - SHMMIN Min size of shared memory segment (bytes) 1 - - SEMMNI Number of semaphore identifiers 32000 0 0.00% SEMMNS Total number of semaphores 1024000000 0 0.00% SEMMSL Max semaphores per semaphore set. 32000 - - SEMOPM Max number of operations per semop(2) 500 - - SEMVMX Semaphore max value 32767 - -
  • lslogins: display information about known users in the system, e.g.:
  • root@ff2713f55b36:/# lslogins UID USER PROC PWD-LOCK PWD-DENY LAST-LOGIN GECOS 0 root 2 0 1 root 1 daemon 0 0 1 daemon 2 bin 0 0 1 bin 3 sys 0 0 1 sys 4 sync 0 0 1 sync 5 games 0 0 1 games 6 man 0 0 1 man 7 lp 0 0 1 lp 8 mail 0 0 1 mail 9 news 0 0 1 news 10 uucp 0 0 1 uucp 13 proxy 0 0 1 proxy 33 www-data 0 0 1 www-data 34 backup 0 0 1 backup 38 list 0 0 1 Mailing List Manager 39 irc 0 0 1 ircd 41 gnats 0 0 1 Gnats Bug-Reporting System (admin) 100 _apt 0 0 1 65534 nobody 0 0 1 nobody
  • lsns: list system namespaces, e.g.:
  • root@ff2713f55b36:/# lsns NS TYPE NPROCS PID USER COMMAND 4026531835 cgroup 2 1 root bash 4026531837 user 2 1 root bash 4026532473 mnt 2 1 root bash 4026532474 uts 2 1 root bash 4026532475 ipc 2 1 root bash 4026532476 pid 2 1 root bash 4026532478 net 2 1 root bash
  • setpriv: run a program with different privilege settings
  • zramctl: tool to quickly set up zram device parameters, to reset zram devices, and to query the status of used zram devices
New features/options

addpart (show or change the real-time scheduling attributes of a process):

--reload reload prompts on running agetty instances

blkdiscard (discard the content of sectors on a device):

-p, --step <num> size of the discard iterations within the offset -z, --zeroout zero-fill rather than discard

chrt (show or change the real-time scheduling attributes of a process):

-d, --deadline set policy to SCHED_DEADLINE -T, --sched-runtime <ns> runtime parameter for DEADLINE -P, --sched-period <ns> period parameter for DEADLINE -D, --sched-deadline <ns> deadline parameter for DEADLINE

fdformat (do a low-level formatting of a floppy disk):

-f, --from <N> start at the track N (default 0) -t, --to <N> stop at the track N -r, --repair <N> try to repair tracks failed during the verification (max N retries)

fdisk (display or manipulate a disk partition table):

-B, --protect-boot don't erase bootbits when creating a new label -o, --output <list> output columns --bytes print SIZE in bytes rather than in human readable format -w, --wipe <mode> wipe signatures (auto, always or never) -W, --wipe-partitions <mode> wipe signatures from new partitions (auto, always or never) New available columns (for -o): gpt: Device Start End Sectors Size Type Type-UUID Attrs Name UUID dos: Device Start End Sectors Cylinders Size Type Id Attrs Boot End-C/H/S Start-C/H/S bsd: Slice Start End Sectors Cylinders Size Type Bsize Cpg Fsize sgi: Device Start End Sectors Cylinders Size Type Id Attrs sun: Device Start End Sectors Cylinders Size Type Id Flags

findmnt (find a (mounted) filesystem):

-J, --json use JSON output format -M, --mountpoint <dir> the mountpoint directory -x, --verify verify mount table content (default is fstab) --verbose print more details

flock (manage file locks from shell scripts):

-F, --no-fork execute command without forking --verbose increase verbosity

getty (open a terminal and set its mode):

--reload reload prompts on running agetty instances

hwclock (query or set the hardware clock):

--get read hardware clock and print drift corrected result --update-drift update drift factor in /etc/adjtime (requires --set or --systohc)

ldattach (attach a line discipline to a serial line):

-c, --intro-command <string> intro sent before ldattach -p, --pause <seconds> pause between intro and ldattach

logger (enter messages into the system log):

-e, --skip-empty do not log empty lines when processing files --no-act do everything except the write the log --octet-count use rfc6587 octet counting -S, --size <size> maximum size for a single message --rfc3164 use the obsolete BSD syslog protocol --rfc5424[=<snip>] use the syslog protocol (the default for remote); <snip> can be notime, or notq, and/or nohost --sd-id <id> rfc5424 structured data ID --sd-param <data> rfc5424 structured data name=value --msgid <msgid> set rfc5424 message id field --socket-errors[=<on|off|auto>] print connection errors when using Unix sockets

losetup (set up and control loop devices):

-L, --nooverlap avoid possible conflict between devices --direct-io[=<on|off>] open backing file with O_DIRECT -J, --json use JSON --list output format New available --list column: DIO access backing file with direct-io

lsblk (list information about block devices):

-J, --json use JSON output format New available columns (for --output): HOTPLUG removable or hotplug device (usb, pcmcia, ...) SUBSYSTEMS de-duplicated chain of subsystems

lscpu (display information about the CPU architecture):

-y, --physical print physical instead of logical IDs New available column: DRAWER logical drawer number

lslocks (list local system locks):

-J, --json use JSON output format -i, --noinaccessible ignore locks without read permissions

nsenter (run a program with namespaces of other processes):

-C, --cgroup[=<file>] enter cgroup namespace --preserve-credentials do not touch uids or gids -Z, --follow-context set SELinux context according to --target PID

rtcwake (enter a system sleep state until a specified wakeup time):

--date <timestamp> date time of timestamp to wake --list-modes list available modes -r, --reorder <dev> fix partitions order (by start offset)

sfdisk (display or manipulate a disk partition table):

New Commands: -J, --json <dev> dump partition table in JSON format -F, --list-free [<dev> ...] list unpartitioned free areas of each device -r, --reorder <dev> fix partitions order (by start offset) --delete <dev> [<part> ...] delete all or specified partitions --part-label <dev> <part> [<str>] print or change partition label --part-type <dev> <part> [<type>] print or change partition type --part-uuid <dev> <part> [<uuid>] print or change partition uuid --part-attrs <dev> <part> [<str>] print or change partition attributes New Options: -a, --append append partitions to existing partition table -b, --backup backup partition table sectors (see -O) --bytes print SIZE in bytes rather than in human readable format --move-data[=<typescript>] move partition data after relocation (requires -N) --color[=<when>] colorize output (auto, always or never) colors are enabled by default -N, --partno <num> specify partition number -n, --no-act do everything except write to device --no-tell-kernel do not tell kernel about changes -O, --backup-file <path> override default backup file name -o, --output <list> output columns -w, --wipe <mode> wipe signatures (auto, always or never) -W, --wipe-partitions <mode> wipe signatures from new partitions (auto, always or never) -X, --label <name> specify label type (dos, gpt, ...) -Y, --label-nested <name> specify nested label type (dos, bsd) Available columns (for -o): gpt: Device Start End Sectors Size Type Type-UUID Attrs Name UUID dos: Device Start End Sectors Cylinders Size Type Id Attrs Boot End-C/H/S Start-C/H/S bsd: Slice Start End Sectors Cylinders Size Type Bsize Cpg Fsize sgi: Device Start End Sectors Cylinders Size Type Id Attrs sun: Device Start End Sectors Cylinders Size Type Id Flags

swapon (enable devices and files for paging and swapping):

-o, --options <list> comma-separated list of swap options New available columns (for --show): UUID swap uuid LABEL swap label

unshare (run a program with some namespaces unshared from the parent):

-C, --cgroup[=<file>] unshare cgroup namespace --propagation slave|shared|private|unchanged modify mount propagation in mount namespace -s, --setgroups allow|deny control the setgroups syscall in user namespaces Deprecated / removed options

sfdisk (display or manipulate a disk partition table):

-c, --id change or print partition Id --change-id change Id --print-id print Id -C, --cylinders <number> set the number of cylinders to use -H, --heads <number> set the number of heads to use -S, --sectors <number> set the number of sectors to use -G, --show-pt-geometry deprecated, alias to --show-geometry -L, --Linux deprecated, only for backward compatibility -u, --unit S deprecated, only sector unit is supported

Benjamin Mako Hill: Children’s Perspectives on Critical Data Literacies

Planet Debian - Fri, 19/05/2017 - 01:51

Last week, we presented a new paper that describes how children are thinking through some of the implications of new forms of data collection and analysis. The presentation was given at the ACM CHI conference in Denver last week and the paper is open access and online.

Over the last couple years, we’ve worked on a large project to support children in doing — and not just learning about — data science. We built a system, Scratch Community Blocks, that allows the 18 million users of the Scratch online community to write their own computer programs — in Scratch of course — to analyze data about their own learning and social interactions. An example of one of those programs to find how many of one’s follower in Scratch are not from the United States is shown below.

Last year, we deployed Scratch Community Blocks to 2,500 active Scratch users who, over a period of several months, used the system to create more than 1,600 projects.

As children used the system, Samantha Hautea, a student in UW’s Communication Leadership program, led a group of us in an online ethnography. We visited the projects children were creating and sharing. We followed the forums where users discussed the blocks. We read comment threads left on projects. We combined Samantha’s detailed field notes with the text of comments and forum posts, with ethnographic interviews of several users, and with notes from two in-person workshops. We used a technique called grounded theory to analyze these data.

What we found surprised us. We expected children to reflect on being challenged by — and hopefully overcoming — the technical parts of doing data science. Although we certainly saw this happen, what emerged much more strongly from our analysis was detailed discussion among children about the social implications of data collection and analysis.

In our analysis, we grouped children’s comments into five major themes that represented what we called “critical data literacies.” These literacies reflect things that children felt were important implications of social media data collection and analysis.

First, children reflected on the way that programmatic access to data — even data that was technically public — introduced privacy concerns. One user described the ability to analyze data as, “creepy”, but at the same time, “very cool.” Children expressed concern that programmatic access to data could lead to “stalking“ and suggested that the system should ask for permission.

Second, children recognized that data analysis requires skepticism and interpretation. For example, Scratch Community Blocks introduced a bug where the block that returned data about followers included users with disabled accounts. One user, in an interview described to us how he managed to figure out the inconsistency:

At one point the follower blocks, it said I have slightly more followers than I do. And, that was kind of confusing when I was trying to make the project. […] I pulled up a second [browser] tab and compared the [data from Scratch Community Blocks and the data in my profile].

Third, children discussed the hidden assumptions and decisions that drive the construction of metrics. For example, the number of views received for each project in Scratch is counted using an algorithm that tries to minimize the impact of gaming the system (similar to, for example, Youtube). As children started to build programs with data, they started to uncover and speculate about the decisions behind metrics. For example, they guessed that the view count might only include “unique” views and that view counts may include users who do not have accounts on the website.

Fourth, children building projects with Scratch Community Blocks realized that an algorithm driven by social data may cause certain users to be excluded. For example, a 13-year-old expressed concern that the system could be used to exclude users with few social connections saying:

I love these new Scratch Blocks! However I did notice that they could be used to exclude new Scratchers or Scratchers with not a lot of followers by using a code: like this: when flag clicked if then user’s followers < 300 stop all. I do not think this a big problem as it would be easy to remove this code but I did just want to bring this to your attention in case this not what you would want the blocks to be used for.

Fifth, children were concerned about the possibility that measurement might distort the Scratch community’s values. While giving feedback on the new system, a user expressed concern that by making it easier to measure and compare followers, the system could elevate popularity over creativity, collaboration, and respect as a marker of success in Scratch.

I think this was a great idea! I am just a bit worried that people will make these projects and take it the wrong way, saying that followers are the most important thing in on Scratch.

Kids’ conversations around Scratch Community Blocks are good news for educators who are starting to think about how to engage young learners in thinking critically about the implications of data. Although no kid using Scratch Community Blocks discussed each of the five literacies described above, the themes reflect starting points for educators designing ways to engage kids in thinking critically about data.

Our work shows that if children are given opportunities to actively engage and build with social and behavioral data, they might not only learn how to do data analysis, but also reflect on its implications.

This blog-post and the work that it describes is a collaborative project by Samantha Hautea, Sayamindu Dasgupta, and Benjamin Mako Hill. We have also received support and feedback from members of the Scratch team at MIT (especially Mitch Resnick and Natalie Rusk), as well as from Hal Abelson from MIT CSAIL. Financial support came from the US National Science Foundation.

The text (and subtext) of Trump’s cyber executive order

Ars Technica - Thu, 18/05/2017 - 22:53

Enlarge / President Trump’s executive order on cybersecurity is built on the orders and policies of his predecessor, and is almost entirely apolitical. (credit: Jabin Botsford/The Washington Post via Getty Images)

Last week, amidst the whirlwind surrounding the firing of FBI Director James Comey, President Donald Trump signed his long-promised executive order on federal government cybersecurity. While many of the other orders issued by Trump have been politically fraught, this one is not; it's possibly the least controversial document to be adorned with the president's signature since his inauguration.

In fact, aside from some of the more Trumpian language in the order, this Executive Order could have easily been issued by the Obama administration. That's because it largely is based on policies and procedures that were spearheaded by President Obama's staff.

"My initial reaction to the order is, 'this is great,'" former National Security Council Director for Cybersecurity Policy Ben Flatgard told Ars. "Trump just endorsed Barack Obama's cybersecurity policy." Flatgard was one of the principal authors of the Obama administration's Cyber National Action Plan (CNAP), published in February of 2016.

Read 29 remaining paragraphs | Comments

ReactOS 0.4.5 released

OS news - Thu, 18/05/2017 - 22:50
ReactOS 0.4.5 has been released. Thanks to the work of Katayama Hirofumi and Mark Jansen, ReactOS now better serves requests for fonts and font metrics, leading to an improved rendering of applications and a more pleasant user experience. Your continued donations have also funded a contract for Giannis Adamopoulos to fix every last quirk in our theming components. The merits of this work can be seen in ReactOS 0.4.5, which comes with a smoother themed user interface and the future promises to bring even more improvements. In another funded effort, Hermès Bélusca-Maïto has got MS Office 2010 to run under ReactOS, another application from the list of most voted apps. Don’t forget to install our custom Samba package from the Application Manager if you want to try it out for yourself.

Android developers can now block rooted devices, Netflix bites

OS news - Thu, 18/05/2017 - 22:46
Over the weekend, it was discovered that the Android Netflix application could no longer be installed on rooted Android devices - in fact, it vanished from the Play Store on rooted devices completely. Netflix then confirmed it started blocking rooted devices from installing the Netflix application. Well, it turns out we'll only be going downhill from here, as Google explained at I/O that from now on, developers will be able to block their applications from being installed on rooted Android devices. Developers will be able to choose from 3 states shown in the top image: not excluding devices based on SafetyNet, excluding those that don't pass integrity, or excluding the latter plus those that aren't certified by Google. That means any dev could potentially block their apps from showing and being directly installable in the Play Store on devices that are rooted and/or running a custom ROM, as well as on emulators and uncertified devices (think Meizu and its not-so-legal way of getting Play Services and the Play Store on its phones). This is exactly what many of you were afraid would happen after the Play Store app started surfacing a Device certification status. This is bad news for the custom ROM community. If I can no longer install Netflix (and possibly more applications) on custom ROMs, there's no way I'll be using custom ROMs on my devices. For now, this is a Play function and we can still sideload the applications in question, but with Google Play Services installed on virtually every Android device, one has to wonder - and worry - how long it'll be before such checks happen on-device instead of in-Play.

Google introduces Android Go

OS news - Thu, 18/05/2017 - 22:31
During I/O, Google also announced Android Go, a version of the mobile operating system optimised for lower-end devices. From Google's announcement: OS: We're optimizing Android O to run smoothly and efficiently on entry-level devices. Apps: We're also designing Google apps to use less memory, storage space, and mobile data, including apps such as YouTube Go, Chrome, and Gboard. Play: On entry-level devices, Play store will promote a better user experience by highlighting apps that are specifically designed for these devices -- such as apps that use less memory, storage space, and mobile data -- while still giving users access to the entire app catalog. If a device has less than 1 GB of RAM, it will automatically use the Android Go version of Android. In addition, Google has set up a set of guidelines applications must adhere to in order to qualify for the special highlighting mentioned above. The first question that popped into my mind was - why isn't every device getting this supposedly faster, and more lightweight version of Android? Will we be able to 'force' our devices to use Android Go, even if they don't officially qualify? The second question is - why would a developer go the lengths of creating additional versions of their application, instead of what they ought to do, which is slim down their existing application?

NASA inspector questions why agency built rocket test stands in Alabama

Ars Technica - Thu, 18/05/2017 - 21:50

Enlarge / Then-NASA Administrator Charles Bolden, right, visits the newest member of Marshall's skyline—Test Stand 4693—on December 14, 2015, with astronaut Butch Wilmore, center. (credit: NASA)

As part of rocket development, aerospace engineers extensively test booster components before they are assembled into a larger launch vehicle. To that end, NASA has built two big test stands at Marshall Space Flight Center in Alabama to test its large liquid hydrogen and liquid oxygen fuel tanks. These tanks are part of the core stage of the Space Launch System (SLS) rocket.

However, a new report from NASA's inspector general, Paul Martin, raises serious questions about the cost of these test stands and the decision to build them in Alabama rather than in Mississippi, where NASA has an existing facility that already tests rocket engines. Additionally, the Mississippi-based Stennis Space Center is also much closer to the Louisiana factory where the SLS hydrogen and oxygen tanks are being assembled.

Costs

As part of the SLS program, NASA determined that it needed two test stands: one is for the larger hydrogen tank, which is about half the length of a football field, and the second is for the oxygen tank. The agency budgeted $40.5 million for the project but ended up spending $76 million, which is an increase of 88 percent. The stands were completed in November 2016.

Read 9 remaining paragraphs | Comments

A single mutation may explain why Zika exploded in the Americas

Ars Technica - Thu, 18/05/2017 - 21:35

(credit: US DHHS)

A single mutation may explain why Zika suddenly erupted from obscurity to become the alarming re-emerging infectious disease it is today, researchers report in Nature.

According to researchers from Texas and China, the mutation boosts Zika’s ability to hop into feasting mosquitoes that can then shuttle the virus to more victims. Based on archived viral strains, the mutation popped up sometime between the virus’ low-profile outbreaks in Southeastern Asia (which took place in 2007 and 2012) and Zika’s explosive emergence in the Americas beginning in 2015.

“Our data offer a potential explanation for the recent re-emergence of ZIKV [Zika virus],” the authors conclude. And, they go on, the findings suggest that co-evolution between a virus and its vector—mosquitoes, in this case—is just as important for outbreak risk as co-evolution with its hosts—us.

Read 7 remaining paragraphs | Comments

Syndicate content