Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

Malware Evades Detection By Counting Word Documents (threatpost.com) 13

"Researchers have found a new strain of document-based macro malware that evades discovery by lying dormant when it detects a security researcher's test environment," reports Threatpost, The Kaspersky Lab security news service. Slashdot reader writes: Once a computer is compromised, the malware will count the number of Word documents stored on the local drive; if it's more than two, the malware executes. Otherwise, it figures it's landed in a virtual environment or is executing in a sandbox and stays dormant.

A typical test environment consists of a fresh Windows computer image loaded into a VM. The OS image usually lacks documents and other telltale signs of real world use [according to SentinelOne researcher Caleb Fenton]. If no Microsoft Word documents are found, the VBA macro's code execution terminates, shielding the malware from automated analysis and detection. Alternately, if more than two Word documents are found on the targeted system, the macro will download and install the malware payload.

Android

Google Play Starts Bringing Android Apps To Chromebooks (venturebeat.com) 14

An anonymous reader quotes a report from VentureBeat: As promised, Google has finally brought the Google Play store to Chrome OS. Android apps, Android games, and media content from the store are all now finally available on Chromebooks running the latest stable build. But that still doesn't mean all Chromebook owners can use the store. This continues to be a gradual rollout -- even on the stable channel, Google is limiting the launch in multiple ways. "A beta release of the Play store is available to users now on the Acer R11 and Asus Flip (and coming soon to Pixel 2015) and can be enabled from the Settings page," a Google spokesperson told VentureBeat. "The team is hard at work making the experience great for users before making the Play Store available by default on these Chromebooks." That's right -- even though we're still talking about just three devices, the Play store is disabled by default. Once you've updated to version 53.0.2785.129 (make sure to switch back to the stable channel if you aren't already on it), you'll have to enable the Play Store in Chrome Settings.
Java

TypeScript 2.0 Released (arstechnica.com) 78

An anonymous reader quotes a report from Ars Technica: Since its introduction, TypeScript has included new features to improve performance, enhance JavaScript compatibility, and extend the range of error checking that the TypeScript compiler performs. TypeScript 2.0 introduces a big step forward here by giving developers greater control over null values. null, used to denote (in some broad, hand-waving sense) that a variable holds no value at all, has been called the billion dollar mistake. Time and time again, programs trip up by not properly checking to see if a variable is null, and for good or ill, every mainstream programming language continues to support the null concept. TypeScript 2.0 brings a range of new features, but the biggest is control over these null values. With TypeScript 2.0, programmers can opt into a new behavior that by default prevents values from being null. With this option enabled, variables by default will be required to have a value and can't be set to null accidentally. This in turn allows the compiler to find other errors such as variables that are never initialized.
IOS

19-Year-Old Jailbreaks iPhone 7 In 24 Hours (vice.com) 97

An anonymous reader writes: 19-year-old hacker qwertyoruiop, aka Luca Todesco, jailbroke the new iPhone 7 just 24 hours after he got it, in what's the first known iPhone 7 jailbreak. Todesco tweeted a screenshot of a terminal where he has "root," alongside the message: "This is a jailbroken iPhone 7." He even has video proof of the jailbreak. Motherboard reports: "He also said that he could definitely submit the vulnerabilities he found to Apple, since they fall under the newly launched bug bounty, but he hasn't decided whether to do that yet. The hacker told me that he needs to polish the exploits a bit more to make the jailbreak 'smoother,' and that he is also planning to make this jailbreak work through the Safari browser just like the famous 'jailbreakme.com,' which allowed anyone to jailbreak their iPhone 4 just by clicking on a link." Apple responded to the news by saying, "Apple strongly cautions against installing any software that hacks iOS."
GNOME

GNOME 3.22 Desktop Environment Officially Released (softpedia.com) 119

Reader prisoninmate writes: Today, September 21, is a big day for Linux users, especially those who love the GNOME desktop environment, as the next major release is now officially available. Yes, that's right, we're talking about GNOME 3.22, dubbed Karlsruhe after the German host city of the annual GUADEC (GNOME Users And Developers European Conference) event, which took place last month between August 12-14, 2016. Prominent features of the GNOME 3.22 desktop environment include batch rename functionality and support for integration of compressed files built directly into the Nautilus file manager, a new Week View, support for alarms, and the ability to drag and drop events to the GNOME Calendar, as well as an updated GNOME Music app that supports handling of music libraries with thousands of tracks. There are lots of improvements for the GNOME Games app as well, as it now offers support for numerous retro gaming consoles. Among other improvements, we can mention Flatpak integration, photo sharing, revamped GNOME Software app with support for firmware updates, redesigned keyboard settings and a brand new GNOME Control Center panel, and a redesigned dconf Editor. A video overview of the new features of GNOME 3.22 is available on the official website.
Microsoft

Microsoft Signature PC Requirements Now Blocks Linux Installation: Reports 467

Reader sombragris writes: According to a well-documented forum thread, the Signature PC program by Microsoft now requires to lock down PCs. This user found out that his Lenovo Yoga 900 ISK2 UltraBook has the SSD in a proprietary RAID mode which Linux does not understand and the BIOS is also locked down so it could not be turned off. When he complained that he was unable to install Linux, the answer he got was: "This system has a Signature Edition of Windows 10 Home installed. It is locked per our agreement with Microsoft."
Even worse, as the original poster said, "[t]he Yoga 900 ISK2 at Best Buy is not labeled as a Signature Edition PC, but apparently it is one, and Lenovo's agreement with Microsoft includes making sure Linux can't be installed." As some commenter said: "If you buy a computer with this level of lockdown you should be told."

There is also a report on ZDNet which looks very understanding towards Lenovo, but the fact remains: the SSD is locked down in a proprietary RAID mode that cannot be turned off.
Communications

Google Allo Messaging App Launches For iOS and Android (phonedog.com) 98

An anonymous reader writes: Google has officially launched their long-awaited messaging app for iOS and Android, called Google Allo. There are several unique features associated with this app that Google hopes will win you over. Smart Reply lets you respond to messages with just a tap, so you can send a quick "yup" in response to a friend asking "Are you on your way?" It will also suggest responses for photos. For example, if you send a picture of a dog, Smart Reply might suggest a heart emoji or "Super cute!" message, which you can select and send with a tap. Google says Smart Reply will improve over time and adjust to your style. You can also send large or small text and emojis, as well as draw on pictures. There's an incognito mode that will activate end-to-end encryption, discreet notifications, and message expiration on your chats. Arguably best of all is the Google Assistant that can be added to your chats to automatically cater useful information to you depending on what is being conversed in the chat. For example, it can deliver news, weather, traffic, sports or your upcoming flight status to your chat. You can also ask your Assistant to "share that funny YouTube video or play games with friends right in your group chat." Google Allo is rolling out to Android and iOS starting today.
Patents

Apple Patents a Paper Bag (theguardian.com) 201

mspohr writes: Continuing its leadership in innovation, Apple has patented a paper bag. We all remember the groundbreaking "rounded corners" innovation, now we have a paper bag! Just try to make your own paper bag and you'll be speaking with Apple lawyers. (Note: In fairness to Apple, this is a "special" paper bag which is stronger due to numerous improvements on your ordinary recycled paper bag -- just don't try to copy it.) The patent application summarizes the bag as follows: "A paper bag is disclosed. The paper bag may include a bag container formed of white solid bleached sulfate paper with at least 60% post-consumer content." Apple's patented paper bags are designed to be sturdy, while remaining "both pearly white and environmentally friendly." Let's just hope they don't remove the handles...
Desktops (Apple)

macOS Sierra Is Now Available For Download (engadget.com) 200

Dave Knott writes: Apple's latest desktop operating system, macOS Sierra, is now available for download. In addition to the Siri virtual assistant hitting the desktop for the first time, the free update includes features like a universal clipboard, revamped Messages, a storage optimization tool, and Apple Pay on the web.Engadget has also tested the new operating system and gave it a fairly positive review. It notes that Siri integration is "useful, if you already use Siri," and that iCloud and storage improvements have "practical benefits for everyone." But at the same time, the publication found that Siri "isn't always smart enough."
Microsoft

Microsoft Unveils $37 Nokia 216 Feature Phone (theverge.com) 56

Earlier this year, Microsoft announced that it had sold Nokia's remaining feature phone business to FIH Mobile, a subsidiary of Foxconn, for $350 million. Today, Microsoft unveiled the Nokia 216 feature phone, dispelling rumors that it would stop making Nokia phones. The Verge reports: The new Nokia 216 is one of the most basic phones that Microsoft manufactures, and it will be available in India next month for around $37. It includes a 2.4-inch QVGA display, with 0.3-megapixel cameras at the front and rear, running on the Series 30 OS with the Opera mini browser. It even has a headphone jack. It's easy to understand why Microsoft continues to create feature phones, as the company still sells millions of them every month. Microsoft previously hoped that feature phone users would create a Microsoft account and become part of the Microsoft ecosystem, but it's not clear whether the millions of feature phone users ever actually did that. Microsoft hinted earlier this year that it's planning to kill off its Lumia smartphones, and recent rumors have suggested that the Lumia brand will die off toward the end of the year.
Medicine

Hackers Offer a DIY Alternative To The $600 EpiPen (ieee.org) 324

After the pharmaceutical company Mylan raised the price of a 2-pen set of EpiPens by nearly $500 over the course of 9 years, Michael Laufer and his "pharma-hacking confederates at the Four Thieves Vinegar Collective," decided to make their own budget-friendly EpiPens. IEEE Spectrum reports: Today they released a video and instructions showing DIYers how to make a generic EpiPen using materials that can be bought online for about $30. They call it the EpiPencil. "It functions just as well as an EpiPen," Laufer says in the video, after demonstrating the assembly and showing that it works. "With no special training, anybody can use it." An EpiPen is just a spring-loaded syringe filled with the pharmaceutical epinephrine. Laufer's video shows how to assemble the "open source medical device" and provides links for where to buy the components online. He stops short of telling viewers how to get their hands on the drug, noting that you need a prescription for it. But Laufer tells IEEE Spectrum in an interview that it's easy to buy epinephrine online from a chemical supplier, and he hopes viewers will do just that. "There's a small but hopefully growing subculture of people who are buying the active ingredients of drugs," he says. "It's encouraging to see people take control of their own health."
Google

Google Launches 'Google Trips' Personalized Travel Planner (techcrunch.com) 37

Google has an app for just about everything. Their latest application, called Google Trips, aims to help you better plan your vacations and other travels. TechCrunch reports: Called Google Trips, the iOS and Android app pulls in a combination of data from Google Maps and crowdsourced contributions from other travels, in order to offer a personalized travel guide that helps you keep track of your day trips, reservations, points of interest, tourist attractions, restaurants and more. The home screen includes a search box with a prompt "where do you want to go?" for planning new trips, and other cards let you keep track of your current and upcoming vacations and plans. What's helpful is that each city you plan to visit during one of your trips can each have its own tab within the larger "Trip" section, and with a simple toggle switch, you can download all the information about that destination for offline access. Meanwhile, on each city's screen, a variety of colorful cards help you jump into various sections like "Saved places," "Day Plans," "Food and Drink," "Getting around," "Things to do," "Reservations," and more. Google says Trips can show you the most popular day plans and itineraries for the top 200 cities worldwide. This information is actually based on historic visit data from other travelers, which Google has then assembled into lists that include the most popular sights and attractions. In addition to sightseeing, the app can also track flight, hotel, car and restaurant reservations, which makes the app something of a competitor to Concur's TripIt, and, to some extend, the new territory Airbnb is carving out with its own forthcoming Airbnb Trips app, which will focus on travel services. However, what makes Google Trips compelling is that it leverages Google's ability to tap into the data you have stored in your Gmail, as it automatically gathers your reservations from your email and organizes them into trips on your behalf. Google Trips is live now on Android and iOS.
Android

Run Android 6.0 Marshmallow on Your PC With Android-x86 6.0 (softpedia.com) 90

This week saw the first stable release of Android-x86 6.0 (marshmallow-x86) -- and a new version of Remix OS for PC, a PC-optimized version of Android. Slashdot reader prisoninmate quotes Softpedia: Android-x86 6.0 has been in the works since early this year, and it received a total of two RC (Release Candidate) builds during its entire development cycle, one in June and another in August. After joining the Remix OS team, Chih-Wei Huang now has all the reasons to update and improve its Android-x86 system for the latest Android releases. Therefore, as you might have guessed already, Android-x86 6.0 is the first stable version of the project to be based on Google's Linux kernel-based Android 6.0 Marshmallow mobile operating system, and includes the most recent AOSP (Android Open Source Project) security updates too.

Under the hood, Android-x86 6.0 is using the long-term supported Linux 4.4.20 kernel with an updated graphics stack based on Mesa 12.0.2 3D Graphics Library, and offers support for Samsung's F2FS file system for SSD drives, better Wi-Fi support after resume and suspend, and initial HDMI audio support.

Desktops (Apple)

23 Years Later: the Apple II Receives Another OS Update (arstechnica.com) 81

An anonymous reader quotes a report from Ars Technica: Yesterday, software developer John Brooks released what is clearly a work of pure love: the first update to an operating system for the Apple II computer family since 1993. ProDOS 2.4, released on the 30th anniversary of the introduction of the Apple II GS, brings the enhanced operating system to even older Apple II systems, including the original Apple ][ and ][+. Which is pretty remarkable, considering the Apple ][ and ][+ don't even support lower-case characters. You can test-drive ProDOS 2.4 in a Web-based emulator set up by computer historian Jason Scott on the Internet Archive. The release includes Bitsy Bye, a menu-driven program launcher that allows for navigation through files on multiple floppy (or hacked USB) drives. Bitsy Bye is an example of highly efficient code: it runs in less than 1 kilobyte of RAM. There's also a boot utility that is under 400 bytes -- taking up a single block of storage on a disk. The report adds: "In addition to the Bitsy Boot boot utility, the ProDOS 2.4 'floppy' includes a collection of utilities, including a MiniBas tiny BASIC interpreter, disk imaging programs to move files from physical floppies to USB and other disk storage, file utilities, and the 'Unshrink' expander for uncompressing files archived with Shrinkit."
Intel

Windows 10 Haters: Try Linux On Kaby Lake Chips With Dell's New XPS 13 (pcworld.com) 232

Attention Linux enthusiasts. Your OS of your choice can finally work on laptops with Intel's Kaby Lake chips. Dell is releasing three new models of slick XPS 13 Developer Edition that will be available with Ubuntu OS and 7th Generation Core processors in the U.S. and Canada starting on Oct. 10, reports PCWorld. From the article:Prices for XPS 13 DE will start at $949. Dell also announced the XPS 13 model with Kaby Lake and Windows 10, which will ship on Oct. 4 starting at $799. Dell didn't share details on what version of Ubuntu desktop OS will be preloaded. It officially supports Ubuntu 14.04 in existing laptops, but could pre-load version 16.04 on the new XPS 13 DE. Dell has remained committed to Linux while major PC vendors shift to Windows 10 on PCs. Intel made a major commitment to supporting Windows 10 with its new Kaby Lake chips but hasn't talked much about Linux support. XPS 13 DE is perhaps the sexiest and thinnest Linux laptop available, with an edge-to-edge screen being a stand-out feature. It is the latest in Dell's Project Sputnik line of laptops, and it is targeted at computer enthusiasts who want a Windows or Mac alternative. A knock against Linux is that the OS has lagged behind Windows on driver development and on supporting the latest technologies like USB-C ports, 4K screens, and Thunderbolt. Project Sputnik started four years ago as an effort between Dell and the open-source community to bridge that gap, and since then, the resulting laptops have achieved cult status among Linux enthusiasts. A Dell XPS 13 with a Core i5 chip will have a full HD screen, 8GB of RAM, and a 128GB SSD. Another configuration will have a 3200 x 1800-pixel screen, Core i5, and a 256GB SSD. A fully loaded model will have a Core i7 chip, a 512GB SSD, 16GB of RAM, and a 3200 x 1800-pixel screen.
Security

Over 500K People Have Installed a Pokemon Go-Related App That Roots and Hijacks Android Devices (softpedia.com) 57

An anonymous reader writes: Over 500,000 people have downloaded an Android app called "Guide for Pokemon Go" that roots the devices in order to deliver ads and installs apps without the user's knowledge. Researchers that analyzed the malware said it contained multiple defenses that made reverse-engineering very difficult -- some of the most advanced they've seen -- which explains why it managed to fool Google's security scanner and end up on the official Play Store. The exploits contained in the app's rooting functions were able to root any Android released between 2012 and 2015. The trojan found inside the app was also found in nine other apps, affecting another 100,000 users. The crook behind this trojan was obviously riding various popularity waves, packing his malware in clones for whatever app or game is popular at one particular point in time.
Microsoft

Microsoft Has More Open Source Contributors On GitHub Than Facebook and Google (thenextweb.com) 118

An anonymous reader writes from a report via The Next Web: Microsoft CEO Satya Nadella has really embraced open source over the past couple of years. GitHub, a site that is home to a number of the web's biggest collaborative code projects, has counted more than 5.8 million active users on its platform over the past 12 months, and says that Microsoft has the most open source contributors. Microsoft has 16,419 contributors, beating out Facebook's 15,682 contributors, Docker's 14,059 contributors, and Google's 12,140 contributors. The Next Web reports: "Of course, this didn't happen overnight. In October 2014, it open sourced its .NET framework, which is the company's programming infrastructure for building and running apps and services -- a major move towards introducing more developers to its server-side stack. Since then, it's open sourced its Chakra JavaScript engine, Visual Studio's MSBuild compiling engine, the Computational Networks Toolkit for deep learning applications, its Xamarin tool for building cross-platform apps and most recently, PowerShell. It's also worth noting that the company's Visual Studio Code text editor made GitHub's list of repositories with the most contributors. You can check out these lists, as well as other data from GitHub's platform on this page." GitHub CEO Chris Wanstrath said in an interview with Fortune, "The big .Net project has more people outside of Microsoft contributing to it than people who work at Microsoft."
Android

Xiaomi Can Silently Install Any App On Your Android Phone Using A Backdoor (thehackernews.com) 97

Xiaomi, the Chinese smartphone manufacturer many refer to as the "Apple of China," can silently install any app on your device, according to a Computer Science student and security enthusiast from the Netherlands. Thijs Broenink started investigating a mysterious pre-installed app, dubbed AnalyticsCore.apk, that constantly runs in the background and reappears even if you try and delete it. The Hacker News reports: After asking about the purpose of the AnalyticsCore app on the company's support forum and getting no response, Thijs Broenink reverse engineered the code and found that the app checks for a new update from the company's official server every 24 hours. While making these requests, the app sends device identification information with it, including the phone's IMEI, Model, MAC address, Nonce, Package name as well as signature. If there is an updated app available on the server with the filename "Analytics.apk," it will automatically get downloaded and installed in the background without user interaction. Broenink found that there is no validation at all to check which APK is getting installed to a user's phone, which means there is a way for hackers to exploit this loophole. This also means Xiaomi can remotely and silently install any application on your device just by renaming it to "Analytics.apk" and hosting it on the server. Ironically, the device connects and receives updates over HTTP connection, exposing the whole process to Man-in-the-Middle attacks."
Microsoft

Windows 10 Anniversary Update Rollout May Not Be Done Until Early November (zdnet.com) 88

Microsoft released Windows 10 Anniversary Update last month. But the trickling of the company's latest major update users could take as much as three months, the company has said. Many users have been complaining about not seeing an update pop-up on their system. When ZDNet's reporter Mary Jo Foley asked Microsoft about this, the company confirmed that it hadn't seeded the update to all Windows 10 users. From the report: Microsoft began rolling out the latest version of Windows 10, the Anniversary Update, on August 2. At that time, Microsoft officials said the rollout would be staggered, but didn't get too explicit as to how -- or how long it might take the company to push Windows 10 Anniversary to consumers and business users who are on the so-called Current Branch of Windows 10. It's worth repeating that those who really want the Anniversary Update immediately have options to proactively go get it. I received a Microsoft blast email just over a week ago that included a footnote that mentioned it might take up to three months for Microsoft to push the Anniversary Update to those set up to get it. That means those currently waiting may still have another month and a half to wait.
Cellphones

Microsoft To Kill The Lumia Brand In Favor of a New Surface Phone, Says Report (thenextweb.com) 177

It's no secret the Lumia brand is struggling to gain any significant market share these days. Earlier this year, it was reported that Microsoft's Windows Phone OS dropped below 1 percent mark share, all but confirming the death of Windows Phone. A new report suggests that, despite the irrelevance of Windows Phone, Microsoft will not be giving up on its mobile OS. Instead, the company plans to drop the Lumia brand by the end of the year and replace it with a brand new Surface Phone in an effort to breathe new life into its flagging smartphone business. The Next Web reports: There is some credibility to the claims. Microsoft's Lumia lineup has shrunk to just four models, and there's nothing to indicate it's working on a successor. In the U.S., where Microsoft has struggled to shift Lumia phones, it has removed the link to buy them from its website. On the retail side, stores have started removing units from display, and are trying to shift remaining stock by offering steep discounts. Further evidence comes from two since-deleted tweets from Laura Butler, engineering director at Microsoft, who posted "Surface iPhone ;-)" on September 6, and "Surface Phone not NOT confirmed. :-)" on September 7, in reply to questions posed by other Twitter users. Microsoft is expected to hold an event in October, where it's believed it will announce a new Surface all-in-one. As Ars Technica pointed out, this could be when Microsoft announces its new Surface Phone, just in time for Christmas.

Slashdot Top Deals