IOS

iOS 11 Will Prevent Your iPhone From Automatically Connecting To Unreliable Wi-Fi Networks (trustedreviews.com) 88

A new feature spotted in iOS 11 beta 2 intelligently manages wireless networks based on their reliability, learning to ignore those that are too far away to provide a consistent experience. TrustedReviews reports: It follows the company's Wi-Fi Assist feature which meant handsets would switch to a data connection when Wi-Fi networks became too slow. Naturally, users weren't thrilled with the resulting data usage issues, and it seems Apple is looking to do better this time around. This new feature will disable "Auto join" for any network which suffers from low speed issues or is deemed to be generally unreliable. Users will, of course, still be able to join these networks manually, but the change should prevent the frustration that comes from iPhones automatically joining networks users know to be inadequate. At this point, there's no way to know how well the feature will work, and there will undoubtedly be issues when it eventually arrives in iOS 11.
Microsoft

Microsoft Confirms It's Not Killing Off Paint After Outpouring of Support (cnbc.com) 231

Microsoft said late Monday that it will not be killing off its Paint app in the next update of Windows 10. It will be made available via the Windows Store for free and will not be completely removed. CNBC reports: The U.S. technology company recently released a list which labeled Paint "deprecated," meaning it was considering removing the app when the Windows 10 Fall Creators Update gets released later this year. Fans on social media decried the potential death of Paint, which has been in existence for 32 years. But Microsoft released a blog post shortly after to clarify that Paint would not be completely removed, but instead made available via the Windows Store for free. "Today, we've seen an incredible outpouring of support and nostalgia around MS Paint. If there's anything we learned, it's that after 32 years, MS Paint has a lot of fans. It's been amazing to see so much love for our trusty old app," Megan Saunders, a general manager at Microsoft, wrote in a blog post on Monday. "Amidst today's commentary around MS Paint we wanted to take this opportunity to set the record straight, clear up some confusion and share some good news: MS Paint is here to stay, it will just have a new home soon, in the Windows Store where it will be available for free."
Debian

Debian 'Stretch' Updated With 9.1 Release (debian.org) 40

An anonymous reader quotes Debian.org: The Debian project is pleased to announce the first update of its stable distribution Debian 9 (codename "stretch"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems... Please note that the point release does not constitute a new version of Debian 9 but only updates some of the packages included. There is no need to throw away old "stretch" media... Those who frequently install updates from security.debian.org won't have to update many packages, and most such updates are included in the point release.
Operating Systems

Slackware, Oldest Linux Distro Still In Active Development, Turns 24 70

sombragris writes: July 17 marked the 24th anniversary of Slackware Linux, the oldest GNU/Linux still in active development, being created in 1993 by Patrick Volkerding, who still serves as its BDFL. Version 14.2 was launched last year, and the development version (Slackware-current) currently offers kernel 4.9.38, gcc 7.1, glibc 2.25, mesa 17.1.5, and KDE and Xfce as official desktops, with many others available as 3rd party packages. Slackware is also among the Linux distributions which have not adopted systemd as its init system; instead, it uses a modified BSD init which is quite simple and effective. Slackware is known to be a solid, stable and fast setup, with easy defaults which is appreciated by many Linux users worldwide. Phoronix has a small writeup noting the anniversary and there's also a nice reddit thread.
Ubuntu

Ubuntu 16.10 Reaches End of Life (softpedia.com) 163

prisoninmate shares a report from Softpedia: Today, July 20, 2017, is the last day when the Ubuntu 16.10 (Yakkety Yak) was supported by Canonical as the operating system now reached end of life, and it will no longer receive security and software updates. Dubbed by Canonical and Ubuntu founder Mark Shuttleworth as the Yakkety Yak, Ubuntu 16.10 was launched on October 13, 2016, and it was a short-lived release that only received nine (9) months of support through kernel updates, bug fixes, and security patches for various components. Starting today, you should no longer use Ubuntu 16.10 (Yakkety Yak) on your personal computer, even if it's up-to-date. Why? Because, in time, it will become vulnerable to all sort of attacks as Canonical won't provide security and kernel updates for this release. Therefore, all users are urged to upgrade to Ubuntu 17.04 (Zesty Zapus) immediately using the instructions here.
Android

Samsung's 'Bixby' Voice Assistant Finally Launches In US (theverge.com) 40

After 3 months, Samsung announced that the voice capabilities of its digital assistant are now rolling out to U.S. Galaxy S8 and S8+ owners. Now, if you happen to own a Galaxy S8 or S8+, the physical Bixby button on the lefthand side of your phone will be able to actually do something somewhat useful. The Verge reports: Bixby's voice capabilities have been available in the US as part of an opt-in beta test, and Samsung says that feedback has led to faster response times, improved comprehension of varied phrasing around the same question, better hands-free operation, and more. Over 100,000 users of the flagship devices have enrolled in the early access program and issued over 4 million voice commands. Also, Samsung says Bixby can now read aloud your latest SMS messages and emails -- if you use its stock apps on the Galaxy S8. Bixby can be activated with a push of the dedicated Bixby button located on the side of the Galaxy S8 and S8+, or by saying "hi Bixby." Like Siri and Google Assistant, Bixby can handle alarms, send texts, and so on, but its real power lies in the ability to access granular phone settings or -- in supported apps -- automatically move through several menu screens to perform commands that Google Assistant simply can't do. Samsung says that deep learning should allow Bixby to improve over time as it begins to recognize users' preferences and ways of speaking. Here's a video showing some of the voice commands Bixby can respond to.
Android

Android Backdoor 'GhostCtrl' Can Silently Record Your Audio, Video and More (neowin.net) 69

An anonymous reader quotes a report from Neowin: A new strain of malware designed for Android devices has recently been discovered, which not only can silently record audio and video, but can also monitor texts and calls, modify files, and ultimately spawn ransomware. Dubbed as 'GhostCtrl' by researchers over at Trend Micro, the malware is apparently a variant of OmniRAT, a remote administration tool for Android, which is available to the public. It also appears to be part of a wider campaign that targeted Israeli hospitals, where a worm called RETADUP surfaced back in June. According to the report, there are three versions of the malicious software. The first variant stole information and controlled a device's functionalities, while the second added new features to exploit. The third one combines all the features of the old versions, and adds even more malicious components into its system. The latest iteration of GhostCtrl can now monitor call logs, text messages, contacts, phone numbers, location, and browsing history. Furthermore, it has the ability to record the victim's Android version, battery level, and Bluetooth information. To make make matters worse, it can now also spy on unsuspecting victims by silently recording audio and video. The malware distributes itself via illegitimate apps for WhatsApp or Pokemon GO. Trend Micro suggests you keep your Android devices up to date and data backed up regularly. They also recommend using an app reputation system that can detect suspicious and malicious apps.
Android

Some OnePlus 5s Are Reportedly Rebooting After Dialing 911 (theverge.com) 59

The OnePlus 5, dubbed "the best sub-$500 phone you can buy" when it launched, is having a few problems. Earlier this month, some owners of the new device complained about a weird jelly-like effect that appears when scrolling through apps. OnePlus went on to claim that the effect is normal and not the result of any manufacturing issues. Now, a handful of users are reporting that the OnePlus 5 will reboot itself once 911 is called, preventing them from reaching emergency services. The Verge reports: Reddit user Nick Morrelli noticed the glitch after he tried to call 911 to report a building fire in Seattle, and other users have reported that the OnePlus 5 is unable to dial 911 (or 999 in the UK, as another user reported) without rebooting. While most users haven't reported having the issue, any percentage of devices not being able to reach emergency services is a major issue for OnePlus. In a statement to The Verge, OnePlus says it's looking into the problem. "We have contacted the customer and are currently looking into the issue. We ask anyone experiencing a similar situation to contact us at support@oneplus.net."
Android

End of the Line For Remix OS as Jide Shifts Its Energy Towards the Enterprise (neowin.net) 30

An anonymous reader shares a report: It was only in July last year that Remix OS, an Android-based operating system for PCs, was bumped up to Version 3.0, which featured Android 6.0 Marshmallow under the hood. In fact, news of the upgrade came hot on the heels of an announcement from Chuwi with regards to the release of its $239 Vi10 Plus tablet that dual-booted Remix OS and Windows 10. A little over a month later, Jide Technology then followed up with a "developer preview" of the OS leveraging Android 7.0 Nougat. However, after a somewhat brief period of existence of just a few years, the company has announced that it is shifting its focus away from the consumer segment to the enterprise. In a statement on its website, Jide stated that: "Over the past year, we received an increasing number of inquiries from enterprises in various industries, and began helping them build great tools for their organizations by leveraging Jide software and hardware. We see huge potential in the role that Jide can play to revolutionize how these businesses operate. And given our existing resources, we decided to focus our company efforts solely on the enterprise space moving forward."
Security

Exploit Derived From EternalSynergy Upgraded To Target Newer Windows Versions (bleepingcomputer.com) 61

An anonymous reader writes: "Thai security researcher Worawit Wang has put together an exploit based on ETERNALSYNERGY that can also target newer versions of the Windows operating system," reports Bleeping Computer. "ETERNALSYNERGY is one of the NSA exploits leaked by the Shadow Brokers hacking group in April this year. According to a Microsoft technical analysis, the exploit can allow an attacker to execute code on Windows machines with SMB services exposed to external connections. The exploit works up to Windows 8. According to Microsoft, the techniques used in the original ETERNALSYNERGY exploit do not work on newer platforms due to several kernel security improvements. Wang says his exploit targets the same vulnerability but uses a different exploitation technique. His method 'should never crash a target,' the expert says. 'Chance should be nearly 0%,' Wang adds." Combining his exploit with the original ETERNALSYNERGY exploit would allow a hacker to target all Windows versions except Windows 10. This is about 75% of all Windows PCs. The exploit code is available for download from Wang's GitHub or ExploitDB. Sheila A. Berta, a security researcher for Telefonica's Eleven Paths security unit, has published a step-by-step guide on how to use Wang's exploit.
Windows

'Windows 10 Is Failing Us' (betanews.com) 551

Reader BrianFagioli writes: While Windows 10 is arguably successful from a market share perspective, it is still failing in one big way -- the user experience. Windows 8.x was an absolute disaster, and Microsoft's latest is certainly better than that, but it is still not an enjoyable experience. Before the company tries to add new features (and misses deadlines) like Timeline and Cloud Clipboard, it should focus more on improving the existing user experience. Right now it is failing us and things are not getting better. Even the third-party solutions that aim to turn this spying off aren't 100-percent successful. Unless you unplug from the internet entirely, you can't stop Windows from phoning home to Microsoft. This is a shame, as some consumers are being made to feel violated when using their own computer. Another issue that I can't believe hasn't been resolved is having two locations for system settings. Seriously, Microsoft? We still have "Settings" and "Control Panel" Live Tiles are still worthless, and it is time for Microsoft to kill them. Nobody opens an app launcher and stares at the icons for information. It is distracting and pointless. If I want the weather, I'll open a weather app and see it -- not stare at the icon for the information. It sort of made sense in the Windows 8.x era since you were presented with a full screen of app icons more often, but with a more traditional start-button design in Windows 10, it is time to retire it. Another example: Microsoft doesn't force you to use Edge and Bing entirely, but it still does force you. Cortana is a hot mess, but if you opt to use her, she will only open things in Edge. Searches are Bing-only. In other words, the virtual assistant ignores your default browser settings. Why? Not for the user's benefit. Sadly, the Windows Store is a garbage dump -- many of the "legit" apps are total trash.
GNOME

Fedora 26 Linux Distro Released (betanews.com) 66

Reader BrianFagioli writes: Today, Fedora 26 sheds its pre-release status and becomes available for download as a stable release. GNOME fans are in for a big treat, as version 3.24 is default. If you stick to stable Fedora releases, this will be your first time experiencing that version of the desktop environment since it was released in March. Also new is LibreOffice 5.3, which is an indispensable suite for productivity. If you still use mp3 music files I've moved onto streaming), support should be baked in for both encoding and decoding. "The latest version of Fedora's desktop-focused edition provides new tools and features for general users as well as developers. GNOME 3.24 is offered with Fedora 26 Workstation, which includes a host of updated functionality including Night Light, an application that subtly changes screen color based on time of day to reduce effect on sleep patterns, and LibreOffice 5.3, the latest update to the popular open source office productivity suite. For developers, GNOME 3.24 provides matured versions of Builder and Flatpak to make application development for a variety of systems, including Rust and Meson, easier across the board," says the Fedora Project.
Android

Windows Phone Dies Today (theverge.com) 233

From a report: Microsoft is killing off Windows Phone 8.1 support today, more than three years after the company first introduced the update. The end of support marks an end to the Windows Phone era, and the millions of devices still running the operating system. While most have accepted that the death of Windows Phone occurred more than a year ago, AdDuplex estimates that nearly 80 percent of all Windows-powered phones are still running Windows Phone 7, Windows Phone 8, or Windows Phone 8.1. All of these handsets are now officially unsupported, and only 20 percent of all Windows phones are running the latest Windows 10 Mobile OS.
Ubuntu

Ubuntu Is Now Available On the Windows Store (windowscentral.com) 121

Ubuntu is now available for download on the Windows Store. "Initially spotted by Rafael Rivera and Necrosoft Core on Twitter, Ubuntu on the Windows Store will let you install and run the Ubuntu terminal on Windows next to your other apps," reports Windows Central. From the report: Ubuntu's arrival, and that of SUSE, are part of a recent push by Microsoft to embrace Linux and the open source community more broadly. This began with the arrival of the Windows Subsystem for Linux in 2016, allowing users to use the Bash shell from within Windows. Keep in mind that this is limited to the Fall Creators Update, which isn't set for a public release until later this year. If you're running a PC testing the Fall Creators Update through the Windows Insider Program, however, you should be able to download and try Ubuntu from the Windows Store just fine.
Microsoft

Microsoft Will Sell Office, Windows as a Bundle (axios.com) 263

An anonymous reader shares a report: Microsoft announced plans on Monday to start offering Windows 10 and Office together in a single subscription service. Microsoft 365, as the service is known, will also include security and management tools and come in two flavors: one for large enterprises and the other for small-to-medium businesses. The company didn't say how much it will charge for either version of the service.
Operating Systems

48-Year-Old Multics Operating System Resurrected (multicians.org) 94

"The seminal operating system Multics has been reborn," writes Slashdot reader doon386: The last native Multics system was shut down in 2000. After more than a dozen years in hibernation a simulator for the Honeywell DPS-8/M CPU was finally realized and, consequently, Multics found new life... Along with the simulator an accompanying new release of Multics -- MR12.6 -- has been created and made available. MR12.6 contains many bug and Y2K fixes and allows Multics to run in a post-Y2K, internet-enabled world.
Besides supporting dates in the 21st century, it offers mail and send_message functionality, and can even simulate tape and disk I/O. (And yes, someone has already installed Multics on a Raspberry Pi.) Version 1.0 of the simulator was released Saturday, and Multicians.org is offering a complete QuickStart installation package with software, compilers, install scripts, and several initial projects (including SysDaemon, SysAdmin, and Daemon). Plus there's also useful Wiki documents about how to get started, noting that Multics emulation runs on Linux, macOS, Windows, and Raspian systems.

The original submission points out that "This revival of Multics allows hobbyists, researchers and students the chance to experience first hand the system that inspired UNIX."
Windows

WikiLeaks Unveils CIA Implants That Steal SSH Credentials From Windows, Linux PCs (thehackernews.com) 140

An anonymous reader quotes a report from The Hacker News: WikiLeaks has today published the 15th batch of its ongoing Vault 7 leak, this time detailing two alleged CIA implants that allowed the agency to intercept and exfiltrate SSH (Secure Shell) credentials from targeted Windows and Linux operating systems using different attack vectors. Secure Shell or SSH is a cryptographic network protocol used for remote login to machines and servers securely over an unsecured network. Dubbed BothanSpy -- implant for Microsoft Windows Xshell client, and Gyrfalcon -- targets the OpenSSH client on various distributions of Linux OS, including CentOS, Debian, RHEL (Red Hat), openSUSE and Ubuntu. Both implants steal user credentials for all active SSH sessions and then sends them to a CIA-controlled server.
Data Storage

OneDrive Has Stopped Working On Non-NTFS Drives (arstechnica.com) 130

An anonymous reader quotes a report from Ars Technica: OneDrive users around the world have been upset to discover that with its latest update, Microsoft's cloud file syncing and storage system no longer works with anything other than disks formatted with the NTFS file system. Both older file systems, such as FAT32 and exFAT, and newer ones, such as ReFS, will now provoke an error message when OneDrive starts up. To continue to use the software, files will have to be stored on an NTFS volume. While FAT disks can be converted, ReFS volumes must be reformatted and wiped. This has left various OneDrive users unhappy. While NTFS is the default file system in Windows, people using SD cards to extend the storage on small laptops and tablets will typically use exFAT. Similarly, people using Storage Spaces to manage large, redundant storage volumes will often use ReFS. The new policy doesn't change anything for most Windows users, but those at the margins will feel hard done by. Microsoft said in a statement that it "discovered a warning message that should have existed was missing when a user attempted to store their OneDrive folder on a non-NTFS filesystem -- which was immediately remedied." According to Ars, Microsoft's position, apparently, is that OneDrive should always have warned about these usage scenarios and that it's only a bug or an oversight that allowed non-NTFS volumes to work.
Operating Systems

OpenBSD Will Get Unique Kernels On Each Reboot (bleepingcomputer.com) 162

An anonymous reader quotes a report from Bleeping Computer: A new feature added in test snapshots for the upcoming OpenBSD 6.2 release will create a unique kernel every time an OpenBSD user reboots or upgrades his computer. This feature is named KARL -- Kernel Address Randomized Link -- and works by relinking internal kernel files in a random order so that it generates a unique kernel binary blob every time. Currently, for stable releases, the OpenBSD kernel uses a predefined order to link and load internal files inside the kernel binary, resulting in the same kernel for all users. Developed by Theo de Raadt, KARL will work by generating a new kernel binary at install, upgrade, and boot time. If the user boots up, upgrades, or reboots his machine, the most recently generated kernel will replace the existing kernel binary, and the OS will generate a new kernel binary that will be used on the next boot/upgrade/reboot, constantly rotating kernels on reboots or upgrades. KARL should not be confused with ASLR -- Address Space Layout Randomization -- a technique that randomizes the memory address where application code is executed, so exploits can't target a specific area of memory where an application or the kernel is known to run. A similar technique exists for randomizing the memory location where the kernel loads -- called KASLR. The difference between the two is that KARL loads a different kernel binary in the same place, while KASLR loads the same binary in random locations. Currently Linux and Windows only support KASLR.
Security

Linux Is Not As Safe As You Think (betanews.com) 237

BrianFagioli writes via BetaNews: Would you be surprised if I told you that threat methods for Linux increased an astonishing 300 percent in 2016, while Microsoft's operating systems saw a decrease? Well, according to a new report, that is true. Does this mean Linux is unsafe? No way, Jose! There are some important takeaways here. Microsoft's Windows operating systems are still the most targeted platforms despite the year over year decline -- far beyond Linux. Also, just because there is an increase in malware attack methods doesn't necessarily mean that more systems will be infected. Let us not forget that it is easier to find a vulnerability with open source too; Microsoft largely uses closed source code. "At the end of November, criminals with other variants of the same Linux malware unleashed devastating attacks against DSL routers of Telekom customers. 900,000 devices were taken down. In October, the Mirai code appeared freely available on the Internet. Since then, the AV-TEST systems have been investigating an increasing number of samples with spikes at the end of October, November and beginning of December," says AV Test of the Mirai malware. "Other Linux malware, such as the Tsunami backdoor, has been causing trouble for several years now and can be easily modified for attacks against IoT devices. The detection systems of AV-TEST first detected the Tsunami malicious code in the year 2003. Although, at that time, practically no IoT devices existed, the Linux backdoor already offered attack functions which even today would be suitable for virtually unprotected attacks on routers: In this manner, Tsunami can download additional malicious code onto infected devices and thus make devices remote controllable for criminals. But the old malware can also be used for DDoS attacks. The Darlloz worm, known since 2013, as well as many other Linux and Unix malware programs, have similar attack patterns which AV-TEST has been detecting and analyzing for years."

Slashdot Top Deals