In a bad turn of karma for Microsoft's "embrace and extend" approach to the web in the early 2000s, I see it as deliciously ironic Microsoft's announcement that it has to change its standards-based IE11 browser to make the mobile version work better with non-standard websites. As ZDNET comments:
Web developers have been complaining for years about having to fix their websites to handle non-standard versions of Microsoft's Internet Explorer. Now the boot is on the other foot. Microsoft is having to change its standards-based IE11 browser to make the mobile version work better with non-standard websites.
Microsoft says it tested "more than 500 of the top mobile web sites" when developing the Windows Phone 8.1 Update, and it has improved about 40 percent of them, including Twitter.
It found that the main issues were (quote):
- Faulty browser detection not recognising IE as a mobile browser and giving the desktop experience
- Using only old webkit-prefixed features that have been replaced by standards [submitters note: can't repress a hint of a schadenfreude feeling]
- Using proprietary webkit-prefixed features for which there is no standard
- Using features that IE does not support with no graceful fall-back
- Running into interoperability bugs and implementation differences in IE
Well, schadenfreude or not, it's actually a pity there still are Web designers/developers that ignore the W3C standards now that the majority of browsers support them. After all, the standards are intended to benefit everyone.
From an Ars Technica story : Podcasting patent troll: We tried to drop lawsuit against Adam Carolla
In a "shocking" turn of behavior Personal Audio LLC is trying to back away from a lawsuit against comedian Adam Carolla, without getting paid a penny but Carolla won't let the case drop.
In a statement released today, Personal Audio says that Carolla, who has raised more than $450,000 from fans to fight the case, is wasting their money on an unnecessary lawsuit. The company, which is a "patent troll" with no business other than lawsuits, has said Carolla just doesn't care since his fans are paying his lawyers' bills.
"Adam Carolla's assertions that we would destroy podcasting were ludicrous on their face," said Personal Audio CEO Brad Liddle. "But it generated sympathy from fans and ratings for his show. Getting his fan base to continue to donate to his legal fund is a cynical exploitation of the publicity power he enjoys as an entertainer." He continued to say that Personal Audio was "quite surprised" Carolla turned down their offer.
I've no sympathy for this devil, and i'm glad that the EFF has opened a second line of attack on the podcasting patent in the US Patent and Trademark Office. The patent is going through a process called "inter partes review," where the office reconsiders whether it should have been granted.
So do you know anyone else who's been subject to these trolls?
As part of our Open Wireless Movement, we set out to create router software that would make it easier for people to safely and smartly share part of their wireless network. Protecting hosts, so their security is not compromised because they offer open networks, is one of the goals of the router software we released. However, as research published by Independent Security Evaluators (ISE) and others has shown, almost every popular home router has serious security flaws.
With this in mind, we're teaming up with ISE to host "SOHOpelessly Broken," a router hacking contest this year at DEF CON 22. Focusing on small office/home office (SOHO) equipment, this contest will reward the discovery of zero-day vulnerabilities in fully updated, popular off-the-shelf SOHO routers,[...]
By joining, you'll also have a chance to hack away at our Open Wireless Router. It's looking more and more like our project will be the first home router and firmware that we know of to undergo regular, public, third-party security assessments.
Brad Rodriguez at Goodbye, Microsoft notes
I just got word of this, from LifeHacker:
Intro to Linux is normally a $2,400 course from the Linux Foundation, but it's being offered for free now on edX. If you've ever wanted to learn how to use the open source operating system, there's no better time than now.
The free course starts on August 1st, but to get the best experience from the class, you should install Linux on your computer before it starts. The Linux Foundation has a helpful guide [Ed's Note: Link unreliable, PDF] for doing just that so you can hit the ground running when the course starts in a couple of days.
The class is designed to give you a good working knowledge of Linux over 40 to 60 hours of course work. It's taught by Dr. Jerry Cooperstein, who oversees all the training content at the Linux Foundation. There's no syllabus for the course yet, but it promises to teach experienced computer users with little or no previous experience with Linux the ins and outs of the OS, from both a command line and graphical perspective.
The edX course is here.
ITWorld has a story which reports:
A group of attackers with links to the Chinese hacking [sic] underground has been targeting companies from the entertainment and video game industries for years with the goal of stealing source code. The stolen intellectual property is used to "crack" games so they can be used for free, to create game cheating tools or to develop competing products, security researchers from Dell SecureWorks said in an analysis of the group's activities.
Dell SecureWorks tracks the hacker group as Threat Group-3279 (TG-3279) and believes it has been active since at least 2009. Information gathered by the company's researchers while investigating compromises at affected firms suggests that the attack group uses a variety of tools for reconnaissance and persistent access on systems, some of which were developed by members of the group. These tools include an extensible remote access Trojan (RAT) program called Conpee and a rootkit called Etso for hiding network and file activity.
Other custom tools and scripts that can indicate a TG-3279 compromise, according to Dell SecureWorks, include: a system profiling tool called gsi.exe; a tool for loading PE (portable executable) files called Runxx; a SYN port scanner called "s;" a PHP SQL injection script called sqlin.php; a script for enumerating DNS entries called dnsenum.py; a RDP (remote desktop protocol) brute-force tool called rdp_crk; and a reverse shell for Windows systems called icmp_shell.
The Guardian brings us a rather interesting suggestion: How the Kickstarter model could transform UK elections.
You hear variations on this theme a lot - no one wants to vote for the minority party because everyone knows that no one wants to vote for the minority party. As time goes by, the number of people willing to vote at all declines, so that a smaller and smaller number of ever-more cynical people elect representative that are answerable to fewer and fewer voters, and policy gets more and more corrupt.
Internet infrastructure giant Akamai Technologies has joined Microsoft and venture capital firm Jerusalem Venture Partners (JVP) in the cybersecurity startup accelerator program launched recently in Israel.
Akamai will contribute to the program by offering its expertise in the field of Internet security, mentoring, and introductions to relevant customer and partners. The company is also prepared to invest up to $25,000 in each of the accepted startups through the purchase of convertible notes.
Initially, the application period was until July 24, but Microsoft Ventures extended it until Thursday, July 31. The list of companies accepted into the program will be announced on September 7.
It's official, the CIA was interfering with a network of computers created for the Intelligence Committee of the US Congress.
The New York Times is reporting that the CIA did indeed hack into Senate computers, as was suspected several months ago. From the article:
An internal investigation by the Central Intelligence Agency has found that its officers improperly penetrated a computer network used by the Senate Intelligence Committee in preparing its report on the C.I.A.'s detention and interrogation program. In a statement issued Thursday morning, a C.I.A. spokesman said that agency's inspector general had concluded that C.I.A. officers had acted inappropriately by gaining access to the computers. The statement said that John O. Brennan, the C.I.A. director, had apologized to the two senior members of the Senate Intelligence Committee and that he would set up an internal accountability board to review the matter. The board will be led by former Senator Evan Bayh, Democrat of Indiana.
An internal investigation? What about a law enforcement investigation for violation of several criminal statutes? Is anyone going to prison for this?
The best part is that the CIA created that "secure" network, called RDInet, to store documents requested by the Committee to keep an eye on... the CIA.
Ars Technica brings us a short look inside of Citizen Lab with Inside Citizen Lab, the "Hacker Hothouse" protecting you from Big Brother.
Citizen Lab, the watchdog group Deibert founded over a decade ago at the University of Toronto that's now orbited by a globe-spanning network of hackers, lawyers, and human rights advocates. From exposing the espionage ring that hacked the Dalai Lama to uncovering the commercial spyware being sold to repressive regimes, Citizen Lab has played a pioneering role in combing the Internet to illuminate covert landscapes of global surveillance and censorship. At the same time, it's also taken the role of an ambassador, connecting the Internet's various stakeholders from governments to security engineers and civil rights activists.
So where do we sign up?
ArsTechnica reports on the rise of BadUSB:
White-hat hackers have devised an exploit that transforms USB devices (keyboards, Web cams, etc.) into highly programmable attack platforms that can't be detected by today's defences.
Dubbed BadUSB, the hack reprograms embedded firmware to give USB devices new, covert capabilities. In a demonstration scheduled at next week's Black Hat security conference in Las Vegas, a USB drive, for instance, will take on the ability to act as a keyboard that surreptitiously types malicious commands into attached computers. A different drive will similarly be reprogrammed to act as a network card that causes connected computers to connect to malicious sites impersonating Google, Facebook or other trusted destinations.
Karsten Nohl, chief scientist at Security Research Labs in Berlin, said:
... there are few ways ordinary people can protect themselves against BadUSB attacks short of limiting the devices that get attached to a computer to those that have remained in the physical possession of a trusted party at all times. The problem, he said, is that USB devices were never designed to prevent the types of exploits his team devised.
Research into eating behaviour of children has found that the more time a parent spends cooking at home, the more likely they are to choose healthier food options.
The main findings showed that children whose parents reported more time spent on food preparation at home independently chose to eat meals that were lower in energy density (a measure of calories per gram) than children whose parents reported less food preparation time. In other words, the children whose parents reported more time on food preparation tended to make healthier food choices in the lab than children whose parents spent less time at home on food preparation, even without parental supervision.
The PHP language has been around for over 20 years and is clearly one of the most popular programming languages in the world. PHP is definitely the lingua-franca of the internet.
While there is extensive user-documentation, the PHP language has always been missing a language specification. That is not to say a specification hasn't been thought about or discussed. It is just that one has never really come to fruition.
Collective Switching or a Group Buying scheme, where thousands of consumers join forces to negotiate the best deal for energy possible, has been shown to save money for all involved.
Collective switching or group buying schemes, where thousands of consumers join forces to negotiate cheaper electricity tariffs, are becoming more popular in the UK as bills continue to rise putting increasing pressure on household budgets. Initiatives like Which?'s Big Switch, People Power or the Big Deal have helped thousands of consumers to save, on average, up to a third of their yearly electricity bills.
Now research from Heriot-Watt University and the University of Southampton proves these schemes work and proposes a model to help consumers form more efficient buying groups and minimize switching risks.
A common problem with existing schemes is that one tariff may not be efficient for every consumer. Often they may have been financially better off not switching, or as the research now shows creating a new sub-group which chooses a different tariff.
Speaking at the AAAI Artificial Intelligence conference in Canada this week Dr. Valentin Robu from Heriot-Watt University explains, "Electricity suppliers buy from the wholesale market where electricity prices are considerably lower. There are a number of ways they sell this onto consumers but typically they predict the amount of electricity required and pass on premium prices to consumers to cover any risk associated with over or under buying, allowing them to make profits.
"Crucially, this is where group buying is important. While everyone has potentially some uncertainty about their future consumption, our work shows that, by grouping together, consumers can gain size and market power and reduce their risk and access better prices."
For that same price, they could choose instead to connect only with Twitter , Instagram or Pinterest -- or for $10 more, enjoy unlimited use of all four. Another $5 gets them unlimited streaming of a music app of their choice.
The plan, offered under the company's Virgin Mobile brand of prepaid service, comes as wireless carriers are experimenting with ways to make wireless Internet access more affordable for the poorest consumers by offering special deals on slices of the Web.
Sprint said the plan -- called Virgin Mobile Custom -- was aimed at giving consumers more choices. "This is really just part of a broader effort toward customization," said Dow Draper, president of prepaid at Sprint. Instead of buying a bucket of data, customers can now pay less for just the app they use the most, he said.
The new plan is only available at Wal-Mart and the base offering covers just 20 minutes of talk time and 20 texts. Subscribers can customize the plan by buying up to unlimited talk or text or both, and by choosing among data packages. Each line starts at $6.98 a month. Unlimited service on Facebook, Twitter, Instagram or Pinterest costs another $5, or another $15 for all four.
A new crowdfunding at Indiegogo features an interesting small and interactive two-wheeled robot called Droidles.
Judging from the way it looks, it is just an ordinary toy. Or maybe a little charming for kids. But this 3D printed device is enabled with open source hardware and firmware allowing even amateur programmers to learn new robotics.
For only $89.00, you get to create your own robot and webpage where you can view, edit and experiment with their personality programs, share programs with other users, and try out programs made by other users, created by other Droidles, or generated by the cloud service.
In a blog statement, Jay Hurley, the lead developer said "A cloud network will allow Droidles to share code, grow or evolve new abilities".