Brian Schrader, an independent software developer, writes:
It's been a little over 5 years since Google Reader shut down and the world of RSS readers was tossed into the junk drawer of collective memory. But, looking back on it today, I'd actually argue that RSS and Feeds as a whole never really disappeared, only the Feed Readers did. In building Pine, and as a long time Feed Reader user, I've been pleasantly surprised over these last 5 years to see that most sites still have RSS feeds. Sure, Facebook and Twitter don't support them, but YouTube, Reddit, Squarespace, Wordpress and so many more do by default. Feeds of all kinds still exist, nearly forgotten, in the markup of most websites, and this means that Feed Readers can, and will, make a comeback someday. The foundations are already laid; the hard work is done. RSS Feeds became a standard, and were built into the tools we use to make the web today. It's almost as if we laid the tracks and built the trains for a trans-continental railroad, but we've just forgotten how to sell tickets.
New Spectre 1.1 and Spectre 1.2 CPU Flaws Disclosed
Two security researchers have revealed details about
two new Spectre-class vulnerabilities, which they've named Spectre 1.1 and Spectre 1.2. From a report:
Just like all the previous Meltdown and Spectre CPU bugs variations, these two take advantage of the process of speculative execution -- a feature found in all modern CPUs that has the role of improving performance by computing operations in advance and later discarding unneeded data. According to researchers, a Spectre 1.1 attack uses speculative execution to deliver code that overflows CPU store cache buffers in order to write and run malicious code that retrieves data from previously-secured CPU memory sections. Spectre 1.1 is very similar to the Spectre variant 1 and 4, but the two researchers who discovered the bug say that "currently, no effective static analysis or compiler instrumentation is available to generically detect or mitigate Spectre 1.1." As for Spectre 1.2, researchers say this bug can be exploited to write to CPU memory sectors that are normally protected by read-only flags.
NASA Commercial Crew Program for Space Station Faces Delays, Report Says
Plans to launch the first NASA astronauts since 2011 to the International Space Station from the United States look
set to be delayed due to incomplete safety measures and accountability holes in the agency's commercial crew program, Reuters reported Wednesday, citing a federal report released on Wednesday. From the report:
SpaceX and Boeing Co are the two main contractors selected under the National Aeronautics and Space Administration's commercial crew program to send U.S. astronauts to space as soon as 2019, using their Dragon and Starliner spacecraft respectively. But the report from the Government Accountability Office said the issues could cause delays in the launch of the first crewed mission from U.S. soil by a private company and could result in a nine-month gap in which no U.S. astronauts inhabit the ISS.
Google Quietly Enables 'Site Isolation' Feature for 99% of Chrome Desktop Users
Google has quietly enabled a security feature called Site Isolation for 99% of its desktop users on Windows, Mac, Linux, and Chrome OS.
This happened in Chrome 67, released at the end of May. From a report:
Site Isolation isn't a new feature per-se, being first added in Chrome 63, in December 2017. Back then, it was only available if users changed a Chrome flag and manually enabled it in each of their browsers. The feature is an architectural shift in Chrome's modus operandi because when Site Isolation is enabled, Chrome runs a different browser process for each Internet domain. Initially, Google described Site Isolation as an "additional security boundary between websites," and as a way to prevent malicious sites from messing with the code of legitimate sites.
Broadcom Buying CA For $19 billion
Broadcom on Wednesday announced plans to
buy IT management software company CA for $18.9 billion in cash, just months after U.S. regulators
blocked Broadcom's deal to buy fellow chip-maker Qualcomm.
Some history of CA, via
CNBC reporter Ari Levy:
14 years ago CA was called Computer Associates. The former CEO was charged with securities fraud, conspiracy and obstruction of justice. The lead prosecutor was a Deputy Attorney General by the name James Comey. "The investigators in this case went up against highly sophisticated and allegedly corrupt corporate executives who used every means at their disposal to delay, deceive and derail the government's investigation," Comey said. "The Computer Associates story also includes a failed cover-up, replete with lies to government investigators, lies under oath, and the use of attorneys to obstruct and impede the government's investigation of this fraud," he said.
AV1 is Well On Its Way To Becoming a Viable Alternative To Patented Video Codecs, Mozilla Says
Here's a surprising fact: It costs money to watch video online, even on free sites like YouTube. That's because about 4 in 5 videos on the web today rely on a patented technology called the H.264 video codec. From a report:
It took years for companies to put this complex, global set of legal and business agreements in place, so H.264 web video works everywhere. Now, as the industry shifts to using more efficient video codecs, those businesses are picking and choosing which next-generation technologies they will support. The fragmentation in the market is raising concerns about whether our favorite web past-time, watching videos, will continue to be accessible and affordable to all.
Over the last decade, several companies started building viable alternatives to patented video codecs. Mozilla worked on the Daala Project, Google released VP9, and Cisco created Thor for low-complexity videoconferencing. All these efforts had the same goal: to create a next-generation video compression technology that would make sharing high-quality video over the internet faster, more reliable, and less expensive. In 2015, Mozilla, Google, Cisco, and others joined with Amazon and Netflix and hardware vendors AMD, ARM, Intel, and NVIDIA to form AOMedia. As AOMedia grew, efforts to create an open video format coalesced around a new codec: AV1. AV1 is based largely on Google's VP9 code and incorporates tools and technologies from Daala, Thor, and VP10.
Mozilla loves AV1 for two reasons: AV1 is royalty-free, so anyone can use it free of charge. Software companies can use it to build video streaming into their applications. Web developers can build their own video players for their sites. The second reason we love AV1 is that it delivers better compression technology than even high-efficiency codecs -- about 30% better, according to a Moscow State University study.
FCC Promises to Fix Comment System Hijacked During Net Neutrality Repeal
FCC boss Ajit Pai says the agency will
finally take steps to shore up the security of the FCC's public comment system after being widely criticized for turning a blind eye to routine fraud and abuse. From a report:
If you'll recall, more than 22 million Americans voiced their thoughts on the Trump FCC's attack on net neutrality last fall via the agency's website. The vast majority of comments opposed the move, closely reflecting surveys that show widespread, bipartisan support for the rules. [...] Not a single one of your comments was cited in the FCC's 218 page justification for its decision.
[...] Back in May, Senators Senators Jeff Merkley (D-OR) and Pat Toomey (R-PA) fired off a letter to Pai demanding he actually do something about the abuse of FCC systems. [...] In a response letter this week provided to the Wall Street Journal, Pai says the agency is finally taking steps to address the problem, while acknowledging his own identity was hijacked during the comment process. "It is troubling that some bad actors submitted comments using false names," Mr. Pai said. "Indeed, like you, comments were submitted in my name and my wife's name that reflect viewpoints we do not hold." Pai's letter, which wasn't publicly shared, states that the FCC hopes to eventually "rebuild and re-engineer" the commission's electronic comment system "to institute appropriate safeguards against abusive conduct." It also states that Pai will approach Congress for funding for the overhaul, something Pai likely knows may not actually happen.
RIP Tata Nano, the World's Cheapest Car
From a report:
Well, you guys, pour one out for the Tata Nano. The world's cheapest car is all but dead. According to Bloomberg, Tata Motors built one single Nano in June 2018. During the same month in 2017, Tata produced 275. As a final nail in the coffin, Tata told Bloomberg the car "cannot continue beyond 2019." The Tata Nano entered the Indian market in 2008 priced from just 100,000 rupees, or about $1,500. The price increased over time, and according to Tata Motors' website, an entry-level Nano starts at 236,447 rupees today, or $3,435 based on current exchange rates. Right from the get-go, the Nano was plagued with production issues, not to mention poor safety and dismal crash test results. The cars were also known to catch fire, which, uh, isn't good.
Battling Fake Accounts, Twitter To Slash Millions of Followers
Twitter will begin
removing tens of millions of suspicious accounts from users' followers on Thursday, signaling a major new effort to restore trust on the popular but embattled platform. From a report:
The reform takes aim at a pervasive form of social media fraud. Many users have inflated their followers on Twitter or other services with automated or fake accounts, buying the appearance of social influence to bolster their political activism, business endeavors or entertainment careers. Twitter's decision will have an immediate impact: Beginning on Thursday, many users, including those who have bought fake followers and any others who are followed by suspicious accounts, will see their follower numbers fall. While Twitter declined to provide an exact number of affected users, the company said it would strip tens of millions of questionable accounts from users' followers.
ARM's Own Employees Complain About Anti-RISCV Website
Phoronix and The Register have an insightful look into an effort by ARM that is reminiscent of Microsoft's "Get The Facts" campaign. RISC-V's design is a revamp of the RISC concept that is intended from the ground up to fix the mistakes and learn from the lessons of the past 30 years. Power efficiency is 40% better than ARM or Intel. Compressed instructions reduce I-cache misses by 20-25%, which is roughly comparable to the same performance that would be achieved by doubling the Instruction Cache size. Yet despite El Reg's insightful analysis,
all is not as it seems: on further investigation, some of ARM's criticism has merit, whilst some of it is clear out-and-out FUD from ARM that, being so critically dependent on free software, had its own employees complain so much that the site was pulled.
Also we cannot help but wonder which "Big Chip" company offered seven-figure salaries to try to shut down the IIT Madras Shakti Project. Most interesting however is the fact that ARM -- a $40 billion dollar company -- is rattled by RISC-V enough to use underhanded tactics, whilst Intel on the other hand is actually investing.
No, the FCC is Not Forcing Consumers To Pay $225 To File Complaints
Having your voice heard at the Federal Communications Commission could soon cost you hundreds of dollars, according to congressional Democrats Tuesday who oppose a looming rule change by the nation's top telecom and cable regulator.
But that may not be the case after all, a review of the FCC proposal shows. From a report:
At issue is a proposal that the FCC is expected to vote on Thursday that looks at the agency's process for handling "informal" complaints -- the kind you might file if you've received an unwanted robocall or if you've heard something indecent on the radio. Under the proposal, the FCC could soon pass the informal complaints it receives directly to the companies that consumers are complaining about, the lawmakers said in a letter to FCC Chairman Ajit Pai. That might result in FCC staff no longer reviewing those submissions, they said. And customers who receive no relief from the companies would then be forced to lodge a "formal" complaint at the FCC, an existing procedure that costs $225.
"To advise consumers that they file a $225 formal complaint if not satisfied ignores the core mission of the FCC -- working in the public interest," wrote Reps. Frank Pallone Jr. (D-N.J.) and Mike Doyle (D-Pa.). The controversy was first reported by the Verge. Staffers for the House Energy and Commerce Committee did not immediately respond to a request for comment. The FCC said in a statement that the lawmakers had misunderstood the proposal. "The item would not change the Commission's handling of informal complaints," the agency said.
Chinese Mobile Phone Cameras Are Not-So-Secretly Recording Users' Activities
Oiwan Lam, reporting for Global Voices:
It has been widely reported that software and web applications made in China are often built with a "backdoor" feature, allowing the manufacturer or the government to monitor and collect data from the user's device. But how exactly does the backdoor feature work? Recent discussion among mobile phone users in mainland China has shed some light on the question.
Last month, users of Vivo NEX, a Chinese Android phone, found that when they opened certain applications on the phone, including Chinese internet giant QQ browser and travel booking app Ctrip, the mobile device's camera would self-activate. [...] One Weibo user observed that the retractable camera self-activates whenever he opens a new chat on Telegram, a messaging application designed for secured and encrypted communication.
[...] After the news of the self-activated camera bug spread, users started testing the issue on other applications and found that Baidu's voice input application has access to both the camera and voice recording function, which can be launched without users' authorization. A Vivo NEX user found that once she had installed Baidu's voice input system, it would activate the phone's camera and sound recording function whenever the user opened any application -- including chat apps, browsers -- that allows the user to input text.
Software Beats Animal Tests at Predicting Toxicity of Chemicals
Machine-learning software trained on masses of chemical-safety data is so good at predicting some kinds of toxicity that it now rivals --
and sometimes outperforms -- expensive animal studies, researchers report. From a report:
Computer models could replace some standard safety studies conducted on millions of animals each year, such as dropping compounds into rabbits' eyes to check if they are irritants, or feeding chemicals to rats to work out lethal doses, says Thomas Hartung, a toxicologist at Johns Hopkins University in Baltimore, Maryland. "The power of big data means we can produce a tool more predictive than many animal tests."
In a paper published in Toxicological Sciences on 11 July, Hartung's team reports that its algorithm can accurately predict toxicity for tens of thousands of chemicals -- a range much broader than other published models achieve -- across nine kinds of test, from inhalation damage to harm to aquatic ecosystems. The paper "draws attention to the new possibilities of big data," says Bennard van Ravenzwaay, a toxicologist at the chemicals firm BASF in Ludwigshafen, Germany. "I am 100% convinced this will be a pillar of toxicology in the future." Still, it could be many years before government regulators accept computer results in place of animal studies, he adds. And animal tests are harder to replace when it comes to assessing more complex harms, such as whether a chemical will cause cancer or interfere with fertility."
Apple To Refresh Mac mini, MacBook Pro, iMac Lineups Later This Year, Report Says
According to a note shared by reliable Apple analyst Ming-Chi Kuo, Apple is
planning to refresh a number of its computing product lineups later this year. Via MacRumors:
iPhone: There are three iPhones in the works, two OLED models in 5.8 and 6.5-inch sizes and one LED model that will be available in a 6.1-inch size.
iPad: Apple is working on two new 11 and 12.9-inch models that are equipped with a full-screen design and no Home button, with Apple to replace Touch ID with Face ID.
Mac mini: Processor upgrades expected.
MacBook Pro: Processor upgrades expected.
MacBook: Processor upgrades expected.
New Low-Priced Notebook: Kuo believes Apple is designing a new low-priced notebook. He originally said that this would be in the MacBook Air family, but now has changed his mind. Previous rumors have suggested this machine could be a 12-inch MacBook.
iMac: Significant display performance upgrade alongside a processor upgrade.
Apple Watch: Two new models in sizes that include 1.57 inches (39.9mm) and 1.78 inches (45.2mm) with an enhanced heart rate detection feature.
Hacker Steals Military Docs Because Someone Didn't Change a Default FTP Password
secwatcher shares a report:
A hacker is selling sensitive military documents on online hacking forums, a security firm has discovered. Some of the sensitive documents put up for sale include maintenance course books for servicing MQ-9 Reaper drones, and various training manuals describing comment deployment tactics for improvised explosive device (IED), an M1 ABRAMS tank operation manual, a crewman training and survival manual, and a document detailing tank platoon tactics. US-based threat intelligence firm Recorded Future discovered the documents for sale online. They say the hacker was selling the data for a price between $150 and $200, a very low asking price for such data. Recorded Future says it engaged the hacker online and discovered that he used Shodan to hunt down specific types of Netgear routers that use a known default FTP password. The hacker used this FTP password to gain access to some of these routers, some of which were located in military facilities, he said.
80 Percent of IT Decision Makers Say Outdated Tech is Holding Them Back
A study by analysts Vanson Bourne for self service automation specialist SnapLogic looks at the data priorities and investment plans of IT decision makers, along with what's holding them back from maximizing value. From a report:
Among the findings are that 80 percent of those surveyed report that outdated technology holds their organization back from taking advantage of new data-driven opportunities. Also that trust and quality issues slow progress, with only 29 percent of respondents having complete trust in the quality of their organization's data. Nearly three-quarters (74 percent) say they face unprecedented volumes of data but struggle to generate useful insights from it, estimating that they use only about half (51 percent) of the data they collect or generate. What's more, respondents estimate that less than half (48 percent) of all business decisions are based on data.
Access To Major Airport's Security System Offered on Dark Web for $10
Researchers at McAfee found remote access to a major airport's security system available on the dark web for $10. From a report:
The hacked access came from an online market for remote desktop protocol (RDP) accounts, which sell access to hacked accounts in all kinds of systems. "There's a lot of discussion about sophisticated nation-state attacks, but this was a really cheap way anyone could get access to something," Raj Samani, chief scientist at McAfee, told Axios. The RDP market isn't typically about purchasing access to systems to actually use the systems. Instead, buyers pay between $3 and $19 for access to machines based on bandwidth. Those systems are often used for their resources rather than their information.
Malls In California Are Sending License Plate Information To ICE
Presto Vivace shares a report from The Week with the caption, "And they wonder why some of us prefer to shop online." From the report:
Surveillance systems at more than 46 malls in California are capturing license plate information that is fed to Immigration and Customs Enforcement, the Electronic Frontier Foundation reported Tuesday. One company, Irvine Company Retail Properties, operates malls all over the state using a security network called Vigilant Solutions. Vigilant shares data with hundreds of law enforcement agencies, insurance companies, and debt collectors -- including ICE, which signed a contract with the security company earlier this year, reports The Verge. "[Irvine Company] is putting not only immigrants at risk, but invading the privacy of its customers by allowing a third-party to hold onto their data indefinitely," EFF wrote in its report, urging the chain of malls to stop providing information to ICE.
VC Market Is on Pace for Strongest Year Since Dot-Com Era
Venture capitalists are spending cash at levels not seen since the dot-com era, and theyâ(TM)re raising money at a pace to match. From a report:
Last quarter, VCs spent $27.3 billion in the U.S., according to a report set for publication Tuesday by research firm PitchBook and the National Venture Capital Association, a trade group. That's the most in any second quarter since the group began tracking quarterly data more than a decade ago. Combined with a record-setting first quarter, the VC market had its strongest first-half-year performance since 2000. The $57.5 billion invested in startups so far this year has already surpassed the full-year total for six of the past 10 years. This year is on track to exceed the $81.9 billion invested last year, which was itself a record since the dot-com boom.
Chinese Scientists Have Developed the World's First Destructive Laser Rifle
Chinese scientists have developed the world's first destructive, man-portable laser weapon. However, there is more to the story of this cool looking, but "less than lethal" directed energy device. The laser rifle is the ZKZM-500, developed by Xian Institute of Optics and Precision Mechanics in Xian, Shaanxi. It's manufactured by the Institute's subsidiary, ZKZM Laser. Weighing at 6 pounds (about the weight of a typical assault rifle), the ZKZM-500 has a range of 2,600 feet. The ZKZM-500 uses a lithium battery with enough power for 1000 two second shots (keep in mind, those 1000 shots may not be at full power). According to Institute designers, its laser is powerful enough to instantly scar human skin and tissue. It can also ignite clothing, knock a small drone out of the sky, or even ignite a fuel tank. That would place its power output around 100-500 watts (most surgical lasers top out at 100 watts).
Autonomous Robots Could be the Future of High Flying Stunts in Hollywood
From a report:
Visitors to Disneyland and other Disney resorts could end up seeing robots tackling some pretty crazy, death-defying stunts usually reserved for Marvel superheroes and Star Wars Jedi Masters. Disney's latest Stuntronics experiments with robots include teaching them to crawl, row and now, more impressively, perform daring aerial acrobatics. A new video features the robots propelled into the sky to spin and leap like robotic superheroes. And they look even more advanced and human-like than the last time we saw them. The robots, initially nicknamed Stickman, work by using on-board accelerometers, gyroscopes and laser range-finding data to determine how to perform impressive stunts like single and double backflips.