Wednesday 31 December 2014

Google Researcher Publishes Unpatched Windows 8.1 Security Vulnerability

An anonymous reader writes "Google's security research database has after a 90 day timeout automatically undisclosed a Windows 8.1 vulnerability which Microsoft hasn't yet patched. By design the system call NtApphelpCacheControl() in ahcache.sys allows application compatibility data to be cached for quick reuse when new processes are created. A normal user can query the cache but cannot add new cached entries as the operation is restricted to administrators. This is checked in the function AhcVerifyAdminContext(). Long story short, the aforementioned function has a vulnerability where it doesn't correctly check the impersonation token of the caller to determine if the user is an administrator. It hasn't been fully verified if Windows 7 is vulnerable. For a passer-by it is also hard to tell whether Microsoft has even reviewed the issue reported by the Google researcher. The database has already one worried comment saying that automatically revealing a vulnerability just like that might be a bad idea."

Read more of this story at Slashdot.




















Read the full article here by Slashdot

Four short links: 31 December 2014

Governance for the New Class of Worker (Matt Webb) — there is a new class of worker. They’re not inside the company – not benefiting from job security or healthcare – but their livelihoods in large part dependent on it, …



Read the full article here by O'Reilly Radar - Insight, analysis, and research about emerging technologies

Antibufala: l’UFO “decollato dalla Luna”

Tuesday 30 December 2014

Four short links: 30 December 2014

DevOoops (Slideshare) — many ways in which your devops efforts can undermine your security efforts. Matters Computational (PDF) — low-level bit-twiddling and algorithms with source code. (via Jarkko Hietaniemi) Top 5 Game Design Debates I Ignored in 2014 (Daniel Cook) …



Read the full article here by O'Reilly Radar - Insight, analysis, and research about emerging technologies

Monday 29 December 2014

Linux Gains Support For Really High Frame Rates With The PS3 Eye Camera

A new patch has been proposed today for the Linux kernel that would allow the PlayStation 3 Eye camera to capture at much higher frame-rates...



Read the full article here by Phoronix

SourceLair, l’IDE on-line gratuito

SourceLair è un ambiente di sviluppo integrato (IDE) accessibile direttamente da browser, che non necessita di alcuna installazione sul sistema locale ed è utilizzabile gratuitamente per la realizzazione di un singolo progetto alla volta.


Con SourceLair è possibile programmare usando uno dei 25 linguaggi supportati dalla piattaforma, da Python a Ruby passando per HTML5, JavaScript, C++ e molti altri. E’ inoltre disponibile una console di comandi Linux, oltre all’integrazione con i sistemi per il versioning e la gestione del codice più popolari come l’onnipresente Git.


Oltre alla semplicità dell’interfaccia Web e alla praticità di non dover installare un software …


The post SourceLair, l’IDE on-line gratuito appeared first on Edit.







Read the full article here by Edit

Friday 26 December 2014

Nokia C1 Smartphone With Android 5.0 Lollipop in the Works: Report


After launching its first Android tablet in November, the Nokia N1, the Finnish firm is now rumoured to be working on an Android 5.0 Lollipop-based smartphone called Nokia C1. If the rumour is true and smartphone is released as the Nokia C1, the firm would be breaching the Microsoft acquisition agreement.


Read more


More Android 5.0:



read more






Read the full article here by Tux Machines

Four short links: 26 December 2014

How Bad Software Leads to Bad Science — 21% of scientists who write software have never received training in software development. Roaring Bitmaps — compressed bitmaps which tend to outperform conventional compressed bitmaps such as WAH, EWAH or Concise. In …



Read the full article here by O'Reilly Radar - Insight, analysis, and research about emerging technologies

Thursday 25 December 2014

WiFi Direct: Windows Wireless File Transfer That’s Faster Than Bluetooth

wifi-direct-windows-smartphone

Wireless data sharing is one of those things that we already enjoy, but not necessarily in the way we would like to have it. For instance, sharing Windows files and folders on a home network so that data can be easily reached from a second device is relatively simple, but sending data directly from one device to another isn’t. Email is an option, as is NFC, but not many computers support the latter which at the moment tends to be limited to handheld devices. Two options are built into Windows, but both can be initially difficult to use. However, once...


Read the full article: WiFi Direct: Windows Wireless File Transfer That’s Faster Than Bluetooth







Read the full article here by MakeUseOf

Four short links: 25 December 2015

Smartest Cities Rely on Citizen Cunning and Unglamorous Technology (The Guardian) — vendors like Microsoft, IBM, Siemens, Cisco and Hitachi construct the resident of the smart city as someone without agency; merely a passive consumer of municipal services – at …



Read the full article here by O'Reilly Radar - Insight, analysis, and research about emerging technologies

biicode 2.0 Is Buzzing

A C and C++ dependency manager with a hosting service



Read the full article here by Dr. Dobb's All

Win! Sony's 'The Interview' now available on Google Play and Microsoft's Xbox Video

When Sony Pictures was hacked, it was a horrible situation for the company. Not only were its computers knocked offline, but the content of corporate emails were disclosed, embarrassing both the company and individual employees. Sadly, this hack escalated into a terrorist threat, which ultimately led to the opening of film, 'The Interview', being put on hiatus. While this was a huge blow to Sony and free speech overall, the good guys are getting the last laugh. Today, on the Eve of Christmas, Google and Microsoft shock the world and announce that you can watch The Interview today on Google… [Continue Reading]



Read the full article here by BetaNews

Wednesday 24 December 2014

Four short links: 23 December 2014

Metrics for Operational Performance — you’d be surprised how many places around your business you can meaningfully and productively track time-to-detection and time-to-resolution. Steel Mill Hacked — damage includes a blast furnace that couldn’t be shut down properly. Cerebros — …



Read the full article here by O'Reilly Radar - Insight, analysis, and research about emerging technologies

Four short links: 24 December 2014

DRMed Cat Litter Box — the future is when you don’t own what you buy, and it’s illegal to make it work better. (via BoingBoing) Are We Consistent Yet? — the eventuality of consistency on different cloud platforms. How Complex …



Read the full article here by O'Reilly Radar - Insight, analysis, and research about emerging technologies

1980s technology can be used to hack any smartphone

German researchers have discovered that technology from the 1980s can be used by hackers anywhere in the world to spy on your phone calls and text messages. The Signaling System 7 (SS7) network, which is still in use today, could allow hackers using an African or Asian network, for example, to hack into a US or UK-based mobile. SS7 utilizes a series of protocols to enable mobile network carriers to route calls, texts and similar services to each other. However, security researchers Tobias Engel of Sternraute and Karsten Nohl, chief scientist for Security Research Labs, have discovered a number of… [Continue Reading]



Read the full article here by BetaNews

Tuesday 23 December 2014

TeaVM traduce il codice Java in JavaScript

TeaVM è un nuovo progetto che si pone l’obiettivo di avvicinare Java e JavaScript, o più precisamente di permettere la transcompilazione del bytecode di Java in listati JS eseguibili direttamente all’interno di un browser Web. Senza plug-in aggiuntivi di sorta, naturalmente.


Gli sviluppatori di TeaVM sostengono di avere gli stessi obiettivi del progetto GWT, anche se il loro approccio intende migliorare quest’ultimo soprattutto sul fronte delle performance, del supporto agli IDE e del supporto alle diverse classi JDK.


TeaVM mette a disposizione tutte le funzionalità utili per scrivere codice bytecode in Java e poi compilare quello stesso codice in …


The post TeaVM traduce il codice Java in JavaScript appeared first on Edit.







Read the full article here by Edit

This beer tells you how much to drink to boost your creativity

When you've been stuck on a problem or that creative spark just won't come, the chances are you've turned to a cup of coffee to get things moving. A quick java infusion can certainly help, but studies also suggest that alcohol can also have a positiv...



Read the full article here by Engadget RSS Feed

AppGyver AppArchitect 2.0 Appears

AppArchitect 2.0 bringing full support for Android to mobile app creation tool



Read the full article here by Dr. Dobb's All

North Korean Internet Is Down

First time accepted submitter opentunings writes "Engadget and many others are reporting that North Korea's external Internet access is down. No information yet regrading whether anyone's taking responsibility. From the NYT: "Doug Madory, the director of Internet analysis at Dyn Research, an Internet performance management company, said that North Korean Internet access first became unstable late Friday. The situation worsened over the weekend, and by Monday, North Korea’s Internet was completely offline. 'Their networks are under duress,' Mr. Madory said. 'This is consistent with a DDoS attack on their routers,' he said, referring to a distributed denial of service attack, in which attackers flood a network with traffic until it collapses under the load."

Read more of this story at Slashdot.




















Read the full article here by Slashdot

Open Source Online Game Gets Students Excited About Linux


When Razvan Rughinis began teaching the introductory operating systems course at University Politehnica of Bucharest in Romania 10 years ago, he was challenged to get students interested in Linux and keep them interested for the entire three-month course.


Many first-year computer science students have no experience with Linux, and they have no interest in learning it, said Rughinis a professor in the Computer Science and Engineering Department. And those students who do know Linux are regarded as unusual and treated as social outcasts, he said.


“They wouldn't pay attention to the first experience to see what Linux has to offer; not just the desktop, but how the services work and the depth of the system,” he said. “It's a steep learning curve for students coming from high school. Their first encounter was too difficult.”


Read more


read more






Read the full article here by Tux Machines

Monday 22 December 2014