It's going to be much harder to view the full web in Russia before the year is out. President Putin has signed a law that, as of November 1st, bans technology which lets you access banned websites, including virtual private networks and proxies. Internet providers will have to block websites hosting these tools. The measure is ostensibly meant to curb extremist content, but that's just pretext -- this is really about preventing Russians from seeing content that might be critical of Putin, not to mention communicating in secret.
Accordingly, the President has signed another law requiring that chat apps identify users through their phone numbers after January 1st, 2018. Some messaging clients already encourage you to attach an account to a phone number, but this makes it mandatory -- Facebook and others can't reject the idea if they're prefer to give you some kind of anonymity. The measure also demands that operators limit users' access if they're spreading illegal material.
The timing likely isn't coincidental. Russia is holding a presidential election in March, and banning technology like VPNs will make it harder for voters to see news that questions Putin's authority. Likewise, you may be less likely to organize a protest if you know that the police can trace anonymous chats back to you through your phone number. As with China's VPN crackdown, Russian officials are trying to control the online conversation at a crucial moment to make sure the powers that be go unchallenged.
Learning Macromanagement in StarCraft from Replays using Deep Learning -- Neural networks are trained on 789,571 state-action pairs extracted from 2,005 replays of highly skilled players, achieving top-1 and top-3 error rates of 54.6% and 22.9% in predicting the next build action. By integrating the trained network into UAlbertaBot, an open source StarCraft bot, the system can significantly outperform the game’s built-in Terran bot and play competitively against UAlbertaBot with a fixed rush strategy. (via Mark Riedl)
Making Engineering Team Communication Clearer, Faster, Better -- it’s very important to make sure you have a process that actually gets people to read the document. The write-only document fired off into the void is a common problem, and this talks about how to solve it (for design documents, but the principles translate).
An anonymous reader writes: Security firm Avast has acquired software firm Piriform. Not only does the acquired company make CCleaner, but many other solid programs too. In fact, the rest of Piriform's library -- Recuva, Speccy, and Defraggler -- are staples of the Windows freeware community. "CCleaner is a leading brand in the market, used by 130 million people, including 15 million Android users. CCleaner has an extensive and extremely loyal community of tech-savvy users, who need to speed up and optimize their PC and Android experience. Avast will maintain the CCleaner brand of products along with Avast's existing performance optimization products, Avast Cleanup and AVG Tune Up. With the addition of CCleaner, Avast has dramatically expanded its product offerings in the PC and smartphone optimization market reaching customers around the world who demand faster performance," says Avast. Vince Steckler, CEO of Avast explains, "We see many commonalities between CCleaner and Avast, allowing for great new products for our user bases. Avast and CCleaner are the top two downloaded products on popular download sites. They are both known by advanced users as focused on performance, so we believe there will be a great interest from our CCleaner customers in using Avast security products and vice versa. In today's connected world, it's all about speed and high performance, and with Piriform's robust technology we can address this need perfectly. We look forward to working with the Piriform team to grow the business together."
Posted by Jeff Vander Stoep, Senior Software Engineer, Android Security
Updates are essential for security, but they can be difficult and expensive for device manufacturers. Project Treble is making updates easier by separating the underlying vendor implementation from the core Android framework. This modularization allows platform and vendor-provided components to be updated independently of each other. While easier and faster updates are awesome, Treble's increased modularity is also designed to improve security.
Isolating HALs
A Hardware Abstraction Layer (HAL) provides an interface between device-agnostic code and device-specific hardware implementations. HALs are commonly packaged as shared libraries loaded directly into the process that requires hardware interaction. Security boundaries are enforced at the process level. Therefore, loading the HAL into a process means that the HAL is running in the same security context as the process it's loaded into.
The traditional method of running HALs in-process means that the process needs all the permissions required by each in-process HAL, including direct access to kernel drivers. Likewise, all HALs in a process have access to the same set of permissions as the rest of the process, including permissions required by other in-process HALs. This results in over-privileged processes and HALs that have access to permissions and hardware that they shouldn't.
Figure 1. Traditional method of multiple HALs in one process.
Moving HALs into their own processes better adheres to the principle of least privilege. This provides two distinct advantages:
Each HAL runs in its own sandbox and is permitted access to only the hardware driver it controls and the permissions granted to the process are limited to the permissions required to do its job.
Similarly, the process loses access to hardware drivers and other permissions and capabilities needed by the HALs.
Figure 2. Each HAL runs in its own process.
Moving HALs into their own processes is great for security, but it comes at the cost of increased IPC overhead between the client process and the HAL. Improvements to the binder driver made IPC between HALs and clients practical. Introducing scatter-gather into binder improves the performance of each transaction by removing the need for the serialization/deserialization steps and reducing the number of copy operations performed on data from three down to one. Android O also introduces binder domains to provide separate communication streams for vendor and platform components. Apps and the Android frameworks continue to use /dev/binder, but vendor-provided components now use /dev/vndbinder. Communication between the platform and vendor components must use /dev/hwbinder. Other means of IPC between platform and vendor are disallowed.
Case study: System Server
Many of the services offered to apps by the core Android OS are provided by the system server. As Android has grown, so has system server's responsibilities and permissions, making it an attractive target for an attacker. As part of project Treble, approximately 20 HALs were moved out of system server, including the HALs for sensors, GPS, fingerprint, Wi-Fi, and more. Previously, a compromise in any of those HALs would gain privileged system permissions, but in Android O, permissions are restricted to the subset needed by the specific HAL.
Case study: media frameworks
Efforts to harden the media stack in Android Nougat continued in Android O. In Nougat, mediaserver was split into multiple components to better adhere to the principle of least privilege, with audio hardware access restricted to audioserver, camera hardware access restricted to cameraserver, and so on. In Android O, most direct hardware access has been entirely removed from the media frameworks. For example HALs for audio, camera, and DRM have been moved out of audioserver, cameraserver, and drmserver respectively.
Reducing and isolating the attack surface of the kernel
The Linux kernel is the primary enforcer of the security model on Android. Attempts to escape sandboxing mechanisms often involve attacking the kernel. An analysis of kernel vulnerabilities on Android showed that they overwhelmingly occurred in and were reached through hardware drivers.
De-privileging system server and the media frameworks is important because they interact directly with installed apps. Removing direct access to hardware drivers makes bugs difficult to reach and adds another layer of defense to Android's security model.
To give a little of context, it is a board designed by UDOO sporting an Intel x86 CPU (64bit, different depending if you have a BASIC, ADVANCED or ULTRA), 2/4/8GB or RAM (soldered) and a LOT of peripherals and I/O.
To mention some of them:
M.2 Key E port
Gigabit Ethernet
3x USB 3 Ports
1 HDMI and 2x DisplayPort
GPIO
2x COM ports
RTC
I2C
In addition, they managed to put on the same board a Genuino/Arduino 101 board (Intel Curie), with BLE and 6 axis accelerometer & gyroscope.
Everything on a board more or less twice the size of the RaspberryPi.
I am writing this tutorial from the board itself and I can tell it can be used as desktop/HTPC without any major issues.
One cool feature of the Arduino 101 is it is able to Power On/Off the main CPU via Interrupt!
I am going to tell you how to be able to remotely power on and off the main CPU via BLE.
I am using LUbuntu 16.04 as OS, but those instructions should work pretty well on any operating system, even MS Windows.
Grant Power management to Intel Curie
Verify the BIOS/EFI settings are as shown in this page.
Prepare the Arduino environment
Install the Arduino IDE from the official site and install the Intel Curie Arduino 101 Libraries & Tools. You could do the same with PlatformIO, but I am not quite sure about the Intel Curie support.
Check you select the correct board type, programmer and serial port in the Tools menu.
Remember to give your user the rights to write to the serial port executing: sudo usermod -a -G dialout
You have to logout to make those changes taken into account.
In addition to that, it could be necessary to execute the following script:
This is required to make the Arduino capable of resetting the board to put it in programming mode.
Check everything works fine uploading a simple example sketch (pick the Basic/Blink one).
The blinking led is the one close to the HDMI port
Upload the sketch to receive commands from BLE
Let's start with a skeleton sketch Intel prepared for us.
Choose the example from CurieBLE/Peripheral/CallbackLED.
Upload it to the board.
Follow the instructions shown on this page to configure the Android application.
All you need to do is to pair to the Arduino101 BLE device, which will be shown as LEDCB.
Once you're connected, you'll be able to write 0 or 1 to a variable exposed by the service implemented in the sketch.
The variable will power on and off the LED depending on the value of the variable.
Adapt the sketch to send a Power signal to the main board
We need to add a simple function to send a LOW digital signal for 20ms on the PIN number 9, followed by a HIGH digital level.
This generated wave will be caught by an intermediary SMT32, which will send the power interrupt to the Intel Atom/Celeron/Pentium.
The whole board will react on the interrupt, including the Arduino 101, which will be restarted, losing any unsaved state.
It means everything which follows the execution of the function sendPowerSignal is actually useless, as the Arduino 101 will reboot.
Issues (2 May 2017)
I am unable to fully verify it is working since on shutdown the board actually gets powered on.
Possible root cause:
BLE is interacting with the PIN number 9
When the Arduino 101 is reset, the PIN 9 goes again low triggering a power on
Those facts seem not impacting just my board, as I found a forum post you can check here where another user faced the same problem.
I can also confirm that if I suspend the system, the Arduino 101 is no more visible on Bluetooth, so it means it gets powered off.
UPDATE (3 May 2017)!
I've been in touch with UDOO team and they provided a revision of the BIOS for testing purposes only.
The problem is partially fixed and I'll keep you posted to let you know when we will have this example fully working.
UPDATE (18 July 2017)!
I've received a BIOS 1.03 RC version to test if the mentioned issues are fixed.
And we have good news! Everything works as expected!
I let UDOO send the changelog of the latest BIOS as soon as it is officially out, but I can confirm you'll be able to use the Arduino 101 to properly power up and shutdown the main board.
The power management via Intel Curie can be now left enabled and flashing the Arduino 101 or rebooting will no more generate issues (reboots).
The problem has been solved making the power signal trigger sequence more complex (5 HIGH to LOW transitions within 100 ms, instead of a single transition).
If you're using a desktop linux distribution (e.g. Ubuntu), please check the power management rules and set "When power button is pressed" to "Shutdown" or "Suspend", depending on what you prefer).
Otherwise, you will get a dialog, as in the following video...
Data breaches are bad enough by themselves, but they're made worse when companies don't bother to (or can't) encrypt all their info. It's tantamount to giving hackers the keys to the kingdom. But what to do? IBM thinks it has a simple solution: encrypt absolutely everything. Its latest Z mainframe system now has enough power to automatically encrypt all the data associated with an app or service, whether it's in transit or sitting idle in a database. According to IBM, conventional systems based on x86 processors only encrypt "limited slices" of information, while the new Z has enough power (18 times more, in fact) to lock everything down as a matter of course.
The new platform can also "self-destruct" encryption keys the moment there's any tampering, and quickly encrypts the programming interfaces that tie apps and services together. And the Z is faster overall, regardless of the task at hand: there's three times the memory (a hefty 32TB), three times faster input/output and much lower lag when talking to a storage area network. The hardware should juggle many more transactions (like purchases at an online store) even as it boosts their overall security.
Naturally, there are catches to this utopian vision of internet security. While IBM plays an important role in online commerce (its transaction engine handles 87 percent of credit card payments), many companies would likely have to upgrade before you'd see the benefit. Any mass migration would probably take years, if it happens at all. And of course, IBM's solution doesn't stop hackers from taking data -- it just prevents them from reading that data. There's a chance, however slim, that the most determined perpetrators will find a way to decrypt content once they have it.
Nonetheless, this technology could be a big step forward if it lives up to IBM's hype. If you can assume that your sensitive data is always encrypted, you won't have to worry quite so much that thieves might go on a shopping spree with your credit card. This might also deter crooks if they know that they're unlikely to hit the jackpot when they crack a company's security.
Dieter Bohn at The Verge: So while Microsoft didn't do itself any favors, I'd argue strongly that all these machinations and flailings weren't a response (or weren't only a response) to the iPhone. The real enemy was the company that had set its sights on Microsoft's phone ambitions since before the iPhone was released. That company was Google, of course, and it only tangentially wanted to take on the iPhone. Google's real target was always Microsoft, and it hit the bullseye. This article looks at the past, so let me take this opportunity to posit something that might come as a surprise to some. Android is a dead end. I really want to write a far more detailed and in-depth article explaining why I think Android is a dead end, but I can't yet fully articulate my thoughts or pinpoint why, exactly, I've felt like this for months now. All this doesn't mean Google is going to get out of mobile operating systems, and it doesn't even mean that the name "Android" is going away. All it means is that what we think of today as "Android" - a Linux kernel with libraries, the Android Runtime, and so on on top - has served its hackjob, we-need-to-compete purpose and is going to go away. Android in its current form suffers from several key architectural problems - it's not nearly as resource-efficient as, say, iOS, has consistent update problems, and despite hefty hardware, still suffers from the occasional performance problems, among other things - that Google clearly hasn't been able to solve. It feels like Android is in limbo, waiting for something, as if Google is working on something else that will eventually succeed Android. Is that something Fuchsia? Is Project Treble part of the plan, to make it easier for Google to eventually replace Android's Linux base with something else? If Android as it exists today was salvageable, why are some of the world's greatest operating systems engineers employed by Google not working on Android, but on Fuchsia? If Fuchsia is just a research operating system, why did its developers recently add actual wallpapers to the repository? Why does every design choice for Fuchsia seem specifically designed for and targeted at solving Android's core problems? I don't like making broad predictions based on gut feelings and spidey senses, since they can be incredibly misleading and hard to read, but I'm still pretty confident on this one: over the coming two to three years, Android will undergo a radical transformation. This transformation will be mostly transparent to users - their next Android phone won't actually be "Android" anymore, but still run the same applications, and they literally won't care - but it won't be a Linux device, and it won't suffer from Android's core problems. In a few years, Google's Pixel phone will have a fully custom, Google-designed SoC, and run an operating system that is Android in brand name only. Bookmark this. Read more on this exclusive OSNews article...
Gran Turismo Sport, the seventh mainline entry in the franchise, is now scheduled to be released Oct. 17 on PlayStation 4, developer Polyphony Digital announced today.
That’s the timing in North America; the simulation racing game will debut Oct. 18 across Europe. The launch happens to be two weeks after the arrival of Gran Turismo Sport’s direct competition — Microsoft’s Forza Motorsport 7 is set to launch Oct. 3 on Windows 10 and Xbox One. Polyphony Digital’s announcement was accompanied by a new 30-second trailer, which you can watch above.
It’s been a long, winding road for Gran TurismoSport to get this point. The new mid-October release date is more than 11 months after the game was originally scheduled to arrive — publisher Sony Interactive Entertainment said in May 2016 that it was going to launch the game on Nov. 15, 2016. Polyphony Digital then announced in August that it had decided to push the game back to 2017.
Polyphony Digital/Sony Interactive Entertainment
The developer had also planned to hold an open beta for Gran Turismo Sport in early 2016. However, the company canceled it in May of that year. Instead, the studio ran a closed beta, but not until this past March.
“We are now entering the final stages of polishing as we prepare for launch,” said series creator and Polyphony Digital president Kazunori Yamauchi in a PlayStation Blog post. He added that the studio is finally getting ready to provide details on Gran Turismo Sport’s features, including its campaign mode, vehicles and courses. As previously announced, the game will also support the PlayStation VR headset with a virtual reality mode.
For now, though, Sony is just saying that pre-orders are live at the PlayStation Store and European retailers. Gran Turismo Sport will be available in the usual $59.99 Standard Edition and a previously announced $69.99 Limited Edition, which comes with the following items:
GT Sport Starter Pack (8 Cars)
$1MM In-Game Credit
Livery Sticker Pack
30 GT Sport Themed Avatars
Chrome Racing Helmet (For Driver Profile)
Limited Steelbook & Packaging
Sony is also offering a Digital Deluxe Edition for $79.99. It beefs up the Starter Pack with four more cars, and doubles the in-game credit and the number of avatars.
Formula 1 and Snap Inc, the social media company which owns social media platform Snapchat, have announced a new partnership to cover grands prix.
Lewis Hamilton was criticised for using Snapchat – the mobile and tablet application which allows users to share photos and videos to their own ‘Story’ and view their contacts’ ‘Stories’ – during the 2016 Japanese GP Thursday press conference, for which he later apologised.
Companies, media outlets and major events also curate stories, which group those photos and videos over 24 hours, after which they are deleted.
F1 is focusing on the ‘Discover’ part of the app, which compiles photos and videos – ‘Snaps’ – submitted by users and collates them under a collective story during an event. A team of editors and producers at Snapchat will review the photos before they are viewable to F1’s audience on the app.
The deal is F1’s first commercial deal with a digital and mobile-orientated platform and it will begin at the British Grand Prix on Sunday, continuing in Singapore, Japan, the USA, Mexico, Brazil and Abu Dhabi. The collaboration with Snapchat is part of F1’s ongoing push to engage fans with social media and digital platforms, including its mobile (Official F1) app, its website with live timing.
Notably, Liberty has relaxed its rules for teams and drivers on sharing video content, with clips pre-season testing shared on Twitter and Facebook marking a change from the motorsport’s previous era of management.
Frank Arthofer, Head of Digital and New Business at F1, said: “This is the first step towards expanding our social media strategy.
“Right from the start, we have said we want to work with partners to bring fans closer to the amazing show that is Formula 1, an incredible mix of technology and individual talent – and Snap fits that bill.
“We need to continue to bring new fans to the sport – by reaching out to them on social media platforms with behind the scenes, fun and engaging content.
“Snap’s platform is one of the most popular among ‘millennials,’ a sector we are particularly keen on attracting, as it represents the future of our sport.”
The app has more than 166 million daily active users around the world and more than 3 billion Snaps are sent every day. The platform also supports advertisers and partners with other sports leagues, outlets and broadcasters such as Sky Sports, NASCAR, EA Sports, Fox Sports and MotoGP.
“We want to work with the most iconic sporting organizations in the world, that are beloved by our global community of passionate and highly engaged fans – and working with Formula 1 has been at the top of our wishlist for a long time.”, said Ben Schwerin, Snap Inc’s Vice President of Partnerships.
“Our goal is simple – we want to make being a fan more fun no matter where you are and Snapchat offers unique and creative ways to experience it with their closest friends.
“We are honoured to be the first platform they are partnering with, and are excited to start offer their teams, partners and advertisers an opportunity to reach millions of Snapchatters around the globe.”
Will you be using Snapchat to engage with the upcoming grands prix? Have your say in the comment section below.
Apache Guacamole consists of two main components, the Guacamole web application (known as the guacamole-client) and the Guacamole daemon (or guacd). An X windows application runs in an Xvnc environment with an in-memory only display.
itSeez3D Avatar SDK is an advanced smartphone-based 3D scanning technology that turns a single selfie photo into a photorealistic 3D avatar.
Using just a camera of a smartphone with no additional hardware, itSeez3D Avatar SDK allows to create a high quality 3D model of a face ready for gaming, virtual and augmented reality experience – all in a couple of minutes.
Lucasfilm and Industrial Light & Magic (ILM) announced the inaugural Open Source release of the MaterialX Library for computer graphics. MaterialX is an open standard developed by Lucasfilm’s Advanced Development Group and ILM engineers to facilitate the transfer of rich materials and look-development content between applications and renderers.
Industry-leading companies including Autodesk, Inc. and Foundry have voiced support for MaterialX.
Autodesk is very pleased to be a contributor to the MaterialX project and we are looking forward to adding native support for MaterialX workflows to our digital content creation tools. As with other open formats, MaterialX is going to improve collaboration and help make production pipelines more efficient, so we are thankful that Lucasfilm have chosen to share their technology with the community through open source software.
Chris Vienneau, Director of Media and Entertainment at Autodesk
Foundry is happy to see the MaterialX project reach this latest milestone. The possibilities for smoothing the transfer of look development information between our own applications is exciting. The broader principle of open source projects and multi-vendor data exchange are important for the industry as a whole. Thus we look forward to including MaterialX powered workflows in future releases of our applications.
Jordan Thistlewood – Senior Product Manager: Look Development and Lighting at Foundry
Originated at Lucasfilm in 2012, MaterialX has been used by ILM in feature films such as Star Wars: The Force Awakens and Rogue One: A Star Wars Story, and real-time immersive experiences such as Trials On Tatooine. The MaterialX team will host a ‘Birds of a Feather’ meeting at the ACM SIGGRAPH Conference in Los Angeles, CA on Monday July 31 2017, 9:30-11:00am, in room 511BC of the Los Angeles Convention Center.
Workflows at Computer Graphics production studios require multiple software tools for different parts of the production pipeline, and shared and outsourced work requires companies to hand off fully look-developed models to other divisions or studios which may use different software packages and rendering systems. There are currently high-quality solutions (e.g. USD, Alembic) for exchanging scene hierarchies and geometric data between tools, but no effective solutions for exchanging rich material content. MaterialX addresses the current lack of a common, open standard for representing the data values and relationships required to transfer the complete look of a computer graphics model from one application or rendering platform to another, including shading networks, patterns and texturing, complex nested materials and geometric assignments. MaterialX provides a schema for describing material networks, shader parameters, texture and material assignments, and color-space associations in a precise, application-independent, and customizable way.
Lucasfilm is no stranger to open source projects having developed and released key projects over the years. The company has played a key role in developing Alembic, co- developed with Sony Imageworks and released in 2012, and OpenEXR, which was developed by ILM in 2000. Both have become industry standards and continue to be developed by the open source community.
MaterialX is an Open Source project released under a modified Apache license. For more information visit the MaterialX website: www.materialx.org and follow MaterialX on Twitter @MaterialXCG for the latest news.
From a report: Microsoft is killing off Windows Phone 8.1 support today, more than three years after the company first introduced the update. The end of support marks an end to the Windows Phone era, and the millions of devices still running the operating system. While most have accepted that the death of Windows Phone occurred more than a year ago, AdDuplex estimates that nearly 80 percent of all Windows-powered phones are still running Windows Phone 7, Windows Phone 8, or Windows Phone 8.1. All of these handsets are now officially unsupported, and only 20 percent of all Windows phones are running the latest Windows 10 Mobile OS.
Google has paid researchers and academics who have worked on projects that support the company's positions in battles with regulators, a report in The Wall Street Journal (paywalled) said on Tuesday. From a report: Google's practice might not sound all that different from lobbying, but The Wall Street Journal revealed that some of the professors, including a Paul Heald from the University of Illinois, didn't disclose Google's payments. Heald is one of "more than a dozen" such professors who accepted money from Google, according to The Wall Street Journal. Google has reason to try to get as many folks on its side as it can. The company has faced almost constant scrutiny for its business practices, most recently a record antitrust fine of $2.7 billion in the European Union. Tens of thousands of dollars to professors here and there could have helped it avoid that fine, and others.
Ubuntu is now available for download on the Windows Store. "Initially spotted by Rafael Rivera and Necrosoft Core on Twitter, Ubuntu on the Windows Store will let you install and run the Ubuntu terminal on Windows next to your other apps," reports Windows Central. From the report: Ubuntu's arrival, and that of SUSE, are part of a recent push by Microsoft to embrace Linux and the open source community more broadly. This began with the arrival of the Windows Subsystem for Linux in 2016, allowing users to use the Bash shell from within Windows. Keep in mind that this is limited to the Fall Creators Update, which isn't set for a public release until later this year. If you're running a PC testing the Fall Creators Update through the Windows Insider Program, however, you should be able to download and try Ubuntu from the Windows Store just fine.
If you are working with OBD2 hardware or software, it’s easy enough to access test data, simply plug into a motor vehicle with an OBD2 socket. If, however, you wish to test OBD2 software under all possible fault conditions likely to be experienced by an engine, you are faced with a problem in that it becomes difficult to simulate all faults on a running engine without breaking it. This led [Fixkick] to create an OBD2 simulator using a secondhand Ford ECU supplied with fake sensor data from an Arduino to persuade it that a real engine was connected.
The write-up is quite a dense block of text to wade through, but if you are new to the world of ECU hacking it offers up some interesting nuggets of information. In it there is described how the crankshaft and camshaft sensors were simulated, as well as the mass airflow sensor, throttle position, and speedometer sensors. Some ECU inputs require a zero-crossing signal, something achieved with the use of small isolating transformers. The result is a boxed up unit containing ECU and Arduino, with potentiometers on its front panel to vary the respective sensor inputs.