New Flash Vulnerability Being Exploited In the Wild ( 40

An anonymous reader writes: Researchers from Trend Micro report a new attack on fully-patched versions of Adobe Flash. The attacks originate from an espionage campaign run by the group known as Pawn Storm, and seem to target only government agencies. "Ministries of Foreign Affairs have become a particular focus of interest for Pawn Storm recently. Aside from malware attacks, fake Outlook Web Access (OWA) servers were also set up for various ministries. These are used for simple, but extremely effective, credential phishing attacks. One Ministry of Foreign Affairs got its DNS settings for incoming mail compromised. This means that Pawn Storm has been intercepting incoming e-mail to this organization for an extended period of time in 2015."

How To Enable Cortana On the Xbox One Experience Preview ( 81

MojoKid writes: Part of Microsoft's strategy to unite different devices to a single ecosystem means offering the same services and features across the board. One of those features is Cortana, Microsoft's digital assistant, which is available on Windows 10. It will also be available for the Xbox One, though not until sometime next year, at least officially. Don't feel like waiting? You might not have to. Here's a quick and dirty guide on how to unlock Cortana on the Xbox One, provided you're running the latest Xbox One Experience Preview.

Kaspersky Fixes Bug That Allowed Attackers To Block Windows Update & Others ( 33

An anonymous reader writes with this story at Softpedia about Google Project Zero security researcher Tavis Ormandy's latest find. A vulnerability that allowed abuse by attackers was discovered and quickly fixed in the Kaspersky Internet Security antivirus package, one which allowed hackers to spoof traffic and use the antivirus product against the user and itself. Basically, by spoofing a few TCP packets, attackers could have tricked the antivirus into blocking services like Windows Update, Kaspersky's own update servers, or any other IPs which might cripple a computer's defenses, allowing them to carry out further attacks later on.

Ask Slashdot: Selecting a Version Control System For an Inexperienced Team 321

An anonymous reader writes: I have been programming in Python for quite a while, but so far I have not used a version control system. For a new project, a lot more people (10-15) are expected to contribute to the code base, many of them have never written a single line of Python but C, LabVIEW or Java instead. This is a company decision that can be seen as a Python vs. LabVIEW comparison — if successful the company is willing to migrate all code to Python. The code will be mostly geared towards data acquisition and data analysis leading to reports. At the moment I have the feeling, that managing that data (=measurements + reports) might be done within the version control system since this would generate an audit trail on the fly. So far I have been trying to select a version control system, based on google I guess it should be git or mercurial. I get the feeling, that they are quite similar for basic things. I expect, that the differences will show up when more sophisticated topics/problems are addressed — so to pick one I would have to learn both — what are your suggestions? Read below for more specifics.

Firefox Support For NPAPI Plugins Ends Next Year ( 146

An anonymous reader writes: Mozilla announced that it will follow the lead of Google Chrome and Microsoft Edge in phasing out support for NPAPI plugins. They expect to have it done by the end of next year. "Plugins are a source of performance problems, crashes, and security incidents for Web users. ... Moreover, since new Firefox platforms do not have to support an existing ecosystem of users and plugins, new platforms such as 64-bit Firefox for Windows will launch without plugin support." Of course, there's an exception: "Because Adobe Flash is still a common part of the Web experience for most users, we will continue to support Flash within Firefox as an exception to the general plugin policy. Mozilla and Adobe will continue to collaborate to bring improvements to the Flash experience on Firefox, including on stability and performance, features and security architecture." There's no exception for Java, though.
First Person Shooters (Games)

Open-Source Doom 3 Advances With EAX Audio, 64-bit ARM/x86 Support ( 37

An anonymous reader writes: Dhewm3, one of the leading implementations of the Doom 3 engine built off the open-source id Tech 4 engine, has released a new version of the GPL-licensed engine that takes Doom 3 far beyond where it was left off by id Software. The newest code has full SDL support, OpenAL + OpenAL EFX for audio, 64-bit x86/ARM support, better support for widescreen resolutions, and CMake build system support on Linux/Windows/OSX/FreeBSD. This new open-source code can be downloaded from Dhewm3 on GitHub but continues to depend upon the retail Doom 3 game assets.

Microsoft's Mission To Reignite the PC Sector ( 266 writes: Sales of personal computers have been declining for so long — 14 consecutive quarters — that it's hard remember a time when PCs ruled the tech world. Now Nick Wingfield writes in the NY Times that Microsoft is leading the way on a mission to re-ignite the PC market by taking the once-unthinkable step of competing with its hardware partners. This week, Microsoft dived even further into the business with a laptop device, the Surface Book. The stated reason that Microsoft got into the PC hardware business three years ago, with the original Surface, was not to put PC companies out of business — but to better illustrate the capabilities of its software, providing devices that would inspire PC makers to be more innovative.

One of the most remarkable things about Microsoft's growing presence in the hardware business is that it has not led to open revolt among its partners. Initially, many of them were not happy about Microsoft's moves, complaining in private. "It's positioned as a laptop, very squarely against the MacBook Pro as an example. But that could also be extended to a Dell XPS 13, or an HP x360," says Patrick Moorhead. One reason there hasn't been more pushback from OEMs is that Microsoft's Surface business is still relatively small. Another is that the money Microsoft has poured into marketing Surface has raised the broader profile of Windows PCs. While Microsoft obviously risks alienating its partners, it's doing so with a much bigger fight in mind. "Right now Microsoft really believes that it has to have a combined hardware, software, and services play to go up against the likes of Apple," says Moorhead. "That's why it's doing this. That's why it's taking such an aggressive stance now, moving to laptops."


Microsoft Claims 110M Devices Now Run Windows 10 ( 170

New submitter enterpriseITrocks writes: Computerworld reports that Windows 10 is running on 110 million devices, citing stats provided by Panos Panay, the chief of the Surface team. It's the first time since late August that Microsoft has provided usage stats for Win10 at a time when the new OS was running on 75 million machines. From the article: "Microsoft's 110 million described those running Windows 10, not downloads, the company confirmed. A spokeswoman declined to describe how the company tracks uptake, but presumably it does via Windows 10 activations, which it could easily tally from its logs."

Ask Slashdot: Where Can I Find "Nuts and Bolts" Info On Cookies & Tracking Mechanisms? 84

New submitter tanstaaf1 writes: I was thinking about the whole tracking and privacy train-wreck and I'm wondering why specific information on how it is done, and how it can be micromanaged or undone by a decent programmer (at least), isn't vastly more accessible? By searching, I can only find information on how to erase cookies using the browser. Browser level (black box) solutions aren't anywhere near good enough; if it were, the exploits would be few and far between instead everywhere everyday. Read below for the rest of tanstaaf1's question.

Windows Phone Store Increasingly Targeted With Fake Mobile Apps 90

An anonymous reader writes: A post by security company Avast says not only are a large amount of fake apps available from the third-party marketplace of the Windows Phone Store, but they also remain available for quite a while despite negative comments and other flags from end-users. Avast speculates that improved security and auditing procedures at rival stores such as Google Play account for the increasing attention that fake app-publishers are giving to the Windows phone app market.

Why Is RAM Suddenly So Cheap? It Might Be Windows 209

jfruh writes: The average price of a 4GB DDR3 memory DIMM at the moment $18.50 — a price that's far lower than at this time last year. Why is it so cheap? The memory business tends to go in boom and bust cycles, but the free availability of Windows 10 means that fewer people are upgrading their PCs, reducing RAM demand. Analyst Avril Wu said, "Notebook shipments in the third quarter fall short of what is expected for a traditional peak season mainly because Windows 10 with its free upgrade plan negatively impacted replaced sales of notebooks to some extent rather than driving the demand for these products." And prices might stay low for another two years.

From Microsoft, HoloLens VR Dev Kit, New Phones, Continuum 88

Ars Technica and scads of other tech hardware sites are reporting that the big news so far from this morning's Microsoft product launch event in New York is that the company's Hololens development kit will begin shipping in the first quarter of next year, and at a price that puts the units out of the hands of typical consumers: $3000. At that level, developers are more likely to make the plunge, which Ars applauds.

The company also announced three new smartphones: two of them, the Lumia 950, 950XL, are worth designating "flagships," while the 550, notably, will sell for $139, putting it in the territory of cheap grey-market Android phones. More interesting than spec bumps, though, is Continuum for Windows, a Window 10 feature which made its official debut at the event. Continuum is one manifestation of the pocket-computer idea that others have had as well in various forms: it means that with an adapter, a phone can be used as the CPU and graphics engine when connected to a screen and keyboard: "The adapter features a Microsoft Display Dock, an HDMI and Display Port, plus 3 USB ports to provide productivity on the go and let you plug in additional peripherals, such as mice and keyboards. Other accessories can be connected too, Microsoft said."

Microsoft also demo'd the Surface 4. Its improved screen is 12.3" at 2160x1440, for a pixel density of 267 PPI. The new pro has a Skylake 6th-gen processor, which they say provides a 30% performance boost over the Surface Pro 3, and a 50% boost over the MacBook Air. The SP4 goes up to 1TB of storage, and up to 16GB of RAM. The Type Cover was improved as well — the touchpad is 40% larger and supports 5-point multi-touch, while the keys have better travel and pitch.

On top of this, Microsoft also unveiled the Surface Book laptop. Its defining feature is that you can unclip the 13.5" touchscreen and use it separately as a tablet. The keyboard dock has a dedicated GPU that will boost performance when attached. Microsoft is using a new type of hinge that bends and extends at multiple points, so you can also reattach the screen backward if you want to use it as a tablet while keeping the extra GPU power available. They claim a 12-hour battery life for the Surface Book.

CodeWeavers To Release CrossOver For Android To Run Windows Programs 66

An anonymous reader writes: For the better part of three years there has been talk about running Wine on Android to bring Windows x86 programs to Android phones/tablets, and it's going to become a reality. CodeWeavers is planning to release CrossOver For Android before the end of the year. This will allow native Windows binaries to run on Android, but will be limited to Android-x86 due to struggles in emulating x86 Windows code on ARM. The tech preview will be free and once published the open-source patches will be published for Wine.

How Steve Jobs Outsmarted Carly Fiorina 328 writes: Carly Fiorina likes to boast about her friendship with Apple founder Steve Jobs but Fortune Magazine reports that it turns out Carly may have outfoxed of by Apple's late leader. In January 2004, Steve Jobs and Carly Fiorina cut a deal where HP could slap its name on Apple's wildly successful iPod and sell it through HP retail channels but HP still managed to botch things up. The MP3 player worked just like a regular iPod, but it had HP's logo on the back and in return HP agreed to continue pre-loading iTunes onto its PCs. According to Steven Levy soon after the deal with HP was inked, Apple upgraded the iPod, making HP's version outdated and because of Fiorina's deal HP was banned from selling its own music player until August 2006. "This was a highly strategic move to block HP/Compaq from installing Windows Media Store on their PCs," says one Apple source. "We wanted iTunes Music store to be a definitive winner. Steve only did this deal because of that."

In short, Fiorina's "good friend" Steve Jobs blithely mugged her and HP's shareholders. By getting Fiorina to adopt the iPod as HP's music player, Jobs had effectively gotten his software installed on millions of computers for free, stifled his main competitor, and gotten a company that prided itself on invention to declare that Apple was a superior inventor.
Hardware Hacking

Apple Bans iFixit Repair App From App Store After Apple TV Teardown 366

alphadogg writes: iFixit, the fix-it-yourself advocate for users of Apple, Google and other gear, has had its repair manual app banned from Apple's App Store after it conducted an unauthorized teardown of Apple TV and Siri remote. iFixit blogged "we're a teardown and repair company; teardowns are in our DNA -- and nothing makes us happier than figuring out what makes these gadgets tick. We weighed the risks, blithely tossed those risks over our shoulder, and tore down the Apple TV anyway." iFixit does still have Windows and Android apps, and has no immediate plans to rewrite its Apple app to attempt being reinstated.

Nerves Rattled By Highly Suspicious Windows Update Delivered Worldwide 217

An anonymous reader writes: If you're using Windows 7 you might want to be careful about which updates you install. Users on Windows forums are worried about a new "important" update that looks a little suspect. Ars reports: "'Clearly there's something that's delivered into the [Windows Update] queue that's trusted,' Kenneth White, a Washington DC-based security researcher, told Ars after contacting some of the Windows users who received the suspicious update. 'For someone to compromise the Windows Update server, that's a pretty serious vector. I don't raise the alarm very often but this has just enough characteristics of something pretty serious that I think it's worth looking at.'" UPDATE: Microsoft says there's nothing to worry about, the company "incorrectly published a test update."

500 Million Users At Risk of Compromise Via Unpatched WinRAR Bug 129

An anonymous reader writes: A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers to compromise a machine on which the software is installed. "The issue is located in the 'Text and Icon' function of the 'Text to display in SFX window' module," Vulnerability Lab explained in a post on on the Full Disclosure mailing list. "Remote attackers are able to generate own compressed archives with malicious payloads to execute system specific codes for compromise."

Apple, Microsoft Tout Their Privacy Policies To Get Positive PR 103

jfruh writes: Apple hasn't changed its privacy policy in more than a year — but that didn't stop the company from putting up a glossy website explaining it in layman's terms. Microsoft too has been touting its respect for its users's privacy. This doesn't represent any high-minded altruism on those companies' parts, of course; it's part of their battle against Google, their archrival that offers almost all of its services for free and makes its money mining user data.

Retro Roundup: Old Computers Emulated Right In Your Browser 78

An anonymous reader writes: If you ever wanted to program an Altair, an Apple I, or a COSMAC ELF you may think you either have to buy one (expensive now) or load and configure simulation software. However, there's a slew of browser-based emulators for everything from a PDP-11 to Windows 1.0 out there. Some use Java, but many use Javascript and many perform better on a modern PC then they did in their original. If you want to learn some history or just want to finally play with the computers you saw in the magazines 35 years ago, these are great fun and slightly addictive.

Ditch Linux For Windows 10 On Your Raspberry Pi With Microsoft's IoT Kit 308

An anonymous reader writes: Partnering with Adafruit, Microsoft has announced the Windows IoT Core Starter Kit. The $75 kit comes comes with an SD card preloaded with Windows 10 IoT. According to the Raspberry Pi blog: "The pack is available with a Pi 2 for people who are are new to Raspberry Pi or who'd like a dedicated device for their projects, or without one for those who'll be using a Pi they already own. The box contains an SD card with Windows 10 Core and a case, power supply, wifi module and Ethernet cable for your Pi; a breadboard, jumper wires and components including LEDs, potentiometers and switches; and sensors for light, colour, temperature and pressure. There's everything you need to start building."