An anonymous reader writes from a report via The Next Web: Microsoft CEO Satya Nadella has really embraced open source over the past couple of years. GitHub, a site that is home to a number of the web’s biggest collaborative code projects, has counted more than 5.8 million active users on its platform over the past 12 months, and says that Microsoft has the most open source contributors. Microsoft has 16, 419 contributors, beating out Facebook’s 15, 682 contributors, Docker’s 14, 059 contributors, and Google’s 12, 140 contributors. The Next Web reports: “Of course, this didn’t happen overnight. In October 2014, it open sourced its .NET framework, which is the company’s programming infrastructure for building and running apps and services — a major move towards introducing more developers to its server-side stack. Since then, it’s open sourced its Chakra JavaScript engine, Visual Studio’s MSBuild compiling engine, the Computational Networks Toolkit for deep learning applications, its Xamarin tool for building cross-platform apps and most recently, PowerShell. It’s also worth noting that the company’s Visual Studio Code text editor made GitHub’s list of repositories with the most contributors. You can check out these lists, as well as other data from GitHub’s platform on this page.” GitHub CEO Chris Wanstrath said in an interview with Fortune, “The big .Net project has more people outside of Microsoft contributing to it than people who work at Microsoft.” Read more of this story at Slashdot.
Follow this link:
Microsoft Has More Open Source Contributors On GitHub Than Facebook and Google
Trailrunner7 writes from a report via On the Wire: Attackers can add an arbitrary page to the end of a Google login flow that can steal users’ credentials, or alternatively, send users an arbitrary file any time a login form is submitted, due to a bug in the login process. A researcher in the UK identified the vulnerability recently and notified Google of it, but Google officials said they don’t consider it a security issue. The bug results from the fact that the Google login page will take a specific, weak GET parameter. Using this bug, an attacker could add an extra step to the end of the login flow that could steal a user’s credentials. For example, the page could mimic an incorrect password dialog and ask the user to re-enter the password. [Aidan Woods, the researcher who discovered the bug, ] said an attacker also could send an arbitrary file to the target’s browser any time the login form is submitted. In an email interview, Woods said exploiting the bug is a simple matter. “Attacker would not need to intercept traffic to exploit — they only need to get the user to click a link that they have crafted to exploit the bug in the continue parameter, ” Woods said. Google told Woods they don’t consider this a security issue. Read more of this story at Slashdot. 
MojoKid writes from a report via HotHardware: Following rumors of a more powerful console in Sony’s not-too-distant future — one that will be capable of playing games at a 4K resolution — the Japanese electronics maker last month opted to confirm it is indeed in development. Called PlayStation 4 Neo, the upgraded system will bring better hardware to the console scene to meet the needs of gaming on a television with four times as many pixels as a Full HD 1080p display. What’s it going to take to game at 4K in the living room? A leaked internal document outlines some very interesting specs of the new model PS4 console. Assuming the leaked document is up to date with Sony’s current plans, the PS4 Neo will use the same Jaguar cores as the original PS4, but clocked 500MHz faster, with 8 cores at 2.1GHz (up from 1.6GHz). The more significant upgrade will be the GPU. According to the slide, the PS4 Neo will use an improved version of AMD’s GCN compute units (CUs), with twice the number of CUs at 36 instead of 18. They’ll also be clocked faster — 911MHz versus 800MHz. The net result is a 2.3x improvement in floating point performance. Read more of this story at Slashdot. 
Business have lost over $3 billion because of compromised e-mail accounts, the FBI reports, citing “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments.” 22, 143 business have been affected — 14, 302 within the U.S. — with a total dollar loss of $3, 086, 250, 090, representing an increase of 1, 300% since January of 2015. Using social engineering or “computer intrusion techniques, ” the attackers target employees responsible for wire transfers (or issuing checks) using five scenarios, which include bogus invoices or executive requests for a wire transfer of funds, with some attackers even impersonating a corporate law firm. “Victims report that IP addresses frequently trace back to free domain registrars, ” warns the FBI’s Internet Crime Complaint Center, which also urges businesses to avoid free web-based e-mail accounts. Read more of this story at Slashdot.