hash – Page 10 – Tech Today w/ Ken May

Copyright case over “Happy Birthday” is done, trial canceled

With less than a week to go before a trial, a class-action lawsuit over the copyright status of “Happy Birthday” has been resolved. Details of the settlement, including what kind of uses will be allowed going forward, are not clear. A short order (PDF) filed yesterday by US Chief District Court Judge George King says that all parties have agreed to a settlement, and it vacates a trial which was scheduled to start on December 15. The key turning point came in September , when King ruled that Warner/Chappell’s copyright transfer was invalid because there was no proof it was ever properly transferred from the Hill sisters, who claimed to have written the song. The trial would have addressed damages issues. Also looming was a late copyright claim by Association for Childhood Education International (ACEI), a children’s’ charity affiliated with the Hill sisters. ACEI came forward in November to say that if Warner/Chappell didn’t own the song, it did. The settlement revealed yesterday resolves all claims by the plaintiffs, Warner/Chappell, and ACEI. Read 4 remaining paragraphs | Comments

Thunderbird “a tax” on Firefox development, and Mozilla wants to drop it

Mozilla would like to drop Thunderbird from its list of projects. (credit: Andrew Cunningham) You might know Mozilla primarily for its Firefox browser, but for many years the company has also developed an e-mail client called Thunderbird. The two projects use the same rendering engine and other underlying technology, but Mozilla Executive Chairwoman Mitchell Baker has announced that Mozilla would like to stop supporting Thunderbird, calling its continuing maintenance “a tax” on the more important work of developing Firefox. “Many inside of Mozilla, including an overwhelming majority of our leadership, feel the need to be laser-focused on activities like Firefox that can have an industry-wide impact,” Baker writes. “With all due respect to Thunderbird and the Thunderbird community, we have been clear for years that we do not view Thunderbird as having this sort of potential.” Mozilla doesn’t plan to drop Thunderbird immediately, however—the current maintenance schedule will continue and Thunderbird users can continue to use the product. But the end goal for Mozilla, according to Baker, is to find “the right kind of legal and financial home” for the Thunderbird project, and “[separate] itself from reliance on Mozilla development systems and in some cases, Mozilla technology.” In other words, the company would like to give Thunderbird to people who will take care of it, freeing the Firefox team from having to worry about it. Read 1 remaining paragraphs | Comments

Apple’s A9X has a 12-core GPU and is made by TSMC

Enlarge / A die shot of the A9X. The ratio of GPU to CPU is becoming pretty insane. (credit: Chipworks via AnandTech ) Apple makes interesting chips for its mobile devices, but it doesn’t talk about them much aside from extremely high-level relative performance comparisons. That means it’s up to experts like the ones at Chipworks to open them up and figure it out, and they’ve partnered up with AnandTech to dig into the A9X in the iPad Pro. The most significant news is about the GPU, which is a 12-core Imagination Technologies PowerVR Series 7XT design. The company doesn’t generally offer a 12-core design, as shown in the chart below, but the architecture is designed to be easily scalable and it wouldn’t be the first time Apple had gotten something from a supplier that other companies couldn’t get. The standard A9 in the iPhone 6S and 6S Plus uses a 6-core version of the same GPU. Apple feeds that GPU with a 128-bit memory bus, something that it’s also included in other iPads to boost memory bandwidth and GPU performance. The Series 7XT lineup. The iPad Pro’s GPU falls somewhere in between the stock 8-cluster and 16-cluster designs. (credit: Imagination Technologies) Imagination’s chart for the Series 7XT GPU puts a hypothetical 12-core design in the same general performance neighborhood as an Nvidia GeForce GT 730M, a low-end discrete GPU that’s a bit slower than the stuff Apple is shipping in its high-end MacBook Pros. Our own graphics benchmarks place it a bit higher than that, but as some of you have pointed out , iOS may have a small advantage in some of these tests because of differences between the mobile OpenGL ES API in iOS and the standard OpenGL API used in OS X. Read 2 remaining paragraphs | Comments

The National Security Letter spy tool has been uncloaked, and it’s bad

It took 11 years to finally unveil what the FBI demands in a National Security Letter. How it evolved over the years is shown above. (credit: ACLU ) The National Security Letter (NSL) is a potent surveillance tool that allows the government to acquire a wide swath of private information—all without a warrant. Federal investigators issue tens of thousands of them each year to banks, ISPs, car dealers, insurance companies, doctors, and you name it. The letters don’t need a judge’s signature and come with a gag to the recipient, forbidding the disclosure of the NSL to the public or the target. Nicholas Merrill (credit: Wikipedia ) For the first time, as part of a First Amendment lawsuit, a federal judge ordered the release of what the FBI was seeking from a small ISP as part of an NSL. Among other things, the FBI was demanding a target’s complete Web browsing history, IP addresses of everyone a person has corresponded with, and records of all online purchases, according to a court document unveiled Monday. All that’s required is an agent’s signature denoting that the information is relevant to an investigation. “The FBI has interpreted its NSL authority to encompass the websites we read, the Web searches we conduct, the people we contact, and the places we go. This kind of data reveals the most intimate details of our lives, including our political activities, religious affiliations, private relationships, and even our private thoughts and beliefs,” said Nicholas Merrill, who was president of Calyx Internet Access in New York when he received the NSL targeting one of his customers in 2004. Read 6 remaining paragraphs | Comments

Continued here:
The National Security Letter spy tool has been uncloaked, and it’s bad

Hey Reader’s Digest: Your site has been attacking visitors for days

Enlarge (credit: Malwarebytes ) An active hacking campaign is forcing Reader’s Digest and many other websites to host malicious code that can surreptitiously infect visitors with malware and linger for days or weeks before being cleaned up. Reader’s Digest has been infected since last week with code originating with Angler, an off-the-shelf hack-by-numbers exploit kit that saves professional criminals the hassle of developing their own attack scripts, researchers from antivirus provider Malwarebytes told Ars. People who visit the site with outdated versions of Adobe Flash, Internet Explorer, and other browsing software are silently infected with malware that gains control over their computers. Malwarebytes researchers said they sent Reader’s Digest operators e-mails and social media alerts last week warning the site was infected but never got a response. The researchers estimate that thousands of other sites have been similarly attacked in recent weeks and that the number continues to grow. “This campaign is still ongoing and we see dozens of new websites every day being leveraged to distribute malware via the Angler exploit kit,” Malwarebytes Senior Security Researcher Jérôme Segura wrote in an e-mail. “This attack may have been going on for some time but we noticed a dramatic increase in infections via WordPress sites in the past couple of weeks.” Read 3 remaining paragraphs | Comments

See the article here:
Hey Reader’s Digest: Your site has been attacking visitors for days

Managing a 100-percent renewable grid, without batteries

(credit: US DOE ) Stanford researcher Mark Jacobson likes to take current thinking about renewable energy and supersize it. Rather than aiming for 50 percent renewables, like California is , he has analyzed what it would take for each of the 50 states to go fully renewable . It would apparently involve so many offshore wind turbines that hurricanes headed toward the States would be suppressed. Now, he and a few collaborators are back with a more detailed look at how to manage the grid stability issues that come with large amounts of intermittent generators, like photovoltaic panes and wind turbines. Normally, issues of intermittency are expected to be handled by fossil fuel power and batteries. But the new analysis suggests we don’t need any of that—and we don’t need biofuels or nuclear, either. Instead, it suggests we could manage a 100-percent renewable grid through a combination of hydrogen production and heat storage. None of this is entirely new. People have been talking about generating hydrogen from renewable energy for years—with a fuel cell, it can be used to power cars or generate electricity as needed. And the paper cites an existing community that’s already using solar energy to generate heat that’s stored under ground. But, as with Jacobson’s past analyses, they are taken to new scales here. Read 11 remaining paragraphs | Comments

More:
Managing a 100-percent renewable grid, without batteries

Iranian military spear-phish of State Department employees detected first by Facebook

The Facebook and email accounts of US State Department officials focused on Iran were hacked, and possibly used to gather data about US-Iranian dual citizens in Iran. More details have emerged about the hacking the computers of US State Department and other government employees, first revealed earlier this month in a Wall Street Journal report . The intrusions by hackers purported to be associated with the Iranian Revolutionary Guard may be tied to the arrest of an Iranian-American businessman in Tehran in October and other arrests of dual citizens in Iran. The attackers used compromised social media accounts of junior State Department staff as part of a “phishing” operation that compromised the computers of employees working in the State Department’s Office of Iranian Affairs and Bureau of Near Eastern Affairs and computers of some journalists. The first warning of the attacks came from Facebook, which alerted some of the affected users that their accounts had been compromised by a state-sponsored attack, the New York Times reports . The Iranian Revolutionary Guard hackers used the access to identify the victims’ contacts and build “spear-phishing” attacks that gave them access to targeted individuals’ e-mail accounts. The attack “was very carefully designed and showed the degree to which they understood which of our staff was working on Iran issues now that the nuclear deal is done,” an unnamed senior US official told the Times . This most recent attack, which came after a brief period of little or no Iranian activity against US targets over the summer according to data from Check Point and iSight Partners, was a change from tactics previously associated with Iranian hackers. Earlier attacks attributed to Iran were focused on taking financial services companies’ websites offline and destroying data—such as in the attack attack on casino company Las Vegas Sands Corp. last year after its majority owner called for a nuclear attack on Iran. These attacks may not have been carried out by the Iranian government but by Iranian or pro-Iranian “hacktivists.” The State Department attack, however, was more subtle and aimed at cyber-espionage rather than simple vengeance—bearing hallmarks of tactics attributed to Chinese state-sponsored hackers. Read 1 remaining paragraphs | Comments

Follow this link:
Iranian military spear-phish of State Department employees detected first by Facebook

Tesla Model X production starts in earnest, pricing revealed

(credit: Tesla) Several months ago we found out pricing for the fully loaded “Signature” edition Tesla Model X electric SUV. Now, we’ve got a better idea of what the cheapest Model X will set you back: $80,000 before any options and tax rebates or incentives. That’s for the 70D, which has all-wheel drive (a motor for each axle) and a 70kWh battery (pricing for the 90D and P90D haven’t been announced). That’s $5000 more than the equivalent Model S sedan , which hits 60mph a little quicker and has a slightly longer range than the SUV but not the same funky rear doors. The distinctive Falcon wing doors are Tesla’s approach to making an SUV with all the utility of a minivan; that was how Elon Musk described the design brief back in September. By opening up and out, they’re supposed to give better access to the rear seats while taking up less space than a traditional door. There are three different interior layouts. The base 70D is a five seater, but there’s also a six seat version (three rows of two) for an extra $3000 and seven seats are yours for $4500. Tesla released the pricing information for the 70D Model X at the same time it told customers with preorders that they can begin configuring their vehicles. Screenshots of the online configurator provided by Tesla to Ars state that Model X deliveries will begin in early 2016, starting with range-topping P90D orders. “Lesser” 90D Model Xs follow by mid-year, with 70D deliveries before 2017. Read 1 remaining paragraphs | Comments

View article:
Tesla Model X production starts in earnest, pricing revealed

TrueCrypt is safer than previously reported, detailed analysis concludes

(credit: Khürt Williams ) The TrueCrypt whole-disk encryption tool used by millions of privacy and security enthusiasts is safer than some studies have suggested, according to a comprehensive security analysis conducted by the prestigious Fraunhofer Institute for Secure Information Technology. The extremely detailed 77-page report comes five weeks after Google’s Project Zero security team disclosed two previously unknown TrueCrypt vulnerabilities . The most serious one allows an application running as a normal user or within a low-integrity security sandbox to elevate privileges to SYSTEM or even the kernel. The Fraunhofer researchers said they also uncovered several additional previously unknown TrueCrypt security bugs. Despite the vulnerabilities, the analysis concluded that TrueCrypt remains safe when used as a tool for encrypting data at rest as opposed to data stored in computer memory or on a mounted drive. The researchers said the vulnerabilities uncovered by Project Zero and in the Fraunhofer analysis should be fixed but that there’s no indication that they can be exploited to provide attackers access to encrypted data stored on an unmounted hard drive or thumb drive. According to a summary by Eric Bodden , the Technische Universität Darmstadt professor who led the Fraunhofer audit team: Read 4 remaining paragraphs | Comments

View article:
TrueCrypt is safer than previously reported, detailed analysis concludes

Android adware can install itself even when users explicitly reject it

(credit: Lookout) Two weeks ago, Ars reported on newly discovered Android adware that is virtually impossible to uninstall . Now, researchers have uncovered malicious apps that can get installed even when a user has expressly tapped a button rejecting the app. The hijacking happens after a user has installed a trojanized app that masquerades as an official app available in Google Play and then is made available in third-party markets. During the installation, apps from an adware family known as Shedun try to trick people into granting the app control over the Android Accessibility Service , which is designed to provide vision-impaired users alternative ways to interact with their mobile devices. Ironically enough, Shedun apps try to gain such control by displaying dialogs such as this one, which promises to help weed out intrusive advertisements. From that point on, the app has the ability to display popup ads that install highly intrusive adware. Even in cases where a user rejects the invitation to install the adware or takes no action at all, the Shedun-spawned app uses its control over the accessibility service to install the adware anyway. Read 4 remaining paragraphs | Comments

View original post here:
Android adware can install itself even when users explicitly reject it