An anonymous reader writes Last month, Google took the bold steps to release the details of a security vulnerability ahead of Microsoft. Microsoft responded and said that there was a patch in works which was set to be released two days after Google went live with the details. Microsoft accuses Google for refusing to wait an extra 48 hours so that the patch would have been released along with the details of the exploit. Now, let’s see what is happening on the Google side of software development. Recently, an exploit has been uncovered in the WebView component of Android 4.3 — estimated to cover roughly 60% of Android install base — and Google is saying that they will not patch the flaw. Google’s only reasoning seems to be that they are not fixing vulnerabilities in 4.3 (introduced in June 2012) anymore, as they have moved focus to newer releases. It would appear that over 930 million Android phones in use are out of official Google security patch support. Read more of this story at Slashdot.
See the article here:
Google Throws Microsoft Under Bus, Then Won’t Patch Android Flaw
schwit1 sends this report from The Verge: Most anti-piracy tools take one of two paths: they either target the server that’s sharing the files (pulling videos off YouTube or taking down sites like The Pirate Bay) or they make it harder to find (delisting offshore sites that share infringing content). But leaked documents reveal a frightening line of attack that’s currently being considered by the MPAA: What if you simply erased any record that the site was there in the first place? To do that, the MPAA’s lawyers would target the Domain Name System that directs traffic across the internet. The tactic was first proposed as part of the Stop Online Piracy Act (SOPA) in 2011, but three years after the law failed in Congress, the MPAA has been looking for legal justification for the practice in existing law and working with ISPs like Comcast to examine how a system might work technically. If a takedown notice could blacklist a site from every available DNS provider, the URL would be effectively erased from the internet. No one’s ever tried to issue a takedown notice like that, but this latest memo suggests the MPAA is looking into it as a potentially powerful new tool in the fight against piracy. Read more of this story at Slashdot. 
dcblogs writes U.S. officials Friday announced plans to spend $325 million on two new supercomputers, one of which may eventually be built to support speeds of up to 300 petaflops. The U.S. Department of Energy, the major funder of supercomputers used for scientific research, wants to have the two systems – each with a base speed of 150 petaflops – possibly running by 2017. Going beyond the base speed to reach 300 petaflops will take additional government approvals. If the world stands still, the U.S. may conceivably regain the lead in supercomputing speed from China with these new systems. How adequate this planned investment will look three years from now is a question. Lawmakers weren’t reading from the same script as U.S. Energy Secretary Ernest Moniz when it came to assessing the U.S.’s place in the supercomputing world. Moniz said the awards “will ensure the United States retains global leadership in supercomputing.” But Rep. Chuck Fleischmann (R-Tenn.) put U.S. leadership in the past tense. “Supercomputing is one of those things that we can step up and lead the world again, ” he said. Read more of this story at Slashdot. 
HughPickens.com writes: Ron Nixon reports in the NY Times that the United States Postal Service says it approved nearly 50, 000 requests last year from law enforcement agencies and its own internal inspection unit to secretly monitor the mail of Americans for use in criminal and national security investigations, in many cases without adequately describing the reason or having proper written authorization. In addition to raising privacy concerns, the audit questioned the efficiency and accuracy of the Postal Service in handling the requests. The surveillance program, officially called mail covers, is more than a century old, but is still considered a powerful investigative tool. The Postal Service said that from 2001 through 2012, local, state and federal law enforcement agencies made more than 100, 000 requests to monitor the mail of Americans. That would amount to an average of some 8, 000 requests a year — far fewer than the nearly 50, 000 requests in 2013 that the Postal Service reported in the audit (PDF). In Arizona in 2011, Mary Rose Wilcox, a Maricopa County supervisor, discovered that her mail was being monitored by the county’s sheriff, Joe Arpaio. Wilcox had been a frequent critic of Arpaio, objecting to what she considered the targeting of Hispanics in his immigration sweeps. Wilcox sued the county, was awarded nearly $1 million in a settlement in 2011 and received the money this June when the Ninth Circuit Court of Appeals upheld the ruling. Andrew Thomas, the former county attorney, was disbarred for his role in investigations into the business dealings of Ms. Wilcox and other officials and for other unprofessional conduct. “I don’t blame the Postal Service, ” says Wilcox, “but you shouldn’t be able to just use these mail covers to go on a fishing expedition. There needs to be more control.” Read more of this story at Slashdot. 
Chrome: Gmail does an excellent job of blocking spam, but sometimes you just want to go the extra mile and prevent some mail from ever reaching your account. BlockSender is a Chrome Extension for Gmail that can trick the sender into thinking your email address is incorrect. Read more… 
An anonymous reader sends this story from Wired: “The Lunar Orbiter Image Recovery Project has since 2007 brought some 2, 000 pictures back from 1, 500 analog data tapes. They contain the first high-resolution photographs ever taken from behind the lunar horizon, including the first photo of an earthrise. Thanks to the technical savvy and DIY engineering of the team at LOIRP, it’s being seen at a higher resolution than was ever previously possible. … The photos were stored with remarkably high fidelity on the tapes, but at the time had to be copied from projection screens onto paper, sometimes at sizes so large that warehouses and even old churches were rented out to hang them up. The results were pretty grainy, but clear enough to identify landing sites and potential hazards. After the low-fi printing, the tapes were shoved into boxes and forgotten. … The drives had to be rebuilt and in some cases completely re-engineered using instruction manuals or the advice of people who used to service them. The data they recovered then had to be demodulated and digitized, which added more layers of technical difficulties.” Read more of this story at Slashdot. 
New submitter Smerta writes “On Thursday, a jury verdict found Toyota’s ECU firmware defective, holding it responsible for a crash in which a passenger was killed and the driver injured. What’s significant about this is that it’s the first time a jury heard about software defects uncovered by a plaintiff’s expert witnesses. A summary of the defects discussed at trial is interesting reading, as well the transcript of court testimony. ‘Although Toyota had performed a stack analysis, Barr concluded the automaker had completely botched it. Toyota missed some of the calls made via pointer, missed stack usage by library and assembly functions (about 350 in total), and missed RTOS use during task switching. They also failed to perform run-time stack monitoring.’ Anyone wonder what the impact will be on self-driving cars?” Read more of this story at Slashdot.