By BeauHD from Slashdot's quick-before-it's-too-late department
wiredmikey writes: Adobe released a Flash Player update on Thursday night to patch a zero-day vulnerability that has been leveraged by cybercriminals to deliver malware via the Magnitude exploit kit. The vulnerability [CVE-2016-1019], a memory corruption that can be exploited for remote code execution, was discovered after, on April 2, security researcher Kafeine of Proofpoint noticed a change in the Magnitude exploit kit. The sample was then investigated by FireEye, which determined that Magnitude EK had been exploiting a previously unknown vulnerability in Flash Player. âoeDespite the fact that this new exploit could potentially work on any version of Adobe Flash, including a fully patched instance of Flash, the threat actors implemented it in a manner that only targeted older versions of Flash. In other words, equipped with a weapon that could pierce even the latest armor, they only used it against old armor, and in doing so exposed to security researchers a previously unreported vulnerability,â Proofpoint said in a blog post.Read Replies (0)
By BeauHD from Slashdot's development-environment department
An anonymous reader quotes a report from VentureBeat: Google today launched Android Studio 2.0, the latest version of its integrated development environment (IDE), with a long list of new features. You can download the new version for Windows, Mac, and Linux now directly from Android.com/SDK. In November, Google unveiled Android Studio 2.0, the second major version of its IDE. Version 2.0 brings a slew of improvements, including Instant Run, a faster Android emulator, and app indexing improvements. Google released a beta in February, though it didn't say when the final version would be ready ([VentureBeat] speculated in time for its I/O developer conference in May, and the company debuted with a month to spare).
The full feature list includes Instant Run, Android Emulator, Cloud Test Lab, App Indexing, and GPU Debugger Preview.Read Replies (0)
By BeauHD from Slashdot's controversial-bills department
kheldan quotes a report from Consumerist: Senators Richard Burr and Dianne Feinstein are expected to introduce a bill regarding phone encryption as soon as this week, according to Reuters. The draft text will give judges authority to order tech companies to help law enforcement when asked to -- basically, it would be a newer piece of law to fall back on than the All Writs Act of 1789, which is the one that usually sees use for this sort of thing. However, sources tell Reuters that the bill "does not spell out what companies might have to do or the circumstances under which they could be ordered to help," and therefore really doesn't necessarily change the underlying discussions at play, both in the tech world and in government. Nor does the bill specify penalties for failing to comply. The FBI recently briefed Senators Richard Burr and Dianne Feinstein on the methods used to unlock the San Bernardino terrorist's iPhone 5c. According to Reuters, the White House is declining to offer public support for draft legislation Burr and Feinstein are currently working on because the administration is "deeply divided on the issue." The White House has reviewed the text and offered feedback, but it is expected to provide minimal public input, if any, sources familiar with the discussions said.Read Replies (0)
By manishs from Slashdot's ditching-java department
An anonymous reader writes: Google has plans to make Apple's Swift object-oriented language a "first-class" language for Android, reports The Next Web. The publication, citing sources, adds that Google doesn't mean to replace the current first-class language for Android -- Java -- at least, "initially." Google sees an "upside" in using Swift, which Apple made open source last year. But a ton of things need to fall into place for this to work. From the report, "All told, Google would have to effectively recreate its efforts with Java -- for Swift. If the company is motivated enough, it's very possible to do so without compromising on its open source values or ruffling any developer feathers along the way." The company is also discussing internally about making Kotlin as a first-class language for Android. "Unlike Swift, Kotlin works with Android Studio, Google's IDE for Android development. Unfortunately, sources tell The Next Web that Google's current mindset is that Kotlin is a bit too slow when compiling."Read Replies (0)
By BeauHD from Slashdot's Big-Tent-model department
darthcamaro writes: The 13th release of OpenStack, codenamed Mitaka is now generally available with updates across all major projects. Among the biggest new capabilities in OpenStack Mitaka however isn't a new project or a new feature in a single existing project, but rather the official debut of the OpenStack Client, which creates for the first time a unified command line interface to control the cloud.
According to eWEEK: "The OpenStack client is a command line client that unifies access across all the main projects," Jonathan Bryce, executive director of the OpenStack Foundation, told eWEEK. So if an administrator wants to create a user, a block storage device or a virtual server, or attach to a network, all those functions are now enabled in the single tool that is the OpenStack client. The OpenStack client provides a standardized set of commands, whereas previously, each project had its own command line client, Bryce said. He added that the OpenStack client can be run locally or in the cloud, and can be configured to control multiple OpenStack clouds.Read Replies (0)
By manishs from Slashdot's autonomous-future department
An anonymous reader shares a report on Quartz: About a dozen trucks from major manufacturers like Volvo and Daimler just completed a week of largely autonomous driving across Europe, the first such major exercise on the continent. The trucks set off from their bases in three European countries and completed their journeys in Rotterdam in the Netherlands. One set of trucks, made by the Volkswagen subsidiary Scania, traveled more than 2,000 km and crossed four borders to get there. The trucks were taking part in the European Truck Platooning Challenge, organized by the Dutch government as one of the big events for its 2016 presidency of the European Union. While self-driving cars from Google or Ford get most of the credit for capturing the public imagination, commercial uses for autonomous or nearly autonomous vehicles, like tractors from John Deere, have been quietly putting the concept to work in a business setting.In related news, as tipped to us by a reader, "Swedish automaker Volvo is planning on bringing a fleet of 100 self-driving vehicles to China from next year, in a project which will see local drivers test autonomous cars on public roads in everyday driving conditions. Dangerous driving and congestion in Chinese cities will likely prove a difficult challenge for the fleet." I am particularly interested in learning how this autonomous truck is controlled. From the article, it appears that these vehicles utilize Wi-Fi. Based on so many security incidents we continue to come across, perhaps these companies should first work on solving the technical challenges to make these trucks safe -- that is, bolstering the hardware and software security.Read Replies (0)
By manishs from Slashdot's outsmarting-criminals department
An anonymous reader writes: The U.S. government set up a fake college called the University of Northern New Jersey as a trap to find and arrest 21 people on charges of visa fraud, reports Newsweek. The arrested 21 individuals were brokers, employers, and recruiters who conspired with more than 1,000 foreign nationals to fraudulently obtain student and foreign worker visas through a "pay to stay" New Jersey college, Department of Justice was quoted as saying. Those overseas students now face being deported from the United States for buying visas, in an alleged immigration scam worth up to $1m. From the report, "During conversations with undercover agents, one of the recruiters, Alvin Yeun, said 'we've been doing this for years' and told an agent not to worry. The 21 people arrested are residents are New Jersey, New York, California, Illinois and Georgia; some were also involved in committing work visa fraud."Read Replies (0)