Bug

NVIDIA GTX 970 Specifications Corrected, Memory Pools Explained 113

Posted by samzenpus
from the under-the-hood dept.
Vigile writes Over the weekend NVIDIA sent out its first official response to the claims of hampered performance on the GTX 970 and a potential lack of access to 1/8th of the on-board memory. Today NVIDIA has clarified the situation again, this time with some important changes to the specifications of the GPU. First, the ROP count and L2 cache capacity of the GTX 970 were incorrectly reported at launch (last September). The GTX 970 has 52 ROPs and 1792 KB of L2 cache compared to the GTX 980 that has 64 ROPs and 2048 KB of L2 cache; previously both GPUs claimed to have identical specs. Because of this change, one of the 32-bit memory channels is accessed differently, forcing NVIDIA to create 3.5GB and 0.5GB pools of memory to improve overall performance for the majority of use cases. The smaller, 500MB pool operates at 1/7th the speed of the 3.5GB pool and thus will lower total graphics system performance by 4-6% when added into the memory system. That occurs when games request MORE than 3.5GB of memory allocation though, which happens only in extreme cases and combinations of resolution and anti-aliasing. Still, the jury is out on whether NVIDIA has answered enough questions to temper the fire from consumers.
Windows

Windows 10: Charms Bar Removed, No Start Screen For Desktops 376

Posted by samzenpus
from the check-it-out dept.
jones_supa writes Late last week, Microsoft pushed out a new build (9926) of Windows 10 to those of you who are running the Technical Preview. The latest version comes with many new features, some easily accessible, others bubbling under, but two big changes are now certain: the Charms bar is dead, and Start Screen for large devices is no more. Replacing the Charms bar is the Action Center, which has many of the same shortcuts as the Charms bar, but also has a plethora of other information too. Notifications are now bundled into the Action Center and the shortcuts to individual settings are still easily accessible from this window. The Start Screen is no longer present for desktop users, the options for opening it are gone. Continuum is the future, and it has taken over what the Start Screen initiated with Windows 8.
Google

Google Explains Why WebView Vulnerability Will Go Unpatched On Android 4.3 579

Posted by samzenpus
from the no-patch-for-you dept.
MojoKid writes If you're running Android 4.3 or earlier, you're pretty much out of luck when it comes to a baked-in defense against a WebView vulnerability that was discovered earlier this month by security analyst Tod Beardsley. The vulnerability leaves millions of users open to attack from hackers that choose to exploit the security hole. WebView is a core component of the Android operating system that renders web pages. The good news is that the version of WebView included in Android 4.4 KitKat and Android 5.0 Lollipop is based on Chromium and is not affected by the vulnerability. The bad news is that those running Android 4.3 and earlier are wide open, which means that 60 percent of Android users (or nearly one billion customers) are affected. What's most interesting is that Google has no trouble tossing grenades at the feet of Microsoft and Apple courtesy of its Project Zero program, but doesn't seem to have the resources to fix a vulnerability that affects a substantial portion of the Android user base.
Privacy

Omand Warns of "Ethically Worse" Spying If Unbreakable Encryption Is Allowed 392

Posted by samzenpus
from the don't-make-it-hard-for-us dept.
Press2ToContinue writes In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Now, a former head of GCHQ, Sir David Omand has said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end. Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work." According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers. "You can say that will be more targeted but in terms of intrusion into personal privacy — collateral intrusion into privacy — we are likely to end up in an ethically worse position than we were before." That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes.
Google

Google Handed To FBI 3 Wikileaks Staffers' Emails, Digital Data 197

Posted by timothy
from the why-there-oughtta-be-a-constitution dept.
Ariastis writes Google took almost three years to disclose to the open information group WikiLeaks that it had handed over emails and other digital data belonging to three of its staffers to the FBI under a secret search warrant issued by a federal judge. WikiLeaks were told last month of warrants which were served in March 2012. The subjects of the warrants were the investigations editor of WikiLeaks, the British citizen Sarah Harrison; the spokesperson for the organisation, Kristinn Hrafnsson; and Joseph Farrell, one of its senior editors. When it notified the WikiLeaks employees last month, Google said it had been unable to say anything about the warrants earlier as a gag order had been imposed.
Security

Ed Felten: California Must Lead On Cybersecurity 80

Posted by timothy
from the so-goes-the-nation dept.
An anonymous reader writes In a Sacramento Bee op-ed, (in)famous computer security researcher Ed Felten responds to the State of the Union cybersecurity proposal. He doesn't mince words: "The odds of clearing Congress: low. The odds of materially improving security: even lower. "What he suggests as an alternative, though, is a surprise. "California," he writes, "could blaze a trail for effective cybersecurity policy." He calls for the state government to protect critical infrastructure and sensitive data, relying on outside auditors and experts. It's an interesting idea. Even if it doesn't go anywhere, at least it's some fresh thinking in this area of backward policy. From Felten's essay: Critical infrastructure increasingly relies on industrial automation systems. And those systems are often vulnerable – they keep a default password, for instance, or are accessible from the public Internet. These are not subtle or sophisticated errors. Fixing them requires basic due diligence, not rocket science. Requiring the state’s critical infrastructure providers to undergo regular security audits would be straightforward and inexpensive – especially relative to the enormous risks. Areas of sensitive data are also low-hanging cyber fruit. In health care, education and finance, California already imposes security and privacy requirements that go beyond federal law. Those legal mandates, though, are mostly enforced through after-the-fact penalties. Much like critical infrastructure, sectors that rely upon sensitive data would benefit from periodic outside auditing. Of any state government's, California's policies also have the chance to help (or harm) the most people: nearly 39 million people, according to a 2014 U.S. Census estimate.
Graphics

Ask Slashdot: GPU of Choice For OpenCL On Linux? 109

Posted by timothy
from the discriminating-tastes dept.
Bram Stolk writes So, I am running GNU/Linux on a modern Haswell CPU, with an old Radeon HD5xxx from 2009. I'm pretty happy with the open source Gallium driver for 3D acceleration. But now I want to do some GPGPU development using OpenCL on this box, and the old GPU will no longer cut it. What do my fellow technophiles from Slashdot recommend as a replacement GPU? Go NVIDIA, go AMD, or just use the integrated Intel GPU instead? Bonus points for open sourced solutions. Performance not really important, but OpenCL driver maturity is.
Encryption

OpenSSL 1.0.2 Released 96

Posted by timothy
from the early-days dept.
kthreadd writes The OpenSSL project has released its second feature release of the OpenSSL 1.0 series, version 1.0.2 which is ABI compatible with the 1.0.0 and 1.0.1 series. Major new features in this release include Suite B support for TLS 1.2 and DTLS 1.2 and support for DTLS 1.2. selection. Other major changes include TLS automatic EC curve selection, an API to set TLS supported signature algorithms and curves, the SSL_CONF configuration API, support for TLS Brainpool, support for ALPN and support for CMS support for RSA-PSS, RSA-OAEP, ECDH and X9.42 DH.
Bug

NVIDIA Responds To GTX 970 Memory Bug 145

Posted by timothy
from the can't-remeber-why-you'upset dept.
Vigile writes Over the past week or so, owners of the GeForce GTX 970 have found several instances where the GPU was unable or unwilling to address memory capacities over 3.5GB despite having 4GB of on-board frame buffer. Specific benchmarks were written to demonstrate the issue and users even found ways to configure games to utilize more than 3.5GB of memory using DSR and high levels of MSAA. While the GTX 980 can access 4GB of its memory, the GTX 970 appeared to be less likely to do so and would see a dramatic performance hit when it did. NVIDIA responded today saying that the GTX 970 has "fewer crossbar resources to the memory system" as a result of disabled groups of cores called SMMs. NVIDIA states that "to optimally manage memory traffic in this configuration, we segment graphics memory into a 3.5GB section and a 0.5GB section" and that the GPU has "higher priority" to the larger pool. The question that remains is should this affect gamers' view of the GTX 970? If performance metrics already take the different memory configuration into account, then I don't see the GTX 970 declining in popularity.
Bug

Linus Fixes Kernel Regression Breaking Witcher 2 126

Posted by timothy
from the where-is-your-itch? dept.
jones_supa writes There has been quite a debate around the Linux version of The Witcher 2: Assassins of Kings and the fact that it wasn't really a port. A special kind of wrapper was used to make the Windows version of the game run on Linux systems, similar to Wine. The performance on Linux systems took a hit and users felt betrayed because they thought that they would get a native port. However, after the game stopped launching properly at some point, the reason was actually found to be a Linux regression. Linus quickly took care of the issue on an unofficial Witcher 2 issue tracker on GitHub: "It looks like LDT_empty is buggy on 64-bit kernels. I suspect that the behavior was inconsistent before the tightening change and that it's now broken as a result. I'll write a patch. Serves me right for not digging all the way down the mess of macros." This one goes to the bin "don't break userspace". Linus also reminds of QA: "And maybe this is an excuse for somebody in the x86 maintainer team to try a few games on steam. They *are* likely good tests of odd behavior.."
Programming

By the Numbers: The Highest-Paying States For Tech Professionals 136

Posted by timothy
from the where-are-you-now? dept.
Nerval's Lobster writes The average technology professional made $89,450 in 2014, according to Dice's latest salary survey. When it comes to salaries, however, not all states and cities are created equal. Those tech pros living and working in Silicon Valley are the highest-paid in the country, with an average annual salary of $112,610—but that salary grew only 4 percent year-over-year, lagging behind cities such as Portland and Seattle. Dice has built an interactive map that shows where people are making the most (and least). As you click around, note how salary growth is particularly strong in parts of the West, the Northeast, and the South, while remaining stagnant (and even regressing) in some middle states. If anything, the map reinforces what many tech pros have known for years: that more cities and regions are becoming hubs of innovation.
Security

Made-In-Nigeria Smart Cards To Extend Financial Services To the Poor 40

Posted by timothy
from the all-you-need-is-this-card dept.
jfruh (300774) writes "A new factory producing smart cards opened in Lagos this week, promising to open up access to financial services to many poor Africans and other inhabitants of the Global South. The cards can be used by people without traditional bank accounts to access the worldwide credit card and smart phone infrastructure." From the article: Preliminary estimates indicate that there are currently about 150 million active SIM cards, 110 million biometric ID cards and 15 million credit and debit cards in Nigeria, [Nigerian president Goodluck] Jonathan said. As more financial-inclusion schemes, requiring more bank cards, are rolled out and different Nigerian states implement ID projects, the numbers of smart cards in use are expected to experience double-digit growth, he said.
Privacy

China Cuts Off Some VPNs 216

Posted by timothy
from the we-see-what-you-did-there dept.
jaa101 writes The Register (UK) and the Global Times (China) report that foreign VPN services are unavailable in China. A quote sourced to "one of the founders of an overseas website which monitors the Internet in China" claimed 'The Great Firewall is blocking the VPN on the protocol level. It means that the firewall does not need to identify each VPN provider and block its IP addresses. Rather, it can spot VPN traffic during transit and block it.' An upgrade of the Great Firewall of China is blamed and China appears to be backing the need for the move to maintain cyberspace sovereignty.
Security

Ask Slashdot: Best Anti-Virus Software In 2015? Free Or Paid? 467

Posted by Soulskill
from the what-would-you-put-on-your-grandma's-computer dept.
CryoKeen writes: I got a new laptop recently after trading in my old laptop for store credit. While I was waiting to check out, the sales guy just handed me some random antivirus software (Trend Micro) that was included with the purchase. I don't think he or I realized at the time that the CD/DVD he gave me would not work because my new laptop does not have a CD/DVD player.

Anyway, it got me wondering whether I should use it or not. Would I be better off downloading something like Avast or Malwarebytes? Is there one piece of antivirus software that's significantly better than the others? Are any of the paid options worthwhile, or should I just stick to the free versions? What security software would you recommend in addition to anti-virus?
Security

'Never Miss Another Delivery' - if You Have a TrackPIN (Video) 85

Posted by Roblimo
from the let-me-in-let-me-in-by-the-hair-on-my-chinny-chin-chin dept.
The company is called TrackPIN, as is the product. Its creator, Mark Hall, showed it off at CES. Timothy pointed his camcorder at Mark as he explained how his product would let you get package deliveries safely when you aren't home by giving the UPS or FedEx (or other) delivery person access to your garage, as well as letting in selected people like your maid, your plumber, and possibly an aquarium cleaner. Each one can have a private, one-time PIN number that will actuate your garage door opener through the (~$250) TrackPIN keypad and tell your smartphone or other net-connected device that your garage was just opened, and by whom. You might even call this, "One small step for package delivery; a giant leap forward for the Internet of Things." Except those of us who don't have garages (not to mention electric garage door openers) may want to skip today's video; the TrackPIN isn't meant for the likes of us. (Alternate Video Link)
Security

U.S. Gas Stations Vulnerable To Internet Attacks 100

Posted by Soulskill
from the many-points-of-failure dept.
itwbennett writes: Automated tank gauges (ATGs), which are used by gas stations in the U.S. to monitor their fuel tank levels can be manipulated over the Internet by malicious attackers, according to security firm Rapid7. "An attacker with access to the serial port interface of an ATG may be able to shut down the station by spoofing the reported fuel level, generating false alarms, and locking the monitoring service out of the system," said HD Moore, the chief research officer at Rapid7.
Encryption

Data Encryption On the Rise In the Cloud and Mobile 83

Posted by Soulskill
from the setting-a-standard dept.
dkatana writes: Overall, demand for encryption is growing. Cloud encryption services provider CipherCloud recently received a $50 million investment by Deutsche Telekom, which the company said positions it for "explosive growth" this year. The services are designed to allow corporations to benefit from the cost savings and elasticity of cloud-based data storage, while ensuring that sensitive information is protected.

Now, both Apple and Google are providing full encryption as a default option on their mobile operating systems with an encryption scheme they are not able to break themselves, since they don't hold the necessary keys.

Some corporations have gone as far as turning to "zero-knowledge" services, usually located in countries such as Switzerland. These services pledge that they have no means to unlock the information once the customer has entered the unique encryption keys. This zero-knowledge approach is welcomed by users, who are reassured that their information is impossible to retrieve — at least theoretically — without their knowledge and the keys.
Windows

Surface RT Devices Won't Get Windows 10 158

Posted by Soulskill
from the take-that-early-adopters dept.
whoever57 writes: In its announcement of Windows 10, Microsoft indicated not all devices would get the updated operating system. Now, Microsoft says its Surface devices running Windows RT won't be receiving full updates, though it does plan to roll some new functionality into them. "Given that Windows RT and RT 8.1 were designed for power economizing devices sporting 32-bit ARM architecture, and never had the same functionality — to many users' frustration — as full-blown Windows 8 and 8.1, it comes as little surprise that the RT versions of the operating system should be left out of the latest update loop. In fact, a week before Microsoft's big Windows 10 reveal on January 21, the company released firmware updates for all three models of its Intel-powered Surface Pro series, but neither of the ARM-based Surface tablets — the Surface 2 or Surface RT — received any new updates this month." The Surface Pro line of tablets, which run a normal version of Windows, will be getting an update to Windows 10.
China

Apple Agrees To Chinese Security Audits of Its Products 114

Posted by samzenpus
from the looking-behind-the-curtain dept.
itwbennett writes According to a story in the Beijing News, Apple CEO Tim Cook has agreed to let China's State Internet Information Office to run security audits on products the company sells in China in an effort to counter concerns that other governments are using its devices for surveillance. "Apple CEO Tim Cook agreed to the security inspections during a December meeting in the U.S. with information office director Lu Wei, according to a story in the Beijing News. China has become one of Apple’s biggest markets, but the country needs assurances that Apple devices like the iPhone and iPad protect the security and privacy of their users as well as maintain Chinese national security, Lu told Cook, according to an anonymous source cited by the Beijing News."
Encryption

Researchers Moot "Teleportation" Via Destructive 3D Printing 162

Posted by timothy
from the don't-tell-the-mpaa dept.
ErnieKey writes Researchers from German-based Hasso Plattner Institute have come up with a process that may make teleportation a reality — at least in some respects. Their 'Scotty' device utilizes destructive scanning, encryption, and 3D printing to destroy the original object so that only the received, new object exists in that form, pretty much 'teleporting' the object from point A to point B. Scotty is based on an off-the-shelf 3D printer modified with a 3-axis milling machine, camera, and microcontroller for encryption, using Raspberry Pi and Arduino technologies." This sounds like an interesting idea, but mostly as an art project illustrating the dangers of DRM. Can you think of an instance where you would actually want the capabilities this machine claims to offer?