Today Phil Schiller took to the stage at the Yerba Buena Center for the Arts in San Francisco, where he announced the long-expected iPhone 5. The casing is made entirely of glass and aluminum, and it's 7.6mm thick, which is 18% thinner than the iPhone 4S. It weighs in at 112 grams, which is 20% lighter than the 4S. Schiller confirmed that the iPhone 5 has a 4" display, with a resolution of 1136x640. It's a 16:9 aspect ratio. The screen is the same width as a 4S, but it's taller. To accommodate older apps, they either center the app or add black bars to make it look right. The new device also has LTE support. Tim Cook spoke earlier about the iPad, making some interesting claims: "Yes, we are in a post-PC world." He also claimed 68% tablet market share for the iPad, and says iPads account for 91% of tablet-based web traffic. The event is continuing, and we'll update this post as further announcements appear. A real-time liveblog is being quickly updated at Ars Technica. Update: 09/12 18:16 GMT by S : Further details below.

wiredmikey writes with this excerpt from Security Week: "The Disttrack/Shamoon malware, while destructive, appears to be the work of amateurs and not elite and sophisticated developers, according to the latest analysis. The malware proved that it was possible for developers to subvert legitimate kernel-mode applications for malicious purposes, but it appears that the malware could have been even more destructive and dangerous, if it had not been for a series of programming mistakes in the code, according to recent analysis from Kaspersky Lab. Other suggestions that the developers behind the Shamoon malware are not high-profile programmers include that the command-and-control server is hard-coded as two addresses, which limits the tool since if the address ever changes, the infected machine can no longer receive instructions. The developers were most likely motivated by political reasons, as the malware overwrote existing files with a fragment of an image of a burning American flag. The Malware has also been reported to be linked to the recent Saudi Aramco attack, which some reports have suggested that insiders may have been partly involved. Saudi Aramco hasn't officially said what type of malware hit its systems."

Mansing writes "Citizens need to evaluate if they are indeed safer for all the 'security precautions' put into place. 'The U.S. Department of Homeland Security has rushed to acquire a new, multibillion-dollar version of the BioWatch system for detecting biological attacks without establishing whether it was needed or would work, according to a new report by a nonpartisan investigative arm of Congress. ... The existing system's repeated false alarms have triggered tense, high-stakes deliberations over whether to order mass evacuations, distribute emergency medicines or shut down major venues.' Is this just more money funneled to U.S. companies, or is this really keeping the U.S. safer? Are the same types of 'security precautions' being instituted in Spain and the UK? Or is this preying on fear a uniquely U.S. phenomenon?"

snydeq writes "Self-taught technologists are almost always better hires than those with a bachelor's degree in computer science and a huge student loan, writes Andrew Oliver. 'A recruiter recently asked me why employers are so picky. I explained that of the people who earned a computer science degree, most don't know any theory and can't code. Instead, they succeed at putting things on their resume that match keywords. Plus, companies don't consider it their responsibility to provide training or mentoring. In fairness, that's because the scarcity of talent has created a mercenary culture: "Now that my employer paid me to learn a new skill, let me check to see if there's an ad for it on Dice or Craigslist with a higher rate of pay." When searching for talent, I've stopped relying on computer science degrees as an indicator of anything except a general interest in the field. Most schools suck at teaching theory and aren't great at Java instruction, either. Granted, they're not much better with any other language, but most of them teach Java.'"

miller60 writes "GoDaddy says yesterday's downtime was caused by internal network problems that corrupted data in router tables. 'The service outage was not caused by external influences,' said Scott Wagner, Go Daddy's Interim CEO. 'It was not a 'hack' and it was not a denial of service attack (DDoS). ... At no time was any customer data at risk or were any of our systems compromised.' The outage lasted for at least six hours, and affected web sites and email for customers of the huge domain registrar."

jfruh writes "Apple's spent more than a decade on version 10 — or, rather, X — of its flagship operating system, with .x versions named after big cats (and many of them, it turns out, after the same big cats). Ubuntu Linux is scrambling to find ever more obscure animals to alliteratively name its versions after. And let's not even talk about Windows, whose current shipping OS is sold as Windows 7 but is really Windows NT 6.1. Why is this area of software marketing so ridiculous?"

chicksdaddy writes "The cloud-based hosting firm MediaFire has reversed a decision to suspend the account of virus researcher Mila Parkour after Naked Security raised questions about copyright violation complaints made against her by the mysterious firm LeakID. In an email to Parkour on Friday, MediaFire's director of customer support, Daniel Goebel, said that the company was restoring Parkour's access to her MediaFire account and apologized for the interruption in service. MediaFire also said it was asking LeakID, the Paris-based firm that accused Parkour of sharing copyrighted material, to 'confirm the status of the counterclaim [Parkour] submitted.' However, the firm is still blocking access to files that LeakID alleged were violating the US Digital Millennium Copyright Act (DMCA), a strict copyright enforcement law in the U.S."

Trailrunner7 writes "Saudi Aramco says that the virus attack that compromised tens of thousands of the company's workstations last month never endangered the company's oil production capabilities and that all of the affected systems have been brought back online and restored. The attack on Aramco has been linked by researchers to the Shamoon malware, but company officials did not comment on the nature or provenance of the malware. The attack hit Aramco, one of the larger oil producers in the world, on August 15 and the company soon took its main Web sites offline as it investigated the extent and nature of the compromise. A group of attackers calling itself the Cutting Sword of Justice took credit for the attack through a post on Pastebin, saying that the operation had destroyed data on 30,000 machines, including both workstations and servers. The company originally did not comment on the extent of the damage to its network, simply saying that it had suffered an attack and was in the process of cleaning it up. On Monday, company officials said that security staffers had restored all of the infected machines and that its operations were back to normal."

An anonymous reader writes "A member of the Anonymous hacktivist group appears to have taken down GoDaddy with a massive Distributed Denial of Service (DDoS). The widespread issue seems to be affecting countless websites and services around the world, although not for everyone. Godaddy.com is down, but so are some of the site's DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It's currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve."

A cascading hardware outage struck subscription payment provider Recurly last week, and that started a long example in how not to manage critical infrastructure. From the article: "Last Monday, the payment provider suffered an intermittent hardware failure, which prevented the company from processing either payments or refunds. The company says it serves over 1,000 customers, including Adobe, BrightCove, and Fox News Radio, processing recurring payments for subscriptions. By Friday, the company still hadn’t completely straightened out the mess, providing updates to customers using payment gateways such as Authorize.net and LinkPoint/First Data."

jfruh writes "What's the longest tech interview you've had to sit through — two hours? Eight? Ruby on Rails devs who want to work for Hashrocket need to travel to Florida and do pair-programming on real projects for a week before they can be hired. The upside is that you'll be put up in a beachfront condo for the week with your significant other; the downside is that you'll be doing real work for a week for little or no pay and no guarantee of a job slot."

CowboyRobot writes "Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs 'toll fraud' — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available."

way2trivial writes with this snippet from Information Week about a warning from Microsoft reminding Windows administrators that an update scheduled for October 9th will require a higher standard for digital certificates. "That warning comes as Microsoft prepares to release an automatic security update for Windows on Oct. 9, 2012, that will make longer key lengths mandatory for all digital certificates that touch Windows systems. ... Internet Explorer won't be able to access any website secured using an RSA digital certificate with a key length of less than 1,024 bits. ActiveX controls might be blocked, users might not be able to install applications, and Outlook 2010 won't be able to encrypt or digitally sign emails, or communicate with an Exchange server for SSL/TLS communications."

dgharmon writes with word from the BBC that "A U.S. hacker who sold access to thousands of hijacked home computers has been jailed for 30 months. Joshua Schichtel of Phoenix, Arizona, was sentenced for renting out more than 72,000 PCs that he had taken over using computer viruses." Time is cheap: Schichtel admitted to giving access to those 72,000 computers for $1500.

AdmiralXyz writes "Even the darkest corners of the internet aren't immune to the Web 2.0 boom: BoingBoing reports that 4chan is working on the largest codebase update in its history. The new 4chan will include as standard the functionality of popular browser plugins for using the site, as well as a JSON API so- hooray?- anyone can have immediate access to the contents of 4chan for any purpose they like. This represents a significant update to the heretofore haphazard development process of 4chan, and opens up the possibility of third-party 4chan apps... though probably not on the App Store."