×
Programming

The Headaches of Cross-Platform Mobile Development 197

Posted by samzenpus from the hard-stuff-is-hard dept.
snydeq writes "Increased emphasis on distinctive smartphone UIs means even more headaches for cross-platform mobile developers, writes Fatal Exception's Neil McAllister, especially as users continue to favor native over Web-based apps on mobile devices. 'Google and Microsoft are both placing renewed emphasis on their platforms' user experience. That means not just increased competition among smartphone and tablet platforms, but also new challenges for mobile application developers. ... The more the leading smartphone platform UIs differ from one another, the more effort is required to write apps that function comparably across all of them. Dialog boxes, screen transitions, and gestures that are appropriate for one platform might be all wrong for another. Coding the same app for three or four different sets of user interface guidelines adds yet another layer of cost and complexity to cross-platform app development."
Government

Post-9/11 DOJ Tech Project Dying After 10 Years? 115

Posted by samzenpus from the time-to-give-up dept.
gManZboy writes "A secure, interoperable radio network that the Department of Justice has been working on for more than a decade and that has cost the agency $356 million may be headed for failure, according to a new report by the agency's inspector general. Called for in the wake of 9/11, the Integrated Wireless Network (IWS) project has already been repeatedly scaled back. Today, the Department of Justice continues to rely on several separate land mobile radio systems, some of which are unreliable, obsolete, and fail to interoperate with one another. Agents often have to swap radios, share channels, or refer to a book of radio frequencies and manually switch between those frequencies to stay online. Radios remain insecure, as much of the current equipment fails to meet encryption requirements. Much of the agency's equipment is more than 15 years old and is no longer even supported by the manufacturer."
Crime

Man Charged With Stealing Code From Federal Reserve Bank 199

Posted by samzenpus from the was-that-wrong? dept.
wiredmikey writes "A Chinese computer programmer was arrested by U.S. authorities in New York on Wednesday, on charges that he stole proprietary source code while working on a project at the Federal Reserve Bank of New York. The man arrested, Bo Zhang of New York, worked as a contract employee developing a specific portion of the GWA's (Government-Wide Accounting and Reporting Program) source code at the Federal Reserve Bank of New York where the code is maintained. The complaint alleges that in the summer of 2011, Zhang stole the GWA code, something he admitted to in July 2011. Zhang said that he used the GWA Code in connection with a private business he ran training individuals in computer programming."
Hardware

Do Data Center Audits Mean Anything? 84

Posted by samzenpus from the who-certifies-the-certifiers? dept.
1sockchuck writes "Data center service providers often tout certifications such as SAS 70, SSAE 16 and SOC 2 as evidence that they meet lofty operational standards. But some of these certifications are based on self-defined standards, and the entire situation is confusing and frustrating to customers, according to one critic, who says data center shoppers are poorly served by the jumble of acronyms and standards. Do these certifications matter when users are seeking data center space? Should they?"
Privacy

Teens Share Passwords As a Form of Intimacy 533

Posted by Soulskill from the generation-share dept.
nonprofiteer writes "The New York Times claims that the hot new trend among teenagers in love is to share passwords to their email and Facebook accounts, as the ultimate form of trust. According to Pew, 33% of teens surveyed say they do this. One expert says the pressure to share passwords is akin to the pressure to have sex. Forbes says don't do it! 'There is something pure and romantic about the idea of sharing everything, and having no secrets from one another. But it's romantic the same way that Romeo and Juliet is romantic, in a tragic, horrible, everyone-is-miserable-and-dies-at-the-end kind of way.' Sam Biddle at Gizmodo writes about which passwords are okay to share (like Netflix), but says to stay away from handing over email or Facebook passwords. 'We all need whatever scraps of privacy we have left, and your email is just that.'"
Security

Symantec Admits Its Networks Were Hacked in 2006 113

Posted by Soulskill from the timely-disclosure dept.
Orome1 writes "After having first claimed that the source code leaked by Indian hacking group Dharmaraja was not stolen through a breach of its networks, but possibly by compromising the networks of a third-party entity, Symantec backpedalled and announced that the code seems to have exfiltrated during a 2006 breach of its systems. Symantec spokesman Cris Paden has confirmed that unknown hackers have managed to get their hands on the source code to the following Symantec solutions: Norton Antivirus Corporate Edition, Norton Internet Security, Norton Utilities, Norton GoBack and pcAnywhere."
Security

Will Secure Boot Cripple Linux Compatibility? 545

Posted by Unknown Lamer from the security-through-totalitarianism dept.
MojoMax writes "The advent of Windows 8 is drawing ever nearer and recently we have learned that ARM devices installed with Windows 8 will not be able to disable the UEFI secure boot feature that many of us are deeply concerned about. However, UEFI is still a very real danger to Linux and the freedom to use whichever OS you chose. Regardless of information for OEMs to enable customers to install their own keys, such as that published by the Linux Foundation, there are still very serious and as yet unresolved issues with using secure boot and Linux. These issues are best summarized quoting Matthew Garrett: 'Signing the kernel isn't enough. Signed Linux kernels must refuse to load any unsigned kernel modules. Virtualbox on Linux? Dead. Nvidia binary driver on Linux? Dead. All out of tree kernel modules? Utterly, utterly dead. Building an updated driver locally? Not going to happen. That's going to make some people fairly unhappy.'"
Crime

Hackers Steal $6.7M In Bank Cyber Heist 91

Posted by Soulskill from the not-nearly-as-dramatic-as-a-regular-heist dept.
Orome1 writes "A perfectly planned and coordinated bank robbery was executed during the first three days of the new year in Johannesburg, and left the targeted South African Postbank — part of the nation's Post Office service — with a loss of some $6.7 million. The cyber gang behind the heist was obviously very well informed about the post office's IT systems, and began preparing the ground for the heist a few months before, by opening accounts in post offices across the country and compromising an employee computer in the Rustenburg Post Office."
Security

Israel Faces Escalating Cyberwar 200

Posted by Soulskill from the i'm-sure-it'll-be-over-soon dept.
New submitter 9re9 writes "The NY Times describes what may be the beginning of an actual cyberwar between a pro-Palestinian group and Israeli companies, specifically El Al and the Tel Aviv stock exchange. From the article: 'A hacker identifying himself as oxOmar, already notorious for posting the details of more than 20,000 Israeli credit cards, sent an overnight warning to Israel's Ynet news outlet that a group of pro-Palestinian cyberattackers called Nightmare planned to bring down the sites in the morning.' Though the article is skimpy on technical details, the group appears to have engaged merely in a DDOS attack. Hamas praised the attack as opening 'a new resistance front against Israel.' Is this the first acknowledged cyberwar?"
Bug

Serious Oracle Flaw Revealed; Patch Coming 100

Posted by timothy from the now-how-much-would-you-pay? dept.
GMGruman writes "A bug in Oracle Database that could take down large databases — or let a hacker do so — has been found, and Oracle promises a patch later today. When InfoWorld first heard of the bug two months ago, its investigation revealed how dangerous this bug could be, and after convincing Oracle to address the issue, InfoWorld held the news until a patch was available, so hackers could not exploit the bug in the meantime. Paul Venezia details just how this bug exposes companies to the possibility of databases going offline, and Eric Knorr asks Oracle users to help test the patch in their complex environments. (InfoWorld's tests in simpler environments show the patch works there.)"
Botnet

Koobface Malware Traced To 5 Russians 64

Posted by timothy from the but-that's-right-near-tampa dept.
New submitter theonlyholle writes "Naked Security, the Sophos IT security blog, has published an article about the authors of the Koobface malware that plagued Facebook users in 2008 and the investigation that led to their identification. Apparently the botnet was created by five Russians from St. Petersburg."
Firefox

Notes On Reducing Firefox's Memory Consumption 297

Posted by timothy from the we-gave-it-post-it-notes dept.
Skuto writes "At yesterdays linux.conf.au Browser miniconference in Ballarat, Australia, Mozilla engineer Nicholas Nethercote gave a detailed presentation about the history of Firefox's memory consumption. The 37 slides-with-notes explain in gritty detail what caused Firefox 4's memory usage to be higher than expected, how many leaks and accidental memory use bugs were tracked down with Valgrind plugins, as well as the pitfalls of common memory allocation strategies. Current work is now focused on reducing the memory usage of popular add-ons such as AdBlock, GreaseMonkey and Firebug. Required reading for people working on large software projects, or those who missed that Firefox is now one of the most memory-efficient browsers in heavy usage."
Security

RSA Chief: Last Year's Breach Has Silver Lining 49

Posted by Soulskill from the learn-the-lesson-in-advance-next-time dept.
alphadogg writes "Last year's industry-shaking RSA Security breach has resulted in customers' CEOs and CIOs engaging much more closely with the vendor to improve their organizations' security, according to the head of RSA. Discussing the details of the attack that compromised its SecurID tokens has made RSA sought after by companies that want to prevent something similar from happening to them, Executive Chairman Art Coviello said in an interview with Network World. 'If there's a silver lining to the cloud that was over us from April through over the summer it is the fact that we've been engaged with customers at a strategic level as never before,' Coviello says, 'and they want to know in detail what happened to us, how we responded, what tools we used, what was effective and what was not.'"
Java

Oracle and the Java Ecosystem 157

Posted by samzenpus from the a-different-approach dept.
First time accepted submitter twofishy writes "After an undeniably rocky start, which saw high profile resignations from the JCP, including Doug Lea (who remains active in the OpenJDK), and the Apache Software Foundation, Oracle is making significant efforts to re-engage with the wider Java ecosystem, a theme which it talked up at the most recent JavaOne conference. The company is working hard to engage with the Java User Group leaders and Java Champions, membership of the OpenJDK project is growing, and the company is making efforts to reform the Java Community Process to improve transparency. The firm has also published a clear, well-defined Java roadmap toward Java 8 and Java 9."
Security

Zappos Hacked: Internal Systems Breached 122

Posted by samzenpus from the under-the-wire dept.
wiredmikey writes "Zappos appears to be the latest victim of a cyber attack resulting in a data breach. In an email to Zappos employees on Sunday, CEO Tony Hsieh asked employees to set aside 20 minutes of their time to read about the breach and what communications would be sent to its over 24 million customers. While Hsieh said that credit card data was not compromised, he did say that 'one or more' of the following pieces of personal information has been accessed by the attacker(s): customer names, e-mail addresses, billing and shipping addresses, phone numbers, the last four digits of credit card numbers. User passwords were 'cryptographically scrambled,' he said."
Crime

New Cable Designed To Deter Copper Thieves 668

Posted by samzenpus from the nothing-in-it-for-you dept.
Hugh Pickens writes "Pervasive thefts of copper wire from under the streets of Fresno, California have prompted the city to seal thousands of its manhole covers with concrete. In Picher, Oklahoma, someone felled the town's utility poles with chain saws, allowing thieves to abscond with 3,000 feet of wire while causing a blackout. The theft of copper cables costs U.S. companies $60 million a year and the FBI says it considers theft of copper wire to be a threat to the nation's baseline ability to function. But now PC World reports that a U.S. company has developed a new cable design that removes almost all the copper from cables in a bid to deter metal thieves. Unlike conventional cables made from solid copper, the GroundSmart Copper Clad Steel Cable consists of a steel core bonded to a copper outer casing, forming an equally effective but far less valuable cable by exploiting the corrosion-resistance of copper with the conductive properties of steel. 'Companies trying to protect their copper infrastructure have been going to extreme measures to deter theft, many of which are neither successful nor cost effective,' says CommScope vice president, Doug Wells. 'Despite efforts like these, thieves continue to steal copper because of its rising value. The result is costly damage to networks and growing service disruptions.' The GroundSmart Copper Clad Steel cable is the latest technical solution to the problem of copper theft, which has included alternatives like cable etching to aid tracing of stolen metal and using chemicals that leave stains detectable under ultra-violet light. However the Copper Clad Steel strikes at the root of the problem by making the cable less susceptible to theft by both increasing the resistance to cutting and drastically decreasing the scrap value."
Security

DHS X-ray Car Scanners Now At Border Crossings 295

Posted by samzenpus from the scanning-what-you-have-to-declare dept.
OverTheGeicoE writes "CNET has a story on DHS' whole car X-ray scanners and their potential cancer risks. The story focuses on the Z Portal scanner, which appears to be a stationary version of the older Z Backscatter Vans. The story provides interesting pictures of the device and the images it produces, but it also raises important questions about the devices' cancer risks. The average energy of the X-ray beam used is three times that used in a CT scan, which could be big trouble for vehicle passengers and drivers should a vehicle stop in mid-scan. Some studies show the risk for cancer from CT scans can be quite high. Worse still, the DHS estimates of the Z Portal's radiation dosage are likely to be several orders of magnitude too low. 'Society will pay a huge price in cancer because of this,' according to one scientist."
Security

DHS Monitors Social Media For 'Political Dissent' 385

Posted by Soulskill from the howdy-boys dept.
OverTheGeicoE writes "Recently, TSA's 'Blogger Bob' Burns posted a rant against a cupcake on the TSA blog. Perhaps it made you wonder if TSA and its parent agency, the Department of Homeland Security, really understand what we're saying about them, especially online. Well, thanks to a Freedom of Information Act lawsuit from the Electronic Privacy Information Center, we now know a lot more about how they monitor online comments aside from 'Blogger Bob.' EPIC has received hundreds of pages of documents regarding DHS's online surveillance program. These documents reveal that DHS has contracts with General Dynamics for '24/7 media and social network monitoring.' Perhaps it will warm your heart to know that DHS is particularly interested in tracking media stories that 'reflect adversely' on the U.S. government generally and DHS specifically. The documents include a report summary that might be representative of General Dynamics' work. The example includes summaries of comments on blogs and social networking sites, including quotes. Then again, you might remember J. Edgar Hoover's monitoring of antiwar activists during the Vietnam War, which certainly wasn't for the protesters' benefit."
Security

Viruses Stole City College of S.F. Data For Years 93

Posted by Soulskill from the measuring-failure-in-decades dept.
An anonymous reader sends this quote from an article at the San Francisco Chronicle: "Personal banking information and other data from perhaps tens of thousands of students, faculty and administrators at City College of San Francisco have been stolen in what is being called 'an infestation' of computer viruses with origins in criminal networks in Russia, China and other countries, The Chronicle has learned. At work for more than a decade, the viruses were detected a few days after Thanksgiving, when the college's data security monitoring service detected an unusual pattern of computer traffic, flagging trouble."

Slashdot Top Deals