Apple developer site targeted in security attack, still down

Apple's site for developers was attacked by an intruder last week, the company said Sunday.

In a note to developers, the company said that an "intruder" tried to gain access to developer information, prompting the company to take the service down. Sensitive information on that site was encrypted, Apple said, however it's keeping the site down while security is being hardened. No estimate was provided for when it will be back up.

Apple sent the following to developers on Sunday, detailing some of what happened:

Last Thursday, an intruder attempted to secure personal information of our registered developers from our developer website. Sensitive personal information was encrypted and cannot be accessed, however, we have not been able to rule out the possibility that some developers' names, mailing addresses, and/or email addresses may have been accessed. In the spirit of transparency, we want to inform you of the issue. We took the site down immediately on Thursday and have been working around the clock since then.

In order to prevent a security threat like this from happening again, we're completely overhauling our developer systems, updating our server software, and rebuilding our entire database. We apologize for the significant inconvenience that our downtime has caused you and we expect to have the developer website up again soon.

An Apple spokesman told CNET that the company's developer Web site is "not associated with any customer information" and that "customer information is securely encrypted."

Apple's developer site is home to software downloads, documentation and forums for third-party software developers. The site became inaccessible to registered developers last Thursday, causing angst for users who could not access those features. On Friday the company noted that it would be extending membership periods to cover the outage, and that any published software would not be removed.

Read more: http://news.cnet.com/8301-13579_3-57594770-37/apple-developer-site-targeted-in-security-attack-still-down

SIM Cards Have Finally Been Hacked, And The Flaw Could Affect Millions Of Phones

Smartphones are susceptible to malware and carriers have enabled NSA snooping, but the prevailing wisdom has it there’s still one part of your mobile phone that remains safe and un-hackable: your SIM card.
Yet after three years of research, German cryptographer Karsten Nohl claims to have finally found encryption and software flaws that could affect millions of SIM cards, and open up another route on mobile phones for surveillance and fraud.

Read more: http://www.forbes.com/sites/parmyolson/2013/07/21/sim-cards-have-finally-been-hacked-and-the-flaw-could-affect-millions-of-phones/

RELATED SOURCE

SIM cards are the de facto trust anchor of mobile devices worldwide. The cards protect the mobile identity of subscribers, associate devices with phone numbers, and increasingly store payment credentials, for example in NFC-enabled phones with mobile wallets.
With over seven billion cards in active use, SIMs may well be the most widely used security token in the world. Through over-the-air (OTA) updates deployed via SMS, the cards are even extensible through custom Java software. While this extensibility is rarely used so far, its existence already poses a critical hacking risk.
Cracking SIM update keys. OTA commands, such as software updates, are cryptographically-secured SMS messages, which are delivered directly to the SIM. While the option exists to use state-of-the-art AES or the somewhat outdated 3DES algorithm for OTA, many (if not most) SIM cards still rely on the 70s-era DES cipher. DES keys were shown to be crackable within days using FPGA clusters, but they can also be recovered much faster by leveraging rainbow tables similar to those that made GSM’s A5/1 cipher breakable by anyone.

Read more: https://srlabs.de/rooting-sim-cards/

Aireal: Interactive Tactile Experiences in Free Air

AIREAL is a new low cost, highly scalable haptic technology that delivers expressive tactile sensations in mid air. AIREAL enables users to feel virtual objects, experience dynamically varying textures and receive feedback on full body gestures, all without requiring the user to wear a physical device. AIREAL is designed to use a vortex, a ring of air that can travel large distances while keeping its shape and speed. When the vortex hits a user’s skin, the low pressure system inside a vortex collapses and imparts a force the user can feel. The AIREAL technology is almost entirely 3D printed using a 3D printed enclosure, flexible nozzle and a pan and tilt gimbal structure capable of a 75-degree targeting field. Five actuators are mounted around the enclosure which displaces air from the enclosed volume, through the flexible nozzle and into the physical environment. The actuated flexible nozzle allows a vortex to be precisely delivered to any location in 3D space.

AIREAL is part of our long term vision for creating large-scale computer augmented environments which can deliver compelling interactive experiences seamlessly, everywhere and at anytime. Free air tactile feedback technology is a key element of these future interactive spaces with a wide range of applications including gaming and story telling, mobile interfaces, and gesture control among many others.

Read more: http://www.disneyresearch.com/project/aireal/

qooxdoo 3.0 released

We are happy to announce a new major release of the framework, qooxdoo 3.0.
Many thanks go to the entire community for making this happen: the team of core developers,1&1 as the supporting company, all contributors, and last but not least the users and enthusiasts who brought in questions, comments and suggestions.

The release of qooxdoo 2.0 about a year ago was a landmark in the framework’s ongoing evolution to become a universal JavaScript framework. Now with the release of qooxdoo 3.0 each of the three major application domains, i.e. Desktop, Mobile and Website, ship with substantial if not radical improvements.

Read more: http://news.qooxdoo.org/qooxdoo-3-0-released

Ubuntuforums.org Hacked!

Ubuntu Forums is down for maintenance

There has been a security breach on the Ubuntu Forums. The Canonical IS team is working hard as we speak to restore normal operations. This page will be updated with progress reports.

Read more: http://ubuntuforums.org/announce.html

PRISM Break!

Opt out of PRISM, the NSA’s global data surveillance program. Stop the American government from spying on you by encrypting your communications and ending your reliance on proprietary services.
Please go and see: https://prism-break.org/.

Direct3D 9 Support Released For Linux Via Gallium3D, Running Games

Linux desktop systems can now have working support for Microsoft's Direct3D 9 API via a new Gallium3D state tracker. Unlike the earlier Direct3D 10/11 state tracker for Gallium3D on Linux, this new code actually can run D3D9 games and at better performance than what's offered by Wine. 
Back in 2010, Direct3D 10/11 was natively implemented for Linux in the form of a Gallium3D state tracker. While Gallium3D is most often associated with OpenGL, its API agnostic and handles OpenGL ES, OpenVG, and even OpenCL for compute support, among other interfaces. Gallium3D can work just as well with Direct3D, but there has traditionally been not much developer interest in such a state tracker. This isn't to be confused with a translation layer whereby Direct3D commands are mapped into OpenGL.

Read more: http://www.phoronix.com/scan.php?page=news_item&px=MTQxMjk

Why mobile web apps are slow

I’ve had an unusual number of interesting conversations spin out of my previous article documenting that mobile web apps are slow.  This has sparked some discussion, both online and IRL.  But sadly, the discussion has not been as… fact-based as I would like.So what I’m going to do in this post is try to bring some actual evidence to bear on the problem, instead of just doing the shouting match thing.  You’ll see benchmarks, you’ll hear from experts, you’ll even read honest-to-God journal papers on point.  There are–and this is not a joke–over 100 citations in this blog post. I’m not going to guarantee that this article will convince you, nor even that absolutely everything in here is totally correct–it’s impossible to do in an article this size–but I can guarantee this is the most complete and comprehensive treatment of the idea that many iOS developers have–that mobile web apps are slow and will continue to be slow for the forseeable future.Now I am going to warn you–this is a very freaking long article, weighing in at very nearly 10k words.  That is by design.  I have recently come out in favor of articles that are good over articles that are popular. This is my attempt at the former, and my attempt to practice what I have previously preached: that we should incentivize good, evidence-based, interesting discussion and discourage writing witty comments.I write in part because this topic has been discussed–endlessly–in soundbyte form.  This is not Yet Another Bikeshed Article, so if you are looking for that 30-second buzz of “no really, web apps suck!” vs “No they don’t!” this is not the article for you.  (Go read one ofthese oh no make it stop can’t breathe not HN too I can’t do this anymore please just stop so many opinions so few facts I can go on).  On the other hand, as best as I can tell, there is no comprehensive, informed, reasonable discussion of this topic happening anywhere. It may prove to be a very stupid idea, but this article is my attempt to talk reasonably about a topic that has so far spawned 100% unreasonable flamewar-filled bikeshed discussions. In my defense, I have chosen to believe the problem has more to do with people who can discuss better and simply don’t, than anything to do with the subject matter. I suppose we’ll find out.So if you are trying to figure out exactly what brand of crazy all your native developer friends are on for continuing to write the evil native applications on the cusp of the open web revolution, or whatever, then bookmark this page, make yourself a cup of coffee, clear an afternoon, find a comfy chair, and then we’ll both be ready.

Source and Read more: http://sealedabstract.com/rants/why-mobile-web-apps-are-slow/

A Year of the Linux Desktop

Around a year ago, a school in the southeast of England, Westcliff High School for Girls Academy (WHSG), began switching its student-facing computers to Linux, with KDE providing the desktop software. The school's Network Manager, Malcolm Moore, contacted us at the time. Now, a year on, he got in touch again to let us know how he and the students find life in a world without Windows.

A room full of Linux at WHSG (image by WHSG) 

One of WHSG's desktops (image by WHSG)

[Source] Full Article here: http://dot.kde.org/2013/07/04/year-linux-desktop