An anonymous reader writes "Google's Eric Schmidt and Jared Cohen were [part of a] wide-ranging session at SXSW today and they revealed that Google's data is now safely protected from the prying eyes of government organizations. In the last few days Google upgraded its security measure following revelations that Britain's GCHQ had intercepted data being transmitted between Google datacenters, Schmidt said that his company's upgrades following the incident left him 'pretty sure that information within Google is now safe from any government's prying eyes.'"
Catch up on stories from the past week (and beyond) at the Slashdot story archive
It's not just graphics app Krita: user KDE Community writes "The Calligra team is proud and pleased to announce the release of version 2.8 of the Calligra Suite, Calligra Active and the Calligra Office Engine. Major new features in this release are comments support in Author and Words, improved Pivot tables in Sheets, improved stability and the ability to open hyperlinks in Kexi. Flow introduces SVG based stencils and as usual there are many new features in Krita including touch screens support and a wraparound painting mode for the creation of textures and tiles." KDE has also just announced the first beta of its Applications and Platform 4.13.
jlp2097 writes "As reported by Heise, Mozilla has introduced a new JPEG encoder (German [Google-translated to English]) called mozjpeg. Mozjpeg promises to be a 'production-quality JPEG encoder that improves compression while maintaining compatibility with the vast majority of deployed decoders.' The Mozilla Research blog states that Mozjpeg is based on libjpeg-turbo with functionality added from jpgcrush. They claim an average of 2-6% of additional compression for files encoded with libjpeg and 10% additional compression for a sample of 1500 jpegs from Wikipedia — while maintaining the same image quality."
MojoKid writes "Microsoft has been loudly and insistently banging a drum: All support and service for Windows XP and Office 2003 shuts down on April 8. In early February, faced with a slight uptick in users on the decrepit operating system the month before, Microsoft hit on an idea: Why not recruit tech-savvy friends and family to tell old holdouts to get off XP? The response ... was a torrent of abuse from Windows 8 users who aren't exactly thrilled with the operating system. Microsoft has come under serious fire for some significant missteps in this process, including a total lack of actual upgrade options. What Microsoft calls an upgrade involves completely wiping the PC and reinstalling a fresh OS copy on it — or ideally, buying a new device. Microsoft has misjudged how strong its relationship is with consumers and failed to acknowledge its own shortcomings. Not providing an upgrade utility is one example — but so is the general lack of attractive upgrade prices or even the most basic understanding of why users haven't upgraded. Microsoft's right to kill XP is unquestioned, but the company appears to have no insight into why its customers continue to use the OS. "
An anonymous reader writes "This article at O'Reilly Programming suggests that PHP, a language known as much for its weaknesses as its strengths, has made steady progress over the past few years in fixing its problems. From the article: 'A few years ago, PHP had several large frameworks (e.g. CakePHP, CodeIgniter, and so on). Each framework was an island and provided its own implementation of features commonly found in other frameworks. Unfortunately, these insular implementations were likely not compatible with each other and forced developers to lock themselves in with a specific framework for a given project. Today the story is different. The new PHP community uses package management and component libraries to mix and match the best available tools. ... There are also exciting things happening with PHP under the hood, too. The PHP Zend Engine recently introduced memory usage optimizations. The memory usage in PHP 5.5 is far less than earlier versions.'"
crookedvulture writes "Most of Intel's recent desktop SSDs have followed a familiar formula. Combine off-the-shelf controller with next-gen NAND and firmware tweaks. Rinse. Repeat. The new 730 Series is different, though. It's based on Intel's latest datacenter SSD, which combines a proprietary controller with high-endurance NAND. In the 730 Series, these chips are clocked much higher than their usual speeds. The drive is fully validated to run at the boosted frequencies, and it's rated to endure at least 70GB of writes per day over five years. As one might expect, though, this hot-clocked server SSD is rather pricey for a desktop model. It's slated to sell for around $1/GB, which is close to double the cost of more affordable options. And the 730 Series isn't always faster than its cheaper competition. Although the drive boasts exceptional throughput with random I/O, its sequential transfer rates are nothing special."
Freshly Exhumed writes "As Apple issued an update for Mavericks, Mountain Lion, and Lion yesterday, Snow Leopard users have not seen a security update since September, 2013. This would not be noteworthy if Apple, like a host of other major software vendors, would clearly spell out its OS support policies and warn users of such changes, but they have not. Thus, the approximately 20% of Mac users still running Snow Leopard now find themselves in a very vulnerable state without the latest security updates."
SmartAboutThings writes "At a special event at the Mobile World Congress, Microsoft has announced the 'spring' update for Windows 8.1. Joe Belfiore, who is the head of platform at Microsoft for smartphones, tablets and desktop devices, said the Windows 8.1 update will come with improvements for non-touch devices. Belfiore also said the update will focus on bringing back some of the 'old' features to Windows 8.1, such as the much-hyped start button, but this won't have a negative impact on the touch experience."
An anonymous reader writes "On Friday, Chrome 33 was shipped out the everyone on the stable channel. Among other things, it removes the developer flag to disable the "Instant Extended API", which powers an updated New Tab page. The new New Tab page receieved a large amount of backlash from users, particularly due to strange behavior when Google wasn't set as the default search engine. It also moves the apps section to a separate page and puts the button to reopen recently closed tabs in the Chrome menu. With the option to disable this change removed, there has been tremendous backlash on Google Chrome's official forum. The official suggestion from Google as well as OMG! Chrome is to try some New Tab page changing extensions, such as Replace New Tab, Modern New Tab Page, or iChrome."
wiredmikey writes "Users of iOS devices will find themselves with a new software update to install, thanks to a certificate validation flaw in the mobile popular OS. While Apple provides very little information when disclosing security issues, the company said that an attacker with a 'privileged network position could capture or modify data in sessions protected by SSL/TLS.' 'While this flaw itself does not allow an attacker to compromise a vulnerable device, it is still a very serious threat to the privacy of users as it can be exploited through Man-in-the-Middle attack,' VUPEN's Chaouki Bekrar told SecurityWeek. For example, when connecting to an untrusted WiFi network, attackers could spy on user connections to websites and services that are supposed to be using encrypted communications, Bekrar said. Users should update their iOS devices to iOS 7.0.6 as soon as possible." Adds reader Trailrunner7: "The wording of the description is interesting, as it suggests that the proper certificate-validation checks were in place at some point in iOS but were later removed somehow. The effect of an exploit against this vulnerability would be for an attacker with a man-in-the-middle position on the victim's network would be able to read supposedly secure communications. It's not clear when the vulnerability was introduced, but the CVE entry for the bug was reserved on Jan. 8."
An anonymous reader writes "We've been hearing more and more reports of ISPs throttling Netflix and other high-bandwidth services lately. The ISPs have denied it, and even Netflix itself seems to believe them. If that's the case, what's going on? Well, according to this article, the blame still lies with the ISPs. While they may not be explicitly throttling connection speeds, they're refusing to upgrade network connections as they demand more money from content distributors. For example, Netflix pays Cogent to distribute their internet traffic. Cogent has an agreement with Verizon to exchange traffic — which works fine until the massive amount of traffic from Netflix makes it a lopsided arrangement. Verizon wants more money from Cogent, and one of their negotiating tactics is simply to stop upgrading their infrastructure so that service degrades. 'There are about 11 Cogent/Verizon peering connections in major cities around the country. When peering partners aren't fighting, they typically upgrade the connections (or "ports") when they're about 50 percent full, Cogent says. ... With Cogent and Verizon fighting, the upgrades are happening at a glacial pace, according to Schaeffer. "Once a port hits about 85 percent throughput, you're going to begin to start to drop packets," he said. "Clearly when a port is at 120 or 130 percent [as the Cogent/Verizon ones are] the packet loss is material."'"
New submitter kjbullis writes with this snippet from Technology Review: "When Toyota recalled over two million cars last week because of flaws with antilock braking systems and other problems, the fix was simple — a few software updates .The implementation of that fix is far from simple. Every one of those cars has to be taken into a dealership to have the new software installed, an expensive process that can take months. Cars that haven't been fixed could, in some cases, suddenly stall and crash. There is an alternative — the same sort of remote software updates used for PCs and smart phones. Indeed, one automaker, Tesla Motors, already provides what it calls 'over-the-air updates,' which allowed it to execute a recent software fix without requiring anybody to bring in their cars. But other automakers are dragging their feet, both because they're worried about security and because they might face resistance from dealers."
schwit1 writes "U.S. banks and merchants are shifting to a more secure way of authorizing credit card transactions in which customers will enter a personal identification number (PIN) at checkout instead of signing a receipt. The US is the last major market in the world using the signature system, which is part of the reason why a disproportionate amount of credit card fraud happens here. The change is especially relevant given the massive fraud perpetrated against customers of Target in the fall. During a Congressional hearing last week, Target CFO John Mulligan said the company is accelerating the $100 million effort to switch to the so-called "chip and pin" system. The change won't happen all at once. Banks must issue cards with microprocessors and merchants need the right equipment to process the chip and PIN transactions, which is likely to happen gradually. But Visa, American Express, and MasterCard have announced that banks and merchants that have not adopted the technology for face-to-face transactions by October 2015 will be liable for fraudulent purchases. That's a strong incentive to get up to date. The new system will also prepare merchants and banks to transition to contactless payments in the near future."
joe5 writes "Tesla Motors tries to keep product details quiet for the most part, but in a recent Q & A session in Norway (Teslas sell extremely well there) Tesla CEO Elon Musk and the company's CTO JB Straubel discussed some interesting nuggets about the Model S, the upcoming Model X SUV, and the company's planned Model E sedan."
jones_supa writes "At FOSDEM 2014 some recent developments of GNU Hurd were discussed (PDF slides). In the name of freedom, GNU Hurd has now the ability to run device drivers from user-space via the project's DDE layer. Among the mentioned use-cases for the GNU Hurd DDE are allowing VPN traffic to just one application, mounting one's own files, redirecting a user's audio, and more flexible hardware support. You can also run Linux kernel drivers in Hurd's user-space. Hurd developers also have working IDE support, X.Org / graphics support, an AHCI driver for Serial ATA, and a Xen PV DomU. Besides the 64-bit support not being in a usable state, USB and sound support is still missing. As some other good news for GNU Hurd, around 79% of the Debian archive is now building for GNU Hurd, including the Xfce desktop (GNOME and KDE soon) and Firefox web browser."
Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."
MojoKid writes "AMD has a new set of drivers coming in a couple of days that are poised to resolve a number of longstanding issues and enable a handful of new features as well, most notably support for Mantle. AMD's new Catalyst 14.1 beta driver is going to be the first publicly available driver from AMD that will support Mantle, AMD's "close to the metal" API that will let developers wring additional performance from GCN-based GPUs. However, the new drivers will also add support for the HSA-related features introduced with the recently released Kaveri APU, and will reportedly fix the frame pacing issues associated with Radeon HD 7000 series CrossFire configurations. A patch for Battlefield 4 is due to arrive soon as well and AMD is claiming performance gains in excess of 40 percent in CPU limited scenarios but smaller gains in GPU-limited conditions, with average gains of 11 — 13 percent over all." First time accepted submitter Spottywot adds some details about the Battlefield 4 improvements, writing that Johan Andersson, one of the Technical Directors in the Frostbite team, says that the best performance gains are observed when a game is bottlenecked by the CPU, "which can be quite common even on high-end machines." "With an AMD A10-7850K 'Kaveri' APU Mantle provides a 14 per cent improvement, on a system with an AMD FX-8350 and Radeon 7970 Mantle provides a 25 per cent boost, while on an Intel Core i7-3970x Extreme system with 2x AMD Radeon R9 290x cards a huge 58 per cent performance increase was observed."
cartechboy writes "These days, you go to a car dealership and you buy a car. If you want seat heaters, you might need to option for the cold weather package from the factory. Want the high-end stereo? You'll be likely be opting for some technology package which bundles in navigation. While some options are a la carte, most are bundled, and even when they are a la carte, they aren't cheap. What if in the future you could buy a car and unlock options later? Say the car came from the factory with heated seats, but you didn't pay for them. But later on, say in the middle of the freezing winter, you suddenly want them. What if you could simply pay a monthly fee during the winter months to have those heated seats work? Whether this model would benefit the consumer, the automakers, or both is yet to be seen. But automakers such as MINI are already talking about this type of a future. Is this the right road to be headed down, or are consumers going to just get screwed in the long run?"