Skip navigation
Help

operating system

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

Dave Eggers, the acclaimed author behind A Heartbreaking Work of Staggering Genius and A Hologram for the King, will release his latest novel, The Circle, this fall. The book will revolve around a fictional, but eerily familiar entity, "the Circle," which is described as "the world's most powerful internet company."

The Circle, run out of a sprawling California campus, links users’ personal emails, social media, banking, and purchasing with their universal operating system, resulting in one online identity and a new age of civility and transparency.

0
Your rating: None
Original author: 
Florence Ion


What if you could privately use an application and manage its permissions to keep ill-intending apps from accessing your data? That’s exactly what Steve Kondik at CyanogenMod—the aftermarket, community-based firmware for Android devices—hopes to bring to the operating system. It’s called Incognito Mode, and it’s designed to help keep your personal data under control.

Kondik, a lead developer with the CyanogenMod team, published a post on his Google Plus profile last week about Incognito Mode. He offered more details on the feature:

I've added a per-application flag which is exposed via a simple API. This flag can be used by content providers to decide if they should return a full or limited dataset. In the implementation I'm working on, I am using the flag to provide these privacy features in the base system:

  • Return empty lists for contacts, calendar, browser history, and messages.
  • GPS will appear to always be disabled to the running application.
  • When an app is running incognito, a quick panel item is displayed in order to turn it off easily.
  • No fine-grained permissions controls as you saw in CM7. It's a single option available under application details.

The API provides a simple isIncognito() call which will tell you if incognito is enabled for the process (or the calling process). Third party applications can honor the feature using this API, or they can choose to display pictures of cats instead of running normally.

Every time you install a new application on Android, the operating system asks you to review the permissions the app requests before it can install. This approach to user data is certainly precarious because users can't deny individual permissions to pick and choose what an application has access to, even if they still want to use that app. Incognito Mode could potentially fix this conundrum, enabling users to restrict their data to certain applications.

Read 9 remaining paragraphs | Comments

0
Your rating: None
Original author: 
timothy

coondoggie writes "At the Design Automation Conference (DAC) here this week, John Kubiatowicz, professor in the UC Berkeley computer science division, offered a preview of Tessellation, describing it as an operating system for the future where surfaces with sensors, such as walls and tables in rooms, for example, could be utilized via touch or audio command to summon up multimedia and other applications. The UC Berkeley Tessellation website says Tessellation is targeted at existing and future so-called 'manycore' based systems that have large numbers of processors, or cores on a single chip. Currently, the operating system runs on Intel multicore hardware as well as the Research Accelerator for Multiple Processors (RAMP) multicore emulation platform."

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None
Original author: 
Dan Goodin

greyweed

Recently discovered malware targeting Android smartphones exploits previously unknown vulnerabilities in the Google operating system and borrows highly advanced functionality more typical of malicious Windows applications, making it the world's most sophisticated Android Trojan, a security researcher said.

The infection, named Backdoor.AndroidOS.Obad.a, isn't very widespread at the moment. The malware gives an idea of the types of smartphone malware that are possible, however, according to Kaspersky Lab expert Roman Unuchek in a blog post published Thursday. Sharply contrasting with mostly rudimentary Android malware circulating today, the highly stealthy Obad.a exploits previously unknown Android bugs, uses Bluetooth and Wi-Fi connections to spread to near-by handsets, and allows attackers to issue malicious commands using standard SMS text messages.

"To conclude this review, we would like to add that Backdoor.AndroidOS.Obad.a looks closer to Windows malware than to other Android trojans, in terms of its complexity and the number of unpublished vulnerabilities it exploits," Unuchek wrote. "This means that the complexity of Android malware programs is growing rapidly alongside their numbers."

Read 6 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Todd Hoff

I'm not sure what I was expecting the stack GOV.UK used at launch to look like. Maybe some messenger owls and lots of cobwebs? But not so at all. So much not so I thought any organization looking at their own stack for ideas could learn something from the considered choices of others.

The diversity of technologies used was surprising. They use "at least five different programming languages, three separate database types, two versions of an operating system." Some may think of this as a weakness, but they think it a strength:

The reason we operate such a diverse ecosystem is that we are focused on solving real problems. Our first task is to understand the problem or need we are solving and then to choose the best tool for the job. If we restrict ourselves to moulding the need to the tools we already have, then we risk not solving the initial problem in the best way possible for the user. By restricting software diversity or enforcing rigid organisational standards on a project, there is a possibility of descending into a cargo cult, where we simply repeat the same patterns and mistakes in everything we make.

This "use the best tool no matter what" policy is outlined in a blog post Benefits of diversity. The only choice that wouldn't be found in a modern startup is the use of Skyscape as their cloud provider. I'm assuming this has to do with legal issues around data sovereignty as this is government site, but otherwise it's all straight out of standard modern web practice: monitoring, dashboards, continuous release, polyglot persistence, distributed source code control, etc. Good to see a government getting it.

What stack are they using? (it's a direct copy so feel free to read the original)

0
Your rating: None
Original author: 
Megan Geuss


List your passwords alphabetically, so it's easy for you and others to find them!

Give three password crackers a list of 16,000 cryptographically hashed passwords and ask them to come up with the plaintext phrases they correspond to. That's what Ars did this week in Dan Goodin's Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331.” Turns out, with just a little skill and some good hardware, three prominent password crackers were able to decode up to 90 percent of the list using common techniques.

The hashes the security experts used were converted using the MD5 cryptographic hash function, something that puzzled our readers a bit. MD5 is seen as a relatively weak hash function compared to hashing functions like bcrypt. flunk wrote, "These articles are interesting but this particular test isn't very relevant. MD5 wasn't considered a secure way to hash passwords 10 years ago, let alone now. Why wasn't this done with bcrypt and salting? That's much more realistic. Giving them a list of passwords that is encrypted in a way that would be considered massively incompetent in today's IT world isn't really a useful test."

To this, Goodin replied that plenty of Web services employ weak security practices: "This exercise was entirely relevant given the huge number of websites that use MD5, SHA1, and other fast functions to hash passwords. Only when MD5 is no longer used will exercises like this be irrelevant." Goodin later went on to cite the recent compromises of "LinkedIn, eHarmony, and LivingSocial," which were all using "fast hashing" techniques similar to MD5.

Read 14 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Andrew Cunningham


I log some face-on time with Glass at Google I/O.

Florence Ion

"When you're at a concert and the band takes the stage, nowadays 50,000 phones and tablets go into the air," said Google Senior Development Advocate Timothy Jordan in the first Google Glass session of this year's Google I/O. "Which isn't all that weird, except that people seem to be looking at the tablets more than they are the folks onstage or the experience that they're having. It's crazy because we love what technology gives us, but it's a bummer when it gets in the way, when it gets between us and our lives, and that's what Glass is addressing."

The upshot of this perspective is that Glass and its software is designed for quick use. You fire it up, do what you want to do, and get back to your business without the time spent diving into your pocket for your phone, unlocking it, and so on. Whether this process is more distracting than talking to someone with Glass strapped to his or her face is another conversation, but this is the problem that Google is attempting to solve.

Since Google I/O is a developer's conference, the Glass sessions didn't focus on the social implications of using Glass or the privacy questions that some have raised. Rather, the focus was on how to make applications for this new type of device, something that is designed to give you what you want at a moment's notice and then get out of the way. Here's a quick look at what that ethos does to the platform's applications.

Read 22 remaining paragraphs | Comments

0
Your rating: None