Security

Researcher Discloses Methods For Bypassing All OS X Security Protections 127

Posted by samzenpus
from the protect-ya-neck dept.
Trailrunner7 writes: For years, Apple has enjoyed a pretty good reputation among users for the security of its products. That halo has been enhanced by the addition of new security features such as Gatekeeper and XProtect to OS X recently, but one researcher said that all of those protections are simple to bypass and gaining persistence on a Mac as an attacker isn't much of a challenge at all. Gatekeeper is one of the key technologies that Apple uses to prevent malware from running on OS X machines. It gives users the ability to restrict which applications can run on their machines by choosing to only allow apps from the Mac App Store. With that setting in play, only signed, legitimate apps should be able to run on the machine. But Patrick Wardle, director of research at Synack, said that getting around that restriction is trivial. "Gatekeeper doesn't verify an extra content in the apps. So if I can find an Apple-approved app and get it to load external content, when the user runs it, it will bypass Gatekeeper," Wardle said in a talk at the RSA Conference here Thursday. "It only verifies the app bundle. If Macs were totally secure, I wouldn't be here talking," Wardle said. "It's trivial for any attacker to bypass the security tools on Macs."
Chrome

Chrome 42 Launches With Push Notifications 199

Posted by Soulskill
from the douglas-adams-edition dept.
An anonymous reader writes: Google today launched Chrome 42 for Windows, Mac, and Linux with new developer tools. Chrome 42 offers two new APIs (Push API and Notifications API) that together allow sites to send notifications to their users even after the given page is closed. While this can be quite an intrusive feature for a browser, Google promises the users have to first grant explicit permission before they receive such a message.
Programming

Stack Overflow 2015 Developer Survey Reveals Coder Stats 428

Posted by Soulskill
from the nobody-loves-matlab dept.
SternisheFan points out the results from 26,086 developers who answered Stack Overflow's annual survey. It includes demographic data, technology preferences, occupational information, and more. Some examples: The U.S. had the most respondents, followed by India and the UK, while small countries and several Nordic ones had the most developers per capita. The average age of developers in the U.S. and UK was over 30, while it was 25 in India and 26.6 in Russia. 92.1% of developers identified as male. Almost half of respondents did not receive a degree in computer science.

The most-used technologies included JavaScript, SQL, Java, C#, and PHP. The most loved technologies were Swift, C++11, and Rust, while the most dreaded were Salesforce, Visual Basic, and Wordpress. 20.5% of respondents run Linux more than other OSes, and 21.5% rely on Mac OS X. Vim is almost 4 times more popular than Emacs, and both are used significantly less than NotePad++ and Sublime Text.

45% of respondents prefer tabs, while 33.6% prefer spaces, though the relationship flips at higher experience levels. On average, developers who work remotely earn more than developers who don't. Product managers reported the lowest levels of job satisfaction and the highest levels of caffeinated beverages consumed per day.
Microsoft

Microsoft Celebrates 40th Anniversary 142

Posted by timothy
from the 14,609-days-ought-to-be-enough-for-anybody dept.
HughPickens.com writes Alyssa Newcomb reports at ABC News that the software company started by Bill Gates and Paul Allen on April 4, 1975 is 40 and fabulous and highlights products and moments that helped define Microsoft's first four decades including: Microsoft's first product — software for the Altair 8800; Getting a deal to provide a DOS Operating System for IBM's computers in 1980; Shipping Windows 1.0 in 1985; Microsoft Office for Mac released in 1989; Windows 3.0 ships in 1990, ushering in the era of graphics on computers; Windows 95 launches in 1995, selling an astounding 7 million copies in the first five weeks, and the first time the start menu, task bar, minimize, maximize and close buttons are introduced on each window.

For his part, Bill Gates sent a letter to employees celebrating Microsoft's anniversary, and how far computing has come since he and Paul Allen set the goal of a computer on every desk and in every home, and predicting that computing will evolve faster in the next 10 years than it ever has before.
Input Devices

Control Anything With Gestures: Myo Bluetooth Protocol Released 15

Posted by timothy
from the not-for-use-while-driving dept.
First time accepted submitter Legendary Teeth writes The makers of the Myo Gesture Control Armband (Thalmic Labs) have just released the specs for the Bluetooth protocol it uses. While there are already official SDKs for Windows, Mac, iOS and Android, this means that now anyone can roll their own support for other platforms like Linux or Arduino without needing to use one of the official platforms as a bridge. Anything you can write code for that that can act as a Bluetooth GATT client would now be possible, really. If you aren't familiar with the Myo armband, it's a Bluetooth Low Energy device with 8 EMG pods and an IMU that you wear on your arm. It can read your muscle activity to detect gestures you make with you hands, which you can then use to do things like fly drones, play games, or control music.
Software

MuseScore 2.0 Released 35

Posted by Soulskill
from the onward-and-upward dept.
rDouglass writes: MuseScore, the open source desktop application for music notation, has released version 2.0 for Linux, Mac OS X, and Windows. This release represents the culmination of four years of development, including technical contributions from over 400 people. In addition to a completely new UI, top features include linked parts (good for pieces with many instruments), guitar tablature, flexible chord symbols, and fret diagrams. The program integrates directly with the MuseScore.com online library of scores, and music written with the application can be displayed and played using the MuseScore mobile app.
Graphics

Pixar Releases Free Version of RenderMan 198

Posted by Soulskill
from the free-as-in-beer dept.
jones_supa writes: A year ago, animation studio Pixar promised its RenderMan animation and rendering suite would eventually become free for non-commercial use. This was originally scheduled to happen in the SIGGRAPH 2014 computer graphics conference, but things got delayed. Nevertheless, today Pixar is releasing the free version into the wild. Free, non-commercial RenderMan can be used for research, education, evaluation, plug-in development, and any personal projects that do not generate commercial profits. This version is fully featured, without a watermark or any kind of artificial limits. Featuring Pixar's new RIS technology, RenderMan delivers extremely fast global illumination and interactive shading and lighting for artists. The software is available for Mac, Linux, and Windows. In conjunction with the release, Pixar has also launched a new RenderMan Community site where users can exchange knowledge and resources, showcase their own work, share assets such as shaders and scripts, and learn about RenderMan from tutorials.
OS X

For Boot Camp Users, New Macs Require Windows 8 Or Newer 209

Posted by timothy
from the you-can't-quite-you're-fired dept.
For anyone using Windows 7 by way of Apple's Boot Camp utility, beware: support for Windows via Boot Camp remains, but for the newest Apple laptops, it's only for Windows 8 for now. From Slashgear: This applies to the 2015 MacBook Air, and the 13-inch model of the 2015 MacBook Pro. Windows 8 will remain compatible, as will the forthcoming Windows 10. The 2013 Mac Pro also dropped Boot Camp support for Windows 7, while 2014 iMacs are still compatible, along with 2014 MacBook Airs and 2014 MacBook Pros. For those who still prefer to run Windows 7 on their Macs, there are other options. This change to Boot Camp will not affect using the Microsoft operating system through virtualization software, such as Parallels and VMware Fusion. Also at PC Mag.
Bug

OS X Users: 13 Characters of Assyrian Can Crash Your Chrome Tab 119

Posted by timothy
from the cat-like-typing-detected dept.
abhishekmdb writes No browsers are safe, as proved yesterday at Pwn2Own, but crashing one of them with just one line of special code is slightly different. A developer has discovered a hack in Google Chrome which can crash the Chrome tab on a Mac PC. The code is a 13-character special string which appears to be written in Assyrian script. Matt C has reported the bug to Google, who have marked the report as duplicate. This means that Google are aware of the problem and are reportedly working on it.
Classic Games (Games)

"Descent" Goes For a Crowdfunding Reboot (and a Linux Version) 149

Posted by timothy
from the it-can-only-go-down-from-here dept.
New submitter boll writes A bunch of Star Citizen alumns have taken it upon themselves to resurrect the hit game franchise Descent, backed by a Kickstarter campaign. If you are a semi-oldtimer on the PC gaming scene, you may fondly remember how the original Descent was among the first to provide 6 genuine degrees of freedom during intense late night LAN gaming sessions." Reader elfindreams adds: It will be released as a PC/Mac/Linux game and will include a single player campaign and multiplayer with up to 64 combatants on a map! They are working with a number of members of the current D1/D2 community to make sure the flight/gameplay feels "old school" and they are updating the technology and game to a new generation.
Portables

Ask Slashdot: Choosing a Laptop To Support Physics Research? 385

Posted by timothy
from the budget-for-replacement-too dept.
An anonymous reader writes My daughter is in her third year of college as a physics major. She has an internship in Europe this summer, will graduate next year, and continue with graduate physics studies. Her area of research interest is in gravitational waves and particle physics. She currently has a laptop running Win7 and wants to buy a new laptop. She would like to use Linux on it, and plans to use it for C++ programming, data analysis and simulations (along with the usual email, surfing, music, pictures, etc). For all of the physics-savvy Slashdotters out there: what should she get? PC? Mac? What do you recommend for running Linux? For a C++ development environment? What laptop do you use and how is it configured to support your physics-related activities?
Security

Ex-NSA Researcher Claims That DLL-Style Attacks Work Just Fine On OS X 93

Posted by timothy
from the it's-a-feature dept.
An anonymous reader writes Ex-NSA and NASA researcher Patrick Wardle claims to have developed a reliable technique of Shared Library replacement which renders Apple's OSX operating system just as vulnerable to exploitation as Windows has been (via its 'DLL' shared libraries) for years. Speaking at CanSecWest, Wardle explained that Apple's refusal to encrypt software downloads via its App Store allows an attacker on the same network to inject a malicious 'dylib' (shared library) without altering the hash of the legitimate-but-vulnerable software, thereby leaving the Developer ID signature intact. Wardle ran a crafted Python script on a typical Mac and discovered 150 dylib-dependent applications, including Apple's own Xcode developer environment — revealed last week by Edward Snowden to be a priority target for the NSA due to its ability to propagate compromised software.
Desktops (Apple)

Classic Mac Icons Archive Bought By MOMA 61

Posted by timothy
from the I-already-thought-of-them-that-way dept.
mikejuk writes Susan Kare is the artist responsible for many of the classic Mac icons that are universally recognized. Now her impact as a pioneering and influential computer iconographer has been recognized by the Museum of Modern Art in New York. She designed all of her early icons on graph paper, with one square representing each pixel. Now this archive of sketches has been acquired by MoMA, jointly with San Francisco's Museum of Modern Art, and has gone on show as part of a new exhibition, This is for Everyone: Design Experiments For The Common Good. So now you can think of the smiling Mac, the pointing finger and scissors as high art.
Open Source

Ask Slashdot: Which Classic OOP Compiled Language: Objective-C Or C++? 407

Posted by Soulskill
from the not-as-classic-as-COBOL dept.
Qbertino writes: I've been trying to pick up a classic, object-oriented, compiled language since the early 90s, but have never gotten around to it. C++ was always on my radar, but I'm a little torn to-and-fro with Objective-C. Objective-C is the obvious choice if you also want to make money developing for Mac OS X, but for the stuff I want to do, both languages would suffice on all platforms. I do want to start out on x86 Linux, though, and also use it as my main development platform. Yes, I know quite a few other languages, but I want to get into a widespread compiled language that has good ties into FOSS. Both Objective-C and C++ fit that bill. What do you recommend? How do these two programming languages compare with each other, and how easy is cross-platform development in either? (Primarily GUI-free, "headless" applications.)
Media

VLC Gets First Major Cross-Platform Release 85

Posted by Soulskill
from the now-available-on-palm-pilots-and-apple-newtons dept.
An anonymous reader writes VideoLAN today launched what is arguably the biggest release of VLC to date: an update for the desktop coordinated with new versions across all major mobile platforms. The world's most-used media player just got a massive cross-platform push. The organization says the releases are the result of more than a year of volunteer work on the VLC engine and the libVLC library. As a result, VLC has gained numerous new features, has seen more than 1,000 bugs fixed, and has significantly increased its scope of supported formats.
Firefox

Firefox 36 Arrives With Full HTTP/2 Support, New Design For Android Tablets 147

Posted by Soulskill
from the onward-and-upward dept.
An anonymous reader writes: Mozilla today launched Firefox 36 for Windows, Mac, Linux, and Android. Additions to the browser include some security improvements, better HTML 5 support, and a new tablet user interface on Android. The biggest news for the browser is undoubtedly HTTP/2 support, the roadmap for which Mozilla outlined just last week. Mozilla plans to keep various draft levels of HTTP/2, already in Firefox, for a few versions. These will be removed "sometime in the near future." The full changelog is here.
Cellphones

Apple Will Let Users Test iOS Beta Versions For the First Time 54

Posted by timothy
from the go-ahead-take-a-bite dept.
9to5 Mac reports that In an effort to eliminate bugs from upcoming iOS versions ahead of their general releases, Apple plans to launch the first-ever public beta program for the iOS operating system, according to multiple people briefed on the plans. Following the successful launch of the OS X Public Beta program with OS X Yosemite last year, Apple intends to release the upcoming iOS 8.3 as a public beta via the company’s existing AppleSeed program in mid-March, according to the sources. The article goes on to say Like the early iOS 8 developers builds, the public betas will include a dedicated app that allows users to report bugs to Apple. The main goal of the iOS beta program will be a more reliable and widely tested operating system by the time of the wider consumer launch, as Apple has come under fire for lack of quality control in iOS 8. Launching public beta versions of iOS will also reduce the demand for unauthorized sales of beta downloads from developer accounts, which enabled some consumers to test-drive future iOS features.
Programming

JavaScript, PHP Top Most Popular Languages, With Apple's Swift Rising Fast 192

Posted by samzenpus
from the king-of-the-hill dept.
Nerval's Lobster writes Developers assume that Swift, Apple's newish programming language for iOS and Mac OS X apps, will become extremely popular over the next few years. According to new data from RedMonk, a tech-industry analyst firm, Swift could reach that apex of popularity sooner rather than later. While the usual stalwarts—including JavaScript, Java, PHP, Python, C#, C++, and Ruby—top RedMonk's list of the most-used languages, Swift has, well, swiftly ascended 46 spots in the six months since the firm's last update, from 68th to 22nd. RedMonk pulls data from GitHub and Stack Overflow to create its rankings, due to those sites' respective sizes and the public nature of their data. While its top-ranked languages don't trade positions much between reports, there's a fair amount of churn at the lower end of the rankings. Among those "smaller" languages, R has enjoyed stable popularity over the past six months, Rust and Julia continue to climb, and Go has exploded upwards—although CoffeeScript, often cited as a language to watch, has seen its support crumble a bit.
Open Source

Microsoft Open Sources CoreCLR, the .NET Execution Engine 253

Posted by Soulskill
from the following-through dept.
An anonymous reader writes: As part of Microsoft's continuing project to open source the .NET framework, the company has announced that CoreCLR, the execution engine for .NET Core, is now available on GitHub. CoreCLR handles things like garbage collection, compilation to machine code, and IL byte code loading. The .NET team said, "We have released the complete and up-to-date CoreCLR implementation, which includes RyuJIT, the .NET GC, native interop and many other .NET runtime components. ... We will be adding Linux and Mac implementations of platform-specific components over the next few months. We already have some Linux-specific code in .NET Core, but we're really just getting started on our ports. We wanted to open up the code first, so that we could all enjoy the cross-platform journey from the outset."
Open Source

Inkscape Version 0.91 Released 134

Posted by Soulskill
from the onward-and-upward dept.
Bryce writes: Four years since the last major Inkscape release, now news is out about version 0.91 of this powerful vector drawing and painting tool. The main reason for the multi-year delay is that they've switched from their old custom rendering engine to using Cairo now, improving their support for open source standards. This release also adds symbol libraries and support for Visio stencils, cross platform WMF and EMF import and export, a native Windows 64-bit build, scads of bug fixes, and much more. Check out the full release notes for more information about what has changed, or just jump right to downloading your package for Windows, Linux, or Mac OS X.