Hugo Pereira
Shared posts
Cybercriminals Who Breached Nvidia Issue One of the Most Unusual Demands Ever
Read more of this story at Slashdot.
How the Covid Pandemic Almost Didn't Happen
Read more of this story at Slashdot.
Norman Abramson, Pioneer Behind Wireless Networks, Dies At 88
Read more of this story at Slashdot.
Amateur Astronomer Alberto Caballero Finds Possible Source of Wow! Signal
Read more of this story at Slashdot.
[Updated with response from Apple] Macs are a privacy nightmare
Update: Overnight, Apple PR sent out an e-mail about this issue to multiple websites and blogs, including me, for some reason. The company has updated its knowledge base article about “safely opening apps” on the Mac with new information, including a number of promises to fix this issue in the near future:
These security checks have never included the user’s Apple ID or the identity of their device. To further protect privacy, we have stopped logging IP addresses associated with Developer ID certificate checks, and we will ensure that any collected IP addresses are removed from logs.
In addition, over the the next year we will introduce several changes to our security checks:
• A new encrypted protocol for Developer ID certificate revocation checks
• Strong protections against server failure
• A new preference for users to opt out of these security protections
These are good promised changes, especially the first and third one. Turning off the security checks is the most welcome change, but it remains to be seen if this cripples the user experience in some other way.
It’s also interesting to note that I’ve been inundated by random people claiming there was no issue here at all, yet it seems Apple sure does disagree with that. A response like this over the weekend, emailed to not only the usual Apple news outlets, but also insignificant ones like OSNews seems highly unusual for something that, according to a lot of random people, isn’t an issue at all.
Original story: Almost nine years ago, I wrote an article titled “Richard Stallman was right all along“, still one of the most popular, if not the most popular, articles ever posted on OSNews.
That’s the very core of the Free Software Foundation’s and Stallman’s beliefs: that proprietary software takes control away from the user, which can lead to disastrous consequences, especially now that we rely on computers for virtually everything we do. The fact that Stallman foresaw this almost three decades ago is remarkable, and vindicates his activism. It justifies 30 years of Free Software Foundation.
And, in 2012, we’re probably going to need Free and open source software more than ever before. At the Chaos Computer Congress in Berlin late last year, Cory Doctorow held a presentation titled “The Coming War on General Purpose Computation“. In it, Doctorow warns that the general purpose computer, and more specifically, user control over general purpose computers, is perceived as a threat to the establishment. The copyright wars? Nothing but a prelude to the real war.
Yesterday, every Mac user got a taste of what happens when you don’t actually own the computers you pay a lot of money for. Because Apple wants to control everything you do with the computer you rent from them, and because Apple wants to know everything you do while using the computer you rent from them, a random server somewhere going down meant Mac users couldn’t open their applications anymore.
Why? Because applications on macOS will only open if Apple allows them to be opened, and that means macOS phones home every time you do anything on Apple’s Mac that you rented. This has some serious privacy implications, as Jeffrey Paul notes:
This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.
It gets worse. The data that’s being sent as part of this phone home procedure is sent unencrypted, passes through third parties like Akamai, and since Apple is part of the US intelligence program PRISM, the US government has unfettered access to without the need for warrants.
I’ve been warning about the consequences of handing over control of our software and computers to corporations and governments for well over a decade now here on OSNews, and every year, we seem to slide a little farther down the slippery slope, and every time, people wave it away. Yet yesterday, Mac users all over the world were confronted with the reality of being an Apple user today.
Macs are not yours. They are controlled, owned, and operated by Apple, and are an absolute privacy and security nightmare. Exactly as the Free and open source software movement has been warning about for 40 years now.
Ubuntu fixes bugs that standard users could use to become root
Ubuntu developers have fixed a series of vulnerabilities that made it easy for standard users to gain coveted root privileges.
“This blog post is about an astonishingly straightforward way to escalate privileges on Ubuntu,” Kevin Backhouse, a researcher at GitHub, wrote in a post published on Tuesday. “With a few simple commands in the terminal, and a few mouse clicks, a standard user can create an administrator account for themselves.”
The first series of commands triggered a denial-of-service bug in a daemon called accountsservice, which as its name suggests is used to manage user accounts on the computer. To do this, Backhouse created a Symlink that linked a file named .pam_environment to /dev/zero, changed the regional language setting, and sent accountsservice a SIGSTOP. With the help of a few extra commands, Backhouse was able to set a timer that gave him just enough time to log out of the account before accountsservice crashed.
What Would We Experience If Earth Spontaneously Turned Into A Black Hole?
Read more of this story at Slashdot.
NASA reaches out and touches an asteroid 320 million kilometers away
OSIRIS-REx collects samples from asteroid Bennu.
NASA scientists confirmed Wednesday that the OSIRIS-REx spacecraft successfully made contact with an asteroid a day earlier, touching the surface for six seconds and collecting dust and pebbles from its surface.
The spacecraft's performance at the asteroid Bennu, which is only about as wide as the Empire State Building is tall, was remarkable. Because the asteroid is so small, its gravity is negligible, which complicates orbital maneuvering by the spacecraft around what is, essentially, a rubble pile.
Despite these challenges, at a distance of 320 million kilometers on Tuesday, NASA engineers and scientists programmed a spacecraft to autonomously touch down within a single meter of its target area.
Scientists Discover a New Organ In the Throat
Read more of this story at Slashdot.
A consequence of being the first to adopt a standard is that you may end up being the only one to adopt it: The sad story of Korean jamo
If you ask Windows to break the Korean string U+1100 U+1161 into graphemes, it will get broken up into two characters. U+1100 is HANGUL CHOSEONG KIYEOK (ᄀ) and U+1161 is HANGUL JUNGSEONG A (ᅡ).
Korean is written in the Hangul alphabet, and characters are composed of units known as jamo. In the above example, the two jamo combine to form the single syllable 가.
If the two code points combine to form a single character, why are they treated as separate graphemes? ICU treats them as a single grapheme. iOS treats them as a single grapheme. Android treats them as a single grapheme. Everybody treats them as a single grapheme, except Windows. Why does Windows do things wrong?
This is another case where Windows adopted a standard before anybody else and ended up suffering from the first-mover curse. In this case, Windows is following the Korean standard KS X 1026 and treating the characters as separate. (Indeed, the case of U+1100 U+1161 is the example used in the specification.) So the question isn’t why Windows is doing things wrong. The question is why everybody else is doing things wrong.
Everybody else does things wrong because everybody else ignores the standard. But if you’re the only one doing things right, then you end up looking wrong.
In practice, therefore, there are two competing standards. You have the de jure standard, which says that the characters are separate, and the de facto standard, which says that the characters form a single grapheme.
If you are interoperating with other systems, you would be best served by following the conventions that those other systems follow when communicating with them. In practice, this will usually mean that you need to ignore what the Unicode and Korean standards committees recommend, and instead do “what everybody else is doing.” Since ICU is one of those “everybody else”s, you can switch to using ICU to decompose your strings.
Today is Hangul Day, a Korean national holiday commemorating the invention of the Hangul alphabet.
Bonus reading: Frequently Asked Questions about Korean and Unicode.
The post A consequence of being the first to adopt a standard is that you may end up being the only one to adopt it: The sad story of Korean jamo appeared first on The Old New Thing.
He Called it a 'Scamdemic' - Then Saw His Family Getting Sick
Read more of this story at Slashdot.
EU Parliament Votes For 60% Greenhouse Gas Emissions Cut By 2030
Read more of this story at Slashdot.