Category: Software

Developers spend kickstarter funds on strippers and booze

shutterstock_275329850A game project had to be cancelled after the developers spent all the kickstarter money on strippers and booze – they apparently wasted the rest.

According to PC Worldlead programmer Eric Tereshinski resigned from the Ant Simulator  project after finding out his business partners “were secretly stealing company money”.

More specifically, “They had secretly spent the overwhelming majority of both our Kickstarter money and the Ant Simulator investment money on liquor, restaurants, bars, and… strippers,” says Tereshinski.

“My ex-business partners directly said to me, ‘If you release Ant Simulator without us, I will sue you.’ Resigning and cancelling Ant Simulator is really the only option available to me right now.”

Tereshinski signed an LLC with two of his long-time friends.  He said: “They went over the contract line by line with me and I reviewed the whole thing twice. I just didn’t realize they had protected themselves, screwed me (like the fact that they listed themselves as consultants, so they aren’t legally obligated to work on anything, but still have the rights to spend money etc.), and I had no idea what their plan was until it was too late.”

Tereshinski could  sue but the most likely outcome is “that things end up more or less the same as they are now” with only the lawyers richer. So he’s walking away.

Backers can apparently expect an email about refunds soon.

Apple wrestles with Safari crashing feature

Alex Scheffler's Flip Flap SafariThe software genii at the fruity cargo Apple are in hot water after it turns out the browser they came up with crashes easier than a drunken emu.

The Tame Apple Press has done its best to put a lid on the whole matter, but the problem is a little difficult to hide. The problem is worldwide and means that searching from the address bar in both iOS and OS X is causing the browser to crash.

Even the Verge which spun yesterday’s terrible results for Apple ans “the best ever” has confirmed the problem on one of the many iOS devices and OS X machines it has in the office.

The problems are related to a feature on Safari which tells you what you should be looking at as you start typing.  You can fix the problem by disabling this feature but it does mean that you will not have the benefit of having Apple to tell you what to do. This will mean that countless fanboys will be in the difficult position of having to think, rather than think different.

The Verge claims that not everyone is affected, but actually everyone is. It is just that they might have the search suggestions cached locally or they can reach Apple’s servers thanks to their DNS cache. TApple is not saying anything of course.  But it is just the latest in a number of embarrassing programming errors on some of its products.

A couple of months ago Mac users were forced to reinstall software from the App Store following a security glitch. An expired security certificate used by Apple to verify apps forced a number of Mac users to reinstall certain pieces of software after the company attempted to move from the older SHA-1 standard, to the newer, more secure, SHA-2. Some apps in the App Store did not support the SHA-2 standard, resulting in the forced reinstall.

Microsoft will not support Skylake in Windows 7 and 8

Windows 10Software Giant Microsoft has come up with a cunning plan to get those people who want to run Intel’s Skylake to upgrade to Windows 10.  It says that it is only supporting the new CPU for another 18 months.

Vole has announced that it will cease official support for devices running Intel’s 6th generation Skylake on Windows versions from 7, all the way to 8.1. It all seems to us to be part of a cunning plan to get users to upgrade to Windows 10.

Chipzilla probably does not mind because if they upgrade they are more likely to buy Intel chips, although if they have just splashed out on Skylake chips they are not going to want a new one for a while

Microsoft’s Terry Myerson said said that Windows 7 was designed nearly 10 years ago before any x86/x64 SOCs existed.

“For Windows 7 to run on any modern silicon, device drivers and firmware need to emulate Windows 7’s expectations for interrupt processing, bus support, and power states- which is challenging for WiFi, graphics, security, and more,” he claimed.

“As partners make customizations to legacy device drivers, services, and firmware settings, customers are likely to see regressions with Windows 7 ongoing servicing.”

Myerson said that Windows 10 works rather well with Skylake chips, though it’s mostly geared towards mobile and laptops, flaunting battery life savings and graphical performance increases.

To be fair the chances of someone running an Intel Skylake chip and using Windows 7,8, or 8.1 are slim but it is possible that corporate PCs/notebooks are only supported on Windows 7 because that is what the company runs.

Microsoft said it will publish a list of devices running Skylake and Windows 7/8/8.1 that will be exempted from this rule and will instead remain supported through July 2017.

What we do not really understand is why Microsoft is so obessed with getting people to upgrade. With its nagware and other strategies it is really hacking people off and does not seem to care.

Open sauce has zero-day bugs too

maxresdefaultA zero-day vulnerability in the FFmpeg open-source multimedia framework, which is used by shedloads of Linux kernel-based operating systems and software applications and Mac OS X and Windows platforms has been spotted.

The vulnerability was discovered on January 12, 2016, by Russian programmer Maxim Andreev. Anyone who has the necessary skills to hack a computer to read local files on a remote machine and send them over the network using a specially crafted video file.

The hole is limited to reading local files and sending them over the network, not to remote code execution, but it’s rather embarrassing. The FFmpeg developers are aware of the issue, and they are trying to patch it. If you are worried about it you can disable HLS (HTTP Live Streaming) while building the package while the sort out a fix. The FFmpeg team are expected to release a patch or a new version of the software later today.

The attack does not even require the user to open the dodgy file. KDE Dolphin thumbnail generation is enough to start the hack. Desktop search indexers, ffprobe or any operations that involve ffmpeg reading are affected.

Graphene could create a computer brain

mybrainhurtsFlakes of graphene might be the the key to building computer chips that can processes information similar to human brain does – not your brain of course, or mine, but a better class of brain .

The technology is centred on neuromorphic chips which are made up of networks of transistors that interact the way human neurons do. This means that they can process analog input, such as visual information, quicker and more accurately than traditional chips.

Bhavin Shastri, a postdoctoral fellow in electrical engineering at Princeton University said that one way of building such transistors is to construct them of lasers that rely on an encoding approach called “spiking.”

Depending on the input, the laser can provide a brief spike in its output of photons or not respond at all. Instead of using the on or off state of the transistor to represent the 1s and 0s of digital data, these neural transistors rely on the time intervals between spikes.

Shastri said: “We’re essentially using time as a way of encoding information. Computation is based on the spatial and temporal positions of the pulses. This is sort of the fundamental way neurons communicate with other neurons.”

Shastris work with Lawrence Chen, a professor of electrical and computer engineering at McGill University, is trying to get the laser to spike at picosecond time scales which are one trillionth of a second.

They managed to do this by putting a tiny piece of graphene inside a semiconductor laser. The graphene acts as a “saturable absorber,” soaking up photons and then emitting them in a quick burst.

Graphene is a good saturable absorber because it can take up and release a lot of photons extremely fast, and it works at any wavelength.It also stands up very well to all the energy produced inside a laser.


Microsoft ends support for Windows 8

1942584Software King of the World Microsoft is ending mainstream support for its Windows 8 operating system.

Vole killed off support for Windows 7 at this time last year and now Windows 8’s security updates will be coming to an end on the 12th of January, 2016.

This might seem a little strange as Windows 8 was only released in 2012, and Vole normally gives you a decade of support before killing it off.  But this is more to do with the fact that Windows 8.1 is such a different beastie from Windows 8 that Microsoft is seeing them as different operating systems.

Given that Windows 8 was pretty pants, most users will have given up on it and upgraded anyway. Those who have not will not get support. If users upgrade to Windows 8.1 or even Windows 10, that support will be extended to 2023.

In addition to ending security updates for Windows 8, just last week Microsoft also announced that they will be ending support for older builds of Internet Explorer, namely versions 8, 9, and 10 which all come to an end also on the 12 January.

Apple buys more intelligence

mybrainhurtsDesperate to find a way out of its ever shrinking share price and desert of ideas, the fruity cargo cult Apple has decided to buy some intelligence.

Apple has bought Emotient which is an artificial intelligence startup that reads people’s emotions by analysing facial expressions.

The tech giant’s plans for Emotient were not immediately clear and Apple is not talking about it other than to say that the deal is going ahead.

Emotient’s software reads the expressions of individuals and crowds to gain insights that can be used by advertisers to assess viewer reaction or a medical practitioner to better understand signs of pain in patients.

The software could be used for anything Applish but it might be part of Jobs’ Mob’s move into the health market. Equally though it could be used by a device to assess a response to a pushed advertisement.

San Diego-based Emotient had previously raised $8 million from investors including Intel Capital.
There are hints that the move might be to counter something that Tesla Motors Chief Executive Elon Musk did late last year by announced $1 billion in funding for an artificial intelligence non-profit called OpenAI. If that sexy technology goes OpenSource then Apple will have to make more open source projects, and we can’t have that.

Drupal floored by poor update security

drupal-panicWeb content management studio Drupal is flawed by several bugs in its update process which could allow hackers to take over the sites the CMS creates.

Drupal is not as popular as WordPress but is used by some fairly serious content businesses. Now IOActive’s Fernando Arnaboldi has warned that there are three major flaws in Drupal’s update process that may allow attackers to poison Drupal installations via update packages.

In the worst cases, even servers can be taken over.

Drupal can be updated from its backend administration panel, just by pressing a button. The CMS is also fitted with an automatic update checker, for both its core and its modules. This lets admins know when a new version is out and allows them to quickly apply the update package and move on to other more important things.

The first problem is with failed update queries. Because of various connectivity issues, Drupal sites may sometimes fail when checking for an update. When this happens, the CMS prints the “All your projects are up to date” message, instead of clearly stating that the update has failed to complete.

Attackers could flood local networks with traffic when an update process is taking place, forcing the CMS to print an erroneous update status in the backend.

The Drupal admin might think their site is up to date when in reality it remains vulnerable for tens of dangerous bugs, which can quickly add up when not keeping the CMS properly updated.

Arnaboldi said that the second issue has to do with the “Check manually” button included on the Drupal update page. This button allows the site’s administrators to check for new updates on command, and later apply the update. This  button is vulnerable to CSRF (Cross-Site Request Forgery) attacks.

“Administrators may unwillingly be forcing their servers to request unlimited amounts of information from to consume network bandwidth,” he wrote.

The third flaw is more critical and has to do with the fact that Drupal’s update process is unencrypted. By sending everything in cleartext, an attacker present on the local network in the form of an infected computer can sniff out traffic between the Drupal CMS and the servers, and detect when an update process is started.

The hacker can launch a simple MitM (Man-in-the-Middle) attack, spoof communications, and send malicious update packages to the CMS instead.   Arnaboldi used the third flaw to backdoor a Drupal update on a test website. He packaged a reverse PHP shell that gave him access to the Web server running the CMS, and later extracted the MySQL database’s username and password (image below).

What is weird is that Drupal had known of this issue since 2012, but only recently reopened discussions on fixing the problem, after Arnaboldi made the announcement.  It still does not have a fix but is apparently working on it.

Microsoft goes Game of Thrones on Internet Explorer

Ned's_executionSoftware giant Microsoft has gone all Game of Thrones on its Internet Explorer range killing off most of the cast that we know and love.

Internet Explorer 8, 9 and 10 have been killed off in a single episode, although it is unlikely that even Microsoft fans will mourn their loss.

The browsers are reaching ‘end of life’ on Tuesday, meaning they’re no longer supported by Microsoft.

A patch, which goes live on January 12, will tell Internet Explorer users on to upgrade to something a little more modern. The KB3123303 patch adds the nag box, which will appear for Windows 7 and Server 2008 R2 users still using the old browsers after installing the update.

This means that developers will not need to target older browsers or care that CSS does not work in them.

It is thought that most businesses will just upgrade to Internet Explorer 11 which is the last version of Microsoft’s old browser that’s left supported. Vole wants people to move to Edge on Windows 10. This is something which will not happen until Edge supports important things like ad-bloc plus and other add-ons.


Windows 10 times your use

SalvadorDali-The-Persistence-of-Memory-1931Software king of the world Microsoft appears to have taken an interest in how much time you are using its Windows 10 operating system.

With its latest Threshold 2 Update Microsoft is also monitoring how long people are using the operating system and sending the data to Redmond.

It is a strange thing to want to do, but it seems that Vole can use the information for marketing. It can safely say that more than 11 billion hours were logged in December. But it could also be a way for a future Microsoft to set up a licence fee for higher and lower users.

The difficulty is getting Vole to admit that it has even started collecting the data. Microsoft spokespeople are getting rather cagey about references to the data it collects.

SpokesVoles are referring people to a bog which does not really answer anyone’s concerns.
It is also surprisingly silly of Microsoft. One of the problems people are having adopting the Operating System is the amount of data that it is collecting on users. It is only a matter of time before that attracts the attention of Euro watchdogs.

The real question is what Microsoft’s long term plan is for Windows? It is starting to look like the free Windows is a research gathering exercise for a bigger cunning plan.  This would explain why Microsoft is doing its best to encourage users to upgrade even to the point of spreading FUD about its own products.