James Kettle, Alain Tiemblo, Christophe Coevoet and Fabien Potencier
discovered that twig, a templating engine for PHP, did not correctly
process its input. End users allowed to submit twig templates could
use specially crafted code to trigger remote code execution, even in
This hit the news yesterday.
Microsoft released Windows 10 four weeks ago today, and now the company is providing a fresh update on its upgrade figures. 14 million machines had been upgraded to Windows 10 within 24 hours of the operating system release last month, and that figure has now risen to more than 75 million in just four weeks.
As somebody who uses Windows every day, and who upgraded to Windows 10 a few weeks before it was released, let me make a statement about all the positive Windows 10 reviews that not everyone is going to like. There are only two reasons Windows 10 is getting positive reviews. First, because it's free. This one's a given. Second, and more importantly: Windows 10 is getting positive reviews because none of the reviewers have forced themselves to use nothing but Metro applications.
Here's the cold and harsh truth as I see it: despite all the promises, Metro applications are still complete and utter garbage. Let me explain why.
Read more on this exclusive OSNews article...
While Google remains committed to industry-wide adoption of HTTPS, there isn't always full compliance on third party ad networks and custom creative code served via our systems. To ensure ads continue to serve on iOS9 devices for developers transitioning to HTTPS, the recommended short term fix is to add an exception that allows HTTP requests to succeed and non-secure content to load successfully.
Confirmed: Google wants me to switch to iOS.
Jordan Hubbard spoke recently at the Bay Area FreeBSD Users Group to discuss NextBSD, a "spork" of FreeBSD. He "covers why mach ports are extremely useful in some cases and no UNIX IPC primitive is an adequate substitute." There's a video of the BAFUG talk and copies of the original slide deck that goes into some detail about NextBSD.
This year's Galaxy Note 5 is an outstanding device - combining power with grace, and utility with handsome looks - but it also has a pretty major design flaw. The phone's stylus can be inserted into its silo in both orientations, which is a change from previous S Pen designs, and one of those orientations can result in permanent damage to the Note's functionality. If you are unfortunate enough to slide your S Pen in the wrong way, you'll have a hard time unjamming it from the slot (though eventually you should be able to pry it away), but more importantly, you might disable the Note's stylus detection feature. It's a big problem that can result from a very small mistake. Samsung has now issued a response, and well, the answer is that you should read and adhere to the manual.
Grab the pitchforks everyone, we got ourselves 'nother -gate!
I can't believe they shipped this thing with this design flaw, especially since it's so easy to fix: just make the 'wrong' end of the stylus a little bit wider so you can't stick it in the wrong way et voilà, problem fixed.
Samsung's response is silly. They should've said "we're replacing all Note 5 styluses with a newer model that can't be inserted the wrong way around, and all damaged devices will be replaced free of charge".
Today the Contiki team announced the release of Contiki 3.0, the latest version of the open source IoT operating system! The 3.0 release is a huge step up from the 2.x branch and brings support for new and exciting hardware, a set of new network protocols, a bunch of improvements in the low-power mesh networking protocols, along with a large number of general stability improvements.
This release of Plasma brings many nice touches for our users such as much improved high DPI support, KRunner auto-completion and many new beautiful Breeze icons. It also lays the ground for the future with a tech preview of Wayland session available. We're shipping a few new components such as an Audio Volume Plasma Widget, monitor calibration tool and the User Manager tool comes out beta.
There's a video too.
Over the last few days I've been testing an experimental content blocker called Crystal, which promises to speed up browsing on iOS. I've been particularly impressed by the results and taken aback by how much removing trackers, ads and other scripts makes a difference over a cellular connection.
The content blocker is a major selling point for iOS, in my opinion. On Android, this will always be a hack - third party tools, root, that sort of thing - and never properly integrated into the operating system, even though it should be.
Good move by Apple, and together with a lack of a decent Android headset out right now, it's pushing me towards an iPhone when my contract renewal is up in October.
The level of Windows 10 paranoia reached new heights this week when reports suggested that Microsoft would wipe torrents and pirated software from people's hard drives. Nonsense, of course, but all the recent privacy concerns were enough to have the operating system banned from several torrent trackers.
Another creepy story here. Windows 10's privacy is turning into a headache for Microsoft. It won't be long now until prime time and daytime news shows start picking this stuff up, and blow it out of proportion - deserved or no.
Ever since I wrote on Thursday about the Ashley Madison hack and resulting reactions and consequences, I've heard from dozens of people who used the site. They offer a remarkably wide range of reasons for having done so. I'm posting below one email I received that I find particularly illuminating, which I very lightly edited to correct a few obvious typographical errors.
It gets even worse than this email. There are gay men and women in countries where being gay is punishable by death, who were using this site to meet other gay men and women, in secret. This hack will out them, possibly leading to their death.
This hack and spreading of private information is just as bad as any other, similar hacks. Despicable as it is, cheating is not a crime, and even if it were, do we really want to live in a world with mob justice? And yes, the parent company in this particular case isn't exactly of clear conscience, but that's no reason to throw its users under the bus - or have them murdered by barbaric, mediaeval governments.
I know a lot of people like the world to be black and white, because it's simple, easy to understand, and doesn't strain the brain. Sadly for them, that's not how the world works.
What went unannounced was that most of the original team that built Now had departed, many of them just before I/O, according to multiple sources. Some had grown frustrated that the product, born within Android, was shuttered into search inside of Google, they said. And Sundar Pichai, Google's SVP and incoming CEO, did not prioritize the product as much as Page.
The exits reveal the hiccups Google has incubating new products that reach across multiple units of the tech giant. They also expose some key traits of Pichai's leadership style - and some of the many hurdles he has ahead as he marshals Googleâs core business.
I didn't believe it would be possible at first, but after spending the better part of a week on Chrome 46 I'm blown away. Memory consumption seems to have halved, groggy slow tabs are snappier than ever and my battery life isn't shamefully bad anymore - also, my laptop's fans aren't constantly blowing.
It's going to take a lot of convincing to get me to switch from Safari back to Chrome on my MacBook Pro.
For those who haven't kept up with bcache, the bcache codebase has been evolving/metastasizing into a full blown, general purpose posix filesystem - a modern COW filesystem with checksumming, compression, multiple devices, caching, and eventually snapshots and all kinds of other nifty features.
I'll admit I had to do a bit of reading to educate myself on what bcache actually is. Fascinating to see that it has evolved into a full-blown file system.
Twenty years ago, on August 21, 1995, Nintendo released the Virtual Boy in North America. The stilt-legged tabletop gaming console, which offered a unique red stereoscopic 3D display, attempted to ride a wave of popular interest in virtual reality. It was a risky, innovative gamble for Nintendo that didn't pay off, leaving many to wonder why it existed in the first place.
I vaguely recall the magazine talk of this thing (I was 9 at the time), but I never actually got to see one, let alone play one.
Today we are announcing some major upcoming changes to Firefox add-ons. Our add-on ecosystem has evolved through incremental, organic growth over the years, but there are some modernizations to Firefox that require some foundational changes to support.
Extensions play a central role in Firefox' appeal, so they have to be very careful with how they implement these changes.
I spent a lot of time as a kid playing (generally, pretty terrible) games on my Game Boy. Having never written code for anything other than 'regular' general purpose computers before, I've been wondering recently: how easy is it to write a Game Boy (Advance) game?
Martin Wimpress has announced the availability of a new set of testing images for version 15.10 Beta 1 of the various Ubuntu community distributions. These new beta images provide previews of new technologies present in the community distributions and offer users a way to test the software and....
Pat Riehecky has announced the release of Scientific Linux 6.7, the latest update of the distribution's legacy branch, built from source package for the recently-released Red Hat Enterprise Linux (RHEL) 6.7: "Scientific Linux 6.7 i386/x86_64. Existing 6x systems should run 'yum clean expire-cache'. Major differences from Scientific Linux....
Barry Kauler has announced the release of a new, special edition of Quirky Linux. The new release, Quirky Linux 7.1 "Appril", is designed with Android app developers in mind. "This is the latest release of Quirky Linux. The Appril series, that started at version 7.0, is built entirely....