news

2019 年 9 月のセキュリティ更新プログラム (月例)

Microsoft Security Response Blog - Wed, 11/09/2019 - 01:34

2019 年 9 月 11 日 (日本時間)、マイクロソフトは以下のソフトウェアのセキュリティ更新プログラムを公開しました。

The post 2019 年 9 月のセキュリティ更新プログラム (月例) appeared first on Microsoft Security Response Center.

Categories: IT

Apple Arcade Will Be Available On September 19 For $4.99

Slashdot - Wed, 11/09/2019 - 01:20
Apple's Arcade video game subscription service is launching on September 19 for $4.99 per month for up to six members in your family. "There will be new games released every month, and will have perks like game guides and sneak peeks," reports Gizmodo. "In addition to a new Frogger, Apple also demoed new games Sayonara Wild Hearts and Shinsekai Into the Depths." From the report: Thanks to the little Apple did share ahead of its September 10 event, we knew that Arcade would launch with more than 100 different games, including a new Sonic the Hedgehog game and the revamped Frogger. Apple also said in March that Arcade wouldn't have ads or require additional purchases and that games would be available offline and playable on an iPhone, iPad, Apple TV, or Mac. And rather than releasing as a dedicated app, Arcade will release within the App Store as a new tab.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Apple Watch Series 5 Has An Always-On Display, Comes In Titanium or Ceramic Finishes

Slashdot - Wed, 11/09/2019 - 01:03
Before launching the new iPhones today, Apple announced the next-gen Apple Watch Series 5, featuring an always-on display, compass, emergency calling for international countries, and recycled aluminum or titanium finishes. It starts at $399 for the GPS model and $499 for the cellular connected version. The Verge reports: Apple says the Series 5 watch maintains the prior model's 18-hour battery life, even with the new always-on screen, thanks to a new low-temperature polysilicone and oxide display and low-power display driver. Watchfaces and workouts have been redesigned to take advantage of the new display option. The screen will be in a low-brightness mode until you move your wrist, where it will switch to full brightness in a similar fashion to how the current model turns on when your wrist is moved. In addition to the new always-on display feature, the Apple Watch Series 5 is now available in a recycled aluminum or titanium finishes. The stainless steel and ceramic options from prior models are also available. Apple says this is the widest number of finishes ever for the Apple Watch. You can order one starting today and they will be in stores starting on September 20th.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Apple unveils iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max

Eurogamer - Wed, 11/09/2019 - 00:56

Not content with offering release date and price details for its new gaming subscription service, Apple took some time during its special presentation event today to reveal what consumers might be playing those games on over the coming year. Namely, several new iPhone models - the iPhone 11, the iPhone 11 Pro, and the iPhone 11 Pro Max - plus a new 7th generation iPad.

Starting with the iPad, the newly announced version is a little larger than last year's entry-level model, weighing in at 10.2 inches rather than 9.7 inches. It supports the first-generation Apple Pencil, the Smart Keyboard case, and features Apple's (by now somewhat elderly) A10 processor. Its price starts at £349 ($329 USD), pitching it well away from Apple's flashier iPads.

Apple's latest iPhone models, meanwhile, are roughly analogous to last year's iPhone XR, XS, and XS Max triumvirate, with the iPhone 11 taking up the mantle of new default model. It features a 6.1-inch LCD display, spacial audio (with Dolby Atmos support), the new A13 Bionic processor, and claims one extra hour of battery life.

Read more

Categories: Video Games

Weakness In Intel Chips Lets Researchers Steal Encrypted SSH Keystrokes

Slashdot - Wed, 11/09/2019 - 00:25
An anonymous reader quotes a report from Ars Technica: In late 2011, Intel introduced a performance enhancement to its line of server processors that allowed network cards and other peripherals to connect directly to a CPU's last-level cache, rather than following the standard (and significantly longer) path through the server's main memory. By avoiding system memory, Intel's DDIO -- short for Data-Direct I/O -- increased input/output bandwidth and reduced latency and power consumption. Now, researchers are warning that, in certain scenarios, attackers can abuse DDIO to obtain keystrokes and possibly other types of sensitive data that flow through the memory of vulnerable servers. The most serious form of attack can take place in data centers and cloud environments that have both DDIO and remote direct memory access enabled to allow servers to exchange data. A server leased by a malicious hacker could abuse the vulnerability to attack other customers. To prove their point, the researchers devised an attack that allows a server to steal keystrokes typed into the protected SSH (or secure shell session) established between another server and an application server. "The researchers have named their attack NetCAT, short for Network Cache ATtack," the report adds. "Their research is prompting an advisory for Intel that effectively recommends turning off either DDIO or RDMA in untrusted networks." "The researchers say future attacks may be able to steal other types of data, possibly even when RDMA isn't enabled. They are also advising hardware makers do a better job of securing microarchitectural enhancements before putting them into billions of real-world servers." The researchers published their paper about NetCAT on Tuesday.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Period Tracker Apps Used By Millions Of Women Are Sharing Incredibly Sensitive Data With Facebook

Slashdot - Tue, 10/09/2019 - 23:45
Period tracker apps are sending deeply personal information about women's health and sexual practices to Facebook, new research has found. From a report: UK-based advocacy group Privacy International, sharing its findings exclusively with BuzzFeed News, discovered period-tracking apps including MIA Fem and Maya sent women's use of contraception, the timings of their monthly periods, symptoms like swelling and cramps, and more, directly to Facebook. Women use such apps for a range of purposes, from tracking their period cycles to maximizing their chances of conceiving a child. On the Google Play store, Maya, owned by India-based Plackal Tech, has more than 5 million downloads. Period Tracker MIA Fem: Ovulation Calculator, owned by Cyprus-based Mobapp Development Limited, says it has more than 2 million users around the world. They are also available on the App Store. The data sharing with Facebook happens via Facebook's Software Development Kit (SDK), which helps app developers incorporate particular features and collect user data so Facebook can show them targeted ads, among other functions. When a user puts personal information into an app, that information may also be sent by the SDK to Facebook.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Libraries and Archivists Are Scanning and Uploading Books That Are Secretly in the Public Domain

Slashdot - Tue, 10/09/2019 - 23:05
A coalition of archivists, activists, and libraries are working overtime to make it easier to identify the many books that are secretly in the public domain, digitize them, and make them freely available online to everyone. The people behind the effort are now hoping to upload these books to the Internet Archive, one of the largest digital archives on the internet. From a report: As it currently stands, all books published in the U.S. before 1924 are in the public domain, meaning they're publicly owned and can be freely used and copied. Books published in 1964 and after are still in copyright, and by law will be for 95 years from their publication date. But a copyright loophole means that up to 75 percent of books published between 1923 to 1964 are secretly in the public domain, meaning they are free to read and copy. The problem is determining which books these are, due to archaic copyright registration systems and convoluted and shifting copyright law. As such, a coalition of libraries, volunteers, and archivists have been working overtime to identify which titles are in the public domain, digitize them, then upload them to the internet. At the heart of the effort has been the New York Public Library, which recently documented why the entire process is important, but a bit of a pain.

Read more of this story at Slashdot.

Categories: Geeky Stuff

You can build your own botanical garden in Anno 1800's latest DLC expansion

Eurogamer - Tue, 10/09/2019 - 22:55

Ubisoft's acclaimed Industrial-Revolution-era city-builder Anno 1800 is rolling up its greensleeves and getting ready to turn over a new leaf, thanks to its horticulturally themed second paid DLC, Botanica, which arrives today on PC.

Botanica, as its name heavily suggest, adds a new cultural building project to the world of Anno, this time in the form of the botanical garden, drawing tourists and increasing your city's attractiveness. Rather than being a simple one-and-done buildings to slap down in the middle of a map, however, botanical gardens are sprawling, heavily customisable creations.

So that you might fashion the floral paradise of your dreams, the Botanica DLC features over 21 unique botanical modules, one glasshouse module, 11 new ornaments - including flower beds and topiaries (usable with all cultural buildings), plus a range of new plants. There's also a new Musical Pavilion featuring tracks from previous Anno games.

Read more

Categories: Video Games

Myths About USB Type-C

Slashdot - Tue, 10/09/2019 - 22:23
Julie Stultz, Technical Marketing Manager at ON Semiconductor, writes for ElectronicDesign: 1. USB Type-C and PD are complicated: With a universal connector that can plug into a power host (source) or device (sink), it seems like the negotiation of which device is powering which can be overwhelming for product designers and consumers. However, products can have more -- or less -- complexity based on the product designer's needs. For Type-C only devices, a single IC can be used to control all of the connection handshakes. For more complex features, the Power Delivery protocol (PD) can be implemented. There's a strict set of guidelines that must be followed to be USB-C PD compliant. Products receive approval from the USB-IF governing committee before they're certified. Utilizing firmware from certified IC vendors can simplify design the solution. 2. USB Type-C and PD is expensive: To detect, attach, and negotiate communication, it would seem that the transition from USB 2.0 to USB-C would become expensive. For basic USB-C functionality, a basic state-machine controller can be used. Controllers are available on the market for 3. All Type-C ports have identical functionality: Despite a common connector, the actual feature set of a USB-C port can vary significantly. Ports on travel adapters only charge devices. Ports on wearable devices typically only receive charge. Ports on dual-role devices such as laptops can still see variation in port features. Power levels for standard Type-C ports are limited to 15 W while ports that implement PD can negotiate power up to 100 W. In addition, some ports are capable of data communication up to USB SS Gen 2 speeds of 10 Gb/s. Other features may include DisplayPort or Thunderbolt support. The article debunks eight more myths.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Uber Lays Off 435 People Across Engineering and Product Teams

Slashdot - Tue, 10/09/2019 - 21:44
Uber has laid off 435 employees across its product and engineering teams, the company announced today. Combined, the layoffs represent about 8% of the organizations, with 170 people leaving the product team and 265 people leaving the engineering team. From a report: The layoffs had no effect on Eats, which is one of Uber's top-performing products, and Freight, according to a source familiar with the situation. Meanwhile, the company is lifting the hiring freeze on the product and engineering teams that has been in effect since early August, according to the source. "Our hope with these changes is to reset and improve how we work day to day -- ruthlessly prioritizing, and always holding ourselves accountable to a high bar of performance and agility," an Uber spokesperson told TechCrunch. "While certainly painful in the moment, especially for those directly affected, we believe that this will result in a much stronger technical organization, which going forward will continue to hire some of the very best talent around the world." Great timing to dump this announcement.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Now Civilization 6 has a Battle Royale mode

Eurogamer - Tue, 10/09/2019 - 21:36

Proving once again that nothing is impervious to the lure of Battle Royale, developer Firaxis' 4X strategy game Civilization 6 just launched its own take on the omnipresent mode on PC.

Known as Red Death, Civ 6's new turn-based Battle Royale mode ditches the game's usual slow-and-steady expansion in favour a desperate last-person-standing grasp for survival across a post-apocalyptic wasteland, replete with ruined cities, corrosive waters, and a ring of radiation that slowly shrinks as a match goes on. It's designed to accommodate between two and 12 players, with each able to select from a range of beneficially differing factions - including mad scientists, mutants, jocks, and pirates - in their attempts to stay alive.

There are no civilisations to guide through the ages, however, and building is entirely out too. Instead, each participant is tasked with protecting a single civilian unit on the map at all costs. If a player's unit is killed or captured, then they're out of the game - but if they're the last unit alive, they'll be whisked off into space to start a new life among the stars.

Read more

Categories: Video Games

Apple Launches iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max

Slashdot - Tue, 10/09/2019 - 21:04
Apple today unveiled the iPhone 11, iPhone 11 Pro, and iPhone 11 Pro Max, its new smartphone lineup. While the 11 is the cheaper alternative following the iPhone XR -- there are a few design changes, like a "surgical-grade stainless steel" case and matte finish, but the iPhone 11 Pro and Pro Max are more focused on cramming in as much power as possible. About the iPhone 11: Like last year's model, the iPhone 11 includes a 6.1-inch display, and the design is almost identical to last year, too, with the notch at the front for the Face ID camera. Apple is adding new color options, with purple, white, green, yellow, black, and red all available. Apple's biggest design changes are in the camera at the rear of the device. Last year's iPhone XR had a single 12-megapixel wide-angle camera, but the iPhone 11 now includes a dual-camera system with an additional 12-megapixel ultra-wide camera that supports 2x optical zoom. There's even a new immersive camera interface that lets you see outside the frame, so you can see the details of the photos you're taking with the ultra-wide camera. [...] Inside the iPhone 11 is Apple's latest A13 Bionic processor, and naturally it's the "fastest CPU in a smartphone" and also the "fastest GPU in a smartphone." Apple demonstrated the performance on stage with a game called Pascal's Wager, which is launching on the App Store next month with some pretty impressive looking mobile graphics. Other than the gaming demo, Apple didn't reveal any additional performance improvements with the A13. It starts at $699. The 5.8-inch iPhone 11 Pro and 6.5-inch iPhone 11 Pro Max: Despite the number change, the two phones look pretty similar to last year's iPhone XS and iPhone XS Max, but with one major change: a third rear camera. Apple's also upgraded the display to a new OLED panel, which goes up to an even brighter 1,200 nits, a 2 million to 1 contrast ratio, and is 15 percent more energy efficient. Apple calls it a Super Retina XDR display (similar branding to the Pro Display XDR that the company announced earlier this year). Apple also claims that the glass here is the "toughest glass in a smartphone." Just like the standard iPhone 11, the new iPhone 11 Pro models will feature Apple's A13 Bionic chip which Apple says has both the fastest CPU and GPU ever in a smartphone. Apple also touted improved machine learning performance ("the best machine learning platform in a smartphone," it says). Apple says that with all the improvements to efficiency, the 5.8-inch iPhone 11 Pro should get up to four hours better battery life than last year's XS, and the larger iPhone 11 Pro Max will get up to five hours better battery than the XS Max. The new camera system is one of the standout upgrades (quite literally, as it dominates the back of the phone in a gigantic square camera module). The new lens is a 12-megapixel ultra-wide lens with a 120-degree field of view, joining the wide-angle and telephoto cameras Apple has offered in the past. The telephoto camera also is getting an upgrade with a larger Æ'/2.0 aperture, which Apple says will capture up to 40 percent more light compared to the XS camera. And like the iPhone 11, the front-facing camera is now a 12 megapixel sensor, and can shoot both 4K and slow-motion videos. The iPhone 11 Pro will start at $999, and the iPhone 11 Pro Max will start at $1199.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Storm Area 51 Festival Canceled Because It Was a 'Possible Humanitarian Disaster'

Slashdot - Tue, 10/09/2019 - 20:30
The organizers of the Storm Area 51 festival called "AlienStock" have canceled the event in the Nevada desert, citing a "possible humanitarian disaster" associated with having people show up unprepared in an area with few amenities and little water. From a report: "Due to the lack of infrastructure, poor planning, risk management, and blatant disregard for the safety of the expected 10,000+ AlienStock attendees, we decided to pull the plug on the festival," a message on AlienStock's website reads. AlienStock was set up by the Facebook meme page "Storm Area 51," and was planned for the weekend of September 20 near Rachel, Nevada. The local town has been actively warning people on its website not to come, noting that many local residents are armed and would be willing to defend their property.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Apple Prices TV+ Video Service at $4.99 a Month, Hitting Netflix and Disney

Slashdot - Tue, 10/09/2019 - 19:50
Apple said its TV+ original video subscription service will launch Nov. 1 for $4.99 a month, undercutting the price of rival offerings. From a report: The Cupertino, California-based technology giant made the announcement at a Tuesday event focused on new versions of the iPhone. The service will be free for one year with purchases of new Apple devices, Apple Chief Executive Officer Tim Cook said on stage. The TV+ service is entering a crowded field that already includes Netflix Inc., Amazon.com Inc., Hulu and AT&T's HBO. In November, Walt Disney plans to launch a Disney+ streaming service, with a giant catalog of titles, for $6.99 a month. Netflix's entry-level subscription is $8.99 a month in the U.S. Netflix and Disney shares fell after the announcement on Tuesday, while Apple stock climbed.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Apple's gaming subscription service Apple Arcade priced, dated for September

Eurogamer - Tue, 10/09/2019 - 19:30

Apple's previously announced gaming subscription service, Apple Arcade, will arrive on 19th September, costing $4.99 USD (around £4) a month.

At launch, Apple Arcade will offer access to more than 100 titles - all playable on iPhone, iPad, Mac, and Apple TV - for a single cost. Apple says that these games will not appear on any other mobile platform or subscription service, and will be both ad-free and in-app-purchase-free,

Three games coming to Apple Arcade were demoed during today's Apple Special Event - Frogger in Toy Town, a new entry in Konami's classic arcade series, developer Simogo's psychedelic musical adventure Sayonara Wild Hearts, and a new 2.5D underwater exploration game from Capcom, titled Shinsekai: Into the Depths.

Read more

Categories: Video Games

51 Tech CEOs Send Open Letter To Congress Asking For a Federal Data Privacy Law

Slashdot - Tue, 10/09/2019 - 19:14
The chief executive officers (CEOs) of 51 tech companies have signed and sent an open letter to Congress leaders today, asking for a federal law on user data privacy to supersede the rising number of privacy laws that are cropping up at the state level. From a report: The open-letter was sent on behalf of Business Roundtable, an association made up of the CEOs of America's largest companies. The CEOs of Amazon, AT&T, Dell, IBM, Qualcomm, SAP, Salesforce, Visa, Mastercard, JP Morgan Chase, State Farm, and Walmart, are just some of the execs who put their name on the dotted line. CEOs blamed a patchwork of differing privacy regulations that are currently being passed in multiple US states, and by several US agencies, as one of the reasons why consumer privacy is a mess in the US. This patchwork of privacy regulations is creating problems for their companies, which have to comply with an ever-increasing number of laws across different states and jurisdictions. Instead, the 51 CEOs would like one law that governs all user privacy and data protection across the US, which would simplify product design, compliance, and data management. "There is now widespread agreement among companies across all sectors of the economy, policymakers and consumer groups about the need for a comprehensive federal consumer data privacy law that provides strong, consistent protections for American consumers," the open letter said.

Read more of this story at Slashdot.

Categories: Geeky Stuff

September 2019 Security Updates

Microsoft Security Response Blog - Tue, 10/09/2019 - 18:57

We have released the September security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide. As a reminder, Windows 7 and Windows Server 2008 R2 will be out of …

September 2019 Security Updates Read More »

The post September 2019 Security Updates appeared first on Microsoft Security Response Center.

Categories: IT

Trump Says He Fired National Security Advisor John Bolton -- But Bolton Says He 'Offered To Resign'

Slashdot - Tue, 10/09/2019 - 18:10
President Donald Trump said Tuesday he fired national security advisor John Bolton, saying on Twitter he had "disagreed strongly with many of his suggestions." From a report: But minutes later, Bolton in his own tweet said that he "offered to resign" Monday night -- and that Trump told him, "Let's talk about it tomorrow." Either way, Bolton's departure shocked Washington, D.C., and oil crude futures fell. Bolton, who was named national security advisor in March 2018, is a harsh critic of Iran, and has advocated military strikes against that oil-rich nation. "I informed John Bolton last night that his services are no longer needed at the White House. I disagreed strongly with many of his suggestions, as did others in the Administration, and therefore I asked John for his resignation, which was given to me this morning," Trump said in a tweet. "I thank John very much for his service. I will be naming a new National Security Advisor next week." Earlier this month, Bolton had accused China of stealing US technology to make a stealth fighter. On a visit to Ukraine last month, Bolton said an unnamed fifth-generation aircraft "looks a lot like the F-35, that's because it is the F-35. They just stole it."

Read more of this story at Slashdot.

Categories: Geeky Stuff

We Need To Prepare for the Future of War, NSA Official Says

Slashdot - Tue, 10/09/2019 - 18:10
Glenn S. Gerstell, the general counsel of the National Security Agency, writing at The New York Times: The threats of cyberattack and hypersonic missiles are two examples of easily foreseeable challenges to our national security posed by rapidly developing technology. It is by no means certain that we will be able to cope with those two threats, let alone the even more complicated and unknown challenges presented by the general onrush of technology -- the digital revolution or so-called Fourth Industrial Revolution -- that will be our future for the next few decades. The digital revolution has urgent and profound implications for our federal national security agencies. It is almost impossible to overstate the challenges. If anything, we run the risk of thinking too conventionally about the future. The short period of time our nation has to prepare for the effects of this revolution is already upon us, and it could not come at a more perilous and complicated time for the National Security Agency, Central Intelligence Agency, National Geospatial-Intelligence Agency, Defense Intelligence Agency, Federal Bureau of Investigation and the other components of the intelligence community. Gearing up to deal with those new adversaries, which do not necessarily present merely conventional military threats, is itself a daunting challenge and one that must be undertaken immediately and for at least the next decade or two. But that is precisely when we must put in place a new foundation for dealing with the even more profound and enduring implications of the digital revolution. That revolution will sweep through all aspects of our society so powerfully that our only chance of effectively grappling with its consequences will lie in taking bold steps in the relatively near term. In short, our attention must turn to a far more complex set of threats of multiple dimensions enabled by the digital revolution. While the potential consequences are less catastrophic than nuclear war, they are nonetheless deeply threatening in a range of ways we will have trouble countering.

Read more of this story at Slashdot.

Categories: Geeky Stuff

Mozilla Launches VPN as Part of Resurrected Firefox Test Pilot Program

Slashdot - Tue, 10/09/2019 - 17:30
Mozilla is resurrecting its recently expunged Test Pilot program with a renewed focus on privacy-focused tools and products. The Firefox developer today lifted the lid on the first product to emerge from the new Test Pilot, and it appears to be something akin to a virtual private network (VPN) in all but name. From a report: Firefox Private Network, as the new tool is called, is available in beta today for logged-in Firefox desktop users in the U.S. only, and is accessible through a browser extension. By way of a quick recap, Mozilla debuted Firefox Test Pilot a decade ago but then relaunched it back in 2016. Test Pilot went on to attain an average of 100,000 daily users, each looking to test Mozilla's latest developments -- including a price-tracking feature for online shoppers, content recommendations based on browsing activity, and more. Some of these became full-fledged features within Firefox and others did not, but back in January Mozilla announced it was killing its Test Pilot program altogether. This came as something of a surprise given Mozilla's own statements about the success of the program. At the time, Mozilla said it was "evolving" its approach to experimentation and suggested it was looking to ideate more widely across the company. Fast-forward nine months, and Firefox Test Pilot is back for a third time.

Read more of this story at Slashdot.

Categories: Geeky Stuff
Syndicate content