chicksdaddy writes "Two researchers at the Black Hat Briefings security conference Thursday said Smart TVs from electronics giant Samsung are rife with vulnerabilities in the underlying operating system and Java-based applications. Those vulnerabilities could be used to steal sensitive information on the device owner, or even spy on the television's surroundings using an integrated webcam. Speaking in Las Vegas, Aaron Grattafiori and Josh Yavor, both security engineers at the firm ISEC Partners, described Smart TVs as Linux boxes outfitted with a Webkit-based browser. They demonstrated how vulnerabilities in SmartHub, the Java-based application that is responsible for many of the Smart TV's interactive features, could be exploited by a local or remote attacker to surreptitiously activate and control an embedded webcam on the SmartTV, launch drive-by download attacks and steal local user credentials and those of connected devices, browser history, cache and cookies as well as credentials for the local wireless network. Samsung has issued patches for many of the affected devices and promises more changes in its next version of the Smart TV. This isn't the first time Smart TVs have been shown to be vulnerable. In December, researchers at the firm ReVuln also disclosed a vulnerability in the Smart TV's firmware that could be used to launch remote attacks."
Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
jrepin writes "The Calligra team is proud and pleased to announce the release of version 2.7 of the Calligra Suite, Calligra active and the Calligra Office Engine. Words, the word processing application, has a new look for the toolbox. In the same toolbox there are also new controls to manipulate shapes with much enhanced usability. Author, the writer's application, has new support for EPUB3: mathematical formulas and multimedia contents are now exported to ebooks using the EPUB format. There is also new support for book covers using images. Plan, the project management application, has improvement in the scheduling of tasks. The formula shape now has new ways to enter formula: a matlab/octave mode and a LaTEX mode."
sfcrazy writes "The father of Linux, Linus Torvalds, once said, 'If Microsoft ever does applications for Linux it means I've won.' Microsoft yesterday released one of its cash cows, Microsoft Office, for Android. Since Microsoft has a very vague idea of what users want and is suffering from lock-in, the app is just an Android front end of Office 365 and is accessible only by the paid users. There are already quite a lot of office suites available on Android including Office Pro, QuickOffice and KingSoft, so Microsoft will have to struggle there. Still it's a Microsoft core application coming to Linux. So, it looks like Linus has won."
An anonymous reader writes "There's some good news if you use NVIDIA graphics on (Ubuntu) Linux or FreeBSD with their binary graphics driver: the OpenGL performance is comparable to Windows 8. Unfortunately, that's not the same for Intel graphics and AMD doesn't even offer a Catalyst driver for FreeBSD. FreeBSD offers a binary Linux compatibility layer to run games at the same (or better) performance as Linux, but unfortunately it's capped to running Linux x86 binaries and NVIDIA is the only GPU vendor with proper BSD graphics driver support."
jrepin writes "Around a year ago, a school in the southeast of England, Westcliff High School for Girls Academy (WHSG), began switching its student-facing computers to Linux, with KDE providing the desktop software. The school's Network Manager, Malcolm Moore, contacted us at the time. Now, a year on, he got in touch again to let us know how he and the students find life in a world without Windows." And they didn't even meet much resistance: "Younger students accept it as normal. Older students can be a little less flexible. There are still a few that are of the view that I can get rid of Microsoft Word when I can pry it from them. Staff are the same (although it is surprisingly not age-related). Some are OK and some hate it. Having said that, an equal number hate Windows 7 and nobody liked Windows 8. I think the basic problem is that Windows XP is a victim of its own success. It works fairly well from a user point of view, it's been around practically forever, and people don't like change, even some students, oddly."
alphadogg writes "The first heady rush of support for Canonical's crowd-funded Ubuntu Edge smartphone appears to have tapered off, as donations for the eye-catching device have slowed substantially over the past several days. The project sits just above the $7 million mark at the time of this writing – a large sum by the standards of crowd-funded projects, to be sure, but the $32 million goal is still a long way off. The Edge is slightly, but measurably, behind schedule – by about $600,000, according to a tracking graph made by Canonical's Gustavo Niemeyer. However, there's speculation that wealthy Canonical founder Mark Shuttleworth might contribute some of his personal fortune to the project." The campaign has already broken records with its spectacular first few days. I hope that Shuttleworth does kick in to make production feasible, because the idea and the design are impressive — but I'm leery of spending quite so much on any phone.
c0d3g33k writes "Prompted by the addition of new security features in Android 4.3 that limit the effectiveness of elevated privileges, Steve Kondik wonders which uses really require full root. Most common activities that prompt owners to root their devices (backup/restore tools, firewall/DNS resolver management, kernel tuning), could be accomplished without exposing root, argues Kondik, by providing additional APIs and extensions to the user. This would improve security by limiting the exposure of the system to exploits. Reasonable enough, on the face of it. The title of the post, however, suggests that Kondik believes that eventually all useful activities can be designed into the system so the 'dangerous and insecure' abilities provided by root/administrator privileges aren't needed. This kind of top-down thinking seems a bit troubling because it leads to greater control of the system by the developer at the expense of the owner of the device. It's been said that the best tools are those that lend themselves to uses not anticipated by the creator. Reducing or eliminating the ability of the owner to use a device in ways that are unanticipated ultimately reduces its potential power and usefulness. Perhaps that's what is wanted to prevent an owner from using the device in ways that are inconvenient or contrary to an established business model."
An anonymous reader writes "I'm an Engineer with a need for 3 large monitors on the one PC. I want to run them as 'one big desktop' so I can drag windows around between all three monitors (Windows XP style). I run Debian and an nVidia NVS450. Currently I have been able to do what I want by using Xinerama which is painfully slow (think 1990s), or using TwinView which is hardware accelerated but only supports 2 monitors. I can live without 3D performance, but I need a hardware accelerated 2D desktop at the minimum. What are my options? I will happily give up running X and run something else if I need to (although I would like to keep using Xfce — but am open to anything). I am getting so desperate that I am starting to think of running Windows on my box, but that would be painful in so many other ways given my work environment revolves around the Linux toolset."
DeviceGuru writes "The 2014 Toyota Lexus IS reportedly will be the second major automobile to offer in-vehicle infotainment (IVI) systems based on Linux, following last year's introduction of the Debian-based Cadillac User Experience (CUE) IVI system, which now appears in Cadillac's XTS and SRX models. Cadillac's CUE IVI implementation was developed by GENIVI Alliance members MontaVista and Bosch and uses similar code, but is not listed as GENIVI compliant. Meanwhile, ABI Research projects that Linux will grow to 20 percent IVI market share by 2018, behind Microsoft and market leader QNX."
Karrde712 writes "Fedora Cloud Architect Matthew Miller announced a proposal on a plan to redesign the way that the Fedora Project builds its GNU/Linux distribution. Fedora has often been described as a 'bag of bits,' with thousands of packages and only minimal integration. Miller's proposal for 'Fedora.Next' describes reorganizing the packages and upstream projects that comprise Fedora into a series of 'rings,' each level of which would have its own set of release and packaging requirements. The lowest levels of the distribution may be renamed to 'Fedora Core.' Much discussion is ongoing on the Fedora Devel mailing list. If any Slashdot readers have good advice to add to the discussion, it would be most useful to respond to the ongoing thread there." A full presentation on the plan will be given at the Flock conference next month, and draft slides have been uploaded. A few more details about the discussion are below the fold.
TexasDex writes "After years of providing great news reporting to the open source community, including interviews, great Linux kernel update summaries, and even breaking the Skype spying story well before it was leaked, The H Online is closing down due to lack of profitability. I've checked them daily for years, so it's sad to see them go."
DeviceGuru writes "Linaro has just published videos and slides from keynotes, technical presentations, and panel discussions at last week's Linaro Connect Europe 2013 event held in Dublin, Ireland. Linaro is a nonprofit organization focused on consolidating and optimizing open source software for the ARM architecture, including the GCC toolchain, the Linux kernel, ARM power management, graphics and multimedia interfaces. The conference's sessions spanned a wide range of topics, including Android, Builds and Baselines, Enterprise, Graphics and Multimedia, Linux Kernel, Network, Project Management Tools, Training, and more." The list of videos, hosted on Youtube and many with slides available.
An anonymous reader writes "Picking up the code from a failed Direct3D 10/11 implementation for Linux, a working Direct3D 9 state tracker has been implemented for Linux. The Direct3D 9 support works with open-source Linux GPU hardware drivers via Mesa's Gallium3D and can run games for the open-source Radeon and Nouveau drivers without simply converting the Direct3D commands into OpenGL. Unlike the experimental D3D10/11 code from the past, this D3D9 state tracker is already running games like Skyrim, Civilization 5, Anno 1404, and StarCraft 2. With Linux games not natively targeting D3D, Wine was modified for using this native Direct3D implementation."
darthcamaro writes "The Linux Kernel Development Mailing List can be a hostile place for anyone. Now Intel developer Sarah Sharp is taking a stand and she wants the LKML to become a more civil place. Quoting her first message: 'Seriously, guys? Is this what we need in order to get improve -stable? Linus Torvalds is advocating for physical intimidation and violence. Ingo Molnar and Linus are advocating for verbal abuse. ... Violence, whether it be physical intimidation, verbal threats or verbal abuse is not acceptable. Keep it professional on the mailing lists.'" The entire thread is worth a read, but Linus isn't buying it: "Because if you want me to 'act professional', I can tell you that I'm not interested. I'm sitting in my home office wearing a bathrobe. The same way I'm not going to start wearing ties, I'm *also* not going to buy into the fake politeness, the lying, the office politics and backstabbing, the passive aggressiveness, and the buzzwords. Because THAT is what 'acting professionally' results in: people resort to all kinds of really nasty things because they are forced to act out their normal urges in unnatural ways.' He also offered cookies in exchange for joining the dark side. An earlier reply by Linus further explains why he thinks it is OK to be mean: most of the time, he's only yelling at people who should know better (cultivating a crew of lead developers bound to him by Stockholm Syndrome?).
An anonymous reader writes "Linus Torvalds decided to change the code name for Linux 3.11 and even submitted an alternate Tux Logo. Heise reports: 'For this release, Linus Torvalds changed the code name from "Unicycling Gorilla" to "Linux for Workgroups" and modified the logo that some systems display when booting: it now depicts a Tux holding a flag with a symbol that is reminiscent of the logo of Windows for Workgroups 3.11, which was released in 1993.'"
DeviceGuru writes with an excerpt that may be of interest especially for mobile users with cheap, always available wireless data: "An OpenWRT Linux-based hardware adapter called Plug designed for unifying USB-connected storage met its $69,000 Kickstarter pledge goal in 12 hours. The tiny Plug device eschews cloud storage for a localized approach whereby an app or driver installed on each participating computer or mobile device intercepts filesystem accesses, and redirects data reads and writes to storage drives attached to the user's Plug device. The Plug enjoyed one of the fastest fulfillments in Kickstarter history, meeting its goal in 12 hours, and has already soared to over $223,000 in funding."
An anonymous reader writes "Wayland 1.2 & Weston 1.2 have been released. Features of this quarterly update to the X.Org/Mir display competitor is support for color management, a new input method framework, a Raspberry Pi renderer/back-end, HiDPI output scaling, multi-seat improvements, and various other changes for this next-generation Linux desktop display protocol and compositor."
hypnosec writes "The Linux 3.11 merge window is about to close, most probably this Sunday, and most of the pull requests have been merged, including feature additions and improvements to disk & file system, CPU, graphics and other hardware. Some notable merges are: LZ4 compression; Zswap for compressed swap caching; inclusion of a Lustre file-system client for the first time; Dynamic Power Management (DPM) support for R600 GPUs; KVM and Xen virtualization on 64-bit hardware (AArch64); and a new DRM (Direct Rendering Manager) driver for the Renesas R-Car SoC."