Feed aggregator

KnackForge: How to update Drupal 8 core?

Drupal Planet -

How to update Drupal 8 core?

Let's see how to update your Drupal site between 8.x.x minor and patch versions. For example, from 8.1.2 to 8.1.3, or from 8.3.5 to 8.4.0. I hope this will help you.

  • If you are upgrading to Drupal version x.y.z

           x -> is known as the major version number

           y -> is known as the minor version number

           z -> is known as the patch version number.

Sat, 03/24/2018 - 10:31

Equifax Has Been Sending Consumers To a Fake Phishing Site for Almost Two Weeks

Slashdot -

An anonymous reader shares a Gizmodo report (condensed for space): For nearly two weeks, the company's official Twitter account has been directing users to a fake lookalike website. After announcing the breach, Equifax directed its customers to equifaxsecurity2017.com, a website where they can enroll in identity theft protection services and find updates about how Equifax is handing the "cybersecurity incident." But the decision to create "equifaxsecurity2017" in the first place was monumentally stupid. The URL is long and it doesn't look very official -- that means it's going to be very easy to emulate. To illustrate how idiotic Equifax's decision was, developer Nick Sweeting created a fake website of his own: securityequifax2017.com. (He simply switched the words "security" and "equifax" around.) As if to demonstrate Sweeting's point, Equifax appears to have been itself duped by the fake URL. The company has directed users to Sweeting's fake site sporadically over the past two weeks. Gizmodo found eight tweets containing the fake URL dating back to September 9th.

Read more of this story at Slashdot.

Hurricane Maria Knocks Out Power To Entire Island of Puerto Rico

Slashdot -

An anonymous reader writes: Hurricane Maria's eye has left Puerto Rico, but the mammoth storm is still lashing the island with devastating winds. Maria weakened to a Category 3 hurricane Wednesday afternoon, hurling winds of 115 mph. But hurricane-force gusts topping 74 mph still extend over much of Puerto Rico, the National Hurricane Center said. Maria's brute force wiped out electricity to the entire island. "We are 100% without power," a spokesman for the Puerto Rico governor's office said Wednesday. The storm also ripped trees out of the ground and caused widespread flooding. "This is total devastation," said Carlos Mercader, a spokesman for Puerto Rico's governor. "Puerto Rico, in terms of the infrastructure, will not be the same. ... This is something of historic proportions." Maria is expected to dump a total of 12 to 18 inches of rain on Puerto Rico before barreling toward the Dominican Republic starting Wednesday night.

Read more of this story at Slashdot.

Ransomware Hack Targeting 2 Million an Hour

Slashdot -

New submitter Zorro writes: A ransomware attack sweeping the globe right now is launching about 8,000 different versions of the virus script at Barracuda's customers, Eugene Weiss, lead platform architect at Barracuda, told Axios, and it's hitting at a steady rate of about 2 million attacks per hour. What to watch out for: An incoming email spoofing the destination host, with a subject about "Herbalife" or a "copier" file delivery. Two of the latest variants Barracuda has detected include a paragraph about legalese to make it seem official, or a line about how a "payment is attached," which tricks you to click since, as Weiss puts it, "everyone wants a payment."

Read more of this story at Slashdot.

Waymo Wants Uber to Pay $2.6 Billion Over Alleged Trade Secret Theft

Slashdot -

Alphabet's Waymo unit is seeking about $2.6 billion from Uber for the alleged theft of one of several trade secrets in a lawsuit over self-driving cars, a lawyer for Uber said on Wednesday. From a report: Uber attorney Bill Carmody disclosed the figure in a hearing in federal court in San Francisco, where both companies are discussing whether a trial in the case will begin next month. Waymo has asserted claims that Uber stole several of its trade secrets. The total amount of Waymo's damages request was not publicly disclosed at the hearing on Wednesday. Waymo claimed in a lawsuit earlier this year that former engineer Anthony Levandowski downloaded more than 14,000 confidential files before leaving to set up a self-driving truck company, which Uber acquired soon after.

Read more of this story at Slashdot.

Turning Off Wi-Fi and Bluetooth in iOS 11's Control Center Doesn't Actually Turn Off Wi-Fi or Bluetooth

Slashdot -

An anonymous reader shares a Motherboard report: Turning off Bluetooth and Wi-Fi when you're not using them on your smartphone has long been standard, common sense, advice. Unfortunately, with the iPhone's new operating system iOS 11 - which was released to the general public yesterday - turning them off is not as easy as it used to be. Now, when you toggle Bluetooth and Wi-Fi off from the iPhone's Control Center -- the somewhat confusing menu that appears when you swipe up from the bottom of the phone -- it actually doesn't completely turn them off. While that might sound like a bug, that's actually what Apple intended in the new operating system. But security researchers warn that users might not realize this and, as a consequence, could leave Bluetooth and Wi-Fi on without noticing. Numerous Slashdot readers have complained about this "feature" this week.

Read more of this story at Slashdot.

GNOME Partners With Purism On Librem 5 Linux-based Privacy-focused Smartphone

Slashdot -

BrianFagioli writes: The Librem 5 smartphone by Purism has a long and difficult road ahead of it. Competing against the likes of Apple and Google on the mobile market has proven to be a death sentence for many platforms -- including Microsoft with its failed Windows 10 Mobile. Luckily, Purism has found itself a new partner on this project -- one of the most important organizations in the Linux community -- The GNOME Foundation. The GNOME Foundation explains, 'The Librem 5 is a hardware platform the Foundation is interested in advancing as a GNOME/GTK phone device. The GNOME Foundation is committed to partnering with Purism to create hackfests, tools, emulators, and build awareness that surround moving GNOME/GTK onto the Librem 5 phone. As part of the collaboration, if the campaign is successful the GNOME Foundation plans to enhance GNOME shell and general performance of the system with Purism to enable features on the Librem 5.'

Read more of this story at Slashdot.

CEO Catches Stranger After Hours, Prompting Espionage Charges

Slashdot -

An anonymous reader shares a report: Samuel Straface thought he was the last one out the door one recent evening at the medical-technology startup he leads in suburban Boston. But as he passed a glass-walled conference room on the second floor, Dr. Straface says he saw a man he didn't recognize, sitting by himself in front of two open laptops and a tablet device. He continued walking a few steps toward the exit, but then, feeling uneasy, he turned back (Editor's note: the submitted link could be paywalled; alternative source). The man was later identified as Dong Liu, a dual citizen of China and Canada. And his after-hours computing at Medrobotics is at the center of an economic-espionage case brought by U.S. prosecutors. Mr. Liu is in federal custody, charged with attempting to steal trade secrets and trying to gain unauthorized access to the company's computer system, prosecutors said. If convicted of both charges, he could face a maximum sentence of 15 years in prison. "Mr. Liu adamantly asserts his innocence and we fully expect he'll be exonerated after a careful review of the evidence," said Robert Goldstein, Mr. Liu's defense attorney. The U.S. attorney's office for the District of Massachusetts declined to comment on the case beyond details in court records. Before his arrest, police said Mr. Liu told them he was there to discuss doing business with the company -- but Dr. Straface says no one had scheduled a meeting with Mr. Liu.

Read more of this story at Slashdot.

[$] Linking commits to reviews

LWN Headlines -

In a talk in the refereed track of the 2017 Linux Plumbers Conference, Alexandre Courouble presented the email2git tool that links kernel commits to their review discussion on the mailing lists. Email2git is a plugin for cregit, which implements token-level history for a Git repository; we covered a talk on cregit just over one year ago. Email2git combines cregit with Patchwork to link the commit to a patch and its discussion threads from any of the mailing lists that are scanned by patchwork.kernel.org. The result is a way to easily find the discussion that led to a piece of code—or even just a token—changing in the kernel source tree.

Slashdot Asks: Why Does Google Want To Purchase HTC?

Slashdot -

Rumor has it Google is planning to purchase HTC -- or at least a portion of it. The speculation of this has been doing rounds for weeks now, and it reached a new high today after HTC said its stock will stop trading from Thursday, as it prepares to make a "major announcement" tomorrow. Bloomberg reported today: Alphabet's Google is close to acquiring assets from Taiwan's HTC, according to a person familiar with the situation, in a bid to bolster the internet giant's nascent hardware business. HTC, once ranked among the world's top smartphone makers, is holding a town hall meeting Thursday, according to tech website Venture Beat, which cited a copy of an internal invitation. The shares will also be suspended from trading as of Sept. 21 due to a pending announcement, according to the Taiwan stock exchange. Of course Google has made similar moves in the past. It previously owned Motorola for a brief period of time, but that acquisition didn't materialize much. The company has however, since re-hired the Motorola chief it once had, Rick Osterloh, and founded a separate hardware team under his stewardship. Claude Zellweger, the one-time chief designer of HTC Vive, is also now at Google, working on that company's Daydream virtual reality system. What reasons could Google have to purchase HTC? Share your thoughts in the comments section below.

Read more of this story at Slashdot.

GNOME Foundation partners with Purism to support its efforts to build the Librem 5 smartphone

LWN Headlines -

Last week KDE announced that they were working with Purism on the Librem 5 smartphone. The GNOME Foundation has also provided its endorsement and support of Purism’s efforts to build the Librem 5. "As part of the collaboration, if the campaign is successful the GNOME Foundation plans to enhance GNOME shell and general performance of the system with Purism to enable features on the Librem 5. Various GNOME technologies are used extensively in embedded devices today, and GNOME developers have experienced some of the challenges that face mobile computing specifically with the Nokia 770, N800 and N900, the One Laptop Per Child project’s XO laptop and FIC’s Neo1973 mobile phone."

Oracle's Larry Ellison Pokes Amazon Again With New Cloud Pricing Plan

Slashdot -

Oracle went on the offensive again versus Amazon.com this week with a new cloud pricing plan that gives discounts to Oracle database customers who move their databases to the cloud. From a report: Chairman and Chief Technology Officer Larry Ellison said during an event at its Redwood City, California headquarters that while Oracle has matched Amazon Web Services for base-level computing, storage and networking services known as infrastructure as a service, it's now moving to make higher-level cloud services such as databases and analytics cheaper than AWS's. Actually, Ellison claimed that Oracle's infrastructure runs faster and therefore ends up costing less, but it's clear that the company is focusing more on its traditional strengths one tier up from the infrastructure: so-called platform as a service offerings such as the Oracle Database. Oracle said it will allow customers to move their existing licenses for databases, middleware and analytics to Oracle's platform services, just as they've allowed them to bring licenses to its infrastructure before.

Read more of this story at Slashdot.

An intro to machine learning (opensource.com)

LWN Headlines -

Ulrich Drepper, once again an engineer at Red Hat, writes about machine learning on opensource.com. "Machine learning and artificial intelligence (ML/AI) mean different things to different people, but the newest approaches have one thing in common: They are based on the idea that a program's output should be created mostly automatically from a high-dimensional and possibly huge dataset, with minimal or no intervention or guidance from a human. Open source tools are used in a variety of machine learning and artificial intelligence projects. In this article, I'll provide an overview of the state of machine learning today."

Security updates for Wednesday

LWN Headlines -

Security updates have been issued by CentOS (emacs), Debian (apache2, gdk-pixbuf, and pyjwt), Fedora (autotrace, converseen, dmtx-utils, drawtiming, emacs, gtatool, imageinfo, ImageMagick, inkscape, jasper, k3d, kxstitch, libwpd, mingw-libzip, perl-Image-SubImageFind, pfstools, php-pecl-imagick, psiconv, q, rawtherapee, ripright, rss-glx, rubygem-rmagick, synfig, synfigstudio, techne, vdr-scraper2vdr, vips, and WindowMaker), Oracle (emacs and kernel), Red Hat (emacs and kernel), Scientific Linux (emacs), SUSE (emacs), and Ubuntu (apache2).

Dries Buytaert: Announcing Node.js on Acquia Cloud

Drupal Planet -

Today, Acquia announced that it expanded Acquia Cloud to support Node.js, the popular open-source JavaScript runtime. This is a big milestone for Acquia as it is the first time we have extended our cloud beyond Drupal. I wanted to take some time to explain the evolution of Acquia's open-source stack and why this shift is important for our customers' success.

From client-side JavaScript to server-side JavaScript

JavaScript was created at Netscape in 1995, when Brendan Eich wrote the first version of JavaScript in just 10 days. It took around 10 years for JavaScript to reach enterprise maturity, however. Adoption accelerated in 2004 when Google used JavaScript to build the first release of Gmail. In comparison to e-mail competitors like Yahoo! Mail and Hotmail, Gmail showed what was possible with client-side JavaScript, which enables developers to update pages dynamically and reduces full-page refreshes and round trips to the server. The benefit is an improved user experience that is usually faster, more dynamic in its behavior, and generally more application-like.

In 2009, Google invented the V8 JavaScript engine, which was embedded into its Chrome browser to make both Gmail and Google Maps faster. Ryan Dahl used the V8 run-time as the foundation of Node.js, which enabled server-side JavaScript, breaking the language out of the boundaries of the browser. Node.js is event-driven and provides asynchronous, non-blocking I/O — things that help developers build modern web applications, especially those with real-time capabilities and streamed data. It ushered in the era of isomorphic applications, which means that JavaScript applications can now share code between the client side and server side. The introduction of Node.js has spurred a JavaScript renaissance and contributed to the popularity of JavaScript frameworks such as AngularJS, Ember and React.

Acquia's investment in Headless Drupal

In the web development world, few trends are spreading more rapidly than decoupled architectures using JavaScript frameworks and headless CMS. Decoupled architectures are gaining prominence because architects are looking to take advantage of other front-end technologies, most commonly JavaScript based front ends, in addition to those native to Drupal.

Acquia has been investing in the development of headless Drupal for nearly five years, when we began contributing to the addition of web service APIs to Drupal core. A year ago, we released Waterwheel, an ecosystem of software development kits (SDKs) that enables developers to build Drupal-backed applications in JavaScript and Swift, without needing extensive Drupal expertise. This summer, we released Reservoir, a Drupal distribution for decoupled Drupal. Over the past year, Acquia has helped to support a variety of headless architectures, with and without Node.js. While not always required, Node.js is often used alongside of a headless Drupal application to provide server-side rendering of JavaScript applications or real-time capabilities.

Managed Node.js on Acquia Cloud

Previously, if an organization wanted to build a decoupled architecture with Node.js, it was not able to host the Node.js application on Acquia Cloud. This means that the organization would have to run Node.js with a separate vendor. In many instances, this requires organizations to monitor, troubleshoot and patch the infrastructure supporting the Node.js application of their own accord. Separating the management of the Node.js application and Drupal back end not only introduces a variety of complexities, including security risk and governance challenges, but it also creates operational strain. Organizations must rely on two vendors, two support teams, and multiple contacts to build decoupled applications using Drupal and Node.js.

To eliminate this inefficiency, Acquia Cloud can now support both Drupal and Node.js. Our goal is to offer the best platform for developing and running Drupal and Node.js applications. This means that organizations only need to rely on one vendor and one cloud infrastructure when using Drupal and Node.js. Customers can access Drupal and Node.js environments from a single user interface, in addition to tools that enable continuous delivery, continuous integration, monitoring, alerting and support across both Drupal and Node.js.

On Acquia Cloud, customers can access Drupal and Node.js environments from a single user interface. Delivering on Acquia's mission

When reflecting on Acquia's first decade this past summer, I shared that one of the original corporate values our small team dreamed up was to "empower everyone to rapidly assemble killer websites". After ten years, we've evolved our mission to "build the universal platform for the world's greatest digital experiences". While our focus has expanded as we've grown, Acquia's enduring aim is to provide our customers with the best tools available. Adding Node.js to Acquia Cloud is a natural evolution of our mission.

Amazon 'Reviewing' Its Website After It Suggested Bomb-Making Items

Slashdot -

An anonymous reader shares a report: Amazon said on Wednesday that it was reviewing its website after a British television report said the online retail giant's algorithms were automatically suggesting bomb-making ingredients that were "Frequently bought together." The news is particularly timely in Britain, where the authorities are investigating a terrorist attack last week on London's Underground subway system. The attack involved a crude explosive in a bucket inside a plastic bag, and detonated on a train during the morning rush. The news report is the latest example of a technology company drawing criticism for an apparently faulty algorithm. Google and Facebook have come under fire for allowing advertisers to direct ads to users who searched for, or expressed interest in, racist sentiments and hate speech. Growing awareness of these automated systems has been accompanied by calls for tech firms to take more responsibility for the contents on their sites. Amazon customers buying products that were innocent enough on their own, like cooking ingredients, received "Frequently bought together" prompts for other items that would help them produce explosives, according to the Channel 4 News.

Read more of this story at Slashdot.

Apple Admits To Apple Watch LTE Problems Just Before It Ships

Slashdot -

Lauren Goode, reporting for The Verge: Apple's new Series 3 smartwatch starts shipping this Friday, and the biggest feature change between last year's model and this new Watch is that it has built-in cellular capabilities. Except, that cell service isn't entirely reliable. While writing my review of the Apple Watch Series 3 with LTE capabilities, I experienced notable connectivity issues. The new Watch appeared to try to connect to unknown WiFi networks instead of connecting to cellular, when I was out and about without my phone. Within the first couple days of experiencing this, Apple replaced my first review unit with a second one, but that one proved to be problematic, too. Eventually, the company issued an official statement, acknowledging the issue. "We have discovered that when Apple Watch Series 3 joins unauthenticated Wi-Fi networks without connectivity, it may at times prevent the watch from using cellular," an Apple spokesperson said in an emailed statement. "We are investigating a fix for a future software release."

Read more of this story at Slashdot.

Drupal core announcements: Core topic discussions at DrupalCon Vienna

Drupal Planet -

DrupalCon Vienna includes a full track of core conversations where you can learn about current topics in Drupal core development, and a week of sprints where you can participate in shaping Drupal's future.

In addition to the core conversations, we have a few meetings on specific topics for future core development. These meetings will be very focused, so contact the listed organizer for each if you are interested in participating. There are also birds-of-a-feather (BoF) sessions, which are open to all attendees without notice.

Time Topic Organizer Monday, 25 Sep, 13:00 Coding standards fails and automated interdiffs on Drupal.org xjm Tuesday, 26 Sep, 12:00 Media initiative (BoF) chr.fritsch Tuesday, 26 Sep, 15:45 Out of the Box initiative (BoF) kjay Tuesday, 26 Sep, 17:00 Composer bojanz Wednesday, 27 Sep, 11:30 Workflows initiative dixon_ Wednesday, 27 Sep, 14:30 JavaScript drpal, nod_ Friday, 29 Sep, 11:30 API-first initiative Wim Leers Friday, 29 Sep, 13:00 Migrate initiative Gábor Hojtsy

Also be sure to watch Dries' keynote for ideas about Drupal's future!

Pages

Subscribe to Heydon Consulting aggregator