Feed aggregator

WordPress Ditches ReactJS Over Facebook's Patent Clause

Slashdot -

An anonymous reader quote TechCrunch: Matt Mullenweg, the co-founder of the popular open source web publishing software WordPress, has said the community will be pulling away from using Facebook's React JavaScript library over concerns about a patent clause in Facebook's open source license. In a blog post explaining the decision yesterday, Mullenweg said he had hoped to officially adopt React for WordPress -- noting that Automattic, the company behind WordPress.com which he also founded, had already used React for the Calypso ground-up rewrite of WordPress.com a few years ago, while the WordPress community had started using it for its major Gutenberg core project. But he said he has changed his mind after seeing Facebook dig in behind the patent clause -- which was recently added to the Apache Software Foundation's list of disallowed licenses... [H]e writes that he cannot, in good conscience, require users of the very widely used open source WordPress software to inherit the patent clause and associated legal risk. So he's made the decision to ditch React. Facebook can revoke their license if a React user challenges Facebook's patents.

Read more of this story at Slashdot.

Facebook Shares Details Of Russia-Bought Ads With US Investigators

Slashdot -

An anonymous reader quotes CNN: Special counsel Robert Mueller and his team are now in possession of Russian-linked ads run on Facebook during the presidential election, after they obtained a search warrant for the information. Facebook gave Mueller and his team copies of ads and related information it discovered on its site linked to a Russian troll farm, as well as detailed information about the accounts that bought the ads and the way the ads were targeted at American Facebook users, a source with knowledge of the matter told CNN. The disclosure, first reported by the Wall Street Journal, may give Mueller's office a fuller picture of who was behind the ad buys and how the ads may have influenced voter sentiment during the 2016 election... As CNN reported Thursday, Facebook is still not sure whether pro-Kremlin groups may have made other ad buys intended to influence American politics that it simply hasn't discovered yet. It is even possible that unidentified ad buys may still exist on the social media network today.

Read more of this story at Slashdot.

2017 'Ig Nobel' Prizes Recognize Funny Research On Cats, Crocodiles, and Cheese

Slashdot -

An anonymous reader writes: "The 27th First Annual Ig Nobel Prize Ceremony" happened Thursday at Harvard's Sanders theatre, recognizing real (but unusual) research papers from all over the world "that make people laugh, then think." This year's prize in the physics category went to Marc-Antoine Fardin, who used fluid dynamics to probe the question "Can a cat be both a solid and a liquid?" Six prize-winning Swiss researchers also demonstrated that regular playing of a didgeridoo is an effective treatment for obstructive sleep apnoea and snoring, while two Australians tested how contact with a live crocodile affects a person's willingness to gamble. And five French researchers won the medicine prize for their use of advanced brain-scanning technology to investigate "the neural basis of disugst for cheese." You can watch the ceremony online -- and Reuters got an interesting quote from the editor of the Annals of Improbable Research, who founded the awards ceremony 27 years ago. "We hope that this will get people back into the habits they probably had when they were kids of paying attention to odd things and holding out for a moment and deciding whether they are good or bad only after they have a chance to think."

Read more of this story at Slashdot.

Security.txt Standard Proposed, Similar To Robots.txt

Slashdot -

An anonymous reader writes: Ed Foudil, a web developer and security researcher, has submitted a draft to the IETF — Internet Engineering Task Force — seeking the standardization of security.txt, a file that webmasters can host on their domain root and describe the site's security policies. The file is akin to robots.txt, a standard used by websites to communicate and define policies for web and search engine crawlers... For example, if a security researcher finds a security vulnerability on a website, he can access the site's security.txt file for information on how to contact the company and securely report the issue. According to the current security.txt IETF draft, website owners would be able to create security.txt files that look like this: #This is a comment Contact: [email protected] Contact: +1-201-555-0123 Contact: https://example.com/security Encryption: https://example.com/pgp-key.tx... Acknowledgement: https://example.com/acknowledg... Disclosure: Full

Read more of this story at Slashdot.

Can The Pirate Bay Replace Ads With A Bitcoin Miner?

Slashdot -

Mark Wilson writes: When it comes to the Pirate Bay, it's usually movie studios, music producers and software creators that get annoyed with the site — you know, copyright and all that. But in an interesting twist it is now users who find themselves irked by and disappointed in the most famous torrent site in the world. So what's happened? Out of the blue, the Pirate Bay has added a Javascript-powered Bitcoin miner to the site. Nestling in the code of the site is an embedded cryptocurrency miner from Coinhive. Users who have noticed an increase in resource usage on their computers as a result of this are not happy. TorrentFreak reports the miner is being tested for about 24 hours -- as a possible way to earn enough revenue to remove advertising from the site.

Read more of this story at Slashdot.

More Millennials Would Give Up Voting Than Texting

Slashdot -

An anonymous reader quotes the New York Post: As the staggering national student loan debt tally sits at an all-time high of $1.33 trillion, according to the Department of Education, many millennials say they would go to extreme lengths to wipe their slate clean. According to a new survey from Credible, a personal finance website, 50 percent of all respondents (ages 18-34) said they would give up their right to vote during the next two presidential elections in order to never have to make another loan payment again. Yet only 44% said they'd be willing to give up Uber and Lyft -- and only 13% said they'd be willing to give up texting.

Read more of this story at Slashdot.

Scientists Explore A Light Bulb-Based Based 10Gbps Li-Fi/5G Home Network

Slashdot -

Mark.JUK writes: Researchers at Brunel University in London have begun to develop a new 10 Gbps home wireless network using both Li-Fi (light fidelity) and 5G based mmWave technology, which will fit inside LED (light-emitting diode) light bulbs on your ceiling. In simple terms, the Visible Light Communication (VLC) based Li-Fi technology works by flicking a LED light off and on thousands of times a second (by altering the length of the flickers you can introduce digital communications). The article says it'd be more energy efficient (and faster) than a standard Wi-Fi network -- though both technologies have trouble penetrating walls, so "you'd have to buy lots of pricey new bulbs in order to cover your home..." "It's probably not something that an ordinary home owner would want to install; unless you're happy with running lots of optical fibre cable around your various light fittings."

Read more of this story at Slashdot.

Equifax CSO 'Retires'. Known Bug Was Left Unpatched For Nearly Five Months

Slashdot -

phalse phace quotes MarketWatch: Following on the heels of a story that revealed that Equifax hired a music major with no education related to technology or security as its Chief Security Officer, Equifax announced on Friday afternoon that Chief Security Officer Susan Mauldin has quit the company along with Chief Information Officer David Webb. Chief Information Officer David Webb and Chief Security Officer Susan Mauldin retired immediately, Equifax said in a news release that did not mention either of those executives by name. Mark Rohrwasser, who had been leading Equifax's international information-technology operations since 2016, will replace Webb and Russ Ayres, a member of Equifax's IT operation, will replace Mauldin. The company revealed Thursday that the attackers exploited Apache Struts bug CVE-2017-5638 -- "identified and disclosed by U.S. CERT in early March 2017" -- and that they believed the unauthorized access happened from May 13 through July 30, 2017. Thus, MarketWatch reports, Equifax "admitted that the security hole that attackers used was known in March, about two months before the company believes the breach began." And even then, Equifax didn't notice (and remove the affected web applications) until July 30.

Read more of this story at Slashdot.

Poor Diet Is a Factor In One In Five Deaths, Global Disease Study Reveals

Slashdot -

schwit1 shares a report from The Guardian: Millions of people are eating the wrong sorts of food for good health. Eating a diet that is low in whole grains, fruit, nuts and seeds and fish oils and high in salt raises the risk of an early death, according to the huge and ongoing study Global Burden of Disease. The study, based at the Institute of Health Metrics and Evaluation at the University of Washington, compiles data from every country in the world and makes informed estimates where there are gaps. Five papers on life expectancy and the causes and risk factors of death and ill health have been published by the Lancet medical journal. Diet is the second highest risk factor for early death after smoking. Other high risks are high blood glucose which can lead to diabetes, high blood pressure, high body mass index (BMI) which is a measure of obesity, and high total cholesterol. All of these can be related to eating the wrong foods, although there are also other causes.

Read more of this story at Slashdot.

Dave Hall Consulting: Trying Drupal

Drupal Planet -

While preparing for my DrupalCamp Belgium keynote presentation I looked at how easy it is to get started with various CMS platforms. For my talk I used Contentful, a hosted content as a service CMS platform and contrasted that to the "Try Drupal" experience. Below is the walk through of both.

Let's start with Contentful. I start off by visiting their website.

In the top right corner is a blue button encouraging me to "try for free". I hit the link and I'm presented with a sign up form. I can even use Google or GitHub for authentication if I want.

While my example site is being installed I am presented with an overview of what I can do once it is finished. It takes around 30 seconds for the site to be installed.

My site is installed and I'm given some guidance about what to do next. There is even an onboarding tour in the bottom right corner that is waving at me.

Overall this took around a minute and required very little thought. I never once found myself thinking come on hurry up.

Now let's see what it is like to try Drupal. I land on d.o. I see a big prominent "Try Drupal" button, so I click that.

I am presented with 3 options. I am not sure why I'm being presented options to "Build on Drupal 8 for Free" or to "Get Started Risk-Free", I just want to try Drupal, so I go with Pantheon.

Like with Contentful I'm asked to create an account. Again I have the option of using Google for the sign up or completing a form. This form has more fields than contentful.

I've created my account and I am expecting to be dropped into a demo Drupal site. Instead I am presented with a dashboard. The most prominent call to action is importing a site. I decide to create a new site.

I have to now think of a name for my site. This is already feeling like a lot of work just to try Drupal. If I was a busy manager I would have probably given up by this point.

When I submit the form I must surely be going to see a Drupal site. No, sorry. I am given the choice of installing WordPress, yes WordPress, Drupal 8 or Drupal 7. Despite being very confused I go with Drupal 8.

Now my site is deploying. While this happens there is a bunch of items that update above the progress bar. They're all a bit nerdy, but at least I know something is happening. Why is my only option to visit my dashboard again? I want to try Drupal.

I land on the dashboard. Now I'm really confused. This all looks pretty geeky. I want to try Drupal not deal with code, connection modes and the like. If I stick around I might eventually click "Visit Development site", which doesn't really feel like trying Drupal.

Now I'm asked to select a language. OK so Drupal supports multiple languages, that nice. Let's select English so I can finally get to try Drupal.

Next I need to chose an installation profile. What is an installation profile? Which one is best for me?

Now I need to create an account. About 10 minutes I already created an account. Why do I need to create another one? I also named my site earlier in the process.

Finally I am dropped into a Drupal 8 site. There is nothing to guide me on what to do next.

I am left with a sense that setting up Contentful is super easy and Drupal is a lot of work. For most people wanting to try Drupal they would have abandonned someway through the process. I would love to see the conversion stats for the try Drupal service. It must miniscule.

It is worth noting that Pantheon has the best user experience of the 3 companies. The process with 1&1 just dumps me at a hosting sign up page. How does that let me try Drupal?

Acquia drops onto a page where you select your role, then you're presented with some marketing stuff and a form to request a demo. That is unless you're running an ad blocker, then when you select your role you get an Ajax error.

The Try Drupal program generates revenue for the Drupal Association. This money helps fund development of the project. I'm well aware that the DA needs money. At the same time I wonder if it is worth it. For many people this is the first experience they have using Drupal.

The previous attempt to have simplytest.me added to the try Drupal page ultimately failed due to the financial implications. While this is disappointing I don't think simplytest.me is necessarily the answer either.

There needs to be some minimum standards for the Try Drupal page. One of the key item is the number of clicks to get from d.o to a working demo site. Without this the "Try Drupal" page will drive people away from the project, which isn't the intention.

If you're at DrupalCon Vienna and want to discuss this and other ways to improve the marketing of Drupal, please attend the marketing sprints.

AttachmentSize try-contentful-1.png342.82 KB try-contentful-2.png214.5 KB try-contentful-3.png583.02 KB try-contentful-5.png826.13 KB try-drupal-1.png1.19 MB try-drupal-2.png455.11 KB try-drupal-3.png330.45 KB try-drupal-4.png239.5 KB try-drupal-5.png203.46 KB try-drupal-6.png332.93 KB try-drupal-7.png196.75 KB try-drupal-8.png333.46 KB try-drupal-9.png1.74 MB try-drupal-10.png1.77 MB try-drupal-11.png1.12 MB try-drupal-12.png1.1 MB try-drupal-13.png216.49 KB

There Will Be 22 Million Cord Cutters By 2018, Says Report

Slashdot -

A new report by eMarketer predicts that 22.2 million U.S. adults will have cut the cord on cable, satellite or telco TV service by the end of 2017, which is up 33% over 2016. It also notes that ad investment will expand just 0.5% to $71.65 billion this year, down from the $72.72 billion predicted in the company's original first quarter forecast for 2017. From a report via DSLReports: This year, there will be 22.2 million cord-cutters ages 18 and older, a figure up 33.2% over 2016. That's notably higher than the 15.4 million eMarketer previously estimated. The total number of U.S. adult cord-nevers (users that have never signed up for a traditional cable TV connection) will grow 5.8% this year to 34.4 million. Note that eMarketer's numbers don't include streaming options from the likes of Dish (Sling TV) or AT&T (DirecTV Now), though so far gains in subscribers for these services haven't offset the decline in traditional cable TV subscribers anyway.

Read more of this story at Slashdot.

Elon Musk Releases Supercut of SpaceX Rocket Explosions

Slashdot -

Eloking shares a report from HardOCP: Elon Musk is demonstrating how one should not land an orbital rocket booster: the video, currently trending on YouTube, is essentially a blooper reel of SpaceX rocket tests that went explosive. While the company has more or less perfected launching Falcon 9 rockets, it is still working hard on recovering as much of the multi-million-dollar system as possible.

Read more of this story at Slashdot.

Mystery of Sonic Weapon Attacks At US Embassy In Cuba Deepens

Slashdot -

An anonymous reader quotes a report from The Guardian: The blaring, grinding noise jolted the American diplomat from his bed in a Havana hotel. He moved just a few feet, and there was silence. He climbed back into bed. Inexplicably, the agonizing sound hit him again. It was as if he'd walked through some invisible wall cutting straight through his room. Soon came the hearing loss, and the speech problems, symptoms both similar and altogether different from others among at least 21 U.S. victims in an astonishing international mystery still unfolding in Cuba. The top U.S. diplomat has called them "health attacks." New details learned by the Associated Press indicate at least some of the incidents were confined to specific rooms or even parts of rooms with laser-like specificity, baffling U.S. officials who say the facts and the physics don't add up. Suspicion initially focused on a sonic weapon, and on the Cubans. Yet the diagnosis of mild brain injury, considered unlikely to result from sound, has confounded the FBI, the state department and U.S. intelligence agencies involved in the investigation. Some victims now have problems concentrating or recalling specific words, several officials said, the latest signs of more serious damage than the U.S. government initially realized. The United States first acknowledged the attacks in August -- nine months after symptoms were first reported.

Read more of this story at Slashdot.

Mind-Altering Cat Parasite Linked To a Whole Lot of Neurological Disorders

Slashdot -

schwit1 shares a report from ScienceAlert: The brain-dwelling parasite Toxoplasma gondii is estimated to be hosted by at least 2 billion people around the world, and new evidence suggests the lodger could be more dangerous than we think. While the protozoan invader poses the greatest risk to developing fetuses infected in the womb, new research suggests the parasite could alter and amplify a range of neurological disorders, including epilepsy, Alzheimer's, and Parkinson's, and also cancer. "This study is a paradigm shifter," says one of the team, neuroscientist Dennis Steindler from Tufts University. "We now have to insert infectious disease into the equation of neurodegenerative diseases, epilepsy, and neural cancers." The findings are part of an emerging field of research looking into how T. gondii, which is usually transmitted to humans via contact with cat faeces (or by eating uncooked meat), produces proteins that alter and manipulate the brain chemistry of their infected hosts.

Read more of this story at Slashdot.

Google Chrome Will No Longer Autoplay Content With Sound In January 2018

Slashdot -

Starting next year, Google Chrome will only autoplay a given piece of content when the media won't play sound or the user has indicated an interest in the media. The company was experimenting with such an option last month, but now it looks to be part of the browser's roadmap. VentureBeat reports: Chrome 63 will add a new user option to completely disable audio for individual sites. This site-muting option will persist between browsing sessions, allowing users to customize when and where audio will play. Chrome 64 will take the controls to the next level. By this version, Google's browser will allow autoplay to occur only when users want media to play. Here is Google's timeline for making autoplaying sound more consistent with user expectations in Chrome: September 2017: Site muting available in Chrome 63 Beta, begin collecting Media Engagement Index (MEI) data in Chrome 62 Canary and Dev; October 2017: Site muting available in Chrome 63 Stable, autoplay policies available in Chrome 63 Canary and Dev; December 2017: Autoplay policies available in Chrome 64 Beta; January 2018: Autoplay policies available in 64 Stable.

Read more of this story at Slashdot.

Credit Karma To Launch Free ID Monitoring Following Equifax Hack

Slashdot -

Credit Karma is launching a new free service that will alert customers if their identity data has been compromised in hacks, the San Francisco-based fintech company said on Friday in the wake of massive breach at credit monitoring agency Equifax. From a report: The new ID monitoring service is being tested and will be available in October, the company said on Friday. Similar to services offered by Symantec-owned LifeLock, CreditKarma will keep track of data breaches and tell customers if they are one of the victims. Customers can then check to use the company's credit monitoring services and flag suspicious activities. The company said it was accelerating the launch of the new service in response to the large data breach at Equifax, where thieves may have stolen personal information of 143 million Americans.

Read more of this story at Slashdot.

PewDiePie Is Inexcusable But DMCA Takedowns Are Not the Way To Fight Him

Slashdot -

An anonymous reader quotes a report from Motherboard: Felix Kjellberg, better known as PewDiePie, is the most popular YouTuber in the world. He's gotten himself into another controversy, this time for shouting the n-word while livestreaming a video game. The 27-year-old Swede has repeatedly been criticized for hate speech, and just last month said he would no longer make Nazi jokes after a white supremacist rally in Charlottesville, Virginia turned violent. But while playing PlayerUnknown's Battlegrounds on Sunday, Kjellberg, who has over 57 million subscribers on YouTube, called another player the n-word before erupting into laughter. "What a fucking n****r," he said. "Jeez, oh my god. What the fuck? Sorry, but what the fuck? What a fucking asshole. I don't mean that in a bad way." Kjellberg did not immediately respond to a request for comment, and has yet to publicly acknowledge the incident. In response to Kjellberg's use of a racial slur, a number of video game players and developers have condemned the creator. Sean Vanaman, the co-founder of video game company Campo Santo, decided to use copyright law to push back against Kjellberg. On Twitter, he said he was filing a Digital Millennium Copyright Act (DMCA) takedown request against the famous YouTuber regarding a video in which Kjellberg plays Campo Santo's game Firewatch. There are compelling reasons to [remove hate speech from major internet platforms] by any means necessary, but DMCA overreach is among the least compelling options, considering that it unilaterally puts power into the hands of what are essentially uninvolved parties and allows for little arbitration or defense on the part of those who have their content removed.

Read more of this story at Slashdot.

Warning: 'MetalKettle' Repository For Kodi Becomes Vulnerable After GitHub Takeover

Slashdot -

BrianFagioli shares a report from BetaNews: Unfortunately, there can apparently be security issues with repositories when they shut down. For example, when the metalkettle repo ended, the developer deleted its entry on GitHub. This in itself is not a cause for concern, but unfortunately, GitHub's allowance of project names to be recycled is. You see, someone re-registered the metalkettle name, making it possible for nefarious people to potentially serve up malware to Kodi users. The warning came from the metalkettle developer over on Twitter. He warns that devices with the repository installed could be in danger from a security standpoint. If a user was to search that repo, and the new owner of the GitHub name was to share malware, the user could assume it is safe and install it. We do not know 100 percent if the person that re-registered the metalkettle name on GitHub is planning anything evil, but it is better to be safe than sorry. If you still have the repository installed, you should remove it immediately. Not to mention, if you know someone using Kodi, such as a friend or family member, you should warn them too.

Read more of this story at Slashdot.

[$] Building an ARM64 laptop

LWN Headlines -

Processors based on the 64-bit ARM architecture have been finding their way into various types of systems, including mobile handsets and servers. There is a distinct gap in the middle of the range, though: there are no ARM64 laptops. Bernhard Rosenkränzer and a group of colleagues set out to change that situation by building such a laptop from available components. He showed up at the 2017 Open Source Summit North America to present the result.

Equifax Says Almost 400,000 Britons Hit In Data Breach

Slashdot -

MalachiK shares a report from the BBC: Data about British people "may potentially have been accessed" during the data breach at the U.S. credit rating firm Equifax. The UK arm of the organization said files containing information on "fewer than 400,000" UK consumers was accessed in the breach. In a statement, the UK office of Equifax said an internal investigation had shown that data on UK consumers was accessed during the hack. It said data on Britons was being held in the U.S. due to a "process failure" which meant that a limited amount of information was stored in North America between 2011 and 2016. The information held included names, dates of birth, email addresses and telephone numbers. No addresses, passwords or financial data was involved.

Read more of this story at Slashdot.

Pages

Subscribe to Heydon Consulting aggregator