Monthly Archives: June 2018

The Reason Linux Desktop Does Better

First and foremost, Linux is literally free. Neither the operating system nor any of the programs you run will cost you a dime. Beyond the obvious financial benefit of getting software for free, Linux allows users to be free by affording access to the basic tools of modern computer use — such as word processing and photo editing — which otherwise might be unavailable due to the cost barrier.

Microsoft Office, which sets the de facto standard formats for documents of nearly every kind, demands a US$70 per year subscription. However, you can run LibreOffice for free while still handling documents in all the same formats with ease.

Free software also gives you the chance to try new programs, and with them new ways of pursuing business and leisure, without their prospective costs forcing you to make a commitment.

Instead of painstakingly weighing the merits of Mac or Windows and then taking a leap of faith, you can consider a vast spectrum of choices offered by hundreds of distributions — basically, different flavors of Linux — by trying each in turn until you find the one that’s right for you.

Linux can even save money on hardware, as some manufacturers — notably Dell — offer a discount for buying a computer with Linux preinstalled. They can charge less because they don’t have to pass on the cost of licensing Windows from Microsoft.

 

You Can Make It Your Own

There is practically nothing in Linux that can’t be customized. Among the projects central to the Linux ecosystem are desktop environments — that is, collections of basic user programs and visual elements, like status bars and launchers, that make up the user interface.

Some Linux distributions come bundled with a desktop environment. Ubuntu is paired with the Unity desktop, for example. Others, such as with Debian, give you a choice at installation. In either case, users are free to change to any one they like.

Most distributions officially support (i.e., vouch for compatibility) dozens of the most popular desktops, which makes finding the one you like best that much simpler. Within the pantheon of desktops, you can find anything from glossy modern interfaces like KDE Plasma or Gnome, to simple and lightweight ones like Xfce and MATE. Within each of these, you can personalize your setup further by changing the themes, system trays and menus, choosing from galleries of other users’ screens for inspiration.

The customization possibilities go well beyond aesthetics. If you prize system stability, you can run a distribution like Mint, which offers dependable hardware support and ensures smooth updates.

On the other hand, if you want to live on the cutting edge, you can install an OS like Arch Linux, which gives you the latest update to each program as soon as developers release it.

Quantum Leap Could Redefine

No, I’m not talking about that Quantum Leap. IBM just made a really interesting announcement in that it is enhancing its online quantum computer systems with a new API and improving its simulator so it can handle 20 qubits.

While listening to the prebriefing was a bit like pretending I was Penny trying to understand Sheldon Cooper on Big Bang Theory, I think this move does showcase yet another huge approaching computing wave that could eclipse the one we currently are trying desperately, but largely failing, to ride.

I’ll share some thoughts on quantum computing and close with my product of the week: the Arlo Security Camera system from Netgear, which has to be the best comprehensive home security system in the market.

It is easy to get lost in the terminology surrounding quantum computing and glaze over. Basically, quantum computing is a revolutionary, not evolutionary, system that is pretty much indistinguishable from magic.

Let me give you an example. With a regular computing system at a machine language level you have 1s and 0s — an element is one or the other. With quantum computing, an element is both at the same time. This is like someone asking if your new car is black or white, and you can answer “yes” and be completely accurate.

In the world we think we live in, two opposites aren’t the same thing. In the quantum world, they sort of are. The most sick — or fun — explanation for this is Schrodinger’s cat (here’s a TED video about it), which is about how a cat who died in a closed box exists as both living and dead until the box is opened. Schrodinger supposedly was so disturbed about his analysis that he decided to abandon quantum physics and take up biology. I’m guessing talking smack about cats forced a career change.

When we currently talk about parallel computing, we talk about taking a single program, breaking it up into parts, and then executing it to get around the limitations of Moore’s law and avoiding the need to have a processor in our computer running hotter than the core of the sun. That gives you speed without heat.

With quantum computing, things happen pretty much at the same time. Because elements can be both things at once, things basically can happen instantly — not sequentially –so the potential speed of solving a problem approaches instant.

The example of a practical application I was given years ago was decrypting the most secure data file. Traditional computing might take years, but true quantum computing only seconds (which would be required to interpret the results, not get them in the first place). Effectively, it should blow away any concept we have of speed.

The damn things even look weird, more like a cross between a traditional computer and something from the steampunk dimension.

It’s not just that it would be hard to understand a quantum computer — think what a nightmare it would be to program one or interface with the result.

Increase the safety of users

Twitter on Wednesday announced that over the next few months it will roll out changes designed to increase the safety of users:

  • Its algorithms will help identify accounts as they engage in abusive behavior, so the burden no longer will be on victims to report it;
  • Users will be able to limit certain account functionality, such as letting only followers see their tweets, for a set amount of time;
  • New filtering options will give users more control over what they see from certain types of accounts — such as those without profile pictures, or with unverified email addresses or phone numbers; and
  • New mute functionality will let users mute tweets from within their home timelines, and decide how long the content will be muted.

Twitter also will be more transparent about actions it takes in response to reports of harassment from users.

“These updates are part of the ongoing safety work we announced in January, and follow our changes announced on February 7,” a Twitter spokesperson said in a statement provided to TechNewsWorld by Liz Kelley of the company’s communications department.

A Fine Balance

“We’re giving people the choice to filter notifications in a variety of ways, including accounts who haven’t selected a profile photo or verified their phone number or email address,” the spokesperson noted.

The feature is not turned on by default but provided as an option.

Still, suggesting special handling for accounts without a profile picture — known as “eggs” because of the ovoid shape of the space left for the picture — and those without an email address or phone number could pose a privacy dilemma.

Twitter “is walking a fine line here between censorship and useful communication,” observed Michael Jude, a program manager at Stratecast/Frost & Sullivan.

 

Making the Internet Safe for Tweeters

Twitters’ ongoing efforts to curb abuse show that the company is “aware they have a serious problem, and what they’ve done so far is less than adequate,” remarked Rob Enderle, principal analyst at the Enderle Group.

Previous attempts ” were pretty pathetic, really, and Twitter needed to do something more substantive,” he told TechNewsWorld. “This seems to be far more substantive.”

Still, the new measures “don’t address the cause of the behavior — and until someone does, they will only be an increasingly ineffective Band-Aid,” Enderle cautioned.

 

No Place for the Timid

The latest tools may be successful at first, but “people will find ways around them,” Frost’s Jude told TechNewsWorld.

Twitter’s approach “is purely defensive,” he said. “It ought to just open up its space with the appropriate disclaimers; that would be easier and cheaper, and people who are easily offended would be put on notice that Twitter isn’t a safe space.”

Work Into Social Networking

Jobs will appear in users’ News Feeds and also will be listed on individual businesses’ pages. Users can click on the Apply Now button to trigger the prepopulation of their personal information, but they will be able to review and edit that information before submitting their application.

Over the next few weeks, companies in the U.S. and Canada will be able to list jobs on their own pages and users will be able to find job listings at Jobs on Facebook.

It is not clear how Facebook intends to monetize the job listings. For example, will there be specific job-related charges for listing jobs? Will there be remuneration if a company fills a particular job through a Facebook ad?

Direct Competitors

The new functionality is certain to place Facebook into direct competition with LinkedIn for corporate users and individual job seekers. LinkedIn, which Microsoft last year acquired for US$26.2 billion, is the leading social media site for networking and job searching in the U.S., by many accounts.

Unlike Facebook, LinkedIn charges monthly subscription fees for job search services, depending on the level of functionality the user desires in terms of networking, contacting recruiters and accessing messaging functions.

Facebook also will be in indirect competition with websites such as Indeed, Monster, Craigslist and others that target job seekers.

“Social media is the new frontier for marketing and sales,” said Michael Jude, a program manager at Stratecast/Frost & Sullivan.

“By tapping into their employees’ social media experiences, companies can leverage their professional contacts to reach a wider audience,” he told TechNewsWorld.

Privacy Jitters

A major test for Facebook’s new job search capabilities is whether users will feel comfortable combining their social media activity with professional job searching, warned Zach Fuller, paid content analyst at Midia Research.

Security considerations likely will give some users pause when it comes to allowing potential employers to access their private information.

“Whether consumers are comfortable merging the work and social aspects of their lives will prove to be the critical factor, particularly given the potential privacy issues,” Fuller told TechNewsWorld.

However, “throughout every step in job posting, searching and application, people can control how much, or how little of their information is shared with potential employers and their friends,” Facebook spokesperson Emilie Fetterley told TechNewsWorld.

Thwarting API

A new tool is available to check the persistent harassment of online trolls. Google’s Jigsaw think tank last week launched Perspective, an early stage technology that uses machine learning to help neutralize trolls.

Perspective reviews comments and scores them based on their similarity to comments people have labeled as toxic, or that are likely to result in someone leaving a conversation.

Publishers can select what they want to do with the information Perspective provides to them. Their options include the following:

  • Flagging comments for their own moderators to review;
  • Providing tools to help users understand the potential toxicity of comments as they write them; and
  • Letting readers sort comments based on their likely toxicity.

Forty-seven percent of 3,000 Americans aged 15 or older reported experiencing online harassment or abuse, according to a survey Data & Society conducted last year. More 70 percent said they had witnessed online harassment or abuse.

Perspective got its training through an examination of hundreds of thousands of comments labeled by human reviewers who were asked to rate online comments on a scale from “very toxic” to “very healthy.”

Like all machine learning applications, Perspective improves as it’s used.

Partners and Future Plans

A number of partners have signed on to work with Jigsaw in this endeavor:

  • The Wikimedia Foundation is researching ways to detect personal attacks against volunteer editors on Wikipedia;
  • The New York Times is building an open source moderation tool to expand community discussion
  • The Economist is reworking its comments platform; and
  • The Guardian is researching how best to moderate comment forums, and host online discussions between readers and journalists.

Jigsaw has been testing a version of this technology with The New York Times, which has a team sifting through and moderating 11 thousand comments daily before they are posted.

Jigsaw is working to train models that let moderators sort through comments more quickly.

The company is looking for more partners. It wants to deliver models that work in languages other than English, as well as models that can identify other characteristics, such as when comments are unsubstantial or off-topic.

Cybersecurity Warriors

“Today’s sophisticated cybersecurity threats attack on multiple fronts to conceal their activities, and our security analysts face the difficult task of pinpointing these attacks amongst a massive sea of security-related data,” noted Sean Valcamp, chief information security officer at Avnet, an early tester of the Watson for Cyber Security system.

“Watson makes concealment efforts more difficult by quickly analyzing multiple streams of data and comparing it with the latest security attack intelligence to provide a more complete picture of the threat,” he said.

“Watson also generates reports on these threats in a matter of minutes, which greatly speeds the time between detecting a potential event and my security team’s ability to respond accordingly,” Valcamp added.

Only 7 percent of security pros currently use cognitive tools in their workflow, but that is changing, according to IBM, which expects usage to triple in the next two to three years.

That’s because as more and more devices come online, they create a burden on security teams they won’t be able to handle without the help an AI like Watson.

“The attack surface for the attacker is mushrooming,” Kennelly said. “Tools like Watson can help defend against those expanding attack patterns.”

 

Voice-Powered Security Assistant

IBM also announced the Havyn Project, which is developing a new voice-powered security assistant to work with Watson’s data.

Personal Cargo Robots

Welcome to Gadget Dreams and Nightmares, the column that occasionally stops gaping at contentious Senate confirmation hearings and votes to peruse the latest gadget announcements.

This time around, we’re looking at some of the gadgets that perhaps got a little lost in the noise after CES in January but caught our eye, for better or worse. Among them are a 4-D arcade machine and a robot designed to carry all the things you don’t want to.

As ever, dear readers, this is not a review column, in part because these products have yet to reach the public sphere, but mostly because the chances of my actually ever using said products are slim. The ratings relate only to how much I’d like to try them, should the stars align.

Reality Bites

Regular readers will know that I’ve played games my entire life. I hold deep reverence for the care and attention that go into creating these experiences, and I’ve rarely met a game I didn’t want to conquer.

Yet I am nervous about virtual reality. I’ve tried it and found those disorientating worlds difficult to handle, though I suspect that over time I could grow more accustomed to it. I doubt I could say the same for an arcade machine that both locks me into a VR world and pelts me with physical stimuli.

Koei Tecmo Wave’s VR Sense machine is a virtual reality arcade cabinet that houses you and subjects you to what I can only imagine is sheer torture. It has what Koei Tecmo Wave calls a “3D seat,” which attempts to draw players further into the games through touch, movement, aroma, wind, and temperature and precipitation changes. It’s not completely clear as yet whether you have to wear a headset for the full VR effect.

It’s launching with three games: a horse-riding simulator, a version of Koei Tecno Wave’s Dynasty Warrior franchise (with a stab at replicating in-game flames while you swelter in your moving chair), and a horror game.

I enjoy horror titles. However, I’d be less likely to welcome a VR horror game, as I’d probably come close to having a heart attack or three. There’s next to no chance I’d ever try Horror Sense.

That’s in large part due to the game apparently mimicking bugs falling from the ceiling and critters scuttling along the floor. I have a lot of questions about this, but ultimately, I’d tear off a VR headset in a second if I thought there were bugs falling on me while playing. No thank you, ma’am.

Bug in the Bud

“This happened in response to a very small number of requests in the Cloudflare system — about 1 in 3.3 million,” a Cloudflare spokesperson said in a statement provided to TechNewsWorld by company rep Katie Warmuth.

Some of that data had been cached by search engines.

Cloudflare reviewed the available related cached information and “took comprehensive steps to clean up any residual material found in storage caches,” the spokesperson noted.

Cloudflare found that data for about 150 of its 6 million customers had been impacted.

The company has reached out to “a number of search engines to review and remediate the information in their caches,” the spokesperson said.

All identified episodes have been cleaned, and Cloudflare continues to work to confirm whether other residue persists.

There are at least 16 other search engines on the Web apart from Google, including Bing and Duck Duck Go.

What Happened

Tavis Ormandy, a vulnerability researcher with Google’s Project Zero, notified Cloudflare about the problem on Feb. 17. The memory leak occurred from September to Feb. 18, with the greatest period of impact being from Feb. 13-18.

A bug in Cloudflare’s Ragel-based parser was the cause. It had been dormant for years, but came alive last year, when Cloudflare began replacing the Ragel-based parser with a new one it wrote, named “cf-html.”

The switchover subtly changed the buffering, which enabled the leakage.

The problem lay with Cloudflare’s implementation of the Ragel-based parser it was using, and not with the parser itself or with cf-html.

When it learned of the problem, Cloudflare turned off three features — email obfuscation, Server-side Excludes and Automatic HTTPS Rewrites — that used the parser chain causing the leakage.

The Email Obfuscation feature, which was changed on Feb. 13, was the primary cause of the leaked memory, Cloudflare’s Graham-Cumming said.

Cloudflare worked with Google and other search engines to remove any cached HTTP responses.

The initial mitigation took 47 minutes, and the team completed global mitigation in less than seven hours. The industry standard is usually three months, Graham-Cumming noted.

Cloudflare “responded incredibly swiftly and effectively to identify and remediate the bug, and work with search engines around the world to purge any sensitive data cached by their crawlers before it could be exposed to the public,” Tripwire Principal Security Researcher Craig Young told TechNewsWorld.

 

The Gravity of the Problem

“We realize that this was a very serious bug and that we dodged a bullet in that [it] did not lead to more problems than it did,” the Cloudflare spokesperson remarked.

Cloudflare hasn’t discovered any evidence of malicious exploits of the bug or other reports of its existence.

That “is not the same as saying [the bug] was not exploited,” remarked James Scott, senior fellow at the Institute for Critical Infrastructure.

“It just means that no exploitation was detected,” he told TechNewsWorld.

That said, “the effectual security impact would have been limited unless an adversary consistently collected information for a prolonged period of time,” Scott added, “because the captured information would be a virtual grab-bag.”

That would be a “really inefficient and cumbersome” approach, he said.

More Women in Tech

riana Gascoigne is the founder and CEO of Girls in Tech, a global nonprofit organization whose mission is to “engage, educate, and empower girls who are passionate about technology.”

Girls in Tech CEO Adriana Gascoigne

Founded in 2007, Girls in Tech claims 60 chapters with upwards of 50,000 members worldwide. The organization’s focus is not just on women in professional roles. It also offers support to anyone with an interest in technology, providing women with a platform for growth in the field.

In this exclusive interview, Gascoigne speaks to TechNewsWorld about he organization’s purpose, its accomplishments thus far, and its future hopes and plans.

 

Adriana Gascoigne: I was working at a startup and was one of very few women there. I’d look around the room every day and see that there was a huge problem of representation. I knew we needed to change the culture of the company to recruit more women and benefit more women, but we also needed diversity in product development.

If you have a diverse team, your product is going to be more successful. I think having a diverse group of people helps you to make a better product in the end, and I was striving to create a more diverse team so our customers could benefit from the end product.

The mission of Girls in Tech is still the same. Our tenets are empowerment, engagement, and education of women in STEM and tech. We focus on providing skills and a network so that women can succeed in whatever they want to do.

We want to serve as a support network, and provide advanced skills and a learning environment, so women can be exposed to different opportunities throughout their careers.

A woman’s career trajectory takes many different paths. We want to make sure that we have the resources, educational platforms and network to support women at many different stages of their career, and that they have the mentors and role models to follow.