Copy Link
Add to Bookmark
Report
Atari Online News, Etc. Volume 17 Issue 23
Volume 17, Issue 23 Atari Online News, Etc. June 19, 2015
Published and Copyright (c) 1999 - 2015
All Rights Reserved
Atari Online News, Etc.
A-ONE Online Magazine
Dana P. Jacobson, Publisher/Managing Editor
Joseph Mirando, Managing Editor
Rob Mahlert, Associate Editor
Atari Online News, Etc. Staff
Dana P. Jacobson -- Editor
Joe Mirando -- "People Are Talking"
Michael Burkley -- "Unabashed Atariophile"
Albert Dayes -- "CC: Classic Chips"
Rob Mahlert -- Web site
Thomas J. Andrews -- "Keeper of the Flame"
With Contributions by:
Fred Horvat
To subscribe to A-ONE, change e-mail addresses, or unsubscribe,
log on to our website at: www.atarinews.org
and click on "Subscriptions".
OR subscribe to A-ONE by sending a message to: dpj@atarinews.org
and your address will be added to the distribution list.
To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE
Please make sure that you include the same address that you used to
subscribe from.
To download A-ONE, set your browser bookmarks to one of the
following sites:
http://people.delphiforums.com/dpj/a-one.htm
Now available:
http://www.atarinews.org
Visit the Atari Advantage Forum on Delphi!
http://forums.delphiforums.com/atari/
=~=~=~=
A-ONE #1723 06/19/15
~ Cardinals Hack Astros! ~ People Are Talking! ~ PS, Xbox Pre-E3 News
~ Shake-up at Microsoft! ~ Mac Keychain Major Flaw! ~ Emoji in Passwords?
~ Google vs Revenge Porn ~ Apple's New 'El Capitan' ~ New Bethesda Fallout!
-* Net Neutrality Complaint Soon *-
-* 80s Computer Controls GRPS Heat, AC *-
-* Data Breach Tied to Chinese Intelligence *-
=~=~=~=
->From the Editor's Keyboard "Saying it like it is!"
""""""""""""""""""""""""""
It's been another one of those weeks! As the weather gets better
(Summer officially starts Sunday!), the news seems to start to slow
down. Well, news that has a technology flavor that might interest
you and I! I'm sure that you've had your fill of the "real" news,
so I won't delve into it this week.
Oh, and before I forget, Happy Father's Day to all of you to whom
it applies!
Until next time...
=~=~=~=
1980s Computer Controls GRPS Heat and AC
A 30-year-old computer that has run day and night for decades is what
controls the heat and air conditioning at 19 Grand Rapids Public Schools.
The Commodore Amiga was new to GRPS in the early 1980s and it has been
working tirelessly ever since. GRPS Maintenance Supervisor Tim Hopkins
said that the computer was purchased with money from an energy bond in
the 1980s. It replaced a computer that was about the size of a
refrigerator.
The computer is responsible for turning the heat and the air conditioners
on and off for 19 school buildings.
The system controls the start/stop of boilers, the start/stop of fans,
pumps, [it] monitors space temperatures, and so on, Hopkins explained.
A Kentwood High School student programmed it when it was installed in the
1980s. Whenever the district has a problem with it, they go back to the
original programmer who still lives in the area.
Parts for the computer are difficult to find, Hopkins said. It is on its
second mouse and third monitor.
Its a very unique product. It operates on a 1200-bit modem, said
Hopkins. How it runs, the software that its running, is unique to
Commodore.
Hopkins said the system runs on a radio frequency that sends a signal to
school buildings, which reply within a matter of seconds with the status
of each building. The only problem is that the computer operates on the
same frequency as some of the walkie-talkies used by the maintenance
department.
Because they share the same frequency as our maintenance communications
radios and operations maintenance radios it depends on what were doing
yes, they do interfere, Hopkins said.
If that happens, we have to clear the radio and get everyone off of it
for up to 15 minutes.
If the computer stopped working tomorrow, a staff person would have to
turn each buildings climate control systems on and off by hand.
A new, more current system would cost between $1.5 and 2 million. If
voters pass a $175 million bond proposal in November, the computer is on
the list of things to be replaced.
It wasnt replaced with money from the 2011 Warm Safe and Dry bond
because it just didnt rise to the top of the list.
Theres a lot of projects, a lot of needs in the district, so theres
other priorities we have to put in place ahead of this, Hopkins said.
This system is still running.
Bringing Stocking Elementary out of moth balls, replacing boilers and
roofs, and removing asbestos were just some of the projects GRPS put on
the Warm, Safe and Dry list before the Commodore computer.
=~=~=~=
->In This Week's Gaming Section - Xbox, PlayStation Present New Games Ahead of E3!
""""""""""""""""""""""""""""" New 'Fallout' Builds Bethesda Video Game Muscle!
=~=~=~=
->A-ONE's Game Console Industry News - The Latest Gaming News!
""""""""""""""""""""""""""""""""""
Xbox, PlayStation Present New Games Ahead of E3 Conference
Videogame console titans Microsoft and Sony vied for attention ahead of
the industry's annual E3 conference, giving fans sneak peeks of the latest
Xbox and PlayStation games.
Microsoft also told gamers that new Xbox One consoles would have
"backward compatibility", meaning they will also be able to play games
made for the older Xbox 360.
Fans were shown clips of upcoming Xbox games - "Halo 5: Guardians", "Rise
of the Tomb Raider" and "Gears of War" - at an event at the University of
Southern California Galen Center on Monday.
Meanwhile Sony unveiled the newest games for its PlayStation 4 including
"The Last Guardian" and "Horizon: Zero Dawn", at a separate event in Los
Angeles.
It also told fans a deal with Activision would allow PS4 owners to be the
first to play the upcoming "Call of Duty: Black Ops III" this summer.
The two console makers held the events ahead of the Electronic
Entertainment Expo (E3), which took place on June 16-18 at the Los
Angeles Convention Center.
New 'Fallout' Builds Bethesda Video Game Muscle
Bethesda Software unveiled the latest installment of its "Fallout" video
game franchise late Sunday, flaunting a new line-up of powerhouse sequels
to its blockbuster hits.
The US video game publisher showed off the keenly awaited "Fallout 4" at
its first-ever Electronic Entertainment Expo (E3) media event in the
Dolby Theatre.
It also released a free "Fallout Shelter" spin-off game in Apple's online
App Store.
"Fallout 4" opens with scenes showing a young family in a setting that
blends 1950s America with the future.
Nuclear bomb blasts send people racing for shelter, and the main character
becomes the sole survivor, emerging two centuries after the devastation.
A collector version of the game comes with a real-life Pip-Boy wrist-wear
device, a gadget well-known by fans of "Fallout."
The wearable Pip-Boy is designed to hold smartphones, and there will be an
application to make it an extension of the game, according to Bethesda
game studios director Todd Howard.
"Fallout 4" will be released on November 10, with versions of the game
tailored for play on Xbox One and PlayStation 4 consoles as well as on
personal computers powered by Windows software.
Bethesda also gave a preview of "Doom" and "Dishonored 2" video games that
are slated for release early next year.
The "Dishonored" sequel will let players return to roles as supernatural
assassins.
In "Doom," players take on the challenge of wiping out powerful demons in
a research facility on Mars.
"The foundation of any 'Doom' experience is centered around bad-ass
demons, big guns and moving really fast," executive producer Marty
Stratton said.
The Bethesda event gave an unofficial start to E3, the video game
industry's biggest trade show, which officially opens on Tuesday in the
Los Angeles Convention Center.
Blockbuster video games will be the main attraction, but in the wings
attention will go to the promise of stepping into the games virtually and
streaming them as spectator sport.
"Like every year, E3 will be about the marquee video game titles that
will take the world by storm," TechSavvy analyst Scott Steinberg told
AFP on Saturday.
"But, there are side battles going on."
Analysts expect this E3 to be a coming-of-age of sorts for virtual
reality, which has been around for decades but remained an unfulfilled
promise for gamers eager to immerse themselves in fantasy worlds.
Meanwhile Google-owned YouTube will be facing off with Amazon-owned
Twitch, by previewing a version of its video-sharing platform tailored
for gamers.
San Francisco-based Twitch, which allows viewers to watch other people's
live-streamed games, plans to live-stream press conferences, demos and
interviews at E3.
In keeping with years past, the day before E3 officially opens will be
packed with theatrical media events revealing scenes from new versions of
much-loved games on Xbox One, PlayStation 4 or Wii U consoles.
Winning game franchises getting new installments will include "Batman,"
"Assassin's Creed," "Mass Effect" and "Call of Duty."
=~=~=~=
A-ONE's Headline News
The Latest in Computer Technology News
Compiled by: Dana P. Jacobson
U.S. Employee Data Breach Tied to Chinese Intelligence
The Chinese hacking group suspected of stealing sensitive information
about millions of current and former U.S. government employees has a
different mission and organizational structure than the military hackers
who have been accused of other U.S. data breaches, according to people
familiar with the matter.
While the Chinese People's Liberation Army typically goes after
defense and trade secrets, this hacking group has repeatedly accessed
data that could be useful to Chinese counter-intelligence and internal
stability, said two people close to the U.S. investigation.
Washington has not publicly accused Beijing of orchestrating the data
breach at the U.S. Office of Personnel Management (OPM), and China has
dismissed as "irresponsible and unscientific" any suggestion that it was
behind the attack.
Sources told Reuters that the hackers employed a rare tool to take
remote control of computers, dubbed Sakula, that was also used in the
data breach at U.S. health insurer Anthem Inc last year.
The Anthem attack, in turn, has been tied to a group that security
researchers said is affiliated with China's Ministry of State Security,
which is focused on government stability, counter-intelligence and
dissidents. The ministry could not immediately be reached for comment.
In addition, U.S. investigators believe the hackers registered the
deceptively named OPM-Learning.org website to try to capture employee
names and passwords, in the same way that Anthem, formerly known as
Wellpoint, was subverted with spurious websites such as We11point.com,
which used the number "1" instead of the letter "l".
Both the Anthem and OPM breaches used malicious software
electronically signed as safe with a certificate stolen from DTOPTOOLZ Co,
a Korean software company, the people close to the inquiry said. DTOPTOOLZ
said it had no involvement in the data breaches.
The FBI did not respond to requests for comment. People familiar with
its investigation said Sakula had only been seen in use by a small number
of Chinese hacking teams.
"Chinese law prohibits hacking attacks and other such behaviors which
damage Internet security," China's Foreign Ministry said in a statement.
"The Chinese government takes resolute strong measures against any kind
of hacking attack. We oppose baseless insinuations against China."
Most of the biggest U.S. cyber attacks blamed on China have been
attributed, with varying degrees of certitude, to elements of the Chinese
army. In the most dramatic case two years ago, the U.S. Justice Department
indicted five PLA officers for alleged economic espionage.
Far less is known about the OPM hackers, and security researchers have
differing views about the size of the group and what other attacks it is
responsible for.
People close to the OPM investigation said the same group was behind
Anthem and other insurance breaches. But they are not yet sure which part
of the Chinese government is responsible.
"We are seeing a group that is only targeting personal information,"
said Laura Gigante, manager of threat intelligence at FireEye Inc, which
has worked on a number of the high-profile network intrusions.
CrowdStrike and other security companies, however, say the Anthem
hackers also engaged in stealing defense and industry trade secrets.
CrowdStrike calls the group "Deep Panda," EMC Corp's RSA security
division dubs it "Shell Crew," and other firms have picked different
names.
The OPM breach gave hackers access to U.S. government job applicants'
security clearance forms detailing past drug use, love affairs, and
foreign contacts that officials fear could be used for blackmail or
recruiting.
In contrast to hacking outfits associated with the Chinese army, "Deep
Panda" appears to be affiliated with the Ministry of State Security, said
CrowdStrike co-founder Dmitri Alperovitch.
Information about U.S. spies in China would logically be a top
priority for the ministry, Alperovitch said, adding that "Deep Panda's"
tools and techniques have also been used to monitor democracy protesters
in Hong Kong.
An executive at one of the first companies to connect the Anthem and
OPM compromises, ThreatConnect, said the disagreements about the
boundaries of "Deep Panda" could reflect a different structure than that
in top-down military units.
"We think it's likely a cohort of Chinese actors, a bunch of
mini-groups that are handled by one main benefactor," said Rich Barger,
co-founder of ThreatConnect, adding that the group could get software
tools and other resources from a common supplier.
"We think this series of activity over time is a little more
distributed, and that is why there is not a broad consensus as to the
beginning and end of this group."
FCC Could Get First Net Neutrality Complaint Soon
The Federal Communications Commission's new Net neutrality rules have
been in effect for less than a week, and the agency is about to receive
its first formal complaint from a company alleging harm.
Commercial Network Services, a San Diego-based company that operates
webcams and streams live video feeds, said it will soon file a formal
complaint against cable giant Time Warner Cable for charging it to
deliver its streaming videos to its broadband customers, according to
Barry Bahrami, CEO of the company. The Washington Post first reported
the news of the complaint.
Bahrami accuses Time Warner Cable of "double dipping" by charging its
broadband customers for access to the Internet and also charging
companies, like Commercial Network Services, for delivering video to
consumers who subscribe to Time Warner Cable's broadband service.
Because Commercial Network Services has refused to pay the additional fee
that Time Warner Cable is charging it to send traffic to its customers,
Bahrami says that Time Warner Cable is directing Commercial Network
Services' traffic through a congested connection that serves Time Warner's
broadband customers. Bahrami says by doing this Time Warner Cable is
severely degrading the quality of its streams, such as the San Diego Web
Cam, which offers live streaming of the San Diego harbor.
"This could all be changed in a few minutes if it were not for Time Warner
greed," he said.
Once filed, Commercial Network Services' complaint will be the first
formal complaint that the FCC has received since its Net neutrality rules
went into effect last week. Net neutrality is the principle that all
Internet traffic be treated equally and that wireless carriers and
Internet service providers not put businesses or customers at a
disadvantage.
Earlier this year, the FCC passed new rules to protect Net neutrality to
replace rules that had been thrown out by a federal court in January 2014.
As part of the new rules, the FCC expanded the scope of Net neutrality and
in addition to formulating clear cut "bright line" rules that prevent
broadband providers from blocking or slowing down traffic and prevents
them from charging for so called "fast lanes," the new rules also for the
first time allow the FCC to determine if commercial deals between private
companies exchanging Internet traffic are "fair and reasonable" or whether
these deals could harm consumers' access to the Internet.
Instead of applying blanket restrictions on companies exchanging Internet
traffic as the agency has in the "bright line" rules, the FCC will examine
disputes over Internet "interconnection" on a case-by-case basis. While
the FCC's ruling from one case to another could vary, how the agency
handles this first complaint once it's filed could give broadband and
other Internet companies a better sense of how far the FCC will go in
terms of regulating the Internet.
The dispute is similar to disagreements that streaming video provider
Netflix has had with other broadband providers Comcast and Verizon.
Netflix's CEO Reed Hastings publicized the disputes his company had with
these two broadband providers last year. As a result, the FCC expanded
the scope of its Net neutrality rules to include a provision that
allowed it to examine these deals more closely.
In a separate Net neutrality development today, the FCC said it plans to
impose a fine up to $100 million fine on AT&T for allegedly misleading
customers who subscribe to its unlimited data plans. The FCC has accused
AT&T of violating the transparency rule of the agency's Net neutrality
regulation. The transparency rule was the only part of the FCC's original
2010 Open Internet order that was not thrown out when the court ruled
against the FCC in 2014.
Critics, who oppose the FCC's new rules, say the FCC has overstepped its
authority by even examining commercial agreements between companies
exchanging Internet traffic. They fear the agency could try to use its
authority to set rates on services or take other actions that could
stifle competition.
FCC Chairman Tom Wheeler has denied that this is the agency's aim. While
defending the new rules in front of a congressional hearing in March, he
said he looked forward to getting a Net neutrality complaint filed under
this new complaint process so that he could show critics how high the the
FCC has set the bar for intervening in such commercial deals.
Commercial Network Services hasn't yet filed its formal complaint with
the FCC, but Bahrami said the paperwork will be filed in the next few
days.
The FCC declined to comment.
Time Warner Cable said in a statement that it is not violating the FCC's
rule. It claims it does not charge companies exchanging traffic with it
to pay fees so long as the amount of traffic the companies exchange is
roughly equal. It said that under its policy, Commercial Network Services
does not qualify for such an arrangement.
It also denies that it is deliberating slowing down the company's traffic
to its broadband customers. And Time Warner Cable is confident the FCC
will side with it in this dispute.
"Time Warner Cable's interconnection practices are not only 'just and
reasonable' as required by the FCC, but consistent with the practices of
all major ISPs and well-established industry standards," the company said
in its statement.
Nadella Conducts Biggest Microsoft Revamp Since Taking Over
Former Nokia chief executive Stephen Elop is set to leave Microsoft as
part of the most extensive executive reshuffle since Satya Nadella
pipped him to the top job at the software company early last year.
The changes announced Wednesday, which include the departures of other
close allies of former chiefs Steve Ballmer and Bill Gates, also
reflected a move by Mr Nadella to shore up two of its underperforming
businesses.
Mr Elop played a controversial role in Nokia's exit from the mobile
handset industry it once dominated, and has done little to rejuvenate
Microsoft's own hopes of getting a stronger foothold in the mobile
computing industry now dominated by Apple and Google.
A former rising star at the software company, he quit to head the Finnish
mobile telecoms company in 2010 and presided over a collapse in its sales
before selling the handset division to Microsoft and rejoining the US
group.
In an email to staff, Mr Nadella said Mr Elop was leaving as the result
of an organisational reshuffle that would see the devices division he
heads folded into the larger Windows group.
Others poised to leave in the coming months include Mark Penn, a former
political pollster for the Clinton White House who had been a long-time
adviser to Mr Gates and was brought in by Mr Ballmer as head of marketing.
He became best known for a series of barbed commercials attacking Google,
before being sidelined in an earlier reshuffle a year ago.
Separately, Mr Penn announced that he would head a new private equity firm
that had raised $US250 million to invest in areas such as digital
marketing, with Mr Ballmer listed as a "core investor".
Eric Rudder, one of Microsoft's most senior technical executives and a
protege of Mr Gates, would also leave after a transitional period, the
company said. Mr Rudder had once been seen as a potential candidate to
follow Mr Gates as Microsoft's top technical leader. Like Mr Penn,
however, he had been left without direct responsibilities over any of
Microsoft's main businesses after a 2013 reassignment into a strategy
role.
While Mr Nadella has made several other senior leadership appointments
since taking over, the delay of nearly a year-and-a half in pushing
through a broader reshuffle and the departure of executives who had been
closely associated with Microsoft's former leadership marks an unusually
long time for such a housecleaning. Microsoft often waits until around
the end of its fiscal year, which takes place this month, to make
executive or other strategic changes.
The moves included folding another underperforming division, the Dynamics
business applications unit, into the larger cloud and enterprise group.
Kirill Tatarinov, head of the Dynamics applications business, would also
leave, Microsoft said. The restructuring follows reports that Mr Nadella
at one point weighed the idea of a giant acquisition of Salesforce.com to
strengthen Microsoft's position in applications delivered from the cloud,
before dropping the idea.
Mr Nadella painted the moves as part of an intensified effort to align the
company's engineering groups around its core product areas, rather than a
sign of any strategic change.
Google To Remove 'Revenge Porn' From Search Results
In a significant step to combat "revenge porn," Google will honor requests
to remove from search results nude or sexually explicit images posted on
the Internet without consent.
Google says it will remove the search results the same way it does other
sorts of highly sensitive personal information such as bank account
numbers and Social Security numbers.
"Our philosophy has always been that search should reflect the whole Web,"
Amit Singhal, senior vice president of Google Search said in a blog post
provided to USA TODAY. "But revenge porn images are intensely personal
and emotionally damaging, and serve only to degrade the victim
predominantly women."
Victims will be able to submit requests through an online form in coming
weeks, Google said.
"We know this won't solve the problem of revenge porn we aren't able,
of course, to remove these images from the websites themselves but we
hope that honoring people's requests to remove such imagery from our
search results can help," Singhal wrote.
University of Maryland law professor Danielle Citron, an expert in online
harassment and author of Hate Crimes in Cyberspace, applauded the move.
The search engine used the world over has unparalleled influence over
what people can and cannot find on the Internet.
Google and other technology companies have come under growing public
pressure to take down intimate photos posted without the subject's
consent and remove links to that content.
Rep. Jackie Speier (D-Calif.) is about to introduce federal legislation
that would ban revenge porn. Comedian John Oliver is planning to feature
the subject Sunday on his HBO show Last Week Tonight.
"What we have seen in the last six months is this public consciousness
about the profound economic and social impact of that posting nude images
without someone's consent and often in violation of their trust can have
on people's lives," Citron said. "What victims will often tell you and
what they tell me is that what they want most is not to have search
results where their employers, clients and colleagues can Google them and
see these nude photos. It's not just humiliating, it wrecks their chances
for employment. It makes them undatable and unemployable."
She says Google's decision is consistent with its policies.
"Some special narrow categories of sensitive personal information have no
value to public debate and exact serious harm," Citron said.
Google usually only removes search results with a valid legal request. It
makes an exception for images of child sexual abuse and sensitive
information such as bank account numbers and signatures.
In Europe, under the right to be forgotten law, Google has removed nearly
1 million links. The ruling gives European residents the ability to demand
that search engines remove links that appear in searches for an
individual's name, but so far only in Europe.
"Google has long been hesitant to mess with its search results and there
are some good reasons for that. If you pull out one kind of content, other
people will want you to pull out another kind of content and it can become
a slippery slope," said Danny Sullivan, founding editor of
SearchEngineLand.com. "Having said that, this is one of those cases where
I think people would nod in agreement that yes, this is terrible, this
stuff should be removed."
Sullivan said Google's decision could have a deterrent effect.
"If it's not in Google, does it actually exist? The answer is yes, it does
exist but it's a heck of a lot harder to find. Even this won't make it
impossible but it does make it more difficult and, when it's more
difficult, it makes it less attractive for people to do this kind of
behavior."
Yet for years there was little anyone could do when intimate photos
appeared online.
Under a federal Internet law passed in 1996, Internet providers and
websites aren't legally responsible for third party content posted by
users as long as that content does not violate intellectual property laws
or federal criminal laws.
But government officials are now going after people who leak the images
and the web sites that profit from them.
New Jersey passed the first law addressing revenge porn in 2004. Since
then, 18 states have passed laws criminalizing revenge porn the most
recent law was signed this week by Vermont governor Peter Shumlin.
The Federal Trade Commission has also started cracking down. Earlier this
year it announced a settlement with the operator of an alleged revenge
porn site that banned him from publishing nude pictures of people without
their consent and required him to destroy the photo collection.
With the growing backlash against revenge porn, technology companies are
also taking a stand. In March, Twitter became the latest Internet company
to enact explicit rules that ban the posting of nude photographs and
videos without the subject's permission. Facebook also banned revenge
porn in March.
Reddit banned it in February. Last year a 4Chan poster hacked into
celebrities' iCloud accounts and posted naked photos of Jennifer Lawrence
and Kate Upton among others on a Reddit subgroup, "The Fappening." Reddit
allowed the photos to remain on the site.
Some people don't think the policies go far enough because they still
require women to police their own harassment.
But, says Citron: "We have come to a cultural consensus that the
exploitation of nude photos and videos without consent is unacceptable,
harmful, and valueless and Google is recognizing it with its new position
in search results. ... This is the next crucial, logical step."
FBI Investigates Cardinals for Breaking into Astros' Database
The FBI is investigating one of the best baseball teams in the US after it
allegedly broke into a database belonging to one of the worst.
Investigators told the New York Times that the FBI and Department of
Justice (DOJ) prosecutors are accusing front-office staff of the St. Louis
Cardinals of "hacking" into an internal network of the Houston Astros to
steal closely guarded information about players, including internal
discussions about trades, proprietary statistics and scouting reports.
Calling it "hacking" is quite a stretch, given what we know about the
deed, which allegedly involved:
Using the old passwords Astros General Manager Jeff Luhnow used when he
worked overseeing drafts for the Cardinals, which ...
...Luhnow never bothered to change when he got the job as general manager
for the Astros. As well, the not-so-l337 H4x0rs...
...Allegedly accessed the Astros' database from their own home, making it
simple as pie for the FBI to track them down.
Why the Astros, a team known as a perennial loser?
It sounds like a matter of bad blood between the rival teams.
As the New York Times subsequently reported, Luhnow was a numbers guy
who'd been influenced by the film "Moneyball" and focused that type of
statistics expertise on acquiring players.
It worked for the Cardinals: the team made it to three World Series and
won two of them under Luhnow's management of its draft.
He took his know-how over to the Astros in 2011, along with Sig Mejdal, a
former NASA engineer whose title is director for decision sciences.
Mejdal in turn used his work on astronauts' decision making to improve
the team's drafting.
Luhnow, with his data analytics approach to baseball, has apparently
worked the same kind of magic at the once pathetic Astros that he pulled
off in St. Louis: an achievement that Bloomberg Business called "a
project unlike anything baseball has seen before", akin to what Mitt
Romney used to do to steel companies while at Bain Capital: "stripped
them down with ruthless efficiency to build them back up again, stronger
and better than before."
The Astros are now, in fact, in first place in the American League West
division.
This success can't feel good to the Cardinals, the team that Luhnow left
behind.
Theories about the motivation for Cardinals' front-office staff to
allegedly trespass into the Astros' internal workings include resentment
over Luhnow's departure; bad feelings from when he was with St. Louis,
given that he was what the NYT calls a "polarizing figure"; or a
suspicion that Luhnow took proprietary information with him to Houston.
Luhnow reportedly built a computer network, called Redbird, while he was
with the Cardinals.
It housed all the intel on baseball operations, including scouting
reports and player information.
When he joined the Astros - taking some front-office personnel with him -
he created a similar program and called it Ground Control.
Investigators told the NYT that they believe that Cardinals' personnel,
concerned that Luhnow had taken such proprietary baseball information to
the Astros, examined a master list of passwords Luhnow and the other
officials used while working for the Cardinals.
Evidence is pointing to the Cardinals employees having used those same,
evidently unchanged passwords to gain access to the Astros' network,
investigators said.
It wasn't hard to guess the password: after all, the Cardinals had a
master list of passwords, which was proprietary information.
That lack of password hygiene is likely what led to 10 months' worth of
Astros' internal discussions about trades having been posted online at
Anonbin, a site where users can anonymously share hacked or leaked
information, a year ago.
Major League Baseball notified the FBI, under the impression that the
Astros had been hit by a rogue crook - certainly not by another major
league baseball team.
That's when the investigation started. It soon led to a computer at a home
that some Cardinals employees had lived in.
As Deadspin's Tom Ley tells it, every move in this "hacking" game reflects
security fouls: reusing passwords (a major security sin), leaving a clear
path to your home IP address because you don't have the brains to use an
internet cafe to do your snooping, building a proprietary database and
then just tucking it under your arm when you walk out the door, leaving
two-factor authentication (2FA) out of the design of this precious
repository of baseball knowledge (indeed, 2FA could have made this
so-called "hack" impossible to pull off), and showing off your ill-gotten
goods on a public paste site for all to see (not what you'd call subtle!).
Who's on first?
Nobody I'd hire for their security expertise!
Major Mac Flaw Spills Your Passwords
A crucial flaw found in Macs allows a malicious app to snatch the
passwords from your Keychain - or even directly from other apps.
That exposes the passwords to your iCloud account, notes, photos, email,
banking, social media - everything.
Indiana University computer science professor XiaoFeng Wang and his team
of researchers found several ways a bad app could "cross over" into other
apps.
The researchers found that malicious software could slip into the Apple
Keychain, delete old passwords, and wait for you to retype them in. When
you do, it grabs them.
They also found an issue with the way Apple categorizes Mac programs with
a unique ID, called a BID. Hackers could assign an email app's BID to a
piece of malware, then get scooped up into a "trusted" group of programs.
The Indiana University team analyzed the top 1,612 Mac apps, and found
that 89% of them were susceptible to these kinds of attacks.
To prove that a hacker could pull off the attack, the research team
sneaked a malicious app capable of stealing passwords into Apple's
heavily guarded App Store. The malware was disguised as a
daily-gag-delivering app called "Joke Everyday."
Apple did not respond with a comment on Tuesday.
However, people familiar with the company's practices said that Apple is
working on restructuring how its Mac OS X operating system separates apps.
But they say that would be a laborious process, requiring all independent
Apple developers to establish new security measures and update every app.
Fixing the Keychain will be even more difficult, that person said. Apple
is also improving how it reviews incoming new programs to its App Store.
The research team said it went public with its findings on Tuesday,
because Apple took too long to fix it. They initially notified the company
in October. Apple tweaked its operating system in January, they said, but
the supposed fix didn't actually solve the problem.
Fast-forward to June, and there's still no solution.
"All these things are very serious," Wang said. "If we continued to keep
silent, it's unfair to Apple users. It's very likely someone already knew
this hack."
When researchers find dangerous computer bugs, Apple's policy is to
communicate with them sparsely and quietly fix things behind closed doors.
Earlier this month, CNNMoney examined how Apple's approach to security
needs improvement.
Wang said this could have been avoided if Apple communicated more with the
outside computer engineers who independently create popular software
programs for Macs.
"Apple needs to inform the app developers what they need to do," he said.
"In some cases, Apple provides nothing for app developers to do a security
check."
Leading Indiana University student researcher, Luyi Xing, complained
that, while Apple did respond to them at first, the company didn't
actively work with security researchers - and share progress - until
after they made their report public.
"Now it's a couple of emails a day," Xing said.
A person with knowledge of Apple's security policies said the company was
partly caught by surprise with the sudden publication of this report,
since Apple had been communicating with the researchers.
"The problem may have already been fixed if they would have taken it more
seriously," Professor Wang said. "Now they're actively talking to us. This
is more evidence we should go public in some cases."
The researchers might pay for their adventure. Apple typically revokes
developer credentials for anyone who slips malware into the App Store -
even for security research. Renowned security researcher Charlie Miller
got a one-year suspension from the App Store in 2011 for that very
reason.
Wang hopes Apple will spare his six-person team.
"I don't think it would be fair. Our intention is to help Apple," he said,
adding this foreboding note: "We found more than we disclosed. There's
another new attack that's pretty serious, and we didn't make it public."
Apples New OS X 'El Capitan' Preview Is a Subtle, Fast Upgrade
At its World Wide Developers Conference last week, Apple gave the
assembled crowd of software coders some welcome news: The next annual
release of OS X, called El Capitan, would be available to the public for
free this fallbut an early version was available for developers to
download immediately.
There was good news for reviewers, too; Apple gave those of us in the
Tech Writers Guild the same early access to the software. Ive been
scaling El Capitan for a few days, and Im pleased to report that even
this early version is slick and fast. But theres a good deal of
fine-tuning left to do, and some smaller-name programs have yet to be
updated for compatibility (heres a pretty good running list of which
apps dont work). None of the big-name programs (Microsoft, Adobe, etc.)
have any problems that I could find.
If youre a Mac fan, heres what you have to look forward to in the next
version of your operating system. The top line: This is a no-brainer
upgrade. Once its finished, youll want it.
Once Apple ran out of jungle-cat names for its OS X releases (Panther,
Lion, Leopard, etc), it started adopting the names of scenic California
sites. Last years release, for example, was called Yosemite, after the
national park.
So whats with El Capitan? Isnt that the name of a mountain within
Yosemite?
Yes and that should give you some hint as to the nature of this upgrade.
Its not a new operating system; its a refinement of the last one.
Remember how Apple followed OS X Leopard with OS X Snow Leopard? Well,
you can think of El Capitan as Snow Yosemite.
It doesnt look any different than Yosemite; instead, this years annual
OS X upgrade is a compilation of all the little nips and tucks that
Apple engineers wished theyd had time to put into the last version.
The big-ticket items, Apple says, are all under the hood: speed and
stability. Programs open up to 1.4 times as fast, which is especially
noticeable in Photos, Apples recently introduced iPhoto replacement.
Switching programs is twice as fast. Opening a PDF document, four times
as fast.
Animationsfor example, when you switch between virtual monitors in
full-screen modefeel smoother and faster, too.
Youll feel the difference in speed, and speed is good.
As a handy bonus, you wont need to upgrade your Mac to run El Capitan.
It runs on almost any Mac that can now run Yosemite, or Mavericks before
it, or Mountain Lion before that:
iMacs made since mid-2007
MacBook since 2008
13-inch MacBook Pro since mid-2009
15-inch or 17-inch MacBook Pro since late 2007
MacBook Air since late 2008
Mac Mini since 2009
Mac Pro since 2008
A system-software version that still runs on 8-year-old machines? Nicely
done, Apple.
This time around, Apple isnt boasting, over 200 new features as it
usually does; over 20 new features would be more like it. Theyre
subtle. Theyre motley. Theyll be welcomed by people already using Macs,
but wont do anything to sway someone who already loves Windows.
Here are a few of the biggies. (Theres also a basketful of 18 more,
subtler improvements that Apple didnt mention onstage and isnt getting
much press; click here to read about those.)
Notes. After years of boringness, Apples Notes program has suddenly
sprouted an array of formatting features that practically turn it into
OneNote or EverNote. Now theres full type formatting, bulleted lists,
checklists, Web links, and pasted graphics, videos, or maps. (All of
this will get synced automatically to your iPhone or iPad, too, once
iOS 9 comes out this fall.) The new Attachments Browser lets you view a
palette of all the photos, videos, maps, and Web links youve added in
all your notes, which is surprisingly handy. A new New Note option
appears in the Share menu of Safari and other apps.
Wiggle the cursor to magnify it. When you wake your Mac, you might be in
the habit of rapidly scrubbing your trackpad (or wiggling your mouse),
just so you can spot the cursor on screen. In El Capitan, whenever you
rapidly wiggle the cursor, it momentarily becomes gigantic to draw your
eye.
Maps. Apples Maps takes a timid step toward overcoming Google Maps
overwhelming superiority by adding public-transportation directionsfor
four U.S. cities (San Francisco, New York, Baltimore, and Washington DC).
Google Maps, by contrast, has transit schedules and directions for every
major city around the worldand offers walking directions, too.
Split screen in full-screen mode. In full-screen mode, your document
window fills the entire monitor, and the menu bar and window edges are
hidden. In El Capitan, you can now split the screen between two
full-screen apps, displaying them side-by-side, or move the dividing line
between them. (Where have we seen this sort of thing before? Oh
yeahWindows 8.)
Redesigned Mission Control. Misson Control is a special view that helps
you find one lost window among your ocean of them. It shrinks all of your
open windows to miniatures, all simultaneously visible. In El Capitan,
theyre no longer clumped by program; you can see them all spread out.
(Mac veterans will recognize this effect as the old Exposé.)
Redesigned Spaces. Spaces is a somewhat confusing power-user feature that
lets you create several side-by-side virtual monitors, each with its
own programs and windows. In El Capitan, the Spaces bar is more compact
and easier to operate (you can see it above)you dont have to open
System Preferences to make changes. You can just drag a windows title
bar to the top of your screen to add it to an existing Space or put it
into a new one.
Apple has put quite a bit of work into Spotlight, the Macs built-in
search feature, adding the ability to find more kinds of information
using natural language queries:
More kinds of Web info. Into the Spotlight search bar, you can now type
search terms for weather, sports, stocks, athletes, public transportation,
and online videos. You can type, for example, yankees schedule, lebron
james, weather Tuesday London, or goog (to find out Googles stock
price). You can type jimmy fallon to see the latest YouTube, Vimeo, or
Vevo clips from that show. Or type GrandCentral or 7th ave subway to
see the current schedules for those trains. In each case, the
search-results panel offers a tidy display of information on your query.
Resize or move the Spotlight window. You can now make the Spotlight window
taller, as shown abovebut not, weirdly, wider. You can also drag it
around your screen. For example, if you like to use Spotlight as a
calculator (yes, you can type, for example, 37*12 into it to get the
result), you can now park the window at the edge of your screen so you
can keep working in your main program. (Undocumented tip: To restore the
Spotlight window to its original size and position, hold the cursor down
on the Spotlight iconthe magnifying-glassat the top right of your
screen.)
Prose (natural language) searches. One more Spotlight upgrade: You can
now type out queries that describe what youre looking for like files
I worked on in January, or slides from 2013 containing WidgeTech, or
images from last year. In general, the kinds of information Spotlight
understands here are file types (documents, movies, images,
presentations, email and so on), the words and phrases inside each
file, dates and times, and the names of email senders or recipients.
Mail, the built-in email program, received just a touch of love from
Apple this year, with support for gestures, natural language searches,
and instant reminders:
Speed boost. Apple reworked the way Mail checks IMAP email accounts to
make it feel faster, especially over slow connections.
Gestures. You can now swipe to the right (two fingers on your trackpad)
to mark a message as read or unread, and swipe to the left to delete it.
This trick works even on messages in a background list, while a different
messages window is open in front.
More natural-language searching. As with Spotlight, prose queries have
now come to Mail. You can search for, for example, mail from Chris I
havent read, or messages with attachments from last week.
Calendar suggestions. If Mail detects that a message contains the details
for an appointment or a flight, it offers to add it to your calendar,
saving you a bunch of copying and typing (just as iOS 8 does now).
Full-screen improvements. In Yosemite Mails Full-screen mode, if you were
reading a message, it commandeered your screen; you couldnt click another
message in the list, or refer to another message, without closing the
first one. But in El Capitan, if you click outside an open message, its
window shrinks down into a tab at the bottom of the screen. You can
accumulate a bunch of these tabs, just as you can in a Web browser: remove
them, rearrange them, or drag attachments onto them. Obscure, but welcome
to full-screen aficionados.
Instant reminders. If you select some text in a message that should be a
reminder (Caulk the living room tomorrow), you can right-click it,
choose Share->Reminders from the shortcut menu, and presto: a new to-do
item in your Reminders app. (You can click the Mail icon in that to-do
item later to open the original Mail message.)
Apple has brought a couple of new features to its Safari browser, too. For
example:
Pinned tabs. If you drag an open tab all the way to the left, it becomes a
compact square pinned tab, one that will always be there, in every window
(like the similar feature in Google Chrome). Handy for social-media sites
or Web-based email or chat services. But also confusing; good luck trying
to explain to a beginner the difference between a tab, a pinned tab, a
Favorite, and a bookmark.
Mute audio. Dont you hate it when some Safari window or tab is playing
sound, but you cant figure out which one? Now, whenever audio is playing,
a Mute button appears at the top of the Safari window. Click it to shut up
all browser windows (while preserving sound from the rest of your Mac,
like alert tones and your music player). Or hold your cursor down on it to
see a list of browser windows, so that you can mute just the one you dont
want.
The changes in El Capitan are, as youre figuring out, very subtle. This
new OS X wont throw anyone for a loop. And there are two ways you might
react.
Youve had a whole year, Apple! Whatre you doingspending all your time
on phones and watches?
Yeah, thats one way. The other:
Technology moves too fast already. Why must there be a whole new
operating system every single year? Give me some time to learn what Ive
already got! But if you want to make things faster and smoother,
greatthat doesnt make me have to learn new stuff.
In any case, you wont have to pay for El Capitan when it comes out this
fall (or when its available in a public beta-testing version in July);
its free for all. A big speedup and a small list of touch-ups, no
charge?
That sounds like a pretty good deal to me.
Why Emoji May Be in Your Next Password
Say goodbye to a string of numbers and hello to kissy face, dancing
lady, diamond ring, soccer ball.
Intelligent Environments, a mobile and online banking technologies
company, has come up with a platform allowing users to ditch a
traditional numerical pin code in favor of emoji.
While the system hasn't been implemented yet by any banks, Intelligent
Environments shared their plan to use the fun characters in a new video
and underscored how the system could potentially be more secure than a
numerical pin.
With 44 emoji to choose from, there are a possible 3,498,308 permutations,
according to the company. By comparison, Intelligent Environments said a
pin comprised of numbers 0-9 has 7,290 non-repeating digit possibilities.
The world's first Emoji passcode from Intelligent Environments on Vimeo.
Robert Siciliano, an online safety expert to Intel Security, said the
idea is a step in the right direction for password security.
"Photos as passwords are a strong alternative to simple username and
password," he said. "But we can't stop there. New developments in facial
recognition will inevitably replace all current methods."
=~=~=~=
Atari Online News, Etc. is a weekly publication covering the entire
Atari community. Reprint permission is granted, unless otherwise noted
at the beginning of any article, to Atari user groups and not for
profit publications only under the following terms: articles must
remain unedited and include the issue number and author at the top of
each article reprinted. Other reprints granted upon approval of
request. Send requests to: dpj@atarinews.org
No issue of Atari Online News, Etc. may be included on any commercial
media, nor uploaded or transmitted to any commercial online service or
internet site, in whole or in part, by any agent or means, without
the expressed consent or permission from the Publisher or Editor of
Atari Online News, Etc.
Opinions presented herein are those of the individual authors and do
not necessarily reflect those of the staff, or of the publishers. All
material herein is believed to be accurate at the time of publishing.
