News Archive - AlternativeTo.net

News Archive

RSS : All newsTop news

KDE Applications 19.08 has been released

Written 2 days ago by IanDorfman

Free and open source software community KDE has released version 19.08 of its KDE Applications software suite. The group is arguably best known for its Small KDE Plasma iconKDE Plasma Linux graphical workspace.

The suite of applications, appropriately titled KDE Applications, includes the likes of Small Cuttlefish iconCuttlefish and Small Kompare iconKompare. The new release includes a slew of enhancements and new applications, including updates to the Dolphin file and folder explorer, Gwenview image viewer, Okular document viewer, and more.

The Applications 19.08 changelog showcases the countless improvements, additions, and fixes that have been implemented into the release, but some of the major notes include the following:

Small Spectacle iconSpectacle now comes with time-delayed screenshots, progress bar visualization for delayed captures, and support for cancelling these captures.

Small Kontact iconKontact has introduced support for Unicode color emoji and Small Markdown iconMarkdown

The Small Kdenlive iconKdenlive video editor has keyboard-mouse combos for improved productivity.

There are, of course, several more notable additions alongside the myriad smaller improvements. A list of all of the applications in the KDE Applications suite can be found on KDE's official website.

Further coverage:
KDE.org announcement

Written by iandorfman

BioStar 2 biometric security platform breach includes over 1 million fingerprint records

Written 2 days ago by IanDorfman

The team at vpnMentor has released a report detailing a data breach in the BioStar 2 biometric security smart lock platform. As it has been integrated into the popular AEOS access control system, this breach potentially impacts the 5,700 organizations in 83 countries using this system. This includes institutions such as the United Kingdom Metropolitan Police, as it can be used for a variety of administrative purposes across a wide variety of businesses and organizations.

According to vpnMentor's report, the data that was included in the breach contains unencrypted usernames and passwords, personal information on many employees, and the ability to access accounts and permissions in any facility that utilizes BioStar 2. In effect, this allow criminal activity via the manipulation of security protocols in what would otherwise be secure facilities.

The vpnMentor team was able to access 23 gigabytes of the following data:

• Access to client admin panels, dashboards, back end controls, and permissions
• Fingerprint data
• Facial recognition information and images of users
• Unencrypted usernames, passwords, and user IDs
• Records of entry and exit to secure areas
• Employee records including start dates
• Employee security levels and clearances
• Personal details, including employee home address and emails
• Businesses' employee structures and hierarchies
• Mobile device and OS information

In all, nearly 28 million records of this information was accessible. The information (including passwords) was not secured, with some passwords being as simple as the word "Password."

Following its discovery on August 5th, the vpnMentor team had attempted to alert BioStar of this breach starting on August 7th, but was met with hostility and a lack of cooperation until speaking with the company's French branch. The breach was then closed on August 13th.

Further coverage:
vpnMentor

Written by iandorfman

Version 15 of Parallels for Mac introduces support for DirectX 11 via Metal

Written 4 days ago by IanDorfman

Version 15 of Parallels has been released, and it has brought with it a completely redone compatibility layer for DirectX powered by Apple’s Metal.

As detailed on Parallels' official website, version 15 is now compatible with DirectX versions 9 through 11, with this newly revamped and upgraded compatibility powered by Apple’s new low level Metal graphics API. This compatibility will ensure that users can run applications and games that rely heavily on graphical processing power. Since this support is being implemented in Metal, performance will be drastically increased in comparison to before.

In addition to this revamped Small Microsoft DirectX iconMicrosoft DirectX support and performance improvements, Parallels 15 will be immediately compatible with the upcoming latest version of Small macOS iconmacOS, named Catalina. It'll also support Catalina's new Sidecar feature. It'll also include other convenient features such as allowing you to send files using a Windows email application directly from within Small Finder iconFinder and expanded support for Small Linux kernel iconLinux kernel operating systems. Also included is support for more Bluetooth devices, support for dragging and dropping screenshot previews from macOS into Small Windows 10 iconWindows 10 applications, and more.

Parallels 15 is available now for macOS and is compatible with versions 10.12 Sierra through the upcoming 10.15 Catalina.

Further coverage:
Parallels official site
Ars Technica

Written by iandorfman

Verizon is selling Tumblr to the owner of WordPress

Written 5 days ago by IanDorfman

In yet another shifting of owners, the Tumblr social blogging network has been acquired by the owners of WordPress from Verizon for a dramatically reduced rate in comparison to its previous valuation when it was last acquired.

Automattic Inc., the company that owns and operates services including Small WordPress iconWordPress and Small WooCommerce iconWooCommerce, will be acquiring Small Tumblr iconTumblr from Verizon. This was announced by Matt Mullenweg, Founder and CEO of Automattic, via a post on his personal Tumblr blog.

This Tumblr acquisition comes only 2 years following Verizon's acquisition of Yahoo, its previous owner. Back in 2013, Yahoo acquired Tumblr for $1.1 billion U.S., while Axios is reporting today's acquisition of the social blogging platform to be valued at under $20 million (with an m). Verizon's desire to sell Tumblr since its acquisition has been known.

Alongside the platform and its over 450 million blogs, Automattic will be acquiring and onboarding Tumblr's 200 employees. The exact terms of the transaction were not disclosed.

Further coverage:
Axios
TechCrunch
Engadget

Written by iandorfman

iOS SQLite vulnerability found via Contacts app

Written 6 days ago by IanDorfman

A new security vulnerability in Apple's flagship mobile operating system has been discovered and demonstrated, and it involves manipulating the OS's built-in Small Contacts iconContacts app. This vulnerability impacts an estimated 1.4 billion devices running versions of iOS all the way from iOS 8 up to the latest betas of iOS 13.

As showcased by Check Point security at this year's Def Con conference, the exploit has been known for over four years, with Apple believing that it could only be exploited by an unknown and unisigned application, which is a non-issue for any iOS device that hasn't been jailbroken. At this year's Def Con, however, Check Point was able to show how the built-in Contacts app can be modified on any unlocked iPhone, iPad, and iPod touch running up to one of the latest betas of iOS 13.

The exploit utilizes Small SQLite iconSQLite's unsigned databases and this slightly modified Contacts app in order to show how it could be used to run malicious code. The demonstration only showed an app crash, but could be used to, for example, steal passwords.

The report that Check Point released concerning the exploit stated the following:

"We established that simply querying a database may not be as safe as you expect. We proved that memory corruption issues in SQLite can now be reliably exploited."

Check Point has sent both its research and methodology to Apple in order to assist the company in patching the exploit for future versions of iOS. In the meantime, make sure you keep an eye on your iOS devices so that no one has access to them while they are unlocked and you're uncertain what they are doing on it.

Further coverage:
AppleInsider
Forbes

Written by iandorfman

Huawei formally announces HarmonyOS, an open source Android alternative

Written 1 week ago by IanDorfman

Chinese tech giant Huawei has announced at its annual developer conference that it is developing a new open source operating system called HarmonyOS.

According to Richard Yu, Huawei’s chief executive officer for the company’s consumer business group, HarmonyOS has been in development for two years. It aims to run across the company’s full slate of devices as a unified interface for customers to understand. This includes the likes of smart TVs, Internet of Things devices, and, at some point, their smartphone and tablet lineup. These devices can all run the OS as developed by a single integrated development environment, thereby circumventing Android’s more fragmented release schedule.

HarmonyOS will aim to be compatible with HTML5, Linux, and, most importantly, Android apps. That said, Android apps will need to be recompiled, a process that Yu refers to as “very easy.”

Despite HarmonyOS being open source, Huawei will not allow users to have root access to their devices, citing that to be a security risk.

The rollout for HarmonyOS is planned to span 3 years, starting with devices like wearables and car infotainment systems, with plans for their smartphones to move away from Android still forthcoming. That said, if Huawei for whatever reason (say, legal obligations in the wake of trade bans by certain nations) would need to discontinue shipping their smart devices with Android, they would be able to shift those devices to HarmonyOS at “any time.”

Further coverage:
Android Authority
Huawei on Twitter
Gizmodo

Written by iandorfman

An Instagram partner secretly tracked millions of users' locations and stories

Written 1 week ago by IanDorfman

Facebook's photo focused social network Instagram is under scrutiny from many following a Business Insider investigation that revealed one of its marketing contractors has been covertly saving and tracking millions of user profiles.

HYP3R, one of the marketing firms that Instagram hired to aid in building up its ever-growing social network, has been secretly gathering and retaining location and other personal data about millions of its users without any indication or asking for permission.

This handling of user data is clearly against Small Instagram iconInstagram's policies and directly violates the privacy of its users. A Facebook spokesperson gave the following statement to TechCrunch:

"HYP3R’s actions were not sanctioned and violate our policies. As a result, we’ve removed them from our platform. We’ve also made a product change that should help prevent other companies from scraping public location pages in this way."

Though the information collected and analyzed was only from posts that were set to be publicly viewable, though no one was informed of their public data on the photo sharing social network was set to be used this way. This is the latest event that has happened to Facebook in what seems like a string since the controversy with data and Cambridge Analytica.

Further coverage:
Business Insider
TechCrunch

Written by iandorfman

Microsoft contractors are listening to select Skype calls

Written 1 week ago by IanDorfman

Following in the wake of other companies (such as Google with its AI Assistant), Microsoft is the latest case of a company having contractors listen to private conversations, this time using their Skype voice and video chat service.

An investigative report by Motherboard detailed that select Small Skype iconSkype conversations that used the service's real-time translation service were reviewed by contractors hired by Microsoft in order to help improve its functionality. Though the Skype Translator website shows that conversations are sampled through machine learning in order to help improve the service, it does not mention the fact that some of them are also analyzed by humans. Not only that, but contractors are also listening to commands that users speak to Small Cortana iconCortana, Microsoft's personal assistant.

The report by Motherboard describes the saved audio as including intimate conversations between loved ones and what the Microsoft contractor that worked with Motherboard says "could clearly be described as phone sex." This information is all being collected without any clear indication on either the Skype Translator FAQ or Microsoft's privacy policy.

Microsoft sent the following statement to Motherboard when the outlet sent questions:

"Microsoft collects voice data to provide and improve voice-enabled services like search, voice commands, dictation or translation services. We strive to be transparent about our collection and use of voice data to ensure customers can make informed choices about when and how their voice data is used. Microsoft gets customers’ permission before collecting and using their voice data.
We also put in place several procedures designed to prioritize users’ privacy before sharing this data with our vendors, including de-identifying data, requiring non-disclosure agreements with vendors and their employees, and requiring that vendors meet the high privacy standards set out in European law. We continue to review the way we handle voice data to ensure we make options as clear as possible to customers and provide strong privacy protections,"

Though the audio samples usually do not include personally identifiable information, the lack of user input as to whether or not any portion of their conversations can be listened to by contractors can be considered a violation of privacy.

Further coverage:
Motherboard
Engadget
The Verge
ZDNet

Written by iandorfman

Google's mobile Trips app has been shut down today

Written 1 week ago by IanDorfman

Google has quietly discontinued Trips, its travel planning app for Android and iOS, as of August 5th.

Much of the functionality from the app is being incorporated into Maps and Search. A Google Support page describes how to take advantage of these features now that they have migrated over to Small Google Maps iconGoogle Maps and Small Google Search iconGoogle Search, though as the page notes, this data will still require you to be signed into your Google Account in order to access the data that you had saved in Trips while you're in Search.

The following features have been moved to Google Search:

Things to do in a destination: Find top attractions, popular experiences, dishes, neighborhoods, and more to start planning your trip by searching for things to do in your destination or go to google.com/travel and navigate to the "Explore" tab.
Trip reservations: To browse your past and upcoming reservations, search for my trips or go to google.com/travel. You’ll also be able to edit your trip details.
(Coming soon) Add / edit notes: Find your notes from the Google Trips app in your trips at google.com/travel. You’ll also be able to add or edit notes at the bottom of upcoming and past trips.
Saved places: You can find saved attractions, flights, and soon hotels in your upcoming and past trips.

And these following features have been migrated to Google Maps (these require the Google Maps app on your Android and iOS device):

Things to do in a destination: Find top attractions, popular experiences, dishes, neighborhoods, and more to start planning your trip by searching for things to do in your destination or going to google.com/travel and navigating to the "Explore" tab.
Trip reservations: Browse your past and upcoming reservations by searching for my trips or going to google.com/travel. You’ll also be able to edit your trip details.
(Coming soon) Add / edit notes: Find your notes from the Google Trips app in your trips at google.com/travel. You’ll also be able to add or edit notes at the bottom of upcoming and past trips.
Saved places: Find saved attractions, flights, and soon hotels in your upcoming and past trips.

Unless otherwise noted, these features are available now in Google Search and Google Maps, as Small Google Trips iconGoogle Trips is no longer available for use.

Further coverage:
Google Support article
TechCrunch

Written by iandorfman

Roblox hit 100 million monthly active users

Written 1 week ago by IanDorfman

Roblox has achieved a milestone that even Minecraft has yet to accomplish: Over 100 million people log into it monthly.

The news was announced via a post via the game’s official newsroom. In addition, these 100 million monthly active users spend over a billion hours playing the game and interacting with the over 50 million creations made by other users.

In order to commemorate these milestones, the development team for the game released a limited time free cosmetic item for users to obtain via their catalog.

The commemorative post concluded by listing out some more interesting statistics for the game.

  • 50 percent of players update their in-game avatars each month
  • 50 percent of weekly active players play with their friends
  • 40 percent of Small Roblox iconRoblox’s user base is comprised of women
  • Roblox is available in over 200 countries
  • The game is playable in the following languages:
    Brazilian Portuguese, English, French, German, Korean, Simplified and Traditional Chinese, and Spanish

In comparison to this impressive milestone, Small Minecraft iconMinecraft is currently at an also impressive over 90 million monthly active users, despite the game being pay-to-play while Roblox is free-to-play. The game utilizes a freemium model (with an in-game currency called "Robux") in order to sustain itself and creators financially.

Further coverage:
Roblox newsroom
TechCrunch

Written by iandorfman

Newly published patent shows Facebook putting ads in Messenger DMs

Written 2 weeks ago by IanDorfman

If you use Facebook's Messenger chat service to direct message your friends and family that are also on the social network giant, you may soon have to deal with some advertising interspersed with your private, one-on-one conversations. A patent was published on Thursday, August 1st to show how it works.

Granted back in May, the patent details how advertisements would come in the form of a "plug-in" that would parse participants' location data and the content of the conversation in order to customize what advertisements would appear for each user in the direct message conversation. Support for plug-ins in Small Facebook Messenger iconFacebook Messenger DMs would also enable users to utilize conveniences such as ride sharing services and multiplayer games directly within chats. Though some examples of these are already available on Messenger direct messages, would be unified in its approach alongside this data parsing for advertising.

The patent has the name of Messenger's engineering director on file, showing that it is at least one of the ways that Facebook has been looking into incorporating advertising into one of its most popular services. That said, a Facebook spokesperson gave the following statement to Mashable concerning the patent:

“We often seek patents for technology we never implement, and patent applications - like this one that was filed over four years ago - should not be taken as an indication of future plans. We don’t have any plans to place ads in conversations between people.”

Messenger is not an end-to-end encrypted chat service, meaning that it does not guarantee the privacy or security of your communication. Alternatives that offer similar functionality along with simple interfaces that are end-to-end encrypted include the open-source Small Signal iconSignal and closed-source Small Telegram iconTelegram. If you would prefer to use a Facebook operated messaging service, Small WhatsApp Messenger iconWhatsApp Messenger is end-to-end encrypted and arguably the most popular messaging service in the world, though it is also closed source, which means that you nor anyone else outside of Facebook can audit the code for integrity and security.

Facebook has not made any formal announcements concerning implementing advertisements within any of its messaging services outside of the spokesperson comment given to Mashable.

Further coverage:
Mashable

Written by iandorfman

Asana launches Workload, a feature to combat employee burnout

Written 2 weeks ago by IanDorfman

Employee burnout is a problem, and Asana wants to help employers and project managers fix it. To that end, as well as to improve general clarity on work being tackled and overall productivity capacity, the work management platform has launched what it's calling Workflow, a new way to view employee productivity that can let project managers balance workflow more evenly across teams.

As detailed in a post on Asana's official blog, Workload is designed to help give project managers a bird's eye view of how much work every individual on your team has to do based on assigned tasks and expected time to completion. As every team measures work limits differently, effort and capacity can be quantified using a variety of different factors. These include the likes of effort based on time investment and effort based on point valuations on a per-task basis. This way, you can better see how tasks are being tackled on a per-employee basis, allowing you to manage and allocate tasks both scheduled and unscheduled.

Currently, Small Asana iconAsana has made this new Workload feature available exclusively to users with paid Business and Enterprise plans. If you fall into one of those camps, it only takes 4 steps to add efforts that utilize Workload is help optimize who has what tasks assigned to them. Asana recommends adding start and due dates for tasks in order to get the most "accurate view" of effort, regardless of if you're tracking effort based on time or points.

Further coverage:
The Asana Blog
TechCrunch

Written by iandorfman