Symantec: Cruz and Kasich Campaign Apps May Expose Sensitive Data

An anonymous reader writes: Apps released by the campaigns of Republican presidential contenders Ted Cruz and John Kasich have the potential for hackers to access users’ personal information. According to an independent analysis by Symantec, the “Cruz Crew” app could allow third parties to capture a phone’s unique identifying number and other personal information while the Kasich 2016 app could expose users’ location data and information about other apps installed on the phones. First it was Veracode that reported potential vulnerabilities with the apps, now it’s Symantec. Apparently the Cruz campaign updated its app to resolve the issues after the Veracode report was released. Kasich spokesman Rob Nichols said the security experts didn’t know what they were talking about. Both campaigns have yet to respond to the latest Symantec analysis. Neither security firm found any issues in the app released by the campaign of Democrat Bernie Sanders. Republican Donald Trump and Democrat Hillary Clinton do not have campaign apps.


Share on Google+

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/D_Cw4ZNIgtY/symantec-cruz-and-kasich-campaign-apps-may-expose-sensitive-data

Original article

Password Managers

Password managers are a great way to store your many passwords. They offer secure storage of your passwords with the advantage of recalling one master password instead of dozens. Password managers also can generate encrypted and secure passwords for you, a time saver when you are asked to create yet another password to one more online account. There are any number of password managers available today, most have the ability to securely store your passwords on your device, but here are two that were featured in a workshop I attended last week. Both have useful features. The first is Dashlane . Dashlane – A password manager that you can use securely on one device or across your devices. The key features of this app include its ability to: Keep your passwords in one place Generate secure passwords Uses AES-256 encryption Stores information and security codes for you Login automatically from Safari Change your passwords instantly Receive security breach alert Dashlane is free if you use it for one device, but you can upgrade to the premium services for $39.99 and use it on all your devices. Roboform – Offers the features you expect from a password manager but in addition Roboform allows you to single click to your favorite website. In addition, Roboform has a form filer to fill out long form for you instantly. Cost is $9.95 a year.


Original URL: http://law.wisc.edu/newsletter/Law_Library/Password_Managers_2016-04-26

Original article

Mozilla Seeks New Home For Email Client Thunderbird

Reader chefmonkey writes: In a report commissioned by Mozilla to explore the next home for Thunderbird, two potential new hosts have been offered: the Software Freedom Conservancy (host to git, boost, QEMU, and a host of other projects) and The Document Foundation (home of LibreOffice). At the same time, the report discusses completely uncoupling Thunderbird from the rest of the Mozilla codebase and bringing in a dedicated technical architect to chart the software’s roadmap. Given that the two named organizations are already on board with taking Thunderbird under their wing, is this a new lease on life for the email program Mozilla put out to pasture four years ago?In December last year, Mozilla Foundation chairperson Mitchell Baker had argued that the organization should disentangle itself from the Thunderbird email client in order to focus on Firefox. It appears the Firefox-maker is all set to part ways with Thunderbird.


Share on Google+

Read more of this story at Slashdot.


Original URL: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/HsO37xOyqpY/mozilla-seeks-new-home-for-email-client-thunderbird

Original article

BYOT: Bring your own team

Do you know anyone who makes you incredibly better at what you do? People who motivate and inspire you, complement your strengths and shore up your weaknesses, help you achieve things you could never do on your own? Maybe it’s your old co-founders, your college roommates, your collaborators on an open source project, or even your siblings; whoever it is, you’re stronger as a team than you are apart. Working together, each of you has a valuable advantage—you could call it a network effect—over anyone who works alone.

Startup investors know this; that’s why firms like Y Combinator discourage solo applicants and focus so much on the makeup of a founding team.

Stripe knows it too. Which is why we’d love you—that is, we’d love you and your collaborators—to apply together to work at Stripe. We call it Bring Your Own Team.

Any group of 2 to 5 people can apply as a team to Stripe, by emailing byot@stripe.com. Make sure to include resumes or CVs for each person, indicate which role each person is applying for, and a brief description of how you all know each other or have worked together in the past. Links to (or attached samples of) things you’ve built together are especially helpful. We’re expecting teams to be primarily software engineers, but we’d love to see well-established collaborations between engineers and designers, managers, or product managers.

Once you’ve applied, we’ll take you all through the hiring process together: we’ll make sure you hit the same stages of interviews at the same time, bring you all to the office on the same day, and try to design at least one interview problem that you can work on as a team. If we make an offer, we’ll make it to all of you, at the same time; you’d all be free to accept or decline individually, but of course we’d hope you’d all accept — and if you do, we’d work with all of you to find a place at Stripe where you can all start off working together.

Like much of what we do at Stripe, this is an experiment; we’ll tweak it as we go. We’re excited to try it out, though—the industry has always focused on hiring atoms; we’d like to try hiring molecules. And we hope you’re excited to apply. byot@stripe.com awaits your emails.


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/J0JY6fPEg6o/bring-your-own-team

Original article

Docker for Mac Beta Review

The application packaging fits in perfectly with OS X. It is a DMG with a single “Docker” app that you drag into the Applications folder.

Perfect OS X Packaging

When you run it, it first asks for root permission to install some things. This is nothing new as we’re all used to Docker needing deep system hooks to get its job done.

After that it starts little helper in the OS X System bar as well as some crazy cool and complicated xhyve stuff on the system.

What is this magic?!
There’s the Docker madness I expect!

xhyve is extremely cool technology which wraps the native OS X Hypervisor Framework for a virtualization backend. No longer do we need a heavy weight VirtualBox, VMWare Fusion or Parallels Desktop installed and running as a “side car” to run Linux programs on a Mac.

I’ve been following community efforts about running Docker under xhyve for a while now, but there’s nothing like Docker Inc. packaging it up. There are some really hard problems around virtual machines, filesystems and networking that Docker has fixed and will support going forward.

This is a game changer for local development tools.

The final bit is a new `docker` client, version 1.11.0, which has more smarts about how to find and interact with this Docker server. No more strange environment variables to discover and set in your ~/.bash_profile.

It works the same, but not needing to manage a `docker-machine` or delegate to VirtualBox feels light years better. The alpine-based redis image downloads and starts in less than 5 seconds! Click here to see an animation.

Hello Redis in seconds! No `docker-machine start`


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/QCA5IeQws74/docker-for-mac-beta-review-b91692289eb5

Original article

Microsoft gives OneDrive users until July to shrink their storage

Microsoft has given users of its OneDrive cloud storage service a 90-day notice that their free allowance will be scaled back from 15GB to 5GB in late July, according to emails and reports from customers.

The 67% reduction in free storage space will take effect July 27. On the same day, Microsoft will also eliminate the 15GB free “Camera Roll” bonus it once gave to anyone who asked. The result: Users who formerly had 30GB of free storage will have just 5GB.

Those reductions were announced in early November, when Microsoft said it was retreating from its prior promise of unlimited storage for the consumer-grade Office 365 subscriptions, the $70 Personal and the $100 Home plans. Office 365 subscribers will instead have 1TB of storage space for each user. (Office 365 Home allows up to five users; Personal only one.)

To read this article in full or to leave a comment, please click here


Original URL: http://www.computerworld.com/article/3060736/microsoft-windows/microsoft-gives-onedrive-users-until-july-to-shrink-their-storage.html#tk.rss_all

Original article

Technical Documentation Should Be a Graph

By Axel Morgner, Co-Founder and CEO, Structr | April 25, 2016
 

Learn Why Your Technical Documentation Should Be in the Form of a Knowledge GraphTL;DR: This blog post is mainly about how technical documentation should ideally be structured: as a graph (not to be confused with a chart).

As a software developer and author I have had the chance (and also the obligation) to write about software from many different perspectives and in even more different formats: Manuals, marketing papers, website articles, support issues, bug reports, blog posts, conference talks….

Each human being is different, and even if we try to group and categorize them, there are still a lot of different groups of users: Noobs, beginners, aspiring learners, power users, developers, administrators, professional critics and more.

Any target group has different needs when it comes to written technical documentation, but they all have one thing in common: The docs should explain how the software works best for them to achieve their individual goals and to make them happy, because most software applications are created for users to use in the first place. Without users, any software is use(r)less so any documentation should always be written not only for users but with users’ happiness in mind.

The Progress of Insight is Non-Linear

Whenever we approach unknown territory (in this case complex things like technical software), we typically start by making some first cautious steps, testing something here and there, trying to make sense of what we see and experience.

Depending on our unique personalities, we might continue with trial and error, or eventually consult the manual. I think it’s safe to say that most people read documentation sooner or later and jump between how-tos, practical tips, reference documentation and FAQs.

The progress of insight from exploring new things, either by trial and error or reading the docs, is not foreseeable at all. It’s true that the learning curve of humans approaching new areas is more or less steep, but what’s more important is that it’s completely non-linear, at least for most of us.

Documentation should just be there to support people when they got stuck, or to lift them onto the next level of wisdom. In contrast, classical technical documentation is linear and oftentimes structured like a print document: A sequence of chapters and sections with a leading index.

If there’s any structure beyond that, it is merely a tree: Chapters and sub-chapters. That’s it. This might be good for storytelling, but surely not optimal for supporting a non-linear learning path.

Writer’s Bias

Writing technical documentation is difficult.

Not only should you use reduced, simple, exact and unemotional language (depending on the type of documentation of course), like this tweet impressively shows:

Good documentation should also be comprehensive, correct, unbiased, etc, etc.

You wouldn’t be writing about something if you didn’t qualify as an expert on this given matter. It’s your special knowledge that enables you to write about it, but it could also limit you to your own context and bias. As a developer, you might tend to describe things in a very technical slang, assuming knowledge to be present at the receiver which might seem trivial to you but that isn’t for anybody else.

When writing a continuous piece, you tend to write it in a constant style, trying to avoid changing the diction of the text. Good for a novel, but bad for satisfying the needs of a wide audience.

The Path of Maximum Intuition

As all humans take different, non-linear ways to enlightenment, and there always exists an optimal path through the matter from one milestone to the next for each of us.

This is what I call “The Path of Maximum Intuition,” and it’s based on the principle that it takes less energy for humans to learn new things if they are close to existing context, alongside available knowledge and based on facts and experiences they already trust.

What’s the next obvious step in a particular situation? How can we describe complex topics in words users can grasp without thinking? How can we make them understand complex interrelationships more easily because they connect to their personal context?

Of course, it all depends on the knowledge and context a reader has, and the ability of the writers to put themselves in the reader’s shoes. The consequence is that there’s no one-path-fits-all, not the one best path, and there’s not even the “golden middle course.” All of these would be a more-or-less acceptable compromise.

Solution: Use a Graph

The solution might sound simple: Just structure the documentation as a graph.

Instead of forcing readers to follow a single, linear, flat sequence of sections, just offer different routes between articles or items. Just like there are different ski slopes for beginners and pros, you could even mark the connections with different colors, from blue over red to black.

By offering more than one outgoing connection from one doc item to the next, you allow users to find their individual path through the documentation, following their natural intuition, saving energy for creative tasks.

We at Structr haven’t yet implemented all the ideas and features mentioned above, but our new documentation site is a graph with all the potential in it. We call it The Structr Knowledge Graph.

Besides the official technical documentation, you will find help articles, FAQs, tutorials and explanatory videos as well as links to Stack Overflow questions, GitHub issues or discussion threads, all of them being nodes in a graph.

The goal is to use a mixture of manual categorization, natural language processing (NLP) and as much information as possible extracted from the original content sources to make it the best knowledge source about all things Structr.

We’re constantly working on improving the Structr Knowledge Graph and we’ll add more and more content and features to support our users and make them happy.


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/e8BszO7U2bw/

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: