Month: May 2016

(credit: RunKeeper)

RunKeeper announced Tuesday that it had found a bug in its Android code that resulted in the leaking of users’ location data to an unnamed third-party advertising service. The blog post came four days after the Norwegian Consumer Council filed a complaint against the Boston company.

In the blog post, CEO Jason Jacobs wrote:

Like other Android apps, when the Runkeeper app is in the background, it can be awakened by the device when certain events occur (like when the device receives a Runkeeper push notification). When such events awakened the app, the bug inadvertently caused the app to send location data to the third-party service.

Today we are releasing a new version of our app that eliminates this bug and removes the third-party service involved. Although the bug affected only our Android app, we have decided to remove this service from our iOS product too out of an abundance of caution. The iOS release will be made available once approved by Apple.

…

We take our responsibility for the privacy of user data very seriously, and we are thankful to the Runkeeper user community for your continued trust and support.

In an e-mail sent to Ars, Jacobs declined further questions, noting the statement "will be our only comment at this time."

This should become a thing of the past. (credit: Microsoft)

Anyone who's installed Windows 7 any time in the last, oh, five years or so probably didn't enjoy the experience very much. Service Pack 1 for the operating system was released in 2011, meaning that a fresh install has five years of individual patches to download and install. Typically, this means multiple trips to Windows Update and multiple reboots in order to get the system fully up-to-date, and it is a process that is at best tedious, typically leading one to wonder why, at the very least, it cannot pull down all the updates at once and apply them with just a single reboot.

The answer to that particular question will, unfortunately, remain a mystery, but Microsoft did today announce a change that will greatly reduce the pain of this process. The company has published a "convenience rollup" for Windows 7 Service Pack 1 (and Windows Server 2008 R2), which in a single package contains all the updates, both security and non-security, released since the Service Pack, up through April 2016. Installing the rollup will perform five years of patching in one shot.

In other words, it performs a very similar role to what Windows 7 Service Pack 2 would have done, if only Windows 7 Service Pack 2 were to exist. It's not quite the same as a Service Pack—it still requires Service Pack 1 to be installed, and the system will still report that it is running Service Pack 1—but for most intents and purposes, that won't matter. Microsoft will also support injecting this rollup into Windows 7 Service Pack 1 system images and install media.

Edward Screven, Oracle's chief architect, speaking at Oracle's OpenWorld conference in 2012. (credit: Oracle PR)

SAN FRANCISCO—Oracle lawyers put two executives and a computer expert on the witness stand in federal court here today, pushing their case that Google violated copyright law when it used Java API packages in its Android operating system.

Following morning testimony by Oracle CEO Safra Catz, the ten-person jury heard from Edward Screven, Oracle's chief corporate architect, who has worked at the company for 30 years. Screven was deeply involved in the company's decision to buy Sun Microsystems in 2009. He was worried that, given Sun's business problems, it wouldn't be able to invest and be a "good steward" of Java.

"Were you in favor of that decision because you thought Oracle could sue Google?" asked Oracle attorney Annette Hurst.

An example of Node.js code that launches a Web server and creates ASCII art from a JPEG image being executed from within COBOL code. Because we can. (credit: Bizău Ionică)

Last August, we told you about a project posted on GitHub by Romanian software developer Bizău Ionică that makes it possible for snips of legacy COBOL code to run within the JavaScript code of the popular Node.js interpreter. There's more than a little irony in this project. COBOL, the mother of all cross-platform programming languages, is still in use 62 years after it was first published, mostly in legacy applications that no one cares about or dares to retire. Grabbing snippets of code to run in Node.js—one of the most popular languages to develop networked software today—could be seen as a way to pull old code into the 21^st century.

Ionică has now completed the circle with a software bridge that can execute Node.js script from within COBOL programs. It’s called node.cobol, and it compiles with GNU COBOL, though it still requires Node.js be installed on the same machine the code runs on. This is really helpful if you want to, say, run a Web server from within COBOL code.

Would you really want to run a Web server within COBOL? I don't know. But now you can:

Greetings, Arsians! Courtesy of our partners at TechBargains, we have a number of deals to share today. Featured is a strong desktop for an affordable price—you can get the Dell XPS 8900 desktop with an Intel Skylake quad-core i7 processor and a whopping 16GB of RAM for just $768. That's almost half off of its original $1,252 price tag, so you'll want to grab this powerful PC before everyone else does.

Also check out the rest of our deals below.

Featured

(credit: anutkak43)

Some people never seem to learn. A recent investigation by security firm Compaas trawled Google Docs and Dropbox and found thousands of sensitive documents belonging to hospitals, schools, and corporations. In many cases, the spreadsheets caused the organizations to run afoul of consumer privacy laws.

"We found a couple hospitals that had breaches in HIPPA compliance," Compaas COO Doran David said. "There was patient information, what types of surgeries they had, social security numbers. Anything that you would think of that you would consider personal is the type of thing we've come across."

In most cases, the documents are uploaded by employees who don't understand the privacy implications of what they're doing. They simply know that Google Docs and similar services are a much easier way to exchange documents than official methods provided by their employer. In other cases, they use misconfigured third-party apps to swap documents with co-workers. The end result is documents that never should have been made public but can in fact be downloaded by anyone.

(credit: David K)

Cleanliness may be next to godliness. But, it turns out, being a deity is pretty nerve-wracking.

Growing up in meticulously sanitized conditions, devoid of the “old friends” germs and parasites that have coevolved with us and help train our immune systems, leaves us more prone to a host of health issues. These include inflammatory bowel disease, allergies, asthma, and autoimmune disorders, scientists have found. Prevalence of these health issues has soared in the squeaky-clean developed world. But that’s not all. This well-established hypothesis—the hygiene hypothesis—may also explain rises in certain mental health issues, according to a growing number of studies.

The same inflammation and haywire immune responses that may be explained by the hygiene hypothesis have also been linked to depression, anxiety, and stress disorders, such as post-traumatic stress disorder (PTSD). Studies have found that high levels of inflammation increase the risk of developing depression, for instance, and PTSD is associated with pro-inflammatory signals and reduced regulatory T cells—cells that quell immune responses, including inflammation.

Fun fact: This is what a data transfer looks like when you're inside an Internet tube. (credit: Getty Images | Yuri_Arcurs)

Cable networks are already starting to match the gigabit download speeds offered by fiber-based Internet services, but they still lag far behind on upload throughput. New technology could change that situation, bringing cable's theoretical speeds up to 10Gbps for both downloads and uploads.

The cable industry R&D consortium CableLabs announced a plan for full duplex technology in February, and the Nokia-owned Bell Labs yesterday said it has achieved 10Gbps symmetrical speeds in the lab in a "world-first" demo.

"Demonstrating for the first time that the concept is valid and achievable, the XG-CABLE test used point-to-point cable topologies to deliver 10Gbps symmetric data speeds over coaxial cable using 1.2Ghz of spectrum," Nokia said in its press release yesterday. With a point-to-multipoint deployment, Nokia's results were nearly 8Gbps downstream and 7.5Gbps upstream.

(credit: Nicolas Raymond)

Rightscorp heralded itself as a content savior when it was founded in 2011 with a novel business model—enforcing copyrights by capturing online pirates and demanding about a $20 fee per pilfered work.

But a few things happened along the way to a year-over-year 78-percent plummet in first-quarter revenues and a loss of $784,180. Among other things, pirates are seemingly masking their IP addresses more and more, and ISPs aren't forwarding Rightscorp's money-demand letters to pirates, the company announced Monday. Still, the California-based anti-piracy company has never made a profit. Last year, it lost $3.5 million and, judging by its first-quarter earnings report released Monday, it's on course to go defunct.

For the moment, the company is teetering on the brink of financial collapse. It raised $500,000 on February 22, the company reported, but it needs another $1 million to stay afloat. It has enough cash on hand to continue "into the second quarter of 2016," according to the company's latest financial report.