Firefox soon will help you lose yourself in the VR web

Firefox soon will help you lose yourself in the VR web

Mozilla plans to release a version of its Firefox browser Tuesday that embraces a version of virtual reality for the web.

Back in 2014, Mozilla developers including Vladimir Vukicevic put together a concept called WebVR. The idea was to let web browsers navigate virtual realms, and make it easier for people to create a VR world once that would work on all sorts of devices.

But Vukicevic headed off to game engine maker Unity, and Google’s Chrome browser beat Mozilla with WebVR support. Microsoft’s Edge also edged out Firefox, adding WebVR support in April. Microsoft and Google, which both sell devices to experience virtual reality and its augmented reality cousin, have a big incentive to make virtual reality real.

“WebVR is the major platform feature shipping in Firefox 55,” the latest Firefox release calendar update says. “Firefox users with an HTC Vive or Oculus Rift headset will be able to experience VR content on the web and can explore some exciting demos.”

ADVERTISING

There’s plenty to do on the web with a PC, and plenty of apps to run on a phone. But for VR to thrive, there has to be plenty of stuff for us to do online virtually, too. WebVR is an important part of keeping keep us supplied with games, tourist attractions, educational lessons and other interesting things to do in virtual realms.

There are caveats to using WebVR today. Chrome’s support only is on Android-powered devices right now, and WebVR on Edge requires you to put the browser in a developer mode.

WebVR is also important for Mozilla. The nonprofit organization is fighting to reclaim its relevance and restore its reputation after Firefox slid into Chrome’s shadow in recent years. The work to get Firefox back into fighting trim will culminate with Firefox 57, due to arrive Nov. 14.

There’s plenty of VR hardware available, from high-end headsets like Facebook’s Oculus Rift and HTC’s Vive to basic models like Google’s inexpensive Cardboard, which relies on your phone to show VR views. With WebVR, it’s in principle easier to build those VR destinations, because developers don’t have to re-create them for each device.

WebVR isn’t the only way to bridge the divide, though: Unity also offers tools to span multiple headsets.

And WebVR is no universal cure. Some VR headsets don’t support WebVR, and some browsers don’t support all devices.

High hopes

Mozilla has high hopes for VR. Its senior vice president of emerging technologies, Sean White, has been working with VR for more than two decades.

“In the 1990s, unless you had $5 million or $10 million, you couldn’t do it,” he said in a recent interview. “Now if there’s somebody with Parkinson’s disease who can’t move or travel, I could take them to Angkor Wat.”

In the long term, he and his boss, Mozilla Chief Executive Chris Beard, think VR could be eclipsed by augmented reality. VR immerses you in fully computerized worlds of VR, but AR overlays computer-generated imagery atop the real world.

“VR will beget AR pretty quickly as a mass-market opportunity,” Beard said. “Browsers play a very meaningful role.”

First published Aug. 8, 5 a.m. PT.
Update, 10:55 a.m.: Adds detail about Microsoft and Chrome support for WebVR.

How NBA 2K18 got its insane next-gen graphics

How NBA 2K18 got its insane next-gen graphics

Image result for golden state basketball

NBA 2K has been the gold standard for sports games for years — and it just raised the bar… again.

Screenshots of NBA 2K18 players with their rankings have been coming out ahead of its September 19 release. The first thing I said was, “Dang! How the heck did they make it look this much better?”

Steve Noah of gaming site Operation Sports posted shots of player models from last year’s game, comparing them to the handful of player models we’ve seen for 2K18 — and it’s night and day. This doesn’t look just like an improvement, it looks like a next-gen console jump.

The Celtics’ Gordon Hayward in NBA 2K17 (left) and NBA 2K18 (right).

Twitter: @Steve_OS

Player likenesses are captured by a self-powered mobile scanning RV from Pixelgun Studio. It’s made up of 146 Canon cameras, updated as new cameras are manufactured, and it captures ultra high detail facial scans and player tattoos with up to 16,000 textures.

The 2K team captures different facial expressions. They wouldn’t give me what they call their “recipe” of expressions, but they did reveal a few of them — like one they call a “scrunch face,” where they maximize the compression to get every wrinkle on a player’s face. The “dunk face” is also popular. Essentially, if a player has a signature expression, the team will get it.

pixelgunstudio
Pixelgun Studio’s mobile scanner takes a 360-degree scan of Sacramento King rookie point guard De’Aaron Fox.

2K Sports

2K even virtually scanned Steph Curry with his mouth guard in so they could render the way his lips formed around it when he chewed on it, or when it was positioned up or down in his mouth. Every detail matters.

Every player can’t get scanned each year because of their busy schedules, but 2K has a library of player scans it has collected over the years at very high resolutions.

“We went back to scan data and we basically doubled the resolution of the face, and it was a ton of work,” says NBA 2K18’s Art Director Anton Dawson. “It allowed a lot of these likenesses to pop a lot more, and it’s a subtle thing, but it helps. Every little wrinkle and every little form that you can eke out helps.”

Dwight Howard in NBA 2K17 (left) and NBA 2K18 (right).

Twitter: @Steve_OS

The art team completely rebuilt player faces, with a higher resolution base mesh to handle more detail for rounded forms on the face like the ears, or the side of the nostril.

“When you strip down and go back all the way to rebuilding the face from scratch and having a new model, it gives you a chance to revisit a lot of things,” Dawson says.

The 2K team wouldn’t say which of the players revealed so far were brand new scans versus models improved from their library of scans, though many of the early comparisons look like the latter.

Portland’s Damian Lillard in NBA 2K17 (left) and NBA 2K18 (right).

Twitter: @Steve_OS

NBA 2K18 didn’t only rebuild the faces. It rebuilt the bodies, the uniforms and the accessories.

There were only six body types in last year’s game that were assigned to players. Someone might be a “beefy” body type or a “skinny” body type, but when a player is matched with a body type that isn’t just right, it changes how their face looks and it caused a disconnect.

The 2K team created a new body system that makes every player model unique. There is no fixed template anymore. “The number of body types really is infinite, because it’s not binary,” Dawson says. The team can individually control proportions, wingspan, thickness and specific anatomical details so every player model is unique.

2K Sports used laser scanners to get every single detail for the jerseys just right

2K Sports

Nike is the new global apparel partner with the NBA this year, and the 2K team used handheld laser scanners to capture a 10 million polygon mesh of the actual uniforms. It grabbed every detail, from perforations in the jersey, the size of the jersey font, the size of the number, the stitching, the thickness of the piping and how much border there is from the stripe to the edge of the jersey.

2K also did a separate scan to capture jerseys’ true colors. “It was important for us to separate the color of a jersey into diffused color and reflected color,” Dawson says. “We used a technique called cross-polarization to separate those two layers, and then we were able to sample the colors by breaking out diffused color and reflected color.

“The way it reads to your eye when it’s all put back together, the color just looks exactly like the color. The team colors have been spot on. That’s been something we’ve been just chasing for so long,” Dawson says.

Demar Derozan rocks the new Toronto Raptors jersey for the 2017-18 season.

2K Sports

The 2K team made infinite body models, so of course they had to make infinite jersey shapes. The way that a jersey and shorts fit to a player’s body is also unique. The cloth of every jersey will simulate differently depending on how big their chest is and their body model underneath it.

Just like the players and jerseys, over 200 shoes have been scanned. Signature accessories like arm sleeves were also rescanned for 2K18.

Steph Curry’s Under Armour shoes and ankle braces in their digital form.

2K Sports

2K Sports confirmed the PS4 Pro and Xbox One X will run NBA 2K18 at 60 frames per second in 4K with full HDR. The regular PS4 and Xbox One will run at 60 fps.

What does the NBA 2K18 team think about the online buzz? Some outlets have said 2K18 makes 2K17 look like trash.

“We haven’t seen those comparisons until this week of 2K17 to 2K18, and we’ve just been living with 18 for so long. It’s been gradually improving and gradually evolving all year, and now when I see those comparisons, I’m surprised. They are pretty striking,” Dawson says.

NBA 2K18 will be available on PS4, Xbox One, Nintendo Switch and PC on September 19.

A love letter to astronaut Jack Fischer’s Twitter account

A love letter to astronaut Jack Fischer’s Twitter account

NASA astronaut Jack Fischer tries out a yoga pose with the help of microgravity on the ISS. NASA

Twitter can feel like a field of land mines. You need to sidestep rude comments, tiptoe past snarky missives and cut angry trolls a wide berth.

That’s why NASA astronaut Jack Fischer’s account is a place of wonder and magic, a digital oasis. The account, @Astro2fish, is a “burrito of awesomeness smothered in awesome sauce,” to borrow one of Fischer’s phrases.

Fischer is in the midst of his first stay aboard the International Space Station. He’s excited to be there. Very, very excited. His Twitter serves as his conduit to Earth-bound space fans and his tweets jump off the screen in waves of enthusiasm and delight. He also has a steady hand with the ISS cameras.

Combine the two and you get an unending flow of space fabulousness.

Here’s one particular spark of magic:

This swirling, colorful view of a slice of our planet looks like a kaleidoscope collided with a Picasso painting. Yes, @Astro2fish, it does look like a watercolor tray. And I’m lost for a moment in a reverie at the surreal beauty of our strange and delightful home rock.

Fischer doesn’t just post photos, he posts poetry. Glaciers look like a wedding veil. Footsteps retreat into water. He sees a face on the side of Mount St. Helens.

And sometimes he’s just plain goofy, like when he says an aurora “slathers up the sky in awesome sauce” or he crafts an impossible tower of pudding, free of the shackles of Earth’s gravity.

I would like to think I would blurt out phrases like “space-ninja” if I ever got the chance to float around the ISS. I would play with my food, stacking cake and candy into a “Bitesize Mountain of Yumiosity.” I would get lost in a “wicked-cool, space-suit-traffic-jam” and stare in awe at the beauty of the glowing curve of the Earth below.

Fischer is the dream realized. He carries a little piece of every one of us who fantasized about going to Space Camp, ate freeze-dried “astronaut ice cream” and watched endless episodes of Star Trek. We were all kids daydreaming about the stars. Fischer doesn’t forget to pay tribute to that child inside, still full of wonder and curiosity about the world beyond our planet’s gravity.

Fischer is due back on Earth in September, but his legacy of unbridled space-joy will remain alive on Twitter as an epic outpouring of awesome sauce.

Check out some of Fischer’s greatest hits with views from both inside and outside of the ISS:

Google Pushes AI, Machine Learning to the Front

Google Pushes AI, Machine Learning to the Front

A British data watchdog has raised questions about whether it was appropriate for a healthcare trust to share data on 1.6 million patients with DeepMind Health, an artificial intelligence company owned by Google.

The trust shared the data in connection with the test phase of Streams, an app designed to diagnose acute kidney injuries. However, the sharing was performed without an appropriate legal basis, Sky News reported earlier this week, based on a letter it obtained.

The National Data Guardian at the Department of Health earlier this year sent the letter to Stephen Powis, the medical director of the Royal Free Hospital in London, which provided the patients’ records to DeepMind. The National Data Guardian safeguards the use of healthcare information in the UK.

The UK’s Information Commissioner’s Office also has been probing the matter, and is expected to complete its investigation soon.

One of the concerns since the launch of the Streams project has been whether the data shared with Google would be used appropriately.

“The data used to provide the app has always been strictly controlled by the Royal Free and has never been used for commercial purposes or combined with Google products, services or ads — and never will be,” DeepMind said in a statement provided to TechNewsWorld by spokesperson Ruth Barnett.

DeepMind also said that it recognizes that there needs to be much more public engagement and discussion about new technology in the National Health System, and that it wants to be one of the most transparent companies working in NHS IT.

Safety-First Approach

Royal Free takes seriously the conclusions of the NDG, the hospital said in a statement provided to TechNewsWorld by spokesperson Ian Lloyd. It is pleased that the NDG asked the Department of Health to look closely at the regulatory framework and guidance provided to organizations engaging in innovation.

Streams is a new technology, and there are always lessons that can be learned from pioneering work, Royal Free noted.

However, the hospital took a safety-first approach in testing Streams with real data, in order to check that the app was presenting patient information accurately and safely before being deployed in a live patient setting, it maintained.

Real patient data is routinely used in the NHS to check new systems are working properly before turning them fully live, Royal Free explained, adding that no responsible hospital would deploy a system that hadn’t been thoroughly tested.

Google’s Reputation

The controversy over Streams may have less to do with patient privacy and more to do with Google.

“If this hadn’t involved a GoFA (Google Facebook Amazon), I wonder if this would have evoked such an outcry,” observed Jessica Groopman, a principal analyst at Tractica.

“In this case, DeepMind’s affiliation with Google may have hurt it,” she told TechNewsWorld.

Although there’s no evidence of data abuse by DeepMind, the future fate of personal healthcare information is an issue that has raised concerns, Groopman noted.

“There’s a concern that once these sorts of applications — and use of these sets of big, personal data — become more commonplace, it will lead to commercial use of the data,” she said. “I’m sure that Google and DeepMind understand that anything they do is going to be hyperscrutinized through this lens of advertising revenue.”

Too Much Privacy

Health apps can have real benefits for individuals, as Streams illustrates, but they need data to do it, which can raise privacy questions.

“When you’re looking at deep learning applications, the amount of data that is required to train these models is huge,” Groopman explained. “That’s why these kinds of tensions will continue to occur.”

Patient information must be given the highest level of protection within an organization, argued Lee Kim, privacy and security director at the Healthcare Information and Management Systems Society.

“But there must be a balance between restrictions and availability of the data,” she told TechNewsWorld.

“An immense amount of progress can be made in healthcare and self-care through the use of machine learning and artificial intelligence to deliver more accessible, affordable and effective care solutions to the market,” noted Jeff Dachis, CEO of One Drop, a platform for the personal management of diabetes.

“We must always respect data privacy and the individual’s right to that privacy,” he told TechNewsWorld, “but not halt all the much needed progress in this area under the guise of data privacy.”

Google Pushes AI, Machine Learning to the Front

Google Pushes AI, Machine Learning to the Front

Addressing thousands of developers at the annual Google I/O conference on Wednesday, Google CEO Sundar Pichai outlined the company’s new strategy to transition from mobile first to artificial intelligence and machine learning. The goal is to equip the company’s line of digital assistant products and services to anticipate the needs of users, and comprehend sights and sounds in ways never before possible on a massive scale.

Google’s deep learning and computer vision capabilities have advanced dramatically, according to Pichai, and now impact everything from cloud computing to Gmail, search and mobile devices.

“We spoke last year about this important shift in computing from mobile first to AI first,” Pichai recalled. “Similarly, in the AI-first world, we’re rethinking all our products and applying AI and machine learning to solve human problems.”

Among the major new rollouts, Google Lens technology will become a part of Google Assistant and Google Photos. The technology essentially allows users to convert their smartphones into intelligent devices. They can use computer vision, for example, by pointing at a router barcode. Users can log on to a WiFi network automatically, or point the phone camera or point at a restaurant storefront and find out contextual information about its cuisine and ratings from a knowledge graph.

Following last year’s launch of Tensor Processing Units, which is custom hardware for machine learning, Pichai announced the company’s next generation of Cloud TPUs, which are optimized for training and inference.

Each Cloud TPU board has four chips inside, and each board is capable of 180 trillion floating point operations per second, he said. The cloud TPUs are designed for data centers — 64 can be stacked into one supercomputer.


TPU pod

A ‘TPU pod’ built with 64 second-generation TPUs delivers up to 11.5 petaflops of machine learning acceleration.

The Cloud TPU’s are coming to Google Compute Engine immediately.

The company plans to launch an effort to automate the design of machine learning models, using an approach called “AutoML.” The controller neural net proposes a “child” model architecture, which is trained and evaluated for particular tasks.

Google will be partnering with UC San Francisco, Stanford Medicine and University of Chicago Medicine to explore how machine learning can help advance patient care for heart failure, pneumonia and other diseases.

The company’s advances in TPU should vastly improve developer interest in AI and machine learning, said Charles King, principal analyst at Pund-IT.

Smarter Devices

The new Google Assistant SDK will allow third-party manufacturers to make their products — like speakers, toys or other devices — available with Assistant built-in for the upcoming holiday season, said Scott Huffman, vice president of engineering for Google Assistant .

The service also will be available for the iPhone, putting it in direct competition with Apple’s Siri.

Google Assistant will be available in multiple languages starting this summer, including French, German, Brazilian Portugese and Japanese on Android and iPhone. Italian, Spanish and Korean will be available by the end of the year.

Among its new features, it will be able to support transactions, including receipts, notifications, IDs and more.

Google Home will launch internationally in Canada, Australia, France, Germany and Japan, announced Rishi Chandra, vice president for Home products.

Effective immediately, Google Home supports proactive assistance like reminders, traffic delays and flight status changes, he said.

Over the next few months, Google will roll out more new features to Home, including hands-free calling to landlines and mobile numbers in the U.S. New entertainment services are coming to Home, like Spotify’s free service, support for SoundCloud and Deezer, integration with HBO Now, and Bluetooth support from any audio device.

In a nod to developer demand, Google announced that Kotlin will become an officially supported language on Android, the first new language added to the OS. Further, Google has entered a partnership with JetBrains to create a nonprofit foundation for Kotlin. Also, Android Studio 3.0 will be shipping with Kotlin out of the box.

The rollout of products and services was designed to establish Google’s bona fides as a company clearly driven by its AI capabilities, and the message was driven home that the company is putting its machine learning expertise front and center, adding more personalization and more contextual awareness.

Google previewed its long-awaited Android O release, making its beta available immediately. The announcement follows last week’s release of Project Treble, a new architecture that makes it easier and faster for developers to update Android devices.

Sameer Samat, vice president for Google Play, gave a preview of Android Go, a new platform for entry-level devices using less than 1 GB of memory. The service will use a set of Google apps that use less memory, storage space and mobile data, and highlight apps that are designed for entry-level device users.

Competitive Advantage

Google has a key advantage over its major competitors, said Kevin Krewell, principal analyst at Tirias Research.

“Relative to Microsoft and Amazon, I believe Google is far ahead, because it has access to more data than its competition,” he told TechNewsWorld.

“In order for AI capabilities to grow, it needs to train on large data sets, and Google has access to Android mobile services, Google search, Google Voice, Google Photos, etc.,” Krewell pointed out.

“This seemed to be more of a statement of direction, one that places AI as Google’s highest priority,” said Rob Enderle, principal analyst at the Enderle Group.

“Nvidia showcased more actual advancement at their GTC event last week,” he told TechNewsWorld.

Still, Google is putting a huge amount of resources behind its AI focus and has enough of a war chest to back it up, Enderle acknowledged.

“Given we are at the very start of this race, it will likely come down to how long AI and machine learning hold Google’s attention, more than anything else,” he said. “Google has a shiny object problem in that they have historically had the attention span of a 4-year-old on sugar.”

However, unlike Google’s subpar efforts with Google+, Glass and Wave, artificial intelligence isn’t unique to the company, Enderle observed, which makes it unlikely the firm will walk away from it any time soon.

Feren OS: A Linux Desktop Game-Changer

Feren OS: A Linux Desktop Game-Changer

Feren OS is a polished and well-stocked Linux distro that comes close to being an ideal replacement for Microsoft Windows and macOS. In fact, this impressive Linux OS is a very attractive replacement for any Linux distro.

The only impediment to this assessment is dislike of the Cinnamon desktop. Feren OS does not give you any other desktop options. However, it comes with a wide assortment of configuration choices that let you tweak the look and feel into almost any customized appearance you could want.

It also is super easy to install. This makes it suitable for those migrating to Linux — or at least to this operating system. Feren OS offers a specialized software repository that is colorful and efficient to use. It has several specialized launchers to install and configure software packages with a single mouse click.


Feren OS welcome screen

The Welcome Screen displays when you load the Feren OS DVD. All new users need to know is presented in easy-to-understand guides. You can close the Welcome Screen to try out the OS in live user mode or click the install button for a fully automated installation.

Feren OS 2017.0 “Murdock” was released earlier this month. This distro is a relatively obscure Linux OS based on Linux Mint’s main edition.

Feren is a relative newcomer that first appeared in late 2015. Since then, Feren OS has acquired considerable maturity. It shows very little evidence of being a newcomer. It has its own personality, so you will not feel like you are using a Mint clone.

Even the in-house customization of the Cinnamon desktop environment gives it a considerably different atmosphere than the current Linux Mint Cinnamon iteration.

Out of the Box

Feren OS works right out of the box — but it is a big box. The download itself is a 3.6-GB ISO file. That is not a larger-than normal size, but installing it takes substantial resources.

For example, you need at least 18.2 GB of hard drive space for the installation. The OS purred along fine on 8 GB of RAM running on a test desktop computer. However, on a test laptop with 4 GB of RAM it ran noticeably slower when I opened numerous applications and did some screen grabs.

So, less-endowed hardware will be a bit of a challenge, especially if you install any of the optional proprietary drivers provided and the third-party software.

All of these goodies are partly responsible for making the Feren OS such an impressive computing platform, though. It is packed with so many bells and whistles that it needs lots of room to run.

The U.S.-based developer’s website hints at upcoming plans to package Feren OS in a third-party laptop and eventually to fork the Cinnamon desktop to a Feren-branded design. It is positioned as a transition OS from Windows 10 and includes the WINE compatibility layer for running Windows applications.

The distribution ships with the WPS productivity software along with LibreOffice. It also runs the Vivaldi browser by default — but you can use the handy Zorein Web Browser Manager tool to easily uninstall the Vivaldi browser and supplement or replace it with several other browsers.

This is very helpful for inexperienced users. It eliminates the need to find applications in the Software Center, the Synaptic Package Manager or manually, using apt-get commands in a terminal.

You have to track down your own Linux games, but PlayOnLinux and Steam are waiting for you in the menu.

I was pleased to see how the developer integrated some of the finer elements of the Zorin Linux distro. In several ways, Feren is more like Zorin Linux than Linux Mint.

Cinnamon Flavoring

Feren OS is not a retread of Zorin, either. Zorin runs the Zorin Desktop 2.0, an in-house integration of the GNOME shell. The look and feel of GNOME 3 is a far cry from the Cinnamon appearance in Feren OS.

If you are not familiar with the Cinnamon desktop, you do not have to worry about much of a learning curve. The Cinnamon desktop is easy to use, especially with all of the customized features the Feren developer added.


Feren OS Cinnamon desktop

Feren OS uses an in-house version of the Cinnamon desktop that does not require a learning curve.

Both Feren and Zorin are designed to look like classic Windows. They both resemble many other Linux distributions belonging to the Debian Linux family. Feren OS displays a handful of system icons on the desktop if you want them. It shows a fully functional taskbar or panel on the bottom of the screen.

The left side of the panel is home to the main menu button and four launch icons for the Web browser, the file manager, the Software Center and a launcher to install proprietary icons. The right end of the panel houses the notifications tray and systems tool launchers.

You can add a broad assortment of applets to that task bar. You also can choose from a library of desklets on the desktop to display various readouts, such as weather and system monitors.

The main menu is a change from the typical cascading display used in Windows and many Linux distros. It is a two-column menu display with the categories in the left column. The wider right panel lists installed software titles in rows. Depending on how many software titles are installed, this panel slides out of sight and is replaced by another set of icons with titles as you click the buttons on the bottom of the menu. It is very classy!


Feren OS main menu

In Feren OS, the main menu departs from the typical cascading display used in Windows and many Linux distros.

Bottom Line

Feren OS is a nearly flawless Linux computing platform. This distro is practically maintenance free. The updating process appears to be a modified rolling release version. System updates push to the Software Center under a separate tab for OS upgrades. This eliminates the hassle of downloading and installing new versions of the operating system several times per year.

The developers have taken the best parts of several innovative Linux distros and seamlessly integrated them into an ideal computing platform. Feren OS is very easy to use. It is attractively designed and has just enough desktop animation to make using it a tad more interesting.

Be sure to try the Theme Changer tool. It lets you alter the appearance of icons, background, window decoration and just about everything else in how Feren OSD looks on the screen.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

Crafty Phishing Technique Can Trick Even Tech-Savvy Gmail Users

Crafty Phishing Technique Can Trick Even Tech-Savvy Gmail Users

Gmail users in recent months have been targeted by a sophisticated series of phishing attacks that use emails from a known contact whose account has been compromised. The emails contain an image of an attachment that appears to be legitimate, according to Wordfence.

The sophisticated attack displays “accounts.gmail.com” in the browser’s location bar and leads users to what appears to be a legitimate Google sign-in page where they are prompted to supply their credentials, which then become compromised.

The technique works so well that many experienced technical users have fallen prey to the scam, noted Mark Maunder, CEO of Wordfence. Many have shared warnings on Facebook to alert family and friends, given that the technique has exploited otherwise trusted contacts so successfully

Google’s Reply

Google has been aware of the issue at least since mid-January, based on comments from Google Communications’ Aaron Stein, which WordPress characterized as an “official statement” from the company.

Google was continuing to strengthen its defenses, Stein said, adding that it was using machine learning-based detection of phishing messages, safe browsing warnings of dangerous links in emails, and taking steps to prevent suspicious sign-ins.

Users could take advantage of two-factor authentication to further protect their accounts, he suggested.

Wordfence last month noted that Google Chrome released 56.0.2924, which changes the behavior of the browser’s location bar. The change results in the display of not secure messages when users see a data URL.

Google last month announced additional steps to protect G Suite customers against phishing, using Security Key enforcement. The technique helps administrators protect their employees using only security keys as the second factor.

Bluetooth low energy Security Key support, which works on Android and iOS mobile devices, is another user option.

Realistic View

Recent changes in Chrome and Firefox browsers have mitigated some of these types of attacks, observed Patrick Wheeler, director of threat intelligence at Proofpoint.

However, a variety of techniques are used to target users, he pointed out.

Attackers create extremely realistic landing pages, use Javascript to obfuscate and encrypt pages and contents, and host documents directly on Google drive, he told TechNewsWorld.

They recently have used PDFs to make it appear that users already are logged onto Google Docs — then users are prompted for a login when they move the mouse over the PDF.

Attacks such as these are a type of cat-and-mouse game in the sense that attackers will find more sophisticated entry points as cyberdefense methods improve, noted Javvad Malik, security associate at AlienVault.

“This shows the increasing maturity of cybercriminals,” he told TechNewsWorld. “As they become more organized and better funded, mainly through the proceeds of crime, they can invest time and resources into tweaking attack methods to become more effective.”

Difficult Defense

Attacks like phishing and social engineering are among the most common methods of entry, according to Sam Elliott, director of security product management at Bomgar.

Attacks like these often target privileged users with access to sensitive data, he said.

“While companies are aware of this, providing security around these types of users without limiting their ability to do their jobs effectively is difficult,” Elliott told TechNewsWorld.

Defining “privileged user” poses additional challenges for companies, even those with sophisticated security protocols, he added.

Despite the challenges it poses, “like any phishing scam, this one has a limited lifespan,” observed Mark Nunnikhoven, vice president for cloud research at Trend Micro.

“Because it impacts a very specific audience, there’s also a central point to prevent this scam,” he told TechNewsWorld.

Google likely will deploy image recognition and URL filtering to prevent this campaign from continuing, Nunnikhoven said.

Google did not respond to our request to comment for this story.

Google Unveils Guetzli, Open Source JPEG Encoder, to Speed Browsing

Google Unveils Guetzli, Open Source JPEG Encoder, to Speed Browsing

Google on Thursday announced Guetzli, a new contribution to its evolving set of tools for the open source community. Guetzli is an encoder that allows JPEG files to be compressed as much as 35 percent, resulting in much faster Web page loading.

“Guetzli,” which means “cookie” in Swiss German, allows users to create smaller JPEG images while maintaining compatibility with existing Web browsers, image processing applications and the existing JPEG standard, noted Robert Obryk and Jyrki Alakuijala, software engineers at Google Research Europe, in an online post.

It produces a result similar to that of Google’s Zopfli algorithm, which produces smaller PNG and gzip files without the requirement of a new file format, they explained. The technique is different from RNN-based image compression, RAISR and WebP, all of which need ecosystem and client changes for compression at Internet scale.

Google first introduced the Zopfi compression algorithm in 2013 and two years later unveiled Brotli, which offered faster page loads and up to 26 percent higher compression ratios than Zopfi.

Microsoft late last year announced support for Brotli in Edge, which would make it broadly interoperable across major browsers, as the latest versions of Chrome and Firefox already supported Brotli.

Quality and Compression

JPEG resolution quality is directly correlated to its multi-stage compression process, Obryk and Alakuijala explained.

“Guetzli specifically targets the quantization stage in which the more visual quality loss is introduced, the smaller resulting file,” they wrote. “Guetzli strikes a balance between minimal loss and file size by employing a search algorithm that tries to overcome the difference between psychovisual modeling of JPEG’s format and Guetzli’s psychovisual model.”

The model approximates color perception and visual masking in a more detailed way than what can be achieved through simpler color transforms and discrete cosine transforms, according to the engineers.

16x16 pixel synthetic example of  a phone line

16×16 pixel synthetic example of a phone line hanging against a blue sky — traditionally a case where JPEG compression algorithms suffer from artifacts. Uncompressed original is on the left. Guetzli (on the right) shows less ringing artefacts than libjpeg (middle) and has a smaller file size.

During experiments with human raters, Obryk and Alakuijala continued, images produced by Guetzli were preferred over images from libjpeg files, even when the latter files were the same size or slightly larger, making the slower compression a worthy tradeoff.

20x24 pixel zoomed areas from a picture of a cat's eye

20×24 pixel zoomed areas from a picture of a cat’s eye. Uncompressed original on the left. Guetzli (on the right) shows less ringing artefacts than libjpeg (middle) without requiring a larger file size.

The hope is that the format webmasters and graphic designers will embrace the format for running image-heavy websites, and that mobile users will see reduced load times and bandwidth costs, the engineers said.

Deep Learning

Google likely has developed the deep learning expertise and compute resources to tackle such a feat from a new vantage point, suggested Paul Teich, principal analyst at Tirias Research.

Image storage is a top priority for consumer cloud services, retail, advertising and other industries, he noted.

“My educated guess is that Google made Guetzli public because Google doesn’t control most of the endpoints that capture the images that Google then stores for image searches,” Teich told LinuxInsider. “It makes Google’s business run a little better if everyone uses Guetzli as their native JPEG format — and the same is true for other cloud services that handle images at scale, such as Facebook, Twitter and Instagram.”

There likely will be a version of Guetzli for motion video compression as well.

RAISR, which Google introduced in November, uses machine learning to turn low-resolution images into high-quality photos. WebP images are 26 percent smaller than PNGs and up to 34 percent smaller than JPEG images

Making the Guetzli technology available as an open source tool will help speed adoption and return significant benefits for Google, said Rob Enderle, principal analyst at the Enderle Group.

“Google makes money off ads,” he told LinuxInsider. “Slow load times lower ad views, so by speeding up the Web, they’ll make a ton more money.”

Dropbox engineers were excited to find that Guetzli interoperates with Lepton, the streaming image compression format Dropbox released to the open source community last summer.

“In preliminary testing, we are seeing real advantages in combining Guetzli with Lepton, as long as you apply Guetzli first,” said Daniel Reiter Horn, staff software engineer at Dropbox.

“For example, one test we tried resulted in ~24 percent savings from Guetzli and an additional ~22 percent compression from Lepton, with default settings,” he told LinuxInsider.

“The result was a total savings of ~41 percent over the default file,” Horn said. “The math makes sense, because Lepton gives 22 percent savings on the Guetzli file that’s 75 percent of the original size… so the savings is 24 percent + (22 percent * 76 percent) = ~41 percent.”

Google’s own team had little to say about the release beyond the revelations in Obryk and Alakuijala’s post, company rep Jason Freidenfelds told LinuxInsider.

However, it did release a statement suggesting that it was, shall we say, compressing its wild enthusiasm: “Grt to hv all ths intrst – w’r vry exctd fr ths brkthrgh!”

Pro-Turkey Hackers Hit Prominent Twitter Accounts

Pro-Turkey Hackers Hit Prominent Twitter Accounts

Hundreds, if not thousands, of Twitter users, many of them high-profile, were hacked Tuesday by someone who appeared to support Turkey in its diplomatic row with the Netherlands.

Their accounts displayed a Swastika — reversed to face to the right — as well as the Turkish flag and hashtags to the Nazialmanya and Nazihollanda accounts, which displayed comments on the attack.

The following message in Turkish, translated into English through Google Translate, also was posted on affected accounts: “Now Old Turkey Nothing You Have Set Adjust Absolute Wheel Will Earn Traitors Crime Freaks Needed YES le Verecek Elbet.”

The hackers included a reference to April 16, when Turkey will hold a referendum to give President Recep Erdogan more power, and a link to a Youtube video presenting clips of speeches by Turkish President Recep Erdogan, accompanied by a poem that appears to be threatening.

Among the victims are Nike Spain, Duke University, Starbucks Argentina, the European Parliament, the BBC, Amnesty International and a number of high-profile people, including singer Justin Bieber.

Twitter Leaps Into Action

Twitter Support on Wednesday reported that it had addressed the issue.

Twitter had “moved the apps permissions to Twitter accounts globally,” noted Willis McDonald, senior threat manager at Core Security.

Its response was “appropriate, given the number of accounts affected and also that the attack had to do with a third-party app and not Twitter itself,” he told TechNewsWorld.

How the Hack Happened

The hack appears to have exploited a zero-day vulnerability in Twitter Counter, a third party app available on Google Play and the Apple App Store, said Robert Capps, VP of business development at NuData Security.

Twitter Counter, which lets users graph their Twitter stats, apparently has more than 180 million users.

Its website has been shut down temporarily, “for maintenance.”

“If Twitter were a country, it would be the 12th largest in the world,” Capps told TechNewsWorld.

Its more than 100 million users, and its capacity as a real-time source of information, “make it an attractive and vulnerable target for account takeovers,” he said, because it gives bad actors “access to the audiences of celebrities and brands with thousands of followers.”

Gangsters or Governments?

It’s likely that the attackers were operating in support of Turkey, Core Security’s McDonald suggested, but they probably were “a nationalist group and not state-sponsored attackers.”

The hack “only caused minor damage to the public image of the victim accounts,” he said, and the damage to Twitter’s image is “minimal, since [it] was due to a third-party app.”

However, “the damage to Twitter Counter is [worse] since their app’s permissions have been removed from Twitter, which essentially puts them out of business until they can resolve the issue,” McDonald said.

Twitter Counter users can remove the app from their devices and change their account credentials, and since Twitter has removed the app’s permissions, he noted, victims “only need to remove the offending tweets to remediate their accounts.”

Slackel Openbox Plays Hard to Get

Slackel Openbox Plays Hard to Get

Slackel’s Openbox edition is a lightweight operating system that offers reliable performance once you get the box open. It is not an ideal OS for every user, though.

Slackel 6.0.8 Openbox, the latest version of the Greece-based project’s lightweight distribution, was released by developer Dimitris Tzemos last fall.

Slackel is a Linux distro that offers several benefits for users who step away from the typical mainstream Debian-based Linux distros. Based on both Slackware and Salix, it offers a few advantages not usually found with the Slackware Linux lineup.

For example, Slackel is fully compatible with both Slackware and Salix software packages. The main difference is it includes the current version of Slackware and the latest version of KDE in the repository.

That gives Slackel a better reach for adding software. Slackware-based distros typically have far smaller software repositories than Debian-based distros and others. Think in terms of a few thousand packages compared to 35,000. Finding Linux packages that will run in Slackel is less of a challenge — but you will have slimmer pickings.

Slackel provides some of the best Slackware-based system tools, which is a big plus since Slackel also has all the Salix system tools present. It makes system administration easy and straightforward. The Salix codecs installer application installs patent-encumbered codecs quickly and easily.

Openbox desktop

Openbox is similar to the Xfce desktop with fewer configuration options. Click anywhere on the desktop to get a fully populated menu — but you can not place icons on the desktop or launchers on the panel bar.

Getting It

Normally, a live session disc image combines the ability to run the Linux OS from a bootable DVD with direct access to the hard drive installation. All you have to do is click a desktop install icon without leaving the “try-it-out” mode.

Not so with Slackel Linux. The Slackel disc images come in two separate forms: installation and live. Both are available in both 32-bit and 64-bit versions.

You have to pay attention to the download links. Slackel’s standard release uses the KDE environment. The Slackel line also offers the Fluxbox desktop. Be sure you grab the Openbox edition — twice. You will need the live session and the install-only images.

The 64-bit ISO images support booting on UEFI systems. The 32-bit ISO images support both i686 PAE SMP and i486, non-PAE capable systems.

Slackel is a bit less cooperative in putting the ISO onto a USB thumb drive. I usually run that procedure as a routine matter with other distros. If you want to transfer the ISO to a USB drive, check out the specific instructions here.

You can use the dd command to write the iso to a USB stick. However, dd is not a perfect solution with Slackel. It works — but some features like persistence will not be available.

I found the Slackel installation ISOs to be particularly finicky in configuring on UEFI systems. This is especially the case if you insist on setting up a dual boot around a Microsoft Windows partition. Read the directions very carefully.

Big Frustration Alert: Do not use eLilo as your bootloader. If you do, you will not be able to boot Windows partitions.

What’s Inside

Slackel 6.0.8 Openbox includes the Linux kernel 4.4.29 and latest updates from Slackware’s ‘Current’ tree. The live session ISO images contain full multimedia support.

You do not have to install multimedia codecs while on live environment. However, remember to install multimedia codecs after you put SlackelOpenbox on your hard drive from the installation ISO.

Slackel 6.0.8 Openbox includes the Midori 0.5.11 Web browser. This distro does not provide automated installers for other Web browsers.

If you want to add a standard preference such as Firefox or Chromium, you will need to launch the gslapt Package Manager. gslapt is a GTK+ front-end to slapt-get — an APT-like package tool for Slackware.

Slackel gslapt
Package Manager

Slackel uses the gslapt Package Manager, a GTK+ front-end to slapt-get, an APT-like package tool.

Other standard software packages in the Openbox edition include Claws-Mail 3.13.2, Transmission 2.92, PCManFM 1.2.4 and Pidgin 2.11.

Smplayer is the default movie player. Exaile 3.4.5 is the default application for managing music collections. Other media tools include Asunder 2.7 Cd ripper and Bracero 3.12.0 for writing CD/DVDs. Graphics software includes Viewnior 1.6, GIMP 2.8.18 and mtpaint 3.40. Scrot is the snapshot utility.

Openbox Look and Feel

The standard panel bar sits at the bottom of the screen. The left side of the panel has a very easy-to-use, uncluttered menu. A few icons sit on the left. The expected notifications are on the right end of the panel. Toward right center is a preconfigured work space switcher with four locations ready to use.

Openbox desktop

The Openbox desktop design requires nearly no learning curve. It is point-and-click simple. Both its appearance and its operation are old school on Slackel, which is a good thing.

Openbox is similar to the Xfce desktop, but it has fewer configuration options. Like Xfce, you can right-click anywhere on the desktop to get a fully populated menu for system tools and applications. And like Xfce, you can not place icons on the desktop or the panel bar.

The panel bar is devoid of any extra features, such as applets. Openbox is very simple with some user tweaks built in, but power users will be less enchanted with its almost one-size-fits-all design.

Software Supplies

I was disappointed by the absence of some key software that I find bundled on other Linux distributions offering lightweight desktop options, such as Openbox. Some of them are available via other Slackel or Salix repositories, but having to track stuff down is inconvenient.

For example, Abiword 3.0.1 office application and Gnumeric-1.12.27 are included. Both applications are extremely lightweight and feature-deprived. You can add Libreoffice 5.2.3 from the Slackel repositories through gslapt.

Much to my pleasure, Slackel comes with the Geany IDE text editor installed. It also bundles the Leafpad text editor. Geany is one of my core applications.

If you install Slackel on just one computer, you’ll have to suffer through a one-time inconvenience. However, if you maintain multiple computers running the same set of applications for work projects, for instance, getting your working tools up to speed will become a much larger annoyance.

That is not the fault of Slackel itself — it is a characteristic of the Slackware Linux line. Slackware distros typically force you to find and install the software on your own.

Slackel Primer

The Slackel distro is a slice of the Slackware and Salix Linux ecosystems. It is just a better Slackware derivative.

Slackware originated in 1992. By comparison, well known and well used distros such as Ubuntu, Fedora and Linux Mint were introduced in the mid-2000s.

Salix is a GNU/Linux distribution based on Slackware. It is not a clone, however. It is built on the concept of being stable, fast and easy to use. Salix is fully backward-compatible with Slackware. One of the guiding priciples of Salix Linux is economy. It provides one application per task on the installation ISO.

Slackware is among the oldest actively maintained Linux distros. It tends to adhere to its less modern Linux underpinnings in terms of user-friendliness. The Slackware project started as a way to install a Linux system that already included some core packages like the kernel and an X window system.

In its long run, Slackware has updated but not improved much. It is still not easy to set up and use compared to more modern Linux distro replacements. If nothing else, Slackel tries to modernize that heritage just a bit.

Bottom Line

Slackel is not a good choice for new users looking to make a fast move into a Linux OS. Still, this distro has some benefits.

If you like to learn how things work, Slackel gets you closer to understanding the pure Linux environment. Plus, you have a system made your way because you decide what gets installed.

If you give Slackel Linux a test run, jot down these user credentials. Otherwise, you will soon be dead in the water.

The root password for the live CD is “live” (no quotation marks). The standard user login is “one” with password: “one”)

For installation and for all work required administration privileges, the super user “one” with password “one” is used.

Slackel Linux is hardware-friendly. Its minimum system requirements are Pentium 2 or equivalent, 256 MB of RAM and a 1.5 GB HDD.

Want to Suggest a Review?

Is there a Linux software application or distro you’d like to suggest for review? Something you love or would like to get to know?

Please email your ideas to me, and I’ll consider them for a future Linux Picks and Pans column.

And use the Reader Comments feature below to provide your input!