Microsoft Will inform If you have been spying/hacked by Government

Following in the footsteps of Twitter, Facebook and Google, Microsoft promises to notify users of its e-mail (Outlook) and cloud storage (OneDrive) services if government hackers may have targeted their accounts.

The company already notifies users if an unauthorized person tries to access their Outlook or OneDrive accounts. But from now on, the company will also inform if it suspects government-sponsored hackers.

Ex-Employee: Microsoft Didn't Notify When China Spied Tibetans Leaders

The move could be taken in the wake of the claims made by Microsoft's former employees that several years ago Chinese government hacked into more than a thousand Hotmail email accounts of international leaders of Tibetan and Uighur minorities, but the company decided not to tell the victims, allowing the hackers to continue their campaign.

Instead of alerting those leaders of the hacking attempts, Microsoft simply recommended them to change their passwords without disclosing the reason, after an internal debate in 2011, Reutersreported.

However, Microsoft announced Wednesday that if the company strongly suspects that your account is being hijacked or targeted by hackers working in the interest of a nation-state, it will notify you via an email.

Here's what Microsoft Vice President Scott Charney writes:

"We're taking this additional step of specifically letting you know if we have evidence that the attacker may be 'state-sponsored' because it is likely that the attack could be more sophisticated or more sustained than attacks from cybercriminals and others. These notifications do not mean that Microsoft's own systems have in any way been compromised."

Just last week, Yahoo promised to alert its users whom it suspected were being spied on by state-sponsored hackers. Other big tech companies including Twitter, Facebook and Google, had previously assured their users that they would notify them of any potential government spying.

And now Microsoft is the latest company to join the list.

Government: We'll Sue You if You Do That!

This is a good news for Microsoft users, but it seems that the United Kingdom is not happy with this decision by all the major tech firms, because the country seeks access to personal communications in order to fight terrorism and protect national security.

The UK government is pushing a new Investigatory Powers Bill that will take the bosses of any company that warns its users that security organizations, such as GCHQ (the Government Communications Headquarters), MI5 and MI6, are spying on them.

Specifically, UK ministers want to make it a criminal offence for Twitter, Google and other tech firms under which they could face up to two years in prison.

R.I.P. "Ian Murdock" Creator of Debian Linux Dead at 42

Ian Murdock, the founder the Debian Linux operating system and the creator of apt-get, has passed away.

Yes, it is very sad to announce that Ian Murdock is not between us. His death has touched the entire software community. He was just 42.

The announcement of Murdock death came out via a blog post on Docker website, where Murdock was working as a member of the technical staff.

The cause of death is unclear at present, but Murdock tweeted the same day that he would commit suicide that night. His Twitter account had since been deleted.

However, at that time, some people speculated that Murdock’s account had been hacked and that the tweets were not by him.

Murdock posted some Tweets on Monday suggesting he had been involved in a police case and has been beaten by the police and charged with battery.

However, neither Docker, nor the San Francisco Police Department immediately commented on Murdock’s actual cause of death.

Murdock developed Debian in August 1993 — and yes the “ian” in the project’s name is from Ian Murdock.

In the past, He also worked at Sun Microsystems and served as the CTO of the Linux Foundation.

It is with deep regret that we say goodbye to our great friend, the most significant contributor to Linux community, our beloved Ian Murdock.

Google's "Android N" won't use Oracle's Java API

Google appears to be no longer using Java application programming interfaces (APIs) from Oracle in future versions of its Android mobile operating system, and switching to an open source alternative instead.

Google will be making use of OpenJDK – an open source version of Oracle’s Java Development Kit (JDK) – for future Android builds.

This was first highlighted by a "mysterious Android codebase commit" submitted to Hacker News. However, Google confirmed to VentureBeat that the upcoming Android N will use OpenJDK, rather its own implementation of the Java APIs.

Google and Oracle have been fighting it out for years in a lawsuit, and it is hard to imagine that such a massive change is not related to the search engine giant's ongoing legal dispute with Oracle, however.

What Google and Oracle are Fighting About

The dispute started when Oracle sued Google for copyright in 2010, claiming that Google improperly used a part of its programming language called Java APIs and baked them into its Android mobile OS.

However, Google argued that the Java APIs in question were necessary for software innovation, allowing different applications to talk to each other, and, therefore, could not be copyrighted.

Google almost won the initial lawsuit in 2012, but a Federal court mostly reversed the decision in 2014 in Oracle's favor. Google reached out to the US Supreme Court to take the case, but Supreme Court declined to hear Google's appeal.

The final decision is yet to be made, but one possibility could be that the company will be prohibited from using the copyrighted APIs.

However, OpenJDK, the alternative to Java APIs, is still controlled by Oracle, but at least, Google is legally cleared to implement it.

As for how this new change in Android affects you and me, the new code should make it somewhat easier for Android N developers, perhaps resulting in better apps and quicker updates.

A Software Bug, that Early Released 3200 Prisoners

Washington State Department of Corrections (DoC) is facing an investigation after it early released around 3,200 prisoners over the course of 13 years, since 2002, when a bug was introduced in the software used to calculate time credits for inmates' good behavior.

The software glitch led to a miscalculation of sentence reductions that US prisoners were receiving for their good behaviour.

Over the next 13 years, the median number of days of those released early from prison was 49 days before their correct release date.

"This problem was allowed to continue for 13 years is deeply disappointing to me, totally unacceptable and, frankly, maddening," Washington State Governor Jay Inslee said in a statement. "I've [many] questions about how and why this happened, and I understand that members of the public will have those same queries."

What's the Bug and How did it Remain Undetected for 13 Years?

The issue lies in DoC software that is used for calculating the release date for prisoners who showed good behavior while imprisoned.

The software bug was introduced in 2002, when the state's supreme court implemented a change to the "good time" credit system, allowing prisoners to claim credits for good behaviour while they are in:

• State Prisons 
• County jails

These credits are then used to shorten the length of prisoner’s sentence. To apply these changes, DoCs around the United States released the new versions of software but unfortunately, the code that calculated prison sentences was faulty.

DoC First Informed of the Issue 3 Years Ago

What's even more disappointing is that the authorities first learned of the bug in December 2012, when the family of an assault victim alerted DoC that the attacker was going to be set free too soon.

At that time, DoC filed a request, labelling the error as "time sensitive" and to be implemented as quickly as possible.

However, the Washington DoC hired a new IT manager in November, who alerted the authorities of how serious the bug had become. Inslee assures that a full fix for the bug is expected to be rolled out by 7th January.

Until then the DoC has been ordered not to release any prisoner without manually checking their actual release date

RED STAR OS - NORTH KOREA's First Operating System - looks like MAC OSX - Spies on his own people

North Korea has its own homegrown computer operating system that looks remarkably just like Apple’s OS X, which not only prevents potential foreign hacking attempts but also provides extensive surveillance capabilities.

Two German researchers have just conducted an in-depth analysis of the secretive state's operating system and found that the OS does more than what is known about it.

Dubbed Red Star OS, the operating system based on a Linux 2009 version called Fedora 11 limits its users to a government-approved view of the world and has the tendency to 'watermark' files on USB sticks to track user’s shuttling contraband material.

Red Star OS Tracks User's Every Move

In short, whenever a user inserts a USB storage device containing photos, videos or other documents, into a computer running Red Star, the OS takes the current hard disk's serial number, encrypts that number, and writes that encrypted serial into the file, marking it.

The purpose of watermarking files is to track who actually has the particular file, who created that file, and who opened it.

Researchers previously reported this watermarking feature after analysing Red Star OS, but Florian Grunow and Niklaus Schiess of German IT company ERNW GmbH currently presented dive into Red Star OS goes further.

Makers have Full Control Over Red Star OS

Most of the Red Star's unique features, including its own version of encrypting files, were designed to grant its makers complete control over the operating system, making it independent from any code that could be compromised and exploited by foreign intelligence services, the duo said as they presented their findings at the Chaos Communication Congress in Hamburg on Sunday.

The researchers analysed the latest – third – version of Red Star OS coming out around 2013 and it is clear that software is as authoritarian as the country that developed it.

"This is a full-blown operating system where they control most of the code," Grunow said as quoted by Reuters. Moreover, the OS rigorously resists any changes made by its user and closely monitors every move of a user.

The Red Star OS provides its own firewall, antivirus system and web browser point to internal North Korean servers, and even the encryption is custom-developed.

No Tampering

However, the small program included in the OS constantly monitors the computer for any changes made to the system files.

As a result, any attempt by a user to tamper with the operating system's core functions, like disabling antivirus or firewall, would lead to the computer displaying an error message or rebooting itself.

Since, there is no sign in the OS of the kinds of cyber attack capability North Korea has been accused of, Red Star OS is also designed to crack down on the growing illegal exchange of foreign media content, including films, music or document files.

At the current, the duo has no information on how many computers in North Korea are using this operating system, as they found the OS from a website located outside the country, while visitors to North Korea say most computers there still use Windows XP.