The creator of Linux, Linus Torvalds, posted his famous message announcing Linux on August 25, 1991, claiming that it was “just a hobby, won’t be big and professional like gnu.” ZDNet’s Steven J. Vaughan-Nichols caught up with Linus Torvalds and talked about Linux’s origins in a series of interviews: “SJVN: What’s Linux real birthday? You’re the proud papa, when do you think it was? When you sent out the newsgroup post to the Minix newsgroup on August 25, 1991? When you sent out the 0.01 release to a few friends? LT: I think both of them are valid birthdays. The first newsgroup post is more public (August 25), and you can find it with headers giving date and time and everything. In contrast, I don’t think the 0.01 release was ever announced in any public setting (only in private to a few people who had shown interest, and I don’t think any of those emails survived). These days the way to find the 0.01 date (September 17) is to go and look at the dates of the files in the tar-file that still remains. So, both of them work for me. Or either. And, by the way, some people will argue for yet other days. For example, the earliest public semi-mention of Linux was July 3: that was the first time I asked for some POSIX docs publicly on the minix newsgroup and mentioned I was working on a project (but didn’t name it). And at the other end, October 5 was the first time I actually publicly announced a Linux version: ‘version 0.02 (+1 (very small) patch already).’ So you might have to buy four cakes if you want to cover all the eventualities.” Vaughan-Nichols goes on to pick Linus’ brain about what he was doing when he created Linux. In honor of Linux’s 25th birthday today, let’s all sing happy birthday… 1… 2… 3…

Read more of this story at Slashdot.

Source: Slashdot – Linus on Linux’s 25th Birthday

chicksdaddy writes: “Call it The Big Short — or maybe just the medical device industry’s ‘Shot Heard Round The World’: a report from Muddy Waters Research recommends that its readers bet against (or ‘short’) St. Jude Medical after learning of serious security vulnerabilities in a range of the company’s implantable cardiac devices,” The Security Ledger reports. “The Muddy Waters report on St. Jude’s set off a steep sell off in St. Jude Medical’s stock, which finished the day down 5%, helping to push down medical stocks overall. The report cites the ‘strong possibility that close to half of STJ’s revenue is about to disappear for approximately two years’ as a result of ‘product safety’ issues stemming from remotely exploitable vulnerabilities in STJ’s pacemakers, implantable cardioverter defibrillator (ICD), and cardiac resynchronization therapy (CRT) devices. The vulnerabilities are linked to St. Jude’s Merlin at home remote patient management platform, said Muddy Waters. The firm cited research by MedSec Holdings Ltd., a cybersecurity research firm that identified the vulnerabilities in St. Jude’s ecosystem. Muddy Waters said that the affected products should be recalled until the vulnerabilities are fixed. In an e-mail statement to Security Ledger, St. Jude’s Chief Technology Officer, Phil Ebeling, called the allegations ‘absolutely untrue.’ ‘There are several layers of security measures in place. We conduct security assessments on an ongoing basis and work with external experts specifically on Merlin at home and on all our devices,’ Ebeling said.” More controversial: MedSec CEO Justine Bone acknowledged in an interview with Bloomberg that her company did not first reach out to St. Jude to provide them with information on the security holes before working with Muddy Waters. Information security experts who have worked with the medical device industry to improve security expressed confusion and dismay. “If safety was the goal then I think (MedSec’s) execution was poor,” said Joshua Corman of The Atlantic Institute and I Am The Cavalry. “And if profit was the goal it may come at the cost of safety. It seems like a high stakes game that people may live to regret.”

Read more of this story at Slashdot.

Source: Slashdot – The Big Short: Security Flaws Fuel Bet Against St. Jude

An anonymous reader quotes a report from Apple Insider: As published by the U.S. Patent and Trademark Office, Apple’s invention covering “Biometric capture for unauthorized user identification” details the simple but brilliant — and legally fuzzy — idea of using an iPhone or iPad’s Touch ID module, camera and other sensors to capture and store information about a potential thief. Apple’s patent is also governed by device triggers, though different constraints might be applied to unauthorized user data aggregation. For example, in one embodiment a single failed authentication triggers the immediate capture of fingerprint data and a picture of the user. In other cases, the device might be configured to evaluate the factors that ultimately trigger biometric capture based on a set of defaults defined by internal security protocols or the user. Interestingly, the patent application mentions machine learning as a potential solution for deciding when to capture biometric data and how to manage it. Other data can augment the biometric information, for example time stamps, device location, speed, air pressure, audio data and more, all collected and logged as background operations. The deemed unauthorized user’s data is then either stored locally on the device or sent to a remote server for further evaluation.

Read more of this story at Slashdot.

Source: Slashdot – Apple Patenting a Way To Collect Fingerprints, Photos of Thieves