Month: April 2015

Several thousand computers running the Linux and FreeBSD operating systems have been infected over the past seven months with sophisticated malware that surreptitiously makes them part of a renegade network blasting the Internet with spam, researchers said Wednesday. The malware likely infected many more machines during the five years it’s known to have existed.

Most of the machines infected by the so-called Mumblehard malware are believed to run websites, according to the 23-page report issued by researchers from antivirus provider Eset. During the seven months that they monitored one of its command and control channels, 8,867 unique IP addresses connected to it, with 3,000 of them joining in the past three weeks. The discovery is reminiscent of Windigo, a separate spam botnet made up of 10,000 Linux servers that Eset discovered 14 months ago.

The Mumblehard malware is the brainchild of experienced and highly skilled programmers. It includes a backdoor and a spam daemon, which is a behind-the-scenes process that sends large batches of junk mail. These two main components are written in Perl and they’re obfuscated inside a custom “packer” that’s written in assembly, an extremely low-level programming language that closely corresponds to the native machine code of the computer hardware it runs on. Some of the Perl script contains a separate executable with the same assembly-based packer that’s arranged in the fashion of a Russian nesting doll. The result is a very stealthy infection that causes production servers to send spam and may serve other nefarious purposes.

Microsoft launched today a shiny new code editor for Windows, OS X, and Linux: Visual Studio Code. It’s a smart looking text editor with IntelliSense support, git integration, and a few other bits and pieces that developers will enjoy.

What Microsoft didn’t say when announcing the new editor was how it built Visual Studio Code. In a move that might seem a little surprising, given the regular animosity between the two companies, the editor is built on top of Chromium, the open source version of Google’s Chrome browser.

The app is built using an open source desktop application framework developed by GitHub called Electron. Electron uses HTML5, JavaScript, and other Web technologies, using Chromium for presentation, and io.js (a fork of node.js) to tie it all together. GitHub has an Electron-based editor called Atom, and Visual Studio Code is based on it.

If you’re still waiting for your Apple Watch order to arrive, the Wall Street Journal has someone for you to blame: Taptic Engine components manufactured by AAC Technologies Holdings Inc. “started to break down over time,” a manufacturing defect that “people familiar with the matter” say caused Apple to throw out some watches that had already been built.

Components from another supplier, Nidec Corp., haven’t been faulty, but it will apparently take time for Nidec to ramp up production and catch up with demand. Neither AAC nor Nidec provided a comment for the Journal‘s story.

The Taptic Engine is a key part of the Apple Watch—it’s what makes it vibrate when the watch wants your attention. Though many phones and tablets from other companies have used similar haptic feedback for a while now, Apple has only started to deploy it in the Watch and in some new MacBook models, where it’s used in trackpads to simulate physical clicks.

(This story was updated with Selerity’s explanation about how it obtained Twitter’s financials.)

Traders who were shorting Twitter stock ahead of its earnings announcement Tuesday made a giant windfall. Twitter’s shares tumbled 18 percent, and about $5 billion in market cap instantly vanished. Investors were spooked by the $162 million first-quarter loss because the earnings statement was published online about 45 minutes ahead of schedule thanks to a Web-crawling bot that discovered the financials buried deep in Twitter’s investor relations page.

SAN FRANCISCO—Microsoft announced a four-pronged effort to bring developers and their apps to Windows at its build conference today. One of these prongs—a way for Web developers to present their sites as apps—was already announced at Mobile World Congress earlier in the year.

The second prong is logical but not altogether surprising. In Windows 10, developers will be able to specially prepare existing Windows apps, whether Win32, .NET WinForms, .NET WPF, or any other Windows development technology, and sell them through the Windows Store. Unlike the “traditional” Windows application installation experience, these apps will be guaranteed to install, update, and uninstall cleanly—one of the important things that Store apps do to ensure that users feel confident trying apps out and removing them if they don’t like them. Behind the scenes, virtualization technology will be used to provide this isolation and robustness.

Islandwood and Astoria

The next two prongs are the more surprising: Microsoft is going after Android and iOS developers. With Project Islandwood, iOS developers will be able to take their iOS apps and build them for Windows. Microsoft has developed an Objective C toolchain and middleware layer that provide the operating system APIs that iOS apps expect. A select group of third parties have been using the Islandwood tools already, with King’s Candy Crush Saga for Windows Phone being one of the first apps built this way. King’s developers had to change only a “few percent” of the code in order to fully port it to Windows Phone.

Although Verizon says its FiOS Internet service “doesn’t cap usage in any way,” one customer who has been using 7TB monthly for several months in a row got a letter warning him that his broadband will be disconnected unless he reins in his “excessive usage.”

“If this excessive usage continues past May 31, 2015 on your FiOS Internet account, your service will be disconnected on June 15, 2015,” Verizon wrote to the subscriber.

The subscriber pays $315 a month for Verizon’s 500Mbps plan, according to DSLReports.