العاب وبرامج

الثلاثاء، 25 يوليو 2017

Nostalgic tears flowed, but Microsoft Paint will live on through the Windows Store

Above: Microsoft Paint

Image Credit: Paul Sawers / VentureBeat

Rumors that Microsoft was planning to kill off its beloved MS Paint application led to a flood of nostalgic lament Tuesday, but the tech giant has now reassured Windows users that the beloved computer graphics app is here to stay.

On the Windows 10 blog, Microsoft executive Megan Saunders has clarified that MS Paint will still be freely available in the Windows Store after forthcoming upgrades to the operating system. Saunders added that the company’s new and improved creativity app, Paint 3D, will also feature some of users’ favorite old-school MS Paint features in addition to new three-dimensional capabilities.

After today’s “incredible outpouring of support and nostalgia around MS Paint,” Saunders says, “it’s been amazing to see so much love for our trusty old app.”

At 32 years old, MS Paint may be past its prime — but the dedicated following it has garnered seems to have ensured that it’s not ready to retire just yet.

SEC to blockchain community: You are now regulated

Image Credit: Mark Van Scyoc/Shutterstock

There are singular moments where you know for a fact that the world will no longer be the same afterwards. While not on par with some far more consequential events in history, today’s SEC ruling, concluding that blockchain tokens sold through token sales are securities, is one of those for the history of the decentralized Internet.

Everyone knew that this day would come. We just did not know when nor did we know how it would play out. Now we have our answers.

The SEC made its announcement following an investigation of last May’s infamous fundraise by “The DAO” The DAO raised a record ICO at the time only to lose a third of the funds through a hack. The incident led to the split of the Ethereum blockchain, after a faction of the Ethereum community decided to roll back transactions related to the DAO fundraise. The DAO has since been delisted from trading.

SEC investigators ruled that tokens sold by The DAO were securities and so subject to federal securities laws. The ruling will have a cascading effect on all Initial Coin Offerings (ICOs) or token sales. It will impact U.S.-based projects as well as foreign-based projects wishing to obtain investment or funding from U.S.-based investors.

Any blockchain company wishing to raise money via an ICO in the U.S. or from U.S.-based investors has now been warned that “federal securities laws apply to those who offer and sell securities in the United States, regardless whether the issuing entity is a traditional company or a decentralized autonomous organization, regardless whether those securities are purchased using U.S. dollars or virtual currencies, and regardless whether they are distributed in certificated form or through distributed ledger technology.”

Fortunately, the SEC is giving a pass to all of us who were involved in the DAO, saying “the agency has decided not to bring charges in this instance, or make findings of violations in the report, but rather to caution the industry and market participants.”

However, all of us are on notice. The Wild West days of the crypto world are over. Before you were just risking your money. Now, you may be risking your freedom.

What really is a security?

Before we jump into the implications, it is worth reviewing what the standard definition of a “security” is within U.S. law.

If you want to go very deep on this (and it is worth it), take a look at Peter van Valkenburgh’s blog post. He links to a world-class “Securities Law Framework” that he wrote in December, 2016. The bottom line is this: Under U.S. law, a token (or anything) would be considered a security if it meets or fails The Howey Test. As Peter writes:

The U.S. Supreme Court case of SEC v Howey established the test for whether an arrangement involves an investment contract. An investment contract is a type of security.

In the context of blockchain tokens, the Howey test can be expressed as three independent elements (the third element encompasses both the third and fourth prongs of the traditional Howey test). All three elements must be met in order for a token to be a security.

1. An investment of money
2. in a common enterprise
3. with an expectation of profits predominantly from the efforts of others.

Though many organizations have tried to walk a fine line around this (such as Ethereum, Melonport, Monetas, and about 100 others setting up non-profit foundations in Switzerland), clearly the SEC is not convinced.

Ok, so what does it all mean?

There are two sides to every (crypto)coin, and this ruling is no exception.

On the positive side, this ruling is going to make it more difficult for the people to just spin up an ICO and abscond with money. The scam artists (and there are plenty of them) now must really think twice (or thrice) before doing their offering.

It is a boon for lawyers who will open up their ICO advisory practices, and it is a boon for traditional financial advisors and money managers who can now begin to explore investing in tokens without having to worry about the SEC’s position.

It is also an opportunity for new entities such as CoinList (along with its partner AngelList) that have spent a lot of time and money streamlining the process of connecting ICOs with accredited investors “by the book.”

We’ll see much more innovation here.

On the negative side, we are likely to see more and more blockchain-based innovation move to other locations such as Zug, Switzerland (aka Crypto Valley where I am leading a trip in August), Dubai, and Singapore. This will hurt the development of U.S.-based blockchain talent and increase the likelihood that the Facebooks, Amazons, and Googles of the decentralized era will grow somewhere else.

It will likely slow the pace of innovation over all as well-intentioned and honest developers will need to pause before going out in the market. That is a shame because the speed of this market has been exhilarating to watch, giving ever more cause to believe in a positive future. At the end of the day, decentralized systems are a net positive, and the ruling probably has pushed the inevitable arrival of them within the mainstream a bit father down the road.

That’s a shame.

There are other challenges, enforcement being one of the biggest. Investing in an ICO is pretty easy even if the company doing the raise blocks U.S.-based IP addresses. You can download a free VPN and pretend you are coming in from another country. What is more, the pseudonymous nature of Ethereum or the totally anonymous nature of zCash means that it is going to be very difficult to track people down. There is a blockchain trail, but it isn’t the same as a paper trail of money via banks, etc. Not impossible, just difficult.

Finally, decentralized exchanges such as 0x, DCorp, and others will become commonplace, it is not inconceivable that they will add “mixing” services to their smart contracts, thereby making tracking all the more difficult.

Bottom line

While the Wild West era was fun, I think the SEC ruling could be a net positive (though I am very worried about the pace of innovation.) It will slow this “white hot” market down, clear out some of the pure speculators, reduce the scam risk a bit, and allow us to move from the “bubble” phase into the implementation phase, even if getting to the final destination may take a bit longer.

We can focus less on ridiculous ICO raises and get down to work, building the decentralized applications of the next Internet that give people more privacy, more security, more flexibility and reward them for the value they create.

Jeremy Epstein is CEO of Never Stop Marketing and currently works with startups in the blockchain and decentralization space, including OB1/OpenBazaar, Internet of People, and Storj. He advises F2000 organizations on the implications of blockchain technology. Previously, he was VP of marketing at Sprinklr from Series A to “unicorn” status.

BitMixer shuts down to ‘make Bitcoin ecosystem more clean’

Image Credit: Pinon Road / Shutterstock

Bitcoin mixing service BitMixer announced Saturday that it was shutting down its operations effective immediately. In a statement on the Bitcointalk forum, the service’s administrator cited altruism as the reason for the action. He wrote:

“I hope our decision will help to make [the] Bitcoin ecosystem more clean and transparent. I hope our competitors will hear our message and will close their services too.”

Bitcoin mixing services help users mask identities behind their transactions on the blockchain. Because the blockchain is public, analysis can determine a user’s identity and financial history. This makes mixing services popular with those purchasing illicit items such as drugs on dark net markets.

DarkNetMarkets, a site dedicated to dark web content, listed BitMixer as one of the four best mixers in 2017. Online financial technology magazine The Merkle ranked it second in a list of the most reliable mixing services.

In the early days of Bitcoin, the general belief was that cryptocurrency was anonymous and that it left no traces of the user’s identity. This premise gave rise to dark web ecommerce sites, where users could pay for goods and services without needing to use their personal ID (in the form of a bank account or credit card).

Link to dark market shutdowns

The BitMixer shutdown came just three days after a joint effort by law enforcement agencies from the U.S., Europe, and Thailand to shut down AlphaBay and Hansa, two major darknet online markets for selling drugs. Several users and administrators were identified and arrested in the process. Police also seized millions of assets believed to be proceeds from drug sales.

On 5 July, AlphaBay’s administrator, 26-year-old Canadian Alexandre Cazes, committed suicide shortly after being arrested in Thailand.

BitMixer’s voluntary shutdown by its administrator has raised eyebrows, especially after he explained in his Bitcointalk statement that the service had been making a lot of money.

Mixing services grew in popularity after the seizure of Silk Road, the first of the dark web sites to use Bitcoin, and the arrest of its founder Ross Ulbricht, when it became apparent Bitcoin wasn’t as private as users thought.

Bitcoin replacements

As it becomes increasingly difficult to use Bitcoin for criminal enterprise, new cryptocurrencies with more robust privacy features are coming into existence. For instance, Monero includes an inbuilt mixing service, and Zcash uses a protocol that requires no disclosure of public addresses on its blockchain.

Some on Bitcointalk have speculated that BitMixer closed down after coming under pressure from authorities. The founder has however denied this accusation, saying “It was a really very hard decision. But we never had any government or legal pressure.”

Others have speculated that administrators shut down the service either because they sensed they were close to becoming a target of law enforcement or because mixing volumes went down significantly after the shutdown of AlphaBay and Hansa. A contributor on the hacker news site YCombinator wrote:

“Smart move to shut it down on [his own] terms and look like a good guy rather than to continue profiting from criminal activity. I wonder if the shutdowns last week played any [part in] his decision? Maybe he saw a large drop in volumes after the darknet markets were shut down and realized those use cases were much larger than he imagined.”

Many have perceived Bitcoin negatively because of its use on the dark market. According to BitMixer’s administrator, this new development will help redeem the cryptocurrency’s image. He advised those who want to obscure their purchases to use more suitable options instead: “Blockchain is a great open book. [We] believe Bitcoin will have a great future without dark market transactions. You may use Dash or Zerocoin if you want to buy some weed. Not Bitcoin.”

Rupert Hackett is general manager of Bitcoin.com.au, Bitcoin.co.uk (subsidiary of Bitcoin.com.au), and BuyaBitcoin.com.au. He specializes in the digital currency and digital payment space and holds the world’s first Master’s degree in digital currencies. He writes for multiple Bitcoin and tech websites and is an acting Board Director for the Australian Digital Currency Commerce Association (ADCCA).

Why Midwesterners leave Silicon Valley and go home for better opportunities

This image shows a map of Ohio representing how As allure of Silicon Valley fades, some Midwestern natives migrate home for better opportunities.

Above: As the allure of Silicon Valley fades, some Midwestern natives migrate home for better opportunities.

Image Credit: Shutterstock

Each week, I check in with Travis McCleery, who leads product design for Root, an insurance company that uses data collected from drivers’ smartphones to more fairly price and sell auto insurance. Today, our conversation was about engaging specific designers that work for Silicon Valley tech companies, have Midwest roots, and are ready to move back. An exercise like this wouldn’t have even been possible a few years ago, but Travis himself is a case-in-point of this changing tide. Earlier this year he left Netflix, where he led interactive product design, to move back to Columbus.

When Root first contacted him, he was skeptical. He left Columbus for a reason, after all. “In Silicon Valley, everyone is trying to invent the future – it’s in the DNA,” he told me “You’re surrounded with all of these brilliant, driven people. It’s hard to resist the call. I just couldn’t find that here in Columbus a few years ago.”

His first questions were about the quality of the team and the size of its ambition, and what he learned convinced him that it was time to return. “Here’s this super-scrappy, talented team trying to completely disrupt the $200 billion auto insurance industry. And they weren’t messing around. They had built an impressive technology platform in a short time.” So he moved his young family back to Columbus.

Talented and ambitious young people have been drawn out of the Midwest to Silicon Valley for decades. Growing up in Cleveland, I thought often about escaping the slow, and seemingly certain, decline of the Rust Belt. Mom dropped me off at Stanford and I never looked back. In recent years, this trend seems to be reversing. Travis and I are part of a growing group of Midwest natives who migrated to Silicon Valley but are now starting to return, joining a new generation of tech startups back home.

USA Today recently featured several examples, of “Techies” who are returning to the Midwest, including Travis and myself. According to the article, some are moving back in response to the economic divide between Silicon Valley and the Midwest exposed by last year’s election. However, I’ve found that most are returning to the Midwest for the same reasons they left: seeking opportunities to re-shape the world through technology. Nick VanWagner, a product director at LinkedIn when he moved back to the Minneapolis last year, now leads product for WhenIWork, a mobile platform for workforce planning and communications. According to Nick, “Not only are the assignments meaningful, but so is the opportunity to have an impact, not just on a company or an industry, but potentially on an entire region.”

Along with the pull of cities like Columbus and Minneapolis, Silicon Valley is doing its part to send people packing as well, especially those in the 31-40 year-old age group. Some of the causes for this are obvious. The San Francisco Bay Area now ranks as the most expensive region in the country. Median home prices have doubled since 2012 and now top $1 million in most Bay Area communities. Add three-hour commutes on Silicon Valley’s congested freeways and long days are made even longer. Eric Singley, a Minnesota native who recently moved to Chicago, had finally had enough. He’d been an early employee at Yelp, a company now worth over $2.5 billion, but after the birth of their second child, he and his wife decided it was time to go. He now leads product forTriggr Health, a platform that uses predictive analytics to help recovering addicts avoid relapse.

I visit San Francisco frequently, and complaints about the cost of housing are nothing new. More recently, however, people reference Silicon Valley’s culture as the primary reason they want to leave. A wave of negative press about gender discrimination and the toxic culture at leading tech companies like Uber have laid bare long-held concerns about the region’s tech industry. Moreover, when I moved to the Bay Area in the mid 90’s, it seemed that startup founders were trying to solve real problems, making the world better for everyone. I felt the same way in the early 2000’s after the bubble burst and only the truly committed founders forged ahead. Yet increasingly, it seems that a great deal of the motivation in the Valley has shifted. Founders today are too often either solving problems for the marginal lifestyle inconveniences of the rich, urban-dwelling 20-something or launching a “disposable” idea as part of a “startup sabbatical” from big tech companies. I wrote about this pattern in a VentureBeat guest post a few months ago.

The data reflect the growing angst among Silicon Valley’s citizenry. A report from jobs site Indeed.com showed that job searches by Bay Area residents for positions outside the region increased by 30% between 2015 and 2016. Redfin, a national real estate brokerage, shared that home searches within the Bay Area dropped by 10% in the last five years.

Has the lure of Silicon Valley reached a tipping point? Travis (from Root) pauses when asked if Columbus will be the next Silicon Valley:

“Silicon Valley continues to be a very special place, like no other in the world. But building a great career or working on big problems shouldn’t come at the expense of building a great life.”

Outside of Root’s no-frills, post-industrial office, it’s hard to ignore the constant din of jackhammers as most of the surrounding area is blanketed in new construction and renovation projects. He reflects on the whole scene: “This isn’t the Columbus I left three years ago.”

Robert Hatta is a partner at Drive Capital, a venture capital firm based in Columbus, Ohio.

This post originally appeared on Linkedin.

Chrome 60 arrives with Touch Bar support on macOS, Paint Timing API, and CSS font-display

Google has launched Chrome 60 for Windows, Mac, and Linux. Among the additions is Touch Bar support, the Paint Timing API, CSS font-display, and improvements to the Credential Management API. You can update to the latest version now using the browser’s built-in silent updater or download it directly from google.com/chrome.

Chrome is arguably more than a browser: With over 1 billion users, it’s a major platform that web developers have to consider. In fact, with Chrome’s regular additions and changes, developers have to keep up to ensure they are taking advantage of everything available.

First up, macOS means users can now change the layout of the Touch Bar. Just open up the menu bar, choose View, and hit Customize Touch Bar. You can add and remove buttons, have brightness and volume settings alongside Chrome-specific shortcuts, and even disable typing suggestions.

Chrome now supports the new Paint Timing API, which exposes metrics that capture First Paint and First Contentful Paint and gives developers better insight into their site’s loading performance. No generalized metric perfectly captures when a page is loaded in all cases, but First Paint and First Contentful Paint are “invaluable numbers to measure critical user moments during loading,” according to Google.

Next up, Chrome now supports the CSS @font-face descriptor and corresponding font-display property, allowing developers to specify how and when Chrome displays text content while downloading fonts. Until now, Chrome delayed rendering text until the specified font had been downloaded. But that can time on a poor connection, delaying content from loading.

Lastly, the Credential Management API has been updated: the need for a custom fetch() to access the stored password has been deprecated. The user’s password is now returned directly as part of the PasswordCredential.

Other developer features in this release include:

The Payment Request API is now supported on desktop versions of Chrome.
Sites can now collect payments through native Android payment apps using the Payment Request API.
Object rest & spread properties are now supported, making it simpler to merge and shallow-clone objects and implement various immutable object patterns.
The new Web Budget API enables sites with the Push Notification permission to send a limited number of push messages that trigger background work such as syncing data or dismissing notifications the user has handled on another device, without the need to show a user-visible notification.
The new Web Push Encryption format is now supported and PushManager.supportedContentEncodings can be used to detect where it can be used.
PushSubscription.expirationTime is now available, notifying sites when and if a subscription will expire.
To improve performance and predictability, pointermove and mousemove events are now delivered once per AnimationFrame, matching the current functionality of scroll and TouchEvents.
The :focus-within CSS pseudo-class is now available, affecting any element the :focus pseudo-class affects, as well as any element with a descendant affected by :focus.
The CSS frames timing function is now available, making it useful for animation loops where the animation should display all frames for exactly the same length, including its first and last frames.
To provide an enriched way to capture editing actions, InputEvent now allows user input to be managed by script, enhancing the details provided to editable elements.
To increase security, a BeforeUnload dialog triggered when the user leaves a site will now only be shown if the frame attempting to display it has ever received a user gesture or user interaction, though the BeforeUnloadEvent will still be dispatched regardless.
VP9, an open and royalty-free video coding format, can now be used with the MP4 (ISO BMFF) container and requires the new VP9 string format mentioned below.
A new VP9 string format is now available and accepted by various media-related APIs, enabling developers to describe the encoding properties that are common in video codecs, but are not yet exposed.

For what’s new in the browser’s DevTools, check out the release notes.

Chrome 60 also implements 340 security fixes. The following ones were found by external researchers:

[$10000][728887] High CVE-2017-5091: Use after free in IndexedDB. Reported by Ned Williamson on 2017-06-02
[$5000][733549] High CVE-2017-5092: Use after free in PPAPI. Reported by Yu Zhou, Yuan Deng of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室) on 2017-06-15
[$3000][550017] High CVE-2017-5093: UI spoofing in Blink. Reported by Luan Herrera on 2015-10-31
[$1000][702946] High CVE-2017-5094: Type confusion in extensions. Anonymous on 2017-03-19
[$1000][732661] High CVE-2017-5095: Out-of-bounds write in PDFium. Anonymous on 2017-06-13
[$TBD][714442] High CVE-2017-5096: User information leak via Android intents. Takeshi Terada on 2017-04-23
[$TBD][740789] High CVE-2017-5097: Out-of-bounds read in Skia. Anonymous on 2017-07-11
[$TBD][740803] High CVE-2017-5098: Use after free in V8. Jihoon Kim on 2017-07-11
[$N/A][733548] High CVE-2017-5099: Out-of-bounds write in PPAPI. Yuan Deng, Yu Zhou of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室) on 2017-06-15
[$2000][718292] Medium CVE-2017-5100: Use after free in Chrome Apps. Anonymous on 2017-05-04
[$1000][681740] Medium CVE-2017-5101: URL spoofing in OmniBox. Luan Herrera on 2017-01-17
[$1000][727678] Medium CVE-2017-5102: Uninitialized use in Skia. Anonymous on 2017-05-30
[$500][726199] Medium CVE-2017-5103: Uninitialized use in Skia. Anonymous on 2017-05-25
[$500][729105] Medium CVE-2017-5104: UI spoofing in browser. Khalil Zhani on 2017-06-02
[$N/A][742407] Medium CVE-2017-7000: Pointer disclosure in SQLite. Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro’s Zero Day Initiative
[$1000][729979] Low CVE-2017-5105: URL spoofing in OmniBox. Rayyan Bijoora on 2017-06-06
[$TBD][714628] Medium CVE-2017-5106: URL spoofing in OmniBox. Jack Zac on 2017-04-24
[$N/A][686253] Low CVE-2017-5107: User information leak via SVG. David Kohlbrenner of UC San Diego on 2017-01-27
[$N/A][695830] Low CVE-2017-5108: Type confusion in PDFium. Guang Gong of Alpha Team, Qihoo 360 on 2017-02-24
[$N/A][710400] Low CVE-2017-5109: UI spoofing in browser. José María Acuña Morgado on 2017-04-11
[$N/A][717476] Low CVE-2017-5110: UI spoofing in payments dialog. xisigr of Tencent’s Xuanwu Lab on 2017-05-02
[748565] Various fixes from internal audits, fuzzing and other initiatives

Google thus spent at least $26,000 in bug bounties for this release. As always, the security fixes alone should be enough incentive for you to upgrade.

Google releases a new version of its browser every six weeks or so. Chrome 61 will arrive by early September.

AMD CEO: Cryptocurrency mining and gaming will boost Q3 graphics shipments

Above: You can buy Neverdie tokens with Ethereum.

Image Credit: Neverdie

Lisa Su, CEO of chip maker Advanced Micro Devices, said in an analyst conference call that enthusiasm for cryptocurrency and gaming will drive demand for the company’s Vega graphics chips in the third quarter.

Overall, Su said AMD expects to post 23 percent better revenues in Q3 compared to the second quarter, which generated $1.22 billion in revenues. Su said that demand will be driven by a variety of things, including AMD’s most competitive processors in a decade in its battle with rival Intel. AMD posted earnings that beat earnings expectations, and it predicted better times to come.

AMD launched its Epyc server chips in July, and it has been releasing new Ryzen processors since March. Those chips are based on the Zen cores, which are 52 percent faster per clock cycle than the previous generation. The gradual ramp of the Zen products will help AMD gain share in the market compared to Intel, and Su said the reception has been good.

Above: Lisa Su, CEO of AMD, introduces Zen.

Image Credit: Dean Takahashi

But Su also responded to questions about cryptocurrency during the call. She noted that the popularity of blockchain is prompting speculators to buy more graphics hardware so that they can mine currency faster. AMD recently launched its first Vega graphics processing units (GPUs), and it has more coming next week. Overall, demand for cryptocurrency mining has been clear.

“We have seen elevated demand for cryptocurrency,” she said. “Inventory for GPUs is lean, but our priority is the core gaming market.”

Su said the company is prioritizing supplies for game PC retailers. Semi-custom chips, including game console chips, will likely peak in the third quarter and come down in the fourth quarter, she said. AMD is shipping new processors for Microsoft’s Xbox One X game console debuting in October. Semi-custom chip sales were down 5 percent in the second quarter.

In the long term, Su said AMD was not counting on revenues from cryptocurrency to change the overall demand profile for graphics chips, but the company is watching the market, as cryptocurrency is definitely a component in overall demand.

“Overall, I would view this as GPUs are strong. It’s a great market to be in,” she said.