Electronics companies Dyson, LG, and Wahl are fighting right-to-repair legislation, Motherboard reported Wednesday, citing letters it has obtained. From a report: The manufacturers of your appliances do not want you to be able to fix them yourself. Last week, at least three major appliance manufacturers -- Dyson, LG, and Wahl -- sent letters to Illinois lawmakers opposing "fair repair" legislation in that state. The letters were written with the help of a trade group called the Association of Home Appliance Manufacturers (AHAM). All three letters are similar but include slightly different wording and examples in parts. The letters ask lawmakers to "withdraw" a bill that would protect and expand the ability for consumers and independent repair professionals to repair everything from iPhones to robot vacuums, electric shavers, toasters, and tractors. Here are links to the Wahl, Dyson, and LG letters.

Read more of this story at Slashdot.

Palestinian officials, activists and family members denounce 'ludicrous' punishment of officer who killed Nadim Nuwarra.

In its first year, the Trump administration kept one little-known courtroom in the capital busy. From a report: A secretive Washington DC-based court that oversees the US government's foreign spy programs denied more surveillance orders during President Donald Trump's first year than in the court's 40-year history, according to newly released figures. Annual data published Wednesday by the US Courts shows that the Foreign Intelligence Surveillance (FISA) Court last year denied 26 applications in full, and 50 applications in part. That's compared to 21 orders between when the court was first formed in 1978 and President Barack Obama's final year in office in 2016.

Read more of this story at Slashdot.

The French president received more than one standing ovation in his remarks to Congress on climate change.

Say you write an iOS app, and now you want to write the Mac version.

Assuming there’s a data model, maybe a database, some networking code, that kind of thing, then you can use that exact same code in your Mac app, quite likely without any changes whatsoever.

That leaves the 20% or whatever that’s user interface. AppKit is not the same as UIKit, but it’s recognizable. Same patterns and concepts, and often similar names (UITableView/NSTableView).

Given that you’ve done the hard thing — learning UIKit, Xcode, and Swift and/or Objective-C — taking the next step and learning AppKit seems like a very small thing. You’ve climbed the mountain already, after all.

You might complain that AppKit has some weird stuff. True. Some of it, though, isn’t truly weird — it’s just weird to you if you’ve never dealt with things like a menubar and a multiple, live-resizable windows.

People coming from AppKit to UIKit (few people these days; many people 10 years ago) might also complain about safe content area insets (or whatever the thing is these days) and size classes and all manner of strange stuff they like not having to deal with in Mac apps. UIKit’s weird too, to some people.

Ten years ago I thought that all the new iOS developers would translate to lots more Mac developers. That that didn’t happen is a huge surprise to me. Because if you’re an iOS developer you’re practically a Mac developer already.

(And — little-known secret — the economics of Mac apps appear to be more favorable than for iOS apps.)

For the second time in a month, websites that use the Drupal content management system are confronted with a stark choice: install a critical update or risk having your servers infected with ransomware or other nasties. From a report: Maintainers of the open-source CMS built on the PHP programming language released an update patching critical remote-code vulnerability on Wednesday. The bug, formally indexed as CVE-2018-7602, exists within multiple subsystems of Drupal 7.x and 8.x. Drupal maintainers didn't provide details on how the vulnerability can be exploited other than to say attacks work remotely. The maintainers rated the vulnerability "critical" and urged websites to patch it as soon as possible.

Read more of this story at Slashdot.

Poor man's YAML

Check Uniform Resource Identifiers

The demo river on Glitch now runs in HTTPS. (Yes, I support it in my products, when I can, but my websites won't, not until we get Google to kick back. No one owns the web. That's an absolute.)

A suspected North Korean hacking campaign has expanded to targets in 17 different countries, including the U.S., pilfering information on critical infrastructure, telecommunications and entertainment organizations, researchers say. From a report: Cybersecurity firm McAfee released new research on the hacking campaign this week, calling it Operation GhostSecret and describing the attackers as having "significant capabilities" to develop and use multiple cyber tools and rapidly expand operations across the globe. The findings demonstrate the growing sophistication of North Korea's army of hackers, which has been blamed for high-profile hacking operations such as the WannaCry malware outbreak last year.

Read more of this story at Slashdot.

President Macron addressed US Congress to describe the French-US "very special relationship" and call for greater cooperation.

With an army rumoured to be number more than one million soldiers and a large conventional arsenal, it's not just North Korean nuclear weapons that could pose a threat.

French President Emmanuel Macron is on a three-day state visit to Washington.

Palestinian Ahmad Abu Hussein, 24, dies of wounds after being shot in the abdomen during protest on April 13.

New submitter lod123 writes: A malicious proof-of-concept Amazon Echo Skill shows how attackers can abuse the Alexa virtual assistant to eavesdrop on consumers with smart devices -- and automatically transcribe every word said. Checkmarx researchers told Threatpost that they created a proof-of-concept Alexa Skill that abuses the virtual assistant's built-in request capabilities. The rogue Skill begins with the initiation of an Alexa voice-command session that fails to terminate (stop listening) after the command is given. Next, any recorded audio is transcribed (if voices are captured) and a text transcript is sent to a hacker. Checkmarx said it brought its proof-of-concept attack to Amazon's attention and that the company fixed a coding flaw that allowed the rogue Skill to capture prolonged audio on April 10.

Read more of this story at Slashdot.