Web Developer News News Recent news from

Developers Accuse Sony of 'Playing Favorites' With PS4's Cross-Platform Support
After years of fighting the idea, Sony announced last September it is finally bringing "cross-platform gameplay, progression, and commerce" to the PlayStation Network, with Fortnite as the first example. Months later, the company's efforts have yet to gain wide traction and now we may have identified the bottleneck: Sony. Several major third-party developers have accused the company of standing in the way of letting the PS4 versions of their games play nicely with other platforms. ArsTechnica reports: "We just launched Wargroove with crossplay between PC, Switch, and Xbox," Chucklefish CEO Finn "Tiy" Brice wrote on the ResetEra forums. "We made many requests for crossplay (both through our [Sony] account manager and directly with higher-ups) all the way up until release month. We were told in no uncertain terms that it was not going to happen." Brice's comments came days after new Hi-Rez Studios CEO Stew Chisam tweeted at Sony that the studio was "ready to go when you are" for cross-play on Smite, Paladins, and Realm Royale. "It's time to stop playing favorites and tear down the crossplay/progression wall for everyone," he said. In a follow-up tweet, Chisam explained that Xbox/Switch cross-play has led to a direct improvement in the Paladins online user experience, including reduced wait times, more balanced matchmaking, and fewer "bad" matches overall. Brice's comments in particular come in direct response (and contradiction) to a recent Game Informer interview in which Sony Interactive Entertainment chairman Shawn Layden said that cross-play was open to pretty much any PS4 developer that wants it.

Read more of this story at Slashdot.

Google Play Store App Rejections Up 55% From Last Year, App Suspensions Up 66%
In a year-in-review announcement today, Google said Play Store app rejections went up 55% last year after the OS maker tightened up its app review process. From a report: Similarly, stats for app suspensions also went up, by more than 66%, according to Google, which the company credited to its continued investment in "automated protections and human review processes that play critical roles in identifying and enforcing on bad apps." One of the most significant roles in the automated systems cited by Google in identifying malware is the Google Play Protect service, which is currently included by default with the official Play Store app. Google said this service now scans over 50 billion apps per day, and even goes as far as downloading and scanning every Android app it finds on the internet. [...] Play Store's automated systems are now getting better and better at detecting threats, so much so that Google is now seeing clear patterns. "We find that over 80% of severe policy violations are conducted by repeat offenders and abusive developer networks," Ahn said. "When malicious developers are banned, they often create new accounts or buy developer accounts on the black market in order to come back to Google Play."

Read more of this story at Slashdot.

Researchers Use Intel SGX To Put Malware Beyond the Reach of Antivirus Software
An anonymous reader shares an excerpt from an Ars Technica report: Researchers have found a way to run malicious code on systems with Intel processors in such a way that the malware can't be analyzed or identified by antivirus software, using the processor's own features to protect the bad code. As well as making malware in general harder to examine, bad actors could use this protection to, for example, write ransomware applications that never disclose their encryption keys in readable memory, making it substantially harder to recover from attacks. The research, performed at Graz University of Technology by Michael Schwarz, Samuel Weiser, and Daniel Gruss (one of the researchers behind last year's Spectre attack), uses a feature that Intel introduced with its Skylake processors called SGX ("Software Guard eXtensions"). SGX enables programs to carve out enclaves where both the code and the data the code works with are protected to ensure their confidentiality (nothing else on the system can spy on them) and integrity (any tampering with the code or data can be detected). The contents of an enclave are transparently encrypted every time they're written to RAM and decrypted upon being read. The processor governs access to the enclave memory: any attempt to access the enclave's memory from code outside the enclave is blocked; the decryption and encryption only occurs for the code within the enclave. SGX has been promoted as a solution to a range of security concerns when a developer wants to protect code, data, or both, from prying eyes. For example, an SGX enclave running on a cloud platform could be used to run custom proprietary algorithms, such that even the cloud provider cannot determine what the algorithms are doing. On a client computer, the SGX enclave could be used in a similar way to enforce DRM (digital rights management) restrictions; the decryption process and decryption keys that the DRM used could be held within the enclave, making them unreadable to the rest of the system. There are biometric products on the market that use SGX enclaves for processing the biometric data and securely storing it such that it can't be tampered with. SGX has been designed for this particular threat model: the enclave is trusted and contains something sensitive, but everything else (the application, the operating system, and even the hypervisor) is potentially hostile. While there have been attacks on this threat model (for example, improperly written SGX enclaves can be vulnerable to timing attacks or Meltdown-style attacks), it appears to be robust as long as certain best practices are followed.

Read more of this story at Slashdot. News Recent news from

IT Earnings Way Up at Job Site Elance
Google App Engine, HTML5, search engine optimization and social media marketing are among the fastest movers on Elance's list of hot job opportunities available online.

Say What? The Week's Top Five IT Quotes
Google Wave crashes, fighting to keep mainframe skills alive, beware the Outernet and more.

GPL Enforcement Notches Another Victory
The license at the heart of many open source projects is amassing a winning record when it comes to successfully pursuing enforcement lawsuits.