Android/Linux Devices: Fire OS/Fire HD, Chromebook Pixel, Pixel 2 XL

• New Amazon Fire HD 10 adds full HD display, hands-free Alexa

  Amazon has made concessions to hit that price point, of course—mostly via the limitations of Fire OS—but let's start with the good stuff. The 10.1-inch, 1920×1200 pixel IPS screen is colourful, bright, and has excellent viewing angles. It's laminated to the glass, too, making it clear and easy to read. The shiny rear surface of the old Fire 10 has been given the shove, replaced with a hard-wearing, textured plastic that provides plenty of grip, without feeling cheap (or, at least more premium than the price tag suggests).

• Meet the really cheap Google Home Mini and really expensive Chromebook Pixel 3

  Android fansite Droid Life is on fire today with a big series of leaks of Google's upcoming hardware launches. After showing off pictures and pricing for the Pixel 2 and Pixel 2 XL, the site has details on the new "Google Home Mini," a second smartphone-powered Daydream VR headset, and a new flagship Chromebook Pixel. First up is the new "Google Home Mini," a smaller version of the Google Home, which will retail for just $50. The colors here are "Chalk" (white/grey), "Charcoal" (black), and "Coral" (red). Like the Amazon Echo Dot, the Google Home Mini skips the thumping speaker setup for a smaller, cheaper form factor meant more for commands and Q&A sessions rather than for music.

• The Pixel 2 XL price jumps $80, now starts at $849

Development: RTOS, LipidFinder, Github Threat, and Stack Overflow Survey

• RTOS Primer, Part Two: Real Time Applications

  Employing Linux as an embedded RTOS has several advantages that make it highly attractive on a number of levels, specifically the most important concern these days, which seems to be cost. The second concern is security; Linux proves to be pretty secure in comparison to several common alternatives like Windows.

• LipidFinder: An Open-Source Python Workflow for Novel Lipid Discovery

  Obtaining precise, high-quality lipidomic (or metabolomic) datasets comes with its challenges. One factor that I am sure comes to mind is the ability to minimize, or even better, eliminate those large numbers of artefacts that could otherwise hinder your mass spectrometry data analysis, to ensure accurate interpretation.

• The Github threat

  The Github application belongs to a single entity, Github Inc, a US company which manage it alone. So, a unique company under US legislation manages the access to most of Free Software application code sources, which may be a problem with groups using it when a code source is no longer available, for political or technical reason.

• Stack Overflow gives an even closer look at developer salaries

  Today, Stack Overflow announced a slightly more useful application for that same data, with the Stack Overflow Salary Calculator. Tell it where you live, how much experience and education you have, and what kind of developer you are, and it will tell you the salary range you should expect to make in five national markets (US, Canada, UK, France, Germany) and a handful of cities (New York, San Francisco, Seattle, Toronto, London, Paris, Berlin).

Security: Equifax, Kodi, Infrared, and Windows XP in 2017

• Safer but not immune: Cloud lessons from the Equifax breach

• Warning: If you are using this Kodi repository, you could be in danger

  Kodi is quite possibly the best media center software of all time. If you are looking to watch videos or listen to music, the open source solution provides an excellent overall experience. Thanks to its support for "addons," it has the potential to become better all the time. You see, developers can easily add new functionality by writing an addon for the platform. And yes, some addons can be used for piracy, but not all of them are. These addons, such as Exodus and Covenant, are normally added using a repository, which hosts them. [...] We do not know 100 percent if the person that re-registered the metalkettle name on GitHub is planning anything evil, but it is better to be safe than sorry.

• Infrared signals in surveillance cameras let malware jump network air gaps

  The malware prototype could be a crucial ingredient for attacks that target some of the world's most sensitive networks. Militaries, energy producers, and other critical infrastructure providers frequently disconnect such networks from the Internet as a precaution. In the event malware is installed, there is no way for it to make contact with attacker-controlled servers that receive stolen data or issue new commands. Such airgaps are one of the most basic measures for securing highly sensitive information and networks. The proof-of-concept malware uses connected surveillance cameras to bridge such airgaps. Instead of trying to use the Internet to reach attacker-controlled servers, the malware weaves passwords, cryptographic keys, and other types of data into infrared signals and uses a camera's built-in infrared lights to transmit them. A nearby attacker then records the signals with a video camera and later decodes embedded secrets. The same nearby attackers can embed data into infrared signals and beam them to an infected camera, where they're intercepted and decoded by the network malware. The covert channel works best when attackers have a direct line of sight to the video camera, but non-line-of-sight communication is also possible in some cases.

• Manchester police still relies on Windows XP

  England's second biggest police force has revealed that more than one in five of its computers were still running Windows XP as of July. Greater Manchester Police told the BBC that 1,518 of its PCs ran the ageing operating system, representing 20.3% of all the office computers it used. Microsoft ended nearly all support for the operating system in 2014. Experts say its use could pose a hacking risk. The figure was disclosed as part of a wider Freedom of Information request. "Even if security vulnerabilities are identified in XP, Microsoft won't distribute patches in the same way it does for later releases of Windows," said Dr Steven Murdoch, a cyber-security expert at University College London.

Tux Machines is proud to be hosted by