There are considerable challenges to developing reliable 5G networks across Africa.
We're going to try something a little different this afternoon. Some of Ars' highest-performing YouTube videos have focused on gaming topics—like how designers created Dead Space's grab-tentacle or how Amnesia: The Dark Descent tricks players into terrifying themselves (though we've also done well with non-gaming topics, like exploring the phenomenon of flat earthers and even interviewing famous NASA people).
Which leads us to Mark "Markiplier" Fischbach. He runs one of the most popular gaming channels on YouTube, with (currently) just a hair under 25 million subscribers.
The Condé mothership informed us late last month that they had gotten some time with Markiplier and wanted to know if we were interested in filming something with him—and we took the plunge. Markiplier has a loud personality and is best known for his mugging at the camera while doing "Let's Play" videos on jump-scare games, but we wanted to see if we could capture a calmer, more introspective Markiplier than most folks might be used to seeing, looking over the past several years of the YouTube content creator landscape and discussing his successes—and his not-so-successes. It's an interesting glimpse into a world that a lot of regular Ars readers (myself included) might not be that familiar with—an alternate reality of content creation, where YouTube comments actually matter and trying to figure out how to maintain engagement is critical to success.
CD Projekt Red announced via tweet this afternoon that the heavily anticipated Cyberpunk 2077 would be released on September 17, 2020. That's a five-month delay from the April 16 release date that was announced last June.
"We are currently at a stage where the game is complete and playable, but there's still work to be done," the company wrote. "Night City is massive—full of stories, content, and places to visit, but due to the sheer scale and complexity of it all, we need more time to finish playtesting, fixing, and polishing."
Early this morning, Cooler Master tweeted a picture of its new spade-tipped thermal compound applicators and captioned it "we didn't change the shape of the syringe to make applying thermal paste a lot easier, but because we're getting tired of having to explain to parents that their kid isn't using drugs."
It took the Ars staff a few minutes of grappling with Poe's Law to figure out if they were serious or not. On the one hand, how many parents would really mistake thermal compound for a medical syringe? On the other hand... the world's a big place, and as recently as 2015, I needed to tell parents en masse that the most prevalent server operating system on the planet isn't malware, so who knows? But Cooler Master is probably just joining the likes of Wendy's, Denny's, and Old Spice on Snarky Brand Twitter.
What we're sure of is that the spade-tipped applicator looks a lot more pleasant to use than the general purpose closed-needle-tip syringe senior techs and enthusiasts have been grappling with for decades. If you're not accustomed to it, thermal compound is thick, goopy, and an absolute nightmare to clean off of any credit card you unwisely use to try to spread a thin film of it evenly across your new CPU, as guides have advised for as long as thermal compound has existed. (Some techs keep a "fake" credit card around for just this purpose, which at least lets them get some use out of spam credit card offers.)
Last month, we asked readers to donate to our 2019 Charity Drive sweepstakes. Now that the giving is done and the results have been tallied, we can report that Ars Technica readers donated $33,181.11 to Child's Play and the EFF through the charity drive. That's not quite a record for our annual effort, but it does bring our donation total over 13 years of charity driving past the $330,000 mark! Well done, Arsians!
Thanks to everyone who gave whatever they could. We're still early in the process of selecting and notifying winners of our swag giveaway, so don't fret if you haven't heard if you're a winner yet. In the meantime, enjoy these quick stats from the 2019 drive.
Students shared tips on how to remove the barnacle device on social media.
While much of the attention around Microsoft's latest Windows security patch has been focused on a flaw in Windows 10 and Windows Server that could be used to spoof a certificate for secure Web sessions or signing code, there were 48 other vulnerabilities that were fixed in the latest update package. Five were related to Microsoft's Remote Desktop Protocol (RDP)-based service, which is used by thousands of organizations for remote access to computers within their networks. And two of them are flaws in the Windows Remote Desktop Gateway that could allow attackers to gain access to networks without having to provide a login.
These two separate bugs, identified as CVE-2020-0609 and CVE-2020-0610, are rated as more dangerous than the crypto bug by Microsoft because, while they're not yet exploited, they could be used to remotely execute code on targeted RDP servers before the gateway even attempts to authenticate them.
"An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," the Microsoft Security Response Center summary of both vulnerabilities warned. And there is no way to work around the vulnerability without applying a software update. Both attacks rely on specially crafted requests to the Remote Desktop Gateway using the RDP protocol.
Mojo Vision has revealed its new lens which puts augmented reality in front of your eyes.
A top court rules the country's censorship of Wikipedia violated freedom of expression.
Lawmakers heard testimony on the risks of facial recognition programs which are largely unregulated.
Less than a day after Microsoft disclosed one of the most critical Windows vulnerabilities ever, a security researcher has demonstrated how attackers can exploit it to cryptographically impersonate any website or server on the Internet.
Researcher Saleem Rashid on Wednesday tweeted images of the video "Never Gonna Give You Up," by 1980s heart-throb Rick Astley, playing on Github.com and NSA.gov. The digital sleight of hand is known as Rickrolling and is often used as a humorous and benign way to demonstrate serious security flaws. In this case, Rashid's exploit causes both the Edge and Chrome browsers to spoof the HTTPS verified websites of Github and the National Security Agency. Brave and other Chrome derivatives, as well as Internet Explorer, are also likely to fall to the same trick. (There's no indication Firefox is affected.)
Rashid's simulated attack exploits CVE-2020-0601, the critical vulnerability that Microsoft patched on Tuesday after receiving a private tipoff from the NSA. As Ars reported, the flaw can completely break certificate validation for websites, software updates, VPNs, and other security-critical computer uses. It affects Windows 10 systems, including server versions Windows Server 2016 and Windows Server 2019. Other versions of Windows are unaffected.
Chrome's Packaged Apps have been a dead platform for a while now, after a 2016 announcement that the "App" section of Chrome's Web store would be pulled from Windows, Mac, and Linux, leaving Chrome OS as the only supported OS. Today, Google announced that the last supported platform, Chrome OS, is losing access to Chrome apps, too, along with dates to strip the app feature out of Chrome's code base. Google writes it "will begin phasing out support for Chrome Apps across all operating systems as follows:"
Most Windows, Mac, and Linux users haven't been able to use Chrome packaged apps for years now, as the Web store was shut down for them in 2017. Users on those OSes shouldn't notice a thing, unless they were sideloading packaged apps or getting them through an enterprise management feature. Chrome OS is the real news here, and it will continue to cling to the feature until June 2022.
Google kills product
Sain Records' Apton app says it is "difficult" to compete with major corporations like Spotify.
Social network apologises for allowing the use of discriminatory ad keywords it had meant to ban.
Mozilla has laid off 70 people, TechCrunch reports. It's a significant move for an organization that employs around 1,000 people worldwide.
"You may recall that we expected to be earning revenue in 2019 and 2020 from new subscription products as well as higher revenue from sources outside of search," wrote Mozilla interim CEO Mitchell Baker in a memo to staff obtained by TechCrunch. "This did not happen."
Baker said Mozilla had decided not to shelve its $43 million innovation fund, which focuses on creating new Mozilla products. She said Mozilla would provide "generous exit packages and outplacement support" to those who were let go.
On the eve of the House of Representatives' forwarding of articles of impeachment to the Senate, President Donald Trump took time to attack Apple. The president's outburst on Twitter appears to be about the FBI's inability to get access to the physical storage on two iPhones connected to last month's killings at Naval Air Station Pensacola in Florida. And it is the latest ratcheting up of rhetoric from the Trump administration on device encryption.
The phones are believed by the FBI to have been the property of Mohammed Saeed Alshamrani, the Saudi Air Force officer who was the suspect in the shooting of three members of the US Navy in December. Alshamrani died after being shot by law enforcement, and the devices were locked.
But an Apple spokesperson said that Apple had provided the contents of the cloud backups of those devices to investigators within hours of the shooting, and Apple executives thought the FBI was satisfied with that—until the FBI came back a week ago and asked for additional assistance. It is not clear that Apple has refused that assistance, but the company has resisted providing a way for the government to break the encryption on devices in the past. Apple did this out of concern that breaking open devices would reduce the protection provided to law-abiding customers against theft of their personal data off stolen or otherwise targeted devices.
Author Neil Gaiman and thousands of other people were moved by the shop's plight.
The US government should spend at least $1.25 billion "to invest in Western-based alternatives to Chinese equipment providers Huawei and ZTE," a bipartisan group of six US senators said yesterday.
The senators submitted legislation called the Utilizing Strategic Allied (USA) Telecommunications Act to make that happen, arguing that the US must counter the Chinese government's investments in the telecom sector. The money would come from spectrum-auction proceeds, and the $1.25 billion in grants would be spread out over 10 years. The money would support development of new 5G technology, with a focus on equipment that complies with open standards to ensure "multi-vendor network equipment interoperability."
The senators' announcement said:
Internet giant Amazon is doing an about-face on its earlier ban and will now let third-party vendors using its marketplace ship items using FedEx.
The company lifted its ban as of 5pm eastern time yesterday, reports Bloomberg, which obtained a copy of the email Amazon sent to sellers.
Amazon in December abruptly prohibited third-party vendors on its website from using FedEx ground delivery services. In a communication to third-party merchants sent at the time, Amazon said the ban on FedEx Ground and Home services would persist "until the delivery performance of these ship methods improves."
It’s mid-January, which means the jokes about New Year’s resolutions are hopefully fading out along with your seasonal depression. Oh, and NOAA’s and NASA’s final 2019 global temperature analyses have dropped. (No need to get the party hats and noisemakers back out.)
Let’s start with the numbers. Last year comes in as the second warmest on record in almost every dataset. The UK Met Office dataset has it in third place, as does one satellite dataset (though it is a bit out of step with other satellite records). Satellite datasets measure temperatures higher in the atmosphere rather than surface temperatures, so small differences are not uncommon. Surface temperature datasets generally go back to the late 1800s, while satellite datasets begin in 1979.
The biggest piece of context you need to understand these annual updates is the El Niño Southern Oscillation—a see-saw of Pacific Ocean temperatures that pushes the global average a little above or below the long-term trend each year. In an El Niño pattern, warm water from the western equatorial Pacific drifts toward South America. In a La Niña pattern, strong winds hold that warm water back, pulling up deep, cold water along South America. Years in which El Niño dominates tend to have a higher global average surface temperature, while La Niña years are a little cooler.