The FCC approves new rules letting phone companies block calls likely to be from fraudsters because they're dialed from certain types of numbers.
Nothing like unauth'd hijacking, Heartbleed-style bugs to patch ASAP
Oracle has published an out-of-band software update to address a handful of security flaws in parts of the PeopleSoft HR software.…
Greetings, Arsians! Courtesy of our friends at TechBargains, we have another round of deals to share. We're in a bit of a "calm before the storm" mode with Black Friday a week away, but today's list still has a few discounts worth noting, including a number of deals on Dell laptops and early Black Friday savings on Bose's QuietComfort 25 noise-cancelling headphones and iRobot's Roomba 690.
You can check out the full list below.
Note: Ars Technica may earn compensation for sales from links on this post through affiliate programs.
The Dark Side is strong with a video of Darth Vader overdubbed with Anakin Skywalker's less impressive voice.
Mozilla has doubled its web browser speed already and hopes to double it again in 2018. Say hello to Firefox Quantum.
A US Senator trying to eradicate the Internet scourge known as malvertising is proposing that all federal agencies block ads delivered to worker computers unless advertisers can ensure their networks are free of content that contains malicious code.
In a letter sent today, Oregon Senator Ron Wyden asked White House Cybersecurity Coordinator Rob Joyce to begin discussions with advertising industry officials to ensure ads displayed on websites can't be used to infect US government computers. If, after 180 days, Joyce isn't "completely confident" the industry has curbed the problem, Wyden asked that Joyce direct the US Department of Homeland Security to issue a directive "requiring federal agencies to block the delivery to employees' computers of all Internet ads containing executable code."
"Malware is increasingly delivered through code embedded in seemingly innocuous advertisements online," Wyden wrote. "Individuals do not even need to click on ads to get infected: this malicious software, including ransomware, is delivered without any interaction by the user."
Normally $50, the Vaux turns your Dot into a full-size Echo -- and makes it portable! Plus: a free audiobook and $10 waterproof speaker.
A variant of the Zeus trojan isn't content with your banking details. It wants your social media logins, too.
A program could freeze the security camera's live feed, making it seem like you're watching a safely closed door while intruders sneak in.
Management on the Tsukuba Express line "sincerely apologised for the inconvenience" caused.
Plus AWS creds, S3 silos filled with sensitive customer info
Chinese drone maker DJI left the private key for its dot-com's HTTPS certificate exposed on GitHub for up to four years, according to a researcher who gave up with the biz's bug bounty process.…
Introduced a little over two years ago, Microsoft's Surface Book was the hybrid laptop that I had long hoped the company would build. Like the Surface Pro, it worked as a true standalone tablet, but it had the all-important stiff hinge, making it suitable for use on your lap in a way that the Surface Pro's kickstand and Type Covers never really supported.
The Surface Book was not just a useful form factor; it was also something of a technological showcase. Other hybrid designs I've used, such as the ThinkPad Helix, had clunky mechanical linkages between the tablet portion and the base. The Surface Book boasted a clever software-controlled system. The fulcrum hinge design, which helped keep the device balanced when the screen was open, is elegant and visually striking.
And to top it all off, the Surface Book came with an optional discrete GPU, with the GPU housed not in the tablet part but in the base. While we've seen many systems with switchable graphics—using the low-power integrated GPU unless you're playing a game or similar and need the full power of the discrete chip—having the discrete GPU be in a separate component was an exciting twist.
And, naturally, they're all sold out already.
Security research firm Rhino Security Labs found a vulnerability in the Amazon Key in-home delivery service's security procedures that could allow either the courier or even a savvy and malicious bystander to enter your home undetected after the delivery is completed. Amazon has promised to change how Key works in order to make it easier for you to tell when something unusual is happening in this event, but the changes proposed by Amazon don't necessarily resolve the vulnerability.
Amazon Key is available to Amazon customers who have bought and installed Amazon's own Cloud Cam security camera and installed it at their front door. If you're one of those customers, you can select "in-home delivery" as a delivery method when purchasing something on Amazon. Amazon couriers can then authenticate themselves with your Cloud Cam to unlock the door and enter your home to leave the package. However, they can only do this at a home to which they're assigned to make a delivery and only at the scheduled time. They are recorded by your security camera as they make the delivery, and they must lock the door when they leave. Amazon also tracks which courier is assigned to the delivery, and only that courier has access.
Rhino Labs discovered that a courier equipped with a simple program can use their laptop to fake a command from your Wi-Fi router to disconnect the Cloud Cam from your network. This causes the camera to stop functioning by freezing the image at the last frame. At that point, the courier could re-enter your home, do whatever it is that they want there, and then exit, reactivate the camera, and lock the door as usual. This re-entry would be undetectable by the resident, and it would appear like a normal delivery in Amazon's data.
Nearly 70,000 models covered in separate safety campaigns.
The fascinating Don Juan Pond in Antarctica could teach us more about water on Mars, the space agency hopes.
The Bluetooth speaker also comes with old-school physical knobs for your inner hipster.
T-Mobile lets you buy one get one for some of this year's most popular phones.
We chat about Pixar's first virtual-reality experience called "Coco VR," while Nintendo fave "Duck Hunt" adds VR too.
Commentary: Way of the Future, the God-bot religion founded by former Google executive Anthony Levandowski, has a website. And, oh.