Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 17 min 26 sec ago
Lock an infinite number of monkeys in a room with an infinite number of typewriters for an infinite amount of time, and I’m not sure they’d ever come up with Xenoblade Chronicles 2. The action-JRPG so greatly lacks a cohesive style—mechanically and artistically—that its very absence becomes its cohesive style. It’s a mishmash of ideas from MMOs, anime, gacha games, science fiction, fantasy, management sims, satire, melodrama, and probably a load of other stuff I haven’t even seen.
But just like the classic adage about simians writing Shakespeare, given enough time, it kind of works.
It does not give that impression at first. Xenoblade Chronicles 2 leads with some of the most generic setup and characters I’ve seen since the PlayStation 2 era, when everyone and their uncle put out six 80-hour RPGs a month. You start as Rex: a determined young man on his own. He meets a magical girl who is wanted by an empire, among others, and goes off on an adventure where he slowly accrues party members of various stripes. Some of those party members get amnesia, of course, because what JRPG is complete without an amnesiac subplot?
If that all sounds like the plot of every JRPG in the past 20 years to you, you’re not alone. That familiarity, plus the game’s well-documented and tacky ogling of its female lead, had me ready to roll my eyes right off the screen for the first couple hours or so. The poor start is especially egregious given the incredibly evocative intro to the original Xenoblade Chronicles—which was set on a world made from the interlocked corpses of two continent-sized colossi.
Flaws in software often offer a potential path for attackers to install malicious software, but you wouldn't necessarily expect a hardware vendor to include potentially malicious software built right into its device drivers. But that's exactly what a security researcher found while poking around the internals of a driver for a touchpad commonly used on HP notebook computers—a keystroke logger that could be turned on with a simple change to its configuration in the Windows registry.
The logger, which could potentially be leveraged by an attacker or malware to harvest login credentials and other data, was discovered by security reasearcher Michael Myng (also known as ZwClose) lurking within driver software for Synaptics touchpads—used by hundreds of HP and Compaq business and consumer notebook computer models, as well as many other Windows notebook computers from other manufacturers. Myng disclosed the discovery on his blog on December 7 after the problem was disclosed to HP.
The keylogger was apparently included for debugging during development and is disabled by default. However, a user or software with administrative privileges could activate the keylogger by making a registry change—potentially remotely using Windows Management Instrumentation (WMI) or PowerShell scripts. Once turned on, it captures keystrokes and generates a trace log file.
We've re-launched our Ars Technica merch store just in time for the holidays, and the response has been great—"Nuke it from orbit" mugs and Ars hyperspace logo T-shirts are flying off the virtual shelves.
If you're pondering an order and want to make sure it arrives by Christmas, order today to avoid disappointment. Between the time needed to print the shirts and the time needed to ship them, December 11 is the final day to place most orders for Christmas delivery. Here are the shipping options that will still get your merch to you by December 25:
USPS Priority Mail: Dec 11
The Federal Communications Commission has again refused to help New York's attorney general investigate impersonation and other fraud in public comments on the FCC's net neutrality repeal.
For the past six months, New York State Attorney General Eric Schneiderman has been "investigating who perpetrated a massive scheme to corrupt the FCC's notice and comment process" by filing fraudulent comments under real people's names. But FCC Chairman Ajit Pai's office has "refused multiple requests for crucial evidence in its sole possession," Schneiderman wrote in an open letter to Pai last month.
FCC General Counsel Thomas Johnson responded to Schneiderman on Pai's behalf Thursday and once again refused to provide the requested evidence.
The cost to complete a Bitcoin transaction has skyrocketed in recent days. A week ago, it cost around $6 on average to get a transaction accepted by the Bitcoin network. The average fee soared to $26 on Friday and was still almost $20 on Sunday.
The reason is simple: until recently, the Bitcoin network had a hard-coded 1 megabyte limit on the size of blocks on the blockchain, Bitcoin's shared transaction ledger. With a typical transaction size of around 500 bytes, the average block had fewer than 2,000 transactions. And with a block being generated once every 10 minutes, that works out to around 3.3 transactions per second.
A September upgrade called segregated witness allowed the cryptographic signatures associated with each transaction to be stored separately from the rest of the transaction. Under this scheme, the signatures no longer counted against the 1 megabyte blocksize limit, which should have roughly doubled the network's capacity. But only a small minority of transactions have taken advantage of this option so far, so the network's average throughput has stayed below 2,500 transactions per block—around four transactions per second.
The biggest Google Home is finally on its way to stores. The $399 Google Home Max was announced at Google's October 4th hardware event alongside the Google Home Mini, Pixel 2, and tons of other hardware. The Max doubles down on the Home's music capabilities, offering a more powerful sound system in a form factor about the size of a bookshelf speaker.
With pretty much zero fanfare, the Google Home Max has started popping up at stores. Online listings are live at Best Buy and Verizon, with both showing a ship day of "today." The Google Store doesn't seem quite ready yet and still shows a "join waitlist" button instead of a an actual "buy" link. Don't bother checking Amazon, which refuses to sell Google products like the Google Home and Chromecast, in part because they don't support Amazon Prime Video.
SpaceX will attempt to launch its 17th mission of 2017 on Tuesday, a cargo supply flight to the International Space Station. Liftoff is scheduled for 11:46am ET, and weather conditions are expected to be near perfect, with a 90 percent chance of go conditions.
This flight is notable for several reasons. Already this year SpaceX has re-flown one of its Falcon 9 rockets and reused a Dragon spacecraft for a station supply mission. This mission will combine both, marking the first time SpaceX has used a "flight proven" booster for a NASA launch and combined it with a used Dragon spacecraft. This booster first flew in July (also on an ISS cargo mission), and the spacecraft first flew to the station in 2015.
The launch attempt also marks a return to an old launch pad for the California-based company. When a Falcon 9 and its satellite payload blew up in September, 2016, the explosion did significant damage to Space Launch Complex 40 in Cape Canaveral, Florida. The launch pad has been out of service since then.
It’s the holidays, which means it’s once again time to rack your brain in search of the right gifts for the right people. If someone on your list is into tech, though, we’ve got your back.
For this year’s edition of the Ars Technica holiday gift guide, we’re breaking down our recommendations into themes. The following crop of recommendations is centered on video games—from accessories to JRPGs, here are a few things we’d buy for the friend who can’t pull themselves away from their console or gaming rig.Table of Contents
During a major annual tournament for the fighting game Street Fighter V, the series' creators at Capcom announced the biggest anthology ever for the series—if not for Capcom as a game maker. On Sunday, the developers interrupted their Capcom Cup event to unveil the Street Fighter 30th Anniversary Collection, which will combine a giant set of games, a bunch of features, and an ambitious every-system-simultaneous launch in May 2018 for $39.99.
The primary selling point of this set is that it will finally combine every mainline, sprite-based Street Fighter game in one anthology. Capcom counts that as 12 games. The timeline starts with Street Fighter (no number—this is the 1987 original with only Ken and Ryu selectable), and it continues with every version of Street Fighter II, Street Fighter Alpha, and Street Fighter III. (Sorry, Pocket Fighter and Street Fighter: The Movie game fans.)
eBay seller vrus
If our 11-part series on the history of the Amiga and our (in-progress) seven-part series on the history of the Apollo program don't give it away, we happen to be unabashed fans of a certain computing platform and a certain space program around the Ars Orbital HQ. So this week, a small post at HotHardware inevitably caught our eye: an old NASA-used Amiga evidently ended up for sale on eBay.
Seller vrus currently lists an Amiga 2500 used by NASA's Telemetry Lab for sale. How can anyone be certain this 1980s workhorse came from the US government? Well, the device is emblazoned with NASA property seals that seem to match tags found on other decommissioned NASA hardware. vrus also includes screenshots of programs on the computer that appear to be registered to a Dave Brown (HotHardware notes Brown was a principal programmer at Cape Canaveral's telemetry lab in the 1990s as per a 1999 Q&A with NASA retiree Hal Greenlee and comments from Greenlee in the "Amigas at NASA" video below).
On Friday afternoon, Energy Secretary Rick Perry said the US energy regulator could take an extra 30 days to make a decision on a proposed rule that would boost struggling coal and nuclear power in the US.
Perry proposed a rule in late September that would require grid operators to change how they value “reliability and resilience attributes” in energy generation. Specifically, generation plants with such attributes were defined by the Energy Secretary as plants that could keep a 90-day supply of fuel onsite. Although the proposed rule was written to appear energy-agnostic, it clearly favors coal and nuclear plants. Natural gas tends to be delivered by pipeline and is rarely stored onsite in large quantities, and wind and solar energy have free but variable fuel sources, though pioneers in the field are trying to mitigate this with the help of stationary storage.
Without government intervention, coal has become more expensive to burn compared to natural gas in many areas. It's also a major contributor to climate change, something the president has falsely called a hoax.
According to Friday court filings, Uber has settled a lawsuit filed by an unnamed woman who said her medical records were improperly accessed by an Uber executive after she was raped by her driver in India in 2014.
That driver, Shiv Kumar Yadav, was sentenced to life in prison in 2015. That same year, the victim sued Uber in federal court in San Francisco and reached a confidential settlement with the company.
However, in June 2017, she sued Uber again, as Ars reported at the time. The woman alleged that Eric Alexander, Uber's then-vice president for business in Asia, went to Delhi and "managed to obtain Plaintiff's confidential, private medical records generated by physicians who examined her after the brutal rape."
The Q5 has long been one of Audi’s best-selling models in the US. And what’s not to like? It’s a respectable-looking and functional mid-size crossover, slotting in between the bite-size Q3 and the three-row Audi Q7. With a base MSRP of $42,475, the Q5 competes with stalwarts like the BMW X3, Lexus RX450, and Acura RDX, as well as upstarts like the Alfa Romeo Stelvio (look for our review soon). But the Q5 was getting a bit stale, as it hadn’t seen any substantive changes since its introduction in 2008. With the 2018 model, Audi has updated the Q5, making this a good time to check in with its workhorse.What’s new in 2018
Gone is the old 2.0-liter, turbocharged, four-cylinder engine, replaced by a... 2.0-liter, turbocharged, four-cylinder engine. This year’s model offers 252hp and 273lb-ft of torque, an improvement on 2017’s 220hp and 258lb-ft of torque. That should get you from zero to 60mph in a smooth 5.8 seconds, a touch faster than last year. The all-wheel drive Q5 comes with a seven-speed, dual-clutch transmission. If you want more in the way of raw performance, there’s an SQ5 version with a turbocharged, 354hp V-6 and an eight-speed transmission for about $12,000 more.
On the outside, the 2018 Q5 is an inch longer, two inches wider, and has a slightly longer wheelbase. The tweaks to the hood, grille, and sideview mirrors make for a more aerodynamic design. In terms of exterior design, the 2018 Q5 is evolutionary rather than revolutionary.
One of Amazon's top-selling electronic gun safes contains a critical vulnerability that allows it to be opened by virtually anyone, even when they don't know the password.
The Vaultek VT20i handgun safe, ranked fourth in Amazon's gun safes and cabinets category, allows owners to electronically open the door using a Bluetooth-enabled smartphone app. The remote unlock feature is supposed to work only when someone knows the four- to eight-digit personal identification number used to lock the device. But it turns out that this PIN safeguard can be bypassed using a standard computer and a small amount of programming know-how.
As the video demonstration below shows, researchers with security firm Two Six Labs were able to open a VT20i safe in a matter of seconds by using their MacBook Pro to send specially designed Bluetooth data while it was in range. The feat required no knowledge of the unlock PIN or any advanced scanning of the vulnerable safe. The hack works reliably even when the PIN is changed. All that's required to make it work is that the safe have Bluetooth connectivity turned on.
On Thursday night in Washington, DC, net neutrality advocates gathered outside the annual Federal Communications Commission Chairman's Dinner to protest Chairman Ajit Pai's impending rollback of net neutrality rules.
Inside the dinner (also known as the "telecom prom") at the Washington Hilton, Pai entertained the audience with jokes about him being a puppet installed by Verizon to lead the FCC.
Pai was a Verizon associate general counsel from 2001 to 2003, and next week he will lead an FCC vote to eliminate net neutrality rules—just as Verizon and other ISPs have asked him to.
The 2017-2018 flu season is off to an early start, potentially hitting highs during the end-of-year holidays. Data so far suggests it could be a doozy. The predominant virus currently circulating tends to cause more cases of severe disease and death than other seasonal varieties. And the batch of vaccines for this year have some notable weaknesses.
To help you prepare—or just help you brush up on your flu facts—here are answers to every critical flu question you might ever have (well, hopefully). We’ll start off with the basics...Table of Contents
The flu, or influenza, is a contagious respiratory infection caused by the influenza virus (not to be confused with Haemophilus influenzae, an opportunistic bacterium that can cause secondary infections following sicknesses, such as the flu). Symptoms of the flu include chills, fever, headache, malaise, running nose, sore throat, coughing, tiredness, and muscle aches.
Warning: this post contains some spoilers about the first episode of the new season of The Grand Tour.
Some say it's the greatest car show... in the world. Others say it started well but had a very patchy first season. All I know is that The Grand Tour came back to Amazon Prime on Friday for a second season.
If you loved the first season of The Grand Tour, you'll have a fine old time with season 2. The idea behind the show is to keep all the bits that you loved about Top Gear but without pissing off the BBC's lawyers. And based on the season preview clips we saw during the intro to the first episode of season 2, there should be plenty of that in store—particularly the episode that features a Bugatti EB110 and a Jaguar XJ220. But if you find Jeremy Clarkson's antics boorish, be warned; on that front, season 2 is very much more of the same.
It’s like your parents always told you: if something’s too good to be true, it probably is.
Or, translated into the online world: if a guy in Romania claiming to be an American service member overseas wants to sell you a Mercedes at a really good price and all you have to do is send some money to an escrow account, he’s probably scamming you.
On Friday, a Romanian man was sentenced by a federal judge in Tennessee to two years and five months in prison for participating in a scheme to defraud Americans out of over $870,000 in goods that never existed.
You might not see a more stunning film in 2017 than Director Joachim Trier’s Thelma, Norway’s submission for Best Foreign Language Film at the Oscars. It tonally combines the unbridled happiness of a coming-of-age/first love film with the creepy stillness and angularity of arthouse horror. And aesthetically it unleashes sequences that will inevitably play silently on repeat at the hippest bar you can think of once Thelma hits a streaming service.
With all that beauty, it’s a shame the film seems so reductive at first—forbidden love and a cursed child; a body horror like Carrie but set in Europe. Luckily, that impression proves to be as window dressing-y as the title character’s minimalist Nordic dorm room. With a dash of the supernatural and a mystery that ultimately reveals answers by excluding explanation, Thelma offers more depth (and fun) than the clichés of its film blurb would lead you to believe.Go to college, see the world
Shy Thelma leaves her religious, conservative family in small-town Norway to pursue university in vibrant Oslo. The lifestyle proves to be quite different. Kids drink and go out late, they try weed and stuff. Accordingly, Thelma doesn’t seem to be connecting much if at all at first (but you’re making new friends on Facebook, her dad encourages). Worse, one day early in the semester, she suffers a very public and sudden seizure in the library. Her parents already ask her daily for every little detail (Mom overlooks nothing: what’s for dinner? Isn’t your next class tomorrow, what are you doing tonight?). This isn’t a welcome development.
Some people who reject the conclusions of climate science claim that the existence of any remaining uncertainty means few or no actions need be taken to reduce our greenhouse gas emissions. In reality, though, uncertainty is ever-present in science, and it's not necessarily our friend. A new study from Patrick Brown and Ken Caldeira of the Carnegie Institution for Science highlights the fact that uncertainty means climate change could just as easily be worse than our best current estimates predict.
The study sought to narrow the range of projected global warming presented in places like the Intergovernmental Panel on Climate Change (IPCC) reports. For each of several scenarios of future greenhouse gas emissions, these reports have simply taken simulations from every climate model available and combined the results—showing the average temperature trajectory and the range they span. For the highest-emissions scenario, for example, the last IPCC report projected about 4.3 degrees Celsius (7.7 degrees Fahrenheit) warming by the late 21st century. But the range of model results stretched from about 3.2 degrees Celsius to 5.4 degrees Celsius.
One strategy for dealing with this variance has been to weight the results of the best-performing models more highly. The difficulty is in confidently assessing which models are the best-performing ones. A handful of studies have used some aspect of cloud behavior as the measuring stick. That work has found that the models best simulating current cloud behavior also happen to simulate more future warming.