Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 1 hour 6 min ago
One of the panelists who will appear at a National Space Council meeting next Tuesday said to expect "a few fireworks" during the discussion, which will focus on NASA's efforts to return humans to the Moon. The meeting of this council that oversees US spaceflight policy will be held in Hunstville, Ala., and led by Vice President Mike Pence.
University of Colorado Boulder astrophysicist Jack Burns, one of six speakers scheduled for the meeting, said the current timeline for NASA to send humans to the Moon lacks urgency. NASA has talked about landing its astronauts on the Moon before the end of the 2020s, and the president's budget proposal for the coming fiscal year allows for this to happen as early as 2028.
"The timeline is too slow, and that's one of the things that I'm going to be talking about next Tuesday," Burns said. If pushed, how soon could NASA put humans back on the Moon? The year 2025, Burns replied. "And I know some in the administration would like to do it even faster than that," he added. "We're going to see a few fireworks."
Facebook has mined a lot of data about its users over the years—relationships, political leanings, and even phone call logs. And now it appears Facebook may have inadvertently extracted another bit of critical information: users' login credentials, stored unencrypted on Facebook's servers and accessible to Facebook employees.
Brian Krebs reports that hundreds of millions of Facebook users had their credentials logged in plain text by various applications written by Facebook employees. Those credentials were searched by about 2,000 Facebook engineers and developers more than 9 million times, according to a senior Facebook employee who spoke to Krebs; the employee asked to remain anonymous because they did not have permission to speak to the press on the matter.
In a blog post today, Facebook Vice President of Engineering, Security, and Privacy Pedro Canahuati wrote that the unencrypted passwords were found during "a routine security review in January" on Facebook's internal network data storage. "This caught our attention because our login systems are designed to mask passwords using techniques that make them unreadable. We have fixed these issues and, as a precaution, we will be notifying everyone whose passwords we have found were stored in this way."
Kentucky Governor Matt Bevin made headlines Tuesday after revealing in a radio interview that he had purposefully exposed his nine unvaccinated children to chickenpox, drawing swift condemnation from health experts.
In case anyone needs a refresher on why you shouldn’t deprive children of safe, potentially lifesaving vaccines or purposefully expose them to serious, potentially life-threatening infections, here’s a quick rundown.Chickenpox is nothing to mess with
Though most children who get the itchy, highly contagious viral disease go on to recover after a week or so of misery, chickenpox can cause severe complications and even death in some. Complications include nasty skin infections, pneumonia, brain inflammation, hemorrhaging, blood stream infections, and dehydration.
The federal government on Thursday warned of a serious flaw in Medtronic cardio defibrillators that allows attackers to use radio communications to surreptitiously take full control of the lifesaving devices after they are implanted in a patient.
Defibrillators are small, surgically implanted devices that deliver electrical shocks to treat potentially fatal irregular heart rhythms. In recent decades, doctors have increasingly used radios to monitor and adjust the devices once they're implanted rather than using older, costlier, and more invasive means. An array of implanted cardio defibrillators made by Medtronic rely on two types of radio-based consoles for initial setup, periodic maintenance, and regular monitoring. Doctors use the company's CareLink Programmer in clinics, while patients use the MyCareLink Monitor in homes to regularly ensure the defibrillators are working properly.No encryption, no authentication, and a raft of other flaws
Researchers from security firm Clever Security discovered that the Conexus Radio Frequency Telemetry Protocol (Medtronic's proprietary means for the monitors to wirelessly connect to implanted devices) provides no encryption to secure communications. That makes it possible for attackers within radio range to eavesdrop on the communications. Even worse, the protocol has no means of authentication for legitimate devices to prove they are authorized to take control of the implanted devices. That lack of authentication, combined with a raft of other vulnerabilities, makes it possible for attackers within radio range to completely rewrite the defibrillator firmware, which is rarely seen in exploits that affect medical device vulnerabilities.
The crashed Lion Air 737 MAX and the Ethiopian Airlines 737 MAX aircraft had more in common than aircraft design and the apparently malfunctioning flight system that led to their demises. Both of the planes lacked optional safety features that would have alerted the pilots to problems with their angle of attack (AOA) sensors—the input suspected of causing the Maneuvering Characteristics Augmentation System (MCAS) software to put both aircraft into a fatal dive.
The New York Times reports that both vehicles lacked an "AOA disagree" light—a warning light that indicates when the aircraft's two AOA sensors provide different readings—and an angle of attack indicator. Since the MCAS system relied only on one of the aircraft's AOA sensors, the disagree light and AOA indicator would have given the flight crew visible evidence of a sensor failure and prompted them to disable the MCAS. But both of these features were sold by Boeing as expensive add-ons. And many discount and smaller airlines declined to purchase them, as they were not required by regulators.
Greetings, Arsians! Courtesy of our friends at TechBargains, we have another round of deals to share. Today's list is highlighted by a deal on the 256GB variant of Samsung's EVO Select microSD card. It's down to $40 on Amazon, which is a new low and about $10-15 off its usual price.
We've highlighted this card a few times in the past, so we won't dwell on the specifics here. In short, while it's not the absolute fastest of its kind and it's not as good for security cams as a dedicated high-endurance card, it should still be plenty powerful enough to boost the storage space of a Nintendo Switch, smartphone, or GoPro. It also comes with a 10-year warranty. More importantly, it's good value for a reliable card with this much storage at this price.
If you don't need more storage, though, we also have deals on HDMI cables, Kingdom Hearts III, PlayStation Plus subscriptions, and much more. Have a look for yourself below.
SAN FRANCISCO—This year's Game Developers Conference saw two game makers emerge with a possible chapter in a future dystopian sci-fi novel: the story of making money by letting robots do the work. In their case, that work was the procedural generation of smartphone games.
A single "game jam" event led to a data machine that ultimately pumped out a decent amount of cash: $50,000 over a couple of years. Years later, with that data (and money) in hand, the makers of this game-making machine, which focused entirely on "garbage" free-to-play slot machines, used GDC as a wake-up call to an industry where the "right" messages often revolve around listening to players, sidling up to publishers, and racking up critical acclaim. In their case, eschewing all of that worked a little too well for their comfort level.Winning the “race to the bottom”
In 2013, two video game makers had been trying for years to make it in the burgeoning mobile games space. One of them, Alex Schwartz, had helped get the solid mobile swiping-action game Jack Lumber off the ground. (In a past life, I gave that game a good review at the now defunct tablet-only magazine The Daily.) The other, Ziba Scott, had put together a fine mobile-friendly puzzle game, Girls Like Robots.
Fresh on the heels of the announcement that Bill and Ted 3: Face the Music will start shooting this summer, we get a new trailer for another Keanu Reeves-starring vehicle: John Wick: Chapter 3—Parabellum.
(Spoilers for first two films below.)
For those who missed the first two movies, John Wick (Reeves) is a legendary hitman (known as "Baba Yaga") who tried to retire when he fell in love and got married. Unfortunately, he's drawn back into the dark underground world by an act of senseless violence after his wife's death. Nothing will stop John Wick from seeking retribution. The first John Wick grossed more than $88 million worldwide for a film that cost around $30 million to make, and it was praised for its brisk pace, heart-stopping action sequences, and stylish noir feel.
The first signs of complex animal life begin in the Ediacaran Period, which started more than 600 million years ago. But it's difficult to understand how those organisms relate to the life we see around us today. Part of this issue is that those fossils are rare, as many rocks of that period appear to have been wiped off the Earth by a globe-spanning glaciation. But another problem is that the organisms we do see from this period aren't clearly related to anything that came after them.
With the arrival of the Cambrian Period about 550 million years ago, all of that changed. In fossil beds like the famed Burgess Shale, we can see organisms that clearly have features of the major groups of life that have persisted to this day. As more collections of fossils become available, we can even watch groups diversify as the Cambrian progressed. But there's still considerable debate over whether these changes represent a true, multi-million-year "explosion" and what environmental changes might have driven this diversification.
We may be on the verge of some big help in answering these questions, as scientists are announcing the discovery of a spectacular deposit of Cambrian fossils from South China. The fossils include dozens of species, half of which we've never seen before, and appear to represent a previously upsampled ecological zone. The preservation is such that soft-bodied creatures like jellyfish, and the softer body parts of creatures with shells, can easily be made out in the rocks. Best yet, the researchers who uncovered the samples suggest that rocks from the same formation are widespread in China.
According to the US Energy Information Administration (EIA), the US nuclear fleet produced more electrical energy than ever before in 2018. Last year, it produced 807.1 terawatt-hours (TWh) of electricity, barely beating its 2010 peak of 807TWh. But the US nuclear industry has been in a well-documented decline. So what gives?
The EIA says the explanation comes from a combination of scheduling serendipity and what's called "uprating," where older nuclear plants are permitted to output more power. In a post this morning, the administration wrote that we shouldn't expect this much nuclear power output from the industry again—at least not in the near future.
Since the last peak in 2010, more than 5 gigawatts (GW) of nuclear capacity has been retired. Some of that was offset by a new reactor addition: another 1.2GW of capacity came online in 2016 at TVA's Watts-Barr nuclear plant when reactor 2 was completed.
Initially announced last September, Microsoft's Windows Virtual Desktop (WVD) service has now entered public preview.
The service brings together single-user Windows 7 virtual desktop infrastructure (VDI) and multi-user Windows 10 and Windows Server remote desktop services (RDS) and is hosted on any of Azure's virtual machine tiers. Microsoft is pricing WVD aggressively by charging only for the virtual machine costs; the license requirements for the Windows 7- and Windows 10-based services will be fulfilled by Microsoft 365 F1/E3/E, Windows 10 Enterprise E3/E5, and Windows VDA subscriptions. The Windows Server-based services are similarly fulfilled by existing RDS client access licenses. This means that for many Microsoft customers, there will be no additional licensing cost for provisioning desktop computing in the cloud. The virtual machine costs can be further reduced by using Reserved Instances that commit to purchasing certain amounts of VM time in return for lower pricing.
As another big sweetener, Windows 7 users will receive all three years of Extended Security Updates (ESU) at no extra cost; this is in contrast to on-premises deployments that will cost either $25/$50/$100 for the three years of ESU availability or $50/$100/$200, depending on the precise Windows license being used.
In a parking lot at an industrial and office park just outside Baltimore, I took a mid-sized excavator for a spin. I pushed around some cinder blocks with a leveling blade, nosed them around with the excavator's shovel, and maneuvered the heavy metal beast around to make room for an incoming tractor-trailer. And I did all of this with a wireless controller that was almost identical to the one I used to play Forza the night before.
The excavator was configured with a prototype of the Remote Operated Control (ROC) System from Stanley Black & Decker's Infrastructure Innovation unit—a bolt-on remote control system that allows heavy machinery from major manufacturers to be operated either from in the cab as usual or with a wireless game-style controller.
Stanley is currently recruiting contracting companies to act as beta testers for the technology, which is currently being targeted at Bobcat, CAT, Kubota, and John Deere excavators under 10 tons. The remote control kit can be installed in existing excavators in about 5 hours by someone with little to no mechanical experience. And the control system has a physical switch that allows an operator to quickly switch back and forth between local and remote control.
Chile's Easter Island (Rapa Nui) is famous for its giant monumental statues, called moai, built by early inhabitants some 800 years ago. The islanders likely chose the statues' locations based on the availability of fresh water sources, according to a recent paper in PLOS One.
Scholars have puzzled over the moai on Easter Island for decades, pondering their cultural significance, as well as how a Stone Age culture managed to carve and transport statues weighing as much as 92 tons. They were typically mounted on platforms called ahu. According to co-author Carl Lipo, an anthropologist at Binghamton University, you can have ahu (platforms) without moai (statues) and moai without ahu, usually along the roads leading to ahu; they were likely being transported and never got to their destination.
Back in 2012, Lipo and his colleague, Terry Hunt of the University of Arizona, showed that you could transport a ten-foot, five-ton moai a few hundred yards with just 18 people and three strong ropes by employing a rocking motion. Last year Lipo proposed an intriguing hypothesis for how the islanders placed red hats on top of some moai; those can weigh up to 13 tons. He suggested the inhabitants used ropes to roll the hats up a ramp.
SAN FRANCISCO—Google's Phil Harrison tells Ars that Stadia game streaming should provide a smooth, full-resolution experience on Internet connections above a threshold of 20 to 30mbps, a level that should allow for "hundreds of millions of potential players in the markets that we're talking about."
While the company set a threshold of 25mbps for its beta testing late last year, Harrison told Ars that "in actual fact, we only use an average of 20mbps; it obviously bounces up and down depending on the scene." Since that beta, Harrison said infrastructure and codec improvements "now allow us to get up to 4K resolution [at 60 frames per second] within about 30mbps. So we saw a dramatic increase in quality between then and now without a significant increase in bandwidth."
Even at that threshold, Harrison acknowledges that "I know [Stadia] won't reach everybody [and] I respect that some people will be frustrated by that. But I suspect that some of those people don't get a great YouTube experience, they might get a good Netflix experience today. The good news is the Internet continues to grow in quality and reach. So there is a bit of a rising tide that lifts all boats, with 5G potentially helping that equation in the future. That's a little bit over the horizon today, but it's I think going to come into view pretty quickly."
T-Mobile today said it is starting "an invitation-only pilot for in-home Internet service on LTE" and will connect up to 50,000 homes this year in rural and underserved parts of the country. It will cost $50 a month.
T-Mobile CEO John Legere said his company plans to "take the fight to Big Cable on behalf of consumers and offer real choice, competition and savings to Americans nationwide.”
Invitations for the home service will go out this week by email and US mail to current T-Mobile wireless customers in "select areas," which T-Mobile did not identify in its announcement.
What a world we live in. As SpaceX gears up to begin preliminary testing of its Starship vehicle along the South Texas coast, nearby South Padre Island has set up a camera to broadcast the proceedings. More than 2,700 people were watching as of 11:30am ET Thursday.
It's a clever tourism marketing ploy for the island but also great for spaceflight fans to get unprecedented views of real-time testing.
With that said, it's worth tempering expectations at least for the next few weeks. For now, SpaceX has attached a single Raptor engine to the test vehicle—which is nicknamed Starhopper because it was designed to make "hop" tests to varying altitudes to test Starship's landing capabilities. Eventually Starhopper will have three engines on the vehicle.
Microsoft is bringing its Windows Defender anti-malware application to macOS—and more platforms in the future—as it expands the reach of its Defender Advanced Threat Protection (ATP) platform. To reflect the new cross-platform nature, the suite is also being renamed to Microsoft Defender ATP, with the individual clients being labelled "for Mac" or "for Windows."
macOS malware is still something of a rarity, but it's not completely unheard of. Ransomware for the platform was found in 2016, and in-the-wild outbreaks of other malicious software continue to be found. Apple has integrated some malware protection into macOS, but we've heard from developers on the platform that Mac users aren't always very good at keeping their systems on the latest point release. This situation is particularly acute in corporate environments; while Windows has a range of tools to ensure that systems are kept up-to-date and alert administrators if they fall behind, a similar ecosystem hasn't been developed for macOS.
One would hope that Defender for Mac will also trap Windows malware to prevent Mac users from spreading malware to their Windows colleagues.
When Erika Peterman saw photographs she had taken in a flyer put out by the Republican National Committee, she wasn't happy about it. Peterman was a supporter of Rob Quist, the Democratic candidate for Montana's at-large seat in Congress in the 2017 special election. The Montana Democratic Party had hired Peterman to take photographs of Quist at a Democratic Party event. The photographs showed Quist wearing a cowboy hat and holding a guitar.
The RNC had downloaded three of the photos from Quist's campaign Facebook page and used them in a campaign mailer attacking Quist. Peterman sued the Republican Party, arguing that the mailer infringed her copyright. But in a February ruling, a federal judge rejected Peterman's arguments, ruling that the Republicans' use of her image was fair use.
"The mailer uses Quist's musicianship to criticize his candidacy, subverting the purpose and function" of Peterman's original photographs, Judge Dana Christensen wrote. Her ruling noted that Peterman had charged the Montana Democrats a flat $500 to cover the event and had published the photographs on social media, suggesting that she had no expectation of making further money from them.
John Wick 3 isn't even out yet, but Keanu Reeves is already onto his next project, reprising another of his iconic roles: a third film in the Bill and Ted franchise that has long been desired by fans. And it has been announced via Twitter in a quintessentially Bill and Ted way: with stars Alex Winter and Reeves—collectively Wyld Stallyns (the name of their band)—standing in front of the bandshell at the Hollywood Bowl ("where we will never play") and thanking fans for their support.
The third film will be called Bill and Ted 3: Face the Music, and it will hit theaters August 21, 2020, if the Bill and Ted 3 Twitter account is accurate. Naturally, time travel will be involved. Per an accompanying press release:
Following 1989's Bill & Ted’s Excellent Adventure and 1991's Bill & Ted’s Bogus Journey, the stakes are higher than ever for William "Bill" S. Preston Esq. (Winter) and Theodore "Ted" Logan (Reeves). Yet to fulfill their rock-and-roll destiny, the now middle-aged best friends set out on a new adventure, when a visitor from the future warns them that only their song can save life as we know it and bring harmony to the universe. Along the way, they will be helped by their families, old friends, and a few music legends.
The film will be directed by Dean Parisot of Galaxy Quest and will reunite the screenwriters of the two previous films, Ed Solomon and Chris Matheson (who is incidentally the son of I Am Legend scribe Richard Matheson).
AT&T and Comcast today said they have completed a successful cross-network test of a new Caller ID authentication system, and they plan to roll out the technology to consumers later this year.
AT&T and Comcast are among the phone providers implementing the new "SHAKEN" and "STIR" protocols, which use digital certificates to verify that Caller ID numbers aren't being spoofed.
Today's AT&T/Comcast announcement said the carriers completed "an exchange of authenticated calls between two separate providers' voice networks that is believed to be the nation's first." They called the test an "anti-robocalling fraud milestone."