posted about 2 hours ago on ars technica
(credit: Cyrus Farivar) Attorneys representing Matthew Keys have filed their formal appeal to the 9th Circuit. Keys is the California journalist who was convicted of hacking-related crimes in 2015. As Keys told Ars before he was sentenced, the appeal largely focuses on the argument that the government “constructively amended” the second count that he was charged with: 18 U.S. Code § 1030 (a) (5) (A). That law declares a crime has been committed if someone “knowingly causes the transmission of a program, information, code, or command, and, as a result of such conduct, intentionally causes damage without authorization, to a protected computer.” During closing arguments at trial, one of Keys’ lawyers, Jay Leiderman, said that Keys’ December 2010 defacement of one Los Angeles Times article lasted only 40 minutes and therefore caused no damage. Read 7 remaining paragraphs | Comments

Read More...
posted about 18 hours ago on ars technica
Enlarge / A St. Jude Medical cardiac defibrillator implant like the ones MedSec claimed to have found vulnerabilities in. (credit: St. Jude Medical) Trading in the stock of medical device manufacturer St. Jude Medical was halted Friday afternoon after a dramatic drop in its value. That drop was triggered by news of alleged vulnerabilities in the company's cardiac care devices. The vulnerability was disclosed not in a report by the company but by security researchers partnered with Muddy Waters Capital, an investment firm that had "shorted" St. Jude's stock on the information in order to profit from a drop in the stock's value. The researchers at the security firm MedSec chose to take this route to disclosure, MedSec CEO Justine Bone said, to "ensure that St. Jude Medical responds appropriately and with urgency." The partnership with a short seller is a fundamental departure from the established approach of responsible disclosure normally taken by researchers. But it also represents an approach that bypasses the sort of legal maneuverings and threats, suppression of information, and inaction that have been experienced by researchers who have discovered vulnerabilities in other products. Researchers who discovered a vulnerability in Volkswagen electronic engine locks, for example, were forced to withhold a paper for two years through a court injunction filed by the automaker in 2012. Muddy Waters issued a report on Thursday claiming that it had demonstrated "two types of cyber attacks against STJ implantable cardiac devices: a 'crash' that causes cardiac devices to malfunction... and a battery drain attack that could be particularly harmful to device dependent users." The report claimed that the vulnerabilities had been proven in "multiple demonstrations evidencing how hollow STJ's device security is." Read 7 remaining paragraphs | Comments

Read More...
posted about 18 hours ago on ars technica
(credit: megaupload.org) Megaupload.org used to be where you'd go to access the vast amount of films hosted by Kim Dotcom's Megaupload service. But once Dotcom was hit with US criminal charges, that site and many others were grabbed by the FBI, and visiting them produced nothing but a government seizure banner. No longer. Today, a visit to Megaupload.org (NSFW) brings up what can only be described as softcore porn. Text ads for "casual sex," "adult affair dating," "adult cam chat," and "live sex cams" are surrounded by pictures of women in their underwear. So how did this happen? In all likelihood, this is the same thing that happened last year, when similarly scammy-looking ads took over the main Megaupload.com page. The FBI used a domain called cirfu.net as a "name server" to re-direct traffic from sites it had seized. Then the Bureau apparently forgot to renew that domain, allowing someone else to purchase it. Read 5 remaining paragraphs | Comments

Read More...
posted about 18 hours ago on ars technica
Enlarge / A forest of false-colored silicon nanowires. Flexible electronics, which could be used to control flexible robots, depend on the ability to produce electrical circuits that can be repeatedly stretched and bent while remaining operational. Silicon is obviously one of the most important building blocks of modern electronics, but even when it's shaped into wires, it isn't very stretchy. Recently, theoretical calculations have indicated that it may be possible to stretch silicon nanowire by as much as 23 percent, depending on its structure and the stretch direction. This raises an obvious question: why haven't we been able to do so? Recently, an international team of scientists and engineers has directly probed the elastic strain limit of single-crystalline Si nanowires. The team found that stretching the Si nanowires almost to their theoretical limit is possible. Read 8 remaining paragraphs | Comments

Read More...
posted about 19 hours ago on ars technica
(credit: Mike Mozart) AT&T is fighting a recent punishment handed down by the Federal Communications Commission. Last month, the FCC issued a Notice of Apparent Liability (NAL) that says AT&T overcharged the Florida school districts of Orange and Dixie by nearly 400 percent. AT&T filed its response today, saying that there is "no legal or factual basis for liability against AT&T." The phone service in question is paid for by US citizens through surcharges on phone bills. Those surcharges fund the E-rate program that subsidizes telecommunications for schools and libraries. Under this program, the FCC says AT&T is required to charge schools and libraries the lowest available rates. The commission says AT&T should repay $63,760 it improperly received from the FCC in subsidies and pay an additional fine of $106,425. Read 7 remaining paragraphs | Comments

Read More...
posted about 20 hours ago on ars technica
SS7 allows an attacker to use just a phone number to gain access to calls and texts to and from that phone—and can be used to undermine the security of WhatsApp and Telegram. (credit: Petr Kolář (modified by Ars)) A documented weakness in Signaling System 7 has been shown to allow widespread interception of phone calls and text messages (SS7 is the public switched telephone network signaling protocol used to set up and route phone calls; it also allows for things like phone number portability). This weakness in SS7 can even undermine the security of encrypted messaging systems such as WhatsApp and Telegram. In an April segment of 60 Minutes, Democratic Congressman Ted Lieu of California allowed hackers to demonstrate how they could listen in on his calls. In light of the mass leak of congressional staffers' contact information by hackers, Congressman Lieu is now urging the Federal Communications Commission to take action quickly to fix the problem with SS7. The hackers are purportedly tied to Russian intelligence. The vulnerability in SS7 was revealed in a presentation at the RSA security conference in March. It exploits the use of SS7 by cellular networks to handle billing and phone location data for call routing. The vulnerability is open to anyone with access to SS7 signaling. This includes not just telecommunications companies that have "roaming" relationships with a phone's primary carrier, but any state actor or hacker who has access to those companies' networks. Using SS7, an attacker could create a proxy to route calls and text messages. He could intercept them and record them without the knowledge of the people on either end of the communications. An attacker could also spoof texts and calls from a number. Read 3 remaining paragraphs | Comments

Read More...
posted about 20 hours ago on ars technica
Enlarge / Bubble wrap isn't just for stress relief. (credit: George Ni) To boil water using the Sun, we typically burn fossil fuels carrying several-hundred-million-year-old solar energy that was extracted from underground at great expense. It’s kind of Rube-Goldbergian. We’re fortunate that the Sun’s heat isn’t strong enough to boil the oceans (or us), but extracting the Sun’s energy at a significant scale is tricky. The usual solution, as many magnifying-glass-toting children already know, is to concentrate sunlight and increase its intensity. Solar thermal plants, for example, use massive arrays of mirrors to focus sunlight and generate electricity. All that extra equipment gets pretty expensive—especially if you need the mirrors to track the Sun’s position across the sky. So how do we engineer another way? In the past, researchers made clever designs to concentrate the heat generated by lower-intensity sunlight into small volumes of water. This heat consequently created higher localized temperatures. While they managed to boil water with this method, they weren’t able to ditch optical concentration completely. Read 9 remaining paragraphs | Comments

Read More...
posted about 22 hours ago on ars technica
Enlarge / Disclosing the warrantless surveillance program won Thomas Tamm the "Ridenhour Prize for Truth-Telling." (credit: War on Whistleblowers/YouTube) The Justice Department lawyer who disclosed the secret and warrantless surveillance program then-President George W. Bush adopted in the immediate aftermath of the Sept. 11 terror attacks was publicly censured Thursday by a federal appeals court for breaching legal ethics. As a Lawyer for the Justice Department's Intelligence Policy and Review unit, Thomas Tamm violated professional conduct rules for disclosing to The New York Times "confidences" and "secrets," the US Court of Appeals for the District of Columbia Circuit concluded. (PDF) As part of his Justice Department duties, Tamm was tasked with requesting electronic surveillance warrants from the secret Foreign Intelligence Surveillance Court. The District of Columbia Court of Appeals Board of Professional Responsibility said Tamm became aware in 2004 that certain applications to that FISA Court for national security surveillance authority "were given special treatment" and he leaked details of the program to the newspaper. Tamm, who could have been disbarred, but now can continue practicing law as a Maryland state public defender (he resigned from the Justice Department in 2006), said he learned that "these applications derived from special intelligence obtained not pursuant to prior applications to the Court, but from an extra-judicial source referred to as 'the program.'" After digging into it, he "concluded that it was probably illegal as it was not court-supervised." Read 7 remaining paragraphs | Comments

Read More...
posted about 23 hours ago on ars technica
Enlarge (credit: Google Fiber) Google Fiber has been battling AT&T over access to utility poles for a few years now. During a dispute in Austin, Texas late in 2013, AT&T said it could deny access to its poles because Google wasn't a "qualified" telecom or cable provider. Things have gone a bit smoother since then because the companies signed a nationwide agreement granting Google Fiber access to AT&T poles on a city-by-city basis. But in Nashville, Tennessee, Google Fiber construction has stalled partly because the new ISP still has problems getting access to AT&T poles. AT&T confirmed to Ars earlier this month that the terms of the previous nationwide agreement cover Nashville, but it declined to explain why there are still holdups. An AT&T executive has now detailed the telco's objections in an interview with FierceTelecom. Google Fiber has been making mistakes in engineering drawings that it needs to submit before attaching fiber to AT&T poles, according to Joelle Phillips, president of AT&T Tennessee. Read 10 remaining paragraphs | Comments

Read More...
posted about 23 hours ago on ars technica
Greetings, Arsians! Courtesy of our partners at TechBargains, we have many great deals to share that are part of Dell's Early Labor Day sale. Now you can get an XPS Core i7 desktop for $685, a $100 gift card on a PlayStation 4 Call of Duty bundle, and nearly $100 off a Dell UltraSharp monitor plus a $75 gift card. Those are just some of the steals going on during the sale, so be sure to check them all out. Take a look at the full list of deals below. Dell Early Labor Day Sale Read 7 remaining paragraphs | Comments

Read More...
posted about 23 hours ago on ars technica
One of a set of three new mouse lemur species described this year. Microbus ganzhorni hails from Madagascar—as do all lemurs. (credit: Giuseppe Donati.) Read any estimate of the number of species present on Earth, and you'll notice two things: the numbers vary wildly, and they're always well above the number of species we actually know about. It's tempting to think we've exhausted the exploration of the Earth, that there's nothing new to see. But one area that we've barely scratched the surface of is the biological diversity that we're a part of. There are several reasons for this. One is that some habitats, like the deep ocean, are both vast and hard to get to. Others, like caves and islands, isolate populations and generate species at a phenomenal rate. Finally, there's just a tendency to view, say, all ants as being roughly the same. That can allow species to hide in plain sight, with nobody taking the time to look for the details that distinguish them from their close relatives. DNA sequencing is also telling us that some populations that we see as identical haven't actually interbred in a very long time and may be separate species. As researchers gradually look more closely, the result is a steady stream of new discoveries. We thought we'd share some with you. We set a few simple guidelines for inclusion. The first is that the species had to be discovered this year. The second is that it has to be still living—paleontologists find new species almost as often as biologists do. The final thing is that we had to be able to come up with a decent photo of it. Read 1 remaining paragraphs | Comments

Read More...
posted about 23 hours ago on ars technica
(credit: Amazon) Last week, we learned that the Windows 10 Anniversary Update caused trouble for many webcam users. Today, it's the turn of Kindle owners to cry foul, with numerous reports that plugging a Kindle into a Windows 10 machine with the update will make the PC crash with a Blue Screen of Death. This problem has more than a hint of the same feeling as the webcam issue: it's the kind of thing that shows up quickly when using Windows 10 on a primary system but is going to be much more obscure if you only tested the Windows Insider previews in a virtual machine or secondary system—such systems are much less likely to be plugged in to all the many peripherals and gadgets that primary machines are. Microsoft's own advice is that the Insider previews should not be installed on your "everyday computer." That's good advice; the quality of the builds released to the Insider program is far too inconsistent to make it a good option for a machine that you depend on. But that has consequences: the Insider program is going to consistently miss this kind of hardware interaction. Investigation of the issue and development of a fix is apparently underway. Read 22 remaining paragraphs | Comments

Read More...
posted about 24 hours ago on ars technica
It took roughly two years for crackers to put the first dents in Denuvo's surprisingly robust anti-piracy protection for PC games. Now, a Denuvo-protected game has been cracked just six weeks after its release, seemingly presaging an increased pace of efforts against the DRM scheme. TorrentFreak reports on the new crack for indie critical darling Inside, which hit the scene earlier this week. The crack comes courtesy of CONSPIR4CY (aka CPY), the same group responsible for a crack of Denuvo-protected Rise of the Tomb Raider earlier this month. While CPY's ROTTR crack came nearly seven months after the game was released, Inside's protection was broken about six weeks after it launched on the PC. This is an important distinction, since the bulk of a game's legitimate sales tend to come in the first few months after release (or during sales much later in their lifecycle). If crackers can manage to get the wait time for a Denuvo crack down to a matter of days, the protection's value to developers and publishers could wither. Read 4 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
(credit: Andrew Cunningham) WhatsApp will do what it once said would never happen: let businesses use the messaging app to serve ads to users. In a move that was inevitable once it was acquired by Facebook for $22 billion in 2014, WhatsApp has put its users on notice that it will soon begin sharing their phone numbers, and selected other data, with its parent company. This information will then be used to offer customers "more relevant" Facebook ads, new "ways for people to communicate with businesses" via the app, and new friend suggestions, the blurb reads. Read 12 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
The Galaxy Note 7. It still has an S Pen. Samsung is back with the Galaxy Note 7, the sixth version of its flagship Galaxy Note handset. Wait—did Samsung forget how to count? The Note series skipped a number this year, apparently so that the Note 7 would look more like a sibling to the already-released Galaxy S7. The unified branding feels appropriate since—despite five months of development time between them—the Note 7 is more like the Galaxy S line than ever. You're getting the same Snapdragon 820 SoC, the same 4GB of RAM, and the same camera. So what do you get in the Note 7 after five additional months of waiting? Beyond the usual 5.7-inch, 1440p display and the S-Pen, the Note 7 series brings an upgrade to USB Type-C, adds another biometric ID system in the form of an iris scanner, and comes with a really, really fat price tag. You're going to pay at least $850 for the 64GB version, the only version for sale in the US. SPECS AT A GLANCE: Galaxy Note 7 SCREEN 5.7" 2560×1440 (515 ppi) AMOLED OS Android 6.0.1 Marshmallow with TouchWiz CPU US: Quad-core Qualcomm Snapdragon 820 (two 2.15 GHz Kryo cores and two 1.6 GHz Kyro cores) Int'l: Eight-core Exynos 8890 (four 2.3 GHz Mongoose cores and four 1.6 GHz Cortex-A53 cores) RAM 4GB GPU US: Adreno 530 Int'l: Mali-T880 MP12 STORAGE 64GB with MicroSD slot NETWORKING Dual band 802.11 a/b/g/n/ac, Bluetooth 4.2 GPS, NFC Cellular Bands GSM: 800, 1900 CDMA: 800, 1900 UMTS: 850, 900, 1700, 1900, 2100 TD-SCDMA: 1880, 2010 LTE Bands: 1, 2, 3, 4, 5, 7, 8, 12, 13, 17, 18, 19, 20, 25, 26, 29, 30, 38, 39, 40, 41 PORTS USB Type C, 3.5mm headphone jack CAMERA 12MP rear camera with phase detection autofocus and OIS, 5MP front camera SIZE 153.5 x 73.9 x 7.9 mm (6.04 x 2.91 x 0.31 in) WEIGHT 169 g (5.96 oz) BATTERY 3500mAh STARTING PRICE $860 OTHER PERKS quick charging, wireless charging, heart rate sensor, notification LED, IP68 water resistance, Iris scanner, Samsung Pay Design and build quality Seen a Samsung phone in the last few years? If so, you know what to expect here. The Note 7 has a metal frame with a glass back and highly reflective metallic coloring underneath. Read 37 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge (credit: nereocystis) OAKLAND, Calif.—According to new government affidavits filed earlier this week, the Oakland Police Department (OPD) used its stingray without a warrant in 2013 for several hours overnight as a way to locate a man accused of being involved in shooting a local police officer. When that effort was unsuccessful, the OPD called in the FBI, which was somehow able to locate the suspect in under an hour, and he surrendered to OPD officers. That suspect, Purvis Ellis, is the lead defendant in the case of United States v. Ellis et al. The case involves four men who are charged with the January 21, 2013 attempted murder of local police officer Eric Karsseboom in the parking area in front of a Seminary Avenue apartment complex in East Oakland. The men are also charged with running an alleged local gang, centered around Seminary Avenue (known as "SemCity"). While these new filings fill out the timeline a bit more, they also raise new questions in Ellis, which has provided a rare insight into how this surveillance device, also known as a cell-site simulator, is used in practice to find suspects, and the seeming lengths the government is willing to go to keep it quiet. The tool has come under increasing scrutiny by lawmakers and activists in recent years. Since this case began, the Department of Justice, which oversees the FBI, and the State of California now require a warrant when a stingray is used in most circumstances. Read 30 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / Google Fiber's tentative expansion plans. (credit: Google Fiber) Google Fiber has reportedly fallen "well short" of its goal of signing up 5 million subscribers and may be on the verge of making significant staff cuts. "Last month, Alphabet CEO Larry Page ordered Google Fiber’s chief, Craig Barratt, to halve the size of the Google Fiber team to 500 people," according to a paywalled report from The Information that quotes people "close to Alphabet." The report does not say whether any staff cuts have already occurred. Read 5 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
(credit: Kevin Krejci) On Thursday, federal antitrust regulators from the Federal Trade Commission (FTC) approved electric vehicle maker Tesla’s bid to buy solar panel company SolarCity for $2.6 billion in an all-stock deal. The deal was expected to be approved, and Reuters reported that regulators fast-tracked the merger, along with a number of other, lower-profile mergers in which the two companies seeking to merge did little overlapping business. Tesla announced the merger in June, and on August 1 it proposed terms for the takeover of the solar panel company—owners of SolarCity shares will get 0.11 shares of Tesla stock for every share of SolarCity stock they own. Tesla CEO Elon Musk, who also serves on the SolarCity board, said he wanted to purchase the solar panel company to create an integrated solar platform in which houses could generate their own electricity (perhaps even with an entire Tesla-branded solar roof), store that energy in a Tesla Powerwall, and charge their electric vehicle. Servicing and installation would ideally become more consumer-friendly as well, as it would all come from the same company. Tesla has also said that its growing experience in manufacturing at its Fremont, California, and Sparks, Nevada, locations could help SolarCity more effectively realize its own massive solar panel manufacturing project in Buffalo, New York. Read 3 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / iPhone Spyware known as Pegasus intercepts confidential data. (credit: Lookout) Apple has patched three high-severity iOS vulnerabilities that are being actively exploited to infect iPhones so attackers can steal confidential messages from a large number of apps, including Gmail, Facebook, and WhatsApp, security researchers said Thursday. The spyware has been dubbed Pegasus by researchers from mobile security provider Lookout; they believe it has been circulating in the wild for a significant amount of time. Working with researchers from University of Toronto-based Citizen Lab, they have determined that the spyware targeted a political dissident located in the United Arab Emirates and was launched by an US-owned company specializing in computer-based exploits. Based on the price of the attack kit—about $8 million for 300 licenses—the researchers believe it's being actively used against other iPhone users throughout the world. "Pegasus is the most sophisticated attack we’ve seen on any endpoint because it takes advantage of how integrated mobile devices are in our lives and the combination of features only available on mobile—always connected (WiFi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists," Lookout and Citizen Lab researchers wrote in a blog post. "It is modular to allow for customization and uses strong encryption to evade detection." Read 8 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
(credit: Gilbert Mercier) The battle between the US Senate and Backpage.com heated up again this week. Backpage demanded Wednesday that a federal appeals court continue blocking the online classified ad portal from having to comply with a Senate investigation and subpoena into how Backpage conducts its business, including providing the government with documents about the ins and outs of its editorial business model. The Permanent Subcommittee on Investigations contends that the site is littered with ads that amount to offering sex services by women and children forced into prostitution, and it wants to know what steps the website is taking, if any, to screen ads posted to its site by third parties. "...this case is about nothing but editorial judgement," attorneys for the site's chief executive officer, Carl Ferrer, told (PDF) the US Court of Appeals for the District of Columbia Circuit on Wednesday. The tug of war clearly implicates the site's First Amendment rights, Backpage said. Backpage said the committee's subpoena intrudes on its editorial judgement and that the government's probe is "a limitless fishing expedition." The government said it has a legitimate interest in cracking down on human exploitation, and it argued that the law provides the committee with subpoena power to investigate matters of public concern. Read 7 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / Donna (Kerry Bishé) and Cameron (Mackenzie Davis) are the founders of Mutiny, an online community startup that is about to morph into a 1980s version of eBay. (credit: AMC) Halt and Catch Fire is a fascinating AMC series about the 1980s computer industry, and its intense characters and nostalgic evocations of classic startups have made it a cult favorite over the past two years. Each season explores one aspect of the nascent tech scene—first in Austin, then San Francisco—by re-imagining key moments in the early days of personal computing. Season 1 brought us the drama of creating the first PC clones, season 2 was a tale of early online gaming and chatroom community at startup Mutiny, and season 3 started this week with a look at online services like eBay as well as antivirus software (evil marketing genius Joe has morphed into John McAfee). It's off to a great start, providing a nuanced look at online privacy and startup culture. You might say that Halt and Catch Fire is an alternate history of the techie 1980s, re-imagining the origins of today's online world through the lives of our struggling, flawed geek heroes. Maybe "alternate history" sounds like a strong term for a show that offers a fairly realistic snapshot of the '80s tech world, right down to the bleepy music and New Wave design of the credits. Many details, like the marketing of PC clones and online communities like CompuServe, are fairly accurate. But often, events that happened in the 1990s and 2000s are injected into the story. This season, for example, Mutiny founders Cameron (Mackenzie Davis) and Donna (Kerry Bishé) are basically inventing eBay. But they do it by navigating a very 2000s-era tech issue: digital privacy. Cameron and Donna come up with their eBay idea by spying on their users' private chats to figure out what people do when they chat one on one. The two gradually realize that people are either hooking up (aka meeting offline), or trading old game controllers and comics. This leads Donna and Cameron to their eureka moment: why not create a "swap" functionality for users on Mutiny's forums? It's basically the birth of eBay, roughly ten years early. The writing here is particularly savvy, as we are never allowed to forget that this discovery is only possible because Mutiny has no respect for its users' privacy. Even though one of their engineers is pushing Cameron and Donna to create private, encrypted chat, the two are not concerned. Read 5 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge (credit: portal_gda) US prosecutors have now named a total of three men said to be operators of the defunct file-sharing site KickassTorrents (KAT). The new allegations are in a formal indictment filed Tuesday, which contains the most detailed charges against the site yet. Last month, alleged site operator 30-year-old Artem Vaulin of Ukraine was arrested in Poland. The new indictment (PDF) also names Ievgen (Eugene) Kutsenko aka "chill" and Oleksander (Alex) Radostin aka "pioneer," also of Ukraine. Bench warrants have been issued for the arrest of all three men, although authorities have confirmed the arrest of only Vaulin. The indictment was reported earlier today by TorrentFreak. Prosecutors say the three men developed and maintained the site together and used it to "generate millions of dollars from the unlawful distribution of copyright-protected media, including movies... television shows, music, video games, computer software, and electronic books." They gave out "Reputation" and "User Achievement" awards to users who uploaded the most popular files, including a special award for users who had uploaded more than 1,000 torrents. Read 10 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge (credit: CNBC) With rage surging over claims of price gouging, EpiPen manufacturer Mylan took a page from Turing’s playbook today. CEO Heather Bresch told CNBC that the company is taking “immediate action” to make the life-saving auto-injectors available to any patients that need one. The company will expand discounts and eligibility of its customer assistance program. However, Mylan gave no sign that it will lower the EpiPen’s list price, which the company has hiked up more than 400 percent in recent years. Though an EpiPen only costs a few dollars to make and can reverse deadly allergic reactions, they now can cost more than $600. Bresch, seen as the mastermind of the price hike and currently one of the highest paid executives in the industry, tried instead to shift the conversation to problems in the American healthcare system. Read 5 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge (credit: Andrew Cunningham) Just a few weeks after posting iOS 9.3.4 to fix a jailbreaking-related bug, Apple has released iOS 9.3.5 to all supported iPhones and iPads. The update provides an "important security update" and comes just a few weeks before the expected release of iOS 10, which is currently pretty far along in the developer/public beta process. Apple's security release notes say that three bugs have been fixed, two in the iOS kernel and one in WebKit. The bugs were discovered by Citizen Lab and Lookout, the latter of which posted more information in a blog post. Lookout collectively calls the three zero-day vulnerabilities "Trident," and says that they could allow an victim's personal data to be accessed after opening a link sent in a text message. Trident infects a user's phone "invisibly and silently, such that victims do not know they’ve been compromised." We'll have more information about the vulnerability in a forthcoming article. The update is available now for everything that runs iOS 9: the iPhone 4S and newer; iPad 2 and newer; all iPad Minis and iPad Pros; and the fifth- and sixth-generation iPod Touches. Read 1 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge (credit: Getty Images/Gregg DeGuire/WireImage) Leslie Jones, the black comedian who starred in the recent all-female remake of Ghostbusters, has been forced to take her website down after hackers seemingly took control, posted racist abuse, personal information, and what were apparently nude pictures stolen from the actor's iCloud account Jones, 48, has been the target of sustained online attacks for months, much of it racist and sexist in nature. On Wednesday, hackers escalated the situation by posting a picture of the dead gorilla Harambe onto her personal Tumblr site, as well as explicit photos, her phone number and Twitter password, and screen grabs of her driver's licence and passport, according to TMZ. Read 4 remaining paragraphs | Comments

Read More...