posted about 17 hours ago on ars technica
This is a guest post from Steve Bellovin, a professor in the Computer Science department and affiliate faculty at the law school at Columbia University. His research focuses on networks, security, and public policy. His opinions don't necessarily reflect the views of Ars Technica. (credit: EUGENE TANNER/AFP/Getty Images) By now, most people have heard about the erroneous incoming ICBM alert in Hawaii. There's been scrutiny of the how the emergency alert system works and of how international tensions and the flight times of missiles can lead to accidental nuclear war. I'd like to focus instead on how the systems design in Hawaii led to this problem—a design that I suspect is replicated in many other states. One possible factor, of course, is hurried design: Read 11 remaining paragraphs | Comments

Read More...
posted about 20 hours ago on ars technica
Enlarge / Aim carefully. (credit: Getty | Brian Seed ) According to scientists, a poison arrow in the quiver may let loose a very sticky nether-region massacre. The poison in question has spattered from the tips of African weapons for centuries, rubbing out wild beasts and halting the hearts of warriors. But, according to a study in the Journal of Medicinal Chemistry, a crotch shot of an ancient toxin called “ouabain” can also take out sperm. By tweaking the poison’s chemical backbone (or scaffold), it can selectively paralyze trouser troops and prevent them from storming eggs, the authors report. The study’s authors, led by Shameem Sultana Syeda of the University of Minnesota, are optimistic that, with further aiming, the poison’s progeny could one day strike as a safe, reversible male contraceptive. Read 8 remaining paragraphs | Comments

Read More...
posted about 21 hours ago on ars technica
Jordan Golson It’s been quite an unexpected decade at Tesla. In 2007, if you said that the EV company would release an all-electric sedan that became one of the fastest accelerating vehicles of all time and sold tens of thousands of units with numerous hardware and software improvements along the way, you’d have been sent to the loony bin. And if you then predicted the company would release an all-electric SUV that would do the same and develop and release (sort of) an affordable, stylish, and long-range EV... well, maybe you’d have been mistaken for a member of the Musk family. And yet, Elon Musk and Tesla have done all those things with the Model S, Model X, and Model 3. The company has gone further with things like the Gigafactory; home, commercial, and utility battery products; and previews of the new Tesla Roadster and Tesla Semi, too. To be sure, Musk has made a lot of ambitious promises and really missed a lot of deadlines over the years—but people who have bet against Tesla over have lost a lot of money. (Tesla's stock price is up almost 1700 percent since its June 2010 IPO, fyi.) Read 61 remaining paragraphs | Comments

Read More...
posted about 21 hours ago on ars technica
Enlarge / Counterpart is ready to give you all the JK Simmons you can handle. (credit: Starz) Warning: The following preview outlines general details for the premise of Counterpart, a new Starz sci-fi series debuting this weekend. The “actor as multiple roles” genre has been done in a seemingly infinite amount of ways as of late: clones, siblings, whatever Cloud Atlas was. With Starz' new series Counterpart debuting this Sunday (8pm ET), the premise gets a slight twist. Beloved institution JK Simmons (everything from those Allstate ads to Justice League and Whiplash) portrays mild-mannered office man Howard and alternate-universe spy bad-ass Howard Prime. Confused? Luckily, audiences get the gist of this situation early in the series premiere: 30 years ago during the Cold War, scientists were experimenting when something went wrong, opening a passage between two seemingly distinct worlds. “Go through this door,” bossman Peter tells Howard. “And you’re in a world identical to ours.” Read 7 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / Starting sometime this year, you'll be able to pay up front to fake as any of Rift Prime's heroes. (credit: Trion) The online game-subscription model has generally waned in recent years, overtaken by the popularity (and apparent profitability) of "free-to-play" (F2P) fare. One of the earliest MMORPGs to switch to a F2P model, the Trion-published Rift, announced a curious change coming to its payment model: a branch-off of one Rift server, and its entire gameplay and payment structure, to return to the flat subscription model later this year. As reported by Kotaku, the game's developers announced plans for this new version, dubbed Rift Prime, in a Friday blog post. The plan actually began life months earlier when Trion asked fans about the idea of a "challenge server" product—meaning, a version of the game that was harder and segregated interested players into their own, higher-difficulty pool of players. Fan response to the pitch went a different direction. The players' "strongest cues," the devs write, revolved around "how to make the business model more appealing." Read 5 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / Colorized scanning electron micrograph of Escherichia coli (E. coli), grown in culture and adhered to a cover slip. (credit: NIAID / Flickr) Proteins are chains of amino acids, and each link in the chain can hold any one of the 20 amino acids that life relies on. If you were to pick each link at random, the number of possible proteins ends up reaching astronomical levels pretty fast. So how does life ever end up evolving entirely new genes? One lab has been answering that question by making its own proteins from scratch. Way back in 2016, the same lab figured out that new, random proteins can perform essential functions. And those new proteins were really new. They were generated by scientists who made amino acid sequences at random and then kept any that folded into the stable helical structures commonly found in proteins. These proteins were then screened to see if any could rescue E. coli that were missing a gene essential to survival. Read 9 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Jonathan Gitlin DETROIT—Once upon a time, the North American International Auto Show was a mighty thing indeed. The American auto industry ruled the world, and this was their home event with all the bells and whistles that implies. But the world has changed. For one thing, people can and do use the Internet to work out what car they're going to buy. And with the LA Auto Show, CES, and NAIAS in such close proximity to each other on the calendar, there just aren't enough new things to fill all three events. The take-home impression from NAIAS this year—hot on the heels of a mediocre CES—was of a lackluster performance with little in the way to stop one in their tracks. Ford opened the events at the Cobo Center with a trio of new models that we covered early in the week. Mercedes-Benz had a new G-Class that looks almost identical to the 1979 model, an example of which could be seen embedded in synthetic amber outside the front doors. By midweek this nearly-50 ton act of corporate whimsy was roped off, riven by cracks thanks to the sub-freezing temperatures. BMW gave the i8 hybrid a mid-life bump, and Audi showed its new A7 on this continent for the first time. Read 11 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / The components are (generally) good quality. (credit: Owen Duffy) Welcome to Ars Cardboard, our weekend look at tabletop games! Check out our complete board gaming coverage at cardboard.arstechnica.com. For millennia, humans have been captivated by Mars. To the ancient Romans, the “red planet” represented the god of war, presiding over conquest and glory. To the 19th-century astronomer Giovanni Schiaparelli, it was a world connected by vast canals, evidence of an advanced civilization. Today, our cosmic neighbor is a place to be explored, analyzed, and understood; the prospect of setting foot on Martian soil seems tantalizingly close. But if the board game First Martians is anything to go by, we shouldn’t bother. Mars doesn’t want us. Read 17 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / Maybe Twitter should try this approach for the 677,775 emails it says it will soon send to affected users. (credit: Warner Bros. / Sam Machkovech) On Friday, Twitter took an end-of-the-week opportunity to dump some better-late-than-never news onto its userbase. For anybody who followed or engaged with a Twitter account that faked like an American during the 2016 election season but was actually linked to a major Russian propaganda campaign, you're about to get an email. Twitter announced that it would contact a massive number of users with that news: 677,775 users to be exact. This count includes those who interacted with the 3,814 accounts that Twitter has directly linked to the Internet Research Agency (IRA), the Russian troll farm whose election-related meddling was exposed in 2017. That number of accounts, Twitter noted, is a jump from Twitter's prior count of 2,812 IRA-linked trolls, which it had disclosed as part of an October 2017 hearing in Congress. Twitter says that this specific pool of troll accounts generated 175,993 posts during the 2016 period of activity that Twitter has been analyzing, and the service noted that 8.4 percent of those posts were "election-related." In its Friday disclosure, Twitter did not take the opportunity to acknowledge how the remaining percentage of these posts, which included anything from "I'm a real person" idle banter to indirect and divisive messaging, may have ultimately contributed to the troll farm's impact. (For example: Twitter CEO Jack Dorsey bit, and bit hard, on a known IRA account by retweeting two of its 2016 posts.) Read 5 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge / If you bought directly from OnePlus in the last two months or so, double-check your credit statements. Earlier this week, numerous reports of credit card fraud started pouring in from OnePlus users. On the company's forums, customers said that credit cards used to purchase a OnePlus smartphone recently were also seeing bogus charges, so OnePlus launched an investigation into the reports. It's now a few days later, and the company has admitted that its servers were compromised—"up to 40k users" may have had their credit card data stolen. OnePlus has posted an FAQ on the incident. "One of our systems was attacked," the post reads. "A malicious script was injected into the payment page code to sniff out credit card info while it was being entered." OnePlus believes the script was functional from "mid-November 2017" to January 11, 2018, and it captured credit card numbers, expiration dates, and security codes that were typed into the site during that time. Users that paid via PayPal or a previously-entered credit card information are not believed to be affected. OnePlus says it "cannot apologize enough for letting something like this happen." The company is contacting accounts it believes to have been affect via email, and OnePlus says it is "working with our current payment providers to implement a more secure credit card payment method, as well as conducting an in-depth security audit." Read on Ars Technica | Comments

Read More...
posted 3 days ago on ars technica
Enlarge (credit: Kristin Andrus) If it were easy to pin down the exact value for our planet’s sensitivity to greenhouse gas emission, it would have been done a long time ago—and you wouldn’t be reading yet another news story about it. It's not like we have no idea how sensitive the climate is. The range of possible values that scientists have been able to narrow it down to only spans from “climate change is very bad news” to “climate change is extremely bad news.” But the difference between “very bad” and “extremely bad” is pretty important, so climate scientists aren’t throwing up their hands any time soon—as two new studies published this week show. There are several basic strategies available for calculating the climate's sensitivity. These range from studying climate changes in the distant past to building and evaluating climate models to analyzing the warming over the last century or so. Each strategy has pros and cons. A handful of studies looking at the last century made waves a few years ago for yielding oddly lowball estimates of the impact of CO2 on warming, for example. Later studies have found problems that push those estimates upward when corrected, but one of this week’s studies demonstrates that the entire strategy is inherently problematic. Read 12 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Amazon founder and CEO Jeff Bezos. (credit: Steve Jurvetson) Amazon on Friday announced that it has raised the price of its Prime membership program for those who subscribe on a month-to-month basis. The plan previously cost $10.99 a month, but it will now cost $12.99 a month. That means the price of subscribing to the monthly Prime plan for a full year has jumped 18 percent, from $131.88 to $155.88. Those who currently subscribe to the monthly plan will see the price hike take effect on their first payment after February 18. The e-commerce giant said it has also raised the rate of its cheaper Prime plan for students from $5.49 a month to $6.49 a month. The Prime Student plan launched this past October. Read 6 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
(credit: Malwarebytes) Proving once again that Google Chrome extensions are the Achilles heel of what's arguably the Internet's most secure browser, a researcher has documented a malicious add-on that tricks users into installing it and then is nearly impossible for most to manually uninstall. It was available for download on Google servers until Wednesday, 19 days after it was privately reported to Google security officials, a researcher said. Once installed, an app called "Tiempo en colombia en vivo" prevents users from accessing the list of installed Chrome extensions by redirecting requests to chrome://apps/?r=extensions instead of chrome://extensions/, the page that lists all installed extensions and provides an interface for temporarily disabling or uninstalling them. Malwarebytes researcher Pieter Arntz said he experimented with a variety of hacks—including disabling JavaScript in the browser, starting Chrome with all extensions disabled, and renaming the folder where extensions are stored—none of them worked. Removing the extension proved so difficult that he ultimately advised users to run the free version of Malwarebytes and let it automatically remove the add-on. When Arntz installed the extension on a test machine, Chrome spontaneously clicked on dozens of YouTube videos, an indication that inflating the number of views was among the things it did. The researcher hasn't ruled out the possibility that the add-on did more malicious things because the amount of obfuscated JavaScript it contained made a comprehensive analysis too time consuming. The researcher provided additional details in a blog post published Thursday. Read 9 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge (credit: Oak Ridge National Lab) By law, the National Science Foundation is required to do a biennial evaluation of the state of science research and innovation. This is one of the years it's due, and the NSF has gotten its Science and Engineering Indicators report ready for delivery to Congress and the president. The report is generally optimistic, finding significant funding for science and a strong return on that investment in terms of jobs and industries. But it does highlight how the global focus is shifting, with China and South Korea making massive investments in research and technology. Science isn't a monolithic endeavor, so there's no way to create a single measure that captures global scientific progress. Instead, the NSF looked at 42 different indicators that track things like research funding, business investments, training of scientists, and more. All of these measures were evaluated for the globe, in order to put the US' scientific activity in perspective. Show me the money Overall, science funding is on a good trajectory. In 2005, global R&D spending was just under a trillion dollars; by 2015, it had cleared $2 trillion. In total, 75 percent of that is spent in 10 nations; in order of spending, these are the United States, China, Japan, Germany, South Korea, France, India, and the United Kingdom. The US alone spends about $500 billion. China, which was at roughly $100 billion a decade ago, has now cleared $400 billion. Read 15 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge / We will admit, new sales for the consoles shown here did not do very well in 2017 It's a bit hard to remember now, but we're only four or five years out from widespread and confident predictions that the game console market was effectively dead or dying. In 2012, Wired cited mobile disruption and "the whole box-model mentality" in declaring the death of the console. Around the same time, CNN cited a "four-year tailspin" in sales for dedicated consoles (which, coincidentally, started right around the same time as the global financial crisis) to explain "why console gaming was dying." And IGN, in its own 2012 look at the fate of the console market, offered a bold prediction for the fate of the PS4 months before it was even officially announced: "A better-graphics box at $400? Not going to work." Today, those and many other relatively recent predictions of doom for the console market look downright silly. The industry analysts at NPD announced last night that the US video game market grew 11 percent in 2017 to $3.3 billion. The reason? "Video game hardware [meaning consoles] was the primary driver of overall growth," as hardware was up 27 percent for the year, to $1.27 billion. Read 5 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge (credit: Getty Images | alexsl) An iPhone application that attempts to detect whether ISPs are throttling online services is now available on Apple's App Store, despite Apple originally refusing to allow it onto iPhones and iPads. The Wehe app has been available for iOS at this link since last night. It had already been available for Android on the Google Play store for at least a month. Wehe tests the speeds of YouTube, Amazon, NBCSports, Netflix, Skype, Spotify, and Vimeo in different ways and uses variances in measured results to judge whether or not traffic is being throttled to your device.. But Apple initially refused to let the app into the App Store, telling its creator that "your app has no direct benefits to the user." Read 11 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge / The Zuma mission launched on Jan. 7 from Florida. (credit: SpaceX) The space community has not learned much about the apparent loss of the Zuma payload launched by SpaceX on January 7, but the mystery has had one clear after effect: critics of SpaceX, including several far-right publications, have weaponized the failure of a national security satellite in their continued stream of attacks on the company. For example The Federalist, a publication that defended the dating habits of Alabama Judge Roy Moore in his Senate campaign, opined about the accident, "It is concerning, to say the least, that American taxpayers have become the guinea pigs who will bear the risks and the costs before a final determination can be made." The conservative Washington Times also published a critical piece, noting that, "Taxpayers are tired of getting ripped off." These articles were written by individuals with little apparent knowledge about the aerospace industry. The Federalist author lists, among his qualifications, that he "helped the 2014 freshmen Republican class to set up offices." The Times author notes on his LinkedIn profile that he is a "professional coalition builder." Read 10 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge / A couple of wind turbines, part of the Cedar Point Wind Energy Project in Limon, Colorado. (credit: Getty Images) Proposals for renewable electricity generation in Colorado are coming in cheap, like, $21/MWh-cheap for wind and battery storage. Though there are a few caveats to those numbers, federal incentives and quickly falling costs are combining to make once-quirky renewable projects into major contenders in an industry where fossil fuels have comfortably dominated since the 19th century. Early last year, Colorado energy provider Xcel Energy requested proposals for new electricity generation. Specifically, the company needed 450 megawatts of additional generation to meet future demand. In a separate request called the Colorado Energy Plan, Xcel said (PDF) it would consider replacing two coal plants providing 660MW of capacity with "hundreds of megawatts of new wind and solar as well as some natural gas-fired resources" if new resources could be found cheaper than what those coal plants cost to operate (including costs to shut down the plants early). By late November, energy companies had submitted their best offers. Although exact details of the offers aren’t available yet, Xcel Colorado was required to make public a summary of the proposals (PDF) in the month after the bids were submitted. Read 13 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge (credit: Microsoft) Microsoft has released a major Office update for Mac. Update 16.9.0 finally brings long-anticipated real-time collaboration features and automatic cloud saving. Notably, the Mac version of this software is now built from the same codebase as the Windows version, which means that Office shares a codebase across all platforms for the first time in 20 years. The Mac version of Office has often lagged behind Windows in features (some periods have been better than others). But this change could lay the groundwork for better parity moving forward. A shared codebase doesn't necessarily mean everything will be the same, but it does mean that supporting all platforms (Windows, Mac, iOS, and Android) will be simpler on Microsoft's end. Real-time collaboration is long overdue in Office for Mac. Users have been calling for it for quite some time. A major selling point of Google Docs and several other Office alternatives, it's been a slow rollout for this feature in Office regardless of platform. Limited live collaboration was part of the Office 2016 update, but Excel for Windows, for example, didn't get true real-time collaboration until a beta last year. Read 4 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Enlarge / Jeanette Epps, left, served as a back-up crew member to Expedition 54 to the space station. (credit: NASA) NASA issued a short news release on Thursday evening stating that Jeanette Epps will not be a part of the International Space Station crew set to launch in June. (That flight would launch from Kazakhstan aboard a Soyuz rocket.) The release gave no reason why Epps was pulled from the flight. In a response to a request for more information, Johnson Space Center spokeswoman Brandi Dean told Ars, "A number of factors are considered when making flight assignments. However, these decisions are personnel matters for which NASA doesn’t provide information." According to NASA, Epps had returned to the active Astronaut Corps at the space center to assume duties in the astronaut office. She will be considered for assignment to future missions. Had she flown this year, Epps would have become the first African-American astronaut to live as a crew member aboard the International Space Station. Only three other African American women have flown into space. Epps' assignment in January 2017 garnered a fair amount of favorable publicity for the space agency. Read 2 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
After writing up Nintendo's Wednesday reveal of its new Labo playsets (coming April 20 to the US and Japan and April 27 to Europe), I realized I'd forgotten to add an important word to the article's introduction: "what." More specifically, the drawn-out, question-marked version I should have shouted when the product's reveal video played out. ("Whaaaaat?!") I'm a big fan of Nintendo's physical-toy era in the '60s and '70s, back when company legend and Game Boy creator Gunpei Yokoi came up with engineering wonders like the Ultra Hand and the Ten-Barrel Puzzle. As a result, I was immediately charmed by the physicality and toy-controller possibilities of the reveal video, which included everything from a motorcycle steering chassis to a 13-key piano to a string-loaded fishing rod—all built by players with a mix of pre-cut, pre-marked cardboard, sensing stickers, plastic, string, and more. But then I began wondering: exactly how does everything work with Nintendo Labo? In particular, what the heck is going on with Labo's most insane offering: a full-body robot suit? Read 19 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
Enlarge (credit: Steve Johnson) The Federal Communications Commission is making its latest determination of whether broadband is being deployed to all Americans quickly enough, and there are a few notable tidbits from what we know about the report so far. The FCC today released a fact sheet on the draft Broadband Progress Report and a statement by Chairman Ajit Pai, but not the actual draft report. Pai's FCC has determined that mobile broadband is not a full substitute for home Internet services, after previously suggesting that mobile Internet might be all Americans need. The FCC also won't be lowering the speed standard that it uses to judge whether broadband deployment is happening quickly enough. Read 36 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
Enlarge / Former pharmaceutical executive Martin Shkreli. Jail for him, competition for his kind. (credit: Getty | Drew Angerer ) For four of the country’s largest hospital systems, enough is enough. Sick of drug companies’ eye-popping price hikes and ridiculous shortages, the feisty hospital systems announced Wednesday that they’ve banded together and formed an unnamed non-profit to make their own steady supply of affordable generic medicines. The leading hospital system, Intermountain Healthcare, released a statement explaining: Read 8 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
Enlarge / Philadelphia miner Matthew Freilich shared this picture of his mining rig, which contains eight Nvidia GTX 1070 graphics cards. (credit: Matthew Freilich) The market for high-end graphics cards used to work like the market for almost any other piece of computer gear. You'd go to your local electronics store, pick one up off the shelf, and pay an amount right around the manufacturer's suggested retail price. But the rise of cryptocurrency mining has created an unprecedented global shortage of graphics cards. If you go to your local retailer, you're likely to find bare shelves where the beefier cards used to be. Instead of trading at a discount, used cards routinely sell for well above MSRP on sites like eBay and Craigslist. And it's driving PC gamers—who used to be the primary market for these cards—crazy. Read 35 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
Greetings, Arsians! Courtesy of our friends at TechBargains, we have another round of deals to share. Today's list features a slew of deals on laptops from Dell, Lenovo, and Asus, including Asus model that comes with a 8th-gen Core i5 chip, 1080p display, 8GB of RAM, and a USB-C port for $500. Beyond the PC, we've also got an Amazon-certified refurbished version of Amazon's latest Fire TV Stick for $30, which is $10 off its non-refurbished going rate. The rest of the discount smorgasbord covers Apple's 12.9-inch iPad Pro, various 4K TVs, and the usual array of smart home gear. You can take a look for yourself below. (credit: TechBargains) Note: Ars Technica may earn compensation for sales from links on this post through affiliate programs. Featured Deals Read 8 remaining paragraphs | Comments

Read More...