posted about 6 hours ago on ars technica
Enlarge (credit: Getty Images) One of the Internet’s most aggressive threats has just gotten meaner, with the ability to infect one of the most critical parts of any modern-day computer. Trickbot is a piece of malware that’s notable for its advanced capabilities. Its modular framework excels at gaining powerful administrator privileges, spreading rapidly from computer to computer in networks, and performing reconnaissance that identifies infected computers belonging to high-value targets. It often uses readily available software like Mimikatz or exploits like EternalBlue stolen from the National Security Agency. Once a simple banking fraud trojan, Trickbot over the years has evolved into a full-featured malware-as-a-service platform. Trickbot operators sell access to their vast number of infected machines to other criminals, who use the botnet to spread bank trojans, ransomware, and a host of other malicious software. Rather than having to go through the hassle of ensnaring victims themselves, customers have a ready-made group of computers that will run their crimeware.Read 10 remaining paragraphs | Comments

Read More...
posted about 15 hours ago on ars technica
Omar Sy stars as Assane Diop in the new Netflix series Lupin, a contemporary retelling of the classic French story about a gentleman thief and master of disguise. A man seeking revenge for the death of his father attempts a risky museum heist in Lupin, a new series premiering on Netflix in January starring French actor and comedian Omar Sy. The series is a contemporary reimagining of a classic character in French detective fiction, Arsène Lupin, a gentleman thief and master of disguise who was essentially the French equivalent of Sherlock Holmes. Suave, stylish, and sophisticated, Lupin is the creation of Maurice Leblanc, who based the character partly on a French burglar/anarchist. Leblanc was also familiar with the gentleman thief featured in the work of Octave Mirbeau as well as E.W. Hornung's famed gentleman thief, A.J. Raffles, and he also knew about Rocambole, a character whose adventures were recounted in a series of stories published between 1857 and 1870 by Pierre Alexis Ponson du Terrail. Relentlessly pursued by a detective named Ganimard, Lupin is captured stealing a woman's jewels on board a ship. Although he is imprisoned, he ultimately escapes before standing trial and goes on to pull off many other colorful heists. In a June 1906 story, "Sherlock Holmes Arrives Too Late," Lupin meets the aging detective, although for legal reasons—Arthur Conan Doyle objected—the name was changed to "Herlock Sholmes" when the story was included in the first book of collected stories. The Sholmes character appeared in a few more stories later on. All told, Leblanc wrote 17 novels and 39 novellas featuring Lupin.Read 4 remaining paragraphs | Comments

Read More...
posted about 18 hours ago on ars technica
Enlarge (credit: Ars Technica) Today's Dealmaster is headlined by a new deal on Microsoft's Xbox Game Pass Ultimate service, as new users can currently purchase a three-month subscription for $1. Microsoft has traditionally offered the first month of its game subscription service for $1, though subsequent months typically cost $15 each. Note that "new subscribers" means completely new in this case, as anyone who has subscribed to Game Pass in the past is not eligible for the discount. Microsoft said in a blog post on Monday that the deal would be available for a "limited time." For the unfamiliar, Game Pass Ultimate includes both the console and PC versions of Microsoft's Game Pass service—which packages a few hundred downloadable games in a Netflix-like bundle for one monthly fee—alongside its Xbox Live Gold service, which is still required to access the online features of most Xbox console games. Recently, the company has also added the ability to stream Xbox games through the cloud on Android phones, as well as a subscription to EA's Play service. Generally speaking, the consensus is that Game Pass has become one of the better values in gaming. This is largely because Microsoft has been more aggressive than competitors like Sony's PlayStation Now about including high-profile games in the service: all of the recent games the company itself has published are included—covering big franchises like Halo, Forza, Minecraft, and Gears, among others—as are a growing number of worthwhile games from outside developers. The latter group ranges from "triple-A" titles like Destiny 2, Control, and The Outer Worlds to buzzy smaller-scale games like Celeste, Outer Wilds, and Spiritfarer. Future titles from the recently purchased Elder Scrolls- and Fallout-makers Bethesda will be there, too, though existing games like Doom Eternal are already onboard.Read 5 remaining paragraphs | Comments

Read More...
posted about 19 hours ago on ars technica
The MagSafe Duo charger. [credit: Apple ] Today, Apple finally began selling and shipping the MagSafe Duo charger, an accessory that was announced alongside the new iPhone 12 lineup on October 13. The MagSafe Duo is a charging pad that uses Qi wireless charging tech to charge two devices at once. Apple says it supports any Qi-enabled device but, of course, it specifically notes that the Duo can charge any two-device combination of an iPhone, an Apple Watch, or AirPods cases. The MagSafe Duo charger is just one of a number of MagSafe accessories Apple announced in October. New iPhones have a magnet built into the back that is designed to allow chargers and cases to latch on, and MagSafe iPhones also have built-in sensors to detect what kind of accessory is being connected and communicate with it via NFC.Read 3 remaining paragraphs | Comments

Read More...
posted about 20 hours ago on ars technica
Enlarge / When Elon Paul says it's happening, it's happening. (credit: Aurich Lawson / SpaceX / The Internet) SpaceX has taken a key step toward getting a green light to fly its Starship vehicle to an altitude 100 times higher than the spaceship prototype has previously flown. On Wednesday, the Federal Aviation Administration issued a temporary flight restriction for SpaceX to conduct a Starship launch from its facility near Boca Chica Beach in South Texas. The notification allows the company to attempt a Starship hop on Friday, Saturday, or Sunday, between the hours of 9am EST (14:00 UTC) and 6pm EST (23:00 UTC) daily. SpaceX must still obtain a launch license from the FAA for this flight. The company's founder and chief engineer, Elon Musk, has said SpaceX will attempt to fly Starship to an altitude of 15km to demonstrate the performance of three Raptor engines over the course of several minutes. The company's previous flights to about 150 meters, in August and September, used a single Raptor engine.Read 8 remaining paragraphs | Comments

Read More...
posted about 21 hours ago on ars technica
Enlarge / One way to measure the charge radius of a proton is to bounce something off it (proton-sized clamp is only available via metaphor). (credit: Jefferson Lab) How big is a proton? This doesn't sound like a very complicated question, but it's one that turned out to have the potential to wreck a lot of modern physics. That's because different methods of measuring the proton's charge radius produced results that disagreed—and not just by a little bit: the answers were four standard deviations apart. But now, a new and potentially improved measurement brings them much closer to agreement, although not quite close enough that we can consider the issue resolved. We seem to have a problem There are a couple of ways to measure a proton's charge radius. One is to bounce other charged particles off the proton and measure its size based on their deflections. Another is to explore how the proton's charge influences the behavior of an electron orbiting it in a hydrogen atom, which consists of only a single proton and electron. The exact energy difference between different orbitals is the product of the proton's charge radius. And, if an electron transitions from one orbital to another, it'll emit (or absorb) a photon with an energy that corresponds to that difference. Measure the photon, and you can work back to the energy difference and thus the proton's charge radius. (The actual wavelength depends on both the charge radius and a physical constant, so you actually need to measure the wavelengths of two transitions in order to produce values for both the charge radius and the physical constant. But for the purposes of this article, we'll just focus on one measurement.)Read 9 remaining paragraphs | Comments

Read More...
posted about 22 hours ago on ars technica
Enlarge / Sen. Richard Blumenthal (D-Conn.) at an FCC oversight hearing held by the Senate Commerce Committee on June 24, 2020. (credit: Getty Images | Washington Post) Senate Republicans are rushing to confirm President Donald Trump's nominee to the Federal Communications Commission in order to create a 2-2 deadlock for the Biden FCC. In a 14-12 party-line vote today, the Senate Commerce Committee approved Trump's nomination of Nathan Simington. If Simington is confirmed by the full Senate, the FCC would be deadlocked at two Republicans and two Democrats after the upcoming departures of Chairman Ajit Pai and Michael O'Rielly. To get a 3-2 majority on the FCC, President-elect Joe Biden would have to nominate a Democrat after taking office and hope that the Senate confirms the nomination. Senate Democrats said today that Simington is not qualified to be an FCC commissioner and that he misrepresented his work in the Trump administration during the committee's confirmation process.Read 18 remaining paragraphs | Comments

Read More...
posted about 22 hours ago on ars technica
Enlarge / UK Prime Minister Boris Johnson poses for a photograph with a vial of the AstraZeneca/Oxford University COVID-19 candidate vaccine, known as AZD1222, at Wockhardt's pharmaceutical manufacturing facility on November 30, 2020 in Wrexham, Wales. (credit: Getty | WPA Pool) Regulators and health officials in the United Kingdom are waving the Union Jack today, celebrating being the first country to approve the COVID-19 vaccine developed by US-based pharmaceutical giant Pfizer and German biotech firm BioNTech. The frontrunner vaccine is under review in regulatory agencies around the world, including the US Food and Drug Administration and the European Union’s European Medicines Agency. But the UK was the first to give the vaccine the green-light after a remarkably short 10-day review. In non-pandemic times, such reviews typically take months. “The UK was the first country to sign a deal with Pfizer/BioNTech—now we will be the first to deploy their vaccine,” UK Business Secretary Alok Sharma wrote in a tweet. “In years to come, we will remember this moment as the day the UK led humanity’s charge against this disease.”Read 11 remaining paragraphs | Comments

Read More...
posted about 22 hours ago on ars technica
Enlarge / Donald Trump speaks from the White House on Thanksgiving Day. (credit: Erin Schaff - Pool/Getty Images) President Donald Trump has long been an outspoken foe of big technology companies. And in recent months, he has focused his ire on Section 230, a provision of the 1996 Communications Decency Act that shields online platforms from liability for content posted by their users. In May, Trump called on the Federal Communications Commission to reinterpret the law—though it's not clear the agency has the power to do that. Since then, he has tweeted about the issue incessantly. On Tuesday evening, Trump ratcheted up his campaign against Section 230. In a tweet, he called the law "a serious threat to our National Security & Election Integrity." He warned that "if the very dangerous & unfair Section 230 is not completely terminated as part of the National Defense Authorization Act (NDAA), I will be forced to unequivocally VETO the Bill."Read 18 remaining paragraphs | Comments

Read More...
posted about 23 hours ago on ars technica
Enlarge / Detail of a medical treatise from the Tebtunis Temple Library with headings marked in red ink. (credit: The Papyrus Carlsberg Collection) An international team of scientists used high-energy X-rays to analyze 12 fragments from ancient Egyptian papyri and found lead compounds in both red and black inks used. According to their recent paper, published in the Proceedings of the National Academy of Sciences, this is evidence that these compounds were added not for pigmentation but for their fast-drying properties, to prevent the ink from smearing as people wrote. Painters in 15th-century Europe used a similar technique when developing oil paints, but this study suggests ancient Egyptians discovered it 1,400 years earlier. So the practice may have been much more widespread than previously assumed. “Our analyses of the inks on the papyri fragments from the unique Tebtunis Temple Library revealed previously unknown compositions of red and black inks, particularly iron-based and lead-based compounds,” said co-author Thomas Christiansen, an Egyptologist from the University of Copenhagen. As I've written previously, synchrotron radiation is a thin beam of very high-intensity X-rays generated within a particle accelerator. Electrons are fired into a linear accelerator to boost their speeds and then injected into a storage ring. They zoom through the ring at near-light speed as a series of magnets bend and focus the electrons. In the process, they give off X-rays, which can then be focused down beamlines. This is useful for analyzing structure because in general, the shorter the wavelength used (and the higher the energy of the light), the finer the details one can image and/or analyze.Read 13 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / Luckily you can't hear this image—it might result in a DMCA strike if you could. (credit: Epic Games) Epic Games and Twitch are warning streamers who broadcast during Fortnite's season-ending Marvel-crossover "Nexus War" event last night that they may need to delete their VOD clips to avoid the risk of DMCA copyright strikes. The event, which saw players take on the world-eating Galactus in a ten-minute battle, featured AC/DC's Demon Fire as a licensed background song during a portion set in the game's iconic Battle Bus. Thus, shortly before the event started, the official Fortnite Status Twitter account warned Twitch streamers that "we cannot prevent your VOD/clip content from getting flagged by the platform's copyright detection systems. The general recommendation is to either mute your VoDs or turn off VODs/clips entirely to protect yourselves against any kind of claims or strikes as best as possible." Shortly after the event, Twitch Support tweeted out a similar warning, telling users who streamed unmuted sound from the game that they may "want to be cautious about DMCA risk from the music in that event" and "consider exporting/downloading and then deleting any related VODs or Clips."Read 6 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / This panoramic image shows the Chang'e 5 lander and the lunar landscape. (credit: CNSA) Less than a day after its Chang'e 5 probe made a soft landing on the Moon, the China National Space Administration has released both a short video showing the spacecraft's descent to the surface as well as a high-definition image of the lunar landscape. The panoramic surface image, highlighting the Oceanus Procellarum region where the spacecraft landed, is especially jaw-dropping. It shows the lander and one of its legs in the foreground, with the lunar surface stretching off to the horizon. This zoomable image, which measures 15,000×7,947 pixels, provides incredible detail about small rocks near the lander, as well as the indentation made by the landing leg in the Moon's surface. The sped-up video of the descent clearly shows the Chang'e 5 lander undergoing deceleration, reorienting itself, avoiding hazards, and then hovering before coming in for a final landing.Read 3 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / Ken Keiter gets ready to tear apart the SpaceX Starlink user terminal, "Dishy McFlatface." (credit: Ken Keiter) Engineer Ken Keiter recently came into possession of one SpaceX Starlink user terminal, the satellite dish that SpaceX nicknamed "Dishy McFlatface." But instead of plugging it in and getting Internet access from SpaceX's low Earth orbit (LEO) satellites, Keiter decided to take Dishy apart to see what's inside. The teardown process destroyed portions of the device. "I would love to actually test out the [Starlink] service and clearly I didn't get a chance to, as this went a little bit further than I was intending," Keiter said toward the end of the 55-minute teardown video he posted on YouTube last week. Keiter, who lives in Portland, Oregon, was impressed by the Starlink team's work. "It's rare to see something of this complexity in a consumer product," he said in reference to the device's printed circuit board (PCB), which he measured at 19.75" by 21.5".Read 10 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / The Snapdragon 888, sitting on the world's biggest ARM motherboard. (credit: Qualcomm) This week Qualcomm announced its flagship smartphone SoC for 2021, the "Snapdragon 888." The TL;DR is that Qualcomm's 2021 chip is a 5nm SoC with an ARM Cortex-X1 core and Qualcomm's first flagship SoC with an on-board 5G modem, dumping the mandatory two-chip 5G solution that Qualcomm forced on the industry earlier this year with the Snapdragon 865. Compared to the Snapdragon 865, Qualcomm is promising performance improvements of 25 percent from the CPU, 35 percent from the GPU, and 35 percent from the ISP. We should probably talk about the name first. Qualcomm's normal naming scheme (and the rumor mill) would have made this chip the "Snapdragon 875" after the 865, 855, and 845 from previous years. The switch to Snapdragon 888 is apparently a nod to Chinese culture, which views 8 as a lucky number. Flight numbers out of Chinese airports often have a lot of eights in them, the Beijing Olympics began on 8/8/08 at eight seconds past 8:08pm local time, and now flagship Android phones will somehow be more appealing—I guess—to Chinese consumers, which also happen to make up the biggest smartphone market in the world. Marketing! As usual, the CPU is sporting a very lucky eight cores with a single "Prime" core for higher performance duties, three medium cores to help out with foreground tasks, and four low-power cores for background processing. This year the prime core is getting upgraded to ARM's big, new Cortex-X1 core at 2.84GHz, while the medium cores are getting upgraded to the Cortex A78. The ancient A55 core is still working smaller-core duties.Read 8 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Space Perspective seeks to take people to the edge of space in a pressurized vehicle. [credit: Space Perspective ] A company that plans to send passengers to the edge of space in a pressurized vehicle beneath a large balloon said Wednesday it is on track to fly a demonstration mission next year and has raised the funds needed to accomplish this. Space Perspective, which is based at Kennedy Space Center in Florida, announced it has raised $7 million in seed funding in a round of funding led by Prime Movers Lab. This funding will help the company conduct an uncrewed test flight in 2021 and continue additional development work on its pressurized Spaceship Neptune vehicle. Inside this Neptune craft, a pilot and eight passengers will spend about two hours ascending to 30km, above 99 percent of the atmosphere. From this vantage point, beneath a balloon with the diameter of a US football field, the passengers would spend about two hours experiencing the view and "Earth overview" effect. Neptune would then take about two hours descending back to Earth. Envisioned to be nearly 5 meters across, the reusable Neptune is designed to fly as much as once per week. Only the parachute is discarded after each flight.Read 9 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Hyundai Motor Group has a new modular battery electric vehicle (BEV) platform for larger rear- or all-wheel drive vehicles. It's called E-GMP and it sounds very impressive. [credit: Hyundai Motor Group ] It would be inaccurate to describe the Korean auto industry as firing on all cylinders, if only because it's also really good at making electric vehicles, and those don't have cylinders that fire. The electric versions of the Hyundai Kona, Kia Soul, and Kia Niro are about the only battery EVs to approach the range efficiency of class-leading Tesla, and it makes a pretty fine hydrogen fuel cell EV as well. On Tuesday, Hyundai Motor Group (which owns Hyundai and Kia, as well as Genesis) showed us what comes next. It's called E-GMP, and it's the group's new modular BEV platform for bigger vehicles (analogous to Volkswagen Group's PPE architecture). Hyundai Motor Group has big plans for E-GMP—a million vehicles split over 23 new models by 2025, with the first two hitting showrooms sometime in 2021. The tech specs are similarly impressive: an all-800V electrical architecture; bi-directional charging; DC fast charging to 80 percent in 18 minutes; and a WLTP range of 500km (310 miles).Read 10 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / Vials with COVID-19 Vaccine labels showing logos of pharmaceutical company Pfizer and German biotechnology company d BioNTech. (credit: Getty | Photonews) The very first doses of any approved COVID-19 vaccine should go to both front-line healthcare workers and residents of long-term care facilities, a committee of expert advisors for the Centers for Disease Control and Prevention recommended in an emergency meeting Tuesday evening. The committee’s recommendation now moves to CDC director Robert Redfield for approval before it becomes official federal guidance. And, ultimately, states will make their own final decisions on how to distribute the first coveted shipments of vaccine vials. Still, the committee—the Advisory Committee on Immunization Practices (ACIP)—has for decades set such vaccine policy recommendations and states are likely eager to have its guidance settled as they try to finalize their plans. States have only until this coming Friday, December 4, to place their first vaccine orders with the federal government. The orders will determine which facilities in each state will get vaccine shipments and how much vaccine each facility will receive out of their state's limited allotment.Read 15 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / That's a lot of screen. (credit: Samuel Axon) Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a memory corruption bug in the iOS kernel that gave attackers remote access to the entire device—over Wi-Fi, with no user interaction required at all. Oh, and exploits were wormable—meaning radio-proximity exploits could spread from one near-by device to another, once again, with no user interaction needed. This Wi-Fi packet of death exploit was devised by Ian Beer, a researcher at Project Zero, Google’s vulnerability research arm. In a 30,000-word post published on Tuesday afternoon, Beer described the vulnerability and the proof-of-concept exploit he spent six months developing single handedly. Almost immediately, fellow security researchers took notice. Beware of dodgy Wi-Fi packets “This is a fantastic piece of work,” Chris Evans, a semi-retired security researcher and executive and the founder of Project Zero, said in an interview. “It really is pretty serious. The fact you don’t have to really interact with your phone for this to be set off on you is really quite scary. This attack is just you’re walking along, the phone is in your pocket, and over Wi-Fi someone just worms in with some dodgy Wi-Fi packets.”Read 6 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Jodie Whittaker's Doctor is a prisoner of the Judoon in Doctor Who: Revolution of the Daleks, a holiday special that will air on New Year's Day 2021. The series 12 finale of Doctor Who back in March ended on a cliffhanger, with Jodie Whittaker's Thirteenth Doctor imprisoned and her loyal companions (or "fam") back on Earth without her. Fortunately, we don't have much longer to wait to find out what happens. The BBC dropped the official trailer for the upcoming holiday special, Revolution of the Daleks, slated to air on New Year's Day. (Spoilers for S12 below.) As I noted in my review earlier this year, series 12 felt like classic Doctor Who, to the delight of longtime fans disappointed by Whittaker's first outing. (I thought that first outing was solid and showed a lot of promise.) In the episode "Fugitive of the Judoon," the Doctor encountered the intergalactic police force-for-hire, the Judoon (introduced in the series three episode "Smith and Jones"). The Judoon were supposedly hunting a man who lived in Gloucester with his wife, Ruth (Jo Martin). But their true target turned out to be Ruth, who recovered lost memories and declared herself to be the Doctor, with her own buried blue police box TARDIS. Yet neither Doctor had any recollection of the other.Read 9 remaining paragraphs | Comments

Read More...
posted 1 day ago on ars technica
Enlarge / Slack is evaporating into the Salesforce cloud, you could say. (credit: Aurich Lawson) Salesforce, a cloud-services company that targets businesses, has announced that it will acquire workplace communication service Slack for $27.7 billion. The announcement follows a week of rumors and a steep bump in Slack's value on the stock market in anticipation of the deal being made official. Neither company has yet to announce in any detail what this will mean for users and customers. Salesforce is sure to include Slack in some of its broader bundles and, to more tightly integrate Slack with its other software services, "Slack will be deeply integrated into every Salesforce Cloud" and will become "the new interface for Salesforce Customer 360," the press release says. But anything else beyond that is speculation at this point. New features and development priorities or adjusted pricing models are possibilities, but we also don't yet know when any user-relevant changes related to this acquisition will actually take place, either.Read 7 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / OpenZFS 2.0.0 brings a ton of new features and performance improvements to both Linux and BSD platforms. (credit: Aurich Lawson) This Monday, ZFS on Linux lead developer Brian Behlendorf published the OpenZFS 2.0.0 release to Github. Along with quite a lot of new features, the announcement brings an end to the former distinction between "ZFS on Linux" and ZFS elsewhere (for example, on FreeBSD). This move has been a long time coming—the FreeBSD community laid out their side of the roadmap two years ago—but this is the release that makes it official. Availability The new OpenZFS 2.0.0 release is already available on FreeBSD, where it can be installed from ports (overriding the base system ZFS) on FreeBSD 12 systems, and will be the base FreeBSD version in the upcoming FreeBSD 13. On Linux, the situation is a bit more uncertain and depends largely on the Linux distro in play. Users of Linux distributions which use DKMS-built OpenZFS kernel modules will tend to get the new release rather quickly. Users of the better-supported but slower-moving Ubuntu probably won't see OpenZFS 2.0.0 until Ubuntu 21.10, nearly a year from now. For Ubuntu users who are willing to live on the edge, the popular but third-party and individually-maintained jonathonf PPA might make it available considerably sooner.Read 3 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / All of 2020's tropical storms and hurricanes in a single image. (credit: NOAA) Monday was the last "official" day of the Atlantic hurricane season, drawing down the curtain on what has been a frenetic year for storms forming in the Atlantic Ocean, Gulf of Mexico, and Caribbean Sea. The top-line numbers are staggering: there were a total of 30 tropical storms and hurricanes, surpassing the previous record of 28 set in the year 2005. For only the second time, forecasters at the National Hurricane Center in Miami ran out of names and had to resort to using the Greek alphabet. Of all those storms, 12 made landfall in the United States, obliterating the previous record of nine landfalling tropical storms or hurricanes set in 1916. The state of Louisiana, alone, experienced five landfalls. At least part of the state fell under coastal watches or warnings for tropical activity for a total of 474 hours this summer and fall. And Laura became the strongest hurricane to make landfall in the Pelican State since 1856.Read 7 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge (credit: Aurich Lawson) David Brown, Amazon's Vice President of EC2, runs through a skit with Filmic CEO Kevin Buonagurio sketching the company's evolution from running Mac Minis on wire shelves in a closet to macOS instances in Amazon EC2. Amazon Web Services and Apple have partnered to bring modern cloud-provisioning capabilities to the macOS platform, with Tuesday morning's launch of the new mac1.metal ECS instance type. In something of a departure from Amazon's usual cloud fare, the new instance types aren't virtual machines at all—they're Mac Mini systems, bolted in pairs to 1U rack-mount sleds. No, these aren't Apple Silicon systems—the Minis in question are the Intel-based model, each with a Core i7-8700B 6c/12t CPU, 32GiB RAM, and 10Gbps network interface. The mac1.metal instances don't offer local storage, instead relying on Elastic Block Storage (EBS) accessed at 8Gbps via high-speed Thunderbolt 3. Customer provisioning, billing, and out-of-band management are handled via Amazon's Nitro offboard system, in peripherals mounted on the sleds and connected via the Minis' external interfaces. Although there's no virtualization in play here, the mac1.metal instances can be spun up and down nearly as rapidly, thanks to the AWS Nitro hardware management—which is invisible, from the customer's perspective. To someone who spins up a mac1.metal instance, the instance is for all intents and purposes a perfectly vanilla, brand-new Intel Mac Mini.Read 4 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge / Nikola Chairman Trevor Milton unveils the Nikola One truck in December 2016. (credit: Nikola) In June, aspiring hydrogen truckmaker Nikola became a publicly traded company thanks to a merger with a special-purpose acquisition company. That transaction included a 180-day lockup for company insiders, designed to prevent them from dumping their shares on unsuspecting investors in the first few days of trading. Today is the first day those insiders can sell their shares, and Nikola's stock price is down 15 percent. That's on top of yesterday's 26 percent decline after Nikola announced it was canceling its Badger pickup truck. Nikola's stock is now down about 80 percent from its post-IPO high in June and down 65 percent since September's announcement of the deal with GM. The failure to close that deal, announced yesterday, forced Nikola to abandon the Badger.Read 2 remaining paragraphs | Comments

Read More...
posted 2 days ago on ars technica
Enlarge (credit: Oracle) Attackers are targeting a recently patched Oracle WebLogic vulnerability that allows them to execute code of their choice, including malware that makes servers part of a botnet that steals passwords and other sensitive information. WebLogic is a Java enterprise application that supports a variety of databases. WebLogic servers are a coveted prize for hackers, who often use them to mine cryptocurrency, install ransomware, or as an inroad to access other parts of a corporate network. Shodan, a service that scans the Internet for various hardware or software platforms, found about 3,000 servers running the middleware application. CVE-2020-14882, as the vulnerability is tracked, is a critical vulnerability that Oracle patched in October. It allows attackers to execute malicious code over the Internet with little effort or skill and no authentication. Working exploit code became publicly available eight days after Oracle issued the patch.Read 4 remaining paragraphs | Comments

Read More...