posted 3 days ago on ars technica
Dish Network today said its customers are experiencing "the largest blackout in US television history," all because of a money dispute between Dish and Sinclair Broadcast Group. 129 stations in 36 states and Washington, DC, went dark yesterday afternoon, affecting about 5 million Dish customers. Overall, Sinclair owns or operates 153 stations, with 87 of them being "affiliates of the four major broadcast networks—CBS, NBC, ABC, and Fox—meaning customers lost access to local and national news programming as well as sports carried by those stations," The Wall Street Journal reported. Sinclair is the nation's largest broadcast group, according to the FCC. With almost 14 million subscribers, Dish is the second largest satellite TV provider after the AT&T-owned DirecTV. Read 7 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
A proposed class-action suit has been filed [PDF] in California on behalf of Ashley Madison users who had their personal information leaked, including those who paid the site a fee for a “full delete” of their data. After a breach of the site's database, people combing through the information found that Ashley Madison and other properties owned by parent company Avid Life Media (ALM) had retained quite a bit of information pertaining to users who purchased a “full delete” of their profile for $19, including GPS coordinates, date of birth, gender, ethnicity, weight, height, among other details. Although e-mail addresses, phone numbers, and descriptions written by users who sought “full deletes” were eliminated by the time the hackers accessed the database, the incidental data that Ashley Madison kept on those users could still paint quite a picture. The Register has a table that nicely illustrates what information Ashley Madison kept on “deleted” users and what it actually deleted. In addition, when Ars investigated the “full delete” option on Ashley Madison a year ago, we found that there was little difference between a “full delete” and the “hiding your profile” option, except that messages that a user sent to another user would be deleted if exiting users paid the fee. Read 3 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
In announcing its latest app initiative Wednesday, Amazon put an italicized emphasis on the fact that apps and games in the new "Amazon Underground" section are "actually free" for Android devices. That means users can go on an in-app purchase shopping spree for all of the chapters, items, options, and "energy" they want, while developers get pennies on the hour in exchange for giving up their beloved monetization plan. Amazon Underground promises that its offerings are really, truly, and wholly free. Formerly paid apps cost nothing, while former freemium apps no longer ring users up for however many in-app purchases they make. Want fifty gazillion "coins" that would normally cost $100 of real cash, or free versions of productivity software, solid games like Goat Simulator, or kids' fare from the Sesame Workshop? They're yours for the taking. Amazon reminds you at every checkout opportunity how much you're not paying. While you might expect that this new system would have developers launching social media campaigns about getting ripped off, Amazon made very clear that game and app creators whose livelihoods depended on IAPs would still get paid: "We're paying developers a certain amount on a per-minute-played basis in exchange for them waiving their normal in-app fees," the company's announcement stated. "We're the one picking up those per-minute charges." Read 11 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Driverless cars might be the norm some day—sooner than we think. So it's never too early to consider futuristic scenarios of a driverless car world. There have already been plenty of ethical questions asked, like whether a driverless car should decide who lives or who dies during an accident scenario. One question often posed is whether a driverless vehicle could choose to ram a school bus full of kids or sacrifice the driverless vehicle's occupants during a mishap. Now the Rand Corp. is thinking about how law enforcement officials should deal with driverless cars. A recent study (PDF) by the group ponders whether a cop should have the ability to remotely control a vehicle to pull it over. Read 6 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Following lackluster 2014 earnings, the Finnish company behind Angry Birds has now decided to cut 260 jobs—or over a third of its workforce of 700—not a good sign for the gaming studio. "This is personally a difficult decision," CEO Pekka Rantala said in a Wednesday statement. "However, it is certain that a leaner and more agile Rovio is absolutely necessary to move forward and take the company to new successes in the future. We will work with and support all our employees through this period of change." In October 2014, Rovio cut 130 jobs and in March of this year released some 2014 financial data showing that its annual revenue of €158.3 million ($180.3 million) was down year-over-year by 9 percent. Privately held Rovio did not disclose its 2014 profits. By contrast, in April 2014, Rovio announced 2013 annual profits of €26.9 million ($34 million), a notable drop from €55.5 million ($70.2 million) from the year before. It also seems that people are less and less interested in plush dolls: "The year on year decline of consumer product licensing revenues impacted revenue and profit." Read 1 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Right now, if you want to buy a 4K OLED TV, your options are limited to curved panels from LG. And that's fine if you're into the whole curved TV thing, but for the most people the curve is unnecessary. Sometimes, the curve even makes the picture worse. Fortunately, LG is finally offering flat versions of its 4K OLED TVs, starting with the 55-inch 55EF9500 and the 65-inch 65EF9500, both of which are being released in September. Unfortunately, they won't be any cheaper than their curved counterparts. The 55-inch model will cost $5500 (~£3500), while the 65-inch version will cost $7000 (~£4500). That's still better value than LG's first OLED TV, a 55-inch model that sold for an eye-watering $15,000 (£10,000) when it launched back in 2013. With LG being the only TV manufacturer making large-screen OLED TVs—thanks in part to Sony and Samsung choosing to focus on existing LCD technology for the consumer market—prices are likely to remain high for the foreseeable future. Whether that price is worth it depends on how much you value picture quality. Read 3 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Despite years of study, there is no clear evidence that exposure to the photons emitted by devices like cell phones and wireless networks pose any health risk whatsoever. That hasn't stopped people from concluding they are sensitive to these electromagnetic emissions and taking various actions to avoid them. While some of these people have moved to areas with low levels of this radiation, others have tried to force the rest of society to accommodate them. In the latest instance of this, a Massachusetts couple has sued their child's school, claiming that its "industrial-capacity" Wi-Fi system was causing health problems. The suit hopes to have "Electromagnetic Hypersensitivity Syndrome" defined as falling under the protections of the Americans with Disabilities Act. The suit targets the Fay School, a pricey Massachusetts boarding school (families of younger students can pay $25,000 a year and up for them to attend during the day, while full boarding is offered for older students at $60,000). Fay has students use Chromebooks and tablets during classes and provides the devices with Internet access through a Wi-Fi network. In 2013, Fay upgraded its network to what the suit describes as "a high-density, industrial-capacity wireless system." Read 11 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
There may soon be a whole lot of used Humvees on the market—or in the scrapyard. The US Army has picked its replacement for the aging vehicle originally designed as a Cold War replacement for the Jeep—and it comes from Wisconsin. Eventually, the Army and Marine Corps could buy nearly 55,000 of the vehicles over the next 25 years, spending over $30 billion. In a move that will undoubtedly spur a spate of protests and political backlash from a heavily lobbied Congress, the US Army has awarded the Defense Department's multibillion dollar Joint Light Tactical Vehicle (JLTV) program contract to the contender from Oshkosh Defense, beating out the other finalists in the program, which started in November of 2006—Lockheed Martin and the Humvee's manufacturer, American General. The initial "low rate" order for 16,901 vehicles for both the Army and Marine Corps is worth $6.7 billion. Oshkosh's winning design is called the L-ATV (for "Light Combat Tactical All-Terrain Vehicle"). It includes innovations that were added to the Humvee during the wars in Iraq and Afghanistan, including remote-operated weapons turrets (with heavy machine guns, automatic grenade launchers, and anti-tank missiles), and electronic warfare gear to jam remote controls for improvised explosive devices (IEDs). It will also be a rolling network unto itself, equipped to generate up to 10 kilowatts of "exportable" power for Army and Marine Corps communication and computer gear, with HF, VHF, UHF, and SATCOM onboard as well as a vehicle intercom system. There's also a centralized onboard computer system powering "smart displays" for the soldiers or Marines it carries. The L-ATV will also be equipped with a variety of surveillance and threat sensors—including a shot locator system, long-range surveillance cameras, and low-light and infrared camera systems. Read 3 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
When hackers released password data for more than 36 million Ashley Madison accounts last week, big-league cracking expert Jeremi Gosney didn't bother running them through one of his massive computer clusters built for the sole purpose of password cracking. The reason: the passwords were protected by bcrypt, a cryptographic hashing algorithm so strong Gosney estimated it would take years using a highly specialized computer cluster just to check the dump for the top 10,000 most commonly used passwords. So fellow security expert Dean Pierce stepped in to fill the vacuum, and his experience confirms Gosney's assessment. The long-and-short of his project is that after five days of nonstop automated guessing using a moderately fast server specifically designed to carry out compute-intensive cryptographic operations, he deciphered just 4,000 of the underlying plaintext passwords. Not surprisingly, the passwords Pierce extracted from just the first 6 million entries in the Ashley Madison table look as weak as those from just about any data breach. Here are the top 20 and number of users who chose each one: password Number of users 123456 202 password 105 12345 99 qwerty 32 12345678 31 ashley 28 baseball 27 abc123 27 696969 23 111111 21 football 20 fuckyou 20 madison 20 asshole 19 superman 19 fuckme 19 hockey 19 123456789 19 hunter 19 harley 18 Most of the lessons gleaned from Pierce's exercise involve the secure storage of passwords at rest. We'll get to that in a moment. But first, a few observations about the top 20 passwords uncovered. First, they come from the beginning six million hashes stored in the Ashley Madison database. Depending on how the list was organized, that may mean they belong to the earliest six million accounts created during the site's 14 years in operation. Passwords from the last million entries—which might have been created in the last few years—could be stronger. Read 14 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
As news and confirmations piled up regarding the murder of two journalists at Virginia TV station WDBJ7, the story took a dark turn on social media when accounts in the name of another WDBJ7 staffer posted what appeared to be first-hand video of the fatal shooting. Twitter and Facebook responded with suspensions of the offending accounts under the name Bryce Williams, but not before the accounts, which each appeared to have been created on August 18 with nothing more than innocuous cat videos at the time, had their video posts shared widely—and in Twitter's case, with the gruesome video of the murder of reporter Alison Parker and photographer Adam Ward auto-playing in silence for anybody who scrolled through it. While the Facebook account in question contained little more than the horrific video—captured here the moment Facebook acted to suspend it—the Twitter account contained more confessional posts, which can be seen in the screencap at the top of this article. Read 2 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
When computer scientist Jonathan Mayer was in Washington Dulles International Airport last week, he logged onto an AT&T Wi-Fi hotspot and soon noticed that websites were showing a lot more ads than usual. The website of Stanford University, where Mayer conducts security and privacy research, was showing ads for a jewelry store and AT&T. "Last I checked, Stanford doesn’t hawk fashion accessories or telecom service. And it definitely doesn’t run obnoxious ads that compel you to wait," Mayer wrote in a blog post yesterday. Ad-supported news sites like The Wall Street Journal had extra ads on top of them. Federal government websites were showing ads for both AT&T and other businesses. Read 9 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
The free upgrade from Windows 7 and 8 to Windows 10 is doing wonders: In just under a month of general availability, Windows 10 is now running on 75 million devices. Unsurprisingly, Windows 10 appears to be doing better than Windows 8: Back in 2012, only 40 million Windows 8 licences had been sold in the first month. After six months, Windows 8 had risen to 100 million licences sold—and "sold" is likely to be a very different figure from how many devices were actually running Windows 8. So, 75 million devices running Windows 10 after a month is pretty darn good. The 75 million figure comes directly from Yusuf Mehdi, a marketing chief at Microsoft. Mehdi also shared a few other semi-interesting Windows 10 tidbits: 90,000 different PC and tablet models have upgraded to Windows 10; Windows 10 has a presence in 192 countries (I wonder which one of the 193 UN member states is missing?); the Windows 10 Store has seen six times more downloads per device than Windows 8; and, most importantly, Cortana has told over half a million jokes. Read 1 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
Bethesda Softworks is mining its library of good, old games and offering many of them up without any digital protections on GOG starting today. Eleven titles from the venerable Doom, Quake, Fallout, and Elder Scrolls series are now available on the service, and are being offered at discounts if you buy them in bundles before September 2. Here are the details. The Elder Scrolls Bundle: 33% off if purchased together Read 5 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
The fear your car will run out of battery before you get where you're going—also known as range anxiety—is still the electric vehicle's biggest PR problem. It's a little odd when you think about it, since most of us travel under 30 miles a day. Still, people worry about not being able to just grab their keys and drive from coast to coast without lengthy visits to a plug socket along the way. Bjørn Nyland suffers no such fear. Nyland is a Norwegian-based computer programmer and Tesla evangelist, and he just hypermiled a Tesla Model S more than 400 miles to prove it. Nyland is already well-known in the Teslaverse, having won a Tesla Model X SUV for referring another 10 buyers to the EV manufacturer, quite some feat, even in EV-mad Norway: @BjornNyland Provided all ten take delivery, you have indeed! — Elon Musk (@elonmusk) August 8, 2015 Nyland's journey took him from Oslo, Norway, to Rødekro, Denmark, a distance of 452.8 miles (728.7km). That's more than double the commonly assumed Model S range (200 miles/321km) and also nearly 30 miles (47km) better than the previous record for long distance Tesla driving, held by David Metcalfe of Florida. Whether everyone is capable of getting that kind of range is another question. According to Teslarati, Nyland's trip took 18 hours—10 hours longer than Google Maps suggests—and he drove at an average of 25mph (40km/h). Now that's some committed hypermiling. Read on Ars Technica | Comments

Read More...
posted 3 days ago on ars technica
Peter Jackson's The Hobbit trilogy ended last December with Battle of the Five Armies, closing the metaphorical book on movies that aped, but couldn't recapture the spirit of The Lord of the Rings movies from a decade earlier. According to Variety, though, the movies will be back in theaters for a brief stint in October. The special extended versions of An Unexpected Journey, The Desolation of Smaug, and Five Armies will play in 500 theaters on October 5th, 7th, and 13th, respectively. These movies aren't without their highlights—Martin Freeman is excellent as Bilbo and Benedict Cumberbatch is a legitimately terrifying Smaug—but they're sandwiched in between hours of overwrought, slow-motion battle sequences, gratuitous cameos, and extraneous material pulled from elsewhere in J.R.R. Tolkien's writings. They were also tonally inconsistent, something that comes from adapting a relatively short, light story for older children into a three-film epic. If there was one thing these movies didn't need to be, it was longer. As Variety notes, the October 13th showing of Five Armies will be viewers' first opportunity to see the extended edition of the film; the extended versions of the other two are already available as digital downloads as well as on DVD and Blu-ray. Read on Ars Technica | Comments

Read More...
posted 3 days ago on ars technica
Verizon has just announced that its telematics device, now called Hum, is ready for the road. Hum was originally called Verizon Vehicle and was announced back in January. It consists of two devices: an OBD2 reader and a speaker that you clip onto your sun visor. The OBD2 reader pulls diagnostic information from the vehicle's Controller Area Network, and the speaker contains a wireless modem to send that data to the cloud, as well as enabling OnStar-like functions where you can talk to concierge mechanics and emergency services. In some ways this feels like a brave move by Verizon. Awareness of what Internet-connected OBD2 devices can do has probably never been higher, but for all the wrong reasons. What's more, the aftermarket connected car market is starting to look crowded. There's an entire alphabet out there, from Automatic to Zubie, all building connected OBD2 devices and APIs for third-party app developers. Read 1 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
The existence of "beer goggles"—the tendency to find fellow drinkers growing more attractive as you drink more—is in dispute. A study conducted in a naturalistic setting (that is, a pub), found that increased alcohol consumption did not boost attractiveness ratings. The existence of beer goggles has been studied in both lab and naturalistic settings before, but always with some limitations. In lab settings, well, people are in a lab. You can’t be sure that people’s behaviour when they’re being observed by people in white coats will match up with what they’d do in the real world. That said, lab studies have the advantage of being able to control more factors. They can do a reasonable job of hiding the point of the experiment from the subjects, and they can control how much alcohol everyone drinks, measured out by body weight. A few of these studies have found a beer goggle effect for heterosexual participants rating opposite-sex faces, but they also rated same-sex faces and landscapes more highly, suggesting that they were just generally more pleased with the world after some scientifically sanctioned drinking. Read 11 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
GitHub, the software project and collaboration site, suffered another distributed denial of service attack on Tuesday morning, making the site unavailable to many users for several hours. But unlike the relentless DDoS attack the site suffered in March—an attack directed by code linked to China's "Great Firewall"—GitHub's team was able to fight back and shrug off the attack in a matter of hours instead of days. GitHub's status page statistics show the spike in abnormal traffic on Tuesday morning. The site was likely targeted, as in March, because of software projects hosted on the site that have allowed Chinese Internet users to bypass the Great Firewall's packet filtering and inspection tools, keeping their traffic hidden from surveillance. This round of DDoS attacks comes as a number of Chinese software developers who used the site to share software capable of bypassing their country's national Internet filters apparently were forced to pull their projects from GitHub. In one case the move was reportedly mandated by law enforcement in China. That project was Shadowsocks, a secure SOCKS5 proxy plug-in protocol for Internet users and one of the most popular Great Firewall circumvention tools in China. The developer, who posted under the username clowwindy, reported on GitHub on August 22, "Two days ago the police came to me and wanted me to stop working on this. Today they asked me to delete all the code from GitHub. I have no choice but to obey. I hope one day I'll live in a country where I have freedom to write any code I like without fearing." He later deleted that comment, leaving only a statement, "I believe you guys will make great stuff with Network Extensions." However, the code for Shadowsocks has been mirrored elsewhere on GitHub. Read 1 remaining paragraphs | Comments

Read More...
posted 3 days ago on ars technica
While wind may be one of the most economical power sources out there, photovoltaic solar energy has a big advantage: it can go small. While wind gets cheaper as turbines grow larger, the PV hardware scales down to fit wherever we have infrastructure. In fact, simply throwing solar on our existing building stock could generate a very large amount of carbon-free electricity. But that also highlights solar's weakness: we have to install it after the infrastructure is in place, and that installation adds considerably to its cost. Now, some researchers have come up with some hardware that could allow photovoltaics to be incorporated into a basic building component: windows. The solar windows would filter out a small chunk of the solar spectrum and convert roughly a third of it to electricity. As you're probably aware, photovoltaic hardware has to absorb light in order to work, and a typical silicon panel appears black. So, to put any of that hardware (and its supporting wiring) into a window that doesn't block the view is rather challenging. One option is to use materials that only capture a part of the solar spectrum, but these tend to leave the light that enters the building with a distinctive tint. Read 7 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
OAKLAND, Calif.—Weeks after Ars published a feature on the scope of license plate reader use, the Oakland Police Department unilaterally and quietly decided to impose a data retention limit of six months. Prior to April 2015, there had been no formal limit, which meant that the police was keeping data going as far back as December 2010. That puts the OPD in line with other jurisdictions, including the Drug Enforcement Administration, which decided in 2012 that it would reduce its license plate reader (LPR, or ALPR) retention period from two years to six months. The Silicon Valley city of Menlo Park only retains for 30 days, by comparison. Read 28 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
The buffer overflow has long been a feature of the computer security landscape. In fact the first self-propagating Internet worm—1988's Morris Worm—used a buffer overflow in the Unix finger daemon to spread from machine to machine. Twenty-seven years later, buffer overflows remain a source of problems. Windows infamously revamped its security focus after two buffer overflow-driven exploits in the early 2000s. And just this May, a buffer overflow found in a Linux driver left (potentially) millions of home and small office routers vulnerable to attack. At its core, the buffer overflow is an astonishingly simple bug that results from a common practice. Computer programs frequently operate on chunks of data that are read from a file, from the network, or even from the keyboard. Programs allocate finite-sized blocks of memory—buffers—to store this data as they work on it. A buffer overflow happens when more data is written to or read from a buffer than the buffer can hold. On the face of it, this sounds like a pretty foolish error. After all, the program knows how big the buffer is, so it should be simple to make sure that the program never tries to cram more into the buffer than it knows will fit. You'd be right to think that. Yet buffer overflows continue to happen, and the results are frequently a security catastrophe. Read 96 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
A San Francisco food-tech startup has received a warning letter from the Food and Drug Administration (FDA), saying that the company’s eggless mayonnaise cannot be called "Just Mayo." Hampton Creek Foods, which was founded in 2011, aims to use various plants instead of animal products as substitutes in common foods—such as replacing eggs in pre-packaged cookie dough or mayonnaise. The company’s products, including "Just Mayo," are commonly sold at Whole Foods, Safeway, and other major supermarkets. Read 5 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
The Supreme Court in Taiwan has upheld a ruling that a former employee of Taiwan Semiconductor Manufacturing Company (TSMC) leaked secrets about the company's 28nm process technology to Samsung, according to EETimes. Liang Mong-song, a former senior director of R&D at TSMC's Advanced Modules Technology Division, worked for the company for 17 years before resigning to “spend time with his parents” and teach, according to CommonWealth Magazine, which suggested that Liang's resignation stemmed from his dissatisfaction with TSMC after he was passed up for a promotion. When he resigned, Liang signed a non-compete agreement that would have forced him to forfeit half of the stock he received as a bonus from TSMC if he found employment with a competitor within two years of his resignation. TSMC later discovered that Liang was teaching at Sungkyunkwan University, a private research university which has ties with Samsung. But after reassurances from Liang that nothing untoward was happening, TSMC paid out Liang's bonus after two years. In 2011, once that payout was complete, Liang became Samsung's System LSI division chief technology officer. Read 2 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
One year and one day after Google lost Twitch.tv to Amazon, YouTube Gaming is going public. Starting tomorrow, users can head down to http://gaming.youtube.com (or download the app) to check out the new interface, see who's streaming, or start a stream themselves. We went hands-on with a pre-release version of YouTube shortly after the June announcement, and very soon the site will be ready for public consumption. YouTube calls YouTube Gaming the "go-to destination for anything and everything gaming." It not only shows who is live streaming, but serves as a collection point for all gaming content on YouTube. YouTube Gaming automatically categorizes YouTube's gaming content and sorts it by game and by the content of video. This allows users to easily see the most popular content for their favorite game. A beta version of the new live streaming dashboard is also launching tomorrow. The new dashboard makes streaming less of a scheduled event and more of a casual thing that streamers can do whenever they want. Streaming on YouTube Gaming is done on HTML5, and, unlike Twitch, streamers can enable a "DVR Mode" that buffers the last four hours of a stream and allows viewers to rewind. Read 2 remaining paragraphs | Comments

Read More...
posted 4 days ago on ars technica
There are many things you can copyright, but a chicken sandwich is not one of them, a US appeals court judge ruled Friday. Because of the ruling, a former employee of a fried chicken franchise is not entitled to a percentage of the profits from a sandwich he "authored," wrote Chief Judge Jeffrey Howard of the US Court of Appeals for the First Circuit. The plaintiff, Norberto Colón Lorenzana, had filed a complaint seeking "All the earnings produced by his creation"—an amount not less than $10 million. "The sandwich consists of a fried chicken breast patty, lettuce, tomato, American cheese, and garlic mayonnaise on a bun," the judge wrote. Colón had claimed that both the recipe and the name of the so-called Pechu Sandwich "is a creative work, of which he is the author," the judge noted. Read 6 remaining paragraphs | Comments

Read More...