posted 5 days ago on ars technica
Verizon has just announced that its telematics device, now called Hum, is ready for the road. Hum was originally called Verizon Vehicle and was announced back in January. It consists of two devices: an OBD2 reader and a speaker that you clip onto your sun visor. The OBD2 reader pulls diagnostic information from the vehicle's Controller Area Network, and the speaker contains a wireless modem to send that data to the cloud, as well as enabling OnStar-like functions where you can talk to concierge mechanics and emergency services. In some ways this feels like a brave move by Verizon. Awareness of what Internet-connected OBD2 devices can do has probably never been higher, but for all the wrong reasons. What's more, the aftermarket connected car market is starting to look crowded. There's an entire alphabet out there, from Automatic to Zubie, all building connected OBD2 devices and APIs for third-party app developers. Read 1 remaining paragraphs | Comments

Read More...
posted 5 days ago on ars technica
The existence of "beer goggles"—the tendency to find fellow drinkers growing more attractive as you drink more—is in dispute. A study conducted in a naturalistic setting (that is, a pub), found that increased alcohol consumption did not boost attractiveness ratings. The existence of beer goggles has been studied in both lab and naturalistic settings before, but always with some limitations. In lab settings, well, people are in a lab. You can’t be sure that people’s behaviour when they’re being observed by people in white coats will match up with what they’d do in the real world. That said, lab studies have the advantage of being able to control more factors. They can do a reasonable job of hiding the point of the experiment from the subjects, and they can control how much alcohol everyone drinks, measured out by body weight. A few of these studies have found a beer goggle effect for heterosexual participants rating opposite-sex faces, but they also rated same-sex faces and landscapes more highly, suggesting that they were just generally more pleased with the world after some scientifically sanctioned drinking. Read 11 remaining paragraphs | Comments

Read More...
posted 5 days ago on ars technica
GitHub, the software project and collaboration site, suffered another distributed denial of service attack on Tuesday morning, making the site unavailable to many users for several hours. But unlike the relentless DDoS attack the site suffered in March—an attack directed by code linked to China's "Great Firewall"—GitHub's team was able to fight back and shrug off the attack in a matter of hours instead of days. GitHub's status page statistics show the spike in abnormal traffic on Tuesday morning. The site was likely targeted, as in March, because of software projects hosted on the site that have allowed Chinese Internet users to bypass the Great Firewall's packet filtering and inspection tools, keeping their traffic hidden from surveillance. This round of DDoS attacks comes as a number of Chinese software developers who used the site to share software capable of bypassing their country's national Internet filters apparently were forced to pull their projects from GitHub. In one case the move was reportedly mandated by law enforcement in China. That project was Shadowsocks, a secure SOCKS5 proxy plug-in protocol for Internet users and one of the most popular Great Firewall circumvention tools in China. The developer, who posted under the username clowwindy, reported on GitHub on August 22, "Two days ago the police came to me and wanted me to stop working on this. Today they asked me to delete all the code from GitHub. I have no choice but to obey. I hope one day I'll live in a country where I have freedom to write any code I like without fearing." He later deleted that comment, leaving only a statement, "I believe you guys will make great stuff with Network Extensions." However, the code for Shadowsocks has been mirrored elsewhere on GitHub. Read 1 remaining paragraphs | Comments

Read More...
posted 5 days ago on ars technica
While wind may be one of the most economical power sources out there, photovoltaic solar energy has a big advantage: it can go small. While wind gets cheaper as turbines grow larger, the PV hardware scales down to fit wherever we have infrastructure. In fact, simply throwing solar on our existing building stock could generate a very large amount of carbon-free electricity. But that also highlights solar's weakness: we have to install it after the infrastructure is in place, and that installation adds considerably to its cost. Now, some researchers have come up with some hardware that could allow photovoltaics to be incorporated into a basic building component: windows. The solar windows would filter out a small chunk of the solar spectrum and convert roughly a third of it to electricity. As you're probably aware, photovoltaic hardware has to absorb light in order to work, and a typical silicon panel appears black. So, to put any of that hardware (and its supporting wiring) into a window that doesn't block the view is rather challenging. One option is to use materials that only capture a part of the solar spectrum, but these tend to leave the light that enters the building with a distinctive tint. Read 7 remaining paragraphs | Comments

Read More...
posted 5 days ago on ars technica
OAKLAND, Calif.—Weeks after Ars published a feature on the scope of license plate reader use, the Oakland Police Department unilaterally and quietly decided to impose a data retention limit of six months. Prior to April 2015, there had been no formal limit, which meant that the police was keeping data going as far back as December 2010. That puts the OPD in line with other jurisdictions, including the Drug Enforcement Administration, which decided in 2012 that it would reduce its license plate reader (LPR, or ALPR) retention period from two years to six months. The Silicon Valley city of Menlo Park only retains for 30 days, by comparison. Read 28 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
The buffer overflow has long been a feature of the computer security landscape. In fact the first self-propagating Internet worm—1988's Morris Worm—used a buffer overflow in the Unix finger daemon to spread from machine to machine. Twenty-seven years later, buffer overflows remain a source of problems. Windows infamously revamped its security focus after two buffer overflow-driven exploits in the early 2000s. And just this May, a buffer overflow found in a Linux driver left (potentially) millions of home and small office routers vulnerable to attack. At its core, the buffer overflow is an astonishingly simple bug that results from a common practice. Computer programs frequently operate on chunks of data that are read from a file, from the network, or even from the keyboard. Programs allocate finite-sized blocks of memory—buffers—to store this data as they work on it. A buffer overflow happens when more data is written to or read from a buffer than the buffer can hold. On the face of it, this sounds like a pretty foolish error. After all, the program knows how big the buffer is, so it should be simple to make sure that the program never tries to cram more into the buffer than it knows will fit. You'd be right to think that. Yet buffer overflows continue to happen, and the results are frequently a security catastrophe. Read 96 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
A San Francisco food-tech startup has received a warning letter from the Food and Drug Administration (FDA), saying that the company’s eggless mayonnaise cannot be called "Just Mayo." Hampton Creek Foods, which was founded in 2011, aims to use various plants instead of animal products as substitutes in common foods—such as replacing eggs in pre-packaged cookie dough or mayonnaise. The company’s products, including "Just Mayo," are commonly sold at Whole Foods, Safeway, and other major supermarkets. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
The Supreme Court in Taiwan has upheld a ruling that a former employee of Taiwan Semiconductor Manufacturing Company (TSMC) leaked secrets about the company's 28nm process technology to Samsung, according to EETimes. Liang Mong-song, a former senior director of R&D at TSMC's Advanced Modules Technology Division, worked for the company for 17 years before resigning to “spend time with his parents” and teach, according to CommonWealth Magazine, which suggested that Liang's resignation stemmed from his dissatisfaction with TSMC after he was passed up for a promotion. When he resigned, Liang signed a non-compete agreement that would have forced him to forfeit half of the stock he received as a bonus from TSMC if he found employment with a competitor within two years of his resignation. TSMC later discovered that Liang was teaching at Sungkyunkwan University, a private research university which has ties with Samsung. But after reassurances from Liang that nothing untoward was happening, TSMC paid out Liang's bonus after two years. In 2011, once that payout was complete, Liang became Samsung's System LSI division chief technology officer. Read 2 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
One year and one day after Google lost Twitch.tv to Amazon, YouTube Gaming is going public. Starting tomorrow, users can head down to http://gaming.youtube.com (or download the app) to check out the new interface, see who's streaming, or start a stream themselves. We went hands-on with a pre-release version of YouTube shortly after the June announcement, and very soon the site will be ready for public consumption. YouTube calls YouTube Gaming the "go-to destination for anything and everything gaming." It not only shows who is live streaming, but serves as a collection point for all gaming content on YouTube. YouTube Gaming automatically categorizes YouTube's gaming content and sorts it by game and by the content of video. This allows users to easily see the most popular content for their favorite game. A beta version of the new live streaming dashboard is also launching tomorrow. The new dashboard makes streaming less of a scheduled event and more of a casual thing that streamers can do whenever they want. Streaming on YouTube Gaming is done on HTML5, and, unlike Twitch, streamers can enable a "DVR Mode" that buffers the last four hours of a stream and allows viewers to rewind. Read 2 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
There are many things you can copyright, but a chicken sandwich is not one of them, a US appeals court judge ruled Friday. Because of the ruling, a former employee of a fried chicken franchise is not entitled to a percentage of the profits from a sandwich he "authored," wrote Chief Judge Jeffrey Howard of the US Court of Appeals for the First Circuit. The plaintiff, Norberto Colón Lorenzana, had filed a complaint seeking "All the earnings produced by his creation"—an amount not less than $10 million. "The sandwich consists of a fried chicken breast patty, lettuce, tomato, American cheese, and garlic mayonnaise on a bun," the judge wrote. Colón had claimed that both the recipe and the name of the so-called Pechu Sandwich "is a creative work, of which he is the author," the judge noted. Read 6 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Greetings, Arsians! Courtesy of our partners at TechBargains, the dealmaster is here with a big list of deals for your consideration. The top item today is a RAVPower Car Jump Starter with a 12,000mAh power bank. If you have car battery problems, this little box will jump start your car and hopefully juice things up enough to get you back home. Normally the car jump starter is $99.99, but today it can be yours for just $57.99. Featured RAVPower Car Jump Starter & Power Bank 12,000mAh (500A Peak) for $57.99 (use code I8LPW8LD - list price $99.99). Read 7 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
He may not receive a pardon any time soon, but NSA whistleblower Edward Snowden now has a namesake in the animal kingdom. This week, an Indonesian crayfish species has been named after the man who helped inform the public about mass US government surveillance. German researcher Christian Lukhaup and other scientists wrote Monday in the journal ZooKeys that Snowden was "honored due to his extraordinary achievements in defense of justice and freedom." They said that the crayfish, Cherax Snowden, is often exported from the Indonesian region of West Papua to Europe and the United States. They wrote that the species, which they said had been misidentified, "is collected and exported for ornamental purposes and its commercial name in the pet trade is 'orange tip' or 'green orange tip.'" (See an image via The Washington Post.) Read 1 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
A leaked image from a Microsoft intranet site has disclosed that Office 2016 for Windows will be released on September 22. Office 2016 for Mac is already available to Office 365 subscribers. When that was launched in July, Microsoft said that regular retail copies would be released in September. While we're not certain, it seems likely that September 22 will be the release date for that, too. Office 2016 is an incremental update. It makes styling between Windows, OS X, and the mobile apps a little more consistent—by default each app gets a boldly colored title bar that reflects the icon color, just like the mobile apps—and includes improved collaborative editing, rights management, and data analysis capabilities. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
In the immediate aftermath of Hurricane Katrina back in 2005, five former New Orleans police officers were sentenced to six to 65 years in prison in connection to on-the-job deadly shootings of unarmed civilians. But recently, these five officers had their convictions set aside by a federal appeals court. Why? Federal prosecutors' anonymous online comments posted underneath local news accounts of the officers' ongoing 2011 trial "contributed to the mob mentality potentially inherent in instantaneous, unbridled, passionate online discourse," the court said. In light of that, the appellate court found a fair trial wasn't possible. The New Orleans-based 5th US Circuit Court of Appeals ruled last week (PDF) that the prosecutors' behavior, unearthed by the same forensic expert who helped identify the Unabomber, created an "air of bullying" that federal prosecutors were "sworn to respect." "Just as a mob protesting outside the courthouse has the potential to intimidate parties and witnesses, so do streams of adverse online comments," the court ruled 2-1. "The online anonymous postings, whether the product of lone wolf commenters or an informal propaganda campaign, gave the prosecution a tool for public castigation of the defendants that it could not have used against them otherwise, and in so doing deprived them of a fair trial." Read 6 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
One of the most famous messages in all computing was posted exactly 24 years ago today, on 25 August, 1991: Hello everybody out there using minix - I'm doing a (free) operating system (just a hobby, won't be big and professional like gnu) for 386(486) AT clones. This has been brewing since april, and is starting to get ready. Linus Torvalds in 2005 Many people have read that post by Linus Torvalds in the comp.os.minix newsgroup on Usenet, or at least heard about it. Many more are aware of how that (free) operating system ended up taking over vast swathes of the computing world, and becoming both "big" and "professional." But what about before that famous moment? What were the key events that led to Linus creating that first public release of Linux? To find out, in December 1996, I went to Finland to interview Linus in his flat in Helsinki. I used some of his replies in a feature that appeared in Wired magazine in August 1997; more of them appeared in my book, Rebel Code: Inside Linux and the open source revolution, published in 2001. What follows is a more detailed explanation of how Linux came into being, as told in Linus' own words. Read 10 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
When it emerged that UK-based Camel Audio—a highly respected developer of professional audio plugins—was acquired by Apple earlier this year, many wondered what the fate of its flagship Alchemy synthesizer would be. Early signs of Alchemy's influence appeared in the mainstream music production app GarageBand, leading to fears that perhaps one of the most highly regarded software synths of all time was being chopped up for use across a wide range of apps across Apple. Fortunately for the music making elite, not only is the full-fat version of the Alchemy synthesizer back, it's been given a significant overhaul compared the last 1.5 release by Camel Audio. This includes not only improved audio morphing features and synthesis engines, but also an improved UI. The new UI promises to make browsing sounds and patches, and creating new ones, easier than before, while still offering the depth of sound design that Alchemy was renowned for. Even better is that Alchemy has been integrated into Apple's Logic Pro Digital Audio Workstation (DAW) software, and comes with the free 10.2 update to all existing users. While that may be disappointing news to those hoping for a standalone version to use with their DAW of choice, at least Logic is good value. At £149 ($199), it actually sells for less than the $249 Alchemy did on its own, so you could feasibly pick it up just for Alchemy and then bounce down those tracks for use in other DAWs, or route things through MainStage. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
The California drought may have put water in short supply, but debate about it is in surplus. Water use has come under even greater scrutiny as Californians struggle to deal with the current and future reality. Groundwater overuse during the drought has reached epic proportions, with the land surface in some locations sinking almost two inches per month as a result. In addition to arguing over how to use the little water they have, people are also debating the question of whether humans are partly to blame not just for water supply issues, but for the drought itself. Late last year, a NOAA report concluded that climate change wasn’t required to explain the lack of rainfall, while a separate tree ring study found that the drought looked to be the most severe in 1,200 years. The rains have been fended off by a persistent pattern of high air pressure above the northeastern Pacific that seems to have been a product of ocean surface temperature patterns farther west. But rainfall isn’t the only factor that contributes to drought. The heat of the day sucks moisture out of the soil, helped along by blowing winds. Boost either of those factors, and you’ll need more rainfall to keep the drought account from going in the red. Since the globe is warmer now than it was a century ago and California is part of that globe, it’s fair to guess that climate change isn’t helping. Read 10 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Over the weekend, news started trickling out about a recently published game console patent filed by Nintendo back in February. That's not that surprising—we've known for a while that the company is working on a new console project codenamed "NX." What's more surprising is that the "example system" described in the patent explicitly "is not provided with an optical disk drive for reading out a program and/or data from an optical disk." Companies patent things that don't come to the market all the time, of course, and there's no specific indication this patent will even form the basis of Nintendo's NX. Still, the very existence of a patented console design without an optical disc drive got us thinking: is the console market finally ready to graduate from the CDs, DVDs, and Blu-ray discs that have been the cornerstone of console game distribution for decades now? Do game consoles still need physical media at all? A connected world In the US, at least, quickly increasing broadband adoption has made this a question worth considering. By the end of 2013, 70 percent of all US adults had a broadband connection in the home. That number shot up to 81 percent when you look at the 18- to 29-year-olds that provide the core market for most AAA games (and 77 percent among 30- to 49-year-olds), numbers that are likely even higher two years on. Read 7 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
AT&T has won a $252,000 judgment from the remnants of sham telecoms that were created in order to bill legitimate phone companies for services they didn't provide. The companies billed AT&T $13 million, but AT&T figured out the scam after paying only a fraction of that. The defendants, All American Telephone Co., e-Pinnacle Communications, Inc., and ChaseCom, operated out of Utah and Nevada and had all shut down by 2010. The Federal Communications Commission granted AT&T’s complaint against the companies in March 2013 and last week ordered the defendants to pay back the $252,496.37 they got from AT&T. The FCC dismissed AT&T's request for interest and "consequential damages," saying the company can pursue those in court. Read 7 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Based on anonymized data collected from users of an app designed to check for a newly revealed vulnerability in many Android devices, Check Point has discovered that at least one application currently in the Google Play store is exploiting the vulnerability to gain root access to the Android OS—and bypassing Google’s security scans of Play applications to do so. While the app was discovered installed on an infinitesimal percentage of devices checked by Check Point, it shows that the vulnerability caused by insecure OEM and cell carrier software meant to provide remote access to devices for customer service engineers has already been exploited by “legitimate” phone applications—and the method used to bypass Google’s security checks could be used for more malicious purposes on millions of devices. And there’s no easy way for Google or phone manufacturers alone to patch the problem. At the Black Hat security conference in Las Vegas earlier this month, Check Point’s Ohad Bobrov and Avi Bashan presented research into an Android vulnerability introduced by software installed by phone manufacturers and cellular carriers that could affect millions of devices. Labeled by Bobrov and Bashan as “Certifi-Gate," the vulnerability is caused by insecure versions of remote administration tools installed by the manufacturers and carriers to provide remote customer service—including versions of TeamViewer, CommuniTake Remote Care, and MobileSupport by Rsupport. These carry certificates that give them complete access to the Android operating system and device hardware. The applications are commonly pre-installed on Samsung, LG, and HTC handsets. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Neil Young's oddly shaped MP3 player has apparently found a small niche, regardless of whether listeners can actually hear the difference between its 24-bit, 192kHz songs and music streamed or downloaded from the likes of Apple or Spotify. In a Facebook post last week, Young indicated that "tens of thousands of players and hundreds of thousands of tracks" had been sold and that the players manufactured and sold so far had a three percent failure rate so far. That said, the company is still running into trouble stemming from its lack of resources, suggesting that the company has spent the bulk of its $6.2 million Kickstarter haul from last year. Young wants the company to expand into Canada, Great Britain, and Germany, among other countries, but it doesn't currently have the funding. The company also continues its hunt for a "proven business leader" to serve as CEO, a role Young stepped into when former CEO John Hamm (not to be confused with actor Jon Hamm) left in July of 2014. The rest of Young's lengthy post emphasizes that this is a "delicate time" for the company, but that he wants to continue providing high-quality players, music, speakers, headphones, and other "breakthrough products built to bring music to its rightful place in the twenty-first century." Read 1 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Since Harmonix first announced it was bringing the Rock Band franchise to a new generation of consoles, there have been persistent questions about how the new games would support guitar and drum controllers designed for older systems. The answer to those questions comes with a price for Xbox gamers who will have to pay $20 extra if they want to use their old Xbox 360 instruments on the Xbox One. The extra cost is to cover the inclusion of a "Legacy Game Controller Adapter," which preorder listings show coming packaged with the standalone Xbox One version of the game for $80. The $60 PlayStation 4 edition has no such adapter, since the previous PlayStation 3 instruments already required a USB dongle to support wireless play (that dongle will still be required to use old instruments on the PS4, but new PS4-specific instruments will sync directly via bluetooth). While the price difference is a bit galling for players in Microsoft's ecosystem, it's still a much better deal than shelling out $250 for the "Band-in-a-Box" package, which includes new drum, guitar, and microphone controllers, or $120 for a package that includes a new wireless guitar controller (those prices are the same for the PS4 version as well). Activision's upcoming Guitar Hero Live won't work with old guitar controllers at all, requiring users to pay $100 for the game and a new controller with a six-button, two-row configuration. Read 3 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
To analyze the security risks of biological research, policy makers would need to know two things: the likelihood that bioweapons will threaten national security, and the likelihood that legitimate research could be misused to make bioweapons. Both of these judgments are challenging to make. Since there have been few verified historical examples of bioterrorism or biowarfare, it’s hard to know how to quantify these risks. So lawmakers often rely on expert opinions. However, these expert opinions often differ widely, as evidenced by a paper published recently in Science. The authors of this paper invited individuals with responsibility for setting public policy regarding bioweapons to provide their opinions regarding the risks. Included among the participants were past and present US government officials, academics, private sector individuals, and people in industry. They had backgrounds in the biological sciences, medicine, public health, national security, and international affairs. In general, these were people who should know about the topic. Read 6 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
A new study published in the American Journal of Public Health concludes that high rates of gun ownership triple the likelihood that law enforcement officers in the US will be killed on the job. These findings run counter to other ideas regarding high police fatality rates, including the expectation that police are more likely to be murdered simply because they are more likely to encounter violent criminals. Law enforcement officers have three times the national average risk of being murdered on the job. This high occupational homicide risk exists despite officers’ training in dealing with violent criminals and protective equipment, as well as the fact that they carry their own firearms. Nearly all of these homicides are committed with firearms, and a previous study showed that only 10 percent of these deaths were caused by officers’ own guns. These researchers probed the relationship between the prevalence of gun ownership and police deaths on the job. Using data from an FBI database of law enforcement officials’ deaths, they calculated police homicide rates by state. For gun ownership data, the researchers obtained the mean household firearm ownership per state using an annual nationwide survey known as the Behavioral Risk Factor Surveillance System. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Venturi, a Monegasque electric vehicle (EV) company, and The Ohio State University have just set a new FIA land speed record for EVs on the salt flats of Bonneville, Utah. Driven by Roger Schroer, the Venturi VBB-3 covered a measured mile at an average speed of 240.32mph (386.758km/h). However, the record was achieved in spite of the terrible condition of the salt flats, which have been badly affected by storms in recent weeks. Venturi had to settle for a lesser record attempt than originally planned. The VBB-3 has been designed to break 400mph (643.7km/h), but the rain-soaked salt flats were not amenable to this plan. It proved impossible to prepare a 12-mile (19.3km) track on the salt for the record attempt; instead the team had to settle for a partially wet and very bumpy 10 miles (16km) instead. "In eleven years here I have never driven on such a difficult track," said Schroer. "The car was sliding on the surface from one side to the other due to soft spots and bumps." Heavy rainfall in July inundated the salt flats, leading the organizers of Bonneville SpeedWeek to cancel the annual race meeting for the third year in a row. When given sufficient time to dry, the salt can be groomed to prepare a smooth track for flat-out running, but add water and the result is a bumpy, slushy mess that can wreak havoc on the cars. Ars has been following Venturi's record attempt via Twitter, and the team had reported that the broken surface was causing problems: Read 3 remaining paragraphs | Comments

Read More...