posted 5 days ago on ars technica
Aquarium, Battery Park, New York City [Postcard], ca. 1931. This is just one of the many resources you can find online through the DPLA website or through apps using its API. New York Aquarium Postcards collection of the Wildlife Conservation Society Archives. Via Empire State Digital Network. Today marks the Digital Public Library of America's one-year anniversary. To celebrate the occasion, the non-profit library network announced six new partnerships with major archives, including the US Government Printing Office and the J. Paul Getty Trust. The DPLA is best described as a platform that connects the online archives of many libraries around the nation into a single network. You can search all of these archives through the digital library's website, and developers can build apps around the DPLA's metadata collection using the publicly available API. It's easy to find historical documents, public domain works, and vintage photos online through a search on the DPLA's website, although sometimes a library will merely offer the data about an item, and retain the actual resource at the library. Still, having that data accessible through a single public portal is more useful for a researcher than having to search for it library by library. Read 7 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Over a week after the revelation of a fatal flaw in the most recent versions of the OpenSSL cryptographic library—the encryption at the heart of much of the Internet’s security—a large number of systems associated with the Tor anonymizing network remain unpatched and vulnerable to attack. To protect the security of the network, the Tor Project flagged relay servers still susceptible to the Heartbleed bug for rejection, meaning they would not be allowed to pass traffic to the core of the network. The Heartbleed bug, which allows attackers to retrieve bits of memory from the encryption engine, still affects about 10 percent of the relays and gateways that allow users to connect to the network, which could expose the encryption keys and even the IP addresses of users. In a blog post on April 7, the Tor Project alerted users of the bug, which affected the Tor client, relay, and bridge software; Tor’s “Hidden Service” darknet Web services; and even its internal directory servers. The Orbot client for Android was also vulnerable. The Tor Project team has been moving to provide patches for all of the components, and most of the core network was quickly secured. Read 2 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Ken Lund / flickr A federal judge issued an order today decreeing that Google's court battle against a "patent troll" owned by its competitors must be fought out in California, not in Texas. The ruling is a substantial victory for Google because venue matters a great deal in patent litigation. The search giant was facing the possibility of fighting a powerful trolling entity in the Eastern District of Texas, considered a district friendly to patent holders. The patent-holding company in this case is the Rockstar Consortium, which was formed when Apple, Microsoft, Sony, Ericsson, and Blackberry teamed up to spend $4.5 billion to buy the patents belonging to Nortel, a bankrupt Canadian telecom company. Rockstar sued Google and seven companies that make Android smartphones on Halloween last year. Google soon retaliated with a counter-suit, arguing that the dispute should take place in California, not Texas. Read 6 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Don't mock the Mayor Jim Ardis of Peoria as you just might be jailed and fined. Peoriagov.org Illinois police seized computers and mobile phones while raiding a house whose owner was suspected of parodying the town mayor on Twitter. In all, five people following the Tuesday evening raid were taken to the Peoria Police Department station for questioning, local media report. "They just asked me about the Twitter account, if I knew anything about it,” Michelle Pratt, 27, told the Journal Star. Read 6 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Cyrus Farivar Star Trek may be the series that bred fandom as we know it, but even among the Trekkies, Huston Huddleston is standing out: he's about to unveil the chair from where no one has gone before. Sort of. Huddleston is a working screenwriter who, back in 2011, started on a journey to restore the signature modern Star Trek set piece—the entire bridge of the NCC-1701-D. The bridge was home to Capt. Jean-Luc Picard and his crew on The Next Generation, but it was actually destroyed during the filming of Star Trek: Generations, where the Enterprise crash-lands onto the surface of Veridian III. Following the conclusion of the show and its related films, only four replicas were made for Star Trek: The Experience, a theme park in Las Vegas that closed in 2008 after a 10-year run. It took three years and several thousand dollars, but Huddleston now has what he believes is the most accurate representation of Picard's throne in existence. And actually, it took four chairs to get there. The captain's chair that Huddleston originally rescued (a replica to begin with) was in such bad shape that it couldn't be restored. The seat had to be remade from scratch, but it later turned out that this design was wrong too. Remake 2.0 was sold off. Huddleston now hopes he has the definitive and final version. Read 48 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
sharyn morrow Several years ago, as the therapeutic potential of stem cells was first being recognized, the only way to create them was to harvest cells from an early embryo. That embryo could come from the large collection of those that weren't used during in vitro fertilization work. But to get one that was genetically matched to the person who needed the therapy, researchers had to create an embryo that's a genetic duplicate of that individual—meaning they had to clone them. With the development of induced stem cells, work on this approach largely fell by the wayside—induced cells were easier to create and came without the ethical baggage. But there are some lingering doubts that the induced cells are truly as flexible as the ones derived from an embryo, leading a number of labs to continue exploring cloning for therapeutic purposes. Now, a collaboration of US and Korean researchers have succeeded in creating early embryos from two adult humans and converted the embryos to embryonic stem cells. The method used is called somatic cell nuclear transplant. It involves taking an unfertilized egg and removing its nucleus, thereby deleting the DNA of the egg donor. At the same time, a nucleus from the cell of a donor is carefully removed and injected into the egg. After some time, during which the environment of the egg resets the developmental status of the donor's DNA, cell division is activated. If the process is successful, the end result is a small cluster of cells that starts along the path of forming an embryo. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Photo by Flickr user Morgan200 Looking online for some good weed, assault rifles, or stolen credit cards? One reddit user has just the thing. With its intuitive, Google-like interface, a new search engine, called Grams, offers users a new tool to find sites, not indexed by standard search engines, that are selling illicit materials. The search engine can only be accessed through the Tor anonymizing browser. Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
https://commons.wikimedia.org/wiki/File:Hammer_Ace_SATCOM_Antenna.jpg Mission-critical satellite communications relied on by Western militaries and international aeronautics and maritime systems are susceptible to interception, tampering, or blocking by attackers who exploit easy-to-find backdoors, software bugs, and similar high-risk vulnerabilities, a researcher warned Thursday. Ground-, sea-, and air-based satellite terminals from a broad spectrum of manufacturers—including Iridium, Cobham, Hughes, Harris, and Thuraya—can be hijacked by adversaries who send them booby-trapped SMS text messages and use other techniques, according to a 25-page white paper published by penetration testing firm IOActive. Once a malicious hacker has remotely gained control of the devices, which are used to communicate with satellites orbiting in space, the adversary can completely disrupt mission-critical satellite communications (SATCOM). Other malicious actions include reporting false emergencies or misleading geographic locations of ships, planes, or ground crews; suppressing reports of actual emergencies; or obtaining the coordinates of devices and other potentially confidential information. "If one of these affected devices can be compromised, the entire SATCOM infrastructure could be at risk," Ruben Santamarta, IOActive's principal security consultant, wrote. "Ships, aircraft, military personnel, emergency services, media services, and industrial facilities (oil rigs, gas pipelines, water treatment plants, wind turbines, substations, etc.) could all be impacted by these vulnerabilities." Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
A time-lapse image of the launch of the eXperimental Fuel Cell (XFC) Unmanned Aerial System from a submarine. DARPA is hoping to give the Navy the ability to seed the sea floor with airborne and floating drones that launch on demand to track enemies and jam and blind their sensors. US Navy When trouble’s brewing at sea and there’s no nearby friendly airbase or port, it could take weeks for US Navy ships and aircraft to show up to protect shipping and keep the enemy at bay. So the Defense Advanced Research Projects Agency (DARPA) is looking to give the US Navy a new way to get to the scene almost immediately, popping up near, behind, or even in the midst of an enemy fleet, using robotic pods that sit on the ocean floor and can release flying and floating drones to the surface to attack on command. DARPA has requested bids this week for the final two phases of its Upward Falling Payloads (UFP) program—an effort to create pre-positioned unmanned systems that sit dormant on the sea floor, waiting for a command to rise to the surface and unleash (non-lethal) hell. Containing electronic and low-power laser attack systems, surveillance sensors, and even airborne and aquatic drones that act as decoys or provide intelligence and targeting information, the UFPs would have to survive for years at depth, waiting for a command. “To succeed,” the DARPA announcement for the program states, “the UFP program must be able to demonstrate a system that can: (a) survive for years under extreme pressure, (b) reliably be triggered from standoff commands, and (c) rapidly rise through the water column and deploy a non-lethal payload.” The focus is on non-killer autonomous systems because these bottom-dwelling robotic minions would be deployed in the deep ocean, where recovery would be difficult and where the robots could potentially cause hazards to ships if the sleeping pods expire. Read 2 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Daniel Foster/Flickr New York's attorney general is the latest to jump into the high-speed trading party, issuing subpoenas to Wall Street firms seeking documents on whether they're getting an unfair leg up over their less technologically savvy competitors. The revaluation of the subpoenas from Eric Schneiderman's office, first reported by the Wall Street Journal, brings to at least four the number of agencies probing what the New York Attorney general has described as "Insider Trading 2.0." Other entities investigating whether Wall Street firms are taking advantage of "differences in delays, or latencies, of trade information distributed between trading venues" -- include the Commodity Futures Trading Commission, the Securities and Exchange Commission and the Federal Bureau of Investigation. Read 2 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Pusteblumenland Trillions of microbes live in and on our body. We don’t yet fully understand how these microbial ecosystems develop or the full extent to which they influence our health. Some provide essential nutrients, while others cause disease. A new study now provides some unexpected influences on the contents of these communities, as scientists have found that life history, including level of education, can affect the sorts of microbes that flourish. They think this information could help in the diagnosis and treatment of disease. A healthy human provides a home for about 100 trillion bacteria and other microbes. These microbes are known as the microbiome, and they normally live on the body in communities, with specialized populations on different organs. Evolution has assured that both humans and bacteria benefit from this relationship. In exchange for somewhere to live, bacteria protect their hosts from harmful pathogens. Past analysis of the gut microbiome has shown that when this beneficial relationship breaks down, it can lead to illnesses such as Crohn’s disease, a chronic digestive disorder. Read 11 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
niznoz There are now 29 kinds of plant varieties that are available under an open source license, reports NPR. On Thursday, a group of scientists at the University of Wisconsin-Madison debuted the Open Source Seed Initiative (OSSI), a set of seeds that can be used by anyone so long as they don't restrict use by others through patents or IP protection. The initiative is one answer to the heated battle between farmers and companies like Monsanto, which holds patents on plants that have features like resistance to certain herbicides or seeds that produce slightly different plants if they are resown from a first-generation crop. Soybeans in particular have been a point of contention, with both organic farmers who want to keep Monsanto's products out of their farms and commercial farmers who want the right to multiple generations from one soybean seed purchase. The OSSI includes 14 different crops with 29 total varieties, including carrots, quinoa, kale, and broccoli. The open pledge that growers must make to use the seeds covers both the current and future generations. NPR notes that the initiative is likely to have more impact for plant breeders, particularly at educational institutions, than for farmers. Read on Ars Technica | Comments

Read More...
posted 6 days ago on ars technica
Screenshot from Putin's televised call-in session. RT via YouTube At Russian President Vladimir Putin’s annual televised call-in session, Russia’s leader on Thursday received a query from a special guest, former US National Security Agency contractor turned government whistleblower, Edward Snowden. Snowden, who is believed to currently reside in Russia, asked Putin about the current state of surveillance in Russia, to which the Russian leader gave a surprising and suspect “rule of law” response that does not seem to jibe with the Russian government’s approach to various domestic and foreign affairs. Snowden commented, “Recently in the United States, two independent White House investigations as well as a federal court all concluded that these [dragnet surveillance] programs are ineffective in stopping terrorism. They also... unreasonably intrude into the lives of private citizens.” Read 5 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
From May 2013, a tablet running an early version of Ubuntu Touch. Andrew Cunningham Canonical today is releasing Ubuntu 14.04, a Long Term Support (LTS) edition for desktops and servers and an update to the versions of Ubuntu for phones and tablets. LTS editions are released once every two years and receive five years of support from Canonical and thus gain wider adoption in businesses than the less stable server and desktop editions that come out every six months. Canonical eventually wants to create a single operating system that can be installed across desktops, phones, and tablets, with a different interface presented on each device. That convergence hasn't been completed yet, so with 14.04 (codenamed "Trusty Tahr") there will be separate downloads for the mobile editions. "Full convergence means that the same code for operating systems and applications will be running on all types of devices, from phones to tablets to desktops, and even both smaller and larger devices," Ubuntu Engineering VP Rick Spencer told Ars in an e-mail. "Convergence is still a work in progress, and we will continue to move the code to the desktop as it is ready in each release." Read 17 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
andreaslindmark France's antitrust authority has persuaded Nespresso to change its anti-competitive practices in the coffee-pod market and open its espresso machine to third parties, reports the Wall Street Journal. The deal comes after Nespresso's long, losing battle to shut out competitors with patents and customer warnings. In France, Nespresso controls 78 percent of the coffee pod market, according to the Journal. Two competitors complained to the French Autoritée de la Concurrence two years ago, and Nespresso lost a patent covering its machines last year. As part of the new agreement, Nespresso will remove language on its pods and machines that suggest only Nespresso products can be used together. Nespresso will also provide support to users of its machines who use third-party pods and will "abstain from negative comments about other capsules." Read 1 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Ethiopians carrying jerrycans of water. UNICEF Ethiopia/2011/Lemma You’re living in Sub-Saharan Africa during a drought entering its second year. The diminished harvests have left you without enough food, and your family is trying to figure out how to get by. You’ve settled on selling some of your livestock and securing a small loan to help cover the cost of food, confident that you’ll be able to recover quickly and repay your debt. Some of your friends, however, have less wealth than you. If they sell their last two cattle, it could be a long time before they could afford to replace them. And given that their annual income is highly variable, they can’t risk taking out a loan they may not be able to pay back. So rather than dig themselves into a potentially inescapable hole, they eat less and go hungry. Some of those families have growing children, but they see no other way. In situations like this, those in poverty can be significantly more vulnerable than their wealthier counterparts. When you have little, your flexibility to deal with unpredictable crises is limited. Read 13 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Re/code's Kara Swisher has an in-depth scoop describing what is likely Yahoo's overarching goal for the near-to-mid term: displacing Google as Apple's default Safari search engine on iOS devices. There's a lot of money and mindshare to be had by taking the default search position on mobile devices, especially Apple's. Swisher reports that Google allegedly pulls in much more revenue from search on iOS than it does on Android, and Mayer's Yahoo appears to regard a return to prominence in search as a key to the company's long-term success. There's a lot more going on behind the scenes, though. Yahoo currently relies on Microsoft's Bing for search results as part of a long-term partnership deal with Microsoft; the company has no actual search product of its own. Danny Sullivan of Search Engine Land correctly points out that it's been a long time since Yahoo provided its own search results, and the company would need to start from scratch with infrastructure, personnel, and an algorithm in order to actually do search again. Just reserving Bing results wouldn't work—if Apple wanted Bing search results on iOS, it would be better off skipping the middle man and going to Microsoft directly. But the idea of a big investment doesn't appear to scare Yahoo at all. Even as Yahoo appears to struggle, it actually has a huge amount of cash right now due to its stake in Chinese e-commerce portal Alibaba. This gives Yahoo the money (and, more importantly, the time) to resurrect its deprecated search product. As Sullivan notes, the Web has grown considerably since Yahoo last did search, but Mayer has an answer to that: two Yahoo initiatives (reportedly codenamed "Fast Break" and "Curveball") are aimed at recharging both search and search-based advertising). Read 2 remaining paragraphs | Comments

Read More...
posted 6 days ago on ars technica
Netcraft Developers at Internet services company Netcraft have released a browser extension that makes it easy for Web surfers to know if the site they're visiting is vulnerable to the catastrophic Heartbleed vulnerability. The extension works on the Chrome, Firefox, and Opera browsers. Once installed, it provides a bleeding heart icon and warning sign when users visit a site that remains susceptible to one or more of the risks posed by Heartbleed, the extremely critical bug that allows attackers to pluck sensitive data from the memory of vulnerable serves. Exposed data most often seems to include usernames and passwords, but it can also include taxpayer identification numbers and even the private encryption keys that are a website's crown jewels. The Netcraft extension will alert users if an OpenSSL-powered site has yet to install an update that's immune to Heartbleed exploits. It also lets people know if sites that have updated OpenSSL are still using an HTTPS encryption certificate that has yet to be changed since OpenSSL was updated. That latter alert is crucial, since possession of a private encryption key makes it possible for attackers to impersonate HTTPS-protected sites with malicious sites that are almost impossible for most end users to detect. Out of an abundance of caution, all sites that were vulnerable to Heartbleed should assume their keys are now in the hands of malicious attackers. Read 2 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
In response to customer outcry, organizations holding off on deploying the Windows 8.1 Update will be able to get security updates for their systems for another three and a half months, as opposed to the 30 days that Microsoft originally promised. When the Windows 8.1 Update designed to improve the mouse and keyboard experience of Windows 8.1 was initially released last week, Microsoft said that it was a mandatory update. Any future security updates, starting from next month, would require the update to be installed. This was met with a frustrated response from IT personnel. Not only did the update cause problems with Windows Server Update Services (WSUS) deployments (though this was fixed today), it was also of a sufficient scale and size that organizations that were part-way through deploying Windows 8.1 don't want to switch to the update part way through, due to the need to re-test and re-validate it. Read 4 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
On Wednesday, Sony said that it had sold over seven million Playstation 4 consoles worldwide as of April 4, according to a report from Reuters. Those numbers reflect a million-console increase from last month, when Sony said it sold six million consoles after the PS4's Japan launch. The PS4 launched in North America in November 2013, and at the time Sony trumpeted that it sold over one million units on day-one. Today, Sony's representatives said that the company is having trouble keeping up with demand. "Although we are still facing difficulties keeping up with the strong demand worldwide, we remain steadfast in our commitment to meet the needs of our customers," said Andrew House, president and group chief executive officer of Sony Computer Entertainment, in a statement. According to a VGChartz estimate, Sony's sales have out-paced those of Microsoft's Xbox One, which has sold about 4.2 million units. Read 1 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
Jase Group LLC A federal appeals court is holding in contempt the operator of a now-defunct e-mail service because he refused to abide by a court order and turn over the crypto keys and expose Lavabit's 400,000 customers to the government's prying eyes. Equally troubling as that Wednesday decision by the Fourth US Circuit Court of Appeals may be, Congress has essentially punted on reforming the Electronic Communications Privacy Act, the law surrounding e-mail privacy. That has led one of the leading lobbyists on the matter to declare a defeat of sorts. Read 24 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
Google Fiber began as a service just for residents and public buildings like schools, libraries, and community centers, but it's now being expanded to cover businesses as well. Google will start a pilot program to connect small businesses in Kansas City before rolling out a more widely available service. "We are working hard to finalize our service offering for small businesses and would like to invite you to be part of the process," Google says. "We are looking for a few businesses in Kansas City to provide feedback about using Fiber at work. Over the next few months, we’ll be connecting a limited number of small businesses to our network in exchange for feedback about the service." Read 2 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
Flickr user: Tim O'Brien Since we finally unveiled our Steam Gauge project late last night, we've been overwhelmed by positive responses to the data. It's been come from all over—comment threads, Twitter, e-mail, and links from other sites. It's much appreciated. We've also received some questions and concerns about our data, our methodology, and what we plan to do with this project going forward. Here are some responses to the most common issues that have been brought up in the last 24 hours or so. Isn't your data off? Steam didn't always track gameplay hours in the past Indeed. Before posting our analysis last night, I was not aware that Steam only started tracking the "number of hours played" statistics on SteamCommunity.com in March of 2009. This isn't a small oversight: games played solely before this date would show up erroneously as "unplayed" in our data, and games released before that time might show fewer total hours than they should. This helps explain why older games like Ricochet and Deathmatch Classic seem so unpopular among people who own them—because most players probably put in their hours before March of 2009. Read 24 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
NASA "Saturn’s rings are a conveniently located dynamical laboratory," says the opening sentence of a new paper. The convenient part may be debatable, but the dynamism isn't. The rings are filled with gaps and wiggles, created by interactions among their particles and a collection of small moons that act as shepherds, their gravity ushering the rings' particles into distinctive orbits. Now researchers have identified a series of bright objects embedded in the outer edge of Saturn's A Ring. The largest of these, which has been nicknamed "Peggy," may be as much as a kilometer across. The objects may represent a moon that is disintegrating after contact with the outer edge of the A Ring. But it could also be one in the process of formation—a process that may have played out many times in Saturn's past. The initial observation of Peggy, shown above, came in a photograph taken a year ago yesterday by the Cassini orbiter. That prompted a dive into the image archive. Prior to May of 2012, the orbiter didn't have a good perspective for imaging the rings for over a year, but Peggy was visible in over 100 detections between then and November of 2013. Read 6 remaining paragraphs | Comments

Read More...
posted 7 days ago on ars technica
Matthew Hadley Private encryption keys have been successfully extracted multiple times from a virtual private network server running the widely used OpenVPN application with a vulnerable version of OpenSSL, adding yet more urgency to the call for operators to fully protect their systems against the catastrophic Heartbleed bug. Developers who maintain the open-source OpenVPN package previously warned that private keys underpinning VPN sessions were vulnerable to Heartbleed. But until Wednesday, there was no public confirmation such a devastating theft was feasible in real-word settings, said Fredrik Strömberg, the operator of a Sweden-based VPN service who carried out the attacks on a test server. An attacker carrying out a malicious attack could use the same exploit to impersonate a target's VPN server, and in some cases decrypt traffic passing between an end user and the real VPN server. Wednesday's confirmation means any OpenVPN server—and likely servers using any other VPN application that may rely on OpenSSL—should follow the multistep path for recovering from Heartbleed, which is among the most serious bugs ever to hit the Internet. The first step is to update the OpenSSL library to the latest version. That step is crucial but by no means sufficient. Because Heartbleed may have leaked the private key that undergirds all VPN sessions, updated users may still be susceptible to attacks by anyone who may have exploited the vulnerability and made off with the key. To fully recover from Heartbleed, administrators should also revoke their old key certificates, ensure all end user applications are updated with a current certificate revocation list, and reissue new keys. Read 4 remaining paragraphs | Comments

Read More...