posted 8 days ago on ars technica
It took a lot of work to find the promised performance and stability improvements in iOS 8.1.1 for Apple A5 devices like the iPhone 4S, the iPad 2, the iPad Mini, and the iPod Touch. Andrew Cunningham It would be a stretch to say that iOS 7.1 made the iPhone 4 feel fast, but the update improved the phone's performance as much as could reasonably be expected for then-three-and-a-half-year-old hardware. It took what had been a disappointing update and made it usable. Jump ahead to iOS 8, an update which did pretty much the same thing to the iPhone 4S, the iPad 2, and other hardware based on Apple's aging A5 chip. App launch times slowed. Animations got choppy. Performance became inconsistent. It was the update that made them stop feeling "fast enough," which makes Apple's decision to keep selling the first-gen iPad Mini all the more confusing. iOS 8.1.1 came out on Monday, promising an iOS 7.1-style update for older devices like the iPhone 4S, iPad 2, iPad Mini, and first-generation iPod Touch. We're here to dispel those notions. iOS 8.1.1 improves performance in a few specific places, ones that may well be important to heavy users. However, it doesn't improve responsiveness or consistency, two of the problems you'll notice the most if you upgrade from iOS 7. Let's look at the short list of things you can expect to improve if you're using an older iDevice and the longer list of things that won't. Read 19 remaining paragraphs | Comments

Read More...
posted 8 days ago on ars technica
Look familiar? Except for that iceberg, it probably should. Ubisoft doesn't want anyone to know about Assassin's Creed: Rogue. That's all I can gather from the game’s total lack of marketing—especially relative to its new-console cousin, the problematic Assassin’s Creed: Unity, which launched the very same day—and the fact that review copies didn’t go out to critics until the game was already on store shelves. What little information spilled out ahead of release focused on the ship combat, returning from last year's Black Flag, and on the fact that players would be controlling one of the traditionally villainous Templars, in the form of the very Irish protagonist Shay Patrick McCormack. Right from the start, a player loading up Rogue would be forgiven for thinking they had mistakenly started up a copy of Black Flag by accident. A great many assets from that game (and Assassin's Creed 3, to a lesser extent) were clearly lifted to be reused in Rogue. Animations, sound effects, combat, locations, and even the exact same recordings of those wonderful sea shanties are not just familiar, but identical. It got to the point where I couldn't figure out why "Lowlands Away" wasn't playable on my sailor-powered radio, before I realized that I hadn't collected it in this game yet. The one and only major wrinkle to the sailing gameplay is colder waters, which introduce icebergs and freezing to death as a going concern (but not much of one). An Assassin’s story… with a twist Even Shay starts the game relatively indistinguishable from previous Assassin’s Creed protagonists. At the start of the game he's still an assassin, in the American colonies around the time of the Seven Years War. The “present-day” storyline, meanwhile, is another direct follow-up to Black Flag. Your in-game "true self" is still a programmer at a Templar-run research facility, fronting as a game developer. Read 15 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Either this is the Knightscope K5 posed next to a man of average height, or this is a leaked image from new Marvel comic series "Cyborg Cid and the Invisible CEO." Knightscope Over 25 years ago, sardonic filmmaker Paul Verhoeven imagined a future in which justice was served by the cold steel of humanoid robots. Thankfully, in the real world, we've yet to see fleets of Robocop-like robots telling pedestrians that they "have 20 seconds to comply," but even the tongue-in-cheek Verhoeven couldn't have imagined that his guesses about futuristic security would emerge in the form of the Knightscope K5. After being teased in a profile in last week's MIT Technology Review, Knightscope's patrolling robot product received a public video unveiling on San Francisco CBS affiliate KPIX on Tuesday. The squat K5 model, shown wheeling around the company's Mountain View, CA parking lot, looked more like a Dalek or a Star Wars droid than Robocop's Peter Weller. The five-foot-tall K5 comes equipped with four cameras spread at 90 degree angles from each other, along with a weather sensor, a microphone array, a separate "license plate camera," a GPS sensor, and a Wi-Fi-enabled system to transmit live video and keep track of other nearby K5s. In the KPIX video, the 300-pound behemoth appeared to move at a rate of no more than five miles per hour, and it was even shown noticing and side-stepping any nearby humans in its patrol path. Knightscope co-founder Stacy Stephens confirmed that the K5 is not equipped with weapons or any other means of dispatching crooks; instead, he described this robot as a crime deterrent (while simultaneously suggesting that people think it looks "cute" and want to hug it). We struggle to agree with its usefulness as a deterrent; having played our fair share of stealthy video games, we can't help but feel like we've trained for years to dodge and avoid exactly this kind of slow, awkward-looking artificial intelligence. Read 2 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Since 2004, Google has been paying Mozilla a ton of money each year—estimated at around $100 million—for the privilege of being the default search engine used in the Firefox browser. This contribution represented the lion's share of Mozilla's income, something in the ballpark of 85 percent. That deal, last renewed for a three-year period in 2011, has come to an end, and this time it won't be renewed. Mozilla announced today that the free browser vendor is switching to a range of different search providers. In the US, Firefox will now default to using Yahoo (which continues to be powered by Microsoft's Bing engine); in Russia it will use Yandex, and in China, Baidu. Mozilla and Yahoo have signed a five-year deal. As part of the deal, Yahoo is going to start honoring the Do Not Track feature when used by Firefox users to limit Yahoo's ability to track user activity across the Web through advertisements. Yahoo is also going to roll out a new search interface for American Firefox users, starting in December. Read 1 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
The Lumia 830 (left) and 735 (right). CN.dart.call("xrailTop", {sz:"300x250", kws:[], collapse: true});Our review of the ultra low-end Lumia 530 found it rather wanting. Sometimes cheap is too cheap, and that phone cut a few too many corners. We felt the Lumia 630 and 635 were a lot more compelling, and in some ways the 630/635 represent the true successor to the old Lumia 520. We're now taking a look at the next two phones further up the scale; the Lumia 730 and 735 (3G and 4G, respectively), and the Lumia 830. Unlike the 530 and 630/635 (with the same 3G/4G split as the 730/735), the 730/735 and 830 are both positioned as being more or less mid-range devices, but we can see the familial connections to their various siblings. Across this range there are two broad styles. The 530 up to the 735 have a black screen on the front and a removable body that wraps around to the edges of the screen, giving an appearance that's clearly derivative of the very first Lumia models. The 830 and Icon/930 have squarer edges with a cushion-shaped back. The 930's cover is fixed, but the 830's is actually removable to allow the battery, SIM, and microSD cards to be replaced. Read 24 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
paul bica The City of Toronto wants a local court to shut down the Uber. The news comes just one day after an Uber executive was revealed to have suggested digging into the personal lives of journalists who write about the ridesharing company. In its Tuesday application for an injunction, Toronto claims that the company "operates in breach of the City’s licensing by-laws insofar as, among other things, it operates as a taxicab brokerage and limousine service company." Uber has fought similar regulatory battles elsewhere around the globe and has prevailed to some degree. Most famously, the California Public Utilities Commission, which regulates taxis in the Golden State, created an entirely new class of transit for Uber and its competitors. Read 5 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Yesterday, Tesla Motors had news for all those waiting for its Model X SUV: be patient, it’s coming. In an e-mail to customers with reservations for Model X, Tesla announced that deliveries won't take place before the third quarter of 2015, but the company said it's hard at work developing and testing the new vehicle. The Model X features gull-wing doors for the rear passengers (called Falcon wing doors in Tesla-speak), and news of the delay was greeted with questions about whether the doors are to blame. Tesla’s CEO Elon Musk took to Twitter this afternoon to confirm that the Model X will keep its funky opening hatches, bemoaning the fact that production cars so often disappoint compared to concept cars. Read 1 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
The 2016 Toyota Mirai. Toyota Rejoice, the hydrogen economy is back. Toyota and Honda have both taken advantage of this year’s Los Angeles Auto Show to remind us about the fuel cell; as clean as a pure electric vehicle (EV), but one that can be refueled as quickly as a car with a gas tank and internal combustion engine. Honda’s announcement was actually that its new fuel cell car will be delayed until 2016. Toyota had better news; its new Mirai will go on sale in California next fall. Honda had been expected to unveil a production version of its FCV CONCEPT in LA this week, but showed off a revised concept car in Japan on Monday instead. The production FCV was due to hit Japanese roads in late 2015, with US and Europe following soon after. Toyota isn’t suffering from similar delays, however, revealing its production-ready fuel cell vehicle to the press on Monday in California ahead of a formal launch later this week at the LA Auto Show. As with the Prius before it, the Mirai eschews conventional car styling, signaling to the world around it that something a bit different is going on under the hood. It is more conservative in appearance than the concept version we saw at CES at the beginning of the year (confusingly also called the FCV) and is a bigger car than the Prius. It’s going to have a bigger sticker price than a Prius too: $57,500. Although that’s before taking into account state or federal tax incentives. Read 3 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Cisco has doled out a serious chunk of cash to settle its patent lawsuit with Rockstar, a patent-holding company created out of the ashes of Nortel, a Canadian telecom. The $188-million pre-tax charge was revealed in CIsco's most recent earnings call, and first reported on Monday by the IAM Blog. Rockstar, which was created by a group of big tech companies including Apple, first sued Google and its customers in October 2013. In January, it sued several cable companies, saying their cable modems infringed Rockstar patents by using the DOCSIS standard. Cisco intervened in that case the following month. Read 6 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
The No. 2 official at the Justice Department recently warned top Apple executives that stronger encryption protections added to iPhones would lead to a horrific tragedy, such as a child dying, because police couldn't access a suspect's device, The Wall Street Journal reported Wednesday. The beefed up protections, Apple recently disclosed, mean that even when company officials are served with a court order, they will be unable to retrieve potentially crucial evidence such as photos, messages, or contacts stored on iPhones and iPads. Instead, the data can be accessed only by people who know the passcode that serves as the encryption key. Justice Department officials wasted no time objecting to the changes and used the scenario of a child being kidnapped and murdered to drive home their claim that Apple was "marketing to criminals." According to the WSJ, Justice Department officials including Deputy Attorney General James Cole met with Apple General Counsel Bruce Sewell and two other company employees on October 1. Reporters Devlin Barrett, Danny Yadron, and Daisuke Wakabayashi gave the following account, which they attributed to the recollections of people who attended. Read 1 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
A sea star falls apart following infection. NOAA Since the summer of 2013, echinoderms along the Pacific Coast of North America have suffered from a mass die-off. Starting in the Pacific Northwest and moving down the coast, 20 different species of sea stars (commonly termed starfish) have suffered from symptoms that start with lesions and swelling, and progress through the loss of their ability to coordinate their multiple limbs. It nearly inevitably ends in the complete degeneration of the organism, which largely melts or dissolves. Perhaps the most disturbing aspect of the disease is that we've had no idea what caused it. We didn't even know whether it was a response to environmental changes or the end result of a pathogen. Now, researchers have published evidence that a virus may be to blame. A large team of researchers started by noting that the sea-star wasting disease had spread to some aquarium facilities that draw water straight from the ocean, while those that treated their water with UV light had remained disease free. This suggests a pathogen or chemical agent. The team then obtained material from animals dying from the disease and passed it through filters that should exclude bacteria. When injected into healthy animals, it still triggered sea star wasting. Heat treating this material eliminated its ability to cause disease. Read 4 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
A British hotel added $156 to a couple's credit card bill for violating its terms of service that says guests can be dinged for leaving bad online reviews. The Broadway Hotel charged Tony and Jan Jenkinson's credit card, CNN reported Wednesday, after they left a review on Trip Advisor decrying the Blackpool hotel as a "filthy, dirty rotten stinking hovel." The BBC described the hotel's terms of service contained in a booking document as: Despite the fact that repeat customers and couples love our hotel, your friends and family may not. For every bad review left on any website, the group organiser will be charged a maximum £100 per review. (About $156) This isn't the first time we've seen fines like this from a hotel. In August, the Union Street Guest House in Hudson, NY included a table-turning clause in its reservation policies: if you book an event at the hotel and a member of your party posts a negative review, the hotel will fine you $500. Amid an Internet firestorm, that hotel changed its policy. Read 3 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Beware, scammer! Aurich Lawson Windows tech support scams have been conning PC users out of money for years, and there's seemingly no end in sight. The Federal Trade Commission today announced that "a federal court has temporarily shut down two massive telemarketing operations that conned tens of thousands of consumers out of more than $120 million by deceptively marketing computer software and tech support services." This is the third in a series of actions against such operations, the FTC said, and if the past is any indication, it won't be the last. The FTC announced a big crackdown in late 2012 and another in late 2013. But PC users continued to hand over money to nearly identical scammers, according to the latest FTC complaints. Today's FTC press release described a method that has tricked PC users time and again: According to the FTC’s complaints, each scam starts with computer software that purports to enhance the security or performance of consumers’ computers. Typically, consumers download a free trial version of software that runs a computer system scan. The defendants’ software scan always identifies numerous errors on consumers’ computers, regardless of whether the computer has any performance problems. The software then tells consumers that, in order to fix the identified errors, they will have to purchase the paid version of the software. In reality, the FTC alleges, the defendants pitching the software designed these highly deceptive scans to identify hundreds or even thousands of “errors” that have nothing to do with a computer’s performance or security. After consumers purchase the “full” version of the software at a cost of $29 to $49, the software directs them to call a toll-free number to “activate” the software. When consumers call the activation number, however, they are connected to telemarketers who try to sell computer repair services and computer software using deceptive scare tactics to deceive consumers into paying for unneeded computer support services. According to the FTC, the telemarketers tell consumers that, in order to activate the software they have just purchased, they must provide the telemarketers with remote access to their computers. The telemarketers then launch into a scripted sales pitch that includes showing consumers various screens on their computers, such as the Windows Event Viewer, and falsely claiming that these screens show signs that consumers’ computers have significant damage. After convincing consumers that their computers need immediate help, the telemarketers then pitch security software and tech support services that cost as much as $500. The FTC teamed up with the State of Florida on the latest cases, winning federal court orders against the companies that "also temporarily freeze the defendants’ assets and place the businesses under the control of a court-appointed receiver." The complaints say the defendants have been scamming consumers since at least 2012. Read 2 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Beats' original announcement image when it was acquired in May. Let's call this the next episode, we suppose. Beats Audio On Wednesday, the Financial Times reported that Apple will make a major move to push its newly acquired Beats Music app to all iOS users starting "early next year." Citing "people familiar with the situation," the report (subscription required) claims the Beats Music subscription service will become a pre-installed app in an iOS update, and such a software update could happen "as early as March" of next year. If true, this move would be the first major Apple-branded action involving Beats, Inc. after acquiring both its hardware and software divisions in a $3 billion deal this past May. A forced app install will not replace or remove existing iTunes and iTunes Radio services, but the report didn't clarify whether iOS users would be given any promotional offer to sample the paid Beats service as new users. Prior reports asserted that "Beats Music" as a distinct music-subscription service in name would soon end and that Apple would roll such a paid streaming service into the iTunes app. However, the FT report clarified that Beats' service would persist, only "rebranded under the iTunes label." Additionally, the FT pointed out that this move echoed streaming-music rival Spotify's efforts to have its own app pre-installed on smartphones made by HTC. Read 1 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Aurich Lawson / Thinkstock Cyber criminals have started targeting the password managers that protect an individual's most sensitive credentials by using a keylogger to steal the master password in certain cases, according to research from data-protection company IBM Trusteer. The research found that a configuration file, which attackers use to tailor the Citadel trojan for specific campaigns, had been modified to start up a keylogger when the user opened either Password Safe or KeePass, two open-source password managers. While malware has previously targeted the credentials stored in the password managers included in popular Web browsers, third-party password managers have typically not been targeted. While the current impact of the attack is low, the implications of the attacker’s focus is that password managers will soon come under more widespread assault, Dana Tamir, director of enterprise security for IBM Trusteer, told Ars Technica. Read 8 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
The streaked lines, forming a circular path, are the result of strong gravitational lensing caused by dark matter. Taken by the Hubble Space Telescope. NASA, N. Benitez (JHU), T. Broadhurst (Racah Institute of Physics/The Hebrew University), H. Ford (JHU), M. Clampin (STScI), G. Hartig (STScI), G. Illingworth (UCO/Lick Observatory), the ACS Science Team and ESA We still don’t know what dark matter is. The most widely accepted possibility is Weakly Interacting Massive Particles, or WIMPs, and most dark matter searches are looking for those. But other possibilities remain, and these alternatives to WIMPs, the "monstrous creatures at the edges of the dark matter map," are still generally particles, theoretical, exotic, or otherwise. These particles could comprise the mysterious matter that holds the galaxies together and makes up 26.8 percent of the mass-energy of the Universe. Yet there’s another possibility, a different sort of monstrous creature, one that doesn't involve particles. Some physicists have been exploring the idea that dark matter might be ‘topological defects’ in a quantum field. Rather than solid particles, these would be perturbations, or oscillations. This week, two physicists proposed a way to look for such defects using only atomic clocks. Atomic clocks are “arguably the most accurate scientific instruments ever built,” the researchers write in their paper. And, crucially, the clocks necessary already exist in the form of our GPS system. Read 12 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Artist Mark Farid will stay in a getup like this for four weeks straight, if everything goes to plan. When we've tried out virtual reality headsets like the Oculus Rift in the Ars Orbiting HQ, we've never lasted more than a few hours without at least a short break into actual reality. That's partly because the current development kits form a tight, hot, sweaty seal with the front of your face and partly because the current resolution on the units has a tendency to cause some funny visual effects after a while. For now, connecting your eyes and ears to virtual sights and sounds disconnected from the rest of your body can be a little overwhelming in such large doses. So we were a little impressed and a little concerned when we heard about Seeing I, an art project where London-based performance artist Mark Farid pledges to wear a VR headset and headphones for 28 days straight. During that time, his sight and sound will be replaced by those of a stranger, simply called "The Other," who will be recording his everyday life through a binaural microphone and 180 degree stereo camera setup attached to his glasses (applications to be The Other are open, if the idea of having your entire life virtually broadcast to another person for a month appeals to you) The Kickstarter page for the Seeing I project is full of heady, art-poseur musings about how technology is taking over our lives and removing the link between our "real" and "virtual" selves ("As we've never been taught how to be alone, we only know how to be lonely" the Kickstarter video seriously intones). Frankly, we're more fascinated with the practicalities of the project. Read 6 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Over the past year, the Ars staff has collectively run a bunch of benchmarks, worn a lot of earbuds, downloaded a zillion apps, and cursed at more than a few red light cameras. So for our 2014 gift guide, we're taking the opportunity to recall the best things we've officially reviewed and place them alongside a few favorite office and lifestyle additions that we never dedicated a full report to. To simplify the usual gift-hunting fracas, send our massive Good List to a loved one as a subtle hint or pick through it to be a not-so-secret-Santa for yourself. Smartphones The 2014 Moto X. Andrew Cunningham Moto X (2014) Price: $99 and up with contract (Link) If this is your year for an Android upgrade, or if money’s not an object, we wholeheartedly recommend this year’s refreshed Moto X. Slick design, tiny bezels, a sharp screen, killer performance, wonderful battery life, and an unfettered, vanilla Android interface combine for the ultimate five-inch handset. It beats the plasticky snoozers in the Samsung Galaxy line, and it improves on every aspect of last year’s industry-leading LG Nexus 5. Read 114 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Yay... more sack-things to play with! The LittleBigPlanet games are perhaps uniquely difficult to review before their actual release. While there is some offline content on the disc, the bulk of the LBP experience has always been sampling the millions of creations from other players after release and sharing your own creations with others. So the isolated pre-release version of the game I've been playing on the PS4 over the last few days bears only a surface resemblance to the much wider game people will be able to enjoy now that it's available to the general public. While waiting for the community's creativity to fill the game in, I've puttered through the built-in Adventure Mode. The developers at Sumo Digital (who have taken over for the series creators at Media Molecule this time around) built this mode using the same tools players can use to build their own LittleBigPlanet adventures as a sort of showcase for the types of creative options available. Indeed, the Adventure Mode shows just how powerful these tools are in the hands of a team of professional designers with months of time to devote to the project. The levels are brimming with a visual creativity and child-like charm. Every piece is built from virtual versions of real-world materials—sponge, stone, string, marbles, springs, iron, and on and on—each of which look better than ever on the PS4. It's like a child's toy box come to life, complete with colorful stickers and charming incidental background details like bouncing puppets. My only complaint is that many scenes are just too graphically busy, with too many distractions, and the lighting system sometimes makes important elements hard to see. Most of the Adventure levels stick to the series-standard 2D platform jumping, but there's a bit more of a sense of depth this time around, with levels stacked along up to sixteen parallel planes. The upgrade allows for level designs that can be much more freely sprawling, looping in around themselves as the action shifts in and out of the screen. Just as in past LBP games, though, I found the psuedo-3D controls to be more troublesome than they're worth. Rather than being able to run around freely in three dimensions, your sackperson can only awkwardly shift in and out between distinct gameplay planes, a process that's never as smooth as it should be. I would frequently end up missing a jump because I had somehow ended up on the wrong plane or have trouble figuring out what parts of the background could and couldn't be accessed. Read 8 remaining paragraphs | Comments

Read More...
posted 9 days ago on ars technica
Sen. Marco Rubio (R-FL) in 2013. Rubio was first to speak against the USA Freedom Act in today's debate, saying it could slow the government from disrupting an ISIL cell. George Skidmore The US Senate voted against reining in the NSA's spying powers tonight, shooting down a proposal that was supported not just by intelligence reform groups, but by the director of the NSA himself. The USA Freedom Act needed 60 Senate votes to pass its key procedural vote, and it failed to get them. The bill got 58 yes votes and 42 no votes. The bill will stop the government from engaging in bulk phone surveillance. Instead, Americans' phone information will remain with the phone companies and can only be searched by request, with specific selection terms. Read 16 remaining paragraphs | Comments

Read More...
posted 10 days ago on ars technica
Courtesy of the Electronic Frontier Foundation The Electronic Frontier Foundation, Mozilla, Cisco, Akamai, and other organizations have teamed up to create the infrastructure and tools necessary to help websites offer more secure and private browsing to their visitors. The group plans to establish a non-profit organization, Let’s Encrypt, that will freely offer digital certificates and open-source tools for configuring and offering the secure Web functionality known as Secure HTTP (HTTPS). While offering free digital certificates is certainly enticing, creating the tools to easily manage the certificate process and set up Web servers to properly handle HTTPS is the most important part of the effort, Peter Eckersley, technology projects director for the EFF, told Ars. “The unfortunate truth is that there are a lot of obscure and head-spinning technical details that need to be gotten right for a top-notch HTTPS deployment,” he said. “With Let’s Encrypt, we are going to automate as much of that as we possibly can.” Read 7 remaining paragraphs | Comments

Read More...
posted 10 days ago on ars technica
On Tuesday, Google announced a money giveaway promotion to encourage Google Wallet users to invite friends to the service. Existing customers can initiate a money-send request in an amount as little as one penny. If the recipient has never created a Google Wallet balance, doing so, verifying identity, and claiming the sent money will result in both users receiving a $5 credit in their balances "within three business days." The promotion will end after paying out to 20,000 applicable transactions, meaning the promotion could max out at $200,000, assuming enough claimants show up by the time the promotion runs out on November 30. Any current user can invite as many people as he or she wants, but a single person cannot claim more than $100 from the invite cash pool, and the promotion has an identify-verification safeguard to stop someone from creating a bunch of dummy accounts to easily cash in. As of press time, Google had not announced that its promotion had already been used up, but we can't imagine it lasting for very long. Google Wallet launched with a similar promotion in 2011, offering new users $10 of credit through a slightly convoluted prepaid card setup; that kind of promotion was phased out as the service transitioned into supporting normal credit cards for mobile payments—a move that ultimately blocked a few serious exploits. Read on Ars Technica | Comments

Read More...
posted 10 days ago on ars technica
The "Security ID" and AAccount Name" fields in this event log don't match even though they should. The bug allowed the user account "nonadmin" to elevate privileges to "TESTLAB\Administrator." Microsoft Microsoft has released an unscheduled update to patch a critical security hole that is being actively exploited to hack Windows-based servers. A flaw in the Windows implementation of the Kerberos authentication protocol allows attackers with credentials for low-level accounts to remotely hijack extremely sensitive Windows domain controllers that allocate privileges on large corporate or government networks. The privilege elevation bug is already being exploited in highly targeted attacks and gives hackers extraordinary control over vulnerable networks. "The only way a domain compromise can be remediated with a high level of certainty is a complete rebuild of the domain," Microsoft engineer Joe Bialek wrote in a blog post accompanying Thursday's patch. "An attacker with administrative privilege on a domain controller can make a nearly unbounded number of changes to the system that can allow the attacker to persist their access long after the update has been installed. Therefore it is critical to install the update immediately." Read 5 remaining paragraphs | Comments

Read More...
posted 10 days ago on ars technica
Pretty much anything we do that involves energy, from generating electricity to using it in a laptop, produces energy in the form of heat that ultimately goes to waste. The problem is that all of the means we have of converting heat into useful energy require large temperature differences. The waste heat, by contrast, is a low-grade energy source, usually involving temperature differences of less than 100 degrees Celsius. So far, attempts to find ways of producing useful energy from waste heat have largely focused on thermoelectric devices, which directly convert temperature gradients to electricity. But these devices generally cost a lot to produce, so the economics of using them to capture waste heat are pretty questionable. But now researchers have produced a demonstration of a device that acts more like a battery that can be charged or discharged based on temperature differences. Although it's not especially efficient, the ability to store charges may add significantly to its utility. The research team involved in the work (a collaboration between people at MIT and Stanford) had previously demonstrated an actual battery that took advantage of temperature differences. In that example, which relied on a copper-based chemical reaction, charging and discharging took place at two different temperatures. At an elevated temperature (perhaps one provided by waste heat), the voltage difference needed for charging was lower than it would have been otherwise. By dropping the battery to room temperature during discharge, their battery produced a higher voltage. In essence, the temperature difference was used to get more useful current out of the battery. Read 6 remaining paragraphs | Comments

Read More...
posted 10 days ago on ars technica
Raphael Pirker's unmanned aircraft was very similar to these RiteWings planes. ramsinks A National Transportation Safety Board (NTSB) panel has reversed a decision made earlier this year by an NTSB law judge, finding that a man’s remote-controlled model plane was indeed an aircraft. Raphael Pirker must pay the $10,000 fine that was originally ordered for violating the provision that prohibits commercial use of an unmanned aircraft. As we reported in March 2014, Pirker used a RiteWing Zephyr II remote-controlled flying wing to record aerial video of a hospital campus for use in a television advertisement back in 2011. The year before, he posted a video filmed from a drone flying over New York City—including a close shot of the Statue of Liberty. Law enforcement did not interfere with Pirker, and he even gave the New York Police Department and the National Park Service a shout-out for "staying friendly, professional, and positive." But the Federal Aviation Administration (FAA) wasn’t amused and brought the civil case against Pirker. Writing for the board in the judicial order, Acting Chairman Christopher Hart states: Read 9 remaining paragraphs | Comments

Read More...