Arstechnica

Syndicate content
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 2 hours 48 min ago

The saga of DC’s never-ending universe

4 hours 33 min ago

(credit: DC Comics)

Any comics fan will tell you: DC has a reputation for rebooting its line often. With its headline-grabbing "New 52" initiative as recent example, the company seems to enjoy starting their stories from the beginning and discarding previously established continuity. Critics point to the company’s massive, universe-shattering crossover epics as prime examples: Crisis on Infinite Earths, Zero Hour, Infinite Crisis, and most recently Flashpoint, which ushered in that controversial New 52 era. This happens so much, many readers now treat the next reboot as inevitable.

It may come as a surprise, then, to hear the DC Universe (DCU) has never been rebooted. While the company has absolutely tweaked its continuity, there's never been a full reboot on the entire universe. Not once. Geoff Johns, DC’s Chief Creative Officer, recently remarked that the DCU has “an umbilical cord that goes all the way back to "Action Comics" #1, that connects the whole DC Universe." And that wasn’t just a catchy marketing phrase: it’s a fact.

This summer as DC rolled out its latest “Rebirth” line, which purports to restore lost connections to the past, it’s a good time to dive into the history of DC’s continuity and see how accurate Johns' remarks are. Has it really been one big story all along?

Read 47 remaining paragraphs | Comments

On Saturday Juno flew to within 4,200km of Jupiter—and survived

8/27/2016 6:44pm

Enlarge / Jupiter's north polar region was 703,000km away on Saturday morning when Juno took this photo. (credit: NASA/JPL-Caltech/SwRI/MSSS)

NASA's daring Juno spacecraft must fly into the heart of Jupiter's deadly radiation belts to complete its mission. So far, so good. On Saturday morning, the spacecraft made its first close approach to Jupiter, flying to within 4,200km of the giant of the Solar System. That is less than the distance from New York to Los Angeles.

The spacecraft shot past Jupiter at the speed of 208,000km/hr relative to the planet, and mission managers pronounced that Juno was in good health. "Early post-flyby telemetry indicates that everything worked as planned and Juno is firing on all cylinders," said Rick Nybakken, Juno project manager at NASA's Jet Propulsion Laboratory in Pasadena, California. Saturday's flyby, at 9:44am ET, marked the first time Juno had activated its entire complement of nine scientific instruments and turned them toward Jupiter.

Mission managers said early returns from the data were promising, but cautioned it would take several more days to download all of the information collected by the spacecraft, and to begin to assess what it means. Although photography is not the principal aim of the mission, NASA intends to release images taken during the flyby during the next week or so. The pictures are expected to include the highest-ever resolution views of Jupiter's atmosphere, and the first good views of both the gas giant's poles.

Read 2 remaining paragraphs | Comments

Mystic Vale review: Don’t just draw cards, craft them

8/27/2016 12:51pm

Enlarge / A hand in Mystic Vale. In the upper left sit the advancements for purchase, sorted by strength (most powerful in the top row, weakest in bottom row) along with the always-available Fertile Soil cards. To the right are the vale cards, purchased not with mana but with nature symbols. At the bottom is my deck of cards. In this hand, I have stopped after revealing three spoil symbols (the red trees). I add up the symbols on all cards except the "on deck card" atop my pile and find that I have 6 mana (blue orbs), 4 victory points (blue shields), and two green plus one yellow symbols. (credit: Nate Anderson)

Welcome to Ars Cardboard, our weekend look at tabletop games! Check out our complete board gaming coverage at cardboard.arstechnica.com—and let us know what you think.

The land has fallen under a blight, and the only way for the four Druid clans to gain power from Gaia and restore balance to the Valley of Life is through the time-honored ritual of... adding up blue mana spheres on the cards before you and spending them to buy more cards with more mana spheres. And, sometimes, victory points.

Look—don't ask too many questions about the theme. Mystic Vale is a game about healing the land in the same way that Splendor is a game about crafting diamond rings for the nobility. Both titles are essentially pure efficiency engines; build up a pool of resources that will allow you to buy more expensive resources faster than anyone else at the table and you win. There are no extraneous mechanics here to distract from the dopamine drip-drip-drip of steadily increasing card combos, and Mystic Vale has learned the key lesson of these kinds of games: don't overstay your welcome.

Read 18 remaining paragraphs | Comments

Hacker who stole 2.9 million credit card numbers is Russian lawmaker’s son

8/27/2016 12:00pm

(credit: Wikipedia)

On Thursday, a federal jury in Seattle found Roman Seleznev guilty of stealing millions of credit card numbers and selling them online to other fraudsters. Seleznev, 32, is the son of Russian Parliament member Valery Seleznev.

Seleznev, who occasionally went by the moniker “Track2” online (a reference to one of the information strips on the back of a magnetic stripe card"), had been hacking into restaurant and retail Point of Sale (PoS) systems since at least October 2009 and continued until October 2013.

According to a 2014 indictment (PDF) from the Department of Justice, Seleznev and potentially others who are unknown to the investigators “developed and used automated techniques, such as port scanning, to identify computers and computer systems that were connected to the Internet [and] were dedicated to or involved with credit processing by retail businesses.”

Read 6 remaining paragraphs | Comments

Augmenting the FPS: How well does Tobii track your gaze in a video game?

8/27/2016 11:00am

Ars Technica tests the Tobii EyeX while playing Deus Ex. Video edited by Jennifer Hahn. (video link)

During Ars' review playthrough of the latest adventure in the Deus Ex series, I spied a curious option tucked into its Windows menus: "Tobii eye-tracking." None of Square Enix's press materials mentioned such a thing, which seemed strange for a series that revolves around human augmentation and sci-fi upgrades. Eye-tracking in an FPS? Sounds like some futuristic stealth-spy stuff!

The word "Tobii" perked up my coworkers' ears, as they'd tested simple prototypes of the eye-tracking doodad at various Consumer Electronics Shows. Deus Ex presented a great opportunity to test the add-on's full potential, and Tobii was kind enough to send loaner hardware. We wanted to find out: Just what does an eye-tracking sensor do for computer users—how does it translate the gaze of your eyes to real-world computer use—and does it work well enough to earn a $140 price tag?

Read 15 remaining paragraphs | Comments

Someone is porting Pokémon Go to the Dreamcast VMU

8/27/2016 10:00am

Enlarge / Yup, this is a thing that's happening in the year 2016... (credit: guacasaurs_mex / Instagram)

I know a surprising number of people who desperately want to play Pokémon Go, but their phones are too old to run the game reliably. For those people, a cheap, used Dreamcast with a portable Visual Memory Unit might be the cheapest way to simulate the Pokémon Go experience until their next upgrade cycle. That's because of Pokémon Go VMU, a cheeky homebrew project from a VMU coder going by the handle guacasaurus_mex.

True, the Dreamcast's underpowered memory-card-with-a-screen-and-buttons doesn't feature the GPS antenna and augmented reality camera that help make Pokémon Go possible on smartphones. Still, guacasaurus_rex promises a randomly generated map grid to navigate on the 48x32 pixel monochrome LCD screen. There will even be a little timing-based mini-game for catching the little monsters in Pokéballs to fill in for those little touchscreen swipes.

The VMU "port" isn't planned for release until next year, though, because "it's going to take forever to draw all those damn Pokémon." Hopefully Pokémon Go will still be a relevant gaming phenomenon by then, eh?

Read 3 remaining paragraphs | Comments

On appeal in LA Times defacement case, lawyers say there was no “damage”

8/27/2016 9:00am

(credit: Cyrus Farivar)

Attorneys representing Matthew Keys have filed their formal appeal to the 9th Circuit. Keys is the California journalist who was convicted of hacking-related crimes in 2015.

As Keys told Ars before he was sentenced, the appeal largely focuses on the argument that the government “constructively amended” the second count that he was charged with: 18 U.S. Code § 1030 (a) (5) (A). That law declares a crime has been committed if someone “knowingly causes the transmission of a program, information, code, or command, and, as a result of such conduct, intentionally causes damage without authorization, to a protected computer.”

During closing arguments at trial, one of Keys’ lawyers, Jay Leiderman, said that Keys’ December 2010 defacement of one Los Angeles Times article lasted only 40 minutes and therefore caused no damage.

Read 7 remaining paragraphs | Comments

Trading in stock of medical device paused after hackers team with short seller

8/26/2016 5:22pm

Enlarge / A St. Jude Medical cardiac defibrillator implant like the ones MedSec claimed to have found vulnerabilities in. (credit: St. Jude Medical)

Trading in the stock of medical device manufacturer St. Jude Medical was halted Friday afternoon after a dramatic drop in its value. That drop was triggered by news of alleged vulnerabilities in the company's cardiac care devices. The vulnerability was disclosed not in a report by the company but by security researchers partnered with Muddy Waters Capital, an investment firm that had "shorted" St. Jude's stock on the information in order to profit from a drop in the stock's value.

The researchers at the security firm MedSec chose to take this route to disclosure, MedSec CEO Justine Bone said, to "ensure that St. Jude Medical responds appropriately and with urgency." The partnership with a short seller is a fundamental departure from the established approach of responsible disclosure normally taken by researchers. But it also represents an approach that bypasses the sort of legal maneuverings and threats, suppression of information, and inaction that have been experienced by researchers who have discovered vulnerabilities in other products. Researchers who discovered a vulnerability in Volkswagen electronic engine locks, for example, were forced to withhold a paper for two years through a court injunction filed by the automaker in 2012.

Muddy Waters issued a report on Thursday claiming that it had demonstrated "two types of cyber attacks against STJ implantable cardiac devices: a 'crash' that causes cardiac devices to malfunction... and a battery drain attack that could be particularly harmful to device dependent users." The report claimed that the vulnerabilities had been proven in "multiple demonstrations evidencing how hollow STJ's device security is."

Read 7 remaining paragraphs | Comments

FBI-owned Megaupload.org serves up porn and sex ads

8/26/2016 5:08pm

(credit: megaupload.org)

Megaupload.org used to be where you'd go to access the vast amount of films hosted by Kim Dotcom's Megaupload service. But once Dotcom was hit with US criminal charges, that site and many others were grabbed by the FBI, and visiting them produced nothing but a government seizure banner.

No longer. Today, a visit to Megaupload.org (NSFW) brings up what can only be described as softcore porn. Text ads for "casual sex," "adult affair dating," "adult cam chat," and "live sex cams" are surrounded by pictures of women in their underwear.

So how did this happen? In all likelihood, this is the same thing that happened last year, when similarly scammy-looking ads took over the main Megaupload.com page. The FBI used a domain called cirfu.net as a "name server" to re-direct traffic from sites it had seized. Then the Bureau apparently forgot to renew that domain, allowing someone else to purchase it.

Read 5 remaining paragraphs | Comments

Stretching the limit of silicon nanowires for next-generation electronics

8/26/2016 4:58pm

Enlarge / A forest of false-colored silicon nanowires.

Flexible electronics, which could be used to control flexible robots, depend on the ability to produce electrical circuits that can be repeatedly stretched and bent while remaining operational. Silicon is obviously one of the most important building blocks of modern electronics, but even when it's shaped into wires, it isn't very stretchy.

Recently, theoretical calculations have indicated that it may be possible to stretch silicon nanowire by as much as 23 percent, depending on its structure and the stretch direction. This raises an obvious question: why haven't we been able to do so?

Recently, an international team of scientists and engineers has directly probed the elastic strain limit of single-crystalline Si nanowires. The team found that stretching the Si nanowires almost to their theoretical limit is possible.

Read 8 remaining paragraphs | Comments

AT&T doesn’t want to repay money it got from alleged overcharges

8/26/2016 3:47pm

(credit: Mike Mozart)

AT&T is fighting a recent punishment handed down by the Federal Communications Commission. Last month, the FCC issued a Notice of Apparent Liability (NAL) that says AT&T overcharged the Florida school districts of Orange and Dixie by nearly 400 percent.

AT&T filed its response today, saying that there is "no legal or factual basis for liability against AT&T."

The phone service in question is paid for by US citizens through surcharges on phone bills. Those surcharges fund the E-rate program that subsidizes telecommunications for schools and libraries. Under this program, the FCC says AT&T is required to charge schools and libraries the lowest available rates. The commission says AT&T should repay $63,760 it improperly received from the FCC in subsidies and pay an additional fine of $106,425.

Read 7 remaining paragraphs | Comments

Congressman to FCC: Fix phone network flaw that allows eavesdropping

8/26/2016 3:00pm

SS7 allows an attacker to use just a phone number to gain access to calls and texts to and from that phone—and can be used to undermine the security of WhatsApp and Telegram. (credit: Petr Kolář (modified by Ars))

A documented weakness in Signaling System 7 has been shown to allow widespread interception of phone calls and text messages (SS7 is the public switched telephone network signaling protocol used to set up and route phone calls; it also allows for things like phone number portability). This weakness in SS7 can even undermine the security of encrypted messaging systems such as WhatsApp and Telegram.

In an April segment of 60 Minutes, Democratic Congressman Ted Lieu of California allowed hackers to demonstrate how they could listen in on his calls. In light of the mass leak of congressional staffers' contact information by hackers, Congressman Lieu is now urging the Federal Communications Commission to take action quickly to fix the problem with SS7. The hackers are purportedly tied to Russian intelligence.

The vulnerability in SS7 was revealed in a presentation at the RSA security conference in March. It exploits the use of SS7 by cellular networks to handle billing and phone location data for call routing. The vulnerability is open to anyone with access to SS7 signaling. This includes not just telecommunications companies that have "roaming" relationships with a phone's primary carrier, but any state actor or hacker who has access to those companies' networks. Using SS7, an attacker could create a proxy to route calls and text messages. He could intercept them and record them without the knowledge of the people on either end of the communications. An attacker could also spoof texts and calls from a number.

Read 3 remaining paragraphs | Comments

Floating solar device boils water without mirrors

8/26/2016 2:37pm

Enlarge / Bubble wrap isn't just for stress relief. (credit: George Ni)

To boil water using the Sun, we typically burn fossil fuels carrying several-hundred-million-year-old solar energy that was extracted from underground at great expense. It’s kind of Rube-Goldbergian. We’re fortunate that the Sun’s heat isn’t strong enough to boil the oceans (or us), but extracting the Sun’s energy at a significant scale is tricky.

The usual solution, as many magnifying-glass-toting children already know, is to concentrate sunlight and increase its intensity. Solar thermal plants, for example, use massive arrays of mirrors to focus sunlight and generate electricity. All that extra equipment gets pretty expensive—especially if you need the mirrors to track the Sun’s position across the sky.

So how do we engineer another way? In the past, researchers made clever designs to concentrate the heat generated by lower-intensity sunlight into small volumes of water. This heat consequently created higher localized temperatures. While they managed to boil water with this method, they weren’t able to ditch optical concentration completely.

Read 9 remaining paragraphs | Comments

DOJ lawyer who leaked Bush spy program is censured for ethics failure

8/26/2016 12:34pm

Enlarge / Disclosing the warrantless surveillance program won Thomas Tamm the "Ridenhour Prize for Truth-Telling." (credit: War on Whistleblowers/YouTube)

The Justice Department lawyer who disclosed the secret and warrantless surveillance program then-President George W. Bush adopted in the immediate aftermath of the Sept. 11 terror attacks was publicly censured Thursday by a federal appeals court for breaching legal ethics. As a Lawyer for the Justice Department's Intelligence Policy and Review unit, Thomas Tamm violated professional conduct rules for disclosing to The New York Times "confidences" and "secrets," the US Court of Appeals for the District of Columbia Circuit concluded. (PDF)

As part of his Justice Department duties, Tamm was tasked with requesting electronic surveillance warrants from the secret Foreign Intelligence Surveillance Court. The District of Columbia Court of Appeals Board of Professional Responsibility said Tamm became aware in 2004 that certain applications to that FISA Court for national security surveillance authority "were given special treatment" and he leaked details of the program to the newspaper.

Tamm, who could have been disbarred, but now can continue practicing law as a Maryland state public defender (he resigned from the Justice Department in 2006), said he learned that "these applications derived from special intelligence obtained not pursuant to prior applications to the Court, but from an extra-judicial source referred to as 'the program.'" After digging into it, he "concluded that it was probably illegal as it was not court-supervised."

Read 7 remaining paragraphs | Comments

AT&T explains why it sometimes delays Google Fiber access to poles

8/26/2016 12:05pm

Enlarge (credit: Google Fiber)

Google Fiber has been battling AT&T over access to utility poles for a few years now. During a dispute in Austin, Texas late in 2013, AT&T said it could deny access to its poles because Google wasn't a "qualified" telecom or cable provider.

Things have gone a bit smoother since then because the companies signed a nationwide agreement granting Google Fiber access to AT&T poles on a city-by-city basis. But in Nashville, Tennessee, Google Fiber construction has stalled partly because the new ISP still has problems getting access to AT&T poles. AT&T confirmed to Ars earlier this month that the terms of the previous nationwide agreement cover Nashville, but it declined to explain why there are still holdups.

An AT&T executive has now detailed the telco's objections in an interview with FierceTelecom. Google Fiber has been making mistakes in engineering drawings that it needs to submit before attaching fiber to AT&T poles, according to Joelle Phillips, president of AT&T Tennessee.

Read 10 remaining paragraphs | Comments

Dealmaster: Save on PCs, consoles, and monitors at Dell’s Labor Day sale

8/26/2016 11:55am

Greetings, Arsians! Courtesy of our partners at TechBargains, we have many great deals to share that are part of Dell's Early Labor Day sale. Now you can get an XPS Core i7 desktop for $685, a $100 gift card on a PlayStation 4 Call of Duty bundle, and nearly $100 off a Dell UltraSharp monitor plus a $75 gift card. Those are just some of the steals going on during the sale, so be sure to check them all out.

Take a look at the full list of deals below.

Dell Early Labor Day Sale

Read 7 remaining paragraphs | Comments

Meet some of the species we’ve found in 2016

8/26/2016 11:45am

One of a set of three new mouse lemur species described this year. Microbus ganzhorni hails from Madagascar—as do all lemurs. (credit: Giuseppe Donati.)

Read any estimate of the number of species present on Earth, and you'll notice two things: the numbers vary wildly, and they're always well above the number of species we actually know about. It's tempting to think we've exhausted the exploration of the Earth, that there's nothing new to see. But one area that we've barely scratched the surface of is the biological diversity that we're a part of.

There are several reasons for this. One is that some habitats, like the deep ocean, are both vast and hard to get to. Others, like caves and islands, isolate populations and generate species at a phenomenal rate. Finally, there's just a tendency to view, say, all ants as being roughly the same. That can allow species to hide in plain sight, with nobody taking the time to look for the details that distinguish them from their close relatives. DNA sequencing is also telling us that some populations that we see as identical haven't actually interbred in a very long time and may be separate species.

As researchers gradually look more closely, the result is a steady stream of new discoveries. We thought we'd share some with you. We set a few simple guidelines for inclusion. The first is that the species had to be discovered this year. The second is that it has to be still living—paleontologists find new species almost as often as biologists do. The final thing is that we had to be able to come up with a decent photo of it.

Read 1 remaining paragraphs | Comments

Kindle crashes and broken PowerShell: Something isn’t right with Windows 10 testing

8/26/2016 11:39am

(credit: Amazon)

Last week, we learned that the Windows 10 Anniversary Update caused trouble for many webcam users. Today, it's the turn of Kindle owners to cry foul, with numerous reports that plugging a Kindle into a Windows 10 machine with the update will make the PC crash with a Blue Screen of Death.

This problem has more than a hint of the same feeling as the webcam issue: it's the kind of thing that shows up quickly when using Windows 10 on a primary system but is going to be much more obscure if you only tested the Windows Insider previews in a virtual machine or secondary system. Such systems are much less likely to be plugged in to all the many peripherals and gadgets that primary machines are. Microsoft's own advice is that the Insider previews should not be installed on your "everyday computer." That's good advice; the quality of the builds released to the Insider program is far too inconsistent to make it a good option for a machine that you depend on. But that has consequences: the Insider program is going to consistently miss this kind of hardware interaction.

Investigation of the issue and development of a fix is apparently underway.

Read 22 remaining paragraphs | Comments

Another Denuvo-protected game cracked just weeks after release

8/26/2016 11:05am

It took roughly two years for crackers to put the first dents in Denuvo's surprisingly robust anti-piracy protection for PC games. Now, a Denuvo-protected game has been cracked just six weeks after its release, seemingly presaging an increased pace of efforts against the DRM scheme.

TorrentFreak reports on the new crack for indie critical darling Inside, which hit the scene earlier this week. The crack comes courtesy of CONSPIR4CY (aka CPY), the same group responsible for a crack of Denuvo-protected Rise of the Tomb Raider earlier this month.

While CPY's ROTTR crack came nearly seven months after the game was released, Inside's protection was broken about six weeks after it launched on the PC. This is an important distinction, since the bulk of a game's legitimate sales tend to come in the first few months after release (or during sales much later in their lifecycle). If crackers can manage to get the wait time for a Denuvo crack down to a matter of days, the protection's value to developers and publishers could wither.

Read 4 remaining paragraphs | Comments

WhatsApp does about face, will serve ads in Facebook-owned app

8/26/2016 8:58am

(credit: Andrew Cunningham)

WhatsApp will do what it once said would never happen: let businesses use the messaging app to serve ads to users.

In a move that was inevitable once it was acquired by Facebook for $22 billion in 2014, WhatsApp has put its users on notice that it will soon begin sharing their phone numbers, and selected other data, with its parent company.

This information will then be used to offer customers "more relevant" Facebook ads, new "ways for people to communicate with businesses" via the app, and new friend suggestions, the blurb reads.

Read 12 remaining paragraphs | Comments

novalug.com