Arstechnica

Syndicate content Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 2 hours 5 min ago

Hackers who took control of PC microphones siphon >600 GB from 70 targets

2/20/2017 4:38pm

Enlarge (credit: Defense Advanced Research Projects Agency)

Researchers have uncovered an advanced malware-based operation that siphoned more than 600 gigabytes from about 70 targets in a broad range of industries, including critical infrastructure, news media, and scientific research.

The operation uses malware to capture audio recordings of conversations, screen shots, documents, and passwords, according to a blog post published last week by security firm CyberX. Targets are initially infected using malicious Microsoft Word documents sent in phishing e-mails. Once compromised, infected machines upload the pilfered audio and data to Dropbox, where it's retrieved by the attackers. The researchers have dubbed the campaign Operation BugDrop because of its use of PC microphones to bug targets and send the audio and other data to Dropbox.

"Operation BugDrop is a well-organized operation that employs sophisticated malware and appears to be backed by an organization with substantial resources," the CyberX researchers wrote. "In particular, the operation requires a massive back-end infrastructure to store, decrypt, and analyze several GB per day of unstructured data that is being captured from its targets. A large team of human analysts is also required to manually sort through captured data and process it manually and/or with Big Data-like analytics."

Read 7 remaining paragraphs | Comments

Updated WhatsApp Statuses let you share photos and videos that disappear

2/20/2017 1:15pm

Enlarge (credit: WhatsApp)

WhatsApp rolled out two-step verification last week, and now it's updating an existing feature to compete with Snapchat. The Facebook-owned messaging app announced today it's updating Statuses, which lets you tell friends where you are or what you're up to at the moment. New Statuses can include photos, videos, and gifs to make shared posts more fun and personal. These decorated or animated statuses disappear after 24 hours, making them akin to Snapchat Stories and story-sharing on Instagram (which is also owned by Facebook).

The Status update coincides with WhatsApp's eighth birthday (February 24), and the new feature will roll out to Android, iOS, and Windows users from now until that date. When WhatsApp first came out, the Status feature was its only feature, as the app was built to let friends and family know what you were doing or where you were. Once messaging was added, Status remained a text-only feature that you could update on a whim.

Now you can choose to add photos, videos, and animated gifs and scribble over them to add more personality to your statuses. Any update you make to your Status will remain on your account for 24 hours before it disappears. If you update it multiple times a day, that will create a string of status updates that are presented much like Snapchat and Instagram Stories. Friends can watch your status story and reply to you privately, but all one-to-one communication still has to be done within private messaging windows. Like every other correspondence in WhatsApp, all status updates are end-to-end encrypted.

Read 1 remaining paragraphs | Comments

Teen’s selfie with the dying boy he shot leads to murder conviction

2/20/2017 1:04pm

An 18-year-old Pennsylvania teen has been convicted of murdering his 16-year-old friend, and the incident came to light because the shooter posted a selfie with the dying boy via Snapchat.

Maxwell Morton (credit: Westmoreland County Jail)

Maxwell Morton faces up to 40 years in prison after being convicted of third-degree murder by a Westmoreland County jury last Thursday. Morton testified on his own behalf and said he did not intentionally kill Ryan Mangan in February 2015. Instead, Morton said, the boys were playing with what he thought was an unloaded handgun that he pointed at Mangan and fired.

During the four-day trial, Morton testified that he took the selfie to memorialize what happened to his "best friend." "Something in my head told me to take a picture of what happened," said Morton, who was 16 at the time of the murder. The selfie, taken with a mobile phone, shows Morton smiling in front of Mangan's body slumped in a chair. Defense attorneys unsuccessfully tried to exclude the picture from trial, but jurors were eventually shown the image. They spent six hours deliberating, and ultimately the jury did not believe the first-degree-murder allegations that the defendant had intentionally shot Mangan in the face.

Read 5 remaining paragraphs | Comments

Report: Apple is planning a top-to-bottom refresh for the iPad in March

2/20/2017 12:31pm

Enlarge / The iPad Pro, Smart Keyboard, and Apple Pencil. (credit: Andrew Cunningham)

For some time now, the ever-churning Apple rumor mill has been telling us to expect some kind of hardware event in the spring. And as the spring draws nearer, reports about both the timing and the content of that spring event are going to get more accurate. The latest news to that end comes from the Japanese site Mac Otakara (via MacRumors), one of the more reliable sources for early news about this sort of thing.

Mac Otakara reports that Apple will be having a hardware event in March with the iPad acting as the star of the show. The tablet lineup is said to be getting a top-to-bottom refresh—there will reportedly be new tablets at the current 7.9, 9.7, and 12.9-inch screen sizes, as well as a new 10.5-inch iPad Pro that combines the approximate size of the 9.7-inch version with the screen resolution of the 12.9-inch version.

The new "mini" version of the iPad Pro will reportedly have a Smart Connector, four speakers, a True Tone display, and a 12MP rear camera with an LED flash just like the current 9.7-inch version; it's also safe to assume Apple Pencil support, though the report doesn't mention it specifically. The improved camera and True Tone display feature will presumably also make their way to the 12.9-inch iPad Pro, which shipped without those features (and without the DCI-P3 "wide color" display panel that the 9.7-inch Pro uses). The 10.5-inch model, which could ship later than the rest of them, is said to use a much thinner display bezel to make more room for the screen without increasing the tablet's overall size.

Read 3 remaining paragraphs | Comments

Driverless race cars dodge stray dog in Argentina—but one wipes out into a wall

2/20/2017 12:20pm

Roborace

In just its third season, Formula E deserves credit for trying out new ideas in motorsport. Not everything has been a success, but the risk of trying to innovate in broad daylight is that people will see your mistakes as they happen. Take Roborace for example. The idea is to create a series of support races for Formula E where each team uses an identical driverless car, competing to write the best-racing AI. That driverless race car isn't quite ready yet, but Roborace took a pair of DevBots to Argentina this weekend for a demonstration at the Buenos Aires ePrix.

It may not have been the demonstration that Roborace hoped for. One of the DevBots—the yellow one—ran out of talent and clipped a wall. But that happens to rookie human drivers, too, and at least in this case there was no chance of a rookie seriously hurting themselves. Some argue that this is bad news for Roborace and self-driving cars, but this is racing. If it were easy to get right, it wouldn't be any fun.

Read 4 remaining paragraphs | Comments

Ex-Uber engineer alleges sexual harassment, CEO reacts by promising investigation

2/20/2017 12:14pm

Enlarge (credit: GHETTO UBER DRIVER)

After a former Uber engineer's blog post went viral over the weekend, Uber CEO Travis Kalanick vowed on Twitter that his company will begin an “urgent investigation” into newly public allegations of sexual harassment.

1/ What's described here is abhorrent & against everything we believe in. Anyone who behaves this way or thinks this is OK will be fired. https://t.co/6q29N7AL6E

— travis kalanick (@travisk) February 20, 2017

Kalanick's comments came Sunday evening, hours after Susan J. Fowler, who had been a site reliability engineer, wrote on her blog that she experienced what amounted to institutional sexism within the company. The experience ultimately drove Fowler to quit.

Fowler, who worked at Uber from November 2015 until December 2016, opened her piece with a sordid episode during her first few weeks of the company:

Read 3 remaining paragraphs | Comments

Linksys Velop review: Fast, capable mesh Wi-Fi—but way too expensive

2/20/2017 11:45am

Enlarge (credit: Mark Walton)

The Linksys Velop is the latest in a rapidly growing line of mesh, or "whole home" Wi-Fi systems from the likes of Google, Netgear, and Ubiquiti. Like its competitors, Velop is designed to help remove the dreaded dead spots that plague a home wireless network, ensuring that you've got complete coverage whether you're sat right next to the router, or you've retreated to the garden shed for a spot of well-deserved me time. All you have to do is stick an extra Velop router (or "node" in Linksys speak) in the room with poor coverage, and hey presto, you've got faster Wi-Fi.

Where the Velop differs, aside from in its monolithic stature, is in its technical chops. Velop is the only consumer-focused mesh Wi-Fi system to offer tri-band connectivity—which provides a dedicated wireless link between each router in addition to the two required for devices to connect to it—alongside the option for a Ethernet-based wired backhaul and dynamic channel selection, the latter minimising interference from neighbouring Wi-Fi networks.

Such tech doesn't come cheap. Velop starts at £199 for a single router, which is around £50 more than comparable standalone routers, and £199 more than the free router typically bundled in with home broadband packages. The price rises to £349 for the all-but-mandatory twin pack, and to an eye-watering £499 for a triple pack. Other mesh systems sell for similar prices, although, Velop's swankier tech and (mostly) user-friendly setup process makes it the more appealing option.

Read 42 remaining paragraphs | Comments

Google and Microsoft agree to demote piracy search results in the UK

2/20/2017 11:10am

(credit: INXS, Meditate)

Google and Microsoft's Bing have agreed to crack down on piracy sites in the UK, after years of wrangling with film and music rights holders.

The tech giants have inked a voluntary code of practice with the British Phonographic Industry (BPI) and Motion Picture Association, following a series of talks overseen by the UK's copyright watchdog and steered by the department for culture, media, and sport.

On Monday, the Intellectual Property Office described it as a "landmark agreement" in which Google and Bing have vowed to reduce "the visibility of infringing content in search results by 1 June 2017." It means that repeat offenders who post pirated material online will see their sites drop off the first page of Google and Bing, when film and music fans search for content. Instead, they will apparently be shepherded towards legit sites.

Read 10 remaining paragraphs | Comments

Dealmaster: Presidents Day sales on laptops, TVs, and electronics

2/20/2017 10:45am

Greetings, Arsians! Presidents Day is upon us, and courtesy of our partners at TechBargains, we have a new batch of deals for you. The featured item this week is a Dell XPS 13 laptop with a Core i7 Kaby Lake processor, 8GB of RAM, 256GB SSD, and Windows 10 Pro. This notebook normally costs $1,399, but for a limited time, you can get it for just $1,049.

We have that and a ton of other Presidents Day deals below. For even more savings, check out TechBargains.

Featured

Read 8 remaining paragraphs | Comments

New PlayStation 4 Pro patch for Final Fantasy XV makes it look worse

2/20/2017 10:20am

Enlarge / Gosh, can't you guys look happy in paradise?

Up until today, the massive quest game Final Fantasy XV offered at least one "smooth" visual option for every single platform it's been released on—meaning, one option with a locked, mostly consistent frame rate. The catch has always been that PlayStation 4 Pro players have had to pick its simplest "lite" toggle (which removes all special visual enhancements) to enjoy this stable 30 frames-per-second refresh.

A new patch for the game went live on Monday, however, and owners of the pricier PlayStation 4 Pro may want to skip it if they dislike video stutter.

Unlike on Xbox One and standard PS4, the PS4 Pro version of FFXV asks players to pick from one of two visual modes. One of these turns up the resolution to somewhere near 1800p and adds other visual effects, but its frame rate is hampered by "frame pacing," in which its otherwise accurate 30Hz refresh is constantly interrupted by consistent judders. The other, "lite" mode originally dropped the resolution and other elements to nail a locked 30fps.

Read 4 remaining paragraphs | Comments

Snapchat Spectacles are now available to buy online for $129

2/20/2017 9:10am

Enlarge (credit: Spectacles.com)

Snapchat's video- and photo-recording glasses are free from their vending machine-like restraints: Snapchat's parent company Snap Inc. has launched a website where you can buy Spectacles online for $129. Previously, you could only find Snapchat Spectacles at strategically placed vending machines called Snapbots in select cities. Now, anyone in the US can order them and have them shipped to their home.

Snap debuted the Google Glass-esque frames about six months ago as a funky way to record events in real-time to Snapchat without taking your phone out. When on your face and turned on, Spectacles record 10-second videos or take photos and send them directly to your connected Snapchat account. From there, you can share that content via your Story on Snapchat or with select friends. Spectacles are available in teal, coral, and black, and they come with a charging case and cable. You can also buy those accessories for $50 and $10, respectively. The website states customers should expect their Spectacles to be delivered in two to four weeks.

According to a TechCrunch report, Snapbots are taking a "nap," meaning the company won't be placing new Spectacle vending machines in cities for now, but the devices will likely return in the future.

Read 1 remaining paragraphs | Comments

Horizon Zero Dawn is the best robot-safari adventure game ever made

2/20/2017 3:00am

Enlarge / Into the cauldron we go. (credit: Sony Interactive Entertainment)

Make no mistake: Horizon Zero Dawn is the rare triple-A single-player adventure that delivers on pretty much every front imaginable. The monumental story (technically, a few of them) is executed with mostly fantastic writing and acting, and it unfolds as players master the most exciting new battling system I've seen since Monster Hunter and Dark Souls. Horizon Zero Dawn also happens to be the most gorgeous game of the current console generation, combining light-soaked landscapes, shimmering robots, and rock-solid performance the whole way through.

There are some minor issues with pacing, traversal controls, and a few underwhelming quests. But these missteps and stutters should not deter PlayStation 4 owners from checking out one of the console's best exclusives so far.

Prepare for a feast

Sony Interactive Entertainment

Read 35 remaining paragraphs | Comments

New Zealand appeals court upholds Kim Dotcom extradition ruling

2/20/2017 12:38am

Enlarge / Kim Dotcom speaks to the media following a bail hearing at Auckland District Court on December 1, 2014 in Auckland, New Zealand. (credit: Fiona Goodall/Getty Images)

An appellate court in New Zealand has upheld a lower court’s 2015 decision that Kim Dotcom and his co-defendants should be extradited to the United States to face criminal copyright-related charges involving his former website, Megaupload.

In a ruling issued Monday afternoon local time (late Sunday night, Eastern Standard Time), Justice Murray Gilbert of the High Court of New Zealand ruled that while he agreed with one of Dotcom’s attorneys’ primary arguments—"that online communication of copyright protected works to the public is not a criminal offence in New Zealand"—the judge noted that nevertheless, Dotcom and his co-defendants remain eligible for extradition based on other elements in the case.

"Wilful infringement of copyright can properly be characterised as a dishonest act," Justice Gilbert wrote. "Such infringement deprives the copyright holder of something to which it may be entitled."

Read 14 remaining paragraphs | Comments

Trump’s apparent security faux-pas-palooza triggers call for House investigation

2/19/2017 5:14pm

Enlarge / U.S. President Donald Trump met with a group of government cyber security at the White House January 31, 2017 in Washington, DC, and said the government must do more to protect against cyber attacks. But he doesn't seem to be taking that advice himself, some members of Congress fear.

Representative Ted Lieu, a congressman from Los Angeles County, California, led fourteen other House Democrats on Friday in urging the House Government Oversight Committee to investigate "troubling reports" of President Donald Trump's apparently poor security practices and the potential danger to national security posed by them—including his continued use of an unsecured Android device to post to Twitter, discussion of sensitive information (including nuclear strategy) in the restaurant at his Mar-A-Lago resort, and leaving classified material unlocked while visitors were in the Oval Office.

In a letter to Oversight Committee chairman Jason Chaffetz and ranking Democratic member Elijah Cummings, the fifteen representatives wrote:

Referring to the complex problem of cybersecurity, President Trump recently said in an interview, "I’m not sure you have the kind of security that you need." We fully agree—which is why we are writing to request that the House Oversight and Government Reform Committee hold a hearing into troubling reports that the President is jeopardizing national security by egregiously failing to implement commonsense security measures across the board, from using an insecure, consumer-grade Android smartphone to discussing nuclear strategy openly in a dining room at his Mar-a-Lago Club in Florida. Cybersecurity experts universally agree that an ordinary Android smartphone, which the President is reportedly using despite repeated warnings from the Secret Service, can be easily hacked.

Lieu and the other signatories of the letter expressed concern that Trump's Android device, "most likely the Samsung Galaxy S3," is particularly vulnerable to attack, and that someone could alter the information the President viewed on it—which could "have a huge impact on his beliefs and actions." They also feared that someone could gain control of his Twitter account, "causing disastrous consequences for global stability," or use it as a listening device to pick up sensitive conversations.

Read 4 remaining paragraphs | Comments

Sunday’s launch could be the start of an annus mirabilis for SpaceX

2/19/2017 3:28pm

Trevor Mahlmann

SpaceX launched from the most hallowed ground of the US space enterprise on Sunday—the place where nearly all of the Moon launches occurred, and about 80 percent of all the space shuttle missions, including the vehicle's final flight in 2011. Just as SpaceX brought the pad back to life with its launch this weekend, so too could Launch Complex 39A rejuvenate the innovative rocket company based in California.

It has been a difficult two years for SpaceX. Accidents in 2015 and 2016 cost the rocket company two boosters, and two payloads. On Friday, during a news conference near the launch pad, company president Gwynne Shotwell acknowledged that the last two years were "painful" for SpaceX, adding that it is hard to make money when you're not flying.

Read 6 remaining paragraphs | Comments

“Secure” Trump website defaced by hacker claiming to be from Iraq

2/19/2017 2:26pm

Enlarge / Oops.

Someone calling themselves "Pro_Mast3r" managed to deface a server associated with President Donald Trump's presidential campaign fundraising on Sunday, The server, secure2.donaldjtrump.com, is behind Cloudflare's content management and security platform, and does not appear to be directly linked from the Trump Pence campaign's home page. But it does appear to be an actual Trump campaign server—its certificate is legitimate, but a reference to an image on another site is insecure, prompting a warning on Chrome and Firefox that the connection is not secure.

The page, now displaying an image of a man in a fedora, displays the following text:

Hacked By Pro_Mast3r ~
Attacker Gov
Nothing Is Impossible
Peace From Iraq

The source code contains a link to  javascript on a now-nonexistent Google Code account, masterendi, previously associated with the hacking of at least three other websites. As Italian IT journalist Paolo Attivissimo pointed out, an archive of the script shows it to be a snow animation script, not malware.

Read 4 remaining paragraphs | Comments

Is this what the Nintendo Switch’s insides look like?

2/19/2017 1:17pm

Images of what appears to be a teardown of a Nintendo Switch began circulating around the Internet on February 19. While it is impossible at this point to confirm the legitimacy of these images, the hardware pictured appears to have required some remarkable design and engineering chops. And several of the design points raise our confidence that these images are of the real thing—or at least of a prototype.

The leaked images of this possible Nintendo Switch contain a Chinese game-parts manufacturer's watermark. The device seen here puts component density first and foremost, with a lithium-ion battery that takes up nearly half of the hardware's footprint. Nintendo has previously confirmed that the Switch's battery will measure 4310 mAh, and that measure is printed on the battery seen in these images (which is also coated with some kind of foam, perhaps meant for both protection and heat management).

Read 5 remaining paragraphs | Comments

Cop filmed telling motorist he wanted to beat him, sic dog on him

2/19/2017 9:00am

A days-old viral Facebook video shows an angry New Jersey cop yelling at a young motorist. The police officer says he wants to knock the motorist "the fuck out" and sic his 90-pound police dog on him—in what appears to be retribution for the man filming the officer. Because of the video, taken by one of the two motorists pulled over in Atlantic City, the officer has been placed on paid administrative leave.

Following the publication of the 80-second video, which has more than 400,000 views, Atlantic City Police Chief Henry White called for an internal affairs investigation. The men involved in the traffic stop have been neither identified nor arrested. The incident is being investigated solely because it was recorded. This is another example of how the YouTube society—in which people are constantly filming each other and their surroundings with mobile phones—is altering the criminal justice system.

"Take that phone and stick it out of my face. I'm not gonna tell you again," the officer tells one of the motorists who is filming him. The officer then becomes enraged.

Read 7 remaining paragraphs | Comments

SpaceX makes historic launch from 39A, sticks landing [Updated]

2/19/2017 8:44am

Enlarge / Saturday's launch attempt of a Falcon 9 rocket was called off just 13 seconds before liftoff. (credit: Trevor Mahlmann)

09:50am update: Despite mostly cloudy skies, SpaceX successfully launched from Kennedy Space Center's 39A pad on Sunday. After the first stage of the Falcon 9 rocket delivered its payload—a Dragon spacecraft—into low-Earth orbit, the booster flew back to Earth and stuck its landing. SpaceX is now three-for-three in attempts to land its first stage boosters at Landing Zone 1 on the Florida coast.

Check back later today as Ars will have some exclusive photos of the historic first private liftoff from Launch Complex 39A.

Original post: Another day, another launch attempt for SpaceX. Although the company's countdown on Saturday toward liftoff of a Falcon 9 rocket from historic Launch Complex 39A proceeded mostly smoothly, SpaceX founder Elon Musk called it off during the last moments. He said he wanted to make sure a slight steering issue with an engine in the rocket's upper stage was not indicative of a more significant upstream problem.

Read 3 remaining paragraphs | Comments

The Great Wall is my new favorite lizard monster war movie

2/18/2017 3:12pm

Universal/China Film Company

I'm going to lay some truth on you right now. You're not going to have a lot of chances in your life to see movies about herds of giant psychic lizards attacking a massive, acrobatic army occupying the Great Wall of China. Which is why you should get your ass to theaters and watch The Great Wall.

The Great Wall is a joint production between American and Chinese companies and feels like the perfect cross-national hybrid of two countries obsessed with monsters and blowing stuff up. Directed by Yimou Zhang (Raise the Red Lantern, Hero) and co-written by Max Brooks (World War Z), The Great Wall stars Matt Damon as a European mercenary named William and Tian Jing as Lin Mae, the commander of the Nameless Order. Lin Mae and her acrobatic army have pledged their lives to hold the Great Wall and defend southeastern China against the Taotie, a species of mega-lizards with skulls for faces and eyeballs in their shoulders.

Read 6 remaining paragraphs | Comments

novalug.com