Arstechnica

Syndicate content Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 3 hours 15 min ago

Nintendo’s Fire Emblem Heroes gets simultaneous iOS, Android launch [Updated]

1/18/2017 7:12pm

Nintendo's next major smartphone game release was originally advertised in this way. That changed an hour later.

Update: Roughly an hour and a half after the new Fire Emblem smartphone game's announcement, and its vague "soon" release window for iOS, Nintendo told fans that the game would simultaneously launch on iOS and Android on February 2 after all. That puts iOS gamers ahead in terms of Nintendo releases; Super Mario Run will not launch on Android until "March 2017."

Nintendo did not explain why Fire Emblem's iOS release window was advertised so vaguely in the original announcement.

Original report:

Read 8 remaining paragraphs | Comments

That critical “ImageTragick” bug Ars warned you about? It cost Facebook $40k

1/18/2017 7:04pm

Last May, Ars reported that a critical vulnerability in a widely used image-processing application left a huge number of websites open to attacks that allowed hackers to execute malicious code on the underlying servers. More than five months later, Facebook paid a $40,000 bounty after discovering it was among those at risk.

On Tuesday, researcher Andrey Leonov, said he was able to exploit the vulnerability in the ImageMagick application by using a tunneling technique based on the domain name system that bypassed Facebook firewalls. The firewalls had successfully protected against his earlier exploit attempts. Large numbers of websites use ImageMagick to quickly resize images uploaded by users.

"I am glad to be the one of those who broke the Facebook," Leonov wrote in a blog post that gave a blow-by-blow account of how he exploited the ImageMagick vulnerability. Two days after the researcher privately shared the exploit with Facebook security personnel, they patched their systems. Ten days after that, they paid Leonov $40,000, one of the biggest bounties Facebook has ever paid.

Read 4 remaining paragraphs | Comments

Price hearing: dramatic ACA metaphors and the meaning of “access”

1/18/2017 7:00pm

Enlarge / U.S. Health and Human Services Secretary Nominee Rep. Tom Price (R-Ga.) testifies during his confirmation hearing. (credit: Getty | Alex Wong)

In a four-hour Senate confirmation hearing Wednesday, Rep. Tom Price (R-Ga.), Donald Trump’s nominee to run the Department of Health and Human Services, tried unsuccessfully to ratchet down the rhetoric surrounding the fate of the Affordable Care Act. He repeatedly emphasized that “nobody is interested in pulling the rug out from under anybody.” And in broad strokes he described the Republicans' replacement plan—which has yet to be revealed—as a beefed-up version of the ACA; a plan that covers even more people, has better benefits, and is cheaper.

He went on, explaining:

We believe that it’s absolutely imperative that individuals that have health coverage be able to keep health coverage, and move—hopefully—to greater choices and opportunities for them to gain the kind of coverage they want for themselves and for their families… There’s been a lot of talk about individuals losing health coverage. That is not our goal, nor is it our desire, nor is it our plan.

The assurances stopped there, however, as did hope of calming the fevered debate on the subject. Senators on the Committee on Health, Education, Labor and Pensions, which held the hearing, continued to pepper the discussion with dramatic statements. Republicans compared the ACA to a collapsing bridge and described it as being in a death spiral. Democrats compared repealing the mammoth health law without replacement legislation to jumping out of a plane without a parachute.

Read 11 remaining paragraphs | Comments

Assange weasels out of pledge to surrender if Manning received clemency

1/18/2017 6:35pm

Enlarge (credit: Carl Court, Getty Images)

Julian Assange, the WikiLeaks founder, backed out of his pledge Wednesday that he would surrender to US authorities if President Barack Obama granted clemency to Chelsea Manning.

Manning, a whistleblower serving a 35-year-sentence for leaking classified material to WikiLeaks as an army private, had her sentence commuted by President Barack Obama on Tuesday. Instead of being released in 2045, Obama said Manning could leave military detention May 17.

But just days before the commutation, WikiLeaks tweeted that Assange—who is living in a self-imposed exile in the Ecuadorian Embassy in London amid fears he could be charged in the US for exposing the secrets Manning leaked—tweeted, "If Obama grants Manning clemency Assange will agree to US extradition despite clear unconstitutionality of DoJ case." As recently as Tuesday, WikiLeaks said that Assange "stands" by the promise.

Read 11 remaining paragraphs | Comments

All over the globe, plants are growing into strange, circular patterns

1/18/2017 5:51pm

Jen Guyton

They look a little like crop circles and a little like artistic earthworks. Around the world, they have many names: in the Namib Desert of Africa, they're called "fairy circles;" in Brazil they're dubbed "murundus," and in North America they're known as "Mima mounds." In a recent paper for Nature, Princeton ecologist Corina E. Tarnita and her colleagues call them "landscapes of overdispersed (evenly spaced) elements." All are regions where plants grow into such perfectly symmetrical, large-scale patterns that they seem unnatural.

Debates rage among ecologists about whether these patterned environments have a common cause and what it might be. Two of the leading hypotheses involve plant cooperation and insect rivalries. In areas where water resources are scarce or irregular, plants are known to engage in "scale-dependent feedbacks," where plants over a wide area grow into clusters rather than spreading out over a big area. The plant clumps limit their sizes to make the best use of water, and this strategy leads to reproductive success. It also might explain why we see patterns of plant growth that are characteristic of fairy circles and Mima mounds.

Read 4 remaining paragraphs | Comments

More, cheaper, bigger, faster: The defense and cyber strategy of Donald Trump

1/18/2017 5:41pm

Enlarge / Where's the defense and cyber-weapon procurement budget going, Mr. President-elect? (credit: Getty Images | Joe Raedle)

Since Election Day, President-elect Donald Trump has taken an inordinate interest in some of the minutia of defense policy. His tweets (particularly about the F-35 Joint Strike Fighter and the Air Force One presidential aircraft replacement program) have sent shockwaves through the defense industry. The same is true of the cyber realm—particularly in his treatment of the intelligence community that currently dominates the US' cyber-defense capabilities.

The one thing that is certain is that Trump wants more muscle in both departments, urging an increase in the number of troops, ships, planes, and weapons deployed by the Department of Defense; the end of defense budget sequestration; and an expansion of the US nuclear and ballistic missile defense arsenal. And he has also pledged a new focus on offensive "cyber" capabilities, as outlined by his campaign, "to deter attacks by both state and non-state actors and, if necessary, to respond appropriately."

That sort of aggressive posture is not a surprise. But the policies that will drive the use of those physical and digital forces are still a bit murky. Considering the position Trump has taken regarding the North Atlantic Treaty Organization (NATO) and his attitudes toward Russia, Trump's statements may hint at a desire for a Fortress America—armed to the teeth and going it alone in every domain of conflict.

Read 14 remaining paragraphs | Comments

Labor Department sues Oracle for racial discrimination

1/18/2017 4:50pm

Oracle is very proud of its cloud sales. But not everyone is very happy about how it got them. (credit: Håkan Dahlström)

The US Department of Labor has filed a lawsuit against Oracle America, saying the software giant systemically pays Caucasian male workers more than their counterparts with the same job title. The lawsuit also says Oracle favors Asians in hiring for certain roles, which results in discrimination against non-Asian employees.

The lawsuit is the result of an investigation that began in 2014. In a statement issued on the lawsuit, the Dept. of Labor's Office of Federal Contract Compliance Programs (OFCCP) says that Oracle wouldn't comply with "routine requests for employment data and records" during the investigation. OFCCP tried for "almost a year" to resolve the matter before filing suit.

Federal contracting rules prohibit Oracle from employment discrimination. If Oracle doesn't stop the discrimination alleged in the lawsuit, OFCCP has requested that all of company's government contracts be canceled and that it be prevented from entering into future federal contracts.

Read 4 remaining paragraphs | Comments

Microsoft-owned Minecraft no longer supported on Microsoft-owned Windows Phone/Mobile

1/18/2017 4:14pm

Microsoft will cease updating Minecraft Pocket Edition for its own Windows Phone 8.1 and Windows 10 Mobile, reports Windows Central. Although the game will continue to be available in the store, it's apparently no longer being maintained or updated.

The reason for this move is reported to be that so few people play the game on the platform that it's not worth maintaining.

Minecraft has a somewhat complicated development history. There are multiple versions of the block-building zombie fighting game developed in parallel. The original Minecraft, built for PCs and with a rich ecosystem of third-party extensions, is a Java application. Console versions of Minecraft appear to use a C++ port of the Java version, with a console controller-friendly interface. Minecraft Pocket Edition is a C++ application with a user interface that's tailored for smartphones. Multiplayer is generally limited to the same stream of development; Pocket Edition players on different platforms can play with each other, but Java edition players can only play with other Java edition players, and the console editions only allow multiplayer with other people on the same console.

Read 8 remaining paragraphs | Comments

Chinese government has ordered 103 planned coal plants to be canceled

1/18/2017 3:42pm

Enlarge / BEIJING, CHINA - NOVEMBER 29: A Chinese man wears a mask as he waits to cross the road near the CCTV building during heavy smog on November 29, 2014, in Beijing, China. (credit: Kevin Frayer)

This week, China’s Energy Administration issued a directive to cancel planning and construction on 85 coal plants in the country, according to The New York Times. An additional 18 were ordered to be canceled late last year. The 103 plants represent an astounding 120GW of capacity that would have come online for the country in the coming years.

The coal plants on the chopping block span 13 provinces, mostly in China’s northern and western regions. The Times reports that China’s Energy Administration was quite specific on which plants must halt development, but it’s unclear whether locals will immediately adhere to the directive—some of these plants have been under construction for 10 years already, and local officials may be reluctant to abandon those projects and fire the construction workers.

The cancellation is indicative of an economic imbalance that external environmental trackers have noted for a while—China has over-invested in coal power plants, with its existing capacity “being used less than half the time” according to Carbon Tracker. The International Energy Agency (IEA) notes that China accounts for more than 900GW of coal-sourced capacity, making it the biggest energy-related carbon polluter in the world. The country has promised to limit its coal-based capacity to 1,100GW by 2020, and this new directive will help China reach that goal.

Read 5 remaining paragraphs | Comments

US court says PSN data doesn’t get Fourth Amendment protection

1/18/2017 3:32pm

(credit: Aurich x Getty)

If you have any legally incriminating information sitting in your PSN account, don't count on the Fourth Amendment to protect it from "unreasonable search and seizure" by Sony without a warrant. A district court judge in Kansas has ruled in a recent case that information Sony finds has been downloaded to a PlayStation 3 or a PSN account is not subject to the "reasonable expectation of privacy" that usually protects evidence obtained without a warrant.

The case involves Michael Stratton, who went by the handle Susan_14 on PSN. According to Sony, Stratton was reported to PSN multiple times for sending spam messages asking about interest in child pornography. After reviewing the Susan_14 account in response to these complaints, Sony found that several images containing child porn had been downloaded by and uploaded to the account.

Sony shared information about the Susan_14 account and the images with the National Center for Missing and Exploited Children. The NCMEC then coordinated with the FBI to get additional information about Susan_14's e-mail address and IP address from Google and CenturyLink via subpoena. This action led to a warrant on Stratton's Kansas home, the discovery of child pornography stored on his PS3, and his arrest.

Read 5 remaining paragraphs | Comments

Big updates for Logic Pro and GarageBand add features for audio pros

1/18/2017 3:12pm

Enlarge / Apple has added Touch Bar support to Logic Pro along with a bunch of other features. (credit: Apple)

Apple has released major updates to its Logic Pro X audio recording and editing software for macOS and the lighter-but-free GarageBand app for iOS, introducing big new features and improving compatibility between the two apps. A more minor update to GarageBand for macOS, which includes no major new features but compatibility updates for the iOS version, has also been released.

Logic Pro X version 10.3 is the latest app to pick up support for the new MacBook Pro's Touch Bar. It adds controls for skimming through and tuning specific tracks on the Touch Bar's screen, as well as a touchscreen keyboard and drum pads and customizable key commands.

There are updates for the Touch Bar-free majority of the iOS userbase, too. An updated UI expands the number of colors available to label your tracks, can auto-zoom horizontally as your songs get longer, and can show the waveforms for audio files that are being trimmed. The tweaked design also "improves legibility in a variety of lighting conditions." On the production end of things, you can create playlists of different regions and edits on a track to listen to alternate versions of a song you're working on and get better control over your stereo channels, among other things.

Read 2 remaining paragraphs | Comments

Newly discovered Mac malware found in the wild also works well on Linux

1/18/2017 2:18pm

A newly discovered family of Mac malware has been conducting detailed surveillance on targeted networks, possibly for more than two years, a researcher reported Wednesday.

The malware, which a recent Mac OS update released by Apple is detecting as Fruitfly, contains code that captures screenshots and webcam images, collects information about each device connected to the same network as the infected Mac, and can then connect to those devices, according to a blog post published by anti-malware provider Malwarebytes. It was discovered only this month, despite being painfully easy to detect and despite indications that it may have been circulating since the release of the Yosemite release of OS X in October 2014. It's still unclear how machines get infected.

"The first Mac malware of 2017 was brought to my attention by an IT admin, who spotted some strange outgoing network traffic from a particular Mac," Thomas Reed, director of Mac offerings at Malwarebytes, wrote in the post. "This led to the discovery of a piece of malware unlike anything I've seen before, which appears to have actually been in existence, undetected for some time, and which seems to be targeting biomedical research centers."

Read 4 remaining paragraphs | Comments

Court rules against man who was forced to fingerprint-unlock his phone

1/18/2017 2:06pm

Enlarge (credit: Kārlis Dambrāns)

A Minnesota appellate court ruled Tuesday against a convicted burglar who was forced by a lower state court to depress his fingerprint on his seized phone, which unlocked it.

This case, State of Minnesota v. Matthew Vaughn Diamond, marks the latest episode in a string of unrelated cases nationwide that test the limits of digital privacy, modern smartphone-based fingerprint scanners, and constitutional law.

In 2015, Diamond went to trial and was convicted of the burglary and two other lesser charges. He was sentenced to 51 months in prison. Diamond appealed largely on the grounds that being ordered to unlock his phone constituted a violation of his Fifth Amendment rights against self-incrimination.

Read 9 remaining paragraphs | Comments

Mississippi AG Jim Hood sues Google—again

1/18/2017 1:30pm

Enlarge / Mississippi Attorney General Jim Hood (R) at a news conference in 2015. (credit: Alex Wong/Getty Images)

Mississippi Attorney General Jim Hood is sparring with Google once more.

Last year, Hood and Google wound down a court dispute over Hood's investigation into how Google handles certain kinds of online content, from illegal drug ads to pirated movies. E-mails from the 2014 Sony hack showed that Hood's investigation was spurred on, in part, by lobbyists from the Motion Picture Association of America.

Now Hood has a new bone to pick with the search giant. Yesterday, Hood filed a lawsuit (PDF) against Google in Lowndes County Chancery Court, saying that the company is gathering personal data on students who use Google's G Suite for Education, (previously called Google Apps for Education).

Read 9 remaining paragraphs | Comments

Backblaze brings its dirt cheap cloud backups to the enterprise

1/18/2017 12:37pm

(credit: Photograph by Beer Coaster)

Cloud backup provider Backblaze has launched a new business-oriented backup service called Business Groups that gives its low-cost cloud backup service enterprise manageability and administration. Backblaze does betray its non-enterprise origins, however, by offering clear pricing without hiding behind "ask us for a quote" forms; $5 per month per PC, or $50 (~£40) per year

Backblaze's cloud backup service is something of a novelty. That $50 per year gets you unlimited cloud storage, and while other cloud backup providers have offered unlimited storage, many of them have scaled back those offerings because they don't make anything from them. Backblaze, by contrast, maintains that it actually makes money from its service, on account of the dirt-cheap storage it designs and uses, which costs just a fraction of what services like Amazon S3 and Azure Storage do.

The company added a programmatic cloud storage service, named B2, to its backup plan in 2015. B2 offers developers substantially lower costs, albeit without geographical replication or other features of the more-expensive cloud providers. The company positions this as ideal for cheap backups or replicas of data that is primarily stored in another cloud provider.

Read 3 remaining paragraphs | Comments

Bay Area: Join us tonight 1/18 to talk about very intimate hardware design

1/18/2017 12:18pm

Enlarge / At the Crave factory in San Francisco, Q/A tests the products' components. (credit: Jordan Kushins)

The first 2017 episode of Ars Technica Live is tonight, January 18 at Longitude, Oakland’s very own tiki bar! Join Ars Technica editors Cyrus Farivar and Annalee Newitz as they sit down with industrial designer Ti Chang for a conversation about hardware design, crowdfunding, and how to build the perfect vibrator.

Chang is the co-founder and VP of design for Crave, a San Francisco-based company specializing in discreet and luxury sex toys. She leads the concept and design for the company’s full line of products, which has won numerous awards including Red Dot, IDEA, and Good Design.

Filmed before a live audience, each episode of Ars Technica Live is a speculative, informal conversation between Ars hosts and an invited guest. The audience, drawn from Ars Technica’s readers, is invited to join the conversation and ask questions. These aren’t soundbite setups; they are deep cuts from the frontiers of research and creativity.

Read 2 remaining paragraphs | Comments

Guilty SPARC: Oracle euthanizes Solaris 12, expunging it from roadmap

1/18/2017 12:17pm

Enlarge / The Sun is apparently setting on Solaris, based on Oracle's latest roadmap.

Rumors have been circulating since late last year that Oracle was planning to kill development of the Solaris operating system, with major layoffs coming to the operating system's development team. Others speculated that future versions of the Unix platform Oracle acquired with Sun Microsystems would be designed for the cloud and built for the Intel platform only and that the SPARC processor line would meet its demise. The good news, based on a recently released Oracle roadmap for the SPARC platform, is that both Solaris and SPARC appear to have a future.

The bad news is that the next major version of Solaris—Solaris 12— has apparently been canceled, as it has disappeared from the roadmap. Instead, it's been replaced with "Solaris 11.next"—and that version is apparently the only update planned for the operating system through 2021.

The new SPARC roadmap has some missing destinations.

With its on-premises software and hardware sales in decline, Oracle has been undergoing a major reorganization over the past two years as it attempts to pivot toward the cloud. Those changes led to a major speed bump in the development cycle for Java Enterprise Edition, a slowdown significant enough that it spurred something of a Java community revolt. Oracle later announced a new roadmap for Java EE that recalibrated expectations, focusing on cloud services features for the next version of the software platform.

Read 1 remaining paragraphs | Comments

Verizon to redirect calls made from dangerous Galaxy Note 7 phones

1/18/2017 12:07pm

Enlarge (credit: University of Liverpool)

There are reportedly still thousands of Verizon Wireless customers using the Samsung Galaxy Note 7, which was discontinued shortly after its unveiling last year when at least 140 of the devices overheated or caught fire. Verizon is now stepping its efforts up a notch by redirecting non-emergency phone calls made by the potentially explosive Note 7 to Verizon customer service.

"In spite of our best efforts, there are still customers using the recalled phones who have not returned or exchanged their Note 7 to the point of purchase," a Verizon spokesperson told Fortune yesterday. "The recalled Note 7s pose a safety risk to our customers and those around them."

From now on, "all outgoing calls not directed toward the 911 emergency service will only connect to customer service," the report said. "Because Note 7 users have also already been reimbursed for the cost of the long-since recalled Note 7, Verizon is also saying it might bill the holdouts for the full retail cost of the phone."

Read 3 remaining paragraphs | Comments

Reports: PS4 is selling twice as well as Xbox One, overall

1/18/2017 11:57am

The wall on the left side of this picture should really be about half as big as the one on the right to reflect sales reality.

Microsoft stopped providing concrete sales data for its Xbox line years ago, making it hard to get a read on just how well the Xbox One is doing in the market compared to Sony's PlayStation 4. Recent numbers released by analysts this week, though, suggest that Sony continues to dominate this generation of the console wars, with the PS4 now selling twice as many units worldwide as the Xbox One since both systems launched in late 2013.

The first set of numbers comes from a new SuperData report on the Nintendo Switch, which offhandedly mentions an installed base of 26 million Xbox One units and 55 million PS4 units. That report is backed up by Niko Partners analyst Daniel Ahmad, who recently tweeted a chart putting estimated Xbox One sales somewhere near the middle of the 25 million to 30 million range.

Ahmad's chart suggests that Microsoft may have sold slightly more than half of the 53.4 million PS4 units that Sony recently announced it had sold through January 1. Specific numbers aside, though, it's clear Microsoft has done little to close its console sales gap with Sony over the past year—and may have actually lost ground in that time.

Read 8 remaining paragraphs | Comments

Google will reportedly launch Android One in the US

1/18/2017 11:40am

A report from The Information (paywall) claims that Google is going to bring its cheap smartphone initiative, Android One, to the US. Android One was originally cooked up for developing markets like India, which saw Google lay out guidelines for OEMs to make cheap smartphones that were actually good. Android One took "good enough" hardware and paired it with stock Android and fast updates.

The line started out with $100 devices, with a second generation moving up to the $200 range. According to the report, in the US the devices will be a little more expensive, with releases in the $200 to $300 range. The Information wasn't sure which OEM might make the phone, but it floated LG as a possible partner. LG and Google are reportedly already collaborating on an upcoming smartwatch.

A big question will be who is in charge of the updates on this device, since Google has flip-flopped on Android One software updates in the past. Google handed things for the first generation, which resulted in fast updates—the $100 phones were the first to get Android 5.1. After a rough reception in India, Google watered down the program, and updates changed from "direct from Google" to "from Google's hardware partners." To further complicate matters, there is still one Android One phone that gets updates direct from Google, the General Mobile 4G. It was even in the Android N beta program.

Read 1 remaining paragraphs | Comments

novalug.com