Arstechnica

Syndicate content
The Art of Technology
Updated: 3 hours 37 min ago

Lawmaker scraps bill making it illegal to film cops within 25 feet

4/14/2015 1:48pm

A Texas lawmaker is scrapping his proposal to limit the public's ability to film the police within a 25-foot radius.

Rep. Jason Villalba, a Dallas Republican, says the bill was too controversial. It was pending its first state committee hearing in the wake of two high-profile police incidents captured on camera by onlookers. One showed a South Carolina officer shooting a fleeing man in the back and another was of California officers beating a suspect.

Read 7 remaining paragraphs | Comments

Researchers try to hack the economics of zero-day bugs

4/14/2015 1:15pm

If you're looking to reduce the pool of possible zero-day vulnerabilities that could potentially be used for criminal or state-sponsored breaches of computer and network security, throwing people and money at the problem isn't necessarily going to solve it. At least, that's the conclusion from a team of researchers at MIT, Harvard, and the security firm HackerOne (the organization that runs the Internet Bug Bounty program). At next week's RSA Conference, HackerOne Chief Policy Officer Katie Moussouris and Dr Michael Siegel of MIT's Sloan School will present a study on the economics of the marketplace for "zero-day" vulnerabilities in software and networks, showcasing a model for how that market behaves. Spoiler: their model isn't simply driven by supply and demand.

In a blog post today entitled "The Wolves of Vuln Street," Moussouris gave a summary of the team's findings of what it means for organizations and government agencies seeking to "dry up the offensive stockpile" of vulnerabilities available to would-be attackers. The crux is that bug bounty programs are valuable in uncovering vulnerabilities (especially in less mature software), but some vulnerabilities simply will never be for sale at a price that defenders can afford. The long-term solution, Moussouris suggested, is to pay for automated tools and techniques to help developers find the bugs themselves.

At last year's Black Hat conference in Las Vegas, Dan Geer—a computer security analyst and chief information security officer of the CIA-backed venture capital firm In-Q-Tel—suggested that the US government should simply corner the market on vulnerabilities, offering "six-figure prices" to compete with the black market for zero-days. Geer also said this approach would only work if vulnerabilities were scarce; if they are plentiful, there would be no amount of money that could possibly buy up all the potential attack vectors.

Read 6 remaining paragraphs | Comments

Mortal Kombat X charges players for “easy fatalities”

4/14/2015 1:05pm

For decades now, being able to pull off a complex set of quick button presses to activate a gruesome fatality has been a point of pride for Mortal Kombat players. Now, the latest game in the series, Mortal Kombat X, will let you set off a bloody kill animation with only a couple of button presses... for a price.

As Ars' Sam Machkovech noticed last night, the Xbox Live and PSN stores both offer packs of "easy fatalities" as downloadable content for the game, which launched today. The consumable items let players pull off the bloody finishing move by simply holding down a shoulder button and pushing a face button, rather than entering an entire series of buttons and directions in a specific order. Players can buy a pack of five easy fatalities for $0.99, or 30 for $4.99 (the DLC packs don't appear to be available for the PC version through Steam, as of this writing).

Mortal Kombat X players start with three free "easy fatality" tokens, though their function is hidden in a pause menu, and they never seem to be fully explained. Once those are gone, players can earn more of these tokens as random rewards by spending in-game "koins" in the krypt. There is no way to earn the simplified moves reliably without opening your wallet, though.

Read 3 remaining paragraphs | Comments

Surface 3 review: Smaller, slower, cheaper… better?

4/14/2015 1:00pm
Specs at a glance: Microsoft Surface 3 Screen 1920×1280 10.8" (213 PPI), 10-point capacitive touchscreen OS Windows 8.1 64-bit CPU 1.6GHz Intel Atom x7-Z8700 (up to 2.4GHz) RAM 2 or 4GB LPDDR3 1600 GPU 600MHz Intel HD Storage 64 or 128GB Networking 802.11a/b/g/n/ac, Bluetooth 4.0 Ports Mini-DisplayPort, headphones, microSDXC, USB 3, Cover port Size 10.52×7.36×0.34" Weight 1.37 lb Battery "9 hours of browsing" Warranty 1 year Starting price $499 (2GB RAM, 64GB storage) Price as reviewed $878.97 (4GB RAM, 128GB storage, Type Cover, Surface Pen, Surface 3 Dock) Sensor Ambient light sensor, accelerometer, gyroscope, magnetometer, 8MP rear camera, 3.5MP front camera Other perks 13 W charger

ars.AD.queue.push(["xrailTop", {sz:"300x250", kws:[], collapse: true}]);
To understand the Surface 3, you must first understand the Surface Pro 3.

The Surface 3 is not the third Surface. It's not a successor to the Surface RT released in 2012 or 2013's Surface 2. Those systems used ARM processors and could not run common-or-garden Windows desktop software.

In many ways, these devices exacerbated all the flaws found in Windows 8. The operating system had a decent enough touch interface, but it was desperately incomplete, forcing the use of the Windows desktop interface even if you were trying to use fingers and the on-screen keyboard. The ARM devices took it a step further: the only third-party applications they supported came through the Windows Store and offered those same finger-friendly interfaces—but they also included Office, in all its finger-unfriendly glory, running on the Windows desktop. They took Windows 8's awkward hybridity and turned it up to 11. As Nigel Tufnel might have put it, "it's one worse."

Read 42 remaining paragraphs | Comments

Curiosity finds evidence of a daily water cycle on Mars

4/14/2015 12:59pm

A huge range of data indicates that water has played a key part in the history of Mars, from entire oceans in the distant past, to evidence of lakes and streams at the landing site of the Curiosity rover. But what has not been clear is the role that water plays on the planet now. Hints of water activity have been spotted from orbit, but direct detection of liquid water on the surface has been elusive.

This week, a scientific team using data from the Curiosity rover has announced a bit more indirect evidence. Based on a combination of data about Martian weather and soil conditions, the researchers conclude that salts found on Mars can pull water out of the thin atmosphere and may drive a daily water cycle. While the evidence is indirect, it's consistent with data from a Russian instrument that registers indications of water molecules in the soil.

One of the more common chemicals in the Martian soil appears to be perchlorate salts, which have been detected from orbit and found by the Phoenix lander. These salts—calcium perchlorate in particular—readily form hydrates, where water molecules are integrated into the crystal structure itself to form an energetically favorable conformation. On Earth, this transition is so favorable that the salts can readily pull water out of the air on humid days.

Read 6 remaining paragraphs | Comments

Republicans seek fast-track repeal of net neutrality

4/14/2015 11:40am

Republicans in Congress yesterday unveiled a new plan to fast track repeal of the Federal Communications Commission's net neutrality rules.

Introduced by Rep. Doug Collins (R-Ga.) and 14 Republican co-sponsors, the "Resolution of Disapproval" would use Congress' fast track powers under the Congressional Review Act to cancel the FCC's new rules.

Saying the resolution "would require only a simple Senate majority to pass under special procedural rules of the Congressional Review Act," Collins' announcement called it "the quickest way to stop heavy-handed agency regulations that would slow Internet speeds, increase consumer prices and hamper infrastructure development, especially in his Northeast Georgia district."

Read 4 remaining paragraphs | Comments

Guitar Hero returning with new guitar, mobile support

4/14/2015 11:32am

After a five-year break since its last console release, Activision is betting that gamers are ready to hop back on a rhythm game bandwagon that went from oversaturated to "all but dead" in record time. Guitar Hero Live will bring a newly designed guitar controller, curated song streaming, and a joint focus on consoles and mobile devices when it launches jointly on consoles and mobile platforms this fall.

The biggest change is in the controller itself. The familiar five-button layout that has been used by Guitar Hero since the series debuted in 2005 (and by the Rock Band franchise as well) is gone this time around. Instead, the new Guitar Hero Live controller has six buttons arranged vertically in two parallel rows of three. Besides making the game experience a bit more akin to mapping out chords on the many strings of a real guitar (though there's still only one plastic strummer on the other end), the new design also removes the need to shift your hand up and down the neck of the fake guitar as you play. There will also be an easy mode that only uses one row of buttons, if six buttons is too much for you.

"We wanted to make it easy to play and difficult to master,” Creative Director Jamie Jackson said in an interview with GamesBeat. “In the past, that fell apart when people had to use the pinky. Medium players were uncomfortable moving up and down the neck. So now your hand stays in one position on the neck. The second set of buttons gives you depth.”

Read 7 remaining paragraphs | Comments

Apollo 13 crew immortalized in custom Lego set

4/14/2015 9:49am

This Friday will be the 45th anniversary of the splashdown landing of the ill-fated Apollo 13 mission. How best to celebrate the successful return of the crew to Earth after an oxygen tank exploded en route to the moon? Why, a set of custom Lego minifigs, of course.

UK company Minifigs.me has revealed a collector's set depicting the three astronauts—Jim Lovell, Jack Swigert, and Fred Haise—and a separate edition for NASA Flight Director Gene Kranz, who oversaw their safe return.

The sets came about when Apollo expert Chris Spain approached the company with the idea of producing something in time for the splashdown anniversary. "Chris sent us a huge amount of research, designs and feedback," Minifigs.me director Nick Savage said in a statement. "His expertise and passion for the subject really is something to behold. We worked together for weeks to get them perfect, discussing everything from the precise placement of the metal tabs on suit valves to the way each astronaut wore their watches. We’ve made something very special as a result."

Read 4 remaining paragraphs | Comments

Apple’s Worldwide Developers Conference runs from June 8-12, 2015

4/14/2015 9:29am

Apple's Worldwide Developers Conference is nearly upon us again: this year's dates run from June 8 to 12, and as usual the conference takes place in San Francisco at Moscone West.

WWDC is, first and foremost, a gathering place for developers, who need to sign up for the chance to buy tickets via a random selection process. You'll need to sign up by 10am Pacific this Friday, April 17. This process is bound to disappoint many of those who sign up, though it is in some ways preferable to the first-come-first-serve stampede of years past. Tickets for WWDC 2013 sold out in under two minutes. Developers who can't show up in person (and anyone else, really) will be able to livestream some of the developer sessions using the WWDC app.

The WWDC opening-day keynote is usually of interest to non-developers too, since it's traditionally the place where Apple takes the wraps off of new versions of iOS and OS X (and the occasional piece of new hardware). We've heard little-to-nothing about what's coming in OS X 10.11, but word on the street is that iOS 9 will make performance and stability a priority. New features will still be included, but after a big visual redesign in 2013 and a big under-the-hood overhaul last year, it might be time to take a breather.

Read on Ars Technica | Comments

Sound waves separate rare cancer cells from blood

4/14/2015 9:28am

Circulating tumor cells (CTCs) are a rare type of cancer cell that are found in the blood stream of patients with localized tumors. Successful separation of CTCs from blood could serve as a liquid biopsy to help diagnose cancer and monitor treatment progress. A deeper understanding of CTCs could also lead to a better understanding of the most deadly cancer process: metastasis, where cancer cells leave established tumors and migrate to other locations in the body.

Currently, CTC separation methods rely on features that distinguish CTCs from other cells—antibodies that stick to them, cell size, deformability, or even electrical properties. Scientists have also explored using sound waves to separate CTCs. Acoustic-based separation provides excellent biocompatibility and safety; it preserves the viability, function, phenotype, and genotype of cells. It also allow cells to be separated without modification. As a result, sound-based separation methods enable CTCs to be maintained in their native state throughout the separation process while avoiding invasive biopsies.

Unfortunately, previous sound-based separations technologies haven't managed to separate CTCs from clinical samples due to insufficient throughput and long-term operational instability. Recently, a team of scientists has developed an acoustic-based microfluidic device that separates CTCs from peripheral blood samples of cancer patients in a high-throughput manner. This method relies on something called tilted-angle standing surface sound waves. These standing waves contain points that “stand still,” called nodes, around which the wave oscillates.

Read 7 remaining paragraphs | Comments

The world’s first robotic kitchen prepares crab bisque for Ars Technica

4/13/2015 7:01pm
ars.AD.queue.push(["xrailTop", {sz:"300x250", kws:[], collapse: true}]);

"Are there any safety mechanisms to make sure it doesn't accidentally blend my face if I get too close?" I asked the engineer, as I watched two humanoid robotic arms prepare a delicious crab bisque from scratch. The engineer took a moment to respond, not entirely sure of the correct answer. "Well... not really..."

A couple of weeks ago, I was invited along to a warehouse in north London to see what is being billed as "the world's first automated kitchen." The system, made by Moley Robotics in the UK, can only make crab bisque right now—and it requires that all of the ingredients and utensils are pre-positioned perfectly. The goal, though, is to have a consumer-ready version within two years, priced at around £10,000 ($14,600). The company envisions an "iTunes style library of recipes" that you can download and have your robot chef prepare.

In its current form, the Moley Robotic Kitchen is essentially two very expensive robotic arms, with two even dearer fully articulated biomimetic humanoid hands made by the Shadow Robot Company on the ends. In front of the robot is a kitchen—a sink, a stovetop, an oven, and a range of utensils, including the aforementioned blender. The ingredients are placed in bowls and cups on the worktop. Once everything is set up, an engineer simply presses "start" on the controlling PC, the robot arms whirl around for 30 minutes, and voilà: crab bisque.

Read 9 remaining paragraphs | Comments

Can they even Web? A look at presidential candidates’ online platforms

4/13/2015 5:53pm

Hillary Clinton's entry into the 2016 Presidential race via social media this weekend provides a hint of what's to come as the technological portion of the campaign trail begins to scale up. And Paul Schreiber, a former IT staffer for President Barack Obama's 2008 campaign and the founding chief technology officer for the nonprofit Democracy Works, has already started to handicap the race by taking stock of the biggest early indicator of the candidates' technical prowess: how they put together their campaign sites.

"So, you want to run a country," Schreiber wrote. "Can you hire someone who can run a website?" Schreiber looked at a number of factors to determine how well the sites implemented best practices for secure HTTP and domain configuration, and he considered aspects such as their content delivery network and server platform choices.

For instance, the Cruz campaign got some early (unwanted) attention for a hiccup during the candidate's website launch. Since no certificate had been provided to CloudFlare, he was randomly assigned a certificate that was shared with nigerian-prince.com. The site now has a valid "wildcard" certificate for tedcruz.org, but users only get SSL protection when they visit the donation page. Trying to go to https://tedcruz.org or https://www.tedcruz.org redirects to the unprotected home page.

Read 4 remaining paragraphs | Comments

Prosecutors suspect man hacked lottery computers to score winning ticket

4/13/2015 5:35pm

Prosecutors say they have evidence indicating the former head of computer security for a state lottery association tampered with lottery computers prior to him buying a ticket that won a $14.3 million jackpot, according to a media report.

Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

Read 5 remaining paragraphs | Comments

Using the Retina MacBook as a Windows PC

4/13/2015 4:40pm

Most people who buy Macs are doing it to run OS X, but you’d be surprised by the number of comments and e-mails we get in response to Mac reviews asking about how Windows runs on the hardware. Since Apple made the Intel switch and introduced its Boot Camp software in 2006, there’s been a small but significant group of people who have chosen to use Apple’s hardware to run Microsoft’s software, either as a secondary or primary operating system.

Because the new MacBook is an entirely new product rather than a straightforward refresh, we spent some time installing Windows and taking it for a spin. If you’ve used Boot Camp before, there aren’t many surprises. But there are still things you need to know if you intend to buy a MacBook to run Windows.

Installation and display differences

The actual process of creating a Boot Camp install drive and downloading your Windows drivers hasn’t changed at all. Get a Windows 8.1 ISO on your MacBook somehow, launch the Boot Camp Assistant app from the Utilities folder, hook up a USB drive that’s 8GB or greater in capacity, decide how much space you want to dedicate to the Windows partition, and let it do its thing.

Read 16 remaining paragraphs | Comments

Net neutrality rules published, lawsuit to overturn them immediately filed

4/13/2015 3:50pm

While the Federal Communications Commission passed its net neutrality rules on February 26, they weren't published in the Federal Register until today.

The publication means a couple of things: the rules go into effect 60 days from today, and parties that oppose the rules have 10 days to file lawsuits against the FCC. (Technically, they have 60 days, but there are advantages to filing within the first 10.) Almost immediately after publication, a trade group representing ISPs called USTelecom filed suit in the US Court of Appeals for the District of Columbia Circuit.

USTelecom's petition said the FCC's ruling is "arbitrary, capricious, and an abuse of discretion" and "violates federal law, including, but not limited to, the Constitution, the Communications Act of 1934, as amended, and FCC regulations promulgated thereunder."

Read 5 remaining paragraphs | Comments

County prosecutor says it has no idea when stingrays were used, so man sues

4/13/2015 3:40pm

The Chicago privacy activist who currently has two pending stingray-related lawsuits against the Chicago Police Department has taken his quest one step further: he has now also sued the Cook County State’s Attorney’s Office (CCSAO).

In a lawsuit filed last Thursday, Freddy Martinez describes how he filed a public records request to the prosecutors in the second-largest county in the United States to hand over "all records showing the case, the information that was used, the charges, the outcome of the case, how the information was obtained and by whom, and any court orders authorizing the use of the equipment."

The case marks a rare instance of when an individual, rather than an organization like the American Civil Liberties Union (as was the case recently in New York), has taken a prosecutorial agency to task for failing to disclose stingray-related records.

Read 16 remaining paragraphs | Comments

Verizon trots out analyst to say unlimited data is bad for customers

4/13/2015 2:28pm

Got a data cap on your smartphone? You should be grateful, according to an opinion piece that Verizon Wireless published on Friday.

"Let’s face it, if everyone had unlimited data and used it fully, the performance of the networks would suffer because of bandwidth restrictions and the 'shared resource' nature of wireless," industry analyst Jack Gold, founder of J. Gold Associates, wrote in an article titled "The Lure of Unlimited Wireless Data—Is It Necessary?"

Gold went on to write that customers have shifted high-bandwidth activities to Wi-Fi networks, where usage doesn't count against cellular data caps, and that "users are very well served by current wireless data plans, and really don’t require more. So, while unlimited data may sound attractive, there is no practical effect of data limits on the majority of users."

Read 11 remaining paragraphs | Comments

For art’s sake! Photoing neighbors with zoom lens not a privacy invasion

4/13/2015 2:17pm

An artist who hid in his apartment's shadows and deployed a telephoto lens to photograph his neighbors through their glass-walled apartment is not liable for invading their privacy, a New York state appellate court has ruled.

The appeals court called it a "technological home invasion" but said the defendant used the pictures for art's sake. Because of that, the First Department of the New York Appellate Division ruled Thursday in favor of artist Arne Svenson, who snapped the pics from his lower Manhattan residence as part of an art exhibit called "The Neighbors." The ruling says:

In this action, plaintiffs seek damages and injunctive relief for an alleged violation of the statutory right to privacy. Concerns over privacy and the loss thereof have plagued the public for over a hundred years. Undoubtedly, such privacy concerns have intensified for obvious reasons. New technologies can track thought, movement, and intimacies, and expose them to the general public, often in an instant. This public apprehension over new technologies invading one's privacy became a reality for plaintiffs and their neighbors when a photographer, using a high-powered camera lens inside his own apartment, took photographs through the window into the interior of apartments in a neighboring building. The people who were being photographed had no idea this was happening. This case highlights the limitations of New York's statutory privacy tort as a means of redressing harm that may be caused by this type of technological home invasion and exposure of private life. We are constrained to find that the invasion of privacy of one's home that took place here is not actionable as a statutory tort of invasion of privacy pursuant to sections 50 and 51 of the Civil Rights Law, because defendant's use of the images in question constituted art work and, thus is not deemed "use for advertising or trade purposes," within the meaning of the statute.

The appeals court said that beginning in 2012, Svenson, whose works have appeared in museums and galleries in the United States and Europe, began "hiding himself in the shadows of his darkened apartment" to snap the pictures of his neighbors.

Read 6 remaining paragraphs | Comments

Grand Theft Auto V for PC ships with built-in mods and machinima tools

4/13/2015 2:02pm

These days, launching a successful PC game means far more than just throwing it onto Steam and hoping for the best. As Minecraft, Team Fortress 2, and countless other games have shown, if you give players the freedom and the tools to create something of their own within a game, the title will most likely have a much longer shelf-life and a far more engaged community. The huge modding community of the PC version of Grand Theft Auto IV, while not officially supported by publisher Rockstar, has certainly had a hand in keeping the aging game alive.

With the upcoming PC version of GTA V, budding machinima directors and fans of horse-related mischief might not have to resort to tinkering with patches and configuration files in order to land the next viral hit on YouTube. In a new video (embedded below), Rockstar has outlined some of the features of Rockstar Editor, a new suite of video editing tools exclusive to the PC version of the game. In addition to the game automatically recording the last few moments of gameplay—useful for capturing an impromptu stunt or explosion—players will also be able to manually start and stop recording.

Once a clip is captured, players can head into an editor to trim and splice together clips in an interface that appears not too dissimilar to traditional editing tools like Final Cut and Adobe Premier. Text can be added, as can a custom soundtrack based on the songs from GTA V’s in-game radio stations. Players can also change the camera angle of a recorded clip, opening up all sorts of possibilities for cinematic-style shots. A variety of visual filters round out the options.

Read 2 remaining paragraphs | Comments

My voice is my passport: Android gets a “Trusted Voice” smart lock

4/13/2015 1:48pm

One of the more convenient security features added in Android 5.0 Lollipop is "smart lock." The feature has you pick a traditional lock screen—like PIN, pattern, or password—but it allows you to skip the security challenge if certain conditions are met. The first two in Lollipop allowed you to add a "Trusted Device," which would skip the lock screen if it you were connected to a certain bluetooth device, and "Trusted Face," which used facial recognition through the front facing camera.

Now Google has added a new smart lock: "Trusted Voice," which, as you might have guessed, uses your voice as your password. This smart lock kicks in when you use an "OK Google" voice command. Google is pushing voice commands more and more as a core part of Android, with devices like the Nexus 6 having always-on voice recognition. Some voice commands get blocked by a secure lock screen, though, making voice commands less useful. The new "Trusted Voice" smart lock solves that problem by bypassing the lock screen based on how you say "OK Google."

How secure is this system? We're wondering the same thing. The popup when you enable "Trusted Voice" warns that the feature is not as secure as a traditional lock screen and that "Someone with a similar voice or a recording of your voice could unlock your device." We'd love to test it out, but it hasn't rolled out to any of our devices yet—we only know about it thanks to a report from Android Police.

Read 2 remaining paragraphs | Comments

novalug.com