Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 1 hour 24 sec ago
Remember the December 13 email blast that threatened to blow up buildings and schools unless recipients paid a $20,000 ransom? It triggered mass evacuations, closures, and lockdowns in the US, Canada, and elsewhere around the world.
An investigation shows the spam run worked by abusing a weakness at GoDaddy that allowed the scammers to hijack at least 78 domains belonging to Expedia, Mozilla, Yelp and other legitimate people or organizations. The same exploit allowed the scammers to hijack thousands of other domains belonging to a long list of other well-known organizations for use in other malicious email campaigns. Some of those other campaigns likely included ones that threatened to publish embarrassing sex videos unless targets paid ransoms.
Distributing the malicious emails across such a broad swath of reputable domains belonging to well-recognized organizations was a major coup. The technique, known as snowshoe spamming, drastically increased the chances the emails would be delivered because it weakened the reputation metrics spam filters rely on. Rather than appearing as fringe content sent by one or a handful of sketchy domains, the snowshoe technique gave the emails an air of legitimacy and normalcy. The technique gets it name because, like snowshoes, it distributes the heavy load evenly across a wide area.
Late last week, the US Court of Appeals for the 9th Circuit published an opinion (PDF) stating that California's regulation of fuel sales based on a lifecycle analysis of carbon emissions did not violate federal commerce rules.
Since 2011, California has had a Low Carbon Fuel Standard (LCFS) program, which requires fuel sellers to reduce their fuel's carbon intensity by certain deadlines. If oil, ethanol, or other fuel sellers can't meet those deadlines, they can buy credits from companies that have complied with the standard.
California measures "fuel intensity" over the lifecycle of the fuel, so oil extracted from tar sands (which might require a lot of processing) would be penalized more than lighter oil that requires minimal processing. Ethanol made with coal would struggle to meet its carbon intensity goals more than ethanol made from gas.
Google previously announced that its most popular messaging app, Google Hangouts, would be shutting down. In a post today on the GSuite Updates blog, Google detailed what the Hangouts shutdown will look like, and the company shared some of its plan to transition Hangouts users to "Hangouts Chat," a separate enterprise Slack clone.
First, we need to get some vocabulary down to navigate Google's extremely confusing branding. There are two totally separate products we're talking about here: "Hangouts" and "Hangouts Chat." These two products have nothing in common besides their similar names.
Google kills product
Back in the 1990s, HBO notably produced the cult-classic horror anthology series Tales from the Crypt. For its new horror anthology, Folklore, the scary monsters are drawn from the mythologies of various Asian cultures. Instead of a vampire, you get a pontianak, and in place of a trickster genie who grants wishes, there is a blood-drinking toyol from Malaysia.
Created by Singaporean director Eric Khoo, the series features six standalone episodes, each with a different director and cast, set in a different country: Indonesia, Japan, Singapore, Thailand, Malaysia, and Korea. (Khoo directed the Singapore-set episode, "Nobody.") The episodes have been making the rounds at film festivals, including the 2018 Fantastic Fest in Austin, Texas, and the 2018 Toronto Film Festival. And now they're coming to the small screen.
In "A Mother's Love," a single mother moves into a mansion with her young son and finds several unkempt children in the attic. When she helps return them to their families, she incurs the wrath of Wewe Gombel, a child-snatching vengeful spirit—although, to be fair, in the original folktale she only takes children who have been abused. (The story is reminiscent of how the Icelandic ogre Gryla was portrayed as a protector of children recently in The Chilling Adventures of Sabrina solstice special.)
In December 2018, Giuliani amazingly blamed Twitter itself for turning a phrase he wrote in a tweet ("G-20.in") into a valid URL. An enterprising Twitter user noticed, bought the domain, and turned it into an anti-Trump site.
At the Bett educational technology conference in London, Microsoft has announced cheaper Surface Go pens, new Teams integrations with educational software, and a range of third-party Windows laptops and two-in-one devices with prices as low as $189.
Microsoft has felt new competitive pressure from cheap Chromebooks. The devices, which run Google's Chrome OS, threaten to displace Windows, especially within the United States. The company's response to this started in earnest in 2017 with the release of Windows 10 S. This locked-down, restricted version of Windows 10 blocks the use of arbitrary software, a measure that should act as something of a safeguard against ill-behaved and malicious applications. S should bring to Windows at least some of the robustness that Chrome OS sports. Paired with this version were cut-price Windows systems designed to be physically robust (and hence classroom friendly), in both a mix of laptop and two-in-one form factors.
The seven education systems announced today are:
Greetings, Arsians! Courtesy of our friends at TechBargains, we have another round of deals to share. Today's list is headlined by a deal on Apple's 10.5-inch iPad Pro, the 64GB model of which is currently down to $500 at Amazon. While this model technically launched in 2017, it still retails for $650, which makes this a $150 discount.
While some users have been able to fulfill Apple's promise of turning the iPad Pro into their primary work computer, most people have not. Taken purely as a tablet, though, this is still a premium device. Though the 10.5-inch Pro doesn't have the thinner bezels, flatter edges and brand new chipset of the latest models, its A10X processor and 4GB of RAM are still more than fast enough for most needs, and its 120Hz display is still bright and ultra-smooth. There's no USB-C port, but there is a 3.5mm headphone jack and a Touch ID button for those who don't want to give those up just yet.
To be clear, Apple's basic 9.7-inch iPad is still the best value for those who just want to do basic tablet things, and the newer iPad Pros are better suited for heavier-duty work. But at this price, the 10.5-inch iPad Pro is at least a more realistic buy for consumers who want a higher-end tablet for media consumption, gaming, and some light computing on the side.
Apple pushed software updates for macOS and iOS today. They are minor releases that simply offer a few bug fixes and security updates, with no new features—and there are no new features in any of the beta releases for these versions of the operating systems, either.
iOS 12.1.3 fixes a scrolling bug in Messages, an iPad Pro-specific audio bug, and a graphical error in some photos, and it addresses some CarPlay disconnects experienced by owners of the three new iPhone models released in late 2018. It also fixes two minor bugs related to the company's HomePod smart speaker.
Apple's release notes for iOS 12.1.3 are as follows:
An Arizona state lawmaker has proposed a $20 fee on people who want to view online pornography in order to raise money for building a border wall between Arizona and Mexico.
Arizona House Bill 2444, proposed last week by State Rep. Gail Griffin (R-Hereford), would require makers and distributors of Internet-connected devices to ship such devices with blocking software "that renders a website that displays obscene material inaccessible by default." Under the bill, any Internet user who wants to deactivate the blocking software would have to pay "a onetime deactivation fee of at least $20 to the Arizona Commerce Authority."
The money would be used to establish what the bill calls the "John McCain Human Trafficking and Child Exploitation Prevention Fund." That fund would "provide grants to government agencies and private entities that work to uphold community standards of decency for the purpose of strengthening families and developing, expanding or strengthening programs for victims of sex offenses."
Scientists often seem to be on a quest for sacred chalices or sterling ammo. But a group of microbiologists has now set out on a more odorous odyssey—one to find fantastical feces.
With data on poop’s therapeutic potential piling up, scientists have gotten wind of the possibility that some among us may be extraordinary excreters, dropping deuces with divine healing powers. In a review article published Monday, January 21 in Frontiers in Cellular and Infection Microbiology, researchers at the University of Auckland dig out all the evidence for these deific defecators from the mound of studies on fecal microbiota transplantations, or FMTs.
An FMT is exactly what it sounds like—fecal matter containing gobs of gut microbes is dumped, squirted, gulped, or otherwise delivered into the bowels of patients. The idea is that the relocated microbial communities will restore or replace the patient’s own gut dwellers to improve health. Intestinal microbes can play a role in nutrition, metabolism, immune system function, and infection protection, after all. Thus, patients with gut communities that are imbalanced and dysfunctional—aka dysbiotic—or are overrun with pathogens stand to see health benefits from such an intestinal repoopulation.
Tesla has cleared the final regulatory hurdle to selling the Model 3 in Europe, allowing the electric carmaker to begin shipping the vehicles to Europe. Reuters reports that RDW, the automotive regulatory authority in the Netherlands, has signed off on the Model 3. Under EU rules, regulatory approval in one country allows Tesla to sell its cars across the EU territory.
EU law requires an automaker to get "type approval" for each vehicle it wants to sell in the European Union. Tesla shipped several production Model 3s to RDW, which put them through a battery of tests. They checked that the vehicles met all the requirements of EU law: brake performance, lights, crashworthiness, emissions, and so forth.
The approval comes just in time. A Belgian news site reports that Tesla is expected to ship as many as 3,000 cars a week to the Belgian port of Zeebrugge for subsequent distribution across the continent.
If you're a fan of craft beer with a strong, hoppy flavor, heed the science that says to store your beer in a cool place and drink it within three months or so, lest it lose that rich aroma. That's one of the key takeaways from a new study by German scientists published in the journal Brewing Science.
All beer contains hops, a key flavoring agent that also imparts useful antimicrobial properties with its rich aroma. (Without them, beer spoils quickly.) To make beer, brewers mash and steep grain in hot water, which converts all that starch into sugars. This is traditionally the stage where hops are added to the liquid extract (wort) and boiled to give the beer that hint of bitterness. That turns some of the resins (alpha acids) in the hops into iso-alpha acids, producing a bitter taste. Yeast is then added to trigger fermentation, turning the sugars into alcohol.
Add too many hops, however, and the beer will be so bitter as to be undrinkable. So in recent years, many craft brewers have started using dry-hopping as a way to put more hops in beer without getting excessive bitterness. Hops are added during or after the fermentation stage, after the wort has cooled. There is no isomerization of the alpha acids, so you get all that aromatic hoppy flavor without too much bitterness. Brewers can use as much as 20 times the usual amount of hops if they're dry-hopping. (Just beware of "hop creep," which can cause such bottled beers to explode.)
Two years ago, Capcom struck surprising gold with its umpteenth Resident Evil video game. 2017's Resident Evil 7 was the spark the aging series needed, particularly after RE5 and RE6 threw out the series' best ideas, and it proved that Capcom still knew how to deliver familiar chills without making things boring.
The game's success put Capcom in an odd conundrum. How the heck does it follow such a quality surprise? The answer is an apparent stopgap: Resident Evil 2, a deliberate remake of the 1998 classic Playstation hit.
The result is honestly everything you might want from a triple-A game launching in the slow month of January. RE2 is a modern Resident Evil game: behind-the-shoulder action, smooth controls, gorgeous visuals, masterfully staged atmosphere, ridiculous entrails, and true surprises. RE2 is also a classic Resident Evil game: cheesy dialogue, tight corridors, police-station environs, lumbering zombies, and simple puzzles that rely on item fetching and backtracking.
WASHINGTON, DC —At the Shmoocon security conference here on January 19, two researchers from the mobile security provider Lookout revealed the first details of a mobile surveillance effort run by a yet-to-be-named state intelligence agency that they had discovered by exploring the command-and-control infrastructure behind a novel piece of mobile malware.
In the process of exploring the malware’s infrastructure, Lookout researchers found iOS, Android, and Windows versions of the malware, as well as data uploaded from a targeted phone’s WhatsApp data. That phone turned out to be one that belonged to one of the state-backed surveillance efforts—and the WhatsApp messages and other data found on the server provided a nearly full contact list for the actors and details of their interactions with commercial hacking companies and eventual decision to build their own malware.
Lookout has not revealed the country behind the malware, as the highly targeted collection campaign is still active, and exposing it would burn the company’s ability to block the malware and continue to collect intelligence about the organization. Lookout’s Andrew Blaich and Michael Flossman, who presented the findings at Shmoocon, have provided some of the details they have obtained in a blog post, however—and they provide a fascinating look at how a reasonably well-funded, state-sponsored, intelligence-gathering operation works.
2018 was something of a banner year when it came to hybrids and electric cars showing their stuff. At the end of June, Porsche—on something of a farewell tour after cancelling its Le Mans program the year before—destroyed the lap record at the almighty Nürburgring Nordschleife with its 919 Hybrid. For 35 years, the fastest lap of this 12.9-mile (20.8km) ribbon of road in Germany's Eifel Mountains stood at 6:11.13, set by Stefan Bellof and a Porsche 956 during qualifying for the Group C race held there in 1983. But in 2018, Porsche returned to one of the most fearsome racetracks in the world intent on beating Bellof's time, and it did. With Timo Bernhard behind the wheel, the 919 Evo lopped almost a minute off, completing a circuit in 5:19.55.
Five days earlier, Porsche's corporate sibling, Volkswagen, did something similar, this time with a battery electric car. At the annual Pikes Peak International Hill Climb, Romain Dumas set a new world record for the fastest time up the mountain. Here, too, a record many thought unbreakable—Sébastien Loeb's 2013 time of 8:13.878—was eclipsed when Dumas completed the 12.4-mile (19.9km) race to the clouds in 7:57.148.
I was on the mountain that day and asked more than one VW representative whether they'd consider taking their new electric monster to the Nordschleife. The similarities were too obvious not to ask—similar distances, similar terrifying reputations, and so on. At the time, the question was quickly dismissed, and VW's engineers would point out that despite the apparent similarities, there were important differences, too.
There have been a number of high-profile criminal cases that were solved using the DNA that family members of the accused placed in public databases. One lesson there is that our privacy isn't entirely under our control; by sharing DNA with you, your family has the ability to choose what everybody else knows about you.
Now, some researchers have demonstrated that something similar is true about our words. Using a database of past tweets, they were able to effectively pick out the next words a user was likely to use. But they were able to do so more effectively if they simply had access to what a person's contacts were saying on Twitter.Entropy is inescapable
The work was done by three researchers at the University of Vermont: James Bagrow, Xipei Liu, and Lewis Mitchell. It centers on three different concepts relating to the informational content of messages on Twitter. The first is the concept of entropy, which in this context describes how many bits are, on average, needed to describe the uncertainty about future word choices. One way of looking at this is that, if you're certain the next word will be chosen from a list of 16, then the entropy will be four (24 is 16). The average social media user has a 5,000-word vocabulary, so choosing at random from among that would be an entropy of a bit more than 12. They also considered the perplexity, which is the value that arises from the entropy—16 in the example we just used where the entropy is four.
A disability rights group has sued the City of San Diego and three companies—including e-scooter startups Bird and Lime—over alleged violations of the landmark Americans with Disabilities Act and other related state laws.
The new proposed class-action lawsuit, Montoya et al v. City of San Diego et al, claims that the city has been derelict in its duty to keep city sidewalks, ramps, crosswalks, and curbs free of errant scooters, which in many cases can be significant hazards to people with physical disabilities.
Similarly, the lawsuit claims that these companies are creating these hazards in the first place by creating geo-fencing within the services and have chosen not to attempt to solve this problem.
Last April, famed writer and hero-murderer George R.R. Martin announced that he was hoisting his ancient blog from his moldering LiveJournal onto his personal website. For casual Game of Thrones fans, it was a minor hiccup at best—most clicked the new link and never looked back. For a certain strata of enthusiasts, however, this was a far more momentous move. Described as “the last holdout” by longtime LiveJournal volunteer-turned-employee Janine Costanzo, Martin’s blog was perhaps the once-blogging-giant’s last bond to the world of great pop culture. So while the author may never finish his most beloved literary series, his simple act of Web hosting logistics truly marks the end of an era.
Growing up on the Web at the dawn of the social media age (circa 2007), it felt like all the connectivity-obsessed sites forming the burgeoning core of the new Internet were haunted by a faded spectre called LiveJournal. As a teen, I never actually knew anyone who had one, but I heard whispers and rumors about drama on the service all the time. And based on candid conversations with some of the figures who made LiveJournal what it was, it turns out that impression isn’t far off. LiveJournal, or LJ, as its users lovingly called it, was a different kind of social media service, one that is almost unrecognizable in a world dominated by the anonymity-shattering power of a Facebook or Twitter. But, as many of its former employees attest, LJ ultimately had the opportunity to become one of these “second-generation” social behemoths. Instead, a stubborn userbase and questionable business decisions harried those ambitions. And now, Martin’s latest figurative casualty—the severed LiveJournal—serves as a brief reminder of the platform’s ascendance and the decisions that brought this blogging icon crashing down.Built from the dorm
Like many eventual household names in tech, LiveJournal started as a one-man project on a lark, driven by a techy teenager with too much time on his hands. As founder Brad Fitzpatrick recalls, in 1998, after getting kicked off America Online for messing with its service too much, he managed to convince a local ISP to enable his personal website to use the Common Gateway Interface protocol. The move allowed him to write custom scripts that would produce dynamic objects on his page, such as his exact age in seconds, counting ever upward with each refresh. The novelty of these dynamic objects astounded Fitzpatrick, to the point that he eventually made a one-line textbox that floated above his desktop’s Start bar so he could type in and post to his site.
According to Nikkei Asian Review, Toyota Motors and Panasonic have agreed to set up a joint-venture company to manufacture vehicle batteries, with Toyota owning 51 percent of the company and Panasonic owning 49 percent.
Ars Technica contacted both companies to confirm the report, and we'll update this story if we hear back.
Nikkei reports that Panasonic would transfer ownership of five battery factories in Japan and China to the joint venture. The joint venture would start operations "in the early 2020s," and it would start producing "batteries with 50 times the capacity of those now used in hybrid vehicles, aiming to bring down production costs through higher volume," according to Nikkei.
Elon Musk—CEO of Tesla, SpaceX, and The Boring Company—has been pitching his new tunnel-boring capabilities to curious elected officials as well as the director of CERN (the organization that owns and operates the Large Hadron Collider in Switzerland).
Just a month after Musk opened up his first, rather rugged test tunnel under the SpaceX campus in Hawthorne, California, the CEO has been on Twitter floating prices and talking projects.
Last week Jeremy Buckingham, a member of Parliament in New South Wales' Upper House, asked Musk on Twitter, "How much to build a 50km tunnel through the Blue Mountains and open up the west of our State?" Musk replied, "About $15M/km for a two-way high-speed transit, so probably around $750M plus maybe $50M/station."