Apple is "very, very serious" about hiring new executives to head up a new mobile payments system, according to a report from Re/code earlier today. The company is looking to fill two new positions to lead the charge—one for a head of product and one for a head of business development. CEO Tim Cook has previously indicated Apple's interest in mobile payments, lending some weight to the rumors.
“We’re seeing that people love being able to buy content, whether it’s music or movies or books, from their iPhone, using Touch ID,” said Cook in the company's first quarter earnings call. “The mobile payments area in general is one that we’ve been intrigued with, and that was one of the thoughts behind the Touch ID. But we’re not limiting ourselves just to that.”
Apple has also reportedly been in talks with PayPal about a mobile payments system, though neither company would comment on specifics.
If you want to protect yourself against the 500,000 or so HTTPS certificates that may have been compromised by the catastrophic Heartbleed bug, don't count on the revocation mechanism built-in to your browser. It doesn't do what its creators designed it to do, and switching it on makes you no more secure than leaving it off, one of the Internet's most respected cryptography engineers said over the weekend.
For years, people have characterized the ineffectiveness of the online certificate status protocol (OCSP) as Exhibit A in the case that the Internet's secure sockets layer and transport layer security (TLS) protocols are hopelessly broken. Until now, no one paid much attention. The disclosure two weeks ago of the so-called Heartbleed bug in the widely-used OpenSSL cryptography library has since transformed the critical shortcoming into a major problem, the stuff of absurdist theater. Security experts admonish administrators of all previously vulnerable websites to revoke and reissue TLS certificates, even as they warn that revocation checks in browsers do little to make end users safer and could indeed weaken the security and reliability of the Internet if they were made more effective.
Certificate revocation is the process of a browser or other application performing an online lookup to confirm that a TLS certificate hasn't been revoked. The futility of certificate revocation was most recently discussed in a blog post published Saturday by Adam Langley, an engineer who was writing on his own behalf but who also handles important cryptography and security issues at Google. In the post, Langley recites a litany of technical considerations that have long prevented real-time online certificate revocations from thwarting attackers armed with compromised certificates, even when the digital credentials have been recalled. Some of the considerations include:
Throughout April, we've been hearing a continual chorus of rumors from separate sources all saying the same thing: Google has some major design changes coming across all its products. While consistency and staying power don't really make a rumor true, when Googlers hint that the company is moving along mostly the same line and app updates begin to match the rumored design style, we start to take notice.
The most far-reaching of these rumors comes from 9to5Google, which at the beginning of the month posted about an internal project called "Google 2." The project would redesign many apps with a focus on "full page display of content, and moving menus and other distractions out of the way." The redesign would reportedly affect Google apps across Android, iOS, and the Web, with the goal of having a single design able to scale from wearables to desktops.
Some readers are probably having traumatic flashbacks to 27-inch metro apps on Windows 8 right about now, but Google has come up with ways to scale apps across screens that don't result in terrible desktop apps. Consider something like the Android Fragments API, which is what allows the same app to power phones and tablets. In Gmail on a phone, only the inbox view is shown, but on a tablet, the app switches to a dual-pane mode with the inbox and navigation panel placed next to each other. Google has also been playing with selectable information density on the desktop, which you can change in Gmail just by clicking on the settings gear or by resizing the window.
Netflix plans to raise its subscription prices by—wait for it—between one and two dollars, according to its letter to shareholders Monday. The price hike projection comes after Netflix raised prices for members in Ireland and saw "limited impact" on its subscriber numbers.
Netflix approached the increased rates in Ireland carefully. All existing members were grandfathered in at the old rate of €6.99 per month for two years starting in January, while all new members had to subscribe at €7.99 per month. The impact has not had time to play out for existing customers at the time of the increase, but business has gone well enough since then that Netflix is ready to bring the price changes to many more of its 48 million subscribers in other countries.
"Our current view is to do a one or two dollar increase, depending on the country, later this quarter for new members only," reads the letter. In bold, it continues, "existing members would stay at current pricing (e.g. $7.99 in the U.S.) for a generous time period."
GitHub co-founder Tom Preston-Werner has resigned from the company after allegations of sexism and harassment made by former developer Julie Ann Horvath.
The company launched what it called a "full, independent, third-party investigation," which "found no evidence to support the claims against Tom and his wife of sexual or gender-based harassment or retaliation, or of a sexist or hostile work environment," GitHub CEO and co-founder Chris Wanstrath wrote today.Despite not corroborating the main allegations, "the investigator did find evidence of mistakes and errors of judgment. In light of these findings, Tom has submitted his resignation, which the company has accepted. Tom has been a huge part of this company from the very beginning and we appreciate all that he has done for GitHub. We wish him the best in his next endeavour."
Horvath was a designer and front-end developer for GitHub who also created the company's Passion Projects initiative for women in technology. Horvath left GitHub last month, saying she was "harassed by 'leadership' at GitHub for two years." Horvath said the harassment came from a co-founder and his wife, although she did not name them. Horvath also said a co-worker who was angry that she did not want to date him "started passive-aggressively ripping out my code from projects we had worked on together."
First, DSL router owners got an unwelcome Christmas present. Now, the same gift is back as an Easter egg. The same security researcher who originally discovered a backdoor in 24 models of wireless DSL routers has found that a patch intended to fix that problem doesn’t actually get rid of the backdoor—it just conceals it. And the nature of the “fix” suggests that the backdoor, which is part of the firmware for wireless DSL routers based on technology from the Taiwanese manufacturer Sercomm, was an intentional feature to begin with.
Back in December, Eloi Vanderbecken of Synacktiv Digital Security was visiting his family for the Christmas holiday, and for various reasons he had the need to gain administrative access to their Linksys WAG200G DSL gateway over Wi-Fi. He discovered that the device was listening on an undocumented Internet Protocol port number, and after analyzing the code in the firmware, he found that the port could be used to send administrative commands to the router without a password.
After Vanderbecken published his results, others confirmed that the same backdoor existed on other systems based on the same Sercomm modem, including home routers from Netgear, Cisco (both under the Cisco and Linksys brands), and Diamond. In January, Netgear and other vendors published a new version of the firmware that was supposed to close the back door.
A Texas volunteer search-and-rescue outfit grounded by federal regulators is fighting back, suing the government that maintains that its humanitarian efforts are illegal.
Federal Aviation Administration officials in February grounded Texas EquuSearch Mounted Search and Recovery Team, which deploys five-pound styrofoam drones to find the missing—all for free.
"There is no legal basis for the FAA to prohibit the operation of model aircraft for volunteer search-and-rescue activities," Brendan Schulman, the nonprofit's lawyer, wrote in the lawsuit Monday (PDF).
Two months after Google announced that it will try to bring fiber Internet to 34 cities in nine metro areas, AT&T today said it will "expand its ultra-fast fiber network to up to 100 candidate cities and municipalities nationwide, including 21 new major metropolitan areas."
Before anyone gets too excited, AT&T isn't promising that it will actually build in any or all of these cities. "This expanded fiber build is not expected to impact AT&T’s capital investment plans for 2014," the company's announcement said, possibly to assure investors that it isn't wasting money.
But AT&T will consider building in the cities that provide the best options."AT&T will work with local leaders in these markets to discuss ways to bring the service to their communities," the company said. "Similar to previously announced metro area selections in Austin and Dallas and advanced discussions in Raleigh-Durham and Winston-Salem, communities that have suitable network facilities and show the strongest investment cases based on anticipated demand and the most receptive policies will influence these future selections and coverage maps within selected areas."
Ever been treated badly by companies but felt unsure about how to fight back? Next time, try publicly shaming them on Twitter.
While Twitter's hand in unsettling repressive political regimes has been lauded by media (see: “Arab Spring,” the wave of demonstrations, protests, riots, and civil wars that rocked the Arab world beginning in 2011), the service has also proven to be a surprisingly effective tool for bringing much-needed accountability to corporations that mistreat their customers.
A few recent case-study examples of individuals who felt they were wronged by corporations and then took to the Twitterverse to air their grievances show how a properly placed tweet can be a powerful weapon for consumers to combat corporate malfeasance.
There’s a reason that one ice core drilled from the Greenland Ice Sheet has been referred to as The Two-Mile Time Machine—the annual layers of snow (compressed to ice) provide remarkable records of Earth’s climate and atmosphere. Studying past changes in atmospheric gases is just so much easier when you can pluck a bubble of air dutifully archived by the ice, which acts like a relative with an inconveniently large collection of National Geographics. The only problem with the “Two-Mile Time Machine” is that it’s only two miles long. Ice cores in Greenland can only go back about 130,000 years, and the oldest (so far) core from Antarctica goes back about 800,000 years.
If we could go a little further back in time, about 1.2 million years ago, we'd be able to examine a terribly interesting climatic transition. Prior to that time, glacial cycles were roughly 40,000 years long; after, we've experienced 100,000 year ones. We can study that period with some ocean sediment cores, but they can’t provide the same detail.
There could, however, be Antarctic ice still around from that particular interval of antiquity. The hard part is finding it, which requires recognizing it. Now, some researchers in Oregon State have used radioactive krypton to figure out the age of ice, a technique that may help us spot older samples.
By now I've been at my Dvorak learning experiment for about three weeks. There have been trials, there have been tribulations. There have been sad feedback loops where no matter how many times one finger tries to hit a QWERTY P, a Dvorak L comes out instead. And yet I press on (pun intended).
I'm still switching between keyboard layouts as it suits me. While this flip-flopping is no doubt slowing down my progress, it's surprising 1) how hard it is to engage in online conversations when your typing speed is slowed by 80 percent and 2) how many conversations I'm having in the course of a day. In trying to use Dvorak to write to another person, I could feasibly spend the entire day pecking out responses. I won't have it.
I have yet to complete any more typing exercises, but as it is, I'm able to get up a decent rhythm now in typing letters. I still have to pay attention to where my fingers are going, and my natural (catlike) reflexes in my unconscious state speak in QWERTY. However, mastering the impulses has become easier, less like ditch digging and more like actual typing.
The Obama administration must disclose the legal basis for targeting Americans with drones, a federal appeals court ruled Monday in overturning a lower court decision likened to "Alice in Wonderland."
The Second US Circuit Court of Appeals, ruling in a Freedom of Information Act (FOIA) claim by The New York Times and the American Civil Liberties Union (ACLU), said the administration must disclose the legal rationale behind its claims that it may kill enemies who are Americans overseas.
"This is a resounding rejection of the government's effort to use secrecy and selective disclosure to manipulate public opinion about the targeted killing program," ACLU Legal Director Jameel Jaffer said in an e-mail.
Samsung has traditionally been thought of as a "fast follower"—a company that often copies innovations from its competitors and gets them to market quickly. Lately, though, the company has been working hard to try to position itself as more than just a copycat. In March, Samsung launched design.samsung.com, a design-focused site highlighting products the company is particularly proud of. Today, it's taking things a step further and opening the "Samsung Innovation Museum," a five-story, 10,000 m² installation on its campus in Suwon, Korea.
According to the press release, visitors can "experience the rich history of electronics from the earliest electrical creations of Michael Faraday, Thomas Edison, and Graham Bell, as well as glimpse into the future to learn about innovations to come."
While the museum would seem to take a neutral approach to the early history, it gets revisionist once it enters the modern era. According to the The Verge, which attended the opening, the iPhone is nowhere to be found. The report says that "as far as the museum is concerned, the modern smartphone revolution began with the Samsung Galaxy S II." The only Apple product in the museum is an Apple II, which, as a desktop computer, does not compete with offerings from Samsung. The company's Korean rival, LG, does not seem to be represented in the museum at all.
Microsoft has at last announced that its acquisition of Nokia's Devices division will close this Friday, April 25. Originally expected to close last quarter, the $7.1 billion purchase was delayed pending regulatory approval.
The terms of the sale have been changed somewhat. Nokia's Web and social media presence—which today primarily promotes its smartphones—will be managed by Microsoft for up to a year. Originally, employees at Nokia's Chief Technology Office were to remain with Nokia; now 21 of them, working on mobile phones in China, will switch to Microsoft. Nokia will also retain its South Korean manufacturing facility rather than transferring it to Microsoft.
This seems a little surprising. While the facility in the Masan Free Export Zone was not spared from the large-scale layoffs that Nokia made in 2012, it was refitted that same year and dedicated to the production of smartphones. Microsoft did not say why it was not buying the factory.
Two men pleaded guilty to a scam that lowered the bills of 5,790 Comcast customers in Pennsylvania by a total of $2.4 million. They now face prison time and will have to pay their ill-gotten wealth back to Comcast.
30-year-old Richard Justin Spraggins of Philadelphia pleaded guilty in February and was "ordered to make $66,825 in restitution and serve an 11- to 23-month sentence," the Times-Herald of Norristown wrote at the time.
Scaggins was described as the second-in-command of the operation. The accused ringleader, 30-year-old Alston Buchanan, pleaded guilty last week. "Buchanan faces up to 57½ to 115 years in prison, although Buchanan will likely serve a lesser sentence than the maximum," the newspaper wrote.
The emergence of plate tectonics is arguably Earth's defining moment, the authors of a new Nature paper write. Out of all the planets we’ve looked at carefully, Earth is the only one that has a hard outer crust with distinct pieces that shift and move. Our home is unique in its continents and quakes.
Some scientists think that plate tectonics are essential for life—so much so that if they could figure out a way to spot tectonic action on exoplanets, they think it would be a good indication that there might be life there, too. Tectonic activity recirculates minerals and recycles carbon. As one plate slides under another (a process called subduction), it pushes carbon down into the mantle with it.
Without plate tectonics, carbon would build up in the atmosphere. Venus, which does not have tectonics, shows the results: an atmosphere that is 96 percent carbon dioxide. It's toxic. Yet Venus is about the same size and composition as our planet, so why doesn't it have plate tectonics?
Intellectual Ventures (IV) is the world's biggest patent-licensing company and boasts of having collected tens of thousands of patents since it was founded in 2000. It's raised about $6 billion from investors over the years, and to recoup that money, it started filing lawsuits over patents a few years ago. In 2013, it launched a new salvo, filing 13 lawsuits against major US banks, including Bank of America, JP Morgan Chase, and Capital One.
The Capital One case ended last Wednesday, when a Virginia federal judge threw out the two IV patents that remained in the case. It's the first IV patent case seen through to a judgment, and it ended in a total loss for the patent-holding giant: both patents were invalidated, one on multiple grounds. (An IV case against Motorola went to a jury, but it ended in a mistrial, and no new trial has been scheduled.)
The case was just weeks away from a jury trial, but US District Judge Anthony Trenga didn't let it get that far. In an opinion published Wednesday, Trenga found that IV's patents were simply abstract ideas: "nothing more than the mere manipulation or reorganization of data," he wrote. "At most, the patents describe a more efficient system or method for performing tasks than could be done without a computer, i.e. monitoring expenditures according to preset limits (the '137 Patent) or determining what would appeal to a particular user from a particular website (the '382 Patent.)"
When the Galaxy Gear wristwatch launched last fall, the results looked like a Samsung panic move. Someone at the company must have thought there was a race to beat the other mobile-world titans—namely, Google and Apple—to a wearable, phone-like accessory for mass consumption, so they assembled a watch with some decent ideas and rushed it to market. Touchscreen, microphone, camera, pedometer, and more, all within wrist’s reach.
To this date, Google and Apple haven’t launched their own watches yet, but Samsung hasn't capitalized on that vacuum with its debut Gear. The watch wasn’t sloppy by any stretch, but it was slow, bulky, and limited enough to encounter the common consumer complaint: What do people need a “smart” watch for? Isn’t a phone enough?
Last week, Samsung used the Galaxy S5’s launch as an opportunity to refresh its smartwatch line. In brazen, damn-the-torpedoes fashion, the company has gone so far as to launch two distinct offerings: the $300 Gear 2, a direct refresh of last year’s model, and the $200 Gear Fit, a thinner, simpler option. One for each wrist, maybe? [Edit: We should also mention the Gear 2 Neo, which is nearly identical to the Gear 2 but removes the camera and sells for $200.]
In the year before Aereo launched, chief executive Chet Kanojia held meetings with executives from the broadcasters who would later sue his company. He explained the idea behind the company: renting a tiny antenna to each customer would keep it within the bounds of copyright law while allowing users to have a host of features usually only available to cable subscribers.
The idea was to use the Internet and cheap cloud storage to give new life to a way of watching TV that was fading: free, over-the-air broadcasts. Put the antenna in the cloud, add the kind of recording and storage abilities that consumers came to expect with television, and offer it at a fraction of the price of a typical cable subscription.
“Their reaction was no reaction,” Kanojia recalled in an interview with Ars. “It was, hmm, interesting.”
The question of whether online broadcast television is to remain in the hands of a stodgy industry that once declared the VCR the enemy is being put directly before the Supreme Court.
Broadcasters' latest legal target is 2-year-old upstart Aereo—which retransmits over-the-air broadcast television using dime-sized antennas to paying consumers, who can watch TV online or record it for later viewing. Broadcasters like ABC, CBS, FOX, NBC, and others haven't given Aereo permission to do that, and they say it violates US copyright law.
The industry will ask the Supreme Court during a Tuesday hearing to kill the New York-based Aereo service. The high-stakes oral arguments come 30 years after Hollywood told the justices that the VCR—and its time-shifting elements—would doom television and its producers forever.