Go Back > News > RSS Newsfeeds > Sources

User login

Frontpage Sponsor


How big is your Baan-DB (just Data AND Indexes)
0 - 200 GB
200 - 500 GB
500 - 800 GB
800 - 1200 GB
1200 - 1500 GB
1500 - 2000 GB
> 2000 GB
Total votes: 71

Baanboard at LinkedIn

Reference Content

Ars Technica
Syndicate content Ars Technica
Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 54 min 27 sec ago

A look at the Windows 10 exploit Google Zero disclosed this week

August 15, 2019 - 11:45am

On Tuesday, Tavis Ormandy of Google's Project Zero released an exploit kit called ctftool, which uses and abuses Microsoft's Text Services Framework in ways that can effectively get anyone root—er, system that is—on any unpatched Windows 10 system they're able to log in to. The patches for this vulnerability—along with several other serious issues—went out in this week's Patch Tuesday update.

We independently verified Ormandy's proof-of-concept, and it's precisely what it says on the tin: follow the directions and you get an nt authority\system privileged command prompt a few seconds later. We also independently verified that applying KB4512508 closed the vulnerability. After applying the August security updates, the exploit no longer works.

The full writeup of Ormandy's findings is fascinating and incredibly technically detailed. The TL;DR version is that Microsoft's Text Services Framework, which is used to provide multilingual support and has been in place since Windows XP, includes a library called MSCTF.DLL. (There's no clear documentation demonstrating what Microsoft intended CTF to stand for, but with the release of this tool, it might as well stand for Capture The Flag.)

Read 7 remaining paragraphs | Comments

Archaeologists discovered an invaluable cache of ritual artifacts at Pompeii

August 15, 2019 - 2:11am

Enlarge / All these items were contained within a wooden box unearthed at the Archaeological Park of Pompeii. (credit: Cesare Abbate (ANSA))

Crystals, amber, amethyst, phallic amulets, glass beads, figurines, and a miniature human skull were among the many artifacts archaeologists uncovered from an excavation site at Pompeii recently. The objects were probably left behind by someone fleeing the famous volcanic eruption in 79 AD—possibly even a sorceress. The various objects will be displayed at the Palastra Grande in Pompeii later this year.

“They are objects of everyday life in the female world and are extraordinary because they tell micro-stories and biographies of the inhabitants of the city who tried to escape the eruption,” Massimo Osanna, general director of the Archaeological Park of Pompeii, said in a statement.

The catastrophic eruption of Mount Vesuvius in 79 AD wiped out several nearby towns and killed thousands of people. The eruption released 100,000 times the thermal energy of the atomic bombs dropped on Hiroshima and Nagasaki in 1945, ejecting many tons of molten rock, pumice, and hot ash over the course of two days. In the first phase, immediately after the eruption, a long column of ash and pumice blanketed the surrounding towns, most notably Pompeii and Herculaneum. By late night or early morning, pyroclastic flows (fast-moving hot ash, lava fragments, and gases) swept through and obliterated what remained, leaving the bodies of the victims frozen in seeming suspended action.

Read 5 remaining paragraphs | Comments

Amazon unveils first batch of casting for The Wheel of Time adaptation

August 15, 2019 - 1:22am

Enlarge / Amazon is adapting the late Robert Jordan's bestselling 14-book series of fantasy novels, The Wheel of Time. (credit: Tor Books)

Amazon has announced its first round of casting for The Wheel of Time, the long-awaited TV adaptation of the late Robert Jordan's bestselling 14-book series of epic fantasy novels. Within that genre, Jordan's series is as popular as George R.R. Martin's Song of Ice and Fire.The conclusion of the series was published after Jordan died and written from Jordan's notes by bestselling author Brandon Sanderson.

The TV series will center on Moiraine (played by Oscar-nominee Rosamund Pike), a member of a powerful, all-woman organization called the Aes Sedai. (In this world, magic exists, but only certain women can use it—i.e., the members of the Aes Sedai.) She identifies five young people, one of whom could be the reincarnation of a person who, prophecies say, will save or destroy humanity. Together, the youngsters embark on a journey across the world.

Josha Stradowski will play Rand al'Thor, aka The Dragon Reborn, He Who Comes With the Dawn, the Coramoor, Shadowkiller, and who knows how many other monikers. He's apparently the person featured in the prophecy. Marcus Rutherford has been cast as apprentice blacksmith and dream walker Perrin Aybara. Zoe Robins will play healer Nynaeve al'Meara, and Madeleine Madden will play the powerful channeler Egwene al'Vere. Finally, Barney Harris has been cast as series comic relief, Matrim Cauthon.

Read 2 remaining paragraphs | Comments

Woman accused of Capital One hack had stolen data from 30 companies, authorities say

August 14, 2019 - 11:34pm

Enlarge / Paige Thompson, 33, a former Seattle technology company software engineer, was arrested after she boasted about a massive data theft from Capital One on GitHub. She is now accused of 30 other data thefts. (credit: Johannes Eisele/AFP/Getty Images)

In a petition filed on August 13 in federal court in Seattle, the Justice Department asserted that Paige Thompson—the former Amazon employee accused of stealing data from Capital One credit card applications—had done far more, including "major cyber intrusions that resulted in the theft of massive amounts of data from what now appears to be more than 30 victim companies." US Attorney for Western Washington Brian Moran's filing was for a motion to keep Thompson imprisoned until trial because she is a flight risk and "has a long history of threatening behavior that includes repeated threats to kill others, to kill herself, and to commit suicide by cop."

Aside from Capital One, the victim organizations have not been named by Justice officials, but the filing stated that they included "other companies, educational institutions, and other entities." The data from these sources reviewed thus far appears largely to not include personal information.

"At this point, however, the government is continuing to work to identify specific entities from which data was stolen, as well as the type of data stolen from each entity," Moran wrote in his filing. "The government expects to add an additional charge against Thompson based upon each such theft of data, as the victims are identified and notified."

Read 3 remaining paragraphs | Comments

British Airways testing VR headsets for first-class passengers this year

August 14, 2019 - 11:19pm

Enlarge / Ars editor Sam Machkovech donning an Oculus Go headset. This isn't the headset British Airways will use, but it serves a similar function. (credit: Sam Machkovech)

Plane travel can be a hassle at best and a panic-inducing experience at worst. But passengers who get anxious around takeoff may have a new option to calm those nerves. British Airways announced that it is testing out virtual reality headsets for the rest of this year on flights between London’s Heathrow and New York City’s John F. Kennedy airport.

The airline is tapping SkyLights for the VR eyewear headsets that will be available for its first-class passengers. The AlloSky hardware can present 3D views even when the viewer is lying flat.

As far as programming, British Airways will have options. The VR headsets will offer visual entertainment in 2D, 3D, or 360° formats. The airline will also provide more therapeutic programs to help people who have a fear of flying. These VR experiences include guided meditation and sound therapy.

Read 3 remaining paragraphs | Comments

Evacuation of village near explosion of nuclear cruise-missile engine called off

August 14, 2019 - 10:39pm

Enlarge (credit: Aurich Lawson / Getty Images)

In the wake of an apparent explosion of the nuclear-powered engine of an experimental cruise missile, the Russian government has reportedly evacuated residents of a nearby village. According to local media, residents of Nyonoska, the site of a Russian missile testing facility, were told to evacuate and that a "special" passenger train would move residents to a safe distance during some sort of military operation—possibly an effort to retrieve the nuclear reactor involved in the accident. But just hours before that evacuation was to take place, the Russian government cancelled the operation.

On August 13, Russian news outlet TV 29 reported that residents of Nyonoska were saying that they had been told they would be evacuated from 5am to 7am local time today, in what TV 29 jokingly referred to as "a new stage in the development of Arctic tourism." Authorities in Severodvinsk told Interfax that the movement of civilians was because of "planned activities" at the Nyonoska testing range. But that evening, acting head of Severodvinsk, Irina Sakharova, said that the activities were called off and that "everything is to be carried out in a regular, planned mode."

After the accident on August 8, radiation levels in the village were reported to be three times the normal background levels (to borrow a phrase, this is not great but not terrible). A similar spike was seen in the nearby city of Severodvinsk.

Read 2 remaining paragraphs | Comments

Jupiter may have had a head-on collision with a massive protoplanet

August 14, 2019 - 10:15pm

Enlarge (credit: K. Suda & Y. Akimoto/Mabuchi Design Office)

Planet-forming disks start out as a mix of dust and gas, but the gas doesn't stick around for long. As the star at their center ignites, the radiation it emits starts driving off the gas, eventually leaving a disk with nothing but dust behind. That creates a narrow window for the formation of gas giants, which have to grow big enough to start sweeping in gas before the star drives it all off.

Our current models suggest that the best way to do this is to start with a large solid body, roughly 10 times the mass of Earth. That's big enough to draw in gas quickly and start a runaway process by which the ever-increasing mass pulls in more material from farther away in the disk. This would suggest that, buried deep below the clouds and layers of metallic hydrogen on Jupiter, there's a solid core that would dwarf the Earth if it were ever stripped of all the material above it.

Among other things, the Juno mission was intended to test this idea by studying the gravitational field of the giant planet. But the data it has been sending back suggests something strange is going on inside Jupiter, with more heavy material outside the immediate core area than we'd expect. Now, an international team of researchers is providing a possible explanation: Jupiter's core was shattered by a head-on collision with a massive protoplanet.

Read 11 remaining paragraphs | Comments

Kylo Ren makes a cameo in trailer for Star Wars Resistance season two

August 14, 2019 - 9:39pm

The second and final season of Disney’s Star Wars Resistance takes place between the events of The Last Jedi and The Rise of Skywalker.

It's safe to say that Star Wars: The Rise of Skywalker, which drops right before Christmas, is the most hotly anticipated film release of the year. In the meantime, hardcore fans can sate their hunger for all things Star Wars with season two of Star Wars Resistance. And it looks like the animated series will be coming to an early end. Along with the release of the first trailer, Disney announced that this second season will be the last for Star Wars Resistance.

(Some spoilers for season one below.)

The animated series—inspired by Japanese anime—has largely flown under the radar since its debut in October 2018, in part because it explores a part of the mythological timeline that coincides with events in the current trilogy-in-progress. Oscar Isaac and Gwendoline Christie even reprised their film roles of Poe Dameron and Captain Phasma, respectively, to voice those characters in the series. (Carolyn Hennesy voiced General Leia Organa, since we have tragically lost Carrie Fisher.)

Read 5 remaining paragraphs | Comments

Found: World-readable database used to secure buildings around the globe

August 14, 2019 - 7:54pm

Enlarge / Passwords stored in a database for BioStar 2. (credit: vpnMentor)

Researchers said they have found a publicly accessible database containing almost 28 million records—including plain-text passwords, face photos, and personal information—that was used to secure buildings around the world.

Researchers from vpnMentor reported on Wednesday that the database was used by the Web-based Biostar 2 security system sold by South Korea-based Suprema. Biostar uses facial recognition and fingerprint scans to identify people authorized to enter warehouses, municipal buildings, businesses, and banks. vpnMentor said the system has more than 1.5 million installations in a wide range of countries including the US, the UK, Indonesia, India, and Sri Lanka.

According to vpnMentor, the 23-gigabyte database contained more than 27.8 million records used by Biostar to secure customer facilities. The data included usernames, passwords and user IDs in plaintext, building access logs, employee records including start dates, personal details, mobile device data, and face images.

Read 8 remaining paragraphs | Comments

Warren: FTC’s $125 cash option in Equifax settlement “misled” customers

August 14, 2019 - 7:26pm

Enlarge / Elizabeth Warren speaking to a crowd on February 18, 2019 in Glendale, California. (credit: Getty Images | Mario Tama)

Equifax's massive 2017 data breach screwed over more than 140 million people, so it was not terribly surprising when tens of millions of people jumped at the opportunity to claim cash money in compensation. The Federal Trade Commission, however, apparently was surprised. A few days after the settlement claims page went public, the option for affected consumers to claim cash vanished, with the agency citing "overwhelming" and "unexpected" public response.

Sen. Elizabeth Warren (D-Mass.) is now among the many who were frustrated by the FTC's apparently questionable description of the settlement, and she's calling on the agency to investigate its own claims about available consumer compensation.

"The FTC has the authority to investigate and protect the public from unfair or deceptive acts or practices, including deceptive advertising," Warren says in a letter (PDF) to the commission's inspector general. "Unfortunately, it appears as though the agency itself may have misled the American public about the terms of the Equifax settlement and their ability to obtain the full reimbursement to which they are entitled."

Read 6 remaining paragraphs | Comments

FAA tells airlines MacBook Pros with defective batteries can’t fly

August 14, 2019 - 7:16pm

The 2015 15-inch Retina MacBook Pro. (credit: Andrew Cunningham)

The Federal Aviation Administration has banned certain 15-inch MacBook Pros with potentially defective batteries from US flights. The move, which follows Apple's June recall announcement, is part of a general FAA policy on devices with defective batteries.

"The FAA is aware of the recalled batteries that are used in some Apple MacBook Pro laptops," FAA spokespeople said in emails to Ars Technica. Under FAA policy, affected MacBook Pros are banned from the passenger cabin and from checked luggage.

The FAA says it alerted airlines about the recall in early July. The agency also says it informed the public on social media around the same time, though it didn't get much attention at the time.

Read 5 remaining paragraphs | Comments

AT&T and T-Mobile fight Caller ID spoofing with number verification system

August 14, 2019 - 7:06pm

Enlarge (credit: Getty Images | Tero Vesalainen)

AT&T and T-Mobile announced a joint anti-robocall initiative today, but they didn't promise any new call-blocking capabilities for their customers.

The carriers made a big deal of the partnership, saying in an announcement that they "put differences aside to fight unwanted robocalls for customers." Specifically, the companies said they are now using the new SHAKEN/STIR technology to determine whether Caller ID numbers are being spoofed in calls made between the two carriers.

Theoretically, carriers could use this Caller ID authentication technology to automatically block calls that fail the authentication test. But that's not what's happening now. For example, AT&T told Ars that it's using Caller ID authentication as one data point in its anti-robocall algorithm but that it isn't blocking calls solely based on whether they aren't authenticated.

Read 12 remaining paragraphs | Comments

People are still drinking bleach—and vomiting and pooping their guts out

August 14, 2019 - 6:56pm

Enlarge / Bottles of Clorox bleach sit on a shelf at a grocery store. (credit: Getty | Justin Sullivan)

The US Food and Drug Administration this week released an important health warning that everyone should heed: drinking bleach is dangerous—potentially life-threatening—and you should not do it.

The warning may seem unnecessary, but guzzling bleach is an unfortunately persistent problem. Unscrupulous sellers have sold “miracle” bleach elixirs for decades, claiming that they can cure everything from cancer to HIV/AIDS, hepatitis, flu, hair loss, and more. Some have promoted it to parents as a way to cure autism in children—prompting many allegations of child abuse.

Of course, the health claims are false, not to mention abhorrent. When users prepare the solution as instructed, it turns into the potent bleaching agent chlorine dioxide, which is an industrial cleaner. It’s toxic to drink and can cause severe diarrhea, vomiting, life-threatening low blood pressure, acute liver failure, and damage to the digestive tract and kidneys.

Read 10 remaining paragraphs | Comments

These bats can use leaves as “sound mirrors” for better navigation

August 14, 2019 - 6:42pm

Enlarge / The leaf-nosed bat, native to Central and South America, has noseleaves that may help project its echolocation calls. (credit: Thomas Lohnes/AFP/Getty Image)

Leaf-nosed bats can locate even small prey with echolocation by exploiting an "acoustic mirror" effect, according to a recent paper in Current Biology. If the bat approaches an insect on a leaf from an optimal angle, the leaves act as a mirror, reflecting sound away from the source. The research could have important implications for studying predator-prey interactions and for the field of sensory ecology.

It's common knowledge that bats hunt and navigate in the dark primarily by emitting ultrasonic pulses and using the returning echoes to determine the location, speed, and distance of nearby objects or prey (active echolocation). But different species of bat can use echolocation in slightly different ways, including passive echolocation strategies. The pallid bat, for instance, might use active echolocation for navigation but a passive approach when it hunts. It has two pairs of ears (internal and external), the better to pick up any noise generated by insects. But what about insects that don't make any noise, like the dragonfly?

Co-author Inge Geipel, a postdoc with the Smithsonian Tropical Research Institute (STRI), first became interested in the issue while working on her PhD at the Institute for Advanced Study in Berlin, Germany. Her thesis advisor, Elizabeth Kalko, had found dragonfly wings in leaf-nosed bat roosts—a surprising find, since dragonflies are diurnal, meaning they don't fly at night, settling in on vegetation instead. They don't have ears, so they can't hear hunting bats, nor do they produce sounds as a means of communication. Most bat scientists assumed dragonflies would be too small for the bats to find purely via echolocation.

Read 9 remaining paragraphs | Comments

Microsoft: Cloud gaming is “inevitable” but “years” from mainstream

August 14, 2019 - 5:35pm

Enlarge / Project xCloud running Gears of War 4 at an E3 Microsoft Theater demonstration.

With the planned 2019 launch of Project Xcloud, Microsoft isn't ignoring the game industry's current mania for streaming gaming. But in a recent interview with Gamespot, Microsoft Xbox head Phil Spencer tempered near-term expectations for the supposed streaming gaming "revolution" some are expecting.

On the one hand, Spencer told the site that streaming is "one of the directions the industry is headed" and will be "inevitably... part of gaming." At the same time, though, Spencer said he doesn't want to oversell the speed of that transition.

"I think [streaming] is years away from being a mainstream way people play," Spencer said. "And I mean years, like years and years." Comparing the trend to Netflix's now two-decade-old transition to streaming movies, Spencer said, "I think game streaming will get there faster than 20 years, but it's not going to be two years. This is a technological change. While it seems like it happens overnight, it doesn't."

Read 6 remaining paragraphs | Comments

Apple’s new credit card comes with forced arbitration—here’s how to opt out

August 14, 2019 - 3:03pm

Enlarge / Shiny!

Apple's new credit card is rolling out in stages to interested users (I got mine on Monday) and the early reception is generally positive. The card's primary draw isn't in its benefits, which are perfectly fine but not outstanding by any metric. Instead, the card's strength is in its tight vertical integration with the Apple technology ecosystem and the (hopefully) increased security one gains by moving to using tokenized payments for (most of) your point-of-sale transactions. The card otherwise has a lot in common with other traditional credit cards—and, unfortunately, one of those things is the Apple Card's forced arbitration provision.

Briefly, this means that there is language in the Apple Card/Goldman Sachs' customer agreement that requires customers to give up their right to file lawsuits against Goldman or Apple, either individually or as members of a class, and instead forces customers into accepting binding arbitration to resolve disputes. Although binding arbitration is frequently defended by proponents as being faster and less expensive than lawsuits, arbitration heavily favors companies over consumers in disputes. The arbitrator or arbitrators are typically chosen by the company engaging in arbitration and tend to favor the company's interests; studies show that in the vast majority of cases, the odds of winning are heavily on the company's side. The bias in arbitration outcomes has been taken advantage of by numerous companies—including companies we regularly cover—to engage in some truly shady dealings.

(It's not just consumers who get shafted by arbitration—many companies force their own employees into mandatory arbitration, too, though a number of employers are beginning to walk back the practice.)

Read 3 remaining paragraphs | Comments

Hack in the box: Hacking into companies with “warshipping”

August 13, 2019 - 10:24pm

Enlarge / The "warshipping" rig, exposed, with solar recharging panel. (credit: Sean Gallagher)

LAS VEGAS—Penetration testers have long gone to great lengths to demonstrate the potential chinks in their clients' networks before less friendly attackers exploit them. But in recent tests by IBM's X-Force Red, the penetration testers never had to leave home to get in the door at targeted sites, and the targets weren't aware they were exposed until they got the bad news in report form. That's because the people at X-Force Red put a new spin on sneaking in—something they've dubbed "warshipping."

Using less than $100 worth of gear—including a Raspberry Pi Zero W, a small battery, and a cellular modem—the X-Force Red team assembled a mobile attack platform that fit neatly within a cardboard spacer dropped into a shipping box or embedded in objects such as a stuffed animal or plaque. At the Black Hat security conference here last week, Ars got a close look at the hardware that has weaponized cardboard.

We've looked at such devices, typically referred to as "drop boxes," before. Ars even used one in our passive surveillance of an NPR reporter, capturing his network traffic and routing a dump of his packets across the country for us to sift through. Covert drop boxes (once a specialty of Pwnie Express) have taken the form of "wall wart" device chargers, Wi-Fi routers, and even power strips. And mobile devices have also been brought to play, allowing "war walking"—attacks launched remotely as a device concealed in a bag, suitcase, or backpack is carried nonchalantly into a bank, corporate lobby, or other targeted location.

Read 22 remaining paragraphs | Comments

Verizon sues city to avoid paying 5G fees, says the FCC has its back

August 13, 2019 - 9:52pm

Enlarge / A monitor seen on the floor of the New York Stock Exchange on Tuesday, Sept. 4, 2018. (credit: Getty Images | Bloomberg)

Verizon has sued the City of Rochester, New York, in order to avoid paying fees for deploying 5G equipment and fiber lines.

Verizon's lawsuit, filed in US District Court for the Western District of New York on Thursday, claims that the fees are higher than those allowed by federal law. As proof, Verizon points to a Federal Communications Commission preemption order from last year that attempts to limit the fees and aesthetic requirements cities and towns impose on carrier deployments. Rochester imposed its new fees in February of this year.

Verizon may have a good chance of winning its lawsuit if that FCC preemption order stands. But the FCC is being sued by cities from Washington, Oregon, California, and Arizona, which claim that the preemption is illegal. (Cities from Florida, Colorado, Nevada, and New York also intervened in the lawsuit to support the case against the FCC.) The outcome of that case could affect the Verizon suit against Rochester and any similar lawsuits filed against cities in the future.

Read 10 remaining paragraphs | Comments

Four wormable bugs in newer versions of Windows need your attention now

August 13, 2019 - 9:39pm

Enlarge (credit: Frank Lindecke / Flickr)

Microsoft is warning of a four new Windows vulnerabilities that are “wormable,” meaning they can be exploited to spread malware from one vulnerable computer to another without any user action in much the way the self-replicating WannaCry and NotPetya outbreaks did in 2017.

Similar to the so-called BlueKeep vulnerability Microsoft patched in May, the four bugs the company patched on Tuesday reside in Remote Desktop Services (RDS), which allow a user to take control of a remote computer or virtual machine over a network connection. The bugs—indexed as CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226—make it possible for unauthenticated attackers to execute malicious code by sending a specially crafted message when a protection known as Network Level Authentication is turned off, as is often done in large organizations.

In such networks, it’s possible for exploits to ricochet from computer to computer. Leaving NLA on makes it harder for attacks to spread, since attackers must first have network credentials. The growing use of hacking tools such as Mimikatz, however, often enables attackers to surreptitiously obtain the needed credentials.

Read 10 remaining paragraphs | Comments

Novel “invisibility cloaks” for water waves leave no telltale wakes or drag

August 13, 2019 - 9:13pm

Enlarge / Hydrodynamic "invisibility cloaks" would hide objects from fluid flows and surface waves so that no wake is visible. (credit: J. Park et al., Phys. Rev. Lett. (2019))

Two separate teams of scientists have devised novel hydrodynamic "invisibility cloaks"—instead of shielding objects from light, the cloaks would shield them from fluid flows. The scientists described their work in two new papers in Physical Review Letters. These kinds of cloaking structures could one day help reduce drag on ships or submarines, or protect ships at a port or wharf from potential damage from strong waves.

Most so-called "invisibility cloaks" created thus far work in the electromagnetic regime and rely on metamaterials. A "metamaterial" is any material whose microscopic structure can bend light in ways light doesn't normally bend—a property called "the index of refraction." Natural materials have a positive index of refraction; certain manmade metamaterials—first synthesized in the lab in 2000—have a negative index of refraction, meaning they interact with light in such a way as to bend light around even very sharp angles.

Metamaterials typically involve a highly conductive metal like gold or copper arranged in carefully layered periodic lattice structures. When light passes through the material, it bends around the cloaked object, rendering it "invisible." You can see an object directly behind it but can't see the cloaked object itself. However, the effect is typically limited to specific wavelengths: microwaves, infrared light, or certain frequencies of sound or heat waves.

Read 5 remaining paragraphs | Comments

All times are GMT +2. The time now is 05:39.

©2001-2018 - -