Serving the Technologist for more than a decade. IT news, reviews, and analysis.
Updated: 1 hour 3 min ago
The US Federal Trade Commission has sued an IT provider for failing to detect 20 hacking intrusions over a 22-month period, allowing the hacker to access the data for 1 million consumers. The provider only discovered the breach when the hacker maxed out the provider’s storage system.
Utah-based InfoTrax Systems was first breached in May 2014, when a hacker exploited vulnerabilities in the company’s network that gave remote control over its server, FTC lawyers alleged in a complaint. According to the complaint, the hacker used that control to access the system undetected 17 times over the next 21 months. Then on March 2, 2016, the intruder accessed personal information for about 1 million consumers. The data included full names, social security numbers, physical addresses, email addresses, phone numbers, and usernames and passwords for accounts on the InfoTrax service.
The intruder accessed the site later that day and again on March 6, stealing 4,100 usernames, passwords stored in clear-text, and hundreds of names, addresses, social security numbers, and data for payment cards.
The Federal Communications Commission's extremely hands-off approach to broadband-customer complaints has alarmed a member of Congress.
US Rep. Mike Quigley (D-Ill.) wrote a letter to FCC Chairman Ajit Pai in August after learning of a Frontier customer who was forced to pay a $10-per-month rental fee for a router despite buying his own router.
As we wrote at the time, Frontier charges customers a $10 monthly fee for routers even when the company doesn't provide one at all, saying that non-Frontier routers cause "increased complaints and more difficulty with troubleshooting." But Frontier also said it "cannot support or repair the non-Frontier equipment," so it's charging $10 a month without providing a router or providing support for non-Frontier routers.
The Google empire is enormous and ubiquitous, covering basically the entire Internet in one way or another. There is, however, one lucrative business the company does not yet have a foothold in: banking. And now it has plans to change that.
Google is working to launch consumer checking accounts next year, The Wall Street Journal first reported this morning. The project, code-named Cache because apparently nobody can resist a pun, is expected to launch next year, sources told the Journal. CNBC, also citing "sources familiar," confirmed the WSJ's reporting.Google: Not a bank
The accounts will be run in partnership with Citibank and a credit union based out of Stanford University. Google executive Caesar Sengupta told the WSJ that the accounts will carry branding from the banks, not from Google, which will also "leave the financial plumbing and compliance" to the banks.
More South Korean researchers are accused of fraudulently adding the names of children and teens to their published scientific manuscripts as part of an ongoing college admissions scandal, according to a report by Nature.
The kids—middle and high school students—are listed as co-authors on scientific findings that they allegedly had no hand in. Many of these claimed science-wizzes are researchers’ own children or children of their friends. The authorships, in some cases, are thought to give the children a leg-up in the country’s fiercely competitive college admissions.
As in the US, there is currently intense scrutiny in South Korea over how the country’s elite get their children into colleges.
Google has a long and well-documented history of launching new services only to shut them down a few months or years later. And with the launch of Stadia imminent, one launch game developer has acknowledged the prevalence of concerns about that history among her fellow developers while also downplaying their seriousness in light of Stadia's potential.
"The biggest complaint most developers have with Stadia is the fear that Google is just going to cancel it," Gwen Frey, developer of Stadia launch puzzle game Kine, told GamesIndustry.biz in recently published comments. "Nobody ever says, 'Oh, it's not going to work,' or 'Streaming isn't the future.' Everyone accepts that streaming is pretty much inevitable. The biggest concern with Stadia is that it might not exist."
While concerns about Stadia working correctly aren't quite as nonexistent as Frey said, early tests show the service works well enough in ideal circumstances. As for the service's continued existence, Frey thinks such concerns among other developers are "kind of silly."
Update: The Google/Ascension project is now being investigated by the Office for Civil Rights in the Department of Health and Human Services, the Wall Street Journal reported in an update last night. The office said it "will seek to learn more information about this mass collection of individuals' medical records to ensure that HIPAA protections were fully implemented." Google said it is "happy to cooperate with any questions about the project," and that "We believe Google’s work with Ascension adheres to industry-wide regulations (including HIPAA) regarding patient data, and comes with strict guidance on data privacy, security, and usage."
Original story from November 12, 2019 follows:
Google now has access to detailed medical records on tens of millions of Americans, but the company promises it won't mix that medical data with any of the other data Google collects on consumers who use its services.
A Russian man made his initial appearance in federal court on Tuesday on prosecutors' allegations he operated websites that resulted in more than $20 million in fraudulent purchases made on US credit cards.
Aleksei Burkov, 29, of Tyumen and St. Petersburg, Russia, arrived at Dulles International Airport on Monday night after he was arrested in Israel in late 2015, federal prosecutors said. His extradition came after appeals to the Israeli Supreme Court and the Israeli High Court of Justice were denied. Tuesday's appearance was before the US District Court for the Eastern District of Virginia.
According to an indictment that was unsealed on Tuesday, Burkov ran a website, called Cardplanet, that sold card data for anywhere from $2.50 to $60 apiece, depending on the card type, country of origin, and the availability of the cardholder's name, address, and other identifying information. In all, Cardplanet offered for sale more than 150,000 compromised payment cards, including "at least tens of thousands" of which had been issued to holders located in the US.
At the start of the week, SpaceX launched its first 60 operational Starlink satellites—the company's 50th consecutive successful launch. And as innovative as this communication network's entire concept might be, many onlookers are curious for a much simpler reason.
You want to view—maybe even photograph—these things in the pre-dawn, post-sunset, or night sky, right? Well, you've come to the right place.
First, you'll want to be quick. Since separating from the upper stage on November 11 at about 11am Eastern Standard Time (Nov. 11, 16:00 UTC) and with each hour that passes, the satellites have been spreading out by individually raising their orbits to the correct height. And after a while, they will be on their own instead of appearing in this initially clustered formation.
Finally: a true Pokémon game on a flagship Nintendo console.
Last year’s Pokémon Let’s Go games were technically the Switch’s first Pokémon RPGs, but those remakes of the original Red and Blue were greatly simplified and softened up to cater to newer and younger players who got their start with Pokémon Go. Pokémon Sword and Shield, on the other hand, are "real" mainline Pokémon games, serving as direct sequels to 2016’s Sun and Moon and continuing the franchise that began with Red and Blue in 1998 (1996 for Japanese players).
That means Sword and Shield feature the same basic skeleton that has grown into a Pokémon tradition over the past 20+ years. You pick a starter Pokémon and then travel around the region, catching more monsters and earning eight badges so you can earn the right to challenge the region’s Champion and become the very best, like no one ever was. Along the way, you encounter and vanquish a team of bumbling low-level criminals, repeatedly battle with a rival who helps you hone your skills, and solve a regional mystery that ends with you capturing one or more ancient legendary creatures.
If you've been around long enough, you've probably heard stories of passengers who successfully landed small planes after their pilots fell ill or died. It happened in Australia just a few months ago (Aug. 31) when a student on his first flight lesson in Perth was forced to land a Cessna 150 after his instructor lost consciousness.
The student had never landed anything previously, but it worked. However, it usually doesn't, and the consequences are disastrous. That's why electronics/avionics maker Garmin is launching Autoland, an emergency autopilot system that can autonomously land a private aircraft and bring it to a stop on the runway.Push the red button
Commercial airliners have long had auto-landing systems as well as the ability to fall back on co-pilots if the pilot-in-command becomes incapacitated. Until recently, single-pilot certified general aviation (GA) airplanes haven't had autonomous landing capability. To be clear, they still don't. Garmin's Autoland system is not yet FAA certified, though the company expects certification "soon."
Google has fired a staffer who allegedly leaked the names of Google employees and their personal details to the news media, Ryan Gallagher reports in a scoop for Bloomberg News. Two other Googlers have been put on leave for violating company policies, Google told Gallagher.
A Google spokeswoman told Gallagher that one of the employees "had searched for and shared confidential documents outside the scope of their job, while the other tracked the individual calendars of staff working in the community platforms, human resources, and communications teams." The tracking made affected staff uncomfortable, the spokeswoman said.
Google's move represents the latest sign of growing tensions between labor and management at Google. Until recently, Google was known for having one of Silicon Valley's most open workplace cultures. Employees could access information about projects they weren't working on. Rank-and-file employees could ask tough questions of senior management at weekly "TGIF" meetings that were broadcast throughout the company.
Today, Apple begins taking orders on a new version of its largest MacBook Pro laptop. While its basic design is similar to that of the Touch Bar models the company has made since 2016, it is slightly larger and heavier, the screen is bigger thanks to reduced bezels, and it has new keyboard and speaker designs. The Pro has faster graphics and new upgrade options, such as a 64GB RAM configuration and larger default SSD sizes.
This 16-inch MacBook Pro (the inches here refer to diagonal screen size) replaces the 15-inch in Apple's lineup. Its display has a pixel density of 226 ppi at 3,072 x 1,920 resolution—that's slightly higher than the 2,880 x 1,800 resolution and 220 ppi of the 15-inch MacBook Pro. Apple says that pro video editors will now be able to adjust the refresh rate of the display to match content they're working with. Little else has changed about the screen. It's worth noting, by the way, that the prior model's screen actually measured 15.4 inches, not 15; this new model measures 16 inches.
Dimensions are 0.64 x 14.09 x 9.68 inches—up marginally across the board from its predecessor's 0.61 by 13.75 by 9.48 inches. It weighs 4.3 pounds, compared to 4.02 for the prior model. Chances are it will fit in most existing cases intended for the 15-inch model.
In the early hours of September 11, a dispatcher with the sheriff’s department in Dallas County, Iowa, spotted something alarming on a surveillance camera in the county courthouse. Two men who had tripped an alarm after popping open a locked door were wandering through courtrooms on the third floor, she reported over the radio as deputies raced to the scene. The intruders wore backpacks and were crouching down next to judges’ benches. When the first deputy pulled into the parking lot, the men moved to an open area outside the court rooms and concealed themselves.
“They were crouched down like turkeys peeking over the balcony,” Dallas County Sheriff Chad Leonard said in an interview. “Here we are at 12:30 in the morning confronted with this issue—on September 11, no less. We have two unknown people in our courthouse—in a government building—carrying backpacks that remind me and several other deputies of maybe the pressure cooker bombs.”
After more deputies arrived, Justin Wynn, 29 of Naples, Florida, and Gary De Mercurio, 43 of Seattle, slowly proceeded down the stairs with hands raised. They then presented the deputies with a letter that explained the intruders weren’t criminals but rather penetration testers who had been hired by Iowa’s State Court Administration to test the security of its court information system. After calling one or more of the state court officials listed in the letter, the deputies were satisfied the men were authorized to be in the building.
Finding a gift for your most tech-savvy friends and family can be tough, especially with electronics getting more expensive as the years go by. While it may seem like the only electronics worth getting are those that exist outside of your budget, that's not actually the case. Plenty of tech gifts are available at affordable prices—the struggle is sorting through the junk to find the devices worth shelling out any amount of money for.
This is where we at Ars come in: we spend all year testing electronics, with prices spanning everything from "luxury" to "dirt-cheap." So recently, we poured through our notes to find some of the best tech gifts you can buy that are under $50. All of the devices listed below have been tested and verified for excellence or for personal use on a regular basis. Instead of shooting in the dark or overspending when it comes to tech gifts this year, consider the following devices that we know will make any recipient happy.
Note: Ars Technica may earn compensation for sales from links on this post through affiliate programs.
The Jaguar I-Pace is a brilliant car. The first battery electric vehicle from Jaguar-Land Rover, the I-Pace starts at about $70,000 and goes up from there.
My colleague, Ars Automotive Editor Jonathan Gitlin, drove the I-Pace when it launched and came away raving about it—and for good reason. Not only did it win the World Green Car award, but it also won World Car of the Year.
Jonathan covered the I-Pace in great detail, so I won't spend much time talking about the driving experience. But, put simply, the I-Pace is a blast to drive. It accelerates briskly, it's incredibly comfortable, sight lines are good, handling is impeccable, it's roomy for its size, it has some modest off-road skills, and Jaguar-Land Rover's infotainment system, Touch Duo Pro, is well-thought-out, even if slightly laggy at times. Beyond that, JLR fixed one of the major complaints Jonathan had about the I-Pace as it entered production: the regenerative-braking settings are no longer buried under layers of menus.
Every time field biologist An Nguyen finds a mammal in the wild that he's never seen before, he adds a line to the tally count tattoo on his left wrist.
The silver-backed chevrotain, a tiny "mouse-deer" native to Vietnam, is a sighting significant for more than just Nguyen's personal tally. There has been only one confirmed record of the elusive mammal since 1910—a specimen obtained from a hunter in 1990—until Nguyen and his team set camera traps that recorded 280 sightings within nine months.
The news, reported this week in Nature Ecology & Evolution, is more than just confirmation that the silver-backed chevrotain is not yet extinct. It means that researchers can start studying it more comprehensively, trying to get a sense of how many are left and what kinds of protections it needs. And protecting the chevrotain also means protecting the less cute, but equally essential, species that share its habitat.
Former Texas Congressman Lamar Smith may have retired in January, but his ideas still stalk the halls of the US Environmental Protection Agency. The New York Times reported Monday that the latest incarnation of Smith's quest to change the science the EPA can use for its rule making is moving forward.
Smith had unsuccessfully pushed a bill called the "Secret Science Reform Act," which would have required the EPA to consider only those studies with data that is "publicly available in a manner sufficient for independent analysis and substantial reproduction of research results." He claimed that opponents of regulations were often unable to audit the science underlying the regulations—although those opponents could, of course, have done their own science.Limiting science
The scientific community noted that this requirement would have the effect of excluding quite a lot of relevant science published in peer-reviewed journals. In particular, research on the public health impacts of pollutants is only possible through the use of confidential health data. There are systems in place to give researchers controlled access to that data, but releasing it to the public is simply not an option, and doing so very well might violate other federal rules.
Regulators in Europe have granted the world's first approval of a vaccine against Ebola—and health officials are wasting no time in rolling it out.
The European Commission announced at the start of the week that it had granted a landmark marketing authorization of Merck's Ebola vaccine Ervebo. The vaccine has been in the works since the 2014 West African Ebola outbreak. It is now being used in the ongoing outbreak in the Democratic Republic of Congo based on a "compassionate use" protocol.
The current outbreak in the DRC has killed nearly 2,200 since August 2018, causing nearly 3,300 cases. The outbreak is the second-largest recorded, surpassed only by the 2014 West African outbreak that caused more than 11,000 deaths and 28,000 cases.
The United States government violated the Fourth Amendment with its suspicionless searches of international travelers' phones and laptops, a federal court ruled today.
The ruling came in a case filed "on behalf of 11 travelers whose smartphones and laptops were searched without individualized suspicion at US ports of entry," the American Civil Liberties Union (ACLU) said today. The ACLU teamed up with the Electronic Frontier Foundation (EFF) to fight the government on behalf of plaintiffs including 10 US citizens and one lawful permanent resident.
The order from a US District Court in Massachusetts limits what searches can be made by US Customs and Border Protection (CBP) and US Immigration and Customs Enforcement (ICE).
Yesterday, Charter Communications*—the second-largest ISP in the United States—announced its adoption of the OpenSync software platform for Spectrum's advanced in-home Wi-Fi. This raises a few questions, first of which is "what's OpenSync?"
The short answer is "Plume," which in turn means that Plume now has partnerships with the first- and second-largest ISPs in the United States, as well as the first- and second-largest in Canada—and also with the National Cable Television Collective (NCTC), a membership organization comprising several hundred independent US cable companies.
Earlier this month, we covered the announcement of a Plume partnership with J:COM, Japan's largest ISP. In that coverage, we referenced tighter integration into ISPs' existing infrastructure than better-known mesh alternatives such as Eero, Google (now Nest) Wi-Fi, or Orbi can provide. OpenSync is where that tighter integration comes from.