Six men accused of carrying out some of the world's most destructive hacks—including the NotPetya disk wiper and power grid attacks that knocked out electricity for hundreds of thousands of Ukrainians—have been indicted in US federal court.
The indictment said that all six men are officers in a brazen hacker group best known as Sandworm, which works on behalf of Unit 74455 of the Russian Main Intelligence Directorate, abbreviated from Russian as GRU. The officers are behind the "most disruptive and destructive series of computer attacks ever attributed to a single group," prosecutors said. The alleged goal: to destabilize foreign nations, interfere with their internal politics, and cause monetary losses.
Among the hacks is NotPetya, the 2017 disk-wiping worm that shut down the operations of thousands of companies and government agencies around the world. Disguised as ransomware, NotPetya was in fact malware that permanently destroyed petabytes of data. The result, among other things, was hospitals that turned away patients, shipping companies that were paralyzed for days or weeks, and transportation infrastructure that failed to function.
The PlayStation 5 comes with everything seen here. Some assembly required. Batteries not included. From Sony! [credit: Sony / Youtube ]
Earlier this month, Sony gave us the first peek inside the PlayStation 5 in the form of a teardown video that examined the upcoming console piece by piece. Now, Japanese specialty site 4Gamer has posted an interview with the Sony hardware design engineer featured in that video, Yasuhiro Otori.
That interview (Google Translate, ResetEra user translation) goes into a lot of nitty-gritty detail on the design decisions behind Sony's uniquely shaped console and focuses heavily on the unit's heat dissipation technology. One of the most interesting tidbits on that score is an apparent plan to "optimize" the speed of the cooling fan on a per-game basis via downloadable system updates.
"Various games will appear in the future, and APU [accelerated processing unit] behavior data for each game will be collected," Otori said. "Based on this, there is a plan to proceed with the optimization of fan control."
Right now the channel is just an uninterrupted stream of music videos, with the name and artist of each song appearing at the beginning and end. [credit: Samuel Axon ]
Today, Apple launched a 24-hour streaming video channel called Apple Music TV that will harken back to the early days of MTV by playing mostly music videos—but in this case, it's ad-free.
Viewers will be able to watch the channel in either the TV app (on an Apple device like a Mac, iPhone, or Apple TV) or the Music app (it's found in the Browse tab). Additionally, you can find it at apple.co/AppleMusicTV.
There is no live chat, there aren't any interactive features, and there's no integration at all with the Apple Music app (like the ability to favorite songs), so users may find the service is barebones compared to some other music-focused streaming offerings.
A few dozen QAnon and 8chan-related sites were knocked offline temporarily yesterday when a DDoS-protection vendor disabled their access, according to an article by security reporter Brian Krebs.
The websites—with names like 8kun.net, 8kun.top, 8chan.se, and qanonbin.com—are connected to the Internet via the US-based ISP VanwaTech, which in turn "had a single point of failure on its end," Krebs wrote. "The swath of Internet addresses serving the various 8kun/QAnon sites were being protected from otherwise crippling and incessant distributed-denial-of-service (DDoS) attacks by Hillsboro, Ore. based CNServers LLC."
That changed yesterday when security researcher Ron Guilmette called CNServers, which apparently didn't realize it was providing security protection to the websites. "Within minutes of that call, CNServers told its customer—Spartan Host Ltd., which is registered in Belfast, Northern Ireland—that it would no longer be providing DDoS protection for the set of 254 Internet addresses that Spartan Host was routing on behalf of VanwaTech," Krebs wrote. Those 254 addresses included the few dozen related to QAnon and 8chan, which is now known as 8kun.
If someone is sharing their location with you, you'll see a map on the main page of the app. [credit: Google ]
Google has killed yet another product. RIP to Google Trusted Contacts, 2016-2020.
Google kills product
- Google shuts down Trusted Contacts, its emergency location sharing app
- Google Music shutdown starts this month, music deleted in December
- Google Play Music dies this year, YT Music library imports begin today
- Google Fiber kills TV service, focuses on broadband and YouTube TV
- Google gives Chrome OS Apps a shutdown date
The app has a 3.8 rating on the Play Store and over a million downloads, which is not good enough to save it from the Google grim reaper. Google sent out emails to users saying that since location sharing was now built into Google Maps, the Trusted Contacts app was no longer need. The app will shut down in just 43 days, on December 1, 2020.
On October 9, SSC North American took the production speed record away from Bugatti with a 331mph top speed run in the SSC Tuatara. [credit: James Lipman ]
If you want a car that can go really, really, really fast, forget about ordering that Bugatti and give the people at SSC North America a call. On October 10, racing driver Oliver Webb got behind the wheel of one of SSC's new Tuatara hypercars and, on a closed stretch of Nevada State Route 160, reached a top speed of 331.15mph (532.93km/h). When averaged with his 301.07mph (484.53km/h) run in the opposite direction, SSC North America set a new world speed record for production vehicles at 316.11mph (508.73km/h).
Until now, the record for the world's fastest production car belonged to Bugatti, which claimed it in 2019. Andy Wallace was behind the wheel for that attempt, driving a 1,578hp (1,177kW) Bugatti Chiron Super Sport to top speed of 304.77mph (490.48km/h) at Volkswagen's massive test track in Ehra-Lessien, Germany. The SSC Tuatara packs even more power than the Chiron: 1,750hp (1,305kW) of power on E85, and it all gets sent to just the rear wheels, too. The Tuatara also has a more slippery shape, with a smaller frontal area than the Chiron (1.672m2 vs 2.072m2) and a lower drag coefficient (0.279 vs 0.319).
Those were conscious decisions during the Tuatara's design—SSC's founder Jerod Shelby has had his sights on the production speed record for some years now. "My goal was always to beat this record by such a substantial amount that maybe it's going to stand in for a little while. I felt like that's what McLaren did back in the late nineties, and they held that record a long time because they just smashed the record. That was my dream in a perfect world," Shelby said.
Workers at the Nazca Lines site recently found the faded, partially eroded outline of a cat stretching across a desert hillside.
The cat joins the ever-growing list of about 900 shapes and images that ancient people etched into the Nazca Desert soil. At 37 meters (121 feet) long, the cat is among the smaller geoglyphs in the desert; some of the largest shapes, down on the flat valley floor, span more than 500 meters (1,600 feet). Like other geoglyphs in the Nazca Desert, the cat’s ancient designers etched it into the ground by clearing away the dark surface sediment to form pale lines.
Geoglyph finds usually take months of trekking through the desert or poring over aerial photos, but the latest one was a happy accident. Workers were making improvements to a path leading up to a hilltop vantage point when they noticed the cat.
A Falcon 9 rocket ascended into the blue skies above Florida on Sunday morning, and much of the space world barely took notice.
Sure, it was fairly early on a Sunday, and many Americans were not even yet out of bed. But there's a deeper reality here: SpaceX has made launching rockets almost seem routine. The company's vice president of reliability, Hans Koenigsmann, once told me that one of his goals was to take the "magic" out of rocket launches. And the company seems to be succeeding.
SpaceX is also succeeding at reuse. Sunday morning's launch used a Falcon 9 first stage that has already flown into space five times. This is the second time SpaceX has used a first stage a total of six times, and next year it is likely to reach ten uses of its rocket. And then there is the payload fairing. For the first time, SpaceX was able use each of these fairing halves for a third time.
The Friday "beer-thirty" Zoom conferences began for me not too long into the lockdown. A co-worker scheduled them as a form of stress release and socialization as we all prepared for what we already knew was going to be at least a year of not seeing each other in person—and for someone who had just started with the company a few weeks prior, I needed it.
Working from home has always been isolating, but it has become even more so in 2020. And for those of us who've worked from home full-time in the past—well, at least for those of us who have done that and have loud families and kids with no concept of personal space—it has also become a lot harder to maintain a division between home life and work life. Our spouses and kids (and in some cases, adult kids) are all home at the same time, working or studying or playing or just breathing too loudly in the same space as us.Meow mix
For those of you who've never enjoyed the solitude of a home office when everyone else is out of the house, trust me: what we have right now is not what working at home has been like for the past 25 years for me. To adjust to this, organizations must figure out how to keep teams cohesive in the absence of regular social contact. They also must find a balance between being communicative and being intrusive into the home life of employees, all while still keeping some kind of coherent work environment going so people can talk to each other and get work done.
I will admit it; when Cadillac asked if we wanted to spend a day with the new 2021 Escalade, I was in two minds about saying yes. A 6,000lb body-on-frame SUV is about as far from my automotive comfort zone as it's possible to get with a regular driver's license. And while there is a choice of gasoline V8 or turbodiesel inline-six, there's not a sniff of a hybrid option—not even the 48V mild kind, which feels inexcusable in the year 2020.
On the other hand, Cadillac has turned up the technology dial in an effort to regain its crown as the King of Bling. From the driver's seat you can see 38 inches of OLED screen wrapping around you. The highlight is an augmented reality mode that's cool enough to tempt you away from navigating by CarPlay or Android Auto and worthy of Ars' attention on its own.
This might be the Escalade's best angle. [credit: Jonathan Gitlin ]
The body-on-frame light truck is an American speciality. It's where the domestic automakers make their money, and the new Escalade is built on General Motor's latest and greatest body-on-frame platform. And I do mean greatest. Our test vehicle was a $105,995 Escalade ESV 4WD Platinum, which stretches out across 226.9 inches (5,766mm), with a 134.1-inch (3.407mm) wheelbase. More than one neighbor remarked on how large it was as it jutted out of my parking space, which luckily is slightly wider than the Escalade's 81.1 inches (2,059mm). At 76.4 inches (1,942mm) tall, I was grateful for the retractable running boards that emerge when you open a door; if you're shorter than average, it is a $1,750 option you might want.
A few years back, it looked like plastic recycling was set to become a key part of a sustainable future. Then, the price of fossil fuels plunged, making it cheaper to manufacture new plastics. Then China essentially stopped importing recycled plastics for use in manufacturing. With that, the bottom dropped out of plastic recycling, and the best thing you could say for most plastics is that they sequestered the carbon they were made of.
The absence of a market for recycled plastics, however, has also inspired researchers to look at other ways of using them. Two papers this week have looked into processes that enable "upcycling," or converting the plastics into materials that can be more valuable than the freshly made plastics themselves.Make me some nanotubes
The first paper, done by an international collaboration, actually obtained the plastics it tested from a supermarket chain, so we know it works on relevant materials. The upcycling it describes also has the advantage of working with very cheap, iron-based catalysts. Normally, to break down plastics, catalysts and the plastics are heated together. But in this case, the researchers simply mixed the catalyst and ground up plastics and heated the iron using microwaves.
A massive new accounting of the health of humans on Earth, collating and inferring stats on hundreds of diseases and injuries across 204 nations, has mostly good news. People are healthier, and they stay that way for longer. The bad news: That’s not true if those people are poor, are people of color, live in the United States, and there’s a pandemic.
Then they’re screwed.
In my review of The Boys S1 last year, I called the Amazon Prime series "a wickedly funny, darkly irreverent adaptation" and "ideal late-summer therapy for anyone who has grown a bit weary of the constant onslaught of superhero movies." I wasn't alone in my love for the show: The Boys was a massive hit, and that success has continued with S2, which was the most-watched global launch of any Amazon series to date, pretty much doubling the show's worldwide audience. S2 is even better than its predecessor, deftly tackling timely themes and hot-button issues, while never sacrificing all the biting satire and good, gory fun that we loved about S1. And can we just give Antony Starr an Emmy already for his stunning performance as Homelander?
(Spoilers for S1 below; some spoilers for S2, but no major reveals.)
The Boys is set in a fictional universe where superheroes are real but corrupted by corporate interests and a toxic celebrity-obsessed culture. The most elite superhero group is called the Seven, headed up by Homelander (Starr), a truly violent and unstable psychopath disguised as the All-American hero, who mostly bullies his supe team into compliance. The other members include A-Train (Jessie T. Usher), who boasts super-speed but has also become addicted to the experimental performance-enhancing substance called Compound-V. The Deep (Chace Crawford) can breathe underwater, thanks to having gills—voiced in S2 by Patton Oswalt during a hallucination sequence—and converse with marine creatures.
Ransomware attacks that tear through corporate networks can bring massive organizations to their knees. But even as these hacks reach new popularity highs—and new ethical lows—among attackers, it's not the only technique criminals are using to shake down corporate victims. A new wave of attacks relies instead on digital extortion—with a side of impersonation.
On Wednesday, the Web security firm Radware published extortion notes that had been sent to a variety of companies around the world. In each of them, the senders purport to be from the North Korean government hackers Lazarus Group, or APT38, and Russian state-backed hackers Fancy Bear, or APT28. The communications threaten that if the target doesn’t send a set number of bitcoin—typically equivalent to tens or even hundreds of thousands of dollars—the group will launch powerful distributed denial of service attacks against the victim, walloping the organization with a fire hose of junk traffic strategically directed to knock it offline.
Last week, Waymo, the self-driving-vehicle developer owned by Alphabet, expanded a first-of-its-kind service offering rides to paying passengers around Phoenix—with no one behind the wheel. Videos shared by Waymo and others show its minivans navigating wide, sunny streets with ease.
Now rival Cruise, a General Motors subsidiary, has taken a step toward running its own self-driving-taxi service—on the hilly, winding, pedestrian-swarmed streets of San Francisco. On Thursday, Cruise said the California Department of Motor Vehicles had granted it a permit to test up to five of its modified Chevy Bolts without anyone behind the wheel. In a blog post, Cruise CEO Dan Ammann said truly driverless cars would operate in the city before the end of the year.
September apparently wasn’t feeling like doing anything unusual, so it ended up being the warmest September on record for the globe. That’s been something of a trend this year, with each month landing in its respective top three. It has become increasingly clear that 2020 will likely be the second warmest year on record, if it isn’t the first.
Unlike in August, the contiguous US didn’t set a record in September, though it was still above the 20th century average. A high-pressure ridge dominated over the West Coast again, leading to even more warm and dry weather for much of the Western US. But a trough set up over the Central US in mid-September, bringing cooler air southward.
Two more hurricanes—Sally and Beta—led to above-average rainfall in the Southeast. Total precipitation for the contiguous US was a touch above average as a result, but the average as usual masks local differences. Drought conditions have expanded and worsened over much of the West, and there has been little relief for wildfire conditions.
It's time to talk about Google messaging again.
The company's latest blog lays out future plans for its suite of messaging services, which includes stripping features out of Google Hangouts as we head toward its eventual demise and the promotion of Google Chat to being the main messaging product.
Since it can be hard to keep track of the dozen-or-so messaging products Google has released over the years, before we get started, here's a glossary of the Google messaging apps that will be referenced in this article.
The CDC has been neutered, shamed, and blamed amid the novel coronavirus pandemic and global crisis. From internal missteps that bungled the country’s rollout of diagnostic testing to blatant political interference and strong-arming on critical public health guidance, the CDC has gone from the world’s premier public health agency to a silenced, overridden, distrusted afterthought in the US response—an agency stripped of its ability to collect even basic health data from hospitals during a raging pandemic.
The heavy blows to the agency’s reputation and role have been well documented throughout the pandemic. President Trump and his administration have openly undermined the agency and, behind the scenes, attacked it while overriding expert public health advice on testing, school reopening, and the handling of outbreaks on cruise ships, among other things.
But while the broad strokes of the agency’s undoing were noted in real time, a set of new investigations and reports offers new details. In a sweeping investigative report by ProPublica, three journalists retraced a number of events, digging up emails, heated exchanges, and alarm within the agency. For instance, it provides fresh insight into how a single CDC researcher valiantly worked to develop diagnostic tests for the novel coronavirus, only to fumble, producing tests contaminated with genetic sequences of the virus. That contamination produced false positive results in public health labs around the country, rendering the tests useless and losing precious time to get ahead of the disease's spread.
One of the most critical Windows vulnerabilities disclosed this year is under active attack by hackers who are trying to backdoor servers that store credentials for every user and administrative account on a network, a researcher said on Friday.
Zerologon, as the vulnerability has been dubbed, gained widespread attention last month when the firm that discovered it said it could give attackers instant access to active directories, which admins use to create, delete, and manage network accounts. Active directories and the domain controllers they run on are among the most coveted prizes in hacking because once hijacked, they allow attackers to execute code in unison on all connected machines. Microsoft patched CVE-2020-1472, as the security flaw is indexed, in August.
On Friday, Kevin Beaumont, working in his capacity as an independent researcher, said in a blog post that he had detected attacks on the honeypot he uses to keep abreast of attacks hackers are using in the wild. When his lure server was unpatched, the attackers were able to use a powershell script to successfully change an admin password and backdoor the server.
Nikola CEO Mark Russell downplayed the company's Badger pickup truck in comments to the Financial Times on Thursday.
“The Badger was an interesting and exciting project to some shareholders, but our institutional shareholders are mostly focused on the business plan,” Russell said. “Our core business plan since before we became publicly listed always focused on heavy trucks and hydrogen infrastructure.”
Russell's comments were published after markets closed on Thursday. Nikola's stock price plunged on Friday morning and is currently down about 14 percent for the day.