Apple AirTags can be abused to direct finders to malicious websites

Enlarge / Apple's AirTags—as seen clipped to a backpack, above—allow users to attempt to find their own device via location rebroadcast from other Apple users. If all else fails, the user can enable a "Lost mode" intended to display their phone number when a finder scans the missing AirTag. (credit: James D. Morgan / Getty Images)

The hits keep coming to Apple's bug-bounty program, which security researchers say is slow and inconsistent to respond to its vulnerability reports.

This time, the vuln du jour is due to failure to sanitize a user-input field—specifically, the phone number field AirTag owners use to identify their lost devices.

The Good Samaritan attack

AirTags are tiny, button-like devices which can be personalized with engraving and attached to easily lost devices either directly or via "loop" holders. (credit: James D. Morgan via Getty Images)

Security consultant and penetration tester Bobby Rauch discovered that Apple's AirTags—tiny devices which can be affixed to frequently lost items like laptops, phones, or car keys—don't sanitize user input. This oversight opens the door for AirTags to be used in a drop attack. Instead of seeding a target's parking lot with USB drives loaded with malware, an attacker can drop a maliciously prepared AirTag.

Read 10 remaining paragraphs | Comments

Sony acquires its most prominent remaster studio, Bluepoint Games

Enlarge (credit: Play Station)

After months of speculation, it's finally official: Sony is acquiring Demon's Souls developer Bluepoint Games.

News of Bluepoint's addition to the PlayStation Studios roster shouldn't surprise many. The Austin-based studio turned heads with 2018's Shadow of the Colossus remake before tackling its redux of FromSoftware's Demon's for the PS5. It has been a longtime independent collaborator with Sony, remastering critical favorites like Uncharted, Metal Gear Solid, and Gravity Rush, and it has almost exclusively worked with PlayStation-branded properties. (Other than Metal Gear, Bluepoint's only other third-party project was its 2014 port of Titanfall for the Xbox 360.)

A long history with Sony

Rumors that Sony would be buying the developer date back to the company's acquisition of Returnal developer Housemarque in June. That's when the PlayStation Japan Twitter account accidentally tweeted out a PlayStation Studios splash image that included key art from both Returnal and Demon's Souls alongside other established Sony games. Naturally, the tweet was quickly deleted, but not before the image was saved.

Read 8 remaining paragraphs | Comments

Liquid metal encased in hydrogel makes a promising energy-harvesting device

Enlarge / Researchers at North Carolina State University have created a soft and stretchable device that converts movement into electricity. The device works in wet or dry environments and has a host of potential applications. (credit: Veenasri Vallem)

Scientists at North Carolina State University have developed a flexible, stretchy energy-harvesting device solely out of biocompatible soft materials: liquid metal and soft polymers known as hydrogels. It produces small amounts of electricity comparable to other energy-harvesting technologies, and it can also operate in water as well as air, according to the team's recent paper published in the journal Advanced Materials. The team thinks their technology holds promise for powering wearable devices, charging them spontaneously with no need for an external power source.

"Mechanical energy—such as the kinetic energy of wind, waves, body movement and vibrations from motors—is abundant," said co-author Michael Dickey,  a chemical and bimolecular engineer at NCSU. “We have created a device that can turn this type of mechanical motion into electricity. And one of its remarkable attributes is that it works perfectly well underwater.”

The NCSU scientists were particularly inspired by a 2013 paper by Korean researchers. The 2013 researchers found they could harvest energy from an electrical double-layer capacitor (ELCD) by depressing arrays of water droplets sandwiched between two rigid electrodes, thereby spontaneously charging the capacitor. But the rigidity proved to be a shortcoming, since electricity was only generated by moving the stiff electrode up and down. Dickey and his co-authors wanted to create a flexible version of this technology.

Read 9 remaining paragraphs | Comments

USB-IF is, once again, trying to logo its way out of USB-C confusion

Enlarge / The USB-IF is planning new logos to go with the upgraded capabilities of USB-C 2.1 cables and chargers. (credit: USB-IF)

In just a few years, the USB-C port has gone from infancy to ubiquity. Aside from a couple of exceptions, it is the main charging, data, and display port for nearly all modern phones, tablets, and laptops. The European Union has even proposed making it mandatory in all devices.

The problem is that the USB-C connector has always been related to but separate from the other specifications in the USB protocol. USB-C cables can use 2.0 or 3.2 speeds, they can support multiple charging wattages, they can either have or not have Thunderbolt support, and even Thunderbolt cables can be either "active" or "passive." The connector is the same, but the capabilities aren't.

The group behind USB-IF has always taken a hands-off approach to this problem, choosing to solve it not with top-down mandates but with certification and optional logos. Today, the group announced a new batch of logos (PDF) intended to demystify the USB-C 2.1 and USB Power Delivery (USB-PD) 3.1 standards that were announced earlier this year. Among other tweaks, the new logos account for USB 4 support, as well as an increased maximum USB-PD charging wattage, from the old maximum of 100 W up to a new maximum of 240 W.

Read 1 remaining paragraphs | Comments

Blue Origin has a toxic culture, former and current employees say

Enlarge / Blue Origin CEO Bob Smith (black hat) walks with Jeff Bezos after his flight on Blue Origin’s New Shepard into space in July 2021. (credit: Joe Raedle/Getty Images)

A former communications executive at Blue Origin and 20 other current and former employees have written a blistering essay about the company's culture, citing safety concerns, sexist attitudes, and a lack of commitment to the planet's future.

"In our experience, Blue Origin’s culture sits on a foundation that ignores the plight of our planet, turns a blind eye to sexism, is not sufficiently attuned to safety concerns, and silences those who seek to correct wrongs," the essay authors write. "That’s not the world we should be creating here on Earth, and certainly not as our springboard to a better one."

Published Thursday on the Lioness website, the essay is signed publicly by only Alexandra Abrams, who led employee communications for the company until she was terminated in 2019. The other signatories, a majority of whom were engineers, declined to publicly disclose their names because they did not want to jeopardize employment at Blue Origin or harm their prospects in the aerospace industry for other jobs.

Read 15 remaining paragraphs | Comments

Intel launches its next-generation neuromorphic processor—so, what’s that again?

Mike Davies, director of Intel's Neuromorphic Computing Lab, explains the company's efforts in this area. And with the launch of a new neuromorphic chip this week, he talked Ars through the updates.

Despite their name, neural networks are only distantly related to the sorts of things you'd find in a brain. While their organization and the way they transfer data through layers of processing may share some rough similarities to networks of actual neurons, the data and the computations performed on it would look very familiar to a standard CPU.

But neural networks aren't the only way that people have tried to take lessons from the nervous system. There's a separate discipline called neuromorphic computing that's based on approximating the behavior of individual neurons in hardware. In neuromorphic hardware, calculations are performed by lots of small units that communicate with each other through bursts of activity called spikes and adjust their behavior based on the spikes they receive from others.

On Thursday, Intel released the newest iteration of its neuromorphic hardware, called Loihi. The new release comes with the sorts of things you'd expect from Intel: a better processor and some basic computational enhancements. But it also comes with some fundamental hardware changes that will allow it to run entirely new classes of algorithms. And while Loihi remains a research-focused product for now, Intel is also releasing a compiler that it hopes will drive wider adoption.

Read 36 remaining paragraphs | Comments

iPad mini teardown sheds new light on “jelly scrolling” controversy

iFixit's 2021 iPad mini teardown.

A new teardown of Apple's latest iPad mini by iFixit found a clue that may explain the "jelly scrolling" effect that some of the tablet's users have complained about.

In case you missed our past coverage on the subject, some iPad mini users noticed a subtle, stagger-like disconnect between the right and left sides of the screen when scrolling through content. Some people see it right away, others have to have it pointed out to them, and others still don't notice even when told.

After we wrote about it, Apple commented on the story to us saying that the effect is expected. From our coverage:

Read 4 remaining paragraphs | Comments

Jon Stewart’s new Apple TV+ series: Old man yells at cloud—but it hits the spot

Enlarge / Jon Stewart is back to TV to set some things on fire. (credit: Apple TV+ / Busboy)

In Jon Stewart's first-ever conversation with an Apple TV+ studio audience, he offers a curious send-off—in fact, it argues against the point of his new multi-million dollar hosting deal. "You're probably just going to look at aggregated clips of" this first episode of The Problem With Jon Stewart, he says, instead of subscribing to Apple TV+. It's a bit meandering, followed by a joke about pirating episodes of Ted Lasso.

If anybody can show up to a new streaming service and make a joke at the expense of subscriptions, it's probably Stewart. Online video sharing—and we're talking the renegade kind, uploaded by fans and shared freely—greatly contributed to The Daily Show's massive cultural footprint before Stewart left that show behind in 2015. And as you may have noticed, the TV landscape has dramatically changed since then. These days, every major player is throwing stuff at the video-streaming wall to see what sticks (or, in Quibi's case last year, what absolutely doesn't).

So after six years off the "fake news" desk, what path does Stewart and Apple's new production take? His aforementioned joke may suggest a series that's meant to be shared and remixed in small clips, but The Problem arrives with a different modus operandi: empathy, not sound bites, and patience, not pulverization. You can arguably pluck out some zingers tailor made for quick swipes on a service like TikTok, but Stewart seems more invested in relishing the full 44 minutes of each episode. As a result, this fake-news innovator spends the runtime of his new series punting the "fake" out of his reputation, expectations be damned.

Read 12 remaining paragraphs | Comments

Settlement forces Amazon to tell workers they can’t be fired for organizing

Enlarge / Tech workers show support for Maren Costa (left) and Emily Cunningham (right) on Sept 16, 2021. (credit: Amazon Employees for Climate Justice)

Amazon has agreed to a settlement with two employees who alleged that they were illegally fired for speaking out about warehouse working conditions during the pandemic.

"Amazon will be required to pay us our lost wages and post a notice to all of its tech and warehouse workers nationwide that Amazon can't fire workers for organizing and exercising their rights," the fired workers, Maren Costa and Emily Cunningham, said in a statement yesterday. "It's also not lost on us that we are two women who were targeted for firing. Inequality, racism, and sexism are at the heart of both the climate crisis and the pandemic."

Costa and Cunningham were tech workers at Amazon's Seattle headquarters and were fired in April 2020. "Both were active in an internal employee group advocating for climate issues and had circulated a petition inside the company calling on Amazon to expand benefits and pay for employees in warehouses," we noted in an article at the time.

Read 11 remaining paragraphs | Comments

Google tells EU court it’s the #1 search query on Bing

Enlarge / Let's see, you landed on my "Google Ads" space, and with three houses, that will be $1,400. (credit: Ron Amadeo / Hasbro)

Google is in the middle of one of its many battles with EU antitrust regulators—this time it's hoping to overturn the record $5 billion fine the European Commission levied against it in 2018. The fine was for unfairly pushing Google search on phones running Android software, and Google's appeal argument is that search bundling isn't the reason it is dominating the search market—Google Search is just so darn good.

Bloomberg reports on Google's latest line of arguments, with Alphabet lawyer Alfonso Lamadrid telling the court, “People use Google because they choose to, not because they are forced to. Google’s market share in general search is consistent with consumer surveys showing that 95% of users prefer Google to rival search engines.”

Lamadrid then went on to drop an incredible burn on the #2 search engine, Microsoft's Bing: “We have submitted evidence showing that the most common search query on Bing is, by far, 'Google.'"

Read 2 remaining paragraphs | Comments

Nreal Air sunglasses let you watch TV in AR

• 

  Nreal plans to release its specs in the US. [credit: Nreal ]

Ever wish you could watch YouTube videos through your sunglasses? That’s pretty much what augmented reality (AR) glasses company Nreal is going for with the Nreal Air announced today. With a light, 2.72 ounce (77 g) weight and micro-OLED display, the Nreal Air is just what you need to finally watch Parks and Recreation in an actual park.

Since Nreal released the Nreal Light in 2019, AR tech has evolved so hardware offerings can be smaller. The Nreal Air is 27 percent lighter than the Nreal Light (3.74 ounces/106 g), although it also comes with less functionality. There’s no handtracking or spatial awareness, so you can’t interact with what you see. Instead, you’ll have to rely on an app on your smartphone, which must be tethered to the Nreal Air for it to work (as is the case with the Nreal Light).

This is because the Nreal Air isn’t about dragging and dropping furniture around your virtual home or trying on outfits via a virtual avatar before buying, or other, more interactive AR applications. Instead, Nreal is targeting the Nreal Air primarily at watching videos on YouTube and other streaming apps.

Read 7 remaining paragraphs | Comments