ARS Technica
14 years after Bush v. Gore, we still can’t get voting tech right
A handful of jurisdictions nationwide reported various computer-related problems that hampered some voters as Americans went to the polls on Tuesday.
As Ars has noted over the last two years, electronic voting (much less Internet voting) is on the decline in the United States as voters and voting officials have placed less and less confidence in machines that were designed to replace confusing paper ballots in the controversial 2000 presidential election and the resulting Help America Vote Act.
On Tuesday, the problems included 11 voting machines in Virginia Beach and Newport News, Virginia that were “knocked out of calibration.” In a statement, the Virginia Department of Elections said that some AccuVote TSX Touch Screen voting machines changed votes to something other than what the voter intended.
Read 9 remaining paragraphs | Comments
Verizon: ISPs will sue unless government adopts weaker net neutrality rules
Verizon is gearing up for a fight over the government's latest net neutrality plan, which could impose stricter rules on Internet service providers than a previous net neutrality order that Verizon also sued over.
Verizon sued to overturn the Federal Communications Commission's 2010 Open Internet Order, forcing the FCC to try again. The commission tentatively approved rules in May that would prevent Internet service providers from blocking or degrading traffic from third-party Web services while allowing "fast lane" deals in which companies could pay for faster access to consumers.
But after protest from consumer advocates, FCC Chairman Tom Wheeler is reportedly close to proposing rules in which ISPs would be treated as utilities. This wouldn't outlaw fast lane or "paid prioritization" deals but would make it easier for the government to block arrangements deemed harmful to consumers. In a blog post today, Verizon General Counsel Randal Milch said the plan "fairly guarantees litigation."
Read 8 remaining paragraphs | Comments
Security scorecard finds messaging apps need more development
Only six out of 39 messaging applications have the features needed to guarantee the security of communications sent over the Internet, according to an analysis by the Electronic Frontier Foundation (EFF).
The results of the analysis, published as a scorecard on Tuesday, found that popular messaging apps—such as Facebook Chat, Apple’s FaceTime and iMessage, Microsoft’s Skype, and Yahoo Messenger—failed to meet all seven criteria, such as whether the application implements perfect forward secrecy and whether the source code had been audited for security. The group did the analysis as part of its campaign to promote the development of secure and usable cryptography, which is necessary in a world where government surveillance has become more common, Peter Eckersley, EFF’s technology projects director, told Ars.
The study is intended to help direct companies who are actively developing secure-communication software, he said.
Read 7 remaining paragraphs | Comments
Getting out the F***ing vote with technology
It’s Election Day, damn it. And thanks to non-partisan tech efforts by the Pew Charitable Trusts, Google, Facebook, and others—including sites like Your Fucking Polling Place—you’ve got no damn excuse not to if you’re registered. Polling places, ballots, and other information about Election Day are available online in all 50 states for today’s election—including sites that use what David Becker, director of elections initiatives at the Pew Charitable Trusts, calls a “more family friendly version” of the same Google API that powers Your Fucking Polling Place. At the same time, political candidates’ campaigns are getting increasingly better data about registered voters to help get out the ones they think will go their way.
Get-out-the-vote technology was a focal point of the 2012 presidential elections—and the source of a great deal of controversy for the Mitt Romney campaign, as Ars reported. Now both the Republican and Democratic national parties have built their own internal “big data” startups internally to help deliver targeted voter data to campaigns across the country—the Republican National Committee’s Para Bellum and the Democratic National Committee’s Project Ivy. This midterm election is the first big test for their investments.
While the big national parties throw money at their own partisan systems, the Pew Charitable Trusts’ election initiatives program has tried to make the same sort of data available to candidates at every level, starting by improving the quality of state voter rolls. “The problem in most states is that voter rolls are just not that accurate,” Becker said.
Read 12 remaining paragraphs | Comments
LED bulb efficiency clearly pulling ahead of compact fluorescents
A few years back, when I got my first LED-based lightbulb, it seemed natural to stick it into a wattmeter to get a sense of its efficiency. At under 15 Watts of power drawn, it clearly beat any incandescent bulbs I'd ever put into the same lamp. But I was disappointed to find that it wasn't any better than a compact fluorescent bulb.
Based on the graph shown above, my experience was hardly unique; in fact, it was decidedly average. Although the technology behind LEDs had the potential to be far more efficient than any other lighting source, the complete LED bulb package wasn't doing that much better at the time than the far more mature fluorescent bulbs, which output roughly 60 lumens for every Watt put in.
After some small boosts in 2013, however, a new generation of more efficient LEDs hit the market this year, raising the typical efficiency to nearly 100 lumens per Watt. The increased efficiency is coming at a time when prices for the bulbs continue to drop; given their expected lifetimes, they're now far and away the most economical choice for most uses.
Read 1 remaining paragraphs | Comments
EFF asks for the right to revive “abandoned” online games
While playing the original versions of classic games on aging original hardware can sometimes be difficult, it's at least typically possible. That's not the case for many online games, which are functionally inoperable once the developer or publisher decides to shut down the official servers that provide the only way for players to communicate with each other. Unofficial hobbyist projects that try to create new servers for these abandoned games could run afoul of the Digital Millennium Copyright Act and its ban on "the circumvention of access control technologies."
The Electronic Frontier Foundation wants to change that. In an official exemption request (PDF) filed with the Library of Congress this week, the nonprofit advocacy group asks that users be allowed to modify access controls and online authentication checks in legally obtained games "when the [game] servers authorized by the developer are permanently shut down." In this way, those users can access third-party servers in order to regain "core functionality" that is no longer available through the defunct official servers.
The EFF gives the specific example of Nintendo's Mario Kart games, which used a proprietary protocol to communicate with Nintendo's servers before Nintendo shut those servers down for the Wii and DS. Reverse-engineering that protocol could be considered "circumvention" in the DMCA's current broad prohibitions, as could modifying the game's code to allow for connection to new, non-Nintendo servers.
Read 4 remaining paragraphs | Comments
Dropbox integration coming to Office; Office integration coming to Dropbox
Microsoft and Dropbox today announced a "strategic partnership" to make life easier for people who use Office and Dropbox. In the next few weeks, the Office apps on iOS and Android will include integrated Dropbox support in order to provide direct access to Office documents stored on Dropbox. In early 2015, both Dropbox's Web interface and Office Online will support one another, enabling opening, editing, and sharing.
Microsoft may be making OneDrive ever more appealing by offering Office 365 users unlimited storage, but the company recognizes that Dropbox is for many people the cloud storage solution of choice today. Because of this, Dropbox is already the home to many Office documents—the company claims some 35 billion of them are stored on its platform—and the new integration should make working with those documents a bit easier.
Dropbox for Business users will have a similar featureset available, though they will need an Office 365 subscription to use it.
Read 1 remaining paragraphs | Comments
UK spy chief, parroting his US counterparts, calls for crypto backdoors
Writing that "privacy has never been an absolute right," Robert Hannigan, the head of British spy agency GCHG, urged the US tech sector to assist the fight against terrorism and other crimes by opening up their proprietary networks to government authorities.
Hannigan GCHQ Hannigan, in a Financial Times editorial on Monday, suggested that "technology companies are in denial" over the Internet's use "to facilitate murder or child abuse." He wrote that the time was ripe for "addressing some uncomfortable truths" and went on to say the public wouldn't mind if technology companies gave governments backdoor access either.They do not want the media platforms they use with their friends and families to facilitate murder or child abuse. They know the Internet grew out of the values of western democracy, not vice versa. I think those customers would be comfortable with a better, more sustainable relationship between the agencies and the technology companies.
"Better do it now than in the aftermath of greater violence," Hannigan added.
Hannigan's opinion piece follows similar comments by FBI Director James Comey and US Attorney General Eric Holder. And a day after Hannigan's comments, the Electronic Frontier Foundation of San Francisco released a "Secure Messaging Scorecard" that rated which messaging technologies are "truly safe and secure."
Read 7 remaining paragraphs | Comments
Last Pirate Bay co-founder arrested after living on the lam in Laos
Thai authorities announced Tuesday that they arrested Pirate Bay co-founder Fredrik Neij (aka “Tiamo”) at the northern border with Laos.
Neij famously flaunted a Swedish arrest warrant while publicly living in Laos (although his Facebook profile states he lives in Bangkok) following his conviction for aiding copyright infringement. In 2013, he famously told a Swedish filmmaker: “I can sit here and jerk off for five years. And I will.”
Neij’s arrest marks the third and final member of the remaining Swedish defendants who were originally convicted in 2009 for aiding copyright infringement. All members have lost all their appeals since. The men claim to no longer own The Pirate Bay, and it has continued to remain functional over the years.
Read 12 remaining paragraphs | Comments
A day after launch, HTC sold the Nexus 9 for 50% off
You would think that a brand new Nexus tablet would be in high demand for the MSRP, but HTC is selling the Nexus 9 for just $199 on its website right now. Or at least, it is at the time of writing. By the time you read this, it will probably be sold out, or the site will be down. But for a bit, HTC was selling its $400 tablet for $200.
Ron AmadeoWe've seen widespread complaints about the new "premium" pricing strategy for the new Nexus devices, and to make matters worse, the Nexus 9 didn't really live up to the "premium" price. With a price cut this deep just a day after launch, we have to wonder if the Nexus 9 is really worth $400. On Google Play, the device is still going for $400, but this is definitely an eyebrow-raising move by HTC.
We were able to buy one and actually got a confirmation e-mail. We'll update this report should any new information on the situation become available.
Read 2 remaining paragraphs | Comments
Internet Archive offers 900 classic arcade games for browser-based play
As part of its continuing mission to catalog and preserve our shared digital history, the Internet Archive has published a collection of more than 900 classic arcade games, playable directly in a Web browser via a Javascript emulator.
The Internet Arcade collects a wide selection of titles, both well-known and obscure, ranging from "bronze age" black-and-white classics like 1976's Sprint 2 up through the dawn of the early '90s fighting game boom in Street Fighter II. In the middle are a few historical oddities, such as foreign Donkey Kong bootleg Crazy Kong and the hacked "Pauline Edition" of Donkey Kong that was created by a doting father just last year.
The site's new arcade offerings are the work of curator Jason Scott, who has previously archived thousands of classic console and PC games as part of the Internet Archive's software collection. Like that previous work, the Arcade collection is built on top of JSMESS, a version of the open-source Multi Emulator Super System project designed to run in Javascript-compatible browsers. Adding MAME-based arcade game support to the Internet Archive's JSMESS environment "turned out to be easy. Very, very easy," Scott writes on his personal blog.
Read 2 remaining paragraphs | Comments
IPCC synthesis: We’re headed for “pervasive and irreversible impacts”
Over the weekend, the Intergovernmental Panel on Climate Change (IPCC) released a final draft of the “Synthesis Report” that caps the long road taken to produce its fifth assessment report, which has been released in chunks over the last year. The Synthesis Report, as you might guess, pulls together the main points from the body of the massive report. You won’t find any new information here—the goal is just to summarize the report in the most simple and succinct language possible. Technical, scientific writing is not known for gripping the non-expert reader, so the authors clearly made an effort to communicate the big picture explicitly and frankly.
That big picture, of course, is one in which Earth’s atmosphere and oceans have clearly warmed, with consequences for the hydrologic cycle, the planet’s icy regions, and some weather extremes. Statistically speaking, the report estimates with at least 95 percent confidence that more than half of this warming is due to human activities. The implications for the future are serious. “Continued emission of greenhouse gases will cause further warming and long-lasting changes in all components of the climate system, increasing the likelihood of severe, pervasive, and irreversible impacts for people and ecosystems.”
The report reiterates that we’ve already burned about two-thirds of the carbon necessary to warm the Earth 2°C above preindustrial temperatures—a milestone that the international community has agreed to avoid. Staying under 2°C warming will require slashing annual emissions to 40-70 percent below 2010 levels by 2050 and reaching zero emissions by 2100. Most of the scenarios analyzed that achieve this goal rely on some form of Carbon Capture and Sequestration (like pumping CO2 captured from power plants into underground reservoirs) to reduce the impact of the fossil fuels we continue to use.
Read 5 remaining paragraphs | Comments
Android 5.0 Lollipop source code is out—OEMs, start your engines
With Android 5.0 debuting on the Nexus 9 and Nexus Player, Google has pushed out the newest Android source code to the public Android Open Source Project (AOSP) repository. Anyone who wants to download the source code of the Lollipop platform is now free to do so.
Next up on the docket after the AOSP code drop should be system images for Nexus devices, but it's hard to tell if Google will hold those until after the release of the upcoming Nexus 6.
We have the Android Lollipop code. We'll be updating the HTC One (M8) & (M7) within 90 days from today. #HTCAdvantage pic.twitter.com/VJ0wB1jQbm
— HTC (@htc) November 4, 2014
Read 3 remaining paragraphs | Comments
Unicode proposes a way to let an emoji black man and white woman hold hands
A new draft proposal published Tuesday at the Unicode Consortium outlines a way of diversifying the mostly white people who populate your emoji keyboard. The system, presented by Google software engineer Mark Davis and Apple software engineer Peter Edberg, would combine existing emojis with a smaller set of color swatches on the back end so the characters would be displayed with new skin colors.
Emoji users have been clamoring for years for a more diverse palette for the people characters, one that goes beyond the small, vaguely stereotypical subset of man-characters like Man With Turban and Man With Gua Pi Mao. The Unicode Consortium introduced 250 new emoji in June, but it received criticism at the time for not using that opportunity to address the character set's lack of diversity.
The proposal notes that emoji can technically already be rendered in two palettes: in color ("emoji representation") or in black and white ("text presentation"), depending on what the environment calls for. "Any Unicode character can be presented with text presentation," states the proposal, while emoji presentation is currently up for interpretation by the artist employed by the app or platform within certain constraints ("It would be unexpected to represent U+1F36F HONEY POT as a sugar cube, for example.")
Read 8 remaining paragraphs | Comments
iFixit: Nexus 9 is full of glue, harder to fix than older Nexus tablets
We weren't as impressed by HTC and Google's new Nexus 9 as we wanted to be, and diving deeper into the tablet is giving us more reasons to be unexcited. The teardown experts at iFixit have opened the tablet up and found it harder to open and repair than previous Nexus tablets: it has been given a repairability score of three out of 10, lower than the 2012 or 2013 Nexus 7 (both seven out of 10) or the Nexus 10 (six).
The plastic back of the tablet is apparently easy to remove, but you run the risk of accidentally disconnecting the rear camera from the motherboard when you lift it off. The camera itself is decidedly unremarkable, and it uses the same shooter as the midrange HTC Desire 610. iFixit also complained of the tablet's small front-facing speakers, something we noticed in our review. The site says the speakers "look a lot more like low-volume earpiece speakers than the far-heftier speakers found in the latest iteration of the iPad Air."
iFixit's biggest problem with the tablet is adhesive. The site frequently complains when glue is used to hold devices together (as opposed to plastic clips or screws, for instance), and both the 6700mAh battery and the tablet's screen are stuck on with copious amounts of glue. The battery can be pried up with patience, but separating the (fused) display panel and front glass from the body of the tablet apparently requires a lot of heat. Finally, the "maze of tape and thin, delicate cables" inside the tablet makes repairs "difficult and perilous."
Though it may be of small comfort to Nexus 9 buyers, iFixit considers the Nexus 9 more repairable than either the iPad Air 2 or iPad Mini 3, which each scored only two points out of 10 on the repairability scale. Heck, the Surface Pro 3 scored just one point out of 10. It's pretty hard to find a tablet that's easy to fix.
Read on Ars Technica | Comments
How SF’s bill to “legalize Airbnb” became a political grudge match
Last month, San Francisco’s Board of Supervisors passed a law that threw out the city’s longstanding ban against short-term rentals. The legislation finally legitimized Airbnb, the home-sharing start-up that became a mainstay of the "sharing economy" when it was created six years ago.
The 7-4 vote on the bill, signed into law last week, might have been the end of a long debate—but it wasn't to be. The vote took place smack-dab in the middle of election season, and the acrimonious debate has spilled into one of California’s most hotly contested legislative contests.
Two SF supervisors, one on each side of the Airbnb vote, are striving toward statewide office. A committee supporting board president David Chiu, who pushed through the Airbnb bill, has been showered with money—about $750,000 in all—from two big Airbnb investors, LinkedIn founder Reid Hoffman and Ron Conway.
Read 13 remaining paragraphs | Comments
iOS 8.1.1 said to address iPhone 4S and iPad 2 performance problems
Late yesterday, Apple released the first beta build of iOS 8.1.1 to developers. The first update to iOS 8.1 will include customary bug fixes, but the preliminary release notes suggest a far more interesting development: the update promises to improve performance on the iPhone 4S and iPad 2, two of the oldest devices that support iOS 8.
This would address one of our biggest criticisms of iOS 8, which in our testing was significantly slower on these older devices than iOS 7 was. Apps took longer to launch, and the user interface was often jerky and inconsistent in ways that it wasn't before. Apple has a long history of speeding up new iOS versions on old hardware post-release—iOS 4.1 on the iPhone 3G, iOS 7.1 on the iPhone 4, and now iOS 8.1.1. It would be nice if performance on older hardware was better optimized in the first place, but newer hardware obviously takes precedence.
When the final version of iOS 8.1.1 is released, we'll throw it on an iPhone 4S and iPad 2 to see how much the performance really improves. Although they're not mentioned by name in the release notes, we'd also expect the improvements to help the original iPad Mini and the fifth-generation iPod Touch, which are internally similar to the 4S and iPad 2.
Read on Ars Technica | Comments
This system will self destruct: Crimeware gets powerful new functions
Researchers have discovered new capabilities in the BlackEnergy crimeware tool that significantly extend its reach. The ability to run on network devices, steal digital certificates, and render infected computers unbootable are just a few of new-found weapons in its arsenal.
BlackEnergy emerged as a tool for launching denial-of-service attacks. It later morphed into crimeware used to funnel banking credentials and most recently was observed as a refitted piece of software for espionage that targeted the North Atlantic Treaty Organization, Ukrainian and Polish government agencies, and a variety of sensitive European industries over the last year. In this last incarnation, BlackEnergy in some cases was installed by exploiting a previously unknown vulnerability in Microsoft Windows systems.
According to a report published Monday by security firm Kaspersky Labs, the breadth of BlackEnergy goes even further. A host of extensions customized for both Windows and Linux systems contain commands for carrying out DoS attacks, stealing passwords, scanning ports, logging IP sources, covertly taking screenshots, gaining persistent access to command and control channels, and destroying hard drives. Researchers Kurt Baumgartner and Maria Garnaeva also acquired a version that works on ARM- and MIPS-based systems and uncovered evidence BlackEnergy has infected networking devices manufactured by Cisco Systems. They are unsure precisely what the purpose is for some plugins, including one that gathers device instance IDs and other information on connected USB drives and another that collects details on the BIOS, motherboard, and processor of infected systems.
Read 3 remaining paragraphs | Comments
A top appeals court to hear why NSA metadata spying should stay or go
On Tuesday, three judges at one of the nation’s most powerful appellate courts will hear oral arguments in the only legal challenge to result in a judicial order against the National Security Agency’s (NSA) vast telephone metadata collection program. That order was put on hold pending the government’s appeal in this case.
The District of Columbia Circuit Court of Appeals could overturn last year’s unusual lower court ruling that ordered an end to the program, or the court could confirm it.
The lawsuit, known as Klayman et al v. Obama et al, pits a longstanding conservative lawyer, Larry Klayman, against the American government and its intelligence apparatus. If Klayman wins, the suit is likely to be eventually appealed further to the Supreme Court.
Read 19 remaining paragraphs | Comments
RemoteIE gives free access to Internet Explorer VMs without the VM
For some time now, Microsoft has offered free Windows virtual machine images to make it easier for Web developers to test their work in a bunch of different Internet Explorer versions. A new beta scheme launched today takes that one step further: with RemoteIE, devs don't even need to download and run the virtual machine. Microsoft will run the VMs instead, using its Azure RemoteApp service to provide remote access.
Access to the remote Internet Explorer is provided through the RemoteApp client. This is a close relative of the regular Windows Remote Desktop app, and like the Remote Desktop app, it's available on a number of platforms; not just Windows and OS X, but also iOS, and Android.
With RemoteIE, developers have full access to Internet Explorer and all its features, albeit only with software-mode WebGL. F12 developer tools are available, though there's no ability to install add-ons or extensions to the remote browser. Sessions are limited to 60 minutes presently and will disconnect after 10 minutes of inactivity.
Read 1 remaining paragraphs | Comments