Simon Greig

While Apple won't confirm it, the company has removed its warrant canary from its latest transparency report, issued this week. While this could mean that the company has received a new secret government order to provide user data, there is still another more likely possibility: it's not publishing warrant canaries at all.

Warrant canaries work like this: a company publishes a notice saying that a warrant has not been served as of a particular date. Should that notice be taken down, users are to surmise that the company has indeed been served with one. The theory is that while a court can compel someone to not speak (a gag order), it cannot compel someone to lie. The only problem is that warrant canaries have yet to be fully tested in court.

In November 2013, the second time (the first was in June 2013) Apple issued its transparency report (for a period covering the first half of 2013), the company wrote as its warrant canary:

Read 12 remaining paragraphs | Comments

Oracle CEO Larry Ellison. Photograph by Oracle PR

Larry Ellison, CEO of multinational software company Oracle, is leaving his position as CEO effective immediately. According to the company's official statement, Larry Ellison will continue to work for the company as its Executive Chairman and Chief Technology Officer.

In his stead, Oracle executives Mark Hurd (formerly of HP) and Safra Katz will take over as co-CEOs. Oracle's statement says that Ellison will continue to be in charge of "all software and hardware engineering functions" in his new role as the company's CTO.

"Safra and Mark will now report to the Oracle Board rather than to me," said Ellison via the statement. "All the other reporting relationships will remain unchanged. The three of us have been working well together for the last several years, and we plan to continue working together for the foreseeable future."

Read 2 remaining paragraphs | Comments

Facebook's News Feed pays attention to trending topics, right, but news feeds have lately seemed to be lacking in news.

Following criticism of the lack of current events in Facebook news feeds, Facebook has announced tweaks to its algorithms meant to help surface timely content. The company plans to do this by giving more value to posts that get interactions, such as likes and comments, and pushing posts when that activity seems to be cresting.

In the blog post announcing the changes, Facebook wrote that it often prioritizes posts about "trending" topics that appear in the chart of hashtags posted on the right side of users' homepages. Facebook also places higher value on posts according to how many interactions (likes, comments, shares) they receive.

But as things are, some users have noted that Facebook seems to miss news waves, or is late to them, as with the fatal shooting of Mike Brown and the related protests that played out over weeks in August. When Facebook's curation methods didn't acknowledge those events, users noticed the news vacuum in their news feeds.

Read 1 remaining paragraphs | Comments

"Man Controlling Trade," 1942, by Michael Lantz. brian mcneal

There are hundreds of so-called "patent trolls," but MPHJ Technology became one of the most well-known when it sent thousands of letters to small businesses around the country suggesting they should pay around $1,000 per worker for using basic "scan-to-email" functions.

The legal and political blowback since then have made MPHJ truly unique in the patent-licensing world. The sheer mass of the company's demand letters caused it to get sued by attorneys general in Vermont and Nebraska, making it the only patent troll to ever be sued by the government. The company's tactics were denounced in Congress, and it drew the attention of the Federal Trade Commission.

In January, MPHJ took the stunning step of actually suing the FTC. According to MPHJ's complaint, the FTC had threatened to file suit, saying that its letter campaign constituted a deceptive trade practice. That was a violation of its right to talk about and enforce its patents, a right protected under the First Amendment.

Read 10 remaining paragraphs | Comments

The accelerator where the work took place. https://www.gsi.de/en/research/accelerator_facility/storage_ring.htm

Einstein is most famous for general relativity, which is really a theory of gravity. But his theory of special relativity has been just as important. Special relativity is all about how to interpret measurements: if you measure the speed of an object from a moving vehicle, how do I reconcile that number with a measurement I make from the side of the road? At low speeds this is a fairly simple task, but at very high speeds things start to get strange. This strangeness arises as a consequence of the speed of light being constant.

Tests of the validity of special relativity abound, but they've been limited to a few classes of objects. The ones done in the lab are usually very sensitive experiments performed on relatively slow-moving objects, while natural tests use the motion of the Earth or other astronomical objects. Now, a German facility has measured time dilation very accurately. But in a twist, these measurements were performed on things moving at just under 40 percent of the speed of light in the laboratory.

The researchers tested how clocks slow down when they are in motion. For example, if you are in motion relative to me, and I can see the watch on your hand, I should observe that it runs slightly slow compared to the one I'm wearing. Indeed, if you put an atomic clock in an airplane and fly it around the world, it will end up with a slightly different time than an identical clock that remained at the airport.

Read 15 remaining paragraphs | Comments

@OccupyWallStNYC

On Wednesday, three years to the day since the beginning of Occupy Wall Street, one of its former leaders has sued another leader over a disputed Twitter account.

@OccupyWallStNYC has 177,000 followers, and it's apparently controlled by Justin Wedes, a self-identified "educator and activist based in Detroit, Michigan" and a "founding member" of the New York City General Assembly. Wedes did not respond to Ars’ requests for comment.

According to the suit, which was filed by the OWS Media Group in the Supreme Court of the State of New York, Wedes "hijacked" the account in early August 2014, "making himself the sole person in control of the Twitter Account."

Read 16 remaining paragraphs | Comments

Aurich Lawson

AT&T’s proposed $48.5 billion acquisition of DirecTV will reduce competition for TV subscribers, increase AT&T’s “incentive to discriminate against online video services,” and give AT&T more reasons to neglect its aging copper network, consumer advocacy groups argue in a petition to deny the merger.

AT&T has claimed the merger would help it expand fiber buildouts to an additional two million locations, but this claim is unverifiable because AT&T hasn’t said how much fiber it will deploy if the merger is not approved, says the petition to the FCC filed Tuesday by Public Knowledge and the Institute for Local Self-Reliance.

AT&T has a lot of copper throughout its 22-state wireline footprint, but it has no intention of deploying faster fiber networks throughout the entire territory. Some customers prefer copper over fiber for telephone service anyway, because of its ability to work through many power outages. But AT&T has been accused of failing to maintain its copper networks, and the petition says purchasing a satellite TV provider would increase AT&T’s incentive to push customers from copper to wireless.

Read 11 remaining paragraphs | Comments

Ivan David Gomez Aarce

China's military broke into Pentagon contractors' computer networks at least 50 times—hacks that threaten "to erode US military technical superiority," according to a federal investigation.

The Senate Arms Services Committee found that nearly two dozen intrusions were of the well-orchestrated "advanced persistent threat" variety. The yearlong probe [PDF] blamed the Chinese government for hacks targeting civilian transportation companies that the US military employs for the movement of troops and equipment. According to the investigation, hackers from the People's Liberation Army started in 2012 and put malware onto an airline's computers, stealing computer codes, e-mail, documents, and user accounts from firms the government declined to name.

"These peacetime intrusions into the networks of key defense contractors are more evidence of China's aggressive actions in cyberspace," said committee chairman Sen. Carl Levin (D-Mich.)

Read 7 remaining paragraphs | Comments

CloudFlare has developed a way to separate SSL from private crypto keys, making it easier for companies to use the cloud to protect their networks.

Content delivery network and Web security company CloudFlare has made a name for itself by fending off denial-of-service attacks against its customers large and small. Today, it's launching a new service aimed at winning over the most paranoid of corporate customers. The service is a first step toward doing for network security what Amazon Web Services and other public cloud services have done for application services—replacing on-premises hardware with virtualized services spread across the Internet.

Called Keyless SSL, the new service allows organizations to use CloudFlare’s network of 28 data centers around the world to defend against distributed denial of service attacks on their websites without having to turn over private encryption keys. Keyless SSL breaks the encryption “handshake” at the beginning of a Transport Layer Security (TLS) Web session, passing part of the data back to the organization’s data center for encryption. It then negotiates the session with the returned data and acts as a gateway for authenticated sessions—while still being able to screen out malicious traffic such as denial of service attacks.

In an interview with Ars, CloudFlare CEO Matthew Prince said that the technology behind Keyless SSL could help security-minded organizations embrace other cloud services while keeping a tighter rein on them. “If you decide you’re going to use cloud services today, how you set policy across all of these is impossible," he said. "Now that we can do this, fast forward a year, and we can do things like data loss prevention, intrusion detection… all these things are just bytes in the stream, and we’re already looking at them.”

Read 13 remaining paragraphs | Comments

Verizon CEO Lowell McAdam. Verizon

No company has gone to greater lengths than Verizon in trying to stop the government from enforcing network neutrality rules.

Verizon is the company that sued to overturn the Federal Communications Commission’s Open Internet Order from 2010. Verizon won a federal appeals court ruling this year, overturning anti-discrimination and anti-blocking rules and setting off a months-long scramble by the FCC to get enforceable rules into place.

Verizon has also been spending money to press its case with lawmakers. "An analysis by San Francisco-based data firm Quid found that Verizon alone spent $100 million to lobby Congress on net neutrality since 2009," NPR reported yesterday.

Read 11 remaining paragraphs | Comments

A shale gas well being drilled in Louisiana. Daniel Foster

The primary public concern surrounding fracking—the fracturing of shale rock layers with hydraulic pressure to release the natural gas and oil they contain—has been the perceived risk to drinking water. After all, the water used to fracture the rock is laced with chemicals that enhance the process, and some of them are hazardous. While those chemicals haven’t really shown up in water wells, natural gas has. If natural gas isn’t identified and vented, it could collect in buildings and pose an explosion hazard—videos of garden hoses turned into flame-throwers have made the rounds.

But tying that natural gas to fracking projects isn’t as straight-forward as many assume since there are natural sources of methane as well. One group of researchers has been studying this question for several years, focusing on Pennsylvania, where the Marcellus Shale has been targeted by the natural gas industry. A controversial analysis the group performed concluded that natural gas in well water was more common near active natural gas production wells, indicating that much of the contamination was related to recent human activities rather than natural conditions.

The researchers also looked for hints of natural migration of fluids from the Marcellus Shale, which is deep underground, to the well water, which is taken from sources closer to the surface. By analyzing elements like chlorine and strontium, they identified the fingerprint of briney Marcellus fluid in some of the water wells, which pull from an aquifer where concentrations of those elements are much lower. They concluded that some of those fluids were present, casting doubt on the idea that the Marcellus Shale was too tight a seal to allow fluid to escape upward into drinking water. That work also indicated that some of the methane-contaminated wells seemed to be impacted by naturally occurring methane, but typically the ones close to natural gas production wells weren't.

Read 16 remaining paragraphs | Comments

Yesterday evening Apple released OS X 10.9.5 to the general public, the fifth major update for OS X Mavericks. As usual, the update comes with a handful of fixes for user-facing features as well as a small pile of security updates. Many of these security patches are also available for OS X 10.7.5 and 10.8.5 in separate updates.

Like OS X 10.9.4, the update focuses on smaller problems that affect a subset of Macs. The new features include Safari 7.0.6, improved "reliability for VPN connections that use USB smart cards for authentication," and better reliability for connecting to file servers that use the SMB protocol. For businesses using OS X, the update fixes a problem that could keep system admins from "performing some administrative tasks successfully" on larger groups of Macs, and it also speeds up authentication "when roaming on 802.1x networks which use EAP-TLS."

Among the security updates are fixes for Bluetooth, CoreGraphics generally and the Intel graphics driver specifically, and OS X's version of OpenSSL among many others. The latter problems were fixed by updating from OpenSSL version 0.9.8y to 0.9.8za.

Read 6 remaining paragraphs | Comments

A little over four years ago, before I joined Ars Technica (and while I was working as a freelance writer), I started a Google Group called "Game Journalism Professionals." As I stated in an introductory post at the time, the group was intended as "a semi-private way to connect and talk" with colleagues based well outside my home base of Pittsburgh and whom I saw in person only a few times a year.

Yesterday, that group came under fire for being a secret clearinghouse where "elite" journalists discuss how best to collude on covering the video game industry to "shape industry-wide attitudes to events." In reality, the group was and is simply a place for business competitors (and journalists are definitely competitive!) to discuss issues of common professional interest.

Unfortunately, in the wake of initial attacks on game developer Zoe Quinn, I wrote one message to the group in which I said several things that I soon came to regret. In private conversation, we've all had the experience of throwing out ideas, only to realize after further thought that they weren't appropriate or productive—and life moves on. The bad ideas are forgotten. Thanks to the Internet, though, such conversations can now be archived and then dredged up for display to the public weeks or months later.

Read 14 remaining paragraphs | Comments

iCloud Drive is now available on Windows, but not OS X. Andrew Cunningham

Apple officially released iCloud Drive yesterday as part of the iOS 8 update, but it came with a caveat: turning it on disables the "old" way of iCloud syncing, but OS X doesn't yet support iCloud Drive and won't until OS X Yosemite is released later this fall. If you use iCloud to sync application data between your phone, tablet, and desktop, this means you'll need to keep living with the more limited version of iCloud until Yosemite is out (or roll the dice and give the Public Beta a try).

If you're a Windows user with an iPhone, though, you can go ahead and pull the trigger on that iCloud Drive update now. Apple today released an updated version of the iCloud for Windows application that adds full support for iCloud Drive. Install the program and sign in, and iCloud Drive will appear in your user profile folder and your Favorites menu in Windows Explorer, much like Microsoft's own OneDrive cloud storage service. This is the first opportunity that Windows users will have to view and directly manipulate iCloud data, not counting the more limited capabilities of the iCloud.com Web apps, and it's a nice new addition for people who like iOS but don't care to use Macs.

Otherwise, iCloud for Windows continues to be more limited than iCloud on either iOS or OS X. It can sync with your Photo Stream and sync Safari bookmarks with either Internet Explorer, Firefox, or Chrome, and if you have Outlook 2007 or later installed it will also offer to sync your iCloud mail, calendars, contacts, and reminders. However, it can't use iCloud Keychain to sync passwords, nor does it provide any kind of "Find My Device" functionality as it does in both iOS and OS X. You can't sync Notes data directly either, though that feature is accessible via iCloud.com.

Read 1 remaining paragraphs | Comments

Left: The Note 3, Right: The Note 4. Ron Amadeo

Phablets are all the rage these days, and the originator of this market segment, the Galaxy Note Series, has a fresh update coming out soon. If you're interested in picking up the Galaxy Note 4, Samsung and friends will be happy to officially take your money starting tomorrow. Pre-orders for the Galaxy Note 4 start September 19, and delivery will come about a month after when the Note 4 releases on October 17.

If you need a quick refresher on the specs, the Note 4 is packing a 5.7-inch, 2560×1440 AMOLED display, 2.7GHz Snapdragon 805 processor, 3GB of RAM, 32GB of storage, a 16MP camera, and a 3220 mAh battery.

The Note 4 will be available just about everywhere in the US. Verizon, AT&T, Sprint, T-Mobile, and US Cellular have all signed up to sell it, and you can find it in Best Buy, Amazon, Costco, RadioShack, Sam’s Club, Target, and Walmart. Samsung says pricing and availability will vary by store, but it can't vary that much.

Read 1 remaining paragraphs | Comments

Tim Cook unveils iOS 8 at WWDC 2014. Megan Geuss

Apple has updated its privacy policy as part of the rollout of iOS 8, announcing that devices with the latest version of the operating system installed can no longer be accessed by the company itself.

Previously, as we reported in May 2014, if law enforcement came to Apple with a seized device and a valid warrant, it was able to access a substantial portion of the data already on an iPad or iPhone. But under the latest version of iOS, even that will be impossible.

"On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes, and reminders is placed under the protection of your passcode," the company wrote on its website Wednesday evening. "Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data. So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."

Read 20 remaining paragraphs | Comments

Andrew Cunningham

The old Apple TV setup screen. Note the glassy button and its blue glow.

27 more images in gallery

.related-stories { display: none !important; }

CN.dart.call("xrailTop", {sz:"300x250", kws:["top"], collapse: true});The Apple TV's interface is only vaguely similar to the one on your iPhone or iPad, but inside the set-top box is the same hardware and software that runs the rest of the iDevices. Alongside iOS 8, Apple today introduced "Apple TV Software version 7.0," a fancy name for "the Apple TV's version of iOS 8."

The Apple TV's software was never as skeuomorphic and texture-soaked as iOS 6 was on the iPhone and iPad, but the old interface still used thicker fonts and glassy buttons. The new update tweaks the design to bring it in line with iOS 7, iOS 8, and the upcoming OS X Yosemite. Helvetica Neue Light is everywhere, and glassy buttons and faint blue glows are replaced by flat black-and-white buttons.

The new design is what you'll notice first, but the Apple TV picks up a few other iOS 8-related features, too. The box supports Family Sharing, the feature that lets family members with different Apple IDs share purchases with one another. There's a new Beats Music channel, which ties in to the streaming service Apple picked up when it bought Beats earlier this year. And AirPlay now works with other iDevices, even if they're not on the same Wi-Fi network—now, devices can form an ad-hoc wireless network and stream that way. We recommend using the Apple TV's built-in security features to keep strange iPhones from finding and streaming to your Apple TV without your consent.

Read 1 remaining paragraphs | Comments

Microsoft has unveiled a revamp of its developer program today, ending the annual fees to have apps published in the Windows and Windows Phone stores, in favor of a single up-front payment. Individuals can pay about $19 and companies about $99 to gain perpetual access to both storefronts.

The company is also promoting a new reward scheme for developers. Registered devs are divided into three categories, Explorer, Expert, and Master. The Explorer category, open to all, offers design and architecture guidance for developers. Developers can upgrade to the other categories by having successful apps; the more downloads and revenue apps receive, the better the status that's earned. Expert level gives improved ad terms, and Master level adds marketing support and early access to future SDKs.

The new scheme is clearly a nice gesture toward one developer demographic: the hobbyist. While $19 a year was never going to break the bank, scrapping the annual fee partially addresses one of the more paradoxical aspects of the platform: if Microsoft is so desperate for apps, why does it charge people to publish them? From a pure cost of entry perspective, this change clearly makes Windows and Windows Phone somewhat more attractive than they were before, and substantially more attractive than iOS.

Read 11 remaining paragraphs | Comments

A Fire Keyboard + Fire HDX 8.9 + origami case. Casey Johnston

Amazon announced a slate of new Kindle products late Wednesday, including two new e-readers, a handful of new tablets, and a new version of its Android-based Fire operating system. Among the products are the new, ultra-thin Kindle Voyage e-reader and a new version of the 8.9-inch Fire HDX tablet, which now has an optional keyboard reminiscent of the Microsoft Surface.

A couple of new e-readers...

The Kindle Voyage is designed to be Amazon's new high-end Kindle model at 7.6 millimeters thick with a magnesium metal back. The Voyage has a 300ppi Paperwhite display that is 39 percent brighter than the previous model. The screen is front-lit and adaptive, so not only can it adjust to the ambient light in the room, Amazon says it will also perform a gradual adjustment over the course of 30 minutes to compensate for the adjustment of readers' eyes to the display in that environment.

The Voyage also slightly revamps the controls: instead of the page-turning buttons used in older Kindles, the Voyage has pressure-sensitive pads with haptic feedback on either side of the screen that are meant to be quieter. The screen in the Voyage is a single piece of glass flush with the bezel that is micro-etched to minimize reflections and mimic the feeling of paper, according to Amazon.

Read 9 remaining paragraphs | Comments

Goodwill Industries was one of three companies affected by an attack on a retail managed service provider that went undetected for over 18 months. Dwight Burdette

In July, it was revealed that Goodwill Industries had suffered from a credit card data breach that affected the charitable retailer’s stores in at least 21 states. The Goodwill breach seemed by many to be just the latest case of criminals taking advantage of the weak underbelly of retailers—their point-of-sale systems. But now, as it turns out, the Goodwill breach was just part of a much larger attack on an outside managed service provider that affected at least two other companies. And many more may have been affected without their knowledge.

Security reporter Brian Krebs first broke the news on the Goodwill breach in July and traced the breach back to C&K Systems, a reseller of retail software systems from NCR, Retail Pro, and other retail software and systems providers. Goodwill had outsourced much of the operation of its retail systems, including its point-of-sale (POS) systems, to C&K through a managed service contract.

In a statement published on Monday, C&K Systems admitted that they had suffered a breach of point-of-sale systems tied to their “Hosted Managed Services Environment.” The company determined with the assistance of outside forensic investigators that the breach began sometime in early 2013. “The unauthorized access affected our Hosted Management Services Platform intermittently between February 10, 2013 and August 14, 2014.”

Read 11 remaining paragraphs | Comments