US Circuit Judge Gerald Lynch was on a three-judge panel that considered an ACLU challenge to NSA spying. C-SPAN

Six days after the first Snowden leak appeared on the front pages of newspapers worldwide, the American Civil Liberties Union filed a lawsuit to stop the mass surveillance by US intelligence agencies. A New York federal judge ruled against the ACLU in December. Today, ACLU lawyers made a second effort, making their case to a three-judge panel on the US Court of Appeals for the 2nd Circuit. It's the first time a US Appeals Court has considered whether the "bulk telephony" database is constitutional.

Oral arguments stretched on for nearly two hours this morning, an unusually long argument for the US Court of Appeals for the 2nd Circuit, which often gives just 10 or 15 minutes to each side for oral argument in an appeal case. C-SPAN was allowed to record and broadcast the full proceeding, another unusual step in an appeals court that's nearly always closed to cameras. The proceedings can be viewed on C-SPAN's website.

ACLU v. Clapper is one of three cases challenging mass surveillance that are now headed to appeals courts. Another case, Klayman v. Obama, was filed in Washington, DC federal courts just one day after the surveillance revelations. In that case, DC-based US District Judge Richard Leon ruled that the NSA's spying technology was "almost Orwellian" and likely unconstitutional.

Read 29 remaining paragraphs | Comments

Home Depot may be the latest victim of retail hackings of customer debit and credit card information.

The suspected breach, first reported on Tuesday by journalist and security researcher Brian Krebs, may involve all 2,200 US stores and has some of the hallmarks of the group that compromised Target, Sally Beauty, and P.F. Chang's, according to Krebs. Home Depot is currently looking into the fraud anomalies and promised to notify customers as soon as it has evidence of a breach.

"At this point, I can confirm that we’re looking into some unusual activity and we are working with our banking partners and law enforcement to investigate," Home Depot spokesman Paula Drake said in a statement to Ars. "Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers."

Read 4 remaining paragraphs | Comments

Arno Gourdol

Mario is just a video game, and rocks don’t have legs. Both of these things are true. Yet, like the Mario ghosts that advance only when your back is turned, there are rocks that we know have been moving—even though no one has ever seen them do it.

The rocks in question occupy a spot called Racetrack Playa in Death Valley. Playas are desert mudflats that sometimes host shallow lakes when enough water is around. Racetrack Playa gets its name from long furrows extending from large rocks sitting on the playa bed—tracks that make it look as if the rocks had been dragged through the mud. The tracks of the various rocks run parallel to each other, sometimes suggesting that the rocks had made sharp turns in unison, like dehydrated synchronize swimmers.

Many potential explanations have been offered up (some going back to the 1940s) for this bizarre situation, as the rocks seem to only move occasionally and had never been caught in the act. One thing everyone could agree on was that it must occur when the playa is wet and the muddy bottom is slick. At first, suggestions revolved around especially strong winds. One geologist went as far as to bring out a propeller airplane to see how much wind it would take.

Read 9 remaining paragraphs | Comments

An Apple spokesperson has issued a statement on the company’s investigation of the hacking of female celebrities’ cloud accounts and the theft of photos from their accounts. And Apple is, in essence, blaming the victims. Or at least, their security questions and passwords.

“We wanted to provide an update to our investigation into the theft of photos of certain celebrities,” the statement reads. “When we learned of the theft, we were outraged and immediately mobilized Apple’s engineers to discover the source. Our customers’ privacy and security are of utmost importance to us."

Initial reports from security sources suggested that an exploit of a weakness in Apple's "Find My iPhone" API that allowed a brute force password attack. Apple has discounted those reports, and it blames the success of the attacker on what amounts to social engineering of the accounts—by trying to use personal data to guess passwords or answers to security questions for the accounts in question. "After more than 40 hours of investigation, we have discovered that certain celebrity accounts were compromised by a very targeted attack on user names, passwords, and security questions, a practice that has become all too common on the Internet. None of the cases we have investigated has resulted from any breach in any of Apple’s systems including iCloud® or Find my iPhone. We are continuing to work with law enforcement to help identify the criminals involved.”

Read 1 remaining paragraphs | Comments

Columbia University

Phase change materials can switch between two forms depending on how quickly they're cooled. Cool them quickly and you get an amorphous form, which provides significant resistance to the flow of electrons. Cool them slowly and they will allow electrons to flow more readily. Once cooled, these two forms remain stable, locking the differences in conduction in place.

This difference has been exploited to create a type of storage called phase change memory that's as fast as standard RAM but retains its contents between power cycles. So far, phase change memory hasn't been a commercial success. But some researchers are now experimenting with the idea of building processors out of the technology.

The efforts started out with a simple arrangement of resistors and phase change bits that operated like a logic gate, allowing AND, OR, and NOT operations. But a new paper shows that by carefully controlling how the phase change bits are set in the first place, it's possible to have a single bit perform different logic operations, acting as a NOT, NOR, or NAND gate. Regardless of the operation's output, it's stored even if power is shut down.

Read 9 remaining paragraphs | Comments

Robert Scoble

A federal judge is mulling whether to hold Microsoft in contempt of court for defying orders to give the US government e-mails stored on an overseas server.

The case is the nation's first testing the Obama administration's position that any company with operations in the US must comply with valid warrants for data, even if the content is stored overseas. The US believes the e-mail on a Microsoft server in Dublin, Ireland is associated with narcotics trafficking.

Microsoft on Tuesday reiterated its position that it was talking with US District Judge Loretta Preska, the judge who sided with the Obama administration on Friday. "We will not be turning over the e-mail," Microsoft said in a statement.

Read 11 remaining paragraphs | Comments

Apple

If you've ever developed an app for the iPhone or iPad, you've had to deal with Apple's App Store Review Guidelines. The lengthy list of rules encompasses many different areas, and Apple has just published a new page to explain what rules are broken the most often—and what developers can do to avoid rejection.

Apple's graph (which reports app rejections for the week leading up to August 28) shows that "incomplete information" is the most frequent reason for rejection—this includes providing demo account credentials for apps that require an account, failure to adequately explain any special settings needed for evaluation, and failure to provide an accompanying demo video for apps that only work under specific circumstances (when attached to a particular piece of hardware, for example). In short, tell Apple what it needs to know to evaluate your app, because the company isn't going to take extra time to do research if your app isn't self-explanatory.

Bugginess is another big reason for app rejections, as is failure to comply with Apple's Developer Program License Agreement. A fuzzier problem that takes down six percent of apps is a "complex or less than very good" user interface, which could mean that the interface is too cramped or not finger-friendly—Apple provides many UI explainers to developers, and failure to take them into account can get your app thrown out even if it's otherwise useful. The chart above and the page itself explains how to comply to these guidelines as well as the others on the list, though they won't help you much if your app was one of the 42 percent rejected for "other reasons."

Read 1 remaining paragraphs | Comments

While Microsoft has increased the amount of free space in its OneDrive cloud storage service and made it cheaper to buy more space, filling the cloud with data has always been a little annoying, since the company's sync apps have been limited to a maximum file size of 2GB. Anything larger won't get synced, and this limitation has provoked no end of complaints and frustration from OneDrive users.

It appears that the restriction is being lifted. Over the weekend, posters on reddit noticed that their large files were being synchronized between local and cloud storage.

Not everyone appears to be able to upload large files, with a Microsoft spokesman saying the company had started rolling out large file support, and that it would have a public announcement on the OneDrive blog at a later date.

Read 2 remaining paragraphs | Comments

Mike Mozart

In 20 states, legislators have protected Internet service providers from competition by passing laws that make it difficult or impossible for cities and towns to offer Internet service to residents.

AT&T wants to keep it that way. With the Federal Communications Commission considering whether these state laws should be invalidated, the company says that municipalities should simply never create their own broadband networks unless there’s virtually no chance that private ISPs will ever offer service to their residents.

“GONs [government-owned networks] should not be utilized where the private sector already is providing broadband or can be expected to do so in a reasonable timeframe,” AT&T attorneys wrote in a filing with the FCC on Friday. “Although many GONs have failed, or at least failed to live up to expectations, GONs can nonetheless discourage private sector investment because of understandable concerns by private sector entities of a non-level playing field. And any policy that risks diminishing private sector investment would be short-sighted and unwise.”

Read 13 remaining paragraphs | Comments

AnandTech

In case you missed it over the long weekend, Anand Shimpi, founder and editor-in-chief of hardware site AnandTech, retired from his position on Saturday evening. His farewell post doesn't mention what his next project will be, but Re/code later reported that he had been hired by Apple, a fact that Apple confirmed without divulging more specifics.

Shimpi (along with former mobile editor Brian Klug, who has also reportedly left for Apple and hasn't been active on AnandTech since January of this year) has been the primary source of information about Apple's mobile SoC architectures for the last couple of years now. Much of what we know about the Apple A6 architecture ("Swift," not to be confused with the programming language of the same name) and the Apple A7 ("Cyclone") comes from AnandTech reporting. What Shimpi and Klug will be doing for Apple isn't clear, but it's a fair bet that it's processor-related.

Shimpi has been running AnandTech for over 17 years, but the site will continue in his absence under new Editor-in-Chief Ryan Smith—the site remains focused on in-depth architectural overviews, benchmarks, and reviews, and Smith seems intent on keeping it that way. Still, as someone who has read AnandTech for many years and even worked there for a while, Anand's presence on the site that bears his name will be missed.

Read on Ars Technica | Comments

Andrew Cunningham

One of the biggest downsides to Android Wear—or (nearly) any smartwatch—is that it requires a tethered smartphone to work. This is fine for day-to-day activities where you have your smartphone anyway, but for activities where you'd rather carry a lighter load, like running, Android Wear doesn't help much.

In an interview with CNET, Android Engineering Director David Singleton and Vice President of Android Engineering Hiroshi Lockheimer talked about the future direction of the platform, including announcing upcoming standalone functionality that doesn't require a smartphone. They revealed that Google will update Android Wear "several" times before the end of the year, with the first update coming this week.

We aren't sure what is coming when, but in the interview, the Googlers mentioned local music storage and playback, as well as A2DP Bluetooth support. In addtion to a pair of Bluetooth headphones, you'd be able to listen to music without a smartphone.

Read 5 remaining paragraphs | Comments

The Missouri police department that killed an unarmed teen last month is now equipped with body cameras so that officers may record their daily patrols.

The Ferguson Police Department was gifted 50 cameras, and officers on the street began wearing them on their uniforms over the Labor Day weekend.

“They are really enjoying them,” Chief Tom Jackson told the St. Louis Post-Dispatch. “They are trying to get used to using them.”

Read 3 remaining paragraphs | Comments

Amid weeks of heated rhetoric and misogyny-charged threats and attacks in the gaming world, many members of the gaming industry have publicly signed on to a petition asking for tolerance and acceptance in the larger community.

"We believe that everyone, no matter what gender, sexual orientation, ethnicity, religion or disability has the right to play games, criticize games and make games without getting harassed or threatened," Spaces of Play's Andreas Zecher wrote in an open letter on Medium.

"It is the diversity of our community that allows games to flourish. If you see threats of violence or harm in comments on Steam, YouTube, Twitch, Twitter, Facebook or reddit, please take a minute to report them on the respective sites," the letter says. "If you see hateful, harassing speech, take a public stand against it and make the gaming community a more enjoyable space to be in."

Read 2 remaining paragraphs | Comments

A spokesperson for Apple confirmed that the company is investigating whether an alleged vulnerability in the company’s “Find My iPhone” service and other possible vulnerabilities in its iCloud cloud storage service for Apple devices were used in the hacking of the personal photos of a number of celebrities. The FBI is also investigating whether the accounts of the celebrities were hacked.

Some of the photos, which were leaked through the “/b/” discussion forum on 4chan over the weekend, were apparently taken from iPhones—though it remains unclear when the hacking took place, or even if the same attackers are responsible for all of the leaked images.

“We take user privacy very seriously and are actively investigating this report,” said Apple spokeswoman Nat Kerris in a statement sent to the Wall Street Journal.

Read 5 remaining paragraphs | Comments

These aren't our illustrious orbiting sex geckos, but they are the experiment's ground-based control sex geckos, and that's almost as good! imbp.ru

Several weeks back, we learned of the harrowing tale of the zero-g sex geckos: blasted into low Earth orbit aboard the Russian Foton-M4 satellite as part of a biological experiment to study reproduction in microgravity, the sex geckos mission was endangered almost from the beginning when Russian space agency Roscosmos lost positive control over the geckos’ spacecraft. Roscosmos was able to receive telemetry, but it couldn't send commands. Without ground control, the Foton-M4 would slowly decay out of orbit and enter the atmosphere uncontrolled.

Fortunately, Roscosmos was able to reestablish its uplink only a few days later, and the experiments continued. Unfortunately, as is so often the case with pioneers who push forward the boundaries of scientific knowledge, all five of the geckos have died.

Their passing was discovered during recovery operations for the Foton-M4 spacecraft, which successfully de-orbited and landed as planned in southern Russia yesterday afternoon. When the intrepid reptiles’ enclosure was examined, it was found to contain five tiny mummified gecko bodies. Preliminary indications are that the geckos all froze to death.

Read 3 remaining paragraphs | Comments

NDTV

A few days ago, there had been word that Google would launch its Android One initiative in India in early September, and now, it looks like invites have gone out to the Indian press. NDTV, one of the biggest news outlets in India, has an invite for an "exciting new announcement from Google," which can only be Android One.

The event is on September 15th at noon IST (Indian Standard Time), or 2:30am ET/11:30pm PT for those of us in the US.

The goal of Android One is to bring "high-quality, affordable" smartphones to the developing world, starting with India and moving on to other locations if the strategy proves successful.

Read 2 remaining paragraphs | Comments

Soon, you won't need to be the Flash for quicker Web browsing. Flickr user: Katie Krueger

The Web is going to get faster in the very near future. And sadly, this is rare enough to be news.

The speed bump won't be because our devices are getting faster, but they are. It won't be because some giant company created something great, though they probably have. The Web will be getting faster very soon because a small group of developers saw a problem and decided to solve it for all of us.

That problem is images. As of August 2014, the size of the average page in the top 1,000 sites on the Web is 1.7MB. Images account for almost 1MB of that 1.7MB.

Read 71 remaining paragraphs | Comments

Jenn Deering Davis

By now, you have probably heard about the digital exposure, so to speak, of nude photos of as many as 100 celebrities, allegedly taken from their Apple iCloud backups (and, it appears, based on the image analysis done by some, from other cloud services). Some of the images were posted to the “b” forum on 4Chan. Over the last day, an alleged perpetrator has been exposed by redditors, although the man has declared his innocence. The mainstream media have leapt on the story and have gotten reactions from affected celebrities including Oscar winner Jennifer Lawrence and model Kate Upton.

Someone claiming to be the individual responsible for the breach has used 4Chan to offer explicit videos from Lawrence’s phone, as well as more than 60 nude “selfies” of the actress. In fact, it seems multiple "b-tards" claimed they had access to the images, with one providing a Hotmail address associated with a PayPal account, and another seeking contributions to a Bitcoin wallet. Word of the images launched a cascade of Google searches and set Twitter trending. As a result, 4Chan/b—the birthplace of Anonymous—has opened its characteristically hostile arms to a wave of curious onlookers hoping to catch a glimpse of their favorite starlets’ naked bodies. Happy Labor Day!

This breach appears different from other recent celebrity "hacks" in that it used a near-zero-day vulnerability in an Apple cloud interface. Instead of using social engineering or some low-tech research to gain control of the victims' cloud accounts, the attacker basically bashed in the front door—and Apple didn't find out until the attack was over. While an unusual, long, convoluted password may have prevented the attack from being successful, the only real defense against this assault was never to put photos in Apple's cloud in the first place. Even Apple's two-factor authentication would not have helped, if the attack was the one now being investigated.

Read 14 remaining paragraphs | Comments

An alien world, extraterrestrial exploration, and memory wipes on Mars sound like the makings of a Hollywood movie. Instead, it's a major IT project.

After a decade of exploring, the Opportunity rover's computer system will get a reboot to reformat its flash memory and eliminate its reliance on malfunctioning memory cells. In the last month alone, the rover has had to reset its systems a dozen times, a process that can take a day or two, according to NASA's Jet Propulsion Laboratory, Pasadena, California.

"Worn-out cells in the flash memory are the leading suspect in causing these resets," John Callas, project manager for NASA's Mars Exploration Rover Project, said in a statement. "The flash reformatting is a low-risk process, as critical sequences and flight software are stored elsewhere in other non-volatile memory on the rover."

Read 5 remaining paragraphs | Comments

Tavurvur erupting in 2008. Taro Taylor

Last week, the eyes of volcanologists—and presumably a few nervous pilots—were fixed on Iceland. But unexpectedly, the volcanic eruption that made headlines happened on the other side of the world, in Papua New Guinea.

Before dawn on August 29, Tavurvur—a stratovolcano on the island of New Britain, in Papua New Guinea’s eastern archipelago—awoke spectacularly after two decades of dormancy. The eruption shot lava hundreds of meters into the air, while the accompanying ash cloud reached 18km, almost double the cruising altitude of most commercial aircraft. As a precaution, several flights from Australia were rerouted around the volcano.

The explosions at Tavurvur have since died down somewhat, though as of Sunday the volcano was still ejecting material from its crater. The activity may still intensify. Regardless of how the eruption proceeds, this is a volcano worth remembering.

Read 10 remaining paragraphs | Comments