He's going to be mean to me, isn't he? NIH

Individuals with major depressive disorder or post-traumatic stress disorder have elevated levels of proteins linked to immune activity and inflammation called cytokines. It hasn’t been clear, however, whether depression increases cytokine levels, or if the cytokines themselves contribute to depression.

Figuring out the cytokine-depression link would be difficult to do in human subjects. However, depression can be induced in lab animals that have been exposed to repeated social stresses. Now, researchers have used this approach to reveal that elevated cytokine levels can be used to predict an animal’s susceptibility to depression.

In this study, researchers subjected mice to repeated social defeats by putting them in a cage with larger, more aggressive mice for short periods over a 10 day span. Each defeat event lasted only 5-10 minutes; however, the mice were also exposed to continued psychological stress by placing the aggressive mouse on the other side of a clear divider 24 hours a day. To make things worse, each day, a new aggressor was chosen. This protocol has previously been demonstrated to induce depression-like social avoidance behaviors in mice.

Read 8 remaining paragraphs | Comments

This chatty Samsung phone is spilling all the goods on its owner's travels—without even being asked. Sean Gallagher

Every time you use Google or Apple mobile location services, you’re not just telling the services where you are. You’re also shouting many of the places you’ve been to anyone who happens to be listening around you—at least if you follow Google’s and Apple’s advice and turn on Wi-Fi for improved accuracy.

Wi-Fi is everywhere. And because of its ubiquity, Wi-Fi access points have become the navigational beacons of the 21st century, allowing location-based services on mobile devices to know exactly where you are. But thanks to the way Wi-Fi protocols work, mapping using Wi-Fi is a two-way street—just as your phone listens for information about networks around it to help you find your way, it is shouting out the name of every network it remembers you connecting to as long as it remains unconnected.

The problem with Wi-Fi “probe” requests is nothing new—Dan Goodin covered the vulnerability for Ars two years ago. The problem poses a significant security issue in some cases—particularly for AT&T customers, whose phones automatically join networks named “attwifi” when their probe requests are answered. That’s something we’ve demonstrated ourselves in controlled test at Ars’ security skunkworks.

Read 19 remaining paragraphs | Comments

Cindy Cohn Dave Maass Cindy Cohn, the Electronic Frontier Foundation's legal director at the forefront of trying to dismantle the National Security Agency's domestic spying apparatus long before Edward Snowden became a household name, has been named the digital rights group's executive director.

Cohn's elevation, effective in April, is part of a major management overhaul to the San Francisco-based group whose budget has blossomed from $1 million annually in 1999 to about $9 million this year, the group announced Wednesday. Cohn, who has been litigating the constitutionality of the NSA's electronic eavesdropping since 2006, succeeds Shari Steele, the EFF's top executive the past 14 years.

"Cindy is one of the smartest lawyers I've ever known, and a great strategist," EFF co-founder John Gilmore said in a statement. "Cindy truly understands what makes EFF successful, and we're thrilled she will lead the organization."

Read 4 remaining paragraphs | Comments

Kaci Hickox, a Doctors Without Borders nurse, was forced into this New Jersey quarantine upon returning to the United States after treating Ebola victims in Sierra Leone. YouTube

"I'm not willing to stand here and let my civil rights be violated when it's not science-based."

Those were the recent words of nurse Kaci Hickox, who successfully fought Maine's 21-day home quarantine order last week after she returned from treating Ebola patients in Sierra Leone.

Hickox first made headlines last month after she was detained in a plastic isolation tent near the Newark airport and later transferred to Maine. The 33-year-old Hickox then defied Maine's stay-at-home quarantine orders and went on a bike ride, prompting a showdown of sorts. Hickox's defiance highlighted the science, fear, hysteria, and politics surrounding a disease that has no cure but just arrived to the United States—with four known cases nationwide—from Ebola-ravaged West Africa.

Read 34 remaining paragraphs | Comments

Violations of social norms can be rampant in crowded environments like this.

Humans are strangely nice. This seems an odd assertion given our ongoing concerns with war, inequality, and environmental degradation. But one thing really astonishing about us as a species is how many times a day we have completely cooperative encounters with each other—ones that uphold social norms, even in modern urban societies where interactions among strangers are common.

When people who interact often cooperate with one another, we can explain their politeness by looking at how much they stand to benefit from their ongoing relationship. When it comes to behaviors with strangers, like queue-jumping, the fact that norms are upheld more often than they are broken is puzzling. What reason is there to play nice if the strangers around you will have no impact on your life in the future?

The leading explanation for this cooperation is that people do actually punish strangers for not cooperating—and a recent paper in PNAS provides evidence that this happens in the real world. It also indicates that people prefer certain kinds of punishment over others.

Read 11 remaining paragraphs | Comments

An unpatched vulnerability in Yosemite and some earlier versions of Apple's Mac OS X allows untrusted people to take full control of users' machines, a security researcher has warned.

Dubbed Rootpipe, the privilege escalation bug allows people to gain root access, a nearly unrestricted level of system privileges, without first entering the "sudo" password, according to a recent report published by MacWorld. Sudo is a mechanism that's designed to prevent code execution, file deletions, and other sensitive operations from being carried out by unauthorized people who have physical access to a computer.

"Normally there are 'sudo' password requirements, which work as a barrier, so the admin can't gain root access without entering the correct password," Emil Kvarnhammar, a researcher at Swedish security firm Truesec, told Macworld. "It took a few days of binary analysis to find the flaw, and I was pretty surprised when I found it."

Read 2 remaining paragraphs | Comments

The 2015 Cadillac ATS coupe with integrated LTE. It's basically a big red smartphone. Ron Amadeo

Harman International, the car infotainment manufacturer, recently spilled the beans on a "next-gen" infotainment system it is building for General Motors. Automotive News has quotes from the company's CEO, Dinesh Paliwal, who describes an Android-based system with an app store and "instant" boot up. The report says that Harman is "working closely" with Google to make the system a reality.

This system isn't Android Auto. Unlike regular Android, Android Wear, and Android TV, Android Auto isn't an operating system. It doesn't live on the car's computer, it doesn't control peripherals, and it doesn't have an app store. Like Apple's CarPlay, Android Auto is just a "casted" interface. Your plugged-in smartphone sends a custom interface to the car's screen and receives touch events, but the car still has to run some other operating system.

Harman won a $900 million contract from GM to build the system, and judging by Harman CEO's description, this is an actual embedded Android system that will power the entire infotainment setup. That typically includes the audio system, air conditioning, navigation, voice recognition, phone calls, reverse cameras, and Internet access.

Read 3 remaining paragraphs | Comments

The view from Jesse Walser's house in the country. Jesse Walser

Many Americans have just one good option for wireline broadband service. But even one good choice puts them ahead of people in some sparsely populated areas that Internet service providers neglect because they aren’t dense enough to provide huge profits.

Although progress is being made in rural America through a combination of private and public initiatives, there are still people like Jesse Walser of Pompey, a town of 7,000 residents in New York. Walser, who works as a laboratory analyst at a beer brewery, is one of the five percent of Americans who live in areas without any providers offering wired Internet service (excluding dialup). Walser’s only viable options are wireless.

Time Warner Cable’s (TWC) lines are a third of a mile from Walser’s house, and the company has received more than $10 million in state funding to bring broadband to underserved portions of New York over the past two years. But the company (which will be purchased by Comcast if the government approves the merger) told Walser they won’t do the construction unless he pays more than $20,000. That’s just to reimburse TWC for its troubles—the monthly access bill would be on top of that.

Read 27 remaining paragraphs | Comments

This is how I've been spending my evenings. Lee Hutchinson

As a normal, competitive company, you'd think that Oculus would want the sea of competing virtual reality solutions in development to end up as poor as possible, making the eventual consumer version of the Rift look like the obvious choice. On the contrary, though, the Facebook subsidiary seems worried that bad experiences with competing products could sour the entire market on virtual reality before it really gets off the ground.

Speaking at Dublin's Web Summit conference (as reported by The Guardian and CNN), Oculus CEO Brendan Iribe expressed concern that inferior, motion-sickness-inducing headsets from other companies might "poison the well" for the re-emerging VR market, leading to a repeat of "the nuclear winter of virtual reality" in the mid-'90s.

"We're a little worried about some of the bigger companies putting out product that isn’t quite ready," Iribe said. "That elephant in the room is disorientation and motion sickness. ... We’re encouraging other companies, particularly the big consumer companies, to not put out a product until they’ve solved that problem."

Read 5 remaining paragraphs | Comments

Greetings, Arsians! We have a ton of deals this week, courtesy of our partners at TechBargains. The top deal is an LG 47-inch, 1080p LED TV for just $479—that's $220 off the regular price. But even if a TV isn't at the top of your wishlist, there are plenty of other deals for your consideration.

Featured deal

Price Drop! LG 47LB5900 47" 1080p 120Hz LED TV for $479 plus free shipping (list price $699.99)

Read 7 remaining paragraphs | Comments

If you have $500 to spend on this, I have a whole bunch of trash downstairs I'd be willing to sell you! eBay / City of Alamogordo

Video game collectors are known for spending tens of thousands of dollars for the rarest video game cartridges from decades past. But how much will they pay for real, honest-to-goodness historical trash?

We'll find out soon enough, as the city of Alamogordo, New Mexico started auctioning off 100 cartridges dug up from the Old Alamogordo landfill. That's the site where Atari infamously buried thousands of unsold and unsellable Atari 2600 cartridges in 1983, only to have them dug up earlier this year as part of a film project.

While the majority of the eBay listings are for horribly mangled Atari 2600 game boxes (presumably with mangled cartridges still inside), there are a few loose E.T. carts on the online auction block as well. Each auctioned item comes with a "city property I.D. tag, the Certificate of Authenticity, and a narrative with photos of the 1983 burial and the 2014 excavation proving the legend to be true." Somewhat hilariously, the auctions are listed in "Used" condition (even though the games were brand new when buried...) and come with the following caveat emptor warning: "The seller does not represent that this item is operable; it was buried for 30 years. SOLD AS IS."

Read 6 remaining paragraphs | Comments

Google's Nest Learning Thermostat is one of the better smart home gadgets out there, but at $250 for something that is normally under 50 bucks, it's an expensive upgrade. According to CNET, Nest is going to remove this barrier to entry by taking a page out of the smartphone playbook: it's offering the thermostat for free with a two-year contract.

For now the program is only in Ireland, where a deal with Electric Ireland subsidizes the Nest device with an electricity contract. Ireland seems like an odd place to start, but Nest Chief Executive Tony Fadell says the company will "bring it out to hopefully many more countries."

Back in February of this year, Google bought Nest for 3.2 billion. Nest is run as a separate subsidiary, and so far we haven't heard much from the combined-but-not-combined group—it's been business as usual.

Read 2 remaining paragraphs | Comments

Senator Udall visiting a wind power plant in Boulder in 2013. Mark Udall

Sen. Mark Udall (D-CO) was one of just a few US Senators decrying widespread surveillance even before the Snowden leaks. Udall has been a sharp critic of intelligence agencies since then as well, asking for CIA Director John Brennan to resign after allegations emerged that the intelligence agency gained access to Senate files.

He won't be in office much longer. Udall lost his election last night against Republican challenger Rep. Cory Gardner. By 1:00am Eastern time, Gardner was ahead by six percentage points, with 87 percent of precincts reporting. At that point, several news agencies called the election for Gardner. The Senate seat was one of several that flipped from Democratic to Republican control last night, causing Republicans to take control of the upper house.

Udall's positioning as a tough critic of the NSA wasn't a big issue on the campaign trail, although in the final days of the election he did release an ad saying he “won’t tolerate” overbroad government surveillance. But much of Udall's campaigning came across as out of touch, running an old playbook. Udall hammered his opponent on womens' issues in socially liberal Colorado, noting that Gardner supported a "personhood amendment" to limit abortion and suggesting he wanted to ban some types of birth control.

Read 5 remaining paragraphs | Comments

Underscoring just how broken the widely used MD5 hashing algorithm is, a software engineer racked up just 65 cents in computing fees to replicate the type of attack a powerful nation-state used in 2012 to hijack Microsoft's Windows Update mechanism.

Nathaniel McHugh ran open source software known as HashClash to modify two separate images—one of them depicting funk legend James Brown and the other R&B singer/songwriter Barry White—that generate precisely the same MD5 hash, e06723d4961a0a3f950e7786f3766338. The exercise—known in cryptographic circles as a hash collision—took just 10 hours and cost only 65 cents plus tax to complete using a GPU instance on Amazon Web Service. In 2007, cryptography expert and HashClash creator Marc Stevens estimated it would require about one day to complete an MD5 collision using a cluster of PlayStation 3 consoles.

The MD5 hash for this picture—e06723d4961a0a3f950e7786f3766338—is precisely the same for the one below. Such "collisions" are a fatal flaw for hashing algorithms and can lead to disastrous attacks.

The practical ability to create two separate inputs that generate the same hash is a fundamental flaw that makes MD5 unsuitable for most purposes. (The exception is password hashing. Single iteration MD5 hashing is horrible for passwords but for an entirely different reason that is outside the scope of this post.) The susceptibility to collisions can have disastrous consequences, potentially for huge swaths of the Internet.

Read 4 remaining paragraphs | Comments

Image courtesy of Google

NFC-based mobile payments have had a boost in recent months, possibly thanks to the launch of Apple Pay, which was announced in September. Now, a person with knowledge of the matter tells Ars that Google Wallet, which launched back in 2011 and saw tepid success in the ensuing three years, has had considerable growth in the last couple of months. According to our source, weekly transactions have increased by 50 percent, and in the recent couple of months, new users have nearly doubled compared to the previous month.

Although it's still unclear whether Apple Pay will gain the critical mass of users necessary to become a true checkout stand alternative, Tim Cook recently said that one million cards were activated on Apple Pay in the first 72 hours of the platform's launch (although ReadWrite notes that one million cards is hardly a revolution). It seems that interest in the platform is buoying Apple's predecessor among Android users as well. Although there are some key differences in the way the two platforms work behind the scenes, the experience from the average user's perspective is close to identical.

Retailers want in on the game

The reinvigorated interest in using a phone to pay at a merchant's terminal has also fueled a bit of outrage toward retailers’ consortium Merchant Customer Exchange (MCX) and its competing payments platform called CurrentC.

Read 4 remaining paragraphs | Comments

Last year, the US Supreme Court finally banned patents on human genes after they were handed out by the US Patent and Trademark Office for decades.

The effort was powered by the ACLU and Public Patent Foundation, which gathered a group of plaintiffs who were paying high prices for the patented gene tests on the BRCA1 and BRCA2 genes.

Now Canada is about to see a similar suit. The Children's Hospital of Eastern Ontario (CHEO) has filed suit (PDF) in Canadian federal court seeking to invalidate patents related to "Long QT syndrome," an inherited heart disorder that affects somewhere between 1 in 3,000 and 1 in 5,000 people. The patents were created at the University of Utah. That's the same US university that was connected to the landmark Myriad case. University of Utah got patents on the BRCA genes and then licensed them exclusively to Myriad Genetics.

Read 8 remaining paragraphs | Comments

Following a string of catastrophic vulnerabilities recently discovered in HTTPS encryption protections, Google engineers have released an app that allows developers to detect bugs and glitches that may leave passwords and other sensitive information open to snooping.

The open source tool is dubbed nogotofail, a reference to the so-called goto fail flaw that gave attackers an easy way to surreptitiously circumvent HTTPS-protected connections of Apple iOS and OS X devices. Since its discovery in February, various implementations of the underlying secure sockets layer (SSL) and transport layer security (TLS) protocols have suffered several other devastating vulnerabilities, including a flaw in the GnuTLS library, the catastrophic Heartbleed bug in OpenSSL, and the more recently disclosed in version 3 of SSL.

"The Android Security Team has built a tool, called nogotofail, that provides an easy way to confirm that the devices or applications you are using are safe against known TLS/SSL vulnerabilities and misconfigurations," Google engineers wrote in a blog post published Tuesday morning. "Nogotofail works for Android, iOS, Linux, Windows, Chrome OS, OSX, in fact any device you use to connect to the Internet. There’s an easy-to-use client to configure the settings and get notifications on Android and Linux, as well as the attack engine itself which can be deployed as a router, VPN server, or proxy."

Read 1 remaining paragraphs | Comments

Since its launch as a top-down, sprite-based crime simulator in 1997, the Grand Theft Auto series has always taken place strictly from a third-person perspective. That's set to change on November 18, as the previously announced re-release of Grand Theft Auto V hits the Xbox One and PS4 with a series-first optional first-person perspective.

The new first-person mode goes a lot farther than unofficial mods that have tried to add a behind-the-eyes perspective to GTA games in the past. “You have to change pretty much everything,” GTA V animation director Rob Nelson told IGN in a promotional interview talking about the new feature. "I mean, if you want to do it right. We have a very solid third-person animation system, but you don’t just put the camera down there and expect to see the guns, aim, and shoot. All those animations are new when you switch to first-person, because it all has to be animated to the camera, to make it feel like a proper first-person experience that I think people would expect. All the timings have to be re-evaluated."

Other little details added for the benefit of the new view include recoil on weapons, view-restricting goggles and helmets when piloting certain vehicles, and a cell phone menu that your character now actually holds in front of his face. The official trailer for the new mode seems to show the perspective automatically swiveling around to view important story and character moments.

Read 3 remaining paragraphs | Comments

The ebola virus, magnified 108,000 times. Thinkstock

Let's get something out of the way first: it's Eh-bowl-a, with an emphasis on the middle syllable.

If only other facts about the virus were that easy to clear up. Unfortunately, concerns and fears have rapidly outstripped knowledge. Despite the public fears, we do know a fair amount about Ebola and its activities, and what we know tells us a lot about the prospects for treatments and vaccines.

To get a clearer picture of what we know about the virus and the illness it causes, we've spent some time diving into the papers that describe the virus' biology. We also called up Vincent Racaniello, a researcher at Columbia University's Medical School and host of the This Week in Virology podcast, who helpfully provided us with a professional's perspective on Ebola.

Read 41 remaining paragraphs | Comments

It may be hard to believe, but there are big cities in the US where 30 to 40 percent of residents have no Internet service at all. And among those who are online in America's worst-connected cities, a sizable percentage get by with only cellular Internet.

That's according to 2013 census data compiled by Bill Callahan, director of Connect Your Community 2.0, a group promoting Internet access for residents of Cleveland, OH, and Detroit, MI.

Callahan published charts on his blog yesterday showing how many households lack Internet access in the 25 worst connected cities in the US (out of 176 that have at least 50,000 households). In Laredo, TX, 40.2 percent of the 65,685 households have no Internet access, not even mobile broadband on a phone. Detroit was second in this list with 39.9 percent of households lacking Internet. In all 25 cities, at least 29.8 percent lacked Internet access. The 25 cities varied in size from 52,588 households (Kansas City, KS) to 255,322 households (Detroit).

Read 8 remaining paragraphs | Comments