Google

Chrome OS has been a fine OS for people who just consume content on the Internet, but other than writing documents, the OS hasn't offered much for content creators. If you deal with photos at all, Chrome OS has mostly been a non-starter because it has been missing one crucial piece of software: Adobe Photoshop. Today, Google and Adobe are finally fixing that situation, bringing Photoshop to Chrome OS.

And now for the list of caveats—to start, this is just a beta project. Initially it's only going to be available to "US-based Adobe education customers with a paid Creative Cloud membership." Photoshop won't be a local app; it will be a "streaming version" of Photoshop. Google doesn't say much about the streaming option, only that "this streaming version of Photoshop is designed to run straight from the cloud to your Chromebook. It’s always up-to-date and fully integrated with Google Drive, so there’s no need to download and re-upload files—just save your art directly from Photoshop to the cloud."

Adobe's site fills in some blanks, saying that the app will run in a "virtualized environment" and won't have GPU support at launch. The network requirements are listed as "5 mbps/max latency 250," so it sounds like there's no offline mode. And if you want to use the app while mobile, you'll need a pretty good LTE connection. This streaming version of Photoshop will also be accessible on a Chrome browser running on Windows.

Read 1 remaining paragraphs | Comments

Chris Young

AT&T yesterday began offering “double the data for the same price” to new customers and existing customers who sign new contracts, apparently forgetting that its network is so congested that speeds must be throttled when people use too much data.

Like other carriers, AT&T slows the speeds of certain users when the network is congested. Such network management is a necessary evil that can benefit the majority of customers when used to ensure that everyone can connect to the network. But as Federal Communications Commission Chairman Tom Wheeler has argued, the carriers’ selective enforcement of throttling shows that it can also be used to boost revenue by pushing subscribers onto pricier plans.

AT&T’s throttling only applies to users with “legacy unlimited data plans,” the kinds of customers that AT&T wants to push onto limited plans with overage charges. Initially, the throttling was enforced once users passed 3GB or 5GB in a month regardless of whether the network was congested. In July, AT&T changed its policy so that throttling only hits those users at times and in places when the network is actually congested, according to an AT&T spokesperson. The 3GB and 5GB thresholds, with the higher one applied to LTE devices, were unchanged.

Read 11 remaining paragraphs | Comments

One of the tweets that Nunn posted to one of his Twitter accounts surrounding the approval of Jane Austen's image for the £10 note. The tweet did not feature in his trial in relation to Creasy, but it was part of one of his blog posts that served as background to characterize his attitude toward women. Peter Nunn

The threatening tweets of a British man have earned him 18 weeks of jail time, according to a report in The Guardian on Monday. Peter Nunn, 33, will serve time for directing menacing messages at member of Parliament Stella Creasy, who supported a campaign to put an image of Jane Austen on the £10 note. Nunn's sentence comes under section 127 of the Communications Act, which prohibits electronic messages that are "grossly offensive or of an indecent, obscene, or menacing character."

Nunn began his Twitter attacks around July 29, 2013, five days after the Bank of England announced that the Austen campaign was successful. "Hi, it took Twitter 30 minutes to ban me before. I'm here again to tell you that I'll rape you tomorrow at 6pm" is one of a handful of tweets Nunn directed at Creasy. The message did indeed originate after the suspension of another of his accounts from which he was tweeting threats. Nunn also used a number of tweets to brand Creasy and Caroline Criado-Perez, the activist who spearheaded the Austen campaign, as witches. Another of Nunn's works: "Best way to rape a witch, try and drown her first, then just as she is gagging for air, that is when you enter."

Nunn contended during the trial that he is a feminist, and he denied "using Twitter to advocate violence or rape," according to The Guardian. But that argument was undercut by his own actions—according to an alleged since-deleted blog post and screenshot posted by Nunn himself, he also tweeted on July 28: "Caroline Criado Perez you're hot, can you blame a man for wanting to #rape you #shoutingback #shoutback take it as a compliment not abuse."

Read 1 remaining paragraphs | Comments

iOS 8 development continues apace. Andrew Cunningham

iOS 8 has been in the hands of the public for about a week and a half, and the OS has already received a pair of minor updates. One fixed a handful of small issues in the initial release; another fixed the major bugs introduced in the first update. But we're already seeing evidence that Apple is working on some larger updates to the operating system, namely versions 8.1, 8.2, and 8.3.

9to5Mac first pointed out evidence of these new iOS versions this morning, found in its own analytics and data from some of its sources. So we quickly looked into our traffic data for September for similar data. We found requests listing iOS 8.1, 8.2, and 8.3 coming from Apple IP addresses—several thousand from 8.1 and just a few hundred from 8.2 and 8.3, which makes sense given that 8.1 is probably being worked on more aggressively at this point.

The news here is not that Apple is continuing to develop new versions of iOS but that releasing an iOS 8.2 or 8.3 update would be a break from recent tradition. The last iOS version to progress beyond x.1 was iOS 4, which came during a much busier period for Apple in general and iOS specifically. Version 4.1 fixed many of the glaring bugs in version 4.0 and helped boost speed on the iPhone 3G, version 4.2 unified the iPhone and iPad versions of the OS and ushered in the first non-AT&T iPhones, and version 4.3 was introduced alongside the iPad 2. To some degree, software version numbers are arbitrary, but releasing three "major" updates for iOS 8 could indicate that iOS 8's lifecycle will be similarly busy.

Read 1 remaining paragraphs | Comments

EA

As a developer, you never really want to be addressing questions about your game's stability months before it even hits the stores. Given the disastrous server situation that has plagued Battlefield 4 since its release last year, though, those questions seem pretty inevitable as we look ahead to Battlefield Hardline and its "early 2015" release date.

Visceral Creative Director Ian Milham didn't shrink away from such questions in a recent interview with Game Revolution at the Tokyo Game Show. His answer to concerns about the game's stability could be summed up in three words: "It's gonna work."

In more than three words, Milham noted that the Visceral and publisher EA have learned some lessons in the time since Battlefield 4's launch.

Read 1 remaining paragraphs | Comments

Alameda County police in Northern California are inching toward flying camera-equipped drones like this one.

California Gov. Jerry Brown vetoed legislation that would have required the police to obtain search warrants to surveil the public with unmanned drones.

Brown, a Democrat facing re-election in November, sided with law enforcement and said the legislation simply granted Californians privacy rights that went too far beyond existing guarantees. Sunday's veto comes as the small drones are becoming increasingly popular with business, hobbyists, and law enforcement.

"This bill prohibits law enforcement from using a drone without obtaining a search warrant, except in limited circumstances," the governor said in his veto message (PDF). "There are undoubtedly circumstances where a warrant is appropriate. The bill's exceptions, however, appear to be too narrow and could impose requirements beyond what is required by either the 4th Amendment or the privacy provisions in the California Constitution."

Read 7 remaining paragraphs | Comments

FTC

On monday morning at 9:00am, lawyers from the Federal Trade Commission (FTC) will ask a judge in a Kansas City federal courtroom to impose a preliminary injunction on Butterfly Labs (BFL), the embattled Bitcoin miner manufacturer. This would extend the temporary restraining order set down earlier this month, leaving the company controlled by a court-appointed receiver.

For the last 15 months, Ars has followed BFL as it has gone from being a curious hardware startup in a nascent industry to becoming the target of a federal investigation.

The FTC believes the three named members of the company’s board of directors—Jody Drake (aka Darla Drake), Nasser Ghoseiri, and Sonny Vleisides—spent millions of dollars of corporate revenue on non-corporate expenses like saunas and guns, while leaving many customer orders either wholly unfulfilled or significantly delayed.

Read 17 remaining paragraphs | Comments

In a bid to secure even more of the Internet’s websites through the use of secure connections, San Francisco-based content delivery network and Internet security provider CloudFlare has launched a new free service for both its paying and free customers: automatic Secure Socket Layer (SSL) encryption for any site, without the need to pay for or configure an encryption certificate.

Called Universal SSL, the service eliminates the need for organizations to deal with a Certificate Authority or configure their own server’s crypto. Instead, if a website is connected through CloudFlare, its owner can set up a certificate through a Web interface in 5 minutes, and it will be automatically deployed within 24 hours—providing the site’s traffic with Transaction Layer Security (TLS) encryption based on an elliptic curve digital signature algorithm (ECDSA).

In a release, CloudFlare security engineering lead Nick Sullivan said, “The cryptographic systems we’re rolling out as part of Universal SSL are a generation ahead of what is used by even the top Internet giants. These certificates use elliptic curve digital signature algorithm (ECDSA) keys, ensuring all connections with CloudFlare sites have Perfect Forward Secrecy, and they are signed with ECDSA and the highly secure SHA-256 hash function. This is a level of cryptographic security most web administrators literally couldn’t buy.”

Read 4 remaining paragraphs | Comments

World of Warcraft players have Blizzcon. Fans of Id Software have Quakecon. Now, fans of Firaxis franchises like Civilization and XCom: Enemy Unknown have Firaxicon.

A little under 200 people paid $40 for tickets to attend this first-of-its-kind fan gathering this weekend, put on by the developer in its hometown of Cockeysville, Maryland, just outside of Baltimore. Your humble gaming editor was among them, taking in the sights and sounds that included demo time on a pre-release version of the upcoming Civilization: Beyond Earth, an XCom: Enemy Unknown tournament, tons of board games, and a dinner discussion with Sid Meier himself. We also tagged along for a behind the scenes tour of Firaxis' offices, located just a few minutes away from the convention hotel.

The one-day event was a far cry from major gaming conventions like E3 or PAX, but what it lacked in size it made up for in the passion of the fans, many of whom were Firaxis die-hards from back when the company was still known as Microprose. If the interest in this year's event was any indication, we're guessing Firaxicon 2015 will be a much larger gathering that cements the company as part of the annual gaming convention calendar.

Read on Ars Technica | Comments

Welcome to 1999, friends! Everyone, buy Apple stock, trust me. Andrew Cunningham

jonathan: perhaps AndrewC should have to use OS 9 for a day or two ;)
LeeH: omg
LeeH: that's actually a great idea

The above is a lightly edited conversation between Senior Reviews Editor Lee Hutchinson and Automotive Editor Jonathan Gitlin in the Ars staff IRC channel on July 22. Using Mac OS 9 did not initially seem like such a "great idea" to me, however.

I'm not one for misplaced nostalgia; I have fond memories of installing MS-DOS 6.2.2 on some old hand-me-down PC with a 20MB hard drive at the tender age of 11 or 12, but that doesn't mean I'm interested in trying to do it again. I roll with whatever new software companies push out, even if it requires small changes to my workflow. In the long run it's just easier to do that than it is to declare you won't ever upgrade again because someone changed something in a way you didn't like. What's that adage—something about being flexible enough to bend when the wind blows, because being rigid means you'll just break? That's my approach to computing.

I have fuzzy, vaguely fond memories of running the Mac version of Oregon Trail, playing with After Dark screensavers, and using SimpleText to make the computer swear, but that was never a world I truly lived in. I only began using Macs seriously after the Intel transition, when the Mac stopped being a byword for Micro$oft-hating zealotry and started to be just, you know, a computer.

Read 59 remaining paragraphs | Comments

Every September, Hampden brings new meaning to "racing to the toilet." Sean Gallagher

Baltimore recently celebrated the bicentennial of "The Star Spangled Banner," the poem that became the United States's national anthem when set to the tune of a drinking song. But one big party a month is not nearly enough for Charm City, so last weekend another Baltimore-born tradition with a somewhat less historic provenance had its turn—the annual Hampden Toilet Races.

The Toilet Race is part of Hampdenfest, an annual one-day street festival named for the historic, once primarily blue-collar neighborhood made semi-infamous by John Waters' 1998 film Pecker (Waters still collects his fan mail via the neighborhood's Atomic Books). A combination of backyard engineering, performance art, and hipster Soap Box Derby, the race pits unpowered vehicles against each other in downhill drag races on Hampden's Chestnut Street. The "racers" must meet six simple requirements:

1. All racers must include at least one clean human defecation device.
2. All racers must be gravity-powered, and may not have any other power or propulsion source
3. The dimensions of a racer may not exceed 5 feet wide, 12 feet long, and 13 feet tall.
4. There are no minimum dimensions for a racer, but it must carry at least one pilot during the race.
5. The racer must be capable of steering both left and right.
6. The racer must have a brake and be capable of stopping without damaging the street

This year's entrants ran the gamut from a pedal-less bicycle with a bedpan welded to its frame to a rolling tiki bar fronted by urinals. The winner, "Stool Pigeon," was a fine-tuned speed machine piloted from a traditional porcelain throne.

Read on Ars Technica | Comments

Aaron Getting

An online fundraiser for legendary phone phreaker John Draper, better known as Cap'n Crunch, has passed its target $5,000 in just three days. Draper himself doesn't even know who started the fundraiser, but the money is intended to help with his medical bills. According to a recent blog post, he suffers from both degenerative spine disease and C. Diff, an inflammation of the colon.

I want to thank with the bottom of my heart for an anonymous person for setting me up with qikfunder.... http://t.co/mwzDLLRpHH

— John Draper (@jdcrunchman) September 25, 2014

In conjunction with others in the late 1960s and early 1970s, Draper figured out that a toy whistle given out in boxes of Cap'n Crunch cereal emitted a tone at 2600 Hertz. By pure coincidence, that happened to be the tone AT&T used to reset its trunk lines. As a result, Draper became a legend in the nascent world of phone phreaking, a predecessor to early personal computer hacking.

Read 5 remaining paragraphs | Comments

The iPhone 6 Plus has already become scarce. Megan Geuss

After reports began to surface that the iPhone 6 and 6 Plus are far more bendable than their predecessors, Consumer Reports promised it would put the new handsets to the test. As of Friday evening, the results are in: "Our tests show that both iPhones seem tougher than the Internet fracas implies."

How exactly did the magazine come to that conclusion? Using an Instron compression test machine, the researchers applied a "three-point flexural test... in which the phone is supported at two points on either end, then force is applied at a third point on the top." Consumer Reports tested a number of phones for comparison: an iPhone 6, iPhone 6 Plus, LG G3, Samsung Galaxy Note 3, HTC One (M8), and, for good measure, an iPhone 5.

According to The Verge, which visited Apple's secret test site near 1 Infinite Loop, the phone maker itself applied 25 kilograms (55.1 pounds) of force to test the flexibility of thousands of iPhone 6 and 6 Plus units. Consumer Reports says Apple's tests delivered "approximately the force required to break three pencils," but the magazine wanted to go even farther.

Read 2 remaining paragraphs | Comments

Google

An example of a generic interface that Google designs. Developers can customize the colors and icons.

7 more images in gallery

Google just released a set of Android Auto developer documents to developer.android.com, detailing more of Google's in-car platform and giving developers a better sense of the system's capabilities.

Android Auto "apps" aren't really apps; they're additional Android Auto-specific content that developers add to their existing Android apps. This is exactly the way Android Wear works. Developers don't have separate phone, watch, and car apps; they just include additional interface attributes in their regular apps for display on the other form factors.

Developers don't get to design interfaces in Android Auto, it's more of a "fill-in-the-blanks" style of development. Google makes the interface layout, and developers get to change the colors, button actions, and text of that interface. Apps also provide a content stream for playback, but that's pretty much it.

Read 6 remaining paragraphs | Comments

Google

Don't text and drive, kids, not even if you're using high-tech, hands-free goggles to do so.

Researchers at the University of Central Florida have concluded in a study that using Google Glass to text while driving is clearly a distraction. They also discovered, however, that Glass wearers were more capable of regaining control of their vehicles than smartphone users following traffic incidents.

The peer-reviewed study was the first to examine the impact of Glass on driving, and was conducted with the hope of finding new ways for technology to deliver information to drivers with minimal risk. "As destructive influences threaten to become more common and numerous in drivers' lives, we find the limited benefits provided by Glass a hopeful sign of technological solutions to come," said researcher Ben Sawyer.

Read 5 remaining paragraphs | Comments

Public domain, via penbentley on Flickr

Earlier this week, the New York Academy of Sciences released a new report that focuses on what it terms the STEM paradox. STEM stands for science, technology, engineering, and math, and it's generally used to describe high-tech and research-oriented education and careers. If you talk to people looking for jobs in academia, you'll typically hear that we produce too many STEM graduates, leaving many struggling to find jobs. If you talk to people who represent companies like Google and Microsoft, we produce too few, and need to relax visa restrictions in order to bring in more from overseas.

This strange situation—a simultaneous glut and shortage—is what the NYAS report calls the "STEM paradox." Both problems are real, and they're the result of mismatched priorities. As Jeanne Dunn, vice president of Learning@Cisco put it when the report was introduced, when it comes to STEM graduates, "there's a huge imbalance of talent—where they are and the types of things they are skilled in."

So, even though our graduate schools may be producing highly qualified researchers, the research they're prepared for is often only appropriate in an academic setting; commercial entities end up looking for a different set of skills. Industry also ends up looking for more people at early stages of their careers—the bachelors and masters levels—but only if they have a relevant skill set. For the most part, undergraduate educations don't provide those. The result of these is part of the imbalance that Dunn mentioned.

Read 3 remaining paragraphs | Comments

Stack Exchange

This Q&A is part of a weekly series of posts highlighting common questions encountered by technophiles and answered by users at Stack Exchange, a free, community-powered network of 100+ Q&A sites.

jao asks:

From the Code Complete book comes the following quote:

Read 21 remaining paragraphs | Comments

Mount Rushmore near Keystone, South Dakota. Liz Lawley

Of all of the drone incidents reported at national parks across the United States over the last year, one stands out: a small aircraft spotted over the Mount Rushmore site in South Dakota in September 2013. Within hours, in the shadow of the famous four busts of American presidents, National Park Service (NPS) employees confronted a group of six individuals at a park ice cream shop and seized their passports, memory cards, and mobile phones.

Drones have become something of a scourge at various national parks. In June 2014, the NPS banned the use of drones in all of its parks, following an initial ban in Yosemite National Park in California the previous month. Since then, rangers have taken notable steps to enforce the ban.

Earlier this week, a German man was sentenced to a one year ban from Yellowstone and was ordered to pay a $1,600 fine after he crashed a drone into Yellowstone lake. A Dutch tourist was ordered to pay over $3,200 after he crashed his drone into the Grand Prismatic Hot Spring. One more case against an Oregon man remains pending in federal court in Wyoming.

Read 22 remaining paragraphs | Comments

Despite Apple's recent missteps in patching iOS 8, iPhone and iPad users may want to upgrade to the Apple's latest available mobile operating system to fix some serious security issues.

Among the most critical is a vulnerability — CVE-2014-4377 — in how iOS processes PDF files as images. An attacker who exploits the flaw could use a malicious Web page viewed by the user in Safari to run code on the victim's device, according to a description of the problem posted this week by Argentinian security consultancy Binamuse.

A proof-of-concept attack is "a complete 100% reliable and portable exploit for MobileSafari on IOS7.1.x," Felipe Andres Manzano, principal consultant at Binamuse, stated in the company's analysis.

Read 7 remaining paragraphs | Comments

It's now bash-a-mole. Sakura - flickr.com

Remember when we said that a new patch had fixed the problems with the last patch to fix the rated-highly-dangerous “Shellshock” bug in the GNU Bourne Again Shell (bash)? You know, that bug that could allow an attacker to remotely execute code on a Linux or Unix system running some configurations of Apache, or perhaps the Git software version control system, DHCP network configuration or any number of other pieces of software that use bash to interact with the underlying operating system? Well, the new patch may not be a complete fix—and there may be vulnerabilities all the way down in the bash code.

Here's how the Shellshock vulnerability works, in a nutshell: an attacker sends a request to a Web server (or Git, a DHCP client, or anything else affected) that uses bash internally to interact with the operating system. This request includes data stored in an environmental variable. Environmental variables are like a clipboard for operating systems, storing information used to help it and software running on it know where to look for certain files or what configuration to start with. But in this case, the data is malformed so as to trick bash into treating it as a command, and that command is executed as part of what would normally be a benign set of script. This ability to trick bash is the shellshock bug. As a result, the attacker can run programs with the same level of access as the part of the system launching a bash shell. And in the case of a web server, that's practically the same level of access as an administrator, giving the attacker a way to gain full control of the targeted system.

David A. Wheeler, a computer scientist who is an acknowledged expert in developing secure open-source code, posted a message to the Open Source Software Security (oss-sec) list this evening urging more changes to the bash code. And other developers have found that the current patch still has vulnerabilities similar to the original one, where an attacker could store malicious data in a variable named the same thing as frequently run commands.

Read 6 remaining paragraphs | Comments