×
Data Storage

The Black Hole Image Data Was Spread Across 5 Petabytes Stored On About Half a Ton of Hard Drives (vice.com) 293

An anonymous reader quotes a report from Motherboard: On Wednesday, an international team of scientists published the first image of a black hole ever. It looked like a SpaghettiO, and yet the image was an incredible scientific achievement that gave humanity a glimpse of one of the universe's most destructive forces and confirmed long-held theories -- namely, that black holes exist. Storing the raw data for the image was a feat itself -- tiny portions of data spread across five petabytes stored on multiple hard drives, the equivalent of 5,000 years worth of MP3s. Katie Bouman, a computer scientist and assistant professor at the California Institute of Technology, led the development of the algorithm that imaged the black hole. An image of her posing with some of the data drives went viral as observers praised her success.

The massive amounts of data were essential to creating the image of the black hole. Bouman and other scientists coordinated radio telescopes all over the Earth, each pointed at the black hole and gathering data at different times. The data scientists then pieced this information together and used an algorithm to fill in the blanks and generate a likely image of the black hole. The five petabytes of data took up such a massive amount of digital and physical space it couldn't be sent over the internet. Instead, the hard drives were flown to processing centers in Germany and Boston where the data was assembled. On Reddit's /r/datahoarder subreddit, a community dedicated to spreading the passion of hoarding vast amounts of data, the drives were bigger news than the scientific achievement itself.

Privacy

How To Stop Amazon From Listening To Your Alexa Recordings (tomsguide.com) 103

Yesterday, Bloomberg dropped a bombshell report revealing that Amazon employs thousands of people around the world to listen to voice recordings captured in Echo owners' homes and offices, and uses them to improve its Alexa digital assistant. "The recordings are transcribed, annotated and then fed back into the software as part of an effort to eliminate gaps in Alexa's understanding of human speech and help it better respond to commands," the report says. "A screenshot reviewed by Bloomberg shows that the recordings sent to the Alexa auditors don't provide a user's full name and address but are associated with an account number, as well as the user's first name and the device's serial number."

While many have assumed that this was already happening behind the scenes, it may still come as a surprise to see proof of the practice. Thankfully, there is a way to stop Amazon from listening to your Alexa recordings. Tom's Guide explains: 1. In the Alexa app, access Settings. You'll find this button at the bottom of the menu in the top left corner of the home screen.
2. Click on Alexa Account. This should be at the top of the page.
3. Select Alexa Privacy. You'll be taken to Amazon's external Alexa privacy page. You can review a number of things here, including our voice history, skill permissions, and other data settings.
4. Tap "Manage How Your Data Improves Alexa."
5. Toggle "Help Develop New Features" and "Use Messages to Improve Transcriptions" to Off. Alexa will no longer learn and improve from your responses, but your recordings will be safe and sound.

Privacy

Amazon Workers Are Listening To What You Tell Alexa (bloomberg.com) 137

Amazon reportedly employs thousands of people around the world to help improve its Alexa digital assistant. "The team listens to voice recordings captured in Echo owners' homes and offices," reports Bloomberg. "The recordings are transcribed, annotated and then fed back into the software as part of an effort to eliminate gaps in Alexa's understanding of human speech and help it better respond to commands." From the report: The team comprises a mix of contractors and full-time Amazon employees who work in outposts from Boston to Costa Rica, India and Romania, according to the people, who signed nondisclosure agreements barring them from speaking publicly about the program. They work nine hours a day, with each reviewer parsing as many as 1,000 audio clips per shift, according to two workers based at Amazon's Bucharest office, which takes up the top three floors of the Globalworth building in the Romanian capital's up-and-coming Pipera district. The modern facility stands out amid the crumbling infrastructure and bears no exterior sign advertising Amazon's presence. The work is mostly mundane. One worker in Boston said he mined accumulated voice data for specific utterances such as "Taylor Swift" and annotated them to indicate the searcher meant the musical artist. Occasionally the listeners pick up things Echo owners likely would rather stay private: a woman singing badly off key in the shower, say, or a child screaming for help. The teams use internal chat rooms to share files when they need help parsing a muddled word -- or come across an amusing recording.

Sometimes they hear recordings they find upsetting, or possibly criminal. Two of the workers said they picked up what they believe was a sexual assault. When something like that happens, they may share the experience in the internal chat room as a way of relieving stress. Amazon says it has procedures in place for workers to follow when they hear something distressing, but two Romania-based employees said that, after requesting guidance for such cases, they were told it wasn't Amazon's job to interfere. [...] Amazon, in its marketing and privacy policy materials, doesn't explicitly say humans are listening to recordings of some conversations picked up by Alexa. "We use your requests to Alexa to train our speech recognition and natural language understanding systems," the company says in a list of frequently asked questions. In Alexa's privacy settings, the company gives users the option of disabling the use of their voice recordings for the development of new features. A screenshot reviewed by Bloomberg shows that the recordings sent to the Alexa auditors don't provide a user's full name and address but are associated with an account number, as well as the user's first name and the device's serial number.
An Amazon spokesperson said in a statement to Bloomberg: "We take the security and privacy of our customers' personal information seriously. We only annotate an extremely small sample of Alexa voice recordings in order [to] improve the customer experience. For example, this information helps us train our speech recognition and natural language understanding systems, so Alexa can better understand your requests, and ensure the service works well for everyone."

They added: "We have strict technical and operational safeguards, and have a zero tolerance policy for the abuse of our system. Employees do not have direct access to information that can identify the person or account as part of this workflow. All information is treated with high confidentiality and we use multi-factor authentication to restrict access, service encryption and audits of our control environment to protect it."

Further reading: How To Stop Amazon From Listening To Your Recordings
Botnet

New Variants of Mirai Botnet Detected, Targeting More IoT Devices (arstechnica.com) 36

An anonymous reader quotes a report from Ars Technica: Mirai, the "botnet" malware that was responsible for a string of massive distributed denial of service (DDoS) attacks in 2016 -- including one against the website of security reporter Brian Krebs -- has gotten a number of recent updates. Now, developers using the widely distributed "open" source code of the original have added a raft of new devices to their potential bot armies by compiling the code for four more microprocessors commonly used in embedded systems.

Researchers at Palo Alto Networks' Unit 42 security research unit have published details of new samples of the Mirai botnet discovered in late February. The new versions of the botnet malware targeted Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors. These processors are used on a wide range of embedded systems, including routers, networked sensors, base band radios for cellular communications and digital signal processors. The new variants also include a modified encryption algorithm for botnet communications and a new version of the original Mirai TCP SYN denial-of-service attack. Based on the signature of the new attack option, Unit 42 researchers were able to trace activity of the variants back as far as November 2018.

Games

Valve Reveals High-End VR Headset Called the Valve Index (arstechnica.com) 87

After partnering with HTC to launch the Vive in 2016, Valve has moved ahead with plans to launch its own headset, called the Valve Index, in May 2019. Ars Technica reports: The news came on Friday in the form of a single teaser image, shown above, of a headset with the phrase "Valve Index" written on its front. The front of the headset is flanked by at least two sensors. This shadow-covered hardware matches the leaked headset reported by UploadVR in November of last year. That report hinted to Valve's headset supporting a wider, 135-degree field-of-view (FOV), as opposed to the roughly 110-degree FOV of the original HTC Vive and Oculus Rift.

Valve's dedicated website for the new device includes no other information than the above image and the date "May 2019." It does not include any mention of the new SteamVR Knuckles controllers, which Valve has advertised pretty heavily via developer outreach since their 2016 reveal and a later series of improved prototypes in 2018. This page also doesn't mention a series of three Valve-produced VR games that have been repeatedly advertised by Valve co-founder Gabe Newell since 2017.
There's very little information about the headset, but after cranking up the brightness and contrast of the teaser image, Ars Technica's Sam Machkovech was able to find "a series of six dots on one of the headset's surfaces, [...] which may hint to this headset's use of an outside tracking sensor, a la the HTC Vive's infrared trackers." He adds: "Even so, those two giant lenses imply that 'inside-out' tracking, managed entirely by the headset without any extra webcams or sensors, may also be in the cards. Additionally, we can see a giant physical slider, which is likely linked to interpupillary distance (IPD), a precise measurement needed to ensure maximum VR comfort."
Music

iFixit Teardown Reveals Apple's New AirPods Are 'Disappointingly Disposable' (arstechnica.com) 117

After tearing apart Apple's new second-generation AirPods, the repair guide site found that there is no practical way to service or repair them even at a professional shop. They labeled them as "disappointingly disposable." Ars Technica reports: iFixit had to go to almost comical lengths to open the AirPods up, and despite their expertise and tools, the iFixit team was unable to do so without permanently damaging the product. [...] That's disappointing, given that the batteries in the AirPods won't last longer than a few years with heavy use, and they're hard to recycle. Apple does offer to recycle headphones through partners as part of its Apple GiveBack program, but the GiveBack Web portal does not offer a product-specific category for AirPods to consumers like it does with most other Apple products. Consumers may simply select a general "headphones & speakers" category on the site.

The teardown also revealed some differences from the first-generation AirPods. The battery is the same size, but iFixit identified the new, Bluetooth 5-ready H1 chip in the earbuds themselves. The site also found some small differences likely related to Apple's efforts to increase the case's water resistance. For all the details, visit iFixit's teardown page for the product. All told, iFixit gave the AirPods a 0 out of 10 for repairability -- that's low even for Apple products. By contrast, the site also opened up Samsung's Galaxy Buds and gave them a 6 out of 10.

Advertising

Would You Put Ads On Your Homescreens For Free Mobile Service? 98

An anonymous reader quotes a report from TechCrunch: Moolah Mobile is teaming up with SurgePhone Wireless to offer people a new way to pay their cell phone bills -- by putting ads on their homescreens. Moolah CEO Vernell Woods (pictured above) said the startup has already been offering gift cards and other rewards to users who view its homescreen ads. So this is a similar model, except instead of earning gift cards, the ads are subsidizing cell phone service from Surge. The ads show up on users' homescreens during interstitial moments between using apps, so the goal is to offer free service without consumers having to change their behavior. Woods said all that ad time adds up, with "the average person who's using their phone on a consistent basis" viewing "easily between two to three hours" of homescreen ads each day. And that's enough to pay for the "equivalent" of Surge's $10 monthly plan. On the other hand, if for some reason a subscriber isn't hitting the necessary total, Woods said they can also earn more points by accepting offers or taking surveys. The subsidized wireless service will roll out in Florida, Virginia, Georgia and Texas initially, with an aim of reaching 40,000 locations by the end of the year.
Hardware

Ask Slashdot: How Would You Suggest Making Rugged, Weather-Resistant ARM Systems? 194

New submitter pecosdave writes: I need suggestions for commercially-made ARM systems that will work in temperature ranges from -35F to 140F (-37C to 60C) for an engineering project. These things are going to be in metal boxes on the side of Texas Highways. The existing Intel systems we're using in other areas are all fan-less, but I'm not going to rule out systems with fans. Considering the extremes of Texas temperatures I'm actually contemplating putting fans on top of our fan-less systems anyways. Almost everything I can find pre-made with ARM is a bare board, or something not nearly as temperature tolerant as some Intel systems I can find. The very nature of an ARM processor should be more tolerant simply because they produce less heat, but I can't seem to find any manufacturers exploiting that fact. Slashdot reader pecosdave added more details in a comment: "It's more closely related to speed cameras, but it's not a speed camera. It's for a toll road, and its main job is to take pictures of a sign at about 10 FPS, though less is probably fine, with a time-stamp so if someone runs the toll we have a separate picture of the current price. If there's a problem with the sign it shows up as well. They just want something local to store it I guess in case the fiber link goes down. We're going to run it rather low-res too to keep the CPU and storage overhead low. I figure 640x480@10FPS is reasonable, but that's not set in stone."
Android

New Huawei Phone Has a 5x Optical Zoom, Thanks To a Periscope Lens (arstechnica.com) 88

An anonymous reader quotes a report from Ars Technica: Huawei officially announced the Huawei P30 Pro smartphone today. While it has a new Huawei-made SoC, an in-screen optical fingerprint reader, and lots of other high-end features, the highlight is definitely the camera's optical zoom, which is up to a whopping 5x. Not digital zoom. Real, optical zoom. Space, of course, is at a premium in smartphones. Imagine a smartphone sitting face down, and you would have to fit a vertical stack of the display, the CMOS sensor, and the lens all in about an 8mm height. There is just not a lot of room. But what if we didn't have to stack all the components vertically? The trick to Huawei's 5x optical zoom is that it uses a periscope design.

From the outside, it looks like a normal camera setup, albeit with a funky square camera opening. Internally, though, the components make a 90-degree right turn after the lens cover, and the zoom lens components and CMOS sensor are arranged horizontally. Now instead of having to cram a bunch of lenses and the CMOS chip into 8mm of vertical phone space, we have acres of horizontal phone space to play with. We've seen prototypes of periscope cameras from Oppo, but as far as commercial devices go, the Huawei P30 Pro is the first. While the optical zoom is the big new camera feature, there are four total cameras on the back of the P30 Pro. A 40MP main camera, a 20MP wide angle, the 8MP 5X telephoto, and a Time of Flight depth-sensing camera. The main 40MP camera uses a 1/1.7 inch-type sensor that, when measured diagonally, would make it 32 percent larger than the 1/2.55 inch-type sensors in the Galaxy S10 or iPhone XS.
The P30 Pro also has a new "RYYB" pixel layout, which swaps out the two green pixels in most CMOS "RGGB" sensors for yellow pixels. "Huawei claims it can capture 40 percent more light, as the yellow filter captures green and red light," Ars Technica reports. "Of course, this will make the color wonky, but Huawei claims it can correct for that in software."

Other specifications include a Kirin 980 octa-core processor with 6GB or 8GB RAM, up to 512GB storage, IP68 water and dust resistance, NFC, wireless charging, 40W wired charging, and a 4,200mAh battery. It starts at a price of $1,125.
Wireless Networking

Engineers Build Teeny-Tiny Bluetooth Transmitter That Runs On Less Than 1 Milliwatt (ieee.org) 43

Engineers at the University of Michigan have built the first millimeter-scale stand-alone device that meets Bluetooth Low Energy (BLE) specifications. "Consuming just 0.6 milliwatts during transmission, it would broadcast for 11 years using a typical 5.8-mm coin battery," reports IEEE Spectrum. "Such a millimeter-scale BLE radio would allow these ant-sized sensors to communicate with ordinary equipment, even a smartphone." From the report: The transmitter chip, which debuted last month at IEEE International Solid-State Circuits Conference, had to solve two problems. The first is power consumption, and the second is the size of the antenna. An ordinary transmitter circuit requires a tunable RF oscillator to generate the frequency, a power amplifier to boost its amplitude, and an antenna to radiate the signal. The Michigan team combined the oscillator and the antenna in a way that made the amplifier unnecessary. They called their invention a power oscillator. The key part of an oscillator is the resonant tank circuit: an inductor and a capacitor. Energy sloshes back and forth between the inductor's magnetic field and the capacitor's electric field at a resonant frequency determined by the capacitance and inductance. In the new circuit, the team used the antenna itself as the inductor in the resonant tank. Because it was acting as an inductor, the antenna radiated using changing magnetic field instead of an electric field; that meant it could be more compact.

However, size wasn't the only thing. Quality factor, or Q, is a dimensionless quantity that basically says how efficient your resonator is. As a 14-mm long loop of conductor, the antenna was considerably larger than an on-chip inductor for a millimeter-scale radio could be. That led to a Q was that was about five times what an on-chip inductor would deliver. Though it was a much more efficient solution, in order to meet BLE specifications, the team needed a better way to power the power oscillator. Their solution was to build an on-chip transformer into the circuit that supplies power to it. The transformer looks like two nested coils. One coil is attached to the supply voltage end of the oscillator circuit, and the other is attached to ground side. Pumping the transformer at a frequency twice that of the power amplifier wound up efficiently boosting the flow of power to the antenna.

Security

Microsoft: Windows 10 Devices Open To 'Full Compromise' From Huawei PC Driver (zdnet.com) 112

According to ZDNet, researchers at Microsoft have discovered a buggy Huawei utility that could have given attackers a cheap way to undermine the security of the Windows kernel. From the report: Microsoft has now detailed how it found a severe local privilege escalation flaw in the Huawei PCManager driver software for its MateBook line of Windows 10 laptops. Thanks to Microsoft's work, the Chinese tech giant patched the flaw in January. As Microsoft researchers explain, third-party kernel drivers are becoming more attractive to attackers as a side-door to attacking the kernel without having to overcome its protections using an expensive zero-day kernel exploit in Windows. The flaw in Huawei's software was detected by new kernel sensors that were implemented in the Windows 10 October 2018 Update, aka version 1809.

The kernel sensors are meant to address the difficulty of detecting malicious code running in the kernel and are designed to detect user-space asynchronous procedure call (APC) code injection from the kernel. Microsoft Defender ATP anti-malware uses these sensors to detect actions caused by kernel code that may inject code into user-mode. Huawei's PCManager triggered Defender ATP alerts on multiple Windows 10 devices, prompting Microsoft to launch an investigation. [...] The investigation led the researcher to the executable MateBookService.exe. Due to a flaw in Huawei's 'watchdog' mechanism for HwOs2Ec10x64.sys, an attacker is able to create a malicious instance of MateBookService.exe to gain elevated privileges. The flaw can be used to make code running with low privileges read and write to other processes or to kernel space, leading to a "full machine compromise."
Long-time Slashdot reader shanen writes: Though the story features Huawei, there doesn't seem to be anything specific to that company there. Just innuendo that you can't trust Chinese companies, eh? "Don't throw your computer into that Chinese briar patch!" Anyway, the sordid reality is that Microsoft is the root of all evils in the Windows platform. If increasing security had been half as important as maximizing profits, then we'd be in a much better world today. All complicated software is buggy, but adding complexity for no good reason is just begging for more problems. Here's a crazy solution approach: Any OS feature that isn't used by a LARGE majority of the users should be REMOVED from the OS. Maybe that isn't strong enough. Maybe the OS should be strictly limited to what absolutely needs to be there. Guard those eggs carefully!
Privacy

ASUS Releases Fix For ShadowHammer Malware Attack (engadget.com) 63

A reader shares a report from Engadget: ASUS may have inadvertently pushed malware to some of its computers through its update tool, but it at least it has a fix ready to go. The PC maker has released a new version of its Live Update software for laptops that addresses the ShadowHammer backdoor attack. It also promised "multiple security verification mechanisms" to reduce the chances of further attacks, and started using an "enhanced end-to-end encryption mechanism." There are upgrades to the behind-the-scenes server system to prevent future attacks, ASUS added.

The company simultaneously reiterated the narrow scope of ShadowHammer, noting that the malware targeted a "very small and specific user group." It's believed to be an Advanced Persistent Threat -- that is, a state-backed assault against organizations rather than everyday users. Other ASUS devices weren't affected, according to a notice. While the fix is reassuring, it also raises questions as to why the systems weren't locked down earlier. Update tools are prime targets for hackers precisely because they're both trusted and have deep access to the operating system -- tight security is necessary to prevent an intruder from hijacking the process.

AI

MIT Develops Algorithm To Accelerate Neural Networks By 200x (extremetech.com) 43

An anonymous reader quotes a report from ExtremeTech: MIT researchers have reportedly developed an algorithm that can accelerate [neural networks] by up to 200x. The NAS (Neural Architecture Search, in this context) algorithm they developed "can directly learn specialized convolutional neural networks (CNNs) for target hardware platforms -- when run on a massive image dataset -- in only 200 GPU hours," MIT News reports. This is a massive improvement over the 48,000 hours Google reported taking to develop a state-of-the-art NAS algorithm for image classification. The goal of the researchers is to democratize AI by allowing researchers to experiment with various aspects of CNN design without needing enormous GPU arrays to do the front-end work. If finding state of the art approaches requires 48,000 GPU arrays, precious few people, even at large institutions, will ever have the opportunity to try.

Algorithms produced by the new NAS were, on average, 1.8x faster than the CNNs tested on a mobile device with similar accuracy. The new algorithm leveraged techniques like path level binarization, which stores just one path at a time to reduce memory consumption by an order of magnitude. MIT doesn't actually link out to specific research reports, but from a bit of Google sleuthing, the referenced articles appear to be here and here -- two different research reports from an overlapping group of researchers. The teams focused on pruning entire potential paths for CNNs to use, evaluating each in turn. Lower probability paths are successively pruned away, leaving the final, best-case path. The new model incorporated other improvements as well. Architectures were checked against hardware platforms for latency when evaluated. In some cases, their model predicted superior performance for platforms that had been dismissed as inefficient. For example, 7x7 filters for image classification are typically not used, because they're quite computationally expensive -- but the research team found that these actually worked well for GPUs.

Google

Google Will Implement a Microsoft-Style Browser Picker For EU Android Devices (arstechnica.com) 59

Back in 2009, the EU's European Commission said Microsoft was harming competition by bundling its browser -- Internet Explorer -- with Windows. Eventually Microsoft and the European Commission settled on the "browser ballot," a screen that would pop up and give users a choice of browsers. Almost 10 years later, the tech industry is going through this again, this time with Google and the EU. After receiving "feedback" from the European Commission, Google announced last night that it would offer Android users in the EU a choice of browsers and search engines. Ars Technica reports: In July, the European Commission found Google had violated the EU's antitrust rules by bundling Google Chrome and Google Search with Android, punishing manufacturers that shipped Android forks, and paying manufacturers for exclusively pre-installing Google Search. Google was fined a whopping $5.05 billion (which it is appealing) and then the concessions started. Google said its bundling of Search and Chrome funded the development and free distribution of Android, so any manufacturer looking to ship Android with unbundled Google apps would now be charged a fee. Reports later pegged this amount as up to $40 per handset.

We don't have many details on exactly how Google's new search and browser picker will work; there's just a single paragraph in the company's blog post. Google says it will "do more to ensure that Android phone owners know about the wide choice of browsers and search engines available to download to their phones. This will involve asking users of existing and new Android devices in Europe which browser and search apps they would like to use."

Facebook

Oculus Unveils the Rift S, a Higher-Resolution VR Headset With Built-In Tracking (theverge.com) 68

Oculus VR unveiled the Oculus Rift S, a higher-resolution pair of virtual reality goggles that remove the need for external cameras by incorporating built-in tracking. The company partnered with Lenovo "to help it speed up manufacturing and to improve upon the design of the original Rift," reports The Verge. From the report: The result is a new VR device that is more comfortable, sports 2560 x 1440 resolution (or 1280 x 1440 per eye), and features the same inside-out tracking system that will ship on Oculus' upcoming standalone Quest headset, which the company calls Oculus Insight. That way, you won't need cumbersome cameras to enable full-body movement. In another twist, both the Quest and Rift S device will cost exactly the same at launch: $399, with the same pair of slightly modified Touch motion controllers included and the same integrated audio system (plus a headphone jack for external audio). That decision makes it clear that Oculus wants its VR platform to offer a choice not between two vastly different pieces of hardware, but by the more simple determination of whether you have the hardware to power PC-grade VR. The Rift S will support every existing and future game on the Rift platform. "The company is also enabling cross-buy and cross-play features," the report adds. "That way, you can buy a Quest and, at a later date, upgrade to a Rift S and still have your entire library intact. Additionally, multiplayer games that support both platforms will let players play one another, regardless of whether you're playing on a Quest or Rift device."

The Rift S and Quest will be shipping this spring.
Cellphones

Samsung Is Working On 'Perfect Full-Screen' Devices With Selfie Cameras Under the Display (theverge.com) 89

According to a report from Yonhap News Agency, Samsung's vice president of its display R&D group, Yang Byung-duk, said the company is working on making the entire front of its phones a screen, with no need for bezels or a camera cutout of any kind. He said that "though it wouldn't be possible to make (a full-screen smartphone) in the next 1-2 years, the technology can move forward to the point where the camera hole will be invisible, while not affecting the camera's function in any way." The Verge reports: The comments come less than a month after Samsung announced its latest flagship, the Galaxy S10, which is the company's first phone to have a "hole-punch" cut out from its display for the selfie camera. Yang called the S10's Infinity-O display a "milestone" for the company, but suggested that Samsung eventually plans to place the selfie camera under the display itself, removing the need for any cut out or pop-up mechanism.
XBox (Games)

Microsoft Announces Xbox Live For Any iOS Or Android Game (theverge.com) 22

Microsoft is bringing its Xbox Live network to iOS and Android devices. "The software giant is launching a new cross-platform mobile software development kit (SDK) for game developers to bring Xbox Live functionality to games that run on iOS and Android," reports The Verge. "Xbox Live features like achievements, Gamerscore, hero stats, friend lists, clubs, and even some family settings will all be available on iOS and Android." From the report: It's all part of a bigger push from Microsoft to make its Xbox games and services available across multiple platforms. Game developers will be able to pick and choose parts of Xbox Live to integrate into their games, and it will all be enabled through a single sign-in to a Microsoft Account. Microsoft is using its identity network to support login, privacy, online safety, and child accounts. Microsoft wants game developers to take a similar Minecraft approach and bring Xbox Live to more mobile games. Some iOS and Android games already have Xbox Live Achievements, but they're only enabled in titles from Microsoft Studios at the moment and this new SDK will open up Xbox Live functionality to many more games.

If you were hoping to see Xbox Live on Nintendo Switch then you might have to wait a little longer. "Our goal is to really unite the 2 billion gamers of the world and we're big fans of our Xbox Live community, but we don't have any specific announcements as it relates to Switch today," reveals Choudhry. Xbox Live on PlayStation 4 also looks unlikely, but Microsoft is open to the idea if Sony is willing to allow it. "If you've watched us for the past few years, we've taken a very inclusive approach," says Choudhry. "Phil [Spencer] has been very proactive on issues like crossplay, cross-progression, and uniting gamer networks, and we're willing to partner with the industry as much as we possibly can."

Privacy

Hard Disks Can Be Turned Into Listening Devices, Researchers Find (theregister.co.uk) 74

Researchers from the University of Michigan and Zhejiang Univeristy in China have found that hard disk drives can be turned into listening devices, using malicious firmware and signal processing calculations. The Register reports: For a study titled "Hard Drive of Hearing: Disks that Eavesdrop with a Synthesized Microphone," computer scientists Andrew Kwong, Wenyuan Xu, and Kevin Fu describe an acoustic side-channel that can be accessed by measuring how sound waves make hard disk parts vibrate. "Our research demonstrates that the mechanical components in magnetic hard disk drives behave as microphones with sufficient precision to extract and parse human speech," their paper, obtained by The Register ahead of its formal publication, stated. "These unintentional microphones sense speech with high enough fidelity for the Shazam service to recognize a song recorded through the hard drive."

The team's research work, scheduled to be presented in May at the 2019 IEEE Symposium on Security and Privacy, explores how it's possible to alter HDD firmware to measure the offset of a disk drive's read/write head from the center of the track it's seeking. The offset is referred to as the Positional Error Signal (PES) and hard drives monitor this signal to keep the read/write head in the optimal position for reading and writing data. PES measurements must be very fine because drive heads can only be off by a few nanometers before data errors arise. The sensitivity of the gear, however, means human speech is sufficient to move the needle, so to speak. Vibrations from HDD parts don't yield particularly good sound, but with digital filtering techniques, human speech can be discerned, given the right conditions.
"Flashing HDD firmware is a prerequisite for the snooping [...] because the ATA protocol does not expose the PES," The Register reports. "To exfiltrate captured data, the three boffins suggest transmitting it over the internet by modifying Linux operating system files to create a reverse shell with root privileges or storing it to disk for physical recovery at a later date."

The researchers note that this technique does require a fairly loud conversation to take place near the eavesdropping hard drive. "To record comprehensible speech, the conversation had to reach 85 dBA, with 75 dBA being the low threshold for capturing muffled sound," the report says. "To get Shazam to identify recordings captured through a hard drive, the source file had to be played at 90 dBA. Which is pretty loud. Like lawn mower or food blender loud."
PlayStation (Games)

PS4's Remote Play Update Lets You Stream To iOS Devices (theverge.com) 38

Version 6.50 of the PlayStation 4's firmware now allows you to remotely play your PS4 games from an iPhone or iPad. "To access it, you'll need to download the Remote Play app for your iOS device, and then pair it with your console," reports The Verge. "Compatible games can then be played over Wi-Fi using the on-screen buttons." From the report: Announced back in 2013, Remote Play originally let you stream games from a PS4 console to the handheld PlayStation Vita, but later in 2016, Sony released Remote Play apps for both Windows and Mac. Although Sony has yet to announce a broader Android version of the service, the existence of an Android version of the app that's exclusive to Sony Xperia phones suggests there aren't any technical barriers. Bringing the functionality to iOS is a huge expansion for Remote Play, although it's a shame that you're not officially able to pair a DualShock 4 controller with the app via Bluetooth for a more authentic experience (although some users have reported being able to get the controller working via a sneaky workaround). If you're prepared to use a non-Sony controller, then you'll be happy to know that MacStories is reporting that other MFi gamepads (such as the SteelSeries Nimbus) work just fine with the iOS app. Other limitations with the functionality are that you'll need an iPhone 7 or 6th-generation iPad or later to use it, and it's also only available over Wi-Fi. You can't use Remote Play from another location over a mobile network.

PS4 version 6.50 also adds the ability for you to remap the X and O buttons on the controller.
Power

Tesla Launches Supercharger V3 With 1,000mph Charging, Better Efficiency, and More (electrek.co) 169

Yesterday, Tesla launched the next generation Supercharger V3 with higher charging capacity, better efficiency, and more. The biggest new feature is the ability to deliver a new 250 kW of peak power thanks to an "all-new liquid cooled cable design." Electrek reports: According to the company, the cable is "significantly lighter, more flexible, and more efficient" than their current air-cooled cable found on the V2 Superchargers. Other than the cable, the Supercharger V3 should be undifferentiated from V2 at the station. The company didn't even release new pictures for V3. The new 250 kW peak at the station is also enabled by a new 1 MW power cabinet. Instead of using onboard chargers staked together, the new Supercharger is built using technology Tesla developed for its massive grid energy storage system. With the new technology, there will be no power share between stalls like in the current version.

On Tesla's most efficient vehicles, like the Long Range Model 3, the company says that the new Supercharger V3 can add up to 75 miles of range in 5 minutes and charge at a peak rage of 1,000 miles per hour of range. A new 'On-Route Battery Warmup' software feature was also announced. When entering a Supercharger station in your navigation system, the vehicle's software will "intelligently heat the battery to ensure you arrive at the optimal temperature to charge." That's assuming you have enough charge in the battery when you come in. The new feature alone should reduce "average charge times for owners by 25%," according to the automaker.
Model S and X owners may be disappointed to hear that the new peak charging rates won't be available for their vehicles at launch. Instead, they will have to wait for a software update "in the coming months." Model 3 vehicles will be the first to receive the software update to support the new speeds.

Slashdot Top Deals