news.buyenne.com

(credit: Chris)

The next time a friend or family member asks you to install a gift-registry app, remember this: the app is almost certainly soaking up lots of your personal details. In the case of one such app from retailing giant Target, it's more than happy to make those details public. Witness the following:

(credit: Avast)

According to researchers from security firm Avast, the database storing the names, e-mail addresses, home addresses, phone numbers, and wish lists of Target customers is available to anyone who figures out the app's publicly available programming interface. In a blog post published Tuesday, they wrote:

If you created a Christmas wish list using the Target app, it might be accessible to more people than you want to actually receive gifts from. The Target app keeps a database of users’ wish lists, names, addresses, and e-mail addresses. But your closest family and friends may not be the only ones who know you want a new suitcase for your upcoming cruise!

To our surprise, we discovered that the Target app’s Application Program Interface (API) is easily accessible over the Internet. An API is a set of conditions where if you ask a question it sends the answer. Also, the Target API does not require any authentication. The only thing you need in order to parse all of the data automatically is to figure out how the user ID is generated. Once you have that figured out, all the data is served to you on a silver platter in a JSON file.

The JSON file we requested from Target’s API contained interesting data, like users’ names, e-mail addresses, shipping addresses, phone numbers, the type of registries, and the items on the registries. We did not store any personal information, but we did aggregate data from 5,000 inputs, enough for statistical analysis.

Officials for Target weren't immediately available for comment. This post will be updated if they respond later.

(credit: Nintendo)

The most recent Super Smash Bros. fighting game releases have been followed with hints that series creator Masahiro Sakurai would not return to any sequels, only to be followed years later with announcements of him working on new entries. But this time according to Sakruai-san, he means it. Whether or not his Smash retirement pans out, the 2014 version's run of DLC will conclude in February, according to a "final" presentation about the game via Nintendo Direct on Tuesday.

Previously announced surprise character Cloud Strife—yes, that Cloud, from Final Fantasy VII—launches today for $6 for either version of the game (or $7 to unlock him on both platforms). He'll be joined in February by two more currently Nintendo-exclusive characters: Corrin, an armor-clad warrior from the upcoming 3DS game Fire Emblem: Fates and Platinum Games' supernaturally charged, four-gun wielder Bayonetta (whose sequel game is still a Wii U exclusive).

In addition to a ton of footage of Bayonetta wiping the floor with the likes of Kirby and Star Fox by way of giant kicks, pistol blasts, and oversized fists from above, the presentation also saw Sakurai describing the character as the most requested DLC fighter via the game's official site "among realizable characters"—meaning, those who Nintendo could realistically afford to license and design. That didn't explain why prior fan favorites like Ice Climbers have apparently been shelved for inclusion in this version of Smash Bros. however.

Kinda like this, but lose the human. (credit: Expedition to the Deep Slope/NOAA/OER)

XPRIZE has tempted people to accomplish tasks ranging from putting stuff on the Moon to measuring pH in the deep ocean by using the promise of a sweet cash prize. At the annual American Geophysical Union conference in San Francisco on Monday, XPRIZE announced a new competition that is more Jacques Cousteau than Neil Armstrong. This time, they want teams to build a better autonomous submersible that can help with ocean exploration and science.

Shell is putting up $6 million for teams that win based on the criteria of autonomy, speed, and depth. The three-year competition will include two rounds of tests culminating in a challenge to map at least 250 square kilometers of seafloor at high resolution in just 15 hours. That seafloor will reach a depth of 4,000 meters, and the vehicles will be expected to grab some high quality imagery. XPRIZE also wants vehicles that can be launched from shore or from the air rather than requiring the expensive presence of a research vessel for operation.

In addition, the National Oceanic and Atmospheric Administration is throwing in $1 million for a separate skill—the ability to track chemical or biological signals. That organization would like to see a vehicle that could sniff out and locate a hydrothermal vent on its own, for example.

(credit: Razlan/Flickr)

A drug that helps your mind may turn your gut microbes—and waistline—against you.

In a series of experiments in mice, researchers found that a common drug used to treat psychiatric illnesses, including autism and bipolar disorder, alters the gut microbial community. Those changes caused the mice to burn fewer calories while resting and gain weight, researchers report in EBioMedicine. The finding, which lines up with weight gain seen in patients, suggests that drugs other than antibiotics can easily mess with a person’s microbes, which in turn profoundly influence metabolism, weight, and overall health.

In the study, researchers led by microbiologist John Kirby of the University of Iowa gave mice water laced with the psychiatric drug risperidone. This drug is well-known to cause significant weight-gain, insulin resistance, and metabolic problems in people. Kirby and colleagues had a hunch that the hefty side-effects were linked to changes in the gut microbiome, but they were unsure of the exact mechanism.

Crytek

Beware: This 1080p shot of gameplay in The Climb betrays its VR experience, as the Oculus headset's displays offer enough stair-stepping effects as you move around to introduce artifacts and blur.

4 more images in gallery

SAN FRANCISCO—The game industry's last major "first-person platformer," Mirror's Edge, was met in 2008 with a small but passionate fan base as it toyed with a more intense view of full-blown parkour. While that novel viewpoint looked pretty cool, it could also feel disorienting during high action scenes, and the gameplay that surrounded it was admittedly quite thin.

We expect to run into very similar issues as virtual reality games launch on new-in-2016 platforms such as Oculus, PlayStation VR, and HTC Vive. Game makers will surely focus harder on getting a new perspective to look cool without making anyone sick... and launch itty-bitty games as a result. Crytek's first retail VR game, The Climb, already appears to fall into this chasm—but based on our brief test of the beautiful game at a December preview event, we think we've finally found a satisfying, better-in-VR form of a first-person platformer.

Left hand, right hand, left hand, chalk

We got to try out a Crytek VR experiment during this summer's E3 conference, but it was advertised as a tech-demo taste of Crytek's eventual first retail VR product. Robinson: The Journey simply had players scale a giant mountain's sides via an automatic pulley system. Occasionally, players would use a conventional controller's trigger buttons to grab onto new pulleys, but there was little "game" to speak of. Instead, this Robinson demo seemed meant to showcase Crytek's technically impressive engine work, which included expansive views of nearby tree-lined mountains and animated dinosaurs all around.

(credit: Parti socialiste)

European Union negotiators have finally agreed on the text of a significant new data protection and privacy law after years of debate.

On Tuesday, the European Commission, the European Parliament and the European Council came to a consensus on the language of the text, which has not yet been released in its entirety. (The most recent previous draft Ars was able to locate was dated November 27, 2015.)

Notably, the agreement sets the maximum corporate fine for violating user privacy to four percent of a company’s worldwide revenue—significantly more than the marginal sums that companies like Facebook and Google have paid in the past. For a company like Facebook, the new agreement would mean a potential maximum fine in the neighborhood of $500 million. For Google’s parent company, Alphabet, it would be about $2.5 billion.

Who can design the best pod to run inside a test track? (credit: SpaceX)

SpaceX has selected 124 teams of mostly college student engineers to participate in a Hyperloop Pod competition at the end of January. The teams will present their concepts for pods, which will then compete on a test track next summer in front of judges from SpaceX, Tesla, and universities.

The hyperloop, as outlined by Elon Musk two years ago, would involve a pod or capsule moving at nearly the speed of sound inside a tube elevated above the ground. This kind of track system could provide rapid transportation between cities 1,500 km or less apart, Musk said, after which supersonic aircraft would probably be faster or cheaper. Passengers might travel from Los Angeles to San Francisco in just 30 minutes according to Musk. The idea was hailed as visionary by some, but others have criticized it for being far from practical.

Although Musk has said he is focused on launching rockets with SpaceX and building electric cars with Tesla, he has nonetheless sought to nurture the project along by developing a functional prototype. To that end, he invited young engineers to propose ideas for a pod. The teams, from 27 US states and 20 countries, will have their concepts judged on January 29 and 30 at Texas A&M University in College Station.