Month: July 2016

The US love affair with big vehicles hasn't gone away. (credit: RL GNZLZ @ Flickr)

Way back in 2012, the US government released a relatively ambitious plan to increase US passenger fleet average fuel efficiency to 54.5mpg. Back then, we looked at some of the new technologies that automakers were adopting in order to meet this goal, plenty of which can now be found in our cars. But despite lots of hard work by the boffins in automotive research centers in the US and elsewhere, the 54.5mpg Corporate Average Fuel Efficiency (CAFE) goal is dead in the water.

Americans, it seems, are just too in love with their light trucks and SUVs to make it happen. That's according to a new report from the Environmental Protection Agency, the National Highway Traffic Safety Administration, and the California Air Resources Board. The three agencies have published a Draft Technical Assessment Report, "Midterm Evaluation of Light-duty Vehicle GHG Emissions Standards for Model Years 2022-2025" (PDF), that lays out the case for why we could meet the 2012 plan—which would have doubled fleet fuel economy, halved greenhouse gas emissions, and saved 12 billion barrels of oil and prevented 6 billion tonnes of CO2 from entering the atmosphere between now and 2025—but won't.

The report—which stretches out to over 1200 pages—spends plenty of time discussing cool technological advances, including improvements to gasoline internal combustion engines, better transmissions, mild (48v) and high-voltage hybrids, battery electric vehicles, fuel cell EVs, and more, but the bad news gets going in Chapter 12. The report projects that 46.3mpg is where we'll be when it comes to CAFE in 2025, a drop of 15 percent compared to where we'd hoped to be.

(credit: Carl Lender)

A newly disclosed vulnerability could allow attackers to seize control of mobile phones and key parts of the world's telecommunications infrastructure and make it possible to eavesdrop or disrupt entire networks, security experts warned Tuesday.

The bug resides in a code library used in a wide range of telecommunication products, including radios in cell towers, routers, and switches, as well as the baseband chips in individual phones. Although exploiting the heap overflow vulnerability would require great skill and resources, attackers who managed to succeed would have the ability to execute malicious code on virtually all of those devices. The code library was developed by Pennsylvania-based Objective Systems and is used to implement a telephony standard known as ASN.1, short for Abstract Syntax Notation One.

"The vulnerability could be triggered remotely without any authentication in scenarios where the vulnerable code receives and processes ASN.1 encoded data from untrusted sources," researchers who discovered the flaw wrote in an advisory published Monday evening. "These may include communications between mobile devices and telecommunication network infrastructure nodes, communications between nodes in a carrier's network or across carrier boundaries, or communication between mutually untrusted endpoints in a data network."

(credit: JaviDex)

If you've visited the do-it-yourself project site of Dunlop Adhesives, the official tourism site for Guatemala, or a number of other legitimate (or in some cases, marginally legitimate) websites, you may have gotten more than the information you were looking for. These sites are redirecting visitors to a malicious website that attempts to install CryptXXX—a strain of cryptographic ransomware first discovered in April.

The sites were most likely exploited by a botnet called SoakSoak or a similar automated attack looking for vulnerable WordPress plugins and other unpatched content management tools, according to a report from researchers at the endpoint security software vendor Invincea. SoakSoak, named for the Russian domain it originally launched from, has been around for some time and has exploited thousands of websites. In December of 2014, Google was forced to blacklist over 11,000 domains in a single day after the botnet compromised their associated websites by going after the WordPress RevSlider plugin.

In this recent wave of compromises, SoakSoak planted code that redirects visitors to a website hosting the Neutrino Exploit Kit, a "commercial" malware dropping Web tool sold through underground marketplaces. The latest string of compromises appears to have begun in May. But since then, both the malware kit and the ransomware have been upgraded. The latest version of the exploit kit attempts to evade security software or virtual machines.

(credit: CDC/microbiologybytes)

Around 11 Californian Republican Party staff members who arrived in Cleveland early to help organize this week's National Convention have fallen ill with what appears to be norovirus infections.

Health officials have reportedly taken fecal samples from the sick and sent them for testing at a lab in Columbus, Ohio. "It looks like the norovirus, but we're not going to say that's definitively what it is," Erie County Health Commissioner Pete Schade told the local newspaper, the Plain Dealer.

The staffers who have fallen ill are essentially being quarantined at their hotel, the Kalahari Resort in Sandusky, Ohio. That facility is almost 60 miles away from the Cleveland arena where the convention is taking place. They have been instructed to avoid the convention until going 24 hours without symptoms.

(credit: NASA/GISS)

After 2014 set the record for annual average global surface temperature, 2015 promptly smashed it. By the end of 2015, the incredibly strong El Niño that had developed to help fuel that record enabled climate scientists to predict that 2016 was almost certain to break the record again. With the first half of 2016’s temperatures in the books, this prediction is proving to be on target.

In a press conference Tuesday, NASA scientists highlighted the standout temperatures we've seen so far in 2016. This has been, far and away, the warmest January-to-June period on record.

January-to-June average global surface temperatures, compared to the 1880-1899 average. (credit: NASA/GISS)

Even though the El Niño event has now come to an end, with forecasts pointing to cooler La Niña waters in the eastern equatorial Pacific Ocean, 2016 is a virtual lock to be significantly warmer than 2015. This June also set the record for the warmest temperature on record in June—the 8th straight month that this has happened.

(credit: Tony Young)

The Federal Communications Commission has decided not to step up its oversight of contract disputes that sometimes take free, over-the-air channels off cable systems.

Broadcast stations can demand carriage fees from cable TV operators even if the channels are otherwise available for free to consumers with an antenna. When cable TV companies and broadcasters don't agree on a price, customers are sometimes deprived of channels.

The FCC can already intervene in contract disputes when it deems it necessary, but a lobby group for small and medium-sized cable TV providers wanted the commission to do a lot more. When FCC Chairman Tom Wheeler announced the decision to maintain the status quo last week, the American Cable Association (ACA) lobby group said it was "appalled."

Matthias Müller became VW Group's CEO when Martin Winterkorn left, but both men are implicated in the most recent lawsuits from US states. (credit: By Volkswagen AG )

On Tuesday, the attorneys general of Massachusetts, New York, and Maryland launched fresh lawsuits at Volkswagen Group and its affiliates Audi and Porsche, naming more than two dozen engineers and managers in an apparent scheme to install illegal software on diesel VWs, Audis, and Porsches that were sold in the US.

The civil lawsuits allege that prior to the Environmental Protection Agency’s (EPA) public announcement in September that it had discovered defeat devices to circumvent emissions control systems in VW Group’s diesel cars, the German automaker engaged in a year and a half of cover ups and deception with the knowledge of VW Group’s former CEO, Martin Winterkorn. The company “only confessed to the defeat devices when they knew the regulators had them pinned to the facts,” according to the New York attorney general’s press release.

The lawsuits also allege that VW Group has not cooperated with investigators. “When the investigation was getting under way in late 2015, numerous employees, tipped off by a senior in-house lawyer in Germany, allegedly destroyed incriminating documents,” the press release added.

WWE wrestler Chavo Guerrero, Jr (right) is among the 53 plaintiffs in a proposed class-action lawsuit filed in Connecticut on Monday. (credit: Getty Images / Ethan Miller )

Dozens of former professional wrestlers have filed a proposed class-action civil suit against World Wrestling Entertainment (WWE), alleging that the organization should be held accountable for "long-term neurological injuries" that the performers suffered while body-slamming and pile-driving each other throughout the decades.

The 214-page suit, filed in United States District Court in Connecticut on Monday, includes among its 53 plaintiffs the famous-wrestler likes of Chavo Guerrero Jr, Joseph "Road Warrior Animal" Laurinaitis, James "Kamala" Harris, Paul "Mr Wonderful" Orndorff, and Jimmy "Supafly" Snuka. The lengthy suit attempts to hold the WWE responsible for its performers' issues with concussions and chronic traumatic encephalopathy (CTE), the brain-ravaging disease that figured largely in recent class-action suits filed by players' associations for the NFL and NHL American sports leagues.

CTE, a degenerative disease linked to repeated concussions that leads to memory loss, dementia, and suicidality, has been connected to injuries in many professional sports leagues, and the WWE is no exception. Among the more notorious examples is that of former WWE wrestler Chris Benoit, whose issues with CTE were confirmed after his murder-suicide case in 2007.