Month: November 2016

Enlarge / SSD modules like this one are being abused by Spotify. (credit: iFixit)

For almost five months—possibly longer—the Spotify music streaming app has been assaulting users' storage devices with enough data to potentially take years off their expected lifespans. Reports of tens or in some cases hundreds of gigabytes being written in an hour aren't uncommon, and occasionally the recorded amounts are measured in terabytes. The overload happens even when Spotify is idle and isn't storing any songs locally.

The behavior poses an unnecessary burden on users' storage devices, particularly solid state drives, which come with a finite amount of write capacity. Continuously writing hundreds of gigabytes of needless data to a drive every day for months or years on end has the potential to cause an SSD to die years earlier than it otherwise would. And yet, Spotify apps for Windows, Mac, and Linux have engaged in this data assault since at least the middle of June, when multiple users reported the problem in the company's official support forum.

"This is a *major* bug that currently affects thousands of users," Spotify user Paul Miller told Ars. "If for example, Castrol Oil lowered your engine's life expectancy by five to 10 years, I imagine most users would want to know, and that fact *should* be reported on."

Enlarge / Samus Aran poses for the back page of the Japanese Metroid manual. (credit: Nintendo)

Well before the NES Mini's launch, Nintendo and other companies were already plumbing the nostalgic depths with classic-gaming re-releases, either as boxed items or downloadable software. However, most of these haven't come paired with that era's most common pack-in item: the instruction manual.

Sadly, the NES Mini doesn't come packed with a giant printed instruction manual for its 30 games (which could have affected its $60 price point). But the new, tiny hardware did prompt Nintendo to do something it has rarely ever done: scan and upload full, original-era print manuals as free PDF downloads.

We at Ars are big fans of digital archival in general, but in my case, that applies especially to classic gaming manuals. I pored through my collection of NES instruction booklets on a regular basis in the late '80s and early '90s. If it weren't for the manuals, in fact, I might not have gotten so much gaming access as a kid in that era.

(credit: Getty Images)

Iconic puzzle game Rubik's Cube lost a major trademark battle earlier today, when the European Court of Justice (ECJ) held that a trademark on the shape of Rubik's Cube is invalid.

The court held that there was too much functionality in the shape of the puzzle game, "such as its rotating capability."

The puzzle was invented in 1974 by Hungarian Ernő Rubik, who originally named it the Magic Cube. It was renamed Rubik's Cube in 1980 and exported to the west. More than 350 million cubes have been sold since.

(credit: Aurich Lawson)

The Federal Communications Commission says AT&T may be violating net neutrality rules by allowing DirecTV video to stream without counting against mobile data caps while charging other companies for the same privilege.

The FCC's wireless bureau outlined its concerns in a letter sent to AT&T yesterday. AT&T owns DirecTV and "zero-rates" its video so that it doesn't count against the data caps imposed on smartphones and other mobile devices. At the same time, AT&T charges other companies for the right to stream video or other media without counting against customers' data caps. AT&T calls the charges "Sponsored Data."

This is not a violation of the so-called "bright-line" net neutrality rules that ban throttling, blocking, and paid fast lanes. But the FCC's Open Internet Order lets the commission stop other practices that harm competitors or consumers.

Enlarge / A general view of the reopening of Australian Parliament on April 18, 2016.

There is, sadly, no shortage of politicians who reject the conclusions of climate science, and that rejection frequently relies on amateurish and conspiratorial “debunkings” of actual science. So many have gone this route that it takes a lot to stand out from that crowd, but Australian Senator Malcolm Roberts managed it last weekend.

Roberts joined the Senate this year, representing Queensland as a member of the small, far-right populist One Nation Party. He spent his career in the coal industry before retiring in 2006 to focus on opposing climate science and climate policy full time.

Senator Malcolm Roberts. (credit: David Foote AUSPIC/DPS)

In August, Roberts sparred with physicist Brian Cox on ABC’s Q&A program, claiming that global temperature data had been manipulated by NASA to create the appearance of global warming—much to the consternation of Cox.

As Trump was giving his victory speech, a new wave of spear phishing attacks from Russian hackers was already on its way using his win as click-bait. (credit: Gage Skidmore)

Less than six hours after Donald Trump won the US presidential election, a new spear phishing campaign was launched by a Russia-based group. The group is apparently one of the two organizations connected to the breach at the Democratic National Committee, and it's responsible for nearly a decade of intelligence collection campaigns against military and diplomatic targets.

Security firm Volexity refers to the group as "the Dukes" based on the malware family being utilized. According to a report by Volexity founder Steven Adair, the group is known for a malware family known as "the Dukes"—also referred to as APT29 or "Cozy Bear." The Dukes' primary targets in this latest round of attacks appear to be non-governmental organizations (NGOs) and policy think tanks in the US.

According to Volexity's data, the threat group sent e-mails from purpose-built Gmail accounts and what may be a compromised e-mail account from Harvard University's Faculty of Arts and Science. The phishing e-mails dropped a new variant of backdoor malware dubbed "PowerDuke" by Volexity, and this malware gave attackers remote access to compromised systems. Volexity has been tracking a number of campaigns based on PowerDuke since August, when some "highly targeted" malicious e-mails were sent to individuals at a number of policy research organizations in the US and Europe. The e-mails were disguised as messages from the Center for a New American Security (CNAS), Transparency International, the Council on Foreign Relations, the International Institute for Strategic Studies (IISS), and Eurasia Group. Another wave of similar e-mails targeted universities in October.