Month: November 2018

Enlarge / A Cisco Aironet access point. (credit: Cisco)

Millions of Wi-Fi access points sold by Cisco, Meraki, and Aruba have two critical vulnerabilities being patched that could allow hackers to run malware inside the sensitive networks that use the gear. While the flaws open corporate networks to some scary attacks, the real-word likelihood of them being exploited is debatable.

In a report published Thursday, security firm Armis said two flaws it found in Bluetooth Low Energy chips manufactured by Texas Instruments can be used to hack the APs that embed them. The BLE chips offer a variety of enhancements to traditional Wi-Fi APs. Retailers, for instance, can use them to monitor customer movements inside stores by monitoring the Bluetooth beacons sent by the customers’ phones. Hospitals can use BLE to keep track of Bluetooth-enabled medical equipment. Cisco (which also makes Meraki gear) and Aruba have both issued patches that users of affected gear should install as soon as possible.

Unfortunately, hackers can also make use of the vulnerable BLE chips to take control of the APs. Attackers armed with small Bluetooth-enabled devices need only two minutes to transmit exploits that install malicious firmware on the vulnerable chips. From there, the malware could install AP firmware that monitors communications, infects end users, or spreads to other parts of a corporate network.

Enlarge / An artist's concept of the Dawn spacecraft at Ceres. (credit: NASA)

Another day, and another iconic space mission has gone dark. On Tuesday, NASA announced that its exoplanet-hunting Kepler Space Telescope had run out of hydrazine fuel, and the craft would be commanded to cease operations. Now, the Dawn spacecraft at the dwarf planet Ceres must face the same fate.

On Wednesday, the spacecraft failed to phone home, and it missed a scheduled connection on Thursday as well. This means that, like the Kepler mission, Dawn has run out of hydrazine fuel, which the vehicle needs to orient itself and keep its antennas aligned with Earth. With no fuel, the spacecraft also cannot keep its solar panels turned toward the Sun.

This was not unexpected. Prior to this, because NASA did not want to potentially contaminate the surface of Ceres due to planetary-protection concerns, mission controllers placed Dawn into an orbit around Ceres that will remain stable for decades. It is now a silent sentinel in orbit around the dwarf world it has studied since 2015.

Enlarge (credit: TechBargains)

Greetings, Arsians! Courtesy of our friends at TechBargains, we have another round of deals to share. Today's list is headlined by a trade-in deal for the new OnePlus 6T, which received a rave review from our Android guru Ron Amadeo earlier this week and became widely available on Thursday.

The deal is only available on T-Mobile, the one carrier selling the phone, but it still takes a total of $300 off the device when you trade in an eligible older device. Do that, and T-Mobile says it'll effectively knock the price of the phone from $24.17 a month for 24 months (which works out to $580 in total) to $11.67 a month (or $280 in total) over the same time period. The deal is available to both new and existing users. The carrier's list of eligible trade-in phones is fairly generous and includes all past OnePlus phones:

• iPhone: 7, 7 Plus, 8, 8 Plus, 6, 6 Plus, 6s, 6s Plus
• Samsung: GS8, GS8+, GS7, GS7+, GS6, GS6+, Note8, Note5
• OnePlus: 6, 5T, 5, 3, 3T, X, 2, 1
• Google Pixel, Pixel XL, Pixel 2, Pixel 2XL
• Google Nexus 6
• LG: V30, V30+, V20, G7, G6
• Motorola: Z2 Force

Per usual with carriers, there are caveats. For one, T-Mobile is only selling the variant of the OnePlus 6T with 8GB of RAM and 128GB of storage, which retails for $580 outright. There's a $549 model with 6GB of RAM, too, but that's only available unlocked from OnePlus itself.

Fans of the quirky 2014 New Zealand "mockmentary" What We Do in the Shadows rejoice, for FX has dropped the first teasers for its much-anticipated TV adaptation. The half-hour comedy looks to preserve the same deadpan humor and worldweary tone that made the original film an instant cult classic.

Taika Waititi and Jemaine Clement wrote, directed, and starred in the horror-comedy, playing vampire roommates Vladislav (Clement) and Viago (Waititi) in Wellington, New Zealand. Given their nocturnal nature, they and their vampire friends haven't adapted to modern life particularly well, and their mishaps as they struggle to navigate the mundane trivialities of daily life in the 21st century are the source of much of the film's deadpan humor. What We Do in the Shadows garnered a solid cult following after premiering at the Sundance Film Festival, ultimately earning $6.9 million—a decent showing given its modest $1.6 million budget.

Combine that success with Waititi's impressive directorial turn at the helm of Marvel's Thor: Ragnarok, and it's no surprise that TV networks came calling. Along with a rumored big-screen sequel about the werewolf gang introduced in the film ("We're werewolves, not swearwolves"), the guys are well on their way to creating their own cinematic universe with two spinoff series.

Lowering Leona Philpot, Microsoft's first underwater serverpod, into the water. (credit: Microsoft)

Microsoft CEO Satya Nadella says that underwater server farms are part of the company's plans for future data centers.

Microsoft has been experimenting with underwater servers for some time. Project Natick put a server pod underwater off the coast of California in 2016. Naturally enough, the pod uses water cooling, dumping waste heat into the ocean around it. It's designed as a sealed unit, deployed for five years before being brought back up to the surface and replaced. Since then, Microsoft has deployed a larger pod off the coast of Scotland.

Speaking at the company's Future Decoded conference in London, Nadella said that undersea deployments are "the way [Microsoft] will think about data center regions and expansion." He cites proximity to humans as a particular advantage: about 50 percent of the world's population lives within 120 miles of a coast. Putting servers in the ocean means that they can be near population centers, which in turn ensures lower latencies. Low latencies are particularly important for real-time services, including Microsoft's forthcoming Xcloud game streaming service.

Enlarge (credit: HBO)

AT&T-owned HBO and Cinemax have been pulled from Dish's satellite TV service and the Dish-owned Sling TV streaming service over a money dispute, marking the first-ever blackout for HBO in its 46-year history.

In June, US District Court Judge Richard Leon allowed AT&T to complete its purchase of Time Warner Inc., the owner of HBO and Cinemax, saying there was no reason to believe that AT&T would use its market power to harm rival TV providers or consumers. AT&T is also the owner of DirecTV, Dish's primary competitor in the satellite TV business.

Dish said AT&T pulled HBO from Dish and Sling TV, while HBO said that Dish pulled the channel from its services as a negotiating tactic. Dish said that its customers will get bill credits for the time they cannot access HBO or Cinemax.

We'll still use any excuse to reuse this photo of Ars alumnus Sebastian Anthony reacting to VR. (credit: Sebastian Anthony)

Even since Oculus co-founder Palmer Luckey revealed that the first consumer Oculus Rift headset would launch at $600, many industry watchers have been arguing that the high price of entry was keeping virtual reality from becoming a truly revolutionary mass-market technology. Though prices for VR headsets and compatible hardware have come down quite a bit since then, sales and usage stats are still struggling to climb out of the doldrums when compared with other tech products.

Now Luckey, who left Oculus in early 2017, argues in a recent blog post that there is no price low enough to convince a critical mass of people to regularly engage with existing VR headsets:

No existing or imminent VR hardware is good enough to go truly mainstream, even at a price of $0.00. You could give a Rift+PC to every single person in the developed world for free, and the vast majority would cease to use it in a matter of weeks or months.

I know this from seeing the results of large scale real-world market testing, not just my own imagination—hardcore gamers and technology enthusiasts are entranced by the VR of today, as am I, but stickiness drops off steeply outside of that core demographic. Free is still not cheap enough for most people, because cost is not what holds them back actively or passively.

Luckey goes on to estimate that current VR technology could attract an absolute ceiling of 50 million active users worldwide, and that only with significant industry effort. That's a far cry from the 1 billion users Facebook CEO Mark Zuckerberg cites as his long-term goal for VR adoption.

ZTE

As displays consume more and more of the front real estate on a smartphone, the question of where to put the front-facing camera and sensors arises. The primary answer this year has been to slice out a chunk of the display and create a "notch" for the camera, but we've also seen a few companies push forward alternate ideas. Options so far have included a motorized pop-up camera, like on the Oppo Find X, or adding a dash of old-school flare and making a slider smartphone like the Xiaomi Mi Mix 3. But are you so desperate to kill the notch that you would add an entire second display to the back of a smartphone? Meet the ZTE Nubia X.

Now that it's not going to be killed by the US government, ZTE is back at work and is introducing this crazy dual-screen device. The front of this thing has a 6.26-inch, 2280×1080 LCD and, thanks to a lack of front-facing camera and minimal bezels, is sporting a 93.6-percent screen-to-body ratio. When you want to take a selfie, you're supposed to flip the phone over and use the rear camera, where a 5.1-inch, 1520×720 rear OLED display will act as your viewfinder. Smartphone displays are usually the most expensive components in a smartphone, so adding a whole second display to the back might be the most expensive notch-killing solution ever.