Month: February 2019

Enlarge (credit: Samuel Axon)

A new report from Bloomberg's Mark Gurman suggests that Apple is serious about combining apps across the iOS and macOS App Stores. The iPhone make is reportedly planning on expanding Project Marzipan, a multistep initiative that will allow developers to create an app only once and have it work across iPhone, iPad, and Mac devices. Apple may reveal the first steps of this program as early as June 2019 at its annual Worldwide Developers Conference.

We first heard about Marzipan back in 2017, but this is the first hint of Apple's tentative schedule for its rollout and application. The company may debut an SDK later this year that will allow developers to port iPad apps to Mac computers. While they will still have to submit two separate apps to the iOS App Store and the Mac App Store, the SDK reportedly makes it so developers only have to write the underlying code once.

By next year, Apple plans to expand the SDK to include iPhone apps, meaning developers could port iPhone apps to Macs in the same way. By 2021, developers may be able to merge iPhone, iPad, and Mac apps, creating one application that works across all of those Apple devices (what the report calls a "single binary"). At this stage, developers will not have to submit multiple versions of apps to different app stores—and Apple may be able to merge its separate stores into one, all-encompassing app store.

Enlarge / Evert (credit: iStock / Getty Images)

WinRAR, a Windows file compression program with 500 million users worldwide, recently fixed a 14-year-old vulnerability that made it possible for attackers to execute malicious code when targets opened a booby-trapped file.

The vulnerability was the result of an absolute path traversal flaw that resided in UNACEV2.DLL, a third-party code library that hasn’t been updated since 2005. The traversal made it possible for archive files to extract to a folder of the archive creator’s choosing, rather than the folder chosen by the person using the program. Because the third-party library doesn’t make use of exploit mitigations such as address space layout randomization, there was little preventing exploits.

Researchers from Check Point Software, the security firm that discovered the vulnerability, initially had trouble figuring out how to exploit the vulnerability in a way that executed code of their choosing. The most obvious path—to have an executable file extracted to the Windows startup folder where it would run on the next reboot—required WinRAR to run with higher privileges or integrity levels than it gets by default.

Enlarge / An artist's image of InSight on the surface of Mars, showing the location of its weather sensors. (credit: NASA)

There's a new meteorologist on Mars. Although NASA's InSight spacecraft landed on the red planet late in 2018 to measure the planet's geology—primarily by listening for Mars quakes—it also brought some sophisticated meteorology equipment with it.

The space agency has set up a website to share that information, which includes not only daily high and low temperatures, but unprecedented hourly data on wind speed, direction, and air pressure for InSight's location near the equator in Elysium Planitia. "We thought it was something that people might have some fun with," Cornell University's Don Banfield, who leads InSight's weather science, told Ars.

Other spacecraft have brought comparable temperature and wind sensors to Mars before, but none have carried such a precise air pressure sensor. The new sensor is 10 times more sensitive than any previous instrument because InSight needs to detect slight movements in the Martian ground, and from such movements infer details about the red planet's interior. For this, weather matters.

Enlarge / (left) Natasha Lyonne as Nadia Vulvokov in Russian Doll. (right) Jessica Rothe as Theresa "Tree" Gelbman in Happy Death Day 2 U. Both women find themselves caught in a time loop where they die over and over on their birthday. (credit: Netflix/Blumhouse Productions)

The time loop is pretty much a classic science fiction trope, thanks in large part to the enormous success of the 1993 film Groundhog Day. It's been used so often, in fact, that it's challenging to come up with a fresh take. But the Netflix series Russian Doll and the new film Happy Death Day 2 U manage to do just that, giving us time loops with a multiverse twist.

Wikipedia has amassed an impressive list of films featuring time loops: 49 so far, and that's not counting TV shows, like The X-Files episode "Monday" (in turn referenced on a Buffy the Vampire episode, "Life Serial"). The earliest film dates back to 1933: Turn Back the Clock, in which a tobacconist named Joe is killed in a hit-and-run and wakes up 20 years earlier. But it's not a true time loop tale, having more in common with It's a Wonderful Life.

A 1987 Russian film, Zerkalo dlya geroya (Mirror for a Hero), does have a lot of the key elements in place. But the real original source material is probably Richard A. Lupoff's 1973 short story, "12:01 PM," adapted into an Oscar-nominated short film in 1990 and a full-length feature in 1993—the same year Groundhog Day came out. (Lupoff definitely noticed the similarities and considered suing for plagiarism, but eventually dropped the idea.) It's pretty much been a sci-fi mainstay ever since.