Month: November 2019

Enlarge (credit: New Line Cinema)

Google will pay up to $1.5 million for the most severe hacks of its Pixel line of Android phones, a more than seven-fold increase over the previous top Android reward, the company said.

Effective immediately, Google will pay $1 million for a “full chain remote code execution exploit with persistence which compromises the Titan M secure element on Pixel devices,” the company said in a post published on Thursday. The company will also pay $500,000 for exploits that exfiltrate data out of a Pixel or bypass its lock screen.

Google will offer a 50 percent bonus to any of its rewards if the exploit works on specific developer preview versions of Android. That means a critical Titan M hack on a developer preview could fetch $1.5 million, and a data exfiltration or lockcscreen bypass on a developer preview could earn $750,000, and so on. Previously, rewards for the most severe Android exploits topped out at $200,000 if they involved the trusted execution environment—an independent OS within Android for handling payments, multi-factor authentication, and other sensitive functions—and $150,000 if they involved compromise only on the Android kernel.

Enlarge / After you press the "buy tickets" button, the Google Assistant takes over. (credit: Google)

Google is constantly teaching the Google Assistant new tricks, and this week, the assistant is learning how to navigate websites and book movie tickets. Soon, after asking your phone-based Google Assistant for movie showtimes, a new "Buy tickets" button will pop up, and tapping it will whisk you through the ticket-buying process—no extra apps required.

Google says the feature works with "more than 70 cinemas and ticketing services, such as Fandango, MovieTickets.com, AMC, or MJR Theaters in the US, or ODEON in the UK." While all of those services could have coded up special hooks for the Google Assistant, that's not what's going on here—instead this feature is powered by a feature Google calls "Duplex on the web." You might remember "Duplex" as Google's futuristic phone-call bot that can book restaurants over the phone while sounding like a real human. This "Duplex on the web" doesn't make phone calls, though, and instead navigates websites for you and completes the movie ticket purchase. Google announced this feature earlier in the year during the Google I/O keynote, where CEO Sundar Pichai defined Duplex as "the approach by which we train AI on simple but familiar tasks to accomplish them and save you time."

Buying movie tickets on your behalf through a website means Google Duplex navigates to the site, searches for a movie, fills in your personal info and your credit card details, and, after a confirmation step, completes the purchase, mashing all the necessary "next" and "buy" buttons along the way. You can watch it do all this yourself on your phone screen, and if there's anything that Duplex doesn't know how to deal with, like making a reservation for a specific seat, it will stop and ask you. We've had autofill for some time, and this is like autofill plus auto-navigation.

Enlarge / The map, as viewed from the poles. (Color key shown below.) (credit: Lopes et al/Nature Astronomy)

Saturn’s moon Titan is one of the most wonderfully weird worlds in our Solar System. In the way that Earth has a water cycle of rain and evaporation, frigid Titan has a methane cycle and lakes of the liquid stuff. Unfortunately, its atmosphere is thick with smudgy clouds and organic haze, limiting our view.

But while visible light can’t penetrate the atmosphere, other wavelengths have better luck. When the Cassini probe was still hanging out in the Saturnian neighborhood, radar and infrared instruments were used to scan the surface. In a new study published this week, a team led by Rosaly Lopes compiled that data to make a geologic map spanning Titan’s surface.

After analyzing the data, the team decided to group the terrain into six types of landscapes: craters, lakes, plains, dunes, hummocky (or mountainous) areas, and something they termed "labyrinth terrains."

Enlarge / Here is Starship Mk 1 as revealed on September 28, 2019. (credit: Trevor Mahlmann for Ars)

On Wednesday afternoon, SpaceX loaded super-chilled oxidizer and methane into a prototype version of its Starship vehicle. The exercise, at the company's facilities near Boca Chica Beach in South Texas, represented the first cryogenic fuel loading test of the vehicle.

About halfway during the process, however, some sort of failure occurred as the top bulkhead of the vehicle broke apart and went flying away. This was followed by a large, white cloud of smoke and vapor emanating from the interior of the vehicle, which eventually cleared to reveal a dented, but still shiny Starship. This was the same vehicle the company revealed in late September.

SpaceX sought to play down the accident, noting this was a "max" pressurization test to stress the system. No one was hurt, the company said, and it was not a serious setback in the development of the ambitious vehicle. The company's founder and lead technical designer, Elon Musk, later said on Twitter that this prototype had "some value as a manufacturing pathfinder," but that the flight design of the vehicle would be "quite different."