Month: June 2022

Enlarge / Tiny samples of the Hypatia stone next to a small coin. Rare type Ia supernovas are some of the most energetic events in the universe. Researchers found a consistent pattern of 15 elements in the Hypatia stone, unlike anything in our solar system or in the Milky Way (credit: Jan Kramers)

In 1996, an archaeologist named Aly A. Barakat was doing fieldwork in an Egyptian desert and stumbled across an unusual shiny black pebble now known as the Hypatia stone (after Hypatia of Alexandria). Studies conducted over the last several years indicate that the stone is of extraterrestrial origin. And according to a recent paper published in the journal Icarus, the stone's parent body was likely born in the aftermath of a rare type Ia supernova explosion.

The  Hypatia stone was found in an area of southwest Egypt known for its Libyan Desert glass, produced by an extreme surface heating event, quite possibly a meteorite. The Hypatia stone may have also come from that impact, although more recent evidence suggests a comet would be a more likely parent body.

The University of Johannesburg's Jan Kramers and several colleagues have investigated the Hypatia stone for many years. Kramers compared the Hypatia stone's internal structure to a fruitcake: a poorly mixed dough forming the bulk of the pebble (mixed matrices), with the mineral grains lurking in the stone's inclusions representing the cherries and nuts. He likened the secondary substances in the stone's cracks to the flour dusting the gaps in a fruitcake.

Enlarge / A Falcon 9 rocket and Crew Dragon spacecraft are ready to launch NASA's Crew-4 mission. (credit: Trevor Mahlmann)

NASA said this week that it plans to purchase five additional Crew Dragon missions from SpaceX to carry astronauts to the International Space Station.

Although the space agency's news release does not specifically say so, these may be the final flights NASA needs to keep the space station fully occupied into the year 2030. As of now, there is no signed international agreement to keep the station flying until then, but this new procurement sends a strong signal that the space agency expects the orbital outpost to keep flying that long.

The announcement also suggests that SpaceX will fly more than twice as many crews to the space station than the other partner in NASA's commercial crew program, Boeing. Under the new agreement, SpaceX would fly 14 crewed missions to the station on Crew Dragon, and Boeing would fly six during the lifetime of the station.

Enlarge (credit: Owl Labs)

The Meeting Owl Pro is a videoconference device with an array of cameras and microphones that captures 360-degree video and audio and automatically focuses on whoever is speaking to make meetings more dynamic and inclusive. The consoles, which are slightly taller than an Amazon Alexa and bear the likeness of a tree owl, are widely used by state and local governments, colleges, and law firms.

A recently published security analysis has concluded the devices pose an unacceptable risk to the networks they connect to and the personal information of those who register and administer them. The litany of weaknesses includes:

• The exposure of names, email addresses, IP addresses, and geographic locations of all Meeting Owl Pro users in an online database that can be accessed by anyone with knowledge of how the system works. This data can be exploited to map network topologies or socially engineer or dox employees.
• The device provides anyone with access to it with the interprocess communication channel, or IPC, it uses to interact with other devices on the network. This information can be exploited by malicious insiders or hackers who exploit some of the vulnerabilities found during the analysis
• Bluetooth functionality designed to extend the range of devices and provide remote control by default uses no passcode, making it possible for a hacker in proximity to control the devices. Even when a passcode is optionally set, the hacker can disable it without first having to supply it.
• An access point mode that creates a new Wi-Fi SSID while using a separate SSID to stay connected to the organization network. By exploiting Wi-Fi or Bluetooth functionalities, an attacker can compromise the Meeting Owl Pro device and then use it as a rogue access point that infiltrates or exfiltrates data or malware into or out of the network.
• Images of captured whiteboard sessions—which are supposed to be available only to meeting participants—could be downloaded by anyone with an understanding of how the system works.

Glaring vulnerabilities remain unpatched

Researchers from modzero, a Switzerland- and Germany-based security consultancy that performs penetration testing, reverse engineering, source-code analysis, and risk assessment for its clients, discovered the threats while conducting an analysis of videoconferencing solutions on behalf of an unnamed customer. The firm first contacted Meeting Owl-maker Owl Labs of Somerville, Massachusetts, in mid-January to privately report their findings. As of the time this post went live on Ars, none of the most glaring vulnerabilities had been fixed, leaving thousands of customer networks at risk.

Enlarge / Ford's electric F-150 Lighting (L), eTransit (M), and Mustang Mach-E (R) battery-electric vehicles have all been such successes that they're all sold out for the rest of the year. And that's prompting the company to rethink how it goes about the whole process. (credit: Ford)

Few Americans enjoyed the car-buying process even before supply chain chaos, and the chip shortage led dealerships to mark up inventory by thousands of dollars. But buying a Ford electric vehicle might be a lot less painful in the future, if Ford CEO Jim Farley gets his way. On Wednesday, Farley said that he wants the company's EVs to be sold online-only, with no dealer markups or other price negotiations, according to the Detroit Free Press.

"We've got to go to non-negotiated price. We've got to go to 100 percent online. There's no inventory (at dealerships), it goes directly to the customer. And 100 percent remote pickup and delivery," Farley said while speaking at a conference in New York.

One of Tesla's most popular innovations was to eschew traditional dealerships and sell its products directly to customers. But traditional manufacturers like Ford are usually prohibited from selling their products directly to customers, a legacy of fears over vertical integration written into state laws during the early 20th century. As such, Ford's franchised dealers will almost certainly still have a role to play.

Enlarge / Get busy imagining this logo on a box.

It has been nearly eight years since Dragon Age: Inquisition launched as the most recent full game in Bioware's acclaimed RPG series and nearly four years since an unnamed sequel was first teased at the 2018 Game Awards. On Thursday, developer BioWare revealed an official title for that sequel—Dragon Age: Dreadwolf—and confirmed the game won't be coming until 2023 at the earliest.

In a brief blog post, BioWare confirmed the new game will focus on antagonist Solas, the mysterious elven hedge mage who was introduced as the Dread Wolf in Inquisition. Solas was also central to that game's 2015 Trespasser DLC and featured heavily in a four-minute Gamescom 2020 behind-the-scenes featurette on the game.

In its announcement, BioWare describes Solas as someone whose "motives are inscrutable and his methods sometimes questionable, earning him a reputation as something of a trickster deity—a player of dark and dangerous games." The developer also insists that "if you’re new to Dragon Age, you have no need to worry about not having met our antagonist just yet. He’ll properly introduce himself when the time is right."

Enlarge / Linux booting up on an old iPad Air 2. (credit: Konrad Dybcio)

If you have a 2013- or 2014-era iPad sitting around unused because it's not getting updates from Apple anymore and has stopped running the apps you need, some developers are working on an alternative software solution for you. Developer Konrad Dybcio and a Linux enthusiast going by "quaack723" have collaborated to get Linux kernel version 5.18 booting on an old iPad Air 2, a major feat for a device that was designed to never run any operating system other than Apple's.

The project appears to use an Alpine Linux-based distribution called "postmarketOS," a relatively small but actively developed distribution made primarily for Android devices. Dybcio used a "checkm8" hashtag in his initial Tweet about the project, strongly implying that they used the "Checkm8" bootrom exploit published back in 2019 to access the hardware. For now, the developers only have Linux running on some older iPad hardware using A7 and A8-based chips—this includes the iPad Air, iPad Air 2, and a few generations of iPad mini. But subsequent Tweets imply that it will be possible to get Linux up and running on any device with an A7 or A8 in it, including the iPhone 5S and the original HomePod.

This isn't the only project devoted to running Linux on Apple's hardware. One project, Asahi Linux, has been dedicated to reverse-engineering support for the M1 chips in Apple's Macs and sending the patches upstream so that they can be integrated into the Linux kernel. Another, Project Sandcastle, has a build of Android up and running on an iPhone 7. Apps like iSH will give you a Linux shell running on top of iOS or iPadOS—not the same as running Linux on the hardware directly, but useful in some circumstances.

Enlarge / There's no mistaking the BMW XM concept as anything other than a BMW. The production version of the hybrid SUV goes on sale later this year. (credit: BMW)

If Oscar Wilde was right that the only thing worse than being talked about is not being talked about, you have to hand it to BMW's styling. Over the years, the company's design department in Munich has probably generated enough column inches to stretch from here to the moon, as it has challenged conventional tastes time and again with its concepts and production cars.

These days, the fuss often concerns each new interpretation of BMW's iconic kidney grilles, and we've seen a few: the self-healing polymer of the iX, the wide chrome bling of the X7, and the gaping void of the M3. Before that, it was the so-called "Bangle butt"—the stepped tail at the back of the fourth-generation 7 Series named for then-head designer Chris Bangle. When the model was launched in 2001 (and for years afterward), BMW fans would recoil just at its mention; today, it has become normalized and acceptable.

The design of the trunk lid on the E65 7 Series (second from right) was not well-received at the time.

But the brand's willingness to embrace left-field ideas predates this century—how else to explain the 1989 Z1 roadster, with its removable plastic body panels and doors that dropped down into their sills?