news.buyenne.com

Master Chief awaits you on the Xbox One S' disc drive mount. (credit: iFixit)

Ars' review of the latest Xbox hardware revision, the Xbox One S, took a long look at the console's updated exterior (along with its 4K- and HDR-related upgrades). To get to know its guts, however, we turn to the teardown experts at iFixit, who went on a warranty-voiding dive on Wednesday to find out how Microsoft shrank the system a full 42 percent.

In doing so, the site's teardown team confirmed the myriad parts making up the full system, and as expected, we're getting the kind of change in parts vendors and component sizes we expected from a three-years-later hardware revision. For starters, iFixit shows off the Xbox One S' updated, shrunken power supply, which is now fanless, embedded in the system, and wedged nicely alongside the updated cooling rig—a custom-molded 120mm fan, an aluminum heat sink, and a copper heat pipe set.

The launch edition's 2TB hard drive can also be seen, and in good news, its interface has been upgraded from SATA II to SATA III. Our testing didn't reveal any particular drive-speed boosts as a result of this, which is probably because the included Seagate drive runs at 5400 RPM (with a 32MB cache), but we'll be curious to see whether the system's loading times are boosted when a solid state drive is hooked into that SATA III interface; if the Xbox One S' SATA controller is rated for SATA III, the difference could be noticeable. Anybody who tests this, however, risks voiding Xbox's hardware warranty.

Getty Images has been accused of selling unauthorized licenses to this, and thousands of other photos. (credit: Richard Liebowitz)

Getty Images has been hit with a second copyright-related lawsuit less than a week after famed photographer Carol Highsmith sued the company.

On Monday, Zuma Press, an independent press agency, sued Getty for alleged copyright violations and unauthorized licensing of more than 47,000 images.

In its nine-page civil complaint, Zuma attorney Richard Liebowitz alleged that as Getty has been rapidly expanding its collection of images, it has run roughshod over copyright.

(credit: Illustration by Sean MacEntee)

As the Federal Communications Commission debates new privacy rules for Internet service providers, Comcast has urged the commission to let ISPs offer different prices based on whether customers opt into systems that share their data and deliver personalized ads.

Comcast executives met with FCC officials last week, and "urged that the Commission allow business models offering discounts or other value to consumers in exchange for allowing ISPs to use their data," Comcast wrote in an ex parte filing that describes the meeting. (MediaPost covered the filing yesterday.)

AT&T is the biggest Internet provider offering such a plan. AT&T's "Internet Preferences" program reroutes customers' Web browsing to an in-house traffic scanning platform, analyzes the customers' search and browsing history, and then uses the results to deliver personalized ads to websites. With Internet Preferences enabled, AT&T customers can pay as little as $70 per month for 1Gbps fiber-to-the-home service, but those who don't opt into Internet Preferences must pay at least $29 a month extra.

Amazon’s Fire Phone was, by any reasonable metric, a colossal failure. Amazon took a $170 million write down on unsold inventory and contracts with its suppliers, and the phone’s $649 starting price tumbled below $200 in just four months. The Fire Phone's reputation was mostly deserved—Amazon’s fork of Android cut it off from the Google Play ecosystem, and its hardware was built around a couple of gimmicks that didn’t actually address actual needs. Talk of a follow-up phone persisted for a while, but no phone ever surfaced. Until now.

Kind of.

Amazon is getting back into smartphones, but instead of dumping money into R&D and maintaining its own forked OS and ecosystem, the company is taking a page from its e-readers by slapping ads and preinstalled apps onto existing budget-friendly phones. In exchange, buyers get a $50 discount on a handful of already-inexpensive phones, assuming they’re already paying $99/year for an Amazon Prime subscription (one could conceivably skirt this requirement by signing up for a Prime trial and then canceling).

Screen capture of video showing a Russian spacecraft approaching the Jovian moon Ganymede. (credit: Roscosmos)

After years of pressure from Congress and the scientific community, NASA has finally begun formal mission planning to send both an orbiter, possibly launching as early as 2023, and a follow-up lander mission to the Jovian moon Europa. But the US space agency may not be alone in sending probes Jupiter's moons. Russia now says it is going to Ganymede.

In a promotional video uploaded to YouTube, engineers from the Russian space agency, Roscosmos, discuss a proposed orbiter and lander mission to the largest moon in the solar system. Specific dates are not discussed for this "Laplace-P" concept, but the Russians have previously targeted a launch date of 2023, and the video suggests a launch could come in the next decade. Although the commentary is in Russian, the video appears to suggest that Ganymede may be as good (or better) candidate for life than Europa. Both moons are believed to have large subsurface oceans, but NASA scientists generally believe that Europa's large ocean, which is relatively near the surface and has a rich internal heat source, is likely more conducive to life.

Despite the video, it is not clear how "real" the Laplace-P mission actually is. For example, Russia has talked repeatedly about building a permanent lunar base in the 2030s, but the country hasn't made much progress toward that goal. Moreover, the Russian agency's planetary exploration program has somewhat been in state of a shambles in recent decades.

A report by Reuters suggests that the FBI was aware of a possibly Russian-sponsored intrusion into the network of the Democratic National Committee as early as last fall. But investigators from the FBI only initially told DNC staff that they should be on the lookout for strange activity on their network—and the feds didn't mention a potential state-sponsored attack until they informed the Clinton campaign in March about a phishing campaign.

Unnamed DNC staffers told Reuters' Mark Hosenball and John Walcott that the FBI had been investigating a potential intrusion into the DNC's network since the fall of 2015. After the initial warning to look for anything suspicious, DNC IT staff checked network logs and scanned files, finding nothing suspicious. When asked to provide more information to help identify a problem, the FBI "declined to provide it," according to the Reuters report.

It was not until March that the DNC IT team realized the severity of the intrusion of their systems, though Reuters did not report what triggered their realization. At about the same time, the FBI reportedly warned the Clinton campaign of the attempted attacks, according to a Yahoo News report. Spear-phishing attacks were detected in March and April against the DNC and the presidential campaign organization of Hillary Clinton by the security company SecureWorks, as Ars has previously reported.

Enlarge / A demo planned for Wednesday will show how an ad hosted on nytimes.com could attack other HTTPS-protected sites. (credit: Vanhoef, Van Goethem)

The HTTPS cryptographic scheme protecting millions of websites is vulnerable to a newly revived attack that exposes encrypted e-mail addresses, social security numbers, and other sensitive data even when attackers don't have the ability to monitor a targeted end user's Internet connection.

The exploit is notable because it doesn't require a man-in-the-middle position. Instead, an end user need only encounter an innocuous-looking JavaScript file hidden in an Web advertisement or hosted directly on a webpage. The malicious code can then query a variety of pages protected by the secure sockets layer or transport layer security protocols and measure the precise file sizes of the encrypted data they transmit. As its name suggests, the HEIST technique—short for HTTP Encrypted Information can be Stolen Through TCP-Windows—works by exploiting the way HTTPS responses are delivered over the transmission control protocol, one of the Internet's most basic building blocks.

Once attackers know the size of an encrypted response, they are free to use one of two previously devised exploits to ferret out the plaintext contained inside it. Both the BREACH and the CRIME exploits are able to decrypt payloads by manipulating the file compression that sites use to make pages load more quickly. HEIST will be demonstrated for the first time on Wednesday at the Black Hat security conference in Las Vegas.

(credit: Laura Bittner)

In the past, we’ve covered attempts by some political groups (or politicians) to access climate scientists’ e-mails. The idea is generally to trawl through them for anything that can be used to bolster the claim that climate science is somehow fraudulent—hypothetically vindicating those who have refused to acknowledge the scientific consensus for decades.

A long-time target of these activists has been researcher Michael Mann, whose work on tree ring climate records resulted in “the hockey stick,” a graph of the last millennium of climate history that shows rapid warming at the end of a gradual cooling trend. Although that record has been extended and replicated many times now, some still believe Mann must have somehow distorted the data to produce the appearance of sudden warming. As a result, Mann has been involved in court cases for years over demands for his e-mails from a conservative advocacy group and then Virginia Attorney General Ken Cuccinelli. More recently, Mann has been involved in a countersuit against those who publicly accused him of fraud.

Well, having failed to get access to Mann’s e-mails through the Virginia courts, the same opposition group (now called the Energy & Environment Legal Institute) decided to go after one of Mann’s colleagues since he worked in a different state. The University of Arizona rebuffed a very broad 2011 Freedom of Information Act request for the e-mails of Malcolm Hughes, part of the “hockey stick” team, and James Overpeck, a coordinating lead author of the 2007 IPCC report’s chapter on paleoclimate.