Home / Tag Archives: lucky-modern

Tag Archives: lucky-modern

Nintendo to share up to 70 percent of ad revenue with game YouTubers (Kyle Orland/Ars Technica)

Alibaba Nintendo's somewhat indecisive stance on letting streamers and producers use video of its games online seems to be crystallizing with this week's beta launch of the Nintendo Creators Program . But the program comes with a number of restrictions that limit how video creators can use Nintendo games in their videos and how they can profit from those videos. YouTube creators who sign up for Nintendo's Creators Program can easily register individual videos or entire channels that contain content from games made by Nintendo. In exchange, Nintendo will let the video creator keep a portion of the ad revenue generated by the video: 60 percent for individual videos or 70 percent for entire channels. That's a change from the zero percent of ad revenue many video makers saw from videos that included Nintendo games in the past, though Nintendo does note ominously that "this rate may be changed arbitrarily." The revenue sharing only seems to apply to a small portion of Nintendo's game catalog, however. The Creators Program User Guide notes that only videos including a limited list of "whitelisted" games can be registered for revenue sharing. Program registrants are warned to "be sure their videos do not contain copyrighted material from third parties or content from unconfirmed game titles emphasis added." Nintendo's list of supported games leaves out a wide range of the company's publishing catalog , seemingly including every game even partially developed by an outside studio. The list of Nintendo-published games ineligible for the program includes recent Wii U titles like Captain Toad's Treasure Tracker and Bayonetta ; classics like Star Fox 64 and The Legend of Zelda: Ocarina of Time , and every game in the Super Smash Bros. series, to cite just a few examples. Presumably, unlisted games will continue to have their ad revenue captured by Nintendo, as the company has done in the past,  according to YouTube rules .

Read More »

Survey: security products send average large organizations 17K malware alerts per week, only 19% of which are reliable (Robert Lemos/Ars Technica)

For anyone who has freaked out when an antivirus alert popped up on their screen and spent time researching it only to find out it was a false alarm, a recent survey will hit home. A survey of information-technology professionals published on Friday found that the average large organization has to sift through nearly 17,000 malware alerts each week to find the 19 percent that are considered reliable. The efforts at triage waste employees’ time—to the tune of a total estimated annual productivity loss of $1.3 million per organization. In the end, security professionals only have time to investigate four percent of the warnings, according to the survey conducted by the market researcher Ponemon Institute. The survey results show the problems posed by security software that alerts for any potential threat, says Brian Foster, chief technology officer of network-security firm Damballa, the sponsor of the research. “At the end of the day, all of these security products are spitting out more alerts than humans have time to deal with,” Foster said. “And at the end of the day, if your software is overwhelming the analysts, you are part of the problem, not part of the solution.” The deluge of unreliable alerts—a problem known in the industry as “false positives”—is a well-known issue for many types of security systems. Typically, security-conscious users and IT security professionals have a choice: turn on more features in their security products and deal with the increased alerts or disable features and risk missing a real attack. Unfortunately, companies often choose the latter. But even when security professionals choose the most stringent options, the increase in unreliable alerts overwhelms users and those responsible for IT security. Instead of investigating every warning, they are trained to ignore the warnings. In 2013, for example, when cybercriminals broke into Target’s systems and loaded malware, the company’s FireEye security system issued an alert for the activity, but the company ignored the alerts. As a result, a District Court judge in Minnesota has given the go-ahead for banks to sue the retailer

Read More »

Device that logs and transmits keystrokes of certain wireless Microsoft keyboards built for $10 (Dan Goodin/Ars Technica)

It sounds like the stuff of a James Bond flick or something described in documents leaked by former NSA subcontractor Edward Snowden. In fact, the highly stealthy keystroke logger can be built by someone with only slightly above-average technical skills for as little as $10. Called KeySweeper, it's a device disguised as a functioning USB wall charger that sniffs, decrypts, logs, and transmits all input typed into a Microsoft wireless keyboard. KeySweeper is the brainchild of Samy Kamkar, a hacker who has a track record of devising clever exploits that are off the beaten path. The namesake of the Samy worm that inadvertently knocked MySpace out of commission in 2005 , Kamkar has concocted drones that seek out and hack other drones and devised exploits that use Google Streetview and Google Wi-Fi location data to stalk targets. His hacks underscore the darker side of the connected world that makes it possible for bad guys to monitor our most private communications and everyday comings and goings. KeySweeper follows the same path. Unveiled on Monday , it provides the software and hardware specifications for building a highly stealthy sniffing device that plucks out every keystroke inputted to a Microsoft wireless keyboard. The device can either log the input on a chip for physical retrieval later, or it can use an optional GSM chip to transmit the keystrokes wirelessly to the attacker. For maximum efficiency, it can be programmed to send the operator SMS messages whenever certain keywords—think "bankofamerica.com," "confidential," or "password"—are entered.

Read More »

Super cookies allow sites to track users using most popular browsers even in privacy mode (Dan Goodin/Ars Technica)

Aurich Lawson For years, Chrome, Firefox, and virtually all other browsers have offered a setting that doesn't save or refer to website cookies, browsing history, or temporary files. Privacy-conscious people rely on it to help cloak their identities and prevent websites from tracking their previous steps. Now, a software consultant has devised a simple way websites can bypass these privacy modes unless users take special care. Ironically, the chink that allows websites to uniquely track people's incognito browsing is a much-needed and relatively new security mechanism known as HTTP Strict Transport Security . Websites use it to ensure that an end user interacts with their servers only when using secure HTTPS connections. By appending a flag to the header a browser receives when making a request to a server, HSTS ensures that all later connections to a website are encrypted using one of the widely used HTTPS protocols. By requiring all subsequent connections to be encrypted, HSTS protects users against downgrade attacks, in which hackers convert an encrypted connection back into plain-text HTTP. Sam Greenhalgh, a technology and software consultant who operates RadicalResearch , has figured out a way to turn this security feature into a potential privacy hazard. His proof of concept is known as HSTS Super Cookies . Like normal cookies, they allow him to fingerprint users who browse to his site in non-privacy mode, so if they return later, he will know what pages they looked at. There are two things that give his cookies super powers. The first is that once set, the cookies will be visible even if a user has switched to incognito browsing

Read More »

Nvidia’s new Tegra X1 chip features an 8-core 64-bit CPU and a 256-core Maxwell-based GPU (Andrew Cunningham/Ars Technica)

Enlarge / Nvidia CEO Jen-Hsun Huang holding a new Tegra X1 SoC. Lee Hutchinson LAS VEGAS, NEVADA—Nvidia CEO Jen-Hsun Huang took to the stage this evening to kick off the company's CES. His first announcement was something that should interest mobile gamers—the new Tegra X1 SoC, a new chip with a GPU based on Nvidia's new Maxwell architecture. Further Reading The X1 is a follow-up to the Tegra K1, the first of Nvidia's mobile chips to unify its mobile and desktop GPU architectures. Both the quad-core 32-bit version and the dual-core 64-bit version of the K1 included a Kepler GPU with 192 cores, the same number as a low-end desktop GeForce card. Nvidia emphasized the fact that both desktop and mobile chips supported all the same APIs, theoretically reducing the amount of work that developers would have to do to port a game from the PC to a phone or tablet. The X1 switches that GPU out for a 256-core Maxwell GPU, the same core count and architecture as a GeForce 830M. Like desktop Maxwell chips, it supports DirectX 11.2 and OpenGL 4.5, and it will be able to support DirectX 12 when that API is released. We know much less about the CPU, which is an eight-core design that combines two sets of four cores. That arrangement implies that it's an ARM Cortex A57 and A53 design in a big.LITTLE configuration, which would mean a departure from Nvidia's custom Denver CPU architecture—we'll do more digging and give you more information on the CPU cores as we have it. Huang played up the X1's compute power during the presentation, and claims that it's capable of up to 1 teraFLOP of performance using the 16-bit floating point format. The SoC also supports 4K h.265 (HEVC) video encoding and decoding at 60 frames per second

Read More »

If the Supreme Court tackles the NSA in 2015, it’ll be one of these five cases (Cyrus Farivar/Ars Technica)

Roughly a year and a half since the first Snowden disclosures, there's already been a judicial order to shut down the National Security Agency's bulk metadata collection program. The lawsuit filed by Larry Klayman , a veteran conservative activist, would essentially put a stop to unchecked NSA surveillance. And at the start of 2015, he remains the only plaintiff whose case has won when fighting for privacy against the newly understood government monitoring. However, it's currently a victory in name only—the judicial order in Klayman  was stayed pending the government’s appeal. Further Reading Klayman v. Obama  is only one of a number of notable national security and surveillance-related civil and criminal cases stemming fully or partially from the Snowden documents. In 2014, a handful of these advanced far enough through the legal system that 2015 is likely to be a big year for privacy policy. One or more could even end up before the Supreme Court. "I think it's impossible to tell which case will be the one that does it, but I believe that, ultimately, the Supreme Court will have to step in and decide the constitutionality of some of the NSA's practices," Mark Rumold , an attorney with the Electronic Frontier Foundation, told Ars. Rumold is one of the attorneys in First Unitarian Church,  a case that is challenging government surveillance much like  Klayman.  Along with that pair, headline watchers should set alerts for cases such as American Civil Liberties Union (ACLU) v. Clapper, United States v. Moalin, and United States v.

Read More »

HP sells Palm trademarks; brand could be resurrected with new smartphones (Ron Amadeo/Ars Technica)

Go to Palm.com and you'll get this message. mynewpalm.com Palm, the legendary smartphone and PDA company, might seem dead and gone, but it's now looking like the name "Palm" will rise again as a zombie brand. For a quick refresher:  HP bought Palm for $1.2 billion in 2010. HP killed the Palm brand after about a year of ownership and stopped making WebOS devices entirely about a year-and-a-half after the acquisition. Since then, Palm has been pretty dead. Lately, though, the brand has started to stir. The diehards over at WebOS Nation have been keeping a close eye on  Palm.com , which recently stopped redirecting nostalgic visitors to hpwebos.com  and started sending people to mynewpalm.com . The page shows a looping video of a Palm logo along with the text "Coming Soon" and "Smart Move." No one was sure who was behind the site resuscitation until this document was found, which shows the transfer of the Palm trademark from Palm, Inc (still a subsidiary of HP) to a company called Wide Progress Global Limited. Wide Progress Global Limited doesn't seem to be a company with any kind of real purpose—it's just a shell meant to hide the true buyer. The person signing the paperwork for Wide Progress Global Limited is Nicolas Zibell, who also  just happens to hold the title "President Americas and Pacific" at Alcatel One Touch. Couple that with the fact that the "Smart Move"—the text that appears on the new Palm site—is Alcatel One Touch's slogan, and it's pretty clear that Alcatel One Touch bought the Palm brand. Alcatel One Touch is a smartphone brand owned by TCL Corporation , a Chinese firm that ranks as the 25th-largest consumer electronics manufacturer and the third-largest producer of TVs, after Samsung and LG. The company doesn't have a huge presence in America; believing that doing business under a known US brand might make entering the market a little easier, like Huawei's strategy of buying Motorola. We've yet to hear anything about Alcatel One Touch or TCL actually  doing anything with the Palm brand, but that would presumably be the next step. We doubt the brand is changing hands for no reason.

Read More »

Warrant for raid on Kim Dotcom legal, New Zealand Supreme Court rules (Megan Geuss/Ars Technica)

New Zealand’s Supreme Court ruled on Tuesday  (PDF) that warrants granted by the Court of Aukland in 2012 to search Kim Dotcom were legal. Warrants to search Dotcom compatriots Finn Batato, Mathias Ortmann, and Bram van der Kolk were also upheld. Dotcom et. al were ordered to pay NZ$35,000 (about US$27,000) to New Zealand's Attorney General for legal costs. Further Reading In 2012, the United States federal government  accused Dotcom of racketeering, copyright infringement, and money laundering  in connection with his website Megaupload, which the US contends encouraged people to share pirated copies of music and movies. The thrust of Dotcom’s argument against the search warrants was that they were overly broad and "authorized search and seizure of material likely to include that which was irrelevant and private.” In 2012, Ars reported  that "New Zealand police cut their way through locks and into Dotcom's 'panic room,' seized 18 luxury vehicles, secured NZ$11 million in cash from his bank accounts, and grabbed 150TB of data from 135 of Dotcom's digital devices.” The United States had requested the search warrants under the Mutual Assistance in Criminal Matters Act. Over the last three years, the case challenging the search warrants has moved through New Zealand’s High Court to the Court of Appeal and now finally to the Supreme Court. Early after the raid on Dotcom’s New Zealand mansion, High Court Judge Helen Winkelmann ruled the raid illegal and said the warrants facilitated a “miscarriage of justice.” Those early wins for Dotcom were fleeting, however, with the Court of Appeal overturning Winkelman’s decision in February 2014. The Supreme Court agreed four to one with the Court of Appeal that, although the warrants were flawed in form, those flaws did not make the warrants invalid. While the warrants "could have been drafted rather more precisely,” the Supreme Court’s ruling reads, the criminal activity that the US accused Kim Dotcom of "is extensive and is alleged to have been carried out through what, outwardly, resembled a legitimate large-scale cloud storage facility.” The ruling continues: Through the New Zealand Police, the United States authorities sought and obtained warrants to search for and seize material, including computers, relevant to that alleged offending. The computers were plainly relevant to the offending alleged, although some of their contents were undoubtedly irrelevant.

Read More »

Judge denies Facebook’s request to dismiss class action lawsuit over private message scanning to target ads (John Timmer/Ars Technica)

A US District Court in California has ruled that a suit that targets Facebook's data-harvesting practices can go forward. The company had attempted to have the whole thing tossed out, but only succeeded in having two relatively minor allegations dismissed. There are three plaintiffs to the suit, all of whom allege that various state and federal statutes were violated by Facebook's practice of scanning private messages in order to target ads more precisely. They also are upset that the mention of any company in these messages ends up counting as a "like." Their suit PDF alleges that Facebook's messaging service is "designed to allow users to communicate privately with other users," and the scanning therefore violates the federal Wiretap Act as well as California’s Invasion of Privacy Act. Facebook, for its part, wants to see the whole thing thrown out. It claims that it must handle the content of the messages in order to ensure delivery, and therefore it is not possible for it to unlawfully intercept them. Failing that, it suggested that the scans were part of ordinary business practice, and therefore exempt from the law. And, in any case, it stopped the practice back in 2012. For all those reasons, its lawyers argued, the case should not proceed. The court responded to this request by pursuing an extraordinarily rare course of action: it read Facebook's entire terms of service. And, in this case, their vague language—typically used to provide broad immunity—became a liability: "the document does not establish that users consented to the scanning of their messages for advertising purposes, and in fact, makes no mention of 'messages' whatsoever." Thus, the plaintiffs may have had reason to expect that their messages would remain private. And, although the practice may have been discontinued, the plaintiffs allege that Facebook could start scanning messages again whenever it wanted to. The remaining arguments focused on whether the practice of scanning was a normal part of messaging operations. After all, an e-mail service provider doesn't "intercept" message when handling them on a server; it's an essential part of how e-mail works. Here, the judge ruled that, in the absence of any explanation of how the scanning system worked required that it be sorted out in court: "Facebook’s unwillingness to offer any details regarding its targeted advertising practice prevents the court from being able to determine whether the specific practice challenged in this case should be considered 'ordinary.'” The company did see a couple of wins when it came to California laws.

Read More »

Federal judge approves warrantless creation of fake Instagram accounts used by law enforcement to befriend and access photos of suspects (Cyrus…

A federal judge in New Jersey has signed off on the practice of law enforcement using a fake Instagram account in order to become "friends" with a suspect—thus obtaining photos and other information that a person posts to their account. Further Reading "No search warrant is required for the consensual sharing of this type of information," United States District Judge William Martini wrote in an opinion published last Tuesday. "Defendant Daniel Gatson’s motion to suppress the evidence obtained through the undercover account will be denied." The criminal case, known as United States v. Daniel Gatson , involves a man accused of perpetrating a long series of burglaries ( taking primarily jewelry worth over $3 million in total ) in New Jersey and neighboring regions. Gatson, representing himself in the case, had attempted to have the data collected from Instagram thrown out as he claimed there was no probable cause to search or seize such data. In October 2014, BuzzFeed reported on an incident where a Drug Enforcement Agency officer created a fake Facebook page with photos that had been seized off of her phone during a 2010 arrest. Jonathan Mayer , a scholar at the Stanford Law School’s Center for Internet and Society, who told Ars about the Gatson case, said he had never heard of a case involving Instagram. "I can't recall a previous instance involving Instagram, or more importantly, where a judge has approved the practice," he told Ars. "I do think that's unambiguously the correct application of Fourth Amendment precedent, though."

Read More »

Cable industry group explains why it’s so afraid the FCC will regulate ISPs like utilities (Jon Brodkin/Ars Technica)

The cable industry takes a subtle approach to anti-Title II advertising. National Cable & Telecommunications Association There seems to be nothing the broadband industry fears more than Title II of the Communications Act . Further Reading Further Reading Title II gives the Federal Communications Commission power to regulate telecommunications providers as utilities or "common carriers." Like landline phone providers, common carriers must offer service to the public on reasonable terms. To regulate Internet service providers (ISPs) as utilities, the FCC must reclassify broadband as a telecommunications service, a move that consumer advocacy groups and even President Obama have pushed the FCC to take. Under Obama's proposal, the reclassification would only be used to impose net neutrality rules that prevent ISPs from blocking or throttling applications and websites or from charging applications and websites for prioritized access to consumers. The FCC would be expected to avoid imposing more stringent utility rules in a legal process known as "forbearance." Although Title II offers perks that help providers build out networks, ISPs and telecom industry groups have argued that Title II would bring a host of oppressive regulations that the FCC would have a hard time not imposing. They claim that Title II will impose so many extra costs that they’ll be forced to raise prices—though customers might point out that ISPs aren’t shy about raising prices to begin with. So what, exactly, are ISPs afraid of? We wanted to find out what the worst-case scenario for broadband providers is. Hypothetically, assuming the FCC were to impose all possible Title II regulations (even though Obama specifically said he doesn’t want that to happen), what kinds of new regulations would ISPs have to follow and what new costs would they absorb? And would consumers pay the price in higher bills and worse service? To get answers, we spoke with the biggest cable industry trade group, the National Cable & Telecommunications Association ( NCTA ). It represents cable providers such as Comcast, Time Warner Cable, Cox, Cablevision, and Charter. One big requirement Title II could bring is regulation of rates charged by Internet providers, either imposing a uniform limit on what all providers can charge or forcing each one to get permission for price increases and justify them based upon the amount they invest in their networks

Read More »

Jury begins deliberations in billion-dollar Apple iTunes trial (Joe Mullin/Ars Technica)

Apple court exhibit OAKLAND, Calif.—The long-running iTunes antitrust lawsuit against Apple has gone to a jury, which took the case after about three hours of closing arguments today. The jury will make an unusual split decision, deliberating first over the narrow issue of whether iTunes 7.0 was a true product improvement or an anti-competitive scheme to kick out Apple competitor RealNetworks. If the jury sees the "software and firmware updates" in iTunes 7.0 as a real improvement, the case will be over—a win for Apple. If it doesn't see it that way, the jurors will still have to decide if Apple broke competition laws and, if so, how much the company should pay in damages. Plaintiffs are asking for $351 million, and any award will be tripled under antitrust law. Plaintiffs representing a class of eight million consumers and resellers say Apple's behavior was anti-competitive, because the iTunes update stopped Real's competing DRM system from working correctly. Apple says Real should take responsibility for what was basically a hack of Apple DRM. When the company updated its security in iTunes 7.0, Real's reverse engineering, quite naturally, stopped working. A toxic Snickers bar Plaintiffs' lawyer Patrick Coughlin tried to get the jury to focus on two specific parts of iTunes, the Keybag Verification Code or KVC and Developer Verification Code or DVC. "They're lethal, and they degrade the user's experience," he said. They were like a "one-two punch." Coughlin continued: Further Reading I've been trying to think of an analogy, and I've been living on Snickers bars for the past couple weeks. Now if the Snickers bar was bigger, or contained more chocolate, that would be better. But if that Snickers bar had a preservative in it that was toxic—that was lethal—that would not be an improved Snickers bar.

Read More »

A quick look at Snapdragon 810, 2015’s first flagship mobile chip (Andrew Cunningham/Ars Technica)

Qualcomm CES is almost here, and while most of the industry's biggest names (Apple, Google, and Microsoft, among others) either hold their biggest announcements for separate events or decline to show up at all, there's still plenty that happens there. It remains an important show for chipmakers and component suppliers, the companies making the stuff that's going to show up in the year's biggest gadgets. One of those companies is Qualcomm, and its flagship going into next year is the Snapdragon 810. This chip was announced back in April , but chips are usually in development for at least a couple of years—the 810 will replace the current 805 in the first flagships of 2015. We spent an hour with Qualcomm yesterday hearing more about what phones based on the 810 will be able to do. The presentations were light on speeds and feeds and availability dates, but we'll give you all the information we have now ahead of further announcements at CES next month. Tech specs Further Reading Here's what's going on with the Snapdragon 810: Qualcomm is switching away from its own custom-designed "Krait" CPU architecture that it has used in all its flagship chips since the Snapdragon S4 came out in 2012. Instead, it's using off-the-shelf CPU designs from ARM, namely the 64-bit Cortex A57 and A53 . There will be four of each core in the 810 for a total of eight—ARM calls this arrangement "big.LITTLE" and the thinking is that the faster Cortex A57 cores will do the heavy lifting while the A53 cores take over for lighter tasks to save power. All eight cores are technically capable of being active at the same time, though there aren't many mobile apps that are going to use that many threads at once. We don't know exactly how well Cortex A57 will perform, and Qualcomm isn't talking about clock speeds or any of that stuff just yet. The 64-bit-ness is probably more important than performance, at least for the purposes of marketing and perceived parity with Apple and iOS—it would explain why Qualcomm would dump a custom architecture that it surely spent many years and many millions of dollars developing. We'd expect to see Krait come back at some point in the next year or two, but assuming that Qualcomm didn't have 64-bit designs in development when Apple dropped the A7 on the mobile industry last year, switching to ARM designs makes the most sense in the short term. Qualcomm sticks with its homemade Adreno GPUs on the graphics side. Qualcomm says the new Adreno 430 GPU should be around 30 percent faster than the Adreno 420 in the Snapdragon 805 while consuming 20 percent less power.

Read More »

Xbox, Windows Store now accepting Bitcoin payments (Peter Bright/Ars Technica)

Microsoft has added Bitcoin support to Microsoft accounts. Bitcoin funds can be added to accounts to enable digital purchases from the Windows, Windows Phone, Xbox Games, Xbox Music, and Xbox Video stores. Bitcoin support is currently limited to adding fixed dollar amounts to accounts; there's no direct purchase option. Up to $100 can be added at a time, and presently the option is only available to US accounts. The Bitcoin support comes via BitPay. Other early commercial Bitcoin supporters, including PayPal and Newegg, also use BitPay. We understand that the company has no plans at this time to add support for Linden Dollars, InterStellar Kredits or Project Entropia Dollars. © 2014 Condé Nast. All rights reserved Use of this Site constitutes acceptance of our User Agreement (effective 1/2/14) and Privacy Policy (effective 1/2/14), and Ars Technica Addendum (effective 5/17/2012) Your California Privacy Rights The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of Condé Nast. Ad Choices

Read More »

AT&T still throttles “unlimited data”–even when network not congested (Jon Brodkin/Ars Technica)

A while back, we reported that AT&T had stopped throttling unlimited data users except in cases when the network is congested. We were wrong. AT&T did change its policy to stop the automatic throttling of many unlimited data plans, but the company’s older, more draconian throttling policy still applies to customers with unlimited LTE data. AT&T told Ars the policy will be changed for all customers sometime in 2015, but it did not say whether that will happen closer to the beginning of the year or the end of the year. Further Reading Here’s how it works: Customers who have 3G or non-LTE 4G phones and “ legacy unlimited data plans ” are throttled for the remainder of the billing period after they exceed 3GB of data in a month, but only “at times and in areas that are experiencing network congestion.” 4G and LTE are practically synonymous these days, but AT&T also applies the 4G label to its HSPA network technology. 4G LTE customers with unlimited plans aren’t throttled until they reach 5GB of data. However, these customers are throttled for the remainder of the month at all times of the day and night regardless of whether the network is congested. Put simply, we misread AT&T’s policy, assuming that the new, less strict throttling policy applied to all 4G users, including those with LTE phones. AT&T customer Julian Benton of Santa Rosa, California, whose iPhone 6 is being throttled right now, alerted us to what’s actually going on. Benton started getting throttled on November 19 or earlier, with cellular speeds reduced from 23.51Mbps to just 0.11Mbps. Since then, his speeds have remained steady at around half a megabit per second

Read More »