Tech News courtesy of Ars Technica
- Google Chrome will banish Chinese certificate authority for breach of trust
- New Silk Road docs show how site got looted by cop who hijacked dealers’ accounts
- Disgraced DEA agent from Silk Road case sent weird messages to Mt. Gox CEO
- Chevrolet’s 2016 Malibu is smarter, lighter, and keeps tabs on your kids
- Nintendo goes Amiibo crazy with new toys, cards, free “classics” app
- Google’s ARC now runs Android apps on Chrome OS, Windows, Mac, and Linux
- “Unquestionable greed”: The startup CEO who stole $765k from his friends
- NYPD cop reassigned after passenger films xenophobic rant on Uber driver
- 10% of Americans have a smartphone but no other Internet at home
- Over 40 US tech leaders urge legislators to “forbid” LGBT discrimination
Google's Chrome browser will stop trusting all digital certificates issued by the China Internet Network Information Center following a major trust breach last week that led to the issuance of unauthorized credentials for Gmail and several other Google domains.
The move could have major consequences for huge numbers of Internet users as Chrome, the world's second most widely used browser, stops recognizing all website certificates issued by CNNIC. That could leave huge numbers of users suddenly unable to connect to banks and e-commerce sites. To give affected website operators time to obtain new credentials from a different certificate authority, Google will wait an unspecified period of time before implementing the change. Once that grace period ends, Google engineers will blacklist both CNNIC's root and extended-validation certificates in Chrome and all other Google software.
The unauthorized certificates were issued by Egypt-based MCS Holdings, an intermediate certificate authority that operated under the authority of CNNIC. MCS used the certificates in a man-in-the-middle proxy, a device that intercepts secure connections by masquerading as the intended destination. Such devices are sometimes used by companies to monitor employees' encrypted traffic for legal or human resources reasons. It's the one of the first times a certificate authority has faced such a banishment since the downfall of Netherlands-based DigiNotar in 2011. Other CAs, including US-based Trustwave, have also done what CNNIC did without getting the boot. While worldwide Chrome is the No. 2 most used browser, it had a commanding, 52-percent share in China last year, compared to 23 percent for IE.
On Jan. 26, 2013, Dread Pirate Roberts received a series of urgent messages from one of his top lieutenants, Inigo. His online drug marketplace, Silk Road, was being robbed blind.
"I hope you get online soon," inigo wrote. "We are under attack over 100k stolen, shits hitting the fan you need to pull the plug on withdrawals."
But there was no "kill switch" for withdrawals, and Inigo couldn't stop the bleeding. He and DPR would later lament lacking this critical security feature. One by one, the drug dealers who relied on Silk Road to make money were having their accounts broken into, their passwords changed, and their bitcoins looted.
Earlier this week, federal prosecutors dropped a bombshell in the aftermath of the Silk Road trial: they indicted a Secret Service and Drug Enforcement Administration (DEA) agent on criminal charges for wire fraud and money laundering.
As we reported earlier, Shaun Bridges and Carl Force, respectively, were a computer forensics expert and lead undercover agent in charge of communicating with Dread Pirate Roberts (DPR), the operator of the Silk Road site.
This week, Mark Karpeles, the disgraced former owner of the Mt. Gox bitcoin exchange site, released a few bizarre messages that he exchanged in April and May 2013 with Force over LinkedIn. At the time, Silk Road would have been about two years old.
The 2016 Chevrolet Malibu is nearly 300 pounds lighter and has a wheelbase that’s been stretched nearly 4 inches, making it more fuel efficient, more functional and more agile.
8 more images in gallery
On Wednesday morning at the New York International Auto Show, Chevrolet took the covers off its new 2016 Malibu. It’s an important car for Chevrolet, competing in the mid-size sedan market, a highly competitive one that is responsible for 14 percent of US new car sales. At first glance, the new Malibu represents a huge leap forward from the car it replaces, with some interesting new technology and a focus on weight reduction. What’s more, according to Alan Batey, Chevrolet’s president, it was “designed not to be boring,” something the outgoing car never managed.
The new car has four inches added to the wheelbase, which should be of particular benefit to rear passengers. Despite this, Chevrolet has managed to make the new Malibu roughly 300 pounds lighter than its predecessor, which should help both with ride and handling, as well as making it more efficient. The car is packed to the gunwales with active safety technology; Forward Collision Alert, Rear Cross Traffic Alert, Lane Keeper Assist, blind zone sensors that should prevent drivers from changing lanes into the path of a fast-moving car, and adaptive cruise control.
The standard engine on the new Malibu is a 1.5 L, 160 hp 4-cylinder turbocharged Ecotec, which Chevrolet says results in a relatively impressive 37 mpg on the highway and 27 mpg in town (assisted by start-stop technology). For drivers wanting a bit more oomph, the Malibu also comes with a 2 L, 250 hp Ecotec turbo still capable of 32 mpg on the freeway. However, the more environmentally minded Malibu customers may want to wait for the all new Malibu Hybrid.
Nintendo may have taken the wind out of its latest Nintendo Direct presentation's sails when it announced a lack of new Legend of Zelda news last week, but the company made up for it by doubling down on the wild success of its Amiibo toy line.
The announcement of Amiibo Tap: Nintendo's Greatest Bits finally followed through on Nintendo's promise to unlock classic games with the toy line. The Wii U app will launch "this Spring" as a free download, and it will unlock three-minute demos of random games—meaning, your Mario Amiibo might unlock a Super Mario World demo or a Super Mario Bros. 1 demo. Whatever demo your Amiibo unlocks, it will also enable "scene switching" when tapped again in the middle of a demo—at which point the three-minute count will restart.
Speaking of Amiibos, Nintendo announced quite a few new toys in the line, including three Yoshi toys based on the upcoming Yoshi's Wooly World game—and yes, that means those toys will be made of fabric. The upcoming colorful Wii U online shooter Splatoon will get a special three-pack set of Amiibo toys, and Super Smash Bros. for Wii U and 3DS are getting another set of nearly a dozen toys, including Wario, Pac-Man, and Kid Icarus' Dark Link. (Worth noting, Splatoon finally announced a local multiplayer mode, along with a release date of May 29.)
12 more images in gallery
In September, Google launched ARC—the "App Runtime for Chrome,"—a project that allowed Android apps to run on Chrome OS. A few days later, a hack revealed the project's full potential: it enabled ARC on every "desktop" version of Chrome, meaning you could unofficially run Android apps on Chrome OS, Windows, Mac OS X, and Linux. ARC made Android apps run on nearly every computing platform (save iOS).
ARC is an early beta though so Google has kept the project's reach very limited—only a handful of apps have been ported to ARC, which have all been the result of close collaborations between Google and the app developer. Now though, Google is taking two big steps forward: it's allowing any developer to run their app on ARC via a new Chrome app packager, and it's allowing ARC to run on any desktop OS with a Chrome browser.
ARC runs Windows, Mac, Linux, and Chrome OS thanks to Native Client (abbreviated "NaCL"). NaCL is a Chrome sandboxing technology that allows Chrome apps and plugins to run at "near native" speeds, taking full advantage of the system's CPU and GPU. Native Client turns Chrome into a development platform, write to it, and it'll run on all desktop Chrome browsers. Google ported a full Android stack to Native Client, allowing Android apps to run on most major OSes.
SAN FRANCISCO—Dressed in matching yellow scrubs from the nearby Alameda County Jail, Jon Mills looked resigned to his fate. After taking a plea deal on two felony counts of wire fraud, the young former startup CEO appeared in federal court Tuesday afternoon for sentencing.
Mills had moved to California five years ago with a dream to hit it big in Silicon Valley. The company he founded, Motionloft, uses small sensors to perform analytics on in-store foot traffic. Everything worked. The company continues to succeed, and celebrity venture capitalist Mark Cuban remains its sole investor.
But that success wasn't enough. In early 2013, Mills told at least five people that if they gave him relatively small amounts of money, they would own stakes in the company. He claimed that a Cisco acquisition worth hundreds of millions of dollars was supposedly imminent, so Mills and all Motionloft shareholders others would stand to make a tidy profit. In reality, Mills knew the deal didn't exist.
A New York Police Department detective has been transferred from his position on the Joint Terrorism Task Force after a video of his xenophobic tirade against an Uber driver surfaced online.
Det. Patrick Cherry is in hot water following his rant Monday that was filmed by a backseat passenger and uploaded to social media. As of Tuesday, the 3.5-minute-long video was viewed nearly 800,000 times on YouTube alone.
The officer at one point pounds the vehicle with his hand and blurts to the driver, who is of unknown nationality, "I don't know what fucking planet you're on," according to the video.
One out of 10 Americans owns a smartphone but has no other Internet service at home, with the poor far more likely to find themselves in this situation than those who are well off, according to a Pew Research Center report released today.
"10 percent of Americans own a smartphone but do not have broadband at home, and 15 percent own a smartphone but say that they have a limited number of options for going online other than their cell phone," Pew Senior Researcher Aaron Smith wrote. "Those with relatively low income and educational attainment levels, younger adults, and non-whites are especially likely to be 'smartphone-dependent.'”
Pew said that 7 percent of Americans are in both categories—a smartphone is their only option for using the Internet at home, and they have few easily available options for going online when away from home. Pew refers to these Americans as "smartphone-dependent."
A letter posted to the Human Rights Campaign blog on Wednesday, signed by CEOs and executives representing 42 tech companies across the United States, urged legislators around the country to update their states' civil rights laws in the wake of Indiana's Religious Freedom Restoration Act.
The letter's co-signers included the CEOs of Twitter, eBay, Lyft, Airbnb, Square, about.me, Tumblr, and Evernote, along with high-ranking executives at Cisco, YCombinator, and Zynga. It also included the signatures of Salesforce CEO Mark Benioff and Yelp CEO Jeremy Stoppelman, both of whom had already written open letters emphatically opposing the RFRA, but it did not include a signature from Apple CEO Tim Cook, who had already written a similar call to other states' legislatures over the weekend in a Washington Post op-ed.
"We believe it is critically important to speak out about proposed bills and existing laws that would put the rights of minorities at risk," Affirm CEO Max Levchin wrote in the co-signed letter. "The transparent and open economy of the future depends on it, and the values of this great nation are at stake."