arstechnica   4309

« earlier    

Target’s same-day deliveries might break my Amazon Prime addiction | Ars Technica
“On Thursday, Target unveiled a new same-day ordering feature on its website. For just $9.99, customers can get items delivered to their door in a couple of hours. I gave the service a try on Thursday, and I loved it. It was fast, convenient, and affordable.

“The part I’m most excited about, though, is something that isn’t actually new—though I hadn’t heard about it until yesterday. Target’s same-day delivery option is powered by a startup called Shipt that Target acquired in 2017. And Shipt has a subscription offer that I find compelling: for $99, you can get a year of free same-day deliveries on any Target order over $35.”
arstechnica  2019  target  amazon 
4 days ago by handcoding
Phone companies can block robocalls by default starting today, FCC says | Ars Technica
“The FCC today also started the process of requiring carriers to implement the SHAKEN and STIR protocols, which use digital certificates to verify that Caller ID numbers aren’t being spoofed. Pai’s office said he’ll move ahead with the requirement ‘if major voice service providers fail to [deploy SHAKEN and STIR] by the end of this year.’

“Carriers’ plans for implementing automatic call blocking are not clear. T-Mobile responded to the FCC vote today and noted that it lets consumers opt in to a free call-blocking service. But the company didn’t say whether it will change that from an opt-in to an opt-out service.”
arstechnica  2019  fcc  spam  calls  robocalls 
12 days ago by handcoding
This wild, AI-generated film is the next step in “whole-movie puppetry” | Ars Technica Jun 2018
Via New Scientist, 5 Jan 2019, issue 3211

"Director Oscar Sharp and AI researcher Ross Goodwin, have returned with another AI-driven experiment that, on its face, looks decidedly worse. Blurry faces, computer-generated dialogue, and awkward scene changes fill out this year's Zone Out, a film created as an entry in the Sci-Fi-London 48-Hour Challenge—meaning, just like last time, it had to be produced in 48 hours and adhere to certain specific prompts.

That 48-hour limit is worth minding, because Sharp and Goodwin went one bigger this time: they let their AI system, which they call Benjamin, handle the film's entire production pipeline."
ArsTechnica  movies  AI 
4 weeks ago by pierredv
The radio navigation planes use to land safely is insecure and can be hacked | Ars Technica May 2019
Radios that sell for $600 can spoof signals planes use to find runways.

"Like many technologies built in earlier decades, the ILS was never designed to be secure from hacking. Radio signals, for instance, aren’t encrypted or authenticated. Instead, pilots simply assume that the tones their radio-based navigation systems receive on a runway’s publicly assigned frequency are legitimate signals broadcast by the airport operator. This lack of security hasn’t been much of a concern over the years, largely because the cost and difficulty of spoofing malicious radio signals made attacks infeasible.

Now, researchers have devised a low-cost hack that raises questions about the security of ILS, which is used at virtually every civilian airport throughout the industrialized world. Using a $600 software defined radio, the researchers can spoof airport signals in a way that causes a pilot’s navigation instruments to falsely indicate a plane is off course. "

"... all are careful to note that this kind of spoofing isn't likely to cause a plane to crash in most cases. ILS malfunctions are a known threat to aviation safety, and experienced pilots receive extensive training in how to react to them"
aviation  spoofing  cyber-spectrum  ArsTechnica  ILS 
4 weeks ago by pierredv
Why the US still won’t require SS7 fixes that could secure your phone | Ars Technica Apr 2019
"Yet decades later, SS7 and other components of the nation’s digital backbone remain flawed, leaving calls and texts vulnerable to interception and disruption. Instead of facing the challenges of our hyper-connected age, the FCC is stumbling, according to documents obtained by the Project On Government Oversight (POGO) and through extensive interviews with current and former agency employees. The agency is hampered by a lack of leadership on cybersecurity issues and a dearth of in-house technical expertise that all too often leaves it relying on security advice from the very companies it is supposed to oversee.

CSRIC is a prime example of this so-called “agency capture”—the group was set up to help supplement FCC expertise and craft meaningful rules for emerging technologies. But instead, the FCC’s reliance on security advice from industry representatives creates an inherent conflict of interest. The result is weakened regulation and enforcement that ultimately puts all Americans at risk, according to former agency staff."

"Emails from 2016 between working group members, obtained by POGO via a Freedom of Information Act request, show that the group dragged its feet on resolving SS7 security vulnerabilities despite urging from FCC officials to move quickly. The group also repeatedly ignored input from DHS technical experts.

The problem wasn’t figuring out a fix, however, according to David Simpson, a retired rear-admiral who led the FCC’s Public Safety and Homeland Security Bureau at the time. The group was quickly able to discern some best practices—primarily through using different filtering systems—that some major carriers had already deployed and that others could use to mitigate the risks associated with SS7."
SS7  telecoms  cybersecurity  ArsTechnica 
6 weeks ago by pierredv
The sim swap the US isn’t using | Ars Technica
To prevent the theft of SIM numbers for defeating text-based multi-factor authentication, mobile phone carriers around the world are letting banks know when a number has been recently changed. Except in the US, where the phone carriers won't participate.
security  banking  ArsTechnica  via:ArsTechnica 
7 weeks ago by mcherm

« earlier    

related tags

1982  2018-11  2018  2019  2fa  4thammendment  5g  a12  a12x  ad  adampratt  adhd  agriculture  ai  akkaarrh  amazon  amd  ancestry  animals  antibiotics  appendicitis  appendix  apple  arcade  archaeology  argentina  art  article  articles  astronomy  at&t  atari  atariscott  authentication  automobile  autonomousvehicles  aviation  bacteria  banking  beware  bgp  biology  blockchain  blogging  boardgames  bootable  bradleytrainer  breach  browser  building  business  calls  car  cars  cbd  cdiff  china  chip  chrome  civilliberties  collectors  computing  constitutional  cool  copyright  costs  court  crime  criminaljustice  criticism  crop  culture  cyber-spectrum  cyber  cybersecurity  danachristensen  daveralston  digestive  disability  dishonesty  dkl  dna  driving  drugs  dumpingunion  economics  editorial  education  elonmusk  employment  energy  erikapeterman  ethereum  facebook  faceid  facialrecognition  fairuse  farming  fcc  fish  food  fraud  game  games  gaming  genes  geneticengineering  genetics  github  google  government  guitar  gut  hack  hacking  hardware  health  healthcare  hearing  heat  history  hospitals  hurricane  hydrology  hype  ice  ils  imaging  immigration  inca  infosec  inherit  intel  intellectual-property  interesting  internet  internetofthings  internets  ip-law  iphone  jobs  la  lasers  law  lidar  lineage  linux  list  literature  livejournal  lying  machinelearning  macos  mame  mameworld  marblemadness  marbleman  marijuana  meltdown  meteorology  microbiom  microbiome  microsoft  mikehally  ml  mmwave  mojave  money  montana  movies  mt-al  navy  nest  noaa  northcarolina  patent  payments  people  personal_net  philadelphia  photo  photograph  physics  player  police  policeabuse  politics  prediction  prices  privacy  pro  probiotics  programming  racism  recommendation  research  review  rnc  robertheinlein  robocalls  robquist  routing  safety  satellite  scam  science  sdv  search  searchandseizure  security  shipwreck  silicon  smitdogg  socialmedia  software  sound  space  spacex  spam  spectre  spoofing  ss7  sugar  supremecourt  surveillance  sysadmin  tabletop  target  technolgy  technology  telecom  telecoms  tesla  thc  theft  thermodynamics  training  tsa  twofactor  uber  usa  usb  voiceinterface  vpn  vr  vulnerability  water  weather  web  wine  wood  xerox  yeast 

Copy this bookmark: