reader

Google's Android Messages app could soon get a dramatic makeover with some interesting new features, judging by an APK teardown by XDA Developers and Android Police . Most significantly, it looks like you'll be able to pair your phone with a computer and text directly from a browser like Chrome, Firefox and Safari, much as you can with Google's Allo messaging app. Unlike Allo, however, Android Messages could allow you to send mobile SMSes rather than web messages, making texting a fair amount easier. To use it, you may have to scan a QR code on your PC or Mac, then pair your device each time you want to text. The feature appears to be partially implemented in the latest Android Messages 2.9 APK , but you can't yet send an actual text. The APK also hints at the ability to send and receive payments, likely via Google Pay , potentially opening that service up to many more users. There are also signs that something called Google Enhanced Messaging, probably similar Smart Replies for Gmail, Allo and Inbox, is coming to Android Messages. All told, Google appears to be transforming Android Messages into an Allo-like app, except for mobile SMS texts instead of web-based ones. It could also be monetizing it to a degree via Google Pay. Considering the power it yields over the Android smartphone ecosystem, that could amount to a lot of dollars. Take all the changes with some salt, though, because APKs don't necessarily mean features are set in stone, and some of the aforementioned features are still half-baked. Source: XDA Developers , Android Police

Enlarge / Splitting photons up into a collection of neighboring frequencies may help with quantum computation. (credit: NIST ) Way back when I started writing for Ars , experimental quantum computing had just started to take off. At the time, the big demonstrations of quantum computation were very simple calculations, performed using single photons as repositories of quantum information. Back then, demonstrating even a single logical gate was a challenge. Light ruled the roost, and charged particles were reduced to the status of not-quantum-enough. That changed, of course. Now, all the big demonstrations make use of charged particles: little superconducting current loops ,  rows of ions , or others . Light, it seems, has been reduced to a way of moving qubits between charged particles. But  a recent result shows that there is life left in photon-based quantum computers and that the degree of parallelization available to a photon-based quantum computer will be difficult to beat using other qubit technologies. Read 19 remaining paragraphs | Comments

Firefox is fast now. (credit: Mozilla) Mozilla is working on a major overhaul of its Firefox browser, and with the general release of Firefox 57 today, has reached a major milestone. The version of the browser coming out today has a sleek new interface and, under the hood, major performance enhancements, with Mozilla claiming that it's as much as twice as fast as it was a year ago. Not only should it be faster to load and render pages, but its user interface should remain quick and responsive even under heavy load with hundreds of tabs. Collectively, the performance work being done to modernize Firefox is called Project Quantum . We took a closer look at Quantum back when Firefox 57 hit the developer channel in September , but the short version is, Mozilla is rebuilding core parts of the browser, such as how it handles CSS stylesheets, how it draws pages on screen, and how it uses the GPU. This work is being motivated by a few things. First, the Web has changed since many parts of Firefox were initially designed and developed; pages are more dynamic in structure, and applications are richer and more graphically intensive, JavaScript is more complex and difficult to debug. Second, computers now have many cores and simultaneous threads, giving them much greater scope to work in parallel. And security remains a pressing concern, prompting the use of new techniques to protect against exploitation. Some of the rebuilt portions are even using Mozilla's new Rust programming language, which is designed to offer improved security compared to C++. Read 1 remaining paragraphs | Comments

Say what you will about the quality of coffee that comes out of pod-based machines like the Keurig, the machines have caught on like wildfire. They're fast, they're easy to use, and you can instantly brew up almost flavor or type of coffee you like. And soon, dinner prep might be just as easy as using a Keurig machine, if the ambitious creators of the Cooki are able to make their machine a reality. Read more...

2017 was a year like no other for cybersecurity. It was the year we found out the horrid truths at Uber and Equifax, and border security took our passwords . A year of WannaCry and Kaspersky , VPNs and blockchains going mainstream, healthcare hacking , Russian hackers , WikiLeaks playing for Putin's team , and hacking back . In 2017 we learned that cybersecurity is a Lovecraftian game in which you trade sanity for information. Let's review the year that was (and hopefully will never be again). Moscow mules This was the year Kaspersky finally got all the big press they've been angling for. Unfortunately for them, it wasn't for their research. The antivirus company spent an uncomfortable year in the headlines being accused of working with Russia's FSB (former KGB) . Eventually those suspicions got it banned from use by US government agencies. Kaspersky's alleged coziness with Putin's inner circle has made the rounds in the press and infosec gossip for years. But it came to a head when an NSA probe surfaced, the Senate pushed for a ban, and -- oddly -- the Trump administration came with the executioner's axe. Obviously, Kaspersky -- the company, and its CEO of the same name -- denied the accusations, and offered to work with the US government. They offered up their code for review and filed suit when the ban passed. At this point, the only thing that might save Kaspersky's reputation in the US is finding us that pee tape. Fingers crossed. Be still my backdoored heart A ransomware attack on Hollywood Presbyterian Hospital in 2016 put health care hacking center stage, but in 2017 it turned into a true nightmare. The WannaCry ransomware attack spread like wildfire, locking up a third of the National Health Service (NHS) in England. That was followed by other worms, like Petya/NotPetya, which hit US hospitals in June. The security of pacemakers was exposed as being awful, specifically in the case of medical device manufacturer St. Jude Medical (now rebranded as Abbott). A lot of people hated on researcher Justine Bone and MedSec for the way they went about exposing pacemaker flaws, but they were right . The FDA put a painful pin in it when it notified the public of a voluntary recall (as a firmware update) of 465, 000 pacemakers made by St. Jude Medical. Meanwhile, white hat hackers put together the first Cyber Med Summit -- a doctor-run, hacker boot camp for medical professionals. That the Summit exists is a tiny bit of good news in our medical mess, but it also proved that you should probably make sure your doctor keeps a hacker on staff. Medical staff at the Summit got a wake-up call about medical devices exploits, and concluded they need to add "hacking" to their list of possible problems to assess and diagnose. I'm not crying, you're crying On May 12, over 150 countries were hit in one weekend by a huge ransomware crimewave named WannaCry . The attack was derived from a remote code execution vulnerability (in Windows XP up through Windows Server 2012) called "EternalBlue, " found in the April Shadow Brokers/NSA dump. Those who did their Windows updates were not affected. WannaCry demanded $300 in Bitcoin from each victim and among those included were the UK's National Health Service (NHS). The ransomworm was stopped in its tracks by the registration of a single domain that behaved like a killswitch. The creators apparently neglected to secure their own self destruct button. Researcher MalwareTech was the hero of the day with his quick thinking, but was sadly repaid by having his identity outed by British tabloids. Adding injury to insult, he was later arrested on unrelated charges as he attempted to fly home after the DEF CON hacking conference in August. Two weeks after the attack, Symantec published a report saying the ransomware showed strong links to the Lazarus group (North Korea). Others independently came to the same conclusion. Eight months later, and just in time for his boss' warmongering on North Korea, Trump team member Thomas P. Bossert wrote in the Wall Street Journal that "the U.S. today publicly attributes the massive "WannaCry" cyberattack to North Korea." Maybe he's just a backdoor man US Deputy Attorney General Rod Rosenstein in October introduced the world to the new and totally made-up concept of " responsible encryption " -- and was promptly laughed out of the collective infosec room. "Responsible encryption is effective secure encryption, coupled with access capabilities, " he said . He suggested that the feds won't mandate encryption backdoors "so long as companies can cough up an unencrypted copy of every message, call, photo or other form of communications they handle." Even non-infosec people thought his new PR buzzwords were suspect. "Look, it's real simple. Encryption is good for our national security; it's good for our economy. We should be strengthening encryption, not weakening it. And it's technically impossible to have strong encryption with any kind of backdoor, " said Rep. Will Hurd (R-Texas) at The Atlantic's Cyber Frontier event in Washington, D.C. Politico wrote : It's a cause Rosenstein has quietly pursued for years, including two cases in 2014 and 2015 when, as the US attorney in Maryland, he sought to take companies to court to make them unscramble their data, a DOJ official told POLITICO. But higher-ups in President Barack Obama's Justice Department decided against it, said the official, who isn't authorized to speak to the news media about the cases. To everyone's dismay, Rosenstein doubled down on his "responsible encryption" campaign when he capitalized on a mass shooting (using as his example the phone of Devin Patrick Kelley who opened fire on a congregation in Texas, killing 26 people). He said , "Nobody has a legitimate privacy interest in that phone ... But the company that built it claims that it purposely designed the operating system so that the company cannot open the phone even with an order from a federal judge." Like Uber, but for Equifax If there was some kind of reverse beauty pageant for worst look, worst behavior, and best example of what not to do with security, we'd need a tiebreaker for 2017. Equifax and Uber dominated the year with their awfulness. Equifax was forced to admit it was hacked badly in both March and July, with the latter affecting around 200 million people (plus 400, 000 in the UK). Motherboard reported that "six months after the researcher first notified the company about the vulnerability, Equifax patched it -- but only after the massive breach that made headlines had already taken place... This revelation opens the possibility that more than one group of hackers broke into the company." Shares of Equifax plummeted 35% after the July disclosure. And news that some of its execs sold off stock before the breach was made public triggered a criminal probe. Which brings us to the "unicorn" that fell from grace . In late November Uber admitted it was hacked in October 2016, putting 57 million users and over half a million drivers at risk. Uber didn't report the breach to anyone -- victims or regulators -- then paid $100K to the hackers to keep it quiet, and hid the payment as a bug bounty. All of which led to the high-profile firing and departures of key security team members. Just a couple weeks later, in mid-December, the now-notorious 'Jacobs letter' was unsealed, accusing Uber of spying and hacking . "It was written by the attorney of a former employee, Richard Jacobs, and it contains claims that the company routinely tried to hack its competitors to gain an edge, " Engadget wrote , and "used a team of spies to steal secrets or surveil political figures and even bugged meetings between transport regulators -- with some of this information delivered directly to former CEO Travis Kalanick." The letter was so explosive it's now the trial between Uber and Waymo -- so we can be sure we haven't seen the last of Uber's security disasters in the news. Images: Getty Images/iStockphoto (Wannacry); D. Thomas Magee (All illustrations)

An all-electric cargo ship is now in use in China and it boasts an impressive 2.4 MWh energy storage capacity, Electrek reports. The ship is over 230 feet long, 45 feet wide and 14 feet deep and can carry a maximum of 2, 000 tons. Supercapacitors and lithium batteries make up the energy storage system and the ship can go about 50 miles on one charge. It will run between two shipyards, each of which has a charging station that can recharge the ship in around two hours. Moving towards electric power will be important for the shipping industry and this vessel is a step in that direction. Its payload however, is, wait for it, coal. And that may seem like an odd pairing but at least the ship isn't burning fossil fuels while it's carrying them. Tesla , Daimler , Cummins and Toyota are all working on shipping trucks that use alternative fuels and pushing our cargo ships in that direction will do a lot for the environment. The ship, which took its maiden voyage last month, will transport coal along the Pearl River in China's Guangdong Province. Via: Electrek

If you've never seen an octopus hatch, now is your chance. These cute baby Caribbean reef octopuses, the size of a pinky nail, were hatched at the Virginia Aquarium. The way they immediately darken to purple is a fun surprise. According to The Verge : The video, posted by the Virginia Aquarium, shows a baby Caribbean reef octopus (Octopus briareus) no bigger than a pinky nail hatching from a bundle of eggs. As for the color change, these octopuses are known to be masters of disguise. “It was going into an instant camouflage as soon as it came out of the egg,” says Julie Levans, senior curator at the aquarium. These octopuses use specialized muscles to open and close little sacs of pigment in their skin called chromatophores — and this little guy was probably responding to the black tabletop beneath its tank. The baby octopus’s mom arrived at the aquarium about six months ago, and four months later, she laid between 100 and 200 eggs. Since this softball-sized species is solitary and also sometimes cannibalistic, this octopus lives alone at the aquarium. The eggs themselves weren’t surprising — female octopuses typically lay eggs. “What did catch us by surprise was the fact that they were fertilized,” Levans says. ICYMI: Your daily squee has arrived. #octobabies pic.twitter.com/D9e5T5bkun — Virginia Aquarium (@VAAquarium) February 7, 2018

(credit: churl ) According to a press release from DriveSavers data recovery, information on nearly 200 floppy disks that belonged to Star Trek creator Gene Roddenberry has been recovered. The information on the disks belongs to Roddenberry’s estate and has not been disclosed to the general public. DriveSavers notes, however, that Roddenberry used the disks to store his work and "to capture story ideas, write scripts and [take] notes." VentureBeat reports that the disks, containing 160KB of data each, were likely used and written in the '80s. The circumstances of the information recovery are particularly interesting, however. Several years after the death of Roddenberry, his estate found the 5.25-inch floppy disks. Although the Star Trek creator originally typed his scripts on typewriters, he later moved his writing to two custom-built computers with custom-made operating systems before purchasing more mainstream computers in advance of his death in 1991. Read 2 remaining paragraphs | Comments

That's a lot of hard disks. (credit: Backblaze) For the last few years, we've looked at the hard disk reliability numbers from cloud backup and storage company Backblaze, but we've not looked at the systems it builds to hold its tens of thousands of hard disks. In common with some other cloud companies, Backblaze publishes the specs and designs of its Storage Pods, 4U systems packed with hard disks, and today it announced its sixth generation design , which bumps up the number of disks (from 45 to 60) while driving costs down even further. The first design, in 2009, packed 45 1.5TB disks into a 4U rackable box for a cost of about 12¢ per gigabyte. In the different iterations that have followed, Backblaze has used a number of different internal designs—sometimes using port multipliers to get all the SATA ports necessary, other times using PCIe cards packed with SATA controllers—but it has stuck with the same 45 disk-per-box formula. The new system marks the first break from that setup. It uses the same Ivy Bridge Xeon processor and 32GB RAM of the version 5, adding extra controllers and port multipliers to handle another 15 disks for 60 in total. The result is a little long—it overhangs the back of the rack by about four inches—but it's packed full of storage. Read 2 remaining paragraphs | Comments

An anonymous reader quotes a report from NBC News: The Food and Drug Administration declared the popular herbal product kratom to be an opioid on Tuesday, opening a new front in its battle to get people to stop using it. New research shows kratom acts in the brain just as opioids do, FDA Commissioner Dr. Scott Gottlieb said in a statement. And he said the agency has documented 44 cases in which kratom at least helped kill people -- often otherwise healthy young people. "Taken in total, the scientific evidence we've evaluated about kratom provides a clear picture of the biologic effect of this substance, " Gottlieb wrote. "Kratom should not be used to treat medical conditions, nor should it be used as an alternative to prescription opioids. There is no evidence to indicate that kratom is safe or effective for any medical use." The FDA released detailed accounts of several of the deaths. The victims often had mixed kratom with other substances, including chemicals taken out of inhalers and found in over-the-counter cold and flu drugs. Read more of this story at Slashdot.