Technology

Enlarge (credit: Karol Serewis/SOPA Images/LightRocket via Getty Images)

On Sunday night, even more Tesla workers learned they were no longer employed by the company as it engaged in yet another round of layoffs. Multiple former employees posted on LinkedIn and other sites to relay the news that they were no longer with the company.

"Well, tonight I have learned that my nearly 8 year journey leading and designing Service products at Tesla has come to an end," wrote one former employee.

"For the past Month, most Tesla Employees have had the ritual of keeping a close eye on one's personal email on Sundays and to check it before heading into work on Monday, as layoffs have been increasing. I was spared last October when we had layoffs and also for the last 3 weeks of layoffs. However, I too received the dreaded 'Tesla Employment Update' email today," wrote another.

Read 4 remaining paragraphs | Comments

It's almost that time again, folks: we're about to find out about some of Google's big ideas for the year ahead at its I/O developer conference. Most of the big news will come from the opening keynote on May 14, which will almost certainly give us more info on Android 15 as well as a whole bunch of AI updates.

There will surely be some surprises, though we'll more than likely need to wait until the fall to get the full lowdown on the company's latest flagship hardware.

As always, the rumor mill has been churning away with a number of reports highlighting what Google is likely to discuss at I/O. To that end, here's what to expect from the Google I/O 2024 keynote:

Android 15 Photo by Sam Rutherford/Engadget

I/O is a developer conference first and foremost. This is always where Google gives third-party devs the full lowdown on the next major Android version so they can start working on apps for it or modify their existing products.

The first Android 15 betas are already out in the wild. Among the features are an updated Privacy Sandbox, partial screen sharing (so you can record or share a certain app window instead of the entire screen) and system-level app archiving to free up space. There's also improved satellite connectivity, additional in-app camera controls and a new power efficiency mode.

However, Google is saving the bulk of the Android 15 announcements for I/O. The company has confirmed satellite messaging is coming to Android, and we could find out more about how that works. Lock screen widgets may be a focus for tablets, while Google might place an onus on an At a Glance widget for phones. A status bar redesign may be in the offing, and it may at long last be easier for you to monitor battery health.

Wake words may once again be in the offing for third-party assistants such as Alexa and even ChatGPT. Rumors also suggest there may be a feature called Private Space to let you hide data and apps from prying eyes.

AI, and lots of it Google

If you drop a dollar into a jar every time someone mentions AI during the keynote, you'll probably stash away enough cash for a vacation. The safe money's on Google talking about Gemini AI, which may end up replacing Assistant entirely. If that's the case, we could find out some of the details about the transition at I/O.

Back in December, it was reported that Google was working on an AI assistant called Pixie as an exclusive feature for Pixel devices. Pixie is said to be based on Gemini and may debut in the Pixel 9 later this year, so it would make sense for the company to start discussing that at I/O.

It wouldn't be a surprise to learn about generative AI updates for key Google products such as Search, Chrome, Maps and G Suite. AI-driven accessibility features and health projects may be in the offing too. Meanwhile, with Google once again delaying its plan to kill off third-party cookies in Chrome, it may see AI as a solution to ad targeting and spill the beans on any plan for that at I/O.

Everything else Google

The full I/O schedule offers some insight into what else Google will discuss, even if those products and services won't necessarily get airtime in the keynote.

Google has lined up a panel on the future of Wear OS, which will include details on "advances in the Watch Face Format," so expect some news about its smartwatch operating system. There will also be updates on Google TV and Android TV.

Meanwhile, Google's quantum computing team will talk about what's feasible in the space and attempt to separate fact from fiction. An Android Auto panel is on the schedule too, hinting at developments for multi-display and casting experiences.

What not to expect: Pixel 9 or Pixel Fold Photo by Cherlynn Low / Engadget

It would be a major surprise for Google to reveal a Pixel 9 or a new Pixel Fold this early in the year. The company is probably going to save those details for the fall ahead of those devices going on sale around that time. However, it did formally reveal the Pixel Fold at I/O last year, so we could get a glimpse of some hardware — especially if it wants to get out ahead of the leakers and control the narrative.

On the other hand, Google recently consolidated its Android and hardware teams under Rick Osterloh. His team may want a little more prep to make sure new devices are ready for primetime under the latest regime. As such, any hardware news (including anything to do with Nest or wearables) could be a little farther out.

This article originally appeared on Engadget at https://www.engadget.com/what-to-expect-at-google-io-2024-gemini-android-15-and-more-174535938.html?src=rss

More than anything, Star Wars: Episode 1 - The Phantom Menace is a fascinating cultural object. It's been 25 years since I saw the film in theaters, and over a decade since I last rewatched it (in a vain attempt to help my Trekkie wife catch up to the prequels). I've had enough time to process the initial disappointment and embarrassment of introducing my wife to Jar Jar Binks. So when Disney announced it was bringing the prequel trilogy back to theaters, I was practically giddy about revisiting them to see how George Lucas's final films compared to the onslaught of Star Wars media we've experienced over the past decade. Was The Phantom Menace as bad as I'd remembered? Well, yes and no.

Disney/Lucasfilm Boring but full of imagination

In 1999, I knew Episode 1 would be a bit of a slog as soon as we hit the second line of the opening crawl: "The taxation of trade routes to outlying star systems is in dispute." Really, George? This was what Star Wars fans were waiting for since 1983's Return of the Jedi? During this rewatch, I was more tickled than annoyed by the many baffling narrative choices: The empty drama of a trade blockade; the confusing decision to establish a romance between a literal child and an older teenager; and throwing in Jar Jar Binks to appease kids amid the hideously dull dialog.

It's as if The Phantom Menace was written and directed by an alien who hadn't actually seen a movie, or engaged in any aspect of pop culture, since the early '80s. At the same time, that near-outsider perspective is part of the film's charm. Seeing a society slowly lose control of an idealistic democracy to a power-hungry dictator is a lot for a PG-rated fantasy film. Yet that also sets up the first two prequels to feel eerily-prescient beside the global response to 9/11.

By the time we reached 2005's Revenge of the Sith, the allusions to George W. Bush's Patriot Act and Global War on Terror were hard to miss. "This is how liberty dies, with thunderous applause," Padme says as her fellow Senators hand over emergency powers to Palpatine, turning Supreme Chancellor Palpatine into the Emperor, and transforming the Galactic Republic into the Galactic Empire.

Disney/Lucasfilm

Beyond political machinations, The Phantom Menace is filled with loads of gorgeous imagery: Naboo's lush palace and aquatic Gungan city; the designs of new ships and weapons; and, of course, every single outfit worn by Princess Amidala. It would have been nice if these visuals cohered into the narrative better, but their presence makes it clear that Lucas was surrounded by world-class talent, like renowned costume designer Trisha Biggar.

The Phantom Menace also leaps to life in its handful of action set-pieces. Sure, maybe the pod-race goes on a bit too long, but the sense of speed, scale and bombastic sound throughout is still absolutely thrilling. (The film's sound team — Gary Rydstrom, Tom Johnson, Shawn Murphy and John Midgley — was nominated for an Oscar, but lost out to The Matrix.)

And yes, the entire Duel of the Fates fight is still an absolute banger. There's no doubt that The Phantom Menace would have been a stronger film with less-clunky dialog and more character development shown through action. At one point in the fight, all of the participants are separated by laser barriers. Qui-Gon Jinn meditates, almost completely at peace. Darth Maul prowls like a caged lion. And Obi-Wan Kenobi is simply eager to get on with the fight, like a hot-shot student who just wants to show off. That sequence tells you more about those characters than the remaining two hours of the film.

Disney/Lucasfilm A precursor to ubiquitous digital characters

While I didn't come around to loving Jar Jar Binks during this rewatch, his very existence as a fully-CG character felt more significant than ever. Voiced by the actor and comedian Ahmed Best, Jar Jar was roundly trashed upon release and his implementation was far from seamless. But it was also the first time we saw a motion-captured performance be transformed into a fully-realized character. Now that technology is so common in movies we practically take it for granted.

"You can’t have Gollum without Jar Jar," Best said in a recent interview for The New York Times. "You can’t have the Na’vi in ‘Avatar’ without Jar Jar. You can’t have Thanos or the Hulk without Jar Jar. I was the signal for the rest of this art form, and I’m proud of Jar Jar for that, and I’m proud to be a part of that. I’m in there!”

In 2017, Best offered an expanded version of his thoughts in a Twitter thread (via ScreenRant): "Jar Jar helped create the workflow, iteration process and litmus test for all CGI characters to this day. On some days the code was being written in real time as I was moving. To deny Jar Jar's place in film history is to deny the hundreds of VFX technicians, animators, code writers and producers their respect. People like John Knoll, Rob Coleman and scores of others who I worked with for two years after principal photography was ended to bring these movies to you."

Disney/Lucasfilm A great story stuck in a bad film

I've learned the best way to watch The Phantom Menace is to take in the aspects that I like and replace Lucas's many baffling choices with my own head canon. The story of Anakin Skywalker being born through the sheer power of the Force and becoming the Jedi's Chosen One? That's interesting! Inventing Midi-chlorians to give people a literal Jedi power score? That's bad, to hell with you! (Midi-chlorians are still technically canon, but they've been largely ignored in recent Star Wars media.)

This time around, I couldn't help but imagine how a more natural and energetic storyteller would have tackled The Phantom Menace. Surely they wouldn't front-load trade disputes and taxation. A more skilled writer, like Andor's Tony Gilroy, could thoughtfully weave together the Republic's potential downfall. And I'd bet most people wouldn't waste Ewan McGregor's Obi-Wan by keeping him off-screen for an hour, while everyone else goes on a pod-racing adventure. (It sure would be nice to have him spend more time with Anakin!)

Disney/Lucasfilm

I still haven't seen Topher Grace's fabled 85-minute edit of the Star Wars prequels, but his decision to start in the middle of Phantom Menace's climactic lightsaber battle makes sense. So much of Episode 1 feels entirely superfluous when the real story of Anakin Skywalker is about falling in love, being tempted by the Dark Side and ultimately betraying his master.

This article originally appeared on Engadget at https://www.engadget.com/i-guess-i-learned-how-to-appreciate-the-phantom-menace-173010855.html?src=rss

The Biden Administration has opened applications for $285 million in CHIPS Act funding for an institute to develop digital twins for the chip manufacturing industry. The investment aims to speed up silicon design and engineering while boosting national security. It’s part of a multi-billion-dollar push to establish the US as a thriving chip fabrication powerhouse, reducing dependence on the global supply chain and establishing technological dominance over China.

Digital twins are advanced software models of hardware (in this case, processors) that can help save time and money and increase efficiency. The virtual clones allow engineers to anticipate problems and adjust designs accordingly before manufacturing even begins. The auto industry and Space Force (for satellite simulations) have also used the tech.

The Department of Commerce says AI also plays a role. “Digital twin-based research can also leverage emerging technology like artificial intelligence to help accelerate the design of new U.S. chip development and manufacturing concepts and significantly reduce costs by improving capacity planning, production optimization, facility upgrades, and real-time process adjustments.”

Nvidia

The funding is part of the 2022 CHIPS Act’s $39 billion allocated for semiconductor R&D. The US had already doled out billions in CHIPS Act manufacturing incentives, including $6.4 billion to Samsung, $6.6 billion for TSMC, $6.1 billion for Micron and $8.5 billion for Intel. However, Bloomberg notes that R&D funding like this could be the most crucial piece of the Biden Administration’s long game to spark homegrown silicon innovation and avoid scenarios where supply chain shutdowns halt parts of the US economy and national security.

The government says the institute’s funds will go toward basic operations, research on digital twins, establishing and supporting shared digital facilities and workforce training. The Biden Administration wants to avoid scenarios like depending on foreign adversaries for tech that can influence America’s national security (as the US military increasingly relies on advanced tech), economic independence and supply chain control.

The Biden Administration’s CHIPS program will host a meeting for potential applicants on May 16.

“This new Manufacturing USA institute will not only help to make America a leader in developing this new technology for the semiconductor industry, it will also help train the next generation of American workers and researchers to use digital twins for future advances in R&D and production of chips,” Secretary of Commerce Gina Raimondo wrote in a press release.

This article originally appeared on Engadget at https://www.engadget.com/the-biden-administration-opens-285-million-funding-for-digital-twin-chip-research-institute-172736449.html?src=rss

Amazon’s entry-level 16GB Kindle is on sale for $80, which is a discount of 20 percent. This is the latest iteration of the standard ereader, dating back to 2022. Amazon doesn’t do too many Kindle hardware updates, so we don’t know if this sale precludes a forthcoming refresh. The sale covers both the black and blue denim versions.

The Kindle is one of the most iconic brands in the ereader space, and for good reason. Amazon has been pumping them out for 17 years. This model actually made our list of the best ereaders, and we recommend it for anyone shopping for a budget-friendly reading tablet. We loved the price, which is made even more alluring by today’s sale, and the huge ebook selection via Amazon.

We also liked how easy it is to use. Even if you’ve never held an ereader in your life, you’ll be quickly turning pages in no time. There are a bunch of customization options, allowing you to fiddle with font type, font size, margins and more. You can even save a bunch of settings together as a “theme”, which is handy in households with more than one reader. The integration with audio books is also nice, as it ensures you’ll be on the same page no matter how you absorb the content.

This ereader isn’t waterproof and it lacks many of the add-ons common with more expensive models. The standard Kindle is about as basic as this tech gets, but as a one-purpose device, are extra bells and whistles really necessary? I splurged for the fancier Kindle Scribe, which comes with a stylus, but I kind of wish I didn’t. Since buying it, I’ve read like 150 books and written approximately zero notes. Simple is better, and cheaper.

As with most Kindles, there are ads on the lock-screen, which may be a dealbreaker for some. I fully understand aversion to advertisements, they generally suck, but I’ve never found them to be a problem on Kindles. I barely notice them. 

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/amazons-standard-kindle-is-on-sale-for-80-171207351.html?src=rss

Hades II is now available in Early Access for PC players. After performing a technical test from April 16 to 29, Supergiant Games said Early Access for the “bewitching sequel” would follow “relatively soon after.” The developer lived up to its word, as a week after wrapping the preliminary test, PC players can now buy and play the highly anticipated roguelike title for $30.

Hades II builds on the themes and gameplay of the acclaimed 2020 original. This installment introduces a new protagonist, Melinoë, the sister of Zagreus, the original game’s hero. Creative Director Greg Kasavin and Studio Director Amir Rao clarified that you don’t need to have played the first game or be well-versed in Greek mythology to enjoy it. (However, the creative team still sprinkled “delightful references” for those in the know.)

The sequel’s plot revolves around a showdown with a time-controlling rapscallion. “Chronos, the Titan of Time and the wicked father of Hades and his brothers, has escaped his imprisonment in the depths of the Underworld to wage war on Olympus,” Supergiant says. “Can Time itself be stopped?”

The game’s creators said last year they want Hades II’s early access period to have at least as much content as the original did when it arrived in beta in 2018. “Even though early access inherently means a game is not yet complete, we still want to do everything we can to make sure Hades II is worth your while as soon as you can play it in any capacity,” the studio said in 2023.

You can play Hades II on Steam and the Epic Store for $30. The game will eventually launch on consoles, but for now, PlayStation and Xbox gamers will have to hop on a PC or wait it out.

This article originally appeared on Engadget at https://www.engadget.com/hades-ii-is-now-available-in-early-access-on-pc-170527415.html?src=rss

The latest and greatest 15-inch M3 MacBook Air is on sale right now for $1,150 via Amazon. This includes a sale discount of $100 plus a clipped coupon for $50, bringing the total price drop to $150. That’s not a bad deal for a laptop that just came out a couple of months ago. 

We were surprised by just how much we enjoyed this computer, as the larger screen truly makes a significant difference when compared to the standard MacBook Air. We found that the big display allowed for longer periods of use before getting fatigued, which was aided by truly excellent battery life. This thing easily lasts an entire workday, with Apple suggesting 18 hours of battery life before requiring a charge.

One of our only complaints about the M2 MacBook Air was regarding the chip itself, as the computer could struggle with certain intensive tasks. That’s been fixed with the inclusion of the M3 chip. It’s not as powerful as the M3 Pro, of course, but it certainly gets the job done, and then some.

This is also a fairly light computer, despite the size increase. It weighs around three pounds and can easily slip into a tote bag. However, the added size does make it a bit more cumbersome to carry than the 13-inch model. But that’s the trade off with any 15-inch laptop. There’s really only one serious downside to this model, and that’s with regard to port placement. The charging and USB-C ports are only on one side, which can get annoying when you have plenty of accessories to connect on a crowded desk.

This particular deal is for the base model, with 8GB of RAM and 256GB of solid-state storage. Every available iteration on Amazon, however, has been discounted. Don’t forget to clip that coupon.

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

This article originally appeared on Engadget at https://www.engadget.com/the-latest-15-inch-m3-macbook-air-is-150-off-right-now-161847204.html?src=rss

Enlarge / Rather than going to beaches to catch Wigletts, some Pokémon Go players are trying to bring the beaches to themselves. (credit: Niantic)

Ah, Pokémon Go. The hottest mobile game of 2016 remains a potent force to this day, pulling in hundreds of millions of dollars a year from tens of millions of monthly active players.

Part of what keeps the game fresh is a continuous trickle of new Pokémon. The game began with just the original 151 monsters back in 2016 and has gradually caught up to the current generation of Switch games in bits and pieces over the last eight years. The game is currently in the process of adding monsters from Scarlet and Violet, and that's where this story begins.

Two of the latest additions to the Pokémon Go roster are Wiglett and Wugtrio, riffs on the designs of Diglett and Dugtrio, who live on beaches and look kind of like garden eels. Pokémon Go uses a biome system that restricts certain Pokémon to certain types of real-world terrain, like forests, mountains, and beaches. As aquatic Pokémon, Wiglett and Wugtrio show up in the beach biome.

Read 3 remaining paragraphs | Comments

Jack Dorsey has apparently exited the Bluesky board. As spotted by TechCrunch, the former Twitter CEO who was previously Bluesky’s highest-profile proponent shared the life update this weekend on X, where he’s been posting a lot lately. In response to a user who asked “are you still on the bsky board,” Dorsey said only, “no.” That’s it, nothing more. Engadget has reached out to the company for comment and will update this story if we hear back.

no

— jack (@jack) May 4, 2024

The decentralized social network started as a project by a team at then-Twitter back in 2019, but it eventually split off on its own. It only opened to the public this March after being invite-only for almost a year. While Jack Dorsey sat on its board, Bluesky is led by Jay Graber, its CEO since 2021. Dorsey has said mixed things about X since Elon Musk’s takeover, but it seems he’s now swung back around. On Saturday, he posted on X, “don’t depend on corporations to grant you rights. defend them yourself using freedom technology. (you’re on one).”

The company has made no mention yet of Dorsey’s departure, and he’s still named as a board member on its website. Dorsey seemingly deleted his own Bluesky account months ago, TechCrunch notes. 

Update, May 6 2024, 11:28AM ET: Bluesky has since confirmed Dorsey's departure on its official account. The company also noted that it's "searching for a new board member for the Bluesky public benefit company who shares our commitment to building a social network that puts people in control of their experience."

This article originally appeared on Engadget at https://www.engadget.com/jack-dorsey-says-on-x-that-hes-not-on-the-bluesky-board-anymore-183902317.html?src=rss

Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.

Image: Shutterstock.

When a device initially tries to connect to a network, it broadcasts a message to the entire local network stating that it is requesting an Internet address. Normally, the only system on the network that notices this request and replies is the router responsible for managing the network to which the user is trying to connect.

The machine on a network responsible for fielding these requests is called a Dynamic Host Configuration Protocol (DHCP) server, which will issue time-based leases for IP addresses. The DHCP server also takes care of setting a specific local address — known as an Internet gateway — that all connecting systems will use as a primary route to the Web.

VPNs work by creating a virtual network interface that serves as an encrypted tunnel for communications. But researchers at Leviathan Security say they’ve discovered it’s possible to abuse an obscure feature built into the DHCP protocol so that other users on the local network are forced to connect to a rogue DHCP server.

“Our technique is to run a DHCP server on the same network as a targeted VPN user and to also set our DHCP configuration to use itself as a gateway,” Leviathan researchers Lizzie Moratti and Dani Cronce wrote. “When the traffic hits our gateway, we use traffic forwarding rules on the DHCP server to pass traffic through to a legitimate gateway while we snoop on it.”

The feature being abused here is known as DHCP option 121, and it allows a DHCP server to set a route on the VPN user’s system that is more specific than those used by most VPNs. Abusing this option, Leviathan found, effectively gives an attacker on the local network the ability to set up routing rules that have a higher priority than the routes for the virtual network interface that the target’s VPN creates.

“Pushing a route also means that the network traffic will be sent over the same interface as the DHCP server instead of the virtual network interface,” the Leviathan researchers said. “This is intended functionality that isn’t clearly stated in the RFC [standard]. Therefore, for the routes we push, it is never encrypted by the VPN’s virtual interface but instead transmitted by the network interface that is talking to the DHCP server. As an attacker, we can select which IP addresses go over the tunnel and which addresses go over the network interface talking to our DHCP server.”

Leviathan found they could force VPNs on the local network that already had a connection to arbitrarily request a new one. In this well-documented tactic, known as a DHCP starvation attack, an attacker floods the DHCP server with requests that consume all available IP addresses that can be allocated. Once the network’s legitimate DHCP server is completely tied up, the attacker can then have their rogue DHCP server respond to all pending requests.

“This technique can also be used against an already established VPN connection once the VPN user’s host needs to renew a lease from our DHCP server,” the researchers wrote. “We can artificially create that scenario by setting a short lease time in the DHCP lease, so the user updates their routing table more frequently. In addition, the VPN control channel is still intact because it already uses the physical interface for its communication. In our testing, the VPN always continued to report as connected, and the kill switch was never engaged to drop our VPN connection.”

The researchers say their methods could be used by an attacker who compromises a DHCP server or wireless access point, or by a rogue network administrator who owns the infrastructure themselves and maliciously configures it. Alternatively, an attacker could set up an “evil twin” wireless hotspot that mimics the signal broadcast by a legitimate provider.

ANALYSIS

Bill Woodcock is executive director at Packet Clearing House, a nonprofit based in San Francisco. Woodcock said Option 121 has been included in the DHCP standard since 2002, which means the attack described by Leviathan has technically been possible for the last 22 years.

“They’re realizing now that this can be used to circumvent a VPN in a way that’s really problematic, and they’re right,” Woodcock said.

Woodcock said anyone who might be a target of spear phishing attacks should be very concerned about using VPNs on an untrusted network.

“Anyone who is in a position of authority or maybe even someone who is just a high net worth individual, those are all very reasonable targets of this attack,” he said. “If I were trying to do an attack against someone at a relatively high security company and I knew where they typically get their coffee or sandwich at twice a week, this is a very effective tool in that toolbox. I’d be a little surprised if it wasn’t already being exploited in that way, because again this isn’t rocket science. It’s just thinking a little outside the box.”

Successfully executing this attack on a network likely would not allow an attacker to see all of a target’s traffic or browsing activity. That’s because for the vast majority of the websites visited by the target, the content is encrypted (the site’s address begins with https://). However, an attacker would still be able to see the metadata — such as the source and destination addresses — of any traffic flowing by.

KrebsOnSecurity shared Leviathan’s research with John Kristoff, founder of dataplane.org and a PhD candidate in computer science at the University of Illinois Chicago. Kristoff said practically all user-edge network gear, including WiFi deployments, support some form of rogue DHCP server detection and mitigation, but that it’s unclear how widely deployed those protections are in real-world environments.

“However, and I think this is a key point to emphasize, an untrusted network is an untrusted network, which is why you’re usually employing the VPN in the first place,” Kristoff said. “If local network is inherently hostile and has no qualms about operating a rogue DHCP server, then this is a sneaky technique that could be used to de-cloak some traffic – and if done carefully, I’m sure a user might never notice.”

MITIGATIONS

According to Leviathan, there are several ways to minimize the threat from rogue DHCP servers on an unsecured network. One is using a device powered by the Android operating system, which apparently ignores DHCP option 121.

Relying on a temporary wireless hotspot controlled by a cellular device you own also effectively blocks this attack.

“They create a password-locked LAN with automatic network address translation,” the researchers wrote of cellular hot-spots. “Because this network is completely controlled by the cellular device and requires a password, an attacker should not have local network access.”

Leviathan’s Moratti said another mitigation is to run your VPN from inside of a virtual machine (VM) — like Parallels, VMware or VirtualBox. VPNs run inside of a VM are not vulnerable to this attack, Moratti said, provided they are not run in “bridged mode,” which causes the VM to replicate another node on the network.

In addition, a technology called “deep packet inspection” can be used to deny all in- and outbound traffic from the physical interface except for the DHCP and the VPN server. However, Leviathan says this approach opens up a potential “side channel” attack that could be used to determine the destination of traffic.

“This could be theoretically done by performing traffic analysis on the volume a target user sends when the attacker’s routes are installed compared to the baseline,” they wrote. “In addition, this selective denial-of-service is unique as it could be used to censor specific resources that an attacker doesn’t want a target user to connect to even while they are using the VPN.”

Moratti said Leviathan’s research shows that many VPN providers are currently making promises to their customers that their technology can’t keep.

“VPNs weren’t designed to keep you more secure on your local network, but to keep your traffic more secure on the Internet,” Moratti said. “When you start making assurances that your product protects people from seeing your traffic, there’s an assurance or promise that can’t be met.”

A copy of Leviathan’s research, along with code intended to allow others to duplicate their findings in a lab environment, is available here.

Enlarge / Aiming a single rifle sight into an earth-moving explosion feels like some kind of metaphor for the Helldivers 2 delayed PSN requirement saga. (credit: PlayStation/Arrowhead)

Helldivers 2 PC players can continue doing their part for Super Earth, sans Sony logins.

Sony's plan for its surprise hit co-op squad shooter—now the most successful launch in Sony's nascent PC catalog—Helldivers 2, was to make its players sign in with PlayStation Network (PSN) accounts before it launched in early February, even if they purchased the game through the Steam store.

Sony and developer Arrowhead didn't enforce PSN logins during its frenetic launch and then announced late last week that PSN accounts would soon be mandatory. Many players did not like that at all, seeing in it a sudden desire by Sony to capitalize on its unexpected smash hit. Some were not eager to engage with a network that had a notable hack in its history, others were concerned about countries where PSN was not offered, and many didn't take Sony at its word that this was about griefing, banning, and other moderation.

Read 5 remaining paragraphs | Comments

Enlarge / Ncuti Gatwa is the Fifteenth Doctor, and Millie Gibson is his new companion, Ruby Sunday, in new season of Doctor Who. (credit: Disney+)

A new season of Doctor Who is almost upon us, featuring Ncuti Gatwa's first full run as the 15th Doctor, with a shiny new companion. It's also the first time Doctor Who will stream on Disney+, after the platform acquired the international broadcasting rights. That could translate into a whole new generation of fans for this beloved British sci-fi series.

(Spoilers for "The Power of the Doctor," "The Giggle," and "The Church on Ruby Road" below.)

Here's a brief summation for the benefit of those who may not have kept up with the more recent seasons. Russell T. Davies—who revived the series in 2005 with Christopher Eccleston as the Ninth Doctor—has returned as showrunner. Davies lost no time introducing a few new twists. When it came time for Jodie Whittaker's Thirteenth Doctor to regenerate, fans had expected Gatwa to be introduced. Instead, the new Fourteenth Doctor was played by former Tenth Doctor David Tennant, reuniting with former companion Donna Noble (Catherine Tate) for three specials.

Read 9 remaining paragraphs | Comments

When I first saw the Rabbit R1, it was more appealing than the Humane AI Pin. The R1 had an actual screen, not a dim projector, and it had a twee scrolling wheel, all wrapped up in a glossy, fiery orange-red shell.

Alas, as our review explains, it doesn’t work as well as promised. It doesn’t do much and is, at launch, riddled with bugs and issues. Devindra Hardawar, who reviewed it, even took issue with the scrolling wheel. Nooooo.

Engadget

The main takeaway might be: If your phone can do all these tasks just as well (or better, in most cases), what’s the point, Rabbit?

The truth might be I just wasn’t into the Rabbit R1. Even if I am into pretty much anything Teenage Engineering designs.

— Mat Smith

The biggest stories you might have missed

Parrots love video-chat

X is using Grok to publish AI-generated news summaries

The best gifts to upgrade your grad’s tech setup

​​You can get these reports delivered daily direct to your inbox. Subscribe right here!

Carbon dioxide removal plans may not be enough to meet Paris treaty goals There’s a gap between plans and what’s needed.

New research conducted by the University of East Anglia (UEA) suggests current carbon removal plans will not be enough to comply with Paris treaty goals to limit global warming to 1.5C. There’s a gap of up to 3.2 billion tons of carbon dioxide (CO2) between current global plans to remove carbon from the atmosphere and what’s needed to avoid the worst impacts of global warming. The study says a rapid reduction in emissions is far more important than where to stuff the CO2 already around.

Continue reading.

Google bans ads for deepfake porn apps and services Or it will on May 30.

Google has updated its Inappropriate Content Policy to expressly prohibit advertisers from promoting websites and services that generate deepfake pornography. There are already restrictions in place for ads that feature some types of sexual content, but this aims squarely at “synthetic content that has been altered or generated to be sexually explicit or contain nudityThe company will start implementing the rule on May 30, giving advertisers the chance to remove any ad in violation of the new policy.

Continue reading.

Nintendo blitzes GitHub with over 8,000 takedown requests They’re aimed at emulators. Engadget

Nintendo sent a Digital Millennium Copyright Act (DMCA) notice for over 8,000 GitHub repositories hosting code from the Yuzu Switch emulator. You might recall the games maker said Yuzu was enabling “piracy at a colossal scale.” Redacted entities representing Nintendo assert the Yuzu source code “illegally circumvents Nintendo’s technological protection measures and runs illegal copies of Switch games.” This is all happening as game emulators enjoy a resurgence. Last month, Apple loosened its restrictions on retro game players in the App Store. However, the more earnest reasons for emulation (archiving a history of gaming that could otherwise be lost; playing games no longer in circulation) evaporate when you’re doing it for a free copy of Tears of the Kingdom.

Continue reading.

This article originally appeared on Engadget at https://www.engadget.com/the-morning-after-the-verdict-on-the-rabbit-r1-111538948.html?src=rss

Enlarge / Boeing's Starliner spacecraft is lifted to be placed atop an Atlas V rocket for its first crewed launch. (credit: United Launch Alliance)

NASA's senior leaders in human spaceflight gathered for a momentous meeting at the agency's headquarters in Washington, DC, almost exactly ten years ago.

These were the people who, for decades, had developed and flown the Space Shuttle. They oversaw the construction of the International Space Station. Now, with the shuttle's retirement, these princely figures in the human spaceflight community were tasked with selecting a replacement vehicle to send astronauts to the orbiting laboratory.

Boeing was the easy favorite. The majority of engineers and other participants in the meeting argued that Boeing alone should win a contract worth billions of dollars to develop a crew capsule. Only toward the end did a few voices speak up in favor of a second contender, SpaceX. At the meeting's conclusion, NASA's chief of human spaceflight at the time, William Gerstenmaier, decided to hold off on making a final decision.

Read 47 remaining paragraphs | Comments

Enlarge / When you're a legendary F1 designer like Adrian Newey, it's easy to persuade the team to let you have a go in one of your own creations. (credit: Andrew Hone/Getty Images for Red Bull)

In Formula 1, the car isn't quite everything, but ultimately, how well the team's designers did their job creating a racing car is a more important factor in a team's success on track than how good their drivers are. It's not that F1 drivers don't matter, but even the best driver on the grid will struggle to earn points if they're not in a competitive car.

One designer has been responsible for creating competitive cars more than any other, penning 12 championship-winning cars in 32 years. His name is Adrian Newey, and this week, we discovered he's looking for a new job.

As in other sports, F1's "silly season" is what they call that time period when contracts are up and people are switching to new teams; it's named as such because it's what happens when there's no real news to report but you need a story anyway.

Read 12 remaining paragraphs | Comments

The long-awaited fourth season of the Prime Video series, The Boys, premieres on June 13, 2024

Last summer's Hollywood strikes delayed a number of releases, among them the fourth season of Prime Video's The Boys. We're longtime fans of this incredibly violent, darkly funny anti-homage to superheroes, and thus are thrilled to see there's finally an official trailer for S4. It's filled with the bloody mayhem we've come to expect from the show, as well as a tantalizing glimpse of the chief villain, Homelander (Antony Starr), performing in what appears to be an ice skating extravaganza.

(Spoilers for prior seasons below, especially S3.)

As I've written previously, the show is based on the comic book series of the same name by Garth Ennis and Darick Robertson. The Boys is set in a fictional universe where superheroes are real but are corrupted by corporate interests and a toxic celebrity-obsessed culture. The most elite superhero group is called the Seven, operated by the Vought Corporation, which created the supes with a substance called Compound V. The Seven is headed up by Homelander, a violent and unstable psychopath disguised as the All-American hero. Homelander's counterpart as the head of the titular "Boys" is Billy Butcher (Karl Urban), a self-appointed vigilante intent on checking the bad behavior of the Seven—especially Homelander, who brutally raped Butcher's wife, Becca (Shantel VanSanten), unknowingly fathering a son, Ryan, in the process..

Read 8 remaining paragraphs | Comments

"No one is safe from the truth" in new trailer for The Acolyte.

It's Star Wars Day, and to mark the occasion, Disney+ has dropped a new trailer for Star Wars: The Acolyte. As previously reported, a long time ago, in a galaxy far, far away, the Galactic Republic and its Jedi masters symbolized the epitome of enlightenment and peace. Then came the inevitable downfall and outbreak of war as the Sith, who embraced the Dark Side of the Force, came to power. Star Wars: The Acolyte will explore those final days of the Republic as the seeds of its destruction were sown.

The eight-episode series was created by Leslye Headland. It's set at the end of the High Republic Era, about a century before the events of The Phantom Menace. Apparently Headland rather cheekily pitched The Acolyte as "Frozen meets Kill Bill." She drew on wuxia martial arts films for inspiration, much like George Lucas was originally inspired by Westerns and the samurai films of Akira Kurosawa. Per the official premise:

In Star Wars: The Acolyte, an investigation into a shocking crime spree pits a respected Jedi Master (Lee Jung-jae) against a dangerous warrior from his past (Amandla Stenberg). As more clues emerge, they travel down a dark path where sinister forces reveal all is not what it seems…

In addition to Lee (best known from Squid Game) and Stenberg (Rue in The Hunger Games), the cast includes Manny Jacinto (Jason on The Good Place) as a former smuggler named Qimir; Dafne Keen (Logan, His Dark Materials) as a young Jedi named Jecki Lon; Carrie-Ann Moss (Trinity in The Matrix trilogy) as a Jedi master named Indara; Jodie Turner-Smith (After Yang) as Mother Aniseya, who leads a coven of witches; Rebecca Henderson (Russian Doll) as a Jedi knight named Vernestra Rwoh; and Charlie Bennet (Russian Doll) as a Jedi named Yord Fandar.

In addition, Abigail Thorn plays Ensign Eurus, while Joonas Suotamo plays a Wookiee Jedi master named Kelnacca. Suotamo portrayed Chewbacca in the sequel trilogy of films (Episodes VII-IX) and in Solo: A Star Wars Story. Also appearing in as-yet-undisclosed roles are Dean-Charles Chapman, Amy Tsang, and Margarita Levieva.

The first trailer dropped in March, in which we saw young padawans in training; Indara battling a mysterious masked figure; learned that somebody is out there killing Jedi; and were told that there is a growing sense of darkness. This latest trailer reinforces those themes. The assassin, Mae (Stenberg), once trained with Master Sol (Lee), and he thinks he should be the one to bring her in—although Master Vernestra correctly suspects Mae's killings are a small part a larger plan, i.e, the eventual return of the Sith.

Read 2 remaining paragraphs | Comments

Threads is giving users more control over who can quote their posts (as in, reposting with commentary). If you don’t want just anyone to be able to quote your posts, you now have the option to allow only people you follow to do so. Or, you can make it so no one can quote your posts at all. Head of Instagram Adam Mosseri announced the update this weekend, saying he hopes it will “help keep Threads a more positive place.” The platform tested the feature among a group of Threads users last month, but it’s now rolling out to everyone.

Threads, which now has over 150 million monthly users, has been slowly adding more features to improve safety and the overall user experience, borrowing some tools from Instagram. Last month, it introduced the Hidden Words feature, so users can designate certain terms that they want to be filtered out of their feeds. Threads also recently started testing options for archiving posts, either manually or automatically after a chosen expiration date.

This article originally appeared on Engadget at https://www.engadget.com/threads-now-lets-you-control-who-can-quote-your-posts-184754374.html?src=rss

Parrots are innately social creatures. In captivity, where they typically don’t have a flock to interact with, that can present some real challenges for keeping them happy and healthy. But recent research suggests technology may be able to help them meet more of their social needs. A new (very small) study led by researchers at the University of Glasgow and Northeastern University compared parrots’ responses when given the option to video chat with other birds via Meta's Messenger versus watching pre-recorded videos. And it seems they’ve got a preference for real-time conversations.

The research builds on findings from a series of small studies over the last few years, including one in which the team trained pet parrots to make video calls to each other (with human assistance) and another where they were taught to play tablet games. In the latest, nine parrot owners were given tablets to set up for their pets, who were then observed over a period of six months. During that time, the parrots — who’d been introduced to each other at the beginning over video chat — were able to engage in calls amongst themselves of up to three hours long over a total of 12 sessions. Half of these sessions featured pre-recorded videos, while the other half were live Messenger video chats.

Their caregivers, who recorded the sessions, reported that the birds seemed more engaged during the live interactions. They initiated more calls in those scenarios, and spent more time on average engaging with the birds on the other end. 

In each session, the parrots were allowed to make up to two calls, and the researchers found that those chatting over Messenger hit this limit 46 percent of the time, compared to almost half that when they were watching pre-recorded videos. Overall, they spent a combined 561 minutes video-chatting on Messenger compared to just 142 minutes watching the pre-recorded videos.

“The appearance of ‘liveness’ really did seem to make a difference to the parrots’ engagement with their screens,” said Dr. Ilyena Hirskyj-Douglas, though noting that further study would be needed before definite conclusions can be drawn. “Their behavior while interacting with another live bird often reflected behaviors they would engage in with other parrots in real life, which wasn’t the case in the pre-recorded sessions.” Still, the caregivers mostly reported that the live and pre-recorded calls both seemed to have a positive impact on the birds.

“The internet holds a great deal of potential for giving animals agency to interact with each other in new ways, but the systems we build to help them do that need to be designed around their specific needs and physical and mental abilities,” said Dr. Hirskyj-Douglas. “Studies like this could help to lay the foundations of a truly animal-centered internet.”

This article originally appeared on Engadget at https://www.engadget.com/parrots-in-captivity-seem-to-enjoy-video-chatting-with-their-friends-on-messenger-165911437.html?src=rss

Google has updated its Inappropriate Content Policy to include language that expressly prohibits advertisers from promoting websites and services that generate deepfake pornography. While the company already has strong restrictions in place for ads that feature certain types of sexual content, this update leaves no doubt that promoting "synthetic content that has been altered or generated to be sexually explicit or contain nudity" is in violation of its rules. 

Any advertiser promoting sites or apps that generate deepfake porn, that show instructions on how to create deepfake porn and that endorse or compare various deepfake porn services will be suspended without warning. They will no longer be able to publish their ads on Google, as well. The company will start implementing this rule on May 30 and is giving advertisers the chance to remove any ad in violation of the new policy. As 404 Media notes, the rise of deepfake technologies has led to an increasing number of ads promoting tools that specifically target users wanting to create sexually explicit materials. Some of those tools reportedly even pretend to be wholesome services to be able to get listed on the Apple App Store and Google Play Store, but it's masks off on social media where they promote their ability to generate manipulated porn. 

Google has, however, already started prohibiting services that create sexually explicit deepfakes in Shopping ads. Similar to its upcoming wider policy, the company has banned Shopping ads for services that "generate, distribute, or store synthetic sexually explicit content or synthetic content containing nudity. " Those include deepfake porn tutorials and pages that advertise deepfake porn generators. 

This article originally appeared on Engadget at https://www.engadget.com/google-prohibits-ads-promoting-websites-and-apps-that-generate-deepfake-porn-130059324.html?src=rss