NASA has achieved a technological milestone, announcing the International Space Station’s Environmental Control and Life Support System (ECLSS) is now recycling 98 percent of all water astronauts bring onboard. Advanced dehumidifiers capture moisture from the station’s crew breaths and sweats, while urine processor assembly recovers water from astronauts’ urine through vacuum distillation.
According to NASA, the distillation process produces water and a urine brine that still contains reclaimable H20. Now, a new device can extract the remaining water in the brine, increasing the water recovery rate from 93 to 98 percent. If the idea is making you gag, it shouldn’t, says Jill Williamson, NASA’s ECLSS water subsystems manager. “The crew is not drinking urine; they are drinking water that has been reclaimed, filtered and cleaned such that it is cleaner than what we drink here on Earth.” I'll pass.
– Mat Smith
The Morning After isn’t just a newsletter – it’s also a daily podcast. Get our daily audio briefings, Monday through Friday, by subscribing right here.
Google is looking at online games as a new source of income for YouTube, according to a report by The Wall Street Journal. The video hosting platform has reportedly invited employees to test a new product called Playables, which gives users access to online games right on YouTube. Users can play them on the YouTube website on a browser or through the app, on an Android or an iOS phone. While the report insinuates there are currently several games available for testing, it only mentioned Stack Bounce, an ad-supported arcade game that gets players to smash layers of bricks with a bouncing ball. (It’s not exactly Elden Ring.) Playables could be more akin to Netflix's gaming product, which gives paying users access to casual games on mobile.
When we previewed the Vision Pro in early June, the prototype unit featured an extra Velcro strap not seen in any of Apple’s promotional material. At the time, a company spokesperson said the handset would support additional straps if necessary.
According to Bloomberg’s Mark Gurman, Apple created the strap, which goes over the wearer’s head, after some employees complained the Vision Pro felt “too heavy” after a couple of hours of use. In a move Apple has made a fewtimes in the past with other products, the company is now reportedly considering selling the strap as an optional accessory rather than including it in the box.
The Vision Pro could arrive as late as May 2024, and Gurman says the company has already reassigned some employees to work on a more affordable headset and a second-generation Vision Pro.
The Moto Razr+, a foldable phone like a standard 6.9-inch handset when open, has a large 3.6-inch screen closed. That addresses one of the most common complaints about the Galaxy Z Flip 4 — the size of its cover display. The Razr+, meanwhile, pretty much runs full Android with some tweaks.
However, anyone thinking of getting the Razr+ should probably wait. Samsung has announced its next Galaxy Unpacked will be in Korea in late July, when it’s widely expected to launch new foldables. If you can hold off, it’s worth seeing what the next Z Flip will offer before picking your next-gen flip phone.
This article originally appeared on Engadget at https://www.engadget.com/the-morning-after-nasa-is-recycling-98-percent-of-astronaut-pee-on-the-iss-into-drinkable-water-111541147.html?src=rss
Pokémon might be a Japanese franchise, but, like people around the world, South Korean conglomerate Samsung continues to show a kinship to the series with its latest Pokémon-themed products. The electronics company has announced the release of its new Pokémon Packs, with three new Galaxy Buds 2 cases designed to look like Jigglypuff, Ditto and Snorlax. Along with the adorable case, the packs feature corresponding stickers and a choice of the Galaxy Buds 2 for KRW 129,000 ($99) or the Galaxy Buds 2 Pro for KRW 199,000 ($152).
Samsung had started off this series of sorts with a classic option, launching Poké Ball cases for its Galaxy Buds 2 Pro and standard edition headphones in May 2022. The limited edition item sold out within an hour, so it's no surprise the company wanted to release a few more Pokémon-themed options. The Pokémon edition of Samsung's Galaxy Z Flip 3 foldable smartphone had a similar response, with the KRW 1,280,000 ($979) device selling out within minutes.
The Galaxy Watch 5 and the Galaxy Z Flip 4 smartphone have also previously gotten the Pokémon treatment courtesy of a Poké Ball-covered watch strap and phone case. As for Jigglypuff, Ditto and Snorlax, these adorable cases are only available in Samsung's native South Korea and, like the Poké Ball edition, probably on eBay soon.
This article originally appeared on Engadget at https://www.engadget.com/samsungs-latest-pokemon-themed-galaxy-buds-are-too-cute-105522706.html?src=rss
Aston Martin plans to build "ultra-luxury high-performance" EVs using Lucid's electric motors, batteries and other technology, Lucid announced in a press release. It's the first deal for Lucid to supply parts to other automakers — much like Rimac, which itself developed batteries and other components for Aston Martin, along with Koenigsegg and others. Lucid recently released its own debut electric car, the Air, in multiple versions starting at around $87,400.
"The supply agreement with Lucid is a game changer for the future EV-led growth of Aston Martin," said Aston Martin executive chairman Lawrence Stroll. "Based on our strategy and requirements, we selected Lucid, gaining access to the industry's highest performance and most innovative technologies for our future BEV products."
Aston Martin said it selected Lucid through a "competitive process" and will use Lucid's proprietary electric powertrain technology, including its ultra-high performance twin motor drive unit, battery technology, and onboard "Wunderbox" charging unit. The technology will allow for features like torque vectoring, heat exchanger tech and a battery system upgraded for higher power.
In 2020, Aston Martin scrapped plans to manufacture an all-electric Rapide E, saying it wouldn't release any EVs until it's "financially stable." Stroll, a Canadian billionaire who also owns the Aston Martin F1 team, took a 25 percent ownership in Aston Martin back in 2020. Mercedes-Benz, meanwhile, currently owns 9.4 percent of Aston Martin, and previously said it plans to increase that to 20 percent by 2023.
As part of that deal, Mercedes-Benz granted Aston Martin access to its hybrid and electric powertrains, but it's not clear how Lucid and Mercedes will interact. Aston Martin's F1 team currently uses a Mercedes-Benz power unit, though it plans to switch to Honda in 2026. "Along with Mercedes-Benz, we now have two world-class suppliers [with Lucid] to support the internal development and investments we are making to deliver our electrification strategy," Stroll said.
Rimac has supplied technology, including a lightweight battery system, to Aston Martin's 1,160 HP Valkyrie hypercar. Back in 2015, Aston Martin joined forces with LeEco to build an electric version of the Rapide, but LeEco bowed out with its own financial issues. To complete the circle, LeEco originally had a stake in Lucid, but founder Jia Yueting was forced to sell it due to a liquidity crisis.
This article originally appeared on Engadget at https://www.engadget.com/lucid-will-power-aston-martins-future-evs-101040684.html?src=rss
Users in Canada are once again serving as involuntary first adopters of Netflix's new policies. Following its February decision to charge more for account sharing between houses in the country, the streamer has now announced its basic plan will no longer be an option for Canada's subscribers, The Winnipeg Free Press reports.
Anyone already on a basic plan doesn't have to worry about being kicked off it, but if they choose to move to another option or close their account, they can't get back on that tier. New users can no longer choose the basic option, while current subscribers on other plans will lose the opportunity to switch over "in the near future." In Canada, the basic tier is $9.99 (CAD) per month, while the basic with ads tier is $5.99, the standard is $16.49 and the premium is $20.99.
After claiming it would never offer an ad-supported option, Netflix did just that in November 2022, launching the new tier in Canada, the US and ten other countries. Now with the decision to remove its basic option, the streamer is pushing more of its customers towards an ad-filled viewing experience. The rationale is simple: Ad-supported plans can be highly beneficial to Netflix's bottom line. In the first quarter of 2023, across the US, Netflix saw its basic with ads tier bring in more money per user than its standard plan. This dichotomy held even though its ad tier is $6.99, compared to its standard plan costing $15.49.
There's no indication that Netflix will remove the basic tier in the US anytime soon, but if you want to avoid paying more or watching ads, now might be the time to pick it. In the US, the basic plan is $9.99, and the premium is $19.99.
This article originally appeared on Engadget at https://www.engadget.com/netflix-is-removing-its-basic-plan-in-canada-092535002.html?src=rss
Despite our intrinsic distrust of AI in space taught to us by movies like 2001: A Space Odyssey ("I'm afraid I can't do that, Dave"), it offers large advantages to both manned and unmanned missions. To that end, NASA is developing a system that will allow astronauts to perform maneuvers, conduct experiments and more using a natural-language ChatGPT-like interface, The Guardian reported.
"The idea is to get to a point where we have conversational interactions with space vehicles and they [are] also talking back to us on alerts, interesting findings they see in the solar system and beyond," said Dr. Larissa Suzuki, speaking at an IEEE meeting on next-gen space communication. "It's really not like science fiction anymore."
NASA aims to deploy the system on its Lunar Gateway, a space station that will orbit the Moon and provide support for NASA's Artemis mission. It would use a natural language interface that allows astronauts to seek advice on experiments or conduct maneuvers without diving into complex manuals.
On a dedicated page soliciting small business support for Lunar Gateway, NASA wrote that it would require AI and machine learning technologies to manage various systems when it's unoccupied as well. Those include autonomous operations of science payloads, data transmission prioritization, autonomous operations, health management of Gateway and more.
For instance, Suzuki outlined a scenario in which the system would automatically fix data transmission glitches and inefficiencies, along with other types of digital outages. "We cannot send an engineer up in space whenever a space vehicle goes offline or its software breaks somehow," she said.
This article originally appeared on Engadget at https://www.engadget.com/nasa-is-creating-a-chatgpt-like-assistant-for-astronauts-081903604.html?src=rss
The New York City Department of Education has become the latest organization to disclose it had private data stolen as part of the far-reaching MOVEit file transfer software hack. In an email sent to parents on Sunday, the agency said the personal information of approximately 45,000 students, including in some cases social security numbers and birth dates, had recently been compromised. The Education Department said the personal information of staff was also accessed but did not share how many teachers and other personnel were affected.
“The safety and security of our students and staff, including their personal information and data, is of the utmost importance for the New York City Department of Education. Our top priority is determining exactly which confidential information was exposed, and the specific impact for each affected individual,” the department said Sunday. “When that determination is made, we will begin preparing notifications to individuals whose confidential information was compromised. Along with the notification, individuals will be offered access to an identity monitoring service.”
The Education Department is one of many organizations affected by the MOVEit hack. Clop, a ransomware gang with suspected pro-Russian ties, claimed responsibility for the cyberattack in early June. The group took advantage of a zero-day vulnerability in the enterprise file transfer software to breach the servers of “hundreds of companies,” including the largest US pension fund. The scale of the New York City Department of Education breach is small compared to some of the other victims caught up in the hack but is notable for including the personal information of minors. In an interview with Bleeping Computer, the Clop gang claimed it would erase any data it obtained from governments, the military and children’s hospitals. It’s unclear if the group includes student data in that final category.
This article originally appeared on Engadget at https://www.engadget.com/clop-ransomware-gang-obtained-personal-data-of-45000-new-york-city-students-in-moveit-hack-204655820.html?src=rss
NASA has achieved a technological milestone that could one day play an important role in missions to the Moon and beyond. This week, the space agency revealed (via Space.com) that the International Space Station’s Environmental Control and Life Support System (ECLSS) is recycling 98 percent of all water astronauts bring onboard the station. Functionally, you can imagine the system operating in a way similar to the Stillsuits described in Frank Herbert’s Dune. One part of the ECLSS uses “advanced dehumidifiers” to capture moisture the station’s crew breaths and sweat out as they go about their daily tasks.
Another subsystem, the imaginatively named “Urine Processor Assembly,” recovers what astronauts pee with the help of vacuum distillation. According to NASA, the distillation process produces water and a urine brine that still contains reclaimable H20. The agency recently began testing a new device that can extract what water remains in the brine, and it’s thanks to that system that NASA observed a 98 percent water recovery rate on the ISS, where previously the station was recycling about 93 to 94 percent of the water astronauts were bringing aboard.
“This is a very important step forward in the evolution of life support systems,” said NASA’s Christopher Brown, who is part of the team that manages the International Space Station’s life support systems. “Let’s say you collect 100 pounds of water on the station. You lose two pounds of that and the other 98 percent just keeps going around and around. Keeping that running is a pretty awesome achievement.”
If the thought of someone else drinking their urine is causing you to gag, fret not. “The processing is fundamentally similar to some terrestrial water distribution systems, just done in microgravity,” said Jill Williamson, NASA’s ECLSS water subsystems manager. “The crew is not drinking urine; they are drinking water that has been reclaimed, filtered, and cleaned such that it is cleaner than what we drink here on Earth.”
According to Williamson, systems like the ECLSS will be critical as NASA conducts more missions beyond Earth's orbit. “The less water and oxygen we have to ship up, the more science that can be added to the launch vehicle,” Williamson said. “Reliable, robust regenerative systems mean the crew doesn’t have to worry about it and can focus on the true intent of their mission.”
This article originally appeared on Engadget at https://www.engadget.com/nasa-is-recycling-98-percent-of-astronaut-pee-and-sweat-on-the-iss-into-drinkable-water-184332789.html?src=rss
If you had hoped to play Diablo IVthis weekend, it appears someone is intent on ruining those plans. Since at least the early hours of Sunday morning, Blizzard's Battle.net online service has been the target of an apparent DDoS attack, making it difficult, if not impossible, to play Diablo IV,World of Warcraft and other Blizzard titles. "We continue to actively monitor an ongoing DDoS attack which is affecting latency/connections to our games," Blizzard's customer support account tweeted at 10:24AM after it originally said it was investigating an authentication issue.
As of 12:30PM ET, the issue appears to be unresolved. "We are currently experiencing a DDoS attack, which may result in high latency and disconnections for some players," states a notification that appears when you launch Battle.net on PC. "We are actively working to mitigate this issue." When I tried to log into Diablo IV, I was briefly able to play the game before I was disconnected. Over on Reddit, some players report they haven't been able to play Blizzard's latest for at least 10 to 12 hours. At the very least, you can bet this incident will likely renew calls for Blizzard to add an offline mode to Diablo IV.
[#Bnet] We continue to actively monitor an ongoing DDOS attack which is affecting latency/connections to our games.
— Blizzard CS - The Americas (@BlizzardCS) June 25, 2023
This article originally appeared on Engadget at https://www.engadget.com/diablo-iv-and-other-blizzard-games-are-down-due-to-a-ddos-attack-164231957.html?src=rss
When Engadget Senior Editor Devindra Hardawar previewed the Vision Pro in early June, the prototype unit he tried featured an extra velcro strap not seen in any of Apple’s promotional material. At the time, a company spokesperson told him that the handset would support additional straps if necessary.
According to Bloomberg’s Mark Gurman, Apple created the strap, which goes over the wearer’s head, after some employees complained the Vision Pro felt “too heavy” after a couple of hours of use. In a move that feels reminiscent of the company’s decision to sell the Pro Display XDR’s stand as a separate $999 purchase, Apple is reportedly considering selling the strap as an optional accessory rather than including it in the box.
Perhaps that shouldn’t come as a surprise seeing as Apple said Vision Pro would “start” at $3,499 when it arrives in 2024, but considering most previews mentioned the headset's weight as a potential concern, it feels strange to hear the company won't go out of its way to ensure consumers have a comfortable experience out of the box.
Given the Vision Pro’s hefty price, you might think the company will market the device only to developers, but Apple seems intent on selling it to consumers as well. Gurman reports the company plans to create dedicated areas within its retail stores where people will have the chance to demo the device. He adds Apple has developed an iPhone app that its retail workers will use to scan a customer’s face so that they can ensure the person leaves the store with the correctly sized bands and light seal for their headset.
With the Vision Pro not slated to go on sale until early next year, the headset could arrive as late as May 2024, giving Apple almost a year to alter its plans. In the meantime, Gurman says the company has already reassigned some employees to work on a more affordable headset and a second-generation Vision Pro.
This article originally appeared on Engadget at https://www.engadget.com/apples-vision-pro-headset-may-not-come-with-a-top-strap-in-the-box-160601556.html?src=rss
As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet. Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers are able to swamp game servers and prevent players from logging on for hours or days at a time. The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any Tom, Dick, and Script-kiddie rental access to the same power.
It's a big internet out there, and bad actors are plentiful. There are worse things than spammers and scammers swimming in the depths of the Dark Web. In his new book, Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks, Dr. Scott J Shapiro, Professor of Law and Philosophy at Yale Law School traces the internet's illicit history through five of the biggest attacks on digital infrastructure ever recorded.
Not all Denial of Service attacks use botnets. In 2013, the Syrian Electronic Army (SEA)—the online propaganda arm of the brutal Bashar al-Assad regime—hacked into Melbourne IT, the registrar that sold the nytimes.com domain name to The New York Times. The SEA altered the DNS records so that nytimes.com pointed to SEA’s website instead. Because Melbourne IT contained the authoritative records for the Times’ website, the unauthorized changes quickly propagated around the world. When users typed in the normal New York Times domain name, they ended up at a murderous organization’s website.
Conversely, not all botnets launch Denial of Service attacks. Botnets are, after all, a collection of many hacked devices governed by the attacker remotely, and those bots can be used for many purposes. Originally, botnets were used for spam. The Viagra and Nigerian Prince emails that used to clutter inboxes were sent from thousands of geographically distributed zombie computers. In these cases, the attacker reaches out to their army of bots, commanding them to send tens of thousands of emails a day. In 2012, for example, the Russian Grum botnet sent over 18 billion spam emails a day from 120,000 infected computers, netting its botmaster $2.7 million over three years. Botnets are excellent spam infrastructure because it’s hard to defend against them. Networks usually use “block lists”: lists of addresses that they will not let in. To block a botnet, however, one would have to add the addresses of thousands of geographically disbursed servers to the list. That takes time and money.
Because the malware we have seen up till now — worms, viruses, vorms, and wiruses.— could not work together, it was not useful for financially motivated crime. Botnet malware, on the other hand, is because the botnets it creates are controllable. Botmasters are capable of issuing orders to each bot, enabling them to collaborate. Indeed, botnet malware is the Swiss Army knife of cybercrime because botmasters can tell bots in their thrall to implant malware on vulnerable machines, send phishing emails, or engage in click fraud allowing botnets to profit from directing bots to click pay-per-click ads. Click fraud is especially lucrative, as Paras Jha would later discover. In 2018, the ZeroAccess botnet could earn $100,000 a day in click fraud. It commanded a million infected PCs spanning 198 countries, including the island nation of Kiribati and the Himalayan Kingdom of Bhutan.
Botnets are great DDoS weapons because they can be trained on a target. One day in February 2000, the hacker MafiaBoy knocked out Fifa.com, Amazon.com, Dell, E*TRADE, eBay, CNN, as well as Yahoo!, then the largest search engine on the internet. He overpowered these web servers by commandeering computers in forty-eight different universities and joining them together into a primitive botnet. When each sent requests to the same IP address at the same time, the collective weight of the requests crashed the website.
After taking so many major websites off-line, MafiaBoy was deemed a national security threat. President Clinton ordered a countrywide manhunt to find him. In April 2000, MafiaBoy was arrested and charged, and in January 2001 he pled guilty to fifty-eight charges of Denial of Service attacks. Law enforcement did not reveal MafiaBoy’s real name, as this national security threat was only fifteen years old. MafiaBoy later revealed himself to be Michael Calce. “You know I’m a pretty calm, collected, cool person,” Calce reported. “But when you have the president of the United States and attorney general basically calling you out and saying, ‘We’re going to find you’ . . . at that point I was a little bit worried.” Calce now works in the cybersecurity industry as a white hat — a good hacker, as opposed to a black hat, after serving five months in juvenile detention.
Both MafiaBoy and the VDoS crew were adolescent boys who crashed servers. But whereas MafiaBoy did it for the lulz, VDoS did it for the money. Indeed, these teenage Israeli kids were pioneering tech entrepreneurs. They helped launch a new form of cybercrime: DDoS as a service. DDoS as a service is a subscription-based model that gives subscribers access to a botnet to launch either a daily quota or unlimited attacks, depending on the price. DDoS providers are known as booter services or stressor services. They come with user-friendly websites that enable customers to choose the type of account, pay for subscriptions, check status of service, launch attacks, and receive tech support.
VDoS advertised their booter service on Hack Forums, the same site on which, according to Coelho, Paras Jha spent hours. On their website, www.vdos-s.com, VDoS offered the following subscription services: Bronze ($19.99/month), Silver ($29.99/month), Gold ($39.99/month), and VIP ($199.99/month) accounts. The higher the price, the more attack time and volume. At its peak in 2015, VDoS had 1,781 subscribers. The gang had a customer service department and, for a time, accepted PayPal. From 2014 to 2016, VDoS earned $597,862, and it launched 915,287 DDoS attacks in one year.
VDoS democratized DDoS. Even the most inexperienced user could subscribe to one of these accounts, type in a domain name, and attack its website. “The problem is that this kind of firepower is available to literally anyone willing to pay thirty dollars a month,” Allison Nixon, director of security research at business-risk-intelligence firm Flashpoint, explained. “Basically what this means is that you must have DDoS protection to participate on the internet. Otherwise, any angry young teenager is going to be able to take you off-line in a heartbeat.” Even booter services need DDoS protection. VDoS hired Cloudflare, one of the largest DDoS mitigation companies in the world.
DDoS as a service was following a trend in cybercrime known as “malware as a service.” Where users had once bought information about software vulnerabilities and tried to figure out how to exploit those vulnerabilities themselves, or had bought malicious software and tried to figure out how to install and execute it, they could now simply pay for the use of malware and hack with the click of a button, no technical knowledge required.
Because customers who use DDoS as a service are inexperienced, they are particularly vulnerable to scams. Fraudsters often advertise booter services on public discussion boards and accept orders and payment, but do not launch the promised attacks. Even VDoS, which did provide DDoS service, did so less aggressively than advertised. When tested by Flashpoint, VDoS botnet never hit the promised fifty gigabits/second maximum, ranging instead from six to fourteen gigabits/second.
The boards that advertise booter services, as Hack Forums once did, are accessible to anyone with a standard browser and internet connection. They exist on the Clear Web, not on the so-called Dark Web. To access sites on the Dark Web you must use a special network, known as Tor, typically using a special browser known as the Tor Browser. When a user tries to access a website on the Dark Web, the Tor Browser does not request web pages directly. It chooses three random sites—known as nodes—through which to route the request. The first node knows the original sender, but not the ultimate destination. The second node knows neither the original source nor the ultimate destination—it recognizes only the first node and the third node. The third node knows the ultimate destination, but not the original sender. In this way, the sender and receiver can communicate with each other without either knowing the other’s identity.
The Dark Web is doubly anonymous. No one but the website owner knows its IP address. No one but the visitor knows that they are accessing the website. The Dark Web, therefore, tends to be used by political dissidents and cybercriminals—anyone who needs total anonymity. The Dark Web is legal to browse, but many of its websites offer services that are illegal to use. (Fun fact: the U.S. Navy created the Dark Web in the mid-1990s to enable their intelligence agents to communicate confidentially.)
It might be surprising that DDoS providers could advertise on the Clear Web. After all, DDoS-ing another website is illegal everywhere. In the United States, one violates the Computer Fraud and Abuse Act if one “knowingly causes the transmission of a program, information, code, or command, and as a result of such conduct, intentionally causes damage without authorization,” where damage includes “any impairment to the . . . availability of data, a program, a system, or information.” To get around this, booter services have long argued they perform a legitimate “stressor” function, providing those who set up web pages a means to stress test websites. Indeed, booter services routinely include terms of service that prohibit attacks on unauthorized sites and disclaim all responsibility for any such attacks.
In theory, stressor sites play an important function. But only in theory. Private chats between VDoS and its customers indicated that they were not stressing their own websites. As a booter service provider admitted to Cambridge University researchers, “We do try to market these services towards a more legitimate user base, but we know where the money comes from.”
This article originally appeared on Engadget at https://www.engadget.com/hitting-the-books-how-hackers-turned-cybercrime-into-a-commercial-service-153050866.html?src=rss
