Three critical vulnerabilities in multiple virtual-machine products from VMware can give hackers unusually broad access to some of the most sensitive environments inside multiple customers’ networks, the company and outside researchers warned Tuesday.

The class of attack made possible by exploiting the vulnerabilities is known under several names, including hyperjacking, hypervisor attack, or virtual machine escape. Virtual machines often run inside hosting environments to prevent one customer from being able to access or control the resources of other customers. By breaking out of one customer’s isolated VM environment, a threat actor could take control of the hypervisor that apportions each VM. From there, the attacker could access the VMs of multiple customers, who often use these carefully controlled environments to host their internal networks.

All bets off

“If you can escape to the hypervisor you can access every system,” security researcher Kevin Beaumont said on Mastodon. “If you can escape to the hypervisor, all bets are off as a boundary is broken.” He added: “With this vuln you’d be able to use it to traverse VMware managed hosting providers, private clouds orgs have built on prem etc.”

Read full article

Comments

There's little that Internet denizens love more than a snazzy personality test—cat videos, maybe, or perpetual outrage. One trend that has gained popularity over the last several years is personality quizzes based on so-called ambiguous images—in which one sees either a young girl or an old man, for instance, or a skull or a little girl. It's possible to perceive both images by shifting one's perspective, but it's the image one sees first that is said to indicate specific personality traits. According to one such quiz, seeing the young girl first means you are optimistic and a bit impulsive, while seeing the old man first would mean one is honest, faithful, and goal-oriented.

But is there any actual science to back up the current fad? There is not, according to a paper published in the journal PeerJ, whose authors declare these kinds of personality quizzes to be a new kind of psychological myth. That said, they did find a couple of intriguing, statistically significant correlations they believe warrant further research.

In 1892, a German humor magazine published the earliest known version of the "rabbit-duck illusion," in which one can see either a rabbit or a duck, depending on one's perspective—i.e., multistable perception. There have been many more such images produced since then, all of which create ambiguity by exploiting certain peculiarities of the human visual system, such as playing with illusory contours and how we perceive edges.

Read full article

Comments

Apple reportedly filed an appeal in hopes of overturning a secret UK order requiring it to create a backdoor for government security officials to access encrypted data.

"The iPhone maker has made its appeal to the Investigatory Powers Tribunal, an independent judicial body that examines complaints against the UK security services, according to people familiar with the matter," the Financial Times reported today. The case "is believed to be the first time that provisions in the 2016 Investigatory Powers Act allowing UK authorities to break encryption have been tested before the court," the article said.

A Washington Post report last month said UK security officials "demanded that Apple create a backdoor allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud," including "blanket capability to view fully encrypted material."

Read full article

Comments

Google's AI ambitions know no bounds. A new report claims Google's next phones will herald the arrival of a feature called Pixel Sense that will ingest data from virtually every Google app on your phone, fueling a new personalized experience. This app could be the premiere feature of the Pixel 10 series expected out late this year.

According to a report from Android Authority, Pixel Sense is the new name for Pixie, an AI that was supposed to integrate with Google Assistant before Gemini became the center of Google's universe. In late 2023, it looked as though Pixie would be launched on the Pixel 9 series, but that never happened. Now, it's reportedly coming back as Pixel Sense, and we have more details on how it might work.

Pixel Sense will apparently be able to leverage data you create in apps like Calendar, Gmail, Docs, Maps, Keep Notes, Recorder, Wallet, and almost every other Google app. It can also process media files like screenshots in the same way the Pixel Screenshots app currently does. The goal of collecting all this data is to help you complete tasks faster by suggesting content, products, and names by understanding the context of how you use the phone. Pixel Sense will essentially try to predict what you need without being prompted.

Read full article

Comments

Three NASA astronauts and a Russian cosmonaut are due to return home on a Crew Dragon spacecraft in a couple of weeks. For two of the crew members, Butch Wilmore and Suni Williams, it has been a long, strange trip.

To recap:

• Wilmore and Williams launch on the first crewed flight of Boeing's Starliner spacecraft on June 5, 2024
• During Starliner's flight to the International Space Station, the vehicle has thruster issues and helium leaks
• In August, NASA announces Starliner will return to Earth uncrewed due to unresolved technical issues
• Crew 9 mission launches with just two astronauts, NASA's Nick Hague and Russia's Aleksandr Gorbunov, in late September
• Wilmore and Williams join Crew 9, extending their flight from eight days to more than eight months
• After SpaceX experiences a development issue with a Crew Dragon, Crew 9's return is delayed a month more, to March
• In February 2025, Elon Musk and Donald Trump politicize Wilmore and Williams' long-duration stay
• When a European astronaut calls Musk out for his "lie" about this, Musk replies, "You are fully retarded."
• Musk recommends space station be deorbited as soon as 2027, three years ahead of schedule.

On Tuesday Wilmore, Williams, and Hague participated from orbit in a news conference with reporters. What is notable about the news conference is that it marks the first time any NASA official—a handful of previously scheduled media availabilities have been canceled—has been on the record with media since the politicization of Crew 9's return and Musk's call to deorbit the space station early.

Read full article

Comments

President Trump's 25 percent tariffs on Canada and Mexico took effect today, and the White House increased a tariff on China from 10 to 20 percent in an executive order. Canada, Mexico, and China announced retaliatory moves, and stock markets sank globally.

Industry groups and companies have warned the Trump tariffs will raise prices for cars, groceries, consumer technology, and other products.

Canada was hit with a 10 percent tariff on energy exports to the US, while other Canadian exports are subject to the 25 percent tariff. Prime Minister Justin Trudeau said his country would impose 25 percent tariffs on over $100 billion worth of US goods.

Read full article

Comments

It's time for Google's newest Pixel Drop update, which will deliver a batch of enhancements to the company's smartphones. Pixel Drops, which arrive quarterly, refine and expand the features on Pixel phones. This probably won't come as a surprise, but AI plays a big role in the changes rolling out to Pixels this time around. There are also some new connectivity and photography options.

A long-overdue update is coming to Google's Pixel Studio app, which is preinstalled on the Pixel 9 series. The app lets you generate AI images, but person generation was not available at launch because of well-documented problems with the Imagen 3 model's penchant for diversity. Google re-enabled person generation on the web about six months ago, but Pixel Studio is just now gaining this ability.

Google's AI will also begin butting in if it suspects a caller or message is attempting to scam you. Google says this feature (previously available as a limited beta) is not foolproof, as scammers often change up their tactics. However, it may help catch some of the less sophisticated scams that regularly ensnare your less technologically literate family and friends. This feature will be available in Google Messages with the Pixel 6 and later, but the phone call scam detection will require a Pixel 9 because it uses on-device AI features that only exist on Google's latest phones. That makes it a little less creepy.

Read full article

Comments

It's not the update that most Apple watchers were hoping for, but today, Apple announced upgrades to two of its iPads, including the standard iPad and the quirky middle child, the iPad Air.

The iPad Air moves up from an M2 in last year's Air refresh to an M3 chip, which is capable of Apple Intelligence and more graphics rendering. The Magic Keyboard gets a new layout with a larger trackpad and a physical function key row.

That's a notable upgrade for anybody doing real, portable-minded work with an iPad, but there's even better news: The new Magic Keyboard with those physical keys is backward-compatible with previous iPad Airs: 4th and 5th generation, 11-inch M2 and M3, and 13-inch M2 and M3 models (better news, that is, if you're good with the $270 price).

Read full article

Comments

Federal health policies and decisions are quickly becoming less transparent under Health Secretary Robert F. Kennedy Jr.—despite him telling Health Department employees just last month that he would work with them to "launch a new era of radical transparency."

Since then, Kennedy has axed a public meeting on vaccines—leaving lingering questions about the future of those transparent proceedings. He has also revoked a broad transparency policy for the Department of Health and Human Services (HHS) that required public notice for certain new rules and a comment period to allow for the public to be involved with the rulemaking process. Revoking the policy could have sweeping effects. For instance, HHS could now change Medicaid requirements with no notice or change federal research grants without input from the research community—something the Trump administration has already tried to do before it was put on hold by a federal judge.

Rolling back public participation

On Monday, Kennedy published the new policy in the Federal Register, which specifically revoked a transparency rule adopted by the Department of Health and Human Services (HHS) in 1971. The rule—called the Richardson Waiver, after then-Health Secretary Elliot Richardson—required HHS to have public notice-and-comment periods for proposed rules and policies regarding certain matters, namely public property, loans, grants, benefits, or contracts. These five categories would otherwise have been exempt from public notice-and-comment requirements under the Administrative Procedure Act (APA). The APA also says that public notice-and-comment periods can be waived for "good cause."

Read full article

Comments

Early on Monday morning, a bank of Tesla Superchargers went up in flames in Littleton, Massachusetts. While the cause of the fire is unknown, Tesla's Superchargers are not known for bursting into flames, and a $5,000 reward is being offered by the authorities, who believe the fire was "intentionally set." Assuming that arson is to blame, this may well be one more attack against a brand that's becoming more and more toxic.

Elon Musk's involvement with US President Donald Trump has changed the nature of the spotlight on the Tesla CEO. Instead of cute cameos in Marvel movies and being name-checked by Star Trek, Musk now makes headlines for boosting far-right politics in Europe and suggesting cuts to Social Security. This has made him some new friends, but it has lost many more in the process. And the consequences for Tesla's core business—selling electric cars—have been disastrous.

2024 was already a not-good year for the automaker. A decade ago, it was basically the only game in town if you wanted an electric car that could go more than 200 miles between charges, and celebrities and tastemakers flocked to the brand in droves. Now, customers are spoiled for choice, and Tesla's model range—effectively just two cars—has to compete against all the established OEMs that are increasingly working out how to build great EVs, plus all those Chinese startups that appear to have cracked that market in terms of what customers want and how to make it cheap.

Read full article

Comments

In the past decade, Americans have become increasingly aware that climate change is harming the health of people in the US, according to a new survey.

The survey, which was conducted in December and released Friday, also shows increased trust in physicians, climate scientists, federal agencies like the Centers for Disease Control and Prevention and the Environmental Protection Agency, local public health departments and the World Health Organization for providing information about the health harms of global warming.

These sources of information are under threat: President Donald Trump’s administration has proposed cutting most of the EPA’s budget and initiated mass firings at the CDC, taken down climate and health information from government websites, frozen or revoked funding for some climate research and interventions, stalled environmental justice initiatives, and proposed rescinding a 16-year-old federal finding that mandates government action on greenhouse gases. Trump also withdrew the US from the World Health Organization and the Paris climate accord.

Read full article

Comments

"4090 performance at $549."

That’s what Nvidia CEO Jensen Huang said of the GeForce RTX 5070 when he announced the card at CES in January. Thanks to AI, this new midrange GPU would be able to match the frame rates of what had been the fastest consumer GPU that had previously existed for around one-third the price.

Let's dispel that notion up front. No, the GeForce RTX 5070 is not as fast as an RTX 4090, not without some very creative comparing of non-comparable numbers. Per usual for the 50-series, Nvidia is leaning on its AI-generated interpolated frames for the bulk of its claimed performance improvements. In terms of actual rendering speed, the 5070 isn’t even as fast as a 4080 or a 4070 Ti. It’s barely faster than last year’s 4070 Super, and it has disproportionately higher power usage.

Read full article

Comments

Since the launch of ChatGPT in late 2022, experts have debated how widely AI language models would impact the world. A few years later, the picture is getting clear. According to new Stanford University-led research examining over 300 million text samples across multiple sectors, AI language models now assist in writing up to a quarter of professional communications. It's having a large impact, especially in less-educated parts of the United States.

"Our study shows the emergence of a new reality in which firms, consumers and even international organizations substantially rely on generative AI for communications," wrote the researchers.

The researchers tracked large language model (LLM) adoption across industries from January 2022 to September 2024 using a dataset that included 687,241 consumer complaints submitted to the US Consumer Financial Protection Bureau (CFPB), 537,413 corporate press releases, 304.3 million job postings, and 15,919 United Nations press releases.

Read full article

Comments

Striking a four-year deal with President Donald Trump, the Taiwan Semiconductor Manufacturing Co. (TSMC) plans to invest $100 billion in chip manufacturing plants in the US, sources told The Wall Street Journal.

According to "people familiar with the matter," Trump will officially announce the deal later today. While still unconfirmed, TSMC's supposed investment comes after OpenAI and Apple announced similarly vague plans to each invest $500 billion into the US in apparent efforts to get on Trump's good side. It's hard to tell if these plans are actually new or if companies had already planned to invest heavily without outside pressure, WSJ noted.

It's undeniable that expanding TSMC's US presence has long been a goal for the US. TSMC announced its first fab in 2020, initially committing $12 billion over 10 years. Since then, TSMC's investments over time have expanded, reaching $40 billion by 2022. Last year, its investments notched up again when TSMC was awarded $6.6 billion in direct funding under the CHIPS Act to "support the company’s planned investment of more than $65 billion in three greenfield leading-edge fabs in Phoenix, Arizona," the Commerce Department press release said. At that time, Joe Biden had promised those fabs would "manufacture the most advanced chips in the world," putting the US "on track to produce 20 percent of the world’s leading-edge semiconductors by 2030."

Read full article

Comments

Anthony and Joe Russo have their hands full these days with the Marvel films Avengers: Doomsday and Avengers: Secret War, slated for 2026 and 2027 releases, respectively. But we'll get a chance to see another, smaller film from the directors this month on Netflix: The Electric State, adapted from the graphic novel by Swedish artist/designer Simon Stålenhag.

Stålenhag's stunningly surreal neofuturistic art—featured in his narrative art books, 2014's Tales from the Loop and 2016's Things From the Flood—inspired the 2020 eight-episode series Tales From the Loop, in which residents of a rural town find themselves grappling with strange occurrences thanks to the presence of an underground particle accelerator. That adaptation captured the mood and tone of the art that inspired it and received Emmy nominations for cinematography and special visual effects.

The Electric State was Stålenhag's third such book, published in 2018 and set in a similar dystopian, ravaged landscape. Paragraphs of text, accompanied by larger artworks, tell the story of a teen girl named Michelle who must travel across the country with her robot companion to find her long-lost brother, while being pursued by a federal agent. The Russo brothers acquired the rights early on and initially intended to make the film with Universal, but when the studio decided it would not be giving the film a theatrical release, Netflix bought the distribution rights.

Read full article

Comments

Zach Barth, the namesake of game studio Zachtronics, tends to make a certain kind of game.

Besides crafting the free browser game Infiniminer, which inspired the entire global Minecraft industry, Barth and his collaborators made SpaceChem, Infinifactory, TIS-100, Shenzen I/O, Opus Magnum, and Exapunks. Each one of them is some combination of puzzle game, light capitalism horror, and the most memorable introductory-level computer science, chemistry, or logistics class into which you unwittingly enrolled. Each game is its own thing, but they have a certain similar brain feel between them. It is summed up perhaps best by the Zachtronics team itself in a book: Zach-Like.

Barth and his crew have made other kinds of games, including a forward-looking visual novel about AI, Eliza, and multiplayer card battler Nerts!. And Barth himself told PC Gamer that he hates "saying Zach-like." But fans of refining inputs, ordering operations, and working their way past constraints will thrill to learn that Zach is, in fact, back.

Read full article

Comments

Watching Genesis' cars evolve and mature over the years has been interesting. Originally part of Hyundai's lineup, Genesis stood up as a brand in its own right at the end of 2015. Those early Hyundai-badged Genesises (Geneses?) were impressive considering the H on the nose, the dealerships they were found in, and the price out the door. The soft bigotry of low expectations, perhaps.

As Genesis has become its own thing, its vehicles no longer get that kind of benefit of the doubt. They have to stand against competitors from established luxury brands, the old-timers from Europe and now-middle-aged Japanese competitors. Recruiting the people associated with many of Bentley and Audi's more memorable designs was a good move in that regard.

This GV80 Coupe's design proved to be a hit with neighbors and the general public—few cars we've tested in the past couple of years have garnered as many compliments. The coupe was a relatively recent addition to the normal GV80 SUV, sacrificing a little volume at the back for a rakish ducktail rear end. All four corners are wrapped in what's now Genesis' light signature, a pair of thin horizontal stripes with microlens arrays supplying the brightness at the front.

Read full article

Comments

At Mobile World Congress, Google confirmed that a long-awaited Gemini AI feature it first teased nearly a year ago is ready for launch. The company's conversational Gemini Live will soon be able to view live video and screen sharing, a feature Google previously demoed as Project Astra. When Gemini's video capabilities arrive, you'll be able to simply show the robot something instead of telling it.

Right now, Google's multimodal AI can process text, images, and various kinds of documents. However, its ability to accept video as an input is spotty at best—sometimes it can summarize a YouTube video, and sometimes it can't, for unknown reasons. Later in March, the Gemini app on Android will get a major update to its video functionality. You'll be able to open your camera to provide Gemini Live a video stream or share your screen as a live video, thus allowing you to pepper Gemini with questions about what it sees.

It can be hard to keep track of which Google AI project is which—the 2024 Google I/O was largely a celebration of all things Gemini AI. The Astra demo made waves as it demonstrated a more natural way to interact with the AI. In the original video, which you can see below, Google showed how Gemini Live could answer questions in real time as the user swept a phone around a room. It had things to say about code on a computer screen, how speakers work, and a network diagram on a whiteboard. It even remembered where the user left their glasses from an earlier part of the video.

Read full article

Comments

Droplets bouncing off surfaces are an everyday phenomenon, like raindrops bouncing off lotus leaves or water drops sizzling in a hot pan, levitating and sliding around—aka the Leidenfrost effect. There is also an inverse Leidenfrost effect, first described in 1969, that involves a hot object such as a droplet levitating above a cold surface. Understanding the mechanisms behind these phenomena is crucial to a broad range of practical applications, such as self-cleaning, anti-icing, anti-fogging, surface charge printing, or droplet-based logic systems.

Droplets usually only bounce if the surface is superheated or engineered in some way to reduce stickiness. Physicists from the City University of Hong Kong have figured out how to achieve this bouncing behavior of hot oil droplets off almost any surface, according to a new paper published in the journal Newton.

As we've reported previously, in 1756, a German scientist named Johann Gottlob Leidenfrost reported his observation of the unusual phenomenon. Normally, he noted, water splashed onto a very hot pan sizzles and evaporates very quickly. But if the pan's temperature is well above water's boiling point, "gleaming drops resembling quicksilver" will form and skitter across the surface. It's called the "Leidenfrost effect" in his honor.

Read full article

Comments

The idea of flying satellites in "very" low-Earth orbit is not new. Dating back to the dawn of the space age in the late 1950s, the first US spy satellites, as part of the Corona program, orbited the planet as low as 120 to 160 km (75 to 100 miles) above the Earth.

This low vantage point allowed the Kodak cameras on board the Corona satellites to capture the highest-resolution images of Earth during the height of the Cold War. However, flying so close to the planet brought a number of challenges, most notably that of atmospheric drag.

For much of the space age, therefore, satellites have flown much higher orbits. Most satellites today fly at an altitude of between 400 and 800 km (250 and 500 miles), which is high enough to avoid the vast majority of atmospheric drag while still being close enough to offer good communications and a clear view of the planet.

Read full article

Comments