The Common Vulnerability and Exposures, or CVE, repository holds the answers to some of information security's most vital questions. Namely, which security issue are we talking about, exactly, and how does it work?

The 25-year-old CVE program, an essential part of global cybersecurity, is cited in nearly any discussion or response to a computer security issue, including Ars posts. CVE was at real risk of closure after its contract was set to expire on April 16. The nonprofit MITRE runs CVE and related programs (like Common Weakness Enumeration, or CWE) on a contract with the US Department of Homeland Security (DHS). A letter to CVE board members sent Tuesday by Yosry Barsoum, vice president of MITRE, gave notice of the potential halt to operations.

"If a break in service were to occur, we anticipate multiple impacts to CVE, including deterioration of national vulnerability databases and advisories, tool vendors, incident response operations, and all manner of critical infrastructure," Barsoum wrote.

Read full article

Comments

Razer, maker of green-hued gaming hardware and accessories, has entered the game-streaming space with its new—but not entirely new—app, PC Remote Play. It's based on very good existing streaming tech and makes connecting a PC to mobile devices fairly simple. It's worth checking out unless you have a hard-and-fast policy about avoiding software "utilities" from RGB-obsessed gaming companies.

That, or you're already using and comfortable with Moonlight. Moonlight and Sunshine are the open source game-streaming client and server that wonderfully picked up where Nvidia's Gamestream left off. PC Remote Play is based on Moonstream's open source code, and Razer has made much of its own version's code available.

You're getting a few small upgrades when using PC Remote Play:

Read full article

Comments

Radio signal broadcasts have their usefulness, but they eventually end (except, perhaps, for SETI). Every so often, we mark the public end of a once-essential wavelength, such as 3G cellular, analog television, or the Canadian time check. One of the most weirdly useful signals will soon end in the United Kingdom, with notable consequences if its transition is not properly handled.

Beginning in the early 1980s, UK homes could have electrical meters installed with a radio teleswitch attached. These switches listened for a 198 kHz signal from the BBC's Radio 4 Long Wave service, primarily broadcast from the powerful Droitwich Transmitting Station. These switches listened to 30 messages per minute, waiting for a certain 50-bit data packet to arrive that signaled that electricity was now at cheaper, off-peak rates ("tariffs" in the UK).

With this over-the-air notice, homes that bought into Economy 7 or Economy 10 (7 or 10 hours of reduced-price power) could make use of ceramic-stuffed storage heaters that stayed warm into the day, prepare hot water heaters, and otherwise make use of off-peak power. How the electrical companies, BBC, and meters worked together is fascinating in its own right and documented in a recent video by Ringway Manchester (which we first saw at Hackaday).

Read full article

Comments

"No ads, no hosts, no sponsors, just games." The Triple-i Initiative's pitch for its now-annual showcase of games, crafted by studios working somewhere between "Solo dev or very small team" and "Investor-minded conglomerate with international offices," promises a lot of peeks at games without a lot of chatter, and once again it delivered.

Last year's showcase debuted titles like Norland, Slay the Spire 2, and The Rogue Prince of Persia, along with updates from Darkest Dungeon 2, Palworld, and Vampire Survivors. This year featured looks at titles from the Deep Rock universe, the cloning-yourself-to-survive curiosity The Alters, an Endless Legend 2 that continues tweaking the 4X formula, and more.

Below are five selected highlights for the Ars crowd, along with some notable other announcements. The full list is not yet up on the Triple-i site, but you can see what jumped out from the full showcase.

Read full article

Comments

Hatsushima is not a particularly busy station, relative to Japanese rail commuting as a whole. It serves a town (Arida) of about 25,000, known for mandarin oranges and scabbardfish, that is shrinking in population, like most of Japan. Its station sees between one to three trains per hour at its stop, helping about 530 riders find their way. Its wooden station was due for replacement, and the replacement could be smaller.

The replacement, it turned out, could also be a trial for industrial-scale 3D-printing of custom rail shelters. Serendix, a construction firm that previously 3D-printed 538-square-foot homes for about $38,000, built a shelter for Hatsushima in about seven days, as shown at The New York Times. The fabricated shelter was shipped in four parts by rail, then pieced together in a span that the site Futurism says is "just under three hours," but which the Times, seemingly present at the scene, pegs at six. It was in place by the first train's arrival at 5:45 am.

Either number of hours is a marked decrease from the days or weeks you might expect for a new rail station to be constructed. In one overnight, teams assembled a shelter that is 2.6 meters (8.5 feet) tall and 10 square meters (32 square feet) in area. It's not actually in use yet, as it needs ticket machines and finishing, but is expected to operate by July, according to the Japan Times.

Read full article

Comments

Balatro is certainly habit-forming, but there's nothing to be won or lost, other than time, by playing it. While the game has you using standard playing cards and poker hands as part of its base mechanics, it does not have in-app purchases, loot boxes, or any kind of online play or enticement to gambling, beyond the basics of risk and reward.

Yet many YouTube creators had their Balatro videos set to the traffic-dropping "Age-restricted" status recently, allegedly due to "depictions or promotions of casino websites or apps," with little recourse for appeal.

A spokesperson for YouTube told Ars after this post was originally published that the videos should not be age-restricted, and that the service was "fixing the issue and conducting a platform-wide review."

Read full article

Comments

Road trips with just two people always have their awkward silences. In Dustland Delivery, my character, a sharpshooter, has tried to break the ice with the blacksmith he hired a few towns back, with only intermittent success.

Remember that bodyguard, the one I unsuccessfully tried to flirt with at that bar? The blacksmith was uninterested. What about that wily junk dealer, or the creepy cemetery? Silence. She only wanted to discuss "Abandoned train" and "Abandoned factory," even though, in this post-apocalypse, abandonment was not that rare. But I made a note to look out for any rusted remains; stress and mood are far trickier to fix than hunger and thirst.

Dustland Delivery, available through Steam for Windows (and Proton/Steam Deck), puts you in the role typically taken up by NPCs in other post-apocalyptic RPGs. You're a trader, buying cheap goods in one place to sell at a profit elsewhere, and working the costs of fuel, maintenance, and raider attacks into your margins. You're in charge of everything on your trip: how fast you drive, when to rest and set up camp, whether to approach that caravan of pickups or give them a wide berth.

Read full article

Comments

I don't think anybody outside Nintendo or FromSoftware was expecting a spiritual successor to Bloodborne to be one of the titles announced at the Nintendo Switch 2's launch today. Not just "playable" on the Switch 2, but exclusive to it. But there it was, The Duskbloods, debuting its dread horror action just a few minutes before the luminously pink and puffy Kirby Air Ride 2. 

The Switch 2's launch titles, and other announced games, are quite the rich stew. Here are some of the AAA ports, exclusives, and unexpectedly gruesome games arriving on the just-announced system.

Switch exclusives, including Nintendo’s own

We'll get to FromSoftware's surprising Switch 2 exclusive in a bit. Far less surprising is a new Mario Kart game, as Mario Kart 8 sold more than 67 million copies, covering more than 40 percent of all Switches sold. Mario Kart World goes big, with 24 simultaneous players, and the ability to explore off the course in a kind of open-world setting.

Read full article

Comments

Satisfactory starts out as a game you play, then becomes a way you think. The only way I have been able to keep the ridiculous factory simulation from eating an even-more-unhealthy amount of my time was the game's keyboard-and-mouse dependency. But the work, it has found me—on my couch, on a trip, wherever one might game, really.

In a 1.1 release on Satisfactory's Experimental branch, there are lots of new things, but the biggest new thing is a controller scheme. Xbox and DualSense are officially supported, though anyone playing on Steam can likely tweak their way to something that works on other pads. With this, the game becomes far more playable for those playing on a couch, on a portable gaming PC like the Steam Deck, or over household or remote streaming. It also paves the way for the game's console release, which is currently slated for sometime in 2025.

Satisfactory seems like an unlikely candidate for controller support, let alone consoles. It's a game where you do a lot of three-dimensional thinking, putting machines and conveyer belts and power lines in just the right places, either because you need to or it just feels proper. How would it feel to select, rotate, place, and connect everything using a controller? Have I just forgotten that Minecraft, and first-person games as a whole, probably seemed similarly desk-bound at one time? I grabbed an Xbox Wireless controller, strapped on my biofuel-powered jetpack, and gave a reduced number of inputs a shot.

Read full article

Comments

2024 was "a year of growth," according to fire-suppression company Fire Rover, but that's not an entirely good thing.

The company, which offers fire detection and suppression systems based on thermal and optical imaging, smoke analytics, and human verification, releases annual reports on waste and recycling facility fires in the US and Canada to select industry and media. In 2024, Fire Rover, based on its fire identifications, saw 2,910 incidents, a 60 percent increase from the 1,809 in 2023, and more than double the 1,409 fires confirmed in 2022.

Publicly reported fire incidents at waste and recycling facilities also hit 398, a new high since Fire Rover began compiling its report eight years ago, when that number was closer to 275.

Read full article

Comments

I played a lot of Obsidian's Avowed after it came out. I appreciate that the game offers both a whole lot of world-building lore if you want it, but also the ability to skip it all if you want to get back to grimoires, guns, and scarfing food while dodging attacks. But all those gods and races and islands must have sunk in. As I neared the end of Avowed's journey, I find myself wondering about the earlier games in Obsidian's world of Eora in its Pillars of Eternity series, which passed me by entirely.

The same thing happened with Baldur's Gate 3, which pulled me in deep and left me wondering if I'd dig the earlier titles. But after an hour or two in the first entry, I was done, for much the same reason as with the first Pillars: I just can't hack it (pun intended) in real-time-with-pause combat.

"Real-time-with-pause" has never been a perfect descriptor; technically, Avowed plays out in real time, as do most games, which also offer pausing. But look at a couple videos and you'll get the gist: Your party hacks, slashes, and casts largely on its own, but you can interject to redirect, re-equip, or force a potion on one of your crew. If you have control issues, or don't have the clicking speed you had as a younger gamer, real-time-with-pause can be a humbling experience.

Read full article

Comments

Author, journalist, and long-time Internet freedom advocate Doc Searls wants us to stop asking for privacy from websites, services, and AI and start telling these things what we will and will not accept.

Draft standard IEEE P7012, which Searls has nicknamed "MyTerms" (akin to "Wi-Fi"), is a Draft Standard for Machine Readable Personal Privacy Terms. Searls writes on his blog that MyTerms has been in the works since 2017, and a fully readable version should be ready later this year, following conference presentations at VRM Day and the Internet Identity Workshop (IIW).

The big concept is that you are the first party to each contract you have with online things. The websites, apps, or services you visit are the second party. You arrive with either a pre-set contract you prefer on your device or pick one when you arrive, and it tells the site what information you will and will not offer up for access to content or services. Presumably, a site can work with that contract, modify itself to meet the terms, or perhaps tell you it can't do that.

Read full article

Comments

In May 2024, the website of ad-tech firm Kubient touted that the company was "a perfect blend" of ad veterans and developers, "committed to solving the growing problem of fraud" in digital ads. Like many corporate sites, it also linked old blog posts from its home page, including a May 2022 post on "How to create a world free of fraud: Kubient's secret sauce."

These days, Kubient's website cannot be reached, the team is no more, and CEO Paul Roberts is due to serve one year and one day in prison, having pled guilty Thursday to creating his own small world of fraud. Roberts, according to federal prosecutors, schemed to create $1.3 million in fraudulent revenue statements to bolster Kubient's initial public offering (IPO) and significantly oversold "KAI," Kubient's artificial intelligence tool.

The core of the case is an I-pay-you, you-pay-me gambit that Roberts initiated with an unnamed "Company-1," according to prosecutors. Kubient and this firm would each bill the other for nearly identical amounts, with Kubient purportedly deploying KAI to find instances of ad fraud in the other company's ad spend.

Read full article

Comments

Frosthaven, a board game that was somehow even bigger and more ambitious than its considerably weighty forebear Gloomhaven, asks a lot of its players.

Each turn means picking two from maybe a dozen different possible action cards. Each of those cards has two options (plus a "default"), and each of those cards is played out against multiple other actions by your enemies and companions. And that's just the game itself—actually getting the game set up and getting your fellow gamers to agree on semi-regular appointments is a whole other crusade against tough odds.

Like Gloomhaven before it, Frosthaven is getting a PC game, which should make exploring a baddie-infested tundra easier to set up and potentially easier to do multiplayer. A closed beta test begins March 27, with sign-ups at the game's website. The game will launch into early access during 2025, with more than 35 quests across the first two acts available, with over 130 quests planned in total. It will have single-player and up to four-player multiplayer, with players able to pick up their teammates' characters if there's a momentary dropout.

Read full article

Comments

It's a widely known problem with roots in urban legend: Devices with motherboards failing in the early 2000s with a sudden pop, a gruesome spill, or sometimes a burst of flames. And it was allegedly all due to one guy who didn't copy a stolen formula correctly.

The "capacitor plague" of the early 2000s was real and fairly widespread among devices, even if the majority of those devices didn't go bad at the same time or even in the same year. The story of this widespread failure, passing between industry insider stories and media reports, had a specific culprit, but also a broad narrative about the shift from Japanese to Taiwanese manufacturers and about outsourcing generally.

The Asianometry channel on YouTube recently dug into the "capacitor plague" in a video that asks, "What happened to the capacitors in 2002?" and comes to some informed, broad, and layered answers. It explains the specifics of what's happening inside both a working capacitor and the faulty models, relays the reporting on the companies blamed and affected, and, crucially, puts the plague in the wider context of hotter chips, complex supply chains, counterfeits, and, sure, some industrial sabotage.

Read full article

Comments

Plex is a bit hard to explain these days. Even if you don't know its roots as an outgrowth of a Mac port of the Xbox Media Center project, Plex is not your typical "streaming" service, given how most people use it. So as Plex announces its first price increase to its Plex Pass subscription in more than 10 years, it has its work cut out explaining why, what's included, and what is changing.

Starting April 29, the cost of a Plex Pass rises from $5 to $7 monthly, from $40 to $70 annually, and a lifetime pass now costs $250, previously $120. In a blog post, Plex cites rising costs and its commitment to an independent service that supports "personal media."

"We are all in on the continued success of Plex Pass and personal media," the post states. "This price increase will ensure that we can keep investing dedicated resources in developing new features, while supporting and growing your favorites." The post cites a roadmap that contains an integration with Common Sense Media, a new "bespoke server management app" for managing server users, and "an open and documented API for server integrations," including custom metadata agents.

Read full article

Comments

Certain watches can stay just as they are and people will keep buying them. The Casio F-91W, one of the continuously best-selling watches in the world, keeps the time on a readable display and offers a single daily alarm slot (unless you board-swap it). The Timex Weekender may last as long as non-digital watches exist.

What about the Pebble? Is there still room on people's wrists for the most exciting Kickstarter-backed tech of 2012–2016?

Eric Migicovsky, founder of the firm that was perhaps a bit too early to the smartwatch market, has made good on his pledge to find out and has made new Pebble watches available for preorder. The Core 2 Duo, "almost exactly a Pebble 2" with modernized chips, 30 days battery life, and a black-and-white e-paper screen, is $150 at preorder and is scheduled to ship in July. The Core Time 2, Migicovsky's "dream watch," is bigger, color, and metal and goes for $225 right now. Its release is slated for December.

Read full article

Comments

Back when EV enthusiasm was higher, there were fits and starts of vehicle-to-home concepts and products. If EVs and their ginormous batteries are expensive, resource-intensive purchases, the thinking went, maybe we should get something more out of them than just groceries and school pick-ups. Maybe we could find other things for that huge battery to do during the 95 percent of time it spends parked in or near our homes.

An EV powering your whole home, or even pushing power back to the grid, is something higher-end EVs might do at some point with some utilities. I have a Chevy Bolt, an EV that does not have even a three-prong 110 V plug on it, let alone power-your-home potential. If I wanted to keep the essentials running during an outage, it seemed like I needed to buy a fuel-based generator—or one of those big portable power stations.

Or so I thought, until I came across inverter kits. Inverters take the direct current available from your vehicle's 12V battery—the lead-acid brick inside almost every car—and turns it into alternating current suitable for standard plugs. Inverters designed for car batteries have been around a long time, opening up both novel and emergency uses. The catch is that you have to start the car's gas engine often enough to keep the battery charged.

Read full article

Comments

Robotics firm iRobot, originator of the robotic vacuum Roomba facing stiff competition from lower-priced competitors, told investors Tuesday that there was "substantial doubt" about the company's survival "as a going concern" in the next year or so.

Investors took iRobot at its word, and its stock price had fallen nearly 40 percent as of 10:20 am Wednesday from the day before. The dire accounting language and market reaction are nothing new for tech firms, but iRobot's annual report suggests deeper issues than investor confidence. The company saw revenue drop 47 percent in the fourth quarter, it is actively seeking to renegotiate its largest loans, and it has launched a "formal strategic review" to consider refinancing, sale, or other alternatives.

The shaky world of consumer robotics

iRobot's fortunes have changed dramatically since 2022, when Amazon announced a $1.7 billion bid to buy the struggling but prominent firm.

Read full article

Comments

"The future of podcasting shouldn't be locked behind walled gardens," writes the team at Pocket Casts. To push that point forward, Pocket Casts, owned by the company behind WordPress, Automattic Inc., has made its web player free to everyone.

Previously available only to logged-in Pocket Casts users paying $4 per month, Pocket Casts now offers nearly any public-facing podcast feed for streaming, along with controls like playback speed and playlist queueing. If you create an account, you can also sync your playback progress, manage your queue, bookmark episode moments, and save your subscription list and listening preferences. The free access also applies to its clients for Windows and Mac.

"Podcasting is one of the last open corners of the Internet, and we’re here to keep it that way," Pocket Casts' blog post reads. For those not fully tuned into the podcasting market, this and other statements in the post—like sharing "without needing a specific platform's approval" and "podcasts belong to the people, not corporations"—are largely shots at Spotify, and to a much lesser extent other streaming services, which have sought to wrap podcasting's originally open and RSS-based nature inside proprietary markets and formats.

Read full article

Comments