Month: July 2017

Posted on

Bollinger Motors unveils B1 electric sport utility truck

After years of work and months of teasing,

Bollinger Motors

has

unveiled

its B1 all-electric sport utility truck in its home state of New York. The first thing anyone will notice about the B1 won’t be its newfangled electric powertrain, but rather its old-school looks, which includes a classic three-box design.

It rides high, and its big mud tires immediately signal that this vehicle has off-road capability, while its minimalist styling and flat surfaces speak to its utility. Inside, the B1 has sealed gauges and polyurethane-coated floor pans. If the interior gets dirty (and we suspect it will), it can simply be hosed down.

The B1 is powered by either a 60- or 100-kWh battery pack a and a pair of electric motors providing 360 horsepower and 472 pound-feet of torque. It’s surprisingly quick, doing 0-60 miles per hour in just 4.5 seconds. The 60-kWh pack offers 120 miles of driving range and charges in 7.3 hours on a Level 2 charger, or 45 minutes on a DC fast charger. The 100-kWh pack offers 200 miles of range, and recharges in 12.1 hours (Level 2) or 75 minutes (DC fast charger). The B1 uses the CHAdeMO charging standard. Estimated

fuel economy

is a combined 67.4 miles per gallon equivalent.

With Bollinger’s first vehicle, the emphasis is on “utility,” and the electric powertrain is part of that. With front and rear motors, the B1 is all-wheel-drive, and its combination of torque and ground clearance (adjustable from 10 to 20 inches) mean that is will make itself at home on or off the road. The B1 features a self-leveling, four-wheel independent suspension, and disconnecting anti-roll bars to allow for maximum articulation off-road. A set of BFGoodrich LT285/70R17 Mud

Terrain

tires provides traction.

“Since the B1 is an all-electric truck, it’s really a portable energy source,” says Bollinger Motors CEO Robert Bollinger. For work in the field, the B1 offers a number of power outlets, including a pair of 110-volt plugs in the back of the truck. The vehicle also offers several storage areas, including a 14-cubic-foot frunk, and a rear cargo area that can accommodate 72 half-inch sheets of drywall with the rear seats removed. A passthrough stretching from the rear bed to the frunk makes more room for longer items, and can fit 24 2x4s at lengths of up to 12 feet with the tailgate closed. The B1 can also tow 6,100 pounds.

Bollinger says it will release pricing later this year, and is still working to secure manufacturing in the US. Once that is finalized, Bollinger expects to begin deliveries of the B1 in 19 months.

Related Video:

from Autoblog http://ift.tt/2tVvQGd
via IFTTT

Posted on

Hacker cracks smart gun to shoot it without approval

Smart guns are supposed to be safer than traditional weapons. They’re designed to only fire when paired with a second piece of technology that identifies the shooter, like an electronic chip or a fingerprint.

Supporters say they could stop accidental shootings or misfires. And they’ve been lauded by law enforcement to prevent criminals from using stolen or misplaced guns.

However, like any technology, they’re not unhackable.

A hacker known by the pseudonym Plore doesn’t want to put a stop to smart guns, but he wants the firearm industry that’s increasingly manufacturing these devices to know that they can be hacked.

The model Plore hacked is called the Armatix IPI. It pairs electronically with a smart watch so that only the person wearing the watch can fire it. The devices authenticate users via radio signals, electronically talking to each other within a small range.

Plore broke the security features in three different ways, including jamming radio signals in the weapon and watch so the gun couldn’t be fired, and shooting the gun with no watch nearby by placing strong magnets next to the weapon.

“Future smart guns might use different authorization mechanisms,” Plore said. “But you’d want to make future smart guns robust against interference, intentional or unintentional, even if it doesn’t use radio signals.”

One hack involved breaking the gun’s range restrictions. The gun is only supposed to work if it’s within a foot of the watch. But Plore extended the range by using radio devices to trick the gun into thinking the watch was closer than it was.

Another hack involved stopping the gun from firing. Plore created a device that emits the same 900 megahertz frequency of the gun and watch — devices like baby monitors or cordless phones use this frequency, too. His device simulated interference, effectively confusing the gun and watch and rendering them useless.

Related: Mac malware caught silently spying on computer users

The main reason people are interested in smart guns is to ensure only the owners can control them. But it’s possible to fire the weapon without the watch around, Plore found.

The hacker placed strong magnets next to the body of the gun. That simple solution allowed the gun to be fired.

The company has not yet responded to CNN Tech’s request for comment. It previously told Wired the hacks were possible under specific situations with particular equipment.

The spokesman for Armatix also said the company was aware of the gun’s vulnerabilities.

“Our experiences with the strengths and weaknesses of the iP1 system will flow into the next generation of [the] smart gun system,”he said.

Plore is presenting his findings at the Defcon security conference this week. He says that while the instruments he used to study the problem cost thousands, the tools he created to execute the three attacks cost less than $50.

It’s not the first time magnets have been used to hack smart devices. A similar tactic was used to hack into a safe.

“You see the same mistakes repeated,” he said. “Safes and guns aren’t the same devices, but conceptually it was the same attack.”

There are many smart-gun skeptics. Two Arizona lawmakers recently said the technology is still too new and could be dangerous. The NRA has said that while it’s not against smart guns, it does not support legislative restrictions on acquiring non-smart guns.

Smart guns are not yet widespread, and the Armatix IPI was the only weapon of its type easily accessible to Plore, he said. So while it’s cheap to execute these hacks, a real-world scenario is relatively unlikely.

Plore wants to make sure manufacturers are aware of these flaws in order to make future smart guns safer.

“If you’re going to buy one, you should get what’s on the label,” he said. “You should be able to really get something that provides meaningful security.”

CNNMoney (Las Vegas) First published July 27, 2017: 3:18 PM ET

from Business and financial news – CNNMoney.com http://ift.tt/2tNMNlG
via IFTTT

Posted on

Iranian Hackers Used a Fake Persona Named ‘Mia Ash’ To Ensnare Victims

Mia Ash is a 30-year-old British woman with two art school degrees, a successful career as a photographer, and plenty of friends—more than 500 on Facebook, and just as many on LinkedIn. A disproportionate number of those friends happen to be Middle Eastern men, and when she posts coy selfies to Facebook, they shower her with likes. Her intriguing relationship status: “It’s complicated.” No kidding. Mia Ash doesn’t exist.

Instead, she’s a persona, her biography fabricated and her photos stolen from another woman’s online profiles, according to researchers at the security firm SecureWorks. They believe Ash is the elaborate creation of Iranian state-sponsored hackers who have targeted dozens of organizations around the Middle East in a massive, years-long campaign of espionage and possibly even data destruction.

A Phish Called Mia

In February, as SecureWorks helped a Middle Eastern company diagnose an attempted spyware infection, the security analysts found that one of that company’s employees had been communicating with the Ash persona for more than a month. The conversation had begun on LinkedIn, where Ash had approached the staffer with questions about photography. The discussion had moved to Facebook, and the scope broadened to work, photography, and travel.

Eventually, Ash sent the staffer an email with a Microsoft Excel attachment for a photography survey. She asked him to open it on his office network, telling him that it would work best there. After a month of trust-building conversation, he did as he was told. The attachment promptly launched a malicious macro on his computer and attempted to install a piece of malware known as PupyRAT, though the company’s malware defenses prevented the installation.

After digging further into Mia Ash, SecureWorks found that hackers have cultivated the persona as a lure for staffers at target companies for over a year, with the endgame of infecting computers with spyware, and getting an initial foothold into a victim company’s network.

Social engineering, or using human lies and pretenses as a means to lull victims into security slip-ups, is a well-worn page of the hacker playbook. But rarely do hacker groups go to the trouble of building such a long-running, fleshed out persona as Mia Ash, says Allison Wikoff, one of the SecureWorks researchers who led the analysis, which SecureWorks presented at the Black Hat security conference. She points to Ash’s well-populated Facebook, LinkedIn, Blogger, and WhatsApp accounts, as well as two email addresses, as evidence of the hackers’ persistence and planning. “This is one of the most well-built fake personas I’ve seen,” says Wikoff. “It definitely worked, and worked for well over a year.”

Fake Friend

Examining Ash’s friends on Facebook and Linkedin, SecureWorks found she had two distinct sets. First, she seems to have befriended prominent photographers to bolster her profile as a bona fide shutterbug. The second group comprised men aged 20 to 40, mostly in Middle Eastern and Asian countries including Saudi Arabia, Iraq, Iran, and Israel, as well as some Americans, who worked as mid-level technicians, software developers, and administrators at tech, oil and gas, aerospace, consulting, and healthcare companies.

‘This is probably like a well-oiled machine.’ – Allison Wikoff, SecureWorks

Examining the would-be target list in Ash’s friend group, SecureWorks linked her with a hacker group known as OilRig or Cobalt Gypsy, widely believed to be working for the Iranian government in a widespread cyberespionage campaign. (According to at least one analysis from McAfee, that group also collaborated on a more destructive campaign to plant data-destroying Shamoon malware on the networks of more than a dozen Saudi Arabian targets, and SecureWorks’ analysis of the group’s methods also matches a description of Shamoon-planting hackers tracked by IBM.)

In late 2016, SecureWorks spotted that group launching a broad phishing campaign that used PupyRat as well. A month later, Mia Ash kicked into action at the company SecureWorks aided. Wikoff suggests that means the Ash persona may be used as a secondary tactic: If a specific company’s staff doesn’t fall for more traditional phishing emails, a persona like Ash approaches a specific target there, initiating a professional conversation over LinkedIn, and then building trust via Facebook or WhatsApp before sending the victim a malware payload via email. Based on the time put into the Ash persona, she believes it was likely used repeatedly against the Iranian hackers’ targets. “This is probably a well-oiled machine,” Wikoff says.

Ash to Ashes

After well over a year online, Ash’s LinkedIn profile mysteriously disappeared earlier this month. SecureWorks alerted Facebook to the persona, and the company removed her profile there, too.

SecureWorks also identified the real-life woman whose photos hackers used to assemble Mia Ash’s profiles. But when WIRED reached out to her she declined to speak on the record, and asked not to be identified. Wikoff points to her case as an example of how publicly posting personal photos can have unexpected, creepy consequences. “If you don’t lock down your social media accounts, they can be used in ways that might not directly harm you, but are nonetheless nefarious,” Wikoff says.

But Mia Ash offers a more serious lesson to possible victims of state-sponsored hackers, Wikoff says: Digital honey traps can be highly sophisticated, with personas that appear to have long histories and convincing personalities. And that attractive new Facebook friend may not actually be into your vacation photos.

from Wired Top Stories http://ift.tt/2u1vBnY
via IFTTT

Posted on

An A-ha ‘Take On Me’ Music Video Augmented Reality App

take-on-me-augmented-reality-app.jpg
This is a video demonstration of the ‘Take On Me’ augmented reality app developed by Trixi Studios. It puts users right in the middle of the pencil-drawn world of A-ha’s classic 1985 music video. And who hasn’t always dreamed of that? Hanging out with a hunk, evading dudes that want to clobber you with monkey wrenches — that’s a solid fantasy. At least in my opinion, and I practically wrote the book on fantasies. "This is all Jurassic Park erotic fan fiction." Read me some before bed.
Keep going for the video.

Thanks to Andy, who can’t wait for the inevitable Peter Gabriel ‘Sledgehammer’ augmented reality app.

from Geekologie – Gadgets, Gizmos, and Awesome http://ift.tt/2uGEs0j
via IFTTT

Posted on

Dancing Balls Lead to a Physics Discovery

Toss a few droplets of water in a hot pan and they seem to come alive, skittering to and fro as if trying to escape. Try the same thing with balls of hydrogel, and they actually could break free. The spheres bounce animatedly about a hot pan, emitting a piercing, shrieking noise as they do so.
Both tricks are due to something called the Leidenfrost effect, which describes the instantaneous vaporization that occurs when water touches a hot surface. If enough steam is produced, it can be en

from Discover Main Feed http://ift.tt/2uyr4Nx
via IFTTT

Posted on

Verizon accused of violating net neutrality rules by throttling video

Getty Images | Steven Puetzer


reader comments
5

The Federal Communications Commission should investigate whether Verizon Wireless violated net neutrality rules by throttling video applications on its mobile network, advocacy group Free Press says.

Free Press is asking people to sign a petition that will be delivered to the FCC.

“Late last week Verizon Wireless customers started to notice something suspicious: Videos from Netflix and YouTube were slow,” the call for signatures says. “Verizon Wireless couldn’t explain why. When reporters asked the wireless giant to comment, the company first said it was just a temporary network test with no impact on user experience. But Verizon later admitted that, temporary test or not, it was indeed ‘optimizing’ video streams.”

Free Press argues that Verizon’s actions violate the FCC’s rule against throttling. While the rule has an exemption for “reasonable network management,” Free Press argues that slowing down an entire class of applications is not allowed:

The FCC’s Net Neutrality rules clearly state that broadband providers cannot “impair or degrade lawful Internet traffic on the basis of Internet content, application, or service” unless it’s what the agency calls “reasonable network management” for a legitimate technical purpose. Slowing down an entire class of applications, such as all video, would violate this no-throttling rule.

Slowing down video, and only video, doesn’t make a whole lot of sense. If Verizon’s network can handle traffic, it can handle traffic—whether it’s video or not. That’s why the Net Neutrality rules allow for network management—but prohibit companies from cherry-picking which apps work and which ones don’t.

“Optimization” is just another word for “slowing down, reshaping or degrading your video traffic, over the connection you buy, using the mobile-data plans you pay for,” Free Press also said. (DSLReports has a story on the petition.)

The FCC is not commenting on the petition, a commission spokesperson told Ars today.

Verizon throttling “test” may be over

We reported on Verizon’s video throttling last week. The carrier was apparently limiting video applications to 10Mbps, and it applied the policy both to third-party services like Netflix and YouTube and to Verizon video services such as Go90. “We’ve been doing network testing over the past few days to optimize the performance of video applications on our network,” Verizon said last week. “The testing should be completed shortly. The customer video experience was not affected.”

The throttling may have stopped. We were able to get speeds of 53Mbps on Netflix’s Fast.com speed test tool today using a Verizon phone. Last week, speeds on that application were limited to 10Mbps.

We asked Verizon for a response to the Free Press petition today. We also asked whether Verizon has completely stopped the throttling test and whether it plans to re-start the throttling later. We will update this story if we hear back.

In a statement to Broadcasting & Cable this week, Verizon argued that the throttling doesn’t violate net neutrality rules.

“Current net neutrality rules clearly state that providers may employ reasonable network management practices to ensure that their networks and services run efficiently and work well for their customers,” Verizon said. “Video optimization is a non-discriminatory network management practice designed to ensure a high quality customer experience for all customers accessing the shared resources of our wireless network.”

FCC Chairman Ajit Pai has said that the commission will continue enforcing net neutrality rules as long as they are on the books. But Pai has begun a proceeding to overturn the net neutrality rules, and his proposal suggests that throttling of websites and online services might somehow help customers. Pai has consistently argued that there is no evidence of consumer harm to justify the FCC’s net neutrality rules.

“Trump’s FCC chairman, Ajit Pai, has been pushing hard to undo the agency’s Net Neutrality rules, but [Verizon throttling video] is exactly the kind of behavior these rules are designed to stop,” Free Press says in its call for signatures. “If Verizon Wireless is violating Net Neutrality, it needs to pay the price. And the FCC needs to keep the rules that ban this kind of nonsense. Demand an FCC investigation.”

Throttling or reasonable network management?

Under former Chairman Tom Wheeler, the FCC took no action against T-Mobile USA’s “Binge On” program, which reduced the speeds of video. But the FCC report that found no problems with Binge On was rescinded by Pai after he took over as chairman. Pai objected to the report’s accusation that AT&T and Verizon Wireless violated net neutrality rules by charging video providers for data cap exemptions while allowing their own video to stream without counting against caps.

The Wheeler FCC’s “guidelines distinguishing ‘throttling’ from ‘reasonable network management'” provided ISPs with certainty over whether video throttling violated the rules, Harold Feld, senior VP of advocacy group Public Knowledge, said last week.

“Before, Verizon could simply point to the FCC guidelines to reassure their customers,” Feld said. “Today, we must look to Chairman Pai to tell us whether subscribers have anything more to rely on than Verizon’s promises. Rather than undermining consumer confidence and creating needless confusion, Chairman Pai should end his misguided efforts to roll back the FCC’s net neutrality rules any further.”

Verizon apparently didn’t issue any notices to customers prior to the video throttling, despite transparency rules that require disclosure of network management practices. Verizon does maintain a webpage describing its video optimization, however. The rules require prominent display of network management policies on a publicly available website and disclosures at the point of sale.

from Ars Technica http://ift.tt/2tDTIto
via IFTTT

Posted on

Britain Is Getting Rid of the Internal-Combustion Engine

The strangely pleasant whiff of gas, the burble of the engine, the acrid stench of exhaust fumes. We all know that, sooner or later, these things will become little more than nostalgia as cars go all-electric. And in the U.K., at least, we now have a date for when that will really start to hit home: 2040.

That’s the year in which the nation’s government will outlaw the sale of new cars and vans that run on gas or diesel. As the BBC reports, the initiative is the result of a court order requiring the government to introduce policies to tackle illegal levels of nitrogen dioxide. Those particles are among the emissions that contribute to declining air quality around the globe, which is estimated to kill over three million people each year.

The ban is part of a wider £3 billion ($3.9 billion) effort to improve air quality in the nation. A small £255 million ($330 million) slice of that will be given to local authorities to help them reduce emissions in their own areas, which may include the creation of tolls for heavily polluting vehicles.

Environmentalists say that the measures don’t go far enough. The government has decided not to implement an early proposal that would have banned many diesel cars from city centers around the nation. It also chose not to introduce a scheme that would have paid drivers of heavily-polluting cars to scrap their existing vehicles and upgrade to cleaner models.

The news echoes a recent push in many European capitals to ban diesel cars from city streets. Last year, Paris, Madrid, and Athens all committed to a ban of cars and vans that run on diesel by 2025. Then in April, London’s Mayor, Sadiq Khan, announced that steep levies would hit the most polluting diesel vehicles in the city as soon as 2018.

Automakers appear to be taking note. Last month, Volvo announced that, from 2019, every car it sells will have an electric motor—though the majority of its vehicles will still be hybrids that burn at least some gas. Every automaker worth its salt appears to be preparing all-electric models to go on sale in the coming years. And let’s not forget the fact that Tesla’s hotly anticipated mass-market car, the Model 3, is finally rolling off the production line.

A recent analysis from Bloomberg New Energy Finance suggested that electric vehicles could account for as many as half of all new cars sold by 2040. And today’s news suggests that may indeed come true in the U.K. But plenty needs to be done before it actually happens—including the roll-out of extensive charging infrastructure, increased energy production to meet demand, and advances in car technology such as batteries and motors to make electric vehicles truly practical. Nobody said turning our back on an old friend would be easy.

(Read more: BBC, The Independent, “By 2040, More Than Half of All New Cars Could Be Electric,” “Europe Is Dead Serious About Killing Off Diesel Cars,” “Volvo Is Killing Off Internal Combustion. Kind of.”)

from Technology Review Feed – Tech Review Top Stories http://ift.tt/2tDzeB6
via IFTTT