Day: February 17, 2026

Posted on

These 3 popular password managers are insecure, researchers find

https://www.pcworld.com/article/3063480/these-3-popular-password-managers-are-insecure-researchers-find.html

Bitwarden, LastPass, and Dashlane are less secure than you might expect, at least if you go by the findings of security researchers at ETH Zurich and the Università della Svizzera italiana (USI) in Lugano.

They’ve allegedly discovered serious security vulnerabilities in these popular password managers. “In tests, they were able to view and even change stored passwords,” writes the editor (machine translated).

Why are they vulnerable?

Many password managers store passwords in encrypted form in the cloud. The advantage of this is that you can access your passwords across all your devices, no matter where you are. The important bit is that your passwords are encrypted, which guarantees that those passwords are secure against unauthorized access. Even if hackers gain access to the password manager’s servers, the encryption will thwart them.

But Swiss security researchers found vulnerabilities in popular password managers Bitwarden, LastPass, and Dashlane: “[The researchers’] attacks ranged from breaches of the integrity of targeted user vaults to the complete compromise of all vaults of an organization using the service. In most cases, the researchers were able to gain access to the passwords—and even manipulate them.”

The researchers demonstrated 12 attacks on Bitwarden, 7 on LastPass, and 6 on Dashlane. To do this, they set up their own servers that behaved like a hacked password manager server. The researchers then initiated “simple interactions that users or their browsers routinely perform when using the password manager, such as logging into the account, opening the vault, viewing passwords, or synchronizing data.”

The researchers found “very bizarre code architectures,” which were probably created because the companies were trying to “offer their customers the most user-friendly service possible, for example the ability to recover passwords or share their account with family members.”

This not only makes the code architectures more complex and confusing, but ends up increasing the number of potential attack points for hackers. The security researchers warn: “Such attacks don’t require particularly powerful computers and servers, just small programs that can spoof the server’s identity.”

Before publishing their findings, the researchers informed each password manager so they’d have enough time to fix the flaws. They all responded positively, but not all fixed the flaws at the same speed.

Blame it on outdated encryption methods

According to the researchers, the reason for the vulnerabilities is obvious: “Discussions with password manager developers have revealed their reluctance to release system updates, fearing their customers could lose access to their passwords and other personal data. These customers include millions of individuals and thousands of companies that entrust their entire password management to these providers. One can imagine the consequences of suddenly losing access to their data. Therefore, many providers cling to cryptographic technologies from the 1990s, even though these are long outdated.”

The only solution to this dilemma is for all password managers to be cryptographically updated, at least for new customers. Existing customers could then decide for themselves “whether they want to migrate to the new, more secure system and transfer their passwords there, or whether they want to remain with the old system—aware of the existing security vulnerabilities.”

What should you do?

The researchers reassure us that there’s no immediate danger, say they have “no reason to believe that password manager providers are currently malicious or compromised, and as long as this remains the case, your passwords are safe. However, password managers are high-profile targets, and security breaches do occur.”

Anyone considering a password manager should choose a password manager “that openly discloses potential security vulnerabilities, is externally audited, and has end-to-end encryption enabled by default.”

We recommend: NordPass

NordPass




Best Prices Today:

$1.29 at NordPass

Further reading: The best password managers, reviewed

via PCWorld https://www.pcworld.com

February 17, 2026 at 11:10AM

Posted on

Scientists Discover Time Crystals You Can Hold—and They Levitate

https://gizmodo.com/scientists-discover-time-crystals-you-can-hold-and-they-levitate-2000721148

Last year, physicists created a time crystal—atomic arrangements repeating motion patterns—visible to the naked eye. But the latest research on this quantum eccentricity might represent more than a few steps forward.

This time crystal, described in a recent Physical Review Letters paper, is big enough to be held in your hand, and it levitates. Discovered by a team of physicists at New York University (NYU), the new type of time crystal consists of styrofoam-like beads that levitate on a cushion of sound while exchanging sound waves.

If that wasn’t strange enough, the time crystal does this by violating Newtonian physics—and the team believes that gives the new crystal both academic and practical significance.

“This was a discovery in the truest sense,” David G. Grier, the study’s senior author and a physicist at NYU, told Gizmodo. “Perhaps the most remarkable thing is that such rich and interesting behavior emerges from such a simple system.”

What are time crystals?

In 2012, Nobel laureate Frank Wilczek pitched an idea for an impossible crystal breaking the rules of symmetry in physics. Typically, solid crystals maintain a continuous lattice of their respective components. Time crystals, however, do the exact opposite, with the individual atoms inside them changing positions over time in a relatively defined pattern.

In the past decade or so, physicists have managed to find varying versions of Wilczek’s vision. But these instances mostly featured short-term, microscopic time crystals with little practical implications. It was only last year that one team at the University of Colorado Boulder proposed a time crystal design that we can actually see.

Styrofoam finds a new quirk

Nyu Time Crystal Levitation Setup
The setup of the new time crystal system. A bead (purple) is suspended in mid-air by sound waves emanating from (black) circular speakers arranged in a six-inch-tall 3D-printed frame. Credit: NYU Center for Soft Matter Research

The newly discovered time crystal may represent huge advances in the practical relevance of time crystals. For one, the bead in the experiment is expanded polystyrene—the same material used for packing styrofoam.

The team turned this common material into a time crystal by suspending styrofoam beads in sound waves. By itself, the bead floats motionlessly, but things begin to change once multiple beads levitate together.

In this system, each bead scatters its own share of sound waves. That contributes to an overall system of “unbalanced interactions” that essentially allows the particles to harvest and supply energy from the sound waves, Grier explained. “The key point is that time crystals select their own frequency without being told what to do by any external force.”

The simplest of them all?

What’s more, these interactions aren’t bound to Newton’s third law of motion, which dictates that two bodies exerting force on each other must exert the same amount of force in opposite directions.

“Think of two ferries of different sizes approaching a dock,” Mia Morrell, the study’s lead author and a graduate student at NYU, said in a university statement. “Each one makes water waves that push the other one around—but to different degrees, depending on their size.”

Time Crystals Nyu Stop Motion
A stop-motion image that shows pairs of millimeter-scale beads forming a time crystal over approximately one-third of a second in time. The colors represent the beads interacting at different stages during this period. Credit: NYU Center for Soft Matter Research

According to Grier, the sheer simplicity of this time crystal setup potentially makes it the “hydrogen atom” for this phenomenon—highlighting its potential across other contexts, such as “the neural pacemakers in our hearts to cyclic trends in financial markets.”

“We’re hoping that studying a minimal model will provide access to the deepest insights into the spontaneous emergence of clocks in more general and more complex manifestations,” he added.

via Gizmodo https://gizmodo.com/

February 13, 2026 at 05:08AM

Posted on

The EVs That Handle Extreme Cold Best Aren’t Sold in the US

https://www.autoblog.com/news/the-evs-that-handle-extreme-cold-best-arent-sold-in-the-us

Extreme Winter Cold Greatly Affects EV Range

Cold weather is still one of the biggest real-world hurdles for EVs. When temperatures drop, battery chemistry slows down, internal resistance goes up, and the car has to work harder just to keep the battery and cabin warm. Even with the latest thermal management tech, range loss is something you can’t fully escape.

To see just how much cold weather hits EV range, Norwegian publication Motor ran its annual winter test. They took a wide mix of EVs through snowy highways and mountain roads, with temperatures dropping to -31°C (-24°F). According to the publication, each car was driven in normal conditions until it couldn’t safely go any farther.

At the end of the test, every EV in the test fell short of its certified range, and plenty lost more than a third of what’s promised. Of note, WLTP ratings, used in Europe, are more generous than US EPA numbers.

But here’s what really stood out: it wasn’t about which EV went the farthest, but which ones came closest to their rated range. And most of those top performers aren’t sold in the US.

Lucid

Highlights from the Test

Motor’s results highlight how much winter can cut into range, even for high-end, long-range EVs. The Lucid Air managed the longest real-world run at 323 miles, but that’s still a 46 percent drop from its 597-mile WLTP rating. The Mercedes-Benz CLA went from 441 miles to 262, a 41 percent hit. The Audi A6 e-tron dropped from 406 miles to 250, losing 38 percent.

Other big-name EVs saw the same kind of drop. The BMW iX managed 241 miles, down from a 398-mile WLTP figure – a 39 percent loss. The Tesla Model Y hit 223 miles versus its 391-mile rating, down 43 percent. Even the new Hyundai Ioniq 9 only managed 230 miles on an official 373-mile range, a 38 percent decline.


Least Affected EVs – All Not Sold in America

When ranked by percentage deviation rather than total distance, a different set of EVs emerges as the top performers. Compared to EVs that lost over 40 percent of their range, these models clearly have the edge in winter consistency. Most of them focus on smaller size, efficiency, and moderate power rather than headlining figures.

Model

WLTP Range (miles)

Achieved Range (miles)

Deviation

MG6S EV

301

214

-29%

Hyundai Inster

224

159

-29%

MG IM6

314

219

-30%

KGM Musso

235

163

-31%

Voyah Courage

273

186

-32%

Here’s the catch: none of these top winter performers are sold in America. Some are built in China, like the MGS6 EV; others are for Europe or select global markets, like the Hyundai Inster and KGM Musso. For now, American buyers can’t get their hands on the EVs that seem best suited for extreme cold.

Norway’s latest winter test drives home a simple point: if you live somewhere that’s cold for much of the year, range consistency matters more than big battery numbers.

Hyundai


View the 5 images of this gallery on the
original article

via Autoblog https://ift.tt/t729ZCD

February 17, 2026 at 11:05AM