Crunch Report | iOS 11 Now Available to Download

iOS 11 is now available to download, First Miso Robotics flipping burger installed in a restaurant and Stack Overflow’s salary calculator. All this on Crunch Report. Read More

Apache bug leaks contents of server memory for all to see—Patch now

There’s a bug in the widely used Apache Web Server that causes servers to leak pieces of arbitrary memory in a way that could expose passwords or other secrets, a freelance journalist has disclosed.

The vulnerability can be triggered by querying a server with what’s known as an OPTIONS request. Like the better known GET and POST requests, OPTIONS is a type of HTTP method that allows users to determine which HTTP requests are supported by the server. Normally, a server will respond with GET, POST, OPTIONS, and any other supported methods. Under certain conditions, however, responses from Apache Web Server include the data stored in computer memory. Patches are available here and here.

The best-known vulnerability to leak potentially serious server memory was the Heartbleed bug located in the widely used OpenSSL cryptography library. Within hours of Heartbleed’s disclosure in April 2014, attackers were exploiting it to obtain passwords belonging to users of Yahoo, Ars, and other sites. Heartbleed could also be exploited to bleed websites’ private encryption keys and to hack networks with multifactor authentication.

Read 3 remaining paragraphs | Comments

Steam has a “review bomb” problem—but will today’s new feature fix it?

Steam, the largest digital PC game storefront in the West, continues to struggle with user-contributed game reviews. Valve launched the feature in 2013, and since then, it has seen various updates to deal with issues such as false and gamed reviews.

But none of those updates were much comfort to the game Firewatch last week. Its Steam review page was swarmed with negative reviews after its developer Campo Santo denounced the hateful speech of game streamer PewDiePie and issued DMCA challenges to that streamer’s videos about Firewatch.

Maybe it’s a coincidence that Valve not only announced a new Steam user review feature on Tuesday but also tied it in a huge way to the issue of “review bombing.” Either way, Steam store pages now come with a lot more data in the form of “review histograms.” What are they? How will they affect reviews going forward? And most importantly, is that enough action to deal with a noticeable rise in irrelevant and poisonous use of Steam’s storefront?

Read 19 remaining paragraphs | Comments

Meet the really cheap Google Home Mini and really expensive Chromebook Pixel 3

Droid Life

Android fansite Droid Life is on fire today with a big series of leaks of Google’s upcoming hardware launches. After showing off pictures and pricing for the Pixel 2 and Pixel 2 XL, the site has details on the new “Google Home Mini,”  a second smartphone-powered Daydream VR headset, and a new flagship Chromebook Pixel.

First up is the new “Google Home Mini,” a smaller version of the Google Home, which will retail for just $50. The colors here are “Chalk” (white/grey), “Charcoal” (black), and “Coral” (red). Like the Amazon Echo Dot, the Google Home Mini skips the thumping speaker setup for a smaller, cheaper form factor meant more for commands and Q&A sessions rather than for music.

Read 5 remaining paragraphs | Comments

Most-wanted criminal arrested after posting Instagram video of himself

A Texas outlaw on the Lone Star State’s 10 most-wanted list was arrested Tuesday in Los Angeles after he posted a video to Instagram of himself showing off his arsenal of weapons.

Christopher Ricardo Gonzalez, 18, was arrested after Dallas authorities tracked his location to a Los Angeles suburb, where he was taken into custody around 2am with the assistance of a police dog. Texas officials supplied Los Angeles police with the fugitive’s GPS coordinates following his Instagram post.

The fugitive, aka Little Chris, is connected to the Bloods and is wanted on suspicion of murder, robbery, and a string of home invasions, the authorities said.

Read 2 remaining paragraphs | Comments

Without opioids, our collective life expectancies would be 2.5 mos longer

In a startling announcement, authorities in New York and New Jersey reported Monday that they had confiscated a whopping 122 kilograms (nearly 270 pounds) of opioids worth more than $30 million in a pair of recent busts. One of the seizures yielded 64 kilograms (more than 140 pounds) of the extremely potent fentanyl opioid. That batch alone is enough to provide lethal doses of opioids to 32 million people.

“The sheer volume of fentanyl pouring into the city is shocking. It’s not only killing a record number of people in New York City, but the city is used as a hub of regional distribution for a lethal substance that is taking thousands of lives throughout the Northeast,” Special Narcotics Prosecutor Bridget G. Brennan, said in a statement.

But it’s not only killing a record number of people in the Northeast, either—it’s killing nationwide. Between 2000 and 2015, opioid-related deaths in the country more than tripled. The Centers for Disease Control and Prevention reported that more than 33,000 people died of the highly addictive drugs in 2015.

Read 6 remaining paragraphs | Comments

“Potentially catastrophic” Hurricane Maria set to strike Puerto Rico

Only one Category 5 hurricane has ever made landfall on the island of Puerto Rico, an unincorporated territory of the United States. That was the 1928 Okeechobee hurricane that crossed the island with sustained winds of 160mph and caused more than 300 deaths on the island. Later, that storm would become the second-deadliest hurricane in the history of the continental United States, with 2,500 deaths in Florida.

Now, Hurricane Maria seems likely to become the second Category 5 to hit Puerto Rico. As of 5pm ET, the storm is intensifying, with 165mph sustained winds. Critically, the storm’s central pressure is also falling, and it is down to 916 millibars as of Tuesday evening. At that central pressure, Maria would rank among the 10 most-intense landfalling hurricanes in the Atlantic basin in the last 150 years.

In response to the threat to the US Virgin Islands and Puerto Rico, warnings from the National Hurricane Center have become increasingly dire during the last 48 hours. In a Tuesday evening public advisory, forecasters warned of Maria’s “potentially catastrophic” winds, rainfall, and storm surge. They urged that final preparations be rushed to completion.

Read 3 remaining paragraphs | Comments

The Pixel 2 XL price jumps $80, now starts at $849

Droid Life

Google is hard at work getting the Pixel 2 and Pixel 2 XL ready for its October 4 launch party. But, in the meantime, pricing and even more pictures of Google’s upcoming flagship smartphone have leaked.

Droid Life has the details on the Pixel 2 XL, which the report says is the phone’s official name. After Google’s shut down of the “value oriented” Nexus brand, the first Pixel phone was criticized for being a bit too expensive. For 2017, Google doesn’t seem too interested in addressing those complaints and is reportedly upping the price of the XL another $80—it will start at $849. There is, at least, a baseline of 64GB of storage, and you can jump up to a 128GB model for $949. There’s no SD card slot on the Pixels, so this is the only way to get more storage.

Read 5 remaining paragraphs | Comments