Tech – Page 79

Oregon OKs right-to-repair bill that bans the blocking of aftermarket parts

Apple, Oregon, parts pairing, Policy, repair, right to repair, Tech / Kelly Newman / March 5, 2024

Right to repair —

Governor’s signature would stop software locks from impairing replacement parts.

Kevin Purdy – Mar 5, 2024 3: 57 pm UTC

iPhone battery being removed from an iPhone over a blue repair mat — Getty Images

Oregon has joined the small but growing list of states that have passed right-to-repair legislation. Oregon’s bill stands out for a provision that would prevent companies from requiring that official parts be unlocked with encrypted software checks before they will fully function.

Bill SB 1596 passed Oregon’s House by a 42 to 13 margin. Gov. Tina Kotek has five days to sign the bill into law. Consumer groups and right-to-repair advocates praised the bill as “the best bill yet,” while the bill’s chief sponsor, state Sen. Janeen Sollman (D), pointed to potential waste reductions and an improved second-hand market for closing a digital divide.

“Oregon improves on Right to Repair laws in California, Minnesota and New York by making sure that consumers have the choice of buying new parts, used parts, or third-party parts for the gadgets and gizmos,” said Gay Gordon-Byrne, executive director of Repair.org, in a statement.

Like bills passed in New York, California, and Minnesota, Oregon’s bill requires companies to offer the same parts, tools, and documentation to individual and independent repair shops that are already offered to authorized repair technicians.

Unlike other states’ bills, however, Oregon’s bill doesn’t demand a set number of years after device manufacture for such repair implements to be produced. That suggests companies could effectively close their repair channels entirely rather than comply with the new requirements. California’s bill mandated seven years of availability.

If signed, the law’s requirements for parts, tools, and documentation would apply to devices sold after 2015, except for phones, which are covered after July 2021. The prohibition against parts pairing only covers devices sold in 2025 and later. Like other repair bills, a number of device categories are exempted, including video game consoles, HVAC and medical gear, solar systems, vehicles, and, very specifically, “Electric toothbrushes.”

Apple had surprised many with its support for California’s repair bill. But the company, notable for its pairing requirements for certain repair parts, opposed Oregon’s repair bill. John Perry, a senior manager for secure design at Apple, testified at an Oregon hearing that the pairing restriction would “undermine the security, safety, and privacy of Oregonians by forcing device manufacturers to allow the use of parts of unknown origin in consumer devices.”

Perry also noted Apple’s improved repair workflow, which no longer requires online access or a phone call to pair parts. Apple devices will still issue notifications and warnings if an unauthorized screen or battery, for example, is installed in an iPhone.

Disclosure: Kevin Purdy previously worked for iFixit. He has no financial ties to the company.

Oregon OKs right-to-repair bill that bans the blocking of aftermarket parts Read More »

MacBook Airs get an M3 upgrade, while the M1 model is finally retired

Apple, Apple M3, Mac, MacBook Air, Tech / Kelly Newman / March 4, 2024

bout time —

M2 Air is the new $999 base model, M1 Air goes away after more than 3 years.

Andrew Cunningham – Mar 4, 2024 2: 52 pm UTC

Enlarge / Apple is refreshing the MacBook Air with M3 chips but leaving everything else about the 2022 redesign intact.

Apple

Apple has quietly refreshed its MacBook Air lineup, bringing new chips (and in some cases, new prices) to its most popular laptops. New 13- and 15-inch MacBook Airs include Apple’s latest-generation M3 chip, while the old M2 MacBook Air now replaces 2020’s M1 MacBook Air as Apple’s $999 entry-level laptop. The new 13- and 15-inch M3 systems start at $1,099 and $1,299; they can be ordered today and will be released on March 8.

The new Airs use the same design as the M2 versions. Compared to older M1 and late-Intel-era Airs, they have slightly larger displays with a prominent notch, a non-tapered but still thin-and-light chassis, larger trackpads, modestly refined keyboards, and a MagSafe port for charging.

All of the new Airs use the M3, with no options to upgrade to faster or more capable processors (frustratingly, this means the Air is still restricted to just a single external display). The $1,099 13-inch Air does use a slightly cut-down version of the chip with 8 GPU cores instead of 10, with the 10-core GPU available as a $100 upgrade; all 15-inch models use the fully enabled M3 with the 10-core GPU.

Aside from the M3 chip, the new laptops also support Wi-Fi 6E, and hardware-accelerated video decoding for the AV1 video codec. But other specs, including RAM and storage options, stay the same as before. Both laptops start with 8GB and 256GB or RAM and storage, respectively, and top out at 24GB and 2TB. Both Airs’ performance should generally be similar to the 14-inch M3 MacBook Pro that starts at $1,599, though the Pro has a cooling fan that may help it run heavy workloads a bit more quickly.

All versions of the M3 include four high-performance CPU cores and four high-efficiency CPU cores, the same as the M1 and M2, though Apple says that chip upgrades have made the M3 “up to 60 percent faster” than the M1. Performance upgrades compared to the M2 will be a bit milder.

The update gets the 13- and 15-inch Airs onto the same update schedule, though the timing is a bit awkward for the barely nine-month-old 15-inch M2 MacBook Air. That’s an even shorter life cycle than we saw with the M2 MacBook Pros that Apple replaced last November after just 11 months. But the 13-inch M2 MacBook Air originally came out in July of 2022 and was well overdue for an upgrade.

The only Macs without an M3 update are Apple’s desktops: the Mac mini, the Mac Studio, and the Mac Pro. Of these, the M2 Mac mini is the oldest, and Apple has already released the M3 and M3 Pro chips that would probably be used in a refresh. It’s possible that Apple is waiting to get the mini and the Studio models in sync with one another to prevent some of the awkward overlap that happened last year when the Mac mini got an M2 upgrade but the Studio still used M1 chips.

MacBook Airs get an M3 upgrade, while the M1 model is finally retired Read More »

I worked exclusively in Vision Pro for a week—here’s how it went

Apple, Features, Reviews, Tech, vision pro, visionOS / Kelly Newman / March 4, 2024

A close-up look at the Vision Pro from the front.

Samuel Axon
There are two displays inside the Vision Pro, one for each eye. Each offers just under 4K resolution.

Samuel Axon
This is the infamous battery pack. It’s about the size of an iPhone (but a little thicker), and it has a USB-C port for external power sources.

Samuel Axon
There are two buttons for the Vision Pro, both on the top.

Samuel Axon
You can see the front-facing cameras that handle passthrough video just above the downward-facing cameras that read your hand gestures here.

Samuel Axon
Apple offers several variations of the light seal to fit different face shapes.

Samuel Axon

You can get a lot of work done while wearing Apple’s Vision Pro and have fun doing it—but it’s not yet at the stage where most of us will want to fully embrace spatial computing as the new way of working.

I spent more than a week working almost exclusively in the Vision Pro. I carried on Slack conversations, dialed into Zoom video calls, edited Google Docs, wrote articles, and did everything else I do within my day-to-day responsibilities as an editor at Ars Technica.

Throughout the experience, I never stopped thinking about how cool it was, like I was a character in a cyberpunk novel. The Vision Pro opens some new ways of approaching day-to-day work that could appeal to folks with certain sensibilities, and it offers access to some amenities that someone who hasn’t already invested a lot into their home office setup might not already have.

At the same time, though, I never quite zeroed in on a specific application or use case that made me think my normal habit of working on a MacBook Pro with three external monitors would be replaced. If you don’t already have a setup like that—that is to say, if you’ve just been working on a laptop on its own—then the Vision Pro can add a lot of value.

I plan to explore more use cases in the future, like gaming, but this is the last major piece in a series of sub-reviews of the Vision Pro that I’ve done on various applications, like entertainment or as an on-the-go mobile device.

My goal has been to see if the Vision Pro’s myriad use cases add up to $3,500 of value for today’s computing enthusiast. Productivity is front and center in how Apple markets the device, so this is an important one. Let’s see how it holds up.

The basics

Outside the realm of entertainment, visionOS and its apps are mostly about flat windows floating in 3D space. There are very few apps that make use of the device’s 3D capabilities in new ways that are relevant to productivity.

There are two types of visionOS apps: spatial apps and “Compatible Apps.” The former are apps designed to take advantage of the Vision Pro’s spatial computing capabilities, whereas Compatible Apps are simply iPad apps that work just fine as flat windows within the visionOS environment.

Let's find out if the Vision Pro can be an adequate replacement for this, my usual work space. — Enlarge / Let’s find out if the Vision Pro can be an adequate replacement for this, my usual work space.

Samuel Axon

In either case, though, you’re usually just getting the ability to put windows around you. For example, I started out by sitting at my kitchen table and putting my writing app in front of me, Slack and my email app off to the side, and a browser window with a YouTube video playing on the other side. This felt a bit like using several large computer monitors, each with an app maximized. It’s cool, and the ability to shift between your real environment and fully immersive virtual ones can help with focus, especially if you do intensive creative work like writing.

If there’s one thing Apple has nailed better than any of its predecessors in the mixed reality space, it’s the interface. Wherever your eyes are looking, a UI element will glow to let you know it’s the item you’ll interact with if you click. Clicking is done by simply tapping two of your fingers together almost anywhere around your body; the headset has cameras all over, so you don’t have to hold your hands up or in front of you to do this. There are also simple pinching-and-moving gestures for scrolling or zooming.

I worked exclusively in Vision Pro for a week—here’s how it went Read More »

Huge funding round makes “Figure” Big Tech’s favorite humanoid robot company

AI, boston dynamics, Figure AI, Robots, Tech / Mike M. / March 2, 2024

They’ve got an aluminum CNC machine, and they aren’t afraid to use it —

Investors Microsoft, OpenAI, Nvidia, Jeff Bezos, and Intel value Figure at $2.6B.

Ron Amadeo – Mar 1, 2024 8: 16 pm UTC

Enlarge / The Figure 01 and a few spare parts. Obviously they are big fans of aluminum.

Figure

Humanoid robotics company Figure AI announced it raised $675 million in a funding round from an all-star cast of Big Tech investors. The company, which aims to commercialize a humanoid robot, now has a $2.6 billion valuation. Participants in the latest funding round include Microsoft, the OpenAI Startup Fund, Nvidia, Jeff Bezos’ Bezos Expeditions, Parkway Venture Capital, Intel Capital, Align Ventures, and ARK Invest. With all these big-name investors, Figure is officially Big Tech’s favorite humanoid robotics company. The manufacturing industry is taking notice, too. In January, Figure even announced a commercial agreement with BMW to have robots work on its production line.

“In conjunction with this investment,” the press release reads, “Figure and OpenAI have entered into a collaboration agreement to develop next generation AI models for humanoid robots, combining OpenAI’s research with Figure’s deep understanding of robotics hardware and software. The collaboration aims to help accelerate Figure’s commercial timeline by enhancing the capabilities of humanoid robots to process and reason from language.”

With all this hype and funding, the robot must be incredible, right? Well, the company is new and only unveiled its first humanoid “prototype,” the “Figure 01,” in October. At that time, the company said it represented about 12 months of work. With veterans from “Boston Dynamics, Tesla, Google DeepMind, and Archer Aviation,” the company has a strong starting point.

Ok, it’s time to pick up a box, so get out your oversized hands and grab hold.

Figure
Those extra-big hands seem to be the focus of the robot. They are just incredibly complex and look to be aiming at a 1:1 build of a human hand.

Figure
Just look at everything inside those fingers. It looks like there are tendons of some kind.

Figure
Not impressed with this “pooped your pants” walk cycle, which doesn’t really use the knees or ankles.

Figure
A lot of the hardware appears to be waiting for software to use it, like the screen that serves as the robot’s face. It only seems to run a screen saver.

Figure

The actual design of the robot appears to be solid aluminum and electrically actuated, aiming for an exact 1:1 match for a human. The website says the goal is a 5-foot 6-inch, 130-lb humanoid that can lift 44 pounds. That’s a very small form-over-function package to try and fit all these robot parts into. For alternative humanoid designs, you’ve got Boston Dynamics’ Atlas, which is more of a hulking beast thanks to the function-over-form design. There’s also the more purpose-built “Digit” from Agility Robotics, which has backward-bending bird legs for warehouse work, allowing it to bend down in front of a shelf without having to worry about the knees colliding with anything.

The best insight into the company’s progress is the official YouTube channel, which shows the Figure 01 robot doing a few tasks. The last video, from a few days ago, showed a robot doing a “fully autonomous” box-moving task at “16.7 percent” of normal human speed. For a bipedal robot, I have to say the walking is not impressive. Figure has a slow, timid shuffle that only lets it wobble forward at a snail’s pace. The walk cycle is almost entirely driven by the hips. The knees are bent the entire time and always out in front of the robot; the ankles barely move. It seems only to be able to walk in a straight line, and turning is a slow stop-and-spin-in-place motion that has the feet peddling in place the entire time. The feet seem to move at a constant up-and-down motion even when the robot isn’t moving forward, almost as if foot planning just runs on a set timer for balance. It can walk, but it walks about as slowly and awkwardly as a robot can. A lot of the hardware seems built for software that isn’t ready yet.

Figure seems more focused on the hands than anything. The 01 has giant oversized hands that are a close match for a human’s, with five fingers, all with three joints each. In January, Figure posted a video of the robot working a Keurig coffee maker. That means flipping up the lid with a fingertip, delicately picking up an easily crushable plastic cup with two fingers, dropping it into the coffee maker, casually pushing the lid down with about three different fingers, and pressing the “go” button with a single finger. It’s impressive to not destroy the coffee maker or the K-cup, but that Keurig is still living a rough life—a few of the robot interactions incidentally lift one side or the other of the coffee maker off the table thanks to way too much force.

For some very delicate hand work, here’s the Figure 01 making coffee. They went and sourced a silver Keurig machine so this image only contains two colors, black and silver.

Figure
Time to press the “go” button. Also is that a wrist-mounted lidar puck for vision? Occasionally, flashes of light shoot out of it in the video.

Figure
These hand close-ups are just incredible. I really do think they are tendon-actuated. You can also see all sorts of pads on the inside of the hand.

Figure
I love the ridiculous T-pose it assumes while it waits for coffee.

Figure

The video says the coffee task was performed via an “end-to-end neural network” using 10 hours of training time. Unlike walking, the hands really feel like they have a human influence when it comes to their movement. When the robot picks up the K-cup via a pinch of its thumb and index finger or goes to push a button, it also closes the other three fingers into a fist. There isn’t a real reason to move the three fingers that aren’t doing anything, but that’s what a human would do, so presumably, it’s in the training data. Closing the lid is interesting because I don’t think you could credit a single finger with the task—it’s just kind of a casual push using whatever fingers connect with the lid. The last clip of the video even shows the Figure 01 correcting a mistake—the K-cup doesn’t sit in the coffee maker correctly, and the robot recognizes this and can poke it around until it falls into place.

A lot of assembly line jobs are done at a station or sitting down, so the focus on hand dexterity makes sense. Boston Dynamics’ Atlas is way more impressive as a walking robot, but that’s also a multi-million dollar research bot that will never see the market. Figure’s goal, according to the press release, is to “bring humanoid robots into commercial operations as soon as possible.” The company openly posts a “master plan” on its website, which reads, “1) Build a feature-complete electromechanical humanoid. 2) Perform human-like manipulation. 3) Integrate humanoids into the labor force.” The robots are coming for our jobs.

Huge funding round makes “Figure” Big Tech’s favorite humanoid robot company Read More »

Apple changes course, will keep iPhone EU web apps how they are in iOS 17.4

Apple, apple home screen web apps, apple progressive web apps, EU, iOS, Tech, web apps / Mike M. / March 2, 2024

Digital Markets Act —

Alternative browsers can pin web apps, but they only run inside Apple’s WebKit.

Kevin Purdy – Mar 1, 2024 7: 54 pm UTC

Enlarge / EU legislation has pushed a number of changes previously thought unthinkable in Apple products, including USB-C ports in iPhones sold in Europe.

Getty Images

Apple has changed its stance on allowing web apps on iPhones and iPads in Europe and will continue to let users put them on their home screens after iOS 17.4 arrives. They will, however, have to be “built directly on WebKit and its security architecture,” rather than running in alternative browsers, which is how it had worked up until new legislation forced the issue.

After the European Union’s Digital Markets Act (DMA) demanded Apple open up its mobile devices to alternative browser engines, the company said it would remove the ability to install home screen web apps entirely. In a developer Q&A section, under the heading “Why don’t users in the EU have access to Home Screen web apps?”, Apple said that “the complex security and privacy concerns” of non-native web apps and what addressing them would require “given the other demands of the DMA and the very low user adoption of Home Screen web apps,” made it so that the company “had to remove the Home Screen web apps feature in the EU.” Any web app installed on a user’s home screen would have simply led them back to their preferred web browser.

Apple further warned against “malicious web apps,” which, without the isolation built into its WebKit system, could read data, steal permissions from other web apps, and install further web apps without permission, among other concerns.

That response prompted an inquiry by the European Commission officials, who asked Apple and app developers about the impact of a potential removal of home screen web apps. It also prompted a survey conducted by the Open Web Advocacy group. Apple has until March 6 to comply with the DMA. Apple’s move to block web apps entirely suggested that allowing web apps powered by Safari, but not other browser engines, might violate the DMA’s rules. Now, some aspect of that cautious approach has changed.

Under an updated version of that section heading, Apple reiterates its security and privacy concerns and the need to “build new integration architecture that does not currently exist in iOS.” But because of requests to continue web app offerings, “we will continue to offer the existing Home Screen capability in the EU,” Apple writes.

The long, weird road to where web apps are now

Apple has long offered web apps (or Progressive Web Apps) that opened as a separate application rather than in a browser tab. Web apps installed this way offer greater persistence and access to device features, like notifications, cameras, or file storage. Web apps were initially touted by Apple co-founder and then-CEO Steve Jobs as “everything you need” to write “amazing apps” rather than dedicated apps with their own SDK. Four months later, an iPhone SDK was announced, and Apple declared its enthusiastic desire for “native third-party applications on the iPhone.”

While Apple does not break out App Store revenues in its earning statements, its Services division recorded an all-time high of $22.3 billion in the company’s fourth quarter of 2023, including “all time revenue records” across the App Store and other offerings.

As part of its DMA compliance as a “gatekeeper” of certain systems, Apple must also allow for sideloading for EU customers, or allowing the installation of iOS apps from stores other than its own official App Store. This week, more than two dozen companies signed a letter to the Commission lamenting Apple’s implementation of App Store rules. Developers seeking to utilize alternative app stores will have to agree to terms that include a “Core Technology Fee,” demanding a 0.50 euro fee for each app, each year, after 1 million downloads. “Few app developers will agree to these unjust terms,” the letter claims, and will thereby further “Apple’s exploitation of its dominance over app developers.”

In a statement provided to Ars, Apple said that its “approach to the Digital Markets Act was guided by two simple goals: complying with the law and reducing the inevitable, increased risks the DMA creates for our EU users.” It noted that Apple employees “spent months in conversation with the European Commission,” and had “in little more than a year, created more than 600 new APIs and a wide range of developer tools.” Still, Apple said, the changes and safeguards it put in place can’t entirely “eliminate new threats the DMA creates,” and the changes “will result in a less secure system.”

That is why, Apple said, it is limiting third-party browser engines, app stores, and other DMA changes to the European Union. “[W]e’re concerned about their impacts on the privacy and security of our users’ experience—which remains our North Star.”

Apple changes course, will keep iPhone EU web apps how they are in iOS 17.4 Read More »

HP wants you to pay up to $36/month to rent a printer that it monitors

Biz & IT, HP, printers, subscriptions, Tech / DJ Henderson / March 1, 2024

HP Envy 6020e printer — Enlarge / The HP Envy 6020e is one of the printers available for rent.

HP launched a subscription service today that rents people a printer, allots them a specific amount of printed pages, and sends them ink for a monthly fee. HP is framing its service as a way to simplify printing for families and small businesses, but the deal also comes with monitoring and a years-long commitment.

Prices range from $6.99 per month for a plan that includes an HP Envy printer (the current model is the 6020e) and 20 printed pages. The priciest plan includes an HP OfficeJet Pro rental and 700 printed pages for $35.99 per month.

HP says it will provide subscribers with ink deliveries when they’re running low and 24/7 support via phone or chat (although it’s dubious how much you want to rely on HP support). Support doesn’t include on or offsite repairs or part replacements. The subscription’s terms of service (TOS) note that the service doesn’t cover damage or failure caused by, unsurprisingly, “use of non-HP media supplies and other products” or if you use your printer more than what your plan calls for.

HP is watching

HP calls this an All-In-Plan; if you subscribe, the tech company will be all in on your printing activities.

One of the most perturbing aspects of the subscription plan is that it requires subscribers to keep their printers connected to the Internet. In general, some users avoid connecting their printer to the Internet because it’s the type of device that functions fine without web access.

A web connection can also concern users about security or HP-issued firmware updates that make printers stop functioning with non-HP ink.

But HP enforces an Internet connection by having its TOS also state that HP may disrupt the service—and continue to charge you for it—if your printer’s not online.

HP says it enforces a constant connection so that the company can monitor things that make sense for the subscription, like ink cartridge statuses, page count, and “to prevent unauthorized use of Your account.” However, HP will also remotely monitor the type of documents (for example, a PDF or JPEG) printed, the devices and software used to initiate the print job, “peripheral devices,” and any other “metrics” that HP thinks are related to the subscription and decides to add to its remote monitoring.

The All-In-Plan privacy policy also says that HP may “transfer information about you to advertising partners” so that they can “recognize your devices,” perform targeted advertising, and, potentially, “combine information about you with information from other companies in data sharing cooperatives” that HP participates in. The policy says that users can opt out of sharing personal data.

The All-In-Plan TOS reads:

Subject to the terms of this Agreement, You hereby grant to HP a non-exclusive, worldwide, royalty-free right to use, copy, store, transmit, modify, create derivative works of and display Your non-personal data for its business purposes.

HP wants you to pay up to $36/month to rent a printer that it monitors Read More »

$30 doorbell cameras have multiple serious security flaws, says Consumer Reports

Amazon, doorbell camera, doorbell cameras, eken, Security, Tech, tuck, video doorbell, walmart / Shannon Garcia / February 29, 2024

Video doorbell security —

Models still widely available on e-commerce sites after issues reported.

Kevin Purdy – Feb 29, 2024 11: 00 am UTC

Image showing a delivery person saying — Enlarge / Consumer Reports’ investigation suggests that, should this delivery person press and hold the bell button and then pair using Eken’s app, he could see if other delivery people get such a perfunctory response.

Eken

Video doorbell cameras have been commoditized to the point where they’re available for $30–$40 on marketplaces like Amazon, Walmart, Temu, and Shein. The true cost of owning one might be much greater, however.

Consumer Reports (CR) has released the findings of a security investigation into two budget-minded doorbell brands, Eken and Tuck, which are largely the same hardware produced by the Eken Group in China, according to CR. The cameras are further resold under at least 10 more brands. The cameras are set up through a common mobile app, Aiwit. And the cameras share something else, CR claims: “troubling security vulnerabilities.”

The pairing procedure for one of Eken's doorbell cameras, which allows a malicious actor quite a bit of leeway. — Enlarge / The pairing procedure for one of Eken’s doorbell cameras, which allows a malicious actor quite a bit of leeway.

Eken

Among the camera’s vulnerabilities cited by CR:

Sending public IP addresses and Wi-Fi SSIDs (names) over the Internet without encryption
Takeover of the cameras by putting them into pairing mode (which you can do from a front-facing button on some models) and connecting through the Aiwit app
Access to still images from the video feed and other information by knowing the camera’s serial number.

CR also noted that Eken cameras lacked an FCC registration code. More than 4,200 were sold in January 2024, according to CR, and often held an Amazon “Overall Pick” label (as one model did when an Ars writer looked on Wednesday).

“These video doorbells from little known manufacturers have serious security and privacy vulnerabilities, and now they’ve found their way onto major digital marketplaces such as Amazon and Walmart,” said Justin Brookman, director of tech policy at Consumer Reports, in a statement. “Both the manufacturers and platforms that sell the doorbells have a responsibility to ensure that these products are not putting consumers in harm’s way.”

CR noted that it contacted vendors where it found the doorbells for sale. Temu told CR that it would halt sales of the doorbells, but “similar-looking if not identical doorbells remained on the site,” CR noted.

A Walmart representative told Ars that all cameras mentioned by Consumer Reports, sold by third parties, have been removed from Walmart by now. The representative added that customers may be eligible for refunds and that Walmart prohibits the selling of devices that require an FCC ID and lack one.

Ars contacted Amazon for comment and will update this post with new information. An email sent to the sole address that could be found on Eken’s website was returned undeliverable. The company’s social media accounts were last updated at least three years prior.

Consumer Reports' researchers claim to have found JPEG file references passed in plaintext over the network, which could later be viewed without authentication in a browser. — Consumer Reports’ researchers claim to have found JPEG file references passed in plaintext over the network, which could later be viewed without authentication in a browser.

Consumer Reports

CR issued vulnerability disclosures to Eken and Tuck regarding its findings. The disclosures note the amount of data that is sent over the network without authentication, including JPEG files, the local SSID, and external IP address. It notes that after a malicious user has re-paired a doorbell with a QR code generated by the Aiwit app, they have complete control over the device until a user sees an email from Eken and reclaims the doorbell.

With a few exceptions, video doorbells and other IoT cameras tend to rely on cloud connections to stream and store footage, as well as notify their owners about events. This has led to some notable privacy and security concerns. Ring doorbells were found to be pushing Wi-Fi credentials in plaintext in late 2019. Eufy, a company that marketed its “No clouds” offerings, was found to be uploading facial thumbnails to cloud servers to send push alerts and later apologized for that and other vulnerabilities. Camera provider Wyze recently disclosed that, for the second time in five months, images and video feeds were accidentally available to the wrong customers following a lengthy outage.

Listing image by Amazon/Eken

$30 doorbell cameras have multiple serious security flaws, says Consumer Reports Read More »

Speedy “SD Express” cards have gone nowhere for years, but Samsung could change that

microSD, samsung, Tech / Shannon Garcia / February 29, 2024

fast, but for whom? —

Compatibility issues and thermals have, so far, kept SD Express from taking off.

Andrew Cunningham – Feb 28, 2024 10: 58 pm UTC

Samsung's SD Express-compatible microSD cards. — Enlarge / Samsung’s SD Express-compatible microSD cards.

Samsung

Big news for people who like (physically) small storage: Samsung says that it is sampling its first microSD cards that support the SD Express standard, which will allow them to hit sustained read speeds of as much as 800MB per second. That’s a pretty substantial boost over current SD cards, which tend to top out around 80MB or 90MB per second (for cheap commodity cards) and around 250MB per second for the very fastest UHS-II-compatible professional cards.

As Samsung points out, that 800MB/s figure puts these tiny SD Express cards well above the speeds possible with older SATA SSDs, which could make these cards more useful as primary storage devices for PCs or single-board computers that can support the SD Express standard (more on that later).

Samsung is currently sampling a 256GB version of the SD Express card that “will be available for purchase later this year.”

Because this is a tech company announcement in 2024, Samsung also makes an obligatory mention of AI, though there’s absolutely nothing specific the cards are doing to make them particularly well-suited for generative AI tasks other than “be faster.” Adding extra storage to phones or PCs could be useful for on-device generative AI—storing larger language models locally, for example—but most software companies that are offering generative AI features in their OSes or browsers are mostly using server-side processing to do all the heavy lifting for now.

What’s the SD Express standard, again?

The SD Express standard allows SD cards to take advantage of a single lane’s worth of PCIe bandwidth, boosting their theoretical speeds well beyond the 104MB/s cap of the UHS-I standard or the 312MB/s cap of UHS-II (UHS-III exists but isn’t widely used). The SD Express spec was last updated back in October 2023, which bumped it up from PCIe 3.0 to 4.0; it also defines four speed classes with read/write speeds of between 150MB and 600MB per second—a target these Samsung cards claim to be able to surpass.

But the original version of SD Express goes back to mid-2018, when it was added to version 7.0 of the SD specification. And adoption from SD card makers and device makers has been slow to nonexistent so far; AData makes full-size SD Express cards in 256GB and 512GB capacities that you can buy, but that’s about it. Lexar announced some cards back in 2021 that never ended up being released. And even if you had a card, you’d have trouble finding devices that could actually take advantage of the higher speeds, since most cameras, phones, and computers have opted to stick with the more common UHS.

One issue blocking SD Express adoption is that the card and the device have to support SD Express to get the promised speeds; an SD Express card inserted into a regular run-of-the-mill UHS-I SD card slot will be limited to UHS-I speeds. And because both the slots and the cards are visually identical, it’s not always easy to tell which slots support specific speeds.

Heat may also be a major limiting factor when using these SD Express cards to move around hundreds of gigabytes’ worth of data or when using the SD card as the primary storage device in a computer (as you might in a Raspberry Pi or other single-board computers). There’s no room for this kind of thing within the confines of a microSD card slot, so the sustained read and write speeds of Samsung’s new cards could be a bit lower than the promised 800MB-per-second maximum.

The SD Express spec does have mechanisms for keeping thermals in a reasonable range. Samsung also mentions a “Dynamic Thermal Guard” technology that promises to manage the temperatures of its SD Express cards, though it’s not clear whether this is different from what’s already in the SD Express spec.

Samsung jumping into SD Express cards may be what the format needs to take off, or at least to become a viable niche within the wider market for external storage. It’s certainly not difficult to imagine a scenario where something with SSD-ish speeds in an SD card-sized package would be useful. But SD cards are mainly useful because they’re cheap, they’re widely compatible, and they’re fast enough for things like recording video, taking pictures, and loading games. SD Express cards have a long way to go before they can check all the same boxes.

Speedy “SD Express” cards have gone nowhere for years, but Samsung could change that Read More »

Paramount ends Warner Bros. Discovery merger talks, continues mulling sell-off

max, paramount, streaming, Tech, warner bros. discovery / Shannon Garcia / February 29, 2024

Max and Paramount+ staying separate —

Report: Paramount still contemplating selling to Skydance Media.

Scharon Harding – Feb 28, 2024 9: 14 pm UTC

Warner Bros. Discovery (WBD) and Paramount Global are no longer considering a merger that would have put the Max and Paramount+ streaming services under one corporate umbrella. Per a CNBC report today citing anonymous “people familiar with the matter,” WBD and Paramount had been mulling a merger for “several months.”

In December, reports started swirling about WBD and Paramount discussing a potential merger. Axios even reported that WBD CEO David Zaslav and Paramount CEO Bob Bakish met in person for “several hours” and that Zaslav also met with Shari Redstone, the owner of National Amusements Inc. (NAI), Paramount’s parent company. Now, CNBC reports that discussions between the media giants “cooled off this month.” Paramount and WBD haven’t commented.

When news of the potential merger dropped, it was unclear what sort of regulatory hurdles the media conglomerates might have faced if they tried becoming one. Combined, the companies would have had the second-biggest streaming business by subscriber count, trailing Netflix.

Debt was also a huge concern. Paramount is $14.6 billion in debt, per its earnings report shared today. WBD was $40 billion in debt at the time of merger talks but said it was eyeing a profitable streaming business. WBD is still in debt currently but reported this month that its streaming business became profitable, making $103 million for the year. Max’s most recent subscriber count is 97.7 million compared to 67.5 million for Paramount+.

Merging with Paramount would have meant WBD added another company with struggling legacy media assets to its portfolio. It also would have meant buying a streaming service that has yet to turn a profit as of this writing. Paramount’s streaming business lost $1.66 billion in 2023, it reported today.

Merger still possible

Although things with WBD reportedly didn’t work out, Paramount is still seriously considering a merger. CNBC reported that the company formed a committee and hired a financial adviser focused on analyzing potential bids for all or parts of the company.

Suitors recently tied to Paramount include Byron Allen and, reportedly, Skydance Media. The David Ellison-owned company is “still performing due diligence on a potential transaction,” CNBC said today, citing two of its anonymous sources. In January, Bloomberg reported that Skydance made an all-cash offer for NAI.

Paramount could also try to bundle its services with another company’s, which could attract subscribers to Paramount+ and help Paramount save money. It has already considered bundling Paramount+ with Comcast’s Peacock through a partnership or joint venture, The Wall Street Journal (WSJ) reported earlier this month. But Comcast doesn’t want to buy Paramount, per one of CNBC’s anonymous sources from today’s report.

Some streaming rivals to Paramount+ are already bundled together (such as Disney’s Disney+ and Hulu) and exploring joint ventures. As streaming services race to achieve the sort of profitability that Netflix has, big strategic moves, such as mergers, partnerships, and price hikes, are expected soon. Meanwhile, subscribers remain worried about potential fallout, which could result in monopolistic practices that limit consumer options.

This article was updated to include information from Paramount’s latest earnings report.

Paramount ends Warner Bros. Discovery merger talks, continues mulling sell-off Read More »

The Xiaomi 14 Ultra sports a six-blade mechanical iris in the camera

Tech, Xiaomi / Shannon Garcia / February 29, 2024

Have you considered just making the lens bigger —

Xiaomi’s top-tier smartphone is dressed up with lots of “real camera” theatrics.

Ron Amadeo – Feb 28, 2024 7: 53 pm UTC

The Xiaomi 14 Ultra.

Xiaomi
The phone desperately wants to look like a real camera, with a faux-leather wrapping and big circular camera block.

Xiaomi
The camera bump sticks out a lot.

Xiaomi
The screen is curved all over, and raised above the aluminum sides.

Xiaomi
Another look at the screen. All the glass is way above the aluminum sides, so don’t drop it!

Xiaomi
The cooling system.

Xiaomi
An interior view.

Xiaomi

Xiaomi’s big Mobile World Congress launch is the Xiaomi 14 Ultra. This is a top-tier flagship that of course is not coming to the US but is available in Europe for a whopping 1,499 euros ($1,624).

Let’s get the specs out of the way: This has a 120 Hz, 3200×1440 OLED, a Snapdragon 8 Gen 3 SoC, 16GB of RAM, 512GB of storage, and a 5000 mAh battery. A proprietary 90 W wired “HyperCharge” will get the phone from 0–100 percent battery in 33 minutes, while a wireless 80 W version will charge the phone in 46 minutes.

Xiaomi is very proud that all four sides of the screen are curved. The whole screen kind of rises up and bubbles out from the aluminum body. Xiaomi says the glass has “deep bending around all four sides and corners, creating a seamlessly elegant curved form.” All images, videos, websites, and apps expect to display on a flat surface, so curved displays serve to distort the picture you’re looking at, and thankfully some manufacturers have started to drop the idea. Having the display be a big glass bubble also means you now have four glass corners on the front of the phone, so uh, don’t drop it!

Just like the Xiaomi 13 Ultra, the whole back design mimics a classic leather-wrapped 35 mm camera—the camera is “Leica” branded, after all. The back is “vegan leather,” aka specially treated plastic (hey, some of those old cameras used fake leather, too!), and the camera lens is a giant circle faintly evoking a normal camera lens.

The camera kit gives you a case and a side grip with all sorts of traditional camera buttons.
Putting on the grip.

Xiaomi
Inside the grip.

Xiaomi

The photography focus features the return of the “Professional Camera Kit,” which makes the phone look even more like a real camera. The kit has two parts; the first is a case that adds a mounting ring around the camera bump, so you can attach a lens cover or camera filter to the camera bump. The other half of the kit is a clip-on camera grip attachment, which adds both a 1500 mAh battery and physical camera controls, like a two-stage shutter button that can trigger auto-focus, a record button, a two-way zoom lever, and a customizable dial. Just like last year, this makes the phone look like a more serious camera, but it’s all just looks—what makes a traditional camera good is the significantly bigger camera lens, and this is still just a regular, very small smartphone camera lens.

The camera theatrics continue with the new six-blade variable aperture for the main camera. Just like a traditional camera, there is a very tiny six-blade mechanical iris in the main lens that can open and close to adjust the aperture of your photo. Last year, Xiaomi had a similar system, but it only used two blades and could only snap between the “blades open” f1.9 mode and the “closed blades” f4.0 mode. With six blades, you get a “stepless variable aperture” that lets you pick any spot in the phone’s f-stop range.

The Xiaomi 14 Ultra’s six-blade iris sure does look neat.

Xiaomi
A side view.

Xiaomi
An explode view.

Xiaomi

This is still a tiny phone camera lens, though, so the f-stop range is very small, just f1.63 to f4.0. On a DSLR, adjusting the f-stop would change the camera’s depth of field, with a narrower aperture letting in less light in exchange for a crisp focus. A wider aperture would give brighter pictures with a smaller focal range, which you can use for blurry background bokeh effects. That’s all on a DSLR though, with a normal f-stop range of like F1.4 to F22. On a smartphone camera, especially when there is tons of software processing, f1.6 to f4 won’t change your images much. Any background blur is still a fake post-processing effect, and it’s hard to imagine a scenario where you wouldn’t just want as much light as possible for your tiny smartphone lens. Samsung tried all this before on the Galaxy S9 and S10 and then dropped the feature because it just wasn’t accomplishing much. The six-blade aperture is probably a triumph of micro-engineering, but in the real world, it’s more of a marketing bullet point.

Despite the fluff, the Xiaomi 14 Ultra is still packing serious smartphone-level camera hardware. The main sensor is a 1-inch, 50MP Sony LYT-900, probably the biggest and best smartphone camera sensor out there. Smartphone pictures are so heavily processed that the software has just as much to do with the hardware (see: every Pixel phone), but Xiaomi did get the best hardware. The other three rear cameras are all 50 MP Sony IMX858 sensors, with lenses for wide-angle, 3.2x telephoto, and 5x telephoto.

Preorders are already open, and the phone will ship on March 15.

The Xiaomi 14 Ultra sports a six-blade mechanical iris in the camera Read More »

Review: AMD Radeon RX 7900 GRE GPU doesn’t quite earn its “7900” label

AMD, amd radeon, gaming, GeForce, GPU, NVIDIA, Radeon, Tech / DJ Henderson / February 28, 2024

rabbit season —

New $549 graphics card is the more logical successor to the RX 6800 XT.

Andrew Cunningham – Feb 28, 2024 12: 00 pm UTC

ASRock's take on AMD's Radeon RX 7900 GRE. — Enlarge / ASRock’s take on AMD’s Radeon RX 7900 GRE.

Andrew Cunningham

In July 2023, AMD released a new GPU called the “Radeon RX 7900 GRE” in China. GRE stands for “Golden Rabbit Edition,” a reference to the Chinese zodiac, and while the card was available outside of China in a handful of pre-built OEM systems, AMD didn’t make it widely available at retail.

That changes today—AMD is launching the RX 7900 GRE at US retail for a suggested starting price of $549. This throws it right into the middle of the busy upper-mid-range graphics card market, where it will compete with Nvidia’s $549 RTX 4070 and the $599 RTX 4070 Super, as well as AMD’s own $500 Radeon RX 7800 XT.

We’ve run our typical set of GPU tests on the 7900 GRE to see how it stacks up to the cards AMD and Nvidia are already offering. Is it worth buying a new card relatively late in this GPU generation, when rumors point to new next-gen GPUs from Nvidia, AMD, and Intel before the end of the year? Can the “Golden Rabbit Edition” still offer a good value, even though it’s currently the year of the dragon?

Meet the 7900 GRE

	RX 7900 XT	RX 7900 GRE	RX 7800 XT	RX 6800 XT	RX 6800	RX 7700 XT	RX 6700 XT	RX 6750 XT
Compute units (Stream processors)	84 (5,376)	80 (5,120)	60 (3,840)	72 (4,608)	60 (3,840)	54 (3,456)	40 (2,560)	40 (2,560)
Boost Clock	2,400 MHz	2,245 MHz	2,430 MHz	2,250 MHz	2,105 MHz	2,544 MHz	2,581 MHz	2,600 MHz
Memory Bus Width	320-bit	256-bit	256-bit	256-bit	256-bit	192-bit	192-bit	192-bit
Memory Clock	2,500 MHz	2,250 MHz	2,438 MHz	2,000 MHz	2,000 MHz	2,250 MHz	2,000 MHz	2,250 MHz
Memory size	20GB GDDR6	16GB GDDR6	16GB GDDR6	16GB GDDR6	16GB GDDR6	12GB GDDR6	12GB GDDR6	12GB GDDR6
Total board power (TBP)	315 W	260 W	263 W	300 W	250 W	245 W	230 W	250 W

The 7900 GRE slots into AMD’s existing lineup above the RX 7800 XT (currently $500-ish) and below the RX 7900 (around $750). Technologically, we’re looking at the same Navi 31 GPU silicon as the 7900 XT and XTX, but with just 80 of the compute units enabled, down from 84 and 96, respectively. The normal benefits of the RDNA3 graphics architecture apply, including hardware-accelerated AV1 video encoding and DisplayPort 2.1 support.

The 7900 GRE also includes four active memory controller die (MCD) chiplets, giving it a narrower 256-bit memory bus and 16GB of memory instead of 20GB—still plenty for modern games, though possibly not quite as future-proof as the 7900 XT. The card uses significantly less power than the 7900 XT and about the same amount as the 7800 XT. That feels a bit weird, intuitively, since slower cards almost always consume less power than faster ones. But it does make some sense; pushing the 7800 XT’s smaller Navi 32 GPU to get higher clock speeds out of it is probably making it run a bit less efficiently than a larger Navi 31 GPU die that isn’t being pushed as hard.

Andrew Cunningham
Andrew Cunningham
Andrew Cunningham

When we reviewed the 7800 XT last year, we noted that its hardware configuration and performance made it seem more like a successor to the (non-XT) Radeon RX 6800, while it just barely managed to match or beat the 6800 XT in our tests. Same deal with the 7900 GRE, which is a more logical successor to the 6800 XT. Bear that in mind when doing generation-over-generation comparisons.

Review: AMD Radeon RX 7900 GRE GPU doesn’t quite earn its “7900” label Read More »

After a decade of stops and starts, Apple kills its electric car project

AI, Apple, car, Cars, John Giannandrea, Project Titan, Tech / DJ Henderson / February 28, 2024

Project Titan —

Report claims Apple leadership worried profit margins simply wouldn’t be there.

Samuel Axon – Feb 27, 2024 9: 28 pm UTC

An enormous ring-shaped building on a green campus. — Enlarge / Apple’s global headquarters in Cupertino, California.

After 10 years of development, multiple changes in direction and leadership, and a plethora of leaks, Apple has reportedly ended work on its electric car project. According to a report in Bloomberg, the company is shifting some of the staff to work on generative AI projects within the company and planning layoffs for some others.

Internally dubbed Project Titan, the long-in-development car would have ideally had a luxurious, limo-like interior, robust self-driving capabilities, and at least a $100,000 price tag. However, the ambition of the project was drawn down with time. For example, it was once planned to have Level 4 self-driving capabilities, but that was scaled back to Level 2+.

Delays had pushed the car (on which work initially began way back in 2014) to a target release date of 2028. Now it won’t be released at all.

The decision was “finalized by Apple’s most senior executives in recent weeks,” according to Bloomberg’s sources. Apple’s leadership worried that the car might never find the profit margins they previously hoped for. This development won’t surprise many who have been following closely, though. The project has been known to be troubled for a while, and Apple would have had to face high startup costs and a difficult regulatory environment even had it been able to get a product together.

The shift in focus was announced to staff by Apple executives Jeff Williams and Kevin Lynch. Many employees who were working on the self-driving feature of the car will be moved under AI chief John Giannandrea to work on various projects, including generative AI. However, the fates of others who worked on other aspects of the car, like automobile engineering and design, are less certain. The report says layoffs are likely but doesn’t specify how many or on what timeline.

For a long time, it was known that Apple was investing in two major expansions: one into the automobile space and one into augmented reality. The first step in the latter was rolled out in the form of the Vision Pro headset a few weeks ago. With the car project canceled, Apple’s known areas of planned future expansion include mixed reality, wearables, and generative AI.

After a decade of stops and starts, Apple kills its electric car project Read More »