National Drive Electric Week wants to spread the gospel of EVs

National Drive Electric Week is right around the corner. Plug In America, the Electric Vehicle Association, environmental organization Sierra Club and Nissan (one of the main sponsors) are all backing the initiative, which aims to highlight the benefits of having an electric vehicle or plug-in hybrid. Between September 23rd and October 2nd, EV owners will show off their rides and chat to folks curious about making the switch at events across the US (some are taking place in Canada and Mexico as well). Many dealers are taking part too. 

The website has a list of dozens of events. You can see which ones are happening in your neck of the woods by punching in your zip code or city. Alternatively, you can see all the events on a map view. With many jurisdictions phasing out sales of new gas-powered cars in the coming years, it may not be a bad idea to have more clarity on EVs and what it’s like to own one sooner rather than later.

 

Google’s Pixel Buds Pro fall back to an all-time low at Amazon

If you missed the chance to grab Google’s Pixel Buds Pro when they went on sale in August, don’t worry: The tech giant is giving you another shot at buying the wireless earbuds at a discount. Google’s Pixel Buds Pro (in Charcoal and Lemongrass) are currently on sale for $175, or $25 less than their retail price. That’s the same price they were listed for the first time they went on sale, and that’s also a record low for the model on the website. Seeing as the earbuds only came out a couple of months ago — and they’re the first in the line with active noise cancellation (ANC) — that’s already a great deal if you’ve been thinking of getting them in the first place.

Buy Google Pixel Buds Pro at Amazon – $175

We gave the Pixel Buds Pro a score of 87 in our review, where we praised them for having reliable touch controls and a solid ANC. They use a six-core audio chip powered by Google’s algorithms for active noise cancellation, and they also have a feature called “Silent Seal” to ensure that they can keep as much ambient noise out as possible. This Silent Seal tool uses sensors to adapt the buds to your ear shape when ANC is on, thereby minimizing sound leaks, as well. 

We also praised the earbuds for delivering a pleasantly punchy bass. And if Volume EQ, which adapts tuning when you adjust loudness, is on, the bass stays punchy even in low volumes. Another thing we liked about the Pixel Buds Pro is that they support wireless charging unlike their predecessors, and they have a quick-charge feature that gives you an hour of ANC listening after just five minutes.

Bottom line, we found the Pixel Buds Pro to be Google’s best earbuds to date. They’re also the tech giant’s most expensive model to date, so you probably wouldn’t want to miss this chance to grab them at a lower price. 

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

 

The Morning After: The Apple Watch Series 8 is the new best smartwatch

Apple is rolling out no fewer than three new smartwatches – and we’ve already spent a week with two of ‘em. While we’re still waiting to put the priciest Watch Ultra through its paces, the $399 Watch Series 8 is now Apple’s best wearable. Crash detection and a new skin temperature sensor for ovulation tracking are the key updates. But dollar for dollar, the new $250 Watch SE seems like a steal. The main features you might miss if you get an SE instead of a Series 8 are the Always On Display (AOD), ECG reader, blood oxygen app and the new skin temperature sensor.

Engadget

If aesthetics are a priority, you may also find the SE’s thicker borders a little off-putting, but it has a larger screen than the last SE model. Both models are available now.

– Mat Smith

The biggest stories you might have missed

Alexa to provide branded answers to your pressing questions

‘Uncharted: Legacy of Thieves’ collection hits PCs on October 19th

‘Call of Duty: Warzone 2.0’ goes live on November 16th

Korg’s Drumlogue is an analog drum machine with a powerful digital engine

Adobe acquires collaborative design platform Figma for $20 billion

Apogee’s Boom audio interface does DSP on the cheap

Ethereum completes the ‘merge’ that will make its crypto transactions greener

It now uses ‘proof of stake’ to approve new transactions.

Ethereum tokens will no longer be minted by “proof-of-work” that uses powerful computers to solve cryptographic tasks. Instead, a new “proof-of-stake” method requires users, called validators, to stake tokens for the chance to approve transactions and earn a small reward. Before now, mining Ethereum (and most cryptocurrencies) demanded vast amounts of energy, and made Ethereum challenging to scale and costly for small transactions.

Continue reading.

Bose QuietComfort Earbuds II review

New tricks deliver improved noise cancellation and other upgrades.

As I wait on upgraded AirPods Pro, there might be another option: Bose has massively improvedhow much sound it can cancel on the QuietComfort Earbuds II, cutting out more everyday noise, including voices. According to Engadget’s Billy Steele, the sound quality is also markedly improved and smaller buds offer a more comfy fit (and less awkward look). At $299, however, they’re still pretty pricey.

Continue reading.

Amazon greenlights ‘Blade Runner 2099’ sequel series

Ridley Scott will serve as an executive producer.

Amazon

The long-teased Blade Runner sequel series is real. Variety confirms that Amazon has ordered production of a Blade Runner 2099 show for Prime Video, with original movie director Ridley Scott serving as an executive producer. The project could be another ambitious show for Amazon. The first season of The Lord of the Rings: The Rings of Power reportedly cost $465 million to make, but it set a Prime viewing record on its debut.

Continue reading.

Zoom suffered a major outage that may have canceled your video meetings

Oh no, not my Zoom video meetings…

Zoom is recovering from a major outage that prevented users from starting or joining meetings Thursday morning. The company didn’t yet have an explanation for the problem but said it had “identified” the cause and will continue to investigate the fault. However, Zoom managed to fix the issue before 12PM ET.

Continue reading.

‘Call of Duty: Warzone Mobile’ will bring 120-player matches to Android and iOS

‘Warzone’ is going mobile in 2023.

Call of Duty is doubling down on portable play with Warzone Mobile, a battle royale game heading to smartphones in 2023. The game will support a shared Battle Pass, social features and cross-progression with Modern Warfare II and Warzone 2.0, both of which are due out at the end of 2022. While the game is free, expect microtransactions. In-game purchases were part of Call of Duty: Mobile since its debut in 2019. The studio reportedly made more than $1.5 billion off Android and iOS players in less than three years.

Continue reading.

 

Apple’s MacBook Air M2 is $100 off right now

Apple’s MacBook Air M2 blends performance, battery life and a tiny size perhaps better than any previous model, but it’s also more expensive. If you’ve been waiting for a deal, now is a good time to act: The silver 256GB model is on sale at Amazon for $1,099, or $100 off the regular price — matching a deal we saw last month. 

Buy MacBook Air M2 (256GB) at Amazon – $1,100

The MacBook Air hit one of the best Engadget review scores ever for good reason. Apple went to a uniformly thin design with the MacBook Air M2, finally shedding the wedge shape that’s existed since Steve Jobs pulled one out of an envelope back in 2008. That makes it more balanced, but also thinner and lighter than ever at 11.3 millimeters and 2.7 pounds — less than an iPad Pro with its Smart Keyboard. 

Apple also managed to slightly increase the size of the 2,560 x 1,664 Liquid Retina screen to 13.6 inches by shrinking the size of the bezels, while nestling the webcam in a (slightly controversial) screen notch up top. It comes with improved speakers and a MagSafe power adapter, along with a pair of USB-C/Thunderbolt 3 ports with support for charging, displays, and data transfers up to 40Gb/s.

Engadget

The M2 processor significantly boosts performance over the Air M1, running nearly as quickly as the 13-inch MacBook Pro M2. It starts rapidly, loads apps quickly and offers snappy performance across the board. And you won’t need to sweat if you’re far from a power outlet, as it lasted up 16.5 hours in our testing — enough for a plane trip from LA to Sydney. 

Follow @EngadgetDeals on Twitter and subscribe to the Engadget Deals newsletter for the latest tech deals and buying advice.

 

Microsoft Teams has been storing authentication tokens in plaintext

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The flaw affects the desktop app for Windows, Mac and Linux built using Microsoft’s Electron framework. Microsoft is aware of the issue but said it has no plans for a fix anytime soon, since an exploit would also require network access.

According to Vectra, a hacker with local or remote system access could steal the credentials for any Teams user currently online, then impersonate them even when they’re offline. They could also pretend to be the user through apps associated with Teams, like Skype or Outlook, while bypassing the multifactor authentication (MFA) usually required. 

“This enables attackers to modify SharePoint files, Outlook mail and calendars, and Teams chat files,” Vectra security architect Connor Peoples wrote. “Even more damaging, attackers can tamper with legitimate communications within an organization by selectively destroying, exfiltrating, or engaging in targeted phishing attacks.”

Attackers can tamper with legitimate communications within an organization by selectively destroying, exfiltrating, or engaging in targeted phishing attacks.

Vectra created a proof-of-concept exploit that allowed them to send a message to the account of the credential holder via an access token. “Assuming full control of critical seats–like a company’s Head of Engineering, CEO, or CFO — attackers can convince users to perform tasks damaging to the organization.”  

The problem is mainly limited to the desktop app, because the Electron framework (that essentially creates a web app port) has “no additional security controls to protect cookie data,” unlike modern web browsers. As such, Vectra recommends not using the desktop app until a patch is created, and using the web application instead.

When informed by cybersecurity news site Dark Reading of the vulnerability, Microsoft said it “does not meet our bar for immediate servicing as it requires an attacker to first gain access to a target network,” adding that it would consider addressing it in a future product release. 

However, threat hunter John Bambenek told Dark Reading it could provide a secondary means for “lateral movement” in the event of a network breach. He also noted that Microsoft is moving toward Progressive Web Apps that “would mitigate many of the concerns currently brought by Electron.”

 

US border forces are seizing Americans’ phone data and storing it for 15 years

If a traveler’s phone, tablet or computer ever gets searched at an airport, American border authorities could add data from their device to a massive database that can be accessed by thousands of government officials. US Customs and Border Protection (CBP) leaders have admitted to lawmakers in a briefing that its officials are adding information to a database from as many as 10,000 devices every year, The Washington Post reports. 

Further, 2,700 CBP officers can access the database without a warrant and without having to record the purpose of their search. These details were revealed in a letter Senator Ron Wyden wrote to CBP Commissioner Chris Magnus, where the lawmaker also said that CBP keeps any information it takes from people’s devices for 15 years. 

In the letter, Wyden urged the commissioner to update CBP’s practices so that device searches at borders are focused on suspected criminals and security threats instead of allowing “indiscriminate rifling through Americans’ private records without suspicion of a crime.” Wyden said CBP takes sensitive information from people’s devices, including text messages, call logs, contact lists and even photos and other private information in some cases. 

While law enforcement agencies are typically required to secure a warrant if they want to access the contents of a phone or any other electronic device, border authorities are exempted from having to do the same. Wyden also pointed out that travelers searched at airports, seaports and border crossings aren’t informed of their rights before their devices are searched. And if they refuse to unlock their electronics, authorities could confiscate and keep them for five days.

As The Post notes, a CBP official previously went on record to say that the agency’s directive gives its officers the authority to scroll through any traveler’s device in a “basic search.” If they find any “reasonable suspicion” that a traveler is breaking the law or doing something that poses a threat to national security, they can run a more advanced search. That’s when they can plug in the traveler’s phone, tablet or PC to a device that copies their information, which is then stored in the Automated Targeting System database.

CBP director of office of field operations Aaron Bowker told the publication that the agency only copies people’s data when “absolutely necessary.” Bowker didn’t deny that the agency’s officers can access the database, though — he even said that the number was bigger than what CBP officials told Wyden. Five percent of CBP’s 60,000 personnel have access to the database, he said, which translates to 3,000 officers and not 2,700.

Wyden wrote in his letter:

“Innocent Americans should not be tricked into unlocking their phones and laptops. CBP should not dump data obtained through thousands of warrantless phone searches into a central database, retain the data for fifteen years, and allow thousands of DHS employees to search through Americans’ personal data whenever they want.”

Two years ago, the Senator also called for an investigation into the CBP’s use of commercially available location data to track people’s phones without a warrant. CBP had admitted back then that it spent $500,000 to access a commercial database containing “location data mined from applications on millions of Americans’ mobile phones.”

 

Uber says it’s investigating a ‘cybersecurity incident’

Uber was hacked, and it had to take its internal messaging service and engineering systems offline to investigate the incident, according to The New York Times. Sources who talked to the publication said employees were instructed not to go on Slack, where the bad actor had posted a message that read “I announce I am a hacker and Uber has suffered a data breach” (along with a bunch of emoji) before it was pulled offline. In a tweet confirming the breach, the company said that it’s currently responding to a cybersecurity incident and that it’s now in touch with law enforcement. 

We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.

— Uber Comms (@Uber_Comms) September 16, 2022

The company didn’t say what exactly the hacker was able to access and if user data was compromised. The Times says the hacker’s Slack message also listed databases they claim they were able to infiltrate, though. And based on screenshots seen by The Washington Post, the bad actor boasted about being able to gather internal code and messaging data. An Uber spokesperson explained that the bad actor was able to post on the company Slack after compromising a worker’s account. They then gained access to Uber’s other internal systems and posted an explicit photo on an internal page.

Bug bounty hunter and security researcher Sam Curry tweeted information reportedly from an Uber employee that could be about that explicit photo:

From an Uber employee:

Feel free to share but please don’t credit me: at Uber, we got an “URGENT” email from IT security saying to stop using Slack. Now anytime I request a website, I am taken to a REDACTED page with a pornographic image and the message “F*** you wankers.”

— Sam Curry (@samwcyo) September 16, 2022

Uber admitting the incident and getting in touch with authorities shortly after it happened is a massive departure from how it handled the data breach it suffered back in 2016. The company hid that attack for a year and instead of reporting the incident, it paid the hackers $100,000 to delete the information they stole. Former Uber security chief Joseph Sullivan was fired and eventually charged with obstruction of justice for the role he played in the coverup, though his lawyers argued that he was used as a scapegoat. Uber settled with the Justice Department for failing to disclose the breach in July this year.

 

A new California law will require social media platforms to add more ‘protections’ for children

California Governor Gavin Newsom has signed into law a new bill that could upend how social media platforms deal with underage users. The bill, known as AB 2273, “requires online platforms to consider the best interest of child users and to default to privacy and safety settings that protect children’s mental and physical health and wellbeing,” according to a press release from Newsom’s office.

The law, which won’t go into effect until July of 2024, is meant to place further restrictions on the type of data that platforms can collect from children. From Newsom’s press release: “AB 2273 prohibits companies that provide online services, products or features likely to be accessed by children from using a child’s personal information; collecting, selling, or retaining a child’s geolocation; profiling a child by default; and leading or encouraging children to provide personal information.”

However, it’s still not yet clear exactly what this will mean on a practical level for social media, games and other online platforms. And the bill has already faced sharp criticism from privacy advocates as well as the tech industry.

One criticism, backed by digital rights groups, is that requiring companies to identify child users could harm the privacy of everyone, not just kids. “The bill is so vaguely and broadly written that it will almost certainly lead to widespread use of invasive age verification techniques that subject children (and everyone else) to more surveillance while claiming to protect their privacy,” Fight For the Future wrote in a statement denouncing the bill. “Requiring age verification also makes it nearly impossible to use online services anonymously, which threatens freedom of expression, particularly for marginalized communities, human rights activists, whistleblowers, and journalists.”

Newsom’s office said in a statement that a “Children’s Data Protection Working Group” would write a report on “best practices” for implementing the law by January 2024.

The California law comes as pressure has mounted on social media companies to do more to protect the privacy and wellbeing of children who use their platforms. Lawmakers in the Senate have also proposed federal legislation that would increase data protections for younger users and President Joe Biden has said he supports banning online advertising that targets children.

 

FTC wants to protect gig workers from ‘unfair or deceptive’ algorithms

The Federal Trade Commission is making its own bid to protect gig workers against exploitation. The regulator has adopted a policy statement detailing how it will tackle gig workers’ problems. The FTC plans to step in when there are misrepresentations about pay, costs, benefits and work terms. Officials also expect to intervene with “unfair or deceptive” algorithms, harsh contracts and anti-competitive behavior such as wage fixing and monopoly-creating mergers.

The Commission said the classification of workers wouldn’t affect enforcement, so companies can’t avoid repercussions by classifying people as contractors instead of employees. Violators may have to pay fines and change their practices, and the FTC could partner with other government bodies (such as the Justice Department and National Labor Relations Board) to address issues.

There are gaps. It could be difficult for the FTC to prove algorithm-driven abuse, for instance, and it’s not clear which non-contractual “restraints” might hurt workers’ freedom of movement. However, this could still serve as a warning to gig companies that might hide steep operating costs, fight unionization efforts or collude with rivals to keep wages low.

The FTC isn’t alone in hoping to improve the lot of gig workers. A bipartisan measure in Congress, introduced to the House and Senate this February, is meant to provide portable benefits to gig workers. Last year, the Labor Department revoked a rule that made it harder to protect those workers’ labor rights. States and cities have also filed lawsuits and otherwise taken efforts to bolster working conditions. However, the FTC’s policy provides an extra, nationwide safeguard that might further discourage attempts to exploit the gig economy.

 

Amazon greenlights ‘Blade Runner 2099’ sequel series

The long-teased Blade Runner sequel series is real. Variety has confirmed Amazon has ordered production of Blade Runner 2099 for Prime Video. Original movie director Ridley Scott will serve as an executive producer alongside Silka Luisa (Halo and Shining Girls), who will also be the showrunner. The premise of 2099 isn’t yet clear beyond its setting 50 years after Blade Runner 2049, but Amazon’s global TV head Vernon Sanders claimed the follow-up would preserve the “intellect, themes, and spirit” of the movies.

The cast hasn’t been set at this stage, although it’s doubtful you’ll see familiar names given events in past movies and the timeline of the show. Amazon also hasn’t said when it expects to release the series.

The project could still be one of Amazon’s more ambitious shows to date. The company has been ramping up the production values of Prime Video productions in recent years, and that appears to have paid off — the first season of The Lord of the Rings: The Rings of Power reportedly cost $465 million to make, and set a Prime viewing record upon its debut. It wouldn’t be surprising if Amazon committed to a major investment (if not necessarily as large) for a recognizable franchise like Blade Runner, particularly with Scott involved.

 

Generated by Feedzy
Exit mobile version