NASA selects SpaceX as its sole provider for a lunar lander

https://arstechnica.com/?p=1757498

Rendering of SpaceX's Starship vehicle on the surface of the Moon.

Enlarge / Rendering of SpaceX's Starship vehicle on the surface of the Moon. (credit: NASA)

In an extraordinary announcement on Friday, NASA said that it has selected SpaceX and its Starship vehicle to serve as the lunar lander for its Artemis Program. This is NASA's plan to return humans to the Moon later this decade.

About a year ago, NASA gave initial study and preliminary development contracts for Moon landers to SpaceX, Dynetics, and a team of aerospace heavyweights led by Blue Origin. The cost of SpaceX's bid was about half that of Dynetics, and one-fourth the amount received by Blue Origin. That frugality, at least in part, led NASA on Friday to choose SpaceX as the sole provider of landing services during the down-select phase.

"We looked at what’s the best value to the government," said Kathy Lueders, chief of the human exploration program for NASA, during a teleconference with reporters on Friday.

Read 12 remaining paragraphs | Comments

21.5-inch iMac supply dwindles amid chip shortages, possible refresh

https://arstechnica.com/?p=1757570

  • The front of the 2020 27-inch iMac. [credit: Samuel Axon ]

Apple's low-end, 21.5-inch iMac appears to be in short supply at Apple Stores and in Apple's online storefront in the United States. The shortage could be a hint of an imminent change to the iMac lineup just a few days before Apple hosts a product launch event on April 20.

In particular, the cheapest, 1080p iMac (the rest of the 21.5-inch models have 4K displays) is seeing ship dates slipping back several days into late April or early May, which is usually a sign of low supply. This Mac in particular is also increasingly unavailable for pickup at physical Apple Stores around the US.

Meanwhile, the more expensive 27-inch iMac is shipping within a normal window, and it is showing as available at more retail stores.

Read 7 remaining paragraphs | Comments

Backdoored developer tool that stole credentials escaped notice for 3 months

https://arstechnica.com/?p=1757515

Backdoored developer tool that stole credentials escaped notice for 3 months

Enlarge (credit: Getty Images)

A publicly available software development tool contained malicious code that stole the authentication credentials that apps need to access sensitive resources. It's the latest revelation of a supply chain attack that has the potential to backdoor the networks of countless organizations.

The Codecov bash uploader contained the backdoor from late January to the beginning of April, developers of the tool said on Thursday. The backdoor caused developer computers to send secret authentication tokens and other sensitive data to a remote site controlled by the hackers. The uploader works with development platforms including Github Actions, CircleCI, and Bitrise Step, all of which support having such secret authentication tokens in the development environment.

A pile of AWS and other cloud credentials

The Codecov bash uploader performs what is known as code coverage for large-scale software development projects. It allows developers to send coverage reports that, among other things, determine how much of a codebase has been tested by internal test scripts. Some development projects integrate Codecov and similar third-party services into their platforms, where there is free access to sensitive credentials that can be used to steal or modify source code.

Read 19 remaining paragraphs | Comments

Arkansas House passes unconstitutional bill putting creationism in schools

https://arstechnica.com/?p=1757514

Image of a large, neoclassical building.

Enlarge / The Arkansas state capitol. (credit: Daniel Schwen)

Last week, the Arkansas state House of Representatives passed a bill that would amend state education law to allow teachers in public schools to teach creationism as "a theory of how the earth came to exist." As it stands, the act promotes blatantly unconstitutional behavior as made clear by a precedent set in a 1982 case involving the Arkansas Board of Education. Despite that, the bill passed 72-21, and it already has a sponsor in the state Senate.

The body of the bill is mercifully short, consisting of two sentence-long amendments to the existing Arkansas code:

A teacher of a kindergarten through grade twelve (K-12) science class at a public school or open-enrollment public charter school may teach creationism as a theory of how the earth came to exist.

This section is permissive and does not require a teacher to teach creationism as a theory of the earth came to exist.

But those two sentences are enough to land teachers and their local school system in a world of trouble, in that the permission given runs afoul of a lot of legal precedent. In a key case that involved Arkansas itself, McLean V. Arkansas Board of Education, a group of plaintiffs banded together to challenge a state law that mandated the teaching of "creation science" in public schools. The judge in that case correctly recognized that creation science was actually religious in nature, and it therefore violated the constitution's prohibition against the establishment of state religion.

Read 5 remaining paragraphs | Comments

Dogecoin has risen 400 percent in the last week because why not

https://arstechnica.com/?p=1757497

Dogecoin has risen 400 percent in the last week because why not

Enlarge (credit: peng song / Getty)

Dogecoin, a blockchain-based digital currency named for a meme about an excitable canine, has seen its price rise by a factor of five over the last week. The price spike has made it one of the world's 10 most valuable cryptocurrencies, with a market capitalization of $45 billion.

Understanding the value of cryptocurrencies is never easy, and it's especially hard for Dogecoin, which was created as a joke. Dogecoin isn't known for any particular technology innovations and doesn't seem to have many practical applications.

What Dogecoin does have going for it, however, is memorable branding and an enthusiastic community of fans. And in 2021, that counts for a lot. In recent months, we've seen shares of GameStop soar to levels that are hard to justify based on the performance of GameStop's actual business. People bought GameStop because it was fun and they thought the price might go up. So too for Dogecoin.

Read 5 remaining paragraphs | Comments

Today’s best deals: Board games we like, indoor security cameras, and more

https://arstechnica.com/?p=1757378

Today’s best deals: Board games we like, indoor security cameras, and more

Enlarge (credit: Ars Technica)

Today's Dealmaster includes notable discounts on a couple of Ars-approved board games, with the avian-themed Wingspan down to $46 and the massive dungeon crawler Gloomhaven down to $89 at Amazon. Both deals are within $4 of the lowest prices we've tracked and a good ways below the typical street price we see for each respective game online.

We were among the many board game enthusiasts to rave about Gloomhaven when it arrived a few years back. While it's undeniably dense, its deep gameplay systems and dozens of hours of content led us to call it "the best dungeon crawl board game we've ever played" in a past gift guideWingspan, meanwhile, is much less intense, and it's better suited for casual game nights. Our review deemed it "an approachable, 'gateway-plus' game that provides an accessible entry point into engine-building games while offering fun decisions for seasoned gamers."

If you're not in the mood for a new board game, our deals roundup also has good prices on a recommended indoor security camera from Anker's Eufy brand, a couple of well-regarded LG monitors, several certified refurbished Amazon devices, robot vacuums, and much more below.

Read 2 remaining paragraphs | Comments

Google loses “Location History” court battle in Australia

https://arstechnica.com/?p=1757430

Google loses “Location History” court battle in Australia

Enlarge

The Australian Competition & Consumer Commission (ACCC) has ruled that Google misled Android users over its collection of location data. This ruling is in reference to the "Location History" controversy from a few years ago. The Associated Press reported at the time that turning off the Location History setting does not disable all location-tracking features across every Google product.

The ACCC's press release states that from January 2017 to December 2018 (the AP article was published in August 2018), "Google misrepresented that the ‘Location History’ setting was the only Google Account setting that affected whether Google collected, kept or used personally identifiable data about their location." The ruling continues, saying, "In fact, another Google Account setting titled 'Web & App Activity' also enabled Google to collect, store and use personally identifiable location data when it was turned on, and that setting was turned on by default."

With the ACCC's finding of wrongdoing, it's not clear what the Australian government plans to do about the situation yet. The press release says, "The ACCC is seeking declarations, pecuniary penalties, publications orders, and compliance orders. This will be determined at a later date." ACCC Chair Rod Sims added, "In addition to penalties, we are seeking an order for Google to publish a notice to Australian consumers to better explain Google’s location data settings in the future. This will ensure that consumers can make informed choices about whether certain Google settings that... collect location data should be enabled."

Read 3 remaining paragraphs | Comments

Valve Anti-Cheat’s “permanent” bans now have one major exception

https://arstechnica.com/?p=1757463

Elias “Jamppi” Olkkonen, seen here at Dreamhack's 2019 Winter Open, may be allowed back in Valve-sponsored events despite a VAC ban.

Enlarge / Elias “Jamppi” Olkkonen, seen here at Dreamhack's 2019 Winter Open, may be allowed back in Valve-sponsored events despite a VAC ban. (credit: Stephanie Lindgren / Dreamhack)

If you know just one thing about Valve's Anti-Cheat system (VAC), you probably know that a ban issued through it lasts forever. As Valve's support page lays out clearly, "VAC bans are permanent, non-negotiable, and cannot be removed by Steam Support."

Now, apparently, there is one sizable exception to this rule, at least when it comes to esports. A post to the Counter-Strike: GO blog yesterday notes that some VAC-banned players will now be able to participate in events surrounding the game's next Regional Major Rankings (RMR) season.

The CS:GO team notes in the post that its event guidelines were initially written around the game's 2012 release, when "all CS:GO VAC bans were relatively recent." Now, though, the team has decided to update those guidelines to reflect the fact that "VAC bans can now be more than eight years old." As such, VAC bans older than five years, as well as VAC bans that pre-date a player's first participation in a Valve-sponsored event, will no longer be taken into account when assessing RMR event eligibility.

Read 9 remaining paragraphs | Comments

Congressmen ask Biden admin to keep chip design software away from China

https://arstechnica.com/?p=1757446

Congressmen ask Biden admin to keep chip design software away from China

Enlarge (credit: China News Service | Getty Images)

Don’t let American companies sell semiconductor design software to Chinese firms, two members of Congress are asking the Department of Commerce. 

Sen. Tom Cotton (R- Ark.) and Rep. Michael McCaul (R-Tex.) yesterday requested that electronic design automation (EDA) tools be designated as “foundational technologies” by the Department of Commerce. The label would require companies to obtain export licenses if they want to sell EDA tools to Chinese companies. The congressmen also requested in their letter to Secretary of Commerce Gina Raimondo that any fab worldwide that uses American tools be prevented from selling 14 nm or better chips to Chinese companies.

The current leading edge in semiconductors is the 5 nm node, and currently, only Samsung and Taiwanese semiconductor company TSMC are producing chips commercially at that node. Restricting Chinese companies to 16 nm or larger could possibly keep them four generations off the leading edge. 

Read 6 remaining paragraphs | Comments

NPD: PlayStation 5’s first 5 months are best ever for a US console launch

https://arstechnica.com/?p=1757391

The PS5 is bigger than Xbox Series X in more ways than one (at least, in the United States).

Enlarge / The PS5 is bigger than Xbox Series X in more ways than one (at least, in the United States). (credit: Sam Machkovech)

While we're still waiting on exact sales numbers for last year's newest video game consoles, select stats have begun to emerge that, at least in the US, give a clear lead to Sony's PlayStation 5. As it turns out, the lead is historically significant.

The NPD Group, a longtime retail analyst, has confirmed via brick-and-mortar and digital sales figures that the PlayStation 5 sold more units than any other console sold in its first five months in the US.

NPD rarely confirms exact sales figures, and stitching together an estimate of PS5 sales in the US thus far is therefore a bit tricky. In early 2018, Nintendo claimed the title of fastest selling console in US history at a mark of 10 months, by which point the company had sold "more than 4.8 million" Switch consoles.

Read 7 remaining paragraphs | Comments