Enlarge (credit: Getty Images)

Certificate authorities and browser makers are planning to end the use of WHOIS data verifying domain ownership following a report that demonstrated how threat actors could abuse the process to obtain fraudulently issued TLS certificates.

TLS certificates are the cryptographic credentials that underpin HTTPS connections, a critical component of online communications verifying that a server belongs to a trusted entity and encrypts all traffic passing between it and an end user. These credentials are issued by any one of hundreds of CAs (certificate authorities) to domain owners. The rules for how certificates are issued and the process for verifying the rightful owner of a domain are left to the CA/Browser Forum. One "base requirement rule" allows CAs to send an email to an address listed in the WHOIS record for the domain being applied for. When the receiver clicks an enclosed link, the certificate is automatically approved.

Non-trivial dependencies

Researchers from security firm watchTowr recently demonstrated how threat actors could abuse the rule to obtain fraudulently issued certificates for domains they didn’t own. The security failure resulted from a lack of uniform rules for determining the validity of sites claiming to provide official WHOIS records.

Enlarge / Control Center has a whole new customization interface. (credit: Samuel Axon)

iOS 18 launched this week, and while its flagship feature (Apple Intelligence) is still forthcoming, the new OS included two significant new buckets of customization: the home screen and Control Center.

We talked about home screen a few days ago, so for our next step in our series on iOS 18, it’s now time to turn our attention to the new ways you can adjust the Control Center to your liking. While we’re at it, we’ll assess a few other features meant to make iOS more powerful and more efficient for power users.

This is by no means the most significant update for power users Apple has released of the iPhone operating system—there’s nothing like Shortcuts, for example, or the introduction of the Files app a few years ago. But with the increasingly expensive iPhone Pro models, Apple still seems to be trying to make the case that you’ll be able to do more with your phone than you used to.

Enlarge / The second Intuitive Machines lander is prepared for hot-fire testing this week. (credit: Intuitive Machines)

One of the miracles of the Apollo Moon landings is that they were televised, live, for all the world to see. This transparency diffused doubts about whether the lunar landings really happened and were watched by billions of people.

However, as remarkable a technical achievement as it was to broadcast from the Moon in 1969, the video was grainy and black and white. As NASA contemplates a return to the Moon as part of the Artemis program, it wants much higher resolution video and communications with its astronauts on the lunar surface.

To that end, NASA announced this week that it had awarded a contract to Houston-based Intuitive Machines for "lunar relay services." Essentially this means Intuitive Machines will be responsible for building a small constellation of satellites around the Moon that will beam data back to Earth from the lunar surface.

Enlarge (credit: Aurich Lawson | Cards Against Humanity)

Cards Against Humanity sued SpaceX yesterday, alleging that Elon Musk's firm illegally took over a plot of land on the US/Mexico border that the party-game company bought in 2017 in an attempt to stymie then-President Trump's attempt to build a wall.

"As part of CAH's 2017 holiday campaign, while Donald Trump was President, CAH created a supporter-funded campaign to take a stand against the building of a Border Wall," said the lawsuit filed in Cameron County District Court in Texas. Cards Against Humanity says it received $15 donations from 150,000 people and used part of that money to buy "a plot of vacant land in Cameron County based upon CAH's promise to 'make it as time-consuming and expensive as possible for Trump to build his wall.'"

Cards Against Humanity says it mowed the land "and maintained it in its natural state, marking the edge of the lot with a fence and a 'No Trespassing' sign." But instead of Trump taking over the land, Cards Against Humanity says the parcel was "interfered with and invaded" by Musk's space company. The lawsuit includes pictures that, according to Cards Against Humanity, show the land when it was first purchased and after SpaceX construction equipment and materials were placed on the land.

Enlarge / An Anker 334 MagGo Battery (PowerCore 10K) on an iPhone. (credit: Anker)

Anker is recalling three models of MagSafe iPhone batteries due to a fire risk, it said yesterday.

The models being recalled are the Anker 334 MagGo Battery (PowerCore 10K, model number A1642), Anker Power Bank (model number A1647), and Anker 334 MagGo Battery (model number A1652). In its recall notice, Anker said that some of the lithium-ion batteries in the devices “may pose a fire risk due to a manufacturing defect.”

“The lithium-ion battery in the affected power banks can overheat, potentially causing melting of plastic components, smoke, and fire hazards,” the notice reads.

Enlarge / Guys, it was just a group chat! Over fantasy football! (credit: John Lamb | Getty Images)

Philadelphia has learned its lesson the hard way: football makes people a little crazy. (Go birds!) Police here even grease downtown light poles before important games to keep rowdy fans from climbing them.

But Matthew Gabriel, 25, who lives in Philly's Mt. Airy neighborhood, took his football fanaticism to a whole 'nother level. For reasons that remain unclear, Gabriel grew incensed with a University of Iowa student who was also a member of Gabriel's fantasy football group chat.

So Gabriel did what anyone might do under such circumstances: He waited until the student went to Norway for a study abroad visit in August 2023, then contacted Norwegian investigators (Politiets Sikkerhetstjeneste) through an online "tip" form and told them that the student was planning a mass shooting. Gabriel's message read, in part:

Enlarge / Ralph de la Torre, founder and chief executive officer of Steward Health Care System LLC, speaks during a summit in New York on Tuesday, Oct. 25, 2016. (credit: Getty | )

A Senate committee on Thursday voted overwhelmingly to hold the wealthy CEO of a failed hospital chain in civil and criminal contempt for rejecting a rare subpoena from the lawmakers.

In July, the Senate Committee on Health, Education, Labor, and Pensions (HELP) subpoenaed Steward Health Care CEO Ralph de la Torre to testify before the lawmakers on the deterioration and eventual bankruptcy of the system, which included more than 30 hospitals across eight states. The resulting dire conditions in the hospitals, described as providing "third-world medicine," allegedly led to the deaths of at least 15 patients and imperiled more than 2,000 others.

The committee, chaired by Senator Bernie Sanders (I-Vt.), highlighted that amid the system's collapse, de la Torre was paid at least $250 million, bought a $40 million yacht, and owned a $15 million luxury fishing boat. Meanwhile, Steward executives jetted around on two private jets collectively worth $95 million.

Enlarge (credit: Sky)

Hundreds of owners of smart TVs and streaming devices from United Kingdom telecom Sky reported that their hardware stopped powering on Thursday. Sky hasn't confirmed the cause of the problem, but a botched update is largely suspected.

Sky, a Comcast company that sells Internet, mobile, and satellite TV service in the UK, got into the streaming hardware business in 2021. Its proprietary Glass TVs and Stream pucks let people access TV channels offered through Sky via the Internet instead of a dish. As of this writing, Glass TVs range from 600 pounds (about $800) for a 43-inch set to 1,199 pounds (about $1,600) for 65 inches and include quantum dots and Dolby Vision, HDR10, and HLG HDR support. To order a Glass TV, people have to sign up for a Sky Entertainment subscription that includes the same type of channels offered through Sky's satellite TV services but via streaming, plus Netflix (with or without ads). If you don’t buy/renew your Sky Entertainment subscription, “access to TV apps like Netflix won't be available,” Sky says. The Stream puck, meanwhile, supports various streaming apps but doesn't work without a Sky subscription.

As of yesterday, paying subscribers and owners of Glass and Stream devices reported that their devices were unable to power on. Users reported only being able to see a blank screen, with some saying the problems lasted for hours.

Enlarge / Frostpunk 2 has you planning and building districts, rather than individual buildings or roads. You make plans, and a particularly icy god laughs. (credit: 11 Bit Studios)

I can't remember every interaction I had with the advisers in Civilization games, but I don't believe I ever had to send my guards to put down a protest one of them staged in a new settlement.

Nor could I ask any of them for "Favours" to scrape a few more heat stamps necessary for a new food district, indebting me to them at some future point when they decide they've had enough of some other faction's people and ideas. In Frostpunk 2 (out today), the people who pop up to tell you how they're feeling aren't just helpful indicators, they're a vital part of the strategy. To keep these people going, you've got to make some of them mad, some of them happy, and balance a ledger of all you've gained and demanded from them.

That's the biggest difference you'll notice in Frostpunk 2 if you're coming from the original. The original had you making choices that affected people, but you were the Captain, in full control of your people, at least until you angered them enough to revolt. In Frostpunk 2, you manage factions and communities rather than groups of survivors. You place districts, not hospitals. Time moves in days and weeks, not hours. You play multiple chapters across a landscape in a world that is 30 years removed from its initial peril.

Enlarge / Starlink satellite dish. (credit: Starlink)

New Starlink customers have to pay a $100 "congestion charge" in areas where the satellite broadband network has limited capacity.

"In areas with network congestion, there is an additional one-time charge to purchase Starlink Residential services," a Starlink FAQ says. "This fee will only apply if you are purchasing or activating a new service plan. If you change your Service address or Service Plan at a later date, you may be charged the congestion fee."

The charge is unwelcome for anyone wanting Starlink service in a congested area, but it could help prevent the capacity crunch from getting worse by making people think twice about signing up. The SpaceX-owned Internet service provider also seems to anticipate that people who sign up for service in congested areas may change their minds after trying it out for a few weeks.

Enlarge / No one likes being dazzled by an oncoming car at night. (credit: Getty Images)

Magna provided flights from Washington, DC, to Detroit and accommodation so Ars could attend its tech day. Ars does not accept paid editorial content.

TROY, Mich.—Despite US dominance in so many different areas of technology, we're sadly somewhat of a backwater when it comes to car headlamps. It's been this way for many decades, a result of restrictive federal vehicle regulations that get updated rarely. The latest lights to try to work their way through red tape and onto the road are active-matrix LED lamps, which can shape their beams to avoid blinding oncoming drivers.

From the 1960s, Federal Motor Vehicle Safety Standards allowed for only sealed high- and low-beam headlamps, and as a result, automakers like Mercedes-Benz would sell cars with less capable lighting in North America than it offered to European customers.

Enlarge / If you get hired for this position, you'll be provided an assistant. It's this guy. This guy is your assistant. His name is "Googly."

Update: We've resurfaced this posting one more time to make sure everyone who might be interested can see it. If it sounds like your jam, be sure and apply as soon as possible. We're looking forward to working with you!

Google is a company in transformation—but "from what" and "to what" are not always clear. To catalog and examine Google's moves in this new era of generative AI, Ars Technica is hiring a Senior Technology Reporter to focus on Google, AI, Android, and search. While attention to so-called "consumer products" will be important, this role will be more focused on Google's big moves as a technology and infrastructure company, moves often made to counter perceived threats from companies like OpenAI, Microsoft, and Perplexity. Informed skepticism is the rule around here, so we're looking for someone with the chops to bring a critical eye to some deep technical and business issues.

As this is a senior role owning an important beat, it is not an entry-level position. We're looking for someone who can primarily self-direct when it comes to their reporting and someone who is comfortable working remotely within a similarly remote team. We'd also like someone who can bring to the table deep and intelligent analyses on broader Google topics while also hitting smaller daily news stories.

Enlarge / Mark Robinson, lieutenant governor of North Carolina and candidate for governor, delivers remarks prior to Republican presidential nominee former President Donald Trump speaking at a campaign event at Harrah's Cherokee Center on August 14, 2024, in Asheville, North Carolina. (credit: Grant Baldwin via Getty Images)

On Thursday, CNN reported about inflammatory comments made by Mark Robinson, the Republican nominee for governor of North Carolina, on a pornography website's message board over a decade ago. After the allegations emerged, Mark Robinson played on what we call "deep doubt" and denied the comments were his words, claiming they were manufactured by AI.

"Look, I'm not going to get into the minutia about how somebody manufactured these salacious tabloid lies, but I can tell you this: There's been over one million dollars spent on me through AI by a billionaire's son who's bound and determined to destroy me," Robinson told CNN reporter Andrew Kaczynski in a televised interview, referring to an AI-generated political commercial set to air next week. "The things that people can do with the Internet now is incredible. But what I can tell you is this: Again, these are not my words. This is simply tabloid trash being used as a distraction from the substantive issues that the people of this state are facing."

The CNN investigation found that Robinson, currently serving as North Carolina's lieutenant governor, used the username "minisoldr" on a website called "Nude Africa" between 2008 and 2012. CNN identified Robinson as the user by matching biographical details, a shared email address, and profile photos. The comments reportedly included Robinson referring to himself as a "black NAZI!" and expressing support for reinstating slavery, among other controversial comments.

Enlarge / The Globe of Science and Innovation at CERN (credit: Adam Nieman/CC BY-SA 2.0)

Since its founding in 1954, high-energy physics laboratory CERN has been a flagship for international scientific collaboration. That commitment has been under strain since the Russian invasion of Ukraine in 2022. CERN decided to cut ties with Moscow late last year over deaths resulting from the country's "unlawful use of force" in the ongoing conflict.

With the existing international cooperation agreements now lapsing, the Geneva-based organization is expected to expel hundreds of scientists on November 30 affiliated with Russian institutions, Nature reports. However, CERN will maintain its links with the Joint Institute for Nuclear Research, an intergovernmental center near Moscow.

CERN was founded in the wake of World War II as a place dedicated to the peaceful pursuit of science. The organization currently has 24 member states and, in 2019 alone, hosted about 12,400 users from institutions in more than 70 countries. Russia has never been a full member of CERN, but collaborations first began in 1955, with hundreds of Russia-affiliated scientists contributing to experiments in the ensuing decades. Now, that 60-year history of collaboration, and Russia's long-standing observer status, is ending. As World Nuclear News reported earlier this year:

Enlarge / The cycle of building and breaking up of supercontinents seems to drive long-term climate trends. (credit: Walter Myers/Stocktrek Images)

Global temperature records go back less than two centuries. But that doesn't mean we have no idea what the world was doing before we started building thermometers. There are various things—tree rings, isotope ratios, and more—that register temperatures in the past. Using these temperature proxies, we've managed to reconstruct thousands of years of our planet's climate.

But going back further is difficult. Fewer proxies get preserved over longer times, and samples get rarer. By the time we go back past a million years, it's difficult to find enough proxies from around the globe and the same time period to reconstruct a global temperature. There are a few exceptions, like the Paleocene-Eocene Thermal Maximum (PETM), a burst of sudden warming about 55 million years ago, but few events that old are nearly as well understood.

Now, researchers have used a combination of proxy records and climate models to reconstruct the Earth's climate for the last half-billion years, providing a global record of temperatures stretching all the way back to near the Cambrian explosion of complex life. The record shows that, with one apparent exception, carbon dioxide and global temperatures have been tightly linked. Which is somewhat surprising, given the other changes the Earth has experienced over this time.

Enlarge / The Three Mile Island Nuclear Plant is seen in the early morning hours March 28, 2011, in Middletown, Penn. (credit: Jeff Fusco/Getty Images)

Microsoft and Constellation Energy have announced a deal that would re-open Pennsylvania's shuttered Three Mile Island nuclear plant. The agreement would let Microsoft purchase the entirety of the plant's roughly 835 megawatts of energy generation—enough to power approximately 800,000 homes—for a span of 20 years starting in 2028, pending regulatory approval.

The actual electricity from the Three Mile Island plant—which would be renamed Crane Clean Energy Center—wouldn't be earmarked for any specific use and would go to local interconnections rather than directly to Microsoft facilities. But the deal comes as Microsoft and large swaths of the tech industry seek new energy sources for data centers that power everything from generative AI models to cloud computing and streaming services.

A new nuclear dawn?

Pennsylvania's Three Mile Island plant rose to infamy in 1979 when a partial meltdown in Unit 2 helped ignite panic over nuclear safety across the country. The new Microsoft deal would re-open the adjacent Unit 1, which was shuttered in 2019 "due to poor economics," according to Constellation. If and when the plant reaches its planned 2028 re-opening, it would be among the first wave of shuttered nuclear plants being put back into service.

Enlarge (credit: Bruce Yuanyue Bi via Getty)

A United Nations report released Thursday proposes having the international body oversee the first truly global effort for monitoring and governing artificial intelligence.

The report, produced by the UN secretary general’s High Level Advisory Body on AI, recommends the creation of a body similar to the Intergovernmental Panel on Climate Change to gather up-to-date information on AI and its risks.

The report calls for a new policy dialog on AI so that the UN’s 193 members can discuss risks and agree upon actions. It further recommends that the UN take steps to empower poorer nations, especially those in the global south, to benefit from AI and contribute to its governance. These should include, it says, creating an AI fund to back projects in these nations, establishing AI standards and data-sharing systems, and creating resources such as training to help nations with AI governance. Some of the report’s recommendations could be facilitated by the Global Digital Compact, an existing plan to address digital and data divides between nations. It finally suggests creating an AI office within the UN dedicated to coordinating existing efforts within the UN to meet the report’s goals.

Enlarge / Europe's first Ariane 6 rocket lifts off from a new launch pad in Kourou, French Guiana. (credit: Jody Amiet/AFP via Getty Images)

Welcome to Edition 7.12 of the Rocket Report! For once, a week with not all that much launch news. Among the highlights were Eutelsat's surprise announcement of a deal with Mitsubishi Heavy Industries, SpaceX's ongoing war with the FAA, and Europe identifying a straightforward solution to the upper stage problem on Ariane 6's debut launch earlier this summer.

As always, we welcome reader submissions, and if you don't want to miss an issue, please subscribe using the box below (the form will not appear on AMP-enabled versions of the site). Each report will include information on small-, medium-, and heavy-lift rockets as well as a quick look ahead at the next three launches on the calendar.

Small launch vehicles still talking a big game. Despite stiff competition from SpaceX rideshare services and some high-profile failures, ventures are still pursuing small launch vehicles that they argue can fill niches in the market, Space News reports. Launch providers speaking at World Space Business Week said they can deliver satellites when and where customers want rather than waiting for the next available rideshare launch from SpaceX.

Enlarge (credit: Getty Images | AaronP/Bauer-Griffin)

A mistrial was declared today in the trial of former AT&T Illinois President Paul La Schiazza, who was accused of bribing a powerful state lawmaker's ally in order to obtain legislation favorable to AT&T's business.

"The jury report they have reached an impasse and cannot reach a unanimous verdict. For the reasons stated on the record, the court declares a mistrial," US District Judge Robert Gettleman wrote in an order today after the trial in the Northern District of Illinois.

La Schiazza could be tried again. AT&T itself agreed to pay a $23 million fine in 2022 to resolve a federal criminal investigation into alleged misconduct involving efforts to influence former Illinois Speaker of the House Michael Madigan. AT&T "admitted that in 2017 it arranged for an ally of Madigan to indirectly receive $22,500 in payments from the company," the Justice Department said in October 2022.