Apple Maps Transit Directions Expand to Ireland
Apple Maps has added public transit directions for Ireland, as pointed out by developer Steven Troughton-Smith on Twitter. With the updated directions, users in Ireland can now choose from a few different public transportation routes when traveling around Ireland.
Transit directions are available in a few cities like Dublin and Cork, including transportation provided by Bus Éirann, Aircoach, and more. There’s also support for city-specific transit options like Dublin’s electric rail system the DART (Dublin Area Rapid Transit) and Dublin Bus.
Unfortunately, most of the transit options in Ireland are facing service cancellations in the face of Hurricane Ophelia, which made landfall around 1 p.m. local time. Many transit advisories listed in Apple Maps mention cancellations lasting from 10 a.m. to at least 7 p.m. local time in Ireland.
Apple has been adding public transit directions to new cities around the world since the feature first debuted in iOS 9 in 2015. Some of the latest areas to get the feature include Taiwan, Ottawa, Edmonton, Québec City, and Hungary.
Tags: Apple Maps, transit, Ireland
Discuss this article in our forums
What you need to know about KRACK, the WPA2 vulnerability
Exploit in WPA2 means it’s open season on your Wi-Fi network, no matter what router you use.
For years we’ve all depended on the WPA2 (Wi-Fi Protected Access) protocol to secure our Wi-Fi networks. That all comes to an end today.
Security researcher KU Leuven has revealed what he has labeled KRACK; an exploit that attacks a vulnerability in the handshake of the WPA2 protocol that you most likely use to protect your Wi-Fi at home and millions of small businesses around the world use, too.
Speaking at the ACM Conference on Computer and Communications Security in Dallas, Leuven explained that this exploit may allow packet sniffing, connection hijacking, malware injection, and even decryption of the protocol itself. The vulnerability has been disclosed to the people who need to know these sorts of things early to find a fix and US-CERT (United States Computer Emergency Readiness Team) has released this prepared bulletin:
US-CERT has become aware of several key management vulnerabilities in the 4-way handshake of the Wi-Fi Protected Access II (WPA2) security protocol. The impact of exploiting these vulnerabilities includes decryption, packet replay, TCP connection hijacking, HTTP content injection, and others. Note that as protocol-level issues, most or all correct implementations of the standard will be affected. The CERT/CC and the reporting researcher KU Leuven, will be publicly disclosing these vulnerabilities on 16 October 2017.
According to a researcher who has been briefed on the vulnerability, it works by exploiting a four-way handshake that’s used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it’s resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.
How do I stay safe?
To be honest, for the next couple of days there aren’t a ton of public options available to you. We’re not going to tell you how it works or where to find more information on how exactly the attack works. But we can tell you what you can (and should do) to stay as safe as possible.
- Avoid public Wi-Fi at all costs. This includes Google’s protected Wi-Fi hotspots until Google says otherwise. If your carrier forces your phone to Wi-Fi when in range, visit the forum for your phone to see if there’s a workaround to stop it from happening.
- Only connect to secured services. Web pages that use HTTPS or another secure connection will include HTTPS in the URL. You should contact any company whose services you use and ask if the connection is secured using TLS 1.2, and if so your connection with that service is safe for now.
- If you have a paid VPN service that you trust you should enable the connection full-time until further notice. Resist the temptation to rush and sign-up for any free VPN service until you can find out if they have been vetted and will keep your data secure. Most don’t.
- Use a wired network if your router and computer both have a spot to plug in an Ethernet cable. This exploit only affects 802.11 traffic between a Wi-Fi router and a connected device. Ethernet cables are relatively cheap and an eyesore strung across the carpet is worth it. Look for a Cat6 or Cat5e spec cable and there should be no configuration needed once plugged in.
- If you use a Chromebook or MacBook, this USB Ethernet adapter is plug-and-play.
- Relax.
What could happen if I am on an attacked network?
This hack can’t steal your banking information or Google password (or any data on a correctly secured connection that uses end-to-end encryption). While an intruder may be able to capture the data you send and receive, it can’t be used or even read by anyone. You can’t even read it unless you allow your phone or computer to decrypt and unscramble it first.
An attacker may be able to do things like redirect traffic on a Wi-Fi network or even send bogus data in place of the real thing. This means something harmless like printing a thousand copies of gibberish on a networked printer or something dangerous like sending malware as a reply to a legitimate request for information or a file. The best way to protect yourself is to not use Wi-Fi at all until you’re directed otherwise.
uhhh shit it’s bad yup pic.twitter.com/iJdsvP08D7
— ⚡️ Owen Williams (@ow) October 16, 2017
Ubiquiti has been said to already have a patch ready to deploy for their equipment, and if this turns out to be true we should see the same from companies like Google or Apple very soon. Other, less security-conscious companies may take longer and many routers will never see a patch. Some companies who make routers are much like some companies who make Android phones: any desire to support the product stops when your money reaches their bank. Of course, if this rumor turns out to be false all bets are off.
Does this really matter?
This is not a case where you should feel immune because your data isn’t valuable enough. The majority of attacks using this exploit will be opportunistic. Kids who live in your building, shady characters who drive the neighborhood looking for Wi-Fi APs and general mischief makers are already scanning Wi-Fi networks around them.
WPA2 has had a long and fruitful life with nary a public exploit until today. Here’s hoping the fix, or what comes next, can enjoy the same. Stay safe!
Facebook to train UK students as cyber safety experts
Facebook has pledged more than £1 million to help turn British schoolchildren into “digital safety ambassadors.” The scheme, created by Childnet International and The Diana Award, will teach students about social media, cyberbullying and the hazards of the wider internet. They will then act as a support group for their friends and fellow pupils, fielding questions and leading online safety initiatives in the classroom. Facebook says its investment will allow every UK secondary school to have its own digital safety ambassador, should they be interested in the project. In total, that could be an extra 4,500 pupils sharing good advice with their peers.
Digital safety ambassadors fall into two camps. The Diana Award trains anti-bullying ambassadors with a mixture of face-to-face training, online resources and forums. The charity, set up in memory of Diana, Princess of Wales, also provides an online newsletter and monthly challenges, which can be assigned to students as homework, that tackle LGBTQ+ issues, racism and online behaviours and attitudes. Childnet, meanwhile, creates “digital leaders” with a dedicated online curriculum about internet safety and “resilience building.” Facebook’s funding will extend the reach of both programmes with more classroom visits and better online resources.
As part of the announcement, Child International, The Diana Award and Facebook have created a physical, immersive experience in London called ‘House of Us.’ It will run today and tomorrow and allow young people to experience many of the problems that their contemporaries face online, as well as the impact a friendly, reliable support system can make. The installation will include an “audio maze” that mimicks the complex emotions people feel while being bullied, and a light room that responds to positive feedback and support. Staff will survey the students afterwards and use their comments to shape future projects and classroom resources.
Via: The Telegraph
Source: The Diana Award
The Morning After: Monday, October 16th 2017
Welcome to the middle of October. As the pumpkin spice lattes floweth over, we’ve taken a look at the ropey world of fast-food tech stunts — and highlight the weekend news.
From the Pizza Parka to the Windows 7 Whopper.
A ridiculous history of fast-food PR tech stunts
Who doesn’t love a good over-the-top marketing stunt? Recently we’ve seen a lot of those, including Pizza Hut’s Pizza Parka, a coat made of the same insulating materials as its delivery pouches. Because why not? Here are some other terrible / great ones. (Delete as applicable.)
Three Texas closures suggest coal isn’t coming back any time soon.
Coal power plant closures are ramping up despite White House plans
The Trump administration may hope it can reverse coal power’s decline by ending the Clean Power Plan and other eco-friendly efforts, but the industry’s moves suggest otherwise. Luminant has announced plans to close three major coal plants in Texas (in Freestone, Milam and Titus counties) between January and February 2018. The shutdowns will take a combined 4,200MW of power off the grid — enough to run over four million homes, as Reuters notes. The news boosts the expected capacity of 2018 power plant closures to over 13,600MW, or a whopping 79 percent more than the known closures for this year.
The cofounders are stepping down from management to create new IPs.
11 years after creating ‘League of Legends,’ Riot is making a new game
The two founders of Riot Games announced that they’re handing off the management of League of Legends to other administrators, so they can make a new game — the publisher’s second big video game release in 11 years of operation.
But wait, there’s more…
- First-ever negative-emissions power plant goes online
- The best 4K TV on a budget
- First ‘Rocket League’ Halloween event kicks off October 16th
- Recommended Reading: ‘Lore’ makes the leap from podcast to TV
Classic FM’s video game show is returning for a second series
Classic FM is bringing back High Score, a weekly radio show dedicated to video game music. The first series ran for six weeks in April and May, and was presented by Jessica Curry, a BAFTA-wining composer and co-founder of now-on-hiatus game studio The Chinese Room (Dear Esther, Everybody’s Gone to the Rapture, So Let Us Melt). Curry will return for season two, which runs for six weeks starting on November 4th at 9pm. The first and final instalments will be request shows, while the middle four explore themes such as love, quests, and the best video game music of 2017.
The first series of High Score was a huge success for Classic FM. The show smashed records for ‘Listen Again,’ the station’s seven-day catch-up service, by appealing to both video game enthusiasts and those with a general love for sweeping, orchestral scores. “We were so encouraged by the response to the first series of High Score,” Sam Jackson, managing editor for Classic FM said. “Since the launch of Classic FM 25 years ago, the station has been a pioneer and aimed to break down the barriers to classical music, so we can’t wait for the new series.” Classic FM, if you need a reminder, is available online, on DAB radio and 100-102 FM in the UK.
Source: Classic FM (Press Release)
Severe WiFi security flaw puts millions of devices at risk
Researchers have discovered a key flaw in the WPA2 WiFi encryption protocol that could allow hackers to intercept your credit card numbers, passwords, photos and other sensitive information. The flaws, dubbed “Key Reinstallation Attacks,” or “Krack Attacks,” are in the WiFi standard and not specific products. That means that just about every router, smartphone and PC out there could be impacted, though attacks against Linux and Android 6.0 or greater devices may be “particularly devastating,” according to KU Leuven University’s Mathy Vanhoef and Frank Piessens, who found the flaw.
Here’s how it works. Attackers find a vulnerable WPA2 network, then make a carbon copy of it and impersonate the MAC address, then change the WiFi channel. This new, fake network acts as a “man in the middle,” so when a device attempts to connect to the original network, it can be forced to bypass it and connect to the rogue one.
Normally, WPA2 encryption requires a unique key to encrypt each block of plain text. However, the hack described in the Krack Attack paper forces certain implementations of WPA2 to reuse the same key combination multiple times.
The problem is made worse by Android and Linux, which, thanks to a bug in the WPA2 standard, don’t force the client to demand a unique encryption key each time. Rather, they allow a key to be cleared and replaced by an “all-zero encryption key,” foiling a key part of the handshake process. In some cases, a script can also force a connection to bypass HTTPS, exposing usernames, passwords and other critical data.
The system takes advantage of a flaw in the “handshake” method to direct users to the malicious network. Neither WiFi passwords nor secret keys can be obtained, the researchers say, as the hack works by forging the entire network. As such, it can’t be used to attack routers, but hackers can still eavesdrop on traffic, making it particularly dangerous for corporations.
As shown above, the researchers did a proof-of-concept attack on Android, and were able to decrypt all the victim’s transmitted data. They point out that this will “not work on a properly configured HTTPS site,” but will work on a “significant fraction” that are poorly set up. Other devices, like those running MacOS, Windows, OpenBSD and other operating systems, are affected to a lesser extent. “When attacking other devices, it is harder to decrypt all packets, although a large number of packets can nevertheless be decrypted,” say the researchers.
After earlier, more limited hacks, the WPA2 protocol has been suspect for a while, so many security folks were already bracing themselves for something bad. If you still doubt the seriousness of it, Alex Hudson, for one, is actually advising Android users to “turn off WiFi on these devices until fixes are applied.” He adds that “you can think of this a little bit like your firewall being defeated.”
As such, you can protect yourself to a great extent by sticking with sites that have solid, proven HTTPS security. And of course, the attack won’t work unless the attacker is nearby and can physically access your network.
The problem should be relatively easy to fix. A firmware change can force routers to require a dedicated certificate for each handshake, instead of relying on the one already generated. And, as the security researchers who discovered it say, “implementations can be patched in a backwards-compatible manner.”
That means if you patch your Android device and not your router, you can still communicate and be safe, and vice-versa. Nevertheless, they also advise to patch all your devices as soon as security updates are available. For more details about the hack, check this very detailed FAQ from Aruba Networks.
Via: Ars Technica
Source: Krack Attacks
Foxconn Ships First Batch of iPhone X Units
Apple manufacturer Foxconn has started shipping the first iPhone X units to countries in Europe and the Middle East, according to a Chinese report on Monday.
China-based Xinhuanet said the first batch of 46,500 units have already been shipped out from Zhengzhou and Shanghai to the Netherlands and the United Arab Emirates, respectively. However, the initial shipments of iPhone X units were much lower than previous iPhone models, according to the Chinese-language Commercial Times.
Although Foxconn has ramped up its output of iPhone X to 400,000 units a week recently from the previous 100,000 units, the increased production still cannot meet market demand, said the report, citing data from Rosenblatt.
Forecasts for iPhone X production have consistently pointed to lower-than-average numbers in the run-up to the smartphone’s launch on Friday, November 3. Last week an analyst with Taipei-based Yuanta Investment Consulting lowered his production estimate for the iPhone X to 36 million units, down from 40 million.
The revised forecast followed earlier warnings that Apple’s TrueDepth camera may be the main production bottleneck of the iPhone X ramp. KGI Securities analyst Ming-Chi Kuo has said the facial recognition system is “far more complex” than those on competing devices, which is making it challenging for Apple to achieve mass production.
Kuo said shipments of iPhone X components will likely ramp up in mid to late October. Meanwhile, customer pre-orders begin October 27, with the potential for them to exceed 40-50 million units, according to Kuo, further suggesting the phone could be hard to come by for some time. Lower adoption of the iPhone 8 and iPhone 8 Plus also indicate that many customers may be waiting for the iPhone X.
(Via DigiTimes.)
Related Roundup: iPhone X
Discuss this article in our forums
Drone collision: Canadian passenger plane suffers damage after direct hit
Why it matters to you
Fly your drone close to an airport or another off-limits location and there may be serious consequences.
A small drone struck a passenger jet in Canada last Thursday in the first incident of its kind in the country.
The Skyjet aircraft was making preparations to land at Jean Lesage airport in Quebec City when it collided with what is believed to have been a drone. The plane suffered minor damage but the incident was deemed so serious that Transport Minister Marc Garneau felt compelled to issue an official statement about it.
“This is the first time a drone has hit a commercial aircraft in Canada and I am extremely relieved that the aircraft only sustained minor damage and was able to land safely,” Garneau said.
The jet, which was carrying eight passengers on the flight from the city of Rouyn-Noranda, 370 miles north-west of Quebec City, is likely to have been a King Air 100 or King Air 200 model. Reports suggest it was flying at an altitude of 1,500 feet (457 meters) when the drone, model unknown, hit the aircraft. No arrests have yet been made.
The minister noted that while “the vast majority” of drone operators fly responsibly, anyone tempted to fly their machine near an airport is “endangering the safety of an aircraft, [which is an] extremely dangerous and serious offense.”
Growing fears about risky drone flights prompted the Canadian government to issue a set of interim guidelines in March that imposed strict limitations on drone operations near people, animals, and buildings, including airports. Violators could be hit with a $25,000 fine or a prison term. Or both.
Garneau said at the time that the potential for a catastrophic accident involving an airplane is “the kind of nightmare scenario that keeps me up at night.” After last week’s incident, the minister will be sleeping even less easily.
Canadian authorities said that so far in 2017, it has received reports of 1,596 drone incidents, with 131 considered to have been “of aviation safety concern.”
Earlier this month, a helicopter flying over New York City collided with a Phantom 4 drone, a popular consumer model made by drone giant DJI. After landing safely at an airport in New Jersey, parts of the mangled quadcopter were extracted from the body of the helicopter.
Federal Aviation Administration data compiled between February and September 2016 lists 1,274 possible drone sightings by U.S. air traffic facilities, compared to 874 for the same period a year earlier.
Rogue drone flights in off-limits locations is a growing headache for the authorities as the market for consumer machines continues to grow.
The challenge of dealing with rogue drones has spawned a new industry geared toward developing technology that takes control of the drone from the operator to remove it from the sky, while the Pentagon recently approved a policy allowing the U.S. military to shoot down rogue drones flying close to its military installations across the country.
Cooler Cannon is the can-tossing cooler you’ve been waiting for
Why it matters to you
If you’re looking for convenience when it comes to coolers, the Cooler Cannon could be the answer.
If the effort of walking over to the cooler to grab a beer is just too much for you to handle, then this can-tossing cooler is a contraption you’ll definitely want to have at your next party.
The Cooler Cannon looks like a regular cooler save for the hole in the top. It’s from there that the beer flies forth, allowing you to maintain your sitting or standing position as the beer sails through the air toward your waiting hand. Perfect.
Designed by Indiana-based Derek Hoy, the Cooler Cannon made its debut on Kickstarter in 2013, but while 84 expectant partygoers enthusiastically stumped up a total of $17,358 during the campaign, the sum fell well short of its $275,000 goal.
Older, presumably wiser, and possibly having consumed a good many beers flung from the cooler in the intervening years, Hoy is back with a refined design that replaces the Cooler Cannon’s remote controller with a smartphone app, enabling partygoers to summon a beer with a single tap. So now everyone at the party can join in.
Yes, the Cooler Cannon is once again going for glory, aiming to persuade canned-drink consumers (no, it doesn’t have to be beer) that it’s worth every cent of however much it finally goes on sale for, which, according to its website, could be for as little as $195.
The cooler holds up to 18 cans and can throw each one as far as eight feet. Just make sure you know which way it’s going to go before you hit the launch button, or someone could get a nasty surprise. Importantly, it takes just two seconds to reload each can into the firing mechanism, meaning no one will have to wait too long for their beverage (until you have to fill it up again 36 seconds later.)
Like any hefty cooler worth its salt, the Cooler Cannon also features a couple of wheels and a handle, so you can easily take it to your party spot from your car, and back again.
If you’re still of the opinion that the Cooler Cannon isn’t really that cool, then check out DT’s pick of the best alternatives. It’s never too early to start prepping your next summer party, is it?
Cooler Cannon is the can-tossing cooler you’ve been waiting for
Why it matters to you
If you’re looking for convenience when it comes to coolers, the Cooler Cannon could be the answer.
If the effort of walking over to the cooler to grab a beer is just too much for you to handle, then this can-tossing cooler is a contraption you’ll definitely want to have at your next party.
The Cooler Cannon looks like a regular cooler save for the hole in the top. It’s from there that the beer flies forth, allowing you to maintain your sitting or standing position as the beer sails through the air toward your waiting hand. Perfect.
Designed by Indiana-based Derek Hoy, the Cooler Cannon made its debut on Kickstarter in 2013, but while 84 expectant partygoers enthusiastically stumped up a total of $17,358 during the campaign, the sum fell well short of its $275,000 goal.
Older, presumably wiser, and possibly having consumed a good many beers flung from the cooler in the intervening years, Hoy is back with a refined design that replaces the Cooler Cannon’s remote controller with a smartphone app, enabling partygoers to summon a beer with a single tap. So now everyone at the party can join in.
Yes, the Cooler Cannon is once again going for glory, aiming to persuade canned-drink consumers (no, it doesn’t have to be beer) that it’s worth every cent of however much it finally goes on sale for, which, according to its website, could be for as little as $195.
The cooler holds up to 18 cans and can throw each one as far as eight feet. Just make sure you know which way it’s going to go before you hit the launch button, or someone could get a nasty surprise. Importantly, it takes just two seconds to reload each can into the firing mechanism, meaning no one will have to wait too long for their beverage (until you have to fill it up again 36 seconds later.)
Like any hefty cooler worth its salt, the Cooler Cannon also features a couple of wheels and a handle, so you can easily take it to your party spot from your car, and back again.
If you’re still of the opinion that the Cooler Cannon isn’t really that cool, then check out DT’s pick of the best alternatives. It’s never too early to start prepping your next summer party, is it?
AIVAnet 