Meet the HoneyBot, a decoy robot designed to trick hackers

Bosses don’t usually approve of their employees roaming around, pretending to work. But that’s exactly what a new robot named the HoneyBot is designed to do.

Developed by engineers at the Georgia Institute of Technology, the HoneyBot is a four-wheeled decoy robot designed to bait hackers, and then fool them into thinking they’ve successfully exploited a functional factory machine.

“The HoneyBot is the first software hybrid interaction honeypot specifically designed for networked robotic systems,” Celine Irvene, a Georgia Tech graduate student who worked on the HoneyBot project, told Digital Trends. “It demonstrates that traditional computer security concepts, with slight modifications, can successfully be applied to other domains, such as robotics. This is exciting because in fields with critical systems subject to compromise, where security is not typically the main concern, it demonstrates a possible mechanism for defending and protecting them.”

Everything seems to be connected nowadays. And whether it’s a smart refrigerator, a networked MRI machine, or an internet-enabled factory robot, all connected devices run the risk of being hacked.

As its name suggests, the HoneyBot is based on the concept of honeypots, decoy computers that IT security firms use to lure, detect, and thwart hackers.

By using false sensor data, the HoneyBot pretends to be a functional factory robot, tricking hackers into setting it as a target. Once hacked, the robot can digitally simulate unsafe actions while physically performing safe ones. To remote users, the system response will look like the robot is following their unsafe exploits. In reality, the HoneyBot continues on its safe path. As hackers mess around with the false system, they leave behind valuable data that firms can use to better secure the network.

But if honeypots already abound, what’s the need for a robot?

“The importance of a physical hardware system over a purely software system can be summed in one word,” Irvene said, “believability.”

“The ingenuity behind the HoneyBot is that it is a physical system that will operate completely normal under ‘safe’ conditions,” she continued. “But once its triggered by an ‘unsafe’ action it switches into simulation mode, where it transmits responses back to the end user that come from device models, which have been previously built and utilize device physics to be as realistic as possible. The ability to accurately model device physics is lost on software systems and this greatly reduces the chances of fooling an intelligent attacker.”

There’s no set date for when the HoneyBot will be available. Irvene admits there’s more work needed to make the HoneyBot more believable to hackers, such as making the system more robust. But in blind trials the HoneyBot successfully tricked participants into thinking it was following their commands.

Editors’ Recommendations

• I’m not even mad. That’s amazing! 7 brilliant, unorthodox hacks
• Hackers could seize robots with ransomware, costing companies millions
• From pranks to nuclear sabotage, this is the history of malware
• New ‘Prime’ Meltdown, Spectre exploits outlined by Nvidia, Princeton University
• Microsoft misses another Edge-related 90-day security disclosure deadline

Infected online chat service stole payment info at Best Buy, Delta, Sears, more

Online chat service provider [24]7.ai, used by Delta, Best Buy, and numerous other companies faced a “cyber incident” from September 26 to October 12, 2017. The company didn’t notify its list of clients until last month, stating that hackers may have accessed “certain customer payment information.” SkyMiles, personal data, passport details, and other similar information was not compromised. 

In response, Delta said it took immediate action to assess the possible damage. 

“Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system,” Delta stated. “We also engaged federal law enforcement and forensic teams and have confirmed that the incident was resolved by [24]7.ai last October.” 

[24]7.ai discovered malware collecting payment information in its software on October 12, 2017. The chat service provider implemented a fix immediately, and then conducted an internal investigation with forensics and law enforcement between November 2017 and March 2018. Delta didn’t know about the incident until March 28 and removed the chat tool from its website the next day. Both [24]7.ai and Delta informed the public on April 4. 

The hack possibly affects only a “small subset” of Delta’s customers, but the company can’t confirm if customer data was actually accessed by hackers and compromised. The investigation is ongoing, thus Delta launched a dedicated website to provide the latest developments in the [24]7.ai attack. 

Delta’s site specifically states that malware present in software used by [24]7.ai potentially exposed payment information of several hundred thousand customers using Delta’s PC-accessed website. Even more, customers didn’t have to interact with the chat tool to be hit by the hack. The attack did not affect the Fly Delta app, the mobile website, or Delta’s computers. 

So what did the hackers obtain? Customer names, addresses, payment card numbers, CVV numbers, and expiration dates. Customers who used the Delta Wallet service weren’t affected, as the malware could only grab information entered on the screen. Delta Wallet “masks” this sensitive information. 

“Delta will be working diligently to directly contact customers, including by first-class postal mail, who may have been impacted by the [24]7.ai cyber incident,” Delta states. “Delta will also launch a dedicated phone line and website for the small subset of customers who were impacted so we can address their concerns.” 

Other companies affected by the [24]7.ai cyber incident include Best Buy, Boeing Co., Hudson Bay Co., Sears Holdings Corp., Under Armour Inc., and more. Sears said it wasn’t notified of the breach until mid-March and believes that the hack affected less than 100,000 customers. Upon notification, Sears informed credit card companies to prevent possible fraud. 

“Customers using a Sears-branded credit card were not impacted,” the company states in a blog. “In addition, there is no evidence that our stores were compromised or that any internal Sears systems were accessed by those responsible. [24]7.ai has assured us that their systems are now secure.” 

Best Buy says only a small fraction of its online customer population “could have been caught up in this [24]7.ai incident, whether or not they used the chat function.” 

Editors’ Recommendations

• Hackers could have credit card numbers of 880,000 Orbitz users
• Hackers seize Atlanta’s network system, demand $51,000 in Bitcoin as ransom
• Hackers are now favoring ransomware over personal data theft
• From pranks to nuclear sabotage, this is the history of malware
• BitGrail cryptocurrency exchange loses $170 million in Nano tokens

Infected online chat service stole payment info at Best Buy, Delta, Sears, more

Online chat service provider [24]7.ai, used by Delta, Best Buy, and numerous other companies faced a “cyber incident” from September 26 to October 12, 2017. The company didn’t notify its list of clients until last month, stating that hackers may have accessed “certain customer payment information.” SkyMiles, personal data, passport details, and other similar information was not compromised. 

In response, Delta said it took immediate action to assess the possible damage. 

“Delta immediately began working with [24]7.ai to understand any potential impact the incident had on Delta customers, delta.com, or any Delta computer system,” Delta stated. “We also engaged federal law enforcement and forensic teams and have confirmed that the incident was resolved by [24]7.ai last October.” 

[24]7.ai discovered malware collecting payment information in its software on October 12, 2017. The chat service provider implemented a fix immediately, and then conducted an internal investigation with forensics and law enforcement between November 2017 and March 2018. Delta didn’t know about the incident until March 28 and removed the chat tool from its website the next day. Both [24]7.ai and Delta informed the public on April 4. 

The hack possibly affects only a “small subset” of Delta’s customers, but the company can’t confirm if customer data was actually accessed by hackers and compromised. The investigation is ongoing, thus Delta launched a dedicated website to provide the latest developments in the [24]7.ai attack. 

Delta’s site specifically states that malware present in software used by [24]7.ai potentially exposed payment information of several hundred thousand customers using Delta’s PC-accessed website. Even more, customers didn’t have to interact with the chat tool to be hit by the hack. The attack did not affect the Fly Delta app, the mobile website, or Delta’s computers. 

So what did the hackers obtain? Customer names, addresses, payment card numbers, CVV numbers, and expiration dates. Customers who used the Delta Wallet service weren’t affected, as the malware could only grab information entered on the screen. Delta Wallet “masks” this sensitive information. 

“Delta will be working diligently to directly contact customers, including by first-class postal mail, who may have been impacted by the [24]7.ai cyber incident,” Delta states. “Delta will also launch a dedicated phone line and website for the small subset of customers who were impacted so we can address their concerns.” 

Other companies affected by the [24]7.ai cyber incident include Best Buy, Boeing Co., Hudson Bay Co., Sears Holdings Corp., Under Armour Inc., and more. Sears said it wasn’t notified of the breach until mid-March and believes that the hack affected less than 100,000 customers. Upon notification, Sears informed credit card companies to prevent possible fraud. 

“Customers using a Sears-branded credit card were not impacted,” the company states in a blog. “In addition, there is no evidence that our stores were compromised or that any internal Sears systems were accessed by those responsible. [24]7.ai has assured us that their systems are now secure.” 

Best Buy says only a small fraction of its online customer population “could have been caught up in this [24]7.ai incident, whether or not they used the chat function.” 

Editors’ Recommendations

• Hackers could have credit card numbers of 880,000 Orbitz users
• Hackers seize Atlanta’s network system, demand $51,000 in Bitcoin as ransom
• Hackers are now favoring ransomware over personal data theft
• From pranks to nuclear sabotage, this is the history of malware
• BitGrail cryptocurrency exchange loses $170 million in Nano tokens

Here’s everything we know about the new Google Glass smartglasses

Once just an element of science fiction, wearable tech is going from strength to strength with the release of a growing number of smartwatches, smart patches, and other weird and wonderful wearables. But smart glasses have been mostly absent since the quiet disappearance of Google Glass (now only available to some businesses). There have been rumors of Apple looking into similar technology, but since Google is the company with previous experience, we’re expecting it to beat its mobile rival to the post with a new version of the Google Glass. Here’s everything we know so far.

Design

One of the major issues with Google Glass was the look. Smartglasses were sold to the public on the idea that they would offer all sorts of technical innovations, while still looking pretty innocuous. Privacy concerns aside, that was one of the major needs for wearable smart tech — no one wants to look like Geordi La Forge in real life.

This problem could soon be solved, as Google has filed for a patent that shows how wiring can be integrated into a pair of normal-looking glasses. According to imagery and text contained in this patent, Google is looking into ways to better integrate the tech within the product for a more usual look. In simple terms, Google wants hide the “smart” part inside the “glasses” part. In terms of this specific patent, that involves running wires through the frame of the glasses themselves, and molding the frames to accommodate the extra wiring.

Extra technical components would be hidden within the arms of glasses, or what the patent terms “side-pods” — not the sexiest name ever. There’s some flexibility within the patent as to whether the arms need to be connected or not — the text questions whether it would be required to transfer battery power or audio signals between the two side-pods. The imagery on show also includes two extra circular components attached to the arms that would function as earpieces, and could be clipped behind the ears, or could transmit audio through the bone conduction method. The image above also shows at least one microphone (marked 146), and an integrated touchpad (124).

Interestingly, the first image does not contain a graphical display for the glasses, marking the first pair of glasses as being primarily audio-based. Fig. 1B shows a pair of glasses with an included graphical display (158 & 160), along with an onboard computer (158 on the arm) that would allow users to overlay data onto their surroundings and, for example, tell you that someone’s clothes, boots, and motorcycle are a perfect match for your requirements.

Features

Not much is known about the features of an upgraded set of Google Glass smartglasses, but the design patent gives us some indication of Google’s ideas. Outside of a graphical interface, microphone, and earpieces, the patent makes mention of inward-facing LEDs or lasers that could paint an image directly onto the user’s eyeball. Other interesting ideas include using the graphical interface to create an in-focus image nearer to the user’s eyes, bringing distant objects into focus or allowing for digital eyesight correction. Wi-Fi modules, sensors, and USB connectors are also among the ideas for optional modules included within the arm side-pods.

Editors’ Recommendations

• Intel’s ‘Vaunt’ smartglasses could be the iPhone of augmented reality
• Vuzix built the smartglasses Google wishes it did
• Poll: Would you wear Intel’s new smartglasses in public?
• Lenovo’s Mirage Solo headset and VR camera are available for pre-order
• Control this robot kit with your voice using Alexa or Google Assistant

Here’s everything we know about the new Google Glass smartglasses

Once just an element of science fiction, wearable tech is going from strength to strength with the release of a growing number of smartwatches, smart patches, and other weird and wonderful wearables. But smart glasses have been mostly absent since the quiet disappearance of Google Glass (now only available to some businesses). There have been rumors of Apple looking into similar technology, but since Google is the company with previous experience, we’re expecting it to beat its mobile rival to the post with a new version of the Google Glass. Here’s everything we know so far.

Design

One of the major issues with Google Glass was the look. Smartglasses were sold to the public on the idea that they would offer all sorts of technical innovations, while still looking pretty innocuous. Privacy concerns aside, that was one of the major needs for wearable smart tech — no one wants to look like Geordi La Forge in real life.

This problem could soon be solved, as Google has filed for a patent that shows how wiring can be integrated into a pair of normal-looking glasses. According to imagery and text contained in this patent, Google is looking into ways to better integrate the tech within the product for a more usual look. In simple terms, Google wants hide the “smart” part inside the “glasses” part. In terms of this specific patent, that involves running wires through the frame of the glasses themselves, and molding the frames to accommodate the extra wiring.

Extra technical components would be hidden within the arms of glasses, or what the patent terms “side-pods” — not the sexiest name ever. There’s some flexibility within the patent as to whether the arms need to be connected or not — the text questions whether it would be required to transfer battery power or audio signals between the two side-pods. The imagery on show also includes two extra circular components attached to the arms that would function as earpieces, and could be clipped behind the ears, or could transmit audio through the bone conduction method. The image above also shows at least one microphone (marked 146), and an integrated touchpad (124).

Interestingly, the first image does not contain a graphical display for the glasses, marking the first pair of glasses as being primarily audio-based. Fig. 1B shows a pair of glasses with an included graphical display (158 & 160), along with an onboard computer (158 on the arm) that would allow users to overlay data onto their surroundings and, for example, tell you that someone’s clothes, boots, and motorcycle are a perfect match for your requirements.

Features

Not much is known about the features of an upgraded set of Google Glass smartglasses, but the design patent gives us some indication of Google’s ideas. Outside of a graphical interface, microphone, and earpieces, the patent makes mention of inward-facing LEDs or lasers that could paint an image directly onto the user’s eyeball. Other interesting ideas include using the graphical interface to create an in-focus image nearer to the user’s eyes, bringing distant objects into focus or allowing for digital eyesight correction. Wi-Fi modules, sensors, and USB connectors are also among the ideas for optional modules included within the arm side-pods.

Editors’ Recommendations

• Intel’s ‘Vaunt’ smartglasses could be the iPhone of augmented reality
• Vuzix built the smartglasses Google wishes it did
• Poll: Would you wear Intel’s new smartglasses in public?
• Lenovo’s Mirage Solo headset and VR camera are available for pre-order
• Control this robot kit with your voice using Alexa or Google Assistant

Indian central bank looks to block Bitcoin, while creating its own cryptocurrency

India’s central banking authority, the Reserve Bank of India (RBI), has announced that it will cease doing any sort of business with anyone or any business that deals with cryptocurrencies. In the same breath however, it has made it clear that plans to create its own cryptocurrency continue unabated.

India’s Ministry of Finance has previously criticized Bitcoin for its volatility and lack of “intrinsic value,” as CoinTelegraph highlights, but this latest move by the RBI is the most impactful yet. It has given those currently involved in the cryptocurrency trade within India three months to sell off their remaining assets or relocate their business, as from that point the RBI will not support the trade of cryptocurrencies.

The reasoning behind this move is said to be over “concerns of consumer protection, market integrity, and money laundering.” That last point was doubled down on in a press conference, where the deputy governor of the RBI said that cryptocurrencies undermined efforts to prevent money laundering. He also said cryptocurrencies have the potential to “endanger financial stability” if allowed to grow too large.

Although the move doesn’t outright ban cryptocurrencies — doing so would be rather difficult, anyhow — this end of service support is likely to have a big impact on India’s use of cryptocurrencies. The RBI regulates all banks within the country, so maintaining a bank account in India while trading in cryptocurrencies will be exceedingly difficult.

This comes at a strange time in India since, while the RBI has criticized existing cryptocurrencies like Bitcoin, it has expressed interest in the underlying blockchain technology. Citing the escalating costs of dealing with, transporting, and producing physical money, it has suggested that it may develop its own cryptocurrency as a potential future solution.

If this does come about, the cryptocurrency would be state-backed and therefore act more like a digital version of traditional currencies, with little decentralization. In that fashion, it might operate a little like the Ripple (XRP) cryptocurrency, which has received a good deal of support from banks and governments in other countries.

For now, many Indian cryptocurrency users and evangelists hope that this decision of a block of services to crypto-users is overturned. As one crypto-economist pointed out, making it hard to buy cryptocurrencies with bank transfers is just more likely to see people use peer-to-peer trades and over-the-counter cash transactions, which are far harder to regulate.

8/ The Indian crypto market is still pretty small but offers a lot of future growth and opportunities, especially for the unbanked. I hope the RBI and the rest of the Indian government rethink this decision and take a more positive approach towards #crypto.

— Pankaj Jain (@pjain) April 5, 2018

Editors’ Recommendations

• Banks ban Bitcoin credit card buys as cryptocurrency crash continues
• How to trade bitcoin for other cryptocurrencies
• How to buy Litecoin
• How to buy Bitcoin with PayPal
• Federal regulators file fraud charges against three bitcoin operators

Snapchat now uses the iPhone X’s TrueDepth Camera to make better filters

Snapchat has updated its app to take advantage of the advanced facial recognition TrueDepth sensors on the iPhone X, delivering users even more spectacular Lenses.

If you’re a Snapchat user, or if you frequent social media, you’re likely aware of Snapchat’s Lenses. A long-running feature of the app, these AR filters allow users to morph their faces, overlay various masks, or apply an animal mask that tracks your facial movements. However, they’re not without some clunkiness for the majority of users, and most will find the overlays breaking if they move out of frame, or move too quickly. iPhone X owners, however, will find that their lenses function much better, thanks to Snapchat’s new integration with the iPhone X’s astounding facial tech.

Apple’s TrueDepth tech uses a series of sensors mounted into the front notch to paint 30,000 infrared dots onto your face, mapping your face’s structure in 3D. It’s the tech that powers the iPhone X’s Face ID, and it’s now being leveraged by Snapchat to make filters that are far more realistic. Thanks to the additional data allowed by TrueDepth, Snapchat’s filters can apparently compensate for ambient light, creating shadows and highlights where needed to follow the contours of your face and adapt to your surroundings.

You might be worried about companies exploiting this data for use in their own marketing schemes, or using the data from your Lenses to bypass your Face ID security settings, but there’s no need to worry. While Apple allows developers access to certain parts of the TrueDepth sensors, the developer agreement means that developers only have access to the visually mapped facial data, and not the mathematical algorithm used in Face ID. Apple also specifically bans developers from using this data for marketing purposes, selling it to other companies, or using the data to create a marketing profile of specific users.

Augmented reality, or AR, is getting bigger and bigger in mobile tech. We’ve seen a recent surge in AR apps thanks to the release of Google’s ARCore framework (here are our favorite AR apps), and we’re even seeing fun AR functionality built into new phones with functions like Apple’s Animoji, or Samsung’s AR Emoji.

Editors’ Recommendations

• These are the five best iPhone camera lenses you can get your hands on
• The best DSLR cameras
• Olympus M.Zuiko 17mm F1.2 Pro review
• New Panasonic camcorders make 4K look brighter, thanks to better sensor and lens
• Photo FOMO: From tiny cards to little lights, small accessories gain more oomph

Aura fitness band rewards hard work with virtual coins to buy new sneakers

Andy Boxall/Digital Trends

Finding the motivation to continue wearing a fitness band is equally as challenging as going to the gym, out for a jog, or organizing that tennis game. Unless it’s worthwhile, and does something useful when it’s on your wrist, it’s in danger of becoming forgotten. The Aura Band, a fitness wearable currently on Kickstarter, aims to avoid being discarded by not only providing data the competition cannot, but also by offering desirable rewards when you hit your targets.

Reach goals, such as a daily step count, weight reduction, or muscle gain, and you’ll receive Aura Coins. Through partnerships set up by the company, you’ll be able to use these coins to purchase actual goods and services. If you’re committed enough, “three months of coins will be enough to get a new pair of sneakers,” Aura Devices CEO Stas Gorbunov told Digital Trends. In addition to sports brands, other partnerships we should expect include those with fitness centers and insurance companies. Gorbunov wants these promotions to be global, but some may end up tied to a particular region.

Bioimpedance

If the Aura Band was a regular fitness tracker that only cared about step count, issuing coins would solely be based on that metric. But the band features a bioimpedance sensor to assess body composition, from fat content, muscle mass, and hydration levels. Previously, to get this kind of data you’d need to visit a fitness center with the right equipment, a sports therapist, or a nutritionist. The Aura Band puts it on your wrist, and makes it available at all times. It works by tapping and holding the Aura’s metal body, creating an electrically charged loop that measures tissue resistance. We saw it operate on a prototype, but cannot comment on its effectiveness or the accuracy of the results just yet.

Gorbunov said its accuracy is about 90 percent at the moment, and the company is hoping to hit an accuracy rate of 95 percent when the Aura Band launches. This is compared to the 98 percent accuracy he estimated one would get with a professional-grade machine with more sensor points. Regardless, the data should still show changes in body composition, which will illustrate gains and loses. We’re also pleased to see hydration levels measured — an important part of our health that’s often forgotten, and is fairly hard to easily measure.

Hardware and software

The prototype Aura Band we saw had a metal body and a transparent center piece, but this will change to a full metal body for the final version. The strap was silicone and very flexible. A heart rate sensor was the only additional visual feature, and unless a stretch goal on Kickstarter is hit, the band will not have a vibration motor for notifications or alerts. It’s large for a fitness band that doesn’t have a display, and has a very sporty look with the silicone band. An optional leather band should calm that look down. However, the functionality means the Aura Band will largely appeal to serious fitness enthusiasts, and that’s certainly where Gorbunov initially expects to find fans.

Building up an enthusiastic community is important, as a system the company is calling Duels lets you challenge friends and keep up with their results. Interestingly, this ties in with Aura Coins too, as bets can be tied to goals and challenges. While this sounds great, don’t expect it to be available everywhere if it falls afoul of app store guidelines related to gambling. Aura Devices is aware of this, and we’re told challenges will run without Aura Coin bets in some regions.

The app was still a work in progress when we tried it, and not all features were operational. It will link with Apple Health, Google Fit, and other apps; plus other developers will be able to integrate support with their own apps in the future, and all data collected by the band can easily be downloaded should you wish to.

Second campaign

The Kickstarter campaign is already underway with a modest $40,000 goal, and it’s already well over half way to reaching this. It’s the second time the Aura Band has been featured on Kickstarter, with the first project canceled in February. Gorbunov said the first campaign closed due to poor explanation of the band’s features, and therefore never received attention. The improved campaign has a lower financial goal, and more interest.

A single Aura Band costs $100 and deliveries are expected to take place in September, according to Gorbunov. This is the Aura Devices team’s first hardware project, having only worked on unrelated software projects in the past, but Gorbunov is confident the team can hit the deadlines. Still, projects funded on Kickstarter are notorious for late deliveries and last minute crisis, so do remember this should you decide to back the Aura Band.

Facebook messages from Zuckerberg mysteriously disappear from users’ inboxes

According to anonymous sources speaking to TechCrunch, private messages from Facebook founder Mark Zuckerberg have mysteriously disappeared from their Facebook Messenger inboxes.

If you’re a user of Facebook Messenger, then you might be aware that while you can delete the messages that you send, that only removes the message from your copy of the conversation — anyone else in the conversation is still able to see it, whether that be a one-on-one or group conversation. Following the uproar around these deletions, Facebook has stated that it is developing an “unsend” option in Messenger, and that it will be available in a few months. Until that time, Facebook has also said it will not be deleting any more executive personal messages.

While Zuckerberg himself declined to comment on the situation, a Facebook representative clarified that the deletions concerned corporate security: “After Sony Pictures’ emails were hacked in 2014 we made a number of changes to protect our executives’ communications. These included limiting the retention period for Mark’s messages in Messenger. We did so in full compliance with our legal obligations to preserve messages.”

Essentially, Facebook appears to have put a retention timer on the messages of some executive members of staff, deleting them from the system after a certain amount of time has passed. Facebook security justification does stand up to scrutiny on the subject, as a standard message deletion would only remove the message from the sender’s account, and hackers could potentially access the inbox of the recipient in order to read the message and potentially make off with Facebook’s secrets.

While it’s certainly within Facebook’s rights to protect its corporate interests, this revelation comes at the wrong time for Zuckerberg’s company. The treatment, or mistreatment, of user data has been an issue on Facebook for a long time, but it has been recently thrown back into public attention by the actions of Cambridge Analytica, a company that is accused of abusing Facebook’s data to alter the public’s perceptions on key issues. In response, Facebook has altered the way it allows apps to gather data, but that doesn’t seem to be enough for various governments around the world, with many having launched investigations of the service.

Key to the issue is the control that Facebook has over the messages sent between users. While Facebook’s service is clearly under its own control, questions of user trust naturally arise when data is altered without user knowledge. With data becoming the currency of the new age, these questions will remain a central focus of public debate for some time yet.

Editors’ Recommendations

• Elon Musk deleted Facebook after a challenge from another tech titan
• Facebook collected call and text data from Android phones for years
• How to send a text message from a computer
• With Willow Village, Facebook moves from digital communities to real ones
• Best TVs from CES 2018

The Surface Pro being discounted by up to $300 from Microsoft Store and Amazon

Just after Best Buy attempted to clear store shelves in a 24-hour flash sale to make way for new Mac devices, Microsoft is now shaving $200 off its latest Surface Pro in its Spring Sale. But don’t get too excited just yet: Out of the seven configurations Microsoft serves up on its store, only two get a price cut. Act quick and you can get the model with a Core i5 processor, 128GB of storage, and 4GB of system memory for the same price as the typically cheaper Core m3 model. 

Here are the two configurations discounted in Microsoft’s Spring Sale: 

CPU 

Memory 

Storage 

Original price 

Sale price 

Core i5 

4GB 

128GB 

$999 

$799 

Core i5 

8GB 

256GB 

$1,299 

$1,099 

 But Amazon is calling Microsoft’s spring bluff and raising it plenty. The online retailer is currently discounting all Surface Pro models except for the Core i5 units with 4G LTE connectivity. Even more, Amazon is undercutting the two models Microsoft currently has on sale by $15 on one unit and $50 on the other. Here’s the list of discounts: 

CPU 

Memory 

Storage 

Original price 

Sale price 

Core M 

4GB 

128GB 

$799 

$670

Core i5 

4GB 

128GB 

$999 

$785 

Core i5 

8GB 

256GB 

$1,299 

$1,049

Core i7 

8GB 

256GB 

$1,599 

$1,345 

Core i7 

16GB 

512GB 

$2,199 

$1,857 

Core i7 

16GB 

1TB 

$2,699 

$2,336 

 Note that the discounted Surface Pros don’t include the Type Cover or Surface Pen. The Type Cover, offered in Burgundy, Cobalt Blue, and Platinum, will set you back another $159 on Microsoft’s store. Meanwhile, the same Type Cover appears to sell for a cheaper $104 for the Burgundy version on Amazon, $112 for the Cobalt Blue edition, and $113 for the Platinum model. 

As for the Surface Pen, that’s another $99 if you go through Microsoft, sold in Platinum, Burgundy, Black, and Cobalt Blue colors. The peripheral doesn’t appear to be marked down on Amazon, although you can find plenty of alternatives for a cheaper price. 

The latest Surface Pro models are technically fifth-generation units although Microsoft decided not to label the detachables as “Surface Pro 5.” Launched in June 2017, they’re based on Intel’s seventh-generation processors. The current sales may be to move product off store shelves to make room for sixth-generation models (sixth-gen Surface Pro) possibly arriving later this year.