Last month, Apple CEO Tim Cook said the $1,000 sticker price for the base model of iPhone X, the latest flagship smartphone from the company which goes on sale next month, is "a value price for the technology that you're getting." An anonymous reader writes: I simply don't understand why anyone would want to spend such amount on a phone. Don't get me wrong. Having a smartphone is crucial in this day and age. I get it. But even a $200 phone, untethered from any carrier contract, will let you install the apps you need, will allow you to take good pictures, surf the web, and listen to music. That handset might not be as fast as the iPhone X or Samsung's new Galaxy Note 8, or it might not be able to take as great pictures, but the difference, I feel, doesn't warrant an additional $800. The reader shares a column: When considering a purchase, comparing the value a product will add to our lives, and its cost is wise. Subjective perceptions affect how we value possessions, but let's consider the practical value of how we use smartphones. Smartphones aren't used for talking as often as the phones that preceded them were. In fact, actual "phone" use ranks below messaging, web surfing, social media and other activities that dominate smartphone usage. Furthermore, statistically we use only six core apps regularly. [...] My point is, smartphones have't changed all that much relatively speaking. Sure they're bigger, faster, more powerful and have awesome cameras. But the iPhone X is fundamentally the same device the earlier iPhones were, and provides the same basic and sought after functions. It's a glass-covered rectangular slab mostly used for messaging, web-surfing, music and social media activity. An individual's perception of self, financial resources, desired or actual social position and love for tech will likely play a role in his perception of the value of a $1,000 smartphone.

"Vulnerability due to always-on SSH Tunnel -- RESOLVED" reads a Cisco service update. An anonymous reader writes: Described by a recent security blog post, Cisco hid a SSH backdoor in its Cisco Umbrella product, which they were using for support. Affected organizations can install version 2.1.0 of their virtual appliance which has the backdoor removed.
Cisco has described Umbrella as "the first Secure Internet Gateway in the cloud," though the now-closed tunnel "auto-initiated from the customer's appliance to Cisco's SSH Hubs in the Umbrella datacenters." Cisco adds that it "did not require explicit customer approval before establishment." Access to the terminating server required valid keys and was provided only to privileged support personnel within the Cisco Umbrella network space. Customers could prevent this tunnel from getting established by blocking the relevant firewall ports. However, in the case of customers who allowed establishment of the tunnel, an attacker who obtained access to the internal Cisco terminating server could use the SSH tunnel as a backdoor to obtain full control of the VA device at the customer's premises...

It is our policy that any undocumented methods of entry into your network devices be considered a vulnerability due to the potential risk of an attacker leveraging this tunnel to gain access to your network. While Cisco has NO indications that our remote support SSH hubs have ever been compromised, Cisco has made significant changes to the behavior of the remote support tunnel capability to further secure the feature...

To address this vulnerability, the Umbrella Virtual Appliance version 2.1.0 now requires explicit customer approval before an SSH tunnel from the VA to the Cisco terminating server can be established... . For additional security, customer is required to provide tunnel configuration parameters out-of-band to the Cisco support personnel before tunnel establishment.

This question comes from an anonymous Slashdot reader who just got an Arduino and started tinkering with electronics: I'm quite amazed at the quality of the hardware, software, and the available tutorials and (mostly free) literature. A very exciting and inexpensive way to get a basic understanding of electronics and the art of microcontroller programming.

Now that I'm infected with the idea of Open Source hardware, I'm wondering if the Slashdot community could suggest a few more things to get for a beginner in electronics with experience in programming and a basic understanding of machine learning methods. I was looking at the OpenBCI project [Open Brain Computer Interface], which seems like an interesting piece of hardware, but because of the steep price tag and the lack of reviews or blog posts on the internet, I decided to look for something else.
Leave your best answers in the comments. What's the best open source hardware to tinker with?

An anonymous reader quotes the Verge: Google plans on upgrading its two-factor authentication tool with an improved, physical security measure aimed at protecting high-profile users from politically motivated cyberattacks, according to a report from Bloomberg. The new service, to be called Advanced Protection Program and potentially slated to launch next month, will trade out the standard authentication process for services like Gmail and Google Drive with physical USB security keys. The service would also restrict the types of third-party apps and services that could connect to a user's Google account.

The changes are not likely to affect standard Google account owners, as Bloomberg reports that Google "plans to market the product to corporate executives, politicians and others with heightened security concerns."

ZDNet's editor-in-chief warns that Amazon has ambitious plans for its new Echo Plus: Amazon is making an explicit play to be the home hub because it can automatically discover and set up lights, locks, plugs, and switches without the need for additional hubs or apps. And the Alexa 'routines' feature will be able to tie all of this together by allowing you to automate a series of actions with a single voice command: saying "Alexa, good night," and having it turn off the lights, lock the door, and turn off the TV, for example. A platform that other apps and devices can connect into? This starts to sound a lot like an operating system for the home to me.

It's not just the home, either; Amazon announced a deal to make Alexa available in BMW and Mini vehicles from the middle of next year, allowing drivers to use the digital assistant to get directions, play music or control smart home devices while travelling, without having to use a separate app. Travellers will also have access to Alexa skills from third-party developers like Starbucks, allowing them to order their coffee while driving and thus skip the line. Back in January, Amazon and Ford said they were working together to allow voice commands to turn on the engine, lock or unlock the doors as well as play music and use other skills...

It's still early days but I think Alexa has a good shot at becoming one of the standard interfaces, certainly for consumers -- an operating system for the home, if not more, if the automotive tie-ups take off too. All of this will make Amazon a serious force to be reckoned with. Windows has the desktop, and Android and iOS can fight it out for the smartphone, but right now Alexa has a lock on the smart home.

AmiMoJo quotes Reuters: Britain's first solar power farm to operate without a government subsidy is due to open in eastern England on Tuesday, as a sharp fall in costs has made renewable energy much more economical. Britain needs to invest in new energy capacity to replace aging coal and nuclear plants that are due to close in the 2020s. But it is also trying to reduce subsidies on renewable power generation... The 10 megawatt (MW) solar farm, in Clayhill, Bedfordshire, can generate enough electricity to power around 2,500 homes and also has a 6 MW battery storage facility on site.

An anonymous reader quotes the Verge: Battery life on smartwatches is, in a word, bad. And while most of today's watches can more or less make it through a day without dying, they're still a far cry from the months or even years that traditional watches can run for. What if you never had to charge your smartwatch? That's the promise of Lunar, a new Kickstarter project that claims to be the world's first solar-powered smartwatch... The company says that the watch can charge off both indoor and outdoor light, and can run off as little as one hour of exposure a day. (The company also includes a traditional inductive charger as a backup.)

As for the watch itself, it's a pretty standard hybrid smartwatch, solar power aside. It'll be able to do basic activity and sleep tracking, offer some limited notification support through a colored LED, and automatically set time zones through a connected smartphone app. Also, given the need for low power consumption for the solar charging to feasibly work, there's no screen on the Lunar. Instead, there's just a ring of LED lights located where hour markers would be.
The campaign reached its funding goal wIthin two days of launching -- and one week later had double that amount, raising a total of $101,987 from 564 backers.

It's not clear if Slashdot readers love or hate smartwatches. Does it make a difference if the watch is solar powered?

An anonymous reader quotes a report from Scientific American about a device that delivers infusions of DNA and other molecules to restore injured limbs in mice, and maybe someday, humans: Cells are typically reprogrammed using mixtures of DNA, RNA and proteins. The most popular method uses viruses as a delivery vehicle -- although they can infect unintended cells, provoke immune responses and even turn cells cancerous. One alternative, called bulk electroporation, exposes cells to an electric field that pokes holes in their membranes to let in genetic material and proteins. Yet this method can stress or kill them. Tissue nanotransfection, described in a study published in August in Nature Nanotechnology, involves a chip containing an array of tiny channels that apply electric fields to individual cells. "You affect only a small area of the cell surface, compared with the conventional method, which upsets the entire cell," says study co-author James Lee, a chemical and biomolecular engineer at The Ohio State University. "Essentially we create a tiny hole and inject DNA right into the cell, so we can control the dosage."

Chandan Sen, a physiologist at Ohio State, and his colleagues developed a genetic cocktail that rapidly converts skin cells into endothelial cells -- the main component of blood vessels. They then used their technique on mice whose legs had been damaged by a severed artery that cut off blood supply. New blood vessels formed, blood flow increased, and after three weeks the legs had completely healed.

Apple is currently investigating reports of the iPhone 8 Plus splitting open while being charged with the included cable and plug adapter. The first claim comes from a Taiwanese iPhone 8 Plus owner, who posted photos which show damage consistent with a swollen battery. The second claim is from a Japanese owner who posted similar photos of his device, which he says arrived in this state. The Next Web reports: The phone belonged to a Ms. Wu, who recently renewed her phone contract and purchased a 64GB rose gold iPhone 8 Plus. The issue emerged five days after purchasing the phone. Wu placed her phone on charge, using the supplied cable and adaptor. After three minutes, she reported seeing the front panel bulge, and eventually lift completely from the device. According to multiple Taiwanese outlets, the phone was later recovered by the carrier, and has since been shipped to Apple for analysis. 9to5Mac adds: While any incident affecting a new iPhone model is bound to attract media attention, it's worth noting the usual disclaimers. First, any device manufactured in the millions will include some faulty models -- the real news would be if this were not the case. Second, investigations into charging-related incidents often reveal that a third-party charger was used, even when an owner initially claims to have used the supplied Apple one.

New submitter Rick Schumann writes about California considering a ban on internal combustion engines: The ban on internal-combustion engine automobiles would be at least 10 years away, and it's unclear at this early stage if it would ban only sales and use of new cars, or ban existing cars as well. There's also no mention of two (or three) wheeled vehicles at this stage. The California Air Resources Board (CARB) is nevertheless considering this seriously, in order to meet its ambitious emissions reduction goals. According to state data, tailpipes generate more than one-third of all greenhouse gases, and so far only a small fraction of California's motorists drive electric vehicles. The announcement was made in an interview with Bloomberg news. "I've gotten messages from the governor asking, 'Why haven't we done something already?' The governor has certainly indicated an interest in why China can do this and not California," Mary Nichols, the chairwoman of the CARB, told Bloomberg.

Yesterday, Amazon announced six new hardware products at a surprise event in Seattle. The one that everyone is talking about though is called the Echo Spot -- a little alarm clock with a camera that will probably be pointing directly at your bed. "While all the focus is on what the Echo Spot looks like, it's important to remember that Amazon is using the Spot as a very clever way of making you comfortable with having a camera in your bedroom," reports The Verge. From the report: Amazon launched its Echo Look camera earlier this year to judge your outfits. It's designed to sit in your wardrobe and offer you style advice, and it was Amazon's first Echo device with a camera. Amazon quickly followed it up with the Echo Show, a touchscreen device that sits in your kitchen and lets you watch tutorials or recipes and participate in video calls. Amazon's Look device is still only available exclusively by invitation, and in hindsight it now looks like experimental hardware to gauge the reaction of a camera in the bedroom. A litmus test, if you will. Echo Spot feels like the real push to get cameras inside your smart home. It's more than just an alarm clock, but Amazon is definitely pushing this as a $130 device that will sit next to your bed. Promotional materials show it sitting on nightstands, providing a selection of clock faces and news / weather information. The privacy concerns are obvious: an always-listening (for a keyword) microphone in your bedroom, and a camera pointing at your bed.

According to a security guide published Wednesday, Apple recommends that children under the age of 13 do not use Face ID on the iPhone X due to the probability of a false match being significantly higher for young children. The company said this was because "their distinct facial features may not have fully developed." They also recommend that twins and siblings do not use the new feature. The Guardian reports: In all those situations, the company recommends concerned users disable Face ID and use a passcode instead. With Face ID, Apple has implemented a secondary system that exclusively looks out for attempts to fool the technology. Both the authentication and spoofing defense are based on machine learning, but while the former is trained to identify individuals from their faces, the latter is used to look for telltale signs of cheating. "An additional neural network that's trained to spot and resist spoofing defends against attempts to unlock your phone with photos or masks," the company says. If a completely perfect mask is made, which fools the identification neural network, the defensive system will still notice -- just like a human.

An anonymous reader shares a report: To stay up to date in the battle against hackers, some companies are turning to a 1950s technology. Storing data on tape seems impossibly inconvenient in an age of easy-access cloud computing. But that is the big security advantage of this vintage technology, since hackers have no way to get at the information. The federal government, financial-services firms, health insurers and other regulated industries still keep tape as a backup to digital records. Now a range of other companies are returning to tape as hackers get smarter about penetrating defenses -- and do much more damage when they do get in. Rob Pritchard, founder of the Cyber Security Expert consulting firm and associate fellow at the Royal United Services Institute think tank, has noticed the steady resurgence of tape as part of best-practice backup strategies. "Companies of all sizes must be able to restore data quickly if needed," he says, "but also have a robust, slower-time, recovery mechanism should the worst happen." Mr. Pritchard, who works with a range of organizations to improve corporate cybersecurity practices, says: "A good backup strategy will have multiple layers. Cloud and online services have their place, but can be compromised."

A company called Sirin Labs is developing an open-source smartphone that runs on a fee-less blockchain. "The Finney -- named in honor of bitcoin pioneer Hal Finney -- will be the only smartphone in the world that's fully secure and safe enough to hold cryptographic coins," reports Engadget. The company is launching a crowdsale event this October (date to be confirmed) to support the phone's development. From the report: According to Sirin, all Finney devices (there's an all-in-one PC coming, too) will form an independent blockchain network powered by IOTA's Tangle technology. The network will operate without centralized backbones or mining centers cluttering up the transaction process, using the SRN token as its default currency (only SRN token holders will be able to purchase the device). And it'll all run on a Sirin operating system specially designed to support blockchain applications such as crypto wallets and secure exchange access. The phone comes with all the bells and whistles you'd expect from a device with a $1,000 price tag, including a 256GB internal memory and 16MP camera, plus a hefty suite of security measures.

British inventor Sir James Dyson has announced plans to build an electric car that will be "radically different" from current models and go on sale in 2020. The Guardian reports: The billionaire who revolutionized the vacuum cleaner said 400 engineers in Wiltshire had been working since 2015 on the 2.5 billion British pound project. No prototype has yet been built, but Dyson said the car's electric motor was ready, while two different battery types were under development that he claimed were already more efficient than in existing electric cars. Dyson said consumers would have to "wait and see" what the car would look like: "We don't have an existing chassis [...] We're starting from scratch. What we're doing is quite radical." However, he said the design was "all about the technology" and warned that it would be an expensive vehicle to purchase. While he did not name a price, he said: "Maybe the better figure is how much of a deposit they would be prepared to put down."

An anonymous reader quotes a report from Bloomberg: Facebook Inc. will be shut down in Russia next year if it fails to comply with requirements to store user data locally, according to the head of Russia's state communications watchdog. "The law is mandatory for everyone," Alexander Zharov told reporters Tuesday. Roskomnadzor will be forcing foreign internet companies to comply or shut down in the country. President Vladimir Putin signed a law in 2014 that requires global internet firms to store personal data of Russian clients on local servers. Companies ranging from Alphabet Inc.'s Google to Alibaba Group Holding Ltd complied, while others like Twitter Inc. demanded extra time to evaluate the economic feasibility of doing so.

MojoKid writes: Intel has officially launched its Skylake-X processor offering in response to AMD's Ryzen Threadripper series of desktop CPUs. The new Core i9-7980XE and Core i9-7960X are 18 and 16-core configurations respectively, with 2.6GHz and 2.8GHz base clocks and 4.4GHz max boost clocks. Both chips support Intel HyperThreading, with 36 threads of processing for the 7980XE and 32 for the 7960X, while both also have 44 lanes of PCI Express connectivity and support for DDR4-2666MHz memory. Both chips also utilize Intel's X299 chipset platform and are LGA 2066 socket compatible. The Core i9-7980XE has 24.75MB of shared L3 cache, 1MB of L2 cache per core, and a TDP of 165W. The Core i9-7960X's details are essentially same, though two processor cores and the cache associated with them have been lopped off. The Core i9-7960X has a couple of advantages, however, in that its base clock is 200MHz higher than the flagship Core i9-7980XE and it has higher all-core frequency boost to 3.6GHz, while the 7908XE tops out at 3.4GHz on all cores. The new chips are multi-threaded beasts in the benchmarks, posting the highest scores seen to date in heavily threaded workloads. They also offer strong single-threaded performance that outpaces AMD's Ryzen processors. Power consumption is surprisingly good as well and only marginally higher than the 10-core Core i9-7900X. However, at $1999 for the Core i9-7980XE and $1699 for the Core i9-7960X, as usual with Intel high-end chips, they're certainly not cheap.

Owners at the Model 3 Owners Club compiled a list of over 80 different features of the Model 3 they're curious about, including questions about how the car operates (does the card unlock all the doors, where does the UI show you that your turn signals are active), physical aspects of the car (what does the tow hitch attachment look like, how much stuff can you fit in the front and rear cargo areas), and subjective details (how aggressive is the energy regeneration, does that wood trim cause glare). Ars Technica reports: So far, we've learned a few interesting facts. For instance, the windshield wipers are turned on and off by a stalk like just about every other car on the market, but changing the speed (slow/fast/intermittent) is handled by a menu on the touchscreen. The stalk also does double duty turning on the headlights, and there are no rain sensors for the wipers. The touchscreen UI really is the only way to interact with every other function, according to owners, even the rear air vents are controlled from up front (although there are USB ports in the back). Rear seat passengers also won't get seat heaters from what we gather -- unless Tesla plans to activate them in a later software update -- and the steering wheel is not heated either. The two buttons on the steering wheel do not appear to be user-configurable. Instead, the left button primarily deals with audio functions (scroll up and down for volume, left and right to change track) while the other one is for adjusting the mirrors and steering wheel position while in those menus in the UI. Additionally it appears that as of now, there's no way to tab through a different part of the UI without taking your hands off the steering wheel.

Futurist Ray Kurzweil, now a director of engineering at Google, made an interesting argument in a new interview with Fortune: We have already eliminated all jobs several times in human history. How many jobs circa 1900 exist today? If I were a prescient futurist in 1900, I would say, "Okay, 38% of you work on farms; 25% of you work in factories. That's two-thirds of the population. I predict that by the year 2015, that will be 2% on farms and 9% in factories." And everybody would go, "Oh, my God, we're going to be out of work." I would say, "Well, don't worry, for every job we eliminate, we're going to create more jobs at the top of the skill ladder." And people would say, "What new jobs?" And I'd say, "Well, I don't know. We haven't invented them yet."

That continues to be the case, and it creates a difficult political issue because you can look at people driving cars and trucks, and you can be pretty confident those jobs will go away. And you can't describe the new jobs, because they're in industries and concepts that don't exist yet.
Kurzweil also argues that "the power and influence of governments is decreasing because of the tremendous power of social networks and economic trends..."

"A lot of people think things are getting worse, partly because that's actually an evolutionary adaptation: It's very important for your survival to be sensitive to bad news. A little rustling in the leaves may be a predator, and you better pay attention to that."

"This is brilliant and terrifying in equal measure," writes the Morning Paper. Long-time Slashdot reader phantomfive writes: Many CPUs these days have DVFS (Dynamic Voltage and Frequency Scaling), which allows the CPU's clockspeed and voltage to vary dynamically depending on whether the CPU is idling or not. By turning the voltage up and down with one thread, researchers were able to flip bits in another thread. By flipping bits when the second thread was verifying the TrustZone key, the researchers were granted permission. If number 'A' is a product of two large prime numbers, you can flip a few bits in 'A' to get a number that is a product of many smaller numbers, and more easily factorable.
"As the first work to show the security ramifications of energy management mechanisms," the researchers reported at Usenix, "we urge the community to re-examine these security-oblivious designs."