Some Amazon Alexa users are currently having problems reaching the voice assistant. Instead of reacting to commands, Alexa simply says “sorry, something went wrong.” Amazon hasn’t commented publicly yet on the issue.
Based on tweets and Down Detector, users began having trouble reaching Alexa around 7AM PST. While some had their connection issues resolved quickly, many others are still waiting.
#AlexaDown ! Now I have to remember how to turn the lights on and off again!
I would like to apologize to #alexa users worldwide for the 80 times my 6 year old requested “what does the fox say” today which surely caused the outage. She was right to shut down. Enough is enough. I hope @amazon can fix her. #alexadown
This follows an outage last month that mainly affected Echo devices in parts of the United Kingdom, Spain, Germany, and Australia. According to Down Detector’s outage map, however, most of the users who currently can’t reach Alexa are in the United States.
Alexa also suffered an outage in March after an Amazon Web Services networking issue.
TechCrunch has contacted Amazon for comment.
“Yeah! Well of course we’re working on it,” Facebook’s head of augmented reality Ficus Kirkpatrick …
Google Maps is getting a bunch of new features this week, so it’s time for a roundup! The first feature is definitely one nobody asked for: the new “Community Feed,” which is clearly trying to turn Google Maps into a social network. Google’s blog post says that “Every day, people submit more than 20 million contributions—including recommendations for their favorite spots, updates to business services, fresh reviews and ratings, photos, answers to other people’s questions, updated addresses and more.” So now Google Maps is getting a News Feed full of all these reviews and updates.
Google’s sales pitch reads “The feed shows you the latest reviews, photos and posts added to Google Maps by local experts and people you follow as well as food and drink merchants, and articles from publishers like The Infatuation.” All of these updates are in the style of a social network, with the author at the top, a “follow” link for the author, and the ability to “like” posts. The only thing it’s missing is comments!
To show how serious it is about this Google Maps Social Network thing, Google is putting the community feed front-and-center in the interface. When you open Google Maps, the community feed card is peeking up from the top of the screen, right on the main page of Maps. You just swipe up on it to read the latest updates. If you’re not on the main page of Maps, the community feed lives under the “explore” tab, the first tab on the Google Maps tab bar. This also looks like a great spot for ads.
Besides people you actively follow, it sounds like Google Maps is going to push updates from “local experts” to everyone, which hopefully won’t be abused. Google has to assume that, especially at first, everyone is going to have zero followers, so you’ve got to fill the feed with something. Google also says it will try to figure out your Google Maps interests and will fill the feed with recommendations for similar places. Today these recommendations exist in the “updates” tab, which is still in Google’s new images. Seems redundant.
Building numbers and crosswalks
For a less controversial addition, how about building numbers and crosswalks? Android Police has spotted even more detail being added to certain cities in Google Maps. If you zoom all the way in on places like NYC, you’ll see striped crosswalk paint in some roads and tiny little building numbers letting you know where the exact addresses are. These go great with Google Maps’ other recent detail addition: Traffic lights.
Android Police says this was first spotted in the Android Google Maps Beta, which you can sign up for here. I’m also seeing it on Google Maps on the web.
The “Go” tab: Google Maps Bookmarks
More tab shenanigans: Google Maps’ “Commute” tab (the second one) is turning into the “Go” tab, which sounds a lot more useful. Commute would only list navigation options to your home and work, but the “Go” tab is more of a general bookmark section. Besides your home and work, you can also pin frequently visited places to the “Go” tab, and navigate them to with a tap. It looks like this will also show suggestions too, which are typically based on things like your travel and search history.
Google says your pinned destinations will show live traffic info and accurate ETAs right from Go tab, which sounds handy. You can also pin public transit routes, which will show departure and arrival times, an up-to-date ETA, and any service alerts.
Google says “The Go Tab starts rolling out on Android and iOS in the coming weeks.” There’s no word on if you’ll be able to access these bookmarks from the web. Google didn’t say anything about the social network being on the web either. Someone remind Google that Google Maps has a website.
“Connected Photos” for Street View
Google’s ground-level Street View feature is getting another form of imagery that’s easier to record without special equipment. “Connected Photos” is a new feature more-or-less replicates the experience of walking down a street with street view, but without the hassle of taking a 360-degree photo. You just fire up the new Street View app, walk (or drive) down the street, and some sort of imagery will be created.
The feature requires an ARCore-compatible phone, Google’s 3D sensing Augmented Reality framework. It sounds like what is happening is that Google is recording a video with some 3D positional data, and as you move down the street, the best frames will be saved and converted into a series of still images for Street View. These aren’t 360 images, so you won’t be able to turn the camera, but you will be able to press the forward and backwards buttons to virtually walk down the street.
Back when this feature was in testing, it used to be called “Driving Mode” for Street View. So I guess Google wanted you to put the phones in a car mount, fire up the app, and let it collect as much data as possible while you drive around. The blog post shows a photo from the middle of a five-lane highway, so it seems like turning yourself into an amateur, 120-degree Street View car is still something Google would like you to do.
Google’s blog post says “Before this feature, you would typically need special 360-degree cameras to capture and publish Street View imagery.” That is …not accurate. Android has been able to capture Street View imagery for years, via the PhotoSphere feature that launched in 2012 on Android 4.2. Google Maps uploads of PhotoSpheres have been supported since 2013. PhotoSpheres are full 360 images, and taking them on a phone involves stitching together something like 15 photos. While the wizard walks you through the steps, it takes forever to make one, so Connected Photos is a simpler, higher-bandwidth way for the public to contribute pictures. It sounds like this is only an Android feature again, and you’ll need a new version of the Street View app, not Google Maps.
Wonder Woman 1984 will be the first film to stream in 4K HDR (UltraHD) on HBO Max when it premieres on the service in the US alongside a theatrical release on December 25. It will also stream with Dolby Atmos audio.
The news was announced in a tweet by Director Patty Jenkins:
Excited to announce that #WW84 will be the first film on HBO Max available in 4K Ultra HD, HDR 10, Dolby Vision AND Dolby Atmos! Can’t wait. IN THEATERS on Dec. 25th and exclusively streaming in the US on @hbomax. PLEASE find the biggest and highest quality screen you can!!
HBO Max is one of the most expensive streaming services at $14.99, but unlike the majority of its competitors, it has not previously included any 4K or HDR content.
For comparison, commercial-free monthly subscription costs for competing services include: $6.99 for Disney+ (4K), $9.99 for CBS All Access (HD), $8.99 for Amazon Prime Video (4K), $11.99 for Hulu (4K), $10.99 for Showtime (4K), $8.99 for Starz (4K), or $10 for Peacock (HD).
Only Netflix has a price point that rivals or beats HBO Max. Netflix’s HD-only subscription, which is equivalent in quality to HBO Max up to this point, recently saw its price raised from $12.99 to $13.99 per month. However, Netflix’s 4K-enabled subscription is now $17.99—three dollars more than HBO Max, albeit with a vast library of UltraHD content.
It’s important to note, though, that even services like Netflix or Hulu that offer 4K content have plenty of shows and movies that are only available in HD. The label here just means they offer at least some 4K content.
4K TVs accounted for a third of shipments in the US even back in 2017, but one analytics firm projected that 60 percent of new TV purchases in 2020 would be 4K. According to surveys from firms like IHS, around a third of US households already had 4K TVs as of 2019. We’re speculating a bit here, but there has been some data that correlates 4K TV ownership with streaming service usage, so it could be that well over a third of HBO Max viewers will get a better experience with the film (and presumably, with some other future HBO Max programming as well) as a result of this move.
It has been a red-letter week for fans of high-end TV tech like 4K and HDR. In addition to this announcement, all six films in The Lord of the Rings and The Hobbit trilogies became available in 4K HDR as well. It was already reported that the films would be released on UltraHD Blu-ray, but it was less widely reported that the physical release early this week was accompanied by quality upgrades in digital storefronts like iTunes and Amazon Video, too.
One of the Internet’s most aggressive threats has just gotten meaner, with the ability to infect one of the most critical parts of any modern-day computer.
Trickbot is a piece of malware that’s notable for its advanced capabilities. Its modular framework excels at gaining powerful administrator privileges, spreading rapidly from computer to computer in networks, and performing reconnaissance that identifies infected computers belonging to high-value targets. It often uses readily available software like Mimikatz or exploits like EternalBlue stolen from the National Security Agency.
Once a simple banking fraud trojan, Trickbot over the years has evolved into a full-featured malware-as-a-service platform. Trickbot operators sell access to their vast number of infected machines to other criminals, who use the botnet to spread bank trojans, ransomware, and a host of other malicious software. Rather than having to go through the hassle of ensnaring victims themselves, customers have a ready-made group of computers that will run their crimeware.
The first link in the security chain
Now, Trickbot has acquired a new power: the ability to modify a computer’s UEFI. Short for Unified Extensible Firmware Interface, UEFI is the software that bridges a computer’s device firmware with its operating system. As the first piece of software to run when virtually any modern machine is turned on, it’s the first link in the security chain. Because the UEFI resides in a flash chip on the motherboard, infections are difficult to detect and remove.
According to research findings published on Thursday, Trickbot has been updated to incorporate an obfuscated driver for RWEverything, an off-the-shelf tool that people use to write firmware to virtually any device.
At the moment, researchers have detected Trickbot using the tool only to test whether an infected machine is protected against unauthorized changes to the UEFI. But with a single line of code, the malware could be modified to infect or completely erase the critical piece of firmware.
“This activity sets the stage for TrickBot operators to perform more active measures such as the installation of firmware implants and backdoors or the destruction (bricking) of a targeted device,” Thursday’s post jointly published by security firms AdvIntel and Eclypsium stated. “It is quite possible that threat actors are already exploiting these vulnerabilities against high-value targets.”
Rare for now
So far, there have been only two documented cases of real-world malware infecting the UEFI. The first one, discovered two years ago by security provider ESET, was done by Fancy Bear, one of the world’s most advanced hacker groups and an arm of the Russian government. By repurposing a legitimate antitheft tool known as LoJack, the hackers were able to modify UEFI firmware so that it reported to Fancy Bear servers rather than ones belonging to LoJack.
The second batch of real-world UEFI infections were uncovered only two months ago by Moscow-based security firm Kaspersky Lab. Company researchers found the malicious firmware on two computers, both of which belonged to diplomatic figures located in Asia. The infections planted a malicious file in a computer’s startup folder so it would run whenever the computer booted up.
The motherboard-resident flash chips that store the UEFI have access control mechanisms that can be locked during the boot process to prevent unauthorized firmware changes. Often, however, these protections are turned off, misconfigured, or hampered by vulnerabilities.
UEFI infections at scale
At the moment, the researchers have seen Trickbot using it’s newly acquired UEFI-writing capabilities to test if the protections are in place. The presumption is that the malware operators are compiling a list of machines that are vulnerable to such attacks. The operators could then sell access to those machines. Customers pushing ransomware could use the list to overwrite the UEFI to make large numbers of machines unbootable. Trickbot clients intent on espionage could use the list to plant hard-to-detect backdoors on PCs in high-value networks.
Trickbot’s embrace of UEFI-writing code threatens to make such attacks mainstream. Instead of being the dominion of advanced persistent threat groups that typically are funded by nation states, access to UEFI-vulnerable computers could be rented out to the same lower-echelon criminals who now use Trickbot for other types of malware attacks.
“The difference here is that TrickBot’s modular automated approach, robust infrastructure, and rapid mass-deployment capabilities bring a new level of scale to this trend,” AdvIntel and Eclypsium researchers wrote. “All pieces are now in place for mass-scale destructive or espionage-focused campaigns that can target entire verticals or portions of critical infrastructure.”