Transportation

DJI Threatens Researcher Who Reported Exposed Cert Key, Credentials, and Customer Data (arstechnica.com) 1

An anonymous reader quotes Ars Technica: DJI, the Chinese company that manufactures the popular Phantom brand of consumer quadcopter drones, was informed in September that developers had left the private keys for both the "wildcard" certificate for all the company's Web domains and the keys to cloud storage accounts on Amazon Web Services exposed publicly in code posted to GitHub. Using the data, researcher Kevin Finisterre was able to access flight log data and images uploaded by DJI customers, including photos of government IDs, drivers licenses, and passports. Some of the data included flight logs from accounts associated with government and military domains.

Finisterre found the security error after beginning to probe DJI's systems under DJI's bug bounty program, which was announced in August. But as Finisterre worked to document the bug with the company, he got increasing pushback -- including a threat of charges under the Computer Fraud and Abuse Act. DJI refused to offer any protection against legal action in the company's "final offer" for the data. So Finisterre dropped out of the program and published his findings publicly yesterday, along with a narrative entitled, "Why I walked away from $30,000 of DJI bounty money."

The company says they're now investigating "unauthorized access of one of DJI's servers containing personal information," adding that "the hacker in question" refused to agree to their terms and shared "confidential communications with DJI employees."
Businesses

Walmart Says It's Preordered 15 of Tesla' New Semi Trucks (theverge.com) 132

Soon after Tesla unveiled its new electric Semi Truck and Roadster 2.0, Walmart says it has preordered 15 of the trucks. The Verge notes that the deal was "likely in the works before Tesla unveiled its new truck to the public." From the report: The pilot is planned for the U.S. and Canada. Five of the preordered vehicles will be for Walmart's U.S. business, and 10 will be for its Canadian routes, the company said. Walmart's fleet has about 6,000 trucks. "We have a long history of testing new technology -- including alternative-fuel trucks -- and we are excited to be among the first to pilot this new heavy-duty electric vehicle," the company said in a statement. "We believe we can learn how this technology performs within our supply chain, as well as how it could help us meet some of our long-term sustainability goals, such as lowering emissions." Musk said the truck would enter production in 2019. JB Hunt Transport Services, a 56-year-old company based in Arkansas, also reserved "multiple" new Tesla trucks as well.
Businesses

Volkswagen To Spend Over $40 Billion on Electric and Self-Driving Cars (reuters.com) 89

Volkswagen plans to spend more than 34 billion euros ($40 billion) over the next five years on developing electric cars, autonomous driving and other new technologies, it said on Friday. "With the planning round now approved, we are laying the foundation for making Volkswagen the world's number one player in electric mobility by 2025," Chief Executive Matthias Mueller said in a statement.
Power

Tesla Is Rethinking the Rest Stop For California Road Trips (bloomberg.com) 109

An anonymous reader quotes a report from Bloomberg: In-N-Out Burgers has some new competition for attracting drivers on two heavily traveled stretches of California freeways that help link Los Angeles to Las Vegas and San Francisco: Tesla's biggest Supercharger stations yet. The charging stations in Kettleman City, off Interstate 5, and Baker, near Interstate 15, each have 40 stalls, making them the largest among more than 1,000 in North America, according to an emailed statement Wednesday. If filling up your Tesla takes half an hour, you might as well get comfortable. The Kettleman City station north of Bakersfield has a play wall for kids, a pet relief area and outdoor space for families. It's open round-the-clock, there's wi-fi and there will be food as well. But if you want to stretch your legs, the nearest In-N-Out is just across the street. And there are inevitable Tesla touches at both: solar-covered parking and Tesla Powerpacks.
Transportation

Tesla Unveils 500-Mile Range Semi Truck, 620-Mile Range Roadster 2.0 356

Rei writes: During a live reveal on Thursday, Tesla unveiled its new electric Class 8 Heavy Duty vehicle. As most people familiar with Tesla products would expect, the day cab truck features staggeringly fast acceleration for a vehicle of its size. It can accelerate 0-60 in 5 seconds without a trailer and 20 seconds with a 40-ton gross weight while being able to pull its maximum payload up a 5-degree grade at 65mph (versus a typical maximum of 45mph). The 500-mile range is for the vehicle at full load and highway speeds (80% of U.S. freight routes are 250 miles or less). Tesla also boasts a million mile no-breakdown guarantee; even losing two of its four motors it can out-accelerate a typical diesel truck. The total cost per mile is pegged at 83% of operating a diesel, but when convoying is utilized -- where multiple trucks mirror the action of a lead truck -- the costs drop to 57%, a price cheaper than rail. Tesla went a step further and stole the show from their own event by having the first prototype of the new Tesla Roadster drive out of the back of the truck. With the base model alone boasting a 620 mile range on a 200kWh battery pack with 10kN torque, providing a 1.9 second 0-60, 4.2 second 0-100, and 8.9 second quarter mile, the 2+2-seating convertible will easily be the fastest-accelerating production car in the world. Top speed is not disclosed, but said to be "at least 250mph." The vehicle's release date, however, is not scheduled until 2020.
Transportation

Virgin Hyperloop One Eyes India For Possible High-Speed Routes (theverge.com) 37

India is officially being added to the list of nations that have expressed interest in near-supersonic, tube-based travel. Virgin Hyperloop One "signed agreements with the governments of Maharashtra and Karnataka to begin studying the impact of a hyperloop in the region," reports The Verge. "The feasibility studies have implications for India's giant cities like Mumbai and Bangalore, as well as fast-growing urban centers like Pune and Nagpur." From the report: The agreements are signs that despite its lack of a commercial product or human-ready testing, Virgin Hyperloop One has shown a tenacity for securing agreements with willing government partners. The company recently announced 10 winning submissions in a long-running contest to find what it believes to be the best places to build the first hyperloop routes in the world. Ten teams across five countries (Mexico, India, the United States, the United Kingdom, and Canada) were picked from the original 2,600 submissions, and the routes range in size from about 200 to nearly 700 miles, depending on the location. Virgin Hyperloop One hasn't specified the length of the routes it would build in India -- to be sure, it remains possible that none of these proposed routes get built -- but it did tease some of the possibilities in terms of reduction in travel time. For example, it would take just 14 minutes to travel between Mumbai and the fast-growing city of Pune, a journey that currently takes up to three hours by car. Also, it could look at connecting Nagpur, which is in the easternmost part of Maharashtra, with Mumbai and Pune to vastly improve passenger and freight transportation.
China

China Builds World's Fastest Hypersonic Wind Tunnel To Simulate Flight At 27,000 MPH (scmp.com) 63

schwit1 quotes a report from South China Morning Post: China is building the world's fastest wind tunnel to simulate hypersonic flight at speeds of up to 12 kilometers per second (~27,000 miles per hour). Zhao Wei, a senior scientist working on the project, said researchers aimed to have the facility up and running by around 2020 to meet the pressing demand of China's hypersonic weapon development program. "It will boost the engineering application of hypersonic technology, mostly in military sectors, by duplicating the environment of extreme hypersonic flights, so problems can be discovered and solved on the ground," said Zhao. The world's most powerful wind tunnel at present is America's LENX-X facility in Buffalo, New York state, which operates at speeds of up to 10 kilometers per second -- 30 times the speed of sound. Hypersonic aircraft are defined as vehicles that travel at speeds of Mach 5, five times the speed of sound, or above.

In the new tunnel there will be a test chamber with room for relatively large aircraft models with a wing span of almost three meters. To generate an airflow at extremely high speeds, the researchers will detonate several tubes containing a mixture of oxygen, hydrogen and nitrogen gases to create a series of explosions that can discharge one gigawatt of power within a split second, according to Zhao. The shock waves, channelled into the test chamber through a metallic tunnel, will envelope the prototype vehicle and increase the temperature over its body to 8,000 Kelvins, or 7,727 degrees Celsius, Zhao said. The new tunnel would also be used to test the scramjet, a new type of jet engine designed specifically for hypersonic flights. Traditional jet engines are not capable of handling air flows at such speeds.

Japan

Apology After Japanese Train Departs 20 Seconds Early (bbc.com) 214

Several readers share a BBC report: A rail company in Japan has apologised after one of its trains departed 20 seconds early. Management on the Tsukuba Express line between Tokyo and the city of Tsukuba say they "sincerely apologise for the inconvenience" caused. In a statement, the company said the train had been scheduled to leave at 9:44:40 local time but left at 9:44:20. Many social media users reacted to the company's apology with surprise. "Tokyo train company's apology for 20-second-early departure is one of the best things about Japan," a user wrote. The mistake happened because staff had not checked the timetable, the company statement said.
Transportation

Boeing 757 Testing Shows Airplanes Vulnerable To Hacking, DHS Says (aviationtoday.com) 140

schwit1 shares a report from Aviation Today: A team of government, industry and academic officials successfully demonstrated that a commercial aircraft could be remotely hacked in a non-laboratory setting last year, a DHS official said Wednesday at the 2017 CyberSat Summit in Tysons Corner, Virginia. "We got the airplane on Sept. 19, 2016. Two days later, I was successful in accomplishing a remote, non-cooperative, penetration. [Which] means I didn't have anybody touching the airplane, I didn't have an insider threat. I stood off using typical stuff that could get through security and we were able to establish a presence on the systems of the aircraft." Hickey said the details of the hack and the work his team are doing are classified, but said they accessed the aircraft's systems through radio frequency communications, adding that, based on the RF configuration of most aircraft, "you can come to grips pretty quickly where we went" on the aircraft. Patching avionics subsystem on every aircraft when a vulnerability is discovered is cost prohibitive, Hickey said. The cost to change one line of code on a piece of avionics equipment is $1 million, and it takes a year to implement. For Southwest Airlines, whose fleet is based on Boeing's 737, it would "bankrupt" them. Hickey said newer models of 737s and other aircraft, like Boeing's 787 and the Airbus Group A350, have been designed with security in mind, but that legacy aircraft, which make up more than 90% of the commercial planes in the sky, don't have these protections.
The Courts

Tesla Is a 'Hotbed For Racist Behavior,' Worker Claims In Lawsuit (bloomberg.com) 299

An African-American employee has filed a lawsuit against Tesla, claiming their production floor is a "hotbed for racist behavior" and that black workers at the electric carmaker suffer severe and pervasive harassment. "The employee says he's one of more than 100 African-American Tesla workers affected and is seeking permission from a judge to sue on behalf of the group," reports Bloomberg. "He's seeking unspecified general and punitive monetary damages as well as an order for Tesla to implement policies to prevent and correct harassment." From the report: "Although Tesla stands out as a groundbreaking company at the forefront of the electric car revolution, its standard operating procedure at the Tesla factory is pre-Civil Rights era race discrimination," the employee said in the complaint, filed Monday in California's Alameda County Superior Court. The lawsuit was filed on behalf of Marcus Vaughn, who worked in the Fremont factory from April 23 to Oct. 31. Vaughn alleged that employees and supervisors regularly used the "N word" around him and other black colleagues. Vaughn said he complained in writing to human resources and Musk and was terminated in late October for "not having a positive attitude."
The Almighty Buck

Study Finds SpaceX Investment Saved NASA Hundreds of Millions (popularmechanics.com) 156

schwit1 shares a report from Popular Mechanics: When a SpaceX Dragon spacecraft connected with the International Space Station on May 25, 2012, it made history as the first privately-built spacecraft to reach the ISS. The Dragon was the result of a decision 6 years prior -- in 2006, NASA made an "unprecedented" investment in SpaceX technology. A new financial analysis shows that the investment has paid off, and the government found one of the true bargains of the 21st century when it invested in SpaceX. A new research paper by Edgar Zapata, who works at Kennedy Space Center, looks closely at the finances of SpaceX and NASA. "There were indications that commercial space transportation would be a viable option from as far back as the 1980s," Zapata writes. "When the first components of the ISS were sent into orbit 1998, NASA was focused on "ambitious, large single stage-to-orbit launchers with large price tags to match." For future commercial crew missions sending astronauts into space, Zapata estimates that it will cost $405 million for a SpaceX Dragon crew deployment of 4 and $654 million for a Boeing Starliner, which is scheduled for its first flight in 2019. That sounds like a lot, and it is, but Zapata estimates that its only 37 to 39 percent of what it would have cost the government.
Transportation

US Airports Still Fail New Security Tests (go.com) 182

schwit1 quotes ABC News: In recent undercover tests of multiple airport security checkpoints by the Department of Homeland Security, inspectors said screeners, their equipment or their procedures failed more than half the time, according to a source familiar with the classified report. When ABC News asked the source if the failure rate was 80 percent, the response was, "You are in the ballpark." In a public hearing after a private classified briefing to the House Committee on Homeland Security, members of Congress called the failures by the Transportation Security Administration disturbing. Rep. Mike Rogers went as far as to tell TSA Administrator David Pekoske, "This agency that you run is broken badly, and it needs your attention."
Encryption

Following Equifax Breach, CEO Doesn't Know If Data Is Encrypted (techtarget.com) 104

An anonymous reader quotes a report from TechTarget: Equifax alerted the public in September 2017 to a massive data breach that exposed the personal and financial information -- including names, birthdays, credit card numbers and Social Security numbers -- of approximately 145 million customers in the United States to hackers. Following the Equifax breach, the former CEO Richard Smith and the current interim CEO Paulino do Rego Barros Jr. were called to testify before the Committee on Commerce, Science, and Transportation this week for a hearing titled "Protecting Consumers in the Era of Major Data Breaches." During the hearing, Sen. Cory Gardner (R-Colo.) questioned Smith and Barros about Equifax's use of -- or lack of -- encryption for customer data at rest. Smith confirmed that the company was not encrypting data at the time of the Equifax breach, and Gardner questioned whether or not that was intentional. "Was the fact that [customer] data remained unencrypted at rest the result of an oversight, or was that a decision that was made to manage that data unencrypted at rest?" Gardner asked Smith. Smith pointed out that encryption at rest is just one method of security, but eventually confirmed that a decision was made to leave customer data unencrypted at rest. "So, a decision was made to leave it unencrypted at rest?" Gardner pushed. "Correct," Smith responded.

Gardner moved on to Barros and asked whether he has implemented encryption for data at rest since he took over the position on Sept. 26. Barros began to answer by saying that Equifax has done a "top-down review" of its security, but Gardner interrupted, saying it was a yes or no question. Barros stumbled again and said it was being reviewed as part of the response process and Gardner pushed again. "Yes or no, does the data remain unencrypted at rest?" "I don't know at this stage," Barros responded. "Senator, if I may. It's my understanding that the entire environment [in] which this criminal attack occurred is much different; it's a more modern environment with multiple layers of security that did not exist before. Encryption is only one of those layers of security," Smith said.

Businesses

Uber Drivers Have Rights on Wages and Time Off, UK Panel Rules (apnews.com) 125

Uber suffered a blow on Friday to its operations in its biggest market outside the United States when a British panel ruled in London rejected the company's argument that its drivers were self employed. The decision, which affirmed a ruling made last year, means that Uber will have to ensure its drivers in Britain are paid a minimum wage and entitled to time off, casting doubt on a common hiring model in the so-called gig economy that relies on workers who do not have a formal contract as permanent employees. From a report: Judge Jennifer Eady rejected Uber's argument that the men were independent contractors, because the drivers had no opportunity to make their own agreements with passengers and the company required them to accept 80 percent of trip requests when they were on duty. The tribunal, Eady wrote in her decision, found "the drivers were integrated into the Uber business of providing transportation services." The ride-hailing service said it has never required drivers in the U.K. to accept 80 percent of the trips offered to them and that drivers make well above the minimum wage. Employment lawyers expect the case to be heard by higher courts as early as next year.
Transportation

Self-Driving Shuttle Involved In Crash Two Hours After Debut (www.cbc.ca) 204

New submitter Northern Pike writes: Las Vegas roll out of new driver-less shuttle spoiled by human error. It sounds like the shuttle did what it was designed to do but the human semi driver wasn't as careful. "The shuttle did what it was supposed to do, in that it's (sic) sensors registered the truck and the shuttle stopped to avoid the accident," the city said in a statement. "Unfortunately the delivery truck did not stop and grazed the front fender of the shuttle. Had the truck had the same sensing equipment that the shuttle has the accident would have been avoided." The self-driving shuttle can transport up to 12 people and has a attendant and computer monitor, but no steering wheel and no brake pedals. It relies heavily on GPS, electronic curb sensors and other technology to make its way.
NASA

NASA: We're Not Building Flying Taxi Software For Uber (theregister.co.uk) 24

News outlets reported on Wednesday that Uber had signed a contract with NASA to develop software for the ride-hailing company's autonomous "flying taxis." A day later, the space agency has clarified its involvement in the project and the specifics of the contract. From the report: Uber's chief product officer Jeff Holden spoke at the Web Summit in Lisbon yesterday where he was promoting the fledgling autonomous taxi project, revealed last year, Uber Elevate. And of course he never claimed that NASA was working on software for his firm, merely explaining that it had inked an agreement to work with the public body on the latter's air traffic control project. Uber told us that while NASA was not "committing funding or anything like that", it said "having their decades of aeronautic experience actively collaborating with our engineers is a huge help for tackling the aviation traffic management hurdles." A NASA spokesperson, meanwhile, told us Uber had indeed signed what it described as a "generic Space Act Agreement" for participation in the programme back in January, joining a "multitude" of others. The project and its members are "researching prototype technologies for a UAS Traffic Management (UTM) system that could develop airspace integration requirements for enabling safe, efficient low-altitude operations," according to NASA's website. So no new news on the software front.
NASA

NASA Is Working With Uber on Its Flying Taxi Project 51

Ride-hailing service Uber on Wednesday took a step forward in its plan to make autonomous "flying taxis" a reality, signing a contract with NASA to develop the software to manage them. From a report: Uber said at the Web Summit tech conference in Lisbon that it signed a Space Act Agreement with NASA for the development of "unmanned traffic management." This is NASA's push to figure out how unmanned aerial systems (UAS), such as drones that fly at a low altitude, can operate safely. Uber wants to make vertical take-off and landing vehicles. That will allow their flying cars to take off and land vertically. They will fly at a low altitude. This is the start-up's first partnership with a U.S. federal government agency. NASA is also working with other companies to develop traffic management for these low altitude vehicles. "UberAir will be performing far more flights on a daily basis than it has ever been done before. Doing this safely and efficiently is going to require a foundational change in airspace management technologies," Jeff Holden, chief product officer at Uber, said in a statement on Wednesday. "Combining Uber's software engineering expertise with NASA's decades of airspace experience to tackle this is a crucial step forward for Uber Elevate."
Transportation

Alphabet Is Finally Taking the Driver Out of Some of Its Driverless Cars (recode.net) 176

An anonymous reader shares a report: After almost a decade, Google's parent company Alphabet is getting closer to fulfilling its promise of rolling out cars that can take anyone anywhere without a driver behind the wheel. Alphabet's self-driving car company, Waymo, is introducing truly driverless cars to public roads for the first time, the company's CEO John Krafcik announced today at the Web Summit conference. That means there won't have to be a person sitting in the driver's seat, waiting to take over, and that the car's computer system will complete all parts of the driving task -- though for now, only in some of the company's cars in Phoenix, Ariz. While this move is still geographically limited, it marks the beginnings of Alphabet's driverless future finally becoming a reality. No other company has succeeded in operating a fleet of fully driverless cars on public roads.
Transportation

Toyota Is Uneasy About the Handoff Between Automated Systems and Drivers (caranddriver.com) 135

schwit1 shares a report from Car and Driver: Toyota has not yet decided whether it will bring a car to market that is capable of automated driving in some situations yet still requires a human driver behind a wheel who can take control if needed -- but the automaker, characteristically, is more cautious than many about moving forward with the technology. Citing safety concerns regarding the handoff between self-driving technology and human driver, Kiyotaka Ise, Toyota's chief safety technology officer, said the biggest issue with these kinds of systems is that "there is a limbo for several seconds between machine and human" in incidents when a car prompts a human to retake control if it cannot handle operations. These kinds of systems, defined as Level 3 autonomy by SAE, have divided automakers and tech companies in their approaches to developing cars for the self-driving future. As opposed to Level 2 systems, like Tesla Motors' Autopilot, in which a human driver is expected to keep his or her eyes and attention on the road while a system conducts most aspects of the driving, Level 3 is characterized by the system's claiming responsibility for the driving task when it is enabled. Although Toyota assures us that its researchers are hard at work figuring out the challenges of Level 3 autonomy, it seems like the company could eventually join others moving directly from its current Level 2 system to a Level 4 system. Given the self-driving race has been on for a while, this could put Toyota at a competitive disadvantage, but it's clear engineers at the company care more about getting things right than they do about being first.
Transportation

Uber Commits $5 Million To Sexual Assault, Domestic Violence Prevention (gizmodo.com) 78

Uber announced on Sunday that it's taking new steps toward preventing sexual assault and domestic violence, starting with a $5 million donation to its partners -- Raliance, National Network to End Domestic Violence, No More, Women of Color Network, Casa de Esperanza, A Call to Men, and The National Coalition of Anti-Violence Programs -- along with an employee training program and in-app messaging to educate riders and drivers. Gizmodo reports: "As a result of this ongoing collaboration we have begun to make important changes internally and will commit to use Uber's scope and visibility to help drive awareness, education, and prevention of sexual assault and domestic violence to millions globally," said Uber's announcement. Uber wrote on its blog that its technology "enhances safety for riders and drivers in ways that weren't possible before such as GPS tracking, the ability to share a trip with family and friends, and 24/7 support through the app." But the company has failed to adopt measures like more rigorous driver background checks, despite urging by lawmakers. The ride-sharing service left Austin altogether last year (along with Lyft) because it refused to fingerprint its drivers. Uber has argued that mandated fingerprinting is too burdensome. Advocates for fingerprinting argue that it helps ensure rider safety.

Slashdot Top Deals