samedi 24 décembre 2022

EcoFlow Power Kit review: off-grid living made easy

EcoFlow Power Kit review: off-grid living made easy

A game-changing all-in-one power system for cabins and RVs that can be installed relatively quickly. Just add solar.

There’s never been a better time to become a digital nomad.

Many employers not named Elon Musk now offer flexible work-from-home arrangements, enacted during the pandemic and made permanent in 2022. Ironically, Musk’s little Starlink RV service has been a boon to remote working by bringing relatively fast internet to great swaths of digital wilderness, even while driving. And for those looking to go truly remote, dozens of countries, like Spain, Barbados, Namibia, and Malaysia, now offer temporary residency permits to digital workers of foreign-based employers.

You can also take your nomadic existence off the grid thanks to advances in solar panels and batteries. High-capacity batteries now charge faster, last longer, weigh less, and offer improved safety thanks to the adoption of lithium iron phosphate (LFP or LiFePO4) chemistry. That’s good because you’ll be needing lots of power if you want to live and work from the beach, forest, or mountain top comfortably.

But you can’t count on the sun’s power alone. For extended off-grid stays, you’ll need the ability to replenish those batteries with whatever resources you have at your disposal, be it AC outlets at an RV park (aka, “shore power”), your van’s alternator, and even a diesel generator or wind turbine in a pinch. That’s where the new EcoFlow Power Kits come in.

EcoFlow announced its expandable Power Kit series back in June as an all-in-one turnkey solution to easily bring power to remote cabins and RVs. It’s meant to improve and simplify everything from planning and installation to operation compared to bespoke electrical systems sold today by industry stalwarts like Victron Energy.

In particular, EcoFlow claims that its Power Kits can fit “any van size” and be set up “five times faster” than traditional systems. So I put those claims to the test with the help of both novice and professional installers.

The novice installation was done in an old Ford Transit Westfalia Nugget — the van you rebuild because your parents sold it to you cheap — by Roel, a regular guy capable of installing a light switch or two. The professional installation was done in a Mercedes-Benz Sprinter — the gold standard for vanlifers — by Fabian van Doeselaar, the owner of Origin Travelvans.

Fabian came away so impressed that he’s redesigning the Victron-based interiors of his custom adventure vans to accommodate the EcoFlow Power Kit. It’s not a perfect system, especially for Roel’s smaller van, but EcoFlow’s solution has far more pluses than minuses.

Just make sure the employer that supports your dreams of escapism also pays well. EcoFlow Power Kits aren’t cheap, with prices starting around $4,000. And that’s before you add any solar panels.

@verge

EcoFlow claims that its Power Kits are a game-changing all-in-one power system for off-grid cabins and RVs. So we put that to the test. #vanlife #vanlifetravel #ecoflow

♬ original sound - The Verge

What’s in the kit?

EcoFlow sells its Power Kits with a wide range of configurations that can scale for different needs. The base configuration comes with the Power Hub, cables, and choice of batteries for a total capacity between 2kWh and 15kWh.

The EcoFlow Power Kit. From left to right: one 5kWh battery, the battery cable, and the Power Kit box. Below the box is the console display and AC/DC Smart Distribution Panel and cover. Then you see the included Power Hub cabling, and the Power Hub itself.

The Power Hub is the brains of the system and provides a central point of connectivity for the batteries and all of the inputs and outputs. It combines several functions that would typically require their own boxes and external wiring. Inside the Power Hub, you’ll find three MPPT solar charge controllers, an inverter charger, a DC-DC step-down converter, and a DC-DC battery charger. For many installations, this all-in-one approach is an advantage, but when space is severely limited, it can be advantageous to have multiple smaller devices that can be tucked into any available nook (more on that later).

Optionally, you can add both a $499 AC/DC Smart Distribution Panel and a $349 wired seven-inch touchscreen console display for independent control over all of your vehicle’s electrical devices. The console might be redundant for some since it just mimics functionality already included in the excellent EcoFlow app, but others will gladly pay to have a dedicated display mounted inside their van or tiny home.

Up to three batteries can be plugged into the Power Hub, but you can’t mix 2kWh batteries with 5kWh batteries. The batteries are heated, allowing them to both discharge and charge when the temperature drops below freezing outside without affecting their performance or lifespan. Charge heating turns on automatically when temperatures fall below 32 degrees F (0 degrees C) and consumes power from the external charging source (such as solar panels), whereas the battery powers discharge heating, which is why it must be enabled manually to avoid unexpected battery depletion.

Power Kit bundles don’t include any solar panels. The Power Hub is designed to easily connect to any of EcoFlow’s own rigid, flexible, or portable solar panels, but it also works with third-party panels (using standard MC4 connectors or adapters) so long as their maximum open circuit voltage doesn’t exceed 150V. It supports up to 4800W of total solar input spread across three 1600W ports.

The Power Hub is a 48-volt system that uses a step-down DC-DC module to make it compatible with campers built around common 12V or even 24V systems. 48V has a number of advantages including lower current for the same power output, allowing for much thinner (and lighter) cables to be used throughout the vehicle.

The Power Hub inverter is capable of producing up to 3600W (7200W peak), which is enough to easily power just about any AC appliance you’d want to install inside the van, including induction cooktops and air conditioners. (Yes, EcoFlow makes one of those, too.) The Power Hub can even power AC devices drawing up to 5000W thanks to EcoFlow’s X-Boost tech, which lowers the output voltage, thereby reducing the performance of high-wattage devices. It’s best to think of X-Boost as a safety net that could occasionally get you out of a jam.

Power Kit components on left mirrored by a similar Victron system (with much smaller battery capacity) in blue on the right. EcoFlow requires a lot fewer components.

The image above shows all of the EcoFlow Power Kit components laid out like a mirror with a comparable system (with much smaller battery capacity) from Victron Energy used in Fabian’s vans. Victron’s little blue boxes are fantastically capable and scalable, which has made them the go-to brand for van builders around the world. But they require knowledge approaching that of an experienced electrician in order to choose the right components and then mount and wire them together correctly. On the other hand, professionals like Fabian can fine-tune Victron configurations to the exact needs of a particular build, which can save money and maybe even a little space.

Some other notable features:

  • Automatic Bypass mode sends externally connected AC power directly to AC appliances in the van while the batteries charge.
  • The Power Hub’s alternator port is wired directly to the van’s starter battery (which is connected to the vehicle’s alternator). The Power Hub stops drawing current when the vehicle is idle by default, although that can be overridden in the app.
  • EcoFlow’s iOS and Android app works over Bluetooth or 2.4GHz Wi-Fi to manage inputs and outputs with impressive granularity.
  • An integrated Battery Management System (BMS) monitors temperature, voltage, and current to keep everything operating safely.
  • EcoFlow tells me that Power Kits work with some wind turbines in the 12-60V, 30A range to charge with DC. EcoFlow is exploring a portable wind turbine product for possible release sometime in 2023.
  • EcoFlow sells a $1,399 dual-fuel Smart Generator that can plug into the Power Hub for emergency AC or DC charging power. It’ll continue to run for as long as you have either propane or diesel to fuel it.
 Image: EcoFlow
The Power Hub is the central point of connectivity. The EcoFlow Smart Generator (5) can also be a third battery like Fabian’s setup.

Installation

Both Roel and Fabian had the same comment upon receipt of their review units: “It’s all very Apple-like.” The experience starts with a gee-whiz unboxing that reveals great looking hardware and an app experience that overdelivers — all highly unusual in the world of van builders.

Both installers commented on how “Apple-like” the hardware and software experience was.
The power button on the Power Hub is neatly hidden below this mechanical flap.
Each cable is well made and labeled to avoid confusion.
Simple touches like this paper template were a big help with installation.

The installation benefits from easy to understand instructions available in many languages, quick and informative support videos on EcoFlow’s YouTube channel, and a 1:1 scale paper template to help optimize placement and avoid any time-consuming mistakes.

“By comparison, Victron’s manuals contain large amounts of information that elaborate on the whole system. That can get confusing, sometimes,” says Fabian. “EcoFlow’s manuals are small but explain enough to know how to install it. For many people I think it’s better.”

EcoFlow’s cables are also well built and labeled to avoid any confusion. Screws and other small parts are bagged separately to keep things organized, and lock washers come fitted to bolts in a way that prevents them from coming loose and being lost. Such attention to detail was appreciated by both installers. “It’s very hard to make a mistake,” says Roel.

The level of fit and finish on each Power Kit component is also unusual for systems that typically get installed inside cabinets or underneath seats. Even the monochromatic cables look nice compared to the mess of wiring spaghetti needed for other power systems. Both Roel and Fabian would have no problem leaving some, or all, of the components exposed in their builds. Mounting the Power Hub out in the open lets you see the status lights for charging and output while also providing quick access to buttons that turn on and off the AC and DC outputs. That might come in handy if you don’t feel like firing up the app or walking over to the Power Kit console display.

EcoFlow really nailed the rugged yet refined adventure van aesthetic, something Fabian had already adopted for his custom van builds.

Fabian, the pro, tests “five times faster” claim

Fabian is the owner of Origin Travelvans, a Netherlands-based builder of custom VW Crafter and Mercedes-Benz Sprinter vans for “true adventurers and digital nomads.” His adventurous spirit and mechanical know-how are shared by his brother Mathieu, who makes rugged accessories for adventure vans in Europe and the US through his company Dutch Van Parts. The brothers are experts in van customizations, both inside and out.

Fabian working inside one of his custom Origin Travelvans Mercedes-Benz Sprinter builds with his brother’s Dutch Van Parts accessories mounted on the roof and rear doors.

Fabian received the largest (and most expensive at $15,000) 15kWh Power Kit system for installation in his Mercedes-Benz Sprinter L2H2, the workhorse panel van used throughout Europe. This custom six-meter (almost 20-foot) van is Fabian’s personal test vehicle, where he can live with new technologies, components, and layouts before offering them to customers for prices that can exceed $150,000.

His Sprinter van was already fitted with a power system from Victron Energy, which had to be removed prior to installing the EcoFlow Power Hub, Smart AC/DC Distribution Panel, and batteries in the reclaimed space. What you see pictured, including all of the leftover red cabling, is not Fabian’s final assembly, but it’s a reasonable approximation to test EcoFlow’s claim that the Power Kit can be set up and installed “five times faster” than competing systems.

Tucking everything away for a nice clean finish.

Before making the Power Kit installation permanent, Fabian first needs to redesign his custom aluminum cabinets to optimize the fit of each EcoFlow component for easy access and ventilation. See, after spending a few weeks with the Power Kit, Fabian is confident that his future Origin Travelvans will be built around EcoFlow systems, despite experiencing a few hiccups along the way (more on that later).

The AC/DC Smart Distribution Panel might be Fabian’s favorite part of the Power Kit. First, it simplifies the installation and makes it safer by terminating all the wiring inside of a central box using quick-connect wire snaps, while isolating all of the DC and AC cable runs from each other. It has six AC positions and 12 fused DC positions, six of which you can control and monitor independently from either the EcoFlow app or Power Kit console display. Other systems (like Victron) can do this, but it’s more time-consuming and complex to set up since it requires multiple modules that have to be linked together with software and wiring.

Fabian currently standardizes his builds around a couple of Victron system configurations — one for medium power needs and one for high — to simplify his installation process. “But now the Power Kit system allows me to really quickly have new setups and new possibilities without having to completely redesign the distribution,” says Fabian. “And for me as a builder, it’s absolutely great. It simplifies everything. It’s a huge difference from Victron.”

The Smart Distribution Panel is also beneficial to the van owner. Seeing both historic and real-time power consumption for specific AC devices like air conditioners and induction cooktops and DC devices like fridges and lights can help users live more efficiently in order to maximize the time spent off-grid. It also brings many smart-home conveniences to vanlife.

The Power Kit is not a perfect system, however.

To start with, Power Hub placement is limited by the length of the LFP battery cables, which measure just 1.5m (4 feet, 11 inches). That’s not a problem for systems with less battery capacity, but Fabian’s 15kWh config has three giant 5kWh LFP batteries to cable back to the Power Hub, each measuring 19.7in (50cm) wide. As such, the battery that is furthest away is going to determine the location of the Power Hub and vice versa. That’s probably why EcoFlow is so fond of showing its three-battery systems stacked vertically inside vans. But that doesn’t make much sense for Fabian’s 4x4 vans that perform better with the interior weight evenly distributed low to the ground.

The EcoFlow dual-fuel Smart Generator next to Fabian’s three LFP batteries in their temporary position. The batteries will likely be hidden in the final design.

In fact, Fabian says his 15kWh configuration is overkill for a typical van and is better suited for tiny off-grid homes fitted with heavy-duty appliances. “I think if you are living and working off-grid, three batteries is definitely a bonus. But for a general system installed in a van, I think you should be okay with one 5kWh battery.” Nevertheless, Fabian plans to tap into all of that capacity to build a propane-free showcase van loaded with power-hungry kitchen, environmental, and entertainment tech.

Installation is also constrained by EcoFlow’s relatively large ventilation requirements that whittle away at precious space. The Power Hub requires at least 10cm (about four inches) on three sides (5cm / 2in on the left side) to ensure proper ventilation. “The Power Hub is a nice compact unit. On the other hand, it does need a lot of room for ventilation according to the manual,” says Fabian. “The Victron elements are smaller and separate, so you can find better ways to use available space.”

The Power Hub’s high-speed fans can get really loud as well. They spin up quickly after plugging the Power Hub into shore power for charging. EcoFlow has a reputation for its loud fans, but that’s unavoidable with the current state of fast-charging tech. Fortunately, you can reduce the charging amperage in the app to lower the fan speeds, which could be a lifesaver if you need to charge overnight at an RV park while trying to sleep.

Fabian working from his van with the EcoFlow console showing charge status behind him.

There’s also the issue of bugs. After installation, Fabian discovered that the batteries were draining despite all of his AC and DC devices being shut off, with two of his batteries discharging faster than the third. These issues were resolved through a series of firmware updates over a period of about four weeks. EcoFlow has a reputation for being quick to squash bugs. That’s good, but you have to wonder how such obvious issues allowed the product to ship in the first place and what new problems will be discovered over long-term testing.

Fabian’s final issue is a minor one. Unlike the LFP battery cables, most of the cables that ship with the kit are simply too long. Fabian specializes in building lightweight adventure vans in order to avoid European restrictions that kick in above 3.5 metric tons — so every gram counts. As such, he eventually plans to shorten the cables that run from the Power Hub to the starter battery and Smart Distribution Panel. That’s no problem, though, as the connectors are designed to be opened in order to cut and reconnect the internal wires. And that work pales in comparison to all of the cables Fabian had to create from scratch for the Victron systems he’s been using.

With regard to EcoFlow’s claim that the Power Kit can be installed “five times faster” than competing systems, that’s true, according to Fabian. His installation took less than five hours and included a deep dive into the manuals. Fabian notes, however, that the speed claim is only true for fully specced systems like the one he installed. If your needs are simple and therefore don’t require a lot of cabling and configuration, then the Power Kit won’t save a ton of time, he says.

Roel, the novice, tests “any van size” claim

Roel is confident enough around home electricity to wire up a light switch and install his own solar panels. He has no interest in becoming fodder for the internet’s advertising engines, though, which is why I agreed to withhold his last name.

Roel installing his entry-level Power Kit in his small Ford Westfalia campervan.

Roel received the smallest 2kWh Power Kit ($4,000) to install in his 16-year-old Ford Westfalia Nugget. When EcoFlow says its Power Kit can fit “any van size,” well, this is the campervan to prove it.

To fit the Power Hub and single 2kWh battery, he had to first make room by removing his gray water collection tank, which stores runoff from the sink. He wasn’t using the tank, so it wasn’t much of a sacrifice — but not every small van owner will have that kind of flexibility.

The cabinet where everything is installed doubles as storage during the day and supports part of the bed at night. That means the space will be covered by a solid shelf or mattress for long periods of time. The tight space required Roel to get creative with the mounting brackets since there wasn’t enough room to follow EcoFlow’s exact mounting instructions. Fortunately, that work only required drilling a few holes and attaching some bolts.

The Power Kit will live below this cushion, where ventilation might be an issue.

Space for the EcoFlow components was further infringed upon by the spools of long cable that had to be tucked into the area between the battery and Power Hub. Roel plans to shorten the cables to free up more space for ventilation. He did cut some ventilation holes into the surrounding cabinetry, but he’s not within the 10cm tolerances EcoFlow recommends for proper ventilation.

Fortunately, Roel lives in the Netherlands, which has a very mild climate. But it remains to be seen how well the Power Hub holds up over time, especially on long family trips to southern Europe during the summers.

To his dismay, Roel didn’t have enough room to install the optional AC/DC Smart Distribution Panel. Instead, he tapped into his Nugget’s existing distribution point. He hopes to eventually find some extra space for it because he really wants the per-device management that Fabian is enjoying.

Like Fabian, Roel also discovered a few bugs with the system. He suffered from the same battery drain issues but also discovered a cold weather charging issue that was patched during testing. A noncritical bug whereby Roel’s system showed 600W constantly flowing from his alternator to the battery stuck at 99 percent full was unresolved by the time this review was published.

In total, Roel’s novice installation took a bit more than 13 hours: one-and-a-half hours to unpack and read the manuals, six hours to figure out his van’s wiring, four hours to figure out how to remove the gray water tank and fashion a Power Hub mount, and about two hours to install the Power Kit and troubleshoot.

Roel made some price calculations on the Power Kit versus a comparable Victron Energy system that would have made better use of his van’s limited space. EcoFlow’s system is roughly twice the price.

Roel’s 2kWh battery charging (showing 40 percent full) with 1.20kW of total input coming in from his alternator (412W), solar panel (31W), and AC shore power (753W) as viewed on the console display.
The Power Kit can also be monitored and managed with the excellent EcoFlow app.

Still, Roel is enjoying the EcoFlow app and what it’s teaching him about his power-hungry appliances and lights. “Normally, I have no idea how long I can stay off the grid,” he said after everything was connected. “I have AC power now. It’s great. Overall, if I would start with a new van, then I would score it a 9 plus. But for a retrofit, it’s easier to use separate elements that you can scatter around the van in different locations. So for retrofits in a small van like mine, maybe 7.5 out of 10.”

With regard to EcoFlow’s claim that the Power Kit can “fit any van size,” Roel had this to say: “It’s big. I would say it could be a bit smaller, but that’s also because it has nearly 5,000 watts of solar power that can be connected, and you can put up to 15kWh of battery and I’m using only 2kWh. So it’s made for bigger installations. But it does fit.”

Vanlife doesn’t get any better than this.

EcoFlow’s Power Kits live up to the company’s claims. The most expensive option really can be installed about five times faster than existing solutions by a professional installer. And novices can fit the entry-level Power Kit inside a small campervan if they’re willing to make a few compromises. It’s also competitively priced at the high end, especially when factoring in the old adage that time is money.

Moreover, the all-in-one Power Kit has proven itself to be a turnkey solution that takes most of the guesswork and complexity out of installing and using a battery-based power system inside an RV — or an off-grid cabin in the woods, if that’s your preference.

The term “game-changer” is tossed around pretty loosely these days. But EcoFlow’s Power Kits really have changed the game for anyone who can afford to become a digital nomad. Prices start at $4,000 and can exceed $15,000, but owning one could be the first step in starting a whole new life — and that’s priceless.

Photography by Thomas Ricker / The Verge

vendredi 23 décembre 2022

Musk sets up Twitter poll asking if he should step down as head

Musk sets up Twitter poll asking if he should step down as head

Twitter owner promises to abide by the results of the poll, less than two months after appointing himself CEO

Elon Musk has asked Twitter users whether he should step down as the head of the company, promising to abide by the results of his poll.

Musk assumed the role of CEO at the end of October after firing a host of senior executives and dissolving its board of directors. Within minutes of posting the poll, more than one million people had voted.

Continue reading...

Guardian hit by serious IT incident believed to be ransomware attack

Guardian hit by serious IT incident believed to be ransomware attack

Incident has hit parts of media company’s technology infrastructure, with staff told to work from home

The Guardian has been hit by a serious IT incident, which is believed to be a ransomware attack.

The incident began late on Tuesday night and has affected parts of the company’s technology infrastructure, with staff told to work from home.

Continue reading...

Elon Musk ‘orders Twitter to remove suicide prevention feature’

Elon Musk ‘orders Twitter to remove suicide prevention feature’

Sources say new owner sought removal of #ThereIsHelp feature that appeared at top of certain searches

Twitter has removed a feature in the past few days that promoted suicide prevention hotlines and other safety resources to users looking up certain content, according to two people familiar with the matter, who said it was ordered by new owner Elon Musk.

The removal of the feature, known as #ThereIsHelp, has not been previously reported. It had shown at the top of specific searches contacts for support organisations in many countries related to mental health, HIV, vaccines, child sexual exploitation, Covid19, gender-based violence, natural disasters and freedom of expression.

Continue reading...

TechScape: Elon Musk’s poll own goal proves he can’t get out of his own way

TechScape: Elon Musk’s poll own goal proves he can’t get out of his own way

In this week’s newsletter: Musk has a talent for trying to wiggle out of trouble on Twitter, only to land deeper in it – this time by asking users if he should quit as chief executive

Call it Chekhov’s Jet: a Twitter account placed on the mantelpiece in act one must surely go off in act five.

Seven days after buying the social network, Elon Musk tweeted that his commitment to free speech extended even “to not banning the account following my plane”. Six weeks later, his reversal of that policy set in motion a series of events that seems increasingly likely to end in his dramatic departure as chief executive of Twitter. How’s that for a satisfying narrative?

About 80% of Meta’s overall investments support the core business, with the other 20% going toward Reality Labs. It’s a level of investment we believe makes sense for a company committed to staying at the leading edge of one of the most competitive and innovative industries on earth.

VR is now at a very special moment – fundamental new pieces of the hardware and technology stack are hitting the market for the first time, and a community of developers and users is unlocking its potential in new ways, from scrappy software startups to top-tier game studios, creators, and artists … We think it’s only going to get better in 2023.

Continue reading...

jeudi 22 décembre 2022

Microsoft says three future Bethesda games will be Xbox-exclusive

Microsoft says three future Bethesda games will be Xbox-exclusive
Image: Microsoft

We knew Microsoft would make Bethesda’s Starfield exclusive to Xbox and PC, and it sure looked like The Elder Scrolls VI would skip PlayStation and Nintendo, too. But now, Microsoft’s lawyers are revealing that they’ve got eyes on at least one more exclusive title — there are three future Xbox exclusives from Bethesda, they revealed today, in a response to the FTC’s lawsuit against the Activision Blizzard deal.

“Xbox anticipates that three future titles — REDACTED — all of which are designed to be played primarily alone or in small groups — will be exclusive to Xbox and PCs,” reads a passage in Microsoft’s response.

Here’s the surrounding context, so you can see for yourself:

What might that third game be? Well, Bethesda’s making an Indiana Jones game, and we know that Fallout 5 is coming... eventually. There’s also Redfall, which — like Starfield — was delayed to 2023. But your guess is as good as ours.

Microsoft’s been pretty clear for years that it’s buying up studios to shore up Xbox (and Game Pass) exclusives, so that’s not much of a surprise, but things have gotten heated recently with the company promising that Call of Duty will continue showing up on PlayStation — a piece of leverage that Microsoft seems to feel it needs to convince regulators to let it go through with the Activision Blizzard deal.

Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it

Hackers stole encrypted LastPass password vaults, and we’re just now hearing about it
A cartoon illustration shows a shadowy figure carrying off a red directory folder, which has a surprised-looking face on its side.
Pictured: the encrypted vault with your passwords. | Illustration by Beatrice Sala

LastPass has a doozy of an updated announcement about a recent data breach: the company — which promises to keep all your passwords in one, secure place — is now saying that hackers were able to “copy a backup of customer vault data,” meaning they theoretically now have access to all those passwords if they can crack the stolen vaults (via TechCrunch).

If you have an account you use to store passwords and login information on LastPass, or you used to have one and hadn’t deleted it before this fall, your password vault may be in hackers’ hands. Still, the company claims you might be safe if you have a strong master password and its most recent default settings. However, if you have a weak master password or less security, the company says that “as an extra security measure, you should consider minimizing risk by changing passwords of websites you have stored.”

That might mean changing the passwords for every website you trusted LastPass to store.

While LastPass insists passwords are still secured by the account’s master password, it’s hard to just take its word at this point, given how it’s handled these disclosures.

When the company announced it had been breached in August, it said it didn’t believe user data had been accessed. Then, in November, LastPass said it detected an intrusion, which apparently relied on information stolen in the August incident (it would’ve been nice to hear about that possibility sometime between August and November). That intrusion let someone “gain access to certain elements” of customer info. It turns out those “certain elements” were, you know, the most important and secret things that LastPass stores. The company says there’s “no evidence that any unencrypted credit card data was accessed,” but that would likely have been preferable to what the hackers actually got away with. At least it’s easy to cancel a card or two.

We’ll get to how this all went down in a bit, but here’s what LastPass CEO Karim Toubba is saying about the vaults being taken:

The threat actor was also able to copy a backup of customer vault data from the encrypted storage container which is stored in a proprietary binary format that contains both unencrypted data, such as website URLs, as well as fully-encrypted sensitive fields such as website usernames and passwords, secure notes, and form-filled data.

Toubba says the only way a malicious actor would be able to get at that encrypted data, and therefore your passwords, would be with your master password. LastPass says it has never had access to master passwords.

That’s why he says, “it would be extremely difficult to attempt to brute force guess master passwords,” as long as you had a very good master password that you never reused (and as long as there wasn’t some technical flaw in the way LastPass encrypted the data — though the company has made some pretty basic security errors before). But whoever has this data could try to unlock it by guessing random passwords, AKA brute-forcing.

LastPass says that using its recommended defaults should protect you from that kind of attack, but it doesn’t mention any sort of feature that would prevent someone from repeatedly trying to unlock a vault for days, months, or years. There’s also the possibility that people’s master passwords are accessible in other ways — if someone re-uses their master password for other logins, it may have leaked out during other data breaches.

It’s also worth noting that if you have an older account (prior to a newer default setting introduced after 2018), a weaker password-strengthening process may have been used to protect your master password. According to LastPass, it currently uses “a stronger-than-typical implementation of 100,100 iterations of the Password-Based Key Derivation Function,” but when a Verge staff member checked their older account using a link the company includes in its blog, it told them their account was set to 5,000 iterations.

Perhaps the more concerning bit is the unencrypted data — given that it includes URLs, it could give hackers an idea of which websites you have accounts with. If they decided to target particular users, that could be powerful information when combined with phishing or other types of attacks.

While none of that is great news, it’s all something that could, in theory, happen to any company storing secrets in the cloud. In cybersecurity, the name of the game isn’t having a 100 percent perfect track record; it’s how you react to disasters when they happen.

And this is where LastPass has, in my opinion, absolutely failed.

Remember, it’s making this announcement today, on December 22nd — three days before Christmas, a time when many IT departments will largely be on vacation, and when people aren’t likely to be paying attention to updates from their password manager.

(Also, the announcement doesn’t get to the part about the vaults being copied until five paragraphs in. And while some of the information is bolded, I think it’s fair to expect that such a major announcement would be at the very top.)

LastPass says that the vault backup wasn’t initially compromised in August; instead, its story is that the threat actor used info from that breach to target an employee who had access to a third-party cloud storage service. The vaults were stored in and copied from one of the volumes accessed in that cloud storage, along with backups containing “basic customer account information and related metadata.” That includes things like “company names, end-user names, billing addresses, email addresses, telephone numbers, and the IP addresses from which customers were accessing the LastPass service,” according to LastPass.

Toubba says the company is taking all sorts of precautions as a result of the initial breach, and the secondary breach that exposed the backups, including adding more logging to detect suspicious activity in the future, rebuilding its development environment, rotating credentials, and more.

That’s all good, and it should do those things. But if I were a LastPass user, I’d be seriously considering moving away from the company at this point, because we’re looking at one of two scenarios here: either the company didn’t know that backups containing users’ vaults were on the cloud storage service when it announced that it had detected unusual activity there on November 30th, or it did know and chose not to tell customers about the possibility that hackers had gotten access to them. Neither of those is a good look.

TikTok’s parent company fires four workers for improper access of user data

TikTok’s parent company fires four workers for improper access of user data

ByteDance said four employees were fired for examining data of two journalists in attempt to find leak source

ByteDance, the Chinese parent company of popular video app TikTok, said on Thursday that some employees improperly accessed TikTok user data of two journalists and were no longer employed by the company, an email seen by Reuters shows.

ByteDance employees accessed the data as part of an unsuccessful effort to investigate leaks of company information earlier this year, and were aiming to identify potential connections between two journalists, a former BuzzFeed reporter and a Financial Times reporter, and company employees, the email from ByteDance general counsel Erich Andersen said.

Continue reading...

Tesla’s Full Self-Driving is blamed for eight-car pileup in California

Tesla’s Full Self-Driving is blamed for eight-car pileup in California
Illustration depicting multiple red Tesla sedans on a black background.
Illustration by Alex Castro / The Verge

A Tesla driver is blaming Full Self-Driving software for having caused an eight-car pileup in the Yerba Buena Tunnel in California last month, according to a police report obtained by CNN Business.

According to the December 7th report obtained by CNN Business, California Highway Patrol (CHP) reviewed tunnel footage and found that a Tesla made an unsafe lane change before abruptly slowing down from 55 mph to 20 mph — causing vehicles behind it to crash into one another.

In the report, the driver of the Tesla blamed the automaker’s Full Self-Driving software that allegedly malfunctioned and caused a sudden slowdown. The Thanksgiving incident left nine people with minor injuries, including one child that was hospitalized.

California Highway Patrol said in the Dec. 7 report that it could not confirm if “full self-driving” was active at the time of the crash. A highway patrol spokesperson told CNN Business on Wednesday that it would not determine if “full self-driving” was active, and Tesla would have that information.

The incident is being investigated by the National Highway Traffic Safety Administration (NHTSA), along with several other accidents, including ones in California and Florida that were fatal and another one in Utah that killed a motorcyclist.

Each of these incidents seems to implicate Tesla’s advanced driver-assistance system (ADAS), Autopilot, or the automaker’s $15,000 Full Self-Driving (FSD) software package that performs many of the same tasks as Autopilot on local and residential streets. The first reported crash to allege that FSD was in operation happened last year in a Model Y vehicle.

Earlier this year, an NHTSA report for crashes involving vehicles with ADAS showed Tesla topped the list. Tesla has said that the responsibility falls on the driver for the safe operation of the vehicle running on Autopilot or Full Self-Driving, but critics say the company is overstating the capability of its features.

Twitter Is Said to Have Struggled Over Revealing US Influence Campaign

Twitter Is Said to Have Struggled Over Revealing US Influence Campaign Internal emails showed the company’s communications with the Pentagon over a network of military-run accounts.

Twitter’s CEO post is a non-job if Elon Musk can’t vacate it | Nils Pratley

Twitter’s CEO post is a non-job if Elon Musk can’t vacate it | Nils Pratley

Tesla shareholders hoping for the full attention of their distracted CEO are likely to be disappointed

Management by Twitter poll is such a silly idea that it remains hard to believe Elon Musk was being sincere when he invited the site’s users to determine if he should continue as chief executive. One suspects he had already decided to hire an executive to front the business – which is what, note, he told a Delaware court he would do several weeks ago. The poll merely created a buzz.

In the unlikely event that users had voted to keep him as boss, Musk could have given roughly the same answer as the one he is giving now. In short, he will stay in charge for a while because a chief executive cannot be recruited overnight.

Continue reading...

Two associates of Sam Bankman-Fried plead guilty to fraud charges in FTX fall

Two associates of Sam Bankman-Fried plead guilty to fraud charges in FTX fall

Carolyn Ellison, former CEO of Alameda Research, and Gary Wang, co-founder of FTX, pleaded guilty to criminal fraud charges

A federal prosecutor says two associates of Sam Bankman-Fried have pleaded guilty to criminal charges related to the collapse of the cryptocurrency exchange FTX.

Carolyn Ellison, the former CEO of Alameda Research, a trading firm started by Bankman-Fried, and Gary Wang, who co-founded FTX along with Bankman-Fried, pleaded guilty to charges “related to their roles in the fraud that contributed to FTX’s collapse”, US attorney Damian Williams said Wednesday night.

Continue reading...

mercredi 21 décembre 2022

Twitter view counts start appearing prominently

Twitter view counts start appearing prominently
Twitter bird logo in white over a blue and purple background
Making it easier to quantify how much of a banger your tweet was. | Illustration by Alex Castro / The Verge

View counts for tweets are starting to show up for some Twitter users — at least for their own tweets. On December 1st, Musk promised the feature would be coming for “all tweets, just as view count is shown for all videos,” an announcement he reiterated a week later adding that it would be coming “in a few weeks.”

One Verge staff member has started to see a counter when he clicks into his posts. While a few other Twitter users have reported getting the feature as well, it doesn’t seem to be available to everyone yet (for example, at time of writing I’m currently not seeing view counts on any tweets besides videos). My coworker also says that he’s currently not able to see view counts on other users’ tweets.

Screenshot of a tweet displaying the view count. Screenshot: Richard Lawler / The Verge
A view counter has joined the other markers of how popular your tweet was.

In its current state, the feature isn’t providing any new information. You’ve long been able to turn on analytics for your account, and see how many “impressions” your tweets were getting. However, doing so does require clicking on an analytics button; the view counter puts it right in your face.

It’s unclear whether Musk intended for users to be able to see how many views other peoples’ tweets are getting. His comment about the feature being “just like videos,” whose view counts are public for other users, does make it seem like you should be able to see how many views other peoples’ tweets were getting. We’d ask Twitter for clarification on the matter, but it no longer has a communications department. Musk hasn’t recently tweeted about the feature.

Sam Bankman-Fried’s former friends pleaded guilty and are cooperating in the FTX fraud case

Sam Bankman-Fried’s former friends pleaded guilty and are cooperating in the FTX fraud case
FTX Founder Sam Bankman-Fried Returns To Court In The Bahamas
Photo by Joe Raedle/Getty Images

Caroline Ellison and Gary Wang, two executives in Sam Bankman-Fried’s fallen crypto empire, have pleaded guilty to federal charges and are cooperating with prosecutors. The news was announced late Wednesday by Damian Williams, the US Attorney for the Southern District of New York.

Williams didn’t specify what charges the two pled to, but said the guilty pleas were in relation to their roles as insiders at FTX and its sister company Alameda Research. Wang was a co-founder of the FTX cryptocurrency exchange, and Ellison served as CEO of Bankman-Fried’s trading company Alameda Research.

Bankman-Fried and a select group of insiders, including Ellison and Wang, are alleged to be the only people who knew that FTX was engaging in fraud. The cases against Bankman-Fried are both criminal and civil, and have been brought by the SDNY, the CFTC, and the SEC. Allegedly, FTX customer funds were used for loans to executives, risky trading by Alameda Research, political donations, and lavish spending on everything from beachfront homes to private jet flights.

The SEC and CFTC have already filed updated civil suits including details on Wang and Ellison’s roles. “Wang, with Ellison’s knowledge and consent, exempted Alameda from the risk mitigation measures” FTX used, providing Alameda Research with a “virtually unlimited ‘line of credit,’” according to the updated SEC complaint.

The SEC complaint outlines how “Bankman-Fried and Wang thus gave Alameda and Ellison carte blanche to use FTX customer assets for Alameda’s trading operations and for whatever other purposes Bankman-Fried and Ellison saw fit.”

Ellison, acting on Bankman-Fried’s orders, borrowed billions of dollars from lenders, according to the SEC suit. Those loans were backed “in significant part” by the FTT token, which was issued by FTX and given to Alameda for free, the SEC wrote. Ellison’s job was to buy FTT tokens on various platforms in order to increase the price, thus making the FTT that was collateral against Alameda’s loans more valuable. That, in turn, made it possible for Alameda to borrow even more.

Earlier on Wednesday, the Bahamas extradited Sam Bankman-Fried and sent him on his way back to the US. Williams confirmed Bankman-Fried is now in FBI custody and said he would be transported directly to New York to appear before a judge “as soon as possible.”

The fraud came to light after a blockbuster CoinDesk article reported that Alameda Research’s balance sheet consisted mostly of the FTT token, which kicked off a series of events that ended in FTX’s bankruptcy. In the filing for bankruptcy, the new CEO of FTX, John J. Ray, said the company was worse than Enron — and he’d know, since he was charged with cleaning up after the fraud there.

In May, when the price of crypto began to crater, the lenders wanted their money back. To keep them happy, Bankman-Fried directed that customer deposits be sent to the lenders. Ellison used that money to pay Alameda’s debts. “Even in November 2022, faced with billions of dollars in customer withdrawal demands that FTX could not fulfill, Bankman-Fried and Ellison, with Wang’s knowledge, misled investors from whom they needed money to plug a multi-billion-dollar hole,” the SEC wrote in its suit.

But customer funds had also been diverted from the start, the SEC wrote in its suit. Alameda got ahold of FTX customer funds in two ways: first, by the “line of credit” but also by directing customers to deposit fiat currency into accounts controlled by Alameda. “As a result, there was no meaningful distinction between FTX customer funds and Alameda’s own funds,” the suit says. “Bankman-Fried and Wang thus gave Alameda and Ellison carte blanche to use FTX customer assets for Alameda’s trading operations and for whatever other purposes Bankman-Fried and Ellison saw fit.”

That made Alameda Bankman-Fried’s ”personal piggy bank to buy luxury condominiums, support political campaigns, and make private investments, among other uses. “

Developing...

Elon Musk Says He Will Resign as Twitter CEO When He Finds Successor

Elon Musk Says He Will Resign as Twitter CEO When He Finds Successor Mr. Musk, who asked his Twitter followers on Sunday if he should step down as head of the service, will remain the company’s owner.

Two Executives in Sam Bankman-Fried’s Crypto Empire Plead Guilty to Fraud

Two Executives in Sam Bankman-Fried’s Crypto Empire Plead Guilty to Fraud Caroline Ellison, the former chief executive of Alameda Research, and Gary Wang, a founder of FTX, are cooperating in the federal criminal case against Mr. Bankman-Fried.

Attorney says facial recognition got her kicked out of a Rockettes show

Attorney says facial recognition got her kicked out of a Rockettes show
Illustration of several faces, with one highlighted.
Illustration by Alex Castro / The Verge

Kelly Conlon, an attorney from New Jersey, says she wasn’t allowed to see a Rockettes show at Radio City Music Hall after she was identified by a facial recognition system, according to a report from NBC New York. Conlon told the outlet that guards approached her while she was in the building’s lobby and said she wasn’t allowed to be there because of her connection to a legal case against the company that owns the hall.

“I believe they said that our recognition picked you up,” she told NBC, saying that she was asked to identify herself and that “they knew my name before I told them. They knew the firm I was associated with before I told them.” She says she ended up waiting outside while her daughter watched the show with other members of her Girl Scout troop.

Madison Square Garden Entertainment (or MSG), the owner of Radio City and many other venues, hasn’t confirmed whether it was facial recognition that alerted security to Conlon’s presence. However, it does make it clear that it uses the tech. “We have always made it clear to our guests and to the public that we use facial recognition as one of our tools to provide a safe and secure environment and we will continue to use it to protect against the entry of individuals who we have prohibited from entering our venues,” the company said in a statement sent to The Verge by Mikyl Cordova, a spokesperson for the company.

MSG refused to provide details about its system, such as whose facial recognition tech it uses. There are many companies that develop these kinds of systems, with some selling them to businesses and governments. However, the company has a long history with facial recognition systems — it was testing them by early 2018, according to a report from The New York Times. As NBC shows in its report, the company has signage posted at the venue to tell people that security uses facial recognition, as it’s legally required to do.

It’s possible there are other ways Conlon could have identified before the show; if she’d been asked to present her identification or tickets with her name on them at any point, it would’ve been an opportunity for other security systems to flag her. But she told NBC that she was picked out pretty much as soon as she went through the metal detector.

The incident stems from the fact that Conlon is a lawyer at a firm that’s involved in a lawsuit against MSG. While she told NBC that she hasn’t worked on the case, MSG’s policy “precludes attorneys from firms pursuing active litigation against the company from attending events at our venues until that litigation has been resolved,” according to Cordova. Its reasoning is that “litigation creates an inherently adversarial environment.” Cordova says that “all impacted attorneys were notified of the policy” and that Conlon’s firm was notified twice.

The policy has been controversial from a legal standpoint. When lawyers from another case brought it up, Judge Kathaleen McCormick — who presided over two different Elon Musk cases this year as he tried to get out out of buying Twitter and argued over his pay package with Tesla shareholders — called it “the stupidest thing I’ve ever read,” according to documents obtained by Reuters.

Another judge in a separate case ruled that “plaintiffs may not be denied entry into any shows where they possess a valid ticket” while noting that MSG did have the right not to sell them tickets in the first place. The company didn’t answer The Verge’s questions about whether it had systems in place that would’ve prevented Conlon from purchasing a ticket, either through its systems or from resellers.

Despite the ruling, MSG sent another letter to law firms saying that they weren’t allowed onto its premises and that it could revoke their tickets, according to Reuters. It seems likely that the question of whether MSG’s ban is allowed will be litigated in many courtrooms over the next who knows how long. That probably won’t be the case for its use of facial recognition itself — in New York, it’s legal for businesses to do so, and reports have shown that the NYC government has received millions in funding for its own surveillance systems. (It has curtailed facial recognition in at least a few instances, though; schools currently aren’t supposed to use it.)

Even as they become more commonplace, facial recognition systems aren’t accepted everywhere. While their ability to scan a large number of people quickly and attempt to match faces to an identity in a database makes them attractive to governments and businesses, there are members of the public and privacy advocates that have pushed back against their use.

Outside of the concerns around how they can be used to intensify policing or track people’s movements, facial recognition opponents often point to studies suggesting that many of the systems are less accurate when identifying people who aren’t white. There have been cases where people were arrested after facial recognition software identified them as someone that they didn’t actually look like.

Some states and cities have passed laws meant to curb police and other government agencies’ access to the tech, and massive tech companies like Google, Microsoft, IBM, and Amazon have weighed in on different sides of the debate. Even the controversial facial recognition firm Clearview AI has said that it’ll stop selling its systems to most private companies after it was accused of building its database with pictures taken from social networks without users’ knowledge.

mardi 20 décembre 2022

Twitter机器人帐号如何用成人内容淹没中国抗议推文

Twitter机器人帐号如何用成人内容淹没中国抗议推文 时报调查发现,用户在Twitter上用中文搜索各地抗议内容时,成千上万的自动程序帐号向他们推送了应召服务和博彩广告等内容。这凸显了Twitter在监管垃圾推文方面的挑战。

Anker’s Eufy breaks its silence on security cam security

Anker’s Eufy breaks its silence on security cam security
A Eufy camera underwater, air bubbles bubbling up
Image: Eufy

On the last episode of “Will Anker ever tell us what’s actually going on with its security cameras rather than lying and covering its tracks,” we told you how Eufy’s customer support team is now quietly providing some of the answers to the questions that the company had publicly ignored about its smart home camera security.

Now, Anker is finally taking a stab at a public explanation, in a new blog post titled “To our eufy Security Customers and Partners.” Unfortunately, it contains no apology, and doesn’t begin to address why anyone would be able to view an unencrypted stream in VLC Media Player on the other side of the country, from a supposedly always-local, always-end-to-end-encrypted camera.

What it does contain is a clear admission: “eufy Security ’s Live View Feature on its Web-Portal Feature Has a Security Flaw,” the company admits in bold letters.

But this is all Anker has to say about that very suspicious issue:

eufy Security ’s Live View Feature on its Web-Portal Feature Has a Security Flaw

First, no user data has been exposed, and the potential security flaws discussed online are speculative. However, we do agree there were some key areas for improvement. So we have made the following changes.

Today, users can still log in to our eufy.com Web portal to view live streams of their cameras. However, users can no longer view live streams (or share active links to these live streams with others) outside of eufy’s secure Web portal. Anyone wishing to view these links must first log in to the eufy.com Web portal.

We will continue to look for ways to enhance this feature.

While stopping short of an apology, the company does acknowledge that “we know the need for more straightforward and timely communications on these issues has frustrated many customers,” and says it has stayed silent because it’s “been using the last few weeks to research these possible threats and gather all the facts before publicly addressing these claims.”

“Moving forward, we will need to better balance our need to get ‘all the facts’ with our obligation to keep our customers more quickly informed,” promises Anker.

The post also addresses some other concerns that security researchers have raised, like how Eufy was uploading thumbnails from its cameras, including pictures of faces, to the cloud without making users aware, so that it can deliver push notifications. Anker says those images are protected with end-to-end encryption, and reiterates that it’s now making customers aware that they have a choice of local or cloud push notifications in an updated version of its app. Good!

Here is a list of questions that still need to be answered. I’m sending them to Anker/Eufy today:

Why do your supposedly end-to-end encrypted cameras produce unencrypted streams at all?

Under what circumstances is video actually encrypted?

Do any other parts of Eufy’s service rely on unencrypted streams, such as Eufy’s desktop web portal?

How long is an unencrypted stream accessible?

Are there any Eufy camera models that do *not* transmit unencrypted streams?

Will Eufy completely disable the transmission of unencrypted streams? When? How? If not, why not?

If not, will Eufy disclose to its customers that their streams are not actually always end to end encrypted? When and where?

Has Eufy changed the stream URLs to something more difficult to reverse engineer? If not, will Eufy do so? When?

Are unencrypted streams still accessible when cameras use HomeKit Secure Video?

Is it true that ”ZXSecurity17Cam@” is an actual encryption key? If not, why did that appear in your code labeled as an encryption key and appear in a GitHub repo from 2019?

Beyond the thumbnails and the unencrypted streams, are there any other private data or identifying elements that Eufy’s cameras allow access to via the cloud?

Beyond potentially tapping into an unencrypted stream, are there any other things that Eufy’s servers can remotely tell a camera to do?

What keeps Eufy and Anker employees from tapping into these streams?

Which other specific measures will Eufy take to address its security and reassure customers?

Has Anker retained any independent security firms to conduct an audit of its practices following these disclosures? Which?

Will Anker be offering refunds to those customers who bought cameras based on Eufy’s privacy commitment?

Why did Anker tell The Verge that it was not possible to view the unencrypted stream in an app like VLC?

Does eufy share video recordings with law enforcement agencies?

We will provide the company’s responses — or lack of responses — in a future story.

The EV tax credit rules are being delayed until March 2023 — here’s what that means for you

The EV tax credit rules are being delayed until March 2023 — here’s what that means for you
Chevy Bolt EUV
Photo by Andrew J. Hawkins / The Verge

Besides its more obvious stated goal of reducing inflation, the Biden administration’s Inflation Reduction Act (IRA) was designed to force profound changes in the electric vehicle market. The legislation revises EV tax credit rules as it seeks to build up domestic battery manufacturing so that the US doesn’t cede the supply chain to China.

It’s also profoundly confusing, hinging new EV tax credits not just on where the cars are built but also where batteries are assembled and where battery materials are sourced from. These rules were all supposed to take effect on January 1st, 2023 — that’s next weekend for anyone keeping track.

Now, however, it’s going to take a little longer for all of the new provisions to be in place. On Monday, the Department of the Treasury announced that decisions around some aspects of the EV tax credits will be delayed until March. By delaying rules around where battery minerals are sourced but allowing other rules to go into effect on January 1st, the Treasury Department has created an interesting situation for several North American-built EVs.

For anyone who doesn’t follow the thrilling world of Treasury Department guidance — and truly, you’re missing out if you don’t — what this means is several EVs will now remain eligible for the full EV tax credit of $7,500 for the first few months of 2023 and possibly longer. And this means you could score a good deal on one of these EVs in the next quarter, provided you can find one.

Under the IRA’s new rules, the full $7,500 EV tax credit that was due to take effect on January 1st is only available to cars assembled in North America. But according to Reuters, it’s also contingent on the batteries meeting two factors that are each good for $3,750.

One half is based on the EV battery having at least 40 percent of its critical minerals sourced in the US or one of its free trade partners; the other half is based on the EV battery having at least 50 percent of its components manufactured or assembled in North America. Those percentages are meant to scale up in the coming years as well. This is because the IRA seeks to make certain that batteries are sourced and built in North America, not just the cars themselves.

Some new effects of the IRA, such as caps on buyer income and vehicle prices, will still go into effect on January 1st. Those rules are meant to force the EV market in a more affordable direction.

But on Monday, the Treasury Department announced a delay in the guidance around the critical minerals rules, even as the other rules go into effect. This means certain vehicles will remain eligible for the full tax incentives for a while, even if they may not stay that way long-term. (Most automakers currently aren’t meeting that requirement and have warned they may not for years.)

The big winners (for now) are North American-built EV sedans and smaller cars that start under $55,000 and SUVs and trucks that start under $80,000.

Yahoo! Finance reports this is a big victory for Tesla and General Motors, specifically. Both had lost their EV tax credits entirely under the old rules because they had reached the 200,000-car sales threshold. Now GM and Tesla are back in the game, but not yet beholden to the difficult battery sourcing requirements. (The new IRA rules have no cap on the number of EVs sold.)

EV news site Electrek puts this directly: “The Chevy Bolt is about to be a screaming deal — at least until March.” Previously, GM CEO Mary Barra had said the company’s cars should be eligible for the full $7,500 tax credit in two to three years as it worked on the sourcing requirements. This decision keeps tax incentives in place for the Bolt and Bolt EUV, as well as the $62,990 Cadillac Lyriq crossover.

Ford, Nissan, Rivian, and Volkswagen’s North American-built EVs are also now eligible for the full tax credit come January 1st, regardless of where their batteries are sourced. Others aren’t so lucky here. Hyundai and Kia, for example, are excluded because their EVs are built in South Korea. Tesla’s Model S and Model X are also excluded because they’re too expensive to qualify under the new rules.

We may learn more soon about where this is all headed, but the Treasury Department delay gives the qualifying cars at least a three-month window that buyers might do well to take advantage of.

“Before year’s end, Treasury will also release information on the anticipated direction of the critical and battery component requirements that vehicles must meet to qualify for tax incentives in the Inflation Reduction Act,” the department said in a statement. “The information will help manufacturers prepare to be able to identify vehicles eligible for the tax credit when the new requirements go into effect… By statute, the critical mineral and battery component requirements take effect only after Treasury issues that proposed rule.”

Right now, the IRA’s manufacturing rules represent a pretty onerous task for many car companies. Under the current supply chain, most of them have batteries, minerals and components heavily sourced from other countries, China in particular. As CNBC reports, China alone accounts for some 70 percent of the global supply of battery cells. The IRA is designed to level the playing field, wean American battery dependency off China and create US jobs in the EV sector. Many car companies and their supplier partners are now working to beef up US battery plants as a result.

Not surprisingly, the new IRA rules have already been derided as disruptive by some automakers. Hyundai Motor Group, for example, is in a particularly tough spot; its brands Hyundai, Kia, and Genesis together make up some of the top EV sellers in the US, but its American factory plans put it years away from meeting the full tax incentive requirement.

The minerals requirement has proven to be especially difficult to parse, let alone institute, as Reuters reported last week, which is likely what led to Monday’s announcement. Additionally, sourcing battery minerals inside the US could have a detrimental effect on the areas near Indigenous reservations where many deposits are found.

The biggest roadblock to the positive developments in the Treasury Department’s news is still that new cars can be exceedingly difficult to find, especially without obscene markups. It hasn’t been a great year to buy new cars, and we can fully expect those headaches in 2023. As of this writing, a quick search of Cars.com reveals just 578 new Chevrolet Bolts and only 1,018 Bolt EUVs for sale nationwide. But if you can find one, Q1 2023 might be a very favorable time to pull the trigger.

Will these rules change again? That feels entirely possible; the IRA is a wide-scale shift in how we buy EVs and, eventually, how and where they’ll be built. In the meantime, it’s best to consult a list of which vehicles qualify for the tax breaks, like this one at Consumer Reports, and just keep an eye on the deals out there if you want to go electric.

The Verge Holiday Gift Guide 2022

The Verge Holiday Gift Guide 2022
Photography by Joel Goldberg for The Verge

Check out our top gift ideas for the tech-savvy and non-techies alike.

Do you stress yourself out looking for the perfect gift? Are any loved ones in your life hard to shop for because you have no idea what they’re into? Or worse, you know the geeky things they’re into, but you have no idea where to start? While you could just pluck something off their Amazon wish list — we’ve all been there — it’s much more fun to pick something out for them. Luckily, you’ve got backup in the form of The Verge.

Our editorial team has compiled an extensive list of techie, nerdy, clever, and even refined gift ideas for you to peruse. Some of them are the go-to devices that are popular every year with the gadget-obsessed, while others are quirky offbeat wonders that we’d wager you’d never think of. We’ve leaned on our expertise in the worlds of tech and culture to gather unique gifts for just about anyone — including creators, gamers, travelers, kids, moms, dads, and more — with a variety of budgets and price points in mind.

We’ve got a little bit of something for everyone, and we’re here to help you find the gifts that impress all your loved ones. If you can’t buy love, you can at least buy some cool stuff that people will love you for.


Art Director: Kristen Radtke
Prop Stylist: Maeve Sheridan
Food Stylist: Jesse Szewczyk
Photographer: Joel Goldberg
Photo Editor: Amelia Holowaty Krales

Two men indicted for hacking a dozen Ring cameras and livestreaming swatting attacks

Two men indicted for hacking a dozen Ring cameras and livestreaming swatting attacks
Photo by Dan Seifert / The Verge

Two men have been accused of hacking into Ring doorbells and using their cameras to livestream swatting attacks, according to the Department of Justice. Kya Christian Nelson, 21, James Thomas Andrew McCarty, 20, and unnamed others allegedly spent a week using stolen Yahoo email addresses and passwords to access video from a dozen security systems before calling the police to each residence, according to the indictment, which you can read below.

The DOJ says the scheme worked like this: the alleged perpetrators would get the info for the Yahoo accounts and then figure out if the owner also had a Ring account. If they did, Nelson, McCarty, and the others would allegedly “gather information” about the people before calling the police on them, telling dispatchers things like they were children whose drunk parents were shooting guns in the house or that someone was being held hostage.

According to the press release, the purported victims lived all over the US, in Michigan, California, Montana, Georgia, Texas, Illinois, Alabama, and Florida. Nelson, who is already in jail after pleading guilty to calling in shooting and bomb threats to a Kentucky high school, is being charged with aggravated identity theft as well as unauthorized access of a computer. Both he and McCarty, who the DOJ says was arrested last week, are also being charged with “conspiracy to intentionally access computers without authorization.”

The indictment doesn’t go into much detail about how the police responded in most cases, but it accuses the men of using the Rings to taunt police officers when they showed up. (Many Ring devices have speakers that are meant to let owners communicate with whoever’s at their door.) It also doesn’t mention which social media platforms Nelson and McCarty allegedly used to “transmit the audio and video” captured by Ring cams during the police responses.

It does, however, have details about a case in North Port, Florida. According to news reports from local outlets and Vice that appear to be about the incident mentioned in the indictment, the call led to a school being locked down. The indictment alleges that McCarty bragged about the swatting on unnamed social media platforms, saying “we bruteforce n****s ring doorbells and we swat them after ... Its f****g funny” and posting a link to articles about the police response, saying that he had “made the news.”

Ring and its parent company Amazon have a long history of providing data to the police, and it’s not necessarily surprising that they were targeted by criminals as well. While the doorbells weren’t absolutely necessary for the swatting, they gave the criminals a way to watch it happen in real time.

That’s part of the reason why streamers are frequent targets — the perpetrators can see police burst in with guns drawn. Of course, that last part is why swatting isn’t a harmless prank; police have killed innocent people while responding to those sorts of calls, and even nonfatal incidents can leave victims traumatized.

The Pixel 8 camera might adopt a new HDR technique

The Pixel 8 camera might adopt a new HDR technique
Photo of the Google Pixel 7 camera bump
The Pixel 7 used the same camera sensor as the previous generation, but that might be changing. | Photo by Amelia Holowaty Krales / The Verge

The Pixel 8 is a long ways off, but some snippets of camera app code identified by developer Kuba Wojciechowski are giving us an early glimpse into what Google might be planning. The code in question refers to “staggered HDR,” which isn’t a technique that Google’s Pixel camera currently uses. The company was one of the first to refine mobile HDR and computational photography, taking them mainstream. Now, it appears to be evolving its tech for the next generation in a significant way.

Staggered HDR is a method of capturing short and long exposures of scenes nearly simultaneously. Google currently employs HDR Plus Bracketing, which takes individual photos in rapid succession and uses them to create a final image with a wide dynamic range — meaning there’s detail in both shadows and in highlight areas.

It works well, but it also means that the system has a harder time dealing with moving subjects since it’s using separate frames. With staggered HDR, a short exposure follows right on the heels of a long exposure — before the long exposure has even finished.

This rolling shutter effect scans the sensor from top to bottom and means that there’s no wait for one exposure to finish before starting another one. This means there are fewer motion artifacts to deal with, and less power is consumed in the process — Samsung says it reduces power consumption by 24 percent compared to a method using separate frames.

If Google does plan to add support for staggered HDR, then a new camera sensor is on the way, too. Kuba says that the Pixel 7 and 7 Pro use a Samsung Isocell GN1 for their main camera sensor, which doesn’t support staggered HDR. The Isocell GN2 does support the feature, so it seems to be a likely candidate for the Pixel 8. The GN2 would also provide some autofocus enhancements thanks to a tweaked phase-detection array that’s more sensitive to horizontal movement.

We’re a long way from finding out if any of this is in the cards for the Pixel 8 — Google hasn’t confirmed the device yet, and we expect to launch in the fall of 2023. But it seems likely that Google will keep iterating on the HDR feature it made popularly, and this early hint gives us a glimpse of what that might look like.

Twitter’s suspension of journalists sets ‘dangerous precedent’, UN warns

Twitter’s suspension of journalists sets ‘dangerous precedent’, UN warns

Pressure grows on Elon Musk as EU says social media platform could face sanctions over suspensions

The United Nations is “very disturbed” by Twitter’s abrupt suspension of a group of US journalists, a spokesperson has said, warning that the move sets a “dangerous precedent” – as the EU said the social media platform could fall foul of forthcoming digital regulations.

Stéphane Dujarric said on Friday the UN was “very disturbed” by the barring of prominent tech reporters at news organisations including CNN, the Washington Post and the New York Times who have written about Musk and the tech company he owns.

Continue reading...

lundi 19 décembre 2022

I didn’t want an app to auto renew – why can’t I get a refund?

I didn’t want an app to auto renew – why can’t I get a refund?

I forgot the Freeletics renewal date but £75 was taken from my account and I can’t get it back

Do I have any rights against an automatic subscription renewal?

A year ago I signed up to Freeletics, an exercise app. Since then I have stopped using it, and, unsurprisingly, forgot about the renewal date.

Continue reading...

Elon Musk breaks silence after 10 million Twitter users vote for him to step down

Elon Musk breaks silence after 10 million Twitter users vote for him to step down

The billionaire says only paid Twitter Blue subscribers will be able to vote in future policy-related polls on the platform

Elon Musk has tweeted for the first time since more than 10 million people voted in favour of him stepping down as Twitter’s chief executive, saying that only paid Twitter Blue subscribers will be able to vote in future policy-related polls.

On Sunday, Musk asked Twitter users whether he should step down as the head of the company, promising to abide by the results of his poll. When the poll closed on Monday, 57.5% said he should step down.

Continue reading...

The Verge’s 2022 holiday gift guide for moms

The Verge’s 2022 holiday gift guide for moms
Photography by Joel Goldberg for The Verge

Mom, mum, mammy, mother dearest. No mom is the same. Fortunately, we’ve compiled a list of gift ideas so that you’ll be able to find something awesome to give to the mother figure in your life — no matter what name she goes by.

Buying gifts for your mom — or any maternal figure in your life, for that matter — can be tough. It’s true for many of us that the closer you are to someone, the trickier it can be to whip up clever gift ideas without second-guessing yourself. Lucky for you, we tap the collective minds at The Verge for gift ideas every year, helping ensure you can gift mom something truly unique.

Like in previous years, our gift recs lean more on the tech-adjacent side, but what tech items are included are meant to make everyday life a little easier, more colorful, and a lot more fun. Fujifilm’s Instax Mini Evo ($190), for instance, is a forward-thinking instant camera with the utmost flexibility in mind, while budget-friendly gifts like the fifth-gen Echo Dot ($28) are designed to add smarts to any room. We even have a few more generalist picks, like Lego’s adorable Succulents set ($50), which can bring a bit of visual pizzazz to any room without the need for a watering can or any semblance of a green thumb.

You can find all that and more below, whether you intend to cross your mom off your list well ahead of the holiday season or just a few hours beforehand. Either way, we’re not here to judge.

Ex-Google Contractor Settles Lawsuit Over Fellowship of Friends Sect

Ex-Google Contractor Settles Lawsuit Over Fellowship of Friends Sect The suit claimed that the Fellowship of Friends, an obscure group based in the Sierra Nevada foothills, gained influence inside Google.

Zoom 2.0 relaunches as an AI-first company without video in its name

Zoom 2.0 relaunches as an AI-first company without video in its name Illustration by Alex Castro / The Verge Zoom is changing its name fr...