Enlarge (credit: Getty Images)

Password-manager LastPass users were recently targeted by a convincing phishing campaign that used a combination of email, SMS, and voice calls to trick targets into divulging their master passwords, company officials said.

The attackers used an advanced phishing-as-a-service kit discovered in February by researchers from mobile security firm Lookout. Dubbed CryptoChameleon for its focus on cryptocurrency accounts, the kit provides all the resources needed to trick even relatively savvy people into believing the communications are legitimate. Elements include high-quality URLs, a counterfeit single sign-on page for the service the target is using, and everything needed to make voice calls or send emails or texts in real time as targets are visiting a fake site. The end-to-end service can also bypass multi-factor authentication in the event a target is using the protection.

LastPass in the crosshairs

Lookout said that LastPass was one of dozens of sensitive services or sites CryptoChameleon was configured to spoof. Others targeted included the Federal Communications Commission, Coinbase and other cryptocurrency exchanges, and email, password management, and single sign-on services including Okta, iCloud, and Outlook. When Lookout researchers accessed a database one CryptoChameleon subscriber used, they found that a high percentage of the contents collected in the scams appeared to be legitimate email addresses, passwords, one-time-password tokens, password reset URLs, and photos of driver’s licenses. Typically, such databases are filled with junk entries.

Enlarge (credit: Matejmo | Getty Images)

Cisco’s Talos security team is warning of a large-scale credential compromise campaign that’s indiscriminately assailing networks with login attempts aimed at gaining unauthorized access to VPN, SSH, and web application accounts.

The login attempts use both generic usernames and valid usernames targeted at specific organizations. Cisco included a list of more than 2,000 usernames and almost 100 passwords used in the attacks, along with nearly 4,000 IP addresses sending the login traffic. The IP addresses appear to originate from TOR exit nodes and other anonymizing tunnels and proxies. The attacks appear to be indiscriminate and opportunistic rather than aimed at a particular region or industry.

“Depending on the target environment, successful attacks of this type may lead to unauthorized network access, account lockouts, or denial-of-service conditions,” Talos researchers wrote Tuesday. “The traffic related to these attacks has increased with time and is likely to continue to rise.”

Enlarge / An Amazon Web Services (AWS) data center under construction in Stone Ridge, Virginia, in March 2024. Amazon will spend more than $150 billion on data centers in the next 15 years. (credit: Getty Images)

Redis, a tremendously popular tool for storing data in-memory rather than in a database, recently switched its licensing from an open source BSD license to both a Source Available License and a Server Side Public License (SSPL).

The software project and company supporting it were fairly clear in why they did this. Redis CEO Rowan Trollope wrote on March 20 that while Redis and volunteers sponsored the bulk of the project's code development, "the majority of Redis’ commercial sales are channeled through the largest cloud service providers, who commoditize Redis’ investments and its open source community." Clarifying a bit, "cloud service providers hosting Redis offerings will no longer be permitted to use the source code of Redis free of charge."

Clarifying even further: Amazon Web Services (and lesser cloud giants), you cannot continue reselling Redis as a service as part of your $90 billion business without some kind of licensed contribution back.

Enlarge (credit: Wolfgang Reisser / 500px | 500px)

After backlash, the cloud provider Vultr has updated its terms to remove a clause that a Reddit user feared required customers to "fork over rights" to "anything" hosted on its platform.

The alarming clause seemed to grant Vultr a "non-exclusive, perpetual, irrevocable" license to "use and commercialize" any user content uploaded, posted, hosted, or stored on Vultr "in any way that Vultr deems appropriate, without any further consent" or compensation to users or third parties.

Here's the full clause that was removed:

Enlarge / Hertz currently has more than a thousand Bolt EUVs for sale as they leave its rental car fleet. (credit: Chevrolet)

Electric vehicles have many advantages over cars that still use internal combustion engines. They're far more efficient, they're quieter, and they usually have much more torque than their gasoline-powered equivalents. But we're still far from achieving price parity between powertrains. In other words, EVs are expensive.

One place you can find some bargains, though, is the rental company Hertz, which currently has more than 2,100 EVs for sale, more than half of which are affordable enough to qualify for the IRS used clean vehicle tax credit.

Hertz has been adding a lot of EVs to its fleet as part of the company's decarbonization plan. In 2021, it revealed plans to purchase 100,000 Teslas. However, the controversial car maker had delivered fewer than half of those two years later, and long repair times for customer-inflicted damage have seen the rental agency divest itself of many of those Teslas and diversify its fleet, adding plenty of Polestars, Kias, and Chevrolets.

Enlarge / Steve Huffman, u/spez on Reddit, sold 500,000 of his shares in Reddit’s IPO on Thursday (credit: AFP via Getty Images)

In an interview on the New York Stock Exchange trading floor ahead of Reddit’s market debut on Thursday, chief executive Steve Huffman acknowledged that the mischievous retail investors that congregate on the social media platform might deliberately drive down its share price.

“It’s a free market!” he said.

For Reddit, as for Huffman, the bet on a public offering for a site he described as a “fun and special, but sometimes crazy place” has appeared to pay off.

Enlarge / PSVR2 (left) next to the original PSVR. (credit: Kyle Orland / Ars Technica)

It looks like Sony's PlayStation VR2 is not living up to the company's sales expectations just over a year after it first hit the market. Bloomberg reports that the PlayStation-maker has stopped producing new PSVR2 units as it tries to clear out a growing backlog of unsold inventory.

Bloomberg cites "people familiar with [Sony's] plans" in reporting that PSVR2 sales have "slowed progressively" since its February 2023 launch. Sony has produced "well over 2 million" units of the headset, compared to what tracking firm IDC estimates as just 1.69 million unit shipments to retailers through the end of last year. The discrepancy has caused a "surplus of assembled devices... throughout Sony’s supply chain," according to Bloomberg's sources.

IDC estimates a quarterly low of 325,000 PSVR2 units shipped in the usually hot holiday season, compared to a full 1.3 million estimated holiday shipments for Meta's then-new Quest 3 headset, which combined with other Quest products to account for over 3.7 million estimated sales for the full year.

Enlarge / Looking up at the canopy of a redwood tree in a forest near Golden Gate Live Steamers, Grizzly Peak Boulevard in Oakland. (credit: Smith Collection/Gado/Getty)

What can live for over 3,000 years, weigh over 150 tonnes and could be sitting almost unnoticed in your local park? Giant sequoias (known as giant redwoods in the UK) are among the tallest and heaviest organisms that have ever lived on Earth, not to mention they have the potential to live longer than other species.

My team’s new study is the first to look at the growth of giant sequoias in the UK—and they seem to be doing remarkably well. Trees at two of the three sites we studied matched the average growth rates of their counterparts in the US, where they come from. These remarkable trees are being planted in an effort to help absorb carbon, but perhaps more importantly they are becoming a striking and much-admired part of the UK landscape.

To live so long, giant sequoias have evolved to be extraordinarily resilient. In their native northern California, they occupy an ecological niche in mountainous terrain 1,400–2,100 meters above sea level.

Enlarge / Near the height of its powers in 2018, Rooster Teeth's annual RTX conference was drawing more than 62,000 people to Austin, Texas, each year. (credit: Nathan Mattise)

Rooster Teeth, a studio that pioneered machinima with its Red vs. Blue series and went on to develop a fandom-focused stable of shows, videos, and podcasts, is being shut down by parent company Warner Bros. Discovery.

Warner Bros. Discovery (WBD) was unsuccessful in trying to sell the company as a whole, according to a company memo obtained by Variety (and later published on Rooster Teeth’s site). Rooster Teeth's general manager pinned the closure on "challenges facing digital media resulting from fundamental shifts in consumer behavior and monetization across platforms, advertising, and patronage."

WBD is still looking to sell certain Rooster Teeth series' backlogs and rights, including RWBY, Red vs. Blue, and Gen:Lock, an animated mecha series backed by actor Michael B. Jordan. WBD is also looking to offload the company's Roost podcast network.

Enlarge (credit: Jakub Porzycki/NurPhoto via Getty Images)

Reddit filed to go public on Thursday (PDF), revealing various details of the social media company's inner workings. Among the revelations, Reddit acknowledged the threat of future user protests and the value of third-party Reddit apps.

On July 1, Reddit enacted API rule changes—including new, expensive pricing —that resulted in many third-party Reddit apps closing. Disturbed by the changes, the timeline of the changes, and concerns that Reddit wasn’t properly appreciating third-party app developers and moderators, thousands of Reddit users protested by making the subreddits they moderate private, read-only, and/or engaging in other forms of protest, such as only discussing John Oliver or porn.

Protests went on for weeks and, at their onset, crashed Reddit for three hours. At the time, Reddit CEO Steve Huffman said the protests did not have “any significant revenue impact so far.”

Enlarge / "Reddit Gold" takes on a whole new meaning when AI training data is involved. (credit: iStock / Getty Images)

The last week saw word leak that Google had agreed to license Reddit's massive corpus of billions of posts and comments to help train its large language models. Now, in a recent Securities and Exchange Commission filing, the popular online forum has revealed that it will bring in $203 million from that and other unspecified AI data licensing contracts over the next three years.

Reddit's Form S-1—published by the SEC late Thursday ahead of the site's planned stock IPO—says the company expects $66.4 million of that data-derived value from LLM companies to come during the 2024 calendar year. Bloomberg previously reported the Google deal to be worth an estimated $60 million a year, suggesting that the three-year deal represents the vast majority of its AI licensing revenue so far.

Google and other AI companies that license Reddit's data will receive "continuous access to [Reddit's] data API as well as quarterly transfers of Reddit data over the term of the arrangement," according to the filing. That constant, real-time access is particularly valuable, the site writes in the filing, because "Reddit data constantly grows and regenerates as users come and interact with their communities and each other."

Enlarge (credit: Reddit)

On Friday, Bloomberg reported that Reddit has signed a contract allowing an unnamed AI company to train its models on the site's content, according to people familiar with the matter. The move comes as the social media platform nears the introduction of its initial public offering (IPO), which could happen as soon as next month.

Reddit initially revealed the deal, which is reported to be worth $60 million a year, earlier in 2024 to potential investors of an anticipated IPO, Bloomberg said. The Bloomberg source speculates that the contract could serve as a model for future agreements with other AI companies.

After an era where AI companies utilized AI training data without expressly seeking any rightsholder permission, some tech firms have more recently begun entering deals where some content used for training AI models similar to GPT-4 (which runs the paid version of ChatGPT) comes under license. In December, for example, OpenAI signed an agreement with German publisher Axel Springer (publisher of Politico and Business Insider) for access to its articles. Previously, OpenAI has struck deals with other organizations, including the Associated Press. Reportedly, OpenAI is also in licensing talks with CNN, Fox, and Time, among others.

Enlarge (credit: Getty Images | NurPhoto )

Movie companies have lost a third attempt to unmask Reddit users who posted comments discussing piracy. In an order on Wednesday, the US District Court for the Northern District of California rejected movie copyright holders' demand for seven years' worth of "IP address log information" on six Reddit users.

In a motion to compel that was filed last month, movie companies Voltage Holdings and Screen Media Ventures argued that "Reddit users do not have a recognized privacy interest in their IP addresses." But in Wednesday's ruling, US Magistrate Judge Thomas Hixson said, "The Court finds no reason to believe provision of an IP address is not unmasking subject to First Amendment scrutiny."

Voltage Holdings and Screen Media Ventures previously sued the Internet service provider Frontier Communications, alleging that it is liable for its users' copyright infringement. Seeking evidence for that case, the movie companies subpoenaed Reddit in an attempt to prove that Frontier has no meaningful policy for terminating repeat copyright infringers and that this lack of enforcement drew customers to Frontier's service.

Enlarge / A nursing home resident is pushed along a corridor by a nurse. (credit: Getty | Marijan Murat)

Health insurance companies cannot use algorithms or artificial intelligence to determine care or deny coverage to members on Medicare Advantage plans, the Centers for Medicare & Medicaid Services (CMS) clarified in a memo sent to all Medicare Advantage insurers.

The memo—formatted like an FAQ on Medicare Advantage (MA) plan rules—comes just months after patients filed lawsuits claiming that UnitedHealth and Humana have been using a deeply flawed AI-powered tool to deny care to elderly patients on MA plans. The lawsuits, which seek class-action status, center on the same AI tool, called nH Predict, used by both insurers and developed by NaviHealth, a UnitedHealth subsidiary.

According to the lawsuits, nH Predict produces draconian estimates for how long a patient will need post-acute care in facilities like skilled nursing homes and rehabilitation centers after an acute injury, illness, or event, like a fall or a stroke. And NaviHealth employees face discipline for deviating from the estimates, even though they often don't match prescribing physicians' recommendations or Medicare coverage rules. For instance, while MA plans typically provide up to 100 days of covered care in a nursing home after a three-day hospital stay, using nH Predict, patients on UnitedHealth's MA plan rarely stay in nursing homes for more than 14 days before receiving payment denials, the lawsuits allege.

Enlarge (credit: NRAO/AUI/NSF/NASA)

Virtually anything in space could be a potential meal for a supermassive black hole, and that includes entire stars. Even stars much bigger than our Sun can fall victim to the black hole’s extreme gravity and be pulled in toward its gaping maw. It is a terrifying phenomenon, but how often does it really happen?

Tidal disruption events (TDEs)—when the tidal forces of a black hole overwhelm a star’s gravity and tear it apart—are thought to occur once every 10,000 to 100,000 years in any given galaxy. TDEs can be detected by the immense amounts of energy they give off. While observations of them are still pretty rare, an international team of researchers has now discovered a whopping 18 of them that previous searches had missed. Why?

Many TDEs can be found in dusty galaxies. Dust obscures many wavelengths of radiation, from optical to X-rays, but long infrared wavelengths are much less susceptible to scattering and absorption. When the team checked galaxies in the infrared, they found 18 TDEs that had eluded astronomers before.

Enlarge (credit: Getty)

Last year, Reddit sparked massive controversy when it dramatically changed the prices and rules associated with accessing its API. The changes were so drastic and polarizing that they led to an epic protest from Reddit users and moderators that saw thousands of subreddits going private and engaging in other forms of inconvenience for weeks. Things got ugly, but Reddit still ushered in the changes, resulting in mounds of third-party Reddit apps announcing their permanent closure.

It's been about seven months since the changes, so I wanted to see what Reddit's third-party app ecosystem looks like now. Are surviving third-party Reddit apps that started charging users making money? Are developers confident they'll be able to keep their apps open for the long term?

And some apps are still available despite not charging a subscription fee. How is that possible?

Enlarge / Vials of quantum dots with gradually stepping emission from violet to deep red. (credit: Antipoff/CC BY-SA 3.0)

Shortwave infrared light (SWIR) sensors are desirable in a broad range of applications, particularly in the service robotics, automotive, and consumer electronics sectors. Colloidal quantum dots tuned to SWIR show promise for such sensors since they can be easily integrated into CMOS, but their mass market use has been hampered by the fact that most contain toxic heavy metals like lead or mercury. Now a team of scientists has manufactured quantum dots out of non-toxic materials and tested them in a fabricated lab-scale photodetector, according to a recent paper published in the journal Nature Photonics.

"SWIR light for sensing and imaging is of paramount importance owing to its unique characteristics," the authors wrote. "It is eye safe; it can penetrate through fog, haze, and other atmospheric conditions, enabling imaging under adverse weather for automotive applications, environmental, and remote sensing; the presence of night glow under night in the SWIR range enables passive night vision; and visual imaging combined with infrared spectroscopy enables machine vision, bio imaging, and food and process quality inspection," among other applications.

As previously reported, a quantum dot is a small semiconducting bead a few tens of atoms in diameter. Billions could fit on the head of a pin, and the smaller you can make them, the better. At those small scales, quantum effects kick in and give the dots superior electrical and optical properties. They glow brightly when zapped with light, and the color of that light is determined by the size of the quantum dots. Bigger dots emit redder light; smaller dots emit bluer light. So you can tailor quantum dots to specific frequencies of light just by changing their size.

Enlarge (credit: Getty)

For the third time in less than a year, film studios with copyright infringement complaints against a cable Internet provider are trying to force Reddit to share information about users who have discussed piracy on the site.

In 2023, film companies lost two attempts to have Reddit unmask its users. In the first instance, US Magistrate Judge Laurel Beeler ruled in the US District Court for the Northern District of California that the First Amendment right to anonymous speech meant Reddit didn’t have to disclose the names, email addresses, and other account registration information for nine Reddit users. Film companies, including Bodyguard Productions and Millennium Media, had subpoenaed Reddit in relation to a copyright infringement lawsuit against Astound Broadband-owned RCN about subscribers allegedly pirating 34 movie titles, including Hellboy (2019), Rambo V: Last Blood, and Tesla.

In the second instance, the same companies sued Astound Broadband-owned ISP Grande, again for alleged copyright infringement occurring over the ISP’s network. The studios subpoenaed Reddit for user account information, including "IP address registration and logs from 1/1/2016 to present, name, email address, and other account registration information” for six Reddit users, per a July 2023 court filing.

Enlarge (credit: Bloomberg / Contributor | Bloomberg)

23andMe is "shamelessly" blaming victims of a data breach impacting 6.9 million users, a lawyer representing victims pursuing a class-action lawsuit, Hassan Zavareei, told TechCrunch.

Zavareei shared a letter from 23andMe lawyers that urged users suing to "consider the futility of continuing to pursue an action in this case," because their claims are allegedly meritless and "the information that was potentially accessed cannot be used for any harm."

Last year, hackers accessed 14,000 accounts on 23andMe by using passwords that had been previously breached during security incidents on other websites. By using this tactic, known as credential stuffing, hackers could access the personal data of millions of 23andMe users who opted into a DNA Relatives feature, including genetic information like the percentage of DNA shared with compromised users.

Enlarge (credit: Getty Images)

It's a new year, and while few of us still have the headache of needing to remember to write the new year on checks, 2024 brings a new annoyance of sorts. As of yesterday, tough new US Treasury Department rules concerning the sourcing of electric vehicle batteries went into effect; as a result, most of the battery and plug-in hybrid EVs that were eligible for the Internal Revenue Service's clean vehicle tax credit until Sunday have now lost that eligibility.

Under the federal government's previous program to incentivize the adoption of plug-in vehicles, it offered a tax credit up to $7,500 based on the battery capacity of a BEV or PHEV. Once a car maker sold more than 200,000 plug-in vehicles, it lost eligibility for the tax credit—only Tesla and General Motors reached this threshold.

Changes came as part of the Inflation Reduction Act of 2022 and went into effect at the start of 2023. Thanks to heavy industry lobbying, credits linked to union-made EVs went by the wayside, with US Senator Joe Manchin acting as the point man for companies like Toyota that sought to slow down the EV transition.

Enlarge / Who doesn't thrill to the sight of a microscopic cross-section of a beetle's rectum? You're welcome. (credit: Kenneth Veland Halberg)

There's rarely time to write about every cool science-y story that comes our way. So this year, we're once again running a special Twelve Days of Christmas series of posts, highlighting one science story that fell through the cracks in 2023, each day from December 25 through January 5. Today: red flour beetles can use their butts to suck water from the air, helping them survive in extremely dry environments. Scientists are honing in on the molecular mechanisms behind this unique ability.

The humble red flour beetle (Tribolium castaneum) is a common pantry pest feeding on stored grains, flour, cereals, pasta, biscuits, beans, and nuts. It's a remarkably hardy creature, capable of surviving in harsh arid environments due to its unique ability to extract fluid not just from grains and other food sources, but also from the air. It does this by opening its rectum when the humidity of the atmosphere is relatively high, absorbing moisture through that opening and converting it into fluid that is then used to hydrate the rest of the body.

Scientists have known about this ability for more than a century, but biologists are finally starting to get to the bottom (ahem) of the underlying molecular mechanisms, according to a March paper published in the Proceedings of the National Academies of Science. This will inform future research on how to interrupt this hydration process to better keep red flour beetle populations in check, since they are highly resistant to pesticides. They can also withstand even higher levels of radiation than the cockroach.

Enlarge (credit: Jonathan Gitlin)

Tesla has engaged in a series of price cuts over the past year or so, but it might soon want to think about making some more for the Model 3 sedan. According to the automaker's website, the Tesla Model 3 Long Range and Tesla Model 3 Rear Wheel Drive will both lose eligibility for the $7,500 IRS clean vehicle tax credit at the start of 2024. (The Model 3 Performance may retain its eligibility.)

From Tesla's website. (credit: Tesla)

The beginning of 2023 saw the start of a new IRS clean vehicle tax credit meant to incentivize people by offsetting some of the higher purchase cost of an electric vehicle. The maximum credit is still $7,500—just like the program it replaced—but with a range of new conditions including income and MSRP caps, plus requirements for increasing the amount of each battery that must be refined and produced in North America.

A new hiccup appeared at the start of December 2023, though—in the form of new guidance from the US Treasury Department regarding "foreign entities of concern."

Enlarge / Signage is displayed outside the Humana Inc. office building in Louisville, Kentucky, US, in 2016. (credit: Getty | Luke Sharrett)

Humana, one the nation's largest health insurance providers, is allegedly using an artificial intelligence model with a 90 percent error rate to override doctors' medical judgment and wrongfully deny care to elderly people on the company's Medicare Advantage plans.

According to a lawsuit filed Tuesday, Humana's use of the AI model constitutes a "fraudulent scheme" that leaves elderly beneficiaries with either overwhelming medical debt or without needed care that is covered by their plans. Meanwhile, the insurance behemoth reaps a "financial windfall."

The lawsuit, filed in the US District Court in western Kentucky, is led by two people who had a Humana Medicare Advantage Plan policy and said they were wrongfully denied needed and covered care, harming their health and finances. The suit seeks class-action status for an unknown number of other beneficiaries nationwide who may be in similar situations. Humana provides Medicare Advantage plans for 5.1 million people in the US.

Enlarge / Close up of hand holding smartphone and screen applications with unlocking mobile phones. Concept of technological safety. (credit: Getty Images)

By now, you’ve probably heard about a vulnerability named AutoSpill, which can leak credentials from any of the seven leading password managers for Android. The threat it poses is real, but it’s also more limited and easier to contain than much of the coverage to date has recognized.

This FAQ dives into the many nuances that make AutoSpill hard for most people (yours truly included) to understand. This post wouldn't have been possible without invaluable assistance from Alesandro Ortiz, a researcher who discovered a similar Android vulnerability in 2020.

Q: What is AutoSpill?

Enlarge / The Homey Pro, settling in for some quiet network check-ins at dusk. (credit: Kevin Purdy)

I know there are people who will want to buy the Homey Pro. I’ve seen them on social media and in various home automation forums, and I’ve even noticed them in the comments on this website. For this type of person, the Homey Pro might serve as a specialized, locally focused smart home hub, one that's well worth the cost. But you should be really, truly certain that you’re that person before you take a $400 leap with it.

Homey Pro is a smart home hub pitched primarily at someone who wants to keep things local as much as possible, forgoing phone apps, speakers, and cloud connections. That means using the Homey Pro to boost a primarily Zigbee or Z-Wave network, while also looping in local Wi-Fi, Bluetooth, and even infrared remotes. It’s for someone willing to pay $400 for a device that offers robust local or cloud backups, professional design, advanced automation, and even a custom scripting language, along with access to some “experiments” and still-in-progress tech like Matter and Thread. It’s for someone who might want to add a select cloud service or two to their home, but not because they have no other option.

But this somebody has also, somehow, not already invested in Home Assistant, Hubitat, or HomeBridge, which are more open to both add-on hardware (like new capabilities added on by USB stick or GPIO pins) and deep tinkering. It's someone who is willing to check that every device they want to control will work with Homey. While the device offers a pretty sizable range of apps and integrations, it’s far from the near-universal nature of major open-source projects or even the big smart home platforms. And you have to do a little checking further, still, to ensure that individual products are supported, not just the brand.

Enlarge (credit: hdaniel)

Windows' infamous "Blue Screen of Death" is a bit of a punchline. People have made a hobby of spotting them out in the wild, and in some circles, they remain a byword for the supposed flakiness and instability of PCs. To this day, networked PCs in macOS are represented by beige CRT monitors displaying a BSOD.

But the BSOD is supposed to be a diagnostic tool, an informational screen that technicians can use to begin homing in on the problem that caused the crash in the first place; that old Windows' BSOD error codes were often so broad and vague as to be useless doesn't make the idea a bad one. Today, version 255 of the Linux systemd project honors that original intent by adding a systemd-bsod component that generates a full-screen display of some error messages when a Linux system crashes.

The systemd-bsod component is currently listed as "experimental" and "subject to change." But the functionality is simple: any logged error message that reaches the LOG_EMERG level will be displayed full-screen to allow people to take a photo or write it down. Phoronix reports that, as with BSODs in modern Windows, the Linux version will also generate a QR code to make it easier to look up information on your phone.

Enlarge (credit: Getty)

Reddit URLs are being manipulated to include a slur in the subdomain, and those URLs are coming up in Google Search results.

The Verge experienced the problem on Tuesday, reporting that while doing a Google search, Reddit results that came up had a URL that looked like this: "https://2goback-[slur].reddit.com/r/[the rest of the URL]".

One Reddit user posted about the problem on Monday, and other Redditors also noticed the issue (examples here and here).

Enlarge / Left: Reddit's old logo. Right: Reddit's new logo. (credit: Reddit)

Writing a long comment providing detail about Reddit's refreshed logo, mascot, and typeface this week, a Reddit employee seemingly rethought the post and opted to conclude it with choice words. The post's last line currently reads:

"Edit: Obligatory 'Fuck Spez' for karma."

The Reddit employee, going by Acidtwist on Reddit and known as Tavish, says they're Reddit's head of brand creative (Reddit says it doesn't disclose the real identities of its workers on Reddit).

Enlarge (credit: Aurich Lawson / Ars Technica)

Miscreants are actively exploiting two new zero-day vulnerabilities to wrangle routers and video recorders into a hostile botnet used in distributed denial-of-service attacks, researchers from networking firm Akamai said Thursday.

Both of the vulnerabilities, which were previously unknown to their manufacturers and to the security research community at large, allow for the remote execution of malicious code when the affected devices use default administrative credentials, according to an Akamai post. Unknown attackers have been exploiting the zero-days to compromise the devices so they can be infected with Mirai, a potent piece of open source software that makes routers, cameras, and other types of Internet of Things devices part of a botnet that’s capable of waging DDoSes of previously unimaginable sizes.

Akamai researchers said one of the zero-days under attack resides in one or more models of network video recorders. The other zero-day resides in an “outlet-based wireless LAN router built for hotels and residential applications.” The router is sold by a Japan-based manufacturer, which “produces multiple switches and routers.” The router feature being exploited is “a very common one,” and the researchers can’t rule out the possibility it’s being exploited in multiple router models sold by the manufacturer.

Enlarge (credit: Getty | YinYang)

In August, the Department of Health and Human Services announced 10 drugs selected for the first round of Medicare price negotiations—a landmark effort established by the 2022 Inflation Reduction Act to try to drag down the country's uniquely astronomical prescription drug prices.

Pharmaceutical companies publicly balked—and also sued—then eventually came to the table. But it was far from their first protest of the Democrat-led effort to reform drug pricing in the US, which pays far more for prescription drugs than other high-income countries.

In 2022, the pharmaceutical industry's top lobbying group, PhRMA, gave a record $7.5 million to the GOP-linked dark money group, American Action Network (AAN), which spent millions on advertising that year opposing drug pricing reforms, some of which made it into the Inflation Reduction Act.

Enlarge (credit: Getty Images)

A group of Russian-state hackers known for almost exclusively targeting Ukrainian entities has branched out in recent months, either accidentally or purposely, by allowing USB-based espionage malware to infect a variety of organizations in other countries.

The group—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security Service of Ukraine. Most Kremlin-backed groups take pains to fly under the radar; Gamaredon doesn't care to. Its espionage-motivated campaigns targeting large numbers of Ukrainian organizations are easy to detect and tie back to the Russian government. The campaigns typically revolve around malware that aims to obtain as much information from targets as possible.

One of those tools is a computer worm designed to spread from computer to computer through USB drives. Tracked by researchers from Check Point Research as LitterDrifter, the malware is written in the Visual Basic Scripting language. LitterDrifter serves two purposes: to promiscuously spread from USB drive to USB drive and to permanently infect the devices that connect to such drives with malware that permanently communicates with Gamaredon-operated command-and-control servers.

Enlarge / Red wine headache (RWH) might be caused by quercetin, which inhibits an enzyme that processes acetaldehyde in the blood. (credit: Mick Stephenson/CC BY-SA 3.0)

As the holiday season kicks off this week, many will be making a consequential choice at dinner: red wine or white wine? And if your choice is red, will you be risking a headache? The fact that red wine can sometimes cause headaches in certain individuals (especially those prone to migraines) is common knowledge—so much so that the phenomenon ("RWH") even has its own Wikipedia page. The Roman encyclopedist Celsus wrote in his treatise De Medicina about the pain felt after drinking wine, while six centuries later, Paul of Aegina mentioned that drinking wine could trigger a headache.

But the science to date is largely unclear regarding which components of red wine are responsible, as well as the mechanisms behind the phenomenon. A team of California scientists has narrowed down the likely culprits to a flavonol called quercetin, according to a new paper published in the journal Scientific Reports, although they have yet to run experiments with participants prone to RWH to test their hypothesis.

It's a knotty issue because of the complexities of both wine and human genetics/physiology. Wine is basically water and alcohol, along with acids, dissolved sugars, and other compounds that lend color and flavor. For instance, the tannins in wine are polyphenolic compounds responsible for much of the bitterness and astringency in a given wine; they're derived from the skins and stems of the grapes, or as a result of aging in oak barrels.

Enlarge / OpenAI CEO Sam Altman testifies about AI rules before the Senate Judiciary Subcommittee on Privacy, Technology, and the Law on May 16, 2023, in Washington, DC. (credit: Getty Images | Win McNamee )

OpenAI, the company behind ChatGPT and DALL-E, announced Friday that co-founder and CEO Sam Altman will be departing the company and vacating his seat on the board. CTO Mira Murati has been appointed interim CEO effective immediately, according to a blog post from the board of directors.

"Mr. Altman’s departure follows a deliberative review process by the board, which concluded that he was not consistently candid in his communications with the board, hindering its ability to exercise its responsibilities," the blog reads, in part. "The board no longer has confidence in his ability to continue leading OpenAI."

"We are grateful for Sam’s many contributions to the founding and growth of OpenAI," the board writes in a prepared statement. "At the same time, we believe new leadership is necessary as we move forward."

Enlarge / The classic Mini Cooper made barely 60 hp by the time it bowed out in the mid-'90s. Gildred Racing will make you one with far more power, with either a mid-mounted V6 or, like this blue car, a Tesla drive unit. (credit: Gildred Racing)

Monterey Car Week always brings out the automotive industry’s heavy hitters, from world-class vintage cars to brand-new seven-figure track toys, classic Vespa scooters, and everything in between. And yet, a surprising duo wound up as my favorite experience of the week: driving a pair of two tiny “Super Coopers” brought to Monterey by Gildred Racing to promote the debut of a new Tesla-powered electric project.

The company's Super Cooper electric powertrain conversion might have deserved the lion’s share of headlines as the latest and greatest offering, but the company’s previous Super Cooper “S” also delivers an absurd 502 hp (375 kW) to the rear wheels from a mid-mounted supercharged V6.

Taking an expansive view, the pair truly serves as a microcosm that perfectly encapsulates the current enthusiast industry, right down to the differences between rear- and front-wheel drive—and even to this day, I can’t decide which I liked more.

Enlarge (credit: Victor De Schwanberg/Science Photo Library via Getty Images)

Despite more than a decade of reminding, prodding, and downright nagging, a surprising number of developers still can’t bring themselves to keep their code free of credentials that provide the keys to their kingdoms to anyone who takes the time to look for them.

The lapse stems from immature coding practices in which developers embed cryptographic keys, security tokens, passwords, and other forms of credentials directly into the source code they write. The credentials make it easy for the underlying program to access databases or cloud services necessary for it to work as intended. I published one such PSA in 2013 after discovering simple searches that turned up dozens of accounts that appeared to expose credentials securing computer-to-server SSH accounts. One of the credentials appeared to grant access to an account on Chromium.org, the repository that stores the source code for Google's open source browser.

In 2015, Uber learned the hard way just how damaging the practice can be. One or more developers for the ride service had embedded a unique security key into code and then shared that code on a public GitHub page. Hackers then copied the key and used it to access an internal Uber database and, from there, steal sensitive data belonging to 50,000 Uber drivers.

Enlarge / People walk by a Bored Ape Yacht Club NFT billboard in Times Square on June 23, 2022, in New York City. Sunglasses would have been a good idea for this year's ApeFest. (credit: Getty | Noam Galai)

Lamps emitting ultraviolet light in the corner of a Bored Ape NFT event in Hong Kong last Saturday are the likely cause of severe eye and skin injuries among attendees, according to Yuga Labs, the creator of Bored Ape Yacht Club (BAYC) and host of the event.

The injuries reportedly occurred during "ApeFest," a three-day annual meet-up of people who own Bored Ape NFTs—which sell for tens of thousands of dollars and, amid the 2021 NFT craze, saw highly inflated prices of hundreds of thousands of dollars. However regretful, people who own the cryptocurrency-backed digital images of nonchalant cartoon primates are automatic members of the BAYC. This year, their annual club event ran from November 3–5 and promised "mayhem" and "One big night full of surprises."

Soon after an ApeFest party Saturday night, some attendees reported severe pain and burning sensations in their eyes, as well as vision problems and skin irritation, according to Yuga Labs. Doctors and others on the Internet quickly speculated that the cause was UV exposure and photokeratitis (aka snow blindness, arc eye, or welder's flash), which is akin to a sunburn on the cornea (the clear tissue covering the front of your eye) due to exposure to UV light. The New York Times reported as of Tuesday that the number of attendees injured was over 20.

Enlarge (credit: StoreDot)

There's a lot to like about electric vehicles. They're quiet, reliable, and about twice as efficient as the most frugal hybrid, not to mention that whole "instant torque" thing. But there's no denying that vehicles with internal combustion engines have a big advantage when driving distances requiring more energy than you set off with. A battery company called StoreDot may have a solution, though—an extremely fast charging cell that could add 100 miles (160 km) of range in just five minutes. And its pack will be tested in a Polestar 5.

More than a century has conditioned us to think that refueling a car should take just a few minutes, so the 30–60 minutes that most EVs require to fast-charge seems offensive to many motorists. And that's assuming the chargers work flawlessly—far from a safe assumption in 21st century America, unfortunately.

Right now, most automakers' solution to this problem is to throw lithium-ion at it, building EVs with such big battery storage capacities that an unaerodynamic pickup truck could go more than 400 miles between plug-ins. There are, of course, problems with this approach.

Enlarge / A tiny fleck of paint, taken from the Mona Lisa, is revealing insights into previously unknown steps of Leonardo da Vinci's process. (credit: Public domain)

When Leonardo da Vinci was creating his masterpiece, the Mona Lisa, he may have experimented with lead oxide in his base layer, resulting in trace amounts of a compound called plumbonacrite. It forms when lead oxides combine with oil, a common mixture to help paint dry, used by later artists like Rembrandt. But the presence of plumbonacrite in the Mona Lisa is the first time the compound has been detected in an Italian Renaissance painting, suggesting that da Vinci could have pioneered this technique, according to the authors of a recent paper published in the Journal of the American Chemical Society.

Fewer than 20 of da Vinci's paintings have survived, and the Mona Lisa is by far the most famous, inspiring a 1950s hit song by Nat King Cole and featuring prominently in last year's Glass Onion: a Knives Out Mystery, among other pop culture mentions. The painting is in remarkably good condition given its age, but art conservationists and da Vinci scholars alike are eager to learn as much as possible about the materials the Renaissance master used to create his works.

There have been some recent scientific investigations of da Vinci's works, which revealed that he varied the materials used for his paintings, especially concerning the ground layers applied between the wooden panel surface and the subsequent paint layers. For instance, for his Virgin and Child with St. Anne (c. 1503–1519), he used a typical Italian Renaissance gesso for the ground layer, followed by a lead white priming layer. But for La Belle Ferronniere (c. 1495–1497), da Vinci used an oil-based ground layer made of white and red lead.

Enlarge (credit: Getty)

Reddit ignited a war this year. Dramatic changes in API access pricing (from free to unaffordable) was one of its most polarizing moves ever. It resulted in apps beloved by long-time Reddit users, including moderators and people with accessibility needs, closing shop. Community trust was sacrificed, too. Disgusted with Reddit for how it handled third-party apps, abruptly ushered in pricing changes, and treated moderators who protested, numerous valuable, knowledgeable users quit the platform.

Originally, Reddit framed its API pricing changes as a way to prevent generative AI companies from using Reddit data to train large language models (LLMs) without Reddit getting anything in return. With Reddit no longer dealing with small third-party developers—all of which are now either paying Reddit or getting some sort of exemption—Reddit is reportedly taking the fight to where it should have been focused the entire time: generative AI firms.

Can Reddit survive without search?

On Friday, The Washington Post, as spotted by The Verge, said Reddit "has met with top generative AI companies about being paid for its data," citing an anonymous source.

Inspiration can come from the most unlikely places, as fantasy author Ursula Vernon, aka T. Kingfisher, clearly knows. Vernon won the 2023 Hugo Award for Best Novel this past weekend for her dark fairy tale, Nettle and Bone, and while she was unable to travel to Chengdu Worldcon in China for the event, she posted the text of her acceptance speech (read at the ceremony by a friend) on her Patreon. After the usual preliminary remarks and thanks, Vernon opted to forego "serious and heavy" commentary for the following revelation:

There is a species of water beetle that regularly gets swallowed whole by frogs. And while there’s a lot of things you can do to keep from being eaten, once you’re inside a frog, your options are severely limited. Generally you get digested. But this particular species of beetle said “You know, I bet there’s another way.” And it started walking. In fact, it walked through the frog’s digestive tract and out the back end.

This is 100 percent true, you can look it up.

Naturally, we did look it up and honestly can't believe we missed covering this fascinating study in 2020. (At least we didn't miss the 2022 study on how certain species of beetle have evolved unusual "back pockets" to safely house symbiotic bacteria during metamorphosis, shuffling the populations out of those pockets via friction to the genital area as they emerge from their pupae.)

Shinji Sugiura of Kobe University in Japan discovered the unusual survival strategy of the aquatic beetle Regimbartia attenuata while looking into how predation pressures can lead to the evolution of innovative escape behavior in prey animals. He fed a bunch of the beetles to a pond frog (Pelophylax nigromaculatus) under laboratory conditions, expecting the frog to spit the beetle out. That's what happened with Sugiura's prior experiments on bombardier beetles (Pheropsophus jessoensis), which spray toxic chemicals (described as an audible "chemical explosion") when they find themselves inside a toad's gut, inducing the toad to invert its own stomach and vomit them back out.

Enlarge

Reddit's Community Points, a blockchain-based rewards system for quality posts, comments, and other contributions in a subset of subreddits, is going the way of many similar tokens launched during the crypto boom times: away.

As of November 8, coins like the "MOON" that r/CryptoCurrency used for tips, premium features, and even voting shares will be removed from users' Vaults. Noticing this, the value of most Reddit-based coins took a nearly straight drop on Tuesday after Reddit's announcements. MOON was trading just over $0.20 at 1 pm Eastern, shortly before the announcement in its subreddit. Shortly before 3 pm, MOON had dropped just below $0.02, a loss of more than 85 percent, with fellow Reddit currencies BRICK (r/FortNiteBR) and DONUT (r/EthTrader) seeing similarly precipitous plunges.

MOON's price, as seen on TradingView, during the day when Reddit announced its sunsetting of Community Points, such as MOON. (credit: TradingView)

While most people likely never noticed the loss of their Community Points, some who actively acquired them, or even bought more on the blockchain, are reporting losses of thousands of dollars. Conspiratorial claims of Reddit having "rugged" the currencies—pulling money from the system before a sudden shutdown—floated on social media.

Enlarge / The Leaf was given a midlife facelift last year. (credit: Nissan)

While it is true that the recent wave of new electric vehicles has been anything but cheap, there are still a few relatively affordable EVs out there for people who don't mind smaller cars—including the Nissan Leaf. An early pioneer in the electrification game, the venerable Leaf has been rather forgotten. Well, forget no more because there's now Nissan Leaf news: The car once again qualifies for a federal tax credit.

We saw a big revamp of the federal EV incentive this year thanks to the Inflation Reduction Act. Before, the tax credit was tied to the storage capacity of the car's battery. Now, it's determined by how much of the pack was domestically sourced or assembled.

For this year, if at least half the pack's critical minerals were refined in the United States (or a country with a free trade agreement with the US), then the EV is eligible for a $3,750 tax credit, provided that final assembly also occurs in North America. Another $3,750 is available if half or more of the pack's components were assembled in the US.

Enlarge / The famous Easter candy Peeps, made by Just Born Quality Confections, are displayed on April 7, 2023 in New York, US. Consumer Reports announced in a recent press release that it had contacted Just Born Quality Confections earlier this year about concerns over the company's use of red dye No. 3 in the Peeps candies, which has been found to cause cancer in animals. (credit: Getty | Fatih Aktas)

Last weekend, California outlawed a common red food dye that is otherwise deemed safe by the Food and Drug Administration—the first such ban in the country and one that puzzlingly comes over three decades after the FDA determined the dye causes cancer in rats and banned it from lipsticks and other cosmetics, but not foods.

The dye is FD&C Red No. 3, also known as red dye No. 3. Today, it is found in thousands of food products—from Brach's Candy Corn and varieties of Nerds, Peeps, Pez, candy canes, Fruit by the Foot, to Entenmann's Little Bites Mini Muffins, Betty Crocker mashed potatoes, fruit cocktail, PediaSure nutritional shakes, and MorningStar Farm's veggie bacon strips.

But, back in 1990, the FDA carefully reviewed decades' worth of animal studies on red dye No. 3 and determined that "FD&C Red No. 3 has been shown to induce cancer in appropriate tests," and is therefore "unsafe for use in externally applied drugs and externally applied cosmetics and cannot be listed." Even though the risk appeared small, the agency's decision hinged on the Delaney Clause of 1958, which requires the FDA to ban any food additive that is shown to induce cancer in humans or animals.

Enlarge (credit: Getty Images)

The beginning of this year saw a big change to the federal tax incentives applied to electric vehicles, altering which cars were eligible. And from next year, another change is coming, one that we think is long overdue. From January 1, 2024, you'll be able to have the amount of the credit applied immediately to the car's price at purchase rather than waiting until tax time.

The original IRS section 30D tax credit, meant to spur the adoption of plug-in vehicles, was tied to the storage capacity of a car's battery pack. But from this year, the $7,500 credit is now linked to domestic battery manufacturing rather than just battery capacity, with annually escalating percentages of the battery required to come from the US or a country with a free trade agreement in order to qualify.

The changes to the credit—which were made under 2022's Inflation Reduction Act—also address several problems with the old scheme. A $4,000 credit (IRS section 25E) was created for buyers of used EVs, and there are now income and price caps to address criticisms that the credit merely subsidized those wealthy enough not to need it.

Enlarge / You'll need an optional $29.99 stand to display your new, slimmer PS5 vertically like this. (credit: Sony)

When we got our first glimpse of the PlayStation 5 over three years ago now, we made immediate note of how the hardware's black-and-white curves concealed the largest home game console in decades. Today, Sony is ready to do something about all that bulk, announcing new models of both the PS5 and the PS5 Digital Edition in a "new slimmer size."

The new units—which will be rolling out via "select local retailers" and PlayStation Direct this month—sport the same internal hardware power as the circa 2020 PS5. But these new models come with a 30-plus percent reduction in volume and an 18 to 24 percent reduction in weight compared to current PS5 models, according to Sony. They also feature a 1TB SSD that the PlayStation Blog describes as "more internal storage" than the original units, which officially listed 825GB of storage space.

From this angle I can't help but see the slit in the new faceplate as a bemused cartoony mouth... (credit: Sony)

Besides the thinner profile, the slimmer units also feature a striking curved slit bisecting each faceplate into "glossy" and "matte" sections (new colored faceplates for these models will be available for $54.99 starting in early 2024, Sony says). Unfortunately, the redesign means the new models won't be able to stand vertically out of the box—a $29.99 Vertical Stand will be required for that orientation now. But the front-facing USB-A port on the current PS5 has also been replaced with a second USB-C port on the new models, fully cementing the move to the new standard.

Enlarge / A numbered and tagged California Condor in the wild. (credit: Educational Images via Getty)

Early March last year, an endangered California condor—one of less than 350 of its kind surviving in the wild—perched on an Arizona cliff face staring into space for days. It’s probably sick from lead poisoning, thought Tim Hauck, the condor program director with The Peregrine Fund, a nonprofit conservation group helping to reintroduce condors to the skies above Grand Canyon and Zion. These bald-headed scavengers—weighing up to 25 pounds with black-feathered wings spanning nearly 10 feet—often fall victim to lead exposure when they consume the flesh of cows, coyotes, and other large mammals killed by ranchers and hunters firing lead bullets. Listlessness and droopy posture are telltale signs. “We were like, I bet this bird’s got into something bad,” said Hauck.

His team of eight wildlife biologists stationed at Arizona’s scenic Vermillion Cliffs National Monument, 150 miles north of Flagstaff, hoped the ailing condor would glide down off its 1,000-foot sandstone ledge to visit their feeding station, where they could trap it to do a health examination. The Peregrine Fund provides supplemental food for the condors—most of which were raised in captivity and released into the wild—in part so the biologists can easily catch them for regular checkups, provide therapy for lead poisoning, vaccinate against West Nile virus, and update equipment used to track the condors’ whereabouts.

A week later, when the sick bird did finally get trapped at the feeding station, Hauck immediately noticed something he hadn’t seen before in lead-poisoned condors. Its eyes were cloudy, a condition called corneal edema. He consulted with Stephanie Lamb, a veterinarian who volunteers at Liberty Wildlife Center, a Peregrine Fund partner organization in Phoenix. He wanted to know if she thought the condor might be ill from something more worrisome than lead poisoning: highly pathogenic avian influenza, or HPAI, the virus responsible for the deaths of millions of wild birds and domestic chickens worldwide during the last two years. HPAI kills 90 to 100 percent of domestic poultry it infects, often within 48 hours, though less is known about the mortality rates for wild birds. Corneal edema, Lamb told him, was indeed on the list of symptoms.

Enlarge / Keanu Reeves as Johnny Silverhand in Cyberpunk 2077. (credit: CD Projekt Red)

After three years, a new expansion, and $120 million of additional investment, the video game Cyberpunk 2077 is enjoying renewed attention and appreciation right now—and it turns out that will lead to a live-action adaptation, according to a press release on developer CD Projekt Red's website.

The creative team behind the game will partner with Anonymous Content—a media company known for the TV series Mr. Robot and True Detective and the film The Revenant, among many other productions—to bring the franchise to live action. The announcement didn't specify whether the live-action production would be a TV series or a movie, nor did it specify when it would come out or on which platforms.

It does, however, state that it will be a "brand-new story set in the world of Cyberpunk 2077," and that it is "at an early development stage"—so early, in fact, that the team is looking for a screenwriter. The fact that it will be a new story makes it seem unlikely that we'll see Keanu Reeves reprise his role as Johnny Silverhand.

Enlarge / Visitors queue for Cyberpunk Phantom Liberty at the Xbox booth at the Gamescom video game fair in Cologne, Germany, on August 23, 2023. The DLC has been crucial in changing critical and public perception of the game, which suffered a notably shaky launch. (credit: Getty Images)

Cyberpunk 2077 cost more than $400 million to make and market, making it likely the most expensive video game (actually released) so far. The game's Polish developer, CD Projekt Red (CDPR), kept spending big after launch, and it seems like it has paid off—because it had to.

The publicly traded developer recently opened up to investors about its finances. It's a good time for the company to tell its story. Cyberpunk 2077 recently saw a well-regarded 2.0 patch, an Edgerunners anime that caught on, and a Phantom Liberty DLC that's winning over fans and newcomers. A sequel has been announced, and even a live-action component is in the works.

Taking CDPR's numbers and doing a few rough currency conversions from PLN to USD, you arrive at a number well over $120 million, depending on how you classify the work:

Enlarge / An endangered Preble’s meadow jumping mouse (Zapus hudsonius preblei). During the survey, a Preble's meadow jumping mouse was captured and released after a small skin sample was collected as part of the new biobanking program (credit: USFWS)

The world’s wildlife are facing a barrage of threats caused by climate change, from the loss of suitable habitat to dwindling food supplies. As a result, endangered species across the U.S. are edging closer to extinction at alarming rates—and if they disappear, critical genetic information could vanish with them.

In a new initiative announced on Tuesday, the U.S. Fish & Wildlife Service is working with the nonprofit Revive & Restore and other partners to create a “genetic library” of the country’s endangered species—before it’s too late.

Through a process called biobanking, FWS field staff are gathering biological samples such as blood, tissues and reproductive cells from animals to be cryogenically preserved at extremely low temperatures (at least -256 degrees Fahrenheit) and stored at a USDA facility in Colorado. The samples will also be genetically sequenced and this information will be uploaded to a publicly available database called GenBank, where researchers can study them and compare their genomes to other members of their species.

Enlarge (credit: Michael Reinhard | Getty Images)

Ford Motor Company had a better idea, as it once advertised, producing such iconic cars as the Mustang, Bronco, Thunderbird, and Model T. But it also built the ill-fated Edsel. Ford wasn't alone, either; many inventors and engineers have produced cars that seemed like a good idea until they actually acted on it. Here are a few examples.

1899 Horsey Horseless

Kellogg's cereal wasn't the only product to emanate from Battle Creek, Michigan. The Horsey Horseless also came from there, although it's unknown whether this vehicle was ever actually built. Still, it was a solution to a common problem in the early days of motoring, when automobiles were still uncommon and scared horses. Uriah Smith thought that sticking a horse head on the front of a horseless carriage would prevent horses from getting upset upon seeing one.

"It would have all the appearance of a horse and carriage and hence raise no fears in any skittish animal," he wrote. "Before he could discover his error and see that he had been fooled, the strange carriage would be passed, and then it would be too late to grow frantic and fractious."