Enlarge / BMW's M2 might be the last M car it builds with three pedals and a stick shift. (credit: Peter Nelson)

We're at an interesting crossroads in the high-performance enthusiast car market. Running east to west is the adoption of electric vehicles and a slow reduction in internal combustion engine car production. North to south is the progression of ICE horsepower from the factory over the years, and it's unclear how far it continues from here. Coming in diagonally is the weakening demand for manual transmissions—this is sadly where they end.

In the middle of this intersection is the 2024 BMW M2 six-speed manual, hanging its tail out in a massive controlled drift around the edges, expressing one last hurrah as BMW's final object of internal-combustion M car affection.

I recently had the opportunity to pilot BMW's latest, smallest M car through some of Southern California's most fun mountain roads, plus Willow Springs International Raceway's Streets of Willow circuit. When it comes to quickly figuring out this kind of car's powertrain and chassis, I can't think of a better mix of pavement. Here's what makes the latest—and last—six-speed-manual-equipped M2 generation an overall excellent enthusiast coupe.

Enlarge / Apple's M1 chip. (credit: Photographer: Daniel Acker/Bloomberg via Getty Images)

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday.

The flaw—a side channel allowing end-to-end key extractions when Apple chips run implementations of widely used cryptographic protocols—can’t be patched directly because it stems from the microarchitectural design of the silicon itself. Instead, it can only be mitigated by building defenses into third-party cryptographic software that could drastically degrade M-series performance when executing cryptographic operations, particularly on the earlier M1 and M2 generations. The vulnerability can be exploited when the targeted cryptographic operation and the malicious application with normal user system privileges run on the same CPU cluster.

Beware of hardware optimizations

The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel's 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years.

Enlarge / "Trimming the Herbs," mapped above, is all that stands between "Team 0%" and its ultimate goal of clearing every Super Mario Maker level. (credit: Is SMM Beaten Yet? )

As of late 2017, there were almost 85,000 "uncleared" levels in the original Wii U Super Mario Maker ( SMM )—levels that had never been beaten by anyone except for their original uploaders. As of this writing, a group of persistent players gathered under the banner of "Team 0%" has spent years narrowing the list of uncleared levels to a single entry—a devious, Super Mario World -styled Bob-omb bounce-and-throw gauntlet named "Trimming the Herbs" (the second-to-last uncleared level went down on Thursday, March 14, as noted on the excellent "Is SMM Beaten Yet?" tracker ).

Given enough time, Team 0% would undoubtedly be able to bring down SMM 's "final boss," as it were. But the collective effort to finally and completely "beat" SMM has an external deadline: April 8, the day Nintendo has announced that it plans to finally shut down the aging Wii U's gameplay servers .

The next three weeks will determine whether Team 0% can live up to its moniker or if this one final level will leave the team just short of its ultimate achievement. "I’d never think we would be this close to actually achieving this goal," Team 0% founder Jeffie told Ars Technica recently. "How often does a community of gamers do something like this?"

Enlarge / This is Audi's next electric vehicle, the Q6 e-tron SUV. (credit: Audi)

Audi provided flights from Washington to Munich and accommodations so Ars could get a deep dive into the Q6 e-tron. Ars does not accept paid editorial content.

MUNICH—Audi's new electric car platform is an important one for the company. Debuting in the new 2025 Q6 e-tron, it will provide the bones for many new electric Audis— not to mention Porsches and even Lamborghinis and Bentleys—in the coming years. Its development hasn't been entirely easy, either; software delays got in the way of plans to have cars in customer hands in 2023. But now the new Q6 e-tron is ready to meet the world.

There's some rather interesting technology integrated into the Q6 e-tron's new electric vehicle architecture. Called PPE, or Premium Platform Electric, it's been designed with flexibility in mind. Audi took the role of leading its development within Volkswagen Group, but the other brands within that corporate empire that target the upper end of the car market will also build EVs with PPE.

Since SUVs are still super-popular, Audi is kicking off the PPE era with an SUV. But the platform allows for other sizes and shapes—next year, we should see the A6 sedan and, if we're really lucky, an A6 Avant station wagon .

Enlarge (credit: Aurich Lawson | Getty Images)

We’ve managed to discover quite a lot about our Universe from our relatively limited vantage point here on Earth. Many of those discoveries have been worthy of nothing more than an updated entry in some catalog. But some have been deeply revolutionary, completely changing the way we view the cosmos and our relationship to it.

What follows is a list of what I, a theoretical cosmologist, believe to be the most impactful discoveries ever made in astronomy. To help winnow down the possibilities to a manageable top-five ranking, I had to concoct some criteria. First, we're looking at discoveries that are both broad and deep (in the scientific sense), findings that simultaneously reached further than any previous discovery and also enabled (or at least accelerated) a new paradigm or branch of astronomy.

Second, I want to emphasize discoveries that were not obvious and didn’t just need someone to build a big enough telescope or powerful enough computer. I want discoveries that needed radical leaps of intuition and science-minded daring—where an enterprising scientist went out on a limb and followed their curiosity wherever it led.

Enlarge (credit: Aurich Lawson | Getty Images)

Previously, on "Weekend Projects for Homelab Admins With Control Issues," we created our own dynamically updating DNS and DHCP setup with bind and dhcpd. We laughed. We cried. We hurled. Bonds were forged, never to be broken. And I hope we all took a little something special away from the journey—namely, a dynamically updating DNS and DHCP setup. Which we're now going to put to use!

If you're joining us fresh, without having gone through the previous part and wanting to follow this tutorial, howdy! There might be some parts that are more difficult to complete without a local instance of bind (or other authoritative resolver compatible with nsupdate ). We'll talk more about this when we get there, but just know that if you want to pause and go do part one first , you may have an easier time following along.

The quick version: A LetsEncrypt of our own

This article will walk through the process of installing step-ca , a standalone certificate authority-in-a-box. We'll then configure step-ca with an ACME provisioner—that's Automatic Certificate Management Environment , the technology that underpins LetsEncrypt and facilitates the automatic provisioning, renewal, and revocation of SSL/TLS certificates.

Enlarge (credit: Aurich Lawson | Getty Images)

AI assistants have been widely available for a little more than a year, and they already have access to our most private thoughts and business secrets. People ask them about becoming pregnant or terminating or preventing pregnancy, consult them when considering a divorce, seek information about drug addiction, or ask for edits in emails containing proprietary trade secrets. The providers of these AI-powered chat services are keenly aware of the sensitivity of these discussions and take active steps—mainly in the form of encrypting them—to prevent potential snoops from reading other people’s interactions.

But now, researchers have devised an attack that deciphers AI assistant responses with surprising accuracy. The technique exploits a side channel present in all of the major AI assistants, with the exception of Google Gemini. It then refines the fairly raw results through large language models specially trained for the task. The result: Someone with a passive adversary-in-the-middle position—meaning an adversary who can monitor the data packets passing between an AI assistant and the user—can infer the specific topic of 55 percent of all captured responses, usually with high word accuracy. The attack can deduce responses with perfect word accuracy 29 percent of the time.

Token privacy

“Currently, anybody can read private chats sent from ChatGPT and other services,” Yisroel Mirsky, head of the Offensive AI Research Lab at Ben-Gurion University in Israel, wrote in an email. “This includes malicious actors on the same Wi-Fi or LAN as a client (e.g., same coffee shop), or even a malicious actor on the Internet—anyone who can observe the traffic. The attack is passive and can happen without OpenAI or their client's knowledge. OpenAI encrypts their traffic to prevent these kinds of eavesdropping attacks, but our research shows that the way OpenAI is using encryption is flawed, and thus the content of the messages are exposed.”

Enlarge (credit: Olga Eremeeva via Getty )

In the summer of 2017, when communication professor Jeffery Gentry moved from Oklahoma to accept a position at Eastern New Mexico University, he was pleasantly surprised to find it easier to get up in the morning. The difference, he realized, was early morning light. On September mornings in Portales, New Mexico, Gentry rose with the sun at around 6:30 am, but at that time of day in Oklahoma, it was still dark.

As the Earth rotates, the sun reaches the eastern edge of a time zone first, with sunrise and sunset occurring progressively later as you move west. Gentry’s move had taken him from the western side of Central Time in Oklahoma to the eastern edge of Mountain Time. Following his curiosity into the scientific literature, he discovered the field of chronobiology, the study of biological rhythms, such as how cycles of daylight and dark affect living things. “I really just stumbled upon it from being a guinea pig in my own experiment,” he said.

In 2022, Gentry and an interdisciplinary team of colleagues added to that body of research, publishing a study in the journal Time & Society that showed the rate of fatal motor-vehicle accidents was highest for people living in the far west of a time zone, where the sun rises and sets at least an hour later than on the eastern side. Chronobiology research shows that longer evening light can keep people up later and that, as Gentry found, morning darkness can make it harder to get going for work or school. Western-edge folks may suffer more deadly car wrecks, the team theorized, because they are commuting in the dark while sleep deprived and not fully alert.

Enlarge (credit: Aurich Lawson | Getty Images | NASA)

On October 19, 1989, at 12:29 UT, a monstrous X13 class solar flare triggered a geomagnetic storm so strong that auroras lit up the skies in Japan, America, Australia, and even Germany the following day. Had you been flying around the Moon at that time, you would have absorbed well over 6 Sieverts of radiation—a dose that would most likely kill you within a month or so.

This is why the Orion spacecraft that is supposed to take humans on a Moon fly-by mission this year has a heavily shielded storm shelter for the crew. But shelters like that aren’t sufficient for a flight to Mars—Orion’s shield is designed for a 30-day mission.

To obtain protection comparable to what we enjoy on Earth would require hundreds of tons of material, and that's simply not possible in orbit. The primary alternative—using active shields that deflect charged particles just like the Earth’s magnetic field does—was first proposed in the 1960s. Today, we’re finally close to making it work.