YCLOAK

Get ready for more rabbit ears, dog noses and funny hats to show up in your Facebook feed.

Facebook’s Instagram service is launching face filters in an effort to keep up with rival, Snap Inc.’s Snapchat.

“From math equations swirling around your head to furry koala ears that move and twitch, you can transform into a variety of characters that make you smile or laugh,” the company wrote on its blog.

The new features will also include the ability to manipulate video, allowing users to play them in reverse.

“Capture a fountain in motion and share a rewind of the water floating back up,” according to the blog post. “Experiment with some magic tricks of your own and defy the laws of physics wherever you are.”

Facebook, the largest social media platform, has been accused of copying features from Snapchat such as “Stories” which allows users to post pictures and videos that are erased after 24 hours.

According to Instagram, 200 million people use Stories daily.

Facebook’s stock price has been hovering around $150 this month, which is near the stock’s all-time high of $153.60.

Last week, Snap stocks cratered by 23 percent after the company posted poorer than expected quarterly results. The company says it has 166 million daily active users as of March 31.

Snap was trading at $20.42 Tuesday, down from an all-time high of $29.44.
…

Recently, one of the largest computer hacks of its kind hit companies and governments around the world. It is an example of the challenges in digital security and keeping ahead of technology. The U.S. military has developed a way to tap into the innovation and speed unique to Silicon Valley and tech startups. VOA’s Elizabeth Lee has more details on this initiative.
…

It looks like the time has finally come for residents across Africa to start using their most abundant natural power source. While building power plants and transmission lines takes years and costs much more, installing solar panels is quicker and more affordable for individual home owners, businesses and farmers. VOA’s George Putic reports.
…

A look at the software being used by extortionists to attack computer users around the globe.
…

A New Hampshire man who was injured in a house explosion is thanking Siri for saving his life.

Christopher Beaucher says he was checking on his mother’s vacant cottage in Wilmot on May 1 when he saw something suspicious and went inside.

He tells WMUR-TV that when he switched on a light, the house exploded.

“The whole place caught fire,” Beaucher said. “Part of it collapsed while I was in it during the initial explosion, so I couldn’t really tell where I was.”

Beaucher’s face and hands were badly burned. He grabbed his cellphone but was unable to dial because of his injuries. He says he somehow asked his iPhone’s voice-controlled virtual assistant Siri to call 911, believing he was going into shock.

A spokeswoman for Apple said Monday that statistics on Siri being used for emergencies weren’t available, but noted some recent emergencies in which it was used. Those include three boaters off the Florida coast in April who used the water-resistant phone when their craft capsized; a 4-year-old boy from London who used his mother’s thumb to unlock her iPhone and called Siri after she collapsed at home in March; and a man in Vancouver who collapsed, became paralyzed, and was able to use his tongue to use Siri. 

Beaucher is undergoing treatment for his injuries and says he hopes to return to his job as a cook and tend to his farm.

“I’m very, very, extremely lucky to be alive,” he said.

The New Hampshire state fire marshal’s office is investigating the explosion.
…

This weekend’s global online extortion attack reinforces the need for businesses and other large organizations to update their computer operating systems and security software, cybersecurity experts said.

The attack largely infected networks that used out-of-date software, such as Windows XP, which Microsoft no longer offers technical support for.

“There’s some truth to the idea that people are always going to hack themselves,” said Dan Wire, a spokesman for security firm FireEye. “You’ve got to keep your systems updated.”

The attack that authorities say swept 150 countries this weekend is part of a growing problem of “ransomware” scams, in which people find themselves locked out of their files and presented with a demand to pay hackers to restore their access.

Hackers bait users to click on infected email links, open infected attachments or take advantage of outdated and vulnerable systems. This weekend’s virus was particularly virulent, because it could spread to all other computers on a network even if just one user clicked a bad link or attachment.

Lawrence Abrams, a New York-based blogger who runs BleepingComputer.com, says many organizations don’t install security upgrades because they’re worried about triggering bugs, or they can’t afford the downtime.

Here are five tips to make yourself a less-likely victim:

Make safe and secure backups

Once your files are encrypted, your options are limited. Recovery from backups is one of them. “Unfortunately, most people don’t have them,” Abrams says. Backups often are also out of date and missing critical information. With this attack, Abrams recommends trying to recover the “shadow volume” copies some versions of Windows have.

Some ransomware does also sometimes targets backup files, though.

You should make multiple backups — to cloud services and using physical disk drives, at regular and frequent intervals. It’s a good idea to back up files to a drive that remains entirely disconnected from your network.

Update and patch your systems

The latest ransomware was successful because of a confluence of factors. Those include a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and malware designed to spread quickly once inside university, business and government networks. Updating software will take care of some vulnerability.

“Hopefully people are learning how important it is to apply these patches,” said Darien Huss, a senior security research engineer for cybersecurity firm Proofpoint, who helped stem the reach of the weekend attack. “I hope that if another attack occurs, the damage will be a lot less.”

The virus targeted computers using Windows XP, as well as Windows 7 and 8, all of which Microsoft stopped servicing years ago. Yet in an unusual step, they released a patch for those older systems because of the magnitude of the outbreak.

“There’s a lot of older Windows products out there that are `end of life’ and nobody’s bothered to take them out of service,” said Cynthia Larose, a cybersecurity expert at the law firm of Mintz Levin.

Use antivirus software

Using antivirus software will at least protect you from the most basic, well-known viruses by scanning your system against the known fingerprints of these pests. Low-end criminals take advantage of less-savvy users with such known viruses, even though malware is constantly changing and antivirus is frequently days behind detecting it.

Educate your workforce

Basic protocol such as stressing that workers shouldn’t click on questionable links or open suspicious attachments can save headaches. System administrators should ensure that employees don’t have unnecessary access to parts of the network that aren’t critical to their work. This helps limit the spread of ransomware if hackers do get into your system.

If hit, don’t wait and see

Some organizations disconnect computers as a precautionary measure. Shutting down a network can prevent the continued encryption — and possible loss — of more files. Hackers will sometimes encourage you to keep your computer on and linked to the network, but don’t be fooled.

If you’re facing a ransom demand and locked out of your files, law enforcement and cybersecurity experts discourage paying ransoms because it gives incentives to hackers and pays for their future attacks. There’s also no guarantee all files will be restored. Many organizations without updated backups may decide that regaining access to critical files, such as customer data, and avoiding public embarrassment is worth the cost.

Ryan O’Leary, vice president of WhiteHat Security’s threat research center, points out that this weekend’s hackers weren’t asking for much, usually about $300.

“If there is a silver lining to it, you’re not out a million dollars,” he said.

Still, “My answer is, never pay the ransom,” Abrams said. “But at the same time, I also know that if you’re someone who’s been affected and you’ve lost all your children’s photographs or you’ve lost all your data or you lost your thesis, sometimes $300 is worth it, you know?”
…

Europe’s police agency Europol says a global cyberattack has affected at least 100,000 organizations in 150 countries, with data networks infected by malware that locks computer files unless a ransom is paid.

Speaking to Britian’s ITV, Europol director Rob Wainwright said the healthcare sector in many countries is particularly vulnerable.  

So far there has been no progress reported in efforts to determine who launched the plot.

Computer security experts have assured individual computer users who have kept their PC operating systems updated that they are relatively safe.

They advised those whose networks have been effectively shut down by the ransomware attack not to make the payment demanded — the equivalent of $300, paid in the digital currency bitcoin, delivered to a likely untraceable destination that consists merely of a lengthy string of letters and numbers.  

However, the authors of the “WannaCry” ransomware attack told their victims the amount they must pay would double if they did not comply within three days of the original infection — by Monday, in most cases. And the hackers warned that they would delete all files on infected systems if no payment was received within seven days.

Avast, an international security software firm that claims it has 400 million users worldwide, said the ransomware attacks rose rapidly Saturday to a peak of 57,000 detected intrusions. Avast, which was founded in 1988 by two Czech researchers, said the largest number of attacks appeared to be aimed at Russia, Ukraine and Taiwan, but that major institutions in many other countries were affected.

‘Kill switch’ found

Computer security experts said the current attack could have been much worse but for the quick action of a young researcher in Britain who discovered a vulnerability in the ransomware itself, known as WanaCryptor 2.0.

The researcher, identified only as “MalwareTech,” found a “kill switch” within the ransomware as he studied its structure.

The “kill” function halted WanaCryptor’s ability to copy itself rapidly to all terminals in an infected system — hastening its crippling effect on a large network — once it was in contact with a secret internet address, or URL, consisting of a lengthy alphanumeric string.

The “kill” function had not been activated by whoever unleashed the ransomware, and the researcher found that the secret URL had not been registered to anyone by international internet administrators. He immediately claimed the URL for himself, spending about $11 to secure his access, and that greatly slowed the pace of infections in Britain.

Expects cautioned, however, that the criminals who pushed the ransomware to the world might be able to disable the “kill” switch in future versions of their malware.

Hackers’ key tool

WanaCryptor 2.0 is only part of the problem. It spread to so many computers so rapidly by using an exploit — software capable of burrowing unseen into Windows computer operating systems.

The exploit, known as “EternalBlue” or “MS17-010,” took advantage of a vulnerability in the Microsoft software that reportedly had been discovered and developed by the U.S. National Security Agency, which used it for surveillance activities.

NSA does not discuss its capabilities, and some computer experts say the MS17-010 exploit was developed by unknown parties using the name Equation Group (which may also be linked to NSA). Whatever its source, it was published on the internet last month by a hacker group called ShadowBrokers.

Microsoft distributed a “fix” for the software vulnerability two months ago, but not all computer users and networks worldwide had yet made that update and thus were highly vulnerable. And many computer networks, particularly those in less developed parts of the world, still use an older version of Microsoft software, Windows XP, that the company no longer updates.

The Finnish computer security firm F-Secure called the problem spreading around the world “the biggest ransomware outbreak in history.” The firm said it had warned about the exponential growth of ransomware, or crimeware, as well as the dangers of sophisticated surveillance tools used by governments.

Lesson: Update programs

With WanaCryptor and MS17-010 both “unleashed into the wild,” F-Secure said the current problem seems to have combined and magnified the worst of the dangers those programs represent.

The security firm Kaspersky Lab, based in Russia, noted that Microsoft had repaired the software problem that allows backdoor entry into its operating systems weeks before hackers published the exploit linked to the NSA, but also said: “Unfortunately it appears that many users have not yet installed the patch.”

Britain’s National Health Services first sounded the ransomware alarm Friday.

The government held an emergency meeting Saturday of its crisis response committee, known as COBRA, to assess the damage. Late in the day, Home Secretary Amber Rudd said the NHS was again “working as normal,” with 97 percent of the system’s components now fully restored.

Spanish firm Telefonica, French automaker Renault, the U.S.-based delivery service FedEx and the German railway Deutsche Bahn were among those affected.

None of the firms targeted indicated whether they had paid or would pay the hackers ransom.

 
…

Science fiction movies often contain imaginary technology. But now a real life moon rover has made it onto the big screen. Not only is it a star in a new film, but it will also play a starring role on a private mission to the moon next year. VOA’s Deborah Block has the story.
…

In what is believed to be the largest attack of its kind ever recorded, a cyberextortion attack continued causing problems Saturday, locking up computers and holding users’ files for ransom at dozens of hospitals, companies and government agencies. Businesses and computer security organizations await problems in the new workweek.

Ransomware Attack Could Herald Future Problems — Tech staffs around the world worked around the clock this weekend to protect computers and patch networks to block the computer hack whose name sounds like a pop song — “WannaCry” — as analysts warned the global ransomware attack could be just the first of a new wave of strikes by computer criminals.

Worldwide Cyberattack Spreads Further in Second Day — A cyberattack against tens of thousands of data networks in scores of countries, all infected by malware that locks computer files unless a ransom is paid, spread further in its second day Saturday, with no progress reported in efforts to determine who launched the plot.

Authorities Seek Clues On Culprits Behind Global Cyberattack — The British government said on Saturday it does not yet know who was behind a massive global cyberattack that disrupted Britain’s health care services, but Interior Minister Amber Rudd said the country’s National Crime Agency is investigating where the attacks came from.

Europol Working on Probe Into Massive Cyberattack — The European Union’s police agency, Europol, says it is working with countries hit by the global ransomware cyberattack to rein in the threat and help victims.

‘Perfect Storm’ of Conditions Helped Cyberattack Succeed — The cyberextortion attack that hit dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.

Where Global Cyberattack Has Hit Hardest — A look at some of the countries and organizations hardest hit during the global cyberattack.

What Is the Digital Currency Bitcoin? — In the news now after a cyberextortion attack this weekend, bitcoin has a fuzzy history, but it’s a type of currency that allows people to buy goods and services and exchange money without involving banks, credit card issuers or other third parties.

 
…

Here is a look at some of the places hit by the global cyberattack.

European Union — Europol’s European Cybercrime Center, known as EC3, said the attack “is at an unprecedented level and will require a complex international investigation to identify the culprits.”

Britain — Britain’s home secretary said the “ransomware” attack hit one in five of 248 National Health Service groups, forcing hospitals to cancel or delay treatments for thousands of patients — even some with serious aliments like cancer.

Germany — The national railway said Saturday departure and arrival display screens at its train stations were affected, but there was no impact on actual train services. Deutsche Bahn said it deployed extra staff to help customers.

Russia — Two security firms — Kaspersky Lab and Avast — said Russia was hit hardest by the attack. The Russian Interior Ministry, which runs the country’s police, confirmed it was among those that fell victim to the “ransomware,” which typically flashes a message demanding payment to release the user’s data. Spokeswoman Irina Volk was quoted by the Interfax news agency Saturday as saying the problem had been “localized” and that no information was compromised. Russia’s health ministry said its attacks were “effectively repelled.”

United States — In the U.S., FedEx Corp. reported that its Windows computers were `”experiencing interference” from malware, but wouldn’t say if it had been hit by ransomware. Other impacts in the U.S. were not readily apparent.

Turkey — The head of Turkey’s Information and Communication Technologies Authority or BTK says the nation was among those affected by the ransomware attack. Omer Fatih Sayan said the country’s cyber security center is continuing operations against the malicious software.

France — French carmaker Renault’s assembly plant in Slovenia halted production after it was targeted. Radio Slovenia said Saturday the Revoz factory in the southeastern town of Novo Mesto stopped working Friday evening to stop the malware from spreading.

Brazil — The South American nation’s social security system had to disconnect its computers and cancel public access. The state-owned oil company Petrobras and Brazil’s Foreign Ministry also disconnected computers as a precautionary measure, and court systems went down, too.

Spain — The attack hit Spain’s Telefonica, a global broadband and telecommunications company.
…

Tech staffs around the world worked around the clock this weekend to protect computers and patch networks to block the computer hack whose name sounds like a pop song — “WannaCry” — as analysts warned the global ransomware attack could be just the first of a new wave of strikes by computer criminals.

The United States suffered relatively few effects from the ransomware that appeared on tens of thousands of computer systems across Europe and into Asia, beginning Friday. Security experts remained cautious, however, and stressed there was a continuing threat.

In contrast to reports from several European security firms, a researcher at the Tripwire company on the U.S. West Coast said late Saturday that the attack could be diminishing.

“It looks like it’s tailing off,” said Travis Smith of Tripwire.

“I hope that’s the case,” Smith added. The Oregon firm protects large enterprises and governments from computer security threats.

Ransomware attack

The code for the ransomware unleashed Friday remains freely available on the internet, experts said, so those behind the WannaCry attack — also known as WanaCryptor 2.0 and a variety of other names — could launch new strikes in coming days or weeks. Copycat attacks by other high-tech criminals also are possible.

“We are not out of the woods yet,” said Gary Davis, chief consumer security evangelist at McAfee, the global computer security software company in Santa Clara, California. “We think it’s going to be the footprint for other kinds of attacks in the future.”

The attack hit scores of countries — more than 100, by some experts’ count — and infected tens of thousands of computer networks.

Industry reports indicate Russia, Taiwan, Ukraine and Britain were among the countries hit hardest, and more hacking reports can be expected when offices reopen for the new workweek Monday or, in some parts of the world, Sunday.

One of the weapons used in the current attack is a software tool reportedly stolen from the U.S. National Security Agency and published on the internet by hackers last month.

The tool affords hackers undetected entry into many Microsoft computer operating systems, which is what they need to plant their ransomware. However, Microsoft issued patches to fix that vulnerability in its software weeks ago that could greatly reduce the chances of intrusion.

Outdated operating systems

The crippling effects of WannaCry highlight a problem that experts have long known about, and one that appears to have hit developing countries harder.

Some organizations are more vulnerable to intrusion because they use older or outdated operating systems, usually due to the cost of upgrading software or buying modern hardware needed to install better-protected operating systems. Companies like Microsoft eventually stop updating or supporting older versions of their software, so customers using those programs do not receive software patches or security upgrades.

Much of the ransomware’s spread around the world occurred without any human involvement. The WannaCry malware self-propagates, copying itself to all computers on a network automatically.

When a demand for ransom payments appears on a user’s screen — $300 at first, doubling to $600 in a few days — it’s usually too late: All files on that computer have been encrypted and are unreadable by their owners.

The hackers said they would reverse the effect of their software once they received the payments they demanded.

Microsoft patched the “hole” in the newest versions of its operating software — Windows 10 for most home users — in March, three weeks before the stolen NSA exploit software was published on the internet. Since Friday, the company dropped its refusal to update old versions of its programs and issued patches specifically written for use in Windows XP and several other systems.

Microsoft declined a request for an interview, but a statement on the company’s blog said: “Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was painful. We are taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003.”

“A lot of people in the security community were impressed with Microsoft’s speed, but it highlights an ongoing challenge we have,” said Stephen Cobb, a senior security researcher with ESET, a global security software company. “If a malicious code outbreak breaks out tomorrow, and targets unsupported operating systems, Microsoft may have to go there again.”
…

The British government said on Saturday it does not yet know who was behind a massive global cyberattack that disrupted Britain’s health care services and targeted vital computer systems in as many as 100 other countries.

British Interior Minister Amber Rudd said Britain’s National Cyber Security Center was working with the country’s health service to ensure the attack that began Friday was contained and limited.

She said Britain’s National Crime Agency was still working with her ministry to find out where the attacks came from and that the British government did not know if the attacks had been directed by a foreign government.

What appeared to be the biggest cyberextortion attack in history exploited a vulnerability in Microsoft Windows that was identified in leaked documents by the U.S. National Security Agency earlier this year.

With more than 75,000 attacks launched on Friday, cybercrime experts around the world were investigating a concentration of attacks in Russia, Ukraine, and India — countries where the use of older, unpatched versions of Microsoft Windows is widespread.

The hackers attempt to trick victims into opening malicious attachments to spam e-mails by saying they contained invoices, job offers, security warnings, and other seemingly legitimate files.

The extortionists demand payments of $300 to $600 to restore access once computers are crippled by the scam. Cybersecurity firms said criminal organizations were probably behind the attack.

Russia’s Interior Ministry, Emergencies Ministry, and biggest bank, Sberbank, were all targeted, officials said.

The Interior Ministry said on its website that around 1,000 computers had been infected, but it had localized the virus. Russia’s Investigative Committee denied reports that it was attacked.

Russia’s Health Ministry and Emergencies Ministry told Russian news agencies that they had repelled the cyberattacks, while Sberbank said its cybersecurity arrangements had prevented viruses from entering its systems.

Russia’s Central Bank said Saturday that it detected massive cyberattacks on domestic banks, but the resources of the Central Bank itself were “not compromised.”

Megafon, a top Russian mobile operator, said it had come under attacks that appeared similar to those that crippled U.K. hospitals. A spokesman said mobile communications weren’t affected but the attacks interrupted the work of its call centers.

Hospitals ‘Crippled’

Spain and the United Kingdom were hit particularly hard. Hospitals across Britain found themselves without access to their computers or phone systems. Many canceled routine procedures and asked patients not to come to the hospital unless it was an emergency. 

British Prime Minister Theresa May said that, while some hospitals were crippled, there was no evidence patient data had been compromised.

Spain’s giant Telefonica telecommunications company was hit, prompting Spanish authorities to take measures to protect critical infrastructure in transportation, energy, telecommunications, and financial services.

Only a small number of U.S. organizations were hit because the hackers appear to have begun their campaign in Europe, cybersecurity firms said.

By the time the hackers turned their attention to the United States, spam filters had identified the new threat and flagged the ransomware-laden emails as malicious.

The security holes exploited by the hackers were disclosed several weeks ago by TheShadowBrokers, a mysterious group that has published what it says are hacking tools used by the White House security agency as part of U.S. intelligence-gathering.

Microsoft said it was pushing out automatic Windows updates to defend clients from the virus.

Some material for this article came from AP, BBC, AFP, Reuters, Tass and Interfax.
…

In what is believed to be the largest attack of its kind ever recorded, a cyberextortion attack struck in dozens of countries Friday, locking up computers and holding users’ files for ransom at dozens of hospitals, companies and government agencies.

Massive Cyberattack Hits Organizations Around Globe — An aggressive wave of cyberattacks has hit companies and public institutions around the globe, causing international havoc and bringing many services to a standstill. The cyberextortion attempt appeared to use stolen software developed by a U.S. spy agency.

What You Need to Know About Ransomware — What is ransomware? How does it infect your computer? How is the U.S. government’s National Security Agency involved? How to keep your computer safe.

Global Cyberattack Fuels Concern About US Vulnerability Disclosures — A global cyberattack on Friday renewed concerns about whether the U.S. National Security Agency and other countries’ intelligence services too often horde software vulnerabilities for offensive purposes, rather than quickly alerting technology companies to such flaws.

Companies Affected by Global Cyber Attack — A global cyber attack on Friday affected British hospitals, government agencies and companies, such as FedEx Corp., Telefonica SA, Portugal Telecom and Telefonica Argentina, in 99 countries, with Russia, Ukraine and Taiwan the top targets.

Don’t Click: What Is the ‘Ransomware’ WannaCry Worm? — What is so special about WannaCry?
…

Malicious software called “ransomware” has forced British hospitals to turn away patients and affected Spanish companies such as Telefonica as part of a global outbreak that has affected tens of thousands of computers.

How does it work?

WannaCry — also known as WanaCrypt0r 2.0, WannaCry and WCry — is a form of “ransomware” that locks up the files on your computer and encrypts them in a way that you cannot access them anymore.

How does it spread?

Ransomware is a program that gets into your computer, either by clicking on the wrong thing or downloading the wrong thing, and then it holds something you need to ransom.

In the case of WannaCry, the program encrypts your files and demands payment in bitcoin in order to regain access.

Security experts warn there is no guarantee that access will be granted after payment. Some ransomware that encrypts files ups the stakes after a few days, demanding more money and threatening to delete files altogether.

There are different variants of what happens: Other forms of ransomware execute programs that can lock your computer entirely, only showing a message to make payment in order to log in again. There are some that create pop-ups that are difficult or impossible to close, rendering the machine difficult or impossible to use.

Where has it spread?

British-based cyber researcher Chris Doman of AlienVault said the ransomware “looks to be targeting a wide range of countries,” with initial evidence of infections in at least two dozen nations, according to experts from three security firms.

The broad-based ransomware attack has appeared in at least eight Asian nations, a dozen countries in Europe, Turkey and the United Arab Emirates and Argentina, and appears to be sweeping around the globe, researchers said.

What is so special about WannaCry?

WannaCry is not just a ransomware program, it is also a worm.

This means that it gets into your computer and looks for other computers to try and spread itself as far and wide as possible.

Ransomware has a habit of mutating, so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates). Many security firms are already aware of WannaCry in past forms and most are looking at this one right now to see how it might be stopped.

Several cybersecurity firms said WannaCry exploits a vulnerability in Microsoft and that Microsoft patched this in March. People don’t always install updates and patches on their computers, and so this means vulnerabilities can remain open a lot longer and make things easier for hackers to get in.

It exploited a vulnerability in the Windows operating system believed to have been developed by the National Security Agency, which became public last month. It was among a large number of hacking tools and other files that a group known as the Shadow Brokers released on the internet. Shadow Brokers said that they obtained it from a secret NSA server.

The identity of Shadow Brokers is unknown, though many security experts believe the group that surfaced in 2016 is linked to the Russian government.

The NSA and Microsoft did not immediately respond to requests for comment.
…

Most technology experts agree that self-driving cars will soon finish the testing phase and enter the commercial market, probably as taxis and delivery vehicles. But some of them wonder if the cars’ artificial brains will be able to cope with the human propensity to bend the traffic rules. VOA’s George Putic reports.
…

An aggressive wave of cyberattacks hit companies and public institutions around the globe Friday, causing international havoc and bringing many services to a standstill. Computers were locked up and users’ files held for ransom when dozens of countries were hit in a cyberextortion attack that targeted hospitals, companies and government agencies.

What is ransomware?

Ransomware is a type of malware that attempts to extort a computer user for money. In some cases, the ransomware encrypts certain files and holds them hostage. In other cases, as happened Friday, it locks a user out of their entire computer system until a ransom is paid. Some ransomware that encrypts files increases the stakes after a few days, demanding more money and threatening to delete files altogether.

Steps of ransomware infection

A ransomware infection usually takes these five steps.

1. The user downloads malware from an infected website or email.

2. The initial malware hijacks the user’s browser and redirects it to a malicious site.

3. Part of the malware, called an exploit kit, looks for vulnerabilities in the user’s system.

4. Once a vulnerability is found, a malicious payload is downloaded onto the victim’s computer.

5. Then the malware calls home with sensitive data from the user’s computer. In the case of ransomware, the malware attempts to extort the user for money.

The ransomware program that spread Friday is not just malware, it is also a worm. This means that the malware gets into a computer and looks for other computers to try and spread itself as far as possible.

Do ransomware attacks generate money for the hackers?

Yes, they can. A hospital system in Los Angeles paid about $17,000 earlier this year following an attack that blocked hospital employees from using email and other forms of electronic communication by using encryption to lock them out of the system. The hackers even set up a help line to answer questions about paying the ransom.

Security industry experts say such attacks are becoming more prevalent, but are rarely made public.

How is the NSA involved?

The hackers appear to have used a technique that was discovered by the National Security Agency and was leaked online in April by a group calling itself the Shadow Brokers.

The malware is exploiting a flaw in Microsoft software. Microsoft created a patch to fix the flaw earlier this year, but not all businesses have updated their operating systems.

Who carried out the attack?

Investigators are pursuing information, but have not said if they have any strong leads. Officials say they believe the attack is the work of criminals and not a foreign government. The original hacking tool was apparently stolen from the NSA and leaked online by the Shadow Brokers, but officials do not know who that group is or whether they carried out this attack.

How to keep your computer safe

Microsoft released a patch in March that fixes the specific vulnerability exploited in this attack. The U.S. Department of Homeland Security is urging people to take three steps.

1. Update your systems to include the latest patches.

2. Do not click on or download unfamiliar links or files in emails.

3. Back up your data to prevent possible loss.
…

An aggressive wave of cyberattacks has hit companies and public institutions around the globe, causing international havoc and bringing many services to a standstill. The cyberextortion attempt appeared to use stolen software developed by a U.S. spy agency.

One of the first and worst attacks was aimed at Britain’s National Health Service. A wave of crippling ransomware hit dozens of hospitals across the country Friday, prompting the NHS to declare a “major incident.” Some hospitals diverted ambulances and canceled surgeries as a result of the attack, which blocked doctors’ access to patients’ files.

Ransomware is a type of computer malware, software that has a malevolent intent, that infects a target system, locks and encrypts all files, and then demands a cash payment from the victim in return for reversing the encryption.

A researcher at the Finnish cybersecurity company F-Secure said Friday’s apparently coordinated attacks were “the biggest ransomware outbreak in history,” The Associated Press reported. An analyst at another cybersecurity firm, Veracode, said the rapid spread of attacks pointed to the involvement of criminal organizations.

45,000 attacks in 74 countries

The international cybersecurity firm Kaspersky Labs, based in Russia, said it recorded 45,000 attacks in 74 countries. The worst hit by far was Russia, with serious problems also reported by computer networks in Taiwan, India and Ukraine.

The Russian Interior Ministry, which oversees police throughout the world’s largest country, at first denied it had been hacked, but later admitted about a thousand of its computers had been penetrated.

There was no immediate word on who carried out the cyberattacks, and it was not known whether any of the victims paid any ransom Friday.

The demands reportedly were for relatively trivial sums — the equivalent of $300, paid in bitcoin, a digital currency. But in past attacks, the payment demands multiplied to much larger sums in short order. Bitcoin payments can be difficult if not impossible to trace.

The ransomware used Friday was labeled with various names — WannaCryptOr, WannaCry or WCry — but all appeared to operate in a similar way. They gained entry to targeted computer systems by exploiting a vulnerability in Microsoft computer operating systems that was discovered and developed by the U.S. National Security Agency.

The security hole, known as “EternalBlue,” was stolen from U.S. government computers and disclosed on the internet earlier this year by a group known as TheShadowBrokers.

Microsoft fixed problem in March

Microsoft issued software patches to close the vulnerability in its operating systems two months ago, but many computer systems around the world have not yet been updated, or instead rely on older equipment that remains vulnerable to attack.

Security experts said the ransomware encountered Friday is a self-replicating piece of software that spreads from computer to computer as it finds systems that have not been shielded from intrusion. The malware enters large organizations’ computer networks, such as those at British hospitals, when an employee clicks on an innocent-appearing attachment to open the file, and thus releases the ransomware.

British Prime Minister Theresa May said it was clear that her nation’s problems were part of a wider international attack that had many victims.

China also was targeted by the unknown computer hackers, and the U.S. parcel delivery firm FedEx said its operations were hit. In Spain, telecommunications giant Telefónica was one of the early victims, and employees of MegaFon, one of the largest cellphone companies in Russia, said they also were hit.

NSA technique used

Computer experts said the ransomware did not to appear to be very sophisticated, but the way in which it spread, using the intrusion technique developed by NSA, clearly was. They noted the ransom demands that flashed onto users’ screens were in dozens of languages, indicating the attack had been well planned and coordinated.

Ransomware attacks and other computer intrusions, such as the hacking incident that unfolded in France last week on the eve of that country’s presidential election, are on the rise throughout the world.

Last year, a hospital in Los Angeles, California, said it paid a $17,000 ransom to regain control of its computers from hackers.
…

A global cyberattack on Friday renewed concerns about whether the U.S. National Security Agency and other countries’ intelligence services too often horde software vulnerabilities for offensive purposes, rather than quickly alerting technology companies to such flaws.

Hacking tools believed to belong to the NSA that were leaked online last month appear to be the root cause of a major cyberattack unfurling throughout Europe and beyond, security researchers said, stoking fears that the spy agency’s powerful cyber weapons had been stolen and repurposed by hackers with nefarious goals.

Some cybersecurity experts and privacy advocates said the massive attack reflected a flawed approach by the United States to dedicate more cyber resources to offense rather than defense, a practice they argued makes the internet less secure.

Across the U.S. federal government, about 90 percent of all spending on cyber programs is dedicated to offensive efforts, including penetrating the computer systems of adversaries, listening to communications and developing the means to disable or degrade infrastructure, senior intelligence officials told Reuters in March.

“These attacks underscore the fact that vulnerabilities will be exploited not just by our security agencies, but by hackers and criminals around the world,” Patrick Toomey, a staff attorney with the American Civil Liberties Union, said in a statement.

The NSA did not respond to a request for comment. Hospitals and doctors’ surgeries in parts of England on Friday were forced to turn away patients and cancel appointments after they were infected with the “ransomware,” which scrambled data on computers and demanded payments of $300 to $600 to restore access.

Security software maker Avast said it had observed more than 57,000 infections in 99 countries. Russia, Ukraine and Taiwan were the top targets, it said.

Private security firms identified the virus as a new variant of ‘WannaCry’ ransomware with the ability to automatically spread across large networks by exploiting a bug in Microsoft Corp’s Windows operating system.

Security experts said the ransomware used in the attacks leveraged a hacking tool found in a leak of documents in April by a group known as Shadow Brokers.

At the time, Microsoft acknowledged the vulnerabilities and said they had been patched in a series of earlier updates pushed to customers, the most recent of which had been rolled out only a month earlier in March. But the episode prompted concerns about whether the tools could be leveraged by hackers to attack unpatched systems.

In a statement, a Microsoft spokesman said on Friday its engineers had provided additional detection and protection services against the WannaCry malware and that it was working with customers to provide additional assistance. The spokesman reiterated that customers who have Windows Updates enabled and use the company’s free antivirus software are protected.

Shadow Brokers first emerged last year and began dumping tranches of documents that it said belonged to the NSA, though the files appeared at least a few years old.

Over time, western researchers have grown more confident that Russia may be behind Shadow Brokers and possibly other recent disclosures of sensitive information about cyber capabilities that have been pilfered from U.S. intelligence agencies.

Some researchers cast blame not on the NSA but on the hospitals and other customers that appeared to leave themselves open to attack.

“The main problem here is organizations taking more than eight weeks to patch once Microsoft released the update,” said Chris Wysopal, chief technology officer at the cyber firm Veracode. “Eight weeks is plenty of time for a criminal organization to develop a sophisticated attack on software and launch it on a wide scale.”

Former intelligence contractor Edward Snowden, who in 2013 leaked documents to journalists revealing the existence of broad U.S. surveillance programs, said on Twitter the NSA had built attack tools targeting U.S. software that “now threatens the lives of hospital patients.”

“Despite warnings, (NSA) built dangerous attack tools that could target Western software,” Snowden said. “Today we see the cost.”
…

A handful of New Yorkers have gathered at New York University to practice conversing in Arabic. Their two conversation partners have joined via Skype, video images projected side-by-side on a TV monitor.

The scene would be nothing out of the ordinary, save for the fact that the conversation partners, Ghayath and Rasha, are recently displaced Syrian refugees.

They are among some 50 refugees working with NaTakallam, a New York startup that pairs Arabic language learners, most based in the U.S., with displaced Syrians for paid, one-on-one conversation practice sessions over Skype.

NaTakallam sessions have garnered more than $110,000 for refugee instructors since launching in August 2015, according to the startup. Instructors keep $10 of the $15 paid by students for a one hour session. For the many Syrian refugees who must often start over and adjust to life in entirely new countries, the earnings supplement work that is already difficult to secure.

The idea for NaTakallam (Arabic for “we speak”) grew out of Aline Sara’s desire to improve her own Arabic speaking skills as a Lebanese-American. “The opportunities to practice Arabic were . . . kind of limited in New York, or extremely expensive for what I could afford at the time,” said the startup founder and CEO.

Typical Arabic classes also tend to teach Modern Standard Arabic, which Sara describes as “a Shakespearean version” of Arabic. “You don’t speak that way in your day-to-day activities,” she said. Conversational sessions provide the opportunity to practice regional dialects of the language. Most Syrians speak Levantine Arabic, one of the most widely understood dialects among Arabic speakers.

Instructors

For instructors like Ghayath, a Syrian refugee who has resettled in Italy, the language sessions are also an opportunity for cultural exchange. “We choose to speak together about daily life, about their interests, about my life, their life … the news.”

“I always say NaTakallam is my window to the world, because I travel every day through this small screen,” he added.

Students sign on for a variety of reasons, whether they’re studying related subjects such as political science, history or journalism or are part of the Arab diaspora and hoping to improve their native language skills. Other students may be tourists preparing for a trip abroad. Ghayath assesses each student’s particular language needs and tailors lessons accordingly.

Beyond the financial independence NaTakallam offers, Sara stresses the importance of bringing awareness and understanding to refugee communities.

“We’re always talking about refugees en masse. We don’t take the time to individualize them, to humanize them. This is a direct way,” said Sara, “You’re connecting in a one-on-one setting, people get to know each other. I think it’s very powerful.”

 
…

A Dutch entrepreneur has come up with an invention he says will allow him to start cleaning up a massive floating garbage patch in the Pacific two years ahead of schedule.

“To catch the plastic, act like plastic,” Boyan Slat said Thursday in Utrecht.

Slat’s Ocean Cleanup foundation plans to scoop up most of the Great Pacific Garbage Patch — a gargantuan floating island of plastic between the U.S. states of Hawaii and California.

When he discovered that his original plan of attaching large barriers to the sea floor to trap the plastic would not work, Stal devised a different plan.

The barriers will instead be weighed down by floating anchors and travel in the same sea currents as the garbage, trapping it.

Slat says the new plan will allow him to start collecting the trash within a year — two years ahead of schedule.

The young entrepreneur’s system is making waves among America’s super-rich philanthropists. Last month, his foundation announced it had raised $21.7 million in donations since November, clearing the way for large-scale trials at sea. Among donors were Salesforce.com CEO Marc Benioff and PayPal co-founder Peter Thiel.

Nancy Wallace, director of the Marine Debris Program at the U.S. National Oceanic and Atmospheric Administration, said much of the garbage in the world’s oceans is found throughout the water column — at different depths. That would likely put some of it out of reach of Slat’s barriers.

However she applauded The Ocean Cleanup for bringing the issue to a broad public.

“The more people are aware of it, the more they will be concerned about it,” Wallace said. “My hope is that the next step is to say `what can I do to stop it?’ and that’s where prevention comes in.”

The Great Pacific Garbage Patch is not just an ugly reminder of a throwaway human society — it is also a danger to sea life and humans. Tiny bits of plastic can find their way into the food chain.

Ocean Cleanup says 8 million tons of plastic wind up in the seas every year. One piece of plastic can take decades to break down.

Slat on Thursday brought out an intact plastic crate fished from the Pacific last year. The date 1977 was stamped on it.

Some information for this report from AP.
…

Television journalist Julia Kirienko was sheltering with Ukrainian soldiers and medics two miles (three kilometers) from the front when their cellphones began buzzing over the noise of the shelling. Everyone got the same text message at the same time.

“Ukrainian soldiers,” it warned, “they’ll find your bodies when the snow melts.”

Text messages like the one Kirienko received have been sent periodically to Ukrainian forces fighting pro-Russian separatists in the eastern part of the country. The threats and disinformation represent a new form of information warfare, the 21st-century equivalent of dropping leaflets on the battlefield.

“This is pinpoint propaganda,” said Nancy Snow, a professor of public diplomacy at the Kyoto University of Foreign Studies.

The Associated Press has found that the messages are almost certainly being sent through cell site simulators, surveillance tools long used by U.S. law enforcement to track suspects’ cellphones. Photos, video, leaked documents and other clues gathered by Ukrainian journalists suggest the equipment may have been supplied by the Kremlin.

The texts have been arriving since 2014, shortly after the fighting erupted. The AP documented nearly four dozen of them, including the one that Kirienko received on Jan. 31 in Avdiivka, a battle-scarred town outside the principal rebel-held city of Donetsk.

The messages typically say things such as “Leave and you will live” or “Nobody needs your kids to become orphans.” Many are disguised to look as if they are coming from fellow soldiers.

Fake towers

In 2015, Ukrainian soldiers defending the railroad town of Debaltseve were sent texts appearing to come from comrades claiming their unit’s commander had deserted. Another set of messages warned that Ukrainian forces were being decimated. “We should run away,” they said.

“They were mostly threatening and demoralizing, saying that our commanders had betrayed us and we were just cannon fodder,” said Roman Chashurin, who served as a tank gunner in Debaltseve.

Ukrainian military and intelligence services had no comment on the phenomenon, but government and telecommunications officials are well aware of what’s going on.

A 2014 investigation by a major Ukrainian cellphone company concluded that cell site simulators were to blame for the rogue messages, according to an information security specialist who worked on the inquiry. He spoke on the condition that neither he nor his former firm be identified, citing a nondisclosure agreement.

Col. Serhiy Demydiuk, the head of Ukraine’s national cyberpolice unit, said in an interview that the country’s intelligence services knew the devices were being used as well.

“Avdiivka showed that the Russian side was using fake towers,” he said. “They are using them constantly.”

Cell site simulators work by impersonating cellphone towers, allowing them to intercept or even fake data. Heath Hardman, a former U.S. Marines signals analyst who operated the devices in Iraq and Afghanistan, said they were routinely used by American military intelligence officers to hunt insurgents.

Sending mass text messages in wartime isn’t entirely new. The Islamic militant group Hamas sent threatening messages to random Israelis during the 2009 conflict over Gaza, for example, though it is not clear how that was done.

Effectiveness of texts

Cell site simulators significantly sharpen the ability of propagandists to tailor their messages to a specific place or situation, according to Snow, the academic.

“There’s just something about viewing a message on your phone that just makes people more susceptible or vulnerable to its impact,” she said.

The type of hardware involved remains a matter of speculation. But last year, the Ukrainian investigative website InformNapalm published a video and photographs appearing to show a LEER-3, a Russian truck-mounted electronic warfare system, in the Donetsk area. InformNapalm also disclosed what it described as leaked Russian military documents discussing the LEER-3’s deployment to the Luhansk area of eastern Ukraine.

A 2015 article in Russia’s Military Review magazine said the LEER-3 has a cell site simulator built into a drone that is capable of acting over a 6-kilometer-wide area and hijacking up to 2,000 cellphone connections at once. That makes it a “pretty plausible” source for the rogue texts in Ukraine, said Hardman, the former signals analyst.

Russia’s Defense Ministry did not return a request for comment. Moscow has long denied any direct role in the fighting in Ukraine, despite a wealth of evidence to the contrary.

The effectiveness of the propaganda texts is an open question. Soldiers say they typically shrug them off.

“I can’t say that it had any influence on us,” said Chashurin, the former tank gunner. “We were even joking that they must be so afraid of us the only thing they can do is to spam us with these texts.”

But Svetlana Andreychuk, a volunteer who has made frequent trips to the front line to distribute food and supplies, said the threats and mockery sometimes hit a nerve in a grinding conflict that has claimed more than 9,900 lives.

“Some people are psychologically influenced,” she said. “It’s coming regularly. People are so tired. You see people dying. And then you face this.”
…

In just a few years, well-mannered self-driving robotaxis will share the roads with reckless, law-breaking human drivers. The prospect is causing migraines for the people developing the robotaxis.

A self-driving car would be programmed to drive at the speed limit. Humans routinely exceed it by 10 to 15 mph (16 to 24 kph) — just try entering the New Jersey Turnpike at normal speed. Self-driving cars wouldn’t dare cross a double yellow line; humans do it all the time. And then there are those odd local traffic customs to which humans quickly adapt.

In Los Angeles and other places, for instance, there’s the “California Stop,” where drivers roll through stop signs if no traffic is crossing. In Southwestern Pennsylvania, courteous drivers practice the “Pittsburgh Left,” where it’s customary to let one oncoming car turn left in front of them when a traffic light turns green. The same thing happens in Boston. During rush hours near Ann Arbor, Michigan, drivers regularly cross a double-yellow line to queue up for a left-turn onto a freeway.

“There’s an endless list of these cases where we as humans know the context, we know when to bend the rules and when to break the rules,” said Raj Rajkumar, a computer engineering professor at Carnegie Mellon University who leads the school’s autonomous car research.

Although autonomous cars are likely to carry passengers or cargo in limited areas during the next three to five years, experts say it will take many years before robotaxis can coexist with human-piloted vehicles on most side streets, boulevards and freeways. That’s because programmers have to figure out human behavior and local traffic idiosyncrasies. And teaching a car to use that knowledge will require massive amounts of data and big computing power that is prohibitively expensive at the moment.

“Driverless cars are very rule-based, and they don’t understand social graces,” said Missy Cummings, director of Duke University’s Humans and Autonomy Lab.

Driving customs and road conditions are dramatically different across the globe, with narrow, congested lanes in European cities, and anarchy in Beijing’s giant traffic jams. In India’s capital, New Delhi, luxury cars share poorly marked and congested lanes with bicycles, scooters, trucks, and even an occasional cow or elephant.

Then there is the problem of aggressive humans who make dangerous moves such as cutting cars off on freeways or turning left in front of oncoming traffic. In India, for example, even when lanes are marked, drivers swing from lane to lane without hesitation.

Already there have been isolated cases of human drivers pulling into the path of cars such as Teslas, knowing they will stop because they’re equipped with automatic emergency braking.

“It’s hard to program in human stupidity or someone who really tries to game the technology,” says John Hanson, spokesman for Toyota’s autonomous car unit.

Kathy Winter, vice president of automated driving solutions for Intel, is optimistic that the cars will be able to see and think like humans before 2030.

Cars with sensors for driver-assist systems already are gathering data about road signs, lane lines and human driver behavior. Winter hopes auto and tech companies developing autonomous systems and cars will contribute this information to a giant database.

Artificial intelligence developed by Intel and other companies eventually could access the data and make quick decisions similar to humans, Winter says.

Programmers are optimistic that someday the cars will be able to handle even Beijing’s traffic. But the cost could be high, and it might be a decade or more before Chinese regulators deem self-driving cars reliable enough for widespread public use, said John Zeng of LMC Automotive Consulting.

Intel’s Winter expects fully autonomous cars to collect, process and analyze four terabytes of data in 1 { hours of driving, which is the average amount a person spends in a car each day. That’s equal to storing over 1.2 million photos or 2,000 hours of movies. Such computing power now costs over $100,000 per vehicle, Zeng said. But that cost could fall as more cars are built.

Someday autonomous cars will have common sense programmed in so they will cross a double-yellow line when warranted or to speed up and find a gap to enter a freeway. Carnegie Mellon has taught its cars to handle the “Pittsburgh Left” by waiting a full second or longer for an intersection to clear before proceeding at a green light. Sensors also track crossing traffic and can figure out if a driver is going to stop for a sign or red light. Eventually there will be vehicle-to-vehicle communication to avoid crashes.

Still, some skeptics say computerized cars will never be able to think exactly like humans.

“You’ll never be able to make up a person’s ability to perceive what’s the right move at the time, I don’t think,” said New Jersey State Police Sgt. Ed Long, who works in the traffic and public safety office.
…

China is testing the ability for future astronauts to stay on the moon for extended periods, as Beijing accelerates its space program and looks to put people on the surface of the moon within the next two decades.

The official Xinhua news agency said volunteers would live in a “simulated space cabin” for between 60-200 days over the next year helping scientists understand what will be needed for humans to “remain on the moon in the medium and long terms”.

Chinese President Xi Jinping has called for China to become a global power in space exploration, with plans to send a probe to the dark side of the moon by 2018, the first ever such trip, and to put astronauts on the moon by 2036.

“While it remains unclear exactly how long China’s first lunar explorers will spend on the surface, the country is already planning for longer stays,” Xinhua said.

Two groups of four volunteers will live in the simulated cabin “Yuegong-1” to test how a life-support system works in a moon-like environment. A similar 105-day trial was carried out successfully in 2014.

The system, called the Bioregenerative Life Support System (BLSS), allows water and food to be recycled and is key to any Chinese probes to the moon or beyond.

“The latest test is vital to the future of China’s moon and Mars missions and must be relied upon to guarantee the safety and health of our astronauts,” Liu Zhiheng of the Chinese Academy of Sciences told the news agency.

The Yuegong-1 cabin has a central living space the size of a “very small urban apartment” and two “greenhouses” for plants.

In March, China announced plans to launch a space probe to bring back samples from the moon this year, while the country’s first cargo space craft docked with an orbiting space lab in April, a major step as Beijing looks to establish a permanently manned space station by 2022.

Despite the advances in China’s space program for military, commercial and scientific purposes, China still lags behind the United States and Russia.
…

Electric carmaker Tesla has added another product to its lineup: Solar roof tiles.

As of Wednesday, customers worldwide could order a solar roof on Tesla’s website. Installations will begin next month in the U.S., starting with California. Installations outside the U.S. will begin next year, the company said.

The glass tiles were unveiled by Tesla last fall just before the company merged with solar panel maker SolarCity Corp. They’re designed to look like a traditional roof, with options that replicate slate or terracotta tiles. The solar tiles contain photovoltaic cells that are invisible from the street.

Guaranteed for life of home

Tesla CEO Elon Musk said one of the drawbacks to home solar installations has been the solar panels themselves: They’re often awkward, shiny and ugly. Buyers will want Tesla’s roof, he said, because it looks as good or better than a normal roof.

“When you have this installed on your house, you’ll have the best roof in the neighborhood. The aesthetics are that good,” Musk said in a conference call with media.

The roof is guaranteed for the life of the home, which is longer than the 20-year lifespan for a typical, nonsolar roof, Musk said. It has gone through the same hail, fire and wind testing that normal roofs endure.

Tesla’s website includes a calculator where potential buyers can estimate the cost of a solar roof based on the size of their home, the amount of sunlight their neighborhood receives and federal tax credits. They can also put down a refundable $1,000 deposit to reserve a place in line.

$42 per square foot

Tesla said the solar tiles cost $42 per square foot to install, making them far more costly than slate, which costs around $17 per square foot, or asphalt, which costs around $5. But homes would only need between 30 and 40 percent of their roof tiles to be solar; the rest would be Tesla’s cheaper nonsolar tiles, which would blend in with the solar ones.

It would cost $69,100 to install a solar roof with 40-percent solar tiles on a 2,600-square-foot roof in suburban Detroit, according to Tesla’s website. That includes a $7,000 Tesla Powerwall, a battery unit that stores the energy from the solar panels and powers the home. The roof would be eligible for a $15,500 federal tax credit and would generate an estimated $62,100 in electricity over 30 years. Over that time period, Tesla estimates, the homeowner would save $8,500.

Tesla said the typical homeowner can expect to pay $21.85 per square foot for a Tesla solar roof. The cost can be rolled into the homeowner’s mortgage payments and paid for over time, the company said.

Sales to be slow at first

Musk wouldn’t say how many orders the company expects to get this year. He expects the initial ramp-up to be slow.

“It will be very difficult and it will take a long time, and there will be some stumbles along the way. But it’s the only sensible vision of the future,” Musk said.

Palo Alto, California-based Tesla Inc. is making the solar tiles at its Fremont, California, factory initially. But eventually all production will move to a joint Tesla and Panasonic Corp. factory in Buffalo, New York. Panasonic makes the photovoltaic cells used in the solar tiles.

Tesla said it would be installing equipment in the Buffalo factory over the next few months.
…