The new iPhone 15 Pro may be too hot for some to handle. Literally. WSJ: Apple's priciest new iPhones are heating up in some scenarios, reaching high temperatures that make them difficult to touch at certain times, according to reviews, tests by The Wall Street Journal and social-media posts from buyers in China, the U.S. and Canada. Some iPhone 14 Pro owners have noticed similar hot temperatures over the past year. The high temperatures in Apple's newest 15 Pro models -- typically when charging and using intensive apps -- are prompting concerns that the company might need to address overheating in software updates that could impact performance. Premium iPhones have long been a critical cash cow for Apple as smartphone demand has slumped globally.

The company is hoping the iPhone 15, especially its Pro models, will return its business to growth. Thomas Galvin, a 23-year-old from Cleveland, says his iPhone 15 Pro Max has been "super hot" and that he is considering returning it. Apple customer support told him the heat was a result of setting up the new phone, but even a few days later, it is still "way worse than the iPhone 13 Pro Max," he said. Other users on X (formerly known as Twitter) and Reddit have had similar complaints about the heat, with some mentioning that the phone had become so warm it is difficult to hold. The Wall Street Journal's Joanna Stern noted in her review last week that the iPhone 15 Pro Max hit 106 degrees Fahrenheit while charging. In further testing, the phone reached temperatures up to 112 degrees when simultaneously charging and doing processor-intensive tasks, such as gaming.

SonicSpike shares a report: A U.S. security researcher is warning of a chilling effect after he was detained on arrival at a U.S. airport, his phone was searched, and was ordered to testify to a grand jury, only to have prosecutors reverse course and drop the investigation later. On Wednesday, Sam Curry, a security engineer at blockchain technology company Yuga Labs, said in a series of posts on X, formerly Twitter, that he was taken into secondary inspection by U.S. federal agents on September 15 after returning from a trip to Japan. Curry said agents with the Internal Revenue Service's Criminal Investigation (IRS-CI) unit and the Department of Homeland Security questioned him at Dulles International Airport in Washington DC about a "high profile phishing campaign," searched his unlocked phone, and served him with a grand jury subpoena to testify in New York the week after.

According to a photo of the subpoena that Curry posted, the grand jury was investigating wire fraud and money laundering. But Curry said he later received confirmation that the copy of his device data was deleted and the grand jury subpoena was canceled once prosecutors realized that Curry was investigating the theft of crypto, and not involved in it.

An anonymous reader quotes a report from Motherboard: Every week, the social media hype-train seems to find new ways to sensationalize generative AI tools. Most recently, a new technique that allows users to produce optical illusions went viral, with some describing the results as AI-generated images with "subliminal" messages. The technique, called ControlNet, essentially lets users have more control over the generated image by specifying additional inputs -- in this case, letting you create images or words within other images. Some users characterized this as a form of "hidden message" that could be used to implant suggestions in the form of subtle visual cues, like a McDonald's "M" logo appearing in the outlines of a movie poster.

ControlNet uses the AI image-generating tool Stable Diffusion, and one of its initial uses was generating fancy QR codes using the code as an input image. That idea was then taken further, with some users developing a workflow that lets them specify any image or text as a black-and-white mask that implants itself into the generated image -- kind of like an automated, generative version of the masking tool in Photoshop.

A company that acquires and sells zero-day exploits -- flaws in software that are unknown to the affected developer -- is now offering to pay researchers $20 million for hacking tools that would allow its customers to hack iPhones and Android devices. From a report: On Wednesday, Operation Zero announced on its Telegram accounts and on its official account on X, formerly Twitter, that it was increasing payments for zero-days in those platforms tenfold, from $200,000 to $20 million. "By increasing the premium and providing competitive plans and bonuses for contract works, we encourage the developer teams to work with our platform," the company wrote.

Operation Zero, which is based in Russia and launched in 2021, also added that "as always, the end user is a non-NATO country." On its official website, the company says that "our clients are Russian private and government organizations only." When asked why they only sell to non-NATO countries, Operation Zero CEO Sergey Zelenyuk declined to say. "No reasons other than obvious ones," he said. Zelenyuk also said that the bounties Operation Zero offer right now may be temporary, and a reflection of a particular time in the market, and the difficulty of hacking iOS and Android.

An anonymous reader quotes a report from VentureBeat: SEO consultant Gagan Ghotra observed that Google Search had begun to index shared Bard conversational links into its search results pages, potentially exposing information users meant to be kept contained or confidential. This means that if a person used Bard to ask it a question -- possibly even a question related to the contents of their private emails -- then shared the link with a designated third-party, say, their spouse, friend or business partner, the conversation accessible at that link could in turn be scraped by Google's crawler and show up publicly, to the entire world, in its Search Results.

Google Brain research scientist Peter J. Liu replied to Ghotra on X by noting that the Google Search indexing only occurred for those conversations that users had elected to click the share link on, not all Bard conversations, to which Ghotra patiently explained: "Most users wouldn't be aware of the fact that shared conversation mean it would be indexed by Google and then show up in SERP, most people even I was thinking of it as a feature to share conversation with some friend or colleague & it being just visible to people who have conversation URL."

Ultimately, Google's Search Liaison account on X, which provides "insights on how Google Search works," wrote back to Ghotra to say "Bard allows people to share chats, if they choose. We also don't intend for these shared chats to be indexed by Google Search. We're working on blocking them from being indexed now."

OSIRIS-REx weighs 4,650 pounds (or 2,110 kg). On September 8th of 2016, NASA first launched the spacecraft on its 3.8-billion mile mission to land on an asteroid and retrieve a sample.

That sample has just returned.

Throughout Sunday morning, NASA tweeted historic updates from the sample's landing site in Utah. "We've spotted the #OSIRISREx capsule on the ground," they announced about 80 minutes ago (including a 23-second video clip). "The parachute has separated, and the helicopters are arriving at the site. We're ready to recover that sample!"

UPI notes that the capsule "reached temperatures up to 5,000 degrees Fahrenheit during reentry, so protective masks and gloves are required to handle it," describing its payload as "a 250-gram dust sample."

15 minutes later NASA shared footage of "the first persons to come into contact with this hardware since it was on the other side of the solar system." A recovery team approached the capsule to perform an environmental safety sweep confirming there were no hazardous gas.

"The impossible became possible," NASA administrator Bill Nelson said in a statement. The Guardian reports he confirmed the capsule "brought something extraordinary — the largest asteroid sample ever received on Earth.

"It's going to help scientists investigate planet formation, it's going to improve our understanding of the asteroids that could possibly impact the earth and it will deepen our understanding of the origin of our solar system and its formation."

"This mission proves that NASA does big things, things that have inspired us, things that unite us...

"The mission continues with incredible science and analysis to come. But I want to thank you all, for everybody that made this Osiris-Rex mission possible."

Professor Neil Bowles of the University of Oxford, one of the scientists who will study the sample, told the Guardian that he was excited to see the sample heading to the clean room at Johnson Space Center. "So much new science to come!"

And that 4,650-pound spacecraft is still hurtling through space. 20 minutes after delivering its sample, the craft " fired its engines to divert past Earth toward its new mission to asteroid Apophis," NASA reports. The name of its new mission? OSIRIS-APEX. Roughly 1,000 feet wide, Apophis will come within 20,000 miles of Earth — less than one-tenth the distance between Earth and the Moon — in 2029. OSIRIS-APEX is scheduled to enter orbit of Apophis soon after the asteroid's close approach of Earth to see how the encounter affected the asteroid's orbit, spin rate, and surface.

"As the sun rose on Friday over the lunar plateau where India's Vikram lander and Pragyan rover sit, the robotic explorers remained silent," writes the New York Times: The Indian Space Research Organization, India's equivalent of NASA, said on Friday that mission controllers on the ground had sent a wake-up message to Vikram. The lander, as expected, did not reply. Efforts will continue over the next few days, but this could well be the conclusion of Chandrayaan-3, India's first successful space mission to the surface of another world...

The hope was that when sunlight again warmed the solar panels, the spacecraft would recharge and revive. But that was wishful thinking. Neither Vikram nor Pragyan were designed to survive a long, frigid lunar night when temperatures plunge to more than a hundred degrees below zero, far colder than the electronic components were designed for. The spacecraft designers could have added heaters or used more resilient components, but that would have added cost, weight and complexity...

The mission's science observations included a temperature probe deployed from Vikram that pushed into the lunar soil. The probe recorded a sharp drop, from about 120 degrees Fahrenheit at the surface to 10 degrees just three inches down. Lunar soil is a poor conductor of heat. The poor heat conduction could be a boon for future astronauts; an underground outpost would be well-insulated from the enormous temperature swings at the surface. Another instrument on Vikram, a seismometer, detected on Aug. 26 what appeared to be a moonquake... The Pragyan measurement suggests that concentrations of sulfur might be higher in the polar regions. Sulfur is a useful element in technologies like solar cells and batteries, as well as in fertilizer and concrete.

Before it went to sleep earlier this month, Vikram made a small final move, firing its engines to rise about 16 inches above the surface before softly landing again. The hop shifted Vikram's position by 12 to 16 inches, ISRO said. "Hoping for a successful awakening for another set of assignments!" ISRO posted on X, the social network formerly known as Twitter, on Sept. 2. "Else, it will forever stay there as India's lunar ambassador."
"Efforts to establish contact will continue," ISRO tweeted yesterday...

MGM Resorts brought to an end a 10-day computer shutdown prompted by efforts to shield from a cyberattack data including hotel reservations and credit card processing, the casino giant said Wednesday, as analysts and academics measured the effects of the event. From a report: "We are pleased that all of our hotels and casinos are operating normally," the Las Vegas-based company posted on X, the platform formerly known as Twitter. It reported last week that the attack was detected Sept. 10. Rival casino owner Caesars Entertainment also disclosed last week to federal regulators that it was hit by a cyberattack Sept. 7. It said that its casino and online operations were not disrupted but it could not guarantee that personal information about tens of millions of customers, including driver's licenses and Social Security numbers of loyalty rewards members, had not been compromised. Caesars, based in Reno, is widely reported to have paid $15 million of a $30 million ransom sought by a group called Scattered Spider for a promise to secure the data.

After manufacturing crystals of an HIV drug in space, the first orbital factory is stuck in orbit after being denied reentry back to Earth due to safety concerns. Gizmodo reports: The U.S. Air Force denied a request from Varda Space Industries to land its in-space manufacturing capsule at a Utah training area, while the U.S. Federal Aviation Administration (FAA) did not grant the company permission to reenter Earth's atmosphere, leaving its spacecraft hanging as the company scrambles to find a solution, TechCrunch first reported. A spokesperson from the FAA told TechCrunch in an emailed statement that the company's request was not granted at this time "due to the overall safety, risk and impact analysis."

Gizmodo reached out to Varda Space to ask which regulatory requirements have not been met, but the company responded with a two-word email that ominously read, "no comment." The California-startup did provide an update on its spacecraft through X (formerly Twitter). "We're pleased to report that our spacecraft is healthy across all systems. It was originally designed for a full year on orbit if needed," Varda Space wrote on X. "We look forward to continuing to collaborate w/ our gov partners to bring our capsule back to Earth as soon as possible." Varda Space Industries launched its first test mission on June 12, "successfully sending a 200-pound (90-kilogram) capsule designed to carry drug research into Earth's orbit," reported CNN. "The experiment, conducted in microgravity by simple onboard machines, aims to test whether it would be possible to manufacture pharmaceuticals in space remotely."

An anonymous reader quotes a report from TechCrunch: Earlier this year, the U.S. government indicted Russian hacker Mikhail Matveev, also known by his online monikers "Wazawaka" and "Boriselcin," accusing him of being "a prolific ransomware affiliate" who carried out "significant attacks" against companies and critical infrastructure in the U.S. and elsewhere. The feds also accused him of being a "central figure" in the development and deployment of the notorious ransomware variants like Hive, LockBit, and Babuk. Matveev is such a prominent cybercriminal that the FBI designated him as one of its most wanted hackers. Matveev, who the FBI believes he remains in Russia, is unlikely to face extradition to the United States.

For Matveev, however, life seems to go on so well that he is now taunting the feds by making a T-shirt with his own most wanted poster, and asking his Twitter followers if they want merch. When reached by TechCrunch on X, formerly Twitter, Matveev verified it was really him by showing a picture of his left hand, which has only four fingers, per Matveev's FBI's most wanted page. Matveev also sent a selfie holding a piece of paper with this reporter's name on it.

After he agreed to do an interview, we asked Matveev a dozen questions about his life as a most wanted hacker, but he didn't answer any of them. Instead, he complained that we used the word "hacker." "I don't like this designation -- hacker, we are a separate type of specialist, practical and using our knowledge and resources without water and writing articles," he wrote in an X direct message. "I was interested only in terms of financial motivation, roughly speaking, I was thinking about what to do, sell people or become. it, [sic] let me tell you how I lost my finger?" At that point, Matveev stopped answering messages.

Meta is ending support for two first party original Oculus Quest launch titles next year without explanation. UploadVR reports: The company sent out emails to all owners of Bogo and Dead And Buried II on Friday to inform them that these apps will "end services" and "no longer be supported" after 15 March 2024, five years after they launched. The Meta Quest platform policies require developers to give customers at least 180 days notice before shutting down an app, so this appears to be Meta complying with its own policy.

Bogo was a free virtual pet app designed as a demo of Oculus Quest's wireless room scale tracking and hand controllers. It's one of the few VR apps that adapts to the size of your playspace, keeping the interactable area reachable for small rooms while encouraging physical walking for those with larger rooms. Bernie Yee, a former Meta manager who hired and led the 'Oculus REX' team that developed Bogo (as well as Dreamdeck, Toybox, First Contact, and First Steps), lamented the death of Bogo on X, tagging Meta's CTO Andrew Bosworth to ask that it be preserved on App Lab. Yee was let go in the first wave of layoffs in November last year, alongside multiple of the REX team. [...] While Meta hasn't commented on the decision, the use of now-obsolete SDKs and the lack of a team to update the app likely contributed to the decision to kill it, but it's not clear why it couldn't have been demoted to App Lab.

Dead and Buried II on the other hand was a $20 multiplayer shooter - one of the first FPS games available on the Oculus Quest. It launched with two game modes, a team vs team 'Shootout' and a free-for-all 'Deathmatch'. An update just under a year later added three new modes: a 1vs1 'Quickdraw' mode and two co-op modes, Survival and Horde. Given Dead and Buried II is a multiplayer title, Meta may be sunsetting so it no longer has to maintain the servers and related online services, as it also did with the much more popular Echo Arena back in August.

"We have heard you," Unity posted on Twitter/X on Sunday afternoon. "We apologize for the confusion and angst the runtime fee policy we announced on Tuesday caused."

"We are listening, talking to our team members, community, customers, and partners, and will be making changes to the policy. We will share an update in a couple of days. Thank you for your honest and critical feedback."

Within 90 minutes Unity's tweet had been viewed over 1 million times. Pushback had built over the last five days to Unity's announcement that next year they'd charge developers per game installation (beyond certain thresholds). IGN reports: Unity tried to clarify the policy, saying it will only count "net new installs" on any devices starting January 1 and devs would not be paying fees on re-installations, "fraudulent" installs via botnets and the like, trial version, web and streaming games, and charity-related installs. Unity also claimed that "90 percent of customers will not be affected by this change."

The development community did not take kindly to these proposed changes and clarifications, and many teams across the globe, including Rust 2 developer Facepunch Studios, said they won't be making their games in Unity now. Others, like Massive Monster, threatened to delete its Unity-made game Cult of the Lamb on January 1 should these changes happen.

The pushback got so severe that Unity offices in San Francisco and Austin had to close due to what it called a credible death threat.

An anonymous reader shared this report from TechCrunch: In March, WordPress.com owner Automattic made a commitment to the fediverse — the decentralized social networks that include the Twitter rival Mastodon and others — with the acquisition of an ActivityPub plug-in that allows WordPress blogs to reach readers on other federated platforms. Now, the company is announcing ActivityPub 1.0.0 for WordPress has been released allowing WordPress blogs to be followed by others on apps like Mastodon and others in the fediverse and then receive replies back as comments on their own sites.

Since the acquisition, the company has improved on the original software in a number of ways, including by now allowing the ability to add blog-wide catchall accounts instead of only per-author. It also introduced the ability to add a "follow me" block to help visitors follow your profile and a "followers" block to show off your followers, noted Automattic design engineer Matt Wiebe, in a post on X... For the time being, the software supports self-hosted WordPress blogs, but Wiebe teased that support for WordPress.com blogs was "coming soon."
Last year Automattic's CEO Matt Mullenweg announced Tumblr would add support for ActivityPub, the article adds. "But more recently, Mullenweg told us he's been investigating not only ActivityPub, but also other protocols like Nostr and Bluesky's AT Protocol."

Unity announced a new pricing model this week, charging developers per game install beyond certain thresholds. This move has faced severe backlash from developers, criticizing Unity's communication, clarity, trust issues, and perceived exploitation of indie teams. The Verge adds: Many developers and even publishers took to social media to register their anger and to call on Unity to reverse its decision. [...] "This decision puts studios in a position where we might not be able to justify using Unity for our future titles," read a post on X (formerly Twitter) from developer Aggro Crab. "If these changes aren't rolled back, we'll be heavily considering abandoning our Unity expertise." Many developers shared a similar sentiment, explaining they were considering abandoning Unity as a game engine.

Other game developers, like Massive Monster, were more drastic, which, via the official account for its game Cult of the Lamb, threatened to delist the game entirely. Though the post was a tongue-in-cheek joke, it's one being repeated by other developers. "[Please] buy our game," posted the official Viewfinder account. "But don't install it after January 1, 2024." Other game makers wondered how Unity could put forth such a statement without considering all the ways it could negatively impact its users. According to a post on the Unity forums from someone who claimed to be an employee, objections were raised internally. "Know also that all of the concerns that are understandably blowing up at the moment have been raised internally by many weeks before this announcement," the alleged employee wrote. "Why it was decided to rush this out anyway in this way I can only speculate about."

Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform's operations. BleepingComputer reports: The incident occurred on September 12 and preliminary results of the investigation show that the unauthorized transactions involved Ethereum ($ETH), Tron ($TRON), and Polygon ($MATIC) cryptocurrency. CoinEx has not provided any info about the financial impact incurred, as the investigation has yet to determine the complete losses.

However, a report from blockchain security firm PeckShield says that the attack drained CoinEx of about $19 million in $ETH, $11 million in $TRON, $6.4 million in Smart Chain Coin ($BSC), $6 million in Bitcoin (BTC), and approximately $295,000 in (MATIC). According to PeckShield, the loss from this attack amounts to about $43 million, while the remaining $72 million kept on the same stash has been transferred to better-protected cold wallets.

A more recent estimation on the CoinEx losses coming from CertiK Alert raises the figure to $53 million, analyzed as seen in this document. User assets have not been impacted by the incident, CoinEx said, and assuring that any parties suffering loss will receive full compensation. At the time of writing, all deposit and withdrawal services on CoinEx have been suspended to protect user assets and will only resume after the exchange's IT team makes sure that all risk has been eliminated.

On Tuesday, Apple unveiled the iPhone 15 Pro and Pro Max featuring USB-C ports, titanium bodies, and Action Buttons. They're also the first smartphones to support the open-source smart home protocol Thread. The Verge's Jennifer Pattison Tuohy explains how Apple might deploy this wireless connectivity protocol in its ecosystem: The obvious use for Thread in the iPhone is as a Thread border router for the slew of new Apple Home and Matter-enabled Thread smart home devices from companies like Eve, Nanoleaf, and Belkin WeMo. This would mean you wouldn't have to have a HomePod Mini, Apple TV 4K, or other Thread border router to use Thread smart home gadgets with your iPhone. ... [Jonathan Hui, VP of technology at the Thread Group and a software engineer at Google] says that Thread connectivity in a smartphone will allow it to communicate directly with a Thread device. "Compared to existing smartphones without Thread, a smartphone with Thread can communicate directly with a Thread device, without relying on a separate Thread border router or any other communication technology," he said.

Another possibility with direct control is some type of trigger or presence detection. Your Thread devices could know you're home as soon as you walk into the house and respond appropriately. However, presence detection -- something the smart home sorely needs -- would be easier to do with the UWB chips already in most iPhones and HomePods (and is already being done to some extent). As an IP-based mesh protocol, Thread could be a more reliable way to connect multiple such devices to your phone while also having multiple "parent" devices within the same home (such as your iPad, MacBook, or other family member's iPhones). Its IP characteristic makes it easier to maintain a persistent data connection directly to the device, says Moneta. Additionally, Thread being mesh means your device doesn't have to be in range of the controller (iPhone/iPad etc.), as it would with Bluetooth. This could apply to Apple accessories such as the Apple Watch and third-party devices that use Bluetooth, like camera accessories and medical devices. Of course, all of those would need a Thread radio in, too, so that's not going to happen anytime soon. [...]

A popular theory in my X (formerly Twitter) feed after the Apple event was that Thread is in the iPhone 15 Pro line more or less as a freebie. It's plausible that the Wi-Fi / Bluetooth chip Apple is using in its highest-end phones comes as a sort of three-for-one: you pay for Wi-Fi and Bluetooth, and you get your Thread for free! Given that Apple itself doesn't seem to have a clear idea or any concrete examples of what the Thread capabilities will add (beyond a vague "opening up future opportunities for Home app integrations" statement in the iPhone 15 press release), this does seem to be the most likely reason -- for now. Although, Apple rarely does anything without some purpose in mind.

An anonymous reader quotes a report from Engadget: The ALPHV/BlackCat ransomware group claimed responsibility for the MGM Resorts cyber outage on Tuesday, according to a post by malware archive vx-underground. The group claims to have used common social engineering tactics, or gaining trust from employees to get inside information, to try and get a ransom out of MGM Resorts, but the company reportedly refuses to pay. The conversation that granted initial access took just 10 minutes, according to the group.

"All ALPHV ransomware group did to compromise MGM Resorts was hop on LinkedIn, find an employee, then call the Help Desk," the organization wrote in a post on X. Those details came from ALPHV, but have not been independently confirmed by security researchers. The international resort chain started experiencing outages earlier this week, as customers noticed slot machines at casinos owned by MGM Resorts shut down on the Las Vegas strip. As of Wednesday morning, MGM Resorts still shows signs that it's experiencing downtime, like continued website disruptions. In a statement on Tuesday, MGM Resorts said: "Our resorts, including dining, entertainment and gaming are currently operational." However, the company said Wednesday that the cyber incident has significantly disrupted properties across the United States and represents a material risk to the company.

"[T]he major credit rating agency Moody's warned that the cyberattack could negatively affect MGM's credit rating, saying the attack highlighted 'key risks' within the company," reports CNBC. "The company's corporate email, restaurant reservation and hotel booking systems remain offline as a result of the attack, as do digital room keys. MGM on Wednesday filed a 8-K report with the Securities and Exchange Commission noting that on Tuesday the company issued a press release 'regarding a cybersecurity issue involving the Company.'" MGM's share price has declined more than 6% since Monday.

Elon Musk, Bill Gates, Mark Zuckerberg and other technology heavyweights debated the possibilities and risks of artificial intelligence Wednesday in a closed-door meeting with more than 60 U.S. Senators who are contemplating legislation to regulate the technology. WSJ: Musk, the CEO of Tesla and owner of X (formerly Twitter), warned about what he views as AI's potential to threaten humanity, according to a participant. Microsoft founder Gates said the technology could help address world hunger, said Sen. Chuck Schumer (D., N.Y.), who convened the session. Other speakers included Facebook founder Zuckerberg and the CEOs of Google, Microsoft, Nvidia and IBM, along with union leaders. Schumer at one point asked the guests if they agreed that the government needed to play a role in regulating artificial intelligence. Everyone present raised their hands, Schumer said during a break in the day-long session.

Despite that consensus -- and Schumer's vow to move toward passing legislation within months -- the meeting also laid bare some of the tension points ahead. One debate centered on the practice of making certain AI programs "open source," or available for the public to download and modify. Some in the room raised concerns about the practice, which has the potential to put powerful AI systems in the hands of bad actors, according to one participant. But Zuckerberg, whose company Meta Platforms has released powerful open source models, defended the practice. He told Senators in his opening statement that open source "democratizes access to these tools, and that helps level the playing field and foster innovation for people and businesses," according to excerpts released by the company. Another point of tension related to workers who see AI as a potential threat to their jobs. Sen. Maria Cantwell (D., Wash.) recounted a moment where the head of the Writers Guild of America West, Meredith Stiehm, described the views of members who are on strike seeking a new contract with Hollywood studios in part to address those fears.

Unity, the tech company behind one of the most popular engines for creating video games, is scrambling to clarify how a price increase for its services will work, after its announcement Tuesday morning broadly infuriated the game development community. From a report: The fees, which Unity said are essential for funding development of its tech, left many game makers wondering if having a hit game through Unity would cost them more money than they could make. Developers spoke throughout the day of delaying their games to switch to rival Epic Games' Unreal Engine or other services on X, the platform formerly known as Twitter. But by the evening, Unity exec Marc Whitten was updating Axios on the policies, potentially defusing some concerns raised by game creators.

The new "Runtime Fee" announced Tuesday morning is tied to a player's installations of a game, an action that previously didn't cost developers anything. With Unity's new plan, developers who use Unity's free tier of development services would owe Unity $0.20 per installation once their game hit thresholds of 200,000 downloads and earn $200,000 in revenue. Developers paying over $2,000 a year for a Unity Pro plan would have to hit higher thresholds and would be charged with lower fees. The newfee system will begin at the start of 2024. [...] After initially telling Axios earlier Tuesday that a player installing a game, deleting it and installing it again would result in multiple fees, Unity's Whitten told Axios that the company would actually only charge for an initial installation. (A spokesperson told Axios that Unity had "regrouped" to discuss the issue.) He hoped this would allay fears of "install-bombing," where an angry user could keep deleting and re-installing a game to rack up fees to punish a developer.

Rotten Tomatoes celebrated its 25th year of assigning scores to movies based on their aggregate review. Now Vulture writes that Rotten Tomatoes "can make or break" movies, "with implications for how films are perceived, released, marketed, and possibly even green-lit". But unfortuately, the site "is also erratic, reductive, and easily hacked."

Vulture tells the story of a movie-publicity company contacting "obscure, often self-published critics" to say the film's teams "feel like it would benefit from more input from different critics" — while making undisclosed payments of $50 or more.) A critic asking if it's okay to pan the movie was informed that "super nice" critics move their bad reviews onto sites not included in Rotten Tomatoes scores.

Vulture says after bringing this to the site's attention, Rotten Tomatoes "delisted a number of the company's movies from its website and sent a warning to writers who reviewed them." But is there a larger problem? Filmmaker Paul Schrader even opines that "Audiences are dumber. Normal people don't go through reviews like they used to. Rotten Tomatoes is something the studios can game. So they do...." A third of U.S. adults say they check Rotten Tomatoes before going to the multiplex, and while movie ads used to tout the blurbage of Jeffrey Lyons and Peter Travers, now they're more likely to boast that a film has been "Certified Fresh...."

Another problem — and where the trickery often begins — is that Rotten Tomatoes scores are posted after a movie receives only a handful of reviews, sometimes as few as five, even if those reviews may be an unrepresentative sample. This is sort of like a cable-news network declaring an Election Night winner after a single county reports its results. But studios see it as a feature, since, with a little elbow grease, they can sometimes fool people into believing a movie is better than it is.

Here's how. When a studio is prepping the release of a new title, it will screen the film for critics in advance. It's a film publicist's job to organize these screenings and invite the writers they think will respond most positively. Then that publicist will set the movie's review embargo in part so that its initial Tomatometer score is as high as possible at the moment when it can have maximal benefits for word of mouth and early ticket sales... [I]n February, the Tomatometer score for Ant-Man and the Wasp: Quantumania debuted at 79 percent based on its first batch of reviews. Days later, after more critics had weighed in, its rating sank into the 40s. But the gambit may have worked. Quantumania had the best opening weekend of any movie in the Ant-Man series, at $106 million. In its second weekend, with its rottenness more firmly established, the film's grosses slid 69 percent, the steepest drop-off in Marvel history.

In studios' defense, Rotten Tomatoes' hastiness in computing its scores has made it practically necessary to cork one's bat. In a strategic blunder in May, Disney held the first screening of Indiana Jones and the Dial of Destiny at Cannes, the world's snootiest film festival, from which the first 12 reviews begot an initial score of 33 percent. "What they should've done," says Publicist No. 1, "was have simultaneous screenings in the States for critics who might've been more friendly." A month and a half later, Dial of Destiny bombed at the box office even though friendly critics eventually lifted its rating to 69 percent. "They had a low Rotten Tomatoes score just sitting out there for six weeks before release, and that was deadly," says a third publicist.