Jan 29, 2025The Hacker NewsThreat Detection / Artificial IntelligenceCurious about the buzz around AI in cybersecurity? Wonder if it's just a shiny new toy in the tech world or a serious game changer? Let's unpack this together in a not-to-be-missed webinar that goes beyond the hype to explore the real impact of AI on cybersecurity.Join Ravid Circus, a seasoned pro in cybersecurity and AI, as we peel back the layers of AI in cybersecurity through a revealing survey of 200 industry insiders. This isn't your average tech talk; it's a down-to-earth, insightful discussion about what AI is actually doing for us today.Why Tune In?Get the Inside Scoop: How are real-world security teams using AI right now? Learn about the genuine perks and the real snags, from data hiccups to transparency troubles.Boost Your Cyber Defenses: Discover which cybersecurity corners AI is revolutionizing the most. It's about pinpointing where AI can really beef up your security measures.Walk Away With a Game Plan: This isn't just about high-level ideas. You'll get practical, straightforward tips on making AI work harder for your security needs.This webinar isn't just about listening; it's about transforming your approach to cybersecurity. Find out how to steer clear of overhyped tech and focus on solutions that truly deliver. Learn from peers who are putting AI to the test and gearing up for future challenges.It's the perfect chance to rethink your cybersecurity strategy with AI at the helm. Whether you're fine-tuning your approach or starting from scratch, you'll leave with fresh ideas and sharp insights.Spots are going quickly, and you won't want to miss out. Register now to make sure you're in the loop and ready to harness the power of AI in your cybersecurity game plan. Let's get ready to turn curiosity into action!Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Jan 29, 2025Ravie LakshmananVulnerability / Threat IntelligenceA team of security researchers from Georgia Institute of Technology and Ruhr University Bochum has demonstrated two new side-channel attacks targeting Apple silicon that could be exploited to leak sensitive information from web browsers like Safari and Google Chrome.The attacks have been codenamed Data Speculation Attacks via Load Address Prediction on Apple Silicon (SLAP) and Breaking the Apple M3 CPU via False Load Output Predictions (FLOP). Apple was notified of the issues in May and September 2024, respectively.The vulnerabilities, like the previously disclosed iLeakage attack, build on Spectre, arising when speculative execution "backfires," leaving traces of mispredictions in the CPU's microarchitectural state and the cache.Speculative execution refers to a performance optimization mechanism in modern processors that are aimed at predicting the control flow the CPU should take and execute instructions along the branch beforehand.In the event of a misprediction, the results of the transient instructions are discarded and revert all changes made to the state following the prediction.These attacks leverage the fact that speculative execution leaves traces to force a CPU to make a misprediction and execute a series of transient instructions, whose value could then be inferred through a side-channel even after the CPU rolls back all the changes to the state due to the misprediction. "In SLAP and FLOP, we demonstrate that recent Apple CPUs go beyond this, not only predicting the control flow the CPU should take, but also the data flow the CPU should operate on if data are not readily available from the memory subsystem," the researchers said."Unlike Spectre, mispredictions on data flow do not directly result in the CPU speculatively executing the wrong instructions. Instead, they result in the CPU executing arbitrary instructions on the wrong data. However, we show this can be combined with indirection techniques to execute wrong instructions."SLAP, which affects M2, A15, and newer chips, targets what's called a Load Address Predictor (LAP) that Apple chips use to guess the next memory address the CPU will retrieve data from based on prior memory access patterns.However, if the LAP predicts a wrong memory address, it can cause the processor to perform arbitrary computations on out-of-bounds data under speculative execution, thereby opening the door to an attack scenario where an adversary can recover email content from a logged-in user and browsing behavior from the Safari browser.On the other hand, FLOP impacts M3, M4, and A17 chips, and takes aim at another feature called Load Value Predictor (LVP) that's designed to improve data dependency performance by "guessing the data value that will be returned by the memory subsystem on the next access by the CPU core."FLOP causes "critical checks in program logic for memory safety to be bypassed, opening attack surfaces for leaking secrets stored in memory," the researchers noted, adding it could be weaponized against both Safari and Chrome browsers to pull off various arbitrary memory read primitives, such as recovering location history, calendar events, and credit card information.The disclosure comes nearly two months after researchers from Korea University detailed SysBumps, which they described as the first kernel address space layout randomization (KASLR) break attack on macOS for Apple silicon."By using Spectre-type gadgets in system calls, an unprivileged attacker can cause translations of the attacker's chosen kernel addresses, causing the TLB to change according to the validity of the address," Hyerean Jang, Taehun Kim, and Youngjoo Shin said. "This allows the construction of an attack primitive that breaks KASLR bypassing kernel isolation."Separately, new academic research has also uncovered an approach to "combine multiple side channels to overcome limitations when attacking the kernel," finding that address space tagging, "the very same feature that makes mitigation of side-channels efficient, opens up a new attack surface."This includes a practical attack dubbed TagBleed, which abuses tagged translation lookaside buffers (TLBs), which makes separating kernel and user address spaces efficient, and residual translation information to break KASLR even in the face of state-of-the-art mitigations" on modern architectures."This leakage is enough to fully derandomize KASLR when used in combination with a secondary side-channel attack that uses the kernel as a confused deputy to leak additional information about its address space," VUSec researcher Jakob Koschel said.Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.SHARE

Chuck Gordon, CEO, StorableJanuary 29, 20254 Min ReadJennifer Miranda Lobijin via Alamy StockAs businesses plan their 2025 technology investments amid stabilizing interest rates, many are restarting digital transformation initiatives that were paused or scaled back in recent years. Despite global digital transformation spending set to reach $3.4 trillion by 2026, McKinsey reports a sobering reality: seventy percent of these initiatives failto deliver their intended results.In today's environment, where businesses face increasing pressure to modernize while optimizing costs, an even more concerning trend has emerged: companies operating in a dangerous middle ground between analog and digital operations.Picture two businesses: One runs entirely on legacy systems, the other operates on a patchwork of modern and outdated technology. Counter-intuitively, the fully legacy business often outperforms its partially modernized peer. Why? Because partial digital transformation creates complexity without delivering efficiency. It's like trying to drive a car that's half electric, half gasoline.This isn't just an enterprise problem. From local facility managers to global technology corporations, organizations are discovering that incomplete digital transformation creates more problems than it solves. The challenge isn't the technology itself; its the growing complexity of managing systems that don't work together.Related:The False Security of Half MeasuresPartial transformation is common when businesses implement new customer-facing technology without updating their core operations. Think of a modern payment portal connected to paper-based billing systems, or an automated booking platform trying to sync with manual inventory management. These disconnects create daily operational friction that technology was supposed to eliminate.These types of half measures create an illusion of progress while actually increasing operational complexity. Leaders often start with the best intentions: Let's modernize gradually or We'll transform the customer-facing parts first. But this approach is like building a bridge halfway across a river; you invest significant resources without reaching the other side.Critical Failures of Partial TransformationThe integration burden.In every disconnect between modern and legacy systems there is a point where someone must manually bridge the gap. What starts as a simple connection between systems often evolves into a complex web of workarounds and manual processes.Consider a facility management operation where online payments flow into a modern accounting system, but unit availability is still tracked in spreadsheets. Staff spend hours reconciling these systems daily, creating more work instead of less. As organizations plan their 2025 technology budgets, these inefficiencies threaten to consume an ever-larger share of resources.Related:At our company, we've observed these integration challenges across thousands of facility operators -- from family-owned businesses to large enterprises. What often begins as a well-intentioned effort to modernize specific processes, frequently results in staff maintaining multiple systems in parallel, creating more complexity rather than less. The most successful operators tackle transformation holistically, ensuring their core operational systems can communicate seamlessly before they add new capabilities.The data disconnect. When new systems can't properly communicate with older ones, businesses face a constant challenge maintaining accurate information across operations. Modern cloud systems expect data to flow freely, but legacy systems often hold this data in rigid, isolated structures.For example, when a customer makes an online reservation but the on-site management system doesn't update in real-time, you create confusion and disappointment instead of convenience. This challenge becomes particularly acute as modern customers expect increasingly seamless experiences.Related:The innovation ceiling. When organizations believe theyve gone digital because they've implemented modern interfaces over legacy systems, they often stop pushing for comprehensive change. This creates what I call an innovation ceiling. Its the growing gap between what modern technology could deliver and what your hybrid systems actually allow.More critically, maintaining these patchwork systems consumes resources that could fund complete transformation.This doesn't just limit technical capabilities; it fundamentally constrains business growth and competitive advantage.Break Free from Partial TransformationAs organizations finalize their 2025 technology roadmaps, the path forward requires a new approach:Start with core operations: Begin transformation at your operational core, not just customer interfaces. Focus first on the systems that run your daily business rather than just the ones customers see. This creates a solid foundation for future innovation while minimizing day-to-day complexity.Design for future change: Implement new systems with the flexibility to evolve as technology advances. This approach treats transformation as a continuous journey rather than a one-time project. Build with the understanding that today's modern system will be tomorrow's legacy system.Build organizational alignment: Create clear guidelines that align your entire organization around consistent modernization goals. This reduces the risk of creating new operational gaps during transformation and ensures that every change supports your long-term vision.The Path ForwardAs leaders plan for 2025, we must resist the urge to layer new technology over outdated business models without addressing fundamental operational challenges. Whether you're leading a startup or a Fortune 500 company, a physical or digital business, the principles remain the same: transformation must be comprehensive to be effective.The cost of partial transformation isn't measured just in technical debt. It's measured in lost market opportunities, diminished customer experience, and reduced competitive advantage. As we navigate an increasingly digital future, the question isn't whether to transform; it's whether we're willing to do it right. The organizations that thrive in 2025 and beyond will be those that commit to holistic transformation, understanding that fragmentary solutions create more complexity than they solve.About the AuthorChuck GordonCEO, StorableChuck Gordon is CEO of Storable, a supplier of various products and services for the self-storage industry including cloud-based access control, management software, marketing and website services, payment processing, tenant insurance, and others. In 2018, Chuck cofounded SpareFoot, an Austin, Texas-based company that provides listings for self-storage units.See more from Chuck GordonNever Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.SIGN-UPYou May Also LikeWebinarsMore WebinarsReportsMore Reports

Earlier this month, Mark Zuckerberg announced that Meta will cut back on its content moderation efforts and eliminate fact-checking in the US in favor of the more democratic approach that X (formerly Twitter) calls Community Notes, rolling back protections that he claimed had been developed only in response to media and government pressure. The move is raising alarm bells, and rightly so. Meta has left a trail of moderation controversies in its wake, from overmoderating images of breastfeeding women to undermoderating hate speech in Myanmar, contributing to the genocide of Rohingya Muslims. Meanwhile, ending professional fact-checking creates the potential for misinformation and hate to spread unchecked. Enlisting volunteers is how moderation started on the Internet, long before social media giants realized that centralized efforts were necessary. And volunteer moderation can be successful, allowing for the development of bespoke regulations aligned with the needs of particular communities. But without significant commitment and oversight from Meta, such a system cannot contend with how much content is shared across the companys platforms, and how fast. In fact, the jury is still out on how well it works at X, which is used by 21% of Americans (Metas are significantly more popularFacebook alone is used by 70% of Americans, according to Pew). Community Notes, which started in 2021 as Birdwatch, is a community-driven moderation system on X that allows users who sign up for the program to add context to posts. Having regular users provide public fact-checking is relatively new, and so far results are mixed. For example, researchers have found that participants are more likely to challenge content they disagree with politically and that flagging content as false does not reduce engagement, but they have also found that the notes are typically accurate and can help reduce the spread of misleading posts. Im a community moderator who researches community moderation. Heres what Ive learned about the limitations of relying on volunteers for moderationand what Meta needs to do to succeed: 1. The system will miss falsehoods and could amplify hateful content There is a real risk under this style of moderation that only posts about things that a lot of people know about will get flagged in a timely manneror at all. Consider how a post with a picture of a death cap mushroom and the caption Tasty might be handled under Community Notesstyle moderation. If an expert in mycology doesnt see the post, or sees it only after its been widely shared, it may not get flagged as Poisonous, do not eatat least not until its too late. Topic areas that are more esoteric will be undermoderated. This could have serious impacts on both individuals (who may eat a poisonous mushroom) and society (if a falsehood spreads widely). Crucially, Xs Community Notes arent visible to readers when they are first added. A note becomes visible to the wider user base only when enough contributors agree that it is accurate by voting for it. And not all votes count. If a note is rated only by people who tend to agree with each other, it wont show up. X does not make a note visible until theres agreement from people who have disagreed on previous ratings. This is an attempt to reduce bias, but its not foolproof. It still relies on peoples opinions about a note and not on actual facts. Often whats needed is expertise. I moderate a community on Reddit called r/AskHistorians. Its a public history site with over 2 million members and is very strictly moderated. We see people get facts wrong all the time. Sometimes these are straightforward errors. But sometimes there is hateful content that takes experts to recognize. One time a question containing a Holocaust-denial dog whistle escaped review for hours and ended up amassing hundreds of upvotes before it was caught by an expert on our team. Hundreds of peopleprobably with very different voting patterns and very different opinions on a lot of topicsnot only missed the problematic nature of the content but chose to promote it through upvotes. This happens with answers to questions, too. People who arent experts in history will upvote outdated, truthy-sounding answers that arent actually correct. Conversely, they will downvote good answers if they reflect viewpoints that are tough to swallow.r/AskHistorians works because most of its moderators are expert historians. If Meta wants its Community Notesstyle program to work, it should make sure that the people with the knowledge to make assessments see the posts and that expertise is accounted for in voting, especially when theres a misalignment between common understanding and expert knowledge. 2. It wont work without well-supported volunteers Metas paid content moderators review the worst of the worstincluding gore, sexual abuse and exploitation, and violence. As a result, many have suffered severe trauma, leading to lawsuits and unionization efforts. When Meta cuts resources from its centralized moderation efforts, it will be increasingly up to unpaid volunteers to keep the platform safe. Community moderators dont have an easy job. On top of exposure to horrific content, as identifiable members of their communities, they are also often subject to harassment and abusesomething we experience daily on r/AskHistorians. However, community moderators moderate only what they can handle. For example, while I routinely manage hate speech and violent language, as a moderator of a text-based community I am rarely exposed to violent imagery. Community moderators also work as a team. If I do get exposed to something I find upsetting or if someone is being abusive, my colleagues take over and provide emotional support. I also care deeply about the community I moderate. Care for community, supportive colleagues, and self-selection all help keep volunteer moderators morale high(ish). Its unclear how Metas new moderation system will be structured. If volunteers choose what content they flag, will that replicate Xs problem, where partisanship affects which posts are flagged and how? Its also unclear what kind of support the platform will provide. If volunteers are exposed to content they find upsetting, will Metathe company that is currently being sued for damaging the mental health of its paid content moderatorsprovide social and psychological aid? To be successful, the company will need to ensure that volunteers have access to such resources and are able to choose the type of content they moderate (while also ensuring that this self-selection doesnt unduly influence the notes). 3. It cant work without protections and guardrails Online communities can thrive when they are run by people who deeply care about them. However, volunteers cant do it all on their own. Moderation isnt just about making decisions on whats true or false. Its also about identifying and responding to other kinds of harmful content. Zuckerbergs decision is coupled with other changes to its community standards that weaken rules around hateful content in particular. Community moderation is part of a broader ecosystem, and it becomes significantly harder to do it when that ecosystem gets poisoned by toxic content. I started moderating r/AskHistorians in 2020 as part of a research project to learn more about the behind-the-scenes experiences of volunteer moderators. While Reddit had started addressing some of the most extreme hate on its platform by occasionally banning entire communities, many communities promoting misogyny, racism, and all other forms of bigotry were permitted to thrive and grow. As a result, my early field notes are filled with examples of extreme hate speech, as well as harassment and abuse directed at moderators. It was hard to keep up with. But halfway through 2020, something happened. After a milquetoast statement about racism from CEO Steve Huffman, moderators on the site shut down their communities in protest. And to its credit, the platform listened. Reddit updated its community standards to explicitly prohibit hate speech and began to enforce the policy more actively. While hate is still an issue on Reddit, I see far less now than I did in 2020 and 2021. Community moderation needs robust support because volunteers cant do it all on their own. Its only one tool in the box. If Meta wants to ensure that its users are safe from scams, exploitation, and manipulation in addition to hate, it cannot rely solely on community fact-checking. But keeping the user base safe isnt what this decision aims to do. Its a political move to curry favor with the new administration. Meta could create the perfect community fact-checking program, but because this decision is coupled with weakening its wider moderation practices, things are going to get worse for its users rather than better. Sarah Gilbert is research director for the Citizens and Technology Lab at Cornell University.

La Cuadra San Cristbal was completed in 1968 and includes a private residence, equestrian facilities and extensive landscape gardens1/8show captionOne of the most celebrated private residences designed by Pritzker Prize-winning Mexican Architect Luis Barragn will be turned into a visitor attraction after being acquired by a local businessman.Barragns La Cuadra San Cristbal, a 6.7 acre walled compound on the outskirts of Mexico City, was built in the late 1960s as a private estate encompassing a residence, equestrian facilities, and landscaped gardens.It was acquired by Mexican architect and businessman Fernando Romero in 2017 in the belief that the propertys transition to new owners could risk its integrity.Romero, through his not-for-profit foundation Fundacin Fernando Romero, has announced plans aiming to protect the site and transform it into a cultural resource for the public and the worlds art and architecture community.Over the next decade, a phased programme of upgrades will see the construction of a series of new pavilions adjacent to the compound commissioned from internationally acclaimed architects, including a timber pavilion designed by Kengo Kuma.The former private residence is one of Pritzker Prize-winning Barragns most celebrated worksOther additions will include a permanent exhibition dedicated to the life and work of Barragn, an artist residency programme, a gallery of design objects, a library, a podcast production studio, an events venue, a gift shop and a coffee shop.Romero said the masterplan envisions a platform for endless creativity in one of the most vibrant spaces in Mexico.Fernando Romero, who acquired the site through his foundationOur work at the Fundacin is driven by the belief that architectural innovation and artistic production can help foster a more just and culturally vibrant world, he said.It is a great honor to begin this work by envisioning La Cuadra as a dynamic cultural hub that encourages new possibilities at the intersection of art and architecture.Through a range of programming, we aim to catalyze the power of architecture for the visiting public and celebrate the enduring cultural influence of Luis Barragn.The programme of cultural events will start next month with a talk by Serbian performance artist Marina Abramovi, with the permanent exhibition to open in autumn this year, curated by Jorge Covarrubias, an architect who has restored Barragns Casa Prieto Lpez and Fuente del Bebedero.The exhibition will showcase Barragns first modernist buildings in Mexico City and provide a closer look at eight main works, including Casa Gilardi and Torres de Satlite.Barragn won the Pritzker Prize in 1980, and his personal home, the Luis Barragn House and Studio, was made a UNESCO World Heritage Site in 2004.His modernist work, initially influenced by Le Corbusier, took on his characteristic colourful and playful style from the 1950s, emphasising open space, calmness and a subtle use of light.

The project will substantially redevelopa 3,955m site which historically formed the estate of a large house in Fitzjohns Avenue, delivering a three-storey partial rebuild and a new five-storey, angular housing block.The scheme is less than half a mile from the practices Hampstead Mansion block, designed specifically for older residents and featuring an unusual honeycomb floorplan, which won the AJ Architecture Award for the Health and Wellbeing category in 2023.The latest development includes major alterations to an existing three-storey, 1930s red brick extension, which will be converted and extended from one house to four, while the new housing block will be built at the rear on land opposite Maresfield Gardens.AdvertisementSergison Bates said its new housing block has been designed around mature trees, which led to its unusual massing, roughly divided into two halves that are hinged at their central junction. Source:Sergison Bates (taken from planning documents)The project will deliver 4,676m residential floorspace across 33 homesfor developer and site-owner West Hampstead Projects, plus four affordable houses off-site, secured via a Section 106 legal agreement.Camden Councils planning committee voted narrowly to approve the scheme last week (23 January), with five councillors in favour and three against, following a lengthy debate over its lack of any on-site affordable housing provision.At least five local households had also objected on the grounds of affordable housing provision, alongside fears of overdevelopment on the site. Source:Camden Council planning committee documentsIn a report to committee, Camden Council planning officers stated that, while council policy demands a target of 50 per cent affordable housing for developments of 25 or more homes, the policy makes clear that this figure depends on the viability of the scheme.AdvertisementOfficers concluded that, in this case, the scheme is clearly in deficit and cannot contribute to affordable housing, adding: The applicant has demonstrated that it is not financially viable.Recommending the Sergison Bates-designed scheme for approval, Camdens planning officers praised its high-quality design [which aims to] integrate itself into the verdant green setting, concluding that the housing would make positive use of an underused residential building and back garden site, and provide much-needed homes in a highly sustainable location. Source:Sergison Bates (taken from planning documents)Approved: Sergison Bates' proposal for a residential development in CamdenAs well as the 1930s extension, which is currently connected awkwardly to the main house, the site includes fragments of functions, from a derelict asphalt tennis court to various neglected and overgrown gardens, according to a design and access statement (D&A).Alterations to the existing building will include adding a third floor via an inset mansard roof, adding an additional storey to its northern bay, and replacing sash windows to transform the building from a single-family home into four large, six-bed family homes, including two townhouses and two maisonettes.The existing link to the main house will be removed, thereby enabling the gap between the two buildings and the views of the roofscape against the sky to be restored.Meanwhile, the new housing block will be embedded into the landscape, Sergison Bates explained, with a footprint 'shaped by the mature trees in the north, west and south of the site, as well as the main house to the east.The architects explained: To address both conditions the building mass is roughly divided into two halves that are hinged at their central junction.As per the Section 106 agreement, West Hampstead Projects will provide four off-site affordable homes, comprising two-bed houses for social rent, on another site that it owns in Liddell Road, West Hampstead.The Sergison Bates scheme is a development of an earlier planning permission from 2018, which included refurbishing and adding one storey and a rear extension to the existing 1930s building.It forms around two thirds of a wider site incorporating a landscape-led masterplan in Fitzjohns Avenue, the rest of which is to be dealt with via a separate application.

Seattle offers plenty of internet provider options -- find the perfect fit for you with the best coverage, speed, reliability and pricing.

Key takeaways Today's top CDs boast APYs as high as 4.65%.If the Fed pauses rates today as expected, APYs are likely to stay high for now.Locking in your APY now shields your returns from rate cuts in the coming months. All eyes are on the Federal Reserve today as it decides what to do next with interest rates. Experts believe it will hold them steady for now, but they predict rate cuts later this year. That means now's the time to lock in a high rate and protect your earning potential.You can earn up to 4.65% annual percentage yield, or APY, with today's best CDs. That's more than twice the national average for some terms. And since your APY is fixed when you open a CD, your returns will stay the same whatever the Fed does in the coming months.Here are some of the highest CD rates and how much you could earn by depositing $5,000.Today's best CD rates Term Highest APY*BankEstimated earnings6 months 4.65%CommunityWide Federal Credit Union$114.931 year 4.45%CommunityWide Federal Credit Union$222.503 years 4.15%America First Credit Union$648.695 years 4.25%America First Credit Union$1,156.73 Experts recommend comparing rates before opening a CD account to get the best APY possible. Enter your information below to get CNET's partners' best rate for your area.How the Fed's decisions affect CD ratesAPYs on CDs and savings accounts have been dropping since the Fed cut interest rates at its last three meetings. But with inflation rising again, experts believe the Fed will hold rates steady at its Jan. 29 meeting. And banks are hedging their bets by keeping CD rates relatively flat for now, particularly given the uncertainty around the new administration's policies."Current signals suggest a cautious, wait-and-see approach to determine the pace of interest rate cuts this year," said Chad Olivier, certified financial planner and CEO of The Olivier Group.While the Fed is still projected to ease rates later this year, "the markets are, in some respect, waiting to see what happens with the new administration before they really step in and get aggressive on lower interest rates," Olivier said.By securing a high APY now, you can maximize your savings. Your APY is locked in when you open a CD, which means your rate of return stays the same regardless of where the Fed's benchmark rate goes after that.You can earn up to 5% APY on the best high-yield savings accounts. Check out today's rates.Average CD rates from week to week Term Last week's CNET average APYThis week's CNET average APYWeekly change**6 months 4.11%4.10%-0.24%1 year 4.05%4.06%0.00253 years 3.53%3.54%0.00285 years 3.52%3.55%0.0085 What to look for in a CDA competitive APY is important, but it's not the only thing you should keep in mind. To find the right CD for you, weigh these factors too:When you'll need your money: Early withdrawal penalties on CDs can eat into your interest earnings if you need your money before the term ends, so choose a timeline that makes sense. Alternatively, you can select a no-penalty CD, although the APY may not be as high as you'd get with a traditional CD of the same term.Minimum deposit requirement: Some CDs require a minimum deposit to open an account, typically $500 to $1,000. Knowing how much money you have to set aside can help you narrow your options.Fees: Maintenance and other fees can cut into your savings. Many online banks don't charge fees because they have lower overhead costs than banks with physical branches. Read the fine print for any account you're evaluating.Safety and security: Make sure the bank or credit union you're considering is an FDIC or NCUA member so your money is protected if the bank fails.Customer ratings and reviews: Visit sites like Trustpilot to see what customers are saying about the bank. You want a bank that's responsive, professional and easy to work with.MethodologyCNET reviews CD rates based on the latest APY information from issuer websites. We evaluated CD rates from more than 50 banks, credit unions and financial companies. We evaluate CDs based on APYs, product offerings, accessibility and customer service.The current banks included in CNET's weekly CD averages include Alliant Credit Union, Ally Bank, American Express National Bank, Barclays, Bask Bank, Bread Savings, Capital One, CFG Bank, CIT, Fulbright, Marcus by Goldman Sachs, MYSB Direct, Quontic, Rising Bank, Synchrony, EverBank, Popular Bank, First Internet Bank of Indiana, America First Federal Credit Union, CommunityWide Federal Credit Union, Discover, Bethpage, BMO Alto, Limelight Bank, First National Bank of America and Connexus Credit Union.*APYs as of Jan. 28, 2025, based on the banks we track at CNET. Earnings are based on APYs and assume interest is compounded annually.**Weekly percentage increase/decrease from Jan. 21, 2025, to Jan. 27, 2025.More on CDs

January 28, 2025Why 2025 is an Exciting Year in HeliophysicsFrom space weather to science missions, theres a lot to be excited about in heliophysics this year. Anaissa Ruiz Tejada/Scientific AmericanSUBSCRIBE TO Science QuicklyRachel Feltman: For Scientific Americans Science Quickly, Im Rachel Feltman. Life as we know it couldnt exist without the sun, but we know surprisingly little about our host star. Thats where the field of heliophysics comes inand 2025 is set to be a banner year for folks who study the sun.Here to tell us more is Meghan Bartels, a senior news reporter at Scientific American.Meghan, thanks so much for coming on to chat today.On supporting science journalismIf you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.Meghan Bartels: Thanks so much for having me.Feltman: First question, obvious question: What is heliophysics?Bartels: Yeah, so heliophysics is the study of the sun and also its influence on the solar system. And thats a really big topic because the solar windwhich is basically, like, plasma of particles that flow off the sunand also the suns magnetic field, those two phenomena stretch all the way beyond the orbit of Pluto, more than 100 times the distance that Earth is from the sun.Feltman: Wow.Bartels: Yeah.Feltman: And why is 2025 such an exciting year for heliophysics?Bartels: Yeah, so there are a couple of different things that are aligning this year.First, the sun has been and still is in the maximum phase of its 11-year solar cycle. Solar max began more than two years ago, and scientists expect that it will last about three or four years total this time around. And during solar max, and even as that activity begins to wane, the sun will keep spitting out radiation flares and blobs of plasma, and that gives scientists a whole lot of new data to play with, and thats really exciting.And then another factor is that there are a whole bunch of really cool science missions that are designed to study various aspects of the heliosphere that are all due to launch in the coming year. And you know how excited scientists get about new missions [laughs].Feltman: [Laughs]Absolutely.Bartels: Yeah, and then another factor, which, like, sounds bureaucratic, but, like, at the end of the year heliophysicists got a really important report from the National [Academy] of Sciences, and it outlines the fields priorities for the next decade; its called a decadal report, and a lot of various aspects of [space] science has this. And so it specifies, like, what spacecraft and what telescopes researchers should build, which they should prioritize given the money they have, and its one of those things that, like, sounds boring [laughs] but is, like, actually really cool. And so this time around the two big spacecraft missions that they endorsed are: One is a mission designed to study the poles of the sun, which weve never actually seen directly. And the other is a fleet of 26 satellites that would all orbit Earth, and they would study how the suns activity, it affects our planet.And then theres anothertheres a third massive project, and thats ground-based. That would create the next generation of this ground-based array. The current version observes the sun constantlyits surrounding Earth, so it always sees the sunand it studies the waves that pass through the suns interior, just like seismology on Earth ...Feltman: Mm-hmm.Bartels: Its called helioseismology. Its a way of studying the interior and the far side of the sun. So its super-cool stuff.Feltman: Very cool. And with this decadal report these are things that havent started up yet, that ...Bartels: Exactly.Feltman: Theyrethe government is saying, You should do these.Bartels: Yeah, the government panel, like, surveys scientists ...Feltman: Hmm.Bartels: Its this whole long process; it takes, like, years to do. And then, yeah, it covers a 10-year period. And this is, like, starting from things that are just totally designed. Theyre, like, theyre, theyre just in the design phase. Theyre, like, all on paper right now, and nothings built. And so, like, were still building and launching stuff from the last decadal, and then this will be, like, into the next decade, yeah.Feltman: Very cool, and I definitely wanna get into some missions that are more in progress ...Bartels: Mm-hmm.Feltman: But also its just wild to me that we havent seen the suns poles directly. What kinda stuff are we hoping to learn when we finally get a good look at those [laughs]?Bartels: Yeah, it, it is really wild. There was a mission called Ulysses a while ago that got some data from the poles but couldnt actually see them up close. And then theres a European mission flying now called Solar Orbiter, and its gonna sneak up a little bit out and take a somewhat tilted orbit around the sun, but its not gonna be able to fly over the poles kind of thing, and thats what this future mission hopes to do.And its really important because the sun is basically a gigantic magnet, and seeing the poles of that magnet and seeing how the poles work and how the magnetism plays out over the entire surface of the sun, thats really important for understanding whats actually happening in the sun and during that 11-year activity cycle cause thats also all governed by magnetism.Feltman: Totally. Yeah, getting back to some of the stuff thats ongoing, tell me about some of the upcoming or ongoing missions in the heliophysics world. What are people most excited about?Bartels: Yeah, so it is going to be a really great year for heliophysics missions. One that is really cool isNASAs launching a mission called the Interstellar Mapping and Acceleration Probe, or IMAP. And that is going to stay within the inner solar system, but its gonna actually map the edge of the heliosphere, so where the solar wind drops off ...Feltman: Mm-hmm.Bartels: And where the suns magnetism drops off. And thats really important because we actually have no idea what shape the heliosphere is.Feltman: Mm.Bartels: It could be, like, a comet shape with a long tail. It could be, like, this wild croissant shape. No one really knows, and, like, its really hard to see it all directly, and then weve crossed through it twice with instruments on board with the two Voyagers, but that gives you two points; that doesnt give you the shape. So that should be really cool.Another upcoming mission is called the Polarimeter to Unify the Corona and Heliosphere, or PUNCH.Feltman: I was gonna saywhats the acronym ...Bartels: [Laughs] Theres always an acronym; its NASA ...Feltman: Cause whenever I hear a name like that, Im like, What acronym were they working on? [Laughs]Bartels: Yeah, yeah, thats PUNCH. PUNCH is supposed to launch in late February, and that is four satellites that are each the size of a suitcase, and theyre gonna watch the sun 24/7. Theyre gonna watch as the suns corona, the outer atmosphere, as it, like, turns into the solar wind and becomes this phenomenon that spreads all the way across the solar system and really try to understand how that transition happens.And then a third one that I think is really cool isanother delightful nameEscape and Plasma [Acceleration] and Dynamics Explorers, which you can just call ESCAPADE [laughs]. And ESCAPADE is a pair of spacecraft that, actually, theyre gonna go to Mars.Feltman: Oh, wow.Bartels: Theyre not staying by Earth; theyre gonna go to Mars, and theyre gonna study how the solar wind affects Mars and its atmosphere and how they interact.And there, there are others, too. Those are just a few, so, yeah, its gonna be a really cool year.Feltman: And why is it important, other than just the awesomeness of it all, for us to better understand our sun?Bartels: [Laughs]Yeah. This is where you get into something called space weather. So space weather is, basically, because of all the stuff that the sun sends out into the solar system and because the Earth has magnetic fields and has atmosphere, all of those phenomena interact in ways that are really interesting but also can cause some hiccups. If you get a really big solar flare or [coronal mass ejection], an outburst of plasma, you can end up with really cool things like the aurora, but you can also end up with problematic thingslike, those things can be dangerous for astronauts in space, they can damage spacecraft and satellites, and really strong events can also cause problems with the power grid on Earth itself.And so scientists want to basically approach space weather like meteorologists approach weather [laughs]: They wanna be able to predict it. They wanna understand whats going to be coming toward us with enough warning time for people to respond and protect people and infrastructure. And that all requires a much better understanding of the sun than we have right now. We basically dont have the ability to predict events like that. We have a spacecraft thats stationed a million miles away from Earth toward the sun, and that is, like, the warning beacon ...Feltman: Hmm.Bartels: And it watches the sun, and it tells us whats coming, and thats helpful, but its nowhere near the forecast you have on your phone or the forecast warnings that you can get for a hurricane. Thats much more robust and more predictive and gives people much better tools to respond.Feltman: Yeah, that definitely seems like a worthwhile endeavor, and selfishly I hope that we also can get some aurora forecasting in there cause eveeven with all of the auroral activity I have not been able [laughs] to make it happen ...Bartels: [Laughs] Neither have I.Feltman: And I would love my phone to be able to tell me where to go and when ...Bartels: For sure.Feltman: Are there any other big questions that theyre trying to answer right now?Bartels: Yeah, so another big, long-standing question about the sun is the corona. Its a lot hotter than, actually, the visible surface of the sun. So dont look at the sun with just your eyes; you need eye protection, you need solar eclipse glasses, something like that. But, like, the surface of the sun that you see through those protective lenses, that is, like, nearly 10,000 degrees Fahrenheit, so it sounds pretty hot. But the thing is, the corona, which isif you see a picture of the total solar eclipse, the corona is the, like, white, spiky part ...Feltman: Mm-hmm.Bartels: Around the disc of the moonthat can get up to 3.5 million degrees F, and scientists dont understand that heat jump at all. Like, that ...Feltman: Right.Bartels: Its totally ...Feltman: It gets hotter farther away.Bartels: Exactly.Feltman: Whats happening [laughs]?Bartels: Ifthey talk about: if you walked away from a campfire and it suddenly got hotter, thats whats going on here. And no one understands, like, how or why that is happening, and a really big mysterythats one of the more, maybe, academic or intellectual ones, but because the corona feeds the solar wind, its also gonna have big implications for life here on Earth.Feltman: Absolutely. Well, thanks so much for coming on to chat about the sun with us and excited to have you back on when we start getting some of these answers back.Bartels: [Laughs]Cant wait.Feltman: Thats all for todays episode. If you want to learn more about heliophysics, you can check out Meghans recent article for SciAm; well have a link in our show notes.Science Quickly is produced by me, Rachel Feltman, along with Fonda Mwangi, Kelso Harper, Madison Goldberg and Jeff DelViscio. Todays episode was reported and co-hosted by Meghan Bartels. Shayna Posses and Aaron Shattuck fact-check our show. Our theme music was composed by Dominic Smith. Subscribe to Scientific American for more up-to-date and in-depth science news.For Scientific American, this is Rachel Feltman. See you next time!

Bungie has lifted the lid on a surprising new crossover for Destiny 2: cosmetics from the world of Star Wars. Read more