Cisco patches critical flaw in Prime Home device management server

Cisco Systems has fixed a critical vulnerability that could allow hackers to take over servers used by telecommunications providers to remotely manage customer equipment such as routers.20151005 cisco hq sign 100620823 orig

The vulnerability affects Cisco Prime Home, an automated configuration server (ACS) that communicates with subscriber devices using the TR-069 protocol. In addition to remotely managing customer equipment, it can also “automatically activate and configure subscribers and deliver advanced services via service packages” over mobile, fiber, cable, and other ISP networks.

“A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges,” Cisco said in its advisory.

Attackers could exploit the vulnerability by sending API commands over HTTP to a particular URL without requiring authentication. The flaw is caused by a processing error in the role-based access control of URLs, Cisco explained.

In the past, security researchers found vulnerabilities in the TR-069 implementation of many routers that could have allowed hackers to remotely take over those devices. However, a vulnerability in an ACS like Cisco Prime Home is much worse, because it can be used to take control of entire groups of subscriber devices at once.

According to Cisco’s documentation, the admin role on the Cisco Prime Home has access to the server’s customer support, administration, and audit functions, as well as the ability to perform bulk operations and access utilities and reports.

The vulnerability affects Cisco Prime Home versions 6.3.0.0 and above. Customers are advised to migrate to the latest, fixed version: 6.5.0.1.

The company has also warned customers of a medium-risk URL redirect vulnerability in the Cisco Prime Service Catalog, a product that allows companies to set up self-service portals, provide IT service catalogs for data center and application services, and manage service requests.

An attacker could exploit the vulnerability to redirect a user logged into the Cisco Prime Service Catalog to a phishing site in order to steal their credentials.

New WhatsApp beta feature looks to eliminate the pain of embarrassing texts

We’ve all been there. You go to send a text message to your friend and you hit send before you’ve finished typing. Or there’s an embarrassing autocorrect error. Or worse, you’ve sent it to your boss instead of your co-worker.dsc05664

WhatsApp is testing a way to eliminate the stress over text messages. Spotted by Mashable on the Twitter account @WABetaInfo, the latest beta version of the app seemingly includes a way to revoke and edit messages after they’ve been sent.

A new feature in the WhatsApp beta allows you to revoke and edit messages after they’ve been sent.

According to WABetaInfo’s screenshot, the recipient would receive an indication that the sender revoked the message, so the exchange wouldn’t be completely stricken from the record. Furthermore, the feature is only allowed if the recipient hasn’t read the message yet, so it’s unclear whether it would work if the recipient has notifications turned on. And it also doesn’t say whether there’s a time limit for which users will be able to access the delivered messages, even if they haven’t been read yet.

While the screenshot shows the iOS version of the app, Mashable reports that the feature is being tested in the Android version of the app as well. While WhatsApp allows users to receive beta versions in the Play Store, the feature doesn’t appear to be active in the most recent version, marked 2.17.42, which posted yesterday.

Also of note in the betas, according to WABetaInfo, is the ability to delete and mute statuses and receive notifications about low battery during a call, as well as an optional live location feature to track friends who are participating in a group conversation.

While WhatsApp may very well be testing a game-changing new feature for habitual texters, it’s entirely possible that it never sees the light of day. There are several questions regarding how such a feature would be implemented, so it’s likely going to be many months before we hear much about it making its way ointo the main version of the app, if it ever does. But for now, it’s nice to dream.

This story, “New WhatsApp beta feature looks to eliminate the pain of embarrassing texts” was originally published by Greenbot.

This week in games: Overwatch gets a server browser, Project Cars 2 targets 12K and more

More Kickstarter news this week. Can you believe it? Last week I joked about a renaissance but now I’m pretty sure it’s actually happening.Project Cars 2

That, plus Overwatch gets a server browser, South Park delays a second time, a bevy of launch trailers and announcement trailers and trailer trailers, and Project Cars 2 talks about supporting 12K resolutions. Mmmm, that’s a lot of pixels.

This is gaming news for February 6 through 10.

Another chance for me to talk about Stasis? Excellent. If you don’t know, Stasis is the best horror game you (probably) didn’t play in 2015. An isometric horror game in the vein of the classic Sanitarium, Stasis is some excellent derelict space ship sci-fi.

And now the developers are working on a follow-up, titled Beautiful Desolation. Like PC Gamer, I apparently missed word on this in January, but there’s a Kickstarter campaign and everything. I’m not a huge fan of the name, but I am a huge fan of the art on display so far, and fervently hope it reaches its funding goal.

Let’s keep on the crowdfunding theme for a second and talk about inXile. The studio released details on both the upcomingTorment: Tides of Numenera and the slightly-less-upcoming Bard’s Tale IV this week, with a look at Torment’s story and Bard’s Tale’s combat. Here’s Torment:

And Bard’s Tale:

Halo Wars 2 launches next week, at least for Ultimate Edition buyers. Will it be good? No idea, but it sure does have some beautiful cinematics.

It’s not the sexiest update, but Overwatch is getting a server browser to complement its bevy of matchmaking systems. Want to play a custom game with friends? You can finally—nine months after release—do so.

I’d sort-of forgotten that Slightly Mad Studios has been working on Project Cars 2. Hard to forget, given the stink people made when the sequel was originally announced, coming as it did mere months after the release of the original. But regardless, I’d forgotten.

There’s video now though—gorgeous video. Also, support for 12K resolutions (12K!) and more. Time to upgrade your graphics card, sim racers.

Speaking of racing games…well, actually no. The big news this week is that Playground Games, developer of the beloved Forza Horizon series, is working on a new game—and it’s not a racing game. According to GamesIndustry.biz , Playground is opening a second studio and branching out into a new genre, in addition to (presumably) the 2018 Forza Horizon game.

If this mythical second project ends up even half as good as Forza Horizon, we’re in for a treat.

Bad news, South Park fans: Latest game The Fractured But Whole has been delayed yet again, this time to a rather ambiguous “sometime this year.” That’s the second delay for the superhero-themed sequel, which was originally supposed to arrive in December and then was pushed to early 2017. Now? Well, we’ll see.

Cue the Miyamoto quote about a bad game being bad forever, and et cetera.

Ubisoft’s doing just okay with-or-without South Park though, I imagine. Case in point: Rainbow Six Siege is still humming along, still 2015’s best shooter, and just about to start its second season of DLC characters and maps. You’ll get four minutes of that below, with a look at the new “Velvet Shell” operators and Coastline map.

Oh, and Ubisoft also brought back the Rainbow Six Siege Starter Edition. For $15 you get the game and access to four operators, with a whole lot of grinding if you want to unlock the rest—or you try it, enjoy it, and buy the full game (maybe when it goes on sale?) to continue as normal. Your call.

Okay, more Ubisoft news. Ghost Recon: Wildlands is set to release in March. Ubisoft’s continued its tradition of “Silly Live-Action Trailers” for this one—except this time they’ve made a whole live-action movie. There’s a teaser below. Go microwave some popcorn. I’ll wait.

Ford to pump $1B into AI for driverless cars

Ford plans to spend US$1 billion over the next five years on the development of an artificial intelligence system for driverless cars.ric pa autonomous fusion

Ford will investment the money in Argo AI, a start-up founded by former leaders from Google and Uber’s self-driving car research units, and they will work toward the goal of a system that’s ready for deployment in 2021.

The research will be focused on a virtual driver system capable of operating at what’s called “SAE level 4.” It’s one of five levels defined for self-driving cars and specifically describes an autonomous car that’s capable of completely controlling the vehicle in almost any condition. After it has been engaged, drivers do not need to pay attention to the driving.

It’s a step more advanced that many of today’s demonstration systems, which still require driver control in many situations, and one step down from full automation.

Ford has already said that it’s hoping to have a level-4 commercial vehicle ready for sale in 2021.

Argo AI is based in Pittsburgh and was recently founded by Bryan Salesky, who headed hardware development at Waymo, Google’s self-driving car unit, and Peter Rander, who was an engineer at Uber’s autonomous car research project.

Like other auto makers, Ford has already begun researching autonomous driving technology, but Friday’s announcement, which also makes Ford majority shareholder in Argo AI, goes beyond the company’s own cars.

Ford said the technology could be licensed to other companies looking at autonomous technology. That’s a departure from much of the driverless car research to date, which has been focused on the company’s own vehicles.

Argo AI will have about 200 employees working on the project once it gets up and going.

On land and in space, IoT networks can now cover the planet

The whole idea of IoT is to connect more things, including devices far from a company’s data centers or maintenance crews. For enterprises that have things all over the world, vendors and service providers are starting to look at the big picture.20160224 stock mwc nokia booth sign

At Mobile World Congress later this month, Nokia will show off what it calls WING  a virtual global infrastructure that may include multiple private and carrier networks and satellite systems, depending on what an enterprise needs to connect and how it intends to use the data that’s collected.

“A global enterprise can actually have what they think is their own virtual network of global connectivity for their IoT devices,” said Phil Twist, vice president of mobile networks marketing & communications, in a briefing this week. WING will be commercially available in the second half of this year.

Nokia announced WING on Friday, just days after Inmarsat started talking about its own foray into global IoT. The venerable satellite operator is linking low-power, unlicensed LoRaWAN networks with its worldwide fleet of spacecraft. Real-world use cases for that setup, including cattle-tracking in Australia and water monitoring on a remote plantation in Malaysia, hint at what’s possible with that combination.

WING is a broader vision of a managed service that may include low-power networks, cellular, Wi-Fi and wired infrastructure in addition to satellites. It doesn’t rely on Nokia hardware, so it can run on networks built by competing vendors. Nokia can virtually string together a set of networks for a service provider or for a multinational enterprise.

Companies could use WING to stay connected to networked cars or freight containers as they move around the world, automatically getting handed off from satellite to cellular and other networks as they come into range, Nokia says.

Nokia’s Impact IoT platform will manage all the devices and the subscriptions to various service providers. It can use eSIMs, a software-defined form of the Subscriber Identity Modules in cellphones, to shift devices from one carrier to another as they move across borders.

Impact will also analyze data coming from IoT devices, primarily for operational purposes like optimizing security and customer experience, but also for some vertical applications. The vertical-markets focus will be on the energy, health care, public safety, transportation and auto industries, plus smart cities. Impact already includes an analytics platform for streaming video, designed for things like monitoring traffic patterns.

Privacy groups claim FBI hacking operation went too far

Privacy advocates are claiming in court that an FBI hacking operation to take down a child pornography site was unconstitutional and violated international law.

That’s because the operation involved the FBI hacking 8,700 computers in 120 countries, based on a single warrant, they said.Legislation of privacy security keyboard law legal gavel court ruling

“How will other countries react to the FBI hacking in their jurisdictions without prior consent?” wrote Scarlet Kim, a legal officer with U.K.-based Privacy International.

On Friday, that group, along with the Electronic Frontier Foundation (EFF) and the American Civil Liberties Union of Massachusetts, filed briefs in a lawsuit involving the FBI’s hacking operation against Playpen. The child pornography site was accessible through Tor, a browser designed for anonymous web surfing. But in 2014, the FBI managed to take it over.

In a controversial move, the agency then decided to use the site to essentially infect visitors with malware as a way to track them down.

As a result, the FBI is prosecuting hundreds who were found visiting the site, but it also happened to hack into computers from 120 countries.

On Friday, the three privacy groups filed briefs in a case involving Alex Levin, a suspect in the FBI’s Playpen investigation who’s appealing the way the agency used malware to gather evidence against him.

Privacy International claims that the warrant the FBI used to conduct the hacking is invalid. This is because the U.S. was overstepping its bounds by conducting an investigation outside its borders without the consent of affected countries, the group said.

According to Privacy International, the case also raises important questions: What if a foreign country had carried out a similar hacking operation that affected U.S. citizens? Would the U.S. welcome this?

The EFF and ACLU also claim that the FBI’s warrant was invalid, but they cite the U.S. Constitution, which protects citizens from unreasonable searches.

“Here, on the basis of a single warrant, the FBI searched 8,000 computers located all over the world,” EFF attorney Mark Rumold wrote in a blog post. “If the FBI tried to get a single warrant to search 8,000 houses, such a request would unquestionably be denied.”

A key concern is that a warrant to hack into so many computers will set a precedent. “Even serious crimes can’t justify throwing out our basic constitutional principles,” Rumold said.

U.S. attorneys have argued in court that the FBI followed proper procedures in obtaining its warrant from a federal judge. They said the FBI’s hacking techniques managed to identify hundreds of Playpen users who otherwise were cloaked in anonymity.

Allowing the Playpen suspects “to evade capture and carry on abusing children in the dark shadows of Tor would be repugnant to justice,” the U.S. attorneys argued in court in October.

Intel researches quantum computing and neuromorphic chips for future PCs

Intel realizes there will be a post-Moore’s Law era and is already investing in technologies to drive computing beyond today’s PCs and servers.0853 as 26

The chipmaker is “investing heavily” in quantum and neuromorphic computing, said Brian Krzanich, CEO of Intel, during a question-and-answer session at the company’s investor day on Thursday.

“We are investing in those edge type things that are way out there,” Krzanich said.

To give an idea of how far out these technologies are, Krzanich said his daughter would perhaps be running the company by then.

Researching in these technologies, which are still in their infancy, is something Intel has to do to survive for many more decades. Shrinking silicon chips and cramming more features into them is becoming difficult, and Intel is already having trouble in manufacturing smaller chips.

Smartphones, PCs, and other devices are getting smaller, faster and more power efficient thanks to Moore’s Law, a 1965 observation loosely stating that the number of transistors in a die area would double every two years, causing performance to double while driving down the cost of making chips.

Intel has been using Moore’s Law as a guiding star to make faster and smaller chips and reducing the price of devices. However, it is widely agreed that Moore’s Law is slowly dying, and Intel’s manufacturing struggles are growing.

For decades, Intel’s business has been heavily reliant on its ability to make and deliver chips. But the process is slowing down. Intel used to advance manufacturing processes every two years, and that has now changed to three to four years.

One way to resolve that crisis—which all chipmakers face—is to completely change the current computing model in PCs, smartphones, and servers. The current model—known as the Von Neumann approach—involves data being pushed to a processor, calculated, and sent back to memory. But storage and memory are becoming bottlenecks.

The answer is to adopt new models of computing, which is where quantum computers and neuromorphic chips fit in. Quantum computers have the potential to be powerful computers harnessing the unique quality of a large number of qubits to perform multiple calculations in parallel. Neuromorphic chips are modeled after the human brain, which could help computers make decisions based on patterns and associations.

Intel has made some advances in quantum computing and neuromorphic chips. But Krzanich’s comments lend more credibility to the company’s push to look at a future beyond today’s computing models.

Some short-term answers can resolve the bottlenecks based on Von Neumann model, including Optane, Intel’s new form of super-fast memory and storage. It could unite SSDs and DRAM in systems, cutting one bottleneck. Intel is also embracing silicon photonics, which could resolve throughput issues in data centers. Both technologies have researched for more than a decade and are now practical.

The chipmaker has lived off the PC industry for decades but is now looking to grow in markets like data centers, the internet of things, automotive and high-performance computing. The new focus is bringing a gradual change to the way Intel makes chips. It’s similar to the 1970s, when different types of chips like vector processors and floating point arrays were crammed together for complex calculations.

For example, Intel is slapping together two separate functional blocks for applications like machine learning and autonomous cars. Intel envisions FPGAs combining with CPUs in autonomous cars. Later this year, the company will release a chip called Lake Crest, which combines a Xeon server CPU with deep-learning chip technology it picked up through its Nervana Systems acquisition. Intel is also merging an FPGA inside an Intel Xeon chip to carry out machine learning tasks.

Intel is expecting a lot of data to be generated by sources like autonomous cars, which will need edge processing for tasks like image recognition, analysis, and map updates. Intel is pushing its wide roster of co-processors to the edge, and that is where the quantum and neuromorphic chips may fit.

Quantum computer research is also being done by other companies. D-Wave recently released a 2,000-qubit quantum computer based on quantum annealing, while IBM has a 5-bit quantum computer accessible via the cloud. IBM is also playing with brain-like chips and has benchmarked its TrueNorth chip, which has a million neurons and 256 million synapses.

Academic institutions like the University of Heidelberg in Germany, Stanford University, and the University of Manchester in the U.K. are also working on neuromorphic chips. HPE has shown a computer that emulates the human brain, and it intends to adapt ideas from that for servers.

LG leaks seemingly reveal G6, co-designed Google watches

CNET has released additional information about the G6. This article has been updated to reflect this news.lg g6 leak

With the Mobile World Congress show just about a month away, rumors are starting to ramp up, but we might have already seen the biggest leak of all. With Samsung bowing out of MWC to fine-tune the Galaxy S8 a little longer, the star of this year’s show might very well be the LG G6, and the first purported partial image of the new handset is already in the wild.

The Verge has published what appears to be an official product shot of the G6, and it looks like it’s going to be a stunner. As expected, the handset features narrower bezels than the G5 and a 5.7-inch Quad HD LCD screen with a unique super-wide 2:1 ratio. According to the site, the phone will dispense of the modular chin that the G5 introduced, focusing instead on turning heads with an all-glass design.

Elsewhere, the phone is expected to retain the 3.5mm headphone jack and be waterproof, while retaining the G5’s dual-camera setup and rear-mounted fingerprint scanner, since there won’t be room for it on the front. The Verge reports that the G6’s screen-to-bezel ratio “is greater than 90 percent, and though its bottom isn’t shown in the image, it’s only slightly taller than the top bezel.”

In a separate report, CNET claims that in addition to ditching the modular concept for the G6, LG will completely seal the phone as it promotes full water resistance. That also means the battery will not be removable this time around, previously one of the standout features of LG’s flagships. Additionally, the publication confirms that the phone will be powered by the Snapdragon 821 rather than the upcoming 835, which is reportedly launching with the Galaxy S8 in April.

One bright spot for the G6, according to CNET, will be support for Google Assistant, which would make the handset one of the first phones other than the Pixel to include Google’s digital helper. HTC’s U Ultra is including is own assistant called Companion (though the company does have plans to incorporate Google Assistant at some point), and Huawei’s Mate 9 opted to partner with Amazon to include Alexa. CNET also reports that LG will be adding Alexa into the G6 “later this year.”

lg sport style leak

Also leaking on the LG front are low-resolution pics of what could very well be the Android Wear 2.0 smartwatches the company co-developed with Google. TechnoBuffalo has published a pair of images that match up pretty well with the rumors so far—two sizes, circular displays, a crown, a bit of chunkiness—but it’s hard to glean much else. It was previously reported that the larger model would feature a 1.38-inch display and sport a 480×480 screen, with the smaller Style having a 1.2-inch, 360×360 display.

Most notably, the larger Sport model pictured includes a pair of buttons above and below the crown, while the smaller Style watch does not. Previously, it had been reported that the larger model would include cellular connectivity, GPS, and NFC, so the buttons could be used for Android Pay or some other feature not available on the Style.

 While nothing is confirmed, the images here look like LG is going to seriously shake things up with its upcoming releases. While we’ll need to see the watches in person to get a true feel for them, the image of the G6 looks like a massive improvement over last year’s model, and with Samsung pushing its Galaxy S8 launch back, LG could be in a position to capitalize with an early sales boost. That would be good news for the company, as last year’s flagships failed to resonate much with consumers.

This story, “LG leaks seemingly reveal G6, co-designed Google watches” was originally published by Greenbot.

AI-based typing biometrics might be authentication’s next big thing Advances in machine learning pave the way for typing-based au

Identifying or authenticating people based on how they type is not a new idea, but thanks to advances in artificial intelligence it can now be done with a very high level of accuracy, making it a viable replacement for other forms of biometrics.Research in the field of keystroke dynamics spans decades.

Research in the field of keystroke dynamics, also known as keyboard or typing biometrics, spans back over 20 years. The technique has already been used for various applications that need to differentiate among computer users, but its widespread adoption as a method of authentication has been held back by insufficient levels of accuracy.

Keystroke dynamics relies on unique patterns derived from the timing between key presses and releases during a person’s normal keyboard use. The accuracy for matching such typing-based “fingerprints” to individual persons by using traditional statistical analysis and mathematical equations varies around 60 percent to 70 percent, according to Raul Popa, CEO and data scientist at Romanian startup firm TypingDNA.

Some vendors have invested a lot of money over the past 10 years in an attempt to improve the precision of typing biometrics, but true success has only been achieved over the past two or three years due to advances in machine learning, Popa said.

Popa’s company has used these advances to develop AI-powered typing pattern recognition technology that it claims has an accuracy of more than 99 percent and can even reach 99.9 percent when there is a sufficiently large typing profile built for the user over time.

The technique involves recording small pieces of information about how users type, like the time it takes them to move from one key to another or the length of time they keep each key pressed. This is used to create unique typing patterns that are represented as feature vectors made up of 320 values.

TypingDNA’s technology only records statistics about the 44 most used keys on a keyboard and doesn’t record sequences between two or more keys because such information could potentially be used to reconstruct text.

Keystroke recognition is not meant to replace passwords or to be used alone as a method of authentication. Instead, it can be used in a multifactor authentication system and is easier to implement than other forms of biometric verification.

To use fingerprint, face or voice recognition, websites have to ask users for access to their microphones, webcams or fingerprint readers. Gathering the data needed to build typing patterns, however, can be done from JavaScript with no additional permissions other than what websites already have by default inside browsers.

In order to build typing profiles, TypingDNA’s technology needs users to type a minimum of 60-70 characters, but this can vary depending on what the service is being used for, according to Popa.

For example, an application that needs to check a user’s identity more frequently can use a longer text of 170-180 characters for initial enrollment and then use shorter texts when performing verification. Meanwhile, for applications that rarely need to verify the user’s identity—for example for password reset attempts—the enrollment can be shorter and the verification text much longer.

Since different applications have different requirements, the error threshold can also be adjusted to suit the application owners’ needs, helping them find the right balance between usability and accuracy. For example, an e-learning platform that uses typing biometrics to ensure that the people taking online exams are the actual account holders might have an acceptable error rate that’s higher than a bank that wants to use typing biometrics for transaction authorization.

Tricking one or several typing recognition algorithms is technically possible using various techniques, Popa said. That’s why TypingDNA uses 10 different algorithms in parallel so that the system is more resilient against potential fraud attempts, he said.

Ultimately though, typing patterns are as vulnerable to cloning as other types of biometrics. Just as attackers can copy someone’s fingerprint, record their voice or obtain a high-resolution picture of their face, it is theoretically possible to record how someone types over a long period of time and then replicate that to defeat typing-based verification.

One common question that often comes up when discussing typing biometric technologies is how they handle various incidents that can affect the user’s style of typing. For example, when users are inebriated or experience dizziness, they’ll probably type slower and make more errors, which changes their typing profiles. Accidents can also temporarily leave users unable to type normally with one of their hands.

According to Popa, TypingDNA’s system is smart enough to figure out when a user continues to type normally on one half of the keyboard and differently on the other half, which suggests that they have a problem with one of their hands. A lower score on one half of the keyboard can be compensated by asking the user to type a longer text so that more data from the unaffected half is collected.

In cases where the overall typing style changes too much, authentication success or failure depends on the configured accuracy threshold.

To account for smaller changes in a person’s typing over time, the system can also perform so-called continuous enrollment, where the user’s typing profile is enriched with new typing information collected over time. For example, new data collected from every typed verification text can be used to refresh the user’s stored typing pattern.

TypingDNA provides access to its typing-based authentication service through an API (application programming interface) and developers can add the functionality into their web apps through a software development kit.

Trying out the service is free for the first 1,000 authentication requests. Beyond that users have to buy prepaid packages that include basic and professional plans and a variety of pricing tiers. For example, a basic package for 5,000 requests is priced at $99 and a basic package for 50,000 requests is priced at $999. The company plans to add a monthly subscription plan, but for now you can only buy these prepaid packages and add more credit when you reach the limit. API access is available through the firm’s website and the company says it works for users typing in any language.

The company is also developing an application for desktops and laptops that performs “continuous authentication.” The application sits in the background and learns the computer owner’s typing patterns. It can then quickly lock out any unauthorized user who tries to use the computer when it’s left unlocked and unattended.

Typing pattern analysis can also have applications beyond authentication. TypingDNA is currently conducting research into the area of user profiling and has built an experimental system that attempts to determine a person’s gender, age, IQ, openness and personality (Myers–Briggs Type Indicator) based on how they type.

The large number of data breaches announced by online service providers over the past few years is a clear indication that password-based authentication is no longer enough. Two-factor authentication systems, often based on one-time-use codes sent via text messages or generated by mobile apps, have now become the norm.

But SMS is not a secure channel for transmitting authentication codes and users might not always have their mobile phones with them. AI-powered typing biometrics could be a viable alternative for the web, much more so than other forms of biometrics that require special access to peripheral devices.

Google Maps now shows how hard it will be to park at your destination

The feature is now available in the full version of the app. This article has been updated to reflect this news.google maps parking

If you’ve ever taken longer to find a parking spot than you did driving somewhere, Google Maps might be able to help—or at least prepare you for a headache. Thanks to a new feature in the latest version of the app, you’ll now be able to tell how hard it will be to park once you arrive at your destination.

The new feature is easy to miss. The next time you pull up driving directions, you’ll see a small circular P icon to the right of your route overview, next to which will show three levels of parking difficulty: Easy, Medium, and Limited. (To make it easier to see at a glance, easy and medium are colored blue while limited is red.) While the feature doesn’t update to show the actual parking situation when you arrive (at least not yet), you can get a slightly longer description when you expand your directions.

The update is currently rolling out in the Google Play store, but if you’re not seeing it, you can sideload the Google-signed APK from APKMirror. Keep in mind that the feature is only available in 25 cities across the U.S: Atlanta, Boston, Charlotte, Chicago, Cleveland, Dallas/Fort Worth, Denver, Detroit, Houston, Los Angeles, Miami, Minneapolis/St. Paul, New York City, Orlando, Philadelphia, Phoenix, Pittsburgh, Portland, Sacramento, San Diego, San Francisco, Seattle, St. Louis, Tampa, and the Washington D.C. area.

Parking can be a major headache when driving somewhere new, so we’ll take any information we can get. And with the new Uber integration built right into the app, a red circle could mean the difference between driving or being driven somewhere.

This story, “Google Maps now shows how hard it will be to park at your destination” was originally published by Greenbot.