THE Royal Navy’s entire fleet of attack submarines is currently out of action. Repairs and maintenance to all seven have left none to defend our waters — or monitor Russia’s relentless probes. But …
Fortunately the Vanguard nuclear deterrent fleet is still sailing. This is what happens when you keep taking “peace dividend” when there is no peace.
The government has received recommendations for a “future-proofed” new Espionage Act that would put leaking and whistleblowing in the same category as spying for foreign powers.
The plans would threaten leakers and journalists with the same extended jail sentences as agents working for of foreign powers. Sentences would apply even if – like Edward Snowden or Chelsea Manning – the leaker was not British, or in Britain, or was intent on acting in the public interest.
Source: Planned Espionage Act could jail journos and whistleblowers as spies • The Register
Free press and whistleblowing are necessary checks and balances on democracy. Killing them opens the way to a dictatorial corrupt nepotistic free for all, where the top layer of society distances themselves from the lower layer and crime becomes a necessity on the part of the lowest layers to survive.
The ability for companies to follow you from one platform to another — from your phone to your laptop to a physical store — is called cross-device tracking, and for businesses that want to market and sell stuff to you, it is basically the holy grail.
With robust tracking, a company can follow you basically from the moment you wake up and check social media feeds on your phone, through your commute, to work, back through the evening, and once more to your bed at night.
[…]
To get there, the FTC recently held a workshop on Cross-Device tracking, and has now published a report [PDF] highlighting some key facts about this increasingly popular practice.
Source: 5 Things We’ve Learned About How Companies Track You Online And Off – Consumerist
These same organizations also employ the use of social media analytics in order to reach the best target audience. Many of the tracked pieces of information helps them in this regard. More accurate advertising is very beneficial to them for obvious reasons.
1. You don’t need always to be logged in to be tracked.
2. Cross-device tracking can actually improve account security.
3. Companies are not at all transparent about tracking practices.
4. Consumers have very little control.
5. The industry is working on some voluntary self-regulation… sort of.
Many charts don’t tell the truth. This is a simple guide to spotting them.
Source: How to Spot Visualization Lies
and more!
If you were to modify the above WRMHEADER or any of the three identified GUID objects you would find that on opening in Windows Media Player you are prompted with a warning from Windows Media Player.
However, this warning DOES NOT appear if the DRM license has been signed correctly and the Digital Signature Object, Content Encryption Object and Extended Content Encryption Object contain the appropriate cryptographic signing performed by an authorised Microsoft License Server profile. There are several free DRM providers who could sign your media for you however as the barrier to entry to the DRM market is the aforementioned price tag, it makes you wonder how these files are being signed in the wild! As these “signed WMV” files do not present any alert to a user before opening them they can be used quite effectively to decloak users of the popular privacy tool TorBrowser with very little warning. For such an attack to work your target candidate must be running TorBrowser on Windows. When opening/downloading files, TorBrowser does warn you that 3rd party files can expose your IP address and should be accessed in tails. This is not an attack against Tor or the TorBrowser directly but a useful way that could be leveraged to identify people attempting to access illegal media content (such as Daesh propaganda).
Source: Windows DRM Social Engineering Attacks & TorBrowser – My Hacker House
We recently announced a new addition to Metasploit to help you do exactly that: the Hardware Bridge API. The Hardware Bridge API extends Metasploit’s capabilities into the physical world of hardware devices. Much in the same way that the Metasploit framework helped unify tools and exploits for networks and software, the Hardware Bridge looks to do the same for all types of hardware. From within Metasploit you can now branch out into a Metasploit compatible hardware device to remotely control and use it for your penetration testing needs.
[…]
If your device supports CAN, Metasploit will automatically provide several interactive vehicle-related commands. This will also mark your Hardware Bridge (HWBridge) session as an Automotive session that can be viewed in your session list or via modules that are designed to work only on automotive systems. This allows exploit developers to focus on writing automotive tools without having to worry about the attached hardware. It also provides internal Metasploit APIs to make common automotive calls easier, such as getting the vehicle speed or requesting a security access token from the Engine Control Unit (ECU).
Source: Exiting the Matrix: Introducing Metasploit’s Ha… | Rapid7 Community and Blog
Initially used to improve the experience for visually impaired members of the Facebook community, the company’s Lumos computer vision platform is now powering image content search for all users. This means you can now search for images on Facebook with key words that describe the contents of a photo, rather than being limited by tags and captions.
To accomplish the task, Facebook trained an ever-fashionable deep neural network on tens of millions of photos. Facebook’s fortunate in this respect because its platform is already host to billions of captioned images. The model essentially matches search descriptors to features pulled from photos with some degree of probability.
[…]
Facebook isn’t the only one racing to apply recent computer vision advances to existing products. Pinterest’s visual search feature has been continuously improved to let users search images by the objects within them. This makes photos interactive and more importantly it makes them commercializable.Google on the other hand open sourced its own image captioning model last fall that can both identify objects and classify actions with accuracy over 90 percent. The open source activity around TensorFlow has helped the framework gain prominence and become very popular with machine learning developers.
Facebook is focused on making machine learning easy for teams across the company to integrate into their projects. This means improving the use of the company’s general purpose FBLearner Flow.
“We’re currently running 1.2 million AI experiments per month on FBLearner Flow, which is six times greater than what we were running a year ago,” said Joaquin Quiñonero Candela, Facebook’s director of applied machine learning.
Lumos was built on top of FBLearner Flow. It has already been used for over 200 visual models. Aside from image content search, engineers have used the tool for fighting spam.
Source: Facebook’s AI unlocks the ability to search photos by what’s in them | TechCrunch
A U.S. judge has ordered Google to comply with search warrants seeking customer emails stored outside the United States, diverging from a federal appeals court that reached the opposite conclusion in a similar case involving Microsoft Corp (MSFT.O).
U.S. Magistrate Judge Thomas Rueter in Philadelphia ruled on Friday that transferring emails from a foreign server so FBI agents could review them locally as part of a domestic fraud probe did not qualify as a seizure.
The judge said this was because there was “no meaningful interference” with the account holder’s “possessory interest” in the data sought.
“Though the retrieval of the electronic data by Google from its multiple data centers abroad has the potential for an invasion of privacy, the actual infringement of privacy occurs at the time of disclosure in the United States,” Rueter wrote.
Source: Google, unlike Microsoft, must turn over foreign emails: U.S. judge
I guess Rueter finds that invasion of privacy is no meaningful interference.
A genetically modified bacterium destroys tumors by provoking an immune response, according to a study published Wednesday.
Using mice and cultures of human cancer cells, a South Korean-led scientific team demonstrated that Salmonella typhimurium engineered to make a foreign protein caused immune cells called macrophages and neutrophils to mobilize against the cancer.
[…]
Tumors shrank below detectable levels in 11 out of 20 mice injected with the modified Salmonella, said the study, published in Science Translational Medicine.
Go to j.mp/salcancer for the study. The first author was Jin Hai Zheng of Chonnam National University Hwasun Hospital, in Jeonnam, South Korea.
The engineered Salmonella provoke a sustained immune response, in addition to preventing the spread of a human colon cancer implanted in a mouse. The bacterium also were found to be nontoxic, multiplying almost exclusively inside tumors.
[…]
UC San Diego researcher Jeff Hasty has developed engineered Salmonella that deliver cancer-killing toxins inside the tumor. This bacterium periodically self-destructs when it reaches a certain population density, releasing the toxins. Some of the engineered Salmonella survive, rebuilding the population until it reaches the self-destruct density. So the tumor receives periodic doses of targeted chemotherapy.
Source: GM Salmonella destroys cancer
California electronics maker Vizio will cough up $2.2m after its smart TVs spied on millions of people.
America’s trade watchdog, the FTC, said today the payment will settle a complaint filed by the state of New Jersey accusing Vizio of violating privacy regulations: the biz had collected the viewing habits of 11 million television sets throughout the country without warning or permission.
According to the state attorney general’s federal complaint [PDF], from February 2014 to March 2016, Vizio noted down exactly what its customers were watching and then resold all those records as summaries to third parties – which were mostly advertising companies.
The usage data was not only collected while customers were watching over-the-air or cable TV broadcasts, but also when they were watching DVDs or streaming video from websites and over-the-top services like Netflix.
Vizio harvested surveillance on people and their families so precise, it knew exactly what you were watching, second by second, and even took copies of the watched video, according to prosecutors. Additionally, we’re told, Vizio resold summaries of personal information about its customers it had gathered, including age, marital status, and household income, to advertisers without consent.
Source: Vizio coughs up $2.2m after its smart TVs spied on millions of families • The Register
No mention of the records having to be destroyed though?
Average compensation for staff in sales, trading, and research at the 12 largest global investment banks, of which Goldman is one, is $500,000 in salary and bonus, according to Coalition. Seventy-five percent of Wall Street compensation goes to these highly paid “front end” employees, says Amrit Shahani, head of research at Coalition.
For the highly paid who remain, there is a growing income spread that mirrors the broader economy, says Babson College professor Tom Davenport. “The pay of the average managing director at Goldman will probably get even bigger, as there are fewer lower-level people to share the profits with,” he says.
[…]
Goldman Sachs has already begun to automate currency trading, and has found consistently that four traders can be replaced by one computer engineer, Chavez said at the Harvard conference. Some 9,000 people, about one-third of Goldman’s staff, are computer engineers.
[…]
Goldman’s new consumer lending platform, Marcus, aimed at consolidation of credit card balances, is entirely run by software, with no human intervention, Chavez said. It was nurtured like a small startup within the firm and launched in just 12 months, he said. It’s a model Goldman is continuing, housing groups in “bubbles,” some on the now-empty trading spaces in Goldman’s New York headquarters: “Those 600 traders, there is a lot of space where they used to sit,” he said.
Source: As Goldman Embraces Automation, Even the Masters of the Universe Are Threatened
Previously, tourists, travelers and visa holders were warned they may have to hand over their online account names and handles so their public profiles can be studied by border agents and immigration officials.
Now Kelly wants to take that further, by demanding passwords from some visa applicants so g-men can log into Twitter, Facebook, online banking accounts, and so on, and rummage around for any eyebrow-raising non-public posts, messages and transactions. If you refuse, you can’t come in.
“We want to say ‘what kind of sites do you visit and give us your passwords,’ so we can see what they do,” Kelly explained, in response to a question from Representative Clay Higgins (R-LA).
“We want to get on their social media with passwords – what do you do, what do you say. If they don’t want to cooperate then they don’t come in. If they truly want to come to America they’ll cooperate, if not then ‘next in line’.”
[…]
Kelly said this invasive vetting of people’s online personas and accounts could take weeks or months, and that applicants would just have to wait until it was done. Representative Higgins said he agreed, and was anxious for Homeland Security and others to start trawling through people’s social media pages. Higgins said handing over such credentials should be mandatory.
The 4th reich keeps getting scarier.
Even though cash payments have decreased to 49% of our daily payments, people in the eurozone still think cash is important and shouldn’t be banned.
DNBulletin: Contant betalen moet mogelijk blijven
Source: DNBulletin: Contant betalen moet mogelijk blijven
There has been a movement to try to shame cash payments, into creating a shady overtone to them. In fact it’s none of anyones’ business what you are spending your money on and being able to monitor your expenditure is shameless. For the banks you become the product, for the government you fall more under their control.
Over the last few years, advances in science have made the kind of experiments once only accessible to PhDs with fancy labs far more attainable. College undergrads are constructing gene drives. Anyone can buy a kit on the internet to concoct their own bioluminescent beer.
[…]
The German government, it seems, is none too pleased with this development. Two weeks ago its consumer protection office issued a statement making clear just how upset it is: Any science enthusiast doing genetic engineering outside of a licensed facility, it wrote, might face a fine of €50,000 or up to three years in prison.
[…]
The law behind the German DIY bio crackdown isn’t new. The government was simply reminding so-called biohackers of a long-existing law that forbids genetic engineering experiments outside of laboratories supervised and licensed by the state.
[…]
“The statement has to be seen in light of the newly formed DIY biology scene and due to the appearance of low-priced DIY biology kits in online shops,” the BVL told Gizmodo, via email.
[…]
The BVL conceded that the new rules will make it virtually impossible for a lone scientist to meet the legal requirements to do genetic engineering. To begin with, any lab needs a project manager qualified by academic credentials such as a master’s degree in science. Labs also require a commissioner for biological safety who is similarly qualified.“This makes genetic engineering experiments rather unattractive for individuals,” the BVL’s spokesman said.
Source: Germany Is Threatening Biohackers With Prison
On the one hand I understand the need for oversight and ethics, on the other hand, it should be a lot easier for individuals to play and learn in this field. It must be possible to balance the two needs.