Daily Archives: June 16, 2017

Tails 3.0 – anonymous live OS is out

Posted on by
Reply

Tails is a live operating system that you can start on almost any computer from a DVD, USB stick, or SD card.

It aims at preserving your privacy and anonymity, and helps you to:

use the Internet anonymously and circumvent censorship;
all connections to the Internet are forced to go through the Tor network;
leave no trace on the computer you are using unless you ask it explicitly;
use state-of-the-art cryptographic tools to encrypt your files, emails and instant messaging.

https://tails.boum.org/index.en.html

Facebook’s Emotion Tech: Patents Show New Ways For Detecting And Responding To Users’ Feelings

Posted on by
Reply

Facebook’s newest patent, granted May 25, aims to monitor users’ typing speed to predict emotions and adapt messages in response.

We took a look at some of Facebook’s emotion-based patents to understand how the company is thinking about capturing and responding to people’s emotional reactions, which has been a tricky area for consumer tech companies but key to their future. On the one hand, they want to identify which content is most engaging and respond to audience’s reactions, on the other emotion-detection is technically difficult, not to mention a PR and ethical minefield.

Source: Facebook’s Emotion Tech: Patents Show New Ways For Detecting And Responding To Users’ Feelings

Dutch Usenetprovider Eweka forced by judge to hand over personal details to BREIN without judicial oversight

Posted on by
Reply

A Dutch judge has said that the usenet provider needs to hand over personal details to BREIN (the Dutch version of the RIAA) without any reason other than that BREIN wants them or face a fine of EUR 1000,- per day. It’s pretty bizarre that some commercial entity can raid anyones private data because they feel like it, but it looks like the North Holland judge prefers cash money to personal interests and judicial oversight.

De rechtbank Noord-Holland heeft vonnis gewezen in een zaak tussen BREIN en Usenetprovider Eweka. Eweka handelt onrechtmatig door BREIN niet terstond – zonder gerechtelijk vonnis – identificerende gegevens te verschaffen van een uploader van auteursrechtelijk beschermd materiaal. Dat moet alsnog gebeuren op verbeurte van een dwangsom van 1000 euro per dag.

Source: Usenetprovider Eweka moet persoonsgegevens overleggen – Emerce

Artificial tongues can discriminate between whiskeys

Posted on by
Reply

We present simple tongues consisting of fluorescent polyelectrolytes or chimeric green fluorescent proteins (GFPs) to discriminating 33 different whiskies according to their country of origin (Ireland, US, or Scotland), brand, blend status (blend or single malt), age, and taste (rich or light). The mechanism of action for these tongues is differential quenching of the fluorescence of the poly(aryleneethynylene)s or the GFPs by the complex mixture of colorants (vanillin, vanillic acid, oak lactones, tannins, etc.; the interactome) extracted from the oak barrels and added caramel coloring. The differential binding and signal generation of the interactomes to the polymers and proteins result from hydrophobic and electrostatic interactions. The collected quenching data, i.e., the response patterns, were analyzed by linear discriminant analysis. Our tongues do not need any sample preparation and are equal or superior to state-of-the-art mass spectrometric methods with respect to speed, resolution, and efficiency of discrimination.

Which means the artificial tongues can taste stuff without having to decompose it in any way either.

The “Doubleswitch” social media attack: how to lock people out of social media accounts and use them to spread fake news

Posted on by
Reply

With the Doubleswitch attack, a hijacker takes control of a victim’s account through one of several attack vectors. People who have not enabled an app-based form of multifactor authentication for their accounts are especially vulnerable. For instance, an attacker could trick you into revealing your password through phishing. If you don’t have multifactor authentication, you lack a secondary line of defense. Once in control, the hijacker can then send messages and also subtly change your account information, including your username. The original username for your account is now available, allowing the hijacker to register for an account using that original username, while providing different login credentials. Now, if you try to recover your original account by resetting your password, the reset email will be sent directly to the hijacker.

Source: The “Doubleswitch” social media attack: a threat to advocates in Venezuela and worldwide – Access Now

Artificial intelligence can now predict suicide risk with remarkable accuracy

Posted on by
Reply

In trials, results have been 80-90% accurate when predicting whether someone will attempt suicide within the next two years, and 92% accurate in predicting whether someone will attempt suicide within the next week.

The prediction is based on data that’s widely available from all hospital admissions, including age, gender, zip codes, medications, and prior diagnoses. Walsh and his team gathered data on 5,167 patients from Vanderbilt University Medical Center that had been admitted with signs of self-harm or suicidal ideation. They read each of these cases to identify the 3,250 instances of suicide attempts.

This set of more than 5,000 cases was used to train the machine to identify those at risk of attempted suicide compared to those who committed self-harm but showed no evidence of suicidal intent. The researchers also built algorithms to predict attempted suicide among a group 12,695 randomly selected patients with no documented history of suicide attempts. It proved even more accurate at making suicide risk predictions within this large general population of patients admitted to the hospital.

Source: Artificial intelligence can now predict suicide risk with remarkable accuracy

Hackers Can Spoof Phone Numbers, Track Users via 4G VoLTE Mobile Technology

Posted on by
Reply

A team of researchers from French company P1 Security has detailed a long list of issues with the 4G VoLTE telephony, a protocol that has become quite popular all over the world in recent years and is currently in use in the US, Asia, and most European countries.
[…]
Researchers say that an attacker on the same network can send modified SIP INVITE messages to brute-force the mobile provider and get a list of all users on its network.
[…]
This could be an issue with lawful interception (surveillance) because it allows possible crime suspects a way to create covert data communications channels.
[…]
Researchers warn that this is a “critical” issue that may result in attackers accessing another person’s voice mail, or could cause problems for law enforcement monitoring criminals, who would be able to avoid surveillance by placing calls from another phone number.

Not mentioned by researchers, but a plausible scenario, is if tech support scammers would spoof the phone numbers of legitimate companies to call customers and obtain sensitive information such as passwords, card PINs, and other.
[…]
Researchers recommend that mobile telcos sanitize the headers of “200 OK” messages and remove any equipment info that may allow an attacker to create a virtual map of its network. This information is dangerous because it allows threat actors to plan and carry out finely-tuned attacks against the mobile operator.
[…]
Researchers discovered that by watching VoLTE traffic on an Android that’s initiating a call, intermediary messages exchanged before establishing a connection reveal information about the callee (victim)’s IMEI number.
[…]
attackers could initiate shadow calls, detect the victim’s approximate location, and hang up before the phone call is established.

Source: Hackers Can Spoof Phone Numbers, Track Users via 4G VoLTE Mobile Technology

Chinese Windows 10 doesn’t spy on you

Posted on by
Reply

Weg met telemetrie en ruime dataverzameling – het kan dus wel.

Source: Wil je privacy? Gebruik dan de Chinese Windows 10!

Microsoft has released a version of Windows 10 for the Chinese (!) market that doesn’t send all sorts of telemetry and private data to itself. This version is not available for the rest of us, in the rest of the world, Microsoft still has you as a secondary product.

Samsung forces unkillable adverts down Galaxy S8 buyers’ throats

Posted on by
Reply

“Hier heb ik geen 1000 dollar voor betaald!”

Source: Samsung verrast gebruikers met advertenties op Galaxy S8 – Webwereld

They come with the gaming service which cannot be disabled or uninstalled unless you’re root. Considering you pay through the nose for the most breakable piece of hardware there is, this sounds like a great reason to not buy Samsung any more.