Rapid progress in research involving miniature human brains grown in a dish has led to a host of ethical concerns, particularly when these human brain cells are transplanted into nonhuman animals. A new paper evaluates the potential risks of creating “humanized” animals, while providing a pathway for scientists to move forward in this important area.
Neuroscientist Isaac Chen from the Perelman School of Medicine at the University of Pennsylvania, along with his colleagues, has written a timely Perspective paper published today in the science journal Cell Stem Cell. The paper was prompted by recent breakthroughs involving the transplantation of human brain organoids into rodents—a practice that’s led to concerns about the “humanization” of lab animals.
In their paper, the authors evaluate the current limits of this biotechnology and the potential risks involved, while also looking ahead to the future. Chen and his colleagues don’t believe anything needs to be done right now to limit these sorts of experiments, but that could change once scientists start to enhance certain types of brain functions in chimeric animals, that is, animals endowed with human attributes, in this case human brain cells.
In the future, the authors said, scientists will need to be wary of inducing robust levels of consciousness in chimeric animals and even stand-alone brain organoids, similar to the sci-fi image of a conscious brain in a vat.
Cross-section of a brain organoid.
Image: Trujillo et al., 2019, Cell Stem Cell
Human brain organoids are proving to be remarkably useful. Made from human stem cells, brain organoids are tiny clumps of neural cells which scientists can use in their research.
To be clear, pea-sized organoids are far too basic to induce traits like consciousness, feelings, or any semblance of awareness, but because they consist of living human brain cells, scientists can use them to study brain development, cognitive disorders, and the way certain diseases affect the brain, among other things. And in fact, during the opening stages of the Zika outbreak, brain organoids were used to study how the virus infiltrates brain cells.
The use of brain organoids in this way is largely uncontroversial, but recent research involving the transplantation of human brain cells into rodent brains is leading to some serious ethical concerns, specifically the claim that scientists are creating part-human animals.
Anders Sandberg, a researcher at the University of Oxford’s Future of Humanity Institute, said scientists are not yet able to generate full-sized brains due to the lack of blood vessels, supporting structure, and other elements required to build a fully functioning brain. But that’s where lab animals can come in handy.
“Making organoids of human brain cells is obviously interesting both for regenerating brain damage and for research,” explained Sandberg, who’s not affiliated with the new paper. “They do gain some structure, even though it is not like a full brain or even part of a brain. One way of getting around the problem of the lack of blood vessels in a petri dish is to implant them in an animal,” he said. “But it’s at this point when people start to get a bit nervous.”
The concern, of course, is that the human neural cells, when transplanted into a nonhuman animal, say a mouse or rat, will somehow endow the creature with human-like traits, such as greater intelligence, more complex emotions, and so on.
The next time you’re hunting for a parking spot, mathematics could help you identify the most efficient strategy, according to a recent paper in the Journal of Statistical Mechanics. It’s basically an optimization problem: weighing different variables and crunching the numbers to find the optimal combination of those factors. In the case of where to put your car, the goal is to strike the optimal balance of parking close to the target—a building entrance, for example—without having to waste too much time circling the lot hunting for the closest space.
Paul Krapivsky of Boston University and Sidney Redner of the Santa Fe Institute decided to build their analysis around an idealized parking lot with a single row (a semi-infinite line), and they focused on three basic parking strategies. A driver who employs a “meek” strategy will take the first available spot, preferring to park as quickly as possible even if there might be open spots closer to the entrance. A driver employing an “optimistic” strategy will go right to the entrance and then backtrack to find the closest possible spot.
Finally, drivers implementing a “prudent” strategy will split the difference. They might not grab the first available spot, figuring there will be at least one more open spot a bit closer to the entrance. If there isn’t, they will backtrack to the space a meek driver would have claimed immediately.
[…]
Based on their model, the scientists concluded that the meek strategy is the least effective of the three, calling it “risibly inefficient” because “many good parking spots are unfilled and most cars are parked far from the target.”
Determining whether the optimistic or prudent strategy was preferable proved trickier, so they introduced a cost variable. They defined it as “the distance from the parking spot to the target plus time wasted looking for a parking spot.” Their model also assumes the speed of the car in the lot is the same as average walking speed.
“On average, the prudent strategy is less costly,” the authors concluded. “Thus, even though the prudent strategy does not allow the driver to take advantage of the presence of many prime parking spots close to the target, the backtracking that must always occur in the optimistic strategy outweighs the benefit.” Plenty of people might indeed decide that walking a bit farther is an acceptable tradeoff to avoid endlessly circling a crowded lot hunting for an elusive closer space. Or maybe they just want to rack up a few extra steps on their FitBit.
The authors acknowledge some caveats to their findings. This is a “minimalist physics-based” model, unlike more complicated models used in transportation studies that incorporate factors like parking costs, time limits, and so forth. And most parking lots are not one-dimensional (a single row). The model used by the authors also assumes that cars enter the lot from the right at a fixed rate, and every car will have time to find a spot before the next car enters—a highly unrealistic scenario where there is no competition between cars for a given space. (Oh, if only…)
Attorney General Bill Barr, along with officials from the United Kingdom and Australia, is set to publish an open letter to Facebook CEO Mark Zuckerberg asking the company to delay plans for end-to-end encryption across its messaging services until it can guarantee the added privacy does not reduce public safety.
A draft of the letter, dated Oct. 4, is set to be released alongside the announcement of a new data-sharing agreement between law enforcement in the US and the UK; it was obtained by BuzzFeed News ahead of its publication.
Signed by Barr, UK Home Secretary Priti Patel, acting US Homeland Security Secretary Kevin McAleenan, and Australian Minister for Home Affairs Peter Dutton, the letter raises concerns that Facebook’s plan to build end-to-end encryption into its messaging apps will prevent law enforcement agencies from finding illegal activity conducted through Facebook, including child sexual exploitation, terrorism, and election meddling.
With Tether’s monthly trading volume about 18% higher than that of Bitcoin, it’s arguably the most important coin in the crypto ecosystem. Tether’s also one of the main reasons why regulators regard cryptocurrencies with a wary eye, and have put the breaks on crypto exchange-traded funds amid concern of market manipulation.
“If there is no Tether, we lose a massive amount of daily volume — around $1 billion or more depending on the data source,” said Lex Sokolin, global financial technology co-head at ConsenSys, which offers blockchain technology. “Some of the concerning potential patters of trading in the market may start to fall away.”
Coins With Biggest Daily Trading Volumes
In billions of U.S. dollars
Source: CoinMarketCap.com
Values as of Sept. 27, 2019
Tether is the world’s most used stablecoin, a category of tokens that seek to avoid price fluctuations, often through pegs or reserves. It’s also a pathway for most of the world’s active traders into the crypto market. In countries like China, where crypto exchanges are banned, people can pay cash over the counter to get Tethers with few questions asked, according to Sokolin. From there, they can trade Tethers for Bitcoin and other cryptocurrencies, he said.
“For many people in Asia, they like the idea that it’s this offshore, opaque thing out of reach of the U.S. government,” said Jeremy Allaire, chief executive officer of Circle, which supports a rival stablecoin called USD Coin. “It’s a feature, not a problem.”
Read more: A QuickTake explains the allure of stablcoins
Tether, which is being sued by New York for allegedly commingling funds including reserves, says using a know-your-customer form and approval process is required to issue and redeem the coin.
Asian traders account for about 70% of all crypto trading volume, according to Allaire, and Tether was used in 40% and 80% of all transactions on two of the world’s top exchanges, Binance and Huobi, respectively, Coin Metrics said earlier this year.
Many people don’t even know they use Tether, said Thaddeus Dryja, a research scientist at the Massachusetts Institute of Technology. Because traditional financial institutions worry that they don’t sniff out criminals and money launderers well enough, most crypto exchanges still don’t have bank accounts and can’t hold dollars on behalf of customers. So they use Tether as a substitute, Dryja said.
“I don’t think people actually trust Tether — I think people use Tether without realizing that they are using it, and instead think they have actual dollars in a bank account somewhere,” Dryja said. Some exchanges mislabel their pages, to convey the impression that customers are holding dollars instead of Tethers, he said.
Tether’s Market Cap Balloons
In U.S. dollars
Source: CoinMarketCap.com
The way Tether is managed and governed makes it a black box. While Bitcoin belongs to no one, Tether is issued by a Hong Kong-based private company whose proprietors also own the Bitfinex crypto exchange. The exact mechanism by which Tether’s supply is increased and decreased is unclear. Exactly how much of the supply is covered by fiat reserves is in question, too, as Tether is not independently audited. In April, Tether disclosed that 74% of the Tethers are covered by cash and short-term securities, while it previously said it had a 100% reserve.
The disclosure was a part of an ongoing investigation into Tether by the New York Attorney General, which accused the companies behind the coin of a coverup to hide the loss of $850 million of comingled client and corporate funds.
John Griffin, a finance professor at the University of Texas at Austin, said that half of Bitcoin’s runup in 2017 was the result of market manipulation using Tether. Last year Bloomberg reported that the U.S. Justice Department is investigating Tether’s role in this market manipulation.
Convenience Versus Risk
“Being controlled by centralized parties defeats the entire original purpose of blockchain and decentralized cryptocurrencies,” Griffin said. “By avoiding government powers, stablecoins place trust instead in the hands of big tech companies, who have mixed accountability. So while the idea is great in theory, in practice it is risky, open to abuse, and plagued by similar problems to traditional fiat currencies.”
Back in March 2019, Amnesty International published a report that uncovered a targeted attack against journalists and human rights activists in Egypt. The victims even received an e-mail from Google warning them that government-backed attackers attempted to steal their passwords.
According to the report, the attackers did not rely on traditional phishing methods or credential-stealing payloads, but rather utilized a stealthier and more efficient way of accessing the victims’ inboxes: a technique known as “OAuth Phishing”. By abusing third-party applications for popular mailing services such as Gmail or Outlook, the attackers manipulated victims into granting them full access to their e-mails.
Fig 1: Previous OAuth phishing campaign
Recently, we were able to find previously unknown or undisclosed malicious artifacts belonging to this operation. A new website we attributed to this malicious activity revealed that the attackers are going after their prey in more than one way, and might even be hiding in plain sight: developing mobile applications to monitor their targets, and hosting them on Google’s official Play Store.
After we notified Google about the involved applications, they quickly took them off of the Play Store and banned the associated developer.
Infrastructure: The Early Days
The full list of indicators belonging to this campaign and shared by Amnesty on GitHub showed multiple websites that used keywords such as “mail”, “secure”, or “verify”, possibly not to arouse any suspicions and to masquerade as legitimate mailing services.
By visualizing the information available about each of these websites, we saw clear connections between them: they were registered using NameCheap, had HTTPS certificates, and many of them resolved to the same IP addresses.
The addresses shared the same IPv4 range or netblock (185.125.228[.]0/22), which belongs to a Russian telecommunications company called MAROSNET.
Fig 2: Maltego visualization of campaign infrastructure
Naturally, the websites cannot be accessed nowadays, but by looking over public scans available for some of them we could see that in addition to being related to OAuth phishing, they hosted phishing pages that impersonated Outlook or Facebook and tried to steal log-in credentials for those services
[…]
Following up on the investigation first conducted by Amnesty International, we revealed new aspects of the attack that has been after Egypt’s civil society since at least 2018.
Whether it is phishing pages, legitimate-looking applications for Outlook and Gmail, and mobile applications to track a device’s communications or location, it is clear that the attackers are constantly coming up with creative and versatile methods to reach victims, spy on their accounts, and monitor their activity.
We discovered a list of victims that included handpicked political and social activists, high-profile journalists and members of non-profit organizations in Egypt.
The information we gathered from our investigation suggested that the perpetrators are Arabic speakers, and well familiar with the Egyptian ecosystem. Because the attack might be government-backed, it means that we are looking at what might be a surveillance operation of a country against its own citizens or of another government that screens some other attack using this noisy one.
A man has been able to move all four of his paralysed limbs with a mind-controlled exoskeleton suit, French researchers report.
Thibault, 30, said taking his first steps in the suit felt like being the “first man on the Moon”.
His movements, particularly walking, are far from perfect and the robo-suit is being used only in the lab.
But researchers say the approach could one day improve patients’ quality of life.
Thibault had surgery to place two implants on the surface of the brain, covering the parts of the brain that control movement
Sixty-four electrodes on each implant read the brain activity and beam the instructions to a nearby computer
Sophisticated computer software reads the brainwaves and turns them into instructions for controlling the exoskeleton
[…]
in 2017, he took part in the exoskeleton trial with Clinatec and the University of Grenoble.
Initially he practised using the brain implants to control a virtual character, or avatar, in a computer game, then he moved on to walking in the suit.
Media captionMind-controlled exoskeleton allows paralysed 30-year-old man to walk in French lab
“It was like [being the] first man on the Moon. I didn’t walk for two years. I forgot what it is to stand, I forgot I was taller than a lot of people in the room,” he said.
It took a lot longer to learn how to control the arms.
“It was very difficult because it is a combination of multiple muscles and movements. This is the most impressive thing I do with the exoskeleton.”
[…]
“This is far from autonomous walking,” Prof Alim-Louis Benabid, the president of the Clinatec executive board, told BBC News.
[…]
In tasks where Thibault had to touch specific targets by using the exoskeleton to move his upper and lower arms and rotate his wrists, he was successful 71% of the time.
Prof Benabid, who developed deep brain stimulation for Parkinson’s disease, told the BBC: “We have solved the problem and shown the principle is correct. This is proof we can extend the mobility of patients in an exoskeleton.
[…]
At the moment they are limited by the amount of data they can read from the brain, send to a computer, interpret and send to the exoskeleton in real-time.
They have 350 milliseconds to go from thought to movement otherwise the system becomes difficult to control.
It means out of the 64 electrodes on each implant, the researchers are using only 32.
So there is still the potential to read the brain in more detail using more powerful computers and AI to interpret the information from the brain.
The Iranian government has attempted to hack into hundreds of Office 365 email accounts belonging to politicians, government officials and journalists last month, Microsoft has warned.
“We’ve recently seen significant cyber activity by a threat group we call Phosphorous, which we believe originates from Iran and is linked to the Iranian government,” Microsoft’s vice president of customer security and trust Tom Burt said in a blog post on Friday.
Redmond’s bit wranglers observed more than 2,700 attempts to hack into 241 different accounts, according to the software giant. It noted that those accounts “are associated with a US presidential campaign, current and former US government officials, journalists covering global politics and prominent Iranians living outside Iran.”
Microsoft says that only four of the 241 accounts were compromised and none of them were connected to government officials or presidential campaigns. It says the accounts are now secure the owners are aware of the activity.
Notably, Microsoft says the hacking efforts were “not technically sophisticated” but used personal information gathered elsewhere to try to prompt password reset or account recovery in an effort to get into the accounts.
“For example, they would seek access to a secondary email account linked to a user’s Microsoft account, then attempt to gain access to a user’s Microsoft account through verification sent to the secondary account,” Microsoft explained.
It also appears that the hackers attempted to bypass two-factor authentication. “In some instances, they gathered phone numbers belonging to their targets and used them to assist in authenticating password resets,” the company said. It described the attackers as “highly motivated and willing to invest significant time and resources.”
Instead Microsoft proposes that people used its Authenticator app, which provides a login code that changes every 30 seconds in order to access their accounts.
How come Iran?
The company did not go into any detail over why it believes the Iranian government is behind the hacks beyond noting that those targeted included “prominent Iranians living outside Iran.” Presumably, it was able to identify the same pattern of hacking efforts with other accounts not directly connected with Iran and extrapolated from that.
Attackers are exploiting a zero-day vulnerability in Google’s Android mobile operating system that can give them full control of at least 18 different phone models, including four different Pixel models, a member of Google’s Project Zero research group said on Thursday night.
There’s evidence the vulnerability is being actively exploited, either by exploit developer NSO Group or one of its customers, Project Zero member Maddie Stone said in a post. NSO representatives, meanwhile, said the “exploit has nothing to do with NSO.” Exploits require little or no customization to fully root vulnerable phones. The vulnerability can be exploited two ways: (1) when a target installs an untrusted app or (2) for online attacks, by combining the exploit with a second exploit targeting a vulnerability in code the Chrome browser uses to render content.
“The bug is a local privilege escalation vulnerability that allows for a full compromise of a vulnerable device,” Stone wrote. “If the exploit is delivered via the Web, it only needs to be paired with a renderer exploit, as this vulnerability is accessible through the sandbox.”
[…]
The use-after-free vulnerability originally appeared in the Linux kernel and was patched in early 2018 in version 4.14, without the benefit of a tracking CVE. That fix was incorporated into versions 3.18, 4.4, and 4.9 of the Android kernel. For reasons that weren’t explained in the post, the patches never made their way into Android security updates. That would explain why earlier Pixel models are vulnerable and later ones are not. The flaw is now tracked as CVE-2019-2215.
[…]
Project Zero gives developers 90 days to issue a fix before publishing vulnerability reports except in cases of active exploits. The Android vulnerability in this case was published seven days after it was privately reported to the Android team.
