Reports in the Danish media allege that the United States spied on the country’s government and its defense industry, as well as other European defense contractors, in an attempt to gain information on its fighter acquisition program. The revelations, published online by DR, Denmark’s Danish public-service broadcaster, concern the run-up to the fighter competition that was eventually won by the U.S.-made Lockheed Martin F-35 stealth fighter.
The report cites anonymous sources suggesting that the U.S. National Security Agency (NSA) targeted Denmark’s Ministry of Finance, the Ministry of Foreign Affairs, and the defense firm Terma, which also contributes to the F-35 Joint Strike Fighter program.
Allegedly, the NSA sought to conduct espionage using an existing intelligence-sharing agreement between the two countries. Under this agreement, it is said the NSA is able to tap fiber-optic communication cables passing through Denmark and stored by the Danish Defense Intelligence Service, or Forsvarets Efterretningstjeneste (FE). Huge amounts of data sourced from the Danish communication cables are stored in an FE data center, built with U.S. assistance, at Sandagergård on the Danish island of Amager, to which the NSA also has access.
This kind of sharing of confidential data is not that unusual within the intelligence community, in which the NSA is known to trade high-level information with similar agencies within the Five Eyes alliance (Australia, Canada, New Zealand, the United Kingdom, and the United States), as well as other close allies, such as Germany and Japan, for example.
It would be hoped, however, that these relationships would not be used by the NSA to secretly gather information on the countries with which it has agreements, which is exactly what is alleged to have taken place in Denmark.
A source told DR that between 2015 and 2016 the NSA wanted to gather information on the Danish defense company Terma in a “targeted search” ahead of Denmark’s decision on a new fighter jet to replace its current fleet of F-16s. This is the competition that the F-35 won in June 2016.
Flyvevåbnets Fototjeneste
A Danish F-16 painted in the same colors as the upcoming Danish F-35, over the capital, Copenhagen, in October 2020.
According to DR, the NSA used its Xkeyscore system, which trawls through and analyzes global internet data, to seek information on Terma. An unnamed source said that search criteria had included individual email addresses and phone numbers of company employees.
Officially described as part of the NSA’s “lawful foreign signals intelligence collection system,” Xkeyscore is understood to be able to obtain email correspondence, browser history, chat conversations, and call logs.
In this case, the sources also contend that the NSA used its access to Danish communication cables and FE databases to search for communications related to two other companies, Eurofighter GmbH and Saab, who were respectively offering the Typhoon and Gripen multi-role fighters for the Danish F-16 replacement program. While the Gripen was withdrawn from the Danish competition in 2014, the Typhoon remained in the running until the end, alongside the F-35 and the Boeing F/A-18E/F Super Hornet.
[…]
The whistleblower reports are said to have warned the FE leadership about possible illegalities in an intelligence collaboration between Denmark and the United States to drain Danish internet cables of information that the intelligence services could use in their work. Furthermore, the reports allegedly warned that the NSA was also targeting a number of Denmark’s “closest neighbors,” including France, Germany, the Netherlands, Norway, and Sweden and that some of the espionage conducted by the NSA was judged to be “against Danish interests and goals.”
[…]
Regardless of how the FE and the government react to the latest allegations, if they are substantiated, then the terms of the current U.S.-Danish intelligence-sharing agreement may be judged to be in need of at least a major review. If there is any substance to these allegations, then it’s possible other countries that have made controversial choices to select the F-35 may come under new scrutiny, as well.
On Nov. 16, 2020, Virginia-based cybersecurity firm Shift5, Inc. announced that it had received a $2.6 million contract from the Army’s Rapid Capabilities and Critical Technologies Office (RCCTO) to “provide unified cybersecurity prototype kits designed to help protect the operational technology of the Army’s Stryker combat vehicle platform.” The company says it first pitched its plan for these kits at RCCTO’s first-ever Innovation Day event in September 2019.
[…]
“Adversaries demonstrated the ability to degrade select capabilities of the ICV-D when operating in a contested cyber environment,” according to an annual report from the Pentagon’s Office of the Director of Operational Test and Evaluation, or DOT&E, covering activities during the 2018 Fiscal Year. “In most cases, the exploited vulnerabilities pre-date the integration of the lethality upgrades.”
The “lethality upgrades” referred to here center on the integration of a turret armed with a 30mm automatic cannon onto the Infantry Carrier Vehicle (ICV) variant of the Stryker, resulting in the Dragoon version. The indication here is that the cyber vulnerabilities were present in systems also found on unmodified ICVs, suggesting that the issues are, or at least were, impacted other Stryker variants, as well.
Airglow is the natural “glowing” of the Earth’s atmosphere. It happens all the time and across the whole globe. There are three types of airglow: dayglow, twilightglow and nightglow. Each is the result of sunlight interacting with the molecules in our atmosphere, but they have their own special way of forming.
Dayglow forms when sunlight strikes the daytime atmosphere. Some of the sunlight is absorbed by the molecules in the atmosphere, which gives them excess energy. They become excited. The molecules then release this energy as light, either at the same or slightly lower frequency (colour) as the light they absorbed. This light is much dimmer than daylight, so we can’t see it by eye.
Twilight glow is essentially the same as dayglow, but only the upper atmosphere is sunlit. The rest of the atmosphere and the observer on the ground are in darkness. So, unlike day glow, twilightglow is actually visible to us on the ground with the naked eye.
Chemiluminescence
The chemistry behind nightglow is different. There is no sunlight shining on the nighttime atmosphere. Instead, a process called “chemiluminescence” is responsible for the glowing atmosphere.
Sunlight deposits energy into the atmosphere during the day, some of which is transferred to oxygen molecules (e.g. O₂). This extra energy causes the oxygen molecules to rip apart into individual oxygen atoms. This happens particularly around 100km in altitude. However, atomic oxygen isn’t able to get rid of this excess energy easily and so acts as a “store” of energy for several hours.
Eventually the atomic oxygen does manage to “recombine”, once again forming molecular oxygen. The molecular oxygen then releases energy, again in the form of light. Several different colours are produced, including a “bright” green emission.
Airglow spotted in panoramic shot of the Very Large Telescope. Beletsky, CC BY-SA
In reality, the green nightglow isn’t particularly bright, it’s just the brightest of all nightglow emissions. Light pollution and cloudy skies will prevent sightings. If you’re lucky though, you might just be able to see it by eye or capture it on long-exposure photos.
Not to be confused with aurora
The green night glow emission is very similar to the famous green we see in the northern lights. This is unsurprising since it is produced by the same oxygen molecules as the green aurora. But the two phenomena are not related.
Aurora form when charged particles, such as electrons, bombard the Earth’s atmosphere. These charged particles, which started off at the sun and were accelerated in the Earth’s magnetosphere, collide with the atmospheric gases. They transfer energy, forcing the gases to emit light.
The aurora and airglow captured from the International Space Station.NASA
But it isn’t just the process behind them that is different. The aurora form in a ring around the magnetic poles (known as the auroral oval); whereas nightglow is emitted across the whole night sky. The aurora are very structured (due to the Earth’s magnetic field); whereas airglow is generally quite uniform. The extent of the aurora is affected by the strength of the solar wind; whereas airglow happens all the time.
Why then did we get a lot sightings from the UK recently, rather than all the time? The brightness of airglow correlates with the level of ultraviolet (UV) light being emitted from the sun – which varies over time. The time of year also seems to have an impact on the strength of airglow.
Airglow captured by Michael Darby from Cornwall, UK. The Milky Way shines through in the centre of the image. Author provided
To maximise your chances of spotting airglow, you’ll want to take a long-exposure photograph of a clear, dark, night sky. Airglow can be spotted in any direction that is free of light pollution, at about 10⁰-20⁰ above the horizon.
Emerald green, fainter than the zodiacal light and visible on dark nights everywhere on Earth, airglow pervades the night sky from equator to pole. Airglow turns up in our time exposure photographs of the night sky as ghostly ripples of aurora-like light about 10-15 degrees above the horizon. Its similarity to the aurora is no coincidence. Both form at around the same altitude of 60-65 miles (100 km) and involve excitation of atoms and molecules, in particular oxygen. But different mechanisms tease them to glow.
Earth at night from the International Space Station showing bright splashes of city lights and the airglow layer created by light-emitting oxygen atoms some 60 miles high in the atmosphere. This green cocoon of light is familiar to anyone who’s looked at photos of Earth’s night-side from orbit. Credit: NASA
Auroras get their spark from high-speed electrons and protons in the solar wind that bombard oxygen and nitrogen atoms and molecules. As excited electrons within those atoms return to their rest states, they emit photons of green and red light that create shimmering, colorful curtains of northern lights.
Green light from excited oxygen atoms dominates the light of airglow. The atoms are 56-62 miles high in the thermosphere. The weaker red light is from oxygen atoms further up. Sodium atoms, hydroxyl radicals (OH) and molecular oxygen add their own complement to the light. Credit: Les Cowley
Airglow’s subtle radiance arises from excitation of a different kind. Ultraviolet light from the daytime sun ionizes or knocks electrons off of oxygen and nitrogen atoms and molecules; at night the electrons recombine with their host atoms, releasing energy as light of different colors including green, red, yellow and blue. The brightest emission, the one responsible for creating the green streaks and bands visible from the ground and orbit, stems from excited oxygen atoms beaming light at 557.7 nanometers, smack in the middle of the yellow-green parcel of spectrum where our eyes are most sensitive.
Airglow across the eastern sky below the summertime Milky Way. Notice that unlike the vertical rays and gently curving arcs of the aurora, airglow is banded, streaky and in places almost fibrous. It’s brightest and best visible 10-15 degrees high along a line of sight through the thicker atmosphere. If you look lower, its feeble light is absorbed by denser air and dust. Looking higher, the light spreads out over a greater area and appears dimmer. Credit: Bob KingA large, faint patch of airglow below the Dippers photographed May 24. To the eye, airglow appears as colorless streaks and patches. Unlike the aurora, it’s typically too faint to excite our color vision. Time exposures show its colors well. This swatch is especially faint because it’s much higher above the horizon. Credit: Bob King
That’s not saying airglow is easy to see! For years I suspected streaks of what I thought were high clouds from my dark sky observing site even when maps and forecasts indicated pristine skies. Photography finally taught me to trust my eyes. I started noticing green streaks near the horizon in long-exposure astrophotos. At first I brushed it off as camera noise. Then I noticed how the ghostly stuff would slowly shape-shift over minutes and hours and from night to night. Gravity waves created by jet stream shear, wind flowing over mountain ranges and even thunderstorms in the lower atmosphere propagate up to the thermosphere to fashion airglow’s ever-changing contours.
An obvious airglow smear across Virgo last month. Mars is the bright object below and right of center. Light pollution from Duluth, Minn. creeps in at lower left. Credit: Bob King
Last month, on a particularly dark night, I made a dedicated sweep of the sky after my eyes had fully adapted to the darkness. A large swath of airglow spread south of the Big and Little Dipper. To the east, Pegasus and Andromeda harbored hazy spots of varying intensity, while brilliant Mars beamed through a long smear in Virgo.
To prove what I saw was real, I made the photos you see in this article and found they exactly matched my visual sightings. Except for color. Airglow is typically too faint to fire up the cone cells in our retinas responsible for color vision. The vague streaks and patches were best seen by moving your head around to pick out the contrast between them and the darker, airglow-free sky. No matter what part of the sky I looked, airglow poked its tenuous head. Indeed, if you were to travel anywhere on Earth, airglow would be your constant companion on dark nights, unlike the aurora which keeps to the polar regions. Warning – once you start seeing it, you
Excited oxygen at higher altitude creates a layer of faint red airglow. Sodium excitation forms the yellow layer at 57 miles up. Airglow is brightest during daylight hours but invisible against the sunlight sky. Credit: NASA with annotations by Alex Rivest
Airglow comes in different colors – let’s take a closer look at what causes them:
* Red – I’ve never seen it, but long-exposure photos often reveal red/pink mingled with the more common green. Excited oxygen atoms much higher up at 90-185 miles (150-300 km) radiating light at a different energy state are responsible. Excited -OH (hydroxyl) radicals give off deep red light in a process called chemoluminescencewhen they react with oxygen and nitrogen. Another chemoluminescent reaction takes place when oxygen and nitrogen molecules are busted apart by ultraviolet light high in the atmosphere and recombine to form nitric oxide (NO).
* Yellow – From sodium atoms around 57 miles (92 km) high. Sodium arrives from the breakup and vaporization of minerals in meteoroids as they burn up in the atmosphere as meteors.
* Blue – Weak emission from excited oxygen molecules approximately 59 miles (95 km) high.
Comet Lovejoy passing behind green oxygen and sodium airglow layers on December 22, 2011 seen from the space station. Credit: NASA/Dan Burbank
Airglow varies time of day and night and season, reaching peak brightness about 10 degrees, where our line of sight passes through more air compared to the zenith where the light reaches minimum brightness. Since airglow is brightest around the time of solar maximum (about now), now is an ideal time to watch for it. Even cosmic rays striking molecules in the upper atmosphere make a contribution.
https://www.youtube.com/embed/zymQQP4B21Q See lots of airglow and aurora from orbit in this video made using images taken from the space station.
If you removed the stars, the band of the Milky Way and the zodiacal light, airglow would still provide enough illumination to see your hand in front of your face at night. Through recombination and chemoluminescence, atoms and molecules creates an astounding array of colored light phenomena. We can’t escape the sun even on the darkest of nights.
In 2018, a new aurora-like discovery struck the world. From 2015 to 2016, citizen scientists reported 30 instances of a purple ribbon in the sky, with a green picket fence structure underneath. Now named STEVE, or Strong Thermal Emission Velocity Enhancement, this phenomenon is still new to scientists, who are working to understand all its details. What they do know is that STEVE is not a normal aurora—some think maybe it’s not an aurora at all—and a new finding about the formation of streaks within the structure brings scientists one step closer to solving the mystery.
“Often in physics, we build our understanding then test the extreme cases or test the cases in a different environment,” Elizabeth MacDonald, a space scientist at NASA’s Goddard Space Flight Center in Greenbelt, Maryland, explains. “STEVE is different than the usual aurora, but it is made of light and it is driven by the auroral system. In finding these tiny little streaks, we may be learning something fundamentally new in how green auroral light can be produced.”
These “tiny little streaks” are extraordinarily small point-like features within the green picket fence of STEVE. In a new paper for AGU Advances, researchers share their latest findings on these points. They suggest the streaks could be moving points of light—elongated in the images due to blur from the cameras. The tip of the streak in one image will line up with the end of the tail in the next image, contributing to this speculation from the scientists. However, there are still a lot of questions to be answered—determining whether the green light is a point or indeed a line, is one extra clue to help scientists figure out what causes green light.
“I’m not entirely sure about anything with respect to this phenomenon just yet,” Joshua Semeter, a professor at Boston University and first author on the paper, said. “You have other sequences where it looks like there is a tube-shaped structure that persists from image to image and doesn’t seem to conform to a moving point source, so we’re not really sure about that yet.”
STEVE as a whole is something that scientists are still working to label. Scientists tend to classify optical features in the sky into two categories: airglow and aurora. When airglow occurs at night, atoms in the atmosphere recombine and release some of their stored energy in the form of light, creating bright swaths of color. By studying the patterns in airglow, scientists can learn more about that area of the atmosphere, the ionosphere. To be classified as an aurora, on the other hand, that release of light must be caused by electron bombardment. These features are formed differently but also look different—airglow can occur across Earth, while auroras form in a broad ring around Earth’s magnetic poles.
“STEVE in general appears to not conform well to either one of those categories,” Semeter said. “The emissions are coming from mechanisms that we don’t fully understand just yet.”
STEVE’s purple emissions are likely a result of ions moving at a supersonic speed. The green emissions seem to be related to eddies, like the ones you might see forming in a river, moving more slowly than the other water around it. The green features are also moving more slowly than the structures in the purple emissions, and scientists speculate they could be caused by turbulence in the space particles—a brew of charged particles and magnetic field, called plasma—at these altitudes.
“We know this kind of turbulence occurs. There are people who base their entire careers on studying turbulence in the ionospheric plasma formed by very rapid flows.” Semeter said. “The evidence generally comes from radar measurements. We don’t ever have an optical signature.” Semeter suggests that when it comes to the appearance of STEVE, the flows in these instances are so extreme, that we can actually see them in the atmosphere. Two different angles of distinctive green streaks below a STEVE event on Aug. 31, 2016, near Carstairs, Alberta, Canada. Recent research about the formation of these streaks is allowing scientists to learn more about this aurora-like phenomenon. Credit: Copyright Neil Zeller, used with permission
“This paper is the tip of the iceberg in this new area of these tiny little pieces of the picket fence. Something we do in physics is try to chip away to increase our understanding,” MacDonald said. “This paper establishes the altitude range and some of the techniques we can use to identify these features, then they can be better resolved in other observations.”
To establish the altitude range and identify these features, the scientists extensively used photos and videos captured by citizen scientists.
“Citizen scientists are the ones who brought the STEVE phenomenon to the scientists’ attention. Their photos are typically longer time lapse than our traditional scientific observations,” MacDonald said. “Citizen scientists don’t get into the patterns that scientists get into. They do things differently. They are free to move the camera around and take whatever exposure they want.” However, to make this new discovery of the points within STEVE, photographers actually took shorter exposure photographs to capture this movement.
To get those photographs, citizen scientists spend hours in the freezing cold, late at night, waiting for an aurora—or hopefully STEVE—to appear. While data can indicate if an aurora will show up, indicators for STEVE haven’t been identified yet. However, the aurora chasers show up and take pictures anyway.
While setting fire to an iron ingot is probably more trouble than it’s worth, fine iron powder mixed with air is highly combustible. When you burn this mixture, you’re oxidizing the iron. Whereas a carbon fuel oxidizes into CO2, an iron fuel oxidizes into Fe2O3, which is just rust. The nice thing about rust is that it’s a solid which can be captured post-combustion. And that’s the only byproduct of the entire business—in goes the iron powder, and out comes energy in the form of heat and rust powder. Iron has an energy density of about 11.3 kWh/L, which is better than gasoline. Although its specific energy is a relatively poor 1.4 kWh/kg, meaning that for a given amount of energy, iron powder will take up a little bit less space than gasoline but it’ll be almost ten times heavier.
It might not be suitable for powering your car, in other words. It probably won’t heat your house either. But it could be ideal for industry, which is where it’s being tested right now.
So what happens to all that rust? This is where things get clever, because the iron isn’t just a fuel that’s consumed— it’s energy storage that can be recharged. And to recharge it, you take all that Fe2O3, strip out the oxygen, and turn it back into Fe, ready to be burned again. It’s not easy to do this, but much of the energy and work that it takes to pry those Os away from the Fes get returned to you when you burn the Fe the next time. The idea is that you can use the same iron over and over again, discharging it and recharging it just like you would a battery.
Photo: Bart van OverbeekeThe combustion of the iron powder is visible through the glass in the combustion tube.
To maintain the zero-carbon nature of the iron fuel, the recharging process has to be zero-carbon as well. There are a variety of different ways of using electricity to turn rust back into iron, and the TU/e researchers are exploring three different technologies based on hot hydrogen reduction (which turns iron oxide and hydrogen into iron and water), as they described to us in an email:
Mesh Belt Furnace: In the mesh belt furnace the iron oxide is transported by a conveyor belt through a furnace in which hydrogen is added at 800-1000°C. The iron oxide is reduced to iron, which sticks together because of the heat, resulting in a layer of iron. This can then be ground up to obtain iron powder. Fluidized Bed Reactor: This is a conventional reactor type, but its use in hydrogen reduction of iron oxide is new. In the fluidized bed reactor the reaction is carried out at lower temperatures around 600°C, avoiding sticking, but taking longer. Entrained Flow Reactor: The entrained flow reactor is an attempt to implement flash ironmaking technology. This method performs the reaction at high temperatures, 1100-1400°C, by blowing the iron oxide through a reaction chamber together with the hydrogen flow to avoid sticking. This might be a good solution, but it is a new technology and has yet to be proven.
Both production of the hydrogen and the heat necessary to run the furnace or the reactors require energy, of course, but it’s grid energy that can come from renewable sources.
If renewing the iron fuel requires hydrogen, an obvious question is why not just use hydrogen as a zero-carbon fuel in the first place? The problem with hydrogen is that as an energy storage medium, it’s super annoying to deal with, since storing useful amounts of it generally involves high pressure and extreme cold. In a localized industrial setting (like you’d have in your rust reduction plant) this isn’t as big of a deal, but once you start trying to distribute it, it becomes a real headache. Iron powder, on the other hand, is safe to handle, stores indefinitely, and can be easily moved with existing bulk carriers like rail.
Belgium has detected an outbreak of bird flu, leading authorities to order all poultry farmers and individual bird owners to keep the animals confined, the country’s food safety agency AFSCA said Saturday.
Avian influenza has recently spread to western Europe after outbreaks in Russia and Kazakhstan this summer.
“Three wild birds that stayed in a bird sanctuary in Ostend tested positive for the H5N8 virus,” AFSCA said in a statement on Saturday, adding that the outbreak was confirmed the day before by the Sciensano public health institute.
AFSCA said the new measures would be effective from Sunday and would apply to private poultry houses as well as individuals who keep birds in their homes, in a country where there is a strong tradition of pigeon racing.
“All gatherings of poultry and birds are strictly prohibited,” the statement said, adding that preventive measures were imposed on professional pigeon farms on November 1.
France this month ordered measures for poultry farms such as protective netting to prevent contact with wild birds that spread the disease, after the country’s ministry of agriculture warned that bird flu infections were on the rise in western Europe.
In addition to cases declared in the Netherlands, the ministry pointed to “13 cases in wild birds in Germany” and an outbreak on November 3 in the northwest of England.
On modern versions of macOS, you simply can’t power on your computer, launch a text editor or eBook reader, and write or read, without a log of your activity being transmitted and stored.
It turns out that in the current version of the macOS, the OS sends to Apple a hash (unique identifier) of each and every program you run, when you run it. Lots of people didn’t realize this, because it’s silent and invisible and it fails instantly and gracefully when you’re offline, but today the server got really slow and it didn’t hit the fail-fast code path, and everyone’s apps failed to open if they were connected to the internet.
Because it does this using the internet, the server sees your IP, of course, and knows what time the request came in. An IP address allows for coarse, city-level and ISP-level geolocation, and allows for a table that has the following headings:
Date, Time, Computer, ISP, City, State, Application Hash
Apple (or anyone else) can, of course, calculate these hashes for common programs: everything in the App Store, the Creative Cloud, Tor Browser, cracking or reverse engineering tools, whatever.
This means that Apple knows when you’re at home. When you’re at work. What apps you open there, and how often. They know when you open Premiere over at a friend’s house on their Wi-Fi, and they know when you open Tor Browser in a hotel on a trip to another city.
“Who cares?” I hear you asking.
Well, it’s not just Apple. This information doesn’t stay with them:
These OCSP requests are transmitted unencrypted. Everyone who can see the network can see these, including your ISP and anyone who has tapped their cables.
These requests go to a third-party CDN run by another company, Akamai.
This data amounts to a tremendous trove of data about your life and habits, and allows someone possessing all of it to identify your movement and activity patterns. For some people, this can even pose a physical danger to them.
Now, it’s been possible up until today to block this sort of stuff on your Mac using a program called Little Snitch (really, the only thing keeping me using macOS at this point). In the default configuration, it blanket allows all of this computer-to-Apple communication, but you can disable those default rules and go on to approve or deny each of these connections, and your computer will continue to work fine without snitching on you to Apple.
The version of macOS that was released today, 11.0, also known as Big Sur, has new APIs that prevent Little Snitch from working the same way. The new APIs don’t permit Little Snitch to inspect or block any OS level processes. Additionally, the new rules in macOS 11 even hobble VPNs so that Apple apps will simply bypass them.
Alphabet GOOGL.O CEO Sundar Pichai has apologised to Europe’s industry chief Thierry Breton over a leaked internal document proposing tactics to counter the EU’s tough new rules on internet companies and lobby against the EU commissioner.
[…]
The call came after a Google internal document outlined a 60-day strategy to attack the European Union’s push for the new rules by getting U.S. allies to push back against Breton.
[…]
The incident underlines the intense lobbying by tech companies against the proposed EU rules, which could impede their businesses and force changes in how they operate.
Breton also warned Pichai about the excesses of the internet.
“The Internet cannot remain a ‘Wild West’: we need clear and transparent rules, a predictable environment and balanced rights and obligations,” he told Pichai.
Breton will announce new draft rules known as the Digital Services Act and the Digital Markets Act together with European Competition Commissioner Margrethe Vestager on Dec. 2.
The rules will set out a list of do’s and don’ts for gatekeepers – online companies with market power – forcing them to share data with rivals and regulators and not to promote their services and products unfairly.
EU antitrust chief Margrethe Vestager has levied fines totalling 8.25 billion euros ($9.7 billion) against Google in the past three years for abusing its market power to favour its shopping comparison service, its Android mobile operating system and its advertising business.
Breton told Pichai that he would increase the EU’s power to curb unfair behaviour by gatekeeping platforms, so that the Internet does not just benefit a handful of companies but also Europe’s small- and medium-sized enterprises and entrepreneurs.
The Information Commissioner’s Office has fined Ticketmaster £1.25m after the site’s operators failed to spot a Magecart card skimmer infection until after 9 million customers’ details had been slurped by criminals.
The breach began in February 2018 and was not detected until April, when banks realised their customers’ cards were being abused by criminals immediately after they were used for legitimate purchases on Ticketmaster’s website.
Key to the criminals’ success was Ticketmaster’s decision to deploy a Javascript-powered chatbot on its website payment pages, giving criminals an easy way in by compromising the third party’s JS – something the ICO held against Ticketmaster in its decision to award the fine.
Ticketmaster ‘fessed up to world+dog in June that year, and the final damage has now been revealed by the Information Commissioner’s Office (ICO): 9.4m people’s data was “potentially affected” of which 1.5m were in the UK; 66,000 credit cards were compromised and had to be replaced; and Ticketmaster itself doesn’t know how many people were affected between 25 May and 23 June 2018.
Today’s fine only applies to that May-June period, which happens to be after the Data Protection Act 2018 – the UK implementation of the EU’s GDPR – came into force. This allowed the ICO to impose a higher penalty than it could have done under the pre-GDPR legal regime.
[…]
Ticketmaster remains in denial about its culpability for the breach, telling The Register in a statement: “Ticketmaster takes fans’ data privacy and trust very seriously. Since Inbenta Technologies was breached in 2018, we have offered our full cooperation to the ICO. We plan to appeal today’s announcement.”
Inbenta Technologies supplied a custom Javascript-powered chatbot to Ticketmaster which was compromised by the Magecart operators.
Crucially, for whatever reason, Ticketmaster deployed the chatbot on its payment pages, giving the criminals a way in.
As we reported in 2018, Inbenta told us of Ticketmaster’s deployment of the Javascript in question: “Had we known that script would have been used in that way, we would have advised against it, as it poses a security threat.”
[…]
“It took Ticketmaster approximately nine weeks from the date of Monzo’s notification of possible fraud involving the Ticketmaster website for Ticketmaster to run a payment through its payment page and monitor the network traffic thereon,” said an incredulous ICO, which noted that it took a random Twitter user explaining why JS on a payments page is a bad thing for the business to wake up and do something about it.
Barclaycard and American Express also noticed suspicious goings-on in April 2018, but Ticketmaster steadfastly denied anything was wrong until May, eventually realising the game was up in June.
This is a list of 130 Smart home gadgets, fitness trackers, toys and more, rated for their privacy & security. It’s a large list and shows you how basically anything by big tech is pretty creepy – anything by Amazon and Facebook is super creepy, Google pretty creepy, Apple only creepy. There are a few surprises, like Moleskine being super creepy. Fitness machinery is pretty bad as are some coffee makers… Nintendo Switches and PS5s (surprisingly) aren’t creepy at all…
Researchers at Google claim to have developed a machine learning model that can separate a sound source from noisy, single-channel audio based on only a short sample of the target source. In a paper, they say their SoundFilter system can be tuned to filter arbitrary sound sources, even those it hasn’t seen during training.
The researchers believe a noise-eliminating system like SoundFilter could be used to create a range of useful technologies. For instance, Google drew on audio from thousands of its own meetings and YouTube videos to train the noise-canceling algorithm in Google Meet. Meanwhile, a team of Carnegie Mellon researchers created a “sound-action-vision” corpus to anticipate where objects will move when subjected to physical force.
SoundFilter treats the task of sound separation as a one-shot learning problem. The model receives as input the audio mixture to be filtered and a single short example of the kind of sound to be filtered out. Once trained, SoundFilter is expected to extract this kind of sound from the mixture if present.
Microsoft researchers have found evidence that Russian and North Korean hackers have systematically attacked covid-19 labs and vaccine makers in an effort to steal data and initiate ransomware attacks.
“Among the targets, the majority are vaccine makers that have Covid-19 vaccines in various stages of clinical trials, clinical research organization involved in trials, and one has developed a Covid-19 test,” said Tom Burt, a VP in Customer Security at Microsoft. “Multiple organizations targeted have contracts with or investments from government agencies from various democratic countries for Covid-19 related work.”
“The targets include leading pharmaceutical companies and vaccine researchers in Canada, France, India, South Korea, and the United States. The attacks came from Strontium, an actor originating from Russia, and two actors originating from North Korea that we call Zinc and Cerium,” wrote Burt.
The attacks seem to be brute force login attempts and spear-phishing meant to lure victims to give up their security credentials. Microsoft, obviously, reports that its tools were able to catch and prevent most of the attacks. Sadly, the hackers are pretending to be World Health Organization reps in order to trick doctors into installing malware.
Zack Whittaker at TechCrunch noted that the Russian group, Strontium, is better known as APT28 or Fancy Bear, and the other groups are probably part of the North Korean Lazarus Group, the hackers responsible for WannaCry ransomware and the Sony hack in 2016.
iOS 14.3 will prompt some users to install selected third-party applications during setup, in what is likely an attempt to stifle any allegations of anticompetitive behaviour from regulators.
The feature, which is buried deep within the beta version of the upcoming iOS release and was first spotted by 9to5Mac, is believed to be activated depending on the location of the user, and states: “In compliance with regional legal requirements, continue to view available apps to download.”
Although iOS is not the most widely installed mobile operating system (that particular crown belongs to Android), it is unique insofar as the control exerted by Apple on the ecosystem, famously dubbed the Walled Garden. This limits where users can download third-party software – exclusively the App Store – and forces developers to use Apple’s payment processing methods, which take a 30 per cent cut of all transactions. Moreover, until recently, users were unable to select third-party products for their default browser and email apps.
This has prompted antitrust investigations in several jurisdictions, including the US, Japan, and the EU, often prompted by the complaints of competitors, such as Spotify and Rakuten. This is in addition to the legal action taken by Epic Games, which has claimed Apple deliberately tries to disadvantage third-party developers through its app store policies.
Google on Thursday was sued for allegedly stealing Android users’ cellular data allowances though unapproved, undisclosed transmissions to the web giant’s servers.
The lawsuit, Taylor et al v. Google [PDF], was filed in a US federal district court in San Jose on behalf of four plaintiffs based in Illinois, Iowa, and Wisconsin in the hope the case will be certified by a judge as a class action.
The complaint contends that Google is using Android users’ limited cellular data allowances without permission to transmit information about those individuals that’s unrelated to their use of Google services.
Data sent over Wi-Fi is not at issue, nor is data sent over a cellular connection in the absence of Wi-Fi when an Android user has chosen to use a network-connected application. What concerns the plaintiffs is data sent to Google’s servers that isn’t the result of deliberate interaction with a mobile device – we’re talking passive or background data transfers via cell network, here.
[…]
Android users have to accept four agreements to participate in the Google ecosystem: Terms of Service; the Privacy Policy; the Managed Google Play Agreement; and the Google Play Terms of Service. None of these, the court filing contends, disclose that Google spends users’ cellular data allowances for these background transfers.
To support the allegations, the plaintiff’s counsel tested a new Samsung Galaxy S7 phone running Android, with a signed-in Google Account and default setting, and found that when left idle, without a Wi-Fi connection, the phone “sent and received 8.88 MB/day of data, with 94 per cent of those communications occurring between Google and the device.”
The device, stationary, with all apps closed, transferred data to Google about 16 times an hour, or about 389 times in 24 hours. Assuming even half of that data is outgoing, Google would receive about 4.4MB per day or 130MB per month in this manner per device subject to the same test conditions.
Putting worries of what could be in that data to one side, based on an average price of $8 per GB of data in the US, that 130MB works out to about $1 lost to Google data gathering per month – if the device is disconnected from Wi-Fi the entire time and does all its passive transmission over a cellular connection.
An iPhone with Apple’s Safari browser open in the background transmits only about a tenth of that amount to Apple, according to the complaint.
Much of the transmitted data, it’s claimed, are log files that record network availability, open apps, and operating system metrics. Google could have delayed transmitting these files until a Wi-Fi connection was available, but chose instead to spend users’ cell data so it could gather data at all hours.
Vanderbilt University Professor Douglas C. Schmidt performed a similar study in 2018 – except that the Chrome browser was open – and found that Android devices made 900 passive transfers in 24 hours.
Under active use, Android devices transfer about 11.6MB of data to Google servers daily, or 350MB per month, it’s claimed, which is about half the amount transferred by an iPhone.
The complaint charges that Google conducts these undisclosed data transfers for further its advertising business, sending “tokens” that identify users for targeted advertising and preload ads that generate revenue even if they’re never displayed.
“Users often never view these pre-loaded ads, even though their cellular data was already consumed to download the ads from Google,” the legal filing claims. “And because these pre-loads can count as ad impressions, Google is paid for transmitting the ads.”
In a blog post, Alex Weinert, director of identity security at Microsoft, says people should definitely use MFA. He claims that accounts using any type of MFA get compromised at a rate that’s less than 0.1 per cent of the general population.
At the same time, he argues people should avoid relying on SMS messages or voice calls to handle one-time passcodes (OTPs) because phone-based protocols are fundamentally insecure.
“These mechanisms are based on public switched telephone networks (PSTN), and I believe they’re the least secure of the MFA methods available today,” said Weinert. “That gap will only widen as MFA adoption increases attackers’ interest in breaking these methods and purpose-built authenticators extend their security and usability advantages.”
Hacking techniques like SIM swapping – where a miscreant calls a mobile carrier posing as a customer to request the customer’s number be ported to a different SIM card in the attacker’s possession – and more sophisticated network attacks like SS7 interception have demonstrated the security shortcomings of public phone networks and the companies running them.
Computer scientists from Princeton University examined SIM swapping in a research study [PDF] earlier this year and their results support Weinert’s claims. They tested AT&T, T-Mobile, Tracfone, US Mobile, and Verizon Wireless and found “all 5 carriers used insecure authentication challenges that could easily be subverted by attackers.”
They also looked at 140 online services that used phone-based authentication to see whether they resisted SIM swapping attacks. And they found 17 had authentication policies that allowed an attacker to hijack an account with a SIM swap.
In September, security firm Check Point Research published a report describing various espionage campaigns, including the discovery of malware that sets up an Android backdoor to steal two-factor authentication codes from SMS messages.
Weinert argues that SMS and voice protocols were not designed with encryption, are easy to attack using social engineering, rely on unreliable mobile carriers, and are subject to shifting regulation.
In a year where it seems everything is both literally and figuratively on fire, it’s not surprising that we can now add Amazon’s Ring Video Doorbell to the list. Yes, it turns out that the device you purchased and installed for the purpose of making your home safer is itself a safety hazard. As a result, Amazon has issued a massive recall of its popular doorbell/spy camera. Here’s what to know.
What’s going on with Ring Doorbells?
Amazon is recalling approximately 350,000 Ring Video Doorbells (2nd Generation) sold through Amazon.com, Ring.com, and at third-party electronics and home goods stores in the United States and Canada between June and October 2020. The company made this decision after receiving reports of 85 incidents tied to incorrectly installed doorbells—23 of which involve doorbells igniting and causing minor property damage, in addition to eight reports of minor burns.
According to the Consumer Product Safety Commission (CPSC), the video doorbell’s battery can overheat if the wrong type of screws are used to install the device, posing fire and burn hazards. As a result, the CPSC advises that consumers immediately stop installing the recalled video doorbells.
The video locker was slow to load videos and balked when asked to upload new content on Wednesday, from just before midnight GMT. While all but night-owl European users mostly missed the mess, North American users woke up without their favourite early morning streams and some Asian users were also deprived of their favourite vids and top notch strategic content like Reg lectures.
In typical Google style, YouTube had very little to say about the incident, other than acknowledging it was aware of the situation and then sounding the all-clear without revealing any details about what had transpired.
…And we’re back – we’re so sorry for the interruption. This is fixed across all devices & YouTube services, thanks for being patient with us ❤️ https://t.co/1s0qbxQqc6
Multiple observers have pointed out that YouTube’s travails were matched at Google’s Movie-and-TV-show streaming operations, suggesting a problem on common infrastructure.
Plenty of people make a living on YouTube, so the outage is more than an inconvenience or opportunity to make cheap quips about cat videos.
Forget glue, screws, heat or other traditional bonding methods. A Cornell University-led collaboration has developed a 3-D printing technique that creates cellular metallic materials by smashing together powder particles at supersonic speed.
This form of technology, known as “cold spray,” results in mechanically robust, porous structures that are 40% stronger than similar materials made with conventional manufacturing processes. The structures’ small size and porosity make them particularly well-suited for building biomedical components, like replacement joints.
The team’s paper, “Solid-State Additive Manufacturing of Porous Ti-6Al-4V by Supersonic Impact,” published Nov. 9 in Applied Materials Today.
The paper’s lead author is Atieh Moridi, assistant professor in the Sibley School of Mechanical and Aerospace Engineering.
“We focused on making cellular structures, which have lots of applications in thermal management, energy absorption and biomedicine,” Moridi said. “Instead of using only heat as the input or the driving force for bonding, we are now using plastic deformation to bond these powder particles together.”
[…]
The particles were between 45 and 106 microns in diameter (a micron is one-millionth of a meter) and traveled at roughly 600 meters per second, faster than the speed of sound. To put that into perspective, another mainstream additive process, direct energy deposition, delivers powders through a nozzle at a velocity on the order of 10 meters per second, making Moridi’s method sixty times faster.
[…]
“If we make implants with these kind of porous structures, and we insert them in the body, the bone can grow inside these pores and make a biological fixation,” Moridi said. “This helps reduce the likelihood of the implant loosening. And this is a big deal. There are lots of revision surgeries that patients have to go through to remove the implant just because it’s loose and it causes a lot of pain.”
While the process is technically termed cold spray, it did involve some heat treatment. Once the particles collided and bonded together, the researchers heated the metal so the components would diffuse into each other and settle like a homogeneous material.
“We only focused on titanium alloys and biomedical applications, but the applicability of this process could be beyond that,” Moridi said. “Essentially, any metallic material that can endure plastic deformation could benefit from this process. And it opens up a lot of opportunities for larger-scale industrial applications, like construction, transportation and energy.”
Swiss politicians only found out last year that cipher machine company Crypto AG was (quite literally) owned by the US and Germany during the Cold War, a striking report from its parliament has revealed.
The company, which supplied high-grade encryption machines to governments and corporations around the world, was in fact owned by the US civilian foreign intelligence service the CIA and Germany’s BND spy agency during the Cold War, as we reported earlier this year.
Although Swiss spies themselves knew that Crypto AG’s products were being intentionally weakened so the West could read messages passing over them, they didn’t tell governmental overseers until last year – barely one year after the operation ended.
So stated the Swiss federal parliament in a report published yesterday afternoon, which has caused fresh raising of eyebrows over the scandal. While infosec greybeard Bruce Schneier told El Reg last year: “I thought we knew this for decades,” referring to age-old (but accurate, though officially denied) news reports of the compromise, this year’s revelations have been the first official admissions that not only was this going on, but that it was deliberately hidden from overseers.
[…]
The revelations that the Swiss state itself knew about Crypto AG’s operations may prove to be a diplomatic embarrassment; aside from secrecy and chocolate, Switzerland’s other big selling point on the international stage is that it is very publicly and deliberately neutral. Secretly cooperating with Western spies during the Cold War and beyond, and enabling spying on state-level customers, is likely to harm that reputation.
Professor Woodward concluded: “If nothing else this whole episode shows that it’s easier to interfere with equipment handling encryption than to try to tackle the encryption head on. But, it has a warning for those who would seek to give a golden key, weaken encryption or provide some other means for government agencies to read encrypted messages. Just like you can’t be a little bit pregnant, if the crypto is weakened then you have to assume your communications are no longer secure.”
The Campari Group recently experienced a ransomware attack that allegedly shut down the company’s servers. The malware, created by the RagnarLocker gang, essentially locked corporate servers and allowed the hackers to exfiltrate “2 terabytes” of data, according to the hackers.
On Nov. 6, the company wrote, “at this stage, we cannot completely exclude that some personal and business data has been taken.”
Clearly, it has.
While the booze company admitted to the attack, it’s clear that they haven’t get paid the ransom, as the hackers reportedly took out Facebook ads that targeted Campari Group employees on Facebook.
To post the ads, the hackers broke into a business-focused account owned by another victim, Chris Hodson, and used his credit card to pay for $500 worth of ads. Hodson, a Chicago-based DJ, told security researcher Brian Krebs he had set up two-factor authentication but that the hackers were still able to crack his Hodson Event Entertainment account.
“Hodson said a review of his account shows the unauthorized campaign reached approximately 7,150 Facebook users, and generated 770 clicks, with a cost-per-result of 21 cents,” wrote Krebs. “Of course, it didn’t cost the ransomware group anything. Hodson said Facebook billed him $35 for the first part of the campaign, but apparently detected the ads as fraudulent sometime this morning before his account could be billed another $159 for the campaign.”
[…]
Facebook isn’t the only method the Ragnar group is using to reach out to victims. Security experts believe the hacking group is also now hiring outgoing call center operators in India to help victims remember who, ultimately, is in charge of their data.
VICE has highlighted six reasons why Google Maps is the creepiest app on your phone. An anonymous reader shares an excerpt from the report: 1. Google Maps Wants Your Search History: Google’s “Web & App Activity” settings describe how the company collects data, such as user location, to create a faster and “more personalized” experience. In plain English, this means that every single place you’ve looked up in the app — whether it’s a strip club, a kebab shop or your moped-riding drug dealer’s location — is saved and integrated into Google’s search engine algorithm for a period of 18 months. Google knows you probably find this creepy. That’s why the company uses so-called “dark patterns” — user interfaces crafted to coax us into choosing options we might not otherwise, for example by highlighting an option with certain fonts or brighter colors.
2. Google Maps Limits Its Features If You Don’t Share Your Search History: If you open your Google Maps app, you’ll see a circle in the top right corner that signifies you’re logged in with your Google account. That’s not necessary, and you can simply log out. Of course, the log out button is slightly hidden, but can be found like this: click on the circle > Settings > scroll down > Log out of Google Maps. Unfortunately, Google Maps won’t let you save frequently visited places if you’re not logged into your Google account. If you choose not to log in, when you click on the search bar you get a “Tired of typing?” button, suggesting you sign in, and coaxing you towards more data collection.
3. Google Maps Can Snitch On You: Another problematic feature is the “Google Maps Timeline,” which “shows an estimate of places you may have been and routes you may have taken based on your Location History.” With this feature, you can look at your personal travel routes on Google Maps, including the means of transport you probably used, such as a car or a bike. The obvious downside is that your every move is known to Google, and to anyone with access to your account. And that’s not just hackers — Google may also share data with government agencies such as the police. […] If your “Location History” is on, your phone “saves where you go with your devices, even when you aren’t using a specific Google service,” as is explained in more detail on this page. This feature is useful if you lose your phone, but also turns it into a bonafide tracking device.
4. Google Maps Wants to Know Your Habits: Google Maps often asks users to share a quick public rating. “How was Berlin Burger? Help others know what to expect,” suggests the app after you’ve picked up your dinner. This feels like a casual, lighthearted question and relies on the positive feeling we get when we help others. But all this info is collected in your Google profile, making it easier for someone to figure out if you’re visiting a place briefly and occasionally (like on holiday) or if you live nearby.
5. Google Maps Doesn’t Like It When You’re Offline: Remember GPS navigation? It might have been clunky and slow, but it’s a good reminder that you don’t need to be connected to the internet to be directed. In fact, other apps offer offline navigation. On Google, you can download maps, but offline navigation is only available for cars. It seems fairly unlikely the tech giant can’t figure out how to direct pedestrians and cyclists without internet.
6. Google Makes It Seem Like This Is All for Your Own Good: “Providing useful, meaningful experiences is at the core of what Google does,” the company says on its website, adding that knowing your location is important for this reason. They say they use this data for all kinds of useful things, like “security” and “language settings” — and, of course, selling ads. Google also sells advertisers the possibility to evaluate how well their campaigns reached their target (that’s you!) and how often people visited their physical shops “in an anonymized and aggregated manner”. But only if you opt in (or you forget to opt out).
As companies and governments increasingly hoover up our personal data, a common refrain to keep people from worrying is the claim that nothing can go wrong because the data itself is “anonymized” — or stripped of personal identifiers like social security numbers. But time and time again, studies have shown how this really is cold comfort, given it takes only a little effort to pretty quickly identify a person based on access to other data sets. Yet most companies, many privacy policy folk, and even government officials still like to act as if “anonymizing” your data means something.
The latest case in point: new research out of Stanford (first spotted by the German website Mixed), found that it took researchers just five minutes of examining the movement data of VR users to identify them in the real world. The paper says participants using an HTC Vive headset and controllers watched five 20-second clips from a randomized set of 360-degree videos, then answered a set of questions in VR that were tracked in a separate research paper.
The movement data (including height, posture, head movement speed and what participants looked at and for how long) was then plugged into three machine learning algorithms, which, from a pool of 511 participants, was able to correctly identify 95% of users accurately “when trained on less than 5 min of tracking data per person.” The researchers went on to note that while VR headset makers (like every other company) assures users that “de-identified” or “anonymized” data would protect their identities, that’s really not the case:
“In both the privacy policy of Oculus and HTC, makers of two of the most popular VR headsets in 2020, the companies are permitted to share any de-identified data,” the paper notes. “If the tracking data is shared according to rules for de-identified data, then regardless of what is promised in principle, in practice taking one’s name off a dataset accomplishes very little.”
If you don’t like this study, there’s just an absolute ocean of research over the last decade making the same point: “anonymized” or “de-identified” doesn’t actually mean “anonymous.” Researchers from the University of Washington and the University of California, San Diego, for example, found that they could identify drivers based on just 15 minutes’ worth of data collected from brake pedal usage alone. Researchers from Stanford and Princeton universities found that they could correctly identify an “anonymized” user 70% of the time just by comparing their browsing data to their social media activity.
In September, we noted that officials in the EU were continuing an effort to try to ban end-to-end encryption. Of course, that’s not how they put it. They say they just want “lawful access” to encrypted content, not recognizing that any such backdoor effectively obliterates the protections of end-to-end encryption. A new “Draft Council Resolution on Encryption” has come out as the EU Council of Ministers continues to drift dangerously towards this ridiculous position.
We’ve seen documents like this before. It starts out with a preamble insisting that they’re not really trying to undermine encryption, even though they absolutely are.
The European Union fully supports the development, implementation and use of strong encryption. Encryption is a necessary means of protecting fundamental rights and the digital security of governments, industry and society. At the same time, the European Union needs to ensure the ability of competent authorities in the area of security and criminal justice, e.g. law enforcement and judicial authorities, to exercise their lawful powers, both online and offline.
Uh huh. That’s basically we fully support you having privacy in your own home, except when we need to spy on you at a moment’s notice. It’s not so comforting when put that way, but it’s what they’re saying.
[…]
This is the same old garbage we’ve seen before. Technologically illiterate bureaucrats who have no clue at all, insisting that if they just “work together” with the tech industry, some magic golden key will be found. This is not how any of this works. Introducing a backdoor into encryption is introducing a massive, dangerous vulnerability
[…]
Attacking end-to-end encryption in order to deal with the miniscule number of situations where law enforcement is stymied by encryption would, in actuality, put everyone at massive risk of having their data accessed by malicious parties.
Introducing a backdoor is introducing a vulnerability – one that anyone can exploit. The good guys, the bad guys and the idiots. There is a long and varied history of exploited backdoors in all kinds of very important stuff (eg the clipper chip, the encryption hardware sold to governments, mobile phone networks, even kids smartwatches, switches, and they’ve all been misused by malicious actors.
The European Union is serving formal antitrust charges to Amazon, saying that the retailer has misused its position to compete against third-party businesses using its platform. Officials, led by competition chief Margrethe Vestager, believe there is enough evidence to charge the company for this misuse. This data, so the claim goes, was used by Amazon to build copycat products to undercut these independent businesses, especially in large markets like France and Germany.
At the same time, regulators have opened a second investigation into favorable treatment around the “Buy Box” and the “Prime Label.” Officials suspect that independent sellers that use Amazon’s own logistics network are able to use features that those with their own logistics networks do not. Vestager said that they want those independents to be able to “compete on the merits” rather than on any sort of lock-in.
Amazon, very broadly, is a retailer itself, but it’s also a retail platform that lets third parties sell their wares side by side with Amazon’s own. These independent, unaffiliated companies can even piggyback on Amazon’s vast logistics and warehousing network. But there’s a catch: If a small seller makes a surprisingly popular product, Amazon can see that sales data on its own system. There could be the temptation for Amazon to make a similar product and direct sales toward itself.
We reached the preliminary conclusion that @amazon illegally has abused its dominant position as a marketplace service provider in DE & FR. @amazon may have used sensitive data big scale to compete against smaller retailers. Now for @amazon to respond. @EU_Competition
This isn’t a hypothetical, and The Wall Street Journal published a report in April claiming the company was doing this very thing. Former employees have claimed that Amazon can not only identify hot trends but also use that data to price their own products competitively. In one example, the makers of a popular car trunk organizer found that, a while after, Amazon launched a very similar product as part of its private label offering.
Now, Amazon has said that using third-party seller data in this manner is against its own policies and affirmed that position in Congress. Amazon has also said that the practice of producing “private label” goods is used by every major retailer, and isn’t a threat to the independent brands they sell. But regulators in both the US and Europe aren’t satisfied with that answer and are pushing for more information. In July 2019, the EU opened a formal investigation to see if what Amazon was doing violated local competition rules, with today’s charges the result of that procedure.
President Donald Trump’s controversial use of social media is widely known and theories abound about its ulterior motives. New research published today in Nature Communications claims to provide the first evidence-based analysis demonstrating the US President’s Twitter account has been routinely deployed to divert attention away from a topic potentially harmful to his reputation, in turn suppressing negative related media coverage.
The international study, led by the University of Bristol in the UK, tested two hypotheses: whether an increase in harmful media coverage was followed by increased diversionary Twitter activity, and if such diversion successfully reduced subsequent media coverage of the harmful topic.
[…]
The study focused on Trump’s first two years in office, scrutinising the Robert Mueller investigation into potential collusion with Russia in the 2016 Presidential Election, as this was politically harmful to the President. The team analysed content relating to Russia and the Mueller investigation in two of the country’s most politically neutral media outlets, New York Times (NYT) and ABC World News Tonight (ABC). The team also selected a set of keywords judged to play to Trump’s preferred topics at the time, which were hypothesized to be likely to appear in diversionary tweets. The keywords related to “jobs”, “China”, and “immigration”; topics representing the president’s supposed political strengths.
The researchers hypothesized that the more ABC and NYT reported on the Mueller investigation, the more Trump’s tweets would mention jobs, China, and immigration, which in turn would result in less coverage of the Mueller investigation by ABC and NYT.
In support of their hypotheses, the team found that every five additional ABC headlines relating to the Mueller investigation was associated with one more mention of a keyword in Trump’s tweets. In turn, two additional mentions of one of the keywords in a Trump tweet was associated with roughly one less mention of the Mueller investigation in the following day’s NYT.
Such a pattern did not emerge with placebo topics that presented no threat to the President, for instance Brexit or other non-political issues such as football or gardening.
[…]
Professor Lewandowsky said: “It’s unclear whether President Trump, or whoever is at the helm of his Twitter account, engages in such tactics intentionally or if it’s mere intuition. Either way, we hope these results serve as a helpful reminder to the media that they have the power to set the news agenda, focusing on the topics they deem most important, while perhaps not paying so much attention to the Twitter-sphere.”
Flyvevåbnets Fototjeneste
