The Linkielist

Linking ideas with the world

The Linkielist

Daily Archives: June 14, 2021

House introduces five antitrust bills targeting Apple, Google, Facebook and Amazon

Posted on by

Lawmakers in the House have introduced five new bills that would place significant limits on major tech companies, including Apple, Google, Facebook and Amazon.The proposed legislation is part of a broader effort to step up antitrust enforcement against tech giants.The bills would place new limits on the companies’ ability to acquire new business and change how they treat their own services compared with competitors.

“From Amazon and Facebook to Google and Apple, it is clear that these unregulated tech giants have become too big to care and too powerful to ever put people over profit,” Rep. Pramila Jayapal said in a statement. “By reasserting the power of Congress, our landmark bipartisan bills rein in anti-competitive behavior, prevent monopolistic practices, and restore fairness and competition while finally leveling the playing field and allowing innovation to thrive.”

The bills include:

Notably, the bills have bipartisan support, as limiting the power of big tech platforms has been a rare source of bipartisan agreement in Congress. Though the bills don’t name individual companies, the legislation could have a significant impact on Facebook, Google, Amazon and Apple, which have faced increasing scrutiny from Congress over their business practices and market dominance.

Source: House introduces five antitrust bills targeting Apple, Google, Facebook and Amazon | Engadget

New Quantum Microscope Can See Tiny Structures in Living Cells

Posted on by

A team of researchers in Germany and Australia recently used a new microscopy technique to image nano-scale biological structures at a previously unmanageable resolution, without destroying the living cell. The technique, which employs laser light many millions of times brighter than the Sun, has implications for biomedical and navigation technologies.

The quantum optical microscope is an example of how the strange principle of quantum entanglement can feature in real-world applications. Two particles are entangled when their properties are interdependent—by measuring one of them, you can also know the properties of the other.

The sensor in the team’s microscope, described in a paper published today in Science, hinges on quantum light—entangled pairs of photons—to see better-resolved structures without damaging them.

“The key question we answer is whether quantum light can allow performance in microscopes that goes beyond the limits of what is possible using conventional techniques,” said Warwick Bowen, a quantum physicist at the University of Queensland in Australia and co-author of the new study, in an email. Bowen’s team found that, in fact, it can. “We demonstrate [that] for the first time, showing that quantum correlations can allow performance (improved contrast/clarity) beyond the limit due to photodamage in regular microscopes.” By photodamage, Bowen is referring to the way a laser bombardment of photons can degrade or destroy a microscope’s target, similar to the way ants will get crispy under a magnifying glass.

[…]

“Technical hurdles … will need to be overcome before the technology becomes commercial, but this experiment is a proof-of-principle that quantum techniques developed decades ago can and will be deployed to great advantage in the life sciences.”

While other microscopes operating with such intense light end up sizzling holes in what they’re trying to study, the team’s method didn’t. The researchers chemically fingerprinted a yeast cell using Raman scattering, which observes how some photons scatter off a given molecule to understand that molecule’s vibrational signature. Raman microscopes are often used for this sort of fingerprinting, but the whole destroying-the-thing-we’re-trying-to-observe has long vexed researchers trying to see in higher resolutions. In this case, the team could see the cell’s lipid concentrations by using correlated photon pairs to get a great view of the cell without increasing the intensity of the microscope’s laser beam.

[…]

Source: New Quantum Microscope Can See Tiny Structures in Living Cells

Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro

Posted on by

The Nefilim ransomware gang might not be the best known or most prolific online extortion crew but their penchant for attacking small numbers of $1bn+ turnover firms is paying off, according to some latest research.

The crew has made comparatively fewer headlines next to better-known criminals such as Darkside, perpetrators of the infamous US Colonial Pipeline attack, but analysis from security shop Trend Micro has shown the crooks appear to be going for big companies in the hope of extracting correspondingly big payouts.

“Of the 16 ransomware groups studied from March 2020 to January 2021, Conti, Doppelpaymer, Egregor and REvil led the way in terms of number of victims exposed – and Cl0p had the most stolen data hosted online at 5TB. However, with its ruthless focus on organizations posting more than $1bn in revenue, Nefilim extorted the highest median revenue,” said Trend Micro in a report released on Tuesday.

The information will be of little comfort to any of the western world’s growing number of ransomware victims, including the Irish Health Service Executive and the US Colonial Pipeline Company.

While those attacks were very high profile because of their wider impact on critical national infrastructure, other ransomware operators are still engaging in the good old-fashioned pursuit of money, and lots of it.

Nefilim is, according to Trend, a ransomware gang that was first observed in late 2019, with actual attacks being seen in March 2020 – just as the COVID-19 pandemic drove the entire world online and to remote working.

Trend Micro analysis of the Nefilim ransomware gang's targets by revenue, based on identifiable leaked files

Trend Micro analysis of the Nefilim ransomware gang’s targets by revenue, based on identifiable leaked files. Click to enlarge

Despite targeting big businesses, Nefilim’s access methods were just the same as the ones constantly warned about by the infosec industry, said Trend Micro, explaining: “In the case of Nefilim ransomware attacks, our investigations uncovered the use of exposed RDP services and publicly available exploits to gain initial access — namely, a vulnerability in the Citrix Application Delivery Controller [CVE-2019-19781].”

Trend also referred to previous research from Digital Shadows on so-called initial access brokers, essential actors in the ransomware business chain who make the first break into a target’s networks before selling that illicit access to other criminal organisations.

“The price for access varies greatly — it can range from tens of dollars for a random victim asset, to several hundreds or even thousands of dollars for a categorized asset; access to the infrastructure of a large organization can cost five to six figures,” the report states.

Trend Micro research veep Bharat Mistry told The Register that ransomware gangs’ business models are just as developed as anything in the western IT market with different elements of attacks being carried out by different groups of criminals.

“There is a full partner model that goes with it. So you know, the ransomware as a service operators, they get around 20 to 30 per cent of the profit that comes out of it, and the rest of it goes to the partner. So you can see it’s margin-rich for the affiliates.”

Criminal gangs were also said to make “widespread use of legitimate tools such as AdFind, Cobalt Strike, Mimikatz, Process Hacker, PsExec, and MegaSync, to help ransomware attackers achieve their end goal while staying hidden.” Similarly, some in the infosec world call legitimate tools turned around and used against their owners LoLBins – living off the land binaries. In other words, tools such as PowerShell, which are in common use on corporate networks but can be harnessed as part of an attack on that same network.

While nothing about Nefilim’s operations are shockingly unique, that in itself ought to be a lesson for corporate infosec bods: it’s not the big scary vulns that let miscreants rampage through your employer’s network, it’s the ones everyone’s been warning about which you haven’t got round to patching for whatever reason.

Source: Risk and reward: Nefilim ransomware gang mainly targets fewer, richer companies and that strategy is paying off, warns Trend Micro • The Register

DOJ Vows to Hunt Down Whoever Let the Public Know How Little Billionaires Pay in Taxes

Posted on by

This week, ProPublica released a massive scoop—a treasure trove of financial records showing how some of the U.S.’s wealthiest billionaires scamper off with virtually no tax burden. And the U.S. government knows exactly what to do in response: find whoever released those embarrassing records and incarcerate the shit out of them.

Priorities, people!

ProPublica obtained official Internal Revenue Service documents that were, admittedly, not supposed to be public knowledge and released key details about just how well various tax tricks used by the ultra-wealthy are working out for them. For example, compared to Forbes estimates, the country’s 25 richest people saw a net growth of $401 billion in wealth from 2014 to 2018 but paid just $13.6 billion in federal income tax—an effective rate of 3.4%. Berkshire Hathaway investment titan Warren Buffet saw his net worth rise by $24.3 billion over that period, paying just $23.7 million in tax. Amazon CEO Jeff Bezos saw his net worth rise by $99 billion, paying just $973 million in tax. Former New York City Mayor Michael Bloomberg’s ratio was $22.5 billion in net worth gains to $292 million in tax, while Tesla/SpaceX CEO Elon Musk was $13.9 billion to $455 million.

Morally obscene display of inequality and impunity as this is, the U.S. government has far more pressing concerns, such as punishing whoever squealed. Attorney General Merrick Garland assured lawmakers on Wednesday that one of his most immediate focuses will be plugging the leak, wherever or whoever it might be.

[…]

Source: Elon Musk, Jeff Bezos Tax Leak: DOJ Vows to Hunt Down Leaker

Crypto Miners Overrun Docker Hub’s Autobuild, so they have to close free version

Posted on by

This week, Docker announced some changes to Docker Hub Autobuilds — the primary one of interest being that autobuilds would no longer be available to free tier users — and much of the internet let out a collective groan to the tune of “this is why we can’t have nice things!”

 

So, if you happen to be looking for yet another reason to immediately cringe and discard anyone who comes up to you crowing about the benefits of cryptocurrencies, Docker getting rid of its autobuild feature on Docker Hub can be added to your arsenal.

“As many of you are aware, it has been a difficult period for companies offering free cloud compute,” wrote Shaun Mulligan, principal product manager at Docker in the company’s blog post, citing an article that explores how crypto-mining gangs are running amok on free cloud computing platforms. Mulligan goes on to explain that Docker has “seen a massive growth in the number of bad actors,” noting that it not only costs them money, but also degrades performance for their paying customers.

And so, after seven years of free access to their autobuild feature, wherein even all of you non-paying Docker users could set up continuous integration for your containerized projects, gratis, the end is nigh. Like, really, really nigh, as in next week — June 18.

While Docker offered that they already tried to correct the issue by removing around 10,000 accounts, they say that the miners returned the next week in droves, and so they “made the hard choice to remove Autobuilds.”

[…]

Source: This Week in Programming: Crypto Miners Overrun Docker Hub’s Autobuild – The New Stack

Apple and Microsoft Say They Had No Idea Trump-Era DOJ Requested Data on Political Rivals

Posted on by

Apple didn’t know the Department of Justice was requesting metadata of Democratic lawmakers when it complied with a subpoena during a Trump-era leak investigation, CNBC reports. And it wasn’t the only tech giant tapped in these probes: Microsoft confirmed Friday it received a similar subpoena for a congressional staffer’s personal email account. Both companies were under DOJ gag orders preventing them from notifying the affected users for years.

These instances are part of a growing list of questionable shit the DOJ carried out under former President Donald Trump amid his crusade to crack down on government leakers. The agency also quietly went after phone and email records of journalists at the Washington Post, CNN, and the New York Times to uncover their sources, none of whom were notified until last month.

On Thursday, a New York Times report revealed that a Trump-led DOJ seized records from two Democrats on the House Intelligence Committee who were frequently targeted in the president’s tantrums: California Representatives Eric Swalwell and Adam Schiff (Schiff now chairs the committee). The subpoena extended to at least a dozen people connected to them, including aides, family members, and one minor, in an attempt to identify sources related to news reports on Trump’s contacts with Russia. All told, prosecutors found zero evidence in this seized data, but their efforts have prompted the Justice Department’s inspector general to launch an inquiry into the agency’s handling of leak investigations during the Trump administration.

[…]

Source: Apple and Microsoft Say They Had No Idea Trump-Era DOJ Requested Data on Political Rivals

Facebook AI Can Now Copy Text Style in Images Using Just a Single Word

Posted on by
  • We’re introducing TextStyleBrush, an AI research project that can copy the style of text in a photo using just a single word. With this AI model, you can edit and replace text in images.
  • Unlike most AI systems that can do this for well-defined, specialized tasks, TextStyleBrush is the first self-supervised AI model that replaces text in images of both handwriting and scenes — in one shot — using a single example word.
  • Although this is a research project, it could one day unlock new potential for creative self-expression like personalized messaging and captions, and lays the groundwork for future innovations like photo-realistic translation of languages in augmented reality (AR).
  • By publishing the capabilities, methods, and results of this research, we hope to spur dialogue and research into detecting potential misuse of this type of technology, such as deepfake text attacks — a critical, emerging challenge in the AI field.

[…]

Source: AI Can Now Copy Text Style in Images Using Just a Single Word – About Facebook