Daily Archives: July 27, 2021

FAA changes definition of “Astronaut” on day Bezos flies to space

Posted on by

New Federal Aviation Administration (FAA) rules say astronaut hopefuls must be part of the flight crew and make contributions to space flight safety.

That means Jeff Bezos and Sir Richard Branson may not yet be astronauts in the eyes of the US government.

These are the first changes since the FAA wings programme began in 2004.

The Commercial Astronaut Wings programme updates were announced on Tuesday – the same day that Amazon’s Mr Bezos flew aboard a Blue Origin rocket to the edge of space.

To qualify as commercial astronauts, space-goers must travel 50 miles (80km) above the Earth’s surface, which both Mr Bezos and Mr Branson accomplished.

But altitude aside, the agency says would-be astronauts must have also “demonstrated activities during flight that were essential to public safety, or contributed to human space flight safety”.

What exactly counts as such is determined by FAA officials.

In a statement, the FAA said that these changes brought the wings scheme more in line with its role to protect public safety during commercial space flights.

On 11 July, Sir Richard flew on-board Virgin Galactic’s SpaceShipTwo to the edge of space as a test before allowing customers aboard next year.

Mr Bezos and the three other crew members who flew on Blue Origin’s spacecraft may have less claim to the coveted title. Ahead of the launch, Blue Origin CEO Bob Smith said that “there’s really nothing for a crew member to do” on the autonomous vehicle.

[…]

Source: Jeff Bezos and Sir Richard Branson may not be astronauts, US says – BBC News

This looks childish to me – they went to space, they are definitely pioneers. And it’s not like there are going to be very many of them.

You can find the order here (pdf) and see that they added 5 c

Note FAA Part 460 human spaceflight requirements is also interesting in this discussion regarding human space flight participants

Want unemployment benefits in the US? You may have to submit to facial recognition with a little known company ID.me

Posted on by

[…]

Watkins, a self-described privacy advocate whose mother and grandmother shredded personal information when he was growing up, said he is unwilling to complete the identity verification process his state now requires, which includes having his face analyzed by a little-known company called ID.me.
He sent a sharply worded letter to his state’s unemployment agency criticizing ID.me’s service, saying he would not take part in it given his privacy concerns. In response, he received an automated note from the agency: “If you do not verify your identity soon, your claim will be disqualified and no further benefit payments will be issued.” (A spokesperson for the Colorado Department of Labor and Employment said the agency only allows manual identity verification “as a last resort” for unemployment claimants who are under 18 — because ID.me doesn’t work with minors — and those who have “technological barriers.”)
[…]
Watkins is one of millions across the United States who are being instructed to use ID.me, along with its facial recognition software, to get their unemployment benefits. A rapidly growing number of US states, including Colorado, California and New York, turned to ID.me in hopes of cutting down on a surge of fraudulent claims for state and federal benefits that cropped up during the pandemic alongside a tidal wave of authentic unemployment claims.
As of this month, 27 states’ unemployment agencies had entered contracts with ID.me, according to the company, with 25 of them already using its technology. ID.me said it is in talks with seven more. ID.me also verifies user identities for numerous federal agencies, such as the Department of Veterans Affairs, Social Security Administration and IRS.
[…]
The face-matching technology ID.me employs comes from a San Francisco-based startup called Paravision
[…]
Facial recognition technology, in general, is contentious. Civil rights groups frequently oppose it for privacy issues and other potential dangers. For instance, it has been shown to be less accurate when identifying people of color, and several Black men, at least, have been wrongfully arrested due to the use of facial recognition. It’s barely regulated — there are no federal laws governing its use, though some states and local governments have passed their own rules to limit or prohibit its use. Despite these concerns, the technology has been used across the US federal government, as a June report from the Government Accountability Office showed.
Several ID.me users told CNN Business about problems they had verifying their identities with the company, which ranged from the facial recognition technology failing to recognize their face to waiting for hours to reach a human for a video chat after encountering problems with the technology. A number of people who claim to have had issues with ID.me have taken to social media to beg the company for help with verification, express their own concerns about its face-data collection or simply rant, often in response to ID.me’s own posts on Twitter. And some like Watkins are simply frustrated not to have a say in the matter.
[…]
ID.me said it does not sell user data — which includes biometric and related information such as selfies people upload, data related to facial analyses, and recordings of video chats users participate in with ID.me — but it does keep it. Biometric data, like the facial geometry produced from a user’s selfie, may be kept for years after a user closes their account.
Hall said ID.me keeps this information only for auditing purposes, particularly for government agencies in cases of fraud or identity theft. Users, according to its privacy policy, can ask ID.me to delete personally identifiable information it has gathered from them, but the company “may keep track of certain information if required by law” and may not be able to “completely delete” all user information since it “periodically” backs up such data. (As Ryan Calo, codirector of the University of Washington’s Tech Policy Lab, put it, this data retention policy is “pretty standard,” but, he added, that “doesn’t make it great!”)
[…]
Beyond state unemployment agencies, ID.me is also becoming more widespread among federal agencies such as the IRS, which in June began using ID.me to verify identities of people who want to use its Child Tax Credit Update Portal.
“We’re verifying more than 1% of the American adult population each quarter, and that’s starting to compress more to like 45 or 50 days,” Hall said. The company has more than 50 million users, he said, and signs up more than 230,000 new ones each day.
[…]
Vasquez said that, when a state chooses to use a tool it knows has a tendency to not work as well on some people, she thinks that “starts to invade something more than privacy and get at questions of what society values and how it values different members’ work and what our society believes about dignity.”
Hall claims ID.me’s facial recognition software is over 99% accurate and said an internal test conducted on hundreds of faces of people who had failed to pass the facial recognition check for logging in to the social security website did not show statistically significant evidence of racial bias.

In cases where users are able to opt out of the ID.me process, it can still be arduous and time-consuming: California’s Employment Development Department website, for instance, instructs people who can’t verify their identity via ID.me when applying online to file their claim over the phone or by mail or fax.
Most people aren’t doing this, however; it’s time consuming to deal with snail mail or wade through EDD’s phone system, and many people don’t have access to a fax machine. An EDD spokesperson said that such manual identity verification, which used to be a “significant” part of EDD’s backlog, now accounts for “virtually none” of it.

Long wait times for some

Eighty-five percent of people are able to verify their identity with ID.me immediately for state workforce agencies without needing to go through a video chat, Hall said.
What happens to the remaining 15% worries Akselrod, of the ACLU, since users must have access to a device with a camera — like a smartphone or computer — as well as decent internet access. According to recent Pew research, 15% of American adults surveyed don’t have a smartphone and 23% don’t have home broadband.
“These technologies may be inaccessible for precisely the people for whom access to unemployment insurance is the most critical,” Akselrod said.
[…]

Source: Want your unemployment benefits? You may have to submit to facial recognition first – CNN

What this excellent article doesn’t go into is what a terrible idea having huge centralised databases is, especially one filled with biometric information (which you can’t change) of an entire population

Litre of printer ink? That’ll be £2,410 please. One of the most expensive consumer liquids on the planet – 3rd party ink much cheaper, blocked by manufacturers…

Posted on by

A Which? investigation has found that printer ink is one of the most expensive liquids consumers can purchase when bought from the big inkjet printer manufacturers – and people could save a small fortune by opting for third-party alternatives. 

Which? research has uncovered that inkjet printer ink bought from the manufacturer could be up to 286 per cent more expensive than third-party ink and could easily lead to consumers paying hundreds more than they need to over a five-year period.

During the pandemic, printer ink has become an essential as households across the country have been forced to rely on their home printer for work and homeschooling.

However, many are unaware that they are paying over the odds by buying printer ink from their printer’s manufacturer – and the costs quickly stack up.

The consumer champion surveyed more than 10,000 consumers who own inkjet printers to find out about their experiences with original-branded and third-party inks.

Just over half (56%) of inkjet printer owners said they stick with using potentially pricey original-branded cartridges every time.

Which? assessed the cost of original-branded and third-party ink for the Epson WorkForce WF-7210DTW printer. A multipack of colour ink (cyan, magenta, yellow) costs £75.49 from Epson. This works out at an astonishing £2,410 a litre – or £1,369 for a pint.

The Epson printer also requires a separate Epson black cartridge (£31.99), bringing the total cost of a single original-branded ink refill to £107.48.

On the other hand, restocking with a full set of black and colour inks from the highest-rated third-party supplier in the consumer champion’s survey would cost just £10.99.

[…]

It is not just Epson’s ink prices that are sky high, either. Brother, Canon and HP also charge huge prices for cartridges.

A multipack of ink for the Brother MFCJ5730DW cost £98.39 compared to just £29.21 from the cheapest third-party alternative – a price difference of £1,037 over five years assuming the full set of cartridges were replaced three times each year.

Similarly, a full set of original-branded, high-yield cartridges for a Canon Pixma MX475 costs £80.98 compared to just £12.95 from the cheapest third-party ink supplier- a difference of £68.13 for each purchase, or £1,021 over five years assuming the full set of cartridges were replaced three times each year.

The price difference between own-brand and one of the third-party inks Which? looked at for the HP Officejet 6950 would leave consumers £705 out of pocket over a five-year period assuming the full set of cartridges were replaced three times a year. For a single refill, own-branded inks for the HP 903XL total £91.96 for both black and colour cartridges and just £44.99 from a third-party retailer.

Some HP printers use a system called ‘dynamic security’ which recognises cartridges that use non-HP chips and stops them from working. Over the course of its testing programme, Which? has found 28 HP printers that use this technology.

Other manufacturers use similar tactics such as promoting the use of ‘approved’, ‘original’ or ‘guaranteed’ cartridges on their websites and in instruction manuals. For example, the Epson printer Which? tested flashed up a ‘non-genuine ink detected’ alert on its LCD screen whenever we inserted third-party cartridges.

It is highly concerning that manufacturers are discouraging consumers from using third-party inks – and that some HP printers are actively blocking customers from exerting their right to choose the cheapest ink.

Because of these practices, consumers are understandably confused and concerned about using non-manufacturer inks. Two in five (39%) of the people we surveyed who do not use third-party cartridges said they avoided them because they thought they would not work in their printer.

[…]

“Printer ink shouldn’t cost more than a bottle of high-end champagne or Chanel No5. We’ve found that there are lots of third-party products that are outperforming their branded counterparts at a fraction of the cost.

“Choosing third-party ink should be a personal choice and not dictated by the make of your printer. Which? will continue to make consumers aware of the staggering cost differences between own-brand and third-party inks and give people the information they need to buy the best ink for their printer.”

[…]

Source: Pint of printer ink? That’ll be £1,300 please: Which? reveals the eye-watering cost of branded printer ink – Which? Press Office

So basically that’s a practical monopoly on printer ink then. This is a saga that’s been going on for decades but the price increase recently has been insane!

Commission starts legal action against 23 EU countries over copyright rules they won’t implement that favour big tech over small business and forced censorship

Posted on by

EU countries may be taken to court for their tardiness in enacting landmark EU copyright rules into national law, the European Commission said on Monday as it asked the group to explain the delays.

The copyright rules, adopted two years ago, aim to ensure a level playing field between the European Union’s trillion-euro creative industries and online platforms such as Google, owned by Alphabet (GOOGL.O), and Facebook (FB.O).

Note: level if you are one of the huge tech giants, not so much if you’re a small business or startup – in fact, this makes it very very difficult for startups to enter some sectors at all.

Some of Europe’s artists and broadcasters, however, are still not happy, in particular over the interpretation of a key provision, Article 17, which is intended to force sharing platforms such as YouTube and Instagram to filter copyrighted content.

[…]

The EU executive also said it had asked France, Spain and 19 other EU countries to explain why they missed a June 7 deadline to enact separate copyright rules for online transmission of radio and TV programmes.

The other countries are Austria, Belgium, Bulgaria, Croatia, Cyprus, the Czech Republic, Estonia, Greece, Finland, Ireland, Italy, Lithuania, Luxembourg, Latvia, Poland, Portugal, Romania, Slovenia and Slovakia.

Source: Commission starts legal action against 23 EU countries over copyright rules | Reuters

For more information see:
Article 11, Article 13: EU’s Dangerous Copyright Bill Advances: massive censorship and upload filters (which are impossible) and huge taxes for links.

European Commission Betrays Internet Users By Cravenly Introducing Huge Loophole For Copyright Companies In Upload Filter Guidance

EU Copyright Companies Want Legal Memes Blocked Too Because They Now Admit Upload Filters Are ‘Practically Unworkable’

Wow, the EU actually voted to break the internet for big business copyright gain

Anyway, well done those 23 countries for fighting for freedom of expression and going against big tech and non-democratic authoritarianism in Europe.

You, too, can be a Windows domain controller and do whatever you like, with this trick which requires no authentication at all

Posted on by

The security shortcoming can be exploited using the wonderfully named PetitPotam technique. It involves abusing Redmond’s MS-EFSRPC (Encrypting File System Remote Protocol) to take over a corporate Windows network. It seems ideal for penetration testers, and miscreants who have gained a foothold in a Windows network.

Specifically, security researcher Gilles Lionel found it was possible to use MS-EFSRPC force a device, including Windows domain controllers, to authenticate with a remote attacker-controlled NTLM relay. The end result is an authentication certificate that grants the attacker domain-controller-level access to services, allowing them to commandeer the entire domain.

“PetitPotam takes advantage of servers,” said Microsoft, “where the Active Directory Certificate Services (AD CS) is not configured with protections for NTLM Relay Attacks.”

Lionel published a proof-of-concept exploit, available from the above link, and Microsoft responded by burying the bad news in an advisory released on Friday. The Windows giant described PetitPotam as “a classic NTLM relay attack,” and noted that such attacks have a long, long history.

Which does make us wonder: why does the problem linger on?

Microsoft’s preferred mitigation is for administrators to simply disable NTLM authentication, although doing so could break any number of services and applications that depend on it. A variety of alternatives are also on offer, “listed in order of more secure to less secure.”

Great.

[…]

Windows Server 2008 and up are affected, according to Microsoft’s advisory, and, other than suggesting customers take NTLM mitigations, a fix for MS-EFSRPC does not appear to be incoming.

[…]

Source: You, too, can be a Windows domain controller and do whatever you like, with this one weird WONTFIX trick • The Register

Windows 11 reopens browser wars by including Teams

Posted on by

You can spot a veteran of the Browser Wars a mile off. These fearsome conflicts, fought across the desktops of the world not 20 years ago, left deep scars.

[…]

By Gen XP, it was all over and the internet desktop was under total Empire control. Then came the Rebel Alliance of Chrome and Firefox, and in a few short years we were liberated.

Like every peacetime generation, those since have forgotten the conflict. They assume that freedom is here by right. The desktop is an antique battleground, as obsolete as warships in the Baltic. We are mobile, we are cloud, all places where access lock-in is baked out.

[…]

the new superweapon you’ll get for free is Microsoft Teams, which is now super-snugly installed on the Windows 11 desktop and just a click away from easy-peasy sign-on to the Empire. Everything else that MS really wants you to use – OneDrive, Office 365, those blasted widgets – you can do away with. Teams? Ah, not so much. Teams is there, ostensibly, to talk to other people, and if they’re on Teams you have to use it too. Documents, spreadsheets, files of all sorts – a OneDrive, Office 365 user can swap stuff with your Google Drive and apps.

[…]

What makes the conferencing space as tempting a resource as Mesopotamian oil fields to the Great Powers? It’s the same as the Browser Wars – those who control the conversation between humans and the digital control the world. Every file you share, every connection made, every link swapped, is treasure to be collected. It’s all funnelled together automatically. Watch as in-Teams access channels spring up across businesses for helplines, content accumulators, special offer conduits, payment systems.

The long trail of interactions between conferencing system users, each other, and their resources, produces a rich seam of ready-to-mine behaviour that, because it is so task-focused, is massively monetisable.

[…]

This is a terrible prospect, not just for Slack but for everyone. IE6’s reign was marked by stagnation; all companies see spending development resources for a monopoly service as waste. It had its slave army toiling in the factory, they should be grateful for what they get. And if you think Teams is less fun than tickling the tonsils of a decomposing turbot, wait until Microsoft has settled in to enjoy its new monopoly.

What saved the world were internet open standards – Microsoft couldn’t manage that lock-in, hard as it tried. This time, the standards don’t exist or where they do, they’re not used by the big players, who control the whole chain end-to-end. Third-party endpoints are not allowed. So it doesn’t matter if you’re on a non-MS desktop or a mobile device, you’ll have to use the Microsoft app.

[…]

 

Source: Windows 11 comes bearing THAAS, Trojan Horse as a service • The Register