Daily Archives: August 26, 2021

LED streetlights contribute to insect population declines

Posted on by

Streetlights—particularly those that use white light-emitting diodes (LEDs)—not only disrupt insect behavior but are also a culprit behind their declining numbers, a new study carried out in southern England showed Wednesday.

Artificial lights at night had been identified as a possible factor behind falling around the world, but the topic had been under-researched.

To address the question, scientists compared 26 roadside sites consisting of either hedgerows or grass verges that were lit by streetlights, against an equal number of nearly identical sites that were unlit.

They also examined a site with one unlit and two lit sections, all of which were similar in their vegetation.

The team chose moth caterpillars as a proxy for nocturnal insects more broadly, because they remain within a few meters of where they hatched during the larval stage of their lives, before they acquire the ability to fly.

The team either struck the hedges with sticks so that the caterpillars fell out, or swept the grass with nets to pick them up.

The results were eye-opening, with a 47 percent reduction in insect population at the hedgerow sites and 37 percent reduction at the roadside .

[…]

The lighting also disturbed their feeding behavior: when the team weighed the caterpillars, they found that those in the lighted areas were heavier.

[…]

The team found that the disruption was most pronounced in areas lit by LED lights as opposed to high-pressure sodium (HPS) lamps or older low-pressure sodium (LPS) lamps, both of which produce a yellow-orange glow that is less like sunlight.

[…]

there are really quite accessible solutions,” said Boyes—like applying filters to change the lamps’ color, or adding shields so that the light shines only on the road, not insect habitats.

Source: LED streetlights contribute to insect population declines: study

Glowworm Attack Captures Audio From Power LED Light Flickers

Posted on by

Researchers from Ben-Gurion University have come up with a way to listen in on a speaker from afar by just monitoring the subtle changes in brightness of its power status LED.

The Glowworm Attack, as the discovery is called, follows similar research from the university published in 2020 that found an electro-optical sensor paired with a telescope was able to decipher the sounds in a room. Sound waves bounced off a hanging light bulb create nearly imperceptible changes in the lighting in the room. With the Glowworm Attack, the same technology that made Lamphone possible is repurposed to remotely eavesdrop on sounds in a room again, but using a completely different approach that many speaker makers apparently never even considered.

[…]

Pairing the sensor with a telescope allowed the security researchers at Ben-Gurion University to successfully capture and decipher sounds being played by a speaker at distances of up to 35 meters, or close to 115 feet. The results aren’t crystal clear (you can hear the remote recordings the researchers made on Ben Nassi’s website), and the noise increases the farther away from the speaker the capture device is used, but with some intelligent audio processing, the results can undoubtedly be improved.

Source: Glowworm Attack Captures Audio From Power LED Light Flickers

Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit

Posted on by

The remote code execution flaw, CVE-2021-35395, was seen in Mirai malware binaries by threat intel firm Radware, which “found that new malware binaries were published on both loaders leveraged in the campaign.”

Warning that the vuln had been included in Dark.IoT’s botnet “less than a week” after it was publicly disclosed, Radware said: “This vulnerability was recently disclosed by IoT Inspectors Research Lab on August 16th and impacts IoT devices manufactured by 65 vendors relying on the Realtek chipsets and SDK.”

The critical vuln, rated 9.8 on the CVSS scale, consists of multiple routes to cause buffer overflows (PDF from Realtek with details) in the web management interface provided by Realtek in its Jungle SDK for its router chipset. CVE-2021-35395 is a denial-of-service vuln; crafted inputs from an attacker can be used to crash the HTTP server running the management interface, and thus the router.

[…]

Rather than having the capability to develop its own exploits, Dark.IoT sits around waiting for white hats to publish proof-of-concepts for newly discovered vulns, and Smith said they incorporate those into their botnet within “days.”

[…]

While Realtek has patched the vulns in the SDK, vendors using its white-label tech now have to distribute patches for their branded devices and then users have to install them – all while Dark.IoT and other Mirai-based criminals are looking for exploitable devices.

[…]

Source: Mirai-style IoT botnet is now scanning for router-pwning critical vuln in Realtek kit • The Register

Another Neuro Study Proves Changing DOOH content Boosts Long Term Memory

Posted on by

Leading Australian digital outdoor media company QMS, has unveiled its latest neuroscience study that demonstrates the relative impact of different Out of Home creative approaches and their overall effectiveness for brands.

In partnership with Neuro-Insight, this research study captured real-life, continuous digital and static OOH panels over consecutive days, to accurately measure how the human brain responds to a piece of creative advertising each day.

The study revealed that long term memory encoding, critical for campaign effectiveness, continues to grow in respondents that are exposed to evolving creative. In fact, creative that evolves was shown to deliver a 38% higher impact than that of static creative by day five.

pastedGraphic.png

Spanning 30 creatives across 15 categories, one of the strongest performing campaigns in the study harnessed the capabilities of digital OOH (DOOH) with a simple creative change that displayed the day of the week matched with the live temperature at the time, to deliver an 18% stronger result than the average DOOH campaign.

QMS Chief Strategy Officer, Christian Zavecz said that it was integral for both media owners and advertisers to properly understand the additional value the capabilities of DOOH delivers and how they can be used to drive greater campaign efficacy.

“DOOH in Australia already represents 61% of the industry* however, the uptake of creative capabilities amongst clients is still quite low. Now, for the first time, we can quantify what we have always intuitively thought about the medium. Incorporating the strategic use of creative evolution into a brand’s campaign is now proven to increase its effectiveness. The study also uncovered some important lessons about frequency and the role that DOOH, through its breadth of capabilities, can play in being able to maximise effective OOH campaign reach.”

[…]

Source: DailyDOOH » Blog Archive » Another Neuro Study Proves Evolving DOOH Creative Boosts Long Term Memory

Samsung Smart TVs Can Be Remotely Disabled

Posted on by

QLED-loving thieves, beware: Samsung revealed on Tuesday that its TVs can be remotely disabled if the company finds out they’ve been stolen, so long as the sets in question are connected to the internet.

Known as “Samsung TV Block,” the feature was first announced in a press release earlier this month after the company deployed it following a string of warehouse lootings triggered by unrest in South Africa. In the release, Samsung said that the technology comes “already pre-loaded on all Samsung TV products,” and said that it “ensures that the television sets can only be used by the rightful owners with a valid proof of purchase.”

TV Block kicks in after the user of the stolen television connects it to the internet, which is necessary in order to operate the smart TVs. Once connected, the serial number of the television pings the Samsung server, triggering a blocking mechanism that effectively disables all of the TV’s functions.

While the release only mentions the blocking function relative to the TVs that had been looted from the company’s warehouse, the protection could also ostensibly be applied to individual customers who’ve had their TVs stolen and report the device’s serial number to Samsung.

[…]

Source: Samsung Smart TVs Can Be Remotely Disabled If Stolen

This means that you could reroute the TVs to your own server and trigger the blocking mechanism yourself quite easily. Nice way to brick a whole load of Samsung TVs!

Facebook used facial recognition without consent 200,000 times, says South Korea’s data watchdog. Netflix fined too and Google scolded.

Posted on by

Facebook, Netflix and Google have all received reprimands or fines, and an order to make corrective action, from South Korea’s government data protection watchdog, the Personal Information Protection Commission (PIPC).

The PIPC announced a privacy audit last year and has revealed that three companies – Facebook, Netflix and Google – were in violations of laws and had insufficient privacy protection.

Facebook alone was ordered to pay 6.46 billion won (US$5.5M) for creating and storing facial recognition templates of 200,000 local users without proper consent between April 2018 and September 2019.

Another 26 million won (US$22,000) penalty was issued for illegally collecting social security numbers, not issuing notifications regarding personal information management changes, and other missteps.

Facebook has been ordered to destroy facial information collected without consent or obtain consent, and was prohibited from processing identity numbers without legal basis. It was also ordered to destroy collected data and disclose contents related to foreign migration of personal information. Zuck’s brainchild was then told to make it easier for users to check legal notices regarding personal information.

[…]

Netflix’s fine was a paltry 220 million won (US$188,000), with that sum imposed for collecting data from five million people without their consent, plus another 3.2 million won (US$2,700) for not disclosing international transfer of the data.

Google got off the easiest, with just a “recommendation” to improve its personal data handling processes and make legal notices more precise.

The PPIC said it is not done investigating methods of collecting personal information from overseas businesses and will continue with a legal review.

[…]

Source: Facebook used facial recognition without consent 200,000 times, says South Korea’s data watchdog • The Register

OnlyFans Drops Planned Porn Ban, Will Allow Sexually Explicit Content after banks back down after shaming

Posted on by

OnlyFans dropped plans to ban pornography from its service, less than a week after the U.K. content-creator subscription site had announced the change citing the need to comply with policies of banking partners.

On Wednesday, the company said it “secured assurances necessary to support our diverse creator community,” suggesting that it has new agreements with banks to pay OnlyFans’ content creators, including those who share sexually explicit material.

[…]

An OnlyFans spokesperson declined to say which bank or banks it has new or renewed payment-processing agreements with. “The proposed Oct. 1, 2021 changes are no longer required due to banking partners’ assurances that OnlyFans can support all genres of creators,” the rep said.

 

 

So was this all much ado about nothing?

OnlyFans may have been able to resolve its conflict with banks, some of which had refused to do business with the site, by going public with the issue — and publicizing the large amount of money that flows through the site, on the order of $300 million in payouts per month.

OnlyFans founder and CEO Tim Stokely put the blame for the porn ban on banks in an interview with the Financial Times published Aug. 24, saying that banks including JP Morgan Chase, Bank of New York Mellon and the U.K.’s Metro Bank had cut off OnlyFans’ ability to pay creators.

The furious backlash among OnlyFans creators also certainly pushed the company to quickly resolve the problem. OnlyFans’ decision to ban porn had infuriated sex workers who have relied on the site to support themselves. In frustration, some adult creators had already nixed their OnlyFans pages and moved to alternate platforms.

[…]

Source: OnlyFans Drops Planned Porn Ban, Will Allow Sexually Explicit Content – Variety