The Linkielist

Linking ideas with the world

The Linkielist

Author Archives: Robin Edgar

About Robin Edgar

Organisational Structures | Technology and Science | Military, IT and Lifestyle consultancy | Social, Broadcast & Cross Media | Flying aircraft

Attack on The EMV Smartcard Standard: man in the middle exploit with 2 smartphones

Posted on by

EMV is the international protocol standard for smartcard payment and is used in over 9 billion cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws that are hard to spot in EMV’s lengthy and complex specification, running over 2,000 pages. We formalize a comprehensive symbolic model of EMV in Tamarin, a state-of-the-art protocol verifier. Our model is the first that supports a fine-grained analysis of all relevant security guarantees that EMV is intended to offer. We use our model to automatically identify flaws that lead to two critical attacks: one that defrauds the cardholder and another that defrauds the merchant. First, criminals can use a victim’s Visa contactless card for high-value purchases, without knowledge of the card’s PIN. We built a proof-of-concept Android application and successfully demonstrated this attack on real-world payment terminals. Second, criminals can trick the terminal into accepting an unauthentic offline transaction, which the issuing bank should later decline, after the criminal has walked away with the goods. This attack is possible for implementations following the standard, although we did not test it on actual terminals for ethical reasons. Finally, we propose and verify improvements to the standard that prevent these attacks, as well as any other attacks that violate the considered security properties. The proposed improvements can be easily implemented in the terminals and do not affect the cards in circulation.

Source: [2006.08249] The EMV Standard: Break, Fix, Verify

Researchers Create a Single-Molecule Switch – a Step Toward Ever-Smaller Electronics

Posted on by

A team of researchers has demonstrated for the first time a single-molecule electret – a device that could be one of the keys to molecular computers.

Smaller electronics are crucial to developing more advanced computers and other devices. This has led to a push in the field toward finding a way to replace silicon chips with molecules, an effort that includes creating single-molecule electret – a switching device that could serve as a platform for extremely small non-volatile storage devices. Because it seemed that such a device would be so unstable, however, many in the field wondered whether one could ever exist.

Along with colleagues at Nanjing University, Renmin University, Xiamen University, and Rensselaer Polytechnic Institute, Mark Reed, the Harold Hodgkinson Professor of Electrical Engineering & Applied Physics demonstrated a single-molecule electret with a functional memory. The results were published Oct. 12 in Nature Nanotechnology.

Most electrets are made of piezoelectric materials, such as those that produce the sound in speakers. In an electret, all the dipoles – pairs of opposite electric charges – spontaneously line up in the same direction. By applying an electric field, their directions can be reversed.

“The question has always been about how small you could make these electrets, which are essentially memory storage devices,” Reed said.

The researchers inserted an atom of Gadolinium (Gd) inside a carbon buckyball, a 32-sided molecule, also known as a buckminsterfullerene. When the researchers put this construct (Gd@C82) in a transistor-type structure, they observed single electron transport and used this to understand its energy states. However, the real breakthrough was that they discovered that they could use an electric field to switch its energy state from one stable state to another.

“What’s happening is that this molecule is acting as if it has two stable polarization states,” Reed said. He added that the team ran a variety of experiments, measuring the transport characteristics while applying an electric field, and switching the states back and forth. “We showed that we could make a memory of it – read, write, read, write,” he said.

Reed emphasized that the present device structure isn’t currently practical for any application, but proves that the underlying science behind it is possible.

“The important thing in this is that it shows you can create in a molecule two states that cause the spontaneous polarization and two switchable states,” he said. “And this can give people ideas that maybe you can shrink memory down literally to the single molecular level. Now that we understand that we can do that, we can move on to do more interesting things with it.”

Source: Researchers Create a Single-Molecule Switch – a Step Toward Ever-Smaller Electronics | Yale School of Engineering & Applied Science

Five Eyes governments, India, and Japan make new call for encryption backdoors – insist that democracy is an insecure police state

Posted on by

Members of the intelligence-sharing alliance Five Eyes, along with government representatives for Japan and India, have published a statement over the weekend calling on tech companies to come up with a solution for law enforcement to access end-to-end encrypted communications.

The statement is the alliance’s latest effort to get tech companies to agree to encryption backdoors.

The Five Eyes alliance, comprised of the US, the UK, Canada, Australia, and New Zealand, have made similar calls to tech giants in 2018 and 2019, respectively.

Just like before, government officials claim tech companies have put themselves in a corner by incorporating end-to-end encryption (E2EE) into their products.

If properly implemented, E2EE lets users have secure conversations — may them be chat, audio, or video — without sharing the encryption key with the tech companies.

Representatives from the seven governments argue that the way E2EE encryption is currently supported on today’s major tech platforms prohibits law enforcement from investigating crime rings, but also the tech platforms themselves from enforcing their own terms of service.

Signatories argue that “particular implementations of encryption technology” are currently posing challenges to law enforcement investigations, as the tech platforms themselves can’t access some communications and provide needed data to investigators.

This, in turn, allows a safe haven for criminal activity and puts the safety of “highly vulnerable members of our societies like sexually exploited children” in danger, officials argued.

Source: Five Eyes governments, India, and Japan make new call for encryption backdoors | ZDNet

Let’s be clear here:

  1. There is no way for a backdoored system to be secure. This means that not only do you give access to the government police services, secret services, stazi and thought police who can persecute you for being jewish or thinking the “wrong way” (eg being homosexual or communist), you also give criminal networks, scam artists, discontented exes and foreign government free reign to run around  your private content
  2. You have a right to privacy and you need it. It’s fundamental to being able to think creatively  and the only way in which societies advance. If thought is policed by some random standard then deviations which lead  to change will be surpressed. Stasis leads to economic collapse among other things, even if those at the top will be collecting more and more wealth for themselves.
  3. We as a society cannot “win” or become “better” by emulating the societies that we are competing against, that represent values and behaviours that we disagree with. Becoming a police state doesn’t protect us from other police states.

Backdoorer the Xplora: Kids’ smart-watches can secretly take pics, record audio on command by encrypted texts

Posted on by

The Xplora 4 smartwatch, made by Chinese outfit Qihoo 360 Technology Co, and marketed to children under the Xplora brand in the US and Europe, can covertly take photos and record audio when activated by an encrypted SMS message, says Norwegian security firm Mnemonic.

This backdoor is not a bug, the finders insist, but a deliberate, hidden feature. Around 350,000 watches have been sold so far, Xplora says. Exploiting this security hole is essentially non-trivial, we note, though it does reveal the kind of remotely accessible stuff left in the firmware of today’s gizmos.

“The backdoor itself is not a vulnerability,” said infosec pros Harrison Sand and Erlend Leiknes in a report on Monday. “It is a feature set developed with intent, with function names that include remote snapshot, send location, and wiretap. The backdoor is activated by sending SMS commands to the watch.”

The researchers suggest these smartwatches could be used to capture photos covertly from its built-in camera, to track the wearer’s location, and to conduct wiretapping via the built-in mic. They have not claimed any such surveillance has actually been done. The watches are marketed as a child’s first phone, we’re told, and thus contain a SIM card for connectivity (with an associated phone number). Parents can track the whereabouts of their offspring by using an app that finds the wearer of the watch.

It is a feature set developed with intent, with function names that include remote snapshot, send location, and wiretap. The backdoor is activated by sending SMS commands to the watch

Xplora contends the security issue is just unused code from a prototype and has now been patched. But the company’s smartwatches were among those cited by Mnemonic and Norwegian Consumer Council in 2017 for assorted security and privacy concerns.

Sand and Leiknes note in their report that while the Norwegian company Xplora Mobile AS distributes the Xplora watch line in Europe and, as of September, in the US, the hardware was made by Qihoo 360 and 19 of its 90 Android-based applications come from the Chinese company.

They also point out that in June, the US Department of Commerce placed the Chinese and UK business groups of Qihoo 360 on its Entities List, a designation that limits Qihoo 360’s ability to do business with US companies. US authorities claim, without offering any supporting evidence, that the company represents a potential threat to US national security.

In 2012, a report by a China-based civilian hacker group called Intelligent Defense Friends Laboratory accused Qihoo 360 of having a backdoor in its 360 secure browser [[PDF]].

In March, Qihoo 360 claimed that the US Central Intelligence Agency has been conducting hacking attacks on China for over a decade. Qihoo 360 did not immediately respond to a request for comment.

According to Mnemonic, the Xplora 4 contains a package called “Persistent Connection Service” that runs during the Android boot process and iterates through the installed apps to construct a list of “intents,” commands for invoking functionality in other apps.

With the appropriate Android intent, an incoming encrypted SMS message received by the Qihoo SMS app could be directed through the command dispatcher in the Persistent Connection Service to trigger an application command, like a remote memory snapshot.

Exploiting this backdoor requires knowing the phone number of the target device and its factory-set encryption key. This data is available to those to Qihoo and Xplora, according to the researchers, and can be pulled off the device physically using specialist tools. This basically means ordinary folks aren’t going to be hacked, either by the manufacturer under orders from Beijing or opportunistic miscreants attacking gizmos in the wild, though it is an issue for persons of interest. It also highlights the kind of code left lingering in mass-market devices.

Source: Backdoorer the Xplora: Kids’ smart-watches can secretly take pics, record audio on command by encrypted texts • The Register

RAF Uses Autonomous Drone Swarm Loaded With Decoys To Overwhelm Mock Enemy Air Defenses

Posted on by

Italian defense contractor Leonardo says that it has conducted a successful demonstration in cooperation with the U.K. Royal Air Force of an autonomous swarm of unmanned aircraft, each carrying a variant of its BriteCloud expendable active decoy as an electronic warfare payload. Using the BriteClouds, which contain electronic warfare jammers, the drones were able to launch a mock non-kinetic attack on radars acting as surrogates for a notional enemy integrated air defense network.

Leonardo announced it had carried out the swarm demonstration, which it conducted together with the Royal Air Force’s Rapid Capabilities Office (RCO), as well as private unmanned technology firms Callen-Lenz and Blue Bear, on Oct. 7, 2020. The latter two firms, as well as Boeing, are working on prototype semi-autonomous “loyal wingman” type drones for the RAF, which that service also refers to as “remote carriers,” as part of Project Mosquito, which is itself a component of the larger Lightweight Affordable Novel Combat Aircraft (LANCA) program.

“During the demonstration, a number of Callen Lenz drones were equipped with a modified Leonardo BriteCloud decoy, allowing each drone to individually deliver a highly-sophisticated jamming effect,” according to Leonardo’s press release. “They were tested against ground-based radar systems representing the enemy air defence emplacement. A powerful demonstration was given, with the swarm of BriteCloud-equipped drones overwhelming the threat radar systems with electronic noise.”

For reasons that are unclear, Leonardo has since removed its press release from its website, though an archived copy of the page remains available through Google. The company also deleted an official Tweet with an infographic, a copy of which is seen below, regarding BriteCloud and this demonstration.

Leonardo

Leonardo did not offer any details about the unmanned aircraft used in the demonstration. Artist’s conceptions of a drone swarm strike that the company released along with the announcement, seen at the top of this story and in the infographic above, showed a tailless fixed-wing design with a single, rear-mounted pusher propeller and fixed undercarriage. However, there is no indication one way or another if this in any way reflects the Callen-Lenz design employed in the recent test.

The standard BriteCloud is what is known as a Digital Radio Frequency Memory (DRFM) jammer that first detects incoming radar pulses from hostile platforms, including aircraft, ships, and ground-based air defense systems, as well as active radar guidance systems on incoming missiles. It then mimics those signals in return, creating the appearance of a false target. As Leonardo said in its own press release, this effect can “confuse and overwhelm” radars and lure missiles away from friendly aircraft.

BriteCloud, which can be launched from any dispenser capable of firing standard 55mm decoy flares or chaff cartridges, first entered RAF service in 2018 on the now-retired Tornado GR4 combat jet. Last year, the service began tests of the decoy on its Eurofighter Typhoons and indicated that it could also eventually integrate them on its F-35B Joint Strike Fighters.

Unlike a plane dropping expendable BriteClouds, in the recent demonstration, Leonardo noted that “the decoy packages were programmed and navigated to work collaboratively to cause maximum confusion.” Placing the jammers inside drones offers the ability to help space them out for optimal coverage across a wide area. The entire swarm provides immense additional flexibility by being able to rapidly shift its focus from one area to another to respond to new developments in the battlespace. Above all else, they allow BriteCloud to employ its bag of tricks over longer periods of time and even execute multiple electronic attacks instead of just one.

At the same time, the off-the-shelf electronic warfare expendables are just that, expendable. If you lose one and its drone platform, it isn’t a big deal as they are meant to be expendable in the first place. As such, they are the very definition of attritable. This term refers to designs that could be recovered and reused, but that are also cheap enough for commanders to be willing to commit them to higher-risk missions where there is a significant chance of them getting knocked down.

The RAF is not the only one to be looking at drone swarms, or otherwise networking munitions and other expendable stores together to reduce duplication of effort and otherwise improve the efficacy of strikes and other missions. The U.S. Air Force is in the midst of its own networked munition program, called Golden Horde, and the Army recently revealed plans to develop swarms of air-launched drones carrying electronic warfare systems and other payloads, efforts that you can read about in more detail in these past War Zone pieces.

Source: RAF Uses Autonomous Drone Swarm Loaded With Decoys To Overwhelm Mock Enemy Air Defenses

Robinhood Users Says There’s No One To Call When Accounts Are Hacked

Posted on by

It took Soraya Bagheri a day to learn that 450 shares of Moderna Inc. had been liquidated in her Robinhood account and that $10,000 in withdrawals were pending. But after alerting the online brokerage to what she believed was a theft in progress, she received a frustrating email.

The firm wrote it would investigate and respond within “a few weeks.” Now her money is gone

Bagheri is among five Robinhood customers who recounted similar experiences to Bloomberg News, saying they’ve been left in limbo in recent weeks after someone sold their investments and withdrew funds. Because the wildly popular app has no emergency phone number, some said they tried in vain to intervene, only to watch helplessly as their money vanished.

“A limited number of customers appear to have had their Robinhood account targeted by cyber criminals because of their personal email account (that which is associated with their Robinhood account) being compromised outside of Robinhood,” a spokesman for the company said in an email. “We’re actively working with those impacted to secure their accounts.”

[…]

Bagheri, a Washington attorney, and three other Robinhood users said they also contacted authorities including the Securities and Exchange Commission and the Financial Industry Regulatory Authority. Two of those customers said they have heard back from an official at the SEC seeking more information.

Finra and the SEC declined to comment.

[…]

Now, even though the firm said this year that it has more than doubled its customer-service team, clients complain they’re struggling to get quick help when their funds are disappearing.

“They don’t have a customer service line, which I’m quite shocked about,” Bagheri said.

[…]

Rao showed Bloomberg the same emailed response from Robinhood that Bagheri received. “We understand the sensitivity of your situation and will be escalating the matter to our fraud investigations team,” Robinhood customer service agents wrote them. “Please be aware that this process may take a few weeks, and the team working on your case won’t be able to provide constant updates.”

Rao said he had previously set up two-factor authentication to access his account, and Bagheri said she’s certain her Robinhood password is unique from all others, including her email. Neither believed they had been duped by phishing scams or malware. Both said they use the same email for Robinhood and other accounts, and that only Robinhood has been affected.

[…]

They also said Robinhood’s online portal showed their money went to a recipient at Revolut, another popular financial-technology startup. London-based Revolut, which offers a money transfer and exchange app, expanded to the U.S. this year.

“Revolut has been made aware of the issue and is investigating urgently,” a company spokesman said Friday in an email.

Bill Hurley, who owns a metal-fabrication shop in Windsor, Connecticut, said he received notifications that stock and Bitcoin had been sold from his account on Sept. 21, and that $5,000 was transferred to Revolut accounts in two transactions. He said he emailed Robinhood for assistance while the transactions were pending but received none.

“They’ve had more than enough time to deal with this,” he said.

Source: Robinhood Users Says There’s No One To Call When Accounts Are Hacked – Bloomberg

AI Created a Detailed 3D Map of Stars, Galaxies, and Quasars. Largest universe map so far.

Posted on by

A team of astronomers from the University of Hawaiʻi at Mānoa’s Institute for Astronomy (IfA) has produced the most comprehensive astronomical imaging catalog of stars, galaxies, and quasars ever created with help from an artificially intelligent neural network.

The group of astronomers from the University of Hawaiʻi at Mānoa’s Institute for Astronomy (IfA) released a catalog containing 3 billion celestial objects in 2016, including stars, galaxies, and quasars (the active cores of supermassive black holes).

[…]

he results of their work have been published to the Monthly Notices of the Royal Astronomical Society.

Their PS1 telescope, located on the summit of Haleakalā on Hawaii’s Big Island, is capable of scanning 75% of the sky, and it currently hosts the world’s largest deep multicolor optical survey, according to a press release put out by the University of Hawaiʻi. By contrast, the Sloan Digital Sky Survey (SDSS) covers just 25% of the sky.

[…]

“Utilizing a state-of-the-art optimization algorithm, we leveraged the spectroscopic training set of almost 4 million light sources to teach the neural network to predict source types and galaxy distances, while at the same time correcting for light extinction by dust in the Milky Way,” Beck said.

These training sessions worked well; the ensuing neural network did a bang up job when tasked with sorting the objects, achieving success rates of 98.1% for galaxies, 97.8% for stars, and 96.6% for quasars. The system also determined the distances to galaxies, which were at most only off by about 3%. The resulting work is “the world’s largest three-dimensional astronomical imaging catalog of stars, galaxies and quasars,” according to the University of Hawai’i.

“This beautiful map of the universe provides one example of how the power of the Pan-STARRS big data set can be multiplied with artificial intelligence techniques and complementary observations,” explained team member and study co-author Kenneth Chambers.

[…]

The new catalog, which was made possible by a grant from the National Science Foundation, is publicly available through the Mikulski Archive for Space Telescopes. The database is 300 gigabytes in size, and it’s accessible through multiple formats, including downloadable computer-readable tables.

This survey has already yielded some interesting science, including an explanation for a rather spooky region of space known as the Cold Spot. Using the PS1 telescope, and also NASA’s Wide Field Survey Explorer satellite, the Pan-STARRS scientists spotted a massive supervoid—a “vast region 1.8 billion light-years across, in which the density of galaxies is much lower than usual in the known universe,” as the University of Hawai’i described it five years ago. It’s this supervoid that is causing the Cold Spot, as it’s seen in the cosmic microwave background, according to the researchers.

Source: AI Created a Detailed 3D Map of Stars, Galaxies, and Quasars

“World’s fastest electrodes” triple the density of lithium batteries

Posted on by

French company Nawa technologies says it’s already in production on a new electrode design that can radically boost the performance of existing and future battery chemistries, delivering up to 3x the energy density, 10x the power, vastly faster charging and battery lifespans up to five times as long.

Nawa is already known for its work in the ultracapacitor market, and the company has announced that the same high-tech electrodes it uses on those ultracapacitors can be adapted for current-gen lithium-ion batteries, among others, to realize some tremendous, game-changing benefits.

It all comes down to how the active material is held in the electrode, and the route the ions in that material have to take to deliver their charge. Today’s typical activated carbon electrode is made with a mix of powders, additives and binders. Where carbon nanotubes are used, they’re typically stuck on in a jumbled, “tangled spaghetti” fashion. This gives the charge-carrying ions a random, chaotic and frequently blocked path to traverse on their way to the current collector under load.

The benefits are all about how far an ion has to carry its charge; on the left, a depiction of a typical, chaotic electrode structure through which an ion has to travel long and circuitous distances. On the right, the rigid structure of a vertically aligned carbon nanotube structure, which links every tiny blob of active material and the ions within straight to the current collector

The benefits are all about how far an ion has to carry its charge; on the left, a depiction of a typical, chaotic electrode structure through which an ion has to travel long and circuitous distances. On the right, the rigid structure of a vertically aligned carbon nanotube structure, which links every tiny blob of active material and the ions within straight to the current collector
Nawa Technologies

Nawa’s vertically aligned carbon nanotubes, on the other hand, create an anode or cathode structure more like a hairbrush, with a hundred billion straight, highly conductive nanotubes poking up out of every square centimeter. Each of these tiny, securely rooted poles is then coated with active material, be it lithium-ion or something else.

The result is a drastic reduction in the mean free path of the ions – the distance the charge needs to travel to get in or out of the battery – since every blob of lithium is more or less directly attached to a nanotube, which acts as a straight-line highway and part of the current collector. “The distance the ion needs to move is just a few nanometers through the lithium material,” Nawa Founder and CTO Pascal Boulanger tells us, “instead of micrometers with a plain electrode.”

This radically boosts the power density – the battery’s ability to deliver fast charge and discharge rates – by a factor of up to 10x, meaning that smaller batteries can put out 10 times more power, and the charging times for these batteries can be brought down just as drastically. Nawa says a five-minute charge should be able to take you from 0-80 percent given the right charging infrastructure.

[…]

“Research has shown vertically aligned – or even just well distributed – carbon nanotubes have far greater properties than randomly placed carbon nanotubes,” said Dr. Shearer. “I am not surprised a x10 in conductivity is possible. Controlling the placement of carbon nanotubes is really the way to unlock their potential. The issue in commercialization is the cost associated with producing aligned carbon nanotubes. My guess is the cost would be much more than x10.”

We put the question of cost to Nawa. “The million dollar question!” said Boulanger. “Here’s a million dollar answer: the process we’re using is the same process that’s used for coating glasses with anti-reflective coatings, and for photovoltaics. It’s already very cheap.”

“In high volume, like those processes, yes,” added Nawa CEO Ulrik Grape. “We are firmly convinced that this will be cost-competitive with existing electrodes.”

[…]

In some cases, Nawa says, it eliminates issues that have been holding back certain other battery chemistries. Silicon-based batteries, for example, could offer around twice the energy density of lithium-ion, but the active material grows to four times its size as it’s charged and shrinks back again as it discharges, causing mechanical issues that lead to cracks. As a result, you might be lucky to get 50 charges out of a silicon battery before it dies.

[…]

Moving to these electrodes, Grape and Boulanger say, will require battery companies to make some fairly considerable changes to the early stages of their manufacturing processes prior to cell assembly. But such dramatic performance multipliers without a price penalty or any changes to battery chemistry will surely make these things tough to compete against.

Nawa’s first large-scale customer is French battery manufacturer Saft, which is partnering with PSA and Renault as part of the European Battery Alliance to develop EV batteries for the brands under those umbrellas. The company is also speaking to a number of car companies directly, as well as other battery manufacturers supplying the EV space.

Source: “World’s fastest electrodes” triple the density of lithium batteries

Apple’s T2 custom secure boot chip is not only insecure, it cannot be fixed without replacing the silicon

Posted on by

Apple’s T2 security chip is insecure and cannot be fixed, a group of security researchers report.

Over the past three years, a handful of hackers have delved into the inner workings of the custom silicon, fitted inside recent Macs, and found that they can use an exploit developed for iPhone jailbreaking, checkm8, in conjunction with a memory controller vulnerability known as blackbird, to compromise the T2 on macOS computers.

The primary researchers involved – @h0m3us3r, @mcmrarm, @aunali1 and Rick Mark (@su_rickmark) – expanded on the work @axi0mX did to create checkm8 and adapted it to target the T2, in conjunction with a group that built checkm8 into their checkra1n jailbreaking software. Mark on Wednesday published a timeline of relevant milestones.

The T2, which contains a so-called secure enclave processor (SEP) intended to safeguard Touch ID data, encrypted storage, and secure boot capabilities, was announced in 2017. Based on the Arm-compatible A10 processor used in the iPhone 7, the T2 first appeared in devices released in 2018, including MacBook Pro, MacBook Air, and Mac mini. It has also shown up in the iMac Pro and was added to the Mac Pro in 2019, and the iMac in 2020.

The checkm8 exploit, which targets a use-after-free() vulnerability, allows an attacker to run unsigned code during recovery mode, or Device Firmware Update (DFU) mode. It has been modified to enable a tethered debug interface that can be used to subvert the T2 chip.

So with physical access to your T2-equipped macOS computer, and an appropriate USB-C cable and checkra1n 0.11, you – or a miscreant in your position – can obtain root access and kernel execution privileges on a T2-defended Mac. This allows you to alter macOS, loading arbitrary kernel extensions, and expose sensitive data.

According to Belgian security biz ironPeak, it also means that firmware passwords and remote device locking capabilities, instituted via MDM or the FindMy app, can be undone.

Compromising the T2 doesn’t dissolve macOS FileVault2 disk encryption but it would allow someone to install a keylogger to obtain the encryption key or to attempt to crack the key using a brute-force attack.

[…]

Unfortunately, it appears the T2 cannot be fixed. “Apple uses SecureROM in the early stages of boot,” explained Rick Mark in a blog post on Monday. “ROM cannot be altered after fabrication and is done so to prevent modifications. This usually prevents an attacker from placing malware at the beginning of the boot chain, but in this case also prevents Apple from fixing the SecureROM.”

Source: Apple’s T2 custom secure boot chip is not only insecure, it cannot be fixed without replacing the silicon • The Register

Ex-Tesla exec Straubel aims to build world’s top battery recycler – still nowhere near enough to compensate for the trash electric cars are putting out, but a start

Posted on by

Tesla co-founder J.B. Straubel wants to build his startup Redwood Materials into the world’s top battery recycling company and one of the largest battery materials companies, he said at a technology conference Wednesday.

Straubel aims to leverage two partnerships, one with Panasonic Corp 6752.T, the Japanese battery manufacturer that is teamed with Tesla TSLA.O at the Nevada gigafactory, and one announced weeks ago with e-commerce giant Amazon AMZN.O.

With production of electric vehicles and batteries about to explode, Straubel says his ultimate goal is to “make a material impact on sustainability, at an industrial scale.”

Established in early 2017, Redwood this year will recycle more than 1 gigawatt-hours’ worth of battery scrap materials from the gigafactory — enough to power more than 10,000 Tesla cars.

That is a fraction of the half-million vehicles Tesla expects to build this year. At the company’s Battery Day in late September, Chief Executive Elon Musk said he was looking at recycling batteries to supplement the supply of raw materials from mining as Tesla escalates vehicle production.

Redwood’s partnership with Panasonic started late last year with a pilot operation to recover materials at Redwood’s recycling facilities in nearby Carson City, according to Celina Mikolajczak, vice president of battery technology at Panasonic Energy of North America.

Mikolajczak, who spent six years at Tesla as a battery technology leader, said: “People underestimate what recycling can do for the electric vehicles industry. This could have a huge impact on raw material prices and output in the future.”

Straubel’s broader plan is to dramatically reduce mining of raw materials such as nickel, copper and cobalt over several decades by building out a circular or “closed loop” supply chain that recycles and recirculates materials retrieved from end-of-life vehicle and grid storage batteries and from cells scrapped during manufacturing.

In September, Redwood said it received funding from Amazon’s Climate Pledge Fund, following an investment by Breakthrough Energy Ventures, backed by Amazon CEO Jeff Bezos and Microsoft founder Bill Gates.

Source: Ex-Tesla exec Straubel aims to build world’s top battery recycler | Reuters

Apple made ProtonMail add in-app purchases, even though it had been free for years – this App store shakedown has a long scared list of victims

Posted on by

one app developer revealed to Congress that it — just like WordPress — had been forced to monetize a largely free app. That developer testified that Apple had demanded in-app purchases (IAP), even though Apple had approved its app without them two years earlier — and that when the dev dared send an email to customers notifying them of the change, Apple threatened to remove the app and blocked all updates.

That developer was ProtonMail, makers of an encrypted email app, and CEO Andy Yen had some fiery words for Apple in an interview with The Verge this week.

We’ve known for months that WordPress and Hey weren’t alone in being strong-armed by the most valuable company in the world, ever since Stratechery’s Ben Thompson reported that 21 different app developers quietly told him they’d been pushed to retroactively add IAP in the wake of those two controversies. But until now, we hadn’t heard of many devs willing to publicly admit it. They were scared.

And they’re still scared, says Yen. Even though Apple changed its rules on September 11th to exempt “free apps acting as a stand-alone companion to a paid web based tool” from the IAP requirement — Apple explicitly said email apps are exempt — ProtonMail still hasn’t removed its own in-app purchases because it fears retaliation from Apple, he says.

He claims other developers feel the same way: “There’s a lot of fear in the space right now; people are completely petrified to say anything.”

He might know. ProtonMail is one of the founding partners of the Coalition for App Fairness, a group that also includes Epic Games, Spotify, Tile, Match, and others who banded together to protest Apple’s rules after having those rules used against them. It’s a group that tried to pull together as many developers as it could to form a united front, but some weren’t as ready to risk Apple’s wrath.

That’s clearly not the case for Yen, though — in our interview, he compares Apple’s tactics to a Mafia protection racket.

“For the first two years we were in the App Store, that was fine, no issues there,” he says. (They’d launched on iOS in 2016.) “But a common practice we see … as you start getting significant uptake in uploads and downloads, they start looking at your situation more carefully, and then as any good Mafia extortion goes, they come to shake you down for some money.”

“We didn’t offer a paid version in the App Store, it was free to download … it wasn’t like Epic where you had an alternative payment option, you couldn’t pay at all,” he relates.

Yen says Apple’s demand came suddenly in 2018. “Out of the blue, one day they said you have to add in-app purchase to stay in the App Store,” he says. “They stumbled upon something in the app that mentioned there were paid plans, they went to the website and saw there was a subscription you could purchase, and then turned around and demanded we add IAP.”

“There’s nothing you can say to that. They are judge, jury, and executioner on their platform, and you can take it or leave it. You can’t get any sort of fair hearing to determine whether it’s justifiable or not justifiable, anything they say goes.”

[…]

Source: Apple made ProtonMail add in-app purchases, even though it had been free for years – The Verge

This is what monopolies will do for you. I have been talking about how big tech is involved in this since 2019 and it’s good to see it finally really coming out of the woodwork

Google is giving data to police based on search keywords: IPs of everyone who searched a certain thing. No warrant required.

Posted on by

There are few things as revealing as a person’s search history, and police typically need a warrant on a known suspect to demand that sensitive information. But a recently unsealed court document found that investigators can request such data in reverse order by asking Google to disclose everyone who searched a keyword rather than for information on a known suspect.

In August, police arrested Michael Williams, an associate of singer and accused sex offender R. Kelly, for allegedly setting fire to a witness’ car in Florida. Investigators linked Williams to the arson, as well as witness tampering, after sending a search warrant to Google that requested information on “users who had searched the address of the residence close in time to the arson.”

The July court filing was unsealed on Tuesday. Detroit News reporter Robert Snell tweeted about the filing after it was unsealed.

Court documents showed that Google provided the IP addresses of people who searched for the arson victim’s address, which investigators tied to a phone number belonging to Williams. Police then used the phone number records to pinpoint the location of Williams’ device near the arson, according to court documents.

The original warrant sent to Google is still sealed, but the report provides another example of a growing trend of data requests to the search engine giant in which investigators demand data on a large group of users rather than a specific request on a single suspect.

“This ‘keyword warrant’ evades the Fourth Amendment checks on police surveillance,” said Albert Fox Cahn, the executive director of the Surveillance Technology Oversight Project. “When a court authorizes a data dump of every person who searched for a specific term or address, it’s likely unconstitutional.”

The keyword warrants are similar to geofence warrants, in which police make requests to Google for data on all devices logged in at a specific area and time. Google received 15 times more geofence warrant requests in 2018 compared with 2017, and five times more in 2019 than 2018. The rise in reverse requests from police have troubled Google staffers, according to internal emails.

[…]

Source: Google is giving data to police based on search keywords, court docs show – CNET

Facebook Just Forced Its Most Powerful Critics Offline

Posted on by

Facebook is using its vast legal muscle to silence one of its most prominent critics.

The Real Facebook Oversight Board, a group established last month in response to the tech giant’s failure to get its actual Oversight Board up and running before the presidential election, was forced offline on Wednesday night after Facebook wrote to the internet service provider demanding the group’s website — realfacebookoversight.org — be taken offline.

The group is made up of dozens of prominent academics, activists, lawyers, and journalists whose goal is to hold Facebook accountable in the run-up to the election next month. Facebook’s own Oversight Board, which was announced 13 months ago, will not meet for the first time until later this month, and won’t consider any issues related to the election.

In a letter sent to one of the founders of the RFOB, journalist Carole Cadwalladr, the ISP SupportNation said the website was being taken offline after Facebook complained that the site was involved in “phishing.”

[…]

It’s unclear what evidence Facebook presented to support its claim that RFOB was operating a phishing website.

Typically, ISPs have a dispute resolution process in place that allows the website operator to challenge the allegations. This process can normally take months and ultimately result in a court order being obtained to take a site offline. In this case, there was no warning given.

[…]

Facebook had previously forced another website the group set up — realfacebookoversight.com — offline over alleged copyright infringement.

Facebook denied that it was responsible for the website being taken offline. “This website was automatically flagged by a vendor because it contained the word “facebook” in the domain and action was taken without consulting with us,”  a spokesperson told VICE News.

But, an email from the ISP, SupportNation, sent to the Real Facebook Oversight Board and viewed by VICE News, links to a message from the original complainant sent in the early hours of Friday morning after the website was taken offline.

The message tells SupportNation that “notices of trademark abuse/trademark infringement were sent out in error.” The message comes from what appears to be a Facebook email address.

Screenshot 2020-10-08 at 16.21.09.png

Facebook said that while normally the ISP would confirm requests like this with Facebook first but “in this instance that did not happen.” A spokesperson added that the message to SupportNation was sent by “a generic email address used by the vendor.”

John Taylor, a spokesperson for Facebook’s actual Oversight Board told VICE News that the takedown wasn’t something it was “aware of or had any involvement in.” Taylor added that the group doesn’t “think this is a constructive approach. We continue to welcome these efforts and contributions to the debate.”

On Wednesday night, Facebook spokesperson Andy Stone responded to Cadwalladr’s post, saying: “Your fake thing that accuses us of fake things was caught in our thing to prevent fake things.”

Stone did not immediately respond to requests for comment to clarify what he meant by “fake things” in these instances.

“The most extraordinary thing about this whole affair is how it’s exposed the total Trumpification of Facebook’s corporate comms,” Cadwalladr told VICE News. “There is a brazen shamelessness at work here. It’s not just that a company that has used ‘free speech’ as a protective cloak would go after our ISP and drive us off the internet but that its official spokesman responds to such criticism by attacking and trolling journalists.”

[…]

Source: Facebook Just Forced Its Most Powerful Critics Offline

Leap Motion brings out TouchFree software – Add Touchless Gesture Control

Posted on by

Touchless, hygienic interaction

TouchFree is a software application that runs on an interactive kiosk or advertising totem. It detects a user’s hand in mid-air and converts it to an on-screen cursor.

touchless-kiosk-with-ultraleap-touchfree.jpg

Easy to integrate, deploy, and use

• Runs invisibly on top of existing user interfaces

• Add touchless interaction without writing a single line of code

• Familiar touchscreen-style interactions

services@leapmotion.com

How users interact

• A user’s hand is detected, and shown as a cursor displayed on the screen

• Users can select items without touching the screen using a simple “air push” motion, similar to tapping a screen but in mid-air.

• To drag or scroll, “air push”, then move

Download TouchFree app

Minimum system requirements

Source: TouchFree | Add Touchless Gesture Control — Leap Motion Developer

NVIDIA Uses AI to Slash Bandwidth on Video Calls

Posted on by

NVIDIA Research has invented a way to use AI to dramatically reduce video call bandwidth while simultaneously improving quality.

What the researchers have achieved has remarkable results: by replacing the traditional h.264 video codec with a neural network, they have managed to reduce the required bandwidth for a video call by an order of magnitude. In one example, the required data rate fell from 97.28 KB/frame to a measly 0.1165 KB/frame – a reduction to 0.1% of required bandwidth.

The mechanism behind AI-assisted video conferencing is breathtakingly simple. The technology works by replacing traditional full video frames with neural data. Typically, video calls work by sending h.264 encoded frames to the recipient, and those frames are extremely data-heavy. With AI-assisted video calls, first, the sender sends a reference image of the caller. Then, instead of sending a stream of pixel-packed images, it sends specific reference points on the image around the eyes, nose, and mouth.

A generative adversarial network (or GAN, a type of neural network) on the receiver side then uses the reference image combined with the keypoints to reconstruct subsequent images. Because the keypoints are so much smaller than full pixel images, much less data is sent and therefore an internet connection can be much slower but still provide a clear and functional video chat.

In the researchers’ initial example, they show that a fast internet connection results in pretty much the same quality of stream using both the traditional method and the new neural network method. But what’s most impressive is their subsequent examples, where internet speeds show a considerable degradation of quality using the traditional method, while the neural network is able to produce extremely clear and artifact-free video feeds.

The neural network can work even when the subject is wearing a mask, glasses, headphones, or a hat.

With this technology, more people can enjoy a greater number of features all while using monumentally less data.

But the technology use cases don’t stop there: because the neural network is using reference data instead of the full stream, the technology will allow someone to even change the camera angle to appear like they are looking directly at the screen even if they are not. Called “Free View,” this would allow someone who has a separate camera off-screen to seemingly keep eye contact with those on a video call.

NVIDIA can also use this same method for character animations. Using different keypoints from the original feed, they can add clothing, hair, or even animate video game characters.

Using this kind of neural network will have huge implications for the modern workforce that will not only serve to relieve strain on networks, but also give users more freedom when working remotely. However, because of the way this technology works, there will almost certainly be questions on how it can be deployed and lead to possible issues with “deep fakes” that become more believable and harder to detect.

(Via NVIDIA via DP Review)

Source: NVIDIA Uses AI to Slash Bandwidth on Video Calls

Boom unveils the XB-1, supersonic testbed for Overture, supersonic airliner

Posted on by

The “Baby Boom” is finally here. After six years of development, Boom Supersonic is unveiling its XB-1 demonstrator. The craft is the company’s first supersonic plane, designed to prove the technology ahead of a full-size airliner, Overture.

[…]

As we reported on back in August, Boom is looking to build the first supersonic civilian airliner for half a century. The first step on that road is the construction of a demonstrator plane that can be used to test the various components and designs a supersonic airliner would need. Say hello to the single-seater XB-1, tail number N990XB.

The XB-1’s carbon-composite frame (for added heat-resistance) measures 71 feet long, with a delta wing shake that, the company says, has been optimized for maximum efficiency. It’s powered by a trio of General Electric J85-15 engines, rated to provide more than 12,000 pounds of thrust. The J85 is a warhorse engine that has been powering craft since the 1950s, including the supersonic T-38 Talon training plane. Boom says that the engine has been tweaked to improve its efficiency, important given the company’s focus on a carbon-neutral test program.

Boom XB-1 Supersonic demonstrator plane

NATHAN LEACH-PROFFER

Boom has looked to lean on new manufacturing methods to reduce costs and dramatically shrink its production time. It leaned heavily on 3D-printing, both for prototyping and to make parts for the XB-1 itself. Boom worked with both Stratasys and Velo 3D to produce prototypes, parts and tooling for the process and the craft itself. Mike Jageman, manufacturing head, said that several parts were built this way “right here, in the hangar.”

One other big technical innovation involves abandoning one of Concorde’s most famous features, its drooping nose. Rather than employ a system like that, XB-1 uses a high-resolution video camera in the nose to help pilots navigate the tricky landing. The company says that the result is to offer a “virtual window through the nose,” although we’ll have to wait for testing to see if that’s a fair claim.

Boom XB-1

NATHAN LEACH-PROFFER

Naturally, the real work begins now, ensuring that XB-1 is ready to begin test flights in the Mojave Desert next year, everything-else-going-on permitting. As founder Blake Scholl says, XB-1 is “an important milestone towards the development of our commercial liner, Overture.” The company expects the first manufacturing facility to be built by 2022, and the first Overture to be completed by 2025. It’s a very ambitious goal, especially given that the company hopes to have the first passenger flight in the air by 2029.

Source: Boom unveils the XB-1, its supersonic testbed | Engadget

UK privacy watchdog wraps up probe into Cambridge Analytica and… it was all a little bit overblown, no?

Posted on by

The UK’s privacy watchdog has wrapped up its probe into Cambridge Analytica, saying it found no hard evidence to support claims the controversial biz used data scrapped from people’s Facebook profiles to influence the Brexit referendum nor the US 2016 presidential election. There was no clear evidence of Russian involvement, either.

However, the UK’s privacy watchdog acts in the interests of the UK and so it may be in their best  interest to say: nothing to see here, carry on please…

In a letter [PDF] this month to Julian Knight – chairman of Parliament’s Digital, Culture and Media and Sport Select Committee – the Information Commissioner’s Office detailed the findings of its investigation, having gone through 700TB and more than 300,000 documents seized from the now-defunct company.

Crucially, the watchdog said Cambridge Analytica pretty much dealt with information and tools that anyone could have purchased or used if they had the right budget and know-how: there were no special techniques nor hacking. Its raison d’etre – profiling voters to target them with influential ads – was achieved by tapping into Facebook’s highly problematic Graph API at the time, via a third-party quiz app people were encouraged to use, and downloading data from their profile pages and their friends’ pages.

Facebook subsequently dynamited its overly leaky API – the real scandal here – to end any further such slurpage, was fined half a million quid by the ICO, and ordered to cough up $5bn by America’s consumer protection regulator, the FTC. If Cambridge Analytica achieved anything at all, it was blowing the lid off Facebook’s slipshod and cavalier approach to safeguarding netizens’ privacy.

Information Commissioner Elizabeth Denham’s team characterized Cambridge Analytica, and its related outfit SCL Elections, as a bit of a smoke-and-mirrors operation that lacked the sort of game-changing insight it sold to clients, who were told they could use the database of Facebook addicts to micro-target particular key voters with specific advertising to swing their political opinion in one direction or another.

“In summary, we concluded that SCL/CA were purchasing significant volumes of commercially available personal data (at one estimate over 130 billion data points), in the main about millions of US voters, to combine it with the Facebook derived insight information they had obtained from an academic at Cambridge University, Dr Aleksandr Kogan, and elsewhere,” the ICO wrote. Kogan and his company Global Science Research (GSR) was tasked with harvesting 87 million Facebook users’ personal data from the aforementioned quiz app.

“In the main their models were also built from ‘off the shelf’ analytical tools and there was evidence that their own staff were concerned about some of the public statements the leadership of the company were making about their impact and influence.”

El Reg has heard on good authority from sources in British political circles that Cambridge Analytica’s advertised powers of online suggestion were rather overblown and in fact mostly useless. In the end, it was skewered by its own hype, accused of tangibly influencing the Brexit and presidential votes on behalf of political parties and campaigners using Facebook data. Yet, no evidence could be found supporting those claims.

On Brexit, the ICO reckoned Cambridge Analytica just had information on Americans from the social network:

It was suggested that some of the data was utilised for political campaigning associated with the Brexit Referendum. However, our view on review of the evidence is that the data from GSR could not have been used in the Brexit Referendum as the data shared with SCL/Cambridge Analytica by Dr Kogan related to US registered voters.

Cambridge Analytica did appear to do a limited amount of work for Leave.EU but this involved the analysis of UKIP membership data rather than data obtained from Facebook or GSR.

For what it’s worth, the ICO observed that a Canadian outfit called AggregateIQ, which was closely linked to Cambridge Analytica, was recruited by pro-Brexit campaigners to target adverts at British Facebook users.

And on the US elections, we’re told a database of voters was assembled from Facebook records, and that “targeted advertising was ultimately likely the final purpose of the data gathering but whether or which specific data from GSR was then used in any specific part of campaign has not been possible to determine from the digital evidence reviewed.”

And as for Russia: “We did not find any additional evidence of Russian involvement in our analysis of material contained in the SCL / CA servers we obtained,” the ICO stated, adding that this is kinda outside its remit and something for the UK’s National Crime Agency to probe.

Were Cambridge Analytica still around, we imagine some details of the report would be a little embarrassing. Alas, it shut down all operations (sort of) back in 2018.

Their models were also built from ‘off the shelf’ analytical tools and there was evidence that their own staff were concerned about some of the public statements the leadership of the company were making about their impact and influence

The ICO report noted how Cambridge Analytica was probably also less than honest with the sales pitches it made to both the Trump and Leave EU campaigns, overstating the amount of data it had collected.

“SCL’s own marketing material claimed they had ‘Over 5,000 data points per individual on 230 million adult Americans’,” the ICO noted. “However, based on what we found it appears that this may have been an exaggeration.”

The company was also taken to task for poor data practices that, even had the political marketing stuff not blown up in public, likely would have landed it in hot water with the ICO.

While Cambridge Analytica may be gone and the ICO investigation concluded, Denham also warned that the tools and techniques it claimed could tip elections are not going away, and are likely to be used in the very near future… and may even work this time.

“What is clear is that the use of digital campaign techniques are a permanent fixture of our elections and the wider democratic process and will only continue to grow in the future,” the commissioner wrote. “The COVID-19 pandemic is only likely to accelerate this process as political parties and campaigns seek to engage with voters in a safe and socially distanced way.”

Source: UK privacy watchdog wraps up probe into Cambridge Analytica and… it was all a little bit overblown, no? • The Register

 

Cars, planes, trains: where do CO2 emissions from transport come from?

Posted on by

In the chart here we see global transport emissions in 2018. This data is sourced from the International Energy Agency (IEA).

Road travel accounts for three-quarters of transport emissions. Most of this comes from passenger vehicles – cars and buses – which contribute 45.1%. The other 29.4% comes from trucks carrying freight.

Since the entire transport sector accounts for 21% of total emissions, and road transport accounts for three-quarters of transport emissions, road transport accounts for 15% of total CO2 emissions.

Aviation – while it often gets the most attention in discussions on action against climate change – accounts for only 11.6% of transport emissions. It emits just under one billion tonnes of CO2 each year – around 2.5% of total global emissions [we look at the role that air travel plays in climate change in more detail in an upcoming article]. International shipping contributes a similar amount, at 10.6%.

Rail travel and freight emits very little – only 1% of transport emissions. Other transport – which is mainly the movement of materials such as water, oil, and gas via pipelines – is responsible for 2.2%.

Source: Cars, planes, trains: where do CO2 emissions from transport come from? – Our World in Data

Listening in on your XR11 remote from 20m away

Posted on by

Guardicore discovered a new attack vector on Comcast’s XR11 voice remote that would have allowed attackers to turn it into a listening device – potentially invading your privacy in your living room. Prior to its remediation by Comcast, the attack, dubbed WarezTheRemote, was a very real security threat: with more than 18 million units deployed across homes in the USA, the XR11 is one of the most widespread remote controls in existence.

WarezTheRemote used a man-in-the-middle attack to exploit remote’s RF communication with the set-top box and over-the-air firmware upgrades – by pushing a malicious firmware image back the remote, attackers could have used the remote to continuously record audio without user interaction.

The attack did not require physical contact with the targeted remote or any interaction from the victim – any hacker with a cheap RF transceiver could have used it to take over an XR11 remote. Using a 16dBi antenna, we were able to listen to conversations happening in a house from about 65 feet away. We believe this could have been amplified easily using better equipment.

We worked with Comcast’s security team after finding the vulnerability and they have released fixes that remediate the issues that made the attack possible.

You can download our full research paper for the technical details of the WarezTheRemote project. You’ll find much more information on the reverse-engineering process inside, as well as a more bits-and-bytes perspective on the vulnerability and the exploit.

Source: A New Attack Vector Discovered in Comcast’s Remote | Guardicore

Nvidia unveils $59 Nvidia Jetson Nano 2GB mini AI board

Posted on by

New Jetson Nano mini AI computer

The Jetson Nano 2GB Developer Kit, announced this week, is a single-board computer – like the Raspberry Pi – though geared towards machine learning rather than general computing. If you like the idea of simple AI projects running on a dedicated board, such as building your own mini self-driving car or an object-recognition system for your home, this one might be for you.

It runs Nvidia CUDA code and provides a Linux-based environment. At only $59 a pop, it’s pretty cheap and a nifty bit of hardware if you’re just dipping your toes in deep learning. As its name suggests, it has 2GB of RAM, plus four Arm Cortex-A57 CPU cores clocked at 1.43GHz and a 128-core Nvidia Maxwell GPU. There are other bits and pieces like gigabit Ethernet, HDMI output, a microSD slot for storage, USB interfaces, GPIO and UART pins, Wi-Fi depending on you region, and more.

“While today’s students and engineers are programming computers, in the near future they’ll be interacting with, and imparting AI to, robots,” said Deepu Talla, vice president and general manager of Edge Computing at Nvidia. “The new Jetson Nano is the ultimate starter AI computer that allows hands-on learning and experimentation at an incredibly affordable price.”

Source: Nvidia unveils $59 Nvidia Jetson Nano 2GB mini AI board, machine learning that slashes vid-chat data by 90%, and new super for Britain • The Register

Europe’s top court confirms no mass surveillance without limits

Posted on by

Europe’s top court has delivered another slap-down to indiscriminate government mass surveillance regimes.

In a ruling today the CJEU has made it clear that national security concerns do not exclude EU Member States from the need to comply with general principles of EU law such as proportionality and respect for fundamental rights to privacy, data protection and freedom of expression.

However the court has also allowed for derogations, saying that a pressing national security threat can justify limited and temporary bulk data collection and retention — capped to ‘what is strictly necessary’.

While threats to public security or the need to combat serious crime may also allow for targeted retention of data provided it’s accompanied by ‘effective safeguards’ and reviewed by a court or independent authority.

 

The reference to the CJEU joined a number of cases, including legal challenges brought by rights advocacy group Privacy International to bulk collection powers baked into the UK’s Investigatory Powers Act; a La Quadrature du Net (and others’) challenge to a 2015 French decree related to specialized intelligence services; and a challenge to Belgium’s 2016 law on collection and retention of comms data.

Civil rights campaigners had been eagerly awaiting today’s judgements from the Grand Chamber, following an opinion by an advisor to the court in January which implied certain EU Member States’ surveillance regimes were breaching the law.

At the time of writing key complainants had yet to issue a response.

Of course a government agency’s definition of how much data collection is ‘strictly necessary’ in a national security context (or, indeed, what constitutes an ‘effective safeguard’) may be rather different to the benchmark of civil rights advocacy groups — so it seems unlikely this ruling will be the last time the CJEU is asked to clarify where the legal limits of mass surveillance lie.

 

Additionally, the judgement raises interesting questions over the UK’s chances of gaining a data protection adequacy agreement from the European Commission — as it leaves the EU in 2021 at the end of the brexit transition process this year — something it needs for digital data flows from the EU to continue uninterrupted as now.

The problem is the UK’s Investigatory Powers Act (IPA) gives government agencies broad powers to intercept and retain digital communications — but here the CJEU is making it clear that such bulk powers must be the exception, not the statutory rule.

So, again, a battle over definitions could be looming…

[…]

Another interesting component of today’s CJEU judgement suggests that in EU states with indiscriminate mass surveillance regimes there could be grounds for overturning individual criminal convictions which are based on evidence obtained via such illegal surveillance.

On this, the court writes in a press release: “As EU law currently stands, it is for national law alone to determine the rules relating to the admissibility and assessment, in criminal proceedings against persons suspected of having committed serious criminal offences, of information and evidence obtained by the retention of data in breach of EU law. However, the Court specifies that the directive on privacy and electronic communications, interpreted in the light of the principle of effectiveness, requires national criminal courts to disregard information and evidence obtained by means of the general and indiscriminate retention of traffic and location data in breach of EU law, in the context of such criminal proceedings, where those persons suspected of having committed criminal offences are not in a position to comment effectively on that information and evidence.”

Update: Privacy International has now responded to the CJEU judgements, saying the UK, French and Belgian surveillance regimes must be amended to be brought within EU law.

In a statement, legal director Caroline Wilson Palow said: “Today’s judgment reinforces the rule of law in the EU. In these turbulent times, it serves as a reminder that no government should be above the law. Democratic societies must place limits and controls on the surveillance powers of our police and intelligence agencies.

“While the Police and intelligence agencies play a very important role in keeping us safe, they must do so in line with certain safeguards to prevent abuses of their very considerable power. They should focus on providing us with effective, targeted surveillance systems that protect both our security and our fundamental rights.”

Source: Europe’s top court confirms no mass surveillance without limits | TechCrunch

Smart male chastity hack could lock all dicks up permanently, require grinder to unlock. Also tells anyone where you are

Posted on by
  • Smart Bluetooth male chastity lock, designed for user to give remote control to a trusted 3rd party using mobile app/API
  • Multiple API flaws meant anyone could remotely lock all devices and prevent users from releasing themselves
  • Removal then requires an angle grinder or similar, used in close proximity to delicate and sensitive areas
  • Precise user location data also leaked by API, including personal information and private chats
  • Vendor initially responsive, then missed three remediation deadlines they set themselves over a 6 month period
  • Then finally refused to interact any further, even though majority of issues were resolved in migration to v2 API, yet API v1 inexcusably left available
  • This post is published in coordination with Internet of Dongs.

Smart adult toys and us

We haven’t written about smart adult toys in a long time, but the Qiui Cellmate chastity cage was simply too interesting to pass by. We were tipped off about the adult chastity device, designed to lock-up the wearer’s appendage.

There are other male chastity devices available but this is a Bluetooth (BLE) enabled lock and clamp type mechanism with a companion mobile app. The idea is that the wearer can give control of the lock to someone else.

We are not in the business of kink shaming. People should be able to use these devices safely and securely without the risk of sensitive personal data being leaked.

The security of the teledildonics field is interesting in its own right. It’s worth noting that sales of smart adult toys has risen significantly during the recent lockdown.

What is the risk to users?

We discovered that remote attackers could prevent the Bluetooth lock from being opened, permanently locking the user in the device. There is no physical unlock. The tube is locked onto a ring worn around the base of the genitals, making things inaccessible. An angle grinder or other suitable heavy tool would be required to cut the wearer free.

Location, plaintext password and other personal data was also leaked, without need for authentication, by the API.

We had particular problems during the disclosure process, as we would usually ask the vendor to take down a leaky API whilst remediation was being implemented. However, anyone currently using the device when the API was taken offline would also be permanently locked in!

As you will see in the disclosure timeline at the bottom of this post, some issues were remediated but others were not, and the vendor simply stopped replying to us, journalists, and retailers. Given the trivial nature of finding some of these issues, and that the company is working on another device that poses even greater potential physical harm (an “internal” chastity device), we have felt compelled to publish these findings at this point.

Source: Smart male chastity lock cock-up | Pen Test Partners

The IRS Is Being Investigated for Using Bought Location Data Without a Warrant – Wait there’s a company called Venntel that sells this and that’s OK?

Posted on by

The body tasked with oversight of the IRS announced in a letter that it will investigate the agency’s use of location data harvested from ordinary apps installed on peoples’ phones, according to a copy of the letter obtained by Motherboard.

The move comes after Senators Ron Wyden and Elizabeth Warren demanded a formal investigation into how the IRS used the location data to track Americans without a warrant.

“We are going to conduct a review of this matter, and we are in the process of contacting the CI [Criminal Investigation] division about this review,” the letter, signed by J. Russell George, the Inspector General, and addressed to the Senators, reads. CI has a broad mandate to investigate abusive tax schemes, bankruptcy fraud, identity theft, and many more similar crimes. Wyden’s office provided Motherboard with a copy of the letter on Tuesday.

In June, officials from the IRS Criminal Investigation unit told Wyden’s office that it had purchased location data from a contractor called Venntel, and that the IRS had tried to use it to identify individual criminal suspects. Venntel obtains location data from innocuous looking apps such as games, weather, or e-commerce apps, and then sells access to the data to government clients.

A Wyden aide previously told Motherboard that the IRS wanted to find phones, track where they were at night, use that as a proxy as to where the individual lived, and then use other data sources to try and identify the person. A person who used to work for Venntel previously told Motherboard that Venntel customers can use the tool to see which devices are in a particular house, for instance.

The IRS’ attempts were not successful though, as the people the IRS was looking for weren’t included in the particular Venntel data set, the aide added.

But the IRS still obtained this data without a warrant, and the legal justification for doing so remains unclear. The aide said that the IRS received verbal approval to use the data, but stopped responding to their office’s inquiries.

[…]

Source: The IRS Is Being Investigated for Using Location Data Without a Warrant

Facebook revenue chief says ad-supported model is ‘under assault’ – boo hoo, turns out people like their privacy

Posted on by

Facebook Chief Revenue Officer David Fischer said Tuesday that the economic models that rely on personalized advertising are “under assault” as Apple readies a change that would limit the ability of Facebook and other companies to target ads and estimate how well they work.

The change to Apple’s identifier for advertisers, or IDFA, will give iPhone users the option to block tracking when opening an app. It was originally planned for iOS 14, the version of the iPhone operating system that was released last month. But Apple said last month it was delaying the rollout until 2021 “to give developers time to make necessary changes.”

Fischer, speaking at a virtual Advertising Week session Tuesday, spoke about the changes after being asked about Facebook’s vulnerability to the companies that control mobile platforms, such as Apple and Google, which runs Android.

Fischer argued that though there’s “angst and concern” about the risks of technology, personalized and targeted advertising has been essential to help the internet grow.

“The economic model that not just we at Facebook but so many businesses rely on, this model is worth preserving, one that makes content freely available, and the business that makes it run and hum, is via advertising,” he said.

“And right now, frankly, some of that is under assault, that the very tools that entrepreneurs, that businesses are relying on right now are being threatened. To me, the changes that Apple has proposed, pretty sweeping changes, are going to hurt developers and businesses the most.”

Apple frames the change as preserving users’ privacy, rather than as an attack on the advertising industry, and has been promoting its privacy features as a core reason to get an iPhone. It comes as consumers are increasingly wary about their online privacy following scandals with various companies, including Facebook.

[…]

Source: Facebook revenue chief says ad-supported model is ‘under assault’

Apple, Facebook, Google, Amazon Are Monopolies: Antitrust Committee

Posted on by

Just as you suspected, Big Tech is dominated by monopolies, a House Judiciary antitrust subcommittee found.

After more than a year of investigating Apple, Facebook, Google, and Amazon’s behavior, lawmakers released a 449-page report with their findings on Tuesday, complete with recommendations that the four companies be broken up to make the market more competitive.

The committee found that each company dominated its respective markets—Facebook in social networking, Google in general online search and search advertising, Amazon in online retail, and Apple in mobile operating systems—to such an extent as to be anticompetitive. The companies “abuse their power by charging exorbitant fees, imposing oppressive contract terms, and extracting valuable data from the people who rely on them,” the Democratic-led committee’s report outlined.

The report goes on to eviscerate the four companies: “To put it simply, companies that once were scrappy, underdog startups that challenged the status quo have become the kinds of monopolies we last saw in the era of oil barons and railroad tycoons. Although these firms have delivered clear benefits to society, the dominance of Amazon, Apple, Facebook, and Google has come at a price. These firms typically run the marketplace while also competing in it — a position that enables them to write one set of rules for others, while they play by another, or to engage in a form of their own private quasi regulation that is unaccountable to anyone but themselves.”

Not only do those companies acquire smaller ones, either to hire their talent or to kill or incorporate their products, but their mere existence chills potential investment to start-ups that may be considered competitive, the committee found.

The committee also noted that Big Tech’s acquisitions haven’t been closely vetted by regulators. For example, Facebook has snatched up nearly 100 smaller companies over the years, and just one, its deal to acquire Instagram in 2012, received scrutiny from the Federal Trade Commission.

That lack of oversight, according to the findings, has degraded the user experience in many cases because tech companies don’t have any competition to do better—particularly when it comes to privacy.

“In the absence of adequate privacy guardrails in the United States, the persistent collection and misuse of consumer data is an indicator of market power online,” the committee noted. “Online platforms rarely charge consumers a monetary price—products appear to be ‘free’ but are monetized through people’s attention or with their data. In the absence of genuine competitive threats, dominant firms offer fewer privacy protections than they otherwise would, and the quality of these services has deteriorated over time. As a result, consumers are forced to either use a service with poor privacy safeguards or forego the service altogether.”

In addition to recommending that the companies effectively be broken up, the committee recommended that antitrust laws and federal antitrust agencies be restored “to full strength.” Specifically, the committee advised that strengthening Section 7 of the Clayton Act and Section 2 of the Sherman Act would go a long way toward giving antitrust legislation more teeth.

Of course, the Big Four aren’t going to take this lying down. Amazon released a lengthy statement in which it argued that being a big company doesn’t necessarily make it an anticompetitive one, and that it comprises just 4% of the U.S. retail market. (Frankly, I am not at all sure how it arrived at that number—the antitrust committee pegged Amazon as controlling more than 40% of all online U.S. retail sales.) The company also argued that it helps consumers find low prices and small businesses find new markets. The committee noted that 37% of all third-party sellers on Amazon rely on the platform exclusively for income.

Source: Apple, Facebook, Google, Amazon Are Monopolies: Antitrust Committee

I have been talking about exactly this since the beginning of 2019 – it’s good to see others agree with me!

They are effectively accountable to no one and as a result “wield their dominance in ways that erode entrepreneurship, degrade Americans’ privacy online, and undermine the vibrancy of the free and diverse press. The result is less innovation, fewer choices for consumers, and a weakened democracy.”

[…]

It uses Facebook’s internal documents to argue that its “monopoly power is firmly entrenched and unlikely to be eroded by competitive pressure from new entrants or existing firms.” And it attacks the social network, arguing that “in the absence of competition, Facebook’s quality has deteriorated over time, resulting in worse privacy protections for its users and a dramatic rise in misinformation on its platform.”

Google, it says upfront, “has a monopoly in the markets for general online search and search advertising.” And, it finds, it has “maintained its monopoly over general search through a series of anti-competitive tactics,” including undermining other search providers, stealing content “to boost Google’s own inferior vertical offerings,” and penalizing competitors.

By growing into ever more services and connecting them together, Google “increasingly functions as an ecosystem of interlocking monopolies,” the report states.

Amazon has “engaged in extensive anti-competitive conduct in its treatment of third-party sellers” and has abused its role as both seller and marketplace controller, the report states. Both its Alexa digital assistant and Amazon Web Services (AWS) are identified as potential targets of antitrust activity and possible diversification.

And Apple “exerts monopoly power in the mobile app store market, controlling access to more than 100 million iPhones and iPads in the US.”

The reports notes: “In the absence of competition, Apple’s monopoly power over software distribution to iOS devices has resulted in harms to competitors and competition, reducing quality and innovation among app developers, and increasing prices and reducing choices for consumers.”

The report is also heavy on the impact of these monopolies: it accuses Facebook and Google of being a significant factor in “the decline of trustworthy sources of news, which is essential to our democracy.”

It argues that collectively the tech giants have “materially weakened innovation and entrepreneurship in the US economy.” And that they have undermined Americans’ basic right to privacy by developing and driving business models that work by selling personal data rather than accepting payment directly.

Give me liberty or give me… the FTC

And, in a final punch to the face, the report accuses them of “undermining both political and economic liberties” by instilling fear through the use of their “unaccountable and arbitrary power,” and using their massive resources to direct and influence policy-making “further shaping how they are governed and regulated.”

In order to counteract all these negative impacts, the report makes a long series of recommendations, including, most significantly, “structural separations and prohibitions of certain dominant platforms from operating in adjacent lines of business.” In other words, breaking up companies.

[…]

And it wants the Big Four to feel the force of the US legal system by “strengthening private enforcement, through eliminating obstacles such as forced arbitration clauses, limits on class action formation, judicially created standards constraining what constitutes an antitrust injury, and unduly high pleading standards.”

What now?

In short, the report is everything that Apple, Amazon, Facebook and Google feared it would be; the only surprise however is that what had become obviously during the committee’s investigations was watered down significantly in the final report.

Of course, there is still a long way to go before any of the report’s recommendations become a reality. Even within the committee, there is not unanimity, with some Republican members expressing concerns over breaking up companies in particular. Republicans will also be more ideologically opposed to adding regulations or removing companies’ ability to arbitrate disputes themselves, rather than through the courts.

And then of course there is the enormous collective power of Apple, Amazon, Facebook and Google – some of the world’s largest and richest corporations – who will be willing and able to do anything to protect their markets and profits.

Source: Big Tech to face its Ma Bell moment? US House Dems demand break-up of ‘monopolists’ Apple, Amazon, Facebook, Google