Rep. David Cicilline (D-R.I.), who ended Wednesday’s hearing by saying some Big Tech companies need to be broken up, told Axios that Facebook in particular lacks significant competitors and should not have been allowed to buy Instagram and WhatsApp.
Why it matters: Cicilline chairs the antitrust subcommittee, which has been looking into competition issues in the digital space.
“Mr. Zuckerberg acknowledged in this hearing that his acquisition of WhatsApp and Instagram were part of a plan to both buy a competitor and also maintain his money, power, or his dominance. That’s classic monopoly behavior.”
— Cicilline said on the “Axios Re:Cap” podcastCicilline’s criticisms weren’t limited to Facebook, pointing to the power Google and Amazon also hold in their respective markets.
“I think what we saw today was confirmation that these large technology platforms have enduring monopoly power,” he said in the interview with Axios’ Dan Primack.
The big picture: A key issue remains whether existing antitrust law is broad enough to address the modern tech industry, especially companies that provide their products at no direct charge to consumers.
“Congress is going to have to ‘think outside the box’ in a comprehensive way about what antitrust laws should look like in the 21st century,” Neguse told Axios’ Ashley Gold after the hearing.
What’s next: The committee plans to develop a set of recommendations and issue them in a final report as soon as late August, according to Cicilline.
The antitrust session was quite bizarre – the CEOs were running with canned lines which made no sense in their context, they were stumbling, they refused to answer questions, even those which were favorible to their cause. Only one senator was clearly in the pocket of the big tech, the rest were firmly against. One male senator thought Google was targetting him personally and one male couldn’t understand why fake news sites didn’t get high search rankings and were banned by Facebook. It was a laugh if these companies didn’t wield such power. They raised almost all the points I raised in my talk last year.
The Mars 2020 mission with its Perseverance rover is part of NASA’s Mars Exploration Program, a long-term effort of robotic exploration of the Red Planet. The Mars 2020 mission addresses high-priority science goals for Mars exploration, including key Astrobiology questions about the potential for life on Mars. The mission takes the next step by not only seeking signs of habitable conditions on Mars in the ancient past, but also searching for signs of past microbial life itself. The Perseverance rover introduces a drill that can collect core samples of the most promising rocks and soils and set them aside in a “cache” on the surface of Mars. A future mission could potentially return these samples to Earth. That would help scientists study the samples in laboratories with special room-sized equipment that would be too large to take to Mars. The mission also provides opportunities to gather knowledge and demonstrate technologies that address the challenges of future human expeditions to Mars. These include testing a method for producing oxygen from the Martian atmosphere, identifying other resources (such as subsurface water), improving landing techniques, and characterizing weather, dust, and other potential environmental conditions that could affect future astronauts living and working on Mars.
The Trump administration is to pull federal paramilitaries out of Portland starting on Thursday in a major reversal after weeks of escalating protests and violence.
Oregon’s governor, Kate Brown, said she agreed to the pullout in talks with Vice-President Mike Pence.
Brown said state and city police officers will replace Department of Homeland Security agents in guarding the federal courthouse that has become the flashpoint for the protests.
“These federal officers have acted as an occupying force, refused accountability, and brought violence and strife to our community,” the governor said. The head of the US homeland security department said agents would stay near the courthouse until they were sure the plan was working.
Donald Trump said the pullout will not begin until the courthouse is protected. “We’re not leaving until they secure their city. We told the governor, we told the mayor: secure your city,” said the president.
But the announcement is a significant retreat by the administration after Trump sent federal forces to Portland at the beginning of July to end months of Black Lives Matter protests he described as having dragged the city into anarchy.
Instead of quelling the unrest, the arrival of paramilitaries fuelled some of the biggest demonstrations since daily protests following the killing of George Floyd, a Black American, by a white police officer in Minneapolis in May.
The situation escalated particularly after agents in camouflage were filmed snatching protesters from the streets in unmarked vans.
1:57
Portland protests: why Trump has sent in federal agents – video report
Far from imposing order, the federal force, drawn from the border patrol, immigration service and US Marshals, was largely trapped inside the federal courthouse they were ostensibly there to protect, emerging each night to fire waves of teargas, baton rounds and stun grenades in street battles with the protesters. But the demonstrators retained ultimate control of the streets.
Anger at the presence of the paramilitaries brought thousands of people out each night and acted as a lightning rod for broader discontent with Trump, including over his chaotic and divisive handling of the coronavirus epidemic which has killed nearly 150,000 Americans and shows no signs of abating.
The Australian government has filed its second lawsuit against Google in less than a year over privacy concerns, this time alleging the tech giant misled Australian consumers in an attempt to gather information for targeted ads. The Australian Competition and Consumers Commission (ACCC), the country’s consumer watchdog, says Google didn’t obtain explicit consent from consumers to collect personal data, according to a statement.
The ACCC cites a 2016 change to Google’s policy in which the company began collecting data about Google account holders’ activity on non-Google sites. Previously, this data was collected by ad-serving technology company DoubleClick and was stored separately, not linked to users’ Google accounts. Google acquired DoubleClick in 2008, and the 2016 change to Google’s policy meant Google and DoubleClick’s data on consumers were combined. Google then used the beefed-up data to sell even more targeted advertising.
From June 2016 to December 2018, Google account holders were met with a pop-up that explained “optional features” to accounts regarding how the company collected their data. Consumers could click “I agree,” and Google would begin collecting a “wide range of personally identifiable information” from them, according to the ACCC. The lawsuit contends that the pop-up didn’t adequately explain what consumers were agreeing to.
“The ACCC considers that consumers effectively pay for Google’s services with their data, so this change introduced by Google increased the ‘price’ of Google’s services, without consumers’ knowledge,” said ACCC Chair Rod Sims. Had more consumers sufficiently understood Google’s change in policy, many may not have consented to it, according to the ACCC.
Google told the Associated Press it disagrees with the ACCC’s allegations, and says Google account holders had been asked to “consent via prominent and easy-to-understand notifications.” It’s unclear what penalty the ACCC is seeking with the lawsuit.
Last October, the ACCC sued Google claiming the company misled Android users about the ability to opt out of location tracking on phones and tablets. That case is headed to mediation next week, according to a February Computer World article.
The Focals glasses, however, come with prescription lenses as an option, meaning they can function as everyday prescription eyewear. The bulky frames, housing a laser, battery, and other kit will no longer do anything that regular spectacles cannot do.
Ben Wood, chief analyst at CCS Insight, said the pulling of features from cloud-powered hardware is not uncommon – and something that has happened to him before.
“If you want to be an early adopter and have some fun new tech that an ambitious start-up has created, there’s always a risk that they won’t be able to make the business plan stack up,” he warned.
“That could either mean the service stops working or you end up finding you have to pay additional charges to maintain service continuity.”
When a customer gets refunded for an app they purchased, Apple doesn’t refund the 30% cut they took from the developer, says developer Simeon Saens of Two Lives Left. While [online] payment processors generally don’t refund fees on refunded payments, “the App Store doesn’t position itself as a payments processor the way Stripe does, so it sounds really weird that they would act like one,” writes HN user chadlavi. Epic Games CEO Tim Sweeney says in a tweet: This is a critical consideration in these 30% store fees. They come off the top, before funding any developer costs. As a result, Apple and Google make more profit from most developers’ games than the developers themselves. That is terribly unfair and exploitative. “If the app store took a 3% chunk and never refunded it regardless of the ongoing status of the transaction, that would put them right in line with other payment processors,” adds chadlavi. “It would also still net them billions of dollars, I think!”
On Wednesday, security firm FireEye released a report on a disinformation-focused group it’s calling Ghostwriter. The propagandists have created and disseminated disinformation since at least March 2017, with a focus on undermining NATO and the US troops in Poland and the Baltics; they’ve posted fake content on everything from social media to pro-Russian news websites. In some cases, FireEye says, Ghostwriter has deployed a bolder tactic: hacking the content management systems of news websites to post their own stories. They then disseminate their literal fake news with spoofed emails, social media, and even op-eds the propagandists write on other sites that accept user-generated content.
That hacking campaign, targeting media sites from Poland to Lithuania, has spread false stories about US military aggression, NATO soldiers spreading coronavirus, NATO planning a full-on invasion of Belarus, and more. “They’re spreading these stories that NATO is a danger, that they resent the locals, that they’re infected, that they’re car thieves,” says John Hultquist, director of intelligence at FireEye. “And they’re pushing these stories out with a variety of means, the most interesting of which is hacking local media websites and planting them. These fictional stories are suddenly bona fide by the sites that they’re on, and then they go in and spread the link to the story.”
[…]
the company’s analysts have found that the news site compromises and the online accounts used to spread links to those fabricated stories, as well as the more traditional creation of fake news on social media, blogs, and websites with an anti-US and anti-NATO bent, all tie back to a distinct set of personas, indicating one unified disinformation effort. FireEye’s Hultquist points out that the campaign doesn’t seem financially motivated, indicating a political or state backer, and notes that the focus on driving a wedge between NATO and citizens of Eastern Europe hints at possible Russian involvement.
Nor would it be the first time that Russian hackers planted fake news stories; in 2017, US intelligence agencies concluded that Russian hackers breached Qatar’s state news agency and planted a fake news story designed to embarrass the country’s leader and cause a rift with the US, though US intelligence never confirmed the Kremlin’s involvement.
“We can’t concretely tie it to Russia at this time, but it’s certainly in line with their interests,” Hultquist says of the Ghostwriter campaign. “It wouldn’t be a surprise to me if this is where the evidence leads us.”
Netgear has quietly decided not to patch more than 40 home routers to plug a remote code execution vulnerability – despite security researchers having published proof-of-concept exploit code.
Keen-eyed Reg readers, however, noticed that Netgear quietly declared 45 of the affected products as “outside the security support period” – meaning those items won’t be updated to protect them against the vuln.
America’s Carnegie-Mellon University summarised the vuln in a note from its Software Engineering Institute: “Multiple Netgear devices contain a stack buffer overflow in the httpd web server’s handling of upgrade_check.cgi, which may allow for unauthenticated remote code execution with root privileges.”
Stung by pressure from infosec researchers that came to a head in June when ZDI went public, Netgear began issuing patches. It had sorted out 28 of the 79 vulnerable product lines by the end of that month.
Infosec biz Grimm pitched in after independently discovering the vuln itself by publishing proof-of-concept exploits for the SOHO (Small Office/Home Office) devices.
With today’s revelation that 45 largely consumer and SME-grade items will never be patched, Netgear faces questions over its commitment to older product lines. Such questions have begun to be addressed in Britain by calls from government agencies for new laws forcing manufacturers to reveal devices’ design lifespans at the point of purchase.
[…]
Today Netgear’s advisory page for the patches shows 45 devices’ fix status as “none; outside security support period”. We have collected those devices’ model numbers in the list below:
you can get this functionality by downloading and installing a simple app from the Google Play Store: Access Dots. It’s free, it’s easy, and it helps you up your Android’s security game. I would almost call it a must-install for anyone, because it’s as unobtrusive as it is helpful.
Download and launch the app, and you’ll see one simple setting you have to enable. That’s all you have to do to fire up Access Dots’ basic functionality.
Screenshot: David Murphy
Well, that and tapping on the new “Access Dots” listing in your Accessibility settings, and then enabling the service there, too.
Screenshot: David Murphy
Head back to your Android’s Home screen and…you won’t see anything. Zilch. That’s the point. Pull up your Camera app, however, and you’ll see a big green icon appear in the upper-right corner of your device. Tap on your Google Assistant’s microphone icon, and you’ll see an orange dot; the same as what iOS 14 users see.
Screenshot: David Murphy
If you don’t like these colors, you can change them to whatever you want in Access Dots’ settings. You can even change the location of said dot, as well as its size. Tap on the little “History” icon in Access Dots’ main UI—you can’t miss it—and you’ll even be able to browse a log of which apps requested camera of microphone access and for how long they used it:
Though I’m not a huge fan of how many ads litter the Access Dots app, I respect someone’s need to make a little cash. You only see them when you launch the app. Otherwise, all you’ll see on your phone are those dots. That’s not a terrible trade-off, I’d say, given how much this simple security app can do.
Waydev, a San Francisco-based company, runs a platform that can be used to track software engineers’ work output by analyzing Git-based codebases. To do this, Waydev runs a special app listed on the GitHub and GitLab app stores.
When users install the app, Waydev receives an OAuth token that it can use to access its customers’ GitHub or GitLab projects. Waydev stores this token in its database and uses it on a daily basis to generate analytical reports for its customers.
Waydev CEO and co-founder Alex Circei told ZDNet today in a phone call that hackers used a blind SQL injection vulnerability to gain access to its database, from where they stole GitHub and GitLab OAuth tokens.
The hackers then used some of these tokens to pivot to other companies’ codebases and gain access to their source code projects.
An annoying vulnerability in the widely used GRUB2 bootloader can be potentially exploited by malware or a rogue insider already on a machine to thoroughly compromise the operating system or hypervisor while evading detection by users and security tools.
[…]
Designated CVE-2020-10713, the vulnerability allows a miscreant to achieve code execution within the open-source bootloader, and effectively control the device at a level above the firmware and below any system software. Bug hunters at Eclypsium, who found the flaw and dubbed it BootHole, said patching the programming blunder will be a priority and a headache for admins.
To be clear, malware or a rogue user must already have administrator privileges on the device to exploit the flaw, which for the vast majority of victims is a game-over situation anyway. You’ve likely lost all your data and network integrity at that point. What this bootloader bug opens up is the ability for a determined miscreant to burrow deeper, run code at a low level below other defenses, and compromise the foundation of a system to the point where they cannot be easily detected by administrators nor antivirus.
The sources of the stone used to construct Stonehenge around 2500 BCE have been debated for over four centuries. The smaller “bluestones” near the center of the monument have been traced to Wales, but the origins of the sarsen (silcrete) megaliths that form the primary architecture of Stonehenge remain unknown. Here, we use geochemical data to show that 50 of the 52 sarsens at the monument share a consistent chemistry and, by inference, originated from a common source area. We then compare the geochemical signature of a core extracted from Stone 58 at Stonehenge with equivalent data for sarsens from across southern Britain. From this, we identify West Woods, Wiltshire, 25 km north of Stonehenge, as the most probable source area for the majority of sarsens at the monument.
A handful of Chrome users have sued Google, accusing the browser maker of collecting personal information despite their decision not to sync data stored in Chrome with a Google Account.
The lawsuit [PDF], filed on Monday in a US federal district court in San Jose, California, claimed Google promises not to collect personal information from Chrome users who choose not to sync their browser data with a Google Account but does so anyway.
“Google intentionally and unlawfully causes Chrome to record and send users’ personal information to Google regardless of whether a user elects to Sync or even has a Google account,” the complaint stated.
Filed on behalf of “unsynced” plaintiffs Patrick Calhoun, Elaine Crespo, Hadiyah Jackson and Claudia Kindler – all said to have stopped using Chrome and to wish to return to it, rather than use a different browser, once Google stops tracking unsynced users – the lawsuit cited the Chrome Privacy Notice.
Since 2016, that notice has promised, “You don’t need to provide any personal information to use Chrome.” And since 2019, it has said, “the personal information that Chrome stores won’t be sent to Google unless you choose to store that data in your Google Account by turning on sync,” with earlier versions offering variants on that wording.
Nonetheless, whether or not account synchronization has been enabled, it’s claimed, Google uses Chrome to collect IP addresses linked to user agent data, identifying cookies, unique browser identifiers called X-Client Data Headers, and browsing history. And it does so supposedly in violation of federal wiretap laws and state statutes.
Google then links that information with individuals and their devices, it’s claimed, through practices like cookie syncing, where cookies set in a third-party context get associated with cookies set in a first-party context.
“Cookie synching allows cooperating websites to learn each other’s cookie identification numbers for the same user,” the complaint says. “Once the cookie synching operation is complete, the two websites exchange information that they have collected and hold about a user, further making these cookies ‘Personal Information.'”
The litigants pointed to Google’s plan to phase out third-party cookies, and noted Google doesn’t need cookies due to the ability of its X-Client-Data Header to uniquely identify people.
Whether the goal is to find a treatment for COVID-19 or another disease, scientists often have to conduct preliminary tests on animals to determine whether the drug is safe or effective in people. It’s not always a one-for-one comparison, but The New York Times reports there may be a new way around that step going forward: 3-D printing.
For example, Anthony Atala, the director of the Wake Forest Institute for Regenerative Medicine, and his team are using 3-D printers to create tiny replicas of human organs, including miniature lungs and colons, which are particularly affected by the coronavirus. They send them overnight for testing at a biosafety lab at George Mason University.
The idea predated the coronavirus — Atala said he never thought “we’d be considering this for a pandemic” — but it could come in handy and help expedite the experimental drug process, especially since Atala said his Winston-Salem, North Carolina-based lab can churn out thousands of printed organs per hour. “The 3-D models can circumvent animal testing and make the pathway stronger from the lab to the clinic,” said Akhilesh Gaharwar, who directs a lab in the biomedical engineering at Texas A&M University. Read more at The New York Times.Tim O’Donnell
Twitter contractors with high-level administrative access to accounts regularly abused their privileges to spy on celebrities including Beyoncé, including approximating their movements via internet protocol addresses, according to a report by Bloomberg.
Over 1,500 workers and contractors at Twitter who handle internal support requests and manage user accounts have high-level privileges that enable them to override user security settings and reset their accounts via Twitter’s backend, as well as view certain details of accounts like IP addresses, phone numbers, and email addresses.
[…]
Two of the former Twitter employees told Bloomberg that projects such as enhancing security of “the system that houses Twitter’s backup files or enhancing oversight of the system used to monitor contractor activity were, at times, shelved for engineering products designed to enhance revenue.” In the meantime, some of those with access (some of whom were contractors with Cognizant at up to six separate work sites) abused it to view details including IP addresses of users. Executives didn’t prioritize policing the internal support team, two of the former employees told Bloomberg, and at times Twitter security allegedly had trouble tracking misconduct due to sheer volume.
A system was in place to create access logs, but it could be fooled by simply creating bullshit support tickets that made the spying appear legitimate; two of the former employees told Bloomberg that from 2017 to 2018 members of the internal support team “made a kind of game out of” the workaround. The security risks inherent to granting access to so many people were reportedly brought up to the company’s board repeatedly from 2015-2019, but little changed.
This had consequences beyond the most recent hack. Last year, the Department of Justice announced charges against two former employees (a U.S. national and a Saudi citizen) that it accused of espionage on behalf of an individual close to Saudi Crown Prince Mohammed bin Salman. The DOJ alleged that the intent of the operation was to gain access to private information on political dissidents.
A US House antitrust committee is getting set to grill tech’s biggest CEOs, but Microsoft wants them to focus on one in particular: Apple’s Tim Cook. Microsoft President Brad Smith met with the committee several weeks ago and relayed concerns about how Apple manages its App Store, according to the The Information (via Bloomberg).
Smith complained specifically about Apple’s arbitrary App Store approval policy which recently caused a ruckus over the rejection of Basecamp’s Hey email app. He also railed against Apple’s payment requirement that allows it to take as much as a 30 percent cut of developers’ revenue. That policy is currently the subject of an EU antitrust investigation launched at the behest of Spotify.
The antitrust committee originally called Smith to get Microsoft’s take on the current antitrust climate, given that the company was the subject of US investigations in the 2000s. Smith said that Apple’s App Store rules impede competition to a much higher degree than Microsoft did with Windows when it was found guilty of antitrust violations two decades ago. Smith didn’t criticize other tech companies during the interview.
Apple has largely avoided the privacy-related investigations faced by Google and Facebook, but now finds itself in the middle of antitrust probes on both sides of the Atlantic. With its old frenemy Microsoft adding to the complaints, Apple could face a lot of heat when the House Judiciary Antitrust hearings kick off next Monday on July 27th.
Tim Sweeney, CEO of Fortnite developer Epic Games, criticized Apple and Google for having an “absolute monopoly” on app stores in a Friday interview with CNBC. There aren’t many viable options for distributing mobile software outside the Apple App Store and the Google Play Store, and Sweeney chides both for taking a 30 percent fee from in-app purchases.
Epic Games launched the Epic Games Store in late 2018 for Windows and Mac computers, and only charges other publishers a 12 percent fee on in-app purchases. The Epic Games Store hasn’t made it to the App Store because of Apple’s strict guidelines against competing software stores.
“They [Apple] are preventing an entire category of businesses and applications from being engulfed in their ecosystem by virtue of excluding competitors from each aspect of their business that they’re protecting,” Sweeney said.
Epic previously made Fortnite available to Android devices not by offering it on the Google Play Store, but instead through a launcher on the Fortnite website that downloaded the game. This allowed Epic to sidestep the 30 percent fee from Google. But the download process was too involved for many users, so Fortnite eventually launched on Google Play earlier this year. Sweeney said the company still plans to bring the Epic Games Store to Android. “Google essentially intentionally stifles competing stores by having user interface barriers and obstruction,” Sweeney said.
Epic isn’t the first company to speak out against Apple and Google’s 30 percent fee. In March of last year, Spotify CEO Daniel Ek filed an unfair competition complaint against Apple with the European Commission, citing the fee as forcing them to artificially inflate the price of its Spotify Premium membership. Last July, Tinder introduced a default payment process into its Android app meant to bypass the Google Play Store fee.
Garmin is reportedly being asked to pay a $10 million ransom to free its systems from a cyberattack that has taken down many of its services for two days.
The navigation company was hit by a ransomware attack on Thursday, leaving customers unable to log fitness sessions in Garmin apps and pilots unable to download flight plans for aircraft navigation systems, among other problems. The company’s communication systems have also been taken offline, leaving it unable to respond to disgruntled customers.
Garmin employees have told BleepingComputer that the company was struck down by the WastedLocker ransomware. Screenshots sent to BleepingComputer show long lists of the company’s files encrypted by the malware, with a ransom note attached to each file.
The ransom note tells the recipient to email one of two email addresses to “get a price for your data”. That price, Garmin’s sources have told BleepingComputer, is $10 million.
Crippled Garmin
The ransomware attack has crippled many of the company’s systems. Reports claim that Garmin’s IT department shut down all of the company’s computers, including those of employees working from home who were connected by VPN, to halt the spread of the ransomware across its network.
Garmin’s Taiwan factories have reportedly closed production lines yesterday and today while the company attempts to unpick the ransomware.
The shutdown is having a big effect on Garmin’s customers. DownDetector reveals a huge spike today in people having trouble accessing Garmin Connect, the app that logs fitness routines for the company’s devices. More people are likely to be using such devices at the weekend.
DownDetector shows how Garmin customers continue to be affected
DownDetector
The problem is even more serious for Garmin’s aviation device customers. Pilots have told ZDNet that they are unable to download a version of Garmin’s aviation database onto their airplane navigation systems, which is an FAA requirement.
Garmin has issued very little public comment about the problem. On Thursday, the company issued a tweet saying “we are currently experiencing an outage that affects Garmin Connect,” adding that the outage “also affects our call centers and we are currently unable to receive any calls, emails or online chats”.
Garmin has been approached for comment, but as you can appreciate from the statement above, that’s somewhat complicated…
Space seems empty and therefore the perfect environment for radio communications. Don’t let that fool you: There’s still plenty that can disrupt radio communications. Earth’s fluctuating ionosphere can impair a link between a satellite and a ground station. The materials of the antenna can be distorted as it heats and cools. And the near-vacuum of space is filled with low-level ambient radio emanations, known as cosmic noise, which come from distant quasars, the sun, and the center of our Milky Way galaxy. This noise also includes the cosmic microwave background radiation, a ghost of the big bang. Although faint, these cosmic sources can overwhelm a wireless signal over interplanetary distances.
Depending on a spacecraft’s mission, or even the particular phase of the mission, different link qualities may be desirable, such as maximizing data throughput, minimizing power usage, or ensuring that certain critical data gets through. To maintain connectivity, the communications system constantly needs to tailor its operations to the surrounding environment.
Imagine a group of astronauts on Mars. To connect to a ground station on Earth, they’ll rely on a relay satellite orbiting Mars. As the space environment changes and the planets move relative to one another, the radio settings on the ground station, the satellite orbiting Mars, and the Martian lander will need continual adjustments. The astronauts could wait 8 to 40 minutes—the duration of a round trip—for instructions from mission control on how to adjust the settings. A better alternative is to have the radios use neural networks to adjust their settings in real time. Neural networks maintain and optimize a radio’s ability to keep in contact, even under extreme conditions such as Martian orbit. Rather than waiting for a human on Earth to tell the radio how to adapt its systems—during which the commands may have already become outdated—a radio with a neural network can do it on the fly.
Such a device is called a cognitive radio. Its neural network autonomously senses the changes in its environment, adjusts its settings accordingly—and then, most important of all, learns from the experience. That means a cognitive radio can try out new configurations in new situations, which makes it more robust in unknown environments than a traditional radio would be. Cognitive radios are thus ideal for space communications, especially far beyond Earth orbit, where the environments are relatively unknown, human intervention is impossible, and maintaining connectivity is vital.
Worcester Polytechnic Institute and Penn State University, in cooperation with NASA, recently tested the first cognitive radios designed to operate in space and keep missions in contact with Earth. In our tests, even the most basic cognitive radios maintained a clear signal between the International Space Station (ISS) and the ground. We believe that with further research, more advanced, more capable cognitive radios can play an integral part in successful deep-space missions in the future, where there will be no margin for error.
Future crews to the moon and Mars will have more than enough to do collecting field samples, performing scientific experiments, conducting land surveys, and keeping their equipment in working order. Cognitive radios will free those crews from the onus of maintaining the communications link. Even more important is that cognitive radios will help ensure that an unexpected occurrence in deep space doesn’t sever the link, cutting the crew’s last tether to Earth, millions of kilometers away.
Cognitive radio as an idea was first proposed by Joseph Mitola III at the KTH Royal Institute of Technology, in Stockholm, in 1998. Since then, many cognitive radio projects have been undertaken, but most were limited in scope or tested just a part of a system. The most robust cognitive radios tested to date have been built by the U.S. Department of Defense.
When designing a traditional wireless communications system, engineers generally use mathematical models to represent the radio and the environment in which it will operate. The models try to describe how signals might reflect off buildings or propagate in humid air. But not even the best models can capture the complexity of a real environment.
A cognitive radio—and the neural network that makes it work—learns from the environment itself, rather than from a mathematical model. A neural network takes in data about the environment, such as what signal modulations are working best or what frequencies are propagating farthest, and processes that data to determine what the radio’s settings should be for an optimal link. The key feature of a neural network is that it can, over time, optimize the relationships between the inputs and the result. This process is known as training.
The EU has demanded that Google make major concessions relating to its $2.1 billion acquisition of fitness-tracking company Fitbit if the deal is to be allowed to proceed imminently, according to people with direct knowledge of the discussions.
Since it was announced last November, the acquisition has faced steep opposition from consumer groups and regulators, who have raised concerns over the effect of Google’s access to Fitbit’s health data on competition.
EU regulators now want the company to pledge that it will not use that information to “further enhance its search advantage” and that it will grant third parties equal access to it, these people said.
The move comes days after the EU regulators suffered a major blow in Luxembourg, losing a landmark case that would have forced Apple to pay back €14.3 billion in taxes to Ireland.
Brussels insiders said that a refusal by Google to comply with the new demands would probably result in a protracted investigation, adding that such a scenario could ultimately leave the EU at a disadvantage.
“It is like a poker game,” said a person following the case closely. “In a lengthy probe, the commission risks having fewer or no pledges and still having to clear the deal.”
They added that the discussions over the acquisition were “intense,” and there was no guarantee that any agreement between Brussels and Google would be reached.
Google had previously promised it would not use Fitbit’s health data to improve its own advertising, but according to Brussels insiders, the commitment was not sufficient to assuage the EU’s concerns nor those of US regulators also examining the deal.
Twitter said on Saturday that the perpetrators “manipulated a small number of employees and used their credentials” to log into tools and turn over access to 45 accounts. here On Wednesday, it said that the hackers could have read direct messages to and from 36 accounts but did not identify the affected users.
The former employees familiar with Twitter security practices said that too many people could have done the same thing, more than 1,000 as of earlier in 2020, including some at contractors like Cognizant.
Twitter declined to comment on that figure and would not say whether the number declined before the hack or since. The company was looking for a new security head, working to better secure its systems and training employees on resisting tricks from outsiders, Twitter said. Cognizant did not respond to a request for comment.
“That sounds like there are too many people with access,” said Edward Amoroso, former chief security officer at AT&T. Responsibilities among the staff should have been split up, with access rights limited to those responsibilities and more than one person required to agree to make the most sensitive account changes. “In order to do cyber security right, you can’t forget the boring stuff.”
Threats from insiders, especially lower-paid outside support staff, are a constant worry for companies serving large numbers of users, cyber security experts said. They said that the greater the number of people who can change key settings, the stronger oversight must be.
[…]
On a call to discuss company earnings on Thursday, Twitter Chief Executive Jack Dorsey acknowledged past missteps.
“We fell behind, both in our protections against social engineering of our employees and restrictions on our internal tools,” Dorsey told investors.
Researchers have spotted large waves of martian sand migrating for the first time. The discovery dispels the long-held belief that these “megaripples” haven’t moved since they formed hundreds of thousands of years ago. They’re also evidence of stronger-than-expected winds on the Red Planet.
It’s pretty staggering that humans can detect these changes on Mars, says Ralph Lorenz, a planetary scientist at the Johns Hopkins University Applied Physics Laboratory who was not involved in the research. “We can now measure processes on the surface of another planet that are just a couple times faster than our hair grows.”
Megaripples are found in deserts on Earth, often between dunes. Waves in the sand spaced up to tens of meters apart, they’re a larger version of ripples that undulate every 10 centimeters or so on many sand dunes.
But unlike dunes, megaripples are made up of two sizes of sand grains. Coarser, heavier grains cap the crests of megaripples, making it harder for wind to move these features around, says Simone Silvestro, a planetary scientist at Italy’s National Institute of Astrophysics in Naples.
Since the early 2000s, Mars rovers and orbiters have repeatedly spotted megaripples on the Red Planet. But they didn’t seem to change in any measurable way, which led some scientists to think they were relics from Mars’s past, when its thicker atmosphere permitted stronger winds.
Now, using images captured by NASA’s Mars Reconnaissance Orbiter, Silvestro and his colleagues have shown that some megaripples do creep along—just very slowly.
The researchers focused on two sites near the equator of Mars. They analyzed roughly 1100 megaripples in McLaughlin crater and 300 in the Nili Fossae region. They looked for signs of movement by comparing time-lapse images of each site—taken 7.6 and 9.4 years apart, respectively. Megaripples in both regions advanced by about 10 centimeters per year, the team reports in the Journal of Geophysical Research: Planets. That’s about how fast megaripples move in the Lut Desert of Iran.
It’s a surprise that megaripples move at all on Mars, says Jim Zimbelman, a planetary geologist at the Smithsonian Institution’s Air and Space Museum. Just a few decades ago, there was no evidence that sands on Mars were mobile, he says. “None of us thought that the winds were strong enough.”
More than 1,000 unsecured databases so far have been permanently deleted in an ongoing attack that leaves the word “meow” as its only calling card, according to Internet searches over the past day.
IP addresses of both user devices and the VPN servers they connected to
Connection timestamps
Geo-tags
Device and OS characteristics
Apparent domains from which advertisements are injected into free users’ Web browsers
Besides amounting to a serious privacy breach, the database was at odds with the Hong Kong-based UFO’s promise to keep no logs. The VPN provider responded by moving the database to a different location but once again failed to secure it properly. Shortly after, the Meow attack wiped it out.
Representatives of UFO didn’t immediately respond to an email seeking comment.
Since then, Meow and a similar attack have destroyed more than 1,000 other databases. At the time this post went live, the Shodan computer search site showed that 987 ElasticSearch and 70 MongoDB instances had been nuked by Meow. A separate, less-malicious attack tagged an additional 616 ElasticSearch, MongoDB, and Cassandra files with the string “university_cybersec_experiment.” The attackers in this case seem to be demonstrating to the database maintainers that the files are vulnerable to being viewed or deleted.
Just for fun
It’s not the first time attackers have targeted unsecured databases, which have become increasingly common with the growing use of cloud computing services from Amazon, Microsoft, and other providers. In some cases, the motivation is to make money through ransomware rackets. In other cases—including the current Meow attacks—the data is simply wiped out with no ransomware note or any other explanation. The only thing left behind in the current attacks is the word “meow.”
One database affected by the Meow attack.
“I think that in most [of the latter] cases, malicious actors behind the attacks do it just for fun, because they can, and because it is really simple to do,” Diachenko told me. “Thus, it is another wake-up call for the industry and companies which ignore cyber hygiene and lose their data and data of their customers in a blink of an eye.”
“Comet Neowise has been the brightest and most visible space snowball in a generation, but it’s also the first naked-eye comet to visit us in the new era of satellite mega-constellations like SpaceX’s Starlink,” writes CNET.
“In just the latest episode of Starlink ‘trains’ irritating astronomers, a number of images have been circulating of the satellites photo-bombing Comet Neowise glamour shots…”
Live Science explains: Visible just above the horizon right now, the comet appears faint and small to the naked eye, but can be seen clearly through cameras with long, telephoto lenses. Usually, when photographers capture objects like this in the night sky they use long exposure times, leaving the camera aperture open to collect light over the course of several seconds. But now comet-chasers report that a new fleet of SpaceX’s Starlink satellites is leaving bright smears across their NEOWISE snaps, as the shiny orbiters streak through their frames during long exposures.
The AI that DutchSteamMachine uses is called Depth-Aware video frame INterpolation, or DAIN for short. This AI is open source, free and constantly being developed and improved upon… “People have used the same AI programs to bring old film recordings from the 1900s back to life, in high definition and colour,” he said. “This technique seemed like a great thing to apply to much newer footage….”
DutchSteamMachine does this work in his spare time, and posts it for free on his YouTube page. His tagline is “Preserving the past for the future…” And he’s planning to keep it all coming. “I plan to improve tons of Apollo footage like this,” he said. “A lot more space and history-related footage is going to be published on my YT channel continuously.” He also has a Flickr page with more enhanced imagery. [And a Patreon page…]
Long-time Slashdot reader schwit1 calls it “similar to what Peter Jackson did with old World War I footage for They Shall Not Grow Old.”
