Scientists have developed a brain implant that can read people’s minds and turn their thoughts to speech.
[…]
They add that their findings, published in the journal Nature, could help people when disease robs them of their ability to talk.
[…]
The mind-reading technology works in two stages.
First an electrode is implanted in the brain to pick up the electrical signals that manoeuvre the lips, tongue, voice box and jaw.
Then powerful computing is used to simulate how the movements in the mouth and throat would form different sounds.
This results in synthesised speech coming out of a “virtual vocal tract”.
Why do it like that?
You might think it would be easier to scour the brain for the pattern of electrical signals that code for each word.
However, attempts to do so have only had limited success.
Instead it was focusing on the shape of the mouth and the sounds it would produce that allowed the scientists to achieve a world first.
[…]
It is not perfect.
If you listen to this recording of synthesised speech:
Media captionListen to speech decoded from brain activity
You can tell it is not crystal clear (the recording says “the proof you are seeking is not available in books”).
The system is better with prolonged sounds like the “sh” in ship than with abrupt sounds such as the “buh” sound in “books”.
In experiments with five people, who read hundreds of sentences, listeners were able to discern what was being spoken up to 70% of the time when they were given a list of words to choose from.
[…]
The participants in the study were told not to make any specific mouth movements.
Prof Chang said: “There were just asked to do the very simple thing of reading some sentences.
“So it’s a very natural act that the brain translates into movements itself.”
March 11, a Vice President at Amazon Web Services, Amazon’s cloud computing behemoth, published a blog post announcing the release of its own version of Elasticsearch, a powerful open-source software search engine tool.
Elastic is a public company founded in 2012 that is currently worth over $5 billion; the vast majority of its revenue is generated by selling subscription access to Elastic’s search capabilities via the cloud. It’s based in Amsterdam and employs more than 1,200 people.
In the blog post, Adrian Cockcroft, VP of cloud architecture strategy at Amazon Web Services (AWS), explained that the company felt forced to take action because Elastic was “changing the rules” on how its software code could be shared. Those changes, made in the run-up to Elastic’s 2018 IPO, started mixing intellectual property into Elastic’s overall line of software products.
[…]
Elastic did not explain its strategic shift at the time. But industry observers interpreted the changes as a response to increasing competition from AWS, which had incorporated Elasticsearch’s code and search functionality into its own suite of computing services.
Elastic isn’t the only open source cloud tool company currently looking over its shoulder at AWS. In 2018 alone, at least eight firms have made similar “rule changes” designed to ward off what they see as unfair competition from a company intent on cannibalizing their services.
[…]
Open source software has been one of the biggest success stories of the software industry. In 2018 alone, Microsoft’s purchase of the open source software development platform GitHub for $7.5 billion, Salesforce’s purchase of the open source company Mulesoft for $6.5 billion, and IBM’s blockbuster $34 billion purchase of the Linux vendor Red Hat proved that open source is a crucial part of the larger software industry. And there is growing acceptance that the collaborative model of developing open source software is a winning strategy to meet the tech industry’s need for constant innovation. So, when the likes of Amazon start accusing companies of not playing fair, people notice.
Sharone Zitzman, a respected commentator on open source software and the head of developer relations at AppsFlyer, an app development company, called Amazon’s move a “hostile takeover” of Elastic’s business. Steven O’Grady, co-founder of the software industry analyst firm RedMonk, cited it as an example of the “existential threat” that open source companies like Elastic believe a handful of cloud computing giants could pose
[…]
The reaction to Amazon’s move wasn’t all negative. Some veterans of the open source community praised Amazon’s defense of open source values, while pointing out the fundamentally messy contradictions of Elastic mixing commercial priorities with open source principles. And fundamentally, adopting open source code is entirely legal.
[…]
These critics see Amazon’s decision to recreate Elasticsearch as opportunistic . behavior. Amazon, they say, is leveraging its dominant power in cloud computing in order to unfairly reap intellectual property. In doing so, AWS is striking at the Achilles’ heel of open source: lifting the work of others, and renting access to it.
What happened to Elastic, Zitzman says, fits into a “long-standing trend of AWS rolling out managed services of popular open source technology, or replicating such technologies… This move is a text-book commoditization move — providing Elastic’s premium services for free.” Or as Salil Deshpande, a managing director at Bain Capital Ventures and an investor in multiple open source companies, puts it: “It is clear that AWS is using its market power to be anti-competitive.”
Some notes – most people who defend open source viciously as it is, formed by some idealists years ago actually have full employment at either universities or at closed source companies. It’s easy to be idealistic with a full belly.
This fits in well with a talk I gave in Zagreb in 2017: Open Source XOR Money about the problems facing the Open Source community, especially the financials.
In 2019 I gave another talk called “Break it up!” about the growing anti-competitive monopolistic powers of the big 5 tech companies.
It’s interesting to see how these subjects are suddenly flaring up in conjunction with each other.
Last night, Epic Games boss Tim Sweeney tweeted that his company would end its controversial exclusivity agreements if Steam raised its revenue cut for developers. It’s a strong statement, even if there are reasons to be skeptical of Sweeney’s position.
“If Steam committed to a permanent 88% revenue share for all developers and publishers without major strings attached,” Sweeney wrote, “Epic would hastily organize a retreat from exclusives (while honoring our partner commitments) and consider putting our own games on Steam.”
Since the Epic Game Store launched in December, the company behind Fortnite and the Unreal Engine has struck several exclusivity deals with high-profile games like Borderlands 3 and The Division 2, preventing those games from appearing on Steam. The practice has been contentious, drawing a lot of ire from PC gamers, especially considering the Epic Game Store lacks many of the features that make Steam so enticing for players. For developers, however, being on the Epic Store is a boon, as it gives 88% of revenue earned from games to the people who make them. PC megalith Steam, on the other hand, gives developers between 70-80% depending on sales.
Yup, exclusivity deals are a great way to differentiate yourself from the competition. No one is forcing anyone to go with the Epic store, if they don’t like it. But there is a clear victor in monopoly breaking: the developers. And happier developers should lead to better products, so eventually the customer will win too. And with any luck, the Steam game player will be a different kind of player than the Epic game player, which means that the stores will have different popularity scores, leading to more diversity and recognition of different products in the gaming ecosphere. Again, the customer wins.
In a series of ground-breaking flight trials that took place in the skies above north-west Wales, the MAGMA unmanned aerial vehicle (UAV) demonstrated two innovative flow control technologies which could revolutionise future aircraft design.
MAGMA, designed and developed by researchers at The University of Manchester in collaboration with engineers from BAE Systems, successfully trialled the two ‘flap-free’ technologies earlier this month at the Llanbedr Airfield.
The technologies have been designed to improve the control and performance of aircraft. By replacing moving surfaces with a simpler ‘blown air’ solution, the trials have paved the way for engineers to create better performing aircraft that are lighter, more reliable and cheaper to operate. The technologies could also improve an aircraft’s stealth as they reduce the number of gaps and edges that currently make aircraft more observable on radar.
Developing such technologies helps to ensure the UK has the right technologies and skills in place for the future and could be applied to the development of a Future Combat Air System. It is the latest technological breakthrough to come from a number of BAE Systems collaborations with academia and industry, that will help the UK to deliver more advanced capability, more quickly, and through shared investment.
[…]
The technologies demonstrated in the trials were:
Wing Circulation Control: Taking air from the aircraft engine and blowing it supersonically through narrow slots around a specially shaped wing tailing edge in order to control the aircraft.
Fluidic Thrust Vectoring: Controlling the aircraft by blowing air jets inside the nozzle to deflect the exhaust jet and generate a control force.
The trials form part of a long-term collaboration between BAE Systems, academia and the UK government to explore and develop flap-free flight technologies, and the data will be used to inform future research programmes. Other technologies to improve the aircraft performance are being explored in collaboration with NATO Science and Technology Organisation.
A person’s “right to repair” their own equipment may well become a US election issue, with presidential candidate Bernie Sanders making it a main talking point during his tour of Iowa.
“Are you ready for something truly insane?” the veteran politician’s account tweeted on Sunday, “Farmers aren’t allowed to repair their own tractors without paying an authorized John Deere repair agent.”
The tweet links to a clip of a recent Sanders rally during which he told the crowd to cheers: “Unbelievably, farmers are unable to even repair their own tractors, and tractors cost what – at least $150,000 – people are spending $150,000 for a piece of machinery. You know what I think? The person who buys that machinery has a right to fix the damn piece of machinery.”
The right-to-repair was also highlighted as one of Sanders’ key policies issues in his plan to “revitalize rural America,” and he promised: “When we are in the White House, we will pass a national right-to-repair law that gives every farmer in America full rights over the machinery they buy.”
Japan can finally include itself among the ranks of countries with successful private spaceflight outfits. Interstellar Technologies has successfully launched its MOMO-3 sounding rocket into space, with the vehicle easily crossing the Kármán line (62 miles in altitude) before splashing into the Pacific. It’s a modest start — the rocket only stayed aloft for 8 minutes and 35 seconds — but it’s also a relief after Interstellar’s previous two attempts ended in failure.
There was a fair amount riding on the mission. Interstellar’s ultimate aim is to ferry small satellites into orbit at a fraction of the cost of government launches, and this takes the company one step closer to achieving its dream. It also relieves some of the pressure on Interstellar founder Takafumi Horie. There had been skepticism about the Livedoor creator’s spaceflight chops given his controversial entrepreneurial history (including a conviction for accounting fraud). This shows that his initiative can work on a basic level — the challenge is translating a test like this into a full-fledged business.
“Free apps marketed to people with depression or who want to quit smoking are hemorrhaging user data to third parties like Facebook and Google — but often don’t admit it in their privacy policies, a new study reports…” writes The Verge.
“You don’t have to be a user of Facebook’s or Google’s services for them to have enough breadcrumbs to ID you,” warns Slashdot schwit1. From the article: By intercepting the data transmissions, they discovered that 92 percent of the 36 apps shared the data with at least one third party — mostly Facebook- and Google-run services that help with marketing, advertising, or data analytics. (Facebook and Google did not immediately respond to requests for comment.) But about half of those apps didn’t disclose that third-party data sharing, for a few different reasons: nine apps didn’t have a privacy policy at all; five apps did but didn’t say the data would be shared this way; and three apps actively said that this kind of data sharing wouldn’t happen. Those last three are the ones that stood out to Steven Chan, a physician at Veterans Affairs Palo Alto Health Care System, who has collaborated with Torous in the past but wasn’t involved in the new study. “They’re basically lying,” he says of the apps.
Part of the problem is the business model for free apps, the study authors write: since insurance might not pay for an app that helps users quit smoking, for example, the only ways for free app developer to stay afloat is to either sell subscriptions or sell data. And if that app is branded as a wellness tool, the developers can skirt laws intended to keep medical information private.
A few apps even shared what The Verge calls “very sensitive information” like self reports about substance use and user names.
Aweigh is an open navigation system that does not rely on satellites: it is inspired by the mapping of celestial bodies and the polarized vision of insects. Ancient seafarers and desert ants alike use universally accessible skylight to organize, orient, and place themselves in the world. Aweigh is a project that learns from the past and from the microscopic to re-position individuals in the contemporary technological landscape.
Networked technolgies that we increasingly rely on undergo changes that are often beyond our control. Most smartphone users require government-run satellites to get around day by day, while consequences of Brexit are calling into question the UK’s access to the EU’s new satellite system, Project Galileo. Aweigh is a set of tools and blueprints that aims to open modern technologies to means of democratization, dissemination, and self-determination.
These tools were designed to depend only on publicly available materials and resources: digital fabrication machines, open-source code, packaged instructions, and universally accessible sky light. Aweigh is inspired by ancient navigation devices that use the process of taking angular measurements between the earth and various celestial bodies as reference points to find one’s position. Combining this process with the polarization of sunlight observed in insect eyes, the group developed a technology that calculates longitude and latitude in urban as well as off-grid areas.
the addresses and demographic details of more than 80 million US households were exposed on an unsecured database stored on the cloud, independent security researchers have found.
The details included names, ages and genders as well as income levels and marital status. The researchers, led by Noam Rotem and Ran Locar, were unable to identify the owner of the database, which until Monday was online and required no password to access. Some of the information was coded, like gender, marital status and income level. Names, ages and addresses were not coded.
The data didn’t include payment information or Social Security numbers. The 80 million households affected make up well over half of the households in the US, according to Statista.
“I wouldn’t like my data to be exposed like this,” Rotem said in an interview with CNET. “It should not be there.”
Rotem and his team verified the accuracy of some data in the cache but didn’t download the data to minimize the invasion of privacy of those listed, he said.
[…]
Unlike a hack, you don’t need to break into a computer system to access an exposed database. You simply need to find the IP address, the numerical code assigned to any given web page.
[…]
Rotem found that the data was stored on a cloud service owned by Microsoft. Securing the data is up to the organization that created the database, and not Microsoft itself.
“We have notified the owner of the database and are taking appropriate steps to help the customer remove the data until it can be properly secured,” a Microsoft spokesperson told CNET in a statement Monday.
The server hosting the data came online in February, Rotem found, and he discovered it in April using tools he developed to search for and catalog unsecured databases.
An international collaboration between several universities around the world has led to an innovation in LEDs that could potentially result in a giant leap forward when it comes to increasing the resolution on TV screens and mobile devices. For the first time ever, a single LED can now change color all by itself.
The current design and chemical makeup of LEDs limit the technology to producing light in just a single color. “But Andrew, what about my color-changing LED smart bulbs,” you’re probably asking. Those actually rely on a cluster of LEDs inside that each produce either red, green, or blue light. When their individual intensities are adjusted, the colors that each light produces mix to produce an overall shade of light. LED-backlit LCD TVs work in a similar fashion, but to produce one-colored pixel, three filtered LEDs are required. Even the next big breakthrough in flatscreen TV technology, MicroLEDs, require a trio of ultra-tiny light-producing diodes to create a single pixel, which limits how many can be squeezed into a given area, and resolution.
In a paper recently published to the ACS Photonics Journal, researchers from Lehigh University and West Chester University in Pennsylvania, Osaka University in Japan, and the University of Amsterdam, detail a new approach to making LEDs that uses a rare earth ion called Europium that when paired with Gallium Nitride (an alternative to silicon that’s now showing up in electronics other than LEDs, like Anker’s impossibly tiny PowerPort Atom PD 1 laptop charger) allows the LED’s color to be adjusted on the fly. The secret sauce is how power is used to excite the Europium and Gallium Nitride-different ratios and intensities of current can be selectively applied to produce the emission of three primary colors: red, blue, and green.
Using this approach, LED lightbulbs with specific color temperatures could be produced and sold at much cheaper price points since the colors from multiple tint-specific LEDs don’t have to be mixed. The technology could yield similar benefits for TVs and the screens that end up in mobile devices. Instead of three LEDs (red, green, and blue) needed to generate every pixel, a single Europium-based LED could do the job. Even more exciting than cheaper price tags is the fact that replacing three LEDs with just one could result in a display with three times the resolution. Your eyes probably wouldn’t be able to discern that many pixels on a smartphone screen, but in smaller displays, like those used in the viewfinders of digital cameras, a significant step in resolution would be a noticeable improvement.
Websites met informatie over gevoelige onderwerpen lappen de privacywet massaal aan hun laars. Dat zegt de Consumentenbond. Veel sites plaatsen zonder toestemming cookies van advertentienetwerken, waardoor die zeer persoonlijke informatie over de bezoekers in handen krijgen.
Onderzoekers van de Consumentenbond zochten in maart en april op onderwerpen binnen de categorieën geloof, jeugd, medisch en geaardheid. Via zoekvragen over onder meer depressie, verslaving, seksuele geaardheid en kanker kwamen zij op 106 websites.
Bijna de helft van die sites plaatste bij bezoek direct, dus zonder toestemming van de bezoeker, een of meer advertentiecookies, bijna altijd van Google. Websites als CIP.nl, Refoweb.nl en scholieren.com plaatsten er zelfs tientallen. Ouders.nl maakte het helemaal bont en plaatste maar liefst 37 cookies.
Ook een flink aantal instellingen voor geestelijke gezondheidszorg viel op. Onder andere ggzdrenthe.nl, connection-sggz.nl, parnassiagroep.nl en lentis.nl volgden ongevraagd het surfgedrag van hun bezoekers en speelden deze informatie door naar Google.
De privacywet AVG is nu een jaar van kracht, maar het is volgens de bond zorgwekkend hoe slecht de wet wordt nageleefd.
Right on cue, Cisco on Wednesday patched a security vulnerability in some of its network switches that can be exploited by miscreants to commandeer the IT equipment and spy on people.
This comes immediately after panic this week over a hidden Telnet-based diagnostic interface was found in Huawei gateways. Although that vulnerability was real, irritating, and eventually removed at Vodafone’s insistence, it was dubbed by some a hidden backdoor perfect for Chinese spies to exploit to snoop on Western targets.
Which, of course, comes as America continues to pressure the UK and other nations to outlaw the use of Huawei gear from 5G networks over fears Beijing would use backdoors baked into the hardware to snatch Uncle Sam’s intelligence.
Well, if a non-internet-facing undocumented diagnostic Telnet daemon is reason enough to kick Huawei kit out of Western networks, surely this doozy from Cisco is enough to hoof American equipment out of British, European and other non-US infrastructure? Fair’s fair, no?
US tech giant Cisco has issued a free fix for software running on its Nexus 9000 series machines that can be exploited to log in as root and hijack the device for further mischief and eavesdropping. A miscreant just needs to be able to reach the vulnerable box via IPv6. It’s due to a default SSH key pair hardcoded into the software
The bill has been pulled by its sponsor, Susan Talamantes-Eggman: “It became clear that the bill would not have the support it needed today, and manufacturers had sown enough doubt with vague and unbacked claims of privacy and security concerns,” she said. Her full statement has been added at the end of the piece.
In recent weeks, an Apple representative and a lobbyist for CompTIA, a trade organization that represents big tech companies, have been privately meeting with legislators in California to encourage them to kill legislation that would make it easier for consumers to repair their electronics, Motherboard has learned.
According to two sources in the California State Assembly, the lobbyists have met with members of the Privacy and Consumer Protection Committee, which is set to hold a hearing on the bill Tuesday afternoon. The lobbyists brought an iPhone to the meetings and showed lawmakers and their legislative aides the internal components of the phone. The lobbyists said that if improperly disassembled, consumers who are trying to fix their own iPhone could hurt themselves by puncturing the lithium-ion battery, the sources, who Motherboard is not naming because they were not authorized to speak to the media, said.
The argument is similar to one made publicly by Apple executive Lisa Jackson in 2017 at TechCrunch Disrupt, when she said the iPhone is “too complex” for normal people to repair them.
[…]
a few weeks after CompTIA and 18 other trade organizations associated with big tech companies—including CTIA and the Entertainment Software Association—sent letters in opposition of the legislation to members of the Assembly’s Privacy and Consumer Protection Committee. One copy of the letter, addressed to committee chairperson Ed Chau and obtained by Motherboard, urges the chairperson “against moving forward with this legislation.” CTIA represents wireless carriers including Verizon, AT&T, and T-Mobile, while the Entertainment Software Association represents Nintendo, Sony, Microsoft, and other video game manufacturers.
“With access to proprietary guides and tools, hackers can more easily circumvent security protections, harming not only the product owner but also everyone who shares their network,” the letter, obtained by Motherboard, stated. “When an electronic product breaks, consumers have a variety of repair options, including using an OEM’s [original equipment manufacturer] authorized repair network.”
Experts, however, say Apple’s and CompTIA’s warnings are far overblown. People with no special training regularly replace the batteries or cracked screens in their iPhones, and there are thousands of small, independent repair companies that regularly fix iPhones without incident. The issue is that many of these companies operate in a grey area because they are forced to purchase replacement parts from third parties in Shenzhen, China, because Apple doesn’t sell them to independent companies unless they become part of the “Apple Authorized Service Provider Program,” which limits the types of repairs they are allowed to do and requires companies to pay Apple a fee to join.
“To suggest that there are safety and security concerns with spare parts and manuals is just patently absurd,” Nathan Proctor, director of consumer rights group US PIRG’s right to repair campaign told Motherboard in a phone call. “We know that all across the country, millions of people are doing this for themselves. Millions more are taking devices to independent repair technicians.”
[…]
“The security of devices is not related to diagnostics and service manuals, they’re related to poor code with vulnerabilities, weak authentication, devices deployed by default to be vulnerable,” Roberts told Motherboard. “We all know there’s no debate. Security for connected devices has nothing to do with repair.”
Wow, this is simply ridiculous. Profiteering by the large companies at the expense of smaller companies seems to be something the US government absolutely loves.
A vulnerability in the Dell SupportAssist utility exposes Dell laptops and personal computers to a remote attack that can allow hackers to execute code with admin privileges on devices using an older version of this tool and take over users’ systems.
Dell has released a patch for this security flaw on April 23; however, many users are likely to remain vulnerable unless they’ve already updated the tool –which is used for debugging, diagnostics, and Dell drivers auto-updates.
The number of impacted users is believed to be very high, as the SupportAssist tool is one of the apps that Dell will pre-install on all Dell laptops and computers the company ships with a running Windows OS (systems sold without an OS are not impacted).
CVE-2019-3719
According to Bill Demirkapi, a 17-year-old security researcher from the US, the Dell SupportAssist app is vulnerable to a “remote code execution” vulnerability that under certain circumstances can allow attackers an easy way to hijack Dell systems.
The attack relies on luring users on a malicious web page, where JavaScript code can trick the Dell SupportAssist tool into downloading and running files from an attacker-controlled location.
Because the Dell SupportAssist tool runs as admin, attackers will have full access to targeted systems, if they manage to get themselves in the proper position to execute this attack.
Attack requires LAN/router compromise
“The attacker needs to be on the victim’s network in order to perform an ARP Spoofing Attack and a DNS Spoofing Attack on the victim’s machine in order to achieve remote code execution,” Demirkapi told ZDNet today in an email conversation.
This might sound hard, but it isn’t as complicated as it appears.
Two scenarios in which the attack could work include public WiFi networks or large enterprise networks where there’s at least one compromised machine that can be used to launch the ARP and DNS attacks against adjacent Dell systems running the SupportAssist tool.
The space agency eggheads pointed the finger of blame at the aluminium manufacturer after probing two failed science missions: the February 24, 2009 fruitless launch of the Orbiting Carbon Observatory, and the March 4, 2011 doomed launch of the Glory satellite, designed for monitoring atmospheric pollutants.
In both cases, the rocket fairing, which is the nose cone protecting the satellite payload, failed to separate after liftoff. As a result, the Orbiting Carbon Observatory (OCO) plunged into the ocean off the Antarctic, and Glory swiftly crashed into the Pacific, after their rockets fell back to Earth, the satellites still attached.
The blunders were traced back to the fairing release mechanism, and specifically the aluminium (or aluminum in Freedom Language) used in this component. It was supplied by Sapa Profiles Inc, of Oregon, USA, now renamed Hydro Extrusion Portland, Inc. NASA’s boffins said the metals used were not up to specification, and called in the Feds.
Subsequent checks appeared to show that Sapa had been falsifying its materials testing reports for profit. The metal was supposed to have a particular tensile strength, however, company employees fudged the tests to increase profit margins, investigators said.
After weeks of speculation, SpaceX has finally admitted that a Crew Dragon capsule was destroyed during a test of system’s abort thrusters on April 20. No cause was given for the anomaly, nor were any new details disclosed about possible delays to NASA’s languishing Commercial Crew Program.
Speaking to reporters at a NASA briefing held earlier this week, Hans Koenigsmann, the vice president of build and flight reliability at SpaceX, said the mishap is “certainly not great news,” in terms of the company’s plan to launch astronauts into space later this year, as CBS News reports. The purpose of the briefing was to discuss an upcoming cargo launch to the ISS, but the incident, in which a Crew Dragon capsule got torched just prior to the firing of launch-abort thrusters, dominated much of the discussion.
The mishap occurred at Cape Canaveral’s Landing Zone 1 on April 20 during static ground tests of the system’s boosters. The Crew Dragon was reportedly engulfed in flames and thick orange-black smoke, which was probably toxic, could be seen for miles. Both NASA and SpaceX have been tight-lipped about the incident, but Koenigsmann shared some new information with reporters during the briefing.
Tests of the system’s smaller, maneuvering Draco thrusters were done earlier in the day without incident, he said. It was when the focus shifted to the system’s larger SuperDraco boosters—a series of eight thrusters tied to the abort system—that things went sideways.
“At the test stand, we powered up Dragon, it powered up as expected, we completed tests with the Draco thrusters—the smaller thrusters that are also on the cargo Dragon,” said Koenigsmann per CBS News. “And then just before we wanted to fire the SuperDracos there was an anomaly and the vehicle was destroyed.”
Russia’s internet iron curtain has been formally signed into law by President Putin. The nation’s internet service providers have until 1 November to ensure they comply.
The law will force traffic through government-controlled exchanges and eventually require the creation of a national domain name system.
The bill has been promoted as advancing Russian sovereignty and ensuring Runet, Russia’s domestic internet, remains functioning regardless of what happens elsewhere in the world. The government has claimed “aggressive” US cybersecurity policies justify the move.
Control of exchanges is seen as an easy way for the Russian government to increase its control over what data its citizens can see, and what they can post. The Kremlin wants all data required by the network to be stored within Russian borders.
ISPs will only be allowed to connect to other ISPs, or peer, through approved exchanges. These exchanges will have to include government-supplied boxes which can block data traffic as required.
There have been widespread protests within the country against the law.
Police from around the world shut down the biggest active black market on the dark web this month, according to announcements from law enforcement agencies in the United States, Germany, and the Netherlands released on Friday.
Wall Street Market, as the black market site was known, was the target of a 1.5-year-long multinational investigation. Three Germans were arrested on April 23 and 24 inside Germany for their alleged role in creating and administering the site that sold illegal drugs, documents, weapons, and data.
“WSM was one of the largest and most voluminous darknet marketplaces of all time,” FBI Special Agent Leroy Shelton wrote in the criminal complaint released on Friday.
[…]
Wall Street Market had 1.15 million customer accounts and 5,400 registered sellers, according to the U.S. Justice Department. However, don’t take those numbers to be accurate census accounts—users are anonymous, sellers and buyers both often create multiple accounts, and there’s no way to get a realistic count on the number of individuals active on a market like this.
A better way to understand the scale of a black market like this is to look at the actual money involved. Last month, Wall Street Market administrators stole around $11 million from user accounts, authorities say.
“An ‘exit scam’ was allegedly conducted last month when the WSM administrators took all of the virtual currency held in marketplace escrow and user accounts—believed by investigators to be approximately $11 million—and then diverted the money to their own accounts.
A new deep learning algorithm can generate high-resolution, photorealistic images of people — faces, hair, outfits, and all — from scratch.
The AI-generated models are the most realistic we’ve encountered, and the tech will soon be licensed out to clothing companies and advertising agencies interested in whipping up photogenic models without paying for lights or a catering budget. At the same time, similar algorithms could be misused to undermine public trust in digital media.
[…]
In a video showing off the tech, the AI morphs and poses model after model as their outfits transform, bomber jackets turning into winter coats and dresses melting into graphic tees.
Specifically, the new algorithm is a Generative Adversarial Network (GAN). That’s the kind of AI typically used to churn out new imitations of something that exists in the real world, whether they be video game levels or images that look like hand-drawn caricatures.
Smart cities are designed to make life easier for their residents: better traffic management by clearing routes, making sure the public transport is running on time and having cameras keeping a watchful eye from above.
But what happens when that data leaks? One such database was open for weeks for anyone to look inside.
Security researcher John Wethington found a smart city database accessible from a web browser without a password. He passed details of the database to TechCrunch in an effort to get the data secured.
[…]
he system monitors the residents around at least two small housing communities in eastern Beijing, the largest of which is Liangmaqiao, known as the city’s embassy district. The system is made up of several data collection points, including cameras designed to collect facial recognition data.
The exposed data contains enough information to pinpoint where people went, when and for how long, allowing anyone with access to the data — including police — to build up a picture of a person’s day-to-day life.
A portion of the database containing facial recognition scans (Image: supplied)
The database processed various facial details, such as if a person’s eyes or mouth are open, if they’re wearing sunglasses, or a mask — common during periods of heavy smog — and if a person is smiling or even has a beard.
The database also contained a subject’s approximate age as well as an “attractive” score, according to the database fields.
But the capabilities of the system have a darker side, particularly given the complicated politics of China.
The system also uses its facial recognition systems to detect ethnicities and labels them — such as “汉族” for Han Chinese, the main ethnic group of China — and also “维族” — or Uyghur Muslims, an ethnic minority under persecution by Beijing.
Where ethnicities can help police identify suspects in an area even if they don’t have a name to match, the data can be used for abuse.
The Chinese government has detained more than a million Uyghurs in internment camps in the past year, according to a United Nations human rights committee. It’s part of a massive crackdown by Beijing on the ethnic minority group. Just this week, details emerged of an app used by police to track Uyghur Muslims.
We also found that the customer’s system also pulls in data from the police and uses that information to detect people of interest or criminal suspects, suggesting it may be a government customer.
Facial recognition scans would match against police records in real time (Image: supplied)
Each time a person is detected, the database would trigger a “warning” noting the date, time, location and a corresponding note. Several records seen by TechCrunch include suspects’ names and their national identification card number.
Marcus Hutchins, the British security researcher who shot to fame after successfully halting the Wannacry ransomware epidemic, has pleaded guilty to crafting online bank-account-raiding malware.
For nearly two years now, Hutchins, 24, has been under house arrest in the US after being collared at Las Vegas airport by FBI agents acting on a tip-off. The Brit, who was at the time trying to fly back home to Blighty after attending the Black Hat and DEF CON security conferences, was accused of creating and selling the Kronos banking trojan, and denied any wrongdoing.
The US government subsequently piled on charges, and it now appears that the pressure has been too much: on Friday this week, Hutchins accepted a plea deal [PDF], and admitted two charges of malware development.
“I’ve pleaded guilty to two charges related to writing malware in the years prior to my career in security,” he said in a statement.
“I regret these actions and accept full responsibility for my mistakes. Having grown up, I’ve since been using the same skills that I misused several years ago for constructive purposes. I will continue to devote my time to keeping people safe from malware attacks.”
Each of the two counts carries a maximum penalty of five years behind bars, a $250,000 fine, and a year of probation. As with most plea deals, he’s likely to get less than that, though he may still spend some time in an American cooler.
While being held in jail after his arrest, Hutchins apparently admitted creating the software nasty. According to the Feds, the Brit at one point told an unnamed associate over a recorded telephone line: “I used to write malware, they picked me up on some old shit,” later adding: “I wrote code for a guy a while back who then incorporated it into a banking malware.”
Now the FBI have their guilty plea, and Hutchins – a professional malware reverse-engineer these days – is facing an uncertain future. But you have to wonder if it was all really worth it for the US authorities. After all, plenty of today’s cyber-security engineers and researchers have toyed with writing malware, even for research purposes. Thus, a stretch behind bars would be a very hard sentence for an offense committed when he was a teen.
The discovery of a new, sophisticated team of hackers spying on dozens of government targets is never good news. But one team of cyberspies has pulled off that scale of espionage with a rare and troubling trick, exploiting a weak link in the internet’s cybersecurity that experts have warned about for years: DNS hijacking, a technique that meddles with the fundamental address book of the internet. Researchers at Cisco’s Talos security division on Wednesday revealed that a hacker group it’s calling Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organtaizations.
In the process, they went so far as to compromise multiple country-code top-level domains — the suffixes like .co.uk, or .ru, that end a foreign web address — putting all the traffic of every domain in multiple countries at risk. The hackers’ victims include telecoms, internet service providers, and domain registrars responsible for implementing the domain name system. But the majority of the victims and the ultimate targets, Cisco believes, were a collection of mostly governmental organizations including ministries of foreign affairs, intelligence agencies, military targets, and energy-related groups, all based in the Middle East and North Africa. By corrupting the internet’s directory system, hackers were able to silently use “man-in-the-middle” attacks to intercept all internet data from email to web traffic sent to those victim organizations.
[…] Cisco Talos said it couldn’t determine the nationality of the Sea Turtle hackers, and declined to name the specific targets of their spying operations. But it did provide a list of the countries where victims were located: Albania, Armenia, Cypress, Egypt, Iraq, Jordan, Lebanon, Libya, Syria, Turkey, and the United Arab Emirates. Cisco’s Craig Williams confirmed that Armenia’s .am top-level domain was one ‘of the “handful” that were compromised, but wouldn’t say which of the other countries’ top-level domains were similarly hijacked.
On Thursday, at just about the same time as the most highly anticipated government document of the decade was released in Washington D.C., Facebook updated a month-old blog post to note that actually a security incident impacted “millions” of Instagram users and not “tens of thousands” as they said at first.
Last month, Facebook announced that hundreds of millions of Facebook and Facebook Lite account passwords were stored in plaintext in a database exposed to over 20,000 employees.
On Thursday, at just about the same time as the most highly anticipated government document of the decade was released in Washington D.C., Facebook updated a month-old blog post to note that actually a security incident impacted “millions” of Instagram users and not “tens of thousands” as they said at first.
Last month, Facebook announced that hundreds of millions of Facebook and Facebook Lite account passwords were stored in plaintext in a database exposed to over 20,000 employees.
The process of printing the heart involved a biopsy of the fatty tissue that surrounds abdominal organs. Researchers separated the cells in the tissue from the rest of the contents, namely the extracellular matrix linking the cells. The cells were reprogrammed to become stem cells with the ability to differentiate into heart cells; the matrix was processed into a personalized hydrogel that served as the printing “ink.”
The cells and hydrogel were first used to create heart patches with blood vessels and, from there, an entire heart.
“At this stage, our 3D heart is small, the size of a rabbit’s heart,” Dvir said. “But larger human hearts require the same technology.”
