The Linkielist

Linking ideas with the world

One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week

Posted on by Robin Edgar

Bitcoin’s incredible price run to break over $7,000 this year has sent its overall electricity consumption soaring, as people worldwide bring more energy-hungry computers online to mine the digital currency.An index from cryptocurrency analyst Alex de Vries, aka Digiconomist, estimates that with prices the way they are now, it would be profitable for Bitcoin miners Read more about One Bitcoin Transaction Now Uses as Much Energy as Your House in a Week[…]

Intel’s super-secret Management Engine firmware breached via USB

Posted on by Robin Edgar

Getting into and hijacking the Management Engine means you can take full control of a box, underneath and out of sight of whatever OS, hypervisor or antivirus is installed. This powerful God-mode technology is barely documented and supposedly locked down to prevent miscreants from hijacking and exploiting the engine to silently spy on users or Read more about Intel’s super-secret Management Engine firmware breached via USB[…]

Introducing GoCrack: A Managed distributed Password Cracking Tool

Posted on by Robin Edgar

FireEye’s Innovation and Custom Engineering (ICE) team released a tool today called GoCrack that allows red teams to efficiently manage password cracking tasks across multiple GPU servers by providing an easy-to-use, web-based real-time UI (Figure 1 shows the dashboard) to create, view, and manage tasks. Simply deploy a GoCrack server along with a worker on Read more about Introducing GoCrack: A Managed distributed Password Cracking Tool[…]

LavaRand in Production: The Nitty-Gritty Technical Details or How Cloudflare uses a wall of lava lamps to protect the internet

Posted on by Robin Edgar

There’s a wall of lava lamps in the lobby of our San Francisco office. We use it for cryptography. Here are the nitty-gritty technical details. […] In cryptography, the term random means unpredictable. That is, a process for generating random bits is secure if an attacker is unable to predict the next bit with greater Read more about LavaRand in Production: The Nitty-Gritty Technical Details or How Cloudflare uses a wall of lava lamps to protect the internet[…]

Ex-agent in Silk Road probe gets more prison time for bitcoin theft

Posted on by Robin Edgar

Shaun Bridges, 35, was sentenced by U.S. District Court Judge Richard Seeborg in San Francisco after pleading guilty in August to money laundering in the second criminal case to be brought against the former agent, prosecutors said.Bridges, who served in the Secret Service’s Baltimore field office, was sentenced in 2015 to 71 months in prison Read more about Ex-agent in Silk Road probe gets more prison time for bitcoin theft[…]

~$300m of Etherium accidentally lost forever by Parity due to bug

Posted on by Robin Edgar

More than $300m of cryptocurrency has been lost after a series of bugs in a popular digital wallet service led one curious developer to accidentally take control of and then lock up the funds, according to reports.Unlike most cryptocurrency hacks, however, the money wasn’t deliberately taken: it was effectively destroyed by accident. […] On Tuesday Read more about ~$300m of Etherium accidentally lost forever by Parity due to bug[…]

Linux Has a USB Driver Security Problem. 79 of them. Fortunately, they require physical access.

Posted on by Robin Edgar

“All of them can be triggered with a crafted malicious USB device in case an attacker has physical access to the machine,” Konovalov said. Konovalov has found a total of 79 Linux USB-related bugsThe 14 flaws are actually part of a larger list of 79 flaws Konovalov found in Linux kernel USB drivers during the Read more about Linux Has a USB Driver Security Problem. 79 of them. Fortunately, they require physical access.[…]

Forget cookies or canvas: How to follow people around the web using only their typing techniques

Posted on by Robin Edgar

In this paper (Sequential Keystroke Behavioral Biometrics for MobileUser Identification via Multi-view Deep Learning), we propose DEEPSERVICE, a new technique that can identify mobile users based on user’s keystroke information captured by a special keyboard or web browser. Our evaluation results indicate that DEEPSERVICE is highly accurate in identifying mobile users (over 93% accuracy). The Read more about Forget cookies or canvas: How to follow people around the web using only their typing techniques[…]

Re:scam and jolly roger – AI responses to phishing emails and telemarketers

Posted on by Robin Edgar

Forward your scammer emails to Re:scam and here’s what happens. Source: Re:scam The AI bot assumes one of many identities with little mistakes and tries to keep the scammer busy with the email exchange for as long as possible using humor. Which reminds me of http://www.jollyrogertelco.com/ (seems to be down now), which had a number Read more about Re:scam and jolly roger – AI responses to phishing emails and telemarketers[…]

Machine learning of neural representations of suicide and emotion concepts identifies suicidal youth | Nature Human Behaviour

Posted on by Robin Edgar

The clinical assessment of suicidal risk would be substantially complemented by a biologically based measure that assesses alterations in the neural representations of concepts related to death and life in people who engage in suicidal ideation. This study used machine-learning algorithms (Gaussian Naive Bayes) to identify such individuals (17 suicidal ideators versus 17 controls) with Read more about Machine learning of neural representations of suicide and emotion concepts identifies suicidal youth | Nature Human Behaviour[…]

Hackers Compromised the Trump Organization 4 Years Ago—and the Company Never Noticed

Posted on by Robin Edgar

In 2013, a hacker (or hackers) apparently obtained access to the Trump Organization’s domain registration account and created at least 250 website subdomains that cybersecurity experts refer to as “shadow” subdomains. Each one of these shadow Trump subdomains pointed to a Russian IP address, meaning that they were hosted at these Russian addresses. (Every website domain Read more about Hackers Compromised the Trump Organization 4 Years Ago—and the Company Never Noticed[…]

How we fooled Google’s AI into thinking a 3D-printed turtle was a gun

Posted on by Robin Edgar

Students at MIT in the US claim they have developed an algorithm for creating 3D objects and pictures that trick image-recognition systems into severely misidentifying them. Think toy turtles labeled rifles, and baseballs as cups of coffee. It’s well known that machine-learning software can be easily hoodwinked: Google’s AI-in-the-cloud can be misled by noise; protestors Read more about How we fooled Google’s AI into thinking a 3D-printed turtle was a gun[…]

Signed Malware: using digital certificates to circumvent malware checks

Posted on by Robin Edgar

Digitally signed malware can bypass system protection mechanisms that install or launch only programs with valid signatures. It can also evade anti-virus programs, which often forego scanning signed binaries. Known from advanced threats such as Stuxnet and Flame, this type of abuse has not been measured systematically in the broader malware landscape. In particular, the Read more about Signed Malware: using digital certificates to circumvent malware checks[…]

Millions of South Africans’ personal information may have been leaked online

Posted on by Robin Edgar

The personal information of more than 30 million South Africans has apparently been leaked online. This is according to Australian security researcher and creator of ‘Have I Been Pwned’, Troy Hunt. His website allows people to check if their personal information has been compromised in a data breach.He took to Twitter on Tuesday to say Read more about Millions of South Africans’ personal information may have been leaked online[…]

Virtually everyone in Malaysia pwned in telco, govt data hack spree

Posted on by Robin Edgar

Information on 46.2 million cellphone accounts was slurped from Malaysians telecoms providers. To put that in context, the population of Malaysia is 31.2 million; obviously, some people have more than one number.The stolen telco records include people’s mobile phone numbers, SIM card details, device serial numbers, and home addresses, all of which are useful to Read more about Virtually everyone in Malaysia pwned in telco, govt data hack spree[…]

Large companies in NL giving Facebook personal client data freely

Posted on by Robin Edgar

The companies asked by the consumer protection authority are de ANWB, Nuon en Oxfam Novib. De Bijenkorf stopte hier al eerder mee. Essent heeft toegezegd binnenkort te stoppen en KLM en Transavia heroverwegen hun aanpak. De Bankgiroloterij, FBTO, KPN/Telfort, Postcodeloterij, Vakantieveilingen, Vriendenloterij en de Persgroep blijven gewoon doorgaan. Van Heerlijk.nl, HelloFresh en Hotels.nl To be Read more about Large companies in NL giving Facebook personal client data freely[…]

BMWs from between 2006-2011 at fire risk, recalled in the US

Posted on by Robin Edgar

One recall covers 670,000 2006-2011 U.S. 3-Series vehicles to address a wiring issue for heating and air conditioning systems that may overheat and could increase the risk of a fire. The second recall covers 740,000 U.S. 2007-2011 vehicles with a valve heater that could rust and lead to a fire in rare cases. The recall Read more about BMWs from between 2006-2011 at fire risk, recalled in the US[…]

Yes, Google is reading your corporate documents and you agreed to it.

Posted on by Robin Edgar

Many people worried that Google was scanning users’ documents in real time to determine if they’re being mean or somehow bad. You actually agree to such oversight in Google G Suite’s terms of service. Those terms include include personal conduct stipulations and copyright protection, as well as adhering to “program policies.” Who knows what made the Read more about Yes, Google is reading your corporate documents and you agreed to it.[…]

Mozilla Wants to Distrust Dutch HTTPS Provider Because of Local Dystopian Law (Sleepnetwet)

Posted on by Robin Edgar

If the plan is approved, Firefox will not trust certificates issued by the Staat der Nederlanden (State of the Netherlands) Certificate  Authority (CA). This CA is operated by PKIOverheid/Logius, a division of the Ministry of Interior and Kingdom Relations, which is the same ministry that oversees the AIVD intelligence service. New law givers Dutch govt Read more about Mozilla Wants to Distrust Dutch HTTPS Provider Because of Local Dystopian Law (Sleepnetwet)[…]

Cross-Cultural Study on Recognition of Emoticon’s shows that different cultures see emojis differently

Posted on by Robin Edgar

Emoticons are getting more popular as the new communication channel to express feelings in online communication. Although familiarity to emoticons depends on cultures, how exposure matters in emotion recognition from emoticon is still open. To address this issue, we conducted a cross-cultural experimental study among Cameroon and Tanzania (hunter-gatherers, swidden farmers, pastoralists, and city dwellers) Read more about Cross-Cultural Study on Recognition of Emoticon’s shows that different cultures see emojis differently[…]

39 episodes of ‘CSI’ used to build AI’s natural language model

Posted on by Robin Edgar

group of University of Edinburgh boffins have turned CSI:Crime Scene Investigation scripts into a natural language training dataset.Their aim is to improve how bots understand what’s said to them – natural language understanding.Drawing on 39 episodes from the first five seasons of the series, Lea Freeman, Shay Cohen and Mirella Lapata have broken the scripts Read more about 39 episodes of ‘CSI’ used to build AI’s natural language model[…]

Bitcoin Pioneer Says New Coin to Work on Many Blockchains

Posted on by Robin Edgar

The mobility means that if one blockchain dies out as the result of infighting among developers or slackened use, metronome owners can move their holdings elsewhere. That should help the coins retain value, and ensure their longevity, Garzik, co-founder of startup Bloq that created metronome, said in a phone interview. It will be unveiled Tuesday Read more about Bitcoin Pioneer Says New Coin to Work on Many Blockchains[…]

Turns out that dating apps can give away your location, show who you like and who and where you are

Posted on by Robin Edgar

It seems just about everyone has written about the dangers of online dating, from psychology magazines to crime chronicles. But there is one less obvious threat not related to hooking up with strangers – and that is the mobile apps used to facilitate the process. We’re talking here about intercepting and stealing personal information and Read more about Turns out that dating apps can give away your location, show who you like and who and where you are[…]

AMD sales soar, actually makes a profit, beats expectations, share price… decimated

Posted on by Robin Edgar

Personal TechAMD sales soar, actually makes a profit, beats expectations, share price… decimatedIntel’s antitrust shield even loses when it winsBy Shaun Nichols in San Francisco 25 Oct 2017 at 00:0816 Reg comments SHARE ▼guitar player on shuttertsock photo of (sisyphus) man rolling a rock up a hill. photo by SHutterstock/PHOTOCREO Michal BednarekAMD revenues were up, Read more about AMD sales soar, actually makes a profit, beats expectations, share price… decimated[…]

International (24 regulators) enforcement operation finds website privacy notices are too vague and generally inadequate (over 455 websites and apps)

Posted on by Robin Edgar

An investigation by 24 data protection regulators from around the world – led by the UK’s Information Commissioner’s Office – concluded that ‘there is significant room for improvement in terms of specific details contained in privacy communications’.The privacy notices, communications and practices of 455 websites and apps in sectors including retail, finance and banking, travel, Read more about International (24 regulators) enforcement operation finds website privacy notices are too vague and generally inadequate (over 455 websites and apps)[…]